summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFiles
2023-08-20[feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra ↵Libravatar tobi13
URIs (#2134) * [feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs * env parsing tests, my coy mistress
2023-08-19[feature] Instance rules (#2125)Libravatar f0x5249
* init instance rules database model, admin api * expose instance rules in public instance api * public /api/v1/instance/rules route * GET ruleById * createRule route * createRule auth check * updateRule * deleteRule * list rules on about page * ruleGet auth * add about page ids for anchors * process and store adding violated rules to reports * admin api models for instance rules * instance rule edit frontend * change rule inputs to textareas * database fixes after rebase (#2124) * remove unused imports * fix db migration column name * fix tests * fix more tests * fix postgres error with wrongly used Ident * add some tests, fiddle with rule model a bit, fix postgres migration * swagger docs --------- Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2023-08-17[bugfix] fix double firing bun.DB query hooks (#2124)Libravatar kim44
* improve bun.DB wrapping readability + comments, fix double-firing query hooks * fix incorrect code comment placement * fix linter issues * Update internal/db/basic.go * do as the linter commmands ... --------- Signed-off-by: kim <grufwub@gmail.com> Co-authored-by: Daenney <daenney@users.noreply.github.com>
2023-08-16[chore]: Bump github.com/jackc/pgx/v5 from 5.4.2 to 5.4.3 (#2112)Libravatar dependabot[bot]15
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-16[chore]: Bump github.com/abema/go-mp4 from 0.12.0 to 0.13.0 (#2113)Libravatar dependabot[bot]4
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-16[chore]: Bump modernc.org/sqlite from 1.24.0 to 1.25.0 (#2114)Libravatar dependabot[bot]122
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-15[feature] Add snapshot binary builds + uploads (#2119)Libravatar tobi4
* [feature] Add snapshot binary builds + uploads * Update docs to include info on snapshot builds * review comments * little tweaks
2023-08-15[chore] ensure worker contexts have request ID (#2120)Libravatar kim4
2023-08-14[bugfix] fix inconsistent calculated cache sizes (#2115)v0.11.0Libravatar kim5
* use calculated exampleTime instead of `time.Now()` to ensure no locale data, retweak cache ratios * update envparsing test * update default cache memory to 100MiB * fix envparsing with latest cache target default --------- Signed-off-by: kim <grufwub@gmail.com>
2023-08-14[fix] Update CSP header for blob images (upload preview) and dev livereload ↵v0.11.0-rc3Libravatar f0x522
(#2109) * update CSP header for blob images (upload preview) and dev livereload websocket * update csp for s3, update csp tests
2023-08-13[bugfix] bump go-kv version with logfmt quote fix (#2108)Libravatar kim8
2023-08-12[bugfix] CSP policy fixes for S3/object storage (#2104)Libravatar Daenney2
* [bugfix] CSP policy fixes for S3 in non-proxied mode * It should be img-src * In both img-src and media-src we still need to include 'self'
2023-08-11[bugfix] Add s3 endpoint as image-src and media-src for CSP (#2103)v0.11.0-rc2Libravatar tobi2
* [bugfix] Add s3 endpoint as image-src and media-src for CSP * use https if secure * reorder comment
2023-08-11[bugfix] Suppress 'errNoEntries' warnings from InboxForwarding function call ↵v0.11.0-rc1Libravatar tobi1
(#2102)
2023-08-11[bugfix] Fix using wrong key for clientID during oauth callback (#2101)Libravatar tobi1
2023-08-11[bugfix] Use custom bluemonday policy to disallow inline img tags (#2100)Libravatar tobi17
2023-08-11[feature] Set Content-Security-Policy header (#2095)Libravatar Daenney2
This adds the CSP header with a policy of only loading from the same domain. We don't make use of external media, CSS, JS, fonts, so we don't ever need external data loaded in our context. When building a DEBUG build, the policy gets extended to include localhost:*, i.e localhost on any port. This keeps the live-reloading flow for JS development working. localhost and 127.0.0.1 are considered to be the same so mixing and matching those doesn't result in a CSP violation.
