NodeBB
Node.js based forum software built for the modern web
Alternative to: discourse, vanilla forums, circle
About
Versions (100)
v4.0.0
2025-01-20Release build (major) of NodeBB @ 2025-01-20T18:53:47.134Z
v4.0.0 (2025-01-20)
Breaking Changes
- add new
escapeoption to getPostSummaryByPids [breaking] (16c8a652) - core html stripping on plaintext, remove ‘filter:teasers.configureStripTags’ hook, remove html stripping from teaser generation (c01f1549)
Documentation Changes
- add
resizeImageWidthto openapi definition for /api/config route (7c1b9000) - fix comment (e5331b84)
- schema update for activitypub acp route (3a05171f)
- update comment to reflect new behaviour (2cbd63dc)
New Features
- fix activitypub toggler to be more complete; tests. #13054 (af4d07fb)
- add activitypub file to translations (74831034)
- save audience into post hash (for remote posts) (b537437c)
- add
filter:topics.hasThumbsfilter hook (f4835695) - append uploaded images into thumbnail set (cc65214d)
- #12976, shares collection (e83036a9)
- pending follows and logic for remote users, #12938 (2851e56b)
- #12935, show ‘shared this to x’ in topic event when moving topics out of cid -1 (fcf0f799)
- support for FEP fb2a (new-style account metadata) (549a6b7d)
- #12924, parse incoming custom fields from remote users (0f351ba7)
- #12924, custom user fields for local users now federating out (62fe70f2)
- add title property to custom emoji markup (3968c822)
- #12683, parse incoming emoji tags and replace in content prior to storage in database (09b1e119)
- fire new hook
filter:activitypub.mocks.noteon note mocking (4ba41a68) - handle receipt of
Addactivity #12707 (3023b251) - associate new topics created from asserted notes with their originating context, if that context is resolvable (6f237c57)
- #12822, send all outgoing links to
/apfirst to see if it’s activitypub enabled, parse if able, otherwise redirect as normal (069c8228) - normalization middleware to ensure incoming objects’ data types are as expected (simplifies later logic) (13c048a5)
- send Update(Note) on chat message deletion and restoration, serving Tombstone if deleted (61445d3d)
- handle Update(Note) when object has limited visibility, #12834 (e5948464)
- check room counts on actor prune, #12834 (e0e2051d)
- federate on chat message edit, #12834 (1659015c)
- notify users on new message from remote users, fix use of parseInt in generating chat notification (2464d13c)
- handle incoming non-public activities as chat message, #12834 (b82e20df)
- federating out chat messages (2ab5ea39)
- update mdidleware.assert.message so roomId is optional (2b71434e)
- #12647, federate out
Addactivity on inbox.create and local post creation (bd44783e) - send 308 when activitypub request for remote post comes in, #12831 (7f1f4859)
- dynamic category icon generation (edff3394)
- enable web-push plugin on first install (34c4cefe)
- service worker icon and badge support (4ae86145)
- update
buildRecipientsto include all topic participants and their followers, #12735 (6752a541) - notification rescind support (d6bab253)
- update service worker to handle push and notificationclick (5109b539)
- add onmessage handler for service worker (40fe4d88)
- extend activitypubApi.create.note to accept a post object to reduce unnecessary calls to retrieve post summary (b63440cb)
- moving a topic out of cid -1 federates an Announce activity, #12734 (daa665eb)
- additional copy re: editing remote posts, #12732 (c3e14912)
- allow use of vanity domains pointing to an account hosted elsewhere (709a02d9)
- show local users who follow (or are followed) by a remote user, on a remote user’s profile (a884681a)
- additional logic to handle special case where a queried object id reports a context, but it is not actually contained in the resolved context’s collection (f9937a84)
- #12695 Topic Synchronization via resolvable
context(ff0c289e) - activitypub.get; allow the passing-in of custom headers via existing
optionsparameter (da25fd21) - add post attachments to topic thumbnails (2aeabce5)
- icon replacing user status for remote users, denoting that they are from outside the local instance, #12688 (a81ef609)
- allow activitypub request cache to be ignored (485b7758)
- send join date in local actor mock (3c9337b7)
- AP note replies collection, closes #12675 (26a7c51a)
- topic backfill logic via resolvable context #12647 (e75ec39b)
- send out
Update(Actor)when a category is edited (09d8fbf9) - instance-level allow andd deny list for federatioN (6e2178b0)
- store encountered instances by last seen date (d0a1ebcf)
- sending out 1b12-style Announce activities on incoming Create/Update/Like/Delete/Undo(Like) activities, when they pertain to notes (6569066e)
- assert actors when mocking post (f5b856f4)
- check to/cc/audience for local category and put topic there instead (overrides passed-in cid) (b6ffc47c)
- plumb audience into _activitypub when mocking posts (d9f1fa3a)
- send cause to ap.get error handler, delete local account representation if assertion fails with a 410 (3567f55a)
- #12589, add nodeinfo endpoint (578a53dd)
- add timestamp to most activity ids (42f514b7)
- show category followers in category federation ACP page (7313d5c6)
- logic for remote user deletion, cronjob, and ACP options for pruning options (4bb2c1a8)
- remote user deletion logic, #12611 (539300ff)
- allow user.exists to respond to requests for remote uids too (3dca79dd)
- pruning of stale notes older than 30 days with no engagement (709c9132)
- save remote user urls backreference (ff53f3c0)
- add another sanitization round before federating to remove classes from all tags in output html, closes #12573 (7c79e231)
- passing in types to parsePost for more specific handling by plugins (8cf96176)
- track incoming requests by id, analytics increment for some metrics, ignore repeated requests by id (4e9cd8ef)
- added analytics.peek (b106a6a0)
- Note deletion logic and refactoring, #12551 (ccd187e0)
- handle receipt of Update(Tombstone) (f4043959)
- on post delete, federate out an Update(Tombstone) (96db519b)
- serve Tombstone objects for soft deleted posts (5e9d47a1)
- ability to query remote users by webfinger handle (97615267)
- support the ability to search for posts and users by url (4cbb1f2a)
- basic retry queue (50bc9a37)
- on post edit, also target anyone who announced the post and their followers (807c3eac)
- add id to reject activity (32d1adf6)
- openapi spec for acp category federation page (fc3f3a78)
- support rescinding user flags (61a595de)
- slightly better title generation (b9d6aa46)
- help modal for world page (cf291a51)
