Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into pleroma-secure-mode
This commit is contained in:
commit
3b4be5daa2
866 changed files with 21349 additions and 6243 deletions
6
.dialyzer_ignore.exs
Normal file
6
.dialyzer_ignore.exs
Normal file
|
@ -0,0 +1,6 @@
|
|||
[
|
||||
{"lib/cachex.ex", "Unknown type: Spec.cache/0."},
|
||||
{"lib/pleroma/web/plugs/rate_limiter.ex", "The pattern can never match the type {:commit, _} | {:ignore, _}."},
|
||||
{"lib/pleroma/web/plugs/rate_limiter.ex", "Function get_scale/2 will never be called."},
|
||||
{"lib/pleroma/web/plugs/rate_limiter.ex", "Function initialize_buckets!/1 will never be called."}
|
||||
]
|
5
.gitignore
vendored
5
.gitignore
vendored
|
@ -57,5 +57,6 @@ pleroma.iml
|
|||
.tool-versions
|
||||
|
||||
# Editor temp files
|
||||
/*~
|
||||
/*#
|
||||
*~
|
||||
*#
|
||||
*.swp
|
||||
|
|
459
.gitlab-ci.yml
459
.gitlab-ci.yml
|
@ -1,13 +1,22 @@
|
|||
image: git.pleroma.social:5050/pleroma/pleroma/ci-base
|
||||
image: git.pleroma.social:5050/pleroma/pleroma/ci-base:elixir-1.13.4-otp-24
|
||||
|
||||
variables: &global_variables
|
||||
# Only used for the release
|
||||
ELIXIR_VER: 1.13.4
|
||||
POSTGRES_DB: pleroma_test
|
||||
POSTGRES_USER: postgres
|
||||
POSTGRES_PASSWORD: postgres
|
||||
DB_HOST: postgres
|
||||
DB_PORT: 5432
|
||||
DB_PORT: "5432"
|
||||
MIX_ENV: test
|
||||
|
||||
workflow:
|
||||
rules:
|
||||
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
|
||||
- if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
|
||||
when: never
|
||||
- if: $CI_COMMIT_BRANCH
|
||||
|
||||
cache: &global_cache_policy
|
||||
key:
|
||||
files:
|
||||
|
@ -18,11 +27,14 @@ cache: &global_cache_policy
|
|||
|
||||
stages:
|
||||
- build
|
||||
- lint
|
||||
- test
|
||||
- check-changelog
|
||||
- benchmark
|
||||
- deploy
|
||||
- release
|
||||
- docker
|
||||
- docker-combine
|
||||
|
||||
before_script:
|
||||
- echo $MIX_ENV
|
||||
|
@ -32,24 +44,61 @@ before_script:
|
|||
after_script:
|
||||
- rm -rf _build/*/lib/pleroma
|
||||
|
||||
build:
|
||||
check-changelog:
|
||||
stage: check-changelog
|
||||
image: alpine
|
||||
rules:
|
||||
- if: $CI_MERGE_REQUEST_SOURCE_PROJECT_PATH == 'pleroma/pleroma' && $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == 'weblate-extract'
|
||||
when: never
|
||||
- if: $CI_MERGE_REQUEST_SOURCE_PROJECT_PATH == 'pleroma/pleroma' && $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == 'weblate'
|
||||
when: never
|
||||
- if: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "develop"
|
||||
before_script: ''
|
||||
after_script: ''
|
||||
cache: {}
|
||||
script:
|
||||
- apk add git
|
||||
- sh ./tools/check-changelog
|
||||
|
||||
.build_changes_policy:
|
||||
rules:
|
||||
- changes:
|
||||
- ".gitlab-ci.yml"
|
||||
- "**/*.ex"
|
||||
- "**/*.exs"
|
||||
- "mix.lock"
|
||||
|
||||
.using-ci-base:
|
||||
tags:
|
||||
- amd64
|
||||
|
||||
build-1.13.4:
|
||||
extends:
|
||||
- .build_changes_policy
|
||||
- .using-ci-base
|
||||
stage: build
|
||||
only:
|
||||
changes: &build_changes_policy
|
||||
- ".gitlab-ci.yml"
|
||||
- "**/*.ex"
|
||||
- "**/*.exs"
|
||||
- "mix.lock"
|
||||
script:
|
||||
- mix compile --force
|
||||
|
||||
build-1.15.7-otp-25:
|
||||
extends:
|
||||
- .build_changes_policy
|
||||
- .using-ci-base
|
||||
stage: build
|
||||
image: git.pleroma.social:5050/pleroma/pleroma/ci-base:elixir-1.15-otp25
|
||||
allow_failure: true
|
||||
script:
|
||||
- mix compile --force
|
||||
|
||||
spec-build:
|
||||
stage: test
|
||||
only:
|
||||
changes:
|
||||
- ".gitlab-ci.yml"
|
||||
- "lib/pleroma/web/api_spec/**/*.ex"
|
||||
- "lib/pleroma/web/api_spec.ex"
|
||||
extends:
|
||||
- .using-ci-base
|
||||
stage: build
|
||||
rules:
|
||||
- changes:
|
||||
- ".gitlab-ci.yml"
|
||||
- "lib/pleroma/web/api_spec/**/*.ex"
|
||||
- "lib/pleroma/web/api_spec.ex"
|
||||
artifacts:
|
||||
paths:
|
||||
- spec.json
|
||||
|
@ -57,12 +106,14 @@ spec-build:
|
|||
- mix pleroma.openapi_spec spec.json
|
||||
|
||||
benchmark:
|
||||
extends:
|
||||
- .using-ci-base
|
||||
stage: benchmark
|
||||
when: manual
|
||||
variables:
|
||||
MIX_ENV: benchmark
|
||||
services:
|
||||
- name: postgres:9.6-alpine
|
||||
- name: postgres:11.22-alpine
|
||||
alias: postgres
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
script:
|
||||
|
@ -70,19 +121,19 @@ benchmark:
|
|||
- mix ecto.migrate
|
||||
- mix pleroma.load_testing
|
||||
|
||||
unit-testing:
|
||||
unit-testing-1.12.3:
|
||||
extends:
|
||||
- .build_changes_policy
|
||||
- .using-ci-base
|
||||
stage: test
|
||||
only:
|
||||
changes: *build_changes_policy
|
||||
cache: &testing_cache_policy
|
||||
<<: *global_cache_policy
|
||||
policy: pull
|
||||
|
||||
services:
|
||||
services: &testing_services
|
||||
- name: postgres:13-alpine
|
||||
alias: postgres
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
script:
|
||||
script: &testing_script
|
||||
- mix ecto.create
|
||||
- mix ecto.migrate
|
||||
- mix test --cover --preload-modules
|
||||
|
@ -93,64 +144,35 @@ unit-testing:
|
|||
coverage_format: cobertura
|
||||
path: coverage.xml
|
||||
|
||||
unit-testing-erratic:
|
||||
unit-testing-1.15.7-otp-25:
|
||||
extends:
|
||||
- .build_changes_policy
|
||||
- .using-ci-base
|
||||
stage: test
|
||||
image: git.pleroma.social:5050/pleroma/pleroma/ci-base:elixir-1.15-otp25
|
||||
allow_failure: true
|
||||
cache: *testing_cache_policy
|
||||
services: *testing_services
|
||||
script: *testing_script
|
||||
|
||||
unit-testing-1.12-erratic:
|
||||
extends:
|
||||
- .build_changes_policy
|
||||
- .using-ci-base
|
||||
stage: test
|
||||
retry: 2
|
||||
allow_failure: true
|
||||
only:
|
||||
changes: *build_changes_policy
|
||||
cache: &testing_cache_policy
|
||||
<<: *global_cache_policy
|
||||
policy: pull
|
||||
|
||||
services:
|
||||
- name: postgres:13-alpine
|
||||
alias: postgres
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
cache: *testing_cache_policy
|
||||
services: *testing_services
|
||||
script:
