GoToSocial

mirror of https://github.com/superseriousbusiness/gotosocial synced 2025-06-05 21:59:39 +02:00

Author	SHA1	Message	Date
tobi	365b575341	[feature] add TOTP two-factor authentication (2FA) (#3960 ) * [feature] add TOTP two-factor authentication (2FA) * use byteutil.S2B to avoid allocations when comparing + generating password hashes * don't bother with string conversion for consts * use io.ReadFull * use MustGenerateSecret for backup codes * rename util functions	2025-04-07 16:14:41 +02:00
dependabot[bot]	bce643286c	[chore]: Bump github.com/minio/minio-go/v7 from 7.0.85 to 7.0.89 (#3977 ) Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.85 to 7.0.89. - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](https://github.com/minio/minio-go/compare/v7.0.85...v7.0.89) --- updated-dependencies: - dependency-name: github.com/minio/minio-go/v7 dependency-version: 7.0.89 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-07 11:05:51 +01:00
dependabot[bot]	e0ea77b730	[chore]: Bump github.com/tdewolff/minify/v2 from 2.22.4 to 2.23.0 (#3974 ) Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.22.4 to 2.23.0. - [Release notes](https://github.com/tdewolff/minify/releases) - [Commits](https://github.com/tdewolff/minify/compare/v2.22.4...v2.23.0) --- updated-dependencies: - dependency-name: github.com/tdewolff/minify/v2 dependency-version: 2.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-07 11:05:22 +01:00
kim	db4b857159	[chore] bump ncruces/go-sqlite3 to v0.25.0 (#3966 )	2025-04-04 17:34:38 +02:00
kim	b0873972ec	[chore] bump golang.org/x/net@v0.38.0, github.com/gin-contrib/cors@v1.7.4, github.com/spf13/viper@v1.20.1, github.com/tdewolff/minify/v2@v2.22.4 (#3959 )	2025-04-01 18:21:59 +02:00
kim	f46e490c30	[chore] bumps our spf13/viper version (#3943 ) * bumps our spf13/viper version * fixes the one breaking change	2025-03-26 11:44:24 +00:00
dependabot[bot]	4af8d1a2cb	[chore]: Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 (#3927 ) Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.2.1 to 5.2.2. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.1...v5.2.2) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-24 10:54:29 +00:00
dependabot[bot]	f7e5f31c6b	[chore]: Bump github.com/tdewolff/minify/v2 from 2.21.3 to 2.22.3 (#3933 ) Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.21.3 to 2.22.3. - [Release notes](https://github.com/tdewolff/minify/releases) - [Commits](https://github.com/tdewolff/minify/compare/v2.21.3...v2.22.3) --- updated-dependencies: - dependency-name: github.com/tdewolff/minify/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-24 10:53:20 +00:00
dependabot[bot]	a844f322ee	[chore]: Bump github.com/miekg/dns from 1.1.63 to 1.1.64 (#3936 ) Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.63 to 1.1.64. - [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release) - [Commits](https://github.com/miekg/dns/compare/v1.1.63...v1.1.64) --- updated-dependencies: - dependency-name: github.com/miekg/dns dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-24 10:50:19 +00:00
dependabot[bot]	18c8f85a30	[chore]: Bump github.com/jackc/pgx/v5 from 5.7.2 to 5.7.3 (#3935 ) Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.7.2 to 5.7.3. - [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md) - [Commits](https://github.com/jackc/pgx/compare/v5.7.2...v5.7.3) --- updated-dependencies: - dependency-name: github.com/jackc/pgx/v5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-24 10:50:09 +00:00
kim	bad12a62e6	bumps our uptrace/bun dependencies to v1.2.11 (#3895 )	2025-03-10 19:40:16 +00:00
dependabot[bot]	252a17a691	[chore]: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#3888 )	2025-03-10 09:23:45 +00:00
dependabot[bot]	85e17b3e78	[chore]: Bump github.com/prometheus/client_golang from 1.21.0 to 1.21.1 (#3890 )	2025-03-10 09:23:19 +00:00
