indiekit-server/scripts at 1ad3bae3fc99650f9d74401ecf4e0f3708f1f639 - indiekit-server - Gitea

giersig.eu/indiekit-server

Files

History

Sven 1ad3bae3fc fix(patches): restore lost AP patches and fix broken patch chain

The signatureTimeWindow patch was deleted in e52e98c5c (assumed fixed
in fork), but the lockfile still pins the fork to v2.10.1 which lacks
it. This broke the patch-ap-allow-private-address patch chain: it
expected signatureTimeWindow in its OLD_SNIPPET, never matched, and
silently skipped — leaving the server without both signatureTimeWindow
AND allowPrivateAddress. Without allowPrivateAddress, Fedify's SSRF
guard blocks own-site URL resolution (blog.giersig.eu → 10.100.0.10),
breaking federation delivery.

- Fix patch-ap-allow-private-address to handle fresh v2.10.1 (adds
  both signatureTimeWindow and allowPrivateAddress in one step)
- Restore patch-ap-object-url-trailing-slash (also lost in e52e98c5c)
- Add both patches to postinstall and serve scripts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-18 19:18:40 +01:00

..

patch-ap-allow-private-address.mjs

fix(patches): restore lost AP patches and fix broken patch chain

2026-03-18 19:18:40 +01:00

patch-ap-normalize-nested-tags.mjs

fix(patches): normalize nested tags before syndicating to fediverse

2026-03-16 13:01:36 +01:00

patch-ap-object-url-trailing-slash.mjs

fix(patches): restore lost AP patches and fix broken patch chain

2026-03-18 19:18:40 +01:00

patch-ap-url-lookup-api.mjs

fix: add AP inbox digest patch and AP URL lookup API for fediverse interaction

2026-03-15 15:00:13 +01:00

patch-bluesky-syndicator-internal-url.mjs

fix(patches): rewrite Bluesky syndicator fetch URLs to localhost for jailed setup

2026-03-17 13:19:24 +01:00

patch-conversations-bluesky-cursor-fix.mjs

fix: clear stale Bluesky polling cursor to restore interaction ingestion

2026-03-14 14:46:43 +01:00

patch-conversations-bluesky-self-filter.mjs

fix: unfurl corrupted self-filter patch script, drop webmention-sender backend patch

2026-03-18 08:04:27 +01:00

patch-conversations-collection-guards.mjs

fix(runtime): guard conversations and serviceworker path

2026-03-08 01:03:23 +01:00

patch-endpoint-activitypub-locales.mjs

Patch ActivityPub backend locale fallback for de

2026-03-08 10:58:24 +01:00

patch-endpoint-blogroll-feeds-alias.mjs

fix(rssapi): flatten feedTitle, sourceTitle and author in item response

2026-03-17 09:21:23 +01:00

patch-endpoint-comments-locales.mjs

chore: update comments-locales patch for 1.0.10 template, drop livefetch patch

2026-03-14 23:12:57 +01:00

patch-endpoint-conversations-locales.mjs

fix(i18n): add patch script for /conversations endpoint German locale

2026-03-15 23:21:10 +01:00

patch-endpoint-files-upload-locales.mjs

fix(backend): harden mongo startup and files upload locales

2026-03-08 01:51:18 +01:00

patch-endpoint-files-upload-route.mjs

fix(files): add robust upload fallback in file form template patch

2026-03-08 01:54:35 +01:00

patch-endpoint-github-changelog-categories.mjs

feat(changelog): categorize perf, a11y, docs commits in endpoint-github changelog patch

