summaryrefslogtreecommitdiff
path: root/test
AgeCommit message (Collapse)Author
2023-09-13Add mrf to force link tag of quoting poststusooa
2023-09-13Keep incoming Link tagtusooa
2023-09-13Parse object link as quoteUrltusooa
2023-09-13Allow more flexibility in InlineQuotePolicytusooa
2023-09-13Fix CommonAPITesttusooa
2023-09-13Allow local quote and private self-quotetusooa
2023-09-13InlineQuotePolicy: skip objects which already have an .inline-quote spanAlex Gleason
2023-09-13Actually, don't send _misskey_quote anymoreAlex Gleason
2023-09-13InlineQuotePolicy: improve the way Markdown quotes are displayed by other ↵Alex Gleason
software
2023-09-13Handle Fedibird's new quoteUri fieldAlex Gleason
2023-09-13Transmogrifier: federate quotes with _misskey_quote fieldAlex Gleason
2023-09-13StatusView: return quote post inside a reblogAlex Gleason
2023-09-13InlineQuotePolicy: don't add line breaks to markdown postsAlex Gleason
2023-09-13StatusView: add `quote_visible` paramAlex Gleason
2023-09-13StatusView: fix quote visibilityAlex Gleason
2023-09-13CommonAPI: disallow quoting private posts through the APIAlex Gleason
2023-09-13Add InlineQuotePolicy to force quote URLs inlineAlex Gleason
2023-09-13ActivityDraft: mix format, defensive actor IDAlex Gleason
2023-09-13ActivityDraft: mention the OP of a quoted postAlex Gleason
2023-09-13Return quote_url through the API, don't render quotes more than 1 level deepAlex Gleason
2023-09-13Fix typosAlex Gleason
2023-09-13TransmogrifierTest: prepare an outgoing quote postAlex Gleason
2023-09-13StatusControllerTest: test creating a quote postAlex Gleason
2023-09-13BuilderTest: build quote postAlex Gleason
2023-09-13ActivityDraft: allow quotingAlex Gleason
2023-09-13StatusView: render the whole quoted statusAlex Gleason
2023-09-13Transmogrifier: fetch quoted postAlex Gleason
2023-09-13ObjectValidators: improve quoteUrl compatibilityAlex Gleason
2023-09-13Quote post: add fixturesAlex Gleason
2023-09-03CommonAPI: Prevent users from accessing media of other usersMint
2023-08-11Implement api/v2/instance routemarcin mikołajczak
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2023-08-05Completely disable xml entity resolutionmae
2023-08-05Add unit test for external entity loadingFloatingGhost
2023-08-04release_runtime_provider_test: chmod config for hardened permissionsHaelwenn (lanodan) Monnier
Git doesn't manages file permissions precisely enough for us.
2023-08-04Resolve information disclosure vulnerability through emoji pack archive ↵Mark Felder
download endpoint The pack name has been sanitized so an attacker cannot upload a media file called pack.json with their own handcrafted list of emoji files as arbitrary files on the filesystem and then call the emoji pack archive download endpoint with a pack name crafted to the location of the media file they uploaded which tricks Pleroma into generating a zip file of the target files the attacker wants to download. The attack only works if the Pleroma instance does not have the AnonymizeFilename upload filter enabled, which is currently the default. Reported by: graf@poast.org
2023-08-03Merge branch 'tusooa/3154-attachment-type-check' into 'develop'Haelwenn
Restrict attachments to only uploaded files only Closes #3154 See merge request pleroma/pleroma!3923
2023-07-28status context: perform visibility check on activities around a statusfaried nawaz
issue #2927
2023-07-18Restrict attachments to only uploaded files onlytusooa
2023-07-07Make regex-to-string descriptor reusabletusooa
2023-07-07Fix edge casestusooa
2023-07-07Test that unicode emoji reactions are not affectedtusooa
2023-07-07Make EmojiPolicy aware of custom emoji reactionstusooa
2023-07-07EmojiPolicy: Implement delisttusooa
2023-07-07EmojiPolicy: implement remove by shortcodetusooa
2023-07-07Add emoji policy to remove emojis matching certain urlstusooa
https://git.pleroma.social/pleroma/pleroma/-/issues/2775
2023-07-02Merge branch 'testfix/system-config-use' into 'develop'Haelwenn
release_runtime_provider_test: Explicitely use non-existant config file See merge request pleroma/pleroma!3910
2023-07-02Merge branch 'tusooa/3131-handle-report-from-deactivated-user' into 'develop'Haelwenn
Fix handling report from a deactivated user Closes #3131 See merge request pleroma/pleroma!3915
2023-07-02Fix handling report from a deactivated usertusooa
2023-07-02Fix user fetch completely broken if featured collection is not in a ↵tusooa
supported form
2023-07-01Merge branch 'bugfix/full-revert-media-host-validation' into 'develop'tusooa
Merge Revert "Merge branch 'validate-host' into 'develop'" Closes #3136 See merge request pleroma/pleroma!3909
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-21 12:11:33 +0000