Commit graph

409 commits

Author SHA1 Message Date
d795c54a7a Version 0.19.0-rc.7 2023-11-23 21:09:56 -05:00
26297b4035
Users can view their own posts after removal (fixes #4186) (#4192) 2023-11-23 09:47:49 -05:00
58258414cc Version 0.19.0-rc.6 2023-11-22 09:59:04 -05:00
dullbananas
30f7135f32
Use rust 1.74.0 in CI and move clippy lints to Cargo.toml (#4170)
* ci rust 1.74.0

* do it

* Update .woodpecker.yml

* Update Cargo.toml

* Update lint.sh

* Update lib.rs

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-11-21 08:51:22 -05:00
İsmail Karslı
2070381e81
Add upload_timeout to PictrsConfig (#4159)
* Add upload timeout to PictrsConfig

* Bad space 🤔

* Update PictrsConfig upload timeout to include units.
2023-11-17 04:01:32 -05:00
7cb20200d8 Version 0.19.0-rc.5 2023-11-16 23:30:09 -05:00
1d23df37d8
Rename cache_remote_images setting to cache_external_link_previews (ref #4035) (#4148) 2023-11-13 09:19:09 -05:00
SleeplessOne1917
1dc6c60760
Make import and export settings endpoints reachable (#4143)
* Make import and export settings endpoints reachable

* Preserve original routes
2023-11-13 08:08:07 -05:00
Dessalines
e00b0c9da2
Dont send comment reply to user who has community blocked. Fixes #3684 (#4096)
* Dont send comment reply to user who has community blocked. Fixes #3684

* Adding source instance block check.

* Adding api test.

* Addressing PR comments.
2023-11-09 12:03:25 +01:00
adef3479c0 Version 0.19.0-rc.4 2023-11-03 10:02:30 -04:00
9007d49324
Remove unused deps (#4111)
* Remove unused deps

* Adding cargo-machete to woodpecker.

---------

Co-authored-by: Dessalines <tyhou13@gmx.com>
2023-10-31 11:11:12 +01:00
08739e2925
Move usage of env::var to lemmy_utils, simplify db init (ref #4095) (#4108) 2023-10-25 11:34:38 -04:00
Dessalines
1b751a8cac
Adding cors_origin to settings. Fixes #3665 (#4095)
* Adding cors_origin to settings. Fixes #3665

* Fix result to option.

* Forgot to update config defaults.

* Setting a cors origin doku default.

* Adding comments for CORS.
2023-10-25 16:46:34 +02:00
Dessalines
64b00ee850
Dont allow bots to vote. Fixes #3940 (#4100)
* Dont allow bots to vote. Fixes #3940

* Removing pointless function.
2023-10-25 10:14:12 -04:00
45bed71c36
Include prometheus in default build, remove build feature (fixes #3558) (#4071)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-25 06:54:58 -04:00
Dessalines
bd9739b5b7
Upgrading deps. (#4103) 2023-10-25 05:32:21 -04:00
d55bd2f2bc
Allow Arabic and Cyrillic usernames/community names (fixes #1764) (#4083)
* Allow Arabic and Cyrillic usernames/community names (fixes #1764)

* update comment
2023-10-24 16:25:52 -04:00
HackerNCoder
722d9efc13
Use starts_with for forbidden unicode (Fix #3888) (#4079)
* Use starts_with for forbidden unicode (Fix #3888)

* Require 3 visible chars in display name

* Run cargo fmt and scripts/lint

* Undo invisibly_starts_with_at

* Remove 3 min chars.count() check for display name
2023-10-24 16:57:40 +02:00
Dessalines
09a67472e7
Allow torrent magnet links as post urls. Fixes #3916 (#4092) 2023-10-24 16:48:00 +02:00
Dessalines
053dcf8c10
Fixing matrix id regex. Fixes #3431 (#4091) 2023-10-24 16:47:02 +02:00
6235ff45b5
Return status 401 on logout with invalid auth (fixes #4081) (#4082)
* Return status 401 on logout with invalid auth (fixes #4081)

* format
2023-10-23 12:17:26 -04:00
6bcb12b14f Version 0.19.0-rc.3 2023-10-19 20:34:48 -04:00
dullbananas
a14657d124
Refactor rate limiter and improve rate limit bucket cleanup (#3937)
* Update rate_limiter.rs

* Update mod.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update mod.rs

* Update scheduled_tasks.rs

* Shrink `RateLimitBucket`

* Update rate_limiter.rs

* Update mod.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update mod.rs

* Update rate_limiter.rs

* fmt

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* Update rate_limiter.rs

* rerun ci

* Update rate_limiter.rs

* Undo changes to  fields

* Manually undo changes to RateLimitBucket fields

* fmt

* Bucket cleanup loop in rate_limit/mod.rs

* Remove rate limit bucket cleanup from scheduled_tasks.rs

* Remove ;

* Remove UNINITIALIZED_TOKEN_AMOUNT

* Update rate_limiter.rs

* fmt

* Update rate_limiter.rs

* fmt

* Update rate_limiter.rs

* fmt

* Update rate_limiter.rs

* stuff

* MapLevel trait

* fix merge

* Prevent negative numbers in buckets

* Clean up MapLevel::check

* MapLevel::remove_full_buckets

* stuff

* Use remove_full_buckets to avoid allocations

* stuff

* remove tx

* Remove RateLimitConfig

* Rename settings_updated_channel to rate_limit_cell

* Remove global rate limit cell

* impl Default for RateLimitCell

* bucket_configs doc comment to explain EnumMap

* improve test_rate_limiter

* rename default to with_test_config

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Nutomic <me@nutomic.com>
2023-10-19 15:31:51 +02:00
6d27bfed08
Handle invalid ban expires values (fixes #4045) (#4046)
* Handle invalid ban expires values (fixes #4045)

* Adding a few missing expire time checks. Fixing up time conversions. (#4051)

* Adding a few missing expire time checks. Fixing up time conversions.

