| Age | Commit message (Collapse) | Author | Files |
|---|
|
* mobile css tweaks
* bulk process list mobile css
|
|
* [feature] Provide .well-known/host-meta endpoint
This adds the host-meta endpoint as Mastodon clients use this to
discover the API domain to use when the host and account domains aren't
the same.
* Address review comments
|
|
When we receive an HTTP 410 on webfinger it means the resource we asked
for (the account) is gone, but the endpoint itself responded. In such
cases we want to treat the request as successful from a cache (renewal)
point of view, while still returning an error from Finger.
Follow-up for #1588
|
|
* slight refactor and improved logging on failed webfinger in enrichAccount()
* use correct log format directive
---------
Signed-off-by: kim <grufwub@gmail.com>
|
|
* [feature] Discover webfinger through host-meta
This implements a fallback for discovering the webfinger endpoint in
case the /.well-known/webfinger endpoint wasn't properly redirected.
Some instances do this because the recommendation used to be to use
host-meta for the webfinger redirect in the before times.
Closes #1558.
* [bug] Ensure we only ever update cache on success
* [chore] Move finger tests to their own place
This adds a test suite for transport and moves the finger cache tests
into there instead of abusing the search test suite.
* [chore] cleanup the test a bit more
We don't really need a separate function for the oddly located webfinger
response as we check the full URL string anyway
* Address review comments
* [chore] update config example
* [chore] access DB only through state in controller
|
|
* [chore] Update bun from 1.1.10 -> 1.1.12
* [chore] bump modernc/sqlite 1.20.4 -> 1.21.0
|
|
* add error value wrapping, include status code / not found flags from transport errors, update error usages
Signed-off-by: kim <grufwub@gmail.com>
* add code commenting for gtserror functions
Signed-off-by: kim <grufwub@gmail.com>
---------
Signed-off-by: kim <grufwub@gmail.com>
|
|
* Add go-playground/form pkg
* [feature] Add support for profile fields
* Add field attributes test
* Validate profile fields form
* Add profile field validation tests
* Add Field Attributes definition to swagger
---------
Co-authored-by: tobi <31960611+tsmethurst@users.noreply.github.com>
|
|
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.17.2 to 4.18.1.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/v4.18.1/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.17.2...v4.18.1)
---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v4
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.5.0...v0.6.0)
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0)
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.7.0...v0.8.0)
---
updated-dependencies:
- dependency-name: golang.org/x/text
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
This changes the config action to print the config in a more human
readable format, indented by 4 spaces and with newlines.
Thanks to this, we can now reasonably construct some JSON in the
envparsing shell script, without needing utilities like jd. It does
assume cat is available in order to not change the shebang to bash.
With the expected JSON now being one key per line it should make it much
easier for multiple PRs that change something around config not to
collide in merge conflicts.
|
|
Currently, GtS only supports using the built-in LE client directly for
TLS. However, admins may still want to use GtS directly (so without a
reverse proxy) but with certificates provided through some other
mechanism. They may have some centralised way of provisioning these
things themselves, or simply prefer to use LE but with a different
challenge like DNS-01 which is not supported by autocert.
This adds support for loading a public/private keypair from disk instead
of using LE and reconfigures the server to use a TLS listener if we
succeed in doing so.
Additionally, being able to load TLS keypair from disk opens up the path
to using a custom CA for testing purposes avoinding the need for a
constellation of containers and something like Pebble or Step CA to
provide LE APIs.
|
|
Signed-off-by: kim <grufwub@gmail.com>
|
|
* replace concurrency worker pools with base models in State.Workers, update code and tests accordingly
* add media attachment caching, slightly tweak default cache config
* further tweak default cache config values
* replace other media attachment db calls to go through cache
* update envparsing test
* fix delete media attachment sql
* fix media sql query
* invalidate cached media entries during status create / update
* fix envparsing test
* fix typo in panic log message...
* add 'updated_at' column during UpdateAttachment
* remove unused func
---------
Signed-off-by: kim <grufwub@gmail.com>
|
|
|
|
* [bugfix] Clamp report limit <1 to 100
* add + update tests
|
|
And also fix unpinning/pinning potentially leaking the ID of followers-only statuses through returning 422 instead of 404.
Also tests!
|
|
ErrAlreadyExists (#1581)
Signed-off-by: kim <grufwub@gmail.com>
|
|
|
|
* Advertise rich text formats, support content_type field
* Update JSON in instance patch tests
* Replace format with content_type everywhere
* update migration to work with both pg and sqlite
* regenerate swagger docs
* update instance serialization + tests
* fix up
* learn to code tobi please, i'm begging you
---------
Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
|
|
* replace concurrency worker pools with base models in State.Workers, update code and tests accordingly
* improve code comment
* change back testrig default log level
* un-comment-out TestAnnounceTwice() and fix
---------
Signed-off-by: kim <grufwub@gmail.com>
Reviewed-by: tobi
|
|
* start fiddling
* the ol' fiddle + update
* start working on fetching statuses
* poopy doopy doo where r u uwu
* further adventures in featuring statuses
* finishing up
* fmt
* simply status unpin loop
* move empty featured check back to caller function
* remove unnecessary log.WithContext calls
* remove unnecessary IsIRI() checks
* add explanatory comment about status URIs
* change log level to error
* better test names
|
|
(#1576)
* simply use storage.Storage, removing wrapping KVStore as we don't need KV store locking functionality
Signed-off-by: kim <grufwub@gmail.com>
* fix missing unwrapped function
Signed-off-by: kim <grufwub@gmail.com>
* add code comment
Signed-off-by: kim <grufwub@gmail.com>
* linter, please take my offering in peace
Signed-off-by: kim <grufwub@gmail.com>
---------
Signed-off-by: kim <grufwub@gmail.com>
|
|
This attempts to provide a slightly more comprehensive error message for
the end user when an incorrect grant type is used. This is not something
the user can typically resolve but should hopefully be informative for
the (client) developer.