2023-08-11[bugfix] Populate followReq before accessing targetaccount pointer (#2099)Libravatar tobi1
2023-08-10[bugfix] Use length in runes when trimming for RSS (#2094)Libravatar tobi2
2023-08-10[chore] Add test to ensure `show_reblogs` on follow works as expected (#2093)Libravatar tobi1
2023-08-10[performance] remove last of relational queries to instead rely on caches ↵Libravatar kim19
(#2091)
2023-08-09[feature] List replies policy, refactor async workers (#2087)Libravatar tobi49
* Add/update some DB functions. * move async workers into subprocessor * rename FromFederator -> FromFediAPI * update home timeline check to include check for current status first before moving to parent status * change streamMap to pointer to mollify linter * update followtoas func signature * fix merge * remove errant debug log * don't use separate errs.Combine() check to wrap errs * wrap parts of workers functionality in sub-structs * populate report using new db funcs * embed federator (tiny bit tidier) * flesh out error msg, add continue(!) * fix other error messages to be more specific * better, nicer * give parseURI util function a bit more util * missing headers * use pointers for subprocessors
2023-08-09[bugfix] Fix incorrect per-loop variable capture (#2092)Libravatar Daenney2
These should be per iteration, not per loop. This was caught by running a build with the loopvar experiment: go build -gcflags=-d=loopvar=2.
2023-08-09update coc (#2090)Libravatar kim2
* update coc * improve wording * point to coc doc in contributing doc * swap-out ancap for capitalist * fix git relative path * ACTUALLY fix the relative link * fix spelling of abhorrent
2023-08-09[docs] Add first anti-harassment research article re: authorized fetch (#2089)Libravatar tobi1
2023-08-08[bugfix] only set content-length AFTER rewinding body bytes (#2086)Libravatar kim1
2023-08-08[bugfix] don't accept unrelated statuses (#2078)Libravatar kim7
Co-authored-by: Daenney <daenney@users.noreply.github.com> Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2023-08-08[chore] Update robots.txt, give chatgpt the middle finger (#2085)Libravatar tobi1
2023-08-08[chore] Add Feditext as recommended client (#2081)Libravatar Daenney8
With Feditext now accepting beta users, this adds it as the third client to recommend so we have web and the dominant mobile platforms covered. This also removes the screenshots from the README, because it became a mess trying to add a third one. Either the cells become very narrow, or the table doubles in height. As the UI may also change over time, it might be better to point folks at the apps instead who'll hopefully have up to date screenshots in their storefronts.
2023-08-07[chore] Use generic pointer function (#2080)Libravatar Daenney22
This replaces the different $TypePtr functions with a generic implementation.
2023-08-07[chore]: Bump github.com/tdewolff/minify/v2 from 2.12.7 to 2.12.8 (#2073)Libravatar dependabot[bot]10
2023-08-07[feature] Allow full BCP 47 in language inputs (#2067)Libravatar Vyr Cossont9
* Allow full BCP 47 in language inputs Fixes #2066 * Fuse validation and normalization for languages * Remove outdated comment line * Move post language canonicalization test
2023-08-07[chore]: Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#2076)Libravatar dependabot[bot]6
2023-08-07[chore]: Bump github.com/abema/go-mp4 from 0.11.0 to 0.12.0 (#2075)Libravatar dependabot[bot]10
2023-08-07[chore]: Bump golang.org/x/crypto from 0.11.0 to 0.12.0 (#2077)Libravatar dependabot[bot]47
2023-08-07[chore]: Bump golang.org/x/image from 0.9.0 to 0.11.0 (#2074)Libravatar dependabot[bot]6
2023-08-06[chore] Remove go-playground/validator (#2069)Libravatar Daenney51
* [chore] Remove go-playground/validator It turns out we're not actually using the validator code. This is a remnant from when we intended to use it, but the presence of it and its struct tags creates the illusion we're validating a lot of things we're not. It resulted in some confusion when we were trying to figure out language valdiation. Remove all this code, so that only the validation functions from the validate package we actually use remain. I'm not touching the struct tags in the migrations in order to avoid things potentially thinking migrations need to be re-run. * [chore] Bring back a struct tag on api The validate on internal/api is Gin doing form validation, not the validator from go-playground/validator.
