Mirrors/gotosocial
2
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial synced 2024-09-20 14:22:02 +00:00
Code Issues Projects Releases Packages Wiki Activity
gotosocial/internal
History
kim 9cd27b412d
[security] harden account update logic (#3198) 
* on account update, ensure that public key has not changed

* change expected error message

* also support the case of changing account keys when expired (not waiting for handshake)

* tweak account update hardening logic, add tests for updating account with pubkey expired

* add check for whether incoming data was via federator, accepting keys if so

* use freshest window for federated account updates + comment about it
2024-08-13 15:37:09 +00:00
..
ap [bugfix] relax missing preferred_username, instead using webfingered username (#3189) 2024-08-13 09:01:50 +00:00
api [bugfix] relax missing preferred_username, instead using webfingered username (#3189) 2024-08-13 09:01:50 +00:00
cache [feature] Implement following hashtags (#3141) 2024-07-29 19:26:31 +01:00
cleaner [bugfix] fix emoji recaching operations (#3167) 2024-08-03 19:05:38 +02:00
config [feature] Add db-postgres-connection-string option (#3178) 2024-08-08 14:00:19 +02:00
db [feature] Add db-postgres-connection-string option (#3178) 2024-08-08 14:00:19 +02:00
email [bugfix] add Date and Message-ID headers for email (#3031) 2024-06-22 23:36:30 +02:00
federation [security] harden account update logic (#3198) 2024-08-13 15:37:09 +00:00
filter [chore] Add interaction filter to complement existing visibility filter (#3111) 2024-07-24 12:27:42 +01:00
gtscontext [bugfix] httpclient not signing subsequent redirect requests (#2798) 2024-04-02 13:12:26 +02:00
gtserror [experiment] add alternative wasm sqlite3 implementation available via build-tag (#2863) 2024-05-27 17:46:15 +02:00
gtsmodel [feature] Use gifv type for short soundless mp4 videos (#3182) 2024-08-08 08:12:16 +00:00
headerfilter [feature] request blocking by http headers (#2409) 2023-12-18 14:18:25 +00:00
httpclient [feature] persist worker queues to db (#3042) 2024-07-30 13:58:31 +02:00
id [chore] Improve copyright header handling (#1608) 2023-03-12 16:00:57 +01:00
iotools [performance] update storage backend and make use of seek syscall when available (#2924) 2024-05-22 11:46:24 +02:00
language [feature] Set/show instance language(s); show post language on frontend (#2362) 2023-11-17 11:35:28 +01:00
log [chore] Log less output on failed test (#2804) 2024-04-04 16:42:42 +01:00
media [performance] move thumbnail generation to go code where possible (#3183) 2024-08-08 17:12:13 +00:00
messages [bugfix] incorrect AP serialize function used serializing worker data (#3196) 2024-08-12 18:23:24 +02:00
metrics [chore] Update usage of OTEL libraries (#2725) 2024-03-11 15:34:34 +01:00
middleware [feature] Beef up our AI opt-outs (#3165) 2024-08-02 18:22:39 +02:00
oauth [chore] Upgrade our Go version to 1.22 (#2862) 2024-04-26 10:40:29 +02:00
oidc [chore] Improve copyright header handling (#1608) 2023-03-12 16:00:57 +01:00
paging [bugfix] flaky paging test (#2888) 2024-05-01 13:29:42 +02:00
processing [security] harden account update logic (#3198) 2024-08-13 15:37:09 +00:00
queue [performance] update go-structr and go-mutexes with memory usage improvements (#2909) 2024-05-13 08:05:46 +00:00
regexes [feature] Federate interaction policies + Accepts; enforce policies (#3138) 2024-07-26 12:04:28 +02:00
router [chore] improved startup / shutdown (#2925) 2024-05-29 13:21:04 +02:00
scheduler [feature] add support for polls + receiving federated status edits (#2330) 2023-11-08 14:32:17 +00:00
state [bugfix] Lock when checking/creating notifs to avoid race (#2890) 2024-05-02 13:43:00 +01:00
storage [feature] Object store custom URL (S3) (#3046) 2024-07-31 13:44:18 +01:00
stream [feature] Conversations API (#3013) 2024-07-23 20:44:31 +01:00
text [feature/frontend] Respect prefers-reduced-motion for avatars, headers, and emojis (#3118) 2024-07-21 14:22:08 +02:00
timeline [feature/frontend] Add player for audio files; use thumbnail for poster (#3099) 2024-07-15 10:47:57 +01:00
tracing [chore] Update usage of OTEL libraries (#2725) 2024-03-11 15:34:34 +01:00
trans [feature] Allow users to export data via the settings panel (#3140) 2024-07-31 15:03:34 +01:00
transport [feature] persist worker queues to db (#3042) 2024-07-30 13:58:31 +02:00
typeutils [bugfix] relax missing preferred_username, instead using webfingered username (#3189) 2024-08-13 09:01:50 +00:00
uris [feature] Federate interaction policies + Accepts; enforce policies (#3138) 2024-07-26 12:04:28 +02:00
util [bugfix] relax missing preferred_username, instead using webfingered username (#3189) 2024-08-13 09:01:50 +00:00
validate [feature] Implement Filter API v2 (#2936) 2024-05-31 12:55:56 +02:00
web [feature] Beef up our AI opt-outs (#3165) 2024-08-02 18:22:39 +02:00
workers [feature] Allow import of following and blocks via CSV (#3150) 2024-08-02 12:41:46 +01:00