summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFiles
2022-06-08[bugfix] #621: add weak type handing to mapstructure decode (#625)Libravatar kim4
* Drone sig (#623) * accept weakly typed input on mapstructure decode i.e. .UnmarshalMap() Signed-off-by: kim <grufwub@gmail.com> * add envparsing script to test for panics during environment variable parsing Signed-off-by: kim <grufwub@gmail.com> * add envparsing.sh script to drone commands Signed-off-by: kim <grufwub@gmail.com> * update drone signature Co-authored-by: kim <grufwub@gmail.com> * compare expected with output * update expected output of envparsing * update expected output to correct value * use viper's unmarshal function instead There were problems with marshalling string slices from viper into the st.config struct with the other function. Now, we can use viper's unmarshal function and pass in the custom decoder config that we need as a hook. This ensures that we marshal string slices from viper into our config struct correctly. Co-authored-by: tobi <31960611+tsmethurst@users.noreply.github.com> Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2022-06-08[feature] add vscode workspace config for linting + debugging (#588)Libravatar f0x523
* vscode workspace config for debug run + linting * ignore debug build file
2022-06-08[feature] Add paging via `Link` header for notifications and account ↵Libravatar tobi17
statuses (#629) * test link headers * page get account statuses properly * page get notifications * add util func for packaging timeline responses * return timelined stuff from accountstatusesget * rename timeline response * use new convenience function * go fmt
2022-06-08[frontend] linkify header mascot+title (#633)Libravatar f0x523
2022-06-04[bugfix] Update time marshalling format to provide 3 digits of ms (#630)Libravatar tobi6
2022-06-03[feature] Start adding advanced configuration options, starting with ↵Libravatar tobi11
`samesite` (#628) * fix incorrect port being used for db * start adding advanced config flags * use samesite lax by default
2022-06-01[chore] Adds Issue templates to Github (#626)Libravatar 0hlov33
* Adds ISSUE Templates * Corrects the ISSUE_Templates
2022-05-30[chore] Global server configuration overhaul (#575)Libravatar kim90
* move config flag names and usage to config package, rewrite config package to use global Configuration{} struct Signed-off-by: kim <grufwub@gmail.com> * improved code comment Signed-off-by: kim <grufwub@gmail.com> * linter Signed-off-by: kim <grufwub@gmail.com> * fix unmarshaling Signed-off-by: kim <grufwub@gmail.com> * remove kim's custom go compiler changes Signed-off-by: kim <grufwub@gmail.com> * generate setter and flag-name functions, implement these in codebase Signed-off-by: kim <grufwub@gmail.com> * update deps Signed-off-by: kim <grufwub@gmail.com> * small change Signed-off-by: kim <grufwub@gmail.com> * appease the linter... Signed-off-by: kim <grufwub@gmail.com> * move configuration into ConfigState structure, ensure reloading to/from viper settings to keep in sync Signed-off-by: kim <grufwub@gmail.com> * lint Signed-off-by: kim <grufwub@gmail.com> * update code comments Signed-off-by: kim <grufwub@gmail.com> * fix merge issue Signed-off-by: kim <grufwub@gmail.com> * fix merge issue Signed-off-by: kim <grufwub@gmail.com> * improved version string (removes time + go version) Signed-off-by: kim <grufwub@gmail.com> * fix version string build to pass test script + consolidate logic in func Signed-off-by: kim <grufwub@gmail.com> * add license text, update config.Defaults comment Signed-off-by: kim <grufwub@gmail.com> * add license text to generated config helpers file Signed-off-by: kim <grufwub@gmail.com> * defer unlock on config.Set___(), to ensure unlocked on panic Signed-off-by: kim <grufwub@gmail.com> * make it more obvious which cmd flags are being attached Signed-off-by: kim <grufwub@gmail.com>
2022-05-28[chore] Mastodon api fixups (#617)Libravatar tobi11
* don't omitempty on description * don't omitempty on any fields * add ms to timestamp format * don't omitempty on text_url * rearrange attachment fields a bit * just give URL again as attachment text url * update tests * fix accidental replace
2022-05-28[frontend] Reduce width of profile img with screen width (#615)Libravatar Sashanoraa3
The commit makes the profile image on the profile page reduce in width if the screen width is less then it's normal width while maintaining it's 1:1 aspect ration. Signed-off-by: Sashanoraa <sasha@noraa.gay>
2022-05-28[frontend] Add padding to the bottom of main (#616)Libravatar Sashanoraa2
