NodeBB logo

NodeBB

Node.js based forum software built for the modern web

Alternative to: discourse, vanilla forums, circle

NodeBB screenshot

About Versions (100)

v4.0.0

2025-01-20

Release build (major) of NodeBB @ 2025-01-20T18:53:47.134Z

v4.0.0 (2025-01-20)

Breaking Changes
  • add new escape option to getPostSummaryByPids [breaking] (16c8a652)
  • core html stripping on plaintext, remove ‘filter:teasers.configureStripTags’ hook, remove html stripping from teaser generation (c01f1549)
Documentation Changes
  • add resizeImageWidth to openapi definition for /api/config route (7c1b9000)
  • fix comment (e5331b84)
  • schema update for activitypub acp route (3a05171f)
  • update comment to reflect new behaviour (2cbd63dc)
New Features
  • fix activitypub toggler to be more complete; tests. #13054 (af4d07fb)
  • add activitypub file to translations (74831034)
  • save audience into post hash (for remote posts) (b537437c)
  • add filter:topics.hasThumbs filter hook (f4835695)
  • append uploaded images into thumbnail set (cc65214d)
  • #12976, shares collection (e83036a9)
  • pending follows and logic for remote users, #12938 (2851e56b)
  • #12935, show ‘shared this to x’ in topic event when moving topics out of cid -1 (fcf0f799)
  • support for FEP fb2a (new-style account metadata) (549a6b7d)
  • #12924, parse incoming custom fields from remote users (0f351ba7)
  • #12924, custom user fields for local users now federating out (62fe70f2)
  • add title property to custom emoji markup (3968c822)
  • #12683, parse incoming emoji tags and replace in content prior to storage in database (09b1e119)
  • fire new hook filter:activitypub.mocks.note on note mocking (4ba41a68)
  • handle receipt of Add activity #12707 (3023b251)
  • associate new topics created from asserted notes with their originating context, if that context is resolvable (6f237c57)
  • #12822, send all outgoing links to /ap first to see if it’s activitypub enabled, parse if able, otherwise redirect as normal (069c8228)
  • normalization middleware to ensure incoming objects’ data types are as expected (simplifies later logic) (13c048a5)
  • send Update(Note) on chat message deletion and restoration, serving Tombstone if deleted (61445d3d)
  • handle Update(Note) when object has limited visibility, #12834 (e5948464)
  • check room counts on actor prune, #12834 (e0e2051d)
  • federate on chat message edit, #12834 (1659015c)
  • notify users on new message from remote users, fix use of parseInt in generating chat notification (2464d13c)
  • handle incoming non-public activities as chat message, #12834 (b82e20df)
  • federating out chat messages (2ab5ea39)
  • update mdidleware.assert.message so roomId is optional (2b71434e)
  • #12647, federate out Add activity on inbox.create and local post creation (bd44783e)
  • send 308 when activitypub request for remote post comes in, #12831 (7f1f4859)
  • dynamic category icon generation (edff3394)
  • enable web-push plugin on first install (34c4cefe)
  • service worker icon and badge support (4ae86145)
  • update buildRecipients to include all topic participants and their followers, #12735 (6752a541)
  • notification rescind support (d6bab253)
  • update service worker to handle push and notificationclick (5109b539)
  • add onmessage handler for service worker (40fe4d88)
  • extend activitypubApi.create.note to accept a post object to reduce unnecessary calls to retrieve post summary (b63440cb)
  • moving a topic out of cid -1 federates an Announce activity, #12734 (daa665eb)
  • additional copy re: editing remote posts, #12732 (c3e14912)
  • allow use of vanity domains pointing to an account hosted elsewhere (709a02d9)
  • show local users who follow (or are followed) by a remote user, on a remote user’s profile (a884681a)
  • additional logic to handle special case where a queried object id reports a context, but it is not actually contained in the resolved context’s collection (f9937a84)
  • #12695 Topic Synchronization via resolvable context (ff0c289e)
  • activitypub.get; allow the passing-in of custom headers via existing options parameter (da25fd21)
  • add post attachments to topic thumbnails (2aeabce5)
  • icon replacing user status for remote users, denoting that they are from outside the local instance, #12688 (a81ef609)
  • allow activitypub request cache to be ignored (485b7758)
  • send join date in local actor mock (3c9337b7)
  • AP note replies collection, closes #12675 (26a7c51a)
  • topic backfill logic via resolvable context #12647 (e75ec39b)
  • send out Update(Actor) when a category is edited (09d8fbf9)
  • instance-level allow andd deny list for federatioN (6e2178b0)
  • store encountered instances by last seen date (d0a1ebcf)
  • sending out 1b12-style Announce activities on incoming Create/Update/Like/Delete/Undo(Like) activities, when they pertain to notes (6569066e)
  • assert actors when mocking post (f5b856f4)
  • check to/cc/audience for local category and put topic there instead (overrides passed-in cid) (b6ffc47c)
  • plumb audience into _activitypub when mocking posts (d9f1fa3a)
  • send cause to ap.get error handler, delete local account representation if assertion fails with a 410 (3567f55a)
  • #12589, add nodeinfo endpoint (578a53dd)
  • add timestamp to most activity ids (42f514b7)
  • show category followers in category federation ACP page (7313d5c6)
  • logic for remote user deletion, cronjob, and ACP options for pruning options (4bb2c1a8)
  • remote user deletion logic, #12611 (539300ff)
  • allow user.exists to respond to requests for remote uids too (3dca79dd)
  • pruning of stale notes older than 30 days with no engagement (709c9132)
  • save remote user urls backreference (ff53f3c0)
  • add another sanitization round before federating to remove classes from all tags in output html, closes #12573 (7c79e231)
  • passing in types to parsePost for more specific handling by plugins (8cf96176)
  • track incoming requests by id, analytics increment for some metrics, ignore repeated requests by id (4e9cd8ef)
  • added analytics.peek (b106a6a0)
  • Note deletion logic and refactoring, #12551 (ccd187e0)
  • handle receipt of Update(Tombstone) (f4043959)
  • on post delete, federate out an Update(Tombstone) (96db519b)
  • serve Tombstone objects for soft deleted posts (5e9d47a1)
  • ability to query remote users by webfinger handle (97615267)
  • support the ability to search for posts and users by url (4cbb1f2a)
  • basic retry queue (50bc9a37)
  • on post edit, also target anyone who announced the post and their followers (807c3eac)
  • add id to reject activity (32d1adf6)
  • openapi spec for acp category federation page (fc3f3a78)
  • support rescinding user flags (61a595de)
  • slightly better title generation (b9d6aa46)
  • help modal for world page (cf291a51)