* Increase settings export wait time.

* get rid of RemoveCommunity.expires

* fmt

* tests

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-17 13:25:35 -04:00
3a19af5215
Allow marking multiple posts as read in single api call (fixes #3963) (#4048)
* Allow marking multiple posts as read in single api call (fixes #3963)

* cleanup

* limit array length

* fix test

* review

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-17 12:35:51 -04:00
SleeplessOne1917
cf1c32d2ab
Enable animated avatars setting (#4040)
* feat: Add user setting for toggling avatar gif animations

* Add forgotten post listing mode option to settings form

* Fix compilation error

* Fix formatting

* Change name of column to be more general purpose

* Fix sql format.

* Fix comments

* Running format.

---------

Co-authored-by: Dessalines <tyhou13@gmx.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-17 10:52:34 -04:00
256ee61908
Ignore activities in remote communities without local followers (#4006)
* Ignore activities in remote communities without local followers (fixes #3568)

* x

* comments

* prettier

* fix api test

* fix test

* cleanup

* fix remaining test

* clippy

* decrease delay
2023-10-16 06:03:49 -04:00
291ff19718
Only sanitize strings when generating RSS feeds and emails (fixes #4003) (#4024)
* Only sanitize strings when generating RSS feeds and emails (fixes #4003)

* clippy

* fix test
2023-10-11 16:48:19 +02:00
6d7b38f4de
Implement user data import/export (#3976)
* Implement endpoints for user data import/export

* add test

* exclude avatar/banner

* increase import url count, add rate limit

* also export/import saved posts

* rate limit

* rename

* saved posts also exist

* rename routes

* fix test

* error handling

* clippy

* limit parallelism

* clippy

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-11 16:47:22 +02:00
dc327652a5
Add db table for login tokens which allows for invalidation (#3818)
* wip

* stuff

* fmt

* fmt 2

* fmt 3

* fix default feature

* use Authorization header

* store ip and user agent for each login

* add list_logins endpoint

* serde(skip) for token

* fix api tests

* A few suggestions for login_token (#3991)

* A few suggestions.

* Fixing SQL format.

* review

* review

* rename cookie

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-09 12:46:12 +02:00
b7d570cf35
Make input length checks consistent with HTML maxlength attribute (#4009)
* Make input length checks consistent with HTML maxlength attr (fixes #3688)

* ci

* Extricating min and max length checks (#4018)

* revert string change

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-10-05 16:39:07 -04:00
a5b8583aab Version 0.19.0-beta.7 2023-10-05 16:01:12 -04:00
0115613f90
Specify password length limits in error (fixes #3284) (#4007)
* Specify password length limits in error (fixes #3284)

* convert to comment
2023-10-05 07:40:22 -04:00
6950dd90e5
Return HTTP status 503 to all requests during startup (fixes #3780) (#4005)
* Return HTTP status 503 to all requests during startup (fixes #3780)

* add message

* fmt

* remove err

* dont run startup server if http disabled

* ci
2023-10-04 18:19:58 -04:00
626c7ebc85
Handle empty reason for registration application denial (fixes #3485) (#4008)
* Handle empty reason for registration application denial (fixes #3485)

* clippy

* clippy
2023-10-04 15:20:22 +02:00
50b7322ff3
Mention max length for site name in config (fixes #3006) (#4010)
* Mention max length for site name in config (fixes #3006)

* ci
2023-10-04 15:09:25 +02:00
9bb99bec5e
Increase default database connections (fixes #3394) (#3994) 2023-09-28 09:56:39 -04:00
9275041f42 Version 0.19.0-rc.1 2023-09-26 23:01:19 -04:00
50589115e0
Fix federation of admin actions (fixes #3980) (#3988)
* Fix federation of admin actions (fixes #3980)

* clippy

---------

Co-authored-by: Dessalines <tyhou13@gmx.com>
2023-09-25 21:39:18 -04:00
SleeplessOne1917
bee6b7a1bb Update translations 2023-09-25 06:38:23 -04:00
SleeplessOne1917
ed8dae99f1 Merge branch 'main' into bearer-token 2023-09-24 17:47:17 -04:00
SleeplessOne1917
37655f0f18 chore: Run rust format 2023-09-22 21:39:03 -04:00
SleeplessOne1917
519e800b33 feat: Replace ad hoc auth header with internet standard bearer token
auth header
2023-09-22 21:26:27 -04:00
SleeplessOne1917
bb552d7659
Merge branch 'main' into comment-fix 2023-09-20 17:38:47 +00:00
22608ae983
Rework the way 2FA is enabled/disabled (fixes #3309) (#3959)
* Rework the way 2FA is enabled/disabled (fixes #3309)

* postgres format

* change algo to sha1 for better compat

* review comments

* review

* clippy

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-09-20 10:49:54 -04:00
50f81cf157
User can block instances (fixes #2397) (#3869)
* User can block instances (fixes #2397)

* update comments

* review comments

* use route

* update

* add api test

* update tests

* fix

* fix test

* ci

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-09-20 11:56:13 +02:00
SleeplessOne1917
6d02a9914c Update translation 2023-09-18 07:38:00 -04:00
phiresky
375d9a2a3c
Persistent, performant, reliable federation queue (#3605)
* persistent activity queue

