Commit graph

1751 commits

Author SHA1 Message Date
dependabot[bot]
c0bddd272f
[chore]: Bump github.com/minio/minio-go/v7 from 7.0.62 to 7.0.63 (#2180)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 10:16:41 +01:00
dependabot[bot]
ddd3c2e44b
[chore]: Bump golang.org/x/text from 0.12.0 to 0.13.0 (#2177)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 10:16:06 +01:00
kim
4eb77ff5d7
[bugfix] move SQLite pragmas into connection string (#2171)
* move SQLite pragmas into connection string

Signed-off-by: kim <grufwub@gmail.com>

* use url.Values type for SQLite connection preferences

Signed-off-by: kim <grufwub@gmail.com>

* set SQLite URI prefs properly using _pragma query key

Signed-off-by: kim <grufwub@gmail.com>

* add notes on SQLite connection preferences

Signed-off-by: kim <grufwub@gmail.com>

* fix typo

Signed-off-by: kim <grufwub@gmail.com>

* add one extra line regarding connection pooling

Signed-off-by: kim <grufwub@gmail.com>

---------

Signed-off-by: kim <grufwub@gmail.com>
2023-09-01 15:13:33 +02:00
kim
1ee99fc165
[bugfix] wrap bun.Tx to add our own error processing (#2169)
* wrap bun.Tx to add our own error processing

Signed-off-by: kim <grufwub@gmail.com>

* add compile-time check for updateRowError() compatibility with sql.Row, fix wrapTx() not being used properly

Signed-off-by: kim <grufwub@gmail.com>

---------

Signed-off-by: kim <grufwub@gmail.com>
2023-08-31 11:46:15 +02:00
dependabot[bot]
2ec313a21f
[chore]: Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#2166) 2023-08-28 07:12:40 +00:00
dependabot[bot]
e6407ec95c
[chore]: Bump github.com/KimMachineGun/automemlimit from 0.2.6 to 0.3.0 (#2165) 2023-08-28 06:59:08 +00:00
tobi
13f1c85e70
[chore/frontend] Make line-height a wee little bit bigger (#2159) 2023-08-24 12:52:12 +02:00
Daenney
5416ad9888
[docs] Update backup docs (#2153) 2023-08-23 19:06:46 +01:00
tobi
083e8f35b3
[bugfix/frontend] Normalize header sizes (#2152)
* [bugfix/frontend] Normalize header sizes

* ensmallen heading a little
2023-08-23 18:28:59 +02:00
rdelaage
7b48437f17
[feature] list commands for both attachment and emojis (#2121)
* [feature] list commands for both attachment and emojis

* use fewer commands, provide `local-only` and `remote-only` as filters

* envparsing

---------

Co-authored-by: Romain de Laage <romain.delaage@rdelaage.ovh>
Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2023-08-23 18:01:16 +02:00
tobi
8f38dc2e7f
[feature] Add rate limit exceptions option, use ISO8601 for rate limit reset (#2151)
* start updating rate limiting, add exceptions

* tests, comments, tidying up

* add rate limiting exceptions to example config

* envparsing

* nolint

* apply kimbediff

* add examples
2023-08-23 14:32:27 +02:00
tobi
94d16631bc
[performance] Rework home timeline query to use cache more (#2148) 2023-08-22 15:41:51 +02:00
Daenney
4ae16bce8c
[feature] Make log format configurable (#2130)
* [feature] Don't emit timestamp in log lines

When running gotosocial with a service manager like systemd, or a
container runtime, the associated log driver usually emits timestamps
itself. In those cases, having the extra timestamp from our own log
lines ends up being a bit noisy and when centrally ingesting logs is
duplicate information.

This introduces a configuration flag that allows disabling emitting the
timestamp. It's only wired up for "daemonised" processes, meaning server
and testrig.

