gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
17905 commits 22 branches 90 tags 309 MiB
Commit graph

1969 commits

Author SHA1 Message Date
KMY
6ba77a9feb Merge remote-tracking branch 'parent/stable-4.2' into kb-draft-5.18-lts 2024-02-24 08:38:12 +09:00
Claire
f3ad918950
Fix processing of Link objects in Image objects (#29363) 2024-02-23 09:53:04 +01:00
Claire
9a7802655f
Fix link verifications when page size exceeds 1MB (#29361) 2024-02-22 19:12:53 +01:00
Claire
328a9b8157
Change registrations to be disabled by default for new servers (#29353) 2024-02-22 18:15:59 +01:00
Claire
28b666b0d5
Automatically switch from open to approved registrations in absence of moderators (#29337) 2024-02-22 14:39:42 +01:00
KMY
e8c1a13dd4 Fix test 2024-02-16 21:53:19 +09:00
KMY
f6588fe079 Merge commit '0e4e98fad1' into kb_lts 2024-02-16 20:30:06 +09:00
Claire
15de520201
Merge pull request from GHSA-jhrq-qvrm-qr36 
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
 2024-02-16 11:56:12 +01:00
Claire
f0a1dc1f1e Fix user creation failure handling in OAuth paths (#29207) 2024-02-15 08:54:59 +09:00
Claire
35f830b7ec Fix OmniAuth tests (#29201) 2024-02-15 08:44:37 +09:00
KMY
9190f53d7b Merge commit '7c8ca0c6d6' into kb-draft-5.16-lts 2024-02-15 08:15:29 +09:00
KMY(雪あすか)
d9b9e66bb5 Fix: リモートアカウント情報のNgWord検査でNULLが出る問題 (#541) 
* Fix: リモートアカウント情報のNgWord検査でNULLが出る問題

* Add test
 2024-02-15 08:15:11 +09:00
Claire
870ee80fd3 Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 22:55:31 +01:00
Claire
76a37bd040 Fix OmniAuth tests (#29201) 2024-02-14 16:06:38 +01:00
Claire
f1700523f1
Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-14 15:16:07 +01:00
Claire
0b0c7af2c1
Merge pull request from GHSA-7w3c-p9j8-mq3x 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
 2024-02-14 15:15:34 +01:00
Emelia Smith
6d43b63275 Disable administrative doorkeeper routes (#29187) 2024-02-14 11:03:21 +01:00
KMY
088c8482ff Fix: リモートからの参照を無限に受け入れる問題 2024-02-02 09:19:01 +09:00
KMY
8a306337e5 Merge remote-tracking branch 'parent/stable-4.2' into kb-draft-5.15-lts 2024-02-02 07:34:42 +09:00
Claire
a6641f828b
Merge pull request from GHSA-3fjr-858r-92rw 
* Fix insufficient origin validation

* Bump version to v4.2.5
 2024-02-01 15:56:46 +01:00
KMY
1d42b6b82f Merge remote-tracking branch 'parent/stable-4.2' into kb-draft-5.14-lts 2024-01-25 07:45:24 +09:00
Claire
b377f82b1d Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-24 15:31:13 +01:00
Claire
6fe2a47357 Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-24 15:31:13 +01:00
Claire
3837ec2227 Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-24 15:31:13 +01:00
Claire
1998c561b2 Convert signature verification specs to request specs (#28443) 2024-01-24 15:31:13 +01:00
Claire
c0a9db3611 Fix potential redirection loop of streaming endpoint (#28665) 2024-01-24 15:31:13 +01:00
Eugen Rochko
4d96d716c4 Fix unsupported time zone or locale preventing sign-up (#28035) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-24 15:31:13 +01:00
MitarashiDango
0a01bc01d2 Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-24 15:31:13 +01:00
KMY(雪あすか)
eb280d93a9 Fix: ドメインブロックがOutboxにおいて動作しない問題 (LTS) 2024-01-24 21:35:54 +09:00
KMY
4a5f0f9259 Remove: reject_send_mediaも削除 2024-01-11 08:32:59 +09:00
KMY
4f6d89f161 Fix test 2024-01-10 18:59:25 +09:00
KMY
5ba8141df9 Remove: #372 削除予定のドメインブロック項目をいったん削除 2024-01-10 18:46:14 +09:00
KMY
4b10bf23ab Remove: SidekiqHealthScheduler 2024-01-09 18:38:04 +09:00
KMY
06123147d5 Fix: アンテナに登録された投稿がアンテナ削除時Redisから削除されない問題 (#417) 
* Fix: アンテナに登録された投稿がRedisから削除されない問題