* fixes

* fixes

* make federation workers function callable from outside

* log federation instances

* dead instance detection not needed here

* taplo fmt

* split federate bin/lib

* minor fix

* better logging

* log

* create struct to hold cancellable task for readability

* use boxfuture for readability

* reset submodule

* fix

* fix lint

* swap

* remove json column, use separate array columns instead

* some review comments

* make worker a struct for readability

* minor readability

* add local filter to community follower view

* remove separate lemmy_federate entry point

* fix remaining duration

* address review comments mostly

* fix lint

* upgrade actitypub-fed to simpler interface

* fix sql format

* increase delays a bit

* fixes after merge

* remove selectable

* fix instance selectable

* add comment

* start federation based on latest id at the time

* rename federate process args

* dead instances in one query

* filter follow+report activities by local

* remove synchronous federation

remove activity sender queue

* lint

* fix federation tests by waiting for results to change

* fix fed test

* fix comment report

* wait some more

* Apply suggestions from code review

Co-authored-by: SorteKanin <sortekanin@gmail.com>

* fix most remaining tests

* wait until private messages

* fix community tests

* fix community tests

* move arg parse

* use instance_id instead of domain in federation_queue_state table

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: SorteKanin <sortekanin@gmail.com>
2023-09-09 12:25:03 -04:00
dullbananas
5b5ac0f37d
Remove left joins and use only one call to select method in post_view.rs (#3865)
* Use same joins for read and list in post_view.rs

* fmt

* rerun ci

* rerun ci

* Update post_view.rs

* rerun ci

* rerun ci

* Update post_view.rs

* Use `exists`

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* rerun ci

* Update post_view.rs

* person_id_join parameter

* rerun ci

* fmt

* Update post_view.rs

* rerun ci

* Update post_view.rs

* rerun ci

* fmt

* Update post_view.rs

* fmt

* Use into_sql

* Update post_view.rs

* Use inferred query source for BoxableExpression

* Update post_view.rs

* Update post_view.rs

* Update community.rs

* Update community.rs

* Update post_view.rs

* fmt

* Update community.rs

* Update community.rs

* Update community.rs

* Update community.rs

* Update community.rs

* Update post_view.rs

* Update community.rs

* fmt

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* Update post_view.rs

* fmt

* Update post_view.rs

* Update post_view.rs

* fix

* trigger ci

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: phiresky <phireskyde+git@gmail.com>
2023-09-04 11:05:00 +02:00
Nick Webster
a57658d99c
Adding a new config flag to disable pictrs caching for thumbnails (#3897)
* add logic to prevent downloading remote pictrs images

* apply formatting

* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance

* Do not attempt a pictrs fetch if the remote image is also on a pictrs instance and cache_federated_images is false

* Generalising the no caching option to handle all remote images

* rustfmt

* Return None if the URL is not an image

* Updating defaults.hjson

* fixing typo

* Fixing typo

* Skip cloning the Url unless we need to

* using a HEAD request for checking the content type, saving bandwidth/improving perf

* Removing early returns

* Switching back to GET requests for Content-Type because pictrs does not handle HEAD requests

* Simplifying logic and using metadata_image instead of url if we do not get a pictrs thumbnail

* Removing unused import

* Return None as a thumbnail if caching is disabled

* formatting

---------

Co-authored-by: Djones4822 <david.jones4822@gmail.com>
2023-08-31 10:36:39 -04:00
Dessalines
56e26fc3d4
Adding a post_view mode. Fixes #3730 (#3731)
* Adding a post_view mode. Fixes #3730

* Fix test.

* Addressing PR comments.

* Adding a post_view mode. Fixes #3730

* Fix test.

* Addressing PR comments.

* Fixing column order.

* Fix default Ok returns.

* Removing return Err(... where feasible.
2023-08-31 09:01:08 -04:00
fed6542055
Implement remote follow (#3738)
* Add remote follow url to webfinger response

* update apub lib
2023-08-31 09:00:41 -04:00
b2aee565f3
Allow passing auth via header or cookie (#3725)
* Allow passing auth via header or cookie

* revert submodule

* taplo

* fix build

* working

* convert apub api methods

* also set cache-control header

* opt

* clippy

* deduplicate code, ignore invalid auth

* clippy

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-08-29 10:47:57 -04:00
phiresky
514f2222e0
Fix time zone handling (#3496)
* convert naive time to utc time

* compounding fixes

* cargo fmt

* fix the rest

* fix down migration

* fix migrations

* fix after merge

* clippy fix

* ap-fed 0.5.0

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-08-24 11:27:00 -04:00
Freakazoid182
ee7b35a04a
Add person name to PersonIsBannedFromSite error (#3786) (#3855)
* Add person name to PersonIsBannedFromSite error (#3786)

* Log PersonId instead of Person name (#3850)

* Log actor_id for PersonIsBannedFromSite (#3850)

---------

Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
2023-08-16 11:36:58 +02:00
Piotr Juszczyk
2ad3450004
Allow filtering posts and comments by whether they were liked/disliked - fixes #3401 (#3523)
* Allow filtering posts and comments by whether they were liked/disliked

* Switch to 2 args - liked_only, disliked_only - taking bools

* Make liked_only and disliked_only Option<bool>

* Fix unrelated is_profile_view compilation error
2023-08-08 11:40:28 +02:00
91c024fd98 Revert "Version 0.18.4-rc.2"
This reverts commit 48466b6826.
2023-08-07 17:12:09 +02:00
48466b6826 Version 0.18.4-rc.2 2023-08-07 17:09:10 +02:00
37998b3398
Rewrite some API handlers to remove Perform trait (#3735)
* Rewrite some API handlers to remove Perform trait

