Commit graph

2360 commits

Author SHA1 Message Date
dakkar
5c311e8a28 tweak the rate limit for notes/create
while fixing #467 #468, we changed the rate limit from 300/hour to
5/minute

some people felt it was too low: they often boost notes in quick
succession

so here's a different approach: back to 300/hour, but not more than
1/second; this is the same settings that `notes/delete` has, BTW
2024-06-12 17:06:33 +01:00
Marie
4a9260a432 upd: seperate H2/H3 into own case 2024-06-08 18:53:42 +00:00
Marie
0c3690a8ba upd: bold some Header tags 2024-06-08 18:00:29 +00:00
dakkar
079abfd713 rate limit note/reply/boost creation more tightly
5/minute is the same as 300/hour on average, and still high enough
that it shouldn't be a problem for most people
2024-06-07 15:10:16 +01:00
Marie
b2088e60b7 merge: use the current resolver for quotes - #524 (!536)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/536

Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
Approved-by: Marie <marie@kaifa.ch>
2024-06-03 16:54:51 +00:00
Amelia Yukii
23b1c29a0b merge: allow setting separate timeout / max size for imports - fixes #479 (!519)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/519

Closes #479

Approved-by: Marie <marie@kaifa.ch>
Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
2024-06-03 16:29:19 +00:00
dakkar
082e1d1afb allow setting separate timeout / max size for imports - fixes #479 2024-06-03 16:29:19 +00:00
Marie
886948769e merge: fix custom emoji pagination when searching - fixes #490 (!489)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/489

Closes #490

Approved-by: fEmber <acomputerdog@gmail.com>
Approved-by: Marie <marie@kaifa.ch>
2024-05-31 18:39:01 +00:00
Marie
11bd8e9571 merge: escape \ character in sqlLikeEscape (!529)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/529

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-31 18:38:04 +00:00
Marie
86ccbd9487 merge: Fix/fixing mastodon api search mfm (!532)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/532

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-31 18:32:51 +00:00
dakkar
11aac8253d merge: look inside url when checking activity origin - #512 (!521)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/521

Closes #512

Approved-by: Marie <marie@kaifa.ch>
Approved-by: fEmber <acomputerdog@gmail.com>
2024-05-31 10:37:54 +00:00
dakkar
4f346ebe0c merge: fix types in config.ts (!520)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/520

Approved-by: Marie <marie@kaifa.ch>
Approved-by: fEmber <acomputerdog@gmail.com>
2024-05-31 10:36:20 +00:00
KevinWh0
1656c02536 renamed toMastoHtml to toMastoApiHtml to clear up what it does 2024-05-31 12:21:25 +02:00
KevinWh0
145c4ba132 fixed the search url 2024-05-31 12:19:18 +02:00
Marie
9bde071f42 merge: feat: send edit events to servers that interacted (!515)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/515

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
Approved-by: Leah <kevinlukej@gmail.com>
Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
2024-05-30 19:16:10 +00:00
Amelia Yukii
55fc2879f3 merge: set the correct "marked an NSFW" when loading admin-user (!483)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/483

Approved-by: Marie <marie@kaifa.ch>
Approved-by: fEmber <acomputerdog@gmail.com>
2024-05-30 14:22:00 +00:00
dakkar
3050dcbef7 set the correct "marked an NSFW" when loading admin-user 2024-05-30 14:22:00 +00:00
Sugar
189c26aa25 escape \ character in sqlLikeEscape 2024-05-30 16:01:29 +02:00
fEmber
da764d3541 merge: fix: start only one instance of ChartManagementService scheduled job (!514)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/514

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-30 13:18:44 +00:00
fEmber
2532fea702 fix: start only one instance of ChartManagementService scheduled job 2024-05-30 13:18:44 +00:00
fEmber
d0be6ca332 merge: fix: don't create duplicate workers when clustering is disabled (!508)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/508

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-30 13:17:52 +00:00
fEmber
cebad801e2 fix: don't create duplicate workers when clustering is disabled 2024-05-30 13:17:51 +00:00
Marie
d7bd112b37 fix incorrect variable name 2024-05-30 13:03:54 +00:00
Marie
981975404d Fix Visiblity issue 2024-05-30 12:08:30 +00:00
dakkar
38d98e5048 nicer type for alwaysStrings, thanks Marie 2024-05-30 11:29:31 +01:00
dakkar
dc0bd3c2ee merge: feat: allow using wildcards in antenna (!114)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/114

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Leah <kevinlukej@gmail.com>
2024-05-30 09:14:21 +00:00
Amelia Yukii
a9b1affdf0 merge: more timeline filters - #228 (!455)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/455

Approved-by: fEmber <acomputerdog@gmail.com>
Approved-by: Leah <kevinlukej@gmail.com>
Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
2024-05-23 21:56:28 +00:00
dakkar
d27ce442ea more timeline filters - #228 2024-05-23 21:56:28 +00:00
dakkar
c05cc63e24 look inside url when checking activity origin - #512
The previous assertion that:

> if it's a complicated thing and the `activity.id` doesn't match, I
> think we're fine rejecting the activity

was wrong: at least peertube sends activities that have `url` as an
array of objects.