- remove
/world/allroute, add intro header to/world(af324dae) - add id to Like (ab055a77)
- handle 1b14 announce for remote content too (2ce3a116)
- resolve Crate and Announce activities (f802564e)
- utility functions to get local followers/counts given a remote actor uri, plumb cid into notes.assert via inbox.announce if a local cid is following the sending actor (452cb0a9)
- send id back during accepts (b7629c6e)
- handle Undo(Flag) (a1a7fb77)
- send undo when rescinding/deleting a report (c1dfa8d2)
- federate flag creation (2a2b855f)
- bulk purge flags (7bacbf76)
- rescind post flags (9ab1a2d1)
- integrate post uploads into attachments for outgoing note mocks (fdbd30dc)
- add id to profile updates (4d07ca4c)
- noremalize actor property in middleware (18ba2e38)
- save remote post url into hash for use (525b7c2c)
- note attachments via link preview plugin (6fc6cc33)
- add ids for undoing follows (3cc09d20)
- send back follow id in Accept (66b0d81c)
- add id to follows and verify accepts (72dbcfe3)
- resolve objects from ids in middleware (102c174e)
- filter out topics in cid -1 from tagged topics page, closes #12489 (d437d969)
- sign public key requests (fcd5447c)
- populate and send link tag/header respectively for activitypub-enabled content (4e0d7dd3)
- basic AP Flag support (d9eba6d2)
- send unique identifiers for note activities (9fc194e3)
- upgrade script to re-assert all known actors to save URL into hash, and bump mentions (943cef6d)
- sorting an filtering in /world (d1fa6a59)
- make the /api/world data more category-like (e266b447)
- add more properties from /category to /world (3c6966fb)
- follow redirects in API (e0138cbe)
- add checks to only continue with topic assertion if there is a relation to existing content, #12442 (55e947a0)
- add assertion lock on activitypub.notes.assert (2688b6bb)
- have category actor send Announce(Note) on remote replies to topics in a cid (04c743eb)
- have category actor send Announce(Note) activity on posts from that cid (7df5cabb)
- ability to update category handles (9dc20d0c)
- category handles, #12434 (3cc99a17)
- rename ‘world’ category to ‘uncategorized’ (9a5d4ffb)
- plumb pid into return data from posts.loadPostTools, add link to view original post, for remote content (17f62f24)
- add TTL cache for Actors.assert (d75894eb)
- log all post edits to the event log, return eid when logging events, plumb eid into Update(Note) to federate out as a unique id (83392f3c)
- if Update(Note) is received for a post that does not already exist, assert it (0bfdbb6a)
- return count of new notes in assertTopic (519e025e)
- add /world and /world/all to available nav items (f31d8c2e)
- mentions support (e4c1ca1e)
- allow user.search to handle remote handles, beginning of mentions support (1b64fdb5)
- integrate notifications for remote likes, follows, and announces. (c707a32a)
- federate tags out on new post (if new topic) (e1c43112)
- restrict loopback calls (77a3efb4)
- fine-grained privileges integration for fediverse users and world pseudo-category (1bd8f9a1)
- temporarily deny handling non-public notes (eaba2aa3)
- shared inbox (49c69a0f)
- security, cross-check key ownership against received actor (a94341f4)
- attachments support (e5b6ee97)
- save tids to individual user inboxes based on recipient list, new /world/all route (89128634)
- save actor follower URL backreference and sorted set backreference (da085b0e)
- infinite scrolling for /world (874b24cb)
- record remote Announce(Note) (6508287d)
- handle Announce(Note) when Note is a piece of remote content (94dcd29e)
- Announce(Note) and Undo(Announce) (415b4fe1)
- exposed method to find topic events based on a subset of saved info, returns topic event ids (b9821c52)
- topic and category S2S get responses (a461e5dd)
- send proper content-type on AP S2S responses (d18e65c4)
- category actors, stub outbox (88733a51)
- returning following and follower collections upon request (ae042ce3)
- Like(Note) and Undo(Like); federating likes (607c4623)
- origin checking on received Update activities (6930973d)
- Update(Note) (0e59f312)
- Update(Person) (6e87cf57)
- activitypub response to note retrieval via pid (6b517252)
- added mocks.actor and Update(Person) activity on profile update (8453b83e)
- Create(Note) on new topic or reply (0e016c6e)
- proper webfinger response for instance actor (da0211b1)
- application actor + public key for uid 0 signs, moved homepage route to after core routes are generated (9885f94a)
- native parsing of title for topics (981b4f14)
- beginnings of the /world route (04423232)
- handle Update(note) (ac672f08)
- handle Create(note) (f7477536)
- flesh out more topic info, fix navigator (7e89eadb)
- some additional work to properly save and retrieve remote topic data (4bd7a574)
- ability to browse to any ActivityPub note and have the entire topic chain render (485cf200)
- add activitypub request cache (326bb995)
- assertNotes method (ab40ba61)
- ability to load remote post data in a topic (3ce84b39)
- plumb uid into .addParentPosts() so .assertNotes() can be properly called (0d478b2c)
- stub lib for retrieving and mocking posts (f1e5e5a0)
- send name property in getActor response (5e1e8099)
- ability to browse follower/following lists of remote accounts (2a77ae55)
- expose following/follower counts in actor response (7fd15d66)
- show remote followers/following in user profile pages (739b0548)
- update mockProfile to accept actor uris as well as actor objects (672c7014)
- accept and undo support (4c1b2b3f)
- update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input (1f79f542)
- follow/unfollow logic and receipt (c02271c7)
- actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon (cdc4275f)
- http signatures support, .sign() and .verify() AP helper methods (e7184eb8)
- add webfinger ttl cache (4f5f025d)
- add .has() call to cache/ttl (57895b72)
- ability to view federated profiles via url manipulation (a05b674e)
- followers and following endpoints (7e1dac39)
- inbox and outbox routes, stub controllers (81b6260f)
- global switch for disabling federation, + test (099124c4)
- activitypub actor endpoint for user accounts (2dec357a)
- activitypub: show world category in selectors (953231fc)
Bug Fixes
- ap webfinger test (3e33e1a3)
- if user is logged in after registration don’t go back to /login (23b37f62)
- closes #13056, guard against undefined keyid,compare (6073a25b)
- bug where newly create cids were not responding via webfinger, 404 on webfinger errors, not 400 (c17809e4)
- #12990, local references via remote posts are not linkified properly, + tests for helper (98280d30)