* Convert CreateComment

* ci
2023-07-28 10:39:38 -04:00
Freakazoid182
9a1f9aad45
detailed error message for blocked domains (#3698) (#3701)
* detailed error message for blocked domains (#3698)

* Pass the domain as an error param

Not formatting the error message to support i18n

---------

Co-authored-by: Freek van Zee <freek.van.zee@mediamonks.com>
2023-07-25 13:26:54 -04:00
Joel Beckmeyer
ea7f83c4dc
disable rustfmt feature on rosetta-build (#3679) 2023-07-21 11:50:47 +02:00
cetra3
1f21bdb2f9
Add http cache for webfingers (#3317)
* Add http cache for webfingers

* Remove the outgoing cache middleware & adjust the cache headers directive

* Use 1h & 3day cache header

* Update routes and adjust the cache headers location

* revert apub caching

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Felix Ableitner <me@nutomic.com>
2023-07-19 06:09:04 -04:00
cetra3
9256895635
Cache & Optimize Woodpecker CI (#3450)
* Try using drone cache plugin

* Try another path

* Include volume

* Fix formatting

* Include fmt

* Exclude cargo dir from prettier

* Don't override cargo

* Just do check

* Add cache key

* Use different cache plugin

* Add clippy

* Try minio

* Add quotes

* Try adding secrets

* Try again

* Again

* Use correct secret formation

* Add back clippy

* Use secret for the root bucket name

* Try drone cache instead

* Add region

* Add path-style option

* Include cargo clippy

* Include everything again

* Fix formatting

* Don't run clippy twice

* Add `allow` statements for tests to pass

* Adjust endpoint to be a secret

* Fix prettier

* Merge & fix tests

* Try to restart the woodpecker test

* Change the ENV var name

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-17 11:04:14 -04:00
Manuel Bleichner
c0b7865896
Fix wrong SMTP port when TLS is being used (fixes #3574) (#3607)
Co-authored-by: Manuel Bleichner <manuel.bleichner@bvu.de>
2023-07-13 13:10:14 +02:00
dullbananas
73492af4b0
Shrink capacity in RateLimitStorage::remove_older_than (#3536)
* Shrink capacity in `RateLimitStorage::remove_older_than`

* Update rate_limiter.rs

* rerun ci

* rerun ci

* rerun ci

* Update rate_limiter.rs
2023-07-10 22:52:37 +02:00
Pawan Hegde
ef9dc5d0b6
Fix #3366: Wrap plain-text error responses from the API in JSON (#3559)
* Fix #3366: API does return plain HTML errors

* Fix Clippy errors

* Improve api response times by doing send_activity asynchronously (#3493)

* do send_activity after http response

* move to util function

* format

* fix prometheus

* make synchronous federation configurable

* cargo fmt

* empty

* empty

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>

* Updating `login.rs` with generic `incorrect_login` response. (#3549)

* Adding v0.18.1 and v0.18.0 release notes. (#3530)

* Update RELEASES.md (#3556)

added instruction to find the location of your docker directory (especially useful for those who used ansible since they never had to setup docker manually)

* Use async email sender (#3554)

* Upgrade all dependencies (#3526)

* Upgrade all dependencies

* as base64

* Adding phiresky to codeowners. (#3576)

* Error enum fixed (#3487)

* Create error type enum

* Replace magic string slices with LemmyErrorTypes

* Remove unused enum

* Add rename snake case to error enum

* Rename functions

* clippy

* Fix merge errors

* Serialize in PascalCase instead of snake_case

* Revert src/lib

* Add serialization tests

* Update translations

* Fix compilation error in test

* Fix another compilation error

* Add code for generating typescript types

* Various fixes to avoid breaking api

* impl From<LemmyErrorType> for LemmyError

* with_lemmy_type

* trigger ci

---------

Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>

* Only update site_aggregates for local site (#3516)

* Fix #3501 - Fix aggregation counts for elements removed and deleted (#3543)

Two bugs were found and fixed:
- previously elements removal and deletion were counted as two separate disappearances
- removing comments did not affect post aggregations

* Use LemmyErrorType also make error_type compulsory

* Add missing import for jsonify_plain_text_errors

* Fix formatting

* Trying to make woodpecker run again

---------

Co-authored-by: phiresky <phireskyde+git@gmail.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: rosenjcb <rosenjcb@gmail.com>
Co-authored-by: nixoye <12674582+nixoye@users.noreply.github.com>
Co-authored-by: dullbananas <dull.bananas0@gmail.com>
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
Co-authored-by: Sander Saarend <sander@saarend.com>
Co-authored-by: Piotr Juszczyk <74842304+pijuszczyk@users.noreply.github.com>
2023-07-10 22:44:14 +02:00
93225e5ddf
Error enum fixed (#3487)
* Create error type enum

* Replace magic string slices with LemmyErrorTypes

* Remove unused enum

* Add rename snake case to error enum

* Rename functions

* clippy

* Fix merge errors

* Serialize in PascalCase instead of snake_case

* Revert src/lib

* Add serialization tests

* Update translations

* Fix compilation error in test

* Fix another compilation error

* Add code for generating typescript types

* Various fixes to avoid breaking api

* impl From<LemmyErrorType> for LemmyError

* with_lemmy_type

* trigger ci

---------

Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
2023-07-10 16:50:07 +02:00
ff26bc21af
Upgrade all dependencies (#3526)
* Upgrade all dependencies

* as base64
2023-07-10 15:00:55 +02:00
dullbananas
934f72511e
Use async email sender (#3554) 2023-07-10 14:04:39 +02:00
phiresky
b35757b429
Improve api response times by doing send_activity asynchronously (#3493)
* do send_activity after http response