  • remove /world/all route, add intro header to /world (af324dae)
  • add id to Like (ab055a77)
  • handle 1b14 announce for remote content too (2ce3a116)
  • resolve Crate and Announce activities (f802564e)
  • utility functions to get local followers/counts given a remote actor uri, plumb cid into notes.assert via inbox.announce if a local cid is following the sending actor (452cb0a9)
  • send id back during accepts (b7629c6e)
  • handle Undo(Flag) (a1a7fb77)
  • send undo when rescinding/deleting a report (c1dfa8d2)
  • federate flag creation (2a2b855f)
  • bulk purge flags (7bacbf76)
  • rescind post flags (9ab1a2d1)
  • integrate post uploads into attachments for outgoing note mocks (fdbd30dc)
  • add id to profile updates (4d07ca4c)
  • noremalize actor property in middleware (18ba2e38)
  • save remote post url into hash for use (525b7c2c)
  • note attachments via link preview plugin (6fc6cc33)
  • add ids for undoing follows (3cc09d20)
  • send back follow id in Accept (66b0d81c)
  • add id to follows and verify accepts (72dbcfe3)
  • resolve objects from ids in middleware (102c174e)
  • filter out topics in cid -1 from tagged topics page, closes #12489 (d437d969)
  • sign public key requests (fcd5447c)
  • populate and send link tag/header respectively for activitypub-enabled content (4e0d7dd3)
  • basic AP Flag support (d9eba6d2)
  • send unique identifiers for note activities (9fc194e3)
  • upgrade script to re-assert all known actors to save URL into hash, and bump mentions (943cef6d)
  • sorting an filtering in /world (d1fa6a59)
  • make the /api/world data more category-like (e266b447)
  • add more properties from /category to /world (3c6966fb)
  • follow redirects in API (e0138cbe)
  • add checks to only continue with topic assertion if there is a relation to existing content, #12442 (55e947a0)
  • add assertion lock on activitypub.notes.assert (2688b6bb)
  • have category actor send Announce(Note) on remote replies to topics in a cid (04c743eb)
  • have category actor send Announce(Note) activity on posts from that cid (7df5cabb)
  • ability to update category handles (9dc20d0c)
  • category handles, #12434 (3cc99a17)
  • rename ‘world’ category to ‘uncategorized’ (9a5d4ffb)
  • plumb pid into return data from posts.loadPostTools, add link to view original post, for remote content (17f62f24)
  • add TTL cache for Actors.assert (d75894eb)
  • log all post edits to the event log, return eid when logging events, plumb eid into Update(Note) to federate out as a unique id (83392f3c)
  • if Update(Note) is received for a post that does not already exist, assert it (0bfdbb6a)
  • return count of new notes in assertTopic (519e025e)
  • add /world and /world/all to available nav items (f31d8c2e)
  • mentions support (e4c1ca1e)
  • allow user.search to handle remote handles, beginning of mentions support (1b64fdb5)
  • integrate notifications for remote likes, follows, and announces. (c707a32a)
  • federate tags out on new post (if new topic) (e1c43112)
  • restrict loopback calls (77a3efb4)
  • fine-grained privileges integration for fediverse users and world pseudo-category (1bd8f9a1)
  • temporarily deny handling non-public notes (eaba2aa3)
  • shared inbox (49c69a0f)
  • security, cross-check key ownership against received actor (a94341f4)
  • attachments support (e5b6ee97)
  • save tids to individual user inboxes based on recipient list, new /world/all route (89128634)
  • save actor follower URL backreference and sorted set backreference (da085b0e)
  • infinite scrolling for /world (874b24cb)
  • record remote Announce(Note) (6508287d)
  • handle Announce(Note) when Note is a piece of remote content (94dcd29e)
  • Announce(Note) and Undo(Announce) (415b4fe1)
  • exposed method to find topic events based on a subset of saved info, returns topic event ids (b9821c52)
  • topic and category S2S get responses (a461e5dd)
  • send proper content-type on AP S2S responses (d18e65c4)
  • category actors, stub outbox (88733a51)
  • returning following and follower collections upon request (ae042ce3)
  • Like(Note) and Undo(Like); federating likes (607c4623)
  • origin checking on received Update activities (6930973d)
  • Update(Note) (0e59f312)
  • Update(Person) (6e87cf57)
  • activitypub response to note retrieval via pid (6b517252)
  • added mocks.actor and Update(Person) activity on profile update (8453b83e)
  • Create(Note) on new topic or reply (0e016c6e)
  • proper webfinger response for instance actor (da0211b1)
  • application actor + public key for uid 0 signs, moved homepage route to after core routes are generated (9885f94a)
  • native parsing of title for topics (981b4f14)
  • beginnings of the /world route (04423232)
  • handle Update(note) (ac672f08)
  • handle Create(note) (f7477536)
  • flesh out more topic info, fix navigator (7e89eadb)
  • some additional work to properly save and retrieve remote topic data (4bd7a574)
  • ability to browse to any ActivityPub note and have the entire topic chain render (485cf200)
  • add activitypub request cache (326bb995)
  • assertNotes method (ab40ba61)
  • ability to load remote post data in a topic (3ce84b39)
  • plumb uid into .addParentPosts() so .assertNotes() can be properly called (0d478b2c)
  • stub lib for retrieving and mocking posts (f1e5e5a0)
  • send name property in getActor response (5e1e8099)
  • ability to browse follower/following lists of remote accounts (2a77ae55)
  • expose following/follower counts in actor response (7fd15d66)
  • show remote followers/following in user profile pages (739b0548)
  • update mockProfile to accept actor uris as well as actor objects (672c7014)
  • accept and undo support (4c1b2b3f)
  • update activitypub helper resolveLocalUid to accept both webfinger name and full URL as input (1f79f542)
  • follow/unfollow logic and receipt (c02271c7)
  • actor cache, method to resolve inboxes, stub code for sending requests. Now base64 encoding digest as expected by Mastodon (cdc4275f)
  • http signatures support, .sign() and .verify() AP helper methods (e7184eb8)
  • add webfinger ttl cache (4f5f025d)
  • add .has() call to cache/ttl (57895b72)
  • ability to view federated profiles via url manipulation (a05b674e)
  • followers and following endpoints (7e1dac39)
  • inbox and outbox routes, stub controllers (81b6260f)
  • global switch for disabling federation, + test (099124c4)
  • activitypub actor endpoint for user accounts (2dec357a)
  • activitypub: show world category in selectors (953231fc)
Bug Fixes
  • ap webfinger test (3e33e1a3)
  • if user is logged in after registration don’t go back to /login (23b37f62)
  • closes #13056, guard against undefined keyid,compare (6073a25b)
  • bug where newly create cids were not responding via webfinger, 404 on webfinger errors, not 400 (c17809e4)
