1
0
Fork 0
forked from gitea/nas
Commit graph

1415 commits

Author SHA1 Message Date
KMY
8361a857ff Merge commit 'e6591bf322' into kb-draft-15.13-lts 2025-05-07 07:51:35 +09:00
Claire
6d46225718
Merge commit from fork
* Check scheme in account and post links

* Harden media attachments

* Client-side mitigation

* Client-side mitigation for media attachments
2025-05-06 15:02:13 +02:00
Claire
e6a6c26c36 Remove double-query for signed query strings (#34610) 2025-05-05 18:48:39 +02:00
KMY
97647cbbc0 Merge remote-tracking branch 'parent/stable-4.3' into kb-draft-15.12-lts 2025-04-03 06:38:45 +09:00
Claire
d9fb61f305 Change account suspensions to be federated to recently-followed accounts as well (#34294) 2025-03-31 15:38:00 +02:00
Claire
6af733d1d8 Change AccountReachFinder to consider statuses based on suspension date (#34291) 2025-03-31 15:38:00 +02:00
Matt Jankowski
29eae75ca0 Define constants for sampling sizes in AccountReachFinder (#32805) 2025-03-31 15:38:00 +02:00
Claire
4cb3fe35be Fix handling of malformed/unusual HTML (#34201) 2025-03-31 15:38:00 +02:00
KMY
3eead356e7 Merge commit 'c1f398ae93' into kb-draft-15.9-lts 2025-02-28 09:14:02 +09:00
Claire
679e7555ee Fix filtering for lists (#33842) 2025-02-25 17:11:09 +01:00
Claire
452153d55d Optimize timeline generation (#33839) 2025-02-25 17:11:09 +01:00
Claire
b32a67ff74 Fix tootctl feeds build not building list timelines (#33783) 2025-02-25 17:11:09 +01:00
Claire
6e906884cf Fix missing timeout options in Request class (#33769) 2025-02-25 17:11:09 +01:00
Claire
317715254f Fix incorrect signature after HTTP redirect (#33757) 2025-02-25 17:11:09 +01:00
Claire
17695ace33 Fix featured tags for remote accounts not being kept up to date (#33372) 2025-02-25 17:11:09 +01:00
Claire
f24b0e9505 Fix exclusive lists interfering with notifications (#28162) 2025-02-25 17:11:09 +01:00
KMY
be6dc25206 Merge commit 'faed9bf9f1' into kb-draft-15.8-lts 2025-01-16 23:10:39 +09:00
Claire
3a4242ce01
Merge commit from fork 2025-01-16 11:10:08 +01:00
KMY
a6a237bc8e Merge commit '13ab4b54e2' into upstream-20241204-15 2024-12-04 08:37:37 +09:00
KMY(雪あすか)
44bd33a3f4
Fix: フレンドサーバー申請時、ドメインを偽装して無関係のInboxを指定できる脆弱性 (#933) 2024-12-04 08:15:13 +09:00
Claire
3f0d90f019 Fix inactive users' timelines being backfilled on follow and unsuspend (#33094) 2024-12-02 16:20:32 +01:00
Claire
15e1a63e4a Fix direct inbox delivery pushing posts into inactive followers' timelines (#33067) 2024-12-02 16:20:32 +01:00
Eugen Rochko
0720ef5f62 Fix min_id and max_id causing error in search API (#32857) 2024-12-02 16:20:32 +01:00
Hugo Gameiro
dd0992b25d Fix and improve batch attachment deletion handling when using OpenStack Swift (#32637) 2024-12-02 16:20:32 +01:00
KMY
fbd8709c65 Merge remote-tracking branch 'parent/stable-4.3' into kb-draft-15.4-lts 2024-10-21 20:07:10 +09:00
kenkiku1021
304e440f88 add SWIFT object storage uri to CSP media hosts (#32439)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-10-15 17:37:14 +02:00
KMY
cc857e57c6 Merge remote-tracking branch 'parent/stable-4.3' into upstream-20241005 2024-10-05 09:02:38 +09:00
Matt Jankowski
74291dfb77 Remove unneeded reorder(nil) conditions (#32200) 2024-10-04 17:48:03 +02:00
Matt Jankowski
f07707a9bb Extract WebPushRequest from push notification worker and subscription (#32208) 2024-10-04 17:48:03 +02:00
Jeong Arm
b8fdffe824 Ignore error if mentioned account was not processable (#29215)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-10-04 17:48:03 +02:00
KMY(雪あすか)
294acdfd94
Change: #844 searchableByに意図しない値が入っていたときの挙動 (#862) 2024-10-02 08:22:30 +09:00
KMY
133a263f79 Merge remote-tracking branch 'parent/main' into upstream-20241001 2024-10-01 08:13:23 +09:00
Claire
513f187daf
Add “A Mastodon update is available.” message on admin dashboard for non-bugfix updates (#32106) 2024-09-26 19:27:57 +00:00
KMY
c905714459 Merge remote-tracking branch 'parent/main' into upstream-20240926 2024-09-26 08:29:41 +09:00
Renaud Chaput
3dc4ddc663
Fix search params being dropped when redirected to non-deck path (#31984) 2024-09-25 13:35:37 +00:00
André Menrath
556837f156
Fix the summary of converted object types to be treated as HTML (#28629) 2024-09-24 15:57:53 +00:00
Eugen Rochko
aaab6b7adc
Add reblogs and favourites counts to statuses in ActivityPub (#32007) 2024-09-23 13:14:15 +00:00
Claire
7ed9c590b9
Fix issue when encountering reblog of deleted post in feed rebuild (#32001) 2024-09-20 14:58:06 +00:00
Claire
8afa3bb2fa
Change Mastodon to issue correctly-signed queries by default (#31994) 2024-09-20 10:10:09 +00:00
Matt Jankowski
5405bdd344
Remove unused E2EE messaging code (#31193) 2024-09-18 09:27:43 +00:00
KMY
fc9d27ff91 Merge remote-tracking branch 'parent/main' into upstream-20240913 2024-09-13 10:31:48 +09:00
Taylor Chaparro
1b6a82b799
Fix invalid date searches returning 503 (#31526) 2024-09-12 13:40:20 +00:00
Claire
a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive (#26897) 2024-09-12 13:24:19 +00:00
Claire
c35ea59ee6
Fix security context sometimes not being added in LD-Signed activities (#31871) 2024-09-12 12:58:12 +00:00
David Roetzel
ab763c493f
Ignore undefined as canonical url (#31882) 2024-09-12 11:14:42 +00:00
Matt Jankowski
da07adfe6c
Add CustomEmoji.enabled scope (#31830) 2024-09-10 13:21:40 +00:00
KMY
a94959a35f Fix account searchability 2024-09-10 07:25:17 +09:00
KMY
91a2dc81c4 Fix: LD Signaturesで署名された投稿の検索許可(検索範囲)が改竄できる問題 2024-09-10 06:51:26 +09:00
Mike Dalessio
a0ea2fa3b0
Change fetch link card service to parse as HTML5 (#31814) 2024-09-09 10:59:42 +00:00
KMY
218cb37fe3 Merge remote-tracking branch 'parent/main' into upstream-20240906 2024-09-09 08:47:15 +09:00