Commit graph

332 commits

Author SHA1 Message Date
Reiner Herrmann c0dd5b1cc2 feat: URL preview support
from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347
with the following changes (so far):
- remove hardcoded list of allowed hosts (strongly disagree with this,
even if it is desired, it should not be harcoded)
- add more allow config options for granularity via URL contains,
host contains, and domain is (explicit match) for security
- warn if a user is allowing all URLs to be previewed for security reasons
- replace an expect with proper error handling
- bump webpage to 2.0
- improved code style a tad

Co-authored-by: rooot <hey@rooot.gay>
Signed-off-by: rooot <hey@rooot.gay>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
Matthias Ahouansou fc93b29abe feat: forbid certain usernames & room aliases
squashed from https://gitlab.com/famedly/conduit/-/merge_requests/582

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-11 21:56:55 -05:00
dependabot[bot] e0cdcf66d3 Bump tokio from 1.35.1 to 1.36.0
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.35.1 to 1.36.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.35.1...tokio-1.36.0)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-06 21:08:17 -05:00
dependabot[bot] 3ac42129ac Bump reqwest from 0.11.23 to 0.11.24
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.23 to 0.11.24.
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/reqwest/compare/v0.11.23...v0.11.24)

---
updated-dependencies:
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 19:39:24 -05:00
strawberry 03080c5677 bump ruma
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 19:39:26 -05:00
Charles Hall 621c85fd3b run cargo update
`IndexMap::remove` was deprecated in favor of explicitly named methods.
I assume that we actually needed to be using `shift_remove`, otherwise
we probably wouldn't be bothering with `indexmap` here in the first
place. I wonder if this fixes any bugs lol

from: https://gitlab.com/famedly/conduit/-/merge_requests/580

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry fb1fa4364d downgrade rust-rocksdb back to latest stable
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-31 16:20:26 -05:00
strawberry aa3fd6a47e switch cargo.toml pkg name back to conduit
we already make it clear this is a fork with
our version and such

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-27 16:47:33 -05:00
strawberry 9d1ca3e84a update deps
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry fa0c083555 don't send requests to specified list of IP CIDRs
this can most definitely be improved but this is a decent attempt.
the only annoying this is i couldn't just use a Vec<IPAddress> which
would have significantly simplified all of this, but serde can't
deserialise it on the config side i guess.

i may find a better way to do this in the future, but this should cover
most areas anyways.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry dc9c86d3db bump ruma, rusqlite, and rocksdb
latest rocksdb now has WriteBufferManager support

i hope no one is using sqlite with conduwuit, but if they are let's
bump it to latest git too for the latest sqlite version available.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry 9d0c85ab17 use ruma JsOption, bump figment
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-25 19:28:33 -05:00
strawberry 632276ae99 bump ruma to aa3acd88d21dfbb7595f54e619f52761bcb0259e
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry 1f117582ca update all transitive dependencies (cargo update)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry efa6308172 actually we can remove loole (for now) and crossbeam
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry ef10a2df36 add more lints, bump image and crossbeam
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-17 14:26:26 -05:00
strawberry acc0bdad1a update rocksdb to 8.10.0
https://github.com/rust-rocksdb/rust-rocksdb/pull/852

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry da3ac7a2f1 deps updates again
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry ee2f1c3084 the great persy, sled, and heed purge (and bump MSRV to 1.74.1)
these database backends are either unmaintained, broken in conduit, or
incredibly niche for something like conduwuit.

also i want to bump the MSRV.

Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry 966cca25f1 bump conduwuit version as we've made a lot of changes
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-14 20:55:56 -05:00
strawberry 1308574db0 bump ruma to latest commit (syncv3 JsOption and push optional power levels)
Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-01-07 22:26:27 -05:00
dependabot[bot] bead35d460 Bump clap from 4.4.12 to 4.4.13
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.12 to 4.4.13.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.4.12...v4.4.13)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-06 16:17:14 -05:00
dependabot[bot] 8b57ebe9a2 Bump opentelemetry_sdk from 0.21.1 to 0.21.2
Bumps [opentelemetry_sdk](https://github.com/open-telemetry/opentelemetry-rust) from 0.21.1 to 0.21.2.
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.21.1...v0.21.2)