* [chore] Add docs for log-timestamp

* [feature] Simplify timestamp handling

Co-Authored-By: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>

* [chore] Less escaped double-quotes

* [chore] Fix help string

---------

Co-authored-by: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>
2023-08-21 19:07:55 +01:00
tobi
638f023a1c
[performance] Tweak media attachment cleanup; replace stale index (#2143) 2023-08-21 14:03:04 +01:00
dependabot[bot]
70d87f0ff0
[chore]: Bump codeberg.org/gruf/go-kv from 1.6.3 to 1.6.4 (#2142) 2023-08-21 06:54:30 +00:00
dependabot[bot]
59b5ed6638
[chore]: Bump github.com/minio/minio-go/v7 from 7.0.61 to 7.0.62 (#2141) 2023-08-21 06:40:16 +00:00
dependabot[bot]
36dceac56c
[chore]: Bump github.com/yuin/goldmark from 1.5.5 to 1.5.6 (#2140) 2023-08-21 06:39:14 +00:00
tobi
1e2db7a32f
[feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs (#2134)
* [feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs

* env parsing tests, my coy mistress
2023-08-20 13:35:55 +02:00
f0x52
92de8fb396
[feature] Instance rules (#2125)
* init instance rules database model, admin api

* expose instance rules in public instance api

* public /api/v1/instance/rules route

* GET ruleById

* createRule route

* createRule auth check

* updateRule

* deleteRule

* list rules on about page

* ruleGet auth

* add about page ids for anchors

* process and store adding violated rules to reports

* admin api models for instance rules

* instance rule edit frontend

* change rule inputs to textareas

* database fixes after rebase (#2124)

* remove unused imports

* fix db migration column name

* fix tests

* fix more tests

* fix postgres error with wrongly used Ident

* add some tests, fiddle with rule model a bit, fix postgres migration

* swagger docs

---------

Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2023-08-19 14:33:15 +02:00
kim
d5d6ad406f
[bugfix] fix double firing bun.DB query hooks (#2124)
* improve bun.DB wrapping readability + comments, fix double-firing query hooks

* fix incorrect code comment placement

* fix linter issues

* Update internal/db/basic.go

* do as the linter commmands ...

---------

Signed-off-by: kim <grufwub@gmail.com>
Co-authored-by: Daenney <daenney@users.noreply.github.com>
2023-08-17 17:26:21 +01:00
dependabot[bot]
e70629e856
[chore]: Bump github.com/jackc/pgx/v5 from 5.4.2 to 5.4.3 (#2112)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-16 16:10:13 +01:00
dependabot[bot]
5a4ceebcbd
[chore]: Bump github.com/abema/go-mp4 from 0.12.0 to 0.13.0 (#2113)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-16 16:10:01 +01:00
dependabot[bot]
8f4b779b2d
[chore]: Bump modernc.org/sqlite from 1.24.0 to 1.25.0 (#2114)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-16 16:09:50 +01:00
tobi
42bb352d53
[feature] Add snapshot binary builds + uploads (#2119)
* [feature] Add snapshot binary builds + uploads

* Update docs to include info on snapshot builds

* review comments

* little tweaks
2023-08-15 18:48:17 +02:00
kim
e9c3663cce
[chore] ensure worker contexts have request ID (#2120) 2023-08-15 17:01:01 +01:00
kim
815b5291e0
[bugfix] fix inconsistent calculated cache sizes (#2115)
* use calculated exampleTime instead of `time.Now()` to ensure no locale data, retweak cache ratios

* update envparsing test

* update default cache memory to 100MiB

* fix envparsing with latest cache target default

---------

Signed-off-by: kim <grufwub@gmail.com>
2023-08-14 17:08:19 +01:00
f0x52
912a104aed
[fix] Update CSP header for blob images (upload preview) and dev livereload (#2109)
* update CSP header for blob images (upload preview) and dev livereload websocket

* update csp for s3, update csp tests
2023-08-14 12:30:09 +02:00
kim
8ea7f551a0
[bugfix] bump go-kv version with logfmt quote fix (#2108) 2023-08-13 14:27:29 +01:00
Daenney
5e368d3089
[bugfix] CSP policy fixes for S3/object storage (#2104)
* [bugfix] CSP policy fixes for S3 in non-proxied mode

* It should be img-src
* In both img-src and media-src we still need to include 'self'
2023-08-12 12:21:48 +02:00
tobi
b7274545e0
[bugfix] Add s3 endpoint as image-src and media-src for CSP (#2103)
* [bugfix] Add s3 endpoint as image-src and media-src for CSP

* use https if secure

* reorder comment
2023-08-11 17:49:17 +02:00
tobi
a1768a83e0
[bugfix] Suppress 'errNoEntries' warnings from InboxForwarding function call (#2102) 2023-08-11 14:17:36 +01:00
tobi
dc99e9e10b
[bugfix] Fix using wrong key for clientID during oauth callback (#2101) 2023-08-11 14:58:47 +02:00
tobi
dc96562b40
[bugfix] Use custom bluemonday policy to disallow inline img tags (#2100) 2023-08-11 14:40:11 +02:00
Daenney
3aedd937c3
[feature] Set Content-Security-Policy header (#2095)
This adds the CSP header with a policy of only loading from the same
domain. We don't make use of external media, CSS, JS, fonts, so we don't
ever need external data loaded in our context.