  • #12990, local references via remote posts are not linkified properly, + tests for helper (98280d30)
  • #12984, fix pids numeric sorting, handle non-integers (4dc740a2)
  • add deprecation note re: as:audience (3cf3f93a)
  • #13021, save details of follow request before sending the follow, avoid race condition (16616814)
  • handle ap send errors with object body (450322d1)
  • thumbs.get to handle null case from mime.getType (50b510e3)
  • post upload sync duplication bug (cfeb49dd)
  • language fallbacks for activitypub-related strings (37a4fd7c)
  • add sourceContent prop to posts API; fix other tests (e1db9642)
  • add sourceContent prop to posts API (8ebe6de1)
  • add missing file for openapi tests (e6b20ed3)
  • activitypub tests (12fb205b)
  • broken tests (9c78255e)
  • #13014, possible fix for peertube incompatibility: strip hash value from key IDs during check (0ad8ed9d)
  • #12996, invalid title generation when remote post content has markdown source (1d36ab6d)
  • #13017, probe redirection if url is identical to id (39705a17)
  • #13016, remote account deletion frontend UI bug (2005a02a)
  • add missing catch, closes #13012 (45021b5b)
  • check if url is undefined (fa81078a)
  • #12941, inherit audience from earlier posts in the chain so as to send a coherent value to Lemmy instances, re: lemmynet/lemmy#5278 (97384b2c)
  • add 10s timeout for AP message send (25d6ef43)
  • ignore subsequent shares of the same topic by that user (d734ce49)
  • #12972, allow bridgyfed accounts to pass isWebfinger regex validation (a7e6cfe8)
  • bump harmony (ee8ec61e)
  • fix double thumb due to post attachments (755b9855)
  • lemmy integration, handle image property as topic thumb (b15a684a)
  • wrap try..catch around topics.reply in note assertion to output errors (b551abce)
  • have options.update also trigger handle and search updates on actor assertion (050acb4f)
  • separate out removals vs. additions in actor assertion in order to hopefully resolve #12959 (546ffed2)
  • openapi schema for ap routes (c86b6f24)
  • get version directly from package.json (3340720e)
  • set linkValue for remote user fields (3d653cbb)
  • crash due to missing param when calling getCustomUserFields (e5fdf9f1)
  • set a user-agent when sending requests (64339e61)
  • persist sourceContent into post hash when ingesting remote posts, update markdown so that field is parsed instead of ignoring content (1839388b)
  • use fediverse pseudo-user for webfinger privilege checks (f32184b2)
  • regression on remote deletes, received object is not always a simple id (d7fe3558)
  • thrown exception from failed note assertion (830aab66)
  • one more (304fa554)
  • another fix re: 3780fdc6ff9fb23048266b43ceae86646fb795cc (69d5544a)
  • thrown exception from failed note assertion (f7a294a7)
  • additional fixes re: 3780fdc6ff9fb23048266b43ceae86646fb795cc (97861dd1)
  • regression on remote deletes, received object is not always a simple id (3780fdc6)
  • #12939 convert custom emoji in actor summary into images (78a9e86c)
  • translate custom field names and values when federating out (e6edcefd)
  • bump emoji-android version (552298f8)
  • bump harmony and re-tag (593a1933)
  • bump emoji to 6.0.1 (efa0cac3)
  • bump harmony (00b2dd49)
  • strip html from remote custom fields, linkify if url detected in now-plaintext field value (065f84b6)
  • handling of empty custom user fields from remote users (1bebb82b)
  • don’t send custom fields in remote user actor object if no value is entered (09f00f8e)
  • hotfix for empty user fields (ce1efd39)
  • bump mentions (e5f804ff)
  • #12928, topic showing wrong queued posts in-topic when topic is remote (7b747c8f)
  • replace parseInt that was excluding remote pids from calculation (93bb73c1)
  • #12923, inability to start chat with remote users via profile (b6a2520f)
  • inability to directly post to a nodebb category from the fediverse (55ab85ac)
  • #12919, handle when buildTopicsSortedSet returns a non-array (e4e6b1d2)
  • #12912, strip custom emoji from remote content titles (7adc3140)
  • don’t chop off colons when generating titles as they could interfere with emoji (f449fafc)
  • #12893, topic with pages returning OrderedCollectionPage instead of OrderedCollection. (d685b20e)
  • missing return (cf3555fa)
  • #12887, strip target attribute from remote posts’ html (3eb0a0ed)
  • #12866 again, more tests (a59dae3f)
  • raise probe timeout to 2s (94e34907)
  • topic count not showing up on category page (dd363446)
  • #12882, view original post circles back to same topic (93844321)
  • #12883, activitypub probe timeout (f8729571)
  • errant mention detection via actors.note (22dbf15e)
  • #12880, refactored ap controller.list to use buildTopicsSortedSet, moved out poor man’s intersect to internal method (05c8ee9f)
  • don’t trust timestamps on received items (b1d779ca)
  • use categories.getTopicIds instead of duplicating existing logic to get world tids (7bf41138)
  • #12866, improve title generator, refactor tests (beb85604)
  • one more fix (eccad588)
  • debug return not restored back (0e982fcf)
  • #12865, crash on liking a chat message (fc3243d6)
  • possible fix to escaped emoji in titles (f5324501)
  • #12707 ensure actor matches context attributedTo (998273cd)
  • federate out an Add on post creation even if there are no category followers (15516862)
  • accidental sending of Set to ActivityPub.send (3030a720)
  • #12857 byebye cheerio (8492b5f4)
  • inputIndex check (cac4f8e7)
  • convert some more verbose logging to use ap logging helper (6208ab8d)
  • regression introduced by 903d03891941902ddac80b380552530e1853c306 (d451adaf)
  • lint (c34407d8)
  • errant parseInt in canEditDelete (0f1b1164)
  • guard against missing to/cc (1d5f490d)
  • object not array (873d033b)
  • backend logic fixes for #12853 (b472c589)
  • groups not showing up on new reply (1bf09907)
  • re-enable logging only for dev mode (a226ee9e)
  • defer postdata retrieval (9062691a)
  • inReplyTo incorrectly including system messages, #12834 (7ad7bc47)
  • remote debug log (e9a27db2)
  • error on replying to remote mids #12834 (adf33cfa)
  • proper urls in to, #12834 (94ac57ea)
  • simplify uid logic, explicitly mention all participants, even local users, #12834 (70fe8689)
  • adjust timestamp after message creation instead of passing timestamp in, #12834 (0346e92b)
  • limited visibility remote posts with greater scope than asserted roomId should add those users to the chat room, #12834 (22931be1)
  • empty mid on frontend for remote posts (8abfd951)
  • recent chats string generation to handle remote users #12834 (0a17a0b9)
  • inReplyTo bug, #12834 (fc1d064d)
  • remove sender from recipients, #12834 (8f7d0499)
  • private note inReplyTo url, #12834 (f3045309)
  • inReplyTo for private notes so that refer to the immediately previous message if not explicitly defined (f4a02d9c)
