Commit Graph

1532 Commits

Author SHA1 Message Date
dependabot[bot]
d9127f5630
[chore]: Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 (#2507)
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:30:01 +00:00
kim
10660e566d
[bugfix] misc dereferencer fixes (#2475)
* only perform status-up-to-date checks if no statusable has been provided

* copy over the same style of freshness checking from status deref -> accounts

* change some var names

* check for empty account domain
2024-01-09 10:42:39 +01:00
tobi
7cce1a7cc6
[bugfix] Outdent placeholder from <aside> when returning unknown media attachments (#2485)
* [bugfix] Outdent placeholder from `<aside>`

* visually separate placeholder note from body

* fix test
2024-01-09 10:41:32 +01:00
tobi
aad3384c98
[feature] Log pubKeyID for http-signed requests (#2501) 2024-01-09 10:41:15 +01:00
dependabot[bot]
022bfda52a
[chore]: Bump golang.org/x/image from 0.14.0 to 0.15.0 (#2506)
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/image/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/image
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:40:59 +01:00
dependabot[bot]
f0c3533862
[chore]: Bump github.com/tdewolff/minify/v2 from 2.20.9 to 2.20.12 (#2509)
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.20.9 to 2.20.12.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.20.9...v2.20.12)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:40:38 +01:00
tobi
72d0f46b0b
[feature] Allow webp emoji uploads / derefs (#2484) 2024-01-05 13:39:53 +01:00
tobi
d5e3996a18
[feature] Parse instance descriptors as markdown, show T&C on /about (#2481)
* [feature] Parse instance descriptors as markdown, show T&C on /about

* lint

* remove unnecessary nullzero tags
2024-01-05 13:39:31 +01:00
kim
511ad97fe7
[bugfix] fix check for closed poll to account for non-zero closed time but in the future (#2486) 2024-01-03 18:42:58 +01:00
dependabot[bot]
0cb1dd493c
[chore]: Bump github.com/minio/minio-go/v7 from 7.0.65 to 7.0.66 (#2467)
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.65 to 7.0.66.
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.65...v7.0.66)

---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>
2024-01-03 10:34:54 +00:00
kim
31481fad35
[bugfix] increases sleep time before check in throttle test, to give more leeway (#2482) 2024-01-03 10:27:55 +00:00
Daenney
a15415b1a2
[docs] Describe how to block IPs using a firewall (#2459)
* [docs] Describe how to block IPs using a firewall

This adds some documentation on how to block one, multiple or whole IP
ranges using the firewall. This can be helpful to protect from DDoS
attacks or block certain parties from being able to communicate with
your instance at all.

* [docs] Fix indenting of nft rule

* [docs] Split iptables and nftables into sections
2024-01-03 10:14:38 +00:00
dependabot[bot]
3ab6214449
[chore]: Bump github.com/jackc/pgx/v5 from 5.5.0 to 5.5.1 (#2468)
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.5.0 to 5.5.1.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.0...v5.5.1)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:03:16 +00:00
dependabot[bot]
d685e86432
[chore]: Bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2469)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:03:06 +00:00
dependabot[bot]
0e56867d8b
[chore]: Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#2478)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:02:49 +00:00
dependabot[bot]
ed1a656be9
[chore]: Bump modernc.org/sqlite from 1.27.0 to 1.28.0 (#2470)
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.27.0 to 1.28.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:01:54 +00:00
tobi
0ff52b71f2
[chore] Refactor HTML templates and CSS (#2480)
* [chore] Refactor HTML templates and CSS

* eslint

* ignore "Local"

* rss tests

* fiddle with OG just a tiny bit

* dick around with polls a bit more so SR stops saying "clickable"

* remove break

* oh lord

* don't lazy load avatar

* fix ogmeta tests

* clean up some cruft

* catch remaining calls to c.HTML

* fix error rendering + stack overflow in tag

* allow templating attributes

* fix indent

* set aria-hidden on status complementary content, since it's already present in the label anyway