|
|
|
|
|
|
Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.50 to 1.1.51.
- [Release notes](https://github.com/miekg/dns/releases)
- [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release)
- [Commits](https://github.com/miekg/dns/compare/v1.1.50...v1.1.51)
---
updated-dependencies:
- dependency-name: github.com/miekg/dns
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
This checks if jd is availalbe and if so uses that to create the diff
instead. jd can tell you at which (nested) key the values are differing
which makes for more human friendly output.
|
|
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.4.0...v0.5.0)
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.48 to 7.0.49.
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.48...v7.0.49)
---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
This updates the Dockerfile to use the latest image versions for all the
containers that are used when building the final GTS container.
|
|
This adds a dummy testrig subcommand when we're not building with DEBUG
set. Now any invocation of gotosocial testrig, plain or with any kind of
subcommands or arguments will result in that error message getting
returned.
|
|
In order to get testrig we have to build with the debugenv tag and run
with the DEBUG environment variable. Since this is a Debug build this
also updates the launch configuration name to reflect that.
We do not build with `-ldflags="-s -w"` since that strips debug info.
This makes it possible to launch GtS from VS Code in debug mode, set
breakpoints in the editor etc.
|
|
This removes the current default of checking for membership of the admin
or admins group and makes it required to explicitly configure which
groups should grant admin access, if any.
Relying on the implicit default of admin or admins is potentially
dangerous as that group may contain a different subset of people that we
may wish to grant admin access to GtS. This is probably not an issue for
a single-person instance, but for a community instance different admin
groups may exist in an OIDC provider for different applications.
I'm explicitly opting for not defaulting the value of oidc-admin-groups
to admin,admins because I think it's better for those things to be
explicitly configured.
|
|
* implement status pin client api + web handler
* make test names + comments more descriptive
* don't use separate table for status pins
* remove unused add + remove checking
* tidy up + add some more tests
|
|
|
|
* [bugfix] Delete bookmark when status deleted
* [chore] Give bookmark processing func some love
* fix paging + embetter tests
|
|
This changes parseDescription to properly encode things to be safe for
usage without removing things like backslashes that may be relevant.
* text.SanitizePlaintext already calls html.UnescapeString so we don't
have to do that
* Replace \n with space early
* Remove duplicate white-space by splitting on fields and joining
* HTML-escape the string we have
* For extra certainty, encode the backslash as \
Fixes #1549
|
|
* [chore] Deinterface processor and subprocessors
* expose subprocessors via function calls
* missing license header
|
|
|
|
|
|
* [feature] Use Material theme for docs
This changes the theme to use Material with the slate (dark) theme and
the accent colour set to orange. It also replaces the swagger plugin
with one that works correctly with the Material theming.
* Add theme by @f0x52
Co-authored-by: f0x52 <f0x@cthu.lu>
* Enable social cards
The dependencies for cairosvg and pillow can be satisfied on RTD, so
this adds them to our requirements.txt and enables the social plugin.
This generates opengraph and twitter card tags as well as fancy preview
images in GTS colour style for platforms that show that as part of link
previews.
* Update Conda environment.yml
* update theme for swagger, basic light theme option
* dark mode mobile header bg color
---------
Co-authored-by: f0x52 <f0x@cthu.lu>
|
|
|
|
* Change account role from string to object
* Update tests
* small fixes + swagger docs
---------
Co-authored-by: zowhoey <11893985+zowhoey@users.noreply.github.com>
|
|
* about page basics
* more info, styling
* update emoji sizing on about page contact card
|
|
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.5.0...v0.6.0)
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
some cases (#1534)
* Tidy up emoji parsing on profile submission
Don't bother reparsing for emoji unless one of the fields that can have
emoji in it has changed.
Deduplicate emoji between the display name and profile note - I'm not
sure whether this was hurting anything, but better safe.
* Deduplicate emoji when parsing remote accounts
Some servers - Misskey at least - don't deduplicate emoji, so it's
possible to get an account which has the same emoji used in both the
display name and note and therefore includes that emoji twice in its
metadata. When we start trying to put those into our database, we run
into a uniqueness constraint and fall over.
This change just deduplicates at the point of construction of an
account.
|
|
|
f0x52
Daenney
kim
tobi
zowhoey
dependabot[bot]
Vyr Cossont
Sam Lade