- #12984, fix pids numeric sorting, handle non-integers (4dc740a2)
- add deprecation note re: as:audience (3cf3f93a)
- #13021, save details of follow request before sending the follow, avoid race condition (16616814)
- handle ap send errors with object body (450322d1)
- thumbs.get to handle null case from mime.getType (50b510e3)
- post upload sync duplication bug (cfeb49dd)
- language fallbacks for activitypub-related strings (37a4fd7c)
- add sourceContent prop to posts API; fix other tests (e1db9642)
- add sourceContent prop to posts API (8ebe6de1)
- add missing file for openapi tests (e6b20ed3)
- activitypub tests (12fb205b)
- broken tests (9c78255e)
- #13014, possible fix for peertube incompatibility: strip hash value from key IDs during check (0ad8ed9d)
- #12996, invalid title generation when remote post content has markdown source (1d36ab6d)
- #13017, probe redirection if url is identical to id (39705a17)
- #13016, remote account deletion frontend UI bug (2005a02a)
- add missing catch, closes #13012 (45021b5b)
- check if url is undefined (fa81078a)
- #12941, inherit audience from earlier posts in the chain so as to send a coherent value to Lemmy instances, re: lemmynet/lemmy#5278 (97384b2c)
- add 10s timeout for AP message send (25d6ef43)
- ignore subsequent shares of the same topic by that user (d734ce49)
- #12972, allow bridgyfed accounts to pass isWebfinger regex validation (a7e6cfe8)
- bump harmony (ee8ec61e)
- fix double thumb due to post attachments (755b9855)
- lemmy integration, handle
imageproperty as topic thumb (b15a684a) - wrap try..catch around topics.reply in note assertion to output errors (b551abce)
- have options.update also trigger handle and search updates on actor assertion (050acb4f)
- separate out removals vs. additions in actor assertion in order to hopefully resolve #12959 (546ffed2)
- openapi schema for ap routes (c86b6f24)
- get version directly from package.json (3340720e)
- set linkValue for remote user fields (3d653cbb)
- crash due to missing param when calling getCustomUserFields (e5fdf9f1)
- set a user-agent when sending requests (64339e61)
- persist
sourceContentinto post hash when ingesting remote posts, update markdown so that field is parsed instead of ignoring content (1839388b) - use fediverse pseudo-user for webfinger privilege checks (f32184b2)
- regression on remote deletes, received object is not always a simple id (d7fe3558)
- thrown exception from failed note assertion (830aab66)
- one more (304fa554)
- another fix re: 3780fdc6ff9fb23048266b43ceae86646fb795cc (69d5544a)
- thrown exception from failed note assertion (f7a294a7)
- additional fixes re: 3780fdc6ff9fb23048266b43ceae86646fb795cc (97861dd1)
- regression on remote deletes, received object is not always a simple id (3780fdc6)
- #12939 convert custom emoji in actor summary into images (78a9e86c)
- translate custom field names and values when federating out (e6edcefd)
- bump emoji-android version (552298f8)
- bump harmony and re-tag (593a1933)
- bump emoji to 6.0.1 (efa0cac3)
- bump harmony (00b2dd49)
- strip html from remote custom fields, linkify if url detected in now-plaintext field value (065f84b6)
- handling of empty custom user fields from remote users (1bebb82b)
- don’t send custom fields in remote user actor object if no value is entered (09f00f8e)
- hotfix for empty user fields (ce1efd39)
- bump mentions (e5f804ff)
- #12928, topic showing wrong queued posts in-topic when topic is remote (7b747c8f)
- replace parseInt that was excluding remote pids from calculation (93bb73c1)
- #12923, inability to start chat with remote users via profile (b6a2520f)
- inability to directly post to a nodebb category from the fediverse (55ab85ac)
- #12919, handle when buildTopicsSortedSet returns a non-array (e4e6b1d2)
- #12912, strip custom emoji from remote content titles (7adc3140)
- don’t chop off colons when generating titles as they could interfere with emoji (f449fafc)
- #12893, topic with pages returning OrderedCollectionPage instead of OrderedCollection. (d685b20e)
- missing return (cf3555fa)
- #12887, strip target attribute from remote posts’ html (3eb0a0ed)
- #12866 again, more tests (a59dae3f)
- raise probe timeout to 2s (94e34907)
- topic count not showing up on category page (dd363446)
- #12882, view original post circles back to same topic (93844321)
- #12883, activitypub probe timeout (f8729571)
- errant mention detection via actors.note (22dbf15e)
- #12880, refactored ap controller.list to use
buildTopicsSortedSet, moved out poor man’s intersect to internal method (05c8ee9f) - don’t trust timestamps on received items (b1d779ca)
- use
categories.getTopicIdsinstead of duplicating existing logic to get world tids (7bf41138) - #12866, improve title generator, refactor tests (beb85604)
- one more fix (eccad588)
- debug return not restored back (0e982fcf)
- #12865, crash on liking a chat message (fc3243d6)
- possible fix to escaped emoji in titles (f5324501)
- #12707 ensure actor matches context attributedTo (998273cd)
- federate out an Add on post creation even if there are no category followers (15516862)
- accidental sending of Set to ActivityPub.send (3030a720)
- #12857 byebye cheerio (8492b5f4)
- inputIndex check (cac4f8e7)
- convert some more verbose logging to use ap logging helper (6208ab8d)
- regression introduced by 903d03891941902ddac80b380552530e1853c306 (d451adaf)
- lint (c34407d8)
- errant parseInt in canEditDelete (0f1b1164)
- guard against missing to/cc (1d5f490d)
- object not array (873d033b)
- backend logic fixes for #12853 (b472c589)
- groups not showing up on new reply (1bf09907)
- re-enable logging only for dev mode (a226ee9e)
- defer postdata retrieval (9062691a)
inReplyToincorrectly including system messages, #12834 (7ad7bc47)- remote debug log (e9a27db2)
- error on replying to remote mids #12834 (adf33cfa)
- proper urls in
to, #12834 (94ac57ea) - simplify uid logic, explicitly mention all participants, even local users, #12834 (70fe8689)
- adjust timestamp after message creation instead of passing timestamp in, #12834 (0346e92b)
- limited visibility remote posts with greater scope than asserted roomId should add those users to the chat room, #12834 (22931be1)
- empty mid on frontend for remote posts (8abfd951)
- recent chats string generation to handle remote users #12834 (0a17a0b9)
- inReplyTo bug, #12834 (fc1d064d)
- remove sender from recipients, #12834 (8f7d0499)
- private note
inReplyTourl, #12834 (f3045309) inReplyTofor private notes so that refer to the immediately previous message if not explicitly defined (f4a02d9c)- duplicate logic and double-parsing issue, #12834 (8a1abe68)
