* Fixed validation of display names
Fixed validation of display names: reject names beginning with invisible unicode characters.
* Formatting
Formatting fix.
* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.
* Formatting
* Added a comment detailing source of the list of invisible chars.
* Fixes#2900 - Checks slur regex to see if it is too permissive along with small validation organization
* Clean up variable names, add handler for valid empty string usecase
* Update tests
* Create validation function and add tests
* Test clean up
* Use payload value vs local site value to prevent stunlocking
* Remove println added while testing
* Fall back to local site regex if not provided from request
* Attempt clean up of flaky comment_view tests
* Pull in latest submodule
* Move application, post check into functions, add more tests and improve test readability
---------
Co-authored-by: Nutomic <me@nutomic.com>
* Add separate Post check for is_valid_body_field
* Modify is_valid_body_check for posts only
* Fix check var reinit in validation.rs
* Extra empty line to rerun woodpecker with changes
* Change Option to bool, add false to non-post calls
* Woodpecker trick.. again
* Probable rust_fmt fail fixed
* cargo_clippy changes
* Missing space between = and if
* Remove ; after body length checks
* Remove `actix_rt` & use standard tokio spawn
* Adjust rust log back down
* Format correctly
* Update cargo lock
* Add DB settings
* Change name and update to latest rev
* Clean up formatting changes
* Move `worker_count` and `worker_retry_count` to settings
* Update defaults
* Use `0.4.4` instead of git branch
With this attribute, Lemmy will throw an error and exit if any
invalid entry is found in the config file. I think can be useful
to notice typos or keys that were removed or renamed in an upgrade.
Currently you wouldnt notice these at all unless you manually
compare the config file with settings that are listed in documentation.
This should be considered a breaking change.
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* update activitypub-federation crate to 0.4.0
* fixes
* apub compiles!
* everything compiling!
* almost done, federated follow failing
* some test fixes
* use release
* add code back in
* Combine prod and dev docker setups using build-arg
- Fixes#2603
* Dont use cache for release build.
* Adding 2FA / TOTP support.
- Fixes#2363
* Changed name to totp_2fa for clarity.
* Switch to sha256 for totp.
The RFC 2822 format standard requires the message ID to be enclosed within angle brackets. If the standard is not followed, SpamAssassin deducts points from the e-mail.
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Specify dependencies and metadata for entire workspace (fixes#2474)
* building api_common shouldnt depend on diesel
* remove drone task
* try with quotes
* fix clippy
* more clippy
* Moving settings to Database.
- Moves many settings into the database. Fixes#2285
- Adds a local_site and instance table. Fixes#2365 . Fixes#2368
- Separates SQL update an insert forms, to avoid runtime errors.
- Adds TypedBuilder to all the SQL forms, instead of default.
* Fix weird clippy issue.
* Removing extra lines.
* Some fixes from suggestions.
* Fixing apub tests.
* Using instance creation helper function.
* Move forms to their own line.
* Trying to fix local_site_data, still broken.
* Testing out async
* Testing out async 2
* Fixing federation tests.
* Trying to fix check features 1.
* Starting on adding diesel async. 1/4th done.
* Added async to views and schema.
* Adding some more async
* Compiling now.
* Added diesel async. Fixes#2465
* Running clippy --fix
* Trying to fix cargo test on drone.
* Trying new muslrust.
* Trying a custom dns
* Trying a custom dns 2
* Trying a custom dns 3
* Trying a custom dns 4
* Trying a custom dns 5
* Trying a custom dns 6
* Trying a custom dns 7
* Addressing PR comments.
* Adding check_apub to all verify functions.
* Reverting back drone.
* Fixing merge
* Fix docker images.
* Adding missing discussion_languages.
* Trying to fix federation tests.
* Fix site setup user creation.
* Fix clippy
* Fix clippy 2
* Test api faster
* Try to fix 1
* Try to fix 2
* What are these lines about
* Trying to fix 3
* Moving federation test back to top.
* Remove logging cat.
* Moving settings to Database.
- Moves many settings into the database. Fixes#2285
- Adds a local_site and instance table. Fixes#2365 . Fixes#2368
- Separates SQL update an insert forms, to avoid runtime errors.
- Adds TypedBuilder to all the SQL forms, instead of default.
* Fix weird clippy issue.
* Removing extra lines.
* Some fixes from suggestions.
* Fixing apub tests.
* Using instance creation helper function.
* Move forms to their own line.
* Trying to fix local_site_data, still broken.
* Fixing federation tests.
* Trying to fix check features 1.
* Addressing PR comments.
* Adding check_apub to all verify functions.