* move to util function

* format

* fix prometheus

* make synchronous federation configurable

* cargo fmt

* empty

* empty

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-10 12:27:49 +02:00
0c82f4e660 Version 0.18.1 2023-07-07 09:24:49 -04:00
22cdcc6b60 Version 0.18.1-rc.10 2023-07-06 14:46:46 +02:00
00f9f79a44
Only allow http(s) scheme for urls (ref #3505) (#3508)
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
2023-07-06 08:29:51 -04:00
phiresky
2158621bda
upgrade markdown-it to fix panic (#3490)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 13:08:53 -04:00
Andrew Fields
1e99e8b9dc
Add Prometheus endpoint (#3456)
Add a server for serving Prometheus metrics. Include a configuration
block in the config file. Provide HTTP metrics on the API, along with
process-level metrics and DB pool metrics.
2023-07-05 13:25:19 +02:00
Josephos
cdc5b47886
Improved validation of display names (Fixes #3436) (#3437)
* Fixed validation of display names

Fixed validation of display names: reject names beginning with invisible unicode characters.

* Formatting

Formatting fix.

* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.

* Formatting

* Added a comment detailing source of the list of invisible chars.
2023-07-04 12:41:58 +02:00
7a04971ecd Version 0.18.1-rc.9 2023-07-03 17:16:48 -04:00
e1494d4683
Dont compare db string errors (fixes #1393) (#3424)
* Dont compare db string errors (fixes #1393)

* cargo fmt

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 11:59:49 -04:00
fc60b82f82 Fix formatting for latest nightly (#ref 3467) 2023-07-03 11:45:53 +02:00
phiresky
cb28af508d
don't strip, log trace if requested (#3425) 2023-06-30 09:32:43 -04:00
Dessalines
6c64cb5233
Fixing release script. (#3398)
* Fixing release script.

* Version 0.18.1-rc.2

* Removing cargo update from release script.

* Fixing topdir location.
2023-06-29 16:17:59 +02:00
ad6f244b61 Version 0.18.1-rc.1 2023-06-27 08:14:46 -04:00
Nina Blanson
e63aa80c3a
Fixes #2900 - Checks slur regex to see if it is too permissive (#3146)
* Fixes #2900 - Checks slur regex to see if it is too permissive along with small validation organization

* Clean up variable names, add handler for valid empty string usecase

* Update tests

* Create validation function and add tests

* Test clean up

* Use payload value vs local site value to prevent stunlocking

* Remove println added while testing

* Fall back to local site regex if not provided from request

* Attempt clean up of flaky comment_view tests

* Pull in latest submodule

* Move application, post check into functions, add more tests and improve test readability

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-27 07:03:30 -04:00
73d2faa9f5 Remove another unused dev dependency 2023-06-26 12:46:44 +02:00
cetra3
9406c3ad2b
Adjust the config check to be a separate faster to compile binary (#3313) 2023-06-26 06:23:21 -04:00
Neshura
203e35899e
Add separate Post check for is_valid_body_field (#3263)
* Add separate Post check for is_valid_body_field

* Modify is_valid_body_check for posts only

* Fix check var reinit in validation.rs

* Extra empty line to rerun woodpecker with changes

* Change Option to bool, add false to non-post calls

* Woodpecker trick.. again

* Probable rust_fmt fail fixed

* cargo_clippy changes

* Missing space between = and if

* Remove ; after body length checks
2023-06-26 10:47:01 +02:00
cetra3
d7da911a48
Remove actix_rt & use standard tokio spawn (#3158)
* Remove `actix_rt` & use standard tokio spawn

* Adjust rust log back down

* Format correctly

* Update cargo lock

* Add DB settings

* Change name and update to latest rev

* Clean up formatting changes

* Move `worker_count` and `worker_retry_count` to settings

* Update defaults

* Use `0.4.4` instead of git branch
2023-06-26 10:24:11 +02:00
Scott
da3e3b6d8a
Ensure site can only either be a private instance or federated when creating or editing site (#3237)
* Add site visibility validation

* Fix formatting

* linter changes

* Update error message to match existing check

* Remove existing check

---------

Co-authored-by: Scott Merchant <97430840+scottmerchant@users.noreply.github.com>
2023-06-21 22:14:12 +02:00
Michał
4cdb9583e9
feat: allow overriding smtp_password with the LEMMY_SMTP_PASSWORD env var (#3154)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-21 13:36:42 -04:00
dullbananas
45818fb4c5
Reduce memory usage of rate limiting (#3111)
* Reduce Vec allocations

* Optimize stuff

* Move embedded migrations to separate crate

* Revert "Move embedded migrations to separate crate"

This reverts commit 44b1049970.

* clippy, fmt

* Shrink rate limit allowance to f32

* Initialize rate limit allowance directly

* Add removal of old rate limit buckets

* Improve readability

* Remove usage of is_okay_and for Rust 1.67 compatibility

* Add dhat-heap feature

* Fix api_benchmark.sh and add run_and_benchmark.sh

* Revert "Fix api_benchmark.sh and add run_and_benchmark.sh"

This reverts commit b4528e5b85.

* Revert "Add dhat-heap feature"

This reverts commit 08e835d487.