Notice that this does *not*, in fact, fix #512: the peertube activity
does not contain its short URL (`https://example.com/w/someid`), so
there's no way to confirm that it is the activity we requested.
2024-05-18 16:48:10 +01:00
dakkar
aa7271469e fix types in config.ts
my recent changes to allow overrides from the environment had bad types
2024-05-18 15:56:21 +01:00
dakkar
95ec40d3c8 merge: allow overriding all string config values via env - fixes #465 (!476)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/476

Closes #465

Approved-by: Marie <marie@kaifa.ch>
Approved-by: Luna <her@mint.lgbt>
2024-05-17 16:46:02 +00:00
dakkar
2d89b08a08 use the current resolver for quotes - #524
this might solve the loop problem, if the protection already in place
for replies was enough
2024-05-15 16:47:06 +01:00
dakkar
42d9da161b first basic protection - #524 2024-05-14 16:58:06 +01:00
Sugar
194d8a5527 feat: send edit events to servers that interacted
a server replied to, renoted or reacted to a note knows about a note,
and as such it should get notified about it being edited.

this matches similar logic in mastodon.
2024-05-11 09:44:03 +02:00
dakkar
9d91196344 allow offset in admin/emoji/list - #490
also, use `skip` + `take` instead of `limit` (the TypeORM docs say so
https://github.com/typeorm/typeorm/blob/master/docs/select-query-builder.md#adding-limit-expression )
2024-05-09 21:02:34 +01:00
dakkar
f1d96b8ae8 merge: fix: incorrect type for quote property (!480)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/480

Closes #401

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Tess K <me@thvxl.se>
2024-05-09 09:05:16 +00:00
dakkar
01256af028 merge: Rework cache clearing to be fault tolerant (!497)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/497

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-09 08:01:18 +00:00
dakkar
89f412c696 merge: Send default reactions as Like activities to Iceshrimp.NET instances (!505)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/505

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-09 07:59:46 +00:00
Ember
ed91663672 merge: don't count "system" local accounts in user chart - fixes #451 (!500)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/500

Closes #451

Approved-by: Ember <acomputerdog@gmail.com>
Approved-by: Marie <marie@kaifa.ch>
2024-05-07 20:17:54 +00:00
dakkar
89f4f0e5f4 don't count "system" local accounts in user chart - fixes #451 2024-05-07 20:17:53 +00:00
Ember
58ff225c4e merge: really edit notes in more cases - fixes #424 (!504)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/504

Closes #424

Approved-by: Leah <kevinlukej@gmail.com>
Approved-by: Ember <acomputerdog@gmail.com>
2024-05-07 20:16:39 +00:00
dakkar
eab690a5e3 really edit notes in more cases - fixes #424 2024-05-07 20:16:38 +00:00
Tess K
5e20de45d7 merge: Compact LD-signed activities against well-known context (!503)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/503

Approved-by: Marie <marie@kaifa.ch>
Approved-by: Tess K <me@thvxl.se>
2024-05-04 17:19:42 +00:00
f843bf6c17
fix: Add unicode flag to custom emoji regexes 2024-05-03 11:48:00 -05:00
dakkar
d0a2708f91 merge: handle non-ASCII emoji names (!464)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/464

Approved-by: Leah <kevinlukej@gmail.com>
Approved-by: Ember <acomputerdog@gmail.com>
Approved-by: Marie <marie@kaifa.ch>
2024-05-02 21:06:10 +00:00
ShittyKopper
e333283905 Send default reactions as Like activities to Iceshrimp.NET instances 2024-05-02 02:37:59 +03:00
dakkar
45182c17e2 fix imports 2024-05-01 17:41:33 +01:00
dakkar
6ae01e28aa Compact LD-signed activities against well-known context
This should defend against some spoofing attacks, see also
https://nvd.nist.gov/vuln/detail/CVE-2022-24307 for Mastodon,
febb499fcb
from Iceshrimp and
e790d6be90
for Firefish

Thanks to @tesaguri@fedibird.com for reporting and providing the patch.
2024-04-30 10:16:57 +01:00
PrivateGER
493775ad7b
reformat expression 2024-04-24 16:05:30 +02:00
dakkar
0f3764ff71 teach ReactionService about non-ASCII emoji names 2024-04-23 14:42:02 +01:00