|
||||
- mix ecto.create
|
||||
- mix ecto.migrate
|
||||
- mix test --only=erratic
|
||||
|
||||
# Removed to fix CI issue. In this early state it wasn't adding much value anyway.
|
||||
# TODO Fix and reinstate federated testing
|
||||
# federated-testing:
|
||||
# stage: test
|
||||
# cache: *testing_cache_policy
|
||||
# services:
|
||||
# - name: minibikini/postgres-with-rum:12
|
||||
# alias: postgres
|
||||
# command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
# script:
|
||||
# - mix deps.get
|
||||
# - mix ecto.create
|
||||
# - mix ecto.migrate
|
||||
# - epmd -daemon
|
||||
# - mix test --trace --only federated
|
||||
|
||||
unit-testing-rum:
|
||||
stage: test
|
||||
only:
|
||||
changes: *build_changes_policy
|
||||
cache: *testing_cache_policy
|
||||
services:
|
||||
- name: minibikini/postgres-with-rum:12
|
||||
alias: postgres
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
variables:
|
||||
<<: *global_variables
|
||||
RUM_ENABLED: "true"
|
||||
script:
|
||||
- mix ecto.create
|
||||
- mix ecto.migrate
|
||||
- "mix ecto.migrate --migrations-path priv/repo/optional_migrations/rum_indexing/"
|
||||
- mix test --preload-modules
|
||||
|
||||
lint:
|
||||
image: ¤t_elixir elixir:1.12-alpine
|
||||
stage: test
|
||||
only:
|
||||
changes: *build_changes_policy
|
||||
formatting-1.13:
|
||||
extends: .build_changes_policy
|
||||
image: &formatting_elixir elixir:1.13-alpine
|
||||
stage: lint
|
||||
cache: *testing_cache_policy
|
||||
before_script: ¤t_bfr_script
|
||||
- apk update
|
||||
|
@ -161,25 +183,38 @@ lint:
|
|||
script:
|
||||
- mix format --check-formatted
|
||||
|
||||
analysis:
|
||||
stage: test
|
||||
only:
|
||||
changes: *build_changes_policy
|
||||
cache: *testing_cache_policy
|
||||
script:
|
||||
- mix credo --strict --only=warnings,todo,fixme,consistency,readability
|
||||
|
||||
cycles:
|
||||
image: *current_elixir
|
||||
stage: test
|
||||
only:
|
||||
changes: *build_changes_policy
|
||||
cycles-1.13:
|
||||
extends: .build_changes_policy
|
||||
image: *formatting_elixir
|
||||
stage: lint
|
||||
cache: {}
|
||||
before_script: *current_bfr_script
|
||||
script:
|
||||
- mix compile
|
||||
- mix xref graph --format cycles --label compile | awk '{print $0} END{exit ($0 != "No cycles found")}'
|
||||
|
||||
analysis:
|
||||
extends:
|
||||
- .build_changes_policy
|
||||
- .using-ci-base
|
||||
stage: lint
|
||||
cache: *testing_cache_policy
|
||||
script:
|
||||
- mix credo --strict --only=warnings,todo,fixme,consistency,readability
|
||||
|
||||
dialyzer:
|
||||
extends:
|
||||
- .build_changes_policy
|
||||
- .using-ci-base
|
||||
stage: lint
|
||||
allow_failure: true
|
||||
when: manual
|
||||
cache: *testing_cache_policy
|
||||
tags:
|
||||
- feld
|
||||
script:
|
||||
- mix dialyzer
|
||||
|
||||
docs-deploy:
|
||||
stage: deploy
|
||||
cache: *testing_cache_policy
|
||||
|
@ -190,7 +225,7 @@ docs-deploy:
|
|||
before_script:
|
||||
- apk add curl
|
||||
script:
|
||||
- curl -X POST -F"token=$DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
|
||||
- curl --fail-with-body -X POST -F"token=$CI_JOB_TOKEN" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" https://git.pleroma.social/api/v4/projects/673/trigger/pipeline
|
||||
review_app:
|
||||
image: alpine:3.9
|
||||
stage: deploy
|
||||
|
@ -231,7 +266,7 @@ spec-deploy:
|
|||
before_script:
|
||||
- apk add curl
|
||||
script:
|
||||
- curl -X POST -F"token=$API_DOCS_PIPELINE_TRIGGER" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" -F"variables[JOB_REF]=$CI_JOB_ID" https://git.pleroma.social/api/v4/projects/1130/trigger/pipeline
|
||||
- curl --fail-with-body -X POST -F"token=$CI_JOB_TOKEN" -F'ref=master' -F"variables[BRANCH]=$CI_COMMIT_REF_NAME" -F"variables[JOB_REF]=$CI_JOB_ID" https://git.pleroma.social/api/v4/projects/1130/trigger/pipeline
|
||||
|
||||
|
||||
stop_review_app:
|
||||
|
@ -254,7 +289,7 @@ stop_review_app:
|
|||
|
||||
amd64:
|
||||
stage: release
|
||||
image: elixir:1.11.4
|
||||
image: elixir:$ELIXIR_VER
|
||||
only: &release-only
|
||||
- stable@pleroma/pleroma
|
||||
- develop@pleroma/pleroma
|
||||
|
@ -278,8 +313,9 @@ amd64:
|
|||
- deps
|
||||
variables: &release-variables
|
||||
MIX_ENV: prod
|
||||
VIX_COMPILATION_MODE: PLATFORM_PROVIDED_LIBVIPS
|
||||
before_script: &before-release
|
||||
- apt-get update && apt-get install -y cmake libmagic-dev
|
||||
- apt-get update && apt-get install -y cmake libmagic-dev libvips-dev erlang-dev
|
||||
- echo "import Config" > config/prod.secret.exs
|
||||
- mix local.hex --force
|
||||
- mix local.rebar --force
|
||||
|
@ -294,13 +330,13 @@ amd64-musl:
|
|||
stage: release
|
||||
artifacts: *release-artifacts
|
||||
only: *release-only
|
||||
image: elixir:1.11.4-alpine
|
||||
image: elixir:$ELIXIR_VER-alpine
|
||||
tags:
|
||||
- amd64
|
||||
cache: *release-cache
|
||||
variables: *release-variables
|
||||
before_script: &before-release-musl
|
||||
- apk add git build-base cmake file-dev openssl
|
||||
- apk add git build-base cmake file-dev openssl vips-dev
|
||||
- echo "import Config" > config/prod.secret.exs
|
||||
- mix local.hex --force
|
||||
- mix local.rebar --force
|
||||
|
@ -312,7 +348,7 @@ arm:
|
|||
only: *release-only
|
||||
tags:
|
||||
- arm32-specified
|
||||
image: arm32v7/elixir:1.11.4
|
||||
image: arm32v7/elixir:$ELIXIR_VER
|
||||
cache: *release-cache
|
||||
variables: *release-variables
|
||||
before_script: *before-release
|
||||
|
@ -324,7 +360,7 @@ arm-musl:
|
|||
only: *release-only
|
||||
tags:
|
||||
- arm32-specified
|
||||
image: arm32v7/elixir:1.11.4-alpine
|
||||
image: arm32v7/elixir:$ELIXIR_VER-alpine
|
||||
cache: *release-cache
|
||||
variables: *release-variables
