Commit Graph

10527 Commits

Author SHA1 Message Date
Stefan Strigler 427f68daa6 fix(mod_invites): broken path when behind proxy with prefix 2026-03-12 14:34:56 +01:00
Stefan Strigler b15bae267d fix path to bootstrap files 2026-03-12 13:47:52 +01:00
Pawel Chmielowski 6bbed5854a Fix duplicate stanza-id in muc mam responses generated from local history
This fixes issue #4544
2026-03-11 13:03:53 +01:00
Pawel Chmielowski 15661f16c4 Always hide password in mod_http_api log entries 2026-03-10 11:41:06 +01:00
Pawel Chmielowski 54b30cf0c4 Improve transformation code in mod_roster_mnesia 2026-03-10 11:39:29 +01:00
Badlop b7940ba360 Workflows: Don't use jsdelivr mirror: not up-to-date, unnecessary and problematic
* Not up-to-date

jsdelivr takes some days or weeks to get latest erlang versions, compare
  https://builds.hex.pm/builds/otp/arm64/ubuntu-24.04/builds.txt
  https://cdn.jsdelivr.net/hex/builds/otp/arm64/ubuntu-24.04/builds.txt

* Unnecessary

As builds.hex.pm is already geodistributed, there's no need to add mirror
Reference: https://www.hex.pm/docs/mirrors

* Problematic in parallel jobs

The ci.yml workflow is split in separate jobs that run in parallel,
and all of them must use the exact same erlang version.
When using mirrors, different erlang versions may be used...
and then the compiled files require more recompilation, which fail
  ===> Compiling /home/runner/work/ejabberd/ejabberd/c_src/epam.c
  ===> /home/runner/work/ejabberd/ejabberd/c_src/epam.c:18:10: fatal error: security/pam_appl.h: No such file or directory
   18 | #include <security/pam_appl.h>
      |          ^~~~~~~~~~~~~~~~~~~~~

Instead of removing mirrors, an alternative solution would be
to specify exact OTP version: "28.3.2", but then we would need to update
all those strings in ci.yml for every erlang release.
2026-03-10 02:07:41 +01:00
Badlop ee2fd8446a Update Catalan and Spanish translations 2026-03-09 19:26:00 +01:00
Badlop b41a8b0925 Update Czech translation (thanks to hollymrklm) 2026-03-09 19:26:00 +01:00
Badlop 8603cd85db manage-ejabberd: Compile with test profile to get all required deps 2026-03-09 19:25:22 +01:00
Badlop 3a2d1bd12b Makefile: Run invites-deps only when files are missing 2026-03-09 19:24:53 +01:00
Badlop a04ed90e25 Rename target test-eunit to avoid name pattern test-GROUP
Example:
$ make test-eunit
Makefile:696: warning: overriding recipe for target 'test-eunit'
Makefile:692: warning: ignoring old recipe for target 'test-eunit'
...
2026-03-09 19:20:41 +01:00
Holger Weiss 383b498fbb Merge remote-tracking branch 'processone/pr/4542'
* processone/pr/4542:
  make-binaries: Enable missing crypto features
2026-03-09 17:19:34 +01:00
Pawel Chmielowski af3987fc0a Update one more place where store_mam_message hook is triggered 2026-03-09 14:57:28 +01:00
Pawel Chmielowski 9fd1ed34ee Call store_mam_message hook for messages that user_mucsub_from_muc_archive was filtering out
Just adjust mod_mam callback for it to not store them.

