Thomas Citharel
211d07b68e
Merge branch 'xss-fixes' into 'main'
...
Security and docker fixes
See merge request framasoft/mobilizon!1500
2023-12-07 11:14:36 +00:00
Thomas Citharel
db385501aa
fix(emails): use tls_certificate_check to add tls config for mailer
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-07 11:42:19 +01:00
Thomas Citharel
7210f86889
feat(cli): add command to test emails send correctly
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-07 09:17:33 +01:00
Thomas Citharel
4855af8f87
feat(docker): allow to configure loglevel at runtime through env variable
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-07 09:17:33 +01:00
Thomas Citharel
9907f887c9
fix(docker): use separate env for tzdata dir path
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 16:07:42 +01:00
Thomas Citharel
126727bf58
fix(docker): fix getting default value for MOBILIZON_SMTP_SSL env
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 16:07:03 +01:00
Thomas Citharel
7d725bd942
fix(config): fix setting path for Mobilizon.Service.SiteMap
...
System.get_env/2 makes no sense at compile time
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 16:06:20 +01:00
Thomas Citharel
28063bd1d9
fix(docker): fix getting configuration value from env MOBILIZON_SMTP_TLS
...
Closes #1381
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 16:05:33 +01:00
Thomas Citharel
09f41328ab
fix(graphql): set default value for resource type parameter
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 14:43:51 +01:00
778a69cd
3dc3e7e972
Merge remote-tracking branch 'origin/main'
2023-12-06 13:29:23 +01:00
Thomas Citharel
94bf2e53bf
fix(front): put correct value for CONVERSATION_LIST enum value
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:51:45 +01:00
Thomas Citharel
dc6647f5dc
fix: sanitize descriptions from resources
...
Currently resources descriptions are not used anywhere but they are
prefilled from source URL preview. Still, doesn't hurt to sanitize
these.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:47:28 +01:00
Thomas Citharel
58e50e3c9f
test: add new tests for XSS in actors summary
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:19:19 +01:00
Thomas Citharel
41227d994c
style: linting front-end
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:18:36 +01:00
Thomas Citharel
2c12fbfd09
fix(front): anonymous participant text is plain text, avoid using v-html
...
It was using v-html when opening to "view more"
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:18:05 +01:00
Thomas Citharel
77518deb54
Merge branch 'weblate-mobilizon-frontend' into 'main'
...
Translations update from Framasoft Weblate
See merge request framasoft/mobilizon!1498
2023-12-06 10:07:48 +00:00
Thomas Citharel
ffff379d47
fix: always consider report content as text
...
Report content was used as HTML in front-end and e-mails but wasn't sanitized as such.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:05:56 +01:00
FoW
1a1ad5295b
Translated using Weblate (Korean)
...
Currently translated at 0.5% (2 of 355 strings)
Translation: Mobilizon/Backend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/backend/ko/
2023-12-06 10:49:28 +01:00
FoW
7b4c31d66a
Translated using Weblate (Korean)
...
Currently translated at 1.1% (19 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/ko/
2023-12-06 10:49:27 +01:00
Thomas Citharel
ded59bec27
fix(front): fix XSS because of bad operations when setting the group's summary
...
Group summary (HTML) is properly sanitized by the backend, but for groups we did a special operation
before setting the HTML in the Vue app. This is now removed
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 08:47:44 +01:00
Thomas Citharel
935799f123
fix(front): fix editing group
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 08:37:48 +01:00
Thomas Citharel
5b337f952a
refactor(activitypub): handle failure finding public key in actor keys
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 08:25:02 +01:00
Thomas Citharel
114e850682
Merge branch 'weblate-mobilizon-frontend' into 'main'
...
Translations update from Framasoft Weblate
See merge request framasoft/mobilizon!1497
2023-12-06 06:38:24 +00:00
Milo Ivir
9c88faeafb
Translated using Weblate (Croatian)
...
Currently translated at 88.9% (1458 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-05 22:34:12 +01:00
778a69cd
daf33b747c
Merge remote-tracking branch 'origin/main'
2023-12-05 17:41:28 +01:00
Milo Ivir
623f4ee556
Translated using Weblate (Croatian)
...
Currently translated at 87.1% (1430 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-05 17:34:13 +01:00
Milo Ivir
1162dd0f7d
Translated using Weblate (Croatian)
...