|
||||
before_script: *before-release-musl
|
||||
|
@ -336,7 +372,7 @@ arm64:
|
|||
only: *release-only
|
||||
tags:
|
||||
- arm
|
||||
image: arm64v8/elixir:1.11.4
|
||||
image: arm64v8/elixir:$ELIXIR_VER
|
||||
cache: *release-cache
|
||||
variables: *release-variables
|
||||
before_script: *before-release
|
||||
|
@ -348,110 +384,173 @@ arm64-musl:
|
|||
only: *release-only
|
||||
tags:
|
||||
- arm
|
||||
image: arm64v8/elixir:1.11.4-alpine
|
||||
image: arm64v8/elixir:$ELIXIR_VER-alpine
|
||||
cache: *release-cache
|
||||
variables: *release-variables
|
||||
before_script: *before-release-musl
|
||||
script: *release
|
||||
|
||||
docker:
|
||||
.kaniko:
|
||||
stage: docker
|
||||
image: docker:latest
|
||||
image:
|
||||
name: gcr.io/kaniko-project/executor:debug
|
||||
entrypoint: [""]
|
||||
cache: {}
|
||||
dependencies: []
|
||||
variables: &docker-variables
|
||||
DOCKER_DRIVER: overlay2
|
||||
DOCKER_HOST: unix:///var/run/docker.sock
|
||||
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
|
||||
IMAGE_TAG_SLUG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
|
||||
IMAGE_TAG_LATEST: $CI_REGISTRY_IMAGE:latest
|
||||
IMAGE_TAG_LATEST_STABLE: $CI_REGISTRY_IMAGE:latest-stable
|
||||
DOCKER_BUILDX_URL: https://github.com/docker/buildx/releases/download/v0.6.3/buildx-v0.6.3.linux-amd64
|
||||
DOCKER_BUILDX_HASH: 980e6b9655f971991fbbb5fd6cd19f1672386195
|
||||
before_script: &before-docker
|
||||
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
||||
- docker pull $IMAGE_TAG_SLUG || true
|
||||
before_script: &before-kaniko
|
||||
- export CI_JOB_TIMESTAMP=$(date --utc -Iseconds)
|
||||
- export CI_VCS_REF=$CI_COMMIT_SHORT_SHA
|
||||
allow_failure: true
|
||||
script:
|
||||
- mkdir -p /root/.docker/cli-plugins
|
||||
- wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
|
||||
- echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
|
||||
- chmod +x ~/.docker/cli-plugins/docker-buildx
|
||||
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
- docker buildx create --name mbuilder --driver docker-container --use
|
||||
- docker buildx inspect --bootstrap
|
||||
- docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST .
|
||||
tags:
|
||||
- dind
|
||||
- export IMAGE_TAG=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:$CI_COMMIT_SHORT_SHA
|
||||
- export IMAGE_TAG_SLUG=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:$CI_COMMIT_REF_SLUG
|
||||
- export IMAGE_TAG_LATEST=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:latest
|
||||
- export IMAGE_TAG_LATEST_STABLE=$CI_REGISTRY_IMAGE/$BUILD_ARCH_IMG_SUFFIX:latest-stable
|
||||
- mkdir -p /kaniko/.docker
|
||||
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
|
||||
|
||||
.kaniko-latest:
|
||||
extends: .kaniko
|
||||
only:
|
||||
- develop@pleroma/pleroma
|
||||
|
||||
docker-stable:
|
||||
stage: docker
|
||||
image: docker:latest
|
||||
cache: {}
|
||||
dependencies: []
|
||||
variables: *docker-variables
|
||||
before_script: *before-docker
|
||||
allow_failure: true
|
||||
script:
|
||||
- mkdir -p /root/.docker/cli-plugins
|
||||
- wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
|
||||
- echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
|
||||
- chmod +x ~/.docker/cli-plugins/docker-buildx
|
||||
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
- docker buildx create --name mbuilder --driver docker-container --use
|
||||
- docker buildx inspect --bootstrap
|
||||
- docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG -t $IMAGE_TAG_LATEST_STABLE .
|
||||
tags:
|
||||
- dind
|
||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG --destination $IMAGE_TAG_LATEST
|
||||
|
||||
.kaniko-stable:
|
||||
extends: .kaniko
|
||||
only:
|
||||
- stable@pleroma/pleroma
|
||||
script:
|
||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG --destination $IMAGE_TAG_LATEST_STABLE
|
||||
|
||||
docker-release:
|
||||
stage: docker
|
||||
image: docker:latest
|
||||
cache: {}
|
||||
dependencies: []
|
||||
variables: *docker-variables
|
||||
before_script: *before-docker
|
||||
allow_failure: true
|
||||
script:
|
||||
script:
|
||||
- mkdir -p /root/.docker/cli-plugins
|
||||
- wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
|
||||
- echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
|
||||
- chmod +x ~/.docker/cli-plugins/docker-buildx
|
||||
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
- docker buildx create --name mbuilder --driver docker-container --use
|
||||
- docker buildx inspect --bootstrap
|
||||
- docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
|
||||
tags:
|
||||
- dind
|
||||
.kaniko-release:
|
||||
extends: .kaniko
|
||||
only:
|
||||
- /^release/.*$/@pleroma/pleroma
|
||||
script:
|
||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG
|
||||
|
||||
docker-adhoc:
|
||||
stage: docker
|
||||
image: docker:latest
|
||||
cache: {}
|
||||
dependencies: []
|
||||
variables: *docker-variables
|
||||
before_script: *before-docker
|
||||
allow_failure: true
|
||||
script:
|
||||
script:
|
||||
- mkdir -p /root/.docker/cli-plugins
|
||||
- wget "${DOCKER_BUILDX_URL}" -O ~/.docker/cli-plugins/docker-buildx
|
||||
- echo "${DOCKER_BUILDX_HASH} /root/.docker/cli-plugins/docker-buildx" | sha1sum -c
|
||||
- chmod +x ~/.docker/cli-plugins/docker-buildx
|
||||
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
- docker buildx create --name mbuilder --driver docker-container --use
|
||||
- docker buildx inspect --bootstrap
|
||||
- docker buildx build --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --push --cache-from $IMAGE_TAG_SLUG --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP -t $IMAGE_TAG -t $IMAGE_TAG_SLUG .
