pleroma - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2023-09-13	StatusControllerTest: test creating a quote post	Alex Gleason

2023-09-13	BuilderTest: build quote post	Alex Gleason

2023-09-13	ActivityDraft: allow quoting	Alex Gleason

2023-09-13	StatusView: render the whole quoted status	Alex Gleason

2023-09-13	Transmogrifier: fetch quoted post	Alex Gleason

2023-09-13	ObjectValidators: improve quoteUrl compatibility	Alex Gleason

2023-09-13	Quote post: add fixtures	Alex Gleason

2023-09-03	CommonAPI: Prevent users from accessing media of other users	Mint

2023-08-11	Implement api/v2/instance route	marcin mikołajczak
	Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2023-08-05	Completely disable xml entity resolution	mae

2023-08-05	Add unit test for external entity loading	FloatingGhost

2023-08-04	release_runtime_provider_test: chmod config for hardened permissions	Haelwenn (lanodan) Monnier
	Git doesn't manages file permissions precisely enough for us.
2023-08-04	Resolve information disclosure vulnerability through emoji pack archive ↵	Mark Felder
	download endpoint The pack name has been sanitized so an attacker cannot upload a media file called pack.json with their own handcrafted list of emoji files as arbitrary files on the filesystem and then call the emoji pack archive download endpoint with a pack name crafted to the location of the media file they uploaded which tricks Pleroma into generating a zip file of the target files the attacker wants to download. The attack only works if the Pleroma instance does not have the AnonymizeFilename upload filter enabled, which is currently the default. Reported by: graf@poast.org
2023-08-03	Merge branch 'tusooa/3154-attachment-type-check' into 'develop'	Haelwenn
	Restrict attachments to only uploaded files only Closes #3154 See merge request pleroma/pleroma!3923
2023-07-28	status context: perform visibility check on activities around a status	faried nawaz
	issue #2927
2023-07-18	Restrict attachments to only uploaded files only	tusooa

2023-07-07	Make regex-to-string descriptor reusable	tusooa

2023-07-07	Fix edge cases	tusooa

2023-07-07	Test that unicode emoji reactions are not affected	tusooa

2023-07-07	Make EmojiPolicy aware of custom emoji reactions	tusooa

2023-07-07	EmojiPolicy: Implement delist	tusooa

2023-07-07	EmojiPolicy: implement remove by shortcode	tusooa

2023-07-07	Add emoji policy to remove emojis matching certain urls	tusooa
	https://git.pleroma.social/pleroma/pleroma/-/issues/2775
2023-07-02	Merge branch 'testfix/system-config-use' into 'develop'	Haelwenn
	release_runtime_provider_test: Explicitely use non-existant config file See merge request pleroma/pleroma!3910
2023-07-02	Merge branch 'tusooa/3131-handle-report-from-deactivated-user' into 'develop'	Haelwenn
	Fix handling report from a deactivated user Closes #3131 See merge request pleroma/pleroma!3915
2023-07-02	Fix handling report from a deactivated user	tusooa

2023-07-02	Fix user fetch completely broken if featured collection is not in a ↵	tusooa
	supported form
2023-07-01	Merge branch 'bugfix/full-revert-media-host-validation' into 'develop'	tusooa
	Merge Revert "Merge branch 'validate-host' into 'develop'" Closes #3136 See merge request pleroma/pleroma!3909
2023-06-27	Merge branch 'instance-nodeinfo-metadata' into 'develop'develop	Haelwenn
	instances: Store some metadata based on NodeInfo See merge request pleroma/pleroma!3853
2023-06-27	Merge branch 'tusooa/3119-bio-update' into 'develop'	Haelwenn
	Show more informative errors when profile exceeds char limits Closes #3119 See merge request pleroma/pleroma!3886
2023-06-27	Merge branch 'from/upstream-develop/tusooa/backup-status' into 'develop'	Haelwenn
	Detail backup states Closes #3024 See merge request pleroma/pleroma!3809
2023-06-27	release_runtime_provider_test: Explicitely use non-existant config file	Haelwenn (lanodan) Monnier

2023-06-22	Merge Revert "Merge branch 'validate-host' into 'develop'"	Haelwenn (lanodan) Monnier
	This reverts commit d998a114e26033e98e87778e5ca659aff91831bf, reversing changes made to da6b4003acad84b0f60ad8da6d08cfe13564b058.
2023-06-11	Merge branch 'tusooa/3054-banned-delete' into 'develop'	lain
	Fix deleting banned users' statuses See merge request pleroma/pleroma!3889
2023-06-11	B ForceMentionsInContent: Fix test, refactor.	Lain Soykaf

2023-06-11	Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into ↵	Lain Soykaf
	pleroma-double_mentions
2023-06-11	Merge branch 'fix/metadata-tags' into 'develop'	lain
	static frontend: fix meta tags See merge request pleroma/pleroma!3885
2023-06-11	Merge branch 'cleanup/ostatus-user-upgrade' into 'develop'	lain
	Cleanup OStatus-era user upgrades and ap_enabled indicator See merge request pleroma/pleroma!3880
2023-06-11	Merge branch 'revert-mediaproxy-host-validation' into 'develop'	feld
	Revert MediaProxy Host header validation See merge request pleroma/pleroma!3902
2023-06-11	Merge branch 'fep-fffd-url' into 'develop'	lain
	CommonFields: Use BareUri for :url Closes #3121 See merge request pleroma/pleroma!3884
2023-06-07	Revert MediaProxy Host header validation	Mark Felder
	Something is going wrong here even though the tests are correct.
2023-06-02	Merge branch 'develop' into 'phoenix1.7'	feld
	# Conflicts: # mix.exs
2023-05-31	Fix test warnings	Mark Felder
	warning: the URI path used in plug tests must start with "/"
2023-05-31	Fix deprecated calls to get_flash/2	Mark Felder

2023-05-31	Use Phoenix.ConnTest.redirected_to/2	Mark Felder

2023-05-31	Merge branch 'validate-host' into 'develop'	Haelwenn
	Validate Host header for MediaProxy and Uploads See merge request pleroma/pleroma!3896
2023-05-30	Switch from serving a 400 to a 302	Mark Felder

2023-05-29	Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, ↵	Mark Felder
	and video types
2023-05-29	Remove unwanted parameter	Mark Felder

2023-05-29	Validate Host header matches expected value before allowing access to Uploads	Mark Felder