* Manually revert remaining stuff

* Use Ipv6Addr in RateLimitStorage

* Shrink last_checked in RateLimitBucket to 32 bits

* Fix rate_limit::get_ip

* Stuff (#1)

* Update rate_limiter.rs

* Update mod.rs

* Update scheduled_tasks.rs

* Fix rate_limiter.rs

* Dullbananas patch 1 (#2)

* Update rate_limiter.rs

* Update mod.rs

* Update scheduled_tasks.rs

* Fix rate_limiter.rs

* Rate limit IPv6 addresses in groups

* Fmt lib.rs

* woodpicker trigger

* Refactor and comment `check_rate_limit_full`

* Add `test_split_ipv6`

* Replace -2.0 with UNINITIALIZED_TOKEN_AMOUNT

* Add `test_rate_limiter`

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-21 10:28:20 +02:00
56de68c77a Update translations 2023-06-20 10:59:27 +02:00
b5dba17426
Update all dependencies (#3091) 2023-06-15 11:37:05 +02:00
Nina Blanson
1c7bfd6be8
Fixes #1884 - Support Spoiler Tags (#3018)
* Fixes #1884 - Switches markdown libraries and creates a custom rule to manage spoiler blocks

* Add tests to cover invalid spoiler input

* Consolidate tests, add comments

* Make immutable, static instance of markdown parser

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-14 13:15:59 +02:00
Andy Brandt
b47ce4c2e6
use usize::MAX for line wrap length, since lettre does it for us (#3034)
fixes #2921
2023-06-12 15:29:15 +02:00
Charles Hall
14c18dbdae
allow specifying db uri in config file (#2956)
* allow specifying db uri in config file

* succumb to a bug in doku

See <https://github.com/anixe/doku/issues/33>.
2023-06-09 08:18:22 -04:00
980df7545d
Fix translation build error (fixes #2967) (#2968) 2023-06-08 07:12:40 -04:00
af5175a282
Set attribute deny_unknown_fields for Lemmy config (#2852)
With this attribute, Lemmy will throw an error and exit if any
invalid entry is found in the config file. I think can be useful
to notice typos or keys that were removed or renamed in an upgrade.
Currently you wouldnt notice these at all unless you manually
compare the config file with settings that are listed in documentation.

This should be considered a breaking change.

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-05-11 20:12:12 -04:00
Dessalines
38d4429ae7
Adding check to description and body length fields. (#2805)
* Adding check to description and body length fields.

- Also making the checks return `LemmyError`
- Fixes #1747

* Address PR comments.

* PR comments 2
2023-04-15 10:45:11 -04:00
844cde9db3
Use pretty print for federation json responses (#2801) 2023-04-12 20:17:23 -04:00
3a526b0b7d
Remove unused dependencies (#2795) 2023-04-05 16:29:08 -04:00
6f513793cb
Activitypub crate rewrite (#2782)
* update activitypub-federation crate to 0.4.0

* fixes

* apub compiles!

* everything compiling!

* almost done, federated follow failing

* some test fixes

* use release

* add code back in
2023-03-21 16:03:05 +01:00
Dessalines
1dba94c9cb
Adding TOTP / 2FA to lemmy (#2741)
* Combine prod and dev docker setups using build-arg

- Fixes #2603

* Dont use cache for release build.

* Adding 2FA / TOTP support.

- Fixes #2363

* Changed name to totp_2fa for clarity.

* Switch to sha256 for totp.
2023-03-02 21:37:41 +01:00
Dessalines
209c8a9185
Switch from bb8 to deadpool. Fixes #2765 (#2768)
* Switch from bb8 to deadpool. Fixes #2765

* Remove unecessary deadpool dependency.

* Ignoring nodeinfo test.
2023-02-28 22:45:37 +01:00
Dessalines
8c0c1628e0
Adding a vector indexing check to prevent panics. Fixes #2753 (#2754)
* Adding a vector indexing check to prevent panics. Fixes #2753

* Fixing for new clippy lint.

* Externalizing get_top_mod check. Adding get_first clippy lint

* Removing unit tests get(0)s

* Fixing some firsts manually
2023-02-28 12:34:50 +01:00
80571567e1
Add default attribute for webfinger properties (fixes #2756) (#2759) 2023-02-23 09:51:33 -05:00
675353d4e9
Include type information with webfinger responses (fixes #2037) (#2746)
So that it is easier to parse for other software
2023-02-22 11:25:26 +09:00
a42f7271e6
Proper permission check for federated comment distinguish (#2697)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-02-19 03:57:45 +09:00
Dessalines
36aaa50644
Organize utils into separate files. Fixes #2295 (#2736)
* Organize utils into separate files. Fixes #2295

* Moving tests.

* Fix test.

* Fix test 2
2023-02-16 05:05:14 +01:00
25e98064b6
Fix writing of removeData in apub context (fixes #2734) (#2735) 2023-02-14 13:40:39 -05:00
Dessalines
ddb6268164
Adding a site option to email admins for new reports. (#2730)
- Fixes #2551
2023-02-15 00:57:08 +09:00
a9905bf999 Updating translations. 2023-01-31 08:29:31 -05:00
Dessalines
a610211557
Fixing .drone.yml (#2677)
* Try to fix docker/drone plugin

* Trying to use one rust image.

* Fixing drone 1.

* Fixing drone 2.

* Add drone notify.

* Fixing drone 3.

* Fixing drone 4.

* Fix clippy.

* Remove uninlined format lint.

* Combine all cargo tasks

* Fixing drone 5.

* Fixing drone 6.

* Fixing drone 7.

* Fixing drone 8.

* Fixing drone 9.

* Fixing drone 10.

* Fixing drone 12.

* Fixing drone 13.

* Fixing drone 14.

* Fixing drone 15.

* Fixing drone 16.

* Fixing drone 17.

* Fixing drone 18.

* Fixing drone 19.

* Fixing drone 20.

* Fixing drone 21.

* Fixing drone 22.

* Fixing drone 23.

* Fixing drone 24.

* Fixing drone 25.

* Fixing drone 26.

* Fixing drone 27.

* Fixing drone 28.