|
||||
tags:
|
||||
- dind
|
||||
.kaniko-adhoc:
|
||||
extends: .kaniko
|
||||
only:
|
||||
- /^build-docker/.*$/@pleroma/pleroma
|
||||
script:
|
||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --custom-platform=$BUILD_ARCH --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP --build-arg ELIXIR_IMG=$ELIXIR_IMG --destination $IMAGE_TAG --destination $IMAGE_TAG_SLUG
|
||||
|
||||
.kaniko:linux/amd64:
|
||||
variables:
|
||||
BUILD_ARCH: linux/amd64
|
||||
BUILD_ARCH_IMG_SUFFIX: linux-amd64
|
||||
ELIXIR_IMG: hexpm/elixir
|
||||
tags:
|
||||
- amd64
|
||||
|
||||
.kaniko:linux/arm64:
|
||||
variables:
|
||||
BUILD_ARCH: linux/arm64/v8
|
||||
BUILD_ARCH_IMG_SUFFIX: linux-arm64-v8
|
||||
ELIXIR_IMG: hexpm/elixir
|
||||
tags:
|
||||
- arm
|
||||
|
||||
.kaniko:linux/arm:
|
||||
variables:
|
||||
BUILD_ARCH: linux/arm/v7
|
||||
BUILD_ARCH_IMG_SUFFIX: linux-arm-v7
|
||||
ELIXIR_IMG: git.pleroma.social:5050/pleroma/ci-image/elixir-linux-arm-v7
|
||||
tags:
|
||||
- arm32-specified
|
||||
|
||||
kaniko-latest:linux/amd64:
|
||||
extends:
|
||||
- .kaniko-latest
|
||||
- .kaniko:linux/amd64
|
||||
|
||||
kaniko-latest:linux/arm64:
|
||||
extends:
|
||||
- .kaniko-latest
|
||||
- .kaniko:linux/arm64
|
||||
|
||||
kaniko-latest:linux/arm:
|
||||
extends:
|
||||
- .kaniko-latest
|
||||
- .kaniko:linux/arm
|
||||
|
||||
kaniko-stable:linux/amd64:
|
||||
extends:
|
||||
- .kaniko-stable
|
||||
- .kaniko:linux/amd64
|
||||
|
||||
kaniko-stable:linux/arm64:
|
||||
extends:
|
||||
- .kaniko-stable
|
||||
- .kaniko:linux/arm64
|
||||
|
||||
kaniko-stable:linux/arm:
|
||||
extends:
|
||||
- .kaniko-stable
|
||||
- .kaniko:linux/arm
|
||||
|
||||
kaniko-release:linux/amd64:
|
||||
extends:
|
||||
- .kaniko-release
|
||||
- .kaniko:linux/amd64
|
||||
|
||||
kaniko-release:linux/arm64:
|
||||
extends:
|
||||
- .kaniko-release
|
||||
- .kaniko:linux/arm64
|
||||
|
||||
kaniko-release:linux/arm:
|
||||
extends:
|
||||
- .kaniko-release
|
||||
- .kaniko:linux/arm
|
||||
|
||||
.docker-combine:
|
||||
stage: docker-combine
|
||||
image: docker:cli
|
||||
cache: {}
|
||||
before_script:
|
||||
- 'BUILD_ARCHES="linux-amd64 linux-arm64-v8 linux-arm-v7"'
|
||||
- export IMAGE_TAG=$CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA
|
||||
- export IMAGE_TAG_SLUG=$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
|
||||
- export IMAGE_TAG_LATEST=$CI_REGISTRY_IMAGE:latest
|
||||
- export IMAGE_TAG_LATEST_STABLE=$CI_REGISTRY_IMAGE:latest-stable
|
||||
- 'IMAGES=; for arch in $BUILD_ARCHES; do IMAGES="$IMAGES $CI_REGISTRY_IMAGE/$arch:$CI_COMMIT_SHORT_SHA"; done'
|
||||
- 'IMAGES_SLUG=; for arch in $BUILD_ARCHES; do IMAGES_SLUG="$IMAGES_SLUG $CI_REGISTRY_IMAGE/$arch:$CI_COMMIT_REF_SLUG"; done'
|
||||
- 'IMAGES_LATEST=; for arch in $BUILD_ARCHES; do IMAGES_LATEST="$IMAGES_LATEST $CI_REGISTRY_IMAGE/$arch:latest"; done'
|
||||
- 'IMAGES_LATEST_STABLE=; for arch in $BUILD_ARCHES; do IMAGES_LATEST_STABLE="$IMAGES_LATEST_STABLE $CI_REGISTRY_IMAGE/$arch:latest"; done'
|
||||
- mkdir -p ~/.docker
|
||||
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > ~/.docker/config.json
|
||||
|
||||
docker-combine:latest:
|
||||
extends: .docker-combine
|
||||
only:
|
||||
- develop@pleroma/pleroma
|
||||
script:
|
||||
- 'docker manifest create $IMAGE_TAG $IMAGES'
|
||||
- 'docker manifest push $IMAGE_TAG'
|
||||
- 'docker manifest create $IMAGE_TAG_SLUG $IMAGES_SLUG'
|
||||
- 'docker manifest push $IMAGE_TAG_SLUG'
|
||||
- 'docker manifest create $IMAGE_TAG_LATEST $IMAGES_LATEST'
|
||||
- 'docker manifest push $IMAGE_TAG_LATEST'
|
||||
|
||||
docker-combine:stable:
|
||||
extends: .docker-combine
|
||||
only:
|
||||
- stable@pleroma/pleroma
|
||||
script:
|
||||
- 'docker manifest create $IMAGE_TAG $IMAGES'
|
||||
- 'docker manifest push $IMAGE_TAG'
|
||||
- 'docker manifest create $IMAGE_TAG_SLUG $IMAGES_SLUG'
|
||||
- 'docker manifest push $IMAGE_TAG_SLUG'
|
||||
- 'docker manifest create $IMAGE_TAG_LATEST_STABLE $IMAGES_LATEST_STABLE'
|
||||
- 'docker manifest push $IMAGE_TAG_LATEST_STABLE'
|
||||
|
||||
docker-combine:release:
|
||||
extends: .docker-combine
|
||||
only:
|
||||
- /^release/.*$/@pleroma/pleroma
|
||||
script:
|
||||
- 'docker manifest create $IMAGE_TAG $IMAGES'
|
||||
- 'docker manifest push $IMAGE_TAG'
|
||||
- 'docker manifest create $IMAGE_TAG_SLUG $IMAGES_SLUG'
|
||||
- 'docker manifest push $IMAGE_TAG_SLUG'
|
||||
|
|
10
.gitlab/merge_request_templates/Default.md
Normal file
10
.gitlab/merge_request_templates/Default.md
Normal file
|
@ -0,0 +1,10 @@
|
|||
### Checklist
|
||||
- [ ] Adding a changelog: In the `changelog.d` directory, create a file named `<code>.<type>`.
|
||||
|
||||
`<code>` can be anything, but we recommend using a more or less unique identifier to avoid collisions, such as the branch name.
|
||||
|
||||
`<type>` can be `add`, `change`, `remove`, `fix`, `security` or `skip`. `skip` is only used if there is no user-visible change in the MR (for example, only editing comments in the code). Otherwise, choose a type that corresponds to your change.
|
||||
|
||||
In the file, write the changelog entry. For example, if an MR adds group functionality, we can create a file named `group.add` and write `Add group functionality` in it.
|
||||
|
||||
If one changelog entry is not enough, you may add more. But that might mean you can split it into two MRs. Only use more than one changelog entry if you really need to (for example, when one change in the code fix two different bugs, or when refactoring).
