erin/akkoma
1
0
Fork 0
forked from mirrors/akkoma
Code Activity
akkoma/test/pleroma
History
Oneric ddd79ff22d Proactively harden emoji pack against path traversal 
No new path traversal attacks are known. But given the many entrypoints
and code flow complexity inside pack.ex, it unfortunately seems
possible a future refactor or addition might reintroduce one.
Furthermore, some old packs might still contain traversing path entries
which could trigger undesireable actions on rename or delete.

To ensure this can never happen, assert safety during path construction.

Path.safe_relative was introduced in Elixir 1.14, but
fortunately, we already require at least 1.14 anyway.
2024-03-18 22:33:10 -01:00
..
activity Prune old Update activities 2024-02-17 16:57:40 +01:00
akkoma Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
collections GTS: cherry-picks and collection usage (#186) 2022-08-27 18:05:48 +00:00
config release_runtime_provider_test: chmod config for hardened permissions 2023-08-04 14:14:04 -04:00
conversation fix flaky participation_test.exs 2022-10-23 12:33:31 +02:00
docs backend-i18n (#121) 2022-07-27 21:56:59 +00:00
ecto_type/activity_pub/object_validators Pipeline Ingestion: Note 2021-04-05 19:19:11 +02:00
emails Correct email links to be absolute URLs 2023-11-02 11:49:03 +00:00
emoji Proactively harden emoji pack against path traversal 2024-03-18 22:33:10 -01:00
http Support elixir1.15 2023-08-03 17:44:09 +01:00
instances Don't mess with the cache on metadata update 2022-11-08 10:39:01 +00:00
integration Migrate to phoenix 1.7 (#626) 2023-08-15 10:22:18 +00:00
mfa Put matchers in matchers subpackage 2023-08-06 15:53:04 +01:00
migration_helper purge chat and shout endpoints 2022-07-21 11:29:28 +01:00
object Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
password
repo/migrations Another keyword.equal? check 2023-08-06 16:36:18 +01:00
search Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
translators Add MRFs for direct message manipulation 2023-05-22 23:53:44 +01:00
upload Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
uploaders Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
user Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
web StealEmoji: check remote size before downloading 2024-03-18 22:33:10 -01:00
workers Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
activity_test.exs Merge branch 'features/validators-note' into 'develop' 2021-06-01 01:51:38 +00:00
announcement_read_relationship_test.exs Merge branch 'from/upstream-develop/tusooa/server-announcements' into 'develop' (#85) 2022-07-18 13:08:36 +00:00
announcement_test.exs Merge branch 'from/upstream-develop/tusooa/server-announcements' into 'develop' (#85) 2022-07-18 13:08:36 +00:00
application_requirements_test.exs Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
bookmark_test.exs
captcha_test.exs
config_db_test.exs Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
config_test.exs
conversation_test.exs
emoji_test.exs Fix emoji qualification (#124) 2022-07-28 12:02:36 +00:00
filter_test.exs
following_relationship_test.exs
formatter_test.exs CI: Bump lint stage to elixir-1.12 2021-10-06 08:11:05 +02:00
frontend_test.exs
hashtag_test.exs
healthcheck_test.exs Add unordered list equality matcher 2023-08-06 15:58:11 +01:00
html_test.exs
http_test.exs mix format 2022-06-11 16:14:31 +01:00
instances_test.exs Add Signed Fetch Statistics (#312) 2022-11-26 19:22:56 +00:00
iso639_test.exs add inbound language test 2023-01-11 15:42:13 +00:00
job_queue_monitor_test.exs Support elixir1.15 2023-08-03 17:44:09 +01:00
keys_test.exs
list_test.exs
marker_test.exs
mfa_test.exs argon2 password hashing (#406) 2022-12-30 02:46:58 +00:00
moderation_log_test.exs CI: Bump lint stage to elixir-1.12 2021-10-06 08:11:05 +02:00
notification_test.exs Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
object_test.exs Always insert Dedupe upload filter 2024-03-18 22:33:10 -01:00
otp_version_test.exs
pagination_test.exs
password_test.exs argon2 password hashing (#406) 2022-12-30 02:46:58 +00:00
registration_test.exs
repo_test.exs
report_note_test.exs
reverse_proxy_test.exs Sanitise Content-Type of media proxy URLs 2024-03-18 22:33:10 -01:00
runtime_test.exs
safe_jsonb_set_test.exs
scheduled_activity_test.exs
signature_test.exs Fix signature checking 2023-08-07 16:17:17 +01:00
stats_test.exs
upload_test.exs Always insert Dedupe upload filter 2024-03-18 22:33:10 -01:00
user_invite_token_test.exs
user_note_test.exs Add user_note_test.exs. 2023-05-12 02:18:24 +00:00
user_relationship_test.exs Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
user_search_test.exs fix tests broken by relay defaults changing (#314) 2022-11-26 20:45:47 +00:00
user_test.exs fix issue with API cascading domain blocks but not honouring them 2023-08-25 11:00:49 +01:00
utils_test.exs extend custom runtime system (#108) 2022-07-24 16:42:43 +00:00
xml_builder_test.exs