---
updated-dependencies:
- dependency-name: opentelemetry_sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-06 16:17:07 -05:00
dependabot[bot] 16a0cd4ed4 Bump loole from 0.1.13 to 0.3.0
Bumps [loole](https://github.com/mahdi-shojaee/loole) from 0.1.13 to 0.3.0.
- [Commits](https://github.com/mahdi-shojaee/loole/commits)

---
updated-dependencies:
- dependency-name: loole
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-06 16:17:00 -05:00
dependabot[bot] 673febe9a4 Bump serde from 1.0.193 to 1.0.194
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.193 to 1.0.194.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.193...v1.0.194)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-06 16:16:53 -05:00
dependabot[bot] 7a8aa969fa Bump thiserror from 1.0.52 to 1.0.56
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.52 to 1.0.56.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.52...1.0.56)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-02 19:36:40 -05:00
dependabot[bot] c82f662e0e Bump async-trait from 0.1.75 to 0.1.77
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.75 to 0.1.77.
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](https://github.com/dtolnay/async-trait/commits)

---
updated-dependencies:
- dependency-name: async-trait
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-02 19:27:21 -05:00
dependabot[bot] 4ed6de2919 Bump figment from 0.10.12 to 0.10.13
Bumps [figment](https://github.com/SergioBenitez/Figment) from 0.10.12 to 0.10.13.
- [Commits](https://github.com/SergioBenitez/Figment/commits)

---
updated-dependencies:
- dependency-name: figment
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-02 19:21:23 -05:00
dependabot[bot] 796dea43cb Bump serde_json from 1.0.108 to 1.0.109
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.108 to 1.0.109.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.108...v1.0.109)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-02 19:21:15 -05:00
dependabot[bot] 712da2b354 Bump clap from 4.4.11 to 4.4.12
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.11 to 4.4.12.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.4.11...v4.4.12)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-29 19:18:17 -05:00
dependabot[bot] e38c595a6d Bump tokio from 1.34.0 to 1.35.1
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.34.0 to 1.35.1.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.34.0...tokio-1.35.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-27 13:20:33 -05:00
dependabot[bot] 14a880257e Bump thiserror from 1.0.51 to 1.0.52
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.51 to 1.0.52.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.51...1.0.52)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-26 18:11:29 -05:00
dependabot[bot] 56282414fe Bump serde_yaml from 0.9.27 to 0.9.29
Bumps [serde_yaml](https://github.com/dtolnay/serde-yaml) from 0.9.27 to 0.9.29.
- [Release notes](https://github.com/dtolnay/serde-yaml/releases)
- [Commits](https://github.com/dtolnay/serde-yaml/compare/0.9.27...0.9.29)

---
updated-dependencies:
- dependency-name: serde_yaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-26 17:53:56 -05:00
dependabot[bot] 06685874b7 Bump reqwest from 0.11.22 to 0.11.23
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.22 to 0.11.23.
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/reqwest/compare/v0.11.22...v0.11.23)

---
updated-dependencies:
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-26 17:53:49 -05:00
dependabot[bot] b7cfca5e7b Bump futures-util from 0.3.29 to 0.3.30
Bumps [futures-util](https://github.com/rust-lang/futures-rs) from 0.3.29 to 0.3.30.
- [Release notes](https://github.com/rust-lang/futures-rs/releases)
- [Changelog](https://github.com/rust-lang/futures-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/futures-rs/compare/0.3.29...0.3.30)

---
updated-dependencies:
- dependency-name: futures-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-25 16:02:19 -05:00
dependabot[bot] f1d978f139 Bump tracing from 0.1.37 to 0.1.40
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.37 to 0.1.40.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.37...tracing-0.1.40)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-25 16:02:12 -05:00
dependabot[bot] 49a92f08d6 Bump crossbeam from 0.8.2 to 0.8.3
Bumps [crossbeam](https://github.com/crossbeam-rs/crossbeam) from 0.8.2 to 0.8.3.
- [Release notes](https://github.com/crossbeam-rs/crossbeam/releases)
- [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crossbeam-rs/crossbeam/compare/crossbeam-0.8.2...crossbeam-0.8.3)