|
|
@ -1,6 +1,6 @@
|
|||
### Release checklist
|
||||
* [ ] Bump version in `mix.exs`
|
||||
* [ ] Compile a changelog
|
||||
* [ ] Compile a changelog with the `tools/collect-changelog` script
|
||||
* [ ] Create an MR with an announcement to pleroma.social
|
||||
#### post-merge
|
||||
* [ ] Tag the release on the merge commit
|
||||
|
|
1
.rgignore
Normal file
1
.rgignore
Normal file
|
@ -0,0 +1 @@
|
|||
priv/static
|
123
CHANGELOG.md
123
CHANGELOG.md
|
@ -4,15 +4,130 @@ All notable changes to this project will be documented in this file.
|
|||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
|
||||
## Unreleased
|
||||
## 2.6.2
|
||||
|
||||
### Security
|
||||
- MRF StealEmojiPolicy: Sanitize shortcodes (thanks to Hazel K for the report
|
||||
|
||||
## 2.6.1
|
||||
### Changed
|
||||
- - Document maximum supported version of Erlang & Elixir
|
||||
|
||||
### Added
|
||||
- [docs] add frontends management documentation
|
||||
|
||||
### Fixed
|
||||
- TwitterAPI: Return proper error when healthcheck is disabled
|
||||
- Fix eblurhash and elixir-captcha not using system cflags
|
||||
|
||||
## 2.6.0
|
||||
### Security
|
||||
- Preload: Make generated JSON html-safe. It already was html safe because it only consists of config data that is base64 encoded, but this will keep it safe it that ever changes.
|
||||
- CommonAPI: Prevent users from accessing media of other users by creating a status with reused attachment ID
|
||||
- Disable XML entity resolution completely to fix a dos vulnerability
|
||||
|
||||
### Added
|
||||
- Support for Image activities, namely from Hubzilla
|
||||
- Add OAuth scope descriptions
|
||||
- Allow lang attribute in status text
|
||||
- OnlyMedia Upload Filter
|
||||
- Implement MRF policy to reject or delist according to emojis
|
||||
- (hardening) Add no_new_privs=yes to OpenRC service files
|
||||
- Implement quotes
|
||||
- Add unified streaming endpoint
|
||||
|
||||
### Fixed
|
||||
- rel="me" was missing its cache
|
||||
- MediaProxy responses now return a sandbox CSP header
|
||||
- Filter context activities using Visibility.visible_for_user?
|
||||
- UploadedMedia: Add missing disposition_type to Content-Disposition
|
||||
- fix not being able to fetch flash file from remote instance
|
||||
- Fix abnormal behaviour when refetching a poll
|
||||
- Allow non-HTTP(s) URIs in "url" fields for compatibility with "FEP-fffd: Proxy Objects"
|
||||
- Fix opengraph and twitter card meta tags
|
||||
- ForceMentionsInContent: fix double mentions for Mastodon/Misskey posts
|
||||
- OEmbed HTML tags are now filtered
|
||||
- Restrict attachments to only uploaded files only
|
||||
- Fix error 404 when deleting status of a banned user
|
||||
- Fix config ownership in dockerfile to pass restriction test
|
||||
- Fix user fetch completely broken if featured collection is not in a supported form
|
||||
- Correctly handle the situation when a poll has both "anyOf" and "oneOf" but one of them being empty
|
||||
- Fix handling report from a deactivated user
|
||||
- Prevent using the .json format to bypass authorized fetch mode
|
||||
- Fix mentioning punycode domains when using Markdown
|
||||
- Show more informative errors when profile exceeds char limits
|
||||
|
||||
### Removed
|
||||
- BREAKING: Support for passwords generated with `crypt(3)` (Gnu Social migration artifact)
|
||||
- remove BBS/SSH feature, replaced by an external bridge.
|
||||
- Remove a few unused indexes.
|
||||
- Cleanup OStatus-era user upgrades and ap_enabled indicator
|
||||
- Deprecate Pleroma's audio scrobbling
|
||||
|
||||
## 2.5.4
|
||||
|
||||
## Security
|
||||
- Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitrary files from the server's filesystem
|
||||
|
||||
## 2.5.3
|
||||
|
||||
### Security
|
||||
- Emoji pack loader sanitizes pack names
|
||||
- Reduced permissions of config files and directories, distros requiring greater permissions like group-read need to pre-create the directories
|
||||
|
||||
## 2.5.5
|
||||
|
||||
## Security
|
||||
- Prevent users from accessing media of other users by creating a status with reused attachment ID
|
||||
|
||||
## 2.5.4
|
||||
|
||||
## Security
|
||||
- Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitrary files from the server's filesystem
|
||||
|
||||
## 2.5.3
|
||||
|
||||
### Security
|
||||
- Emoji pack loader sanitizes pack names
|
||||
- Reduced permissions of config files and directories, distros requiring greater permissions like group-read need to pre-create the directories
|
||||
|
||||
## 2.5.2
|
||||
|
||||
### Security
|
||||
- `/proxy` endpoint now sets a Content-Security-Policy (sandbox)
|
||||
- WebSocket endpoint now respects unauthenticated restrictions for streams of public posts
|
||||
- OEmbed HTML tags are now filtered
|
||||
|
||||
### Changed
|
||||
- docs: Be more explicit about the level of compatibility of OTP releases
|
||||
- Set default background worker timeout to 15 minutes
|
||||
|
||||
### Fixed
|
||||
- Atom/RSS formatting (HTML truncation, published, missing summary)
|
||||
- Remove `static_fe` pipeline for `/users/:nickname/feed`
|
||||
- Stop oban from retrying if validating errors occur when processing incoming data
|
||||
- Make sure object refetching as used by already received polls follows MRF rules
|
||||
|
||||
### Removed
|
||||
- BREAKING: Support for passwords generated with `crypt(3)` (Gnu Social migration artifact)
|
||||
|
||||
## 2.5.1
|
||||
|
||||
### Added
|
||||
- Allow customizing instance languages
|
||||
|
||||
### Fixed
|
||||
- Security: uploading HTTP endpoint can no longer create directories in the upload dir (internal APIs, like backup, still can do it.)
|
||||
- ~ character in urls in Markdown posts are handled properly
|
||||
- Exiftool upload filter will now ignore SVG files
|
||||
- Fix `block_from_stranger` setting
|
||||
- Fix rel="me"
|
||||
- Docker images will now run properly
|
||||
- Fix improper content being cached in report content
|
||||
- Notification filter on object content will not operate on the ones that inherently have no content
|
||||
- ZWNJ and double dots in links are parsed properly for Plain-text posts
|
||||
- OTP releases will work on systems with a newer libcrypt
|
||||
- Errors when running Exiftool.ReadDescription filter will not be filled into the image description
|
||||
|
||||
## 2.5.0 - 2022-12-23
|
||||
|
||||
|
@ -674,7 +789,7 @@ switched to a new configuration mechanism, however it was not officially removed
|
|||
- Rate limiter crashes when there is no explicitly specified ip in the config
|
||||
- 500 errors when no `Accept` header is present if Static-FE is enabled
|
||||
- Instance panel not being updated immediately due to wrong `Cache-Control` headers
|
||||
- Statuses posted with BBCode/Markdown having unncessary newlines in Pleroma-FE
|
||||
- Statuses posted with BBCode/Markdown having unnecessary newlines in Pleroma-FE
|
||||
- OTP: Fix some settings not being migrated to in-database config properly
|
||||
- No `Cache-Control` headers on attachment/media proxy requests
|
||||
- Character limit enforcement being off by 1
|
||||
|
@ -994,10 +1109,10 @@ curl -Lo ./bin/pleroma_ctl 'https://git.pleroma.social/pleroma/pleroma/raw/devel
|
|||
- Reverse Proxy limiting `max_body_length` was incorrectly defined and only checked `Content-Length` headers which may not be sufficient in some circumstances
|
||||
|
||||
### Added
|
||||
- Expiring/ephemeral activites. All activities can have expires_at value set, which controls when they should be deleted automatically.
