* Password reset
* Various improvements and fixes for password reset
- Reorganize src/mail.rs to make it cleaner
- add a build_mail function
- only make the requests invalid after 2 hours
- avoid infintely-growing list of requests by deleting them once completed, or after 24 hours
- avoid sending many requests for the same user
- validate the password reset form
* Avoid locking so many times
Fix durations
* Remove old requests even if the current one is not valid
* Remove unused feature
* Also remove the custom_derive and plugin features while we are at it
* Forgot a 0 è_é
* Avoid panicking while owning a request lock
* Use master branch of lettre so that we can build with the latest OpenSSL
* Fix the debug mailer
Fix#433
I added the repo link to Cargo.toml so that `software.repository` could be configurable like @rhaamo suggested. I don't know if it's ok to include `software.repository` without bumping the schema version, but I didn't know if that would break any clients that parse nodeinfo with a hardcoded schema version.
* Allow customizing max form size from env vars
* Add error page for unprocessable entities
And change default http port to 7878
* Improve char counter: under the editor, more discrete, and give it a default value
This pull request add a `categories` key to the web manifest. The categories key was [recently added](https://www.aaron-gustafson.com/notebook/categories-land-in-the-web-app-manifest/ "Blog post detailing the addition of categories to the spec") to the Web Manifest spec and is a list of categorizations you want to apply to your site that serves as a hint to search engines and webapp catalogs.
The categories can be anything and there is no standardized list of vaues. The W3C is maintaining a list of commonly used values [here](https://github.com/w3c/manifest/wiki/Categories). I added _social_ to Plume's manifest based on that list, but I think eventually allowing a user defined list would be better. I don't know if there's anything in Plume currently that would enable that.
llvm latest svn commit is broken as of 2019/01/12. This patch pins the llvm+lld versions used for arm compiles.
It also tweaks the architecture detection to be more reliable in multi-lib/multi-arch situations where the CPU is 64bit but the runtime is 32bit.
* Bump serde from 1.0.82 to 1.0.84
* Bump ructe from 0.5.4 to 0.5.6
* Bump colored from 1.6.1 to 1.7.0
* Bump itertools from 0.7.11 to 0.8.0
* Bump ammonia from 1.2.0 to 2.0.0
* Bump hyper from 0.12.19 to 0.12.20
* Bump serde_derive from 1.0.80 to 1.0.84
* Bump stdweb from 0.4.12 to 0.4.13
* Bump rsass from 0.9.4 to 0.9.6
* Bump failure from 0.1.3 to 0.1.5
* Bump reqwest from 0.9.5 to 0.9.8
* Bump serde_derive from 0.7.1 to 0.8.0
* Better contrat for input fields
This change set a white background for input field (text, select and textarea)
to have a better contrast with the page background and improve accessibility for
people with vision problem, and just crappy screen.
This change also remove the round corner for the input to have a clear difference
between editing field and buttons.
This max-width of the form element are a bit bigger too.
* Less space between label and input
* Use multi step build to limit the image size
This change replace the Dockerfile with a multi step build to avoid huge image
size (the new image should be around 130Mo including all layers), compared to
more that 1Go with the full build chain. It's also more safe. This image does
not include cargo (not needed in production), so the old Dockerfile is available
and renamed Dockerfile.slim for those who use Docker for development setup.
* Use correct path for local repository
* Use sleep between chmod and execution
This change also remote all units for line-height to have more consistent styles and better cascading support. This solve the too small line height for multi line header in article and also add styling for h1 to h6 (previously h3 to h6 was not styled at all)
* Update plume-front build to use a shell script that adds the necessary dependencies on arm (x86 left untouched inside the script)
* Fix cleanup portion of plume-front.sh
* Break wasm dependencies for arm out so they are run before the main builds to improve layer caching on subsequent docker builds
* Fixup dockerfile so wasm-deps can run properly and with fewer assumptions
* Move new scripts to script/ folder
* Remove saving of path as it's not actually not necessary
* Add rust-toolchain to early copy so it pulls the right rust release (addresses #400)
- Use `Result` as much as possible
- Display errors instead of panicking
TODO (maybe in another PR? this one is already quite big):
- Find a way to merge Ructe/ErrorPage types, so that we can have routes returning `Result<X, ErrorPage>` instead of panicking when we have an `Error`
- Display more details about the error, to make it easier to debug
(sorry, this isn't going to be fun to review, the diff is huge, but it is always the same changes)
Rust can compile to WASM, so let's use it for front-end code as well.
To compile the front-end:
```
cargo install cargo-web
cargo web deploy -p plume-front
```
Add some support for comment visibility, fix#217
This add a new column to comment, denoting if they are public or not, and a new table linking private comments to those allowed to read them. There is currently no way to write a private comment from Plume.
Git is having a hard time what happened in Comment::from_activity, but most of it is just re-indentation because a new block was needed to please the borrow checker. I've marked with comments where things actually changed.
At this point only mentioned users can see private comments, even when posted as "follower only" or equivalent.
What should we do when someone isn't allowed to see a comment? Hide the whole thread, or just the comment? If hiding just the comment, should we mark there is a comment one can't see, but answers they can, or put other comments like if they answered to the same comment the hidden one do?
* Fix some follow issues
Fix not receiving notifications when followed by remote users
Fix imposibility to be unfollowed by Mastodon/Pleroma users (tested only against Pleroma)
* Fix notification on every post
* Fix issues with federation
Send Link instead of Object when emiting Follow request
Receive both Link and Object for Follow request
Don't panic when fetching user with no followers or posts from Pleroma
Reorder follower routes so Activity Pub one is reachable
* Generate absolute urls for mentions and tags
* Verify author when undoing activity by Link