summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2025-03-11Object.Fetcher: Don't do cross-site redirects.Lain Soykaf
2025-03-11StealEmojiPolicy: Sanitise emoji names.Lain Soykaf
2025-03-11ReverseProxy: Sanitize content.Lain Soykaf
2025-03-11InstanceStatic: Extra-sanitize emojiLain Soykaf
2025-03-10More fixes for InstanceStaticLain Soykaf
2025-03-10Sanitize media uploads.Lain Soykaf
2025-03-10.Lain Soykaf
2025-03-10Merge branch 'assorted-test-fixes' into secfixLain Soykaf
2025-03-01LintingLain Soykaf
2025-03-01Merge branch 'security-2.9' into release/2.9.0Lain Soykaf
2025-03-01LintingLain Soykaf
2025-03-01Transmogrifier: Strip internal fieldsLain Soykaf
2025-03-01Merge branch 'pleroma-ensure-authorized-fetch' into security-2.9Lain Soykaf
2025-03-01Merge branch 'rich-media-ordering' into 'develop'feld
Rich Media Parser should use first image found Closes #3356 See merge request pleroma/pleroma!4329
2025-02-28Filter the parsed OpenGraph/Twittercard tags and only retain the ones we ↵Mark Felder
intend to use.
2025-02-28Retire MRFs DNSRBL, FODirectReply, and QuietReplyMark Felder
DNSRBL was a neat experiment which should live out of tree. It works and could be used to coordinate rules across different servers, but Simple Policy will always be better FODirectReply and QuietReply have reliability issues as implemented in an MRF. If we want to expose this functionality to admins it should be a setting that overrides the chosen scope during CommonAPI.post instead of trying to rewrite the recipients with an MRF.
2025-02-28Rich Media Parser should use first og:imageMark Felder
2025-02-28Fix OpenGraph/TwitterCard meta tag ordering for posts with multiple attachmentsMark Felder
2025-02-28PackTest: Add test for skipping emojiLain Soykaf
2025-02-27Emoji, Pack, Backup, Frontend: Use SafeZipLain Soykaf
2025-02-27Add SafeZip moduleOneric
This will replace all the slightly different safety workarounds at different ZIP handling sites and ensure safety is actually consistently enforced everywhere while also making code cleaner and easiert to follow.
2025-02-25Mogrify/Mogrifun: AsyncifyLain Soykaf
2025-02-25AnonymizeFilename: AsyncifyLain Soykaf
2025-02-25Merge branch and resolve conflict in database_test.exsLain Soykaf
2025-02-23UserRelationshipTest: Don't use Mock.Lain Soykaf
2025-02-22Merge branch 'post-languages' into 'develop'lain
Allow to specify post language See merge request pleroma/pleroma!3940
2025-02-22Merge branch 'follow-hashtags' into 'develop'lain
Hashtag following (from Akkoma) See merge request pleroma/pleroma!4307
2025-02-21Fix missing check for domain presence in rich media ignore_host configurationMark Felder
2025-02-17Allow incoming "Listen" activitiesmkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2025-02-17credomkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2025-02-17Include contentMap in outgoing postsmkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2025-02-17Merge remote-tracking branch 'origin/develop' into post-languagesmkljczk
2025-01-30AnalyzeMetadata: Don't crash on grayscale image blurhashLain Soykaf
2025-01-28Fix Mastodon incoming edits with inlined "likes"mkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2025-01-21Merge branch 'actor-published' into 'develop'mkljczk
Include "published" in actor view See merge request pleroma/pleroma!4312
2025-01-21Merge branch 'proxy-redirect' into 'develop'Haelwenn
MediaProxyController: Use 301 for permanent redirects See merge request pleroma/pleroma!4313
2025-01-21MediaProxyController: Use 301 for permanent redirectsLain Soykaf
2025-01-19Include "published" in actor viewmkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2025-01-09Link to exported outbox/followers/following collections in backup actor.jsonmkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2024-12-30fix alias orderingmkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2024-12-30update specmkljczk
Signed-off-by: mkljczk <git@mkljczk.pl>
2024-12-30Add /api/v1/followed_tagsFloatingGhost
Signed-off-by: mkljczk <git@mkljczk.pl>
2024-12-30Remerge of hashtag following (#341)floatingghost
this time with less idiot Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/341 Signed-off-by: mkljczk <git@mkljczk.pl>
2024-12-09Verify a local Update sent through AP C2S so users can only update their own ↵tusooa
objects
2024-11-27fix: skip directory entrieskPherox
In OTP 27.1 or later, `:zip.unzip/2` without `:skip_directories` option returns directory entries. However in OTP 26, passing `:skip_directories` returns a `:bad_option` error, so this option is not available for compatibility.
2024-11-21Merge branch 'meilisearch/misc-fixes' into 'develop'lain
Miscellaneous fixes for Meilisearch See merge request pleroma/pleroma!4296
2024-11-21B ReleaseTasks: Fix task module finding.Lain Soykaf
2024-11-21Remove unused importMint
2024-11-21Meilisearch: stop attempting to index posts with nil dateMint
2024-11-21Meilisearch: use PUT method for indexing Mix taskMint
See https://github.com/meilisearch/meilisearch/issues/2619
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-24 13:42:32 +0000