Commit graph

1594 commits

Author SHA1 Message Date
tobi c36f9ac37b
[feature] Account alias / move API + db models (#2518)
* [feature] Account alias / move API + db models

* go fmt

* fix little cherry-pick issues

* update error checking, formatting

* add and use new util functions to simplify alias logic
2024-01-16 16:22:44 +00:00
tobi ebf550b7c1
[chore] Move to codeberg's exif-terminator (#2536) 2024-01-15 20:54:32 +00:00
tobi 07aee57af2
[bugfix] Replace named unique constraint on header filter header with generic unique directive (#2525)
* [bugfix] Replace named unique constraint on header filter header with generic unique directive

* add migration retry

* the old fixie uppie

* fix constraint name

* my goodness
2024-01-15 15:39:10 +00:00
tobi 02668756a7
[docs] Update roadmap for 2024 onwards (#2521) 2024-01-15 14:17:17 +00:00
dependabot[bot] d6eb7caae7
[chore]: Bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 (#2531) 2024-01-15 13:31:30 +00:00
tobi 6433a50582
[chore] update bun + extras v1.1.16 -> v1.1.17 (#2534) 2024-01-15 14:08:07 +01:00
dependabot[bot] a43ce99da9
[chore]: Bump github.com/tdewolff/minify/v2 from 2.20.12 to 2.20.14 (#2530)
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.20.12 to 2.20.14.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.20.12...v2.20.14)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:02:40 +01:00
dependabot[bot] 637a57f2de
[chore]: Bump github.com/jackc/pgx/v5 from 5.5.1 to 5.5.2 (#2532)
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.5.1 to 5.5.2.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.1...v5.5.2)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:02:02 +01:00
dependabot[bot] b70ec68499
[chore]: Bump golang.org/x/net from 0.19.0 to 0.20.0 (#2533)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.19.0 to 0.20.0.
- [Commits](https://github.com/golang/net/compare/v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:01:35 +01:00
tobi 9607b482cc
[chore/docs] Replace specific year range of copyright notice (#2520) 2024-01-13 16:33:53 +01:00
kim dfc7656579
[bugfix] fix higher-level explicit domain rules causing issues with lower-level domain blocking (#2513)
* fix the sort direction of domain cache child nodes ...

* add more domain cache test cases

* add specific test for this bug to database domain test suite (thanks for writing this @tsmethurst!)

* remove unused field (this was a previous attempt at a fix)

* remove debugging println statements 😇
2024-01-09 13:12:43 +00:00
dependabot[bot] 87bb596a02
Bump follow-redirects from 1.15.3 to 1.15.4 in /web/source (#2512)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.3 to 1.15.4.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.3...v1.15.4)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:32:39 +00:00
dependabot[bot] d9127f5630
[chore]: Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 (#2507)
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:30:01 +00:00
kim 10660e566d
[bugfix] misc dereferencer fixes (#2475)
* only perform status-up-to-date checks if no statusable has been provided

* copy over the same style of freshness checking from status deref -> accounts

* change some var names

* check for empty account domain
2024-01-09 10:42:39 +01:00
tobi 7cce1a7cc6
[bugfix] Outdent placeholder from <aside> when returning unknown media attachments (#2485)
* [bugfix] Outdent placeholder from `<aside>`

* visually separate placeholder note from body

* fix test
2024-01-09 10:41:32 +01:00
tobi aad3384c98
[feature] Log pubKeyID for http-signed requests (#2501) 2024-01-09 10:41:15 +01:00
dependabot[bot] 022bfda52a
[chore]: Bump golang.org/x/image from 0.14.0 to 0.15.0 (#2506)
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/image/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/image
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:40:59 +01:00
dependabot[bot] f0c3533862
[chore]: Bump github.com/tdewolff/minify/v2 from 2.20.9 to 2.20.12 (#2509)
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.20.9 to 2.20.12.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.20.9...v2.20.12)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:40:38 +01:00
tobi 72d0f46b0b
[feature] Allow webp emoji uploads / derefs (#2484) 2024-01-05 13:39:53 +01:00
tobi d5e3996a18
[feature] Parse instance descriptors as markdown, show T&C on /about (#2481)
* [feature] Parse instance descriptors as markdown, show T&C on /about