* Fixing drone 29.

* Fixing drone 30.

* Fixing drone 31.

* Fixing drone 32.

* Fixing drone 33.

* Fixing drone 34.

* Fixing drone 35.

* Fixing drone 36.

* Fixing drone 37.

* Fixing drone 38.

* Fixing drone 39.

* Fixing drone 40.

* Fixing drone 41.

* Fixing drone 43.

* Fixing drone 44.

* Fixing drone 45.

* Last cleanup.

* Fixing drone 46.

* Separate ci steps (#2679)

* separate ci steps

* fix 1

* add comments

* dont add rustfmt explicitly

* Revert "dont add rustfmt explicitly"

This reverts commit 358ce3302a134b7ac88d90a854079356995e9725.

* dont use all features for tests

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-01-30 14:17:24 -05:00
Kradyz
c416e4ce14
Update message_id to comply with RFC 2822 (#2668)
The RFC 2822 format standard requires the message ID to be enclosed within angle brackets. If the standard is not followed, SpamAssassin deducts points from the e-mail.

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-01-30 11:10:51 -05:00
1eaf2c8a03
Add feature to embed pictrs in lemmy binary (fixes #2627) (#2633)
* Add feature to embed pictrs in lemmy binary (fixes #2627)

* Add pictrs config

* add protobuf

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-01-20 12:46:49 -05:00
0d4cdb579c
Improve application question check (#2628)
The check was failing if only require_application was passed
and not application_question, despite application_question
being set in database.
2022-12-23 01:31:39 +00:00
904d7bec2f Builds lemmy_routes in parallel with lemmy_apub 2022-12-02 10:46:49 +01:00
d39bc14c43
Add some more clippy lints (#2586)
* Add some more clippy lints

* restore config

* no allow dirty

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2022-11-24 16:38:00 +00:00
6f3bf4634b
Various pedantic clippy fixes (#2568)
* Various pedantic clippy fixes

* more clippy pedantic fixes

* try to fix ci

* add fix clippy script, use rust 1.65

* fix clippy
2022-11-19 04:33:54 +00:00
df7809fbbb
Specify dependencies and metadata for entire workspace (#2565)
* Specify dependencies and metadata for entire workspace (fixes #2474)

* building api_common shouldnt depend on diesel

* remove drone task

* try with quotes

* fix clippy

* more clippy
2022-11-17 15:23:01 +00:00
63c237d6df
Use enum_delegate crate (#2554) 2022-11-16 22:51:05 +00:00
24756af84b
Live reload settings (fixes #2508) (#2543)
* Live reload rate limit settings (fixes #2508)

* fix tests
2022-11-16 14:06:22 -05:00
83d2959b4b
Update doku dependency for easier formatting of defaults.hjson (#2553) 2022-11-11 16:01:29 -05:00
Dessalines
5d837780f5
Add diesel_async, get rid of blocking function (#2510)
* Moving settings to Database.

- Moves many settings into the database. Fixes #2285
- Adds a local_site and instance table. Fixes #2365 . Fixes #2368
- Separates SQL update an insert forms, to avoid runtime errors.
- Adds TypedBuilder to all the SQL forms, instead of default.

* Fix weird clippy issue.

* Removing extra lines.

* Some fixes from suggestions.

* Fixing apub tests.

* Using instance creation helper function.

* Move forms to their own line.

* Trying to fix local_site_data, still broken.

* Testing out async

* Testing out async 2

* Fixing federation tests.

* Trying to fix check features 1.

* Starting on adding diesel async. 1/4th done.

* Added async to views and schema.

* Adding some more async

* Compiling now.

* Added diesel async. Fixes #2465

* Running clippy --fix

* Trying to fix cargo test on drone.

* Trying new muslrust.

* Trying a custom dns

* Trying a custom dns 2

* Trying a custom dns 3

* Trying a custom dns 4

* Trying a custom dns 5

* Trying a custom dns 6

* Trying a custom dns 7

* Addressing PR comments.

* Adding check_apub to all verify functions.

* Reverting back drone.

* Fixing merge

* Fix docker images.

* Adding missing discussion_languages.

* Trying to fix federation tests.

* Fix site setup user creation.

* Fix clippy

* Fix clippy 2

* Test api faster

* Try to fix 1

* Try to fix 2

* What are these lines about

* Trying to fix 3

* Moving federation test back to top.

* Remove logging cat.
2022-11-09 10:05:00 +00:00
ceae0f5993
Use urlencoding for db url params (fixes #2532) (#2537) 2022-11-07 21:29:32 -05:00
9393195827
Send error message when rate limit is reached (#2527)
* Send error message when rate limit is reached

* l18n key
2022-11-03 18:13:40 +00:00
Dessalines
cb753b045f
Group imports dess (#2526)
* Group imports with rustfmt

* Running cargo fmt again.

Co-authored-by: Felix Ableitner <me@nutomic.com>
2022-11-02 15:18:22 -04:00
28eade6168
Fix invalid config in docker/prod (fixes #2520) (#2524) 2022-11-02 18:50:09 +00:00
b0c3185663
Make verify apub url function async (#2514)
* Make verify apub url function async

* cleanup

* use dep from crates.io

* dont use unwrap
2022-10-28 09:38:22 -04:00
Dessalines
235cc8b228
Moving settings to Database. (#2492)
* Moving settings to Database.

- Moves many settings into the database. Fixes #2285
- Adds a local_site and instance table. Fixes #2365 . Fixes #2368
- Separates SQL update an insert forms, to avoid runtime errors.
- Adds TypedBuilder to all the SQL forms, instead of default.

* Fix weird clippy issue.

* Removing extra lines.