kim	67a2b3650c	bumps our uptrace/bun dependencies to v1.2.10 (#3865 )	2025-03-03 10:42:05 +00:00
dependabot[bot]	ddd9210614	[chore]: Bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 (#3860 ) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.5 to 1.21.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.20.5...v1.21.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-03 10:21:50 +00:00
dependabot[bot]	0e2e8e54ab	[chore]: Bump github.com/ncruces/go-sqlite3 from 0.23.0 to 0.24.0 (#3862 ) Bumps [github.com/ncruces/go-sqlite3](https://github.com/ncruces/go-sqlite3) from 0.23.0 to 0.24.0. - [Release notes](https://github.com/ncruces/go-sqlite3/releases) - [Commits](https://github.com/ncruces/go-sqlite3/compare/v0.23.0...v0.24.0) --- updated-dependencies: - dependency-name: github.com/ncruces/go-sqlite3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-03 09:51:42 +00:00
tobi	8488ac9286	[chore] migrate oauth2 -> codeberg (#3857 )	2025-03-02 16:42:51 +01:00
tobi	d8bb1c391b	[chore] Update exif terminator version with codeberg libraries (#3855 )	2025-03-02 15:44:02 +01:00
tobi	5d0e3d9c35	[chore] github.com/superseriousbusiness/httpsig -> codeberg.org/superseriousbusiness/httpsig (#3854 )	2025-03-02 13:28:38 +01:00
tobi	e2e185d10b	[chore] github.com/superseriousbusiness/activity -> codeberg.org/superseriousbusiness/activity (#3853 )	2025-03-02 12:48:00 +01:00
dependabot[bot]	a7485ae251	[chore]: Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 (#3831 ) Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.0.2 to 4.0.5. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md) - [Commits](https://github.com/go-jose/go-jose/compare/v4.0.2...v4.0.5) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-01 11:43:05 +01:00
tobi	8bc502ba62	[chore] Update KimMachineGun/automemlimit (#3841 )	2025-02-26 21:10:13 +01:00
dependabot[bot]	e1ec904dd3	[chore]: Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 (#3826 ) Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/google/go-cmp/releases) - [Commits](https://github.com/google/go-cmp/compare/v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: github.com/google/go-cmp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-25 12:48:22 +01:00
dependabot[bot]	d2cf9de726	[chore]: Bump github.com/tetratelabs/wazero from 1.8.2 to 1.9.0 (#3827 ) Bumps [github.com/tetratelabs/wazero](https://github.com/tetratelabs/wazero) from 1.8.2 to 1.9.0. - [Release notes](https://github.com/tetratelabs/wazero/releases) - [Commits](https://github.com/tetratelabs/wazero/compare/v1.8.2...v1.9.0) --- updated-dependencies: - dependency-name: github.com/tetratelabs/wazero dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-25 12:48:02 +01:00
tobi	2f5629143d	[chore] Step minio down to 7.0.85 (#3808 )	2025-02-19 19:18:01 +01:00
tobi	96716e4f43	[feature] Forward-compatibility with Approval objects (#3807 ) * vendor * [feature] Forward-compatibility with Approval objects * vendor the thing * fix leetle bug * lil syntax tweak for beloved kimb	2025-02-19 18:09:54 +01:00
dependabot[bot]	c73497b58c	[chore]: Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#3805 ) Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.1 to 1.9.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.8.1...v1.9.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-17 11:43:32 +00:00
dependabot[bot]	46e473f86e	[chore]: Bump github.com/minio/minio-go/v7 from 7.0.85 to 7.0.86 (#3803 ) Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.85 to 7.0.86. - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](https://github.com/minio/minio-go/compare/v7.0.85...v7.0.86) --- updated-dependencies: - dependency-name: github.com/minio/minio-go/v7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-17 11:42:50 +00:00