2023-08-06[bugfix] update cache library with nil ptr fix (#2070)Libravatar kim6
Signed-off-by: kim <grufwub@gmail.com>
2023-08-06[docs] fix postgres create database command (#2071)Libravatar Max Rosin1
The current command `create database gotosocial with locale C.UTF-8 template template0;` fails because the locale has to be quoted: ``` postgres=# create database gotosocial with locale C.UTF-8 template template0; ERROR: syntax error at or near "." LINE 1: create database gotosocial with locale C.UTF-8 template temp... ``` Tested manually that it works with the quotes and the official postgres examples also use quotes around the locales: https://www.postgresql.org/docs/current/sql-createdatabase.html
2023-08-04[performance] add caching of status fave, boost of, in reply to ID lists (#2060)Libravatar kim27
2023-08-03[feature] simpler cache size configuration (#2051)Libravatar kim32
* add automatic cache max size generation based on ratios of a singular fixed memory target Signed-off-by: kim <grufwub@gmail.com> * remove now-unused cache max-size config variables Signed-off-by: kim <grufwub@gmail.com> * slight ratio tweak Signed-off-by: kim <grufwub@gmail.com> * remove unused visibility config var Signed-off-by: kim <grufwub@gmail.com> * add secret little ratio config trick Signed-off-by: kim <grufwub@gmail.com> * fixed a word Signed-off-by: kim <grufwub@gmail.com> * update cache library to remove use of TTL in result caches + slice cache Signed-off-by: kim <grufwub@gmail.com> * update other cache usages to use correct interface Signed-off-by: kim <grufwub@gmail.com> * update example config to explain the cache memory target Signed-off-by: kim <grufwub@gmail.com> * update env parsing test with new config values Signed-off-by: kim <grufwub@gmail.com> * do some ratio twiddling Signed-off-by: kim <grufwub@gmail.com> * add missing header * update envparsing with latest defaults Signed-off-by: kim <grufwub@gmail.com> * update size calculations to take into account result cache, simple cache and extra map overheads Signed-off-by: kim <grufwub@gmail.com> * tweak the ratios some more Signed-off-by: kim <grufwub@gmail.com> * more nan rampaging Signed-off-by: kim <grufwub@gmail.com> * fix envparsing script Signed-off-by: kim <grufwub@gmail.com> * update cache library, add sweep function to keep caches trim Signed-off-by: kim <grufwub@gmail.com> * sweep caches once a minute Signed-off-by: kim <grufwub@gmail.com> * add a regular job to sweep caches and keep under 80% utilisation Signed-off-by: kim <grufwub@gmail.com> * remove dead code Signed-off-by: kim <grufwub@gmail.com> * add new size library used to libraries section of readme Signed-off-by: kim <grufwub@gmail.com> * add better explanations for the mem-ratio numbers Signed-off-by: kim <grufwub@gmail.com> * update go-cache Signed-off-by: kim <grufwub@gmail.com> * library version bump Signed-off-by: kim <grufwub@gmail.com> * update cache.result{} size model estimation Signed-off-by: kim <grufwub@gmail.com> --------- Signed-off-by: kim <grufwub@gmail.com>
2023-08-02[bugfix] Rework MultiError to wrap + unwrap errors properly (#2057)Libravatar tobi24
* rework multierror a bit * test multierror
2023-08-02[bugfix] fix slow accounts / statuses using emojis lookups (#2056)Libravatar kim3
* update DeleteEmoji to use faster relational tables for status / account finding Signed-off-by: kim <grufwub@gmail.com> * update Get{Accounts,Statuses}UsingEmoji() to also use relational tables Signed-off-by: kim <grufwub@gmail.com> * remove the now unneeded tags relation from newStatusQ() Signed-off-by: kim <grufwub@gmail.com> * fix table names Signed-off-by: kim <grufwub@gmail.com> * fix account and status selects using emojis Signed-off-by: kim <grufwub@gmail.com> --------- Signed-off-by: kim <grufwub@gmail.com>
2023-08-02[bugfix] handle HEAD requests more elegantly (#2055)Libravatar kim1
Signed-off-by: kim <grufwub@gmail.com>
2023-08-02[bugfix] Allow instance accounts to be shown in search results in certain ↵Libravatar tobi6
circumstances (#2053)
2023-08-01[feature] Allow users to skip http client tls verification for testing ↵Libravatar tobi10
purposes (with appropriately loud warnings) (#2052)
2023-08-01[feature] Set timezone in Docker using TZ env variable (#2050)Libravatar tobi4
2023-08-01Revert "[feature] Configurable timezone in containers (#2046)" (#2048)Libravatar tobi2
This reverts commit 96dd0e75f20a1f1f8203f3438ae7a82d260a0ef8.
2023-08-01[feature] Configurable timezone in containers (#2046)Libravatar Charles Chin2
2023-07-31[feature] Hashtag federation (in/out), hashtag client API endpoints (#2032)Libravatar tobi69
* update go-fed * do the things * remove unused columns from tags * update to latest lingo from main * further tag shenanigans * serve stub page at tag endpoint * we did it lads * tests, oh tests, ohhh tests, oh tests (doo doo doo doo) * swagger docs * document hashtag usage + federation * instanceGet * don't bother parsing tag href * rename whereStartsWith -> whereStartsLike * remove GetOrCreateTag * dont cache status tag timelineability
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-03 17:59:00 +0000