* tidy up templating calls a little

* try to make styling a bit more consistent + readable

* fix up some remaining CSS issues

* fix up reports
2023-12-27 11:23:52 +01:00
kim
97a1fd9a29
[bugfix] 😇 (#2476) 2023-12-18 16:40:29 +00:00
kim
8ebb7775a3
[feature] request blocking by http headers (#2409) 2023-12-18 14:18:25 +00:00
Sam Lade
07bd848028
fix poll total vote double count (#2464) 2023-12-16 19:12:25 +00:00
Sam Lade
285d55dda8
[feature] Push status edit messages into open streams (#2418)
* push status edit messages into open streams

* fix a few comments

* test++

* commented out code? moi?
2023-12-16 12:55:49 +01:00
Daenney
fbe4e60232
[feature] Run ANALYZE after migrations on SQLite (#2428)
* [feature] Run ANALYZE after migrations on SQLite

This ensures that at the end of migrations, we run ANALYZE if we're
using SQLite. This should be relatively quick and guarantees that the
table and index statistics have been updated. This helps to ensure the
query planner makes better choices when it comes to picking which
indexes are used when running queries.

* [chore] use ExecContext

Uses ExecContext so we pass the context through, this is helpful for
anyone running with tracing enabled
2023-12-16 12:54:53 +01:00
kim
d56a8d095e
[performance] simpler throttling logic (#2407)
* reduce complexity of throttling logic to use 1 queue and an atomic int

* use atomic add instead of CAS, add throttling test
2023-12-16 12:53:42 +01:00
OniriCorpe
1312695c46
[docs]: Update FAQ and ROADMAP (#2458)
* Update faq.md

* Update ROADMAP.md

* Add PR links
2023-12-16 12:49:37 +01:00
kim
f4fcffc8b5
[bugfix] use a much shorter refresh limit for statuses with polls (#2453)
* specifically use a much shorter refresh limit for statuses with polls

* allow specifying whether status must be upToDate in calls to Get(Visible)?TargetStatusBy_(), limit force refresh to 5 minute cooldown

* remove the PollID check from statusUpToDate()

* remove unnecessary force flag checks

* remove unused field

* check refresh status error

* use argument name 'refresh' instead of 'upToDate' to better fit with the codebase

* add statuses_poll_id_idx

* remove the definitely-not copy-pasted comment i accidentally typed out in full

* only synchronously refresh if the refresh flag is provided, otherwise do async

* fix wrong force value being provided for async

---------

Co-authored-by: tobi <tobi.smethurst@protonmail.com>
2023-12-15 15:24:39 +01:00
tobi
d0bb8f0973
[bugfix] Let templates deref pointers, as a treat (#2448) 2023-12-12 14:44:54 +00:00
kim
ac48192562
[bugfix] poll vote count fixes (#2444)
* don't drop all vote counts if hideCounts is set, refactors poll option extraction slightly

* omit voters_count when not set

* make voters_count a ptr to ensure it is omit unless definitely needed

* handle case of expires_at, voters_count and option.votes_count being nilable

* faster isNil check

* remove omitempty tags since mastodon API marks things as nullable but still sets them in outgoing json
2023-12-12 13:47:07 +00:00
kim
2191c7dee5
[bugfix] ensure the 'Closing' flag doesn't get cached (#2443) 2023-12-11 12:05:54 +00:00
dependabot[bot]
cd1611362f
[chore]: Bump github.com/KimMachineGun/automemlimit from 0.3.0 to 0.4.0 (#2440)
Bumps [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit) from 0.3.0 to 0.4.0.
- [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/KimMachineGun/automemlimit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:35:15 +00:00
dependabot[bot]
9b03840b42
[chore]: Bump github.com/miekg/dns from 1.1.56 to 1.1.57 (#2439)
Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.56 to 1.1.57.
- [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release)
- [Commits](https://github.com/miekg/dns/compare/v1.1.56...v1.1.57)

---
updated-dependencies:
- dependency-name: github.com/miekg/dns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:09:26 +00:00
dependabot[bot]
cdeba94015
[chore]: Bump golang.org/x/oauth2 from 0.13.0 to 0.15.0 (#2438)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.13.0 to 0.15.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.13.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:01:04 +00:00
dependabot[bot]
a968a03ab8
[chore]: Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 (#2442)
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.7.0 to 3.9.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.7.0...v3.9.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 10:00:24 +00:00
tobi
bca9b2c896
[bugfix] Make screenreaders read out Language of posts properly (#2436)
* [bugfix] Make screenreaders read out Language of posts properly