When building a DEBUG build, the policy gets extended to include
localhost:*, i.e localhost on any port. This keeps the live-reloading
flow for JS development working. localhost and 127.0.0.1 are considered
to be the same so mixing and matching those doesn't result in a CSP
violation.
2023-08-11 13:20:56 +02:00
tobi
a26af1310f
[bugfix] Populate followReq before accessing targetaccount pointer (#2099) 2023-08-11 11:05:49 +02:00
tobi
5588d4e88e
[bugfix] Use length in runes when trimming for RSS (#2094) 2023-08-10 18:26:56 +02:00
tobi
992c7ce4c2
[chore] Add test to ensure show_reblogs on follow works as expected (#2093) 2023-08-10 17:10:27 +02:00
kim
91cbcd589e
[performance] remove last of relational queries to instead rely on caches (#2091) 2023-08-10 15:08:41 +01:00
tobi
9770d54237
[feature] List replies policy, refactor async workers (#2087)
* Add/update some DB functions.

* move async workers into subprocessor

* rename FromFederator -> FromFediAPI

* update home timeline check to include check for current status first before moving to parent status

* change streamMap to pointer to mollify linter

* update followtoas func signature

* fix merge

* remove errant debug log

* don't use separate errs.Combine() check to wrap errs

* wrap parts of workers functionality in sub-structs

* populate report using new db funcs

* embed federator (tiny bit tidier)

* flesh out error msg, add continue(!)

* fix other error messages to be more specific

* better, nicer

* give parseURI util function a bit more util

* missing headers

* use pointers for subprocessors
2023-08-09 19:14:33 +02:00
Daenney
dbf487effb
[bugfix] Fix incorrect per-loop variable capture (#2092)
These should be per iteration, not per loop. This was caught by running
a build with the loopvar experiment: go build -gcflags=-d=loopvar=2.
2023-08-09 18:40:32 +02:00
kim
31a215849e
update coc (#2090)
* update coc

* improve wording

* point to coc doc in contributing doc

* swap-out ancap for capitalist

* fix git relative path

* ACTUALLY fix the relative link

* fix spelling of abhorrent
2023-08-09 15:47:03 +02:00
tobi
e5c7501850
[docs] Add first anti-harassment research article re: authorized fetch (#2089) 2023-08-09 15:12:18 +02:00
kim
0ddc2edf19
[bugfix] only set content-length AFTER rewinding body bytes (#2086) 2023-08-08 12:45:29 +01:00
kim
3920bc87d1
[bugfix] don't accept unrelated statuses (#2078)
Co-authored-by: Daenney <daenney@users.noreply.github.com>
Co-authored-by: tsmethurst <tobi.smethurst@protonmail.com>
2023-08-08 12:26:34 +01:00
tobi
4b05dcde43
[chore] Update robots.txt, give chatgpt the middle finger (#2085) 2023-08-08 13:16:34 +02:00
Daenney
9df4d38c43
[chore] Add Feditext as recommended client (#2081)
With Feditext now accepting beta users, this adds it as the third
client to recommend so we have web and the dominant mobile platforms
covered.

This also removes the screenshots from the README, because it became a
mess trying to add a third one. Either the cells become very narrow, or
the table doubles in height. As the UI may also change over time, it
might be better to point folks at the apps instead who'll hopefully have
up to date screenshots in their storefronts.
2023-08-08 12:19:41 +02:00
Daenney
be3718f6e4
[chore] Use generic pointer function (#2080)
This replaces the different $TypePtr functions with a generic
implementation.
2023-08-07 18:38:11 +01:00
dependabot[bot]
517829ae6a
[chore]: Bump github.com/tdewolff/minify/v2 from 2.12.7 to 2.12.8 (#2073) 2023-08-07 08:28:49 +00:00
Vyr Cossont
0f812746b7
[feature] Allow full BCP 47 in language inputs (#2067)
* Allow full BCP 47 in language inputs

Fixes #2066

* Fuse validation and normalization for languages

* Remove outdated comment line

* Move post language canonicalization test
2023-08-07 10:25:54 +02:00
dependabot[bot]
303a6a6b1d
[chore]: Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#2076) 2023-08-07 08:21:44 +00:00