* Fix test

* Tootctlに変更

* 処理を共通化
 2024-01-04 15:32:58 +09:00
Claire
d7875adad2
Fix call to inefficient delete_matched cache method in domain blocks (#28367) 2023-12-19 11:27:37 +01:00
KMY(雪あすか)
5cce294953 Fix: #284 FetchInstanceInfoWorkerが原因でSidekiqのJobが詰まる問題 (#342) 
* Fix: #284 `FetchInstanceInfoWorker`が原因でSidekiqのJobが詰まる問題

* Fix: InstanceInfoを取得するタイミング

* Fix test

* Fix test

* Fix: HTTPコード

* 調整
 2023-12-12 09:54:29 +09:00
KMY
9310c1c81b Merge remote-tracking branch 'parent/stable-4.2' into upstream-4.2.2-lts 2023-12-05 09:05:29 +09:00
Claire
1076a6cd62 Fix incoming status creation date not being restricted to standard ISO8601 (#27655) 2023-12-04 15:28:15 +01:00
Claire
54a07731d1 Fix posts from threads received out-of-order sometimes not being inserted into timelines (#27653) 2023-12-04 15:28:15 +01:00
Claire
e6f4c91c5c Fix hashtag matching pattern matching some URLs (#27584) 2023-12-04 15:28:15 +01:00
Claire
c66ade7de8 Fix processing LDSigned activities from actors with unknown public keys (#27474) 2023-12-04 15:28:15 +01:00
Claire
bece853e3c Fix error and incorrect URLs in /api/v1/accounts/:id/featured_tags for remote accounts (#27459) 2023-12-04 15:28:15 +01:00
Claire
13205b54fd Fix handling of inLanguage attribute in preview card processing (#27423) 2023-12-04 15:28:15 +01:00
KMY(雪あすか)
8be33d4316 Fix when unfollow a tag, my post also disappears from the home timeline (#27391) 2023-12-04 15:28:15 +01:00
Claire
cdedae6d63 Fix some link anchors being recognized as hashtags (#27271) 2023-12-04 15:28:15 +01:00
Claire
aa69ca74ed Fix incorrect serialization of regional languages in contentMap (#27207) 2023-12-04 15:28:15 +01:00
KMY(雪あすか)
8383288219
Change: サークルの送り先アカウント指定方法をaccount_username(Fedibirdと同様)に変更 (#283) (LTS) (#308) 
* Change: サークルの送り先アカウント指定方法を`account_username`(Fedibirdと同様)に変更 (#283)

* Change: サークルの送り先アカウント指定方法を`account_username`(Fedibirdと同様)に変更

* Test: テストを追加

* Maybe Fix: Fedibirdで自分限定と認識される問題

* Fix test
 2023-11-28 12:54:03 +09:00
Claire
eea2654236
Fix format-dependent redirects being cached regardless of requested format (#27634) 2023-11-13 17:58:00 +01:00
KMY(雪あすか)
e6ad0ec41a Merge pull request from GHSA-c7p6-c688-fhgp 
* FixSec: スタンプを経由してカスタム絵文字のデータを改竄できる問題

* Fix: 相乗り絵文字が受け取れない問題とテスト

* Change: 相乗りスタンプは常にオリジナルの情報を参照

* Fix: uriまで偽装した場合に対応
 2023-10-26 08:45:34 +09:00
KMY
c485044a1e Test: #166 リモートから自分の絵文字を受け取った時、ライセンスが上書きされないことを確認するテスト 2023-10-26 08:45:34 +09:00