port patches
All checks were successful
dockers/pixelfed/pipeline/head This commit looks good

This commit is contained in:
chris 2024-03-12 17:11:50 +01:00
parent 910de7b38c
commit 71d13451f1
6 changed files with 85 additions and 59 deletions

View file

@ -1,6 +1,6 @@
From abfddd90073a3f3056526429b1b9dc4aa5c252b9 Mon Sep 17 00:00:00 2001
From f2d5017497ba69f0e7f364640f3e04b18e8373e9 Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org>
Date: Wed, 24 Jan 2024 13:00:53 +0100
Date: Tue, 12 Mar 2024 17:07:10 +0100
Subject: [PATCH 1/6] remove IP logging
Replace unneeded logging of IPs and User-Agent strings with meaningless static data.
@ -16,10 +16,10 @@ Replace unneeded logging of IPs and User-Agent strings with meaningless static d
8 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
index 75d0fe98..88948276 100644
index 6d051866..e75b3a1e 100644
--- a/app/Http/Controllers/Api/ApiV1Dot1Controller.php
+++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
@@ -280,8 +280,8 @@ class ApiV1Dot1Controller extends Controller
@@ -285,8 +285,8 @@ class ApiV1Dot1Controller extends Controller
$log->action = 'account.edit.password';
$log->message = 'Password changed';
$log->link = null;
@ -30,7 +30,7 @@ index 75d0fe98..88948276 100644
$log->save();
Mail::to($request->user())->send(new PasswordChange($user));
@@ -303,7 +303,7 @@ class ApiV1Dot1Controller extends Controller
@@ -310,7 +310,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404);
}
$agent = new Agent();
@ -39,7 +39,7 @@ index 75d0fe98..88948276 100644
$activity = AccountLog::whereUserId($user->id)
->whereAction('auth.login')
@@ -316,8 +316,8 @@ class ApiV1Dot1Controller extends Controller
@@ -323,8 +323,8 @@ class ApiV1Dot1Controller extends Controller
return [
'id' => $item->id,
'action' => $item->action,
@ -50,7 +50,7 @@ index 75d0fe98..88948276 100644
'is_mobile' => $agent->isMobile(),
'device' => $agent->device(),
'browser' => $agent->browser(),
@@ -474,7 +474,7 @@ class ApiV1Dot1Controller extends Controller
@@ -487,7 +487,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404);
}
@ -59,7 +59,7 @@ index 75d0fe98..88948276 100644
abort_if(!$rl, 400, 'Too many requests');
$this->validate($request, [
@@ -546,7 +546,7 @@ class ApiV1Dot1Controller extends Controller
@@ -559,7 +559,7 @@ class ApiV1Dot1Controller extends Controller
$user->email = $email;
$user->password = Hash::make($password);
$user->register_source = 'app';
@ -68,7 +68,7 @@ index 75d0fe98..88948276 100644
$user->app_register_token = Str::random(40);
$user->save();
@@ -603,7 +603,7 @@ class ApiV1Dot1Controller extends Controller
@@ -616,7 +616,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404);
}
@ -201,5 +201,5 @@ index c6ba3305..9442bfd0 100644
}
}
--
2.43.0
2.44.0

View file

@ -1,6 +1,6 @@
From 642ea8df27cd7c3ddb2c36cf0ba30f4ba0d94e40 Mon Sep 17 00:00:00 2001
From 8437a0ec04713939137e5d3cdce912d7ffecd992 Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org>
Date: Wed, 24 Jan 2024 13:02:16 +0100
Date: Tue, 12 Mar 2024 17:08:14 +0100
Subject: [PATCH 2/6] hardcode discovery settings
force enable discovery (as dynamic settings are not saved properly)
@ -9,11 +9,11 @@ force enable discovery (as dynamic settings are not saved properly)
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/app/Http/Controllers/DiscoverController.php b/app/Http/Controllers/DiscoverController.php
index 4bb7277a..41251adb 100644
index c9e93eec..ffeb34b4 100644
--- a/app/Http/Controllers/DiscoverController.php
+++ b/app/Http/Controllers/DiscoverController.php
@@ -279,16 +279,16 @@ class DiscoverController extends Controller
}
@@ -291,16 +291,16 @@ class DiscoverController extends Controller
return [
'hashtags' => [
- 'enabled' => false,
@ -34,5 +34,5 @@ index 4bb7277a..41251adb 100644
'server' => [
'enabled' => false,
--
2.43.0
2.44.0

View file

@ -1,13 +1,33 @@
From 0a410cf815d7a66a4544b9c5915dfa38468ec379 Mon Sep 17 00:00:00 2001
From e5c94b4eaac8c246d22fb5a85f70bda4ad1d162d Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org>
Date: Wed, 24 Jan 2024 13:04:05 +0100
Date: Tue, 12 Mar 2024 17:08:37 +0100
Subject: [PATCH 3/6] point to modified sourcecode
as per AGPL license of original source, modifications must be disclosed.
---
.gitattributes | 12 ------------
resources/views/site/opensource.blade.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
2 files changed, 1 insertion(+), 13 deletions(-)
delete mode 100644 .gitattributes
diff --git a/.gitattributes b/.gitattributes
deleted file mode 100644
index 25c1b1b6..00000000
--- a/.gitattributes
+++ /dev/null
@@ -1,12 +0,0 @@
-* text=auto
-*.css linguist-vendored
-*.scss linguist-vendored
-*.js linguist-vendored
-CHANGELOG.md export-ignore
-
-# Collapse diffs for generated files:
-public/**/*.js text -diff
-public/**/*.json text -diff
-public/**/*.css text -diff
-public/img/* binary -diff
-public/fonts/* binary -diff
diff --git a/resources/views/site/opensource.blade.php b/resources/views/site/opensource.blade.php
index cb2e7c77..63645f0c 100644
--- a/resources/views/site/opensource.blade.php
@ -22,5 +42,5 @@ index cb2e7c77..63645f0c 100644
@endsection
--
2.43.0
2.44.0

View file

@ -1,20 +1,26 @@
From c6c208aef154d2ab683d794bb5b95fa508c757da Mon Sep 17 00:00:00 2001
From e00187bc43511a6f21d2486834e44900f5b64bae Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org>
Date: Wed, 24 Jan 2024 13:05:34 +0100
Date: Tue, 12 Mar 2024 17:09:52 +0100
Subject: [PATCH 4/6] disable beagle service
beagle is a remote API service provided by dansup and used for centralised lookups.
Using the beagle service without users explicit consent violates GDPR.
As it's not configurable at the moment this patch disables remote communication with beagle.
---
app/Services/Account/RemoteAuthService.php | 3 +++
1 file changed, 3 insertions(+)
app/Services/Account/RemoteAuthService.php | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/app/Services/Account/RemoteAuthService.php b/app/Services/Account/RemoteAuthService.php
index 4412352a..667265be 100644
index 4412352a..0c69959f 100644
--- a/app/Services/Account/RemoteAuthService.php
+++ b/app/Services/Account/RemoteAuthService.php
@@ -120,6 +120,7 @@ class RemoteAuthService
@@ -115,11 +115,13 @@ class RemoteAuthService
public static function isDomainCompatible($domain = false)
{
+ return true;
if(!$domain) {
return false;
}
return Cache::remember(self::CACHE_KEY . 'domain-compatible:' . $domain, 14400, function() use($domain) {
@ -22,7 +28,7 @@ index 4412352a..667265be 100644
try {
$res = Http::timeout(20)->retry(3, 750)->get('https://beagle.pixelfed.net/api/v1/raa/domain?domain=' . $domain);
if(!$res->ok()) {
@@ -144,6 +145,7 @@ class RemoteAuthService
@@ -144,6 +146,7 @@ class RemoteAuthService
public static function lookupWebfingerUses($wf)
{
@ -30,7 +36,7 @@ index 4412352a..667265be 100644
try {
$res = Http::timeout(20)->retry(3, 750)->get('https://beagle.pixelfed.net/api/v1/raa/lookup?webfinger=' . $wf);
if(!$res->ok()) {
@@ -166,6 +168,7 @@ class RemoteAuthService
@@ -166,6 +169,7 @@ class RemoteAuthService
public static function submitToBeagle($ow, $ou, $dw, $du)
{
@ -39,5 +45,5 @@ index 4412352a..667265be 100644
$url = 'https://beagle.pixelfed.net/api/v1/raa/submit';
$res = Http::throw()->timeout(10)->get($url, [
--
2.43.0
2.44.0

View file

@ -1,6 +1,6 @@
From 2eaeb254502b00f9d25eeaec607f10f8692e96a2 Mon Sep 17 00:00:00 2001
From 533b441a88602ab8ab8e047f0d5c52ab25486aed Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org>
Date: Wed, 24 Jan 2024 13:06:07 +0100
Date: Tue, 12 Mar 2024 17:10:13 +0100
Subject: [PATCH 5/6] allow 30 char usernames
raise maximum username length, because why not?
@ -9,7 +9,7 @@ raise maximum username length, because why not?
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
index 8c10e5d0..12b8c1b3 100644
index 8bdd57bf..ed029ea6 100644
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -70,7 +70,7 @@ class RegisterController extends Controller
@ -22,5 +22,5 @@ index 8c10e5d0..12b8c1b3 100644
function ($attribute, $value, $fail) {
$dash = substr_count($value, '-');
--
2.43.0
2.44.0

File diff suppressed because one or more lines are too long