This way the footer doesn't touch on the content on mobile. Signed-off-by: Sashanoraa <sasha@noraa.gay>
2022-05-27[bugfix] Add `accept: application/activity+json` to dereferencer (#611)Libravatar tobi1
* add Accept application/activity+json to transport * add application/activity+json comma-separated
2022-05-27[chore] Debug failed account get (#612)Libravatar tobi1
2022-05-27[chore] Add test for dereferencing Owncast service account (#613)Libravatar tobi5
2022-05-26[performance] Don't retry/backoff invalid http requests that will never ↵v0.3.4Libravatar tobi8
succeed (#609) * add httpguts (ew) * add ValidateRequest err wrapping logic * don't retry on unrecoverable errors * i am very clever
2022-05-26[performance] Bump default workers to CPUs * 2 (#608)Libravatar tobi1
* add license text to workers.go * bump default workers to maxprocs*2
2022-05-26[bugfix] Fix HTML escaping in instance title (#607)Libravatar tobi15
* move caption sanitization -> sanitize.go * use sanitizeplaintext rather than removehtml * rename sanitizecaption to sanitizeplaintext * avoid removing html twice from statuses * unexport remoteHTML it's no longer used outside the text package so this makes it less confusing * test instance PATCH
2022-05-25[security] Set SameSite to `strict` instead of browser default (#606)Libravatar tobi1
2022-05-24[chore] Serialize times as UTC ISO8601 instead of RFC3339 (#602)Libravatar tobi4
* add time util to mimic utc ISO8601 * use ISO8601 when serializing to frontend * update test notification
2022-05-24[bugfix] Don't serialize instance account if not set (#603)Libravatar tobi2
* omit contactAccount from json if not set * test instance serialization
2022-05-24[bugfix] Only search remote if protocol is http(s) (#601)Libravatar tobi1
2022-05-24[bugfix] Set refetch to true in iterateDescendants (#600)Libravatar tobi1
2022-05-23[bugfix] Fix multiple dereferences of boosted status causing media ↵Libravatar tobi18
duplication (#589) * add some announces to test models * start on announce test logic * test federatingDB.Announce * change signature of GetRemoteStatus * remove 'refresh' logic and replace it with refetch * go fmt * remove timeline manager from processor test * make zork created at determinate * test get account statuses * test get + serialize zork * make account keys determinate * make admin accountCreate time determinate * test account to as * init test config before test log * test status to frontend * remove daft Within check * hack around a bit * use index of slice
2022-05-23[docs] document a checklist for how to go about a release (#592)Libravatar Mina Galić1
This is the way. well, my recommendations, anyway.
2022-05-23[bugfix] Fix `error extracting status content: no content found` (#598)Libravatar tobi4
* don't return error if no content found in Activity * add test for content extraction * go fmt
2022-05-23[bugfix] If status URL is empty, use URI instead and don't log unnecessary ↵Libravatar tobi3
error (#597) * test parse status with no URL * if no status URL is available, use the URI instead
2022-05-23[security] Check all involved IRIs during block checking (#593)Libravatar tobi9
* tidy up context keys, add otherInvolvedIRIs * add ReplyToable interface * skip block check if we own the requesting domain * add block check for other involved IRIs * use cacheable status fetch * remove unused ContextActivity * remove unused ContextActivity * add helper for unique URIs * check through CCs and clean slice * add GetAccountIDForStatusURI * add GetAccountIDForAccountURI * check blocks on involved account * add statuses to tests * add some blocked tests * go fmt * extract Tos as well as CCs * test PostInboxRequestBodyHook * add some more testActivities * deduplicate involvedAccountIDs * go fmt * use cacheable db functions, remove new functions
2022-05-23[docs] Add Caddy instructions to the documentation (#594)Libravatar Martijn de Boer2
* Add instructions for working with Caddy 2 Add instructions for working with Caddy 2. Some texts are duplicated from the NGINX part (mainly the configuration part, about systemctl). * Add new Caddy docs to mkdocs.yml Adds the new Caddy document to the document tree * Remove up and downstream headers from configuration Removed the header statements for the proxy, as proxying those are transparant. Kept the flush_interval directive, disabling the response buffer completely so we can write without delays. * Update caddy.md Corrects the opening link * Apply comments mentioned in PR @igalic mentioned a few comments to improve these docs. I've processed those in this PR.