Currently translated at 81.6% (290 of 355 strings)
Translation: Mobilizon/Backend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/backend/hr/
2023-12-05 17:34:13 +01:00
Thomas Citharel
3a55baeffd
chore(release): release 4.0.0
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 09:07:11 +01:00
Thomas Citharel
f93457131a
Merge branch 'fixes' into 'main'
...
Little fixes
See merge request framasoft/mobilizon!1496
2023-12-05 08:06:10 +00:00
Thomas Citharel
147096cc3d
refactor: to lower cyclomatic complexity
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 08:40:01 +01:00
Thomas Citharel
f81472e081
fix(front): fix tag loading
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 08:28:11 +01:00
Thomas Citharel
c4d2ec69ad
fix(front): only show participants & announcements menu items to organizers
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 08:15:11 +01:00
Thomas Citharel
89d1ee42f4
fix(backend): handle ecto errors when fetching and create entities
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 08:06:16 +01:00
Thomas Citharel
f1084c101f
fix(activitypub): fix receiving comments
...
Should fix race conditions and actors deleted of received comments
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 08:02:09 +01:00
Thomas Citharel
749e90b6c9
Merge branch 'weblate-mobilizon-frontend' into 'main'
...
Translations update from Framasoft Weblate
See merge request framasoft/mobilizon!1495
2023-12-05 06:51:42 +00:00
Milo Ivir
a26ff98b13
Translated using Weblate (Croatian)
...
Currently translated at 86.2% (1414 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:30:01 +01:00
Milo Ivir
1683f01662
Translated using Weblate (Croatian)
...
Currently translated at 53.7% (143 of 266 strings)
Translation: Mobilizon/Backend errors
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/backend-errors/hr/
2023-12-04 19:30:01 +01:00
Milo Ivir
aa7f870a79
Translated using Weblate (Croatian)
...
Currently translated at 86.2% (1414 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:18:45 +01:00
Milo Ivir
1ce34eaffb
Translated using Weblate (Croatian)
...
Currently translated at 86.0% (1412 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:13:15 +01:00
Milo Ivir
5e7edc0784
Translated using Weblate (Croatian)
...
Currently translated at 85.9% (1410 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:10:07 +01:00
Milo Ivir
d777d8874c
Translated using Weblate (Croatian)
...
Currently translated at 80.0% (284 of 355 strings)
Translation: Mobilizon/Backend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/backend/hr/
2023-12-04 19:10:06 +01:00
Milo Ivir
0118d974e9
Translated using Weblate (Croatian)
...
Currently translated at 100.0% (91 of 91 strings)
Translation: Mobilizon/Activity
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/activity/hr/
2023-12-04 19:10:06 +01:00
Thomas Citharel
5677f8170f
Merge branch 'weblate-mobilizon-frontend' into 'main'
...
Translations update from Framasoft Weblate
See merge request framasoft/mobilizon!1494
2023-12-04 18:01:07 +00:00
Milo Ivir
805e931e53
Translated using Weblate (Croatian)
...
Currently translated at 97.8% (89 of 91 strings)
Translation: Mobilizon/Activity
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/activity/hr/
2023-12-04 18:47:51 +01:00
778a69cd
d8ba0bc12c
Merge remote-tracking branch 'origin/main'
2023-12-04 16:08:22 +01:00
Thomas Citharel
c8f85df3db
Merge branch 'fixes' into 'main'
...
make recipient field placeholder translatable and an AP fix
Closes #1378
See merge request framasoft/mobilizon!1493
2023-12-04 13:28:23 +00:00
Thomas Citharel
5e8f9afb62
fix(activitypub): compact ical:status in activitystream data
...
Was kept for no other reason than disambiguation with https://schema.org/status , but no need if we
specify the correct alias in the context.
Keeps a fallback for older versions compatibility
Closes #1378
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-04 14:05:27 +01:00
Thomas Citharel
10ce812660
fix(front): make recipient field placeholder translatable
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-04 13:49:42 +01:00
Thomas Citharel
24d92f60f7
chore(release): 4.0.0-rc.1
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-04 09:33:02 +01:00
Thomas Citharel
3851392225
Merge branch 'suspension-fixes' into 'main'
...
fix(backend): only send suspension notification emails when actor's suspended and not just deleted
See merge request framasoft/mobilizon!1492
2023-12-04 08:30:06 +00:00