mirrors/barkey
1
0
Fork 0
mirror of https://codeberg.org/yeentown/barkey.git synced 2025-07-08 13:04:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
29993 commits 8 branches 8 tags 231 MiB
Commit graph

29993 commits

This branch
This branch
All branches
Author SHA1 Message Date
dakkar
ec404fd3ce remove leftover debug line 2025-04-30 20:30:52 +01:00
dakkar
fda71c4147 make toPuny work better in testing 2025-04-21 16:44:13 +01:00
dakkar
58c0ac6c89 check signatures with and without query - fix #1036 
@Oneric explained:

> Spec says query params must be included in the signature; Mastodon
> being Mastodon used to always exclude it though and for
> compatibility everyone followed this. At some point GtS decided to
> follow spec instead which caused interop issues, but succeeded in
> getting Mastodon (and others like *oma) to accept incoming requests
> with (and also still without) query params though outgoing requests
> remaing query-param-free. Some still only accept query-param-less
> requests though and GtS uses a retry mechanism to resend any request
> failing with 401 with an query-parama-less signature once. (Also
> see:
> https://docs.gotosocial.org/en/latest/federation/http_signatures/ )
>
> So for incoming requests both versions need to be checked. For
> outgoing requests, unless you want to jump through retry hoops like
> GtS, omitting query-params is the safer bet for now (presumably this
> will only change if Mastodon ever decides to send out requests
> signed with query params)
 2025-04-21 16:44:13 +01:00
Marie
57a310a146 merge: Verify links in remote accounts. (!964) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/964

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
 2025-04-21 11:22:12 +00:00
piuvas
6df82f4eef
remove redundant sql query. 2025-04-20 23:21:50 -03:00
piuvas
06fb6fbeca
requested changes. 2025-04-20 23:20:59 -03:00
Marie
17e07393a4 merge: fix: Sharkey's logo is missing (!961) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/961

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
 2025-04-20 23:10:44 +00:00
piuvas
8609426e71
remove fortnite. 2025-04-20 14:21:44 -03:00
piuvas
46fa99fc28
requested changes to verifyFieldLinks 
Co-authored-by: dakkar <dakkar@thenautilus.net>
 2025-04-20 12:34:00 -03:00
piuvas
20482888b0
add merge guide for verifyLink. 2025-04-20 10:44:40 -03:00
Zlendy
90f67bf51a
fix: Sharkey's logo is missing 2025-04-20 13:19:28 +02:00
piuvas
1d9876d3fa
make link detection slightly more performant. 2025-04-19 23:20:21 -03:00
piuvas
8a60c7df02
verify links in remote profiles. 2025-04-19 23:10:27 -03:00
piuvas
6a77512737
refactor link verification. 2025-04-19 23:04:48 -03:00
Marie
f24be3674a merge: fix: friendlycaptcha always failing (!963) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/963

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net>
 2025-04-15 20:40:06 +00:00
Marie
28ad2ae534 fix: friendlycaptcha always failing 2025-04-15 20:13:16 +00:00
Marie
4f64803ef2 merge: make MOTD html unescaped. (requires discussion?) (!759) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/759

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev>
 2025-04-15 07:45:51 +00:00
Marie
7faef0d11e merge: feat: Allow injection of raw HTML strings inside <head> (!959) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/959

Closes #1029

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
 2025-04-12 00:11:55 +00:00
Zlendy
cf260762f4
docs: Add usage example of "customHtml.head" to ".config/example.yml" 2025-04-11 22:56:33 +02:00
Zlendy
ce26d8d3cb
feat: Allow injection of raw HTML strings inside <head> 2025-04-11 22:56:26 +02:00
Marie
965ba1ef76 merge: Fix SPDX-Header in two files (!958) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/958

Closes #1027

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Hazelnoot <acomputerdog@gmail.com>
 2025-04-11 10:45:42 +00:00
Marie
e2507b9e0a Update 2 files 
- /packages/frontend/src/scripts/chiptune2.ts
- /packages/frontend/src/components/SkModPlayer.vue
 2025-04-11 08:17:49 +00:00
Marie
337b352425 merge: display announcement text as mfm block (!957) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/957