- federate out a Create(Note) instead of just the note… doi… (74d5ced2)
- chat room kicking of remote users, (un)read logic for remote users (there is none), sendNotification to only apply to local uids (52080ba2)
- restrict the ability to make a remote user a chat room owner (b610b520)
- display of remote users in chat room search (f5129017)
- also ignore non-public notes on Update activity (2713d13c)
- bump web-push (f57758b9)
- logic tweak (15f60b24)
- fall back to inReplyTo traversal on context resolution failure (903d0389)
- tests (45a0b818)
- null defense (3d25a079)
- #12821, improvements to search bar and search logic (0b83e5b8)
- lint (c265666c)
- parse aboutme when mocking a user (c5e10c1a)
- remove superfluous service-worker code (90cc7e61)
- explicitly set
updatedproperty when federating notes out (6fe4d446) - buttons for general settings (5bc907a0)
- bump mentions (e0c410cd)
- actors.assert attempting to process things that aren’t actors, #12809 (6b4b4b1a)
- carry out mime-type guessing on incoming attachments (71ce3089)
- re-use already parsed html in api.posts.edit’s call to getPostSummaryByPids, delay federating out edit activity for 5s to give link preview a chance to resolve (b04a1105)
- id on 1b12 announces (047d5992)
- better handling for remote posts that do not contain content (3c55d102)
- #12799 add externally linked images to
attachment(1a0a2cd1) - remove includeUncontrolled as we are posting messages, and that only works with windows you control lol (028b6d74)
- add logic to automatically take over clients from old service workers (1fbf9114)
- closes #12787, filter null topics (c2600b12)
- remove use of jquery $(this) in ajaxify (176f4d0d)
- crash when AP S2S call made to retrieve a remote user account (not allowed); now returning 404 (d42d3b1c)
- prevent crash if items is undefined (a80e3141)
- regression that caused replies to not get federated (652d6c6e)
- #12760, add proper security context for application actor (045e16d3)
- on topic move out of cid -1, also federate to the public address (909437c3)
- bump harmony (6ed32f67)
- type casting in user block logic (0f63f67b)
- restrict announce activity to topic moving OUT of cid -1 (f3eb6d50)
- #12751, topics:recent zset not updated when tid moved in/out of cid -1 (76551c71)
- bump mentions (e6d8e059)
- bump composer (22952c54)
- bump composer (e2879563)
- #12732 editing of remote post content (25bf97ae)
- #12733, html present in generated title for remote topics (34747122)
- #12729, replies to existing topics from Pixelfed not asserting properly due to incorrect
toPid(f481cde1) - move topic reply call in notes.assert to its own line (95e6d2b4)
- #12510, blocking of a single remote user causes content from all remote users to be blocked (53aee401)
- serve category actor image instead of nothing, serve brand logo in icon (cbe0a0ad)
- lint (d33fb92d)
- have note federation call .parsePost instead of firing plugin hook (93536386)
- always send replies uri instead of null if no replies exist, @trwnh (ff08fbb7)
- send
nullinstead of empty array inrepliesproperty if mocked note has no replies (9bd6896d) - bug that caused remote replies to other remote content to not always assert (2ced3502)
- bugs in user searching causing remote lookups to fail (1f896fb6)
audienceproperty in topic actor response (9a54f6bc)- updating of post counts for remote users (3e494dc7)
- add privilege check to user follows (399d4103)
- accidental passing of string instead of constant (7bf349b6)
- lint (fc5a829c)
- update upgrade script date (b9f37c5c)
- include follower sets for reassertion (be393d57)
- missing await (5c9ac5d3)
- null check for note attachments for thumbs view (2aa04837)
- incorrect parsing of context items during note assertion, logic error with slicing (60408f23)
- logging in topic actor logic (bc00835c)
- issue with topic actors not returning proper json (609035b5)
- off by one error @barisusakli (cfbaf145)
- map to actual mainPid value (7bdf3769)
- skip topic retrieval when cid is -1, as it is done again later (92191995)
- flawed logic in generating topic context collection (31c7226e)
- rename announcers to shares (3c0d7616)
- catch thrown errors in src/api/activitypub (fdc0d670)
- federating category mentions (00a26679)
- send html in category description (f605e188)
- Update activity handling for non-Person actors (5e343a83)
- remove await from category update federation call (bacbfba9)
- issue where incrementing user hash fields didn’t use the right key name for remote announce @barisusakli (e84cfd8c)
- lint (b0eec67d)
- send back empty array if no direct replies, bug with reply generation (af6ae6ee)
- accidental passing-in of an array into getUserField, breaks in pgsql? (8e1fccf0)
- hardcoded tid in topic thumbs test (78a6c60c)
- tighten up logic in checkToPid internal method (f629b20f)
- partial revert to fix url_parsed not being available at top of file @barisusakli (8ecbb5cc)
- removal of topics from applicable user inboxes when synced (46341673)
- tweak logic for topic counters sorted sets, #12642 (0d549f1d)
- #12667; handle cases where received id is not a URL (d92efb8a)
- #12673 fullname not defined in some remote actors (f662a606)
- only send Update(Actor) to followers, #12674 (26946c7f)
- missing sorted set member removal on category unfollow (a748068c)
- add timestamp to follow activity to make it unique (eab231ee)
- additional logging for activities with no context property (cb5e5b4b)
- update handling of Announce(Create(Note)) to also handle non-note types (600b1a86)
- push instead of unshift, now that order is reversed (cc0bbcb7)
- wrong property name for OrderedCollection items (a2fb939b)
- improper sourceContent in mocks (615aaa01)
- #12662, add original activity actor to Announced activity’s cc (d6f44d8e)
- remove duplicate 1b12 announce in notes.assert (already handled in inbox) (4dbb73a4)
- #12652, incorrect user, post, topic counters with AP enabled (fe70a2b8)
- incorrect activity id sent out on 1b12 announce (ef97a784)
- #12654, incorrect location of
sharedInboxproperty (b66d998d) - regression that caused new notes to have undefined cid and fail privilege check (a371c9fc)
- move call to retrieve cid followers out of loop (89dd2fb0)
- do not retrieve remote outbox count when asserting actor (16f8f536)
- double sanitization (d9ac7f49)
- dont load cid=-1 in tag filter dropdown (7d679db2)
- change setImmediate to a 5s timeout to give plugins (or anything waiting for the return value of the API call) a chance to finish execution (7fada44b)