|
||||
- Expiring/ephemeral activities. All activities can have expires_at value set, which controls when they should be deleted automatically.
|
||||
- Mastodon API: in post_status, the expires_in parameter lets you set the number of seconds until an activity expires. It must be at least one hour.
|
||||
- Mastodon API: all status JSON responses contain a `pleroma.expires_at` item which states when an activity will expire. The value is only shown to the user who created the activity. To everyone else it's empty.
|
||||
- Configuration: `ActivityExpiration.enabled` controls whether expired activites will get deleted at the appropriate time. Enabled by default.
|
||||
- Configuration: `ActivityExpiration.enabled` controls whether expired activities will get deleted at the appropriate time. Enabled by default.
|
||||
- Conversations: Add Pleroma-specific conversation endpoints and status posting extensions. Run the `bump_all_conversations` task again to create the necessary data.
|
||||
- MRF: Support for priming the mediaproxy cache (`Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`)
|
||||
- MRF: Support for excluding specific domains from Transparency.
|
||||
|
|
16
Dockerfile
16
Dockerfile
|
@ -1,10 +1,16 @@
|
|||
FROM elixir:1.11.4-alpine as build
|
||||
ARG ELIXIR_IMG=hexpm/elixir
|
||||
ARG ELIXIR_VER=1.13.4
|
||||
ARG ERLANG_VER=24.3.4.15
|
||||
ARG ALPINE_VER=3.17.5
|
||||
|
||||
FROM ${ELIXIR_IMG}:${ELIXIR_VER}-erlang-${ERLANG_VER}-alpine-${ALPINE_VER} as build
|
||||
|
||||
COPY . .
|
||||
|
||||
ENV MIX_ENV=prod
|
||||
ENV VIX_COMPILATION_MODE=PLATFORM_PROVIDED_LIBVIPS
|
||||
|
||||
RUN apk add git gcc g++ musl-dev make cmake file-dev &&\
|
||||
RUN apk add git gcc g++ musl-dev make cmake file-dev vips-dev &&\
|
||||
echo "import Config" > config/prod.secret.exs &&\
|
||||
mix local.hex --force &&\
|
||||
mix local.rebar --force &&\
|
||||
|
@ -12,7 +18,7 @@ RUN apk add git gcc g++ musl-dev make cmake file-dev &&\
|
|||
mkdir release &&\
|
||||
mix release --path release
|
||||
|
||||
FROM alpine
|
||||
FROM alpine:${ALPINE_VER}
|
||||
|
||||
ARG BUILD_DATE
|
||||
ARG VCS_REF
|
||||
|
@ -32,7 +38,7 @@ ARG HOME=/opt/pleroma
|
|||
ARG DATA=/var/lib/pleroma
|
||||
|
||||
RUN apk update &&\
|
||||
apk add exiftool ffmpeg imagemagick libmagic ncurses postgresql-client &&\
|
||||
apk add exiftool ffmpeg vips libmagic ncurses postgresql-client &&\
|
||||
adduser --system --shell /bin/false --home ${HOME} pleroma &&\
|
||||
mkdir -p ${DATA}/uploads &&\
|
||||
mkdir -p ${DATA}/static &&\
|
||||
|
@ -44,7 +50,7 @@ USER pleroma
|
|||
|
||||
COPY --from=build --chown=pleroma:0 /release ${HOME}
|
||||
|
||||
COPY ./config/docker.exs /etc/pleroma/config.exs
|
||||
COPY --chown=pleroma --chmod=640 ./config/docker.exs /etc/pleroma/config.exs
|
||||
COPY ./docker-entrypoint.sh ${HOME}
|
||||
|
||||
EXPOSE 4000
|
||||
|
|
|
@ -30,7 +30,8 @@ If your platform is not supported, or you just want to be able to edit the sourc
|
|||
- [OpenBSD (fi)](https://docs-develop.pleroma.social/backend/installation/openbsd_fi/)
|
||||
|
||||
### OS/Distro packages
|
||||
Currently Pleroma is packaged for [YunoHost](https://yunohost.org) and [NixOS](https://nixos.org). If you want to package Pleroma for any OS/Distros, we can guide you through the process on our [community channels](#community-channels). If you want to change default options in your Pleroma package, please **discuss it with us first**.
|
||||
Currently Pleroma is packaged for [YunoHost](https://yunohost.org), [NixOS](https://nixos.org), [Gentoo through GURU](https://gentoo.org/) and [Archlinux through AUR](https://aur.archlinux.org/packages/pleroma). You may find more at <https://repology.org/project/pleroma/versions>.
|
||||
If you want to package Pleroma for any OS/Distros, we can guide you through the process on our [community channels](#community-channels). If you want to change default options in your Pleroma package, please **discuss it with us first**.
|
||||
|
||||
### Docker
|
||||
While we don’t provide docker files, other people have written very good ones. Take a look at <https://github.com/angristan/docker-pleroma> or <https://glitch.sh/sn0w/pleroma-docker>.
|
||||
|
|
|
@ -3,8 +3,20 @@
|
|||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.Benchmark do
|
||||
import Mix.Pleroma
|
||||
@shortdoc "Benchmarks"
|
||||
@moduledoc """
|
||||
Benchmark tasks available:
|
||||
|
||||
adapters
|
||||
render_timeline
|
||||
search
|
||||
tag
|
||||
|
||||
MIX_ENV=benchmark mix pleroma.benchmark adapters
|
||||
"""
|
||||
|
||||
use Mix.Task
|
||||
import Mix.Pleroma
|
||||
|
||||
def run(["search"]) do
|
||||
start_pleroma()
|
||||
|
@ -63,7 +75,7 @@ def run(["render_timeline", nickname | _] = args) do
|
|||
|
||||
Benchee.run(
|
||||
%{
|
||||
"Standart rendering" => fn activities ->
|
||||
"Standard rendering" => fn activities ->
|
||||
Pleroma.Web.MastodonAPI.StatusView.render("index.json", %{
|
||||
activities: activities,
|
||||
for: user,
|
0
changelog.d/2.6.0-mergeback.skip
Normal file
0
changelog.d/2.6.0-mergeback.skip
Normal file
0
changelog.d/2.6.1-mergeback.skip
Normal file
0
changelog.d/2.6.1-mergeback.skip
Normal file
1
changelog.d/3900.change
Normal file
1
changelog.d/3900.change
Normal file
|
@ -0,0 +1 @@
|
|||
Update to Phoenix 1.7
|
1
changelog.d/3904.security
Normal file
1
changelog.d/3904.security
Normal file
|
@ -0,0 +1 @@
|
|||
HTTP Security: By default, don't allow unsafe-eval. The setting needs to be changed to allow Flash emulation.