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: Marie <github@yuugi.dev>
 2025-04-06 18:17:32 +00:00
dakkar
3f1a2c6cc5 display announcement text as mfm block 
the `announcements.vue` page already does that
 2025-04-06 16:24:49 +01:00
Marie
3522af186d merge: add deleteThisAccountConfirm locale (!956) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/956

Closes #1025

Approved-by: Hazelnoot <acomputerdog@gmail.com>
Approved-by: dakkar <dakkar@thenautilus.net>
 2025-04-06 10:57:56 +00:00
Marie
2b510dc2da
upd: add deleteThisAccountConfirm 2025-04-06 00:16:36 +02:00
Marie
865a9c4906 merge: Prevent streaming API denial-of-service (resolves #1019) (!951) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/951

Closes #1019

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
 2025-03-30 10:40:56 +00:00
dakkar
3a6bba3306 merge: Remove visibility of DMs for non-recipient users (!912) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/912

Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <github@yuugi.dev>
 2025-03-30 09:20:54 +00:00
Hazelnoot
922a7ba1d4 track the number of concurrent requests to redis, and bypass if the request is guaranteed to reject 2025-03-29 09:47:05 -04:00
Hazelnoot
47ea8527fd fix wsmessage rate limit definition 2025-03-29 09:44:38 -04:00
Hazelnoot
fafb811333 increase limits on WS note subscriptions and cached notes 2025-03-28 11:44:29 -04:00
Hazelnoot
86e34175d3 SkRateLimiterService revision 3: cache lockouts in memory to avoid redis calls 2025-03-28 11:43:30 -04:00
Hazelnoot
c41d617e63 limit the number of active connections per client, and limit upgrade requests by user 2025-03-28 11:03:31 -04:00
Hazelnoot
eff7321860 avoid duplicate channels in WS connection 2025-03-28 11:03:31 -04:00
Hazelnoot
14a7309cfb avoid leaking cached notes in WS connection 2025-03-28 11:03:31 -04:00
Hazelnoot
045ff5d2c0 make sure that note subscriptions can't stay above limit 2025-03-28 11:03:31 -04:00
Hazelnoot
b8fd9d0bc0 clear subscriptions when connection closes 2025-03-28 11:03:31 -04:00
Hazelnoot
831329499d limit the number of note subscriptions per connection 2025-03-28 11:03:31 -04:00
Hazelnoot
bf1c9b67d6 close websocket when rate limit exceeded 2025-03-28 11:03:31 -04:00
Hazelnoot
18655386f3 convert streaming rate limit to bucket 2025-03-28 11:03:31 -04:00
dakkar
920bf71eb5 merge: More Mastodon API fixes (resolves #405, #471, and #984) (!954) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/954

Closes #405, #471, and #984

Approved-by: Marie <github@yuugi.dev>
Approved-by: dakkar <dakkar@thenautilus.net>
 2025-03-28 12:45:54 +00:00
dakkar
cc4236e643 merge: Fix actor key rotation (!953) 
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/953

Approved-by: Marie <github@yuugi.dev>
Approved-by: dakkar <dakkar@thenautilus.net>
 2025-03-28 12:45:49 +00:00
Hazelnoot
6dc3c36ba5 fix megalodon tests 2025-03-27 20:39:23 -04:00
Hazelnoot
848a07a170 Ignore notifications that reference missing notes 2025-03-27 20:30:04 -04:00
Hazelnoot
a92416904f use exclusive ranges in api/i/notifications and /api/v1/notifications 2025-03-27 20:20:42 -04:00
Hazelnoot
876ecb28f0 strip "@." from local reaction names 2025-03-27 19:51:43 -04:00
Hazelnoot
58cdee77d5 convert notification types in mastodon API 2025-03-27 19:51:43 -04:00
Hazelnoot
8a9979b3d3 don't render CW as HTML for mastodon 2025-03-27 19:51:43 -04:00
Hazelnoot
dcdc249e77 fix reaction emoji mapping in mastodon API 2025-03-27 19:51:43 -04:00
Hazelnoot
ebc3abea54 hide sensitive content from Discord previews 2025-03-27 19:51:43 -04:00