- openapi spec for v3 posts get (4b86b378)
- wrap ap note creation in setImmediate to let internal hooks have a chance to wrap up first (a3c6c872)
- improper sanitization and parsing in mocks.note (59818031)
- remove parseInt on users controller (5a2fa52c)
- send additional @context entry for
publicKeysupport, fixes #12604 (4eb998d5) - null case handling (e6e6c2a2)
- category follow schema test (4b8a9e58)
- getCidByPid call returning improper values because a remote url to a local post was passed in (4030c09e)
- 1b12 conformance for inbox.create as well (c8bc6e55)
- re-add sending of Announce(Note) for microblog support, #12434 (89d2363d)
- FEP 1b12 conformance, federate Announce(Create(Note)) instead of Announce(Note), #12434 (be95b5b1)
- missing openapi schema change (e9a0d495)
- eliminate infinite loop in actors.assert via user.getUsersFields (18e58318)
- minor adjustment in logic to work around relation logic (1219d7d3)
- introduce artificial 5s delay for 1b12 announces (101062cb)
- move logic to move topic on note assertion earlier in the flow so it actually runs (acd1630b)
- post count (badb7e2c)
- skip follower count check if cid follower is found (f29214e0)
- don’t crash process on error in cronjobs (89465ec6)
- handle missing fullname in actor removal logic (ae3fa85f)
- guard against infinite loop during topic purge batch call (6272d059)
- unintentional parseInt during post purge (bcfac00b)
- pid in api call (70625133)
- missing await on topic purge (6ecc791d)
- don’t attempt user reset token cleaning if uid is not a number (8d790964)
- set (f83a3672)
- incorrect use of .map on a Set (c6f2155f)
- another crash (f8d9f644)
- closes #12618, handle missing selector (35eb2d0d)
- crash in mocks.profile (6f37825b)
- bug that stopped remote users with dashes in their handle from being properly asserted (76290e37)
- parse incoming HTML to remove useless classes too (47406d13)
- update post cache clearing logic to call helper function (547fc17d)
- have replies provide
namewhen mocked (b6653d15) - lint (f93b237e)
- remove .only (a0054400)
- minor cleanup (129017f7)
- Notes.delete to delete announcer zsets too (b5b89038)
- rename api.activitypub.create.post to .note() (2d7ca48d)
- canPurge logic fault (d40d0b06)
- allow remote content to skip isReady check on topic creation/reply (5bfde4c4)
- Topic.isOwner check to handle remote users (0a1ad87d)
- special handling for privsTopics.canPurge for remote posts (b67a7c3c)
- Posts.isMain cast pid to String instead (9fbd48b1)
- special logic for purge privilege checks (9f44e99f)
- unnecessary parseInt in post purge api method (eda97da1)
- type error in attachment emptying method (336ea1ee)
- tag notification if pid is not int (baada2fc)
- encode most uses of pid to avoid more bugs like #12545 (c973a9ca)
- allow quoting AP posts, fixes #12545 (43dfb60f)
- Update(Note) federation should only apply to local content (6f9fa660)
- attach announcers and their followers to cc, not to targets, only attach announcers to targets (51089a34)
- bump harmony (2cd9088c)
- inability to query local content via remote url (ac74d9c5)
- ensure consistent return type from notes.assert (a7aeabc8)
- remove unnecessary check and guard against unsupported URIs before fetching (af986758)
- handle retry queue invalidation across a cluster (22b42f11)
- use batch.processArray properly (729f0fca)
- if an unknown post is navigated to by a logged-in user, automatically assert the post and add it to their inbox (4e7b12b9)
- bump harmony (e341a5d8)
- bump composer-default (4e006adb)
- save followersUrl to remote user hashes (738d47c7)
- notifications for tag followers not being sent if author is a remote user (8de2352e)
- send topic title in context object (05cdb7d9)
- partOf and type (109f4232)
- if post count is less than posts per page, don’t paginate in ordered collection (1a21c8ad)
- send id for category announces (0336e8f0)
- post deletion of remote posts (5e203197)
- update title generator to include the punctuation, and also take into account question marks and exclamation marks (6ac5a779)
- remove unneeded
flaggedproperty in favour of flagId, use existing language key for rescind-report (449ffd66) - have category sync routes return full api response, openapi schema for that pair of routes (b7ad4317)
- update signature parsing logic to handle values with equal signs in them, closes #12538 (596a5e4b)
- unintentional object pollution by buildForSelectCategories (40b9dabd)
- better logic for choosing webfinger lookups (ed84eed8)
- don’t look up webfinger when it’s not necessary (dd71340a)
- update hasRelation condition to be true if cid is passed in in options (6964b1fd)
- handle requests to URI IDs correctly (1ecbf02a)
- handle URI actor IDs (70001664)
- percent-encode outgoing webfinger requests (3d1e2cde)
- bump harmony (59021d8a)
- icon:text and icon:bgColor for remote users (3721f819)
- handle Announce(Create(Note)) (a9a7fd1e)
- use system pseudo-user for topic move call (dce33446)
- if the topic already existed in -1, move it to another category if one was passed in options (49a64dc7)
- add back reverse lookup for notes assertion checking via cids (407dda78)
- actors.assert should return false if webfinger cannot resolve to an id (b7ff7be2)
- support reporting remote content in Flag (026449dc)
- #12505, convert relative urls in links and images into absolute urls, uses same logic as for emails (7c4ae8eb)
- #12502, improper decrement (6befff5e)
- send userslug in preferredUsername (64258dac)
- wrong variable name (50f31b23)
- change default attachment type to Link, or Image if mediaType matches (bb4e418d)
- save modified actor back to req.body (c3365908)
- you scurvy cur! (52271cae)
- handle (created) and (expires) in http signatures (4d23a837)
- #12496, url in schema (f7833386)
- handle remote userslugs with non-lowercase letters (f5ea470d)
- send hs2019 as algo (to match cavage-12, handle incoming algorithm value (8d0876b8)
- bump harmony (b8daa02f)
- throw errors when local objects don’t exist (959e1820)
- #12493, send unescaped fullname through via AP if displayname is set/used (e0f542c9)
- send only the id into actors.assert (465a46f2)
- use a slightly better error code to indicate object resolution failure (c92b5e07)
- assume object is full object and not just id everywhere (e0166ccc)
- use resolved object in likes (962c6351)
- reject accepts of invalid follows and return when already following (b6168202)
- handle resolved objects in flag (41f77f8f)
- additional verbose logging for signature verification (464dd806)
- bump mentions (6b169e04)