2026-03-10 16:09:20 +01:00

patch-endpoint-homepage-identity-defaults.mjs

Fix homepage SITE_SOCIAL identity defaults parsing

2026-03-09 21:23:50 +01:00

patch-endpoint-homepage-locales.mjs

fix(homepage): add de locale patch and robust contentDir for saves

2026-03-08 18:34:07 +01:00

patch-endpoint-media-scope.mjs

fix(uploads): patch endpoint-media scope handling

2026-03-08 00:52:50 +01:00

patch-endpoint-media-sharp-runtime.mjs

fix(runtime): make sharp optional on FreeBSD startup

2026-03-08 02:14:16 +01:00

patch-endpoint-micropub-source-filter.mjs

fix: remove broken regex-escape snippet from micropub source-filter patch

2026-03-15 12:03:53 +01:00

patch-endpoint-micropub-where-note-visibility.mjs

feat(where): unlist OwnYourSwarm checkin notes by default

2026-03-08 16:04:18 +01:00

patch-endpoint-podroll-opml-upload.mjs

Add Podroll OPML file upload support

2026-03-09 16:13:27 +01:00

patch-endpoint-posts-ai-cleanup.mjs

fix(patches): silence false warnings for already-applied patches

2026-03-16 20:32:24 +01:00

patch-endpoint-posts-ai-fields.mjs

Optimize AI metadata pipeline for editor and frontmatter

2026-03-09 18:50:24 +01:00

patch-endpoint-posts-fetch-diagnostic.mjs

fix(patches): rewrite micropub self-fetch to localhost for jailed setup

2026-03-16 20:24:46 +01:00

patch-endpoint-posts-locales.mjs

fix(i18n): extend posts locale patch to cover beta.41 and filter/purge/AI keys

2026-03-15 23:28:56 +01:00

patch-endpoint-posts-prefill-url.mjs

fix: pre-fill reference URL when creating post from /news entry

2026-03-14 07:23:36 +01:00

patch-endpoint-posts-search-tags.mjs

fix(patches): silence false-positive warnings for beta.41 native features

2026-03-15 23:36:55 +01:00

patch-endpoint-posts-uid-lookup.mjs

fix(patches): silence false-positive warnings for beta.41 native features

2026-03-15 23:36:55 +01:00

patch-federation-unlisted-guards.mjs

chore: integrate AP patches into fork — remove 3 scripts, trim federation-unlisted-guards

2026-03-13 08:07:36 +01:00

patch-frontend-serviceworker-file.mjs

Hide sidebar when app--minimalui is present on auth views

2026-03-08 05:20:39 +01:00

patch-frontend-sharp-runtime.mjs

fix(runtime): make sharp optional on FreeBSD startup

2026-03-08 02:14:16 +01:00

patch-inbox-ignore-view-activity.mjs

fix(patches): restore PeerTube View patches and add fetch diagnostic

2026-03-16 20:14:26 +01:00

patch-inbox-skip-view-activity-parse.mjs

fix(patches): preserve raw body bytes for Fedify HTTP Signature verification

2026-03-18 18:34:02 +01:00

patch-indieauth-devmode-guard.mjs

Integrate Cloudron security patch patterns into runtime patch pipeline

2026-03-08 05:32:47 +01:00

patch-indiekit-error-production-stack.mjs

Integrate Cloudron security patch patterns into runtime patch pipeline

2026-03-08 05:32:47 +01:00

patch-indiekit-routes-rate-limits.mjs

Integrate Cloudron security patch patterns into runtime patch pipeline

2026-03-08 05:32:47 +01:00

patch-lightningcss.mjs

feat(indiekit): add rmdes page post type and endpoint posts

2026-03-07 23:47:30 +01:00

patch-listening-endpoint-runtime-guards.mjs

Require token for Funkwhale scope=me sync

2026-03-09 19:51:57 +01:00

patch-micropub-ai-block-resync.mjs

fix: force one-time ai: block resync for posts with stale files

2026-03-12 09:03:22 +01:00

patch-micropub-fetch-internal-url.mjs

fix(patches): extend internal URL rewrite to auth, token, and media endpoints

2026-03-16 20:40:59 +01:00

patch-microsub-reader-ap-dispatch.mjs

fix: never auto-check Mastodon syndicator for like/repost compose actions

2026-03-12 14:03:37 +01:00

patch-preset-eleventy-ai-frontmatter.mjs

fix(patches): silence false-positive warnings for beta.41 native features

2026-03-15 23:36:55 +01:00

patch-syndicate-force-checked-default.mjs

feat: default ActivityPub syndication when force-syndicating from backend

2026-03-15 14:02:52 +01:00

patch-webmention-sender-empty-details.mjs

fix(webmention-sender): show 'no external links' message for empty detail rows

2026-03-18 08:33:29 +01:00

patch-webmention-sender-livefetch.mjs

fix(patches): correct template literal escaping in livefetch patch

2026-03-18 17:41:47 +01:00

patch-webmention-sender-reset-stale.mjs

fix(patches): bump stale-reset migration to v8

2026-03-18 17:52:56 +01:00

patch-webmention-sender-retry.mjs

chore(patches): restore webmention-sender-retry patch and add to postinstall

2026-03-18 11:57:52 +01:00

preflight-activitypub-profile-urls.mjs

Normalize ActivityPub profile URLs to fix WebFinger invalid URL

2026-03-08 11:16:17 +01:00

preflight-activitypub-rsa-key.mjs

Ensure ActivityPub outbox requests are RSA-signed

2026-03-08 11:23:54 +01:00

preflight-mongo-connection.mjs

fix(backend): harden mongo startup and files upload locales

2026-03-08 01:51:18 +01:00

preflight-production-security.mjs

Add safe password setup recovery mode

2026-03-08 04:05:06 +01:00