  • duplicate logic and double-parsing issue, #12834 (8a1abe68)
  • federate out a Create(Note) instead of just the note… doi… (74d5ced2)
  • chat room kicking of remote users, (un)read logic for remote users (there is none), sendNotification to only apply to local uids (52080ba2)
  • restrict the ability to make a remote user a chat room owner (b610b520)
  • display of remote users in chat room search (f5129017)
  • also ignore non-public notes on Update activity (2713d13c)
  • bump web-push (f57758b9)
  • logic tweak (15f60b24)
  • fall back to inReplyTo traversal on context resolution failure (903d0389)
  • tests (45a0b818)
  • null defense (3d25a079)
  • #12821, improvements to search bar and search logic (0b83e5b8)
  • lint (c265666c)
  • parse aboutme when mocking a user (c5e10c1a)
  • remove superfluous service-worker code (90cc7e61)
  • explicitly set updated property when federating notes out (6fe4d446)
  • buttons for general settings (5bc907a0)
  • bump mentions (e0c410cd)
  • actors.assert attempting to process things that aren’t actors, #12809 (6b4b4b1a)
  • carry out mime-type guessing on incoming attachments (71ce3089)
  • re-use already parsed html in api.posts.edit’s call to getPostSummaryByPids, delay federating out edit activity for 5s to give link preview a chance to resolve (b04a1105)
  • id on 1b12 announces (047d5992)
  • better handling for remote posts that do not contain content (3c55d102)
  • #12799 add externally linked images to attachment (1a0a2cd1)
  • remove includeUncontrolled as we are posting messages, and that only works with windows you control lol (028b6d74)
  • add logic to automatically take over clients from old service workers (1fbf9114)
  • closes #12787, filter null topics (c2600b12)
  • remove use of jquery $(this) in ajaxify (176f4d0d)
  • crash when AP S2S call made to retrieve a remote user account (not allowed); now returning 404 (d42d3b1c)
  • prevent crash if items is undefined (a80e3141)
  • regression that caused replies to not get federated (652d6c6e)
  • #12760, add proper security context for application actor (045e16d3)
  • on topic move out of cid -1, also federate to the public address (909437c3)
  • bump harmony (6ed32f67)
  • type casting in user block logic (0f63f67b)
  • restrict announce activity to topic moving OUT of cid -1 (f3eb6d50)
  • #12751, topics:recent zset not updated when tid moved in/out of cid -1 (76551c71)
  • bump mentions (e6d8e059)
  • bump composer (22952c54)
  • bump composer (e2879563)
  • #12732 editing of remote post content (25bf97ae)
  • #12733, html present in generated title for remote topics (34747122)
  • #12729, replies to existing topics from Pixelfed not asserting properly due to incorrect toPid (f481cde1)
  • move topic reply call in notes.assert to its own line (95e6d2b4)
  • #12510, blocking of a single remote user causes content from all remote users to be blocked (53aee401)
  • serve category actor image instead of nothing, serve brand logo in icon (cbe0a0ad)
  • lint (d33fb92d)
  • have note federation call .parsePost instead of firing plugin hook (93536386)
  • always send replies uri instead of null if no replies exist, @trwnh (ff08fbb7)
  • send null instead of empty array in replies property if mocked note has no replies (9bd6896d)
  • bug that caused remote replies to other remote content to not always assert (2ced3502)
  • bugs in user searching causing remote lookups to fail (1f896fb6)
  • audience property in topic actor response (9a54f6bc)
  • updating of post counts for remote users (3e494dc7)
  • add privilege check to user follows (399d4103)
  • accidental passing of string instead of constant (7bf349b6)
  • lint (fc5a829c)
  • update upgrade script date (b9f37c5c)
  • include follower sets for reassertion (be393d57)
  • missing await (5c9ac5d3)
  • null check for note attachments for thumbs view (2aa04837)
  • incorrect parsing of context items during note assertion, logic error with slicing (60408f23)
  • logging in topic actor logic (bc00835c)
  • issue with topic actors not returning proper json (609035b5)
  • off by one error @barisusakli (cfbaf145)
  • map to actual mainPid value (7bdf3769)
  • skip topic retrieval when cid is -1, as it is done again later (92191995)
  • flawed logic in generating topic context collection (31c7226e)
  • rename announcers to shares (3c0d7616)
  • catch thrown errors in src/api/activitypub (fdc0d670)
  • federating category mentions (00a26679)
  • send html in category description (f605e188)
  • Update activity handling for non-Person actors (5e343a83)
  • remove await from category update federation call (bacbfba9)
  • issue where incrementing user hash fields didn’t use the right key name for remote announce @barisusakli (e84cfd8c)
  • lint (b0eec67d)
  • send back empty array if no direct replies, bug with reply generation (af6ae6ee)
  • accidental passing-in of an array into getUserField, breaks in pgsql? (8e1fccf0)
  • hardcoded tid in topic thumbs test (78a6c60c)
  • tighten up logic in checkToPid internal method (f629b20f)
  • partial revert to fix url_parsed not being available at top of file @barisusakli (8ecbb5cc)
  • removal of topics from applicable user inboxes when synced (46341673)
  • tweak logic for topic counters sorted sets, #12642 (0d549f1d)
  • #12667; handle cases where received id is not a URL (d92efb8a)
  • #12673 fullname not defined in some remote actors (f662a606)
  • only send Update(Actor) to followers, #12674 (26946c7f)
  • missing sorted set member removal on category unfollow (a748068c)
  • add timestamp to follow activity to make it unique (eab231ee)
  • additional logging for activities with no context property (cb5e5b4b)
  • update handling of Announce(Create(Note)) to also handle non-note types (600b1a86)
  • push instead of unshift, now that order is reversed (cc0bbcb7)
  • wrong property name for OrderedCollection items (a2fb939b)
  • improper sourceContent in mocks (615aaa01)
  • #12662, add original activity actor to Announced activity’s cc (d6f44d8e)
  • remove duplicate 1b12 announce in notes.assert (already handled in inbox) (4dbb73a4)
  • #12652, incorrect user, post, topic counters with AP enabled (fe70a2b8)
  • incorrect activity id sent out on 1b12 announce (ef97a784)
  • #12654, incorrect location of sharedInbox property (b66d998d)
  • regression that caused new notes to have undefined cid and fail privilege check (a371c9fc)
  • move call to retrieve cid followers out of loop (89dd2fb0)
  • do not retrieve remote outbox count when asserting actor (16f8f536)
  • double sanitization (d9ac7f49)
  • dont load cid=-1 in tag filter dropdown (7d679db2)
  • change setImmediate to a 5s timeout to give plugins (or anything waiting for the return value of the API call) a chance to finish execution (7fada44b)