|
0
changelog.d/3907.skip
Normal file
0
changelog.d/3907.skip
Normal file
1
changelog.d/3987.fix
Normal file
1
changelog.d/3987.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Remove checking ImageMagick's commands for Pleroma.Upload.Filter.AnalyzeMetadata
|
1
changelog.d/account-rendering-auth-check.fix
Normal file
1
changelog.d/account-rendering-auth-check.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix authentication check on account rendering when bio is defined
|
1
changelog.d/add-ipfs-upload.add
Normal file
1
changelog.d/add-ipfs-upload.add
Normal file
|
@ -0,0 +1 @@
|
|||
Uploader: Add support for uploading attachments using IPFS
|
1
changelog.d/add-nsfw-mrf.add
Normal file
1
changelog.d/add-nsfw-mrf.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add NSFW-detecting MRF
|
1
changelog.d/add-outbox.fix
Normal file
1
changelog.d/add-outbox.fix
Normal file
|
@ -0,0 +1 @@
|
|||
ap userview: add outbox field.
|
1
changelog.d/add-rbl-mrf.add
Normal file
1
changelog.d/add-rbl-mrf.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add DNSRBL MRF
|
1
changelog.d/anonymous-exception-else.fix
Normal file
1
changelog.d/anonymous-exception-else.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix #strip_report_status_data
|
1
changelog.d/anti-mentionspam-mrf.add
Normal file
1
changelog.d/anti-mentionspam-mrf.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add Anti-mention Spam MRF backported from Rebased
|
0
changelog.d/api-docs-2.skip
Normal file
0
changelog.d/api-docs-2.skip
Normal file
0
changelog.d/api-docs.skip
Normal file
0
changelog.d/api-docs.skip
Normal file
0
changelog.d/atom-leak.skip
Normal file
0
changelog.d/atom-leak.skip
Normal file
1
changelog.d/auth-fetch-exception.add
Normal file
1
changelog.d/auth-fetch-exception.add
Normal file
|
@ -0,0 +1 @@
|
|||
HTTPSignaturePlug: Add :authorized_fetch_mode_exceptions configuration
|
1
changelog.d/authorize-interaction.add
Normal file
1
changelog.d/authorize-interaction.add
Normal file
|
@ -0,0 +1 @@
|
|||
Support /authorize-interaction route used by Mastodon
|
1
changelog.d/backups-follows.add
Normal file
1
changelog.d/backups-follows.add
Normal file
|
@ -0,0 +1 @@
|
|||
Include following/followers in backups
|
1
changelog.d/bad_inbox_request.change
Normal file
1
changelog.d/bad_inbox_request.change
Normal file
|
@ -0,0 +1 @@
|
|||
Invalid activities delivered to the inbox will be rejected with a 400 Bad Request
|
1
changelog.d/bandit.change
Normal file
1
changelog.d/bandit.change
Normal file
|
@ -0,0 +1 @@
|
|||
Support Bandit as an alternative to Cowboy for the HTTP server.
|
0
changelog.d/bare_uri_test.skip
Normal file
0
changelog.d/bare_uri_test.skip
Normal file
0
changelog.d/benchee.skip
Normal file
0
changelog.d/benchee.skip
Normal file
1
changelog.d/blurhash.change
Normal file
1
changelog.d/blurhash.change
Normal file
|
@ -0,0 +1 @@
|
|||
Replace eblurhash with rinpatch_blurhash. This also removes a dependency on ImageMagick.
|
1
changelog.d/bookmark-folders.add
Normal file
1
changelog.d/bookmark-folders.add
Normal file
|
@ -0,0 +1 @@
|
|||
Allow to group bookmarks in folders
|
0
changelog.d/bookmark-folders.skip
Normal file
0
changelog.d/bookmark-folders.skip
Normal file
1
changelog.d/bugfix-ccworks.fix
Normal file
1
changelog.d/bugfix-ccworks.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix federation with Convergence AP Bridge
|
0
changelog.d/build-release-with-local-libvips.skip
Normal file
0
changelog.d/build-release-with-local-libvips.skip
Normal file
1
changelog.d/bump-elixir.change
Normal file
1
changelog.d/bump-elixir.change
Normal file
|
@ -0,0 +1 @@
|
|||
Elixir 1.13 is the minimum required version.
|
1
changelog.d/card-endpoint.remove
Normal file
1
changelog.d/card-endpoint.remove
Normal file
|
@ -0,0 +1 @@
|
|||
Mastodon API: Remove deprecated GET /api/v1/statuses/:id/card endpoint https://github.com/mastodon/mastodon/pull/11213
|
1
changelog.d/card-image-description.add
Normal file
1
changelog.d/card-image-description.add
Normal file
|
@ -0,0 +1 @@
|
|||
Include image description in status media cards
|
1
changelog.d/chat-attachment-empty-array.fix
Normal file
1
changelog.d/chat-attachment-empty-array.fix
Normal file
|
@ -0,0 +1 @@
|
|||
ChatMessage: Tolerate attachment field set to an empty array
|
1
changelog.d/config-stat-symlink.fix
Normal file
1
changelog.d/config-stat-symlink.fix
Normal file
|
@ -0,0 +1 @@
|
|||
- Config: Check the permissions of the linked file instead of the symlink
|
1
changelog.d/content-length.fix
Normal file
1
changelog.d/content-length.fix
Normal file
|
@ -0,0 +1 @@
|
|||
MediaProxy was setting the content-length header which is not permitted by RFC9112§6.2 when we are chunking the reply as it conflicts with the existence of the transfer-encoding header.
|
1
changelog.d/deprecations.skip
Normal file
1
changelog.d/deprecations.skip
Normal file
|
@ -0,0 +1 @@
|
|||
|
0
changelog.d/deprecations2.skip
Normal file
0
changelog.d/deprecations2.skip
Normal file
0
changelog.d/deps-bump-2024-01-25.skip
Normal file
0
changelog.d/deps-bump-2024-01-25.skip
Normal file
0
changelog.d/description-meilisearch-type.skip
Normal file
0
changelog.d/description-meilisearch-type.skip
Normal file
0
changelog.d/dialyzer.skip
Normal file
0
changelog.d/dialyzer.skip
Normal file
0
changelog.d/dialyzer2.skip
Normal file
0
changelog.d/dialyzer2.skip
Normal file
0
changelog.d/dialyzer3.skip
Normal file
0
changelog.d/dialyzer3.skip
Normal file
0
changelog.d/dialyzer4.skip
Normal file
0
changelog.d/dialyzer4.skip
Normal file
1
changelog.d/digest_emails.fix
Normal file
1
changelog.d/digest_emails.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix the processing of email digest jobs.