- default to showing alternate as link to the post object (86107535)
- pid via index calculation (de83d6b0)
- support ldjson with ActivityStreams profile in actor queries (c30c1288)
- early return on invalid actor (2d1524ee)
- use actor id in flags (e25f0621)
- make sort work with world filters (cd8a91fe)
- uppercase digest algorithm name for compatibility reasons (5c1c1d21)
- better handle null return from notes.assert (cbfc8d25)
- bump mentions (86caf237)
- actor assertion logic to ignore loopback urls (f40df387)
- lol (983153fb)
- maybe last tweak (42bdffdc)
- tweak upgrade script again (ae146024)
- tweak upgrade script again (166e3e2f)
- add timeout on activitypub.get, tweak upgrade script (442e98e4)
- tests, save actor URL into userRemote hash (59709a3c)
- show locally captured remote posts when browsing remote profiles (1084f21d)
- have getCidsByPrivilege include cid -1 when set is categories:cid (e828e87e)
- updateLastOnlineTime for remote uids (893788a2)
- bump harmony (2cbc3913)
- adjust world schema (a3dce463)
- redirect to /api/world for API requests (495d5435)
- lint (f078e1e2)
- skip notes.assert checks for Announce(Note) if it’s a remote object, do our own checks; #12442 (4fcd2bb2)
- getSortedTopics; filter out topics in cid -1 unless explicitly asked for (dff5d1c6)
- #12444 add uncategorized topics counted stats to separate sorted set (8dcdf8ef)
- undefined object in notes.assert (1fb3c4fd)
- typo (bab41d12)
- restore userOrGroupExists, as alias to slugTaken (e0f6b707)
- send handle as category actor’s preferredUsername, #12434 (803975fd)
- use CategoryObject in admins-mods schema def (aafdefa7)
- only send activitypub+json links via webfinger if activitypub is global enabled (65bb8666)
- bump harmony (9c03e6e9)
- resolve interoperability issues with Misskey, et al. (003c6469)
- bump harmony (da2a1e20)
- issue where cid -1 appeared in all category searches (8f131b71)
- bump harmony (2756aae7)
- post urls to use prefix instead of linking out directly to origin server, exposed encodeURIComponent as a template helper for themes (2408ecd8)
- regression that caused S2S calls to topics to return with a 404 (5a2d17df)
- restore accidentally removed calls to updateLocalRecipients and saveAttachments (5f60f75f)
- properly handle empty fields param (c76d4018)
- circular object ref. (7af07151)
- tweak maxTags handling (ccd9c7ed)
- bump mentions (ff6cc90c)
- send topic notif on reply (1a92239c)
- typo (44a183dd)
- double-OP issue when remote reply comes in to local mainPid (0a2482cf)
- filter out system tags and prune extra tags beyond number allowed, when creating topic from remote data (7aa56c72)
- resolve toPid to local pid if able (ebd750b4)
- tweak user.search to better handle local usernames with colons in them (c346177b)
- accidental saving of ephemeral _activitypub object into db, should plumb into hooks only (81b319f4)
- handle actor assertion failure if mocked profile does not have a fullname (338c568c)
- template helper (52c143aa)
- tests (4b2495b5)
- remove unused param in addParentPosts (01f7af92)
- only dereference id if it doesn’t exist locally — fewer calls (eb8ff75b)
- specify param for api test for /world (b1491ca3)
- AP S2S handling for /user/:userslug route (9cd6b496)
- handle fetch failures on helpers.query (5768a437)
- more duplicate detection in to/cc (ceab77e4)
- markAsRead to handle remote topics (17c55922)
- parse questions like a post (90e7d3a1)
- properly build recipients… old logic was just plain wrong :shipit: (1e663239)
- reallow topic:read privilege for fediverse group (97e5b0fd)
- only serve local posts via S2S when queried (00101d9e)
- note not federated out to mentioned users’ inboxes (6423d514)
- update styling of available nav items in ACP (6aece689)
- remove unresolvable actors from parsing prior to mocking profile (39da3ab6)
- send explicitly empty array for attachment prop in mocks.note (4a8b06e8)
- remove some privs from fediverse in world category (6999bd68)
- inability to retrieve previously-unknown remote users via url manipulation (28f38b26)
- tags received via AP should only be of type Hashtag (as mentions are also in tag prop (81b81e54)
- data schema of reject activities (beaedc86)
- fallbacks for if preferredUsername is not set (9f8c706f)
- pass proper uid to privilege check in AP note federation (95427c4a)
- remove console logging (4c2cbb5b)
- move fallback 0 return in parseIntFields to other side of ternary conditional (5b74f6da)
- remove intFields hack and update db.parseIntFields to only parseInt if field value is a number (f368a1a8)
- truthy check in notes.assert (6671b511)
- remote user avatars in notifications (aef1215f)
- bump mentions (ae09aa20)
- properly handle if mainPid is not a number (1ca9994f)
- mainPid detection in unprocessed ids in assertTopic (b529610b)
- redir on bad world filter (0cf6af9b)
- serve fallback images on category actor (8cb984d4)
- bump markdown (44452a3b)
- missing invocation of generatePostUrl in generateRepliedTo helper (a08b2efb)
- unable to process Update(Person) (96a3a746)
- crash in resolveLocalId if Number is passed in (d51f5e59)
- missing await, and handle local posts with no toPid (i.e. reply to OP) (0b6b86d1)
- don’t overwrite title if present, on assertTopic (a3368a69)
- bump markdown (b1894276)
- copy fixes, rename upgrade script, disable federation on upgrades (281e9d6e)
- update ap-related deps to prerelease versions (10abb82e)
- defer federation of new topics when topic is scheduled, tie activitypub api module to global enable toggle (5f85e700)
- lint (563db78f)
- put postcount retrieval behind try..catch so errors are handled appropriately (28370b10)
- side-effects from adding toPid to post intFields (now removed) (b0115951)
- revert introduction of toPid into post intFields, manually cast toPid as int in getPostSummaryByPids if present and numeric (3a870360)
- check origin only if object is a string (92a8951b)
- send string to validator (893dd523)
- regression re: attachment handling (53d1c10e)
- parseIntFields for tids (31fd135f)
- handle undo(Announce) of remote notes (cfbbf4ca)
- assert actors on note assertion, resolve crash if announcing something that’s already been announced (6a7f8f14)
- don’t crash when no attachment, oops (0edaf17c)
- sanitize post remote post content regardless (8b0ccc80)
- wrong id parsed in announce (068c4fa9)
- accidental overwrite of hoisted internal variable (56cfae07)
- include mainPid in topic counts calculation (5c04e805)
- guests visiting /world should see all remote topics (19d017b9)
- timestamp calculation (6a11c89b)
