From c63bf6a040ffd982da43e980209a7d96e87e4d7f Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Fri, 5 May 2023 11:13:50 +0200 Subject: Add changelog for !3880 --- changelog.d/3880.remove | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3880.remove (limited to 'changelog.d') diff --git a/changelog.d/3880.remove b/changelog.d/3880.remove new file mode 100644 index 000000000..113c76c85 --- /dev/null +++ b/changelog.d/3880.remove @@ -0,0 +1 @@ +Cleanup OStatus-era user upgrades and ap_enabled indicator \ No newline at end of file -- cgit v1.2.3 From a5066bb0789e15d808e99e8676c16ad74290419c Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 17 May 2023 17:13:26 +0200 Subject: CommonFields: Use BareUri for :url Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3121 --- changelog.d/3884.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3884.fix (limited to 'changelog.d') diff --git a/changelog.d/3884.fix b/changelog.d/3884.fix new file mode 100644 index 000000000..f8dbb2bbf --- /dev/null +++ b/changelog.d/3884.fix @@ -0,0 +1 @@ +Allow non-HTTP(s) URIs in "url" fields for compatibility with "FEP-fffd: Proxy Objects" \ No newline at end of file -- cgit v1.2.3 From 38bcf6b19e3d83cb6c4e6c82d237a26edcab167a Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 26 May 2023 12:08:50 -0400 Subject: MediaProxyController: Apply CSP sandbox --- changelog.d/3126.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3126.fix (limited to 'changelog.d') diff --git a/changelog.d/3126.fix b/changelog.d/3126.fix new file mode 100644 index 000000000..91d396c89 --- /dev/null +++ b/changelog.d/3126.fix @@ -0,0 +1 @@ +MediaProxy responses now return a sandbox CSP header -- cgit v1.2.3 From 72833c84b583057ed0e757f35b65f90af40496df Mon Sep 17 00:00:00 2001 From: Haelwenn Date: Wed, 17 May 2023 18:50:35 +0000 Subject: Merge branch 'tusooa/rework-refetch' into 'develop' Make sure object refetching follows update rules See merge request pleroma/pleroma!3883 --- changelog.d/3883.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3883.fix (limited to 'changelog.d') diff --git a/changelog.d/3883.fix b/changelog.d/3883.fix new file mode 100644 index 000000000..6824f2013 --- /dev/null +++ b/changelog.d/3883.fix @@ -0,0 +1 @@ +Fix abnormal behaviour when refetching a poll -- cgit v1.2.3 From 4339230f64b05fee1c4d7313c1dc9adc45827a5d Mon Sep 17 00:00:00 2001 From: Haelwenn Date: Tue, 23 May 2023 01:57:07 +0000 Subject: Merge branch 'tusooa/fix-object-test' into 'develop' Fix ObjectTest See merge request pleroma/pleroma!3887 --- changelog.d/fix-object-test.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/fix-object-test.fix (limited to 'changelog.d') diff --git a/changelog.d/fix-object-test.fix b/changelog.d/fix-object-test.fix new file mode 100644 index 000000000..5eea719f0 --- /dev/null +++ b/changelog.d/fix-object-test.fix @@ -0,0 +1 @@ +Correctly handle the situation when a poll has both "anyOf" and "oneOf" but one of them being empty -- cgit v1.2.3 From b36263e5ffd0d89d819b01478f19891b14740bb0 Mon Sep 17 00:00:00 2001 From: Haelwenn Date: Fri, 26 May 2023 17:12:18 +0000 Subject: Merge branch 'issue/3126' into 'develop' MediaProxyController: Apply CSP sandbox See merge request pleroma/pleroma!3890 --- changelog.d/3126.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3126.fix (limited to 'changelog.d') diff --git a/changelog.d/3126.fix b/changelog.d/3126.fix new file mode 100644 index 000000000..91d396c89 --- /dev/null +++ b/changelog.d/3126.fix @@ -0,0 +1 @@ +MediaProxy responses now return a sandbox CSP header -- cgit v1.2.3 From 0d68804aa7efc4f3212e02218804755da93d03f0 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 26 May 2023 13:23:59 -0400 Subject: Filter OEmbed HTML tags --- changelog.d/3891.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3891.fix (limited to 'changelog.d') diff --git a/changelog.d/3891.fix b/changelog.d/3891.fix new file mode 100644 index 000000000..f1fb62d82 --- /dev/null +++ b/changelog.d/3891.fix @@ -0,0 +1 @@ +OEmbed HTML tags are now filtered -- cgit v1.2.3 From 4505bc1e587ce76683e21a41f90fb2956ed2a084 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 26 May 2023 13:23:59 -0400 Subject: Filter OEmbed HTML tags --- changelog.d/3891.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3891.fix (limited to 'changelog.d') diff --git a/changelog.d/3891.fix b/changelog.d/3891.fix new file mode 100644 index 000000000..f1fb62d82 --- /dev/null +++ b/changelog.d/3891.fix @@ -0,0 +1 @@ +OEmbed HTML tags are now filtered -- cgit v1.2.3 From a1af122499d3558d9fa6d5606c394e01f36e95e4 Mon Sep 17 00:00:00 2001 From: faried nawaz Date: Thu, 18 May 2023 02:28:50 +0500 Subject: changelog entry --- changelog.d/3885.