2022-05-20[feature] implement custom_emojis endpoint (#563)Libravatar Adelie Paull11
* implement custom_emojis api endpoint * add tests for getting custom emoji out of the database and converting to api emoji * change sort direction of emoji query * change logging level and initialize array with known length as per kim's suggestions * add continue to lessen risk of making a malformed struct during conversion from db to api emojis
2022-05-18[bugfix] Stop some statuses from being home timelined when they shouldn't be ↵Libravatar tobi2
(#585) * recursively check timelineability of parent status * check following status creator * add tests for hometimelineability (whew) * add test with mix of public + unlocked vis
2022-05-18[bugfix] Clean up boosts of status when the status itself is deleted (#579)Libravatar tobi4
* move status wiping logic to fromcommon.go * delete reblogs of status when a status is deleted * add admin boost of zork to test model * update tests to make them more determinate * Merge branch 'main' into status_reblog_cleanup * move status wiping logic to fromcommon.go * delete reblogs of status when a status is deleted * add admin boost of zork to test model * update tests to make them more determinate * Merge branch 'main' into status_reblog_cleanup * test status delete via client api * go fmt
2022-05-18[performance] Add further indexes to mitigate laggy queries (#586)Libravatar tobi236
* start adding more indexes as a migration * update sqlite version
2022-05-16[chore] Timeline test updates (#578)Libravatar tobi5
* add admin boost of zork to test model * update tests to make them more determinate * remove printf call
2022-05-16testrig: override bind address from environment variable (#577)Libravatar f0x521
2022-05-16[feature] Basic config validation (#562)Libravatar tobi7
* add optional config validation * clarify that host and protocol are required * add validation for host and protocol * pass prerunArgs as a struct (validate by default)
2022-05-16[docs] Mention `AmbientCapabilities=CAP_NET_BIND_SERVICE` in example systemd ↵Libravatar ugla1
service (#576)
2022-05-15[feature] Unused avatar and header cleanup (#574)Libravatar tobi17
* rename + tidy up remote pruning * fix media attachment account join see https://bun.uptrace.dev/guide/golang-orm.html#table-relationships * update logging to new function name * add get avatars and headers to bun * add pruneallmeta function * don't set uncached since we're deleting anyway * fix totalPruned being in wrong place * test pruning meta * go fmt ./... * rename mediaprune * add meta pruning to routine mediaprune * tidy up cleanup job scheduling * rename adminmediaremoteprune * update mediacleanup to use renamed prune func * update swagger docs a little bit * reuse cancel + context
2022-05-15[feature] Media cleanup endpoint (#560)Libravatar Sashanoraa8
Adds an admin endpoint to trigger a remote media cleanup. Fixed #348 Signed-off-by: Sashanoraa <sasha@noraa.gay>
2022-05-15[documentation] Nlnet application (#572)Libravatar tobi2
* add README.md for archive folder * start work on funding application * big updates to the nlnet document * always require http signatures * update budget * wording edits
2022-05-15[accessibility] Add description for the pinafore logo (#568)Libravatar OniriCorpe1
Co-authored-by: tobi <31960611+tsmethurst@users.noreply.github.com>
2022-05-15[security] transport.Controller{} and transport.Transport{} security and ↵Libravatar kim61
performance improvements (#564) * cache transports in controller by privkey-generated pubkey, add retry logic to transport requests Signed-off-by: kim <grufwub@gmail.com> * update code comments, defer mutex unlocks Signed-off-by: kim <grufwub@gmail.com> * add count to 'performing request' log message Signed-off-by: kim <grufwub@gmail.com> * reduce repeated conversions of same url.URL object Signed-off-by: kim <grufwub@gmail.com> * move worker.Worker to concurrency subpackage, add WorkQueue type, limit transport http client use by WorkQueue Signed-off-by: kim <grufwub@gmail.com> * fix security advisories regarding max outgoing conns, max rsp body size - implemented by a new httpclient.Client{} that wraps an underlying client with a queue to limit connections, and limit reader wrapping a response body with a configured maximum size - update pub.HttpClient args passed around to be this new httpclient.Client{} Signed-off-by: kim <grufwub@gmail.com> * add httpclient tests, move ip validation to separate package + change mechanism Signed-off-by: kim <grufwub@gmail.com> * fix merge conflicts Signed-off-by: kim <grufwub@gmail.com> * use singular mutex in transport rather than separate signer mus Signed-off-by: kim <grufwub@gmail.com> * improved useragent string Signed-off-by: kim <grufwub@gmail.com> * add note regarding missing test Signed-off-by: kim <grufwub@gmail.com> * remove useragent field from transport (instead store in controller) Signed-off-by: kim <grufwub@gmail.com> * shutup linter Signed-off-by: kim <grufwub@gmail.com> * reset other signing headers on each loop iteration Signed-off-by: kim <grufwub@gmail.com> * respect request ctx during retry-backoff sleep period Signed-off-by: kim <grufwub@gmail.com> * use external pkg with docs explaining performance "hack" Signed-off-by: kim <grufwub@gmail.com> * use http package constants instead of string method literals Signed-off-by: kim <grufwub@gmail.com> * add license file headers Signed-off-by: kim <grufwub@gmail.com> * update code comment to match new func names Signed-off-by: kim <grufwub@gmail.com> * updates to user-agent string Signed-off-by: kim <grufwub@gmail.com> * update signed testrig models to fit with new transport logic (instead uses separate signer now) Signed-off-by: kim <grufwub@gmail.com> * fuck you linter Signed-off-by: kim <grufwub@gmail.com>
2022-05-15[chore] Update LE server to use copy of main http.Server{} to maintain ↵Libravatar kim1
server timeouts etc (#571) * update LE server to use copy of main HTTP server to maintain server timeouts etc Signed-off-by: kim <grufwub@gmail.com> * shutup linter Signed-off-by: kim <grufwub@gmail.com>
2022-05-13[bugfix] update syslog tests to listen/connect specifically to ipv4 loopback ↵Libravatar kim2
(#561) Signed-off-by: kim <grufwub@gmail.com>
2022-05-12[bugfix] Fix server trying to listen twice on same address when l.e. enabled ↵v0.3.3Libravatar tobi1
(#557)
2022-05-11[bugfix] Add account raw note fix (#556)Libravatar tobi2
* hack the latest migration to fix psql issue * add new migration to fix previous migration * adjust query
2022-05-11[documentation] Admin Panel installation + usage (#552)Libravatar f0x522
* admin panel documentation * wrap link so it's clickable * format img so it works with mkdocs serve Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2022-05-09[Documentation] tidy docker-compose docs, add note about uid/gid (#551)Libravatar tobi1
2022-05-09[feature] Include password strength in error message when password strength ↵Libravatar Eamonn O'Brien-Strain4
is too low (#550) * When password validation fails, return how close to enough entropy it has. * Shorter version of low-strength password error message
2022-05-08[bugfix] Fix remote media pruning failing if media already gone (#548)Libravatar tobi50
* fix error check of prune to allow missing files * update go-store library, add test for pruning item with db entry but no file Signed-off-by: kim <grufwub@gmail.com> * remove now-unneccessary error check Signed-off-by: kim <grufwub@gmail.com> Co-authored-by: kim <grufwub@gmail.com>
2022-05-07[bugfix] Fix existing bio text showing as HTML (#531)Libravatar kim16
* fix existing bio text showing as HTML - updated replaced mentions to include instance - strips HTML from account source note in Verify handler - update text formatter to use buffers for string writes Signed-off-by: kim <grufwub@gmail.com> * go away linter Signed-off-by: kim <grufwub@gmail.com> * change buf reset location, change html mention tags Signed-off-by: kim <grufwub@gmail.com> * reduce FindLinks code complexity Signed-off-by: kim <grufwub@gmail.com> * fix HTML to text conversion Signed-off-by: kim <grufwub@gmail.com> * Update internal/regexes/regexes.go Co-authored-by: Mina Galić <mina.galic@puppet.com> * use improved html2text lib with more options Signed-off-by: kim <grufwub@gmail.com> * fix to produce actual plaintext from html Signed-off-by: kim <grufwub@gmail.com> * fix span tags instead written as space Signed-off-by: kim <grufwub@gmail.com> * performance improvements to regex replacements, fix link replace logic for un-html-ing in the future Signed-off-by: kim <grufwub@gmail.com> * fix tag/mention replacements to use input string, fix link replace to not include scheme Signed-off-by: kim <grufwub@gmail.com> * use matched input string for link replace href text Signed-off-by: kim <grufwub@gmail.com> * remove unused code (to appease linter :sobs:) Signed-off-by: kim <grufwub@gmail.com> * improve hashtagFinger regex to be more compliant Signed-off-by: kim <grufwub@gmail.com> * update breakReplacer to include both unix and windows line endings Signed-off-by: kim <grufwub@gmail.com> * add NoteRaw field to Account to store plaintext account bio, add migration for this, set for sensitive accounts Signed-off-by: kim <grufwub@gmail.com> * drop unnecessary code Signed-off-by: kim <grufwub@gmail.com> * update text package tests to fix logic changes Signed-off-by: kim <grufwub@gmail.com> * add raw note content testing to account update and account verify Signed-off-by: kim <grufwub@gmail.com> * remove unused modules Signed-off-by: kim <grufwub@gmail.com> * fix emoji regex Signed-off-by: kim <grufwub@gmail.com> * fix replacement of hashtags Signed-off-by: kim <grufwub@gmail.com> * update code comment Signed-off-by: kim <grufwub@gmail.com> Co-authored-by: Mina Galić <mina.galic@puppet.com>