- better handling of missing of invalid to, cc, timestamp values (76d5feb7)
- remote announces not showing up in local inboxes (814c4794)
- handle inaccessible boosts (9439987e)
- remove invalid/inaccessible object from parent traversal chain on get error (672a907d)
- handle invalid score (609a9a37)
- mainPid accidental int (22da3a6a)
- getParentChain error handling (69f1ace3)
- take mainPid into account in syncUserInboxes (d13980c8)
- typo (de71b733)
- stringify error body in ap.send (401b4c5f)
- activitypub.get failure handling (12968b62)
- only log warning on ap.send failure (ce4b5679)
- rejig some tertiary conditionals, fix broken inReplyTo when toPid is not defined and mainPid is a remote post (5fee4e33)
- resolveLocalId to return null values instead of throwing for no resolution (11dba85d)
- don’t crash on activitypub.send non-2xx, better logging for successful sends (ac56289f)
- replies to remote content overriding mainPid in topic (2b1a3477)
- assertTopic incorrectly creating new id if passed-in id did not match the actual object’s id (f1b8f3fe)
- urls in posts and announces (4fb6574c)
- remove now unused world/:tid route and assoc. controller (a61e7fe7)
- cast cids passed in to getCategoriesFields as ints (aafdebd2)
- logic error (80377599)
- logic derp (9795abbf)
- new language source file for activitypub text (21a2876e)
- getUserInfo internal method in topic events to not filter out uids because getUsersFields already does it (f7259ccb)
- category following and acceptance logic (25f0d484)
- properly assert resources in AP router (d2f14c36)
- update preferredUsername in category actor to match webfinger representation (d213ce79)
- follower calls to return empty item list unless a page is explicitly passed in (94361721)
- move all actor object urls to immutable variants (86a607ce)
- send proper @context value for posts (was missing) (457bfe16)
- remote follows, yet again (fef18824)
- a bunch of broken things, added test for Create(Note) (a3a0edb7)
- error handling for actor.assert (fa1c5490)
- missing break statement (2c834263)
- reject spiders on remote profile GETs (a355c05d)
- send back correct actor id on webfinger calls (25434d2a)
- parseInt on timestamp from post (ddf17ee5)
- /uid/:uid route to return actor (0b3ca8e3)
- the id of an actor should be its immutable uri (/uid/:uid) and not userslug (e07c3131)
- unused require, tests (3c24cfb4)
- send full as:Image object for icon and image in mocked actor object (0af97dd4)
- clear post cache on Update(Note) (f51bbe91)
- webfinger loopback (1ee03f2b)
- revert home page routing change and moved instance actor endpoint to (e00a03bb)
- restore avatars in topic list (3bdaa8a8)
- send preferredUsername in application actor response (f8cfe64c)
- note assertion on Create(Note) and Update(Note) to use instance key instead of uid 1’s user key (4cc7ee65)
- add workaround for nodejs/undici#1305 required to remove sec-fetch-mode header (2cb37088)
- response, not res (9e58b04c)
- automatically reject unsigned POSTs to inbox (a3e1a666)
- handle case where pubKey cannot be found (33f3da8a)
- user data in /world (518169fe)
- bookmark in topic data is nullable now (970a5a6e)
- saving teaserPid, timestamp, lastposttime in topic, fixed post index issue in loading topics (60bc27ec)
- preserve cid if set (e038eb05)
- incorrect author uid saved in topic (75654852)
- infinite scroll for posts (8cd3ff1a)
- reply expansion (5ac02765)
- issues related to adding new reply chains to an existing topic, resolveId method in notes module (2981f663)
- simplify increasePostCount logic by combining methods (81d81098)
- have mocks.posts return same number of items as received (d992239d)
- show full names for remote users (d1cdb8f8)
- improper params sent to get and getActor (9221506b)
- restore hostname prop in getActor method (ec3c6b67)
- ActivityPub.get now throws on failure, handle in getActor (7ec75f58)
- send in mocked profile data in follow routes as well (942a9b7e)
- tests (c66b1867)
- isUri helper so that it passes ci tests (27e256d2)
- frontend follow logic, as uid is no longer webfinger slug (fcca9259)
- use simpler getSortedSetRevRange instead of unnecessary zunion call (283e460a)
- accept and undo logic saving improper id into database, updated follow logic so remote follow is not added to collection until an accept is received (759d69e0)
- relax activity-failed condition (3339baac)
- additional refactors and updates to follow/unfollow logic (6a54e009)
- bug where body wasn’t properly sent on ap-style content-types (ac344011)
- send actor uris in follow instead of webfinger ids (543daee8)
- some wip code regarding handling a follow activity, remove unfollow activity as that does not exist (f3b0794d)
- accidental double-hash in sign/verify (0eadad84)
- incorrect logic (71e3d26b)
- update proceedOnActivityPub middleware to handle how Mastodon doesn’t send the ‘Accepts’ header (dd480aa4)
- another bad call to request lib (88527884)
- broken call to request lib, tests (8d796170)
- update isJSON test in request lib (510763af)
- handle null actor uri in helpers.query (a21110fd)
- unused require (7f46f07c)
- store remote followed users count separately from local (e794f1d2)
- icon text and bgColor in remote profiles (4324f09c)
- add basic sanity-checking to middleware.validateActivity (99cc60c8)
- incorrect host/hostname usage in well-known test (bcee1c8d)
- save remote follower count separately from local follower count (4218ecc4)
- missing req.body when parsing ActivityPub requests (e6753ce5)
- bugs, more prep to start making calls to self (5d95765e)
- moved .well-known assets to separate router file, added basic webfinger implementation (51d8f3b1)
- deps:
- update dependency ace-builds to v1.37.5 (#13058) (76a14de3)
- update dependency fs-extra to v11.3.0 (#13055) (9a401b5b)
- update dependency postcss to v8.5.1 (#13050) (3ba1d264)
- update dependency nodebb-plugin-web-push to v0.7.2 (#13049) (e9a4c42b)
- update dependency nodebb-plugin-2factor to v7.5.8 (#13048) (3827f438)
- update dependency sass to v1.83.4 (#13046) (8e62800b)
- update dependency postcss to v8.5.0 (#13044) (c4c89116)
- update dependency cron to v3.5.0 (#13042) (5e5d920b)
- pin dependencies (#12987) (430d1479)
- update dependency satori to ^0.12.0 (#12995) (05f7b58c)
- update dependency tough-cookie to v5.1.0 (#13039) (34b0cf6b)
- update fontsource monorepo to v5.1.1 (#13029) (b1e87aa9)
- update dependency fetch-cookie to v3.1.0 (#13006) (df69b399)
- update dependency ace-builds to v1.37.4 (#12988) (3a33cd5b)
- update dependency esbuild to v0.24.2 (#12989) (701780fe)