kim	24f6760c0e	[chore] bump ncruces go-sqlite3 => v0.23.0 (#3785 ) * bump ncruces go-sqlite3 => v0.23.0 * whoops, add missing vendor changes...	2025-02-13 09:53:40 +01:00
alemi.dev	d0de3ad492	[bug] respect `X-Robots-Tag` and `robots.txt` on api/v1/instance and nodeinfo (#3756 ) * feat: check X-Robots-Tag when accessing /api/v1/instance or /nodeinfo endpoints respect X-Robots-Tag * chore: go fmt ./... * Check robots.txt as well, add tests --------- Co-authored-by: tobi <tobi.smethurst@protonmail.com>	2025-02-11 13:16:14 +01:00
dependabot[bot]	bb6d2f8ee8	[chore]: Bump github.com/minio/minio-go/v7 from 7.0.84 to 7.0.85 (#3772 )	2025-02-10 15:30:29 +00:00
Dominik Süß	dd094e4012	[chore] update otel libraries (#3740 ) * chore: update otel dependencies * refactor: combine tracing & metrics in observability package * chore: update example tracing compose file	2025-02-06 12:14:37 +01:00
kim	a24048fc05	bumps our fork of modernc.org/sqlite to v1.34.5 (#3731 )	2025-02-03 12:13:51 +00:00
dependabot[bot]	acd3e80ae1	[chore]: Bump github.com/minio/minio-go/v7 from 7.0.81 to 7.0.84 (#3728 ) Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.81 to 7.0.84. - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](https://github.com/minio/minio-go/compare/v7.0.81...v7.0.84) --- updated-dependencies: - dependency-name: github.com/minio/minio-go/v7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-03 10:39:40 +00:00
dependabot[bot]	8b74cad422	[chore]: Bump github.com/tdewolff/minify/v2 from 2.21.2 to 2.21.3 (#3727 ) Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.21.2 to 2.21.3. - [Release notes](https://github.com/tdewolff/minify/releases) - [Commits](https://github.com/tdewolff/minify/compare/v2.21.2...v2.21.3) --- updated-dependencies: - dependency-name: github.com/tdewolff/minify/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-03 10:12:49 +00:00
dependabot[bot]	c086d4048c	[chore]: Bump github.com/KimMachineGun/automemlimit from 0.6.1 to 0.7.0 (#3726 ) Bumps [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit) from 0.6.1 to 0.7.0. - [Release notes](https://github.com/KimMachineGun/automemlimit/releases) - [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.6.1...v0.7.0) --- updated-dependencies: - dependency-name: github.com/KimMachineGun/automemlimit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-03 10:12:35 +00:00
tobi	65fb8abd42	[feature] Implement `deliveryRecipientPreSort` to prioritize delivery to mentioned accounts (#3668 ) * weeeeenus * update to latest activity * update to use latest release tag of superseriousbusiness/activity --------- Co-authored-by: kim <grufwub@gmail.com>	2025-01-27 19:22:15 +01:00
kim	3617e27afa	bumps uptrace/bun deps to v1.2.8 (#3698 )	2025-01-27 15:54:51 +00:00
dependabot[bot]	a773768718	[chore]: Bump github.com/SherClockHolmes/webpush-go from 1.3.0 to 1.4.0 (#3694 ) Bumps [github.com/SherClockHolmes/webpush-go](https://github.com/SherClockHolmes/webpush-go) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/SherClockHolmes/webpush-go/releases) - [Commits](https://github.com/SherClockHolmes/webpush-go/compare/v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: github.com/SherClockHolmes/webpush-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-27 11:08:13 +00:00
dependabot[bot]	3428bc9633	[chore]: Bump github.com/miekg/dns from 1.1.62 to 1.1.63 (#3695 ) Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.62 to 1.1.63. - [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release) - [Commits](https://github.com/miekg/dns/compare/v1.1.62...v1.1.63) --- updated-dependencies: - dependency-name: github.com/miekg/dns dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-27 11:07:16 +00:00
dependabot[bot]	5c96702cb5	[chore]: Bump github.com/gin-contrib/gzip from 1.1.0 to 1.2.2 (#3693 ) Bumps [github.com/gin-contrib/gzip](https://github.com/gin-contrib/gzip) from 1.1.0 to 1.2.2. - [Release notes](https://github.com/gin-contrib/gzip/releases) - [Changelog](https://github.com/gin-contrib/gzip/blob/master/.goreleaser.yaml) - [Commits](https://github.com/gin-contrib/gzip/compare/v1.1.0...v1.2.2) --- updated-dependencies: - dependency-name: github.com/gin-contrib/gzip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-27 11:06:46 +00:00
Vyr Cossont	5b765d734e	[feature] Push notifications (#3587 ) * Update push subscription API model to be Mastodon 4.0 compatible * Add webpush-go dependency # Conflicts: # go.sum * Single-row table for storing instance's VAPID key pair * Generate VAPID key pair during startup * Add VAPID public key to instance info API * Return VAPID public key when registering an app * Store Web Push subscriptions in DB * Add Web Push sender (similar to email sender) * Add no-op push senders to most processor tests * Test Web Push notifications from workers * Delete Web Push subscriptions when account is deleted * Implement push subscription API * Linter fixes * Update Swagger * Fix enum to int migration * Fix GetVAPIDKeyPair * Create web push subscriptions table with indexes * Log Web Push server error messages * Send instance URL as Web Push JWT subject * Accept any 2xx code as a success * Fix malformed VAPID sub claim * Use packed notification flags * Remove unused date columns * Add notification type for update notifications Not used yet * Make GetVAPIDKeyPair idempotent and remove PutVAPIDKeyPair * Post-rebase fixes * go mod tidy * Special-case 400 errors other than 408/429 Most client errors should remove the subscription. * Improve titles, trim body to reasonable length * Disallow cleartext HTTP for Web Push servers * Fix lint * Remove redundant index on unique column Also removes redundant unique and notnull tags on ID column since these are implied by pk * Make realsender.go more readable * Use Tobi's style for wrapping errors * Restore treating all 5xx codes as temporary problems * Always load target account settings * Stub `policy` and `standard` * webpush.Sender: take type converter as ctor param * Move webpush.MockSender and noopSender into testrig	2025-01-23 16:47:30 -08:00
dependabot[bot]	5c0514e83c	[chore]: Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#3662 )	2025-01-20 10:15:27 +00:00
dependabot[bot]	9835d3e65d	[chore]: Bump github.com/gin-contrib/cors from 1.7.2 to 1.7.3 (#3661 )	2025-01-20 09:47:07 +00:00
dependabot[bot]	cfe6ac5a42	[chore]: Bump github.com/jackc/pgx/v5 from 5.7.1 to 5.7.2 (#3663 ) Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.7.1 to 5.7.2. - [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md) - [Commits](https://github.com/jackc/pgx/compare/v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: github.com/jackc/pgx/v5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-20 10:01:46 +01:00
kim	81b66ad7e3	update ncruces/go-sqlite3 v0.21.3 -> v0.22.0, gruf/go-ffmpreg v0.6.4 -> v0.6.5 (#3646 )	2025-01-14 18:30:55 +00:00
kim	b8ef9fc4bc	bump uptrace/bun dependencies from 1.2.6 to 1.2.8 (#3645 )	2025-01-14 14:23:28 +00:00
dependabot[bot]	4d423102c1	[chore]: Bump github.com/gin-contrib/gzip from 1.0.1 to 1.1.0 (#3639 ) Bumps [github.com/gin-contrib/gzip](https://github.com/gin-contrib/gzip) from 1.0.1 to 1.1.0. - [Release notes](https://github.com/gin-contrib/gzip/releases) - [Changelog](https://github.com/gin-contrib/gzip/blob/master/.goreleaser.yaml) - [Commits](https://github.com/gin-contrib/gzip/compare/v1.0.1...v1.1.0) --- updated-dependencies: - dependency-name: github.com/gin-contrib/gzip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-01-14 13:10:39 +00:00
Daenney	9ae0c7b363	[chore] Update ncruces/go-sqlite3 to 0.21.3 (#3629 ) This includes some additional locking fixes for the BSDs.	2024-12-20 21:37:19 +00:00
kim	c953f57e55	update ncruces/go-sqlite3 to v0.21.2 (#3626 )	2024-12-17 23:16:20 +00:00

1 2 3 4 5 ...

344 Commits