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3885.fix (limited to 'changelog.d') diff --git a/changelog.d/3885.fix b/changelog.d/3885.fix new file mode 100644 index 000000000..c5fbb0ed4 --- /dev/null +++ b/changelog.d/3885.fix @@ -0,0 +1 @@ +Fix opengraph and twitter card meta tags -- cgit v1.2.3 From 84974efe4c6e26f20bc14fece6cc74efe8777547 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 29 May 2023 14:17:27 -0400 Subject: Host header validation is now required for MediaProxy and Uploads --- changelog.d/3896.add | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3896.add (limited to 'changelog.d') diff --git a/changelog.d/3896.add b/changelog.d/3896.add new file mode 100644 index 000000000..3124e07dd --- /dev/null +++ b/changelog.d/3896.add @@ -0,0 +1 @@ +Validate Host header for MediaProxy and Uploads -- cgit v1.2.3 From 9caa0b0be1feffb20b3eaccb48298de572d32393 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 29 May 2023 15:46:49 -0400 Subject: Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types --- changelog.d/3897.add | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3897.add (limited to 'changelog.d') diff --git a/changelog.d/3897.add b/changelog.d/3897.add new file mode 100644 index 000000000..5c4402f45 --- /dev/null +++ b/changelog.d/3897.add @@ -0,0 +1 @@ +OnlyMedia Upload Filter -- cgit v1.2.3 From b3c3bd99c390a4e5081d411011688e38285547b0 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 30 May 2023 16:56:09 -0400 Subject: Switch from serving a 400 to a 302 --- changelog.d/3896.add | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'changelog.d') diff --git a/changelog.d/3896.add b/changelog.d/3896.add index 3124e07dd..36d8286ff 100644 --- a/changelog.d/3896.add +++ b/changelog.d/3896.add @@ -1 +1 @@ -Validate Host header for MediaProxy and Uploads +Validate Host header for MediaProxy and Uploads and return a 302 if the base_url has changed -- cgit v1.2.3 From 737e45c1022172b316671110468a03a22a23e809 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 31 May 2023 08:28:28 +0200 Subject: installation/debian_based_jp: Elixir 1.11 means Debian 12+ and Ubuntu 22.04+ I checked for what each part of the debian&ubuntu sentences meant with the help of Jisho.org, should be safe but it did make me notice that this guide hasn't been updated in years --- changelog.d/distro-docs-elixir-1.11.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/distro-docs-elixir-1.11.skip (limited to 'changelog.d') diff --git a/changelog.d/distro-docs-elixir-1.11.skip b/changelog.d/distro-docs-elixir-1.11.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From 46c799f5284afe26756a6dd1b247af32de3be929 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 31 May 2023 09:50:47 -0400 Subject: Use Phoenix.ConnTest.redirected_to/2 --- changelog.d/3899.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/3899.skip (limited to 'changelog.d') diff --git a/changelog.d/3899.skip b/changelog.d/3899.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From 313e68c1809a281a781b221778c3e3c44728cca0 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Fri, 6 Jan 2023 21:53:17 +0100 Subject: mix: bump gettext to ~0.20 Includes https://github.com/elixir-gettext/gettext/pull/304 in 0.20.0+ Includes https://github.com/elixir-gettext/expo/issues/91 in 0.22+ via expo 0.2.0+ --- changelog.d/3831.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/3831.skip (limited to 'changelog.d') diff --git a/changelog.d/3831.skip b/changelog.d/3831.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From 40d40d67a3cee4d57f9200d0980df1b21d08a834 Mon Sep 17 00:00:00 2001 From: Lain Soykaf Date: Fri, 2 Jun 2023 17:09:23 +0400 Subject: Add changelog. --- changelog.d/3901.security | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3901.security (limited to 'changelog.d') diff --git a/changelog.d/3901.security b/changelog.d/3901.security new file mode 100644 index 000000000..a3d8bd01f --- /dev/null +++ b/changelog.d/3901.security @@ -0,0 +1 @@ +Preload: Make generated JSON html-safe. It already was html safe because it only consists of config data that is base64 encoded, but this will keep it safe it that ever changes. -- cgit v1.2.3 From fadcd7f1a9e41ec9b54f251cf782688bf3d36889 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 7 Jun 2023 09:19:22 -0400 Subject: Revert MediaProxy Host header validation Something is going wrong here even though the tests are correct. --- changelog.d/3896.add | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'changelog.d') diff --git a/changelog.d/3896.add b/changelog.d/3896.add index 36d8286ff..e8fde4c8a 100644 --- a/changelog.d/3896.add +++ b/changelog.d/3896.add @@ -1 +1 @@ -Validate Host header for MediaProxy and Uploads and return a 302 if the base_url has changed +Validate Host header for Uploads and return a 302 if the base_url has changed -- cgit v1.2.3 From 1ca1b4b32f2cba5f78a2d55645b8d2814bbfc593 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 7 Jun 2023 09:25:57 -0400 Subject: changelog.d --- changelog.d/3902.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/3902.skip (limited to 'changelog.d') diff --git a/changelog.d/3902.skip b/changelog.d/3902.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3