* make published more readable
2023-12-10 15:06:06 +01:00
tobi
3f070a442a
[bugfix] Narrow search scope for accounts starting with '@'; don't LOWER SQLite text searches (#2435) 2023-12-10 14:15:41 +01:00
tobi
d60edf7ec6
[bugfix] Ensure pre renders as expected, fix orderedCollectionPage (#2434) 2023-12-10 12:36:00 +01:00
tobi
cc91ea057d
[bugfix] Fix web media not showing as sensitive (#2433)
* [bugfix] Fix web media not showing as sensitive

* test

* go fmt
2023-12-09 16:54:38 +01:00
tobi
c6d6fec17d
[bugfix] Fix wrong notification type sent for poll end (#2429) 2023-12-08 23:33:42 +01:00
tobi
4779aecdec
[chore] Run ANALYZE for SQLite after latest migrations (#2427) 2023-12-08 16:59:20 +01:00
Daenney
455064fec7
[bug] Fix an import statement in the gen template (#2426)
The package was renamed from langs to language.
2023-12-08 13:07:34 +01:00
tobi
dacfd413dc
[chore/frontend] Refactor status templates slightly, put polls behind CWs if present (#2419)
* [chore/frontend] Reorder templates, allow polls to be inside content warnings

* show when multiple-choice
2023-12-05 12:43:07 +01:00
dependabot[bot]
18d850ebae
[chore]: Bump go.opentelemetry.io/otel/exporters/prometheus (#2412)
Bumps [go.opentelemetry.io/otel/exporters/prometheus](https://github.com/open-telemetry/opentelemetry-go) from 0.43.0 to 0.44.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/example/view/v0.43.0...bridge/opencensus/v0.44.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/prometheus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 11:49:43 +01:00
dependabot[bot]
ca1a58182d
[chore]: Bump github.com/tdewolff/minify/v2 from 2.20.7 to 2.20.9 (#2416)
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.20.7 to 2.20.9.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.20.7...v2.20.9)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 11:47:21 +01:00
dependabot[bot]
bdc43a98da
[chore]: Bump github.com/minio/minio-go/v7 from 7.0.63 to 7.0.65 (#2415)
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.63 to 7.0.65.
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.63...v7.0.65)

---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 11:46:40 +01:00
dependabot[bot]
b576fbbdcb
[chore]: Bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#2413)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/crypto/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 11:46:03 +01:00
dependabot[bot]
bffc67d764
[chore]: Bump github.com/gorilla/feeds from 1.1.1 to 1.1.2 (#2414)
Bumps [github.com/gorilla/feeds](https://github.com/gorilla/feeds) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/gorilla/feeds/releases)
- [Commits](https://github.com/gorilla/feeds/compare/v1.1.1...v1.1.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/feeds
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 11:45:33 +01:00
Daenney
5556767ff7
[docs] Change configuration creation instructions (#2408)
* [docs] Change configuration creation instructions

This changes the wording to push people towards creating their own
configuration, without copying the whole example configuration. This
makes it much easier to reconcile necessary configruation changes on
upgrades.

* [docs] Reword container version section

This changes the wording in the Version section to make it more clear
what the risks of a moving tag are. It pushes people to use an explicit
release tag instead.
2023-12-05 11:44:10 +01:00
tobi
0e2c342191
[bugfix/chore] Announce reliability updates (#2405)
* [bugfix/chore] `Announce` updates

* test update

* fix tests

* TestParseAnnounce

* update comments

* don't lock/unlock, change function signature

* naming stuff

* don't check domain block twice

* UnwrapIfBoost

* beep boop
2023-12-01 15:27:15 +01:00
kim
d1cac53cbb
[bugfix] in fedi API CreateStatus(), handle case of data-race and return early (#2403) 2023-12-01 11:53:53 +01:00
kim
eb170003b8
[bugfix] return 400 Bad Request on more cases of malformed AS data (#2399) 2023-11-30 16:22:34 +00:00
kim
5fd2e427bb
[bugfix] always go through status parent dereferencing on isNew, even on data-race (#2402)
* no need to deref status author account, will already be deref'd during previous getStatusByAP{IRI,Model}()

* don't unset the isNew flag on dereference data race

* improved code comment
2023-11-30 12:32:45 +01:00