* lint

* remove unnecessary nullzero tags
2024-01-05 13:39:31 +01:00
kim 511ad97fe7
[bugfix] fix check for closed poll to account for non-zero closed time but in the future (#2486) 2024-01-03 18:42:58 +01:00
dependabot[bot] 0cb1dd493c
[chore]: Bump github.com/minio/minio-go/v7 from 7.0.65 to 7.0.66 (#2467)
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.65 to 7.0.66.
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.65...v7.0.66)

---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>
2024-01-03 10:34:54 +00:00
kim 31481fad35
[bugfix] increases sleep time before check in throttle test, to give more leeway (#2482) 2024-01-03 10:27:55 +00:00
Daenney a15415b1a2
[docs] Describe how to block IPs using a firewall (#2459)
* [docs] Describe how to block IPs using a firewall

This adds some documentation on how to block one, multiple or whole IP
ranges using the firewall. This can be helpful to protect from DDoS
attacks or block certain parties from being able to communicate with
your instance at all.

* [docs] Fix indenting of nft rule

* [docs] Split iptables and nftables into sections
2024-01-03 10:14:38 +00:00
dependabot[bot] 3ab6214449
[chore]: Bump github.com/jackc/pgx/v5 from 5.5.0 to 5.5.1 (#2468)
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.5.0 to 5.5.1.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.0...v5.5.1)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:03:16 +00:00
dependabot[bot] d685e86432
[chore]: Bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2469)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:03:06 +00:00
dependabot[bot] 0e56867d8b
[chore]: Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#2478)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:02:49 +00:00
dependabot[bot] ed1a656be9
[chore]: Bump modernc.org/sqlite from 1.27.0 to 1.28.0 (#2470)
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.27.0 to 1.28.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:01:54 +00:00
tobi 0ff52b71f2
[chore] Refactor HTML templates and CSS (#2480)
* [chore] Refactor HTML templates and CSS

* eslint

* ignore "Local"

* rss tests

* fiddle with OG just a tiny bit

* dick around with polls a bit more so SR stops saying "clickable"

* remove break

* oh lord

* don't lazy load avatar

* fix ogmeta tests

* clean up some cruft

* catch remaining calls to c.HTML

* fix error rendering + stack overflow in tag

* allow templating attributes

* fix indent

* set aria-hidden on status complementary content, since it's already present in the label anyway

* tidy up templating calls a little

* try to make styling a bit more consistent + readable

* fix up some remaining CSS issues

* fix up reports
2023-12-27 11:23:52 +01:00
kim 97a1fd9a29
[bugfix] 😇 (#2476) 2023-12-18 16:40:29 +00:00
kim 8ebb7775a3
[feature] request blocking by http headers (#2409) 2023-12-18 14:18:25 +00:00
Sam Lade 07bd848028
fix poll total vote double count (#2464) 2023-12-16 19:12:25 +00:00
Sam Lade 285d55dda8
[feature] Push status edit messages into open streams (#2418)
* push status edit messages into open streams

* fix a few comments

* test++

* commented out code? moi?
2023-12-16 12:55:49 +01:00
Daenney fbe4e60232
[feature] Run ANALYZE after migrations on SQLite (#2428)
* [feature] Run ANALYZE after migrations on SQLite

This ensures that at the end of migrations, we run ANALYZE if we're
using SQLite. This should be relatively quick and guarantees that the
table and index statistics have been updated. This helps to ensure the
query planner makes better choices when it comes to picking which
indexes are used when running queries.