* Some fixes from suggestions.

* Fixing apub tests.

* Using instance creation helper function.

* Move forms to their own line.

* Trying to fix local_site_data, still broken.

* Fixing federation tests.

* Trying to fix check features 1.

* Addressing PR comments.

* Adding check_apub to all verify functions.
2022-10-27 09:24:07 +00:00
Dessalines
ae95f5928e
Adding email admins for new applications. Fixes #2271 (#2390)
* Adding email admins for new applications. Fixes #2271

* Fix error.

Co-authored-by: Nutomic <me@nutomic.com>
2022-09-27 12:48:44 -04:00
Dessalines
c9f1407429
Diesel 2.0.0 upgrade (#2452)
* Initial commit to bump diesel to 2.0.0-rc.0 and see what happens

* Add chrono feature from diesel

* db_schema crate is close to building?

* Upgrade diesel-derive-newtype

* Mostly modifying references to connections to be mutable ones; also used
new way to do migrations as suggested by the migration guide; a lot more
compiles now, though I can't figure out this tricky ToSql issue at the
moment

* Running clippy --fix

* Trying to fix drone clippy 1

* Fix clippy

* Upgrade clux-musl

* Trying to fix drone clippy 2

* Trying to fix drone clippy 3

* Trying to fix drone clippy 5

* Adding diesel table aliases, removing sql view hack. Fixes #2101

Co-authored-by: Steven Chu <stevenc1@gmail.com>
Co-authored-by: Nutomic <me@nutomic.com>
2022-09-26 14:09:32 +00:00
Dessalines
265dc54627
Increase default search rate limit. (#2424) 2022-09-03 11:37:27 +02:00
7094a0c0a4
Use doku release version (ref #2343) (#2386) 2022-08-02 15:38:19 +02:00
Dessalines
8bfeb4b627
Fix a few form options for diesel. Fixes #2287 (#2376)
* Fix a few form options for diesel. Fixes #2287

* Adding TODO comment.
2022-07-29 15:04:21 +02:00
16fe149a6d
Change config pictrs key name (#2360) 2022-07-14 14:25:10 -04:00
d0a3d99636
Config changes, remove unused image purge function (#2343)
* Throw error if old pictrs config item is used, make api key optional

* use doku url feature

* fix doku version

* fix clippy

* remove unused image purge function, remove config migration
2022-07-11 16:38:37 -04:00
Luna
e33736ae47
remove parking_lot (#2350) 2022-07-11 17:12:12 +00:00
587a0de8f7
Specify minimum Rust version 1.57 (fixes #2333) (#2334)
* Specify minimum Rust version 1.57 (fixes #2333)

* use latest rust for clippy

* use rust 1.60 for clippy

* no add component

* use official rust docker

* comments
2022-06-28 17:44:55 -04:00
Dessalines
a745fa6f43
Remove update and read site config. Fixes #2306 (#2329)
* Remove update and read site config. Fixes #2306

* Removing lazy_static, removing Settings::get()
2022-06-22 20:24:54 +00:00
cd4d235171
Move setting http_fetch_retry_limit into federation block (#2314) 2022-06-14 01:20:30 -04:00
Dessalines
4e12e25c59
Adding admin purging of DB items and pictures. #904 #1331 (#1809)
* First pass at adding admin purge. #904 #1331

* Breaking out purge into 4 tables for the 4 purgeable types.

* Using CommunitySafe instead in view

* Fix db_schema features flags.

* Attempting to pass API key.

* Adding pictrs image purging

- Added pictrs_config block, for API_KEY
- Clear out image columns after purging

* Remove the remove_images field from a few of the purge API calls.

* Fix some suggestions by @nutomic.

* Add separate pictrs reqwest client.

* Update defaults.hjson

Co-authored-by: Nutomic <me@nutomic.com>
2022-06-13 19:15:04 +00:00
fcaf7a084c
Upgrade activitypub_federation to 0.2.0, add setting federation.debug (#2300) 2022-06-08 11:45:39 -04:00
7bc2f9fd6d
Remove unused setup config vars (#2302) 2022-06-08 11:44:53 -04:00
Paolo Barbolini
0a3b69a259
Bump lettre to 0.10.0-rc.7 (#2297) 2022-06-04 22:07:38 -04:00
a2a594b763
Extract Activitypub logic into separate library (#2288)
* Create example for apub lib

* some rewriting of apub lib

* Add LocalInstance struct for apub lib to avoid using Lemmy Settings

* Move ActorType trait to lemmy_apub, because its not needed in library

* Use reqwest_retry instead of custom impl, dont specify timeout on every send()

* Some improvements to example

* Moved inbox handling to library

* bug fixes

* Move context and serde helpers into library

* wip: example changes

* Add lemmy_utils feature to build only LemmyError

* Rename to activitypub_federation

* Remove lemmy_utils dep from activitypub_federation using generic error type

* Finish activitypub example

* Cleanup and fix tests

* Reorganize library files

* Remove ApubObject.to_tombstone()

* Extract activitypub library into separate git repository
2022-06-02 16:33:41 +02:00
1bd57ee5ca Version 0.16.5 2022-05-30 18:32:31 -04:00
69106589ba Fix publish 2022-05-26 16:10:36 -04:00
Paolo Barbolini
ef12cd9588
Bump lettre to 0.10.0-rc.6 (#2250) 2022-05-09 23:08:13 +00:00
Paolo Barbolini
559e43075a
Simplify building plain/html emails (#2251) 2022-05-08 17:00:12 +00:00
3aa3d75a1e
Add cargo feature for building lemmy_api_common with mininum deps (#2243) 2022-05-03 17:44:13 +00:00