This callback is used by mod_push for triggering push, and previous
behaviour did disable pushes for muc messages with that option
enabled.
2026-03-09 14:05:19 +01:00
Holger Weiss a9ae72ba9f make-binaries: Download unixODBC from GitHub
The unixODBC web site (unixodbc.org) seems to be unreachable.
2026-03-07 21:38:22 +01:00
badlop aa704c0d75 Merge pull request #4540 from sstrigler/overuse_limit
fix: set overuse limits
2026-03-06 19:00:24 +01:00
Badlop bc48fa4c55 CONTRIBUTORS: Add Stefan Strigler 2026-03-06 18:19:26 +01:00
Badlop 2251cb7547 container.yml: Disable the container cleanup action; it's dry anyway 2026-03-06 18:19:23 +01:00
badlop 15b51d7a7b Merge pull request #4539 from sstrigler/security_fixes
Even more security fixes (and other minor things)
2026-03-06 17:23:12 +01:00
Stefan Strigler 5721f77d5a fix: set overuse limits
This is an effort to detect abuse where accounts get created to create more
invites (invite chaining) and so on.
2026-03-06 17:11:09 +01:00
Badlop fa32fecd97 Update French translation (thanks to Dyxux) 2026-03-06 15:58:37 +01:00
Badlop e291d84cf8 Update German translation (thanks to Stefan Strigler) 2026-03-06 15:57:20 +01:00
Badlop 934fdcdc5d Update Bulgarian translation (thanks to Mr. EddX) 2026-03-06 15:56:51 +01:00
Stefan Strigler eba6868a3f styling improvements 2026-03-06 15:18:25 +01:00
Stefan Strigler 5bb989d998 invites: bring yaxim back 2026-03-06 15:18:25 +01:00
Stefan Strigler e9645ffec0 improv(invites): add favicon and change color to match ejabberd branding 2026-03-06 15:18:25 +01:00
Stefan Strigler 179c5c4cbb feat(invites: enable dark mode 2026-03-06 15:18:25 +01:00
Stefan Strigler f210803202 fix(invites): no inline scripts 2026-03-06 15:18:25 +01:00
Stefan Strigler 793855ad91 fix(invites): make format csrf token 2026-03-06 15:18:25 +01:00
Stefan Strigler 1a423743af feat(invites): add support for webchat_url 2026-03-06 15:18:25 +01:00
Stefan Strigler b8f20fb663 fix(invites): add csrf token to failed post 2026-03-06 15:18:25 +01:00
Stefan Strigler 7b4338e7df invites: update jquery 2026-03-06 15:18:25 +01:00
Stefan Strigler e6b1e55705 invites: migrate to bootstrap5 2026-03-06 15:18:25 +01:00
Stefan Strigler eb784b4026 fix(invites): include js/css deps in static dir 2026-03-06 15:18:25 +01:00
Stefan Strigler 07d363ed0c fix(invites): correct hashes for bootstrap 4.6.2 2026-03-06 15:18:25 +01:00
Stefan Strigler 8a7cf45d0b fix(invites): hint at type for landing_page opt 2026-03-06 15:18:25 +01:00
Badlop d93ece6540 Result of running "make format" 2026-03-06 13:48:21 +01:00
Badlop 2a65a5001d Bump Erlang/OTP 28.4 2026-03-06 13:47:50 +01:00
Badlop 1ffcd1ce6e ejabberd_ctl: Document how to set empty lists in ejabberdctl and WebAdmin 2026-03-06 13:47:48 +01:00
Badlop d5c14406db mod_roster: Fix display of groups in WebAdmin when it's a list 2026-03-06 13:47:46 +01:00
Badlop 67b87ac892 mod_roster: in WebAdmin page, first execute SET actions, later GET 2026-03-06 13:47:44 +01:00
Holger Weiss a44f865432 make-binaries: Enable missing crypto features
With OTP's --enable-static-nifs, libcrypto features detected by
configure aren't propagated to the static NIF build flags.  Work
around this issue by patching OTP's Makefile until the following
PR is merged:

https://github.com/erlang/otp/pull/10817
2026-03-02 22:44:10 +01:00
Pawel Chmielowski a4ff3f3a65 Make table cleanup in test more robust 2026-02-27 11:31:59 +01:00
Pawel Chmielowski ca56f11dc6 Add abilty to mark that column can be null in e_sql_schema 2026-02-27 09:47:40 +01:00
badlop 1695385912 Merge pull request #4538 from sstrigler/security_fixes
Security fixes
2026-02-26 17:16:40 +01:00
Stefan Strigler b9e3841186 fix: check CSRF token in register form 2026-02-26 16:22:57 +01:00
Stefan Strigler 0680f6ac5e fix: add integrity hashes to scripts and css 2026-02-26 15:18:02 +01:00
Stefan Strigler ff15018b24 fix: comment unused resources 2026-02-26 15:18:02 +01:00
Stefan Strigler 635054007d fix: add security headers 2026-02-26 15:18:02 +01:00
Stefan Strigler f1527ba21e fix: remove debug log of whole query parameters (including pw) 2026-02-26 15:18:02 +01:00