* Initial commit to bump diesel to 2.0.0-rc.0 and see what happens
* Add chrono feature from diesel
* db_schema crate is close to building?
* Upgrade diesel-derive-newtype
* Mostly modifying references to connections to be mutable ones; also used
new way to do migrations as suggested by the migration guide; a lot more
compiles now, though I can't figure out this tricky ToSql issue at the
moment
* Running clippy --fix
* Trying to fix drone clippy 1
* Fix clippy
* Upgrade clux-musl
* Trying to fix drone clippy 2
* Trying to fix drone clippy 3
* Trying to fix drone clippy 5
* Adding diesel table aliases, removing sql view hack. Fixes#2101
Co-authored-by: Steven Chu <stevenc1@gmail.com>
Co-authored-by: Nutomic <me@nutomic.com>
* Throw error if old pictrs config item is used, make api key optional
* use doku url feature
* fix doku version
* fix clippy
* remove unused image purge function, remove config migration
* Specify minimum Rust version 1.57 (fixes#2333)
* use latest rust for clippy
* use rust 1.60 for clippy
* no add component
* use official rust docker
* comments
* First pass at adding admin purge. #904#1331
* Breaking out purge into 4 tables for the 4 purgeable types.
* Using CommunitySafe instead in view
* Fix db_schema features flags.
* Attempting to pass API key.
* Adding pictrs image purging
- Added pictrs_config block, for API_KEY
- Clear out image columns after purging
* Remove the remove_images field from a few of the purge API calls.
* Fix some suggestions by @nutomic.
* Add separate pictrs reqwest client.
* Update defaults.hjson
Co-authored-by: Nutomic <me@nutomic.com>
* Create example for apub lib
* some rewriting of apub lib
* Add LocalInstance struct for apub lib to avoid using Lemmy Settings
* Move ActorType trait to lemmy_apub, because its not needed in library
* Use reqwest_retry instead of custom impl, dont specify timeout on every send()
* Some improvements to example
* Moved inbox handling to library
* bug fixes
* Move context and serde helpers into library
* wip: example changes
* Add lemmy_utils feature to build only LemmyError
* Rename to activitypub_federation
* Remove lemmy_utils dep from activitypub_federation using generic error type
* Finish activitypub example
* Cleanup and fix tests
* Reorganize library files
* Remove ApubObject.to_tombstone()
* Extract activitypub library into separate git repository
* Dont log errors when rate limit is hit (fixes#2157)
* Clone service rather than http request
* some cleanup/refactoring
Co-authored-by: Aode (Lion) <asonix@asonix.dog>
* Make webfinger case insensitive
* Make webfinger case insensitive
* Case insensitive domain name
* Case-insensitive webfinger
* formatting
Co-authored-by: Kradyz <k@radiz.nl>
* First pass at invite-only migration.
* Implement email verification (fixes#219)
* remove unwrap
* Adding views and functionality to registration application. #209
* Add private instance site column, and back end checks.
* Adding some message fields to LoginResponse
* Adding private instance to site setup.
* A few additions:
- Add a DeleteAccount response.
- RegistrationApplicationView now has the safe LocalUserSettings.
- Adding VerifyEmail to websocket API, added a proper response type.
* Adding and reorganizing some email helpers.
* A few fixes for private sites:
- Added a check_registration_application function.
- Only send a verification email if its been changed.
- VerifyEmail now returns LoginResponse.
- Deleting the old tokens after a successful email verify.
- If port is missing on email config, display a better error message.
* Version 0.15.0-rc.3
* Adding published to email_verification table.
* Adding fixes from comments.
* Version 0.15.0-rc.4
* Adding modlog private site check.
* Version 0.15.0-rc.6
Co-authored-by: Felix Ableitner <me@nutomic.com>
* Respond directly with LemmyError
Instrument Perform implementations for more precise traces
Use ApiError to format JSON errors when messages are present
Keep SpanTrace output in LemmyError Display impl
* Hide SpanTrace debug output from LemmyError
* Don't log when entering spans, only when leaving
* Update actix-web
* Update actix-rt
* Add newline after error info in LemmyError Display impl
* Propogate span information to blocking operations
* Instrument apub functions
* Use skip_all for more instrument attributes, don't skip 'self' in some api actions
* Make message a static string
* Send proper JSON over websocket
* Add 'message' to LemmyError display if present
* Use a quieter root span builder, don't pretty-print logs
* Keep passwords and emails out of logs
* Re-enable logging Login
* Instrument feeds
* Emit our own errors
* Move error log after status code recording
* Make Sensitive generic over the inner type
* Remove line that logged secrets
* Trying out rust-musl-builder for cargo publish
* Version 0.13.5-rc.1
* Try rust:nightly
* Version 0.13.5-rc.2
* Try rust slim
* Version 0.13.5-rc.3
* Try rust 1.51
* Version 0.13.5-rc.4
* Trying another nightly
* Version 0.13.5-rc.5
* Trying another fix
* Version 0.13.5-rc.6
* Use env var for config location when saving (not default location)
* Consistent variable formatting for easy replacement with sed
* Remove unmaintained lemmy_dev and uninstall playbooks
* Simplify lemmy.hjson for ansible
* cleanup ansible playbook
* add separate playbook for updating lemmy config
* Revert "add separate playbook for updating lemmy config"
This reverts commit 0a970ae1da.