* [chore] use ExecContext

Uses ExecContext so we pass the context through, this is helpful for
anyone running with tracing enabled
2023-12-16 12:54:53 +01:00
kim d56a8d095e
[performance] simpler throttling logic (#2407)
* reduce complexity of throttling logic to use 1 queue and an atomic int

* use atomic add instead of CAS, add throttling test
2023-12-16 12:53:42 +01:00
OniriCorpe 1312695c46
[docs]: Update FAQ and ROADMAP (#2458)
* Update faq.md

* Update ROADMAP.md

* Add PR links
2023-12-16 12:49:37 +01:00
kim f4fcffc8b5
[bugfix] use a much shorter refresh limit for statuses with polls (#2453)
* specifically use a much shorter refresh limit for statuses with polls

* allow specifying whether status must be upToDate in calls to Get(Visible)?TargetStatusBy_(), limit force refresh to 5 minute cooldown

* remove the PollID check from statusUpToDate()

* remove unnecessary force flag checks

* remove unused field

* check refresh status error

* use argument name 'refresh' instead of 'upToDate' to better fit with the codebase

* add statuses_poll_id_idx

* remove the definitely-not copy-pasted comment i accidentally typed out in full

* only synchronously refresh if the refresh flag is provided, otherwise do async

* fix wrong force value being provided for async

---------

Co-authored-by: tobi <tobi.smethurst@protonmail.com>
2023-12-15 15:24:39 +01:00
tobi d0bb8f0973
[bugfix] Let templates deref pointers, as a treat (#2448) 2023-12-12 14:44:54 +00:00
kim ac48192562
[bugfix] poll vote count fixes (#2444)
* don't drop all vote counts if hideCounts is set, refactors poll option extraction slightly

* omit voters_count when not set

* make voters_count a ptr to ensure it is omit unless definitely needed

* handle case of expires_at, voters_count and option.votes_count being nilable

* faster isNil check

* remove omitempty tags since mastodon API marks things as nullable but still sets them in outgoing json
2023-12-12 13:47:07 +00:00
kim 2191c7dee5
[bugfix] ensure the 'Closing' flag doesn't get cached (#2443) 2023-12-11 12:05:54 +00:00
dependabot[bot] cd1611362f
[chore]: Bump github.com/KimMachineGun/automemlimit from 0.3.0 to 0.4.0 (#2440)
Bumps [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit) from 0.3.0 to 0.4.0.
- [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/KimMachineGun/automemlimit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:35:15 +00:00
dependabot[bot] 9b03840b42
[chore]: Bump github.com/miekg/dns from 1.1.56 to 1.1.57 (#2439)
Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.56 to 1.1.57.
- [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release)
- [Commits](https://github.com/miekg/dns/compare/v1.1.56...v1.1.57)

---
updated-dependencies:
- dependency-name: github.com/miekg/dns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:09:26 +00:00
dependabot[bot] cdeba94015
[chore]: Bump golang.org/x/oauth2 from 0.13.0 to 0.15.0 (#2438)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.13.0 to 0.15.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.13.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:01:04 +00:00
dependabot[bot] a968a03ab8
[chore]: Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 (#2442)
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.7.0 to 3.9.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.7.0...v3.9.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:00:24 +00:00
tobi bca9b2c896
[bugfix] Make screenreaders read out Language of posts properly (#2436)
* [bugfix] Make screenreaders read out Language of posts properly

* make published more readable
2023-12-10 15:06:06 +01:00
tobi 3f070a442a
[bugfix] Narrow search scope for accounts starting with '@'; don't LOWER SQLite text searches (#2435) 2023-12-10 14:15:41 +01:00
tobi d60edf7ec6
[bugfix] Ensure pre renders as expected, fix orderedCollectionPage (#2434) 2023-12-10 12:36:00 +01:00
tobi cc91ea057d
[bugfix] Fix web media not showing as sensitive (#2433)
* [bugfix] Fix web media not showing as sensitive

* test

* go fmt
2023-12-09 16:54:38 +01:00
tobi c6d6fec17d
[bugfix] Fix wrong notification type sent for poll end (#2429) 2023-12-08 23:33:42 +01:00
tobi 4779aecdec
[chore] Run ANALYZE for SQLite after latest migrations (#2427) 2023-12-08 16:59:20 +01:00