Stefan Strigler
427f68daa6
fix(mod_invites): broken path when behind proxy with prefix
2026-03-12 14:34:56 +01:00
Stefan Strigler
b15bae267d
fix path to bootstrap files
2026-03-12 13:47:52 +01:00
Pawel Chmielowski
6bbed5854a
Fix duplicate stanza-id in muc mam responses generated from local history
...
This fixes issue #4544
2026-03-11 13:03:53 +01:00
Pawel Chmielowski
15661f16c4
Always hide password in mod_http_api log entries
2026-03-10 11:41:06 +01:00
Pawel Chmielowski
54b30cf0c4
Improve transformation code in mod_roster_mnesia
2026-03-10 11:39:29 +01:00
Badlop
b7940ba360
Workflows: Don't use jsdelivr mirror: not up-to-date, unnecessary and problematic
...
* Not up-to-date
jsdelivr takes some days or weeks to get latest erlang versions, compare
https://builds.hex.pm/builds/otp/arm64/ubuntu-24.04/builds.txt
https://cdn.jsdelivr.net/hex/builds/otp/arm64/ubuntu-24.04/builds.txt
* Unnecessary
As builds.hex.pm is already geodistributed, there's no need to add mirror
Reference: https://www.hex.pm/docs/mirrors
* Problematic in parallel jobs
The ci.yml workflow is split in separate jobs that run in parallel,
and all of them must use the exact same erlang version.
When using mirrors, different erlang versions may be used...
and then the compiled files require more recompilation, which fail
===> Compiling /home/runner/work/ejabberd/ejabberd/c_src/epam.c
===> /home/runner/work/ejabberd/ejabberd/c_src/epam.c:18:10: fatal error: security/pam_appl.h: No such file or directory
18 | #include <security/pam_appl.h>
| ^~~~~~~~~~~~~~~~~~~~~
Instead of removing mirrors, an alternative solution would be
to specify exact OTP version: "28.3.2", but then we would need to update
all those strings in ci.yml for every erlang release.
2026-03-10 02:07:41 +01:00
Badlop
ee2fd8446a
Update Catalan and Spanish translations
2026-03-09 19:26:00 +01:00
Badlop
b41a8b0925
Update Czech translation (thanks to hollymrklm)
2026-03-09 19:26:00 +01:00
Badlop
8603cd85db
manage-ejabberd: Compile with test profile to get all required deps
2026-03-09 19:25:22 +01:00
Badlop
3a2d1bd12b
Makefile: Run invites-deps only when files are missing
2026-03-09 19:24:53 +01:00
Badlop
a04ed90e25
Rename target test-eunit to avoid name pattern test-GROUP
...
Example:
$ make test-eunit
Makefile:696: warning: overriding recipe for target 'test-eunit'
Makefile:692: warning: ignoring old recipe for target 'test-eunit'
...
2026-03-09 19:20:41 +01:00
Holger Weiss
383b498fbb
Merge remote-tracking branch 'processone/pr/4542'
...
* processone/pr/4542:
make-binaries: Enable missing crypto features
2026-03-09 17:19:34 +01:00
Pawel Chmielowski
af3987fc0a
Update one more place where store_mam_message hook is triggered
2026-03-09 14:57:28 +01:00
Pawel Chmielowski
9fd1ed34ee
Call store_mam_message hook for messages that user_mucsub_from_muc_archive was filtering out
...
Just adjust mod_mam callback for it to not store them.
This callback is used by mod_push for triggering push, and previous
behaviour did disable pushes for muc messages with that option
enabled.
2026-03-09 14:05:19 +01:00
Holger Weiss
a9ae72ba9f
make-binaries: Download unixODBC from GitHub
...
The unixODBC web site (unixodbc.org) seems to be unreachable.
2026-03-07 21:38:22 +01:00
badlop
aa704c0d75
Merge pull request #4540 from sstrigler/overuse_limit
...
fix: set overuse limits
2026-03-06 19:00:24 +01:00
Badlop
bc48fa4c55
CONTRIBUTORS: Add Stefan Strigler
2026-03-06 18:19:26 +01:00
Badlop
2251cb7547
container.yml: Disable the container cleanup action; it's dry anyway
2026-03-06 18:19:23 +01:00
badlop
15b51d7a7b
Merge pull request #4539 from sstrigler/security_fixes
...