  • openapi spec for v3 posts get (4b86b378)
  • wrap ap note creation in setImmediate to let internal hooks have a chance to wrap up first (a3c6c872)
  • improper sanitization and parsing in mocks.note (59818031)
  • remove parseInt on users controller (5a2fa52c)
  • send additional @context entry for publicKey support, fixes #12604 (4eb998d5)
  • null case handling (e6e6c2a2)
  • category follow schema test (4b8a9e58)
  • getCidByPid call returning improper values because a remote url to a local post was passed in (4030c09e)
  • 1b12 conformance for inbox.create as well (c8bc6e55)
  • re-add sending of Announce(Note) for microblog support, #12434 (89d2363d)
  • FEP 1b12 conformance, federate Announce(Create(Note)) instead of Announce(Note), #12434 (be95b5b1)
  • missing openapi schema change (e9a0d495)
  • eliminate infinite loop in actors.assert via user.getUsersFields (18e58318)
  • minor adjustment in logic to work around relation logic (1219d7d3)
  • introduce artificial 5s delay for 1b12 announces (101062cb)
  • move logic to move topic on note assertion earlier in the flow so it actually runs (acd1630b)
  • post count (badb7e2c)
  • skip follower count check if cid follower is found (f29214e0)
  • don’t crash process on error in cronjobs (89465ec6)
  • handle missing fullname in actor removal logic (ae3fa85f)
  • guard against infinite loop during topic purge batch call (6272d059)
  • unintentional parseInt during post purge (bcfac00b)
  • pid in api call (70625133)
  • missing await on topic purge (6ecc791d)
  • don’t attempt user reset token cleaning if uid is not a number (8d790964)
  • set (f83a3672)
  • incorrect use of .map on a Set (c6f2155f)
  • another crash (f8d9f644)
  • closes #12618, handle missing selector (35eb2d0d)
  • crash in mocks.profile (6f37825b)
  • bug that stopped remote users with dashes in their handle from being properly asserted (76290e37)
  • parse incoming HTML to remove useless classes too (47406d13)
  • update post cache clearing logic to call helper function (547fc17d)
  • have replies provide name when mocked (b6653d15)
  • lint (f93b237e)
  • remove .only (a0054400)
  • minor cleanup (129017f7)
  • Notes.delete to delete announcer zsets too (b5b89038)
  • rename api.activitypub.create.post to .note() (2d7ca48d)
  • canPurge logic fault (d40d0b06)
  • allow remote content to skip isReady check on topic creation/reply (5bfde4c4)
  • Topic.isOwner check to handle remote users (0a1ad87d)
  • special handling for privsTopics.canPurge for remote posts (b67a7c3c)
  • Posts.isMain cast pid to String instead (9fbd48b1)
  • special logic for purge privilege checks (9f44e99f)
  • unnecessary parseInt in post purge api method (eda97da1)
  • type error in attachment emptying method (336ea1ee)
  • tag notification if pid is not int (baada2fc)
  • encode most uses of pid to avoid more bugs like #12545 (c973a9ca)
  • allow quoting AP posts, fixes #12545 (43dfb60f)
  • Update(Note) federation should only apply to local content (6f9fa660)
  • attach announcers and their followers to cc, not to targets, only attach announcers to targets (51089a34)
  • bump harmony (2cd9088c)
  • inability to query local content via remote url (ac74d9c5)
  • ensure consistent return type from notes.assert (a7aeabc8)
  • remove unnecessary check and guard against unsupported URIs before fetching (af986758)
  • handle retry queue invalidation across a cluster (22b42f11)
  • use batch.processArray properly (729f0fca)
  • if an unknown post is navigated to by a logged-in user, automatically assert the post and add it to their inbox (4e7b12b9)
  • bump harmony (e341a5d8)
  • bump composer-default (4e006adb)
  • save followersUrl to remote user hashes (738d47c7)
  • notifications for tag followers not being sent if author is a remote user (8de2352e)
  • send topic title in context object (05cdb7d9)
  • partOf and type (109f4232)
  • if post count is less than posts per page, don’t paginate in ordered collection (1a21c8ad)
  • send id for category announces (0336e8f0)
  • post deletion of remote posts (5e203197)
  • update title generator to include the punctuation, and also take into account question marks and exclamation marks (6ac5a779)
  • remove unneeded flagged property in favour of flagId, use existing language key for rescind-report (449ffd66)
  • have category sync routes return full api response, openapi schema for that pair of routes (b7ad4317)
  • update signature parsing logic to handle values with equal signs in them, closes #12538 (596a5e4b)
  • unintentional object pollution by buildForSelectCategories (40b9dabd)
  • better logic for choosing webfinger lookups (ed84eed8)
  • don’t look up webfinger when it’s not necessary (dd71340a)
  • update hasRelation condition to be true if cid is passed in in options (6964b1fd)
  • handle requests to URI IDs correctly (1ecbf02a)
  • handle URI actor IDs (70001664)
  • percent-encode outgoing webfinger requests (3d1e2cde)
  • bump harmony (59021d8a)
  • icon:text and icon:bgColor for remote users (3721f819)
  • handle Announce(Create(Note)) (a9a7fd1e)
  • use system pseudo-user for topic move call (dce33446)
  • if the topic already existed in -1, move it to another category if one was passed in options (49a64dc7)
  • add back reverse lookup for notes assertion checking via cids (407dda78)
  • actors.assert should return false if webfinger cannot resolve to an id (b7ff7be2)
  • support reporting remote content in Flag (026449dc)
  • #12505, convert relative urls in links and images into absolute urls, uses same logic as for emails (7c4ae8eb)
  • #12502, improper decrement (6befff5e)
  • send userslug in preferredUsername (64258dac)
  • wrong variable name (50f31b23)
  • change default attachment type to Link, or Image if mediaType matches (bb4e418d)
  • save modified actor back to req.body (c3365908)
  • you scurvy cur! (52271cae)
  • handle (created) and (expires) in http signatures (4d23a837)
  • #12496, url in schema (f7833386)
  • handle remote userslugs with non-lowercase letters (f5ea470d)
  • send hs2019 as algo (to match cavage-12, handle incoming algorithm value (8d0876b8)
  • bump harmony (b8daa02f)
  • throw errors when local objects don’t exist (959e1820)
  • #12493, send unescaped fullname through via AP if displayname is set/used (e0f542c9)
  • send only the id into actors.assert (465a46f2)
  • use a slightly better error code to indicate object resolution failure (c92b5e07)
  • assume object is full object and not just id everywhere (e0166ccc)
  • use resolved object in likes (962c6351)
  • reject accepts of invalid follows and return when already following (b6168202)
  • handle resolved objects in flag (41f77f8f)
  • additional verbose logging for signature verification (464dd806)
  • bump mentions (6b169e04)
