Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								216ab3aea7 
								
							 
						 
						
							
							
								
								merge: remove http/https protocol in uri on masto api ( !980 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/980 
Closes  #1046 
Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net> 
							
						 
						
							2025-05-06 08:33:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								893f964def 
								
							 
						 
						
							
							
								
								merge: check signatures with and without query -  fix   #1036  ( !966 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/966 
Closes  #1036 
Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-05-05 23:23:30 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								cb3f5f598d 
								
							 
						 
						
							
							
								
								Update instance.ts  
							
							
							
						 
						
							2025-05-05 17:33:27 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								e2be44fb99 
								
							 
						 
						
							
							
								
								change regex to include a zero-length match  
							
							
							
						 
						
							2025-05-05 13:03:39 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								581cc2b513 
								
							 
						 
						
							
							
								
								remove http/https protocol  
							
							
							
						 
						
							2025-05-05 13:00:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								ec404fd3ce 
								
							 
						 
						
							
							
								
								remove leftover debug line  
							
							
							
						 
						
							2025-04-30 20:30:52 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Julia Johannesen 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								ac905118cc 
								
							 
						 
						
							
							
								
								Merge branch 'stable' into merge-stable-into-develop  
							
							
							
						 
						
							2025-04-27 16:19:44 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Julia Johannesen 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								35df3944c1 
								
							 
						 
						
							
							
								
								Update summaly  
							
							
							
						 
						
							2025-04-27 13:31:27 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Julia Johannesen 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								0bb4e57b0c 
								
							 
						 
						
							
							
								
								Security fixes  
							
							... 
							
							
							
							Co-Authored-By: dakkar <dakkar@thenautilus.net> 
							
						 
						
							2025-04-27 13:05:09 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								fda71c4147 
								
							 
						 
						
							
							
								
								make toPuny work better in testing  
							
							
							
						 
						
							2025-04-21 16:44:13 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								58c0ac6c89 
								
							 
						 
						
							
							
								
								check signatures with and without query -  fix   #1036  
							
							... 
							
							
							
							@Oneric explained:
> Spec says query params must be included in the signature; Mastodon
> being Mastodon used to always exclude it though and for
> compatibility everyone followed this. At some point GtS decided to
> follow spec instead which caused interop issues, but succeeded in
> getting Mastodon (and others like *oma) to accept incoming requests
> with (and also still without) query params though outgoing requests
> remaing query-param-free. Some still only accept query-param-less
> requests though and GtS uses a retry mechanism to resend any request
> failing with 401 with an query-parama-less signature once. (Also
> see:
> https://docs.gotosocial.org/en/latest/federation/http_signatures/  )
>
> So for incoming requests both versions need to be checked. For
> outgoing requests, unless you want to jump through retry hoops like
> GtS, omitting query-params is the safer bet for now (presumably this
> will only change if Mastodon ever decides to send out requests
> signed with query params) 
							
						 
						
							2025-04-21 16:44:13 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									piuvas 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6df82f4eef 
								
							 
						 
						
							
							
								
								remove redundant sql query.  
							
							
							
						 
						
							2025-04-20 23:21:50 -03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									piuvas 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								06fb6fbeca 
								
							 
						 
						
							
							
								
								requested changes.  
							
							
							
						 
						
							2025-04-20 23:20:59 -03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									piuvas 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								8609426e71 
								
							 
						 
						
							
							
								
								remove fortnite.  
							
							
							
						 
						
							2025-04-20 14:21:44 -03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									piuvas 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								46fa99fc28 
								
							 
						 
						
							
							
								
								requested changes to verifyFieldLinks  
							
							... 
							
							
							
							Co-authored-by: dakkar <dakkar@thenautilus.net> 
							
						 
						
							2025-04-20 12:34:00 -03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									piuvas 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								1d9876d3fa 
								
							 
						 
						
							
							
								
								make link detection slightly more performant.  
							
							
							
						 
						
							2025-04-19 23:20:21 -03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									piuvas 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								8a60c7df02 
								
							 
						 
						
							
							
								
								verify links in remote profiles.  
							
							
							
						 
						
							2025-04-19 23:10:27 -03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									piuvas 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6a77512737 
								
							 
						 
						
							
							
								
								refactor link verification.  
							
