* Add a blocklist for URLs.
* Fix SQL format
* Make clippy happy.
* Use regex for URL matching.
* Escape regex chars in URLs.
* Use post for modification.
* Make URL block regex static and remove API routes.
* Add date fields to table and use transaction.
* Use Cache for blocklist.
* Rename check_links + move list to parameters of process_markdown.
* SQL format.
* Format, again.
* Remove println.
* Add API test.
* Set a shorter lifetime for regex in debug mode.
* Add missing macro.
* Update lemmy-js-client
* Update api_test/pnpm-lock.yaml
* Don't break other tests
* Use different URL for test
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Nutomic <me@nutomic.com>
* Use starts_with for forbidden unicode (Fix#3888)
* Require 3 visible chars in display name
* Run cargo fmt and scripts/lint
* Undo invisibly_starts_with_at
* Remove 3 min chars.count() check for display name
* Make input length checks consistent with HTML maxlength attr (fixes#3688)
* ci
* Extricating min and max length checks (#4018)
* revert string change
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Rework the way 2FA is enabled/disabled (fixes#3309)
* postgres format
* change algo to sha1 for better compat
* review comments
* review
* clippy
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Try using drone cache plugin
* Try another path
* Include volume
* Fix formatting
* Include fmt
* Exclude cargo dir from prettier
* Don't override cargo
* Just do check
* Add cache key
* Use different cache plugin
* Add clippy
* Try minio
* Add quotes
* Try adding secrets
* Try again
* Again
* Use correct secret formation
* Add back clippy
* Use secret for the root bucket name
* Try drone cache instead
* Add region
* Add path-style option
* Include cargo clippy
* Include everything again
* Fix formatting
* Don't run clippy twice
* Add `allow` statements for tests to pass
* Adjust endpoint to be a secret
* Fix prettier
* Merge & fix tests
* Try to restart the woodpecker test
* Change the ENV var name
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Fix#3366: API does return plain HTML errors
* Fix Clippy errors
* Improve api response times by doing send_activity asynchronously (#3493)
* do send_activity after http response
* move to util function
* format
* fix prometheus
* make synchronous federation configurable
* cargo fmt
* empty
* empty
---------
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
* Updating `login.rs` with generic `incorrect_login` response. (#3549)
* Adding v0.18.1 and v0.18.0 release notes. (#3530)
* Update RELEASES.md (#3556)
added instruction to find the location of your docker directory (especially useful for those who used ansible since they never had to setup docker manually)
* Use async email sender (#3554)
* Upgrade all dependencies (#3526)
* Upgrade all dependencies
* as base64
* Adding phiresky to codeowners. (#3576)
* Error enum fixed (#3487)
* Create error type enum
* Replace magic string slices with LemmyErrorTypes
* Remove unused enum
* Add rename snake case to error enum
* Rename functions
* clippy
* Fix merge errors
* Serialize in PascalCase instead of snake_case
* Revert src/lib
* Add serialization tests
* Update translations
* Fix compilation error in test
* Fix another compilation error
* Add code for generating typescript types
* Various fixes to avoid breaking api
* impl From<LemmyErrorType> for LemmyError
* with_lemmy_type
* trigger ci
---------
Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
* Only update site_aggregates for local site (#3516)
* Fix#3501 - Fix aggregation counts for elements removed and deleted (#3543)
Two bugs were found and fixed:
- previously elements removal and deletion were counted as two separate disappearances
- removing comments did not affect post aggregations
* Use LemmyErrorType also make error_type compulsory
* Add missing import for jsonify_plain_text_errors
* Fix formatting
* Trying to make woodpecker run again
---------
Co-authored-by: phiresky <phireskyde+git@gmail.com>
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: rosenjcb <rosenjcb@gmail.com>
Co-authored-by: nixoye <12674582+nixoye@users.noreply.github.com>
Co-authored-by: dullbananas <dull.bananas0@gmail.com>
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: SleeplessOne1917 <abias1122@gmail.com>
Co-authored-by: Sander Saarend <sander@saarend.com>
Co-authored-by: Piotr Juszczyk <74842304+pijuszczyk@users.noreply.github.com>
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
* Fixed validation of display names
Fixed validation of display names: reject names beginning with invisible unicode characters.
* Formatting
Formatting fix.
* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.
* Formatting
* Added a comment detailing source of the list of invisible chars.
* Fixes#2900 - Checks slur regex to see if it is too permissive along with small validation organization
* Clean up variable names, add handler for valid empty string usecase
* Update tests
* Create validation function and add tests
* Test clean up
* Use payload value vs local site value to prevent stunlocking
* Remove println added while testing
* Fall back to local site regex if not provided from request
* Attempt clean up of flaky comment_view tests
* Pull in latest submodule
* Move application, post check into functions, add more tests and improve test readability
---------
Co-authored-by: Nutomic <me@nutomic.com>
* Add separate Post check for is_valid_body_field
* Modify is_valid_body_check for posts only
* Fix check var reinit in validation.rs
* Extra empty line to rerun woodpecker with changes
* Change Option to bool, add false to non-post calls
* Woodpecker trick.. again
* Probable rust_fmt fail fixed
* cargo_clippy changes
* Missing space between = and if
* Remove ; after body length checks
* Combine prod and dev docker setups using build-arg
- Fixes#2603
* Dont use cache for release build.
* Adding 2FA / TOTP support.
- Fixes#2363
* Changed name to totp_2fa for clarity.
* Switch to sha256 for totp.