  • default to showing alternate as link to the post object (86107535)
  • pid via index calculation (de83d6b0)
  • support ldjson with ActivityStreams profile in actor queries (c30c1288)
  • early return on invalid actor (2d1524ee)
  • use actor id in flags (e25f0621)
  • make sort work with world filters (cd8a91fe)
  • uppercase digest algorithm name for compatibility reasons (5c1c1d21)
  • better handle null return from notes.assert (cbfc8d25)
  • bump mentions (86caf237)
  • actor assertion logic to ignore loopback urls (f40df387)
  • lol (983153fb)
  • maybe last tweak (42bdffdc)
  • tweak upgrade script again (ae146024)
  • tweak upgrade script again (166e3e2f)
  • add timeout on activitypub.get, tweak upgrade script (442e98e4)
  • tests, save actor URL into userRemote hash (59709a3c)
  • show locally captured remote posts when browsing remote profiles (1084f21d)
  • have getCidsByPrivilege include cid -1 when set is categories:cid (e828e87e)
  • updateLastOnlineTime for remote uids (893788a2)
  • bump harmony (2cbc3913)
  • adjust world schema (a3dce463)
  • redirect to /api/world for API requests (495d5435)
  • lint (f078e1e2)
  • skip notes.assert checks for Announce(Note) if it’s a remote object, do our own checks; #12442 (4fcd2bb2)
  • getSortedTopics; filter out topics in cid -1 unless explicitly asked for (dff5d1c6)
  • #12444 add uncategorized topics counted stats to separate sorted set (8dcdf8ef)
  • undefined object in notes.assert (1fb3c4fd)
  • typo (bab41d12)
  • restore userOrGroupExists, as alias to slugTaken (e0f6b707)
  • send handle as category actor’s preferredUsername, #12434 (803975fd)
  • use CategoryObject in admins-mods schema def (aafdefa7)
  • only send activitypub+json links via webfinger if activitypub is global enabled (65bb8666)
  • bump harmony (9c03e6e9)
  • resolve interoperability issues with Misskey, et al. (003c6469)
  • bump harmony (da2a1e20)
  • issue where cid -1 appeared in all category searches (8f131b71)
  • bump harmony (2756aae7)
  • post urls to use prefix instead of linking out directly to origin server, exposed encodeURIComponent as a template helper for themes (2408ecd8)
  • regression that caused S2S calls to topics to return with a 404 (5a2d17df)
  • restore accidentally removed calls to updateLocalRecipients and saveAttachments (5f60f75f)
  • properly handle empty fields param (c76d4018)
  • circular object ref. (7af07151)
  • tweak maxTags handling (ccd9c7ed)
  • bump mentions (ff6cc90c)
  • send topic notif on reply (1a92239c)
  • typo (44a183dd)
  • double-OP issue when remote reply comes in to local mainPid (0a2482cf)
  • filter out system tags and prune extra tags beyond number allowed, when creating topic from remote data (7aa56c72)
  • resolve toPid to local pid if able (ebd750b4)
  • tweak user.search to better handle local usernames with colons in them (c346177b)
  • accidental saving of ephemeral _activitypub object into db, should plumb into hooks only (81b319f4)
  • handle actor assertion failure if mocked profile does not have a fullname (338c568c)
  • template helper (52c143aa)
  • tests (4b2495b5)
  • remove unused param in addParentPosts (01f7af92)
  • only dereference id if it doesn’t exist locally — fewer calls (eb8ff75b)
  • specify param for api test for /world (b1491ca3)
  • AP S2S handling for /user/:userslug route (9cd6b496)
  • handle fetch failures on helpers.query (5768a437)
  • more duplicate detection in to/cc (ceab77e4)
  • markAsRead to handle remote topics (17c55922)
  • parse questions like a post (90e7d3a1)
  • properly build recipients… old logic was just plain wrong :shipit: (1e663239)
  • reallow topic:read privilege for fediverse group (97e5b0fd)
  • only serve local posts via S2S when queried (00101d9e)
  • note not federated out to mentioned users’ inboxes (6423d514)
  • update styling of available nav items in ACP (6aece689)
  • remove unresolvable actors from parsing prior to mocking profile (39da3ab6)
  • send explicitly empty array for attachment prop in mocks.note (4a8b06e8)
  • remove some privs from fediverse in world category (6999bd68)
  • inability to retrieve previously-unknown remote users via url manipulation (28f38b26)
  • tags received via AP should only be of type Hashtag (as mentions are also in tag prop (81b81e54)
  • data schema of reject activities (beaedc86)
  • fallbacks for if preferredUsername is not set (9f8c706f)
  • pass proper uid to privilege check in AP note federation (95427c4a)
  • remove console logging (4c2cbb5b)
  • move fallback 0 return in parseIntFields to other side of ternary conditional (5b74f6da)
  • remove intFields hack and update db.parseIntFields to only parseInt if field value is a number (f368a1a8)
  • truthy check in notes.assert (6671b511)
  • remote user avatars in notifications (aef1215f)
  • bump mentions (ae09aa20)
  • properly handle if mainPid is not a number (1ca9994f)
  • mainPid detection in unprocessed ids in assertTopic (b529610b)
  • redir on bad world filter (0cf6af9b)
  • serve fallback images on category actor (8cb984d4)
  • bump markdown (44452a3b)
  • missing invocation of generatePostUrl in generateRepliedTo helper (a08b2efb)
  • unable to process Update(Person) (96a3a746)
  • crash in resolveLocalId if Number is passed in (d51f5e59)
  • missing await, and handle local posts with no toPid (i.e. reply to OP) (0b6b86d1)
  • don’t overwrite title if present, on assertTopic (a3368a69)
  • bump markdown (b1894276)
  • copy fixes, rename upgrade script, disable federation on upgrades (281e9d6e)
  • update ap-related deps to prerelease versions (10abb82e)
  • defer federation of new topics when topic is scheduled, tie activitypub api module to global enable toggle (5f85e700)
  • lint (563db78f)
  • put postcount retrieval behind try..catch so errors are handled appropriately (28370b10)
  • side-effects from adding toPid to post intFields (now removed) (b0115951)
  • revert introduction of toPid into post intFields, manually cast toPid as int in getPostSummaryByPids if present and numeric (3a870360)
  • check origin only if object is a string (92a8951b)
  • send string to validator (893dd523)
  • regression re: attachment handling (53d1c10e)
  • parseIntFields for tids (31fd135f)
  • handle undo(Announce) of remote notes (cfbbf4ca)
  • assert actors on note assertion, resolve crash if announcing something that’s already been announced (6a7f8f14)
  • don’t crash when no attachment, oops (0edaf17c)
  • sanitize post remote post content regardless (8b0ccc80)
  • wrong id parsed in announce (068c4fa9)
  • accidental overwrite of hoisted internal variable (56cfae07)
  • include mainPid in topic counts calculation (5c04e805)
  • guests visiting /world should see all remote topics (19d017b9)
  • timestamp calculation (6a11c89b)