							
							
						 
						
							2025-04-19 23:04:48 -03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								28ad2ae534 
								
							 
						 
						
							
							
								
								fix: friendlycaptcha always failing  
							
							
							
						 
						
							2025-04-15 20:13:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								4f64803ef2 
								
							 
						 
						
							
							
								
								merge: make MOTD html unescaped. (requires discussion?) ( !759 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/759 
Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-04-15 07:45:51 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Zlendy 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								ce26d8d3cb 
								
							 
						 
						
							
							
								
								feat: Allow injection of raw HTML strings inside <head>  
							
							
							
						 
						
							2025-04-11 22:56:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Marie 
								
							 
						 
						
							
							
							
							
								
							
							
								865a9c4906 
								
							 
						 
						
							
							
								
								merge: Prevent streaming API denial-of-service ( resolves   #1019 ) ( !951 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/951 
Closes  #1019 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-03-30 10:40:56 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								3a6bba3306 
								
							 
						 
						
							
							
								
								merge: Remove visibility of DMs for non-recipient users ( !912 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/912 
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> 
							
						 
						
							2025-03-30 09:20:54 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								922a7ba1d4 
								
							 
						 
						
							
							
								
								track the number of concurrent requests to redis, and bypass if the request is guaranteed to reject  
							
							
							
						 
						
							2025-03-29 09:47:05 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								47ea8527fd 
								
							 
						 
						
							
							
								
								fix wsmessage rate limit definition  
							
							
							
						 
						
							2025-03-29 09:44:38 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								fafb811333 
								
							 
						 
						
							
							
								
								increase limits on WS note subscriptions and cached notes  
							
							
							
						 
						
							2025-03-28 11:44:29 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								86e34175d3 
								
							 
						 
						
							
							
								
								SkRateLimiterService revision 3: cache lockouts in memory to avoid redis calls  
							
							
							
						 
						
							2025-03-28 11:43:30 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								c41d617e63 
								
							 
						 
						
							
							
								
								limit the number of active connections per client, and limit upgrade requests by user  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								eff7321860 
								
							 
						 
						
							
							
								
								avoid duplicate channels in WS connection  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								14a7309cfb 
								
							 
						 
						
							
							
								
								avoid leaking cached notes in WS connection  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								045ff5d2c0 
								
							 
						 
						
							
							
								
								make sure that note subscriptions can't stay above limit  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								b8fd9d0bc0 
								
							 
						 
						
							
							
								
								clear subscriptions when connection closes  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								831329499d 
								
							 
						 
						
							
							
								
								limit the number of note subscriptions per connection  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								bf1c9b67d6 
								
							 
						 
						
							
							
								
								close websocket when rate limit exceeded  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								18655386f3 
								
							 
						 
						
							
							
								
								convert streaming rate limit to bucket  
							
							
							
						 
						
							2025-03-28 11:03:31 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dakkar 
								
							 
						 
						
							
							
							
							
								
							
							
								920bf71eb5 
								
							 
						 
						
							
							
								
								merge: More Mastodon API fixes ( resolves   #405 ,  #471 , and  #984 ) ( !954 )  
							
							... 
							
							
							
							View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/954 
Closes  #405 , #471 , and #984 
Approved-by: Marie <github@yuugi.dev>
Approved-by: dakkar <dakkar@thenautilus.net> 
							
						 
						
							2025-03-28 12:45:54 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								848a07a170 
								
							 
						 
						
							
							
								
								Ignore notifications that reference missing notes  
							
							
							
						 
						
							2025-03-27 20:30:04 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								a92416904f 
								
							 
						 
						
							
							
								
								use exclusive ranges in api/i/notifications and /api/v1/notifications  
							
							
							
						 
						
							2025-03-27 20:20:42 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								58cdee77d5 
								
							 
						 
						
							
							
								
								convert notification types in mastodon API  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								8a9979b3d3 
								
							 
						 
						
							
							
								
								don't render CW as HTML for mastodon  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								ebc3abea54 
								
							 
						 
						
							
							
								
								hide sensitive content from Discord previews  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								36dee5ff20 
								
							 
						 
						
							
							
								
								render profile bios in masto API  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								81f7346f80 
								
							 
						 
						
							
							
								
								fixes to CW and quote conversion for mastodon  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								1fa290c3eb 
								
							 
						 
						
							
							
								
								handle errors in mastodon search endpoints  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								971bc6fd3e 
								
							 
						 
						
							
							
								
								improve mastodon API error handling  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								a81a00e94d 
								
							 
						 
						
							
							
								
								rename MastodonConverters.ts to matching naming scheme  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								4754942301 
								
							 
						 
						
							
							
								
								add additional required CORS headers for masto-api requests  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								984be9e7aa 
								
							 
						 
						
							
							
								
								enable local timeline in Phanpy clients  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								3c54680860 
								
							 
						 
						
							
							
								
								support reactions in mastodon API  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Hazelnoot 
								
							 
						 
						
							
							
							
							
								
							
							
								fbdee815da 
								
							 
						 
						
							
							
								
								remove unused async from toMastoApiHtml / fromMastoApiHtml  
							
							
							
						 
						
							2025-03-27 19:51:43 -04:00