summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Added a 'webfinger' field to 'Person' objects.Gravatar grunfink6 days1-0/+3
|
* Updated RELEASE_NOTES.Gravatar grunfink6 days1-1/+1
|
* Merge pull request 'Bug fix: Poll voting in mastoapi: Check global object ↵Gravatar grunfink6 days1-25/+46
|\ | | | | | | | | | | store + Prevent voting when not allowed' (#552) from davidrv00/snac2-fork:vote-fix into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/552
| * Prevent voting via mastoapi if closed or we already votedGravatar David Vaughan7 days1-24/+40
| |
| * Check global object store for poll id when voting via mastoapiGravatar David Vaughan7 days1-1/+6
| |
* | Updated RELEASE_NOTES.Gravatar grunfink6 days1-0/+2
| |
* | Merge pull request 'Add poll creation to mastoapi' (#551) from ↵Gravatar grunfink6 days1-9/+37
|\ \ | | | | | | | | | | | | | | | davidrv00/snac2-fork:poll-mastoapi into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/551
| * | Add poll creation to mastoapiGravatar David Vaughan7 days1-9/+37
| |/
* | Merge pull request 'snac(8): Words of caution for strip_exif configuration' ↵Gravatar grunfink6 days1-0/+11
|\ \ | | | | | | | | | | | | | | | (#549) from oxzi/snac2:strip-metadata-man-warning into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/549
| * | snac(8): Words of caution for strip_exif configurationGravatar Alvar Penning8 days1-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add words of caution and reasoning to the "strip_exif" configuration for the server.json file, as these commands would be executed outside of the sandbox - at least on OpenBSD - and both have quite a history on security issues due to their huge attack surface and variety of supported protocols. After getting comfortable with the related code, I would continue using it on a personal instance, but would reconsider enabling "strip_exif" on shared instances with multiple users. IMO, snac administrators should at least know of potential dangers.
* | | Updated RELEASE_NOTES.Gravatar grunfink6 days1-0/+2
| | |
* | | Merge branch 'master' of grunfink-codeberg:grunfink/snac2Gravatar grunfink6 days4-73/+114
|\ \ \
| * \ \ Merge pull request 'strip_exif support for the OpenBSD sandbox' (#548) from ↵Gravatar grunfink6 days4-73/+114
| |\ \ \ | | |_|/ | |/| | | | | | | | | | | | | | oxzi/snac2:strip-metadata-openbsd into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/548
| | * | strip_exif support for the OpenBSD sandboxGravatar Alvar Penning8 days4-73/+114
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change the strip_exif logic to work with the already existing OpenBSD sandbox and allow ffmpeg and mogrify to be executed. The previous strip_exif implementation relied on system(3), effectively starting "/bin/sh" and executing the required tool within a shell session. Making this work in the sandbox would require to allow executing "/bin/sh", rendering the sandbox useless. Thus, the code now starts determining the absolute path of the tools - unless they are given as ffmpeg_path or mogrify_path - and allowing them to be executed via unveil(2). Then, instead of the system(3) call, the good old fork(2) and execve(2) dance is performed. The sbox_enter code was made aware of strip_exif, which resulted in a pledge(2) violation before when disable_email_notifications was set to false. Furthermore, the detected paths of the tools are now allowed.
* | / Updated RELEASE_NOTES.Gravatar grunfink8 days1-0/+2
|/ /
* / Updated TODO.Gravatar grunfink8 days1-0/+2
|/
* Updated TODO.Gravatar grunfink9 days1-0/+2
|
* Updated RELEASE_NOTES.Gravatar grunfink10 days1-2/+2
|
* Updated RELEASE_NOTES.Gravatar grunfink11 days1-0/+12
|
* Fixed typo in Czech lang file.Gravatar grunfink11 days1-1/+1
|
* Merge pull request 'Update po/cs.po' (#546) from pmjv/snac2:master into masterGravatar grunfink11 days1-1/+1
|\ | | | | | | Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/546
| * Update po/cs.poGravatar pmjv11 days1-1/+1
| |
* | Call xs_replace_i() in html_date_label() instead of overwriting.Gravatar grunfink11 days1-2/+2
| |
* | Merge pull request 'Update po/cs.po' (#545) from pmjv/snac2:master into masterGravatar grunfink11 days1-31/+31
|\| | | | | | | Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/545
| * Update po/cs.poGravatar pmjv11 days1-31/+31
|/
* Merge branch 'master' of comam.es:git/snac2Gravatar grunfink11 days16-3504/+3504
|\
| * Re-reverted po/cs.po.Gravatar grunfink11 days16-3492/+3539
| |
| * Reverted po/cs.po.Gravatar grunfink11 days1-47/+0
| |
* | Tweaked check_signature() for GET variables.Gravatar grunfink11 days1-5/+13
|/ | | | | | Instead of unconditionally stripping ? variables when retrieving the keyId, try first calling actor_request() directly, and only strip them and retry if it fails.
* Use the translated month names in date labels.Gravatar grunfink11 days2-1/+15
|
* Added translatable month names.Gravatar grunfink11 days20-2/+786
|
* Merge pull request 'Update pt_BR translations' (#543) from ↵Gravatar grunfink13 days1-15/+15
|\ | | | | | | | | | | daltux/snac2:pt_BR-8 into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/543
| * Update pt_BR translations.Gravatar Daltux14 days1-15/+15
|/
* Updated language files.Gravatar grunfink2026-01-2816-3108/+3936
|
* Added ... to 'Notifications filter' string.Gravatar grunfink2026-01-281-1/+1
|
* Merge pull request 'typo in notification filter' (#539) from ↵Gravatar grunfink2026-01-281-1/+1
|\ | | | | | | | | | | zen/snac2:master into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/539
| * typoGravatar zen2026-01-271-1/+1
| |
| * typoGravatar zen2026-01-271-1/+1
|/
* Merge pull request 'notifications filter' (#524) from ↵Gravatar grunfink2026-01-273-75/+187
|\ | | | | | | | | | | byte/snac2:notif_filter into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/524
| * styleGravatar byte2026-01-251-11/+5
| |
| * notifications filterGravatar byte2026-01-253-80/+198
| |
* | Merge pull request 'po/de_DE.po aktualisiert' (#538) from zen/snac2:master ↵Gravatar grunfink2026-01-271-6/+6
|\ \ | | | | | | | | | | | | | | | into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/538
| * | po/de_DE.po aktualisiertGravatar zen2026-01-261-6/+6
| |/
* | Merge pull request 'Update Portuguese (Brazilian) translation' (#537) from ↵Gravatar grunfink2026-01-271-13/+14
|\ \ | |/ |/| | | | | | | daltux/snac2:pt_BR-7 into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/537
| * Update pt_BR translation fileGravatar Daltux2026-01-261-13/+14
|/
* Bumped version.Gravatar grunfink2026-01-251-1/+1
|
* Merge pull request 'Add hh:mm times to posts, using the user timezone' ↵Gravatar grunfink2026-01-251-3/+25
|\ | | | | | | | | | | (#530) from dandelions/snac2:exact-post-times into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/530
| * time-labels: fixed segfaultGravatar green2026-01-231-2/+3
| |
| * small: timezone dependant date labelsGravatar green2026-01-231-3/+24
| |
* | Merge pull request 'Configurable limits for polls' (#534) from ↵Gravatar grunfink2026-01-253-5/+29
|\ \ | | | | | | | | | | | | | | | dandelions/snac2:poll-limits into master Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/534
HIC SVNT DRACONES