|
0
changelog.d/doc-fix.skip
Normal file
0
changelog.d/doc-fix.skip
Normal file
1
changelog.d/docs-max-elixir-erlang.change
Normal file
1
changelog.d/docs-max-elixir-erlang.change
Normal file
|
@ -0,0 +1 @@
|
|||
- Document maximum supported version of Erlang & Elixir
|
1
changelog.d/emoji-download-paginate.fix
Normal file
1
changelog.d/emoji-download-paginate.fix
Normal file
|
@ -0,0 +1 @@
|
|||
When downloading remote emojis packs, account for pagination
|
1
changelog.d/emoji-use-v1.fix
Normal file
1
changelog.d/emoji-use-v1.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Make remote emoji packs API use specifically the V1 URL. Akkoma does not understand it without V1, and it works either way with normal pleroma, so no reason to not do this
|
0
changelog.d/exile-bsds.skip
Normal file
0
changelog.d/exile-bsds.skip
Normal file
0
changelog.d/exile-freebsd.skip
Normal file
0
changelog.d/exile-freebsd.skip
Normal file
0
changelog.d/exile-macos.skip
Normal file
0
changelog.d/exile-macos.skip
Normal file
0
changelog.d/exile.skip
Normal file
0
changelog.d/exile.skip
Normal file
1
changelog.d/familiar-followers.add
Normal file
1
changelog.d/familiar-followers.add
Normal file
|
@ -0,0 +1 @@
|
|||
Implement `/api/v1/accounts/familiar_followers`
|
1
changelog.d/favicon.add
Normal file
1
changelog.d/favicon.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add support for configuring favicon, embed favicon and PWA manifest in server-generated meta
|
1
changelog.d/federation_status-access.change
Normal file
1
changelog.d/federation_status-access.change
Normal file
|
@ -0,0 +1 @@
|
|||
- Make `/api/v1/pleroma/federation_status` publicly available
|
1
changelog.d/federator-modules.remove
Normal file
1
changelog.d/federator-modules.remove
Normal file
|
@ -0,0 +1 @@
|
|||
Removed support for multiple federator modules as we only support ActivityPub
|
0
changelog.d/federator.skip
Normal file
0
changelog.d/federator.skip
Normal file
1
changelog.d/fep-2c59.add
Normal file
1
changelog.d/fep-2c59.add
Normal file
|
@ -0,0 +1 @@
|
|||
Implement FEP-2c59, add "webfinger" to user actor
|
1
changelog.d/ffmpeg-limiter.add
Normal file
1
changelog.d/ffmpeg-limiter.add
Normal file
|
@ -0,0 +1 @@
|
|||
Framegrabs with ffmpeg will execute with a 5 second timeout and cache the URLs of failures with a TTL of 15 minutes to prevent excessive retries.
|
1
changelog.d/finch_redirects.fix
Normal file
1
changelog.d/finch_redirects.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Following HTTP Redirects when the HTTP Adapter is Finch
|
0
changelog.d/fix-bookmark-folder-tests.skip
Normal file
0
changelog.d/fix-bookmark-folder-tests.skip
Normal file
0
changelog.d/fix-dockerfile.skip
Normal file
0
changelog.d/fix-dockerfile.skip
Normal file
0
changelog.d/fix-duplicate-inbox-deliveries.fix
Normal file
0
changelog.d/fix-duplicate-inbox-deliveries.fix
Normal file
0
changelog.d/fix-otp-comparison.skip
Normal file
0
changelog.d/fix-otp-comparison.skip
Normal file
0
changelog.d/fix-tests.skip
Normal file
0
changelog.d/fix-tests.skip
Normal file
1
changelog.d/fix-webfinger-spoofing.security
Normal file
1
changelog.d/fix-webfinger-spoofing.security
Normal file
|
@ -0,0 +1 @@
|
|||
Fix webfinger spoofing.
|
1
changelog.d/force-mention-mrf.add
Normal file
1
changelog.d/force-mention-mrf.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add ForceMention MRF
|
1
changelog.d/framegrabs.fix
Normal file
1
changelog.d/framegrabs.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Video framegrabs were not working correctly after the change to use Exile to execute ffmpeg
|
1
changelog.d/frontend-management.add
Normal file
1
changelog.d/frontend-management.add
Normal file
|
@ -0,0 +1 @@
|
|||
[docs] add frontends management documentation
|
0
changelog.d/generate-unset-user-keys-migration.skip
Normal file
0
changelog.d/generate-unset-user-keys-migration.skip
Normal file
1
changelog.d/group-actor.add
Normal file
1
changelog.d/group-actor.add
Normal file
|
@ -0,0 +1 @@
|
|||
Implement group actors
|
0
changelog.d/gun-logs.skip
Normal file
0
changelog.d/gun-logs.skip
Normal file
1
changelog.d/gun_pool.fix
Normal file
1
changelog.d/gun_pool.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Fix logic error in Gun connection pooling which prevented retries even when the worker was launched with retry = true
|
1
changelog.d/gun_pool2.fix
Normal file
1
changelog.d/gun_pool2.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Connection pool errors when publishing an activity is a soft-error that will be retried shortly.
|
0
changelog.d/gun_pool3.skip
Normal file
0
changelog.d/gun_pool3.skip
Normal file
1
changelog.d/handle_object_fetch_failures.change
Normal file
1
changelog.d/handle_object_fetch_failures.change
Normal file
|
@ -0,0 +1 @@
|
|||
Remote object fetch failures will prevent the object fetch job from retrying if the object request returns 401, 403, 404, 410, or exceeds the maximum thread depth.
|
1
changelog.d/healthcheck-disabled-error.fix
Normal file
1
changelog.d/healthcheck-disabled-error.fix
Normal file
|
@ -0,0 +1 @@
|
|||
TwitterAPI: Return proper error when healthcheck is disabled
|
1
changelog.d/instance-contact-account.add
Normal file
1
changelog.d/instance-contact-account.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add contact account to InstanceView
|
0
changelog.d/instance-defdelegates.skip
Normal file
0
changelog.d/instance-defdelegates.skip
Normal file
1
changelog.d/instance-rules.add
Normal file
1
changelog.d/instance-rules.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add instance rules
|
1
changelog.d/instance-v2.add
Normal file
1
changelog.d/instance-v2.add
Normal file
|
@ -0,0 +1 @@
|
|||
Implement /api/v2/instance route
|
0
changelog.d/instance-v2.skip
Normal file
0
changelog.d/instance-v2.skip
Normal file
1
changelog.d/issue-3241.fix
Normal file
1
changelog.d/issue-3241.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Handle cases when users.inbox is nil.
|
1
changelog.d/last_status_at.change
Normal file
1
changelog.d/last_status_at.change
Normal file
|
@ -0,0 +1 @@
|
|||
- Change AccountView `last_status_at` from a datetime to a date (as done in Mastodon 3.1.0)
|
1
changelog.d/link-verification.add
Normal file
1
changelog.d/link-verification.add
Normal file
|
@ -0,0 +1 @@
|
|||
Verify profile link ownership with rel="me"
|
0
changelog.d/loading-order-test-fix.skip
Normal file
0
changelog.d/loading-order-test-fix.skip
Normal file
1
changelog.d/local-webfinger.fix
Normal file
1
changelog.d/local-webfinger.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Use correct domain for fqn and InstanceView
|
1
changelog.d/logger-metadata.add
Normal file
1
changelog.d/logger-metadata.add
Normal file
|
@ -0,0 +1 @@
|
|||
Logger metadata is now attached to some logs to help with troubleshooting and analysis
|
1
changelog.d/mark-read.fix
Normal file
1
changelog.d/mark-read.fix
Normal file
|
@ -0,0 +1 @@
|
|||
The query for marking notifications as read has been simplified
|
1
changelog.d/mastodon_api_v2.add
Normal file
1
changelog.d/mastodon_api_v2.add
Normal file
|
@ -0,0 +1 @@
|
|||
Add new parameters to /api/v2/instance: configuration[accounts][max_pinned_statuses] and configuration[statuses][characters_reserved_per_url]
|
1
changelog.d/mastodon_directory.fix
Normal file
1
changelog.d/mastodon_directory.fix
Normal file
|
@ -0,0 +1 @@
|
|||
Mastodon API /api/v1/directory: Fix listing directory contents when not authenticated
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue