port patches
Some checks reported errors
dockers/pixelfed/pipeline/head Something is wrong with the build of this commit

This commit is contained in:
chris 2024-05-26 13:45:38 +02:00
parent db06578537
commit 7d885acd89
6 changed files with 60 additions and 80 deletions

View file

@ -1,6 +1,6 @@
From 624eaa7e48699566497bfe45e8e40ea3285f9cad Mon Sep 17 00:00:00 2001 From 8b8a7c12ee3c9a87623effc46eb75c44438fe1ee Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org> From: chris <cg@zknt.org>
Date: Sat, 20 Apr 2024 16:19:49 +0200 Date: Sun, 26 May 2024 13:42:01 +0200
Subject: [PATCH 1/6] remove IP logging Subject: [PATCH 1/6] remove IP logging
Replace unneeded logging of IPs and User-Agent strings with hashed data. Replace unneeded logging of IPs and User-Agent strings with hashed data.
@ -18,56 +18,56 @@ Replace unneeded logging of IPs and User-Agent strings with hashed data.
10 files changed, 24 insertions(+), 24 deletions(-) 10 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php diff --git a/app/Http/Controllers/Api/ApiV1Dot1Controller.php b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
index 6d051866..7c2e0b9d 100644 index 59fb1c93..9a124025 100644
--- a/app/Http/Controllers/Api/ApiV1Dot1Controller.php --- a/app/Http/Controllers/Api/ApiV1Dot1Controller.php
+++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php +++ b/app/Http/Controllers/Api/ApiV1Dot1Controller.php
@@ -285,8 +285,8 @@ class ApiV1Dot1Controller extends Controller @@ -283,8 +283,8 @@ class ApiV1Dot1Controller extends Controller
$log->action = 'account.edit.password'; $log->action = 'account.edit.password';
$log->message = 'Password changed'; $log->message = 'Password changed';
$log->link = null; $log->link = null;
- $log->ip_address = $request->ip(); - $log->ip_address = $request->ip();
- $log->user_agent = $request->userAgent(); - $log->user_agent = $request->userAgent();
+ $log->ip_address = sha1($request->ip()); + $log->ip_address = sha1($request->ip());
+ $log->user_agent = sha1($request->userAgent()); + $log->user_agent = sha1($request->userAgent());
$log->save(); $log->save();
Mail::to($request->user())->send(new PasswordChange($user)); Mail::to($request->user())->send(new PasswordChange($user));
@@ -310,7 +310,7 @@ class ApiV1Dot1Controller extends Controller @@ -308,7 +308,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404); abort_if(BouncerService::checkIp($request->ip()), 404);
} }
$agent = new Agent(); $agent = new Agent();
- $currentIp = $request->ip(); - $currentIp = $request->ip();
+ $currentIp = sha1($request->ip()); + $currentIp = sha1($request->ip());
$activity = AccountLog::whereUserId($user->id) $activity = AccountLog::whereUserId($user->id)
->whereAction('auth.login') ->whereAction('auth.login')
@@ -487,7 +487,7 @@ class ApiV1Dot1Controller extends Controller @@ -487,7 +487,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404); abort_if(BouncerService::checkIp($request->ip()), 404);
} }
- $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.$request->ip(), config('pixelfed.app_registration_rate_limit_attempts', 3), function(){}, config('pixelfed.app_registration_rate_limit_decay', 1800)); - $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.$request->ip(), config('pixelfed.app_registration_rate_limit_attempts', 3), function () {
+ $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.sha1($request->ip()), config('pixelfed.app_registration_rate_limit_attempts', 3), function(){}, config('pixelfed.app_registration_rate_limit_decay', 1800)); + $rl = RateLimiter::attempt('pf:apiv1.1:iar:'.sha1($request->ip()), config('pixelfed.app_registration_rate_limit_attempts', 3), function () {
abort_if(!$rl, 400, 'Too many requests'); }, config('pixelfed.app_registration_rate_limit_decay', 1800));
abort_if(! $rl, 400, 'Too many requests');
$this->validate($request, [ @@ -560,7 +560,7 @@ class ApiV1Dot1Controller extends Controller
@@ -559,7 +559,7 @@ class ApiV1Dot1Controller extends Controller $user->email = $email;
$user->email = $email; $user->password = Hash::make($password);
$user->password = Hash::make($password); $user->register_source = 'app';
$user->register_source = 'app'; - $user->app_register_ip = $request->ip();
- $user->app_register_ip = $request->ip(); + $user->app_register_ip = sha1($request->ip());
+ $user->app_register_ip = sha1($request->ip()); $user->app_register_token = Str::random(40);
$user->app_register_token = Str::random(40); $user->save();
$user->save();
@@ -616,7 +616,7 @@ class ApiV1Dot1Controller extends Controller @@ -618,7 +618,7 @@ class ApiV1Dot1Controller extends Controller
abort_if(BouncerService::checkIp($request->ip()), 404); abort_if(BouncerService::checkIp($request->ip()), 404);
} }
- $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function(){}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800)); - $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.$request->ip(), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () {
+ $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.sha1($request->ip()), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function(){}, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800)); + $rl = RateLimiter::attempt('pf:apiv1.1:iarc:'.sha1($request->ip()), config('pixelfed.app_registration_confirm_rate_limit_attempts', 20), function () {
abort_if(!$rl, 429, 'Too many requests'); }, config('pixelfed.app_registration_confirm_rate_limit_decay', 1800));
abort_if(! $rl, 429, 'Too many requests');
$this->validate($request, [
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 86ee52c8..3e6a9c4f 100644 index 86ee52c8..3e6a9c4f 100644
--- a/app/Http/Controllers/Auth/LoginController.php --- a/app/Http/Controllers/Auth/LoginController.php
@ -218,5 +218,5 @@ index c6ba3305..eff0cf71 100644
} }
} }
-- --
2.44.0 2.45.0

View file

@ -1,6 +1,6 @@
From d23c34e13c340d7181306edb85de456d3c3dc8fd Mon Sep 17 00:00:00 2001 From bbedc315c31eab590f7a680e5f68277cfc540e9d Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org> From: chris <cg@zknt.org>
Date: Sat, 20 Apr 2024 16:20:10 +0200 Date: Sun, 26 May 2024 13:42:23 +0200
Subject: [PATCH 2/6] hardcode discovery settings Subject: [PATCH 2/6] hardcode discovery settings
force enable discovery (as dynamic settings are not saved properly) force enable discovery (as dynamic settings are not saved properly)
@ -34,5 +34,5 @@ index c9e93eec..ffeb34b4 100644
'server' => [ 'server' => [
'enabled' => false, 'enabled' => false,
-- --
2.44.0 2.45.0

View file

@ -1,33 +1,13 @@
From 507d1947f4a006edf3b0698ef63a7537be9bf739 Mon Sep 17 00:00:00 2001 From 3561bc5f8fe01993aceeba2ced7266f4df5ceb90 Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org> From: chris <cg@zknt.org>
Date: Sat, 20 Apr 2024 16:20:26 +0200 Date: Sun, 26 May 2024 13:42:41 +0200
Subject: [PATCH 3/6] point to modified sourcecode Subject: [PATCH 3/6] point to modified sourcecode
as per AGPL license of original source, modifications must be disclosed. as per AGPL license of original source, modifications must be disclosed.
--- ---
.gitattributes | 12 ------------ resources/views/site/opensource.blade.php | 2 +-
resources/views/site/opensource.blade.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
2 files changed, 1 insertion(+), 13 deletions(-)
delete mode 100644 .gitattributes
diff --git a/.gitattributes b/.gitattributes
deleted file mode 100644
index 25c1b1b6..00000000
--- a/.gitattributes
+++ /dev/null
@@ -1,12 +0,0 @@
-* text=auto
-*.css linguist-vendored
-*.scss linguist-vendored
-*.js linguist-vendored
-CHANGELOG.md export-ignore
-
-# Collapse diffs for generated files:
-public/**/*.js text -diff
-public/**/*.json text -diff
-public/**/*.css text -diff
-public/img/* binary -diff
-public/fonts/* binary -diff
diff --git a/resources/views/site/opensource.blade.php b/resources/views/site/opensource.blade.php diff --git a/resources/views/site/opensource.blade.php b/resources/views/site/opensource.blade.php
index cb2e7c77..63645f0c 100644 index cb2e7c77..63645f0c 100644
--- a/resources/views/site/opensource.blade.php --- a/resources/views/site/opensource.blade.php
@ -42,5 +22,5 @@ index cb2e7c77..63645f0c 100644
@endsection @endsection
-- --
2.44.0 2.45.0

View file

@ -1,6 +1,6 @@
From ff60dcd7310d164900ab6d667a74e0514143eff2 Mon Sep 17 00:00:00 2001 From ab63598acd2b29b19ed1a52380b6dae71b509ff3 Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org> From: chris <cg@zknt.org>
Date: Sat, 20 Apr 2024 16:20:41 +0200 Date: Sun, 26 May 2024 13:43:19 +0200
Subject: [PATCH 4/6] disable beagle service Subject: [PATCH 4/6] disable beagle service
beagle is a remote API service provided by dansup and used for centralised lookups. beagle is a remote API service provided by dansup and used for centralised lookups.
@ -58,5 +58,5 @@ index 60a4f78e..f8c9442c 100644
try { try {
$res = Http::withOptions(['allow_redirects' => false]) $res = Http::withOptions(['allow_redirects' => false])
-- --
2.44.0 2.45.0

View file

@ -1,6 +1,6 @@
From 069e9cbab95d94aa77e7fd6436896a5e3e60b068 Mon Sep 17 00:00:00 2001 From a3c06f038fd3ff5602bbf0a4e59c614ff186c722 Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org> From: chris <cg@zknt.org>
Date: Sat, 20 Apr 2024 16:21:03 +0200 Date: Sun, 26 May 2024 13:43:34 +0200
Subject: [PATCH 5/6] allow 30 char usernames Subject: [PATCH 5/6] allow 30 char usernames
raise maximum username length, because why not? raise maximum username length, because why not?
@ -22,5 +22,5 @@ index 72c8b741..2c8a26b4 100644
function ($attribute, $value, $fail) { function ($attribute, $value, $fail) {
$dash = substr_count($value, '-'); $dash = substr_count($value, '-');
-- --
2.44.0 2.45.0

View file

@ -1,6 +1,6 @@
From a1c22f1f82437fe6d488154b7f520f58583193a0 Mon Sep 17 00:00:00 2001 From 952b84c634d64f003c06aab3ed871c4dae580f79 Mon Sep 17 00:00:00 2001
From: chris <cg@zknt.org> From: chris <cg@zknt.org>
Date: Sat, 20 Apr 2024 16:22:37 +0200 Date: Sun, 26 May 2024 13:43:52 +0200
Subject: [PATCH 6/6] Link legal notice Subject: [PATCH 6/6] Link legal notice
local jurisdiction requires a prominent link to a legal notice at the frontpage. local jurisdiction requires a prominent link to a legal notice at the frontpage.
@ -48,5 +48,5 @@ index 5fb4e27d..6188d2f3 100644
<p class="text-center text-muted small mb-0"> <p class="text-center text-muted small mb-0">
<span class="text-muted">© {{date('Y')}} {{config('pixelfed.domain.app')}}</span> <span class="text-muted">© {{date('Y')}} {{config('pixelfed.domain.app')}}</span>
-- --
2.44.0 2.45.0