* Updating lemmy-js-client.
* Fix prod deploy script and clippy
* Try using buster.
* Using more generic and updated images.
* again.
* again.
* Try alternate env
* again.
* again.
* Version 0.11.4-rc.24
* again.
* Better old_tag
* Version 0.11.4-rc.27
* Updating cargo.lock
* Trying to run a cargo check to update the lock
* Version 0.11.4-rc.28
* Replace Iframely. Fixes#1681
* Add post_link_tags to nginx
* Adding post_link_tags route
* Cleaning up post_link_tags
* Changing PostLink to SiteMetadata, adding it to the API.
* Fixing issue when local has no openssl certs.
* Fixing an issue with pictrs errors
* Revert "Fixing issue when local has no openssl certs."
This reverts commit dbf7d1b1ee03846e5ef7b7156e618424f1150e1d.
* Add ca-certs to dockerfile for volume mount.
* Cleaning up fetch_pictrs request
* Changing to fetch_site_data
* Make length of user/community name configurable (fixes#1306)
* use single config value, fix migrations, increase displayname length
* remove debug statements
* add helper method for setting actor_name_max_length
* move function
* Fixing some defaults
Co-authored-by: Felix Ableitner <me@nutomic.com>
* Actualize a comment about config initialization
* Add additional slurs functionality.
It is possible to additional regex for slurs filtering.
It can be done through `additional_slurs` option in config file.
* origin/main:
revert Compose file version from 3.3 to 2.2
Adding more mem limits
bump memory limit of iframely
Remove extra category_id s . Fixes#1429
Fixing wrong user_ and community icon and banner urls.
Remove category from activitypub context
Adding a password length check to other API actions. (#1474)
Update test script
Use URL type in most outstanding struct fields (#1468)
Forbid usage of unwrap
Upgrade Rust version
Rewrite settings implementation. Fixes#1270 (#1433)
Rename `lemmy_structs` to `lemmy_api_structs`
# Conflicts:
# crates/db_schema/src/source/user.rs
* Use URL type in most outstanding struct fields
This fixes all known remaining cases where url fields are stored as
plain strings, with the exception of form fields where empty strings
are used as sentinels (see `diesel_option_overwrite_to_url`).
Tested for regressions in the federated docker setup attempting to
exercise all changed fields, including through apub federation.
Fixes#1385
* Add migration to fix blank-string post.url values to be null
This also then fixes#602
* Address review feedback
- Fixed some unwraps and err message formatting
- Bumped the `url` library to 2.2.1 to fix a bug with serde error
messages
- Add unit tests for the two diesel option override functions
- Fix migration teardown by adding a no-op
* Rename lemmy_db_queries::Url to lemmy_db_queries::DbUrl
* fix compile error
* box PostOrComment variants
* A first attempt at using deser-hjson. Fixes#1270
* Trying to fix tests, try 1
* Trying to fix tests, try 2
* A few fixes to deser_hjson
- Removing unwrap_or_defaults, using impl functions.
- Reorganized settings
* Make clippy happy
* hjson list strings must be quoted.
* Adding support for env vars.
* Moving to structs and defaults file.
* Moving settings default and struct.
Since DB tests execute diesel migrations automatically, concurrent
execution causes flaky failures from simultaneous migrations. This can
be worked around using `cargo test --workspace -- --test-threads=1`,
which is what the CI config does, but this is not intuitive for
newcomer developers and unnecessarily slows down the test suite for
the majority of tests which are safe to run concurrently. This fixes
this issue by integrating with the small test crate `serial_test` and
using it to explicitly mark DB tests to run sequentially while
allowing all other tests to run in parallel.
Additionally, this greatly improves the speed of `cargo test` by
disabling doc-tests in all crates, since these are aren't currently
used and cargo's doc-test pass, even when no doc-tests exist, has
significant overhead. On my machine, this change significantly
improves test suite times by about 85%, making it much more practical
to develop with tools like `cargo watch` auto-running tests.