- update dependency sanitize-html to v2.14.0 (#12994) (bfc962b9)
- update dependency ioredis to v5.4.2 (#12993) (7943fcde)
- update dependency cron to v3.4.0 (#13026) (de571d24)
- update dependency sass to v1.83.1 (#13028) (438f4e0a)
- update dependency nodebb-widget-essentials to v7.0.32 (#13027) (de076a21)
- #12683 bump emoji plugin to v6 (e8fda4c0)
- swap ntfy for web-push plugin (aa060d31)
- persona v4 support (83993cad)
- bump markdown (daed7413)
Other Changes
- fix paranthesis (8fd8079a)
- remove unused utils (7e450e1d)
- remove unused function (26765fe9)
- remove unused (530241e0)
- comment out actor assertion call in Users.getUsersFields (691f6917)
- fix some but not all tests (76453650)
- fix privileges in test runner (aadac705)
- unused requires, linting fixes (3e02efcd)
- additional logging (08f8babd)
- fix eslint errors (47b3ffb9)
Performance Improvements
- ~18x speedup of /world route (f6f01ba3)
- get rid of exists call, load all attachments in one call (9b8c834e)
- use batch in resolveInboxes (644bcec5)
- get rid of getPidByIndex, use postAtIndex (ad22b54e)
- ‘-inf’ faster (c95075e1)
- move attachments to post hash (291bf7db)
Refactors
- use helpers.log (40257663)
- add
thumbsOnlyoption to thumbs retrieval method so that embeds/attachments don’t show up in composer thumbnail modal (51fd65ab) - split (and remove) activitypub.json file and move strings to more appropriate locations (e4e10636)
- topic thumb logic so that
isDraftis based on topic existence, and not whether it is a UUID, as remote topics are also UUIDs. (3439fdb6) - post object schema to its own reference object, added sourceContent as optional value in post data (3073abd9)
- prolly dont need exists check (a42c9a6b)
- buildTopicsSortedSet (c1093c92)
- expose buildRecipients as a main activitypub lib method, call buildReceipients in ap controller actors for notes (5e47b194)
- followers url filtering logic, #12834 (ca683c6d)
- check HTTP signatures on all activitypub requests (8ef0df57)
- simplified ajaxify.check and likely made it equally more confusing (cf6c4c52)
- split out logic to determine ajaxification into exported method (fc4f6a4c)
- standardization; onNewPost internal method to return a superset of post summary (9357e718)
- follow/accept/undo logic to pass the same timestamp throughout the follow’s lifetime (e015339c)
- store local follow backreferences for remote users (both followers and following), update actor pruning to take local follow counts into consideration, fixes #12701 (39f92eac)
- collection logic out to an activitypub helper (352857cf)
- context item retrieval logic (20aee8e9)
- announces (c021e7e8)
- single db call (c231ab78)
- actor pruning logic (6227ab90)
- catch errors (f76a5863)
- add method from mentions into core (3eca9785)
- dont need exist check, if post doesnt exist getPostData returns null (b2d03da9)
- User.getUidsByUserslugs, so it works with multiple slugs (eb6fe339)
- suggest topics, use strings for tids (3488a4bf)
- unused winston (869df3c2)
- change to info (d1625d5f)
- remove verbose logs, (2ae58570)
- comment out verbose logs (ba2d1841)
- get rid of noop (eaf43541)
- single cache.del call (9868a728)
- #12553, buildRecipients so that it is separate from addressing in mocks.js (1fa93465)
- use batch.processArray for sending AP messages (ea6e15bf)
- context actor to serve an as:OrderedCollection instead of as:Page, and added context property (as per FEP-7888) to refer to it, changed audience to point to category (4b29a1b9)
- post announce logic to save to separate zset instead of to topic events, closes #12536 (119800d9)
- remove unnecessary flag routes added in 9ab1a2d (53b352d0)
- split activitypub tests to subfolder files (94eafe1d)
- use URLSearchParams instead of multiple encodeURIComponent (844d1402)
- stub routes for category synchronization, refactor remote follow logic to allow categories to conduct follows as well (59a9dd84)
- use a helper to resolve actor URI (b921f8d1)
- use getSortedSetUnion in syncUserInboxes instead (6c1a0fb1)
- use one internal rejection method (ac765f1e)
- use topics.post, topics.reply, and posts.edit in Create(Note), Create(Note), and Update(Note), respectively (f7c8967e)
- use topics.create internal method instead of directly setting topic hash, handle incoming tags for OP (f5a61079)
- assertTopic to only call setObject when it is a new topic (bdcd862c)
- resolveId method, add hostname verification (ed4ccbfc)
- use existing sets for topics (instead of topicRemote, etc.) (ec2b375a)
- activitypub sending to handle signed requests from categories (35819cc9)
- replace JIT actor retrieval with actor assertion and storage logic (ef8cd34b)
- added mocks.note in preparation for AP note retrieval logic, inReplyTo is always populated now, unless new topic (5de4f084)
- simplify remote (un)follow controller (c9feb925)
- guard dispatcher definition so non-Node runtimes won’t have issues (2ce14f50)
- generate a topic id when asserting a new topic (2ff70fdd)
- move activitypub-related middlewares to their own file (538776f9)
- simplify mocks.post as it only needs minimal data for saving into db (2bd9e984)
- move mockProfile and mockPost to separate mocks.js (06e15834)
- update ActivityPub.get and all methods calling it to take a uid so that requests can be signed (a1c8c3a0)
- validator check to helper method (2e330d8b)
- move profile mocking logic to discrete method in main activitypub lib (8d4fd9c0)
- update ap libs to use core request lib (5c881d3f)
- update activitypub.getActor to accept either url or webfinger id (68d5e4a8)
- minor restructure to move logic out of main controller file to src/api (c803b212)
- acp tpl + config option (ab3ff320)
Code Style Changes
- remove unused variable (9f94653b)
Tests
- fix spec (b80f0dab)
- missing ; (866588f7)
- fix guest handles in onNewPost (81f7371a)
- have actor assertion always use cache for tests (ad05f06b)
- fix broken test in category follows (4949d6c4)
- add attachments (6042f4a7)
- refactor tests to support additional Note tests (0c0f01b5)
- use encoded parameters in webfinger tests (8fd4ae2d)
- fix well-known error code repsonse (175521ba)
- refactor AP tests (42a09241)
- fix tests (e138b915)
- fix tests to reflect new immutable IDs, and added new tests for resource retrieval (42bb3c33)
- fix error copy (91a509c4)
- allow http proto on ci (24c1dfac)
- fixed improper signed_string reconstruction in
.verify()(cc0d1886) - fix webfinger test (9dfa1b72)
- added passing test cases for .sign() and .verify() (a10df987)
- updated activitypub test suite (1c8e13bb)
- added test cases for activitypub integration, WIP (4bd8d28a)