| 
								
								
									 Marie | 581cc2b513 | remove http/https protocol | 2025-05-05 13:00:31 +00:00 |  | 
				
					
						| 
								
								
									 Julia Johannesen | ac905118cc | Merge branch 'stable' into merge-stable-into-develop | 2025-04-27 16:19:44 -04:00 |  | 
				
					
						| 
								
								
									 Julia Johannesen | 35df3944c1 | Update summaly | 2025-04-27 13:31:27 -04:00 |  | 
				
					
						| 
								
								
									 Julia Johannesen | 0bb4e57b0c | Security fixes Co-Authored-By: dakkar <dakkar@thenautilus.net> | 2025-04-27 13:05:09 -04:00 |  | 
				
					
						| 
								
								
									 piuvas | 6df82f4eef | remove redundant sql query. | 2025-04-20 23:21:50 -03:00 |  | 
				
					
						| 
								
								
									 piuvas | 06fb6fbeca | requested changes. | 2025-04-20 23:20:59 -03:00 |  | 
				
					
						| 
								
								
									 piuvas | 8609426e71 | remove fortnite. | 2025-04-20 14:21:44 -03:00 |  | 
				
					
						| 
								
								
									 piuvas | 46fa99fc28 | requested changes to verifyFieldLinks Co-authored-by: dakkar <dakkar@thenautilus.net> | 2025-04-20 12:34:00 -03:00 |  | 
				
					
						| 
								
								
									 piuvas | 1d9876d3fa | make link detection slightly more performant. | 2025-04-19 23:20:21 -03:00 |  | 
				
					
						| 
								
								
									 piuvas | 8a60c7df02 | verify links in remote profiles. | 2025-04-19 23:10:27 -03:00 |  | 
				
					
						| 
								
								
									 piuvas | 6a77512737 | refactor link verification. | 2025-04-19 23:04:48 -03:00 |  | 
				
					
						| 
								
								
									 Marie | 28ad2ae534 | fix: friendlycaptcha always failing | 2025-04-15 20:13:16 +00:00 |  | 
				
					
						| 
								
								
									 Marie | 4f64803ef2 | merge: make MOTD html unescaped. (requires discussion?) (!759) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/759
Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev> | 2025-04-15 07:45:51 +00:00 |  | 
				
					
						| 
								
								
									 Zlendy | ce26d8d3cb | feat: Allow injection of raw HTML strings inside <head> | 2025-04-11 22:56:26 +02:00 |  | 
				
					
						| 
								
								
									 Marie | 865a9c4906 | merge: Prevent streaming API denial-of-service (resolves #1019) (!951) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/951
Closes #1019
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> | 2025-03-30 10:40:56 +00:00 |  | 
				
					
						| 
								
								
									 dakkar | 3a6bba3306 | merge: Remove visibility of DMs for non-recipient users (!912) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/912
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev> | 2025-03-30 09:20:54 +00:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 922a7ba1d4 | track the number of concurrent requests to redis, and bypass if the request is guaranteed to reject | 2025-03-29 09:47:05 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 47ea8527fd | fix wsmessage rate limit definition | 2025-03-29 09:44:38 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | fafb811333 | increase limits on WS note subscriptions and cached notes | 2025-03-28 11:44:29 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 86e34175d3 | SkRateLimiterService revision 3: cache lockouts in memory to avoid redis calls | 2025-03-28 11:43:30 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | c41d617e63 | limit the number of active connections per client, and limit upgrade requests by user | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | eff7321860 | avoid duplicate channels in WS connection | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 14a7309cfb | avoid leaking cached notes in WS connection | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 045ff5d2c0 | make sure that note subscriptions can't stay above limit | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | b8fd9d0bc0 | clear subscriptions when connection closes | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 831329499d | limit the number of note subscriptions per connection | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | bf1c9b67d6 | close websocket when rate limit exceeded | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 18655386f3 | convert streaming rate limit to bucket | 2025-03-28 11:03:31 -04:00 |  | 
				
					
						| 
								
								
									 dakkar | 920bf71eb5 | merge: More Mastodon API fixes (resolves #405, #471, and #984) (!954) View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/954
Closes #405, #471, and #984
Approved-by: Marie <github@yuugi.dev>
Approved-by: dakkar <dakkar@thenautilus.net> | 2025-03-28 12:45:54 +00:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 848a07a170 | Ignore notifications that reference missing notes | 2025-03-27 20:30:04 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | a92416904f | use exclusive ranges in api/i/notifications and /api/v1/notifications | 2025-03-27 20:20:42 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 58cdee77d5 | convert notification types in mastodon API | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 8a9979b3d3 | don't render CW as HTML for mastodon | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | ebc3abea54 | hide sensitive content from Discord previews | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 36dee5ff20 | render profile bios in masto API | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 81f7346f80 | fixes to CW and quote conversion for mastodon | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 1fa290c3eb | handle errors in mastodon search endpoints | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 971bc6fd3e | improve mastodon API error handling | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | a81a00e94d | rename MastodonConverters.ts to matching naming scheme | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 4754942301 | add additional required CORS headers for masto-api requests | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 984be9e7aa | enable local timeline in Phanpy clients | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 3c54680860 | support reactions in mastodon API | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | fbdee815da | remove unused async from toMastoApiHtml / fromMastoApiHtml | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 8d67a8c9ae | don't log query parameters from mastodon API | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | fc1d0c958c | support Mastodon v4 "link header" pagination | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 3d8930f070 | implement /api/v1/favourites | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | cac8377e4e | fix empty response from /api/v1/notifications | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 178fe16f68 | fix empty response from /api/v1/blocks | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | c69f7b87f0 | fix empty response from /api/v1/mutes | 2025-03-27 19:51:43 -04:00 |  | 
				
					
						| 
								
								
									 Hazelnoot | 2b03f51315 | don't return httpStatusCode in mastodon errors | 2025-03-27 19:51:43 -04:00 |  |