  • better handling of missing of invalid to, cc, timestamp values (76d5feb7)
  • remote announces not showing up in local inboxes (814c4794)
  • handle inaccessible boosts (9439987e)
  • remove invalid/inaccessible object from parent traversal chain on get error (672a907d)
  • handle invalid score (609a9a37)
  • mainPid accidental int (22da3a6a)
  • getParentChain error handling (69f1ace3)
  • take mainPid into account in syncUserInboxes (d13980c8)
  • typo (de71b733)
  • stringify error body in ap.send (401b4c5f)
  • activitypub.get failure handling (12968b62)
  • only log warning on ap.send failure (ce4b5679)
  • rejig some tertiary conditionals, fix broken inReplyTo when toPid is not defined and mainPid is a remote post (5fee4e33)
  • resolveLocalId to return null values instead of throwing for no resolution (11dba85d)
  • don’t crash on activitypub.send non-2xx, better logging for successful sends (ac56289f)
  • replies to remote content overriding mainPid in topic (2b1a3477)
  • assertTopic incorrectly creating new id if passed-in id did not match the actual object’s id (f1b8f3fe)
  • urls in posts and announces (4fb6574c)
  • remove now unused world/:tid route and assoc. controller (a61e7fe7)
  • cast cids passed in to getCategoriesFields as ints (aafdebd2)
  • logic error (80377599)
  • logic derp (9795abbf)
  • new language source file for activitypub text (21a2876e)
  • getUserInfo internal method in topic events to not filter out uids because getUsersFields already does it (f7259ccb)
  • category following and acceptance logic (25f0d484)
  • properly assert resources in AP router (d2f14c36)
  • update preferredUsername in category actor to match webfinger representation (d213ce79)
  • follower calls to return empty item list unless a page is explicitly passed in (94361721)
  • move all actor object urls to immutable variants (86a607ce)
  • send proper @context value for posts (was missing) (457bfe16)
  • remote follows, yet again (fef18824)
  • a bunch of broken things, added test for Create(Note) (a3a0edb7)
  • error handling for actor.assert (fa1c5490)
  • missing break statement (2c834263)
  • reject spiders on remote profile GETs (a355c05d)
  • send back correct actor id on webfinger calls (25434d2a)
  • parseInt on timestamp from post (ddf17ee5)
  • /uid/:uid route to return actor (0b3ca8e3)
  • the id of an actor should be its immutable uri (/uid/:uid) and not userslug (e07c3131)
  • unused require, tests (3c24cfb4)
  • send full as:Image object for icon and image in mocked actor object (0af97dd4)
  • clear post cache on Update(Note) (f51bbe91)
  • webfinger loopback (1ee03f2b)
  • revert home page routing change and moved instance actor endpoint to (e00a03bb)
  • restore avatars in topic list (3bdaa8a8)
  • send preferredUsername in application actor response (f8cfe64c)
  • note assertion on Create(Note) and Update(Note) to use instance key instead of uid 1’s user key (4cc7ee65)
  • add workaround for nodejs/undici#1305 required to remove sec-fetch-mode header (2cb37088)
  • response, not res (9e58b04c)
  • automatically reject unsigned POSTs to inbox (a3e1a666)
  • handle case where pubKey cannot be found (33f3da8a)
  • user data in /world (518169fe)
  • bookmark in topic data is nullable now (970a5a6e)
  • saving teaserPid, timestamp, lastposttime in topic, fixed post index issue in loading topics (60bc27ec)
  • preserve cid if set (e038eb05)
  • incorrect author uid saved in topic (75654852)
  • infinite scroll for posts (8cd3ff1a)
  • reply expansion (5ac02765)
  • issues related to adding new reply chains to an existing topic, resolveId method in notes module (2981f663)
  • simplify increasePostCount logic by combining methods (81d81098)
  • have mocks.posts return same number of items as received (d992239d)
  • show full names for remote users (d1cdb8f8)
  • improper params sent to get and getActor (9221506b)
  • restore hostname prop in getActor method (ec3c6b67)
  • ActivityPub.get now throws on failure, handle in getActor (7ec75f58)
  • send in mocked profile data in follow routes as well (942a9b7e)
  • tests (c66b1867)
  • isUri helper so that it passes ci tests (27e256d2)
  • frontend follow logic, as uid is no longer webfinger slug (fcca9259)
  • use simpler getSortedSetRevRange instead of unnecessary zunion call (283e460a)
  • accept and undo logic saving improper id into database, updated follow logic so remote follow is not added to collection until an accept is received (759d69e0)
  • relax activity-failed condition (3339baac)
  • additional refactors and updates to follow/unfollow logic (6a54e009)
  • bug where body wasn’t properly sent on ap-style content-types (ac344011)
  • send actor uris in follow instead of webfinger ids (543daee8)
  • some wip code regarding handling a follow activity, remove unfollow activity as that does not exist (f3b0794d)
  • accidental double-hash in sign/verify (0eadad84)
  • incorrect logic (71e3d26b)
  • update proceedOnActivityPub middleware to handle how Mastodon doesn’t send the ‘Accepts’ header (dd480aa4)
  • another bad call to request lib (88527884)
  • broken call to request lib, tests (8d796170)
  • update isJSON test in request lib (510763af)
  • handle null actor uri in helpers.query (a21110fd)
  • unused require (7f46f07c)
  • store remote followed users count separately from local (e794f1d2)
  • icon text and bgColor in remote profiles (4324f09c)
  • add basic sanity-checking to middleware.validateActivity (99cc60c8)
  • incorrect host/hostname usage in well-known test (bcee1c8d)
  • save remote follower count separately from local follower count (4218ecc4)
  • missing req.body when parsing ActivityPub requests (e6753ce5)
  • bugs, more prep to start making calls to self (5d95765e)
  • moved .well-known assets to separate router file, added basic webfinger implementation (51d8f3b1)
  • deps:
    • update dependency ace-builds to v1.37.5 (#13058) (76a14de3)
    • update dependency fs-extra to v11.3.0 (#13055) (9a401b5b)
    • update dependency postcss to v8.5.1 (#13050) (3ba1d264)
    • update dependency nodebb-plugin-web-push to v0.7.2 (#13049) (e9a4c42b)
    • update dependency nodebb-plugin-2factor to v7.5.8 (#13048) (3827f438)
    • update dependency sass to v1.83.4 (#13046) (8e62800b)
    • update dependency postcss to v8.5.0 (#13044) (c4c89116)
    • update dependency cron to v3.5.0 (#13042) (5e5d920b)
    • pin dependencies (#12987) (430d1479)
    • update dependency satori to ^0.12.0 (#12995) (05f7b58c)
    • update dependency tough-cookie to v5.1.0 (#13039) (34b0cf6b)
    • update fontsource monorepo to v5.1.1 (#13029) (b1e87aa9)
    • update dependency fetch-cookie to v3.1.0 (#13006) (df69b399)
    • update dependency ace-builds to v1.37.4 (#12988) (3a33cd5b)
    • update dependency esbuild to v0.24.2 (#12989) (701780fe)