---
updated-dependencies:
- dependency-name: crossbeam
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-25 15:46:09 -05:00
dependabot[bot] cb23dba67d Bump persy from 1.4.4 to 1.4.7
Bumps [persy](https://gitlab.com/tglman/persy) from 1.4.4 to 1.4.7.
- [Changelog](https://gitlab.com/tglman/persy/blob/master/release-checklist.md)
- [Commits](https://gitlab.com/tglman/persy/compare/1.4.4...1.4.7)

---
updated-dependencies:
- dependency-name: persy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-25 15:45:59 -05:00
Nineko fdc3e07be6
feat: replaced flaky argon2 with better argon2 crate (#37)
* feat: replaced flaky argon2 with better argon2 crate

* fix: applied cargo fmt nightly

* docs: added comment specifying what the settings for Argon2 mean

* fix: made hashing error a bit more descriptive

* fix: fixed incorrect value for Kib
2023-12-25 10:28:56 -05:00
dependabot[bot] f20beae8dc Bump nix from 0.26.4 to 0.27.1
Bumps [nix](https://github.com/nix-rust/nix) from 0.26.4 to 0.27.1.
- [Changelog](https://github.com/nix-rust/nix/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nix-rust/nix/compare/v0.26.4...v0.27.1)

---
updated-dependencies:
- dependency-name: nix
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-22 18:56:36 -05:00
dependabot[bot] 09f68f9f78 Bump serde_html_form from 0.2.2 to 0.2.3
Bumps [serde_html_form](https://github.com/jplatte/serde_html_form) from 0.2.2 to 0.2.3.
- [Changelog](https://github.com/jplatte/serde_html_form/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jplatte/serde_html_form/compare/v0.2.2...v0.2.3)

---
updated-dependencies:
- dependency-name: serde_html_form
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-22 18:39:35 -05:00
dependabot[bot] ba40582412 Bump ring from 0.17.5 to 0.17.7
Bumps [ring](https://github.com/briansmith/ring) from 0.17.5 to 0.17.7.
- [Commits](https://github.com/briansmith/ring/commits)

---
updated-dependencies:
- dependency-name: ring
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-22 18:32:38 -05:00
dependabot[bot] d502357a0f Bump tracing-subscriber from 0.3.17 to 0.3.18
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.17 to 0.3.18.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.17...tracing-subscriber-0.3.18)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-22 18:32:28 -05:00
Charles Hall d76ea86909 update opentelemetry things
Upstream's changelogs are unhelpful :/
2023-12-22 18:24:03 -05:00
strawberry a3336902a0 bump rust-rockdb to latest git for 8.9.1
Co-authored-by: Charles Hall <charles@computer.surgery>
Signed-off-by: strawberry <strawberry@puppygock.gay>
2023-12-21 22:47:28 -05:00
dependabot[bot] b977d94261 Bump thiserror from 1.0.48 to 1.0.51
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.48 to 1.0.51.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.48...1.0.51)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-21 19:17:27 -05:00
dependabot[bot] 65c9b1721f Bump jsonwebtoken from 9.1.0 to 9.2.0
Bumps [jsonwebtoken](https://github.com/Keats/jsonwebtoken) from 9.1.0 to 9.2.0.
- [Changelog](https://github.com/Keats/jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Keats/jsonwebtoken/compare/v9.1.0...v9.2.0)

---
updated-dependencies:
- dependency-name: jsonwebtoken
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-21 19:17:06 -05:00
dependabot[bot] b49e43d8bb Bump clap from 4.4.8 to 4.4.11
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.8 to 4.4.11.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.4.8...v4.4.11)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-20 22:37:04 -05:00
dependabot[bot] f5d2df5483 Bump async-trait from 0.1.74 to 0.1.75
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.74 to 0.1.75.
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](https://github.com/dtolnay/async-trait/compare/0.1.74...0.1.75)

---
updated-dependencies:
- dependency-name: async-trait
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-20 22:32:46 -05:00
strawberry 8454773275 log rejected sendjoin, remove unnecessary clone
Signed-off-by: strawberry <strawberry@puppygock.gay>
2023-12-03 20:20:25 -05:00