Even more security fixes (and other minor things)
2026-03-06 17:23:12 +01:00
Stefan Strigler
5721f77d5a
fix: set overuse limits
...
This is an effort to detect abuse where accounts get created to create more
invites (invite chaining) and so on.
2026-03-06 17:11:09 +01:00
Badlop
fa32fecd97
Update French translation (thanks to Dyxux)
2026-03-06 15:58:37 +01:00
Badlop
e291d84cf8
Update German translation (thanks to Stefan Strigler)
2026-03-06 15:57:20 +01:00
Badlop
934fdcdc5d
Update Bulgarian translation (thanks to Mr. EddX)
2026-03-06 15:56:51 +01:00
Stefan Strigler
eba6868a3f
styling improvements
2026-03-06 15:18:25 +01:00
Stefan Strigler
5bb989d998
invites: bring yaxim back
2026-03-06 15:18:25 +01:00
Stefan Strigler
e9645ffec0
improv(invites): add favicon and change color to match ejabberd branding
2026-03-06 15:18:25 +01:00
Stefan Strigler
179c5c4cbb
feat(invites: enable dark mode
2026-03-06 15:18:25 +01:00
Stefan Strigler
f210803202
fix(invites): no inline scripts
2026-03-06 15:18:25 +01:00
Stefan Strigler
793855ad91
fix(invites): make format csrf token
2026-03-06 15:18:25 +01:00
Stefan Strigler
1a423743af
feat(invites): add support for webchat_url
2026-03-06 15:18:25 +01:00
Stefan Strigler
b8f20fb663
fix(invites): add csrf token to failed post
2026-03-06 15:18:25 +01:00
Stefan Strigler
7b4338e7df
invites: update jquery
2026-03-06 15:18:25 +01:00
Stefan Strigler
e6b1e55705
invites: migrate to bootstrap5
2026-03-06 15:18:25 +01:00
Stefan Strigler
eb784b4026
fix(invites): include js/css deps in static dir
2026-03-06 15:18:25 +01:00
Stefan Strigler
07d363ed0c
fix(invites): correct hashes for bootstrap 4.6.2
2026-03-06 15:18:25 +01:00
Stefan Strigler
8a7cf45d0b
fix(invites): hint at type for landing_page opt
2026-03-06 15:18:25 +01:00
Badlop
d93ece6540
Result of running "make format"
2026-03-06 13:48:21 +01:00
Badlop
2a65a5001d
Bump Erlang/OTP 28.4
2026-03-06 13:47:50 +01:00
Badlop
1ffcd1ce6e
ejabberd_ctl: Document how to set empty lists in ejabberdctl and WebAdmin
2026-03-06 13:47:48 +01:00
Badlop
d5c14406db
mod_roster: Fix display of groups in WebAdmin when it's a list
2026-03-06 13:47:46 +01:00
Badlop
67b87ac892
mod_roster: in WebAdmin page, first execute SET actions, later GET
2026-03-06 13:47:44 +01:00
Holger Weiss
a44f865432
make-binaries: Enable missing crypto features
...
With OTP's --enable-static-nifs, libcrypto features detected by
configure aren't propagated to the static NIF build flags. Work
around this issue by patching OTP's Makefile until the following
PR is merged:
https://github.com/erlang/otp/pull/10817
2026-03-02 22:44:10 +01:00
Pawel Chmielowski
a4ff3f3a65
Make table cleanup in test more robust
2026-02-27 11:31:59 +01:00
Pawel Chmielowski
ca56f11dc6
Add abilty to mark that column can be null in e_sql_schema
2026-02-27 09:47:40 +01:00
badlop
1695385912
Merge pull request #4538 from sstrigler/security_fixes
...
Security fixes
2026-02-26 17:16:40 +01:00
Stefan Strigler
b9e3841186
fix: check CSRF token in register form
2026-02-26 16:22:57 +01:00
Stefan Strigler
0680f6ac5e
fix: add integrity hashes to scripts and css
2026-02-26 15:18:02 +01:00
Stefan Strigler
ff15018b24
fix: comment unused resources
2026-02-26 15:18:02 +01:00
Stefan Strigler
635054007d
fix: add security headers
2026-02-26 15:18:02 +01:00
Stefan Strigler
f1527ba21e
fix: remove debug log of whole query parameters (including pw)
2026-02-26 15:18:02 +01:00