    • update dependency sanitize-html to v2.14.0 (#12994) (bfc962b9)
    • update dependency ioredis to v5.4.2 (#12993) (7943fcde)
    • update dependency cron to v3.4.0 (#13026) (de571d24)
    • update dependency sass to v1.83.1 (#13028) (438f4e0a)
    • update dependency nodebb-widget-essentials to v7.0.32 (#13027) (de076a21)
    • #12683 bump emoji plugin to v6 (e8fda4c0)
    • swap ntfy for web-push plugin (aa060d31)
    • persona v4 support (83993cad)
    • bump markdown (daed7413)
Other Changes
  • fix paranthesis (8fd8079a)
  • remove unused utils (7e450e1d)
  • remove unused function (26765fe9)
  • remove unused (530241e0)
  • comment out actor assertion call in Users.getUsersFields (691f6917)
  • fix some but not all tests (76453650)
  • fix privileges in test runner (aadac705)
  • unused requires, linting fixes (3e02efcd)
  • additional logging (08f8babd)
  • fix eslint errors (47b3ffb9)
Performance Improvements
  • ~18x speedup of /world route (f6f01ba3)
  • get rid of exists call, load all attachments in one call (9b8c834e)
  • use batch in resolveInboxes (644bcec5)
  • get rid of getPidByIndex, use postAtIndex (ad22b54e)
  • ‘-inf’ faster (c95075e1)
  • move attachments to post hash (291bf7db)
Refactors
  • use helpers.log (40257663)
  • add thumbsOnly option to thumbs retrieval method so that embeds/attachments don’t show up in composer thumbnail modal (51fd65ab)
  • split (and remove) activitypub.json file and move strings to more appropriate locations (e4e10636)
  • topic thumb logic so that isDraft is based on topic existence, and not whether it is a UUID, as remote topics are also UUIDs. (3439fdb6)
  • post object schema to its own reference object, added sourceContent as optional value in post data (3073abd9)
  • prolly dont need exists check (a42c9a6b)
  • buildTopicsSortedSet (c1093c92)
  • expose buildRecipients as a main activitypub lib method, call buildReceipients in ap controller actors for notes (5e47b194)
  • followers url filtering logic, #12834 (ca683c6d)
  • check HTTP signatures on all activitypub requests (8ef0df57)
  • simplified ajaxify.check and likely made it equally more confusing (cf6c4c52)
  • split out logic to determine ajaxification into exported method (fc4f6a4c)
  • standardization; onNewPost internal method to return a superset of post summary (9357e718)
  • follow/accept/undo logic to pass the same timestamp throughout the follow’s lifetime (e015339c)
  • store local follow backreferences for remote users (both followers and following), update actor pruning to take local follow counts into consideration, fixes #12701 (39f92eac)
  • collection logic out to an activitypub helper (352857cf)
  • context item retrieval logic (20aee8e9)
  • announces (c021e7e8)
  • single db call (c231ab78)
  • actor pruning logic (6227ab90)
  • catch errors (f76a5863)
  • add method from mentions into core (3eca9785)
  • dont need exist check, if post doesnt exist getPostData returns null (b2d03da9)
  • User.getUidsByUserslugs, so it works with multiple slugs (eb6fe339)
  • suggest topics, use strings for tids (3488a4bf)
  • unused winston (869df3c2)
  • change to info (d1625d5f)
  • remove verbose logs, (2ae58570)
  • comment out verbose logs (ba2d1841)
  • get rid of noop (eaf43541)
  • single cache.del call (9868a728)
  • #12553, buildRecipients so that it is separate from addressing in mocks.js (1fa93465)
  • use batch.processArray for sending AP messages (ea6e15bf)
  • context actor to serve an as:OrderedCollection instead of as:Page, and added context property (as per FEP-7888) to refer to it, changed audience to point to category (4b29a1b9)
  • post announce logic to save to separate zset instead of to topic events, closes #12536 (119800d9)
  • remove unnecessary flag routes added in 9ab1a2d (53b352d0)
  • split activitypub tests to subfolder files (94eafe1d)
  • use URLSearchParams instead of multiple encodeURIComponent (844d1402)
  • stub routes for category synchronization, refactor remote follow logic to allow categories to conduct follows as well (59a9dd84)
  • use a helper to resolve actor URI (b921f8d1)
  • use getSortedSetUnion in syncUserInboxes instead (6c1a0fb1)
  • use one internal rejection method (ac765f1e)
  • use topics.post, topics.reply, and posts.edit in Create(Note), Create(Note), and Update(Note), respectively (f7c8967e)
  • use topics.create internal method instead of directly setting topic hash, handle incoming tags for OP (f5a61079)
  • assertTopic to only call setObject when it is a new topic (bdcd862c)
  • resolveId method, add hostname verification (ed4ccbfc)
  • use existing sets for topics (instead of topicRemote, etc.) (ec2b375a)
  • activitypub sending to handle signed requests from categories (35819cc9)
  • replace JIT actor retrieval with actor assertion and storage logic (ef8cd34b)
  • added mocks.note in preparation for AP note retrieval logic, inReplyTo is always populated now, unless new topic (5de4f084)
  • simplify remote (un)follow controller (c9feb925)
  • guard dispatcher definition so non-Node runtimes won’t have issues (2ce14f50)
  • generate a topic id when asserting a new topic (2ff70fdd)
  • move activitypub-related middlewares to their own file (538776f9)
  • simplify mocks.post as it only needs minimal data for saving into db (2bd9e984)
  • move mockProfile and mockPost to separate mocks.js (06e15834)
  • update ActivityPub.get and all methods calling it to take a uid so that requests can be signed (a1c8c3a0)
  • validator check to helper method (2e330d8b)
  • move profile mocking logic to discrete method in main activitypub lib (8d4fd9c0)
  • update ap libs to use core request lib (5c881d3f)
  • update activitypub.getActor to accept either url or webfinger id (68d5e4a8)
  • minor restructure to move logic out of main controller file to src/api (c803b212)
  • acp tpl + config option (ab3ff320)
Code Style Changes
  • remove unused variable (9f94653b)
Tests
  • fix spec (b80f0dab)
  • missing ; (866588f7)
  • fix guest handles in onNewPost (81f7371a)
  • have actor assertion always use cache for tests (ad05f06b)
  • fix broken test in category follows (4949d6c4)
  • add attachments (6042f4a7)
  • refactor tests to support additional Note tests (0c0f01b5)
  • use encoded parameters in webfinger tests (8fd4ae2d)
  • fix well-known error code repsonse (175521ba)
  • refactor AP tests (42a09241)
  • fix tests (e138b915)
  • fix tests to reflect new immutable IDs, and added new tests for resource retrieval (42bb3c33)
  • fix error copy (91a509c4)
  • allow http proto on ci (24c1dfac)
  • fixed improper signed_string reconstruction in .verify() (cc0d1886)
  • fix webfinger test (9dfa1b72)
  • added passing test cases for .sign() and .verify() (a10df987)
  • updated activitypub test suite (1c8e13bb)
  • added test cases for activitypub integration, WIP (4bd8d28a)