From 7a04971ecde474243a09bb94f2789fad2fd9cc75 Mon Sep 17 00:00:00 2001 From: Dessalines Date: Mon, 3 Jul 2023 17:16:48 -0400 Subject: [PATCH 1/2] Version 0.18.1-rc.9 --- Cargo.lock | 22 +++++++++++----------- Cargo.toml | 22 +++++++++++----------- crates/utils/translations | 2 +- 3 files changed, 23 insertions(+), 23 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ba527f0ac..0e6dc9161 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2573,7 +2573,7 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "lemmy_api" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "actix-web", "anyhow", @@ -2598,7 +2598,7 @@ dependencies = [ [[package]] name = "lemmy_api_common" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "actix-web", "anyhow", @@ -2627,7 +2627,7 @@ dependencies = [ [[package]] name = "lemmy_api_crud" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "activitypub_federation", "actix-web", @@ -2648,7 +2648,7 @@ dependencies = [ [[package]] name = "lemmy_apub" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "activitypub_federation", "actix-web", @@ -2686,7 +2686,7 @@ dependencies = [ [[package]] name = "lemmy_db_schema" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "activitypub_federation", "async-trait", @@ -2723,7 +2723,7 @@ dependencies = [ [[package]] name = "lemmy_db_views" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "diesel", "diesel-async", @@ -2740,7 +2740,7 @@ dependencies = [ [[package]] name = "lemmy_db_views_actor" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "diesel", "diesel-async", @@ -2753,7 +2753,7 @@ dependencies = [ [[package]] name = "lemmy_db_views_moderator" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "diesel", "diesel-async", @@ -2765,7 +2765,7 @@ dependencies = [ [[package]] name = "lemmy_routes" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "activitypub_federation", "actix-web", @@ -2790,7 +2790,7 @@ dependencies = [ [[package]] name = "lemmy_server" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "activitypub_federation", "actix-cors", @@ -2832,7 +2832,7 @@ dependencies = [ [[package]] name = "lemmy_utils" -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" dependencies = [ "actix-web", "anyhow", diff --git a/Cargo.toml b/Cargo.toml index e7ab77090..f73b6b531 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,5 @@ [workspace.package] -version = "0.18.1-rc.4" +version = "0.18.1-rc.9" edition = "2021" description = "A link aggregator for the fediverse" license = "AGPL-3.0" @@ -44,16 +44,16 @@ members = [ ] [workspace.dependencies] -lemmy_api = { version = "=0.18.1-rc.4", path = "./crates/api" } -lemmy_api_crud = { version = "=0.18.1-rc.4", path = "./crates/api_crud" } -lemmy_apub = { version = "=0.18.1-rc.4", path = "./crates/apub" } -lemmy_utils = { version = "=0.18.1-rc.4", path = "./crates/utils" } -lemmy_db_schema = { version = "=0.18.1-rc.4", path = "./crates/db_schema" } -lemmy_api_common = { version = "=0.18.1-rc.4", path = "./crates/api_common" } -lemmy_routes = { version = "=0.18.1-rc.4", path = "./crates/routes" } -lemmy_db_views = { version = "=0.18.1-rc.4", path = "./crates/db_views" } -lemmy_db_views_actor = { version = "=0.18.1-rc.4", path = "./crates/db_views_actor" } -lemmy_db_views_moderator = { version = "=0.18.1-rc.4", path = "./crates/db_views_moderator" } +lemmy_api = { version = "=0.18.1-rc.9", path = "./crates/api" } +lemmy_api_crud = { version = "=0.18.1-rc.9", path = "./crates/api_crud" } +lemmy_apub = { version = "=0.18.1-rc.9", path = "./crates/apub" } +lemmy_utils = { version = "=0.18.1-rc.9", path = "./crates/utils" } +lemmy_db_schema = { version = "=0.18.1-rc.9", path = "./crates/db_schema" } +lemmy_api_common = { version = "=0.18.1-rc.9", path = "./crates/api_common" } +lemmy_routes = { version = "=0.18.1-rc.9", path = "./crates/routes" } +lemmy_db_views = { version = "=0.18.1-rc.9", path = "./crates/db_views" } +lemmy_db_views_actor = { version = "=0.18.1-rc.9", path = "./crates/db_views_actor" } +lemmy_db_views_moderator = { version = "=0.18.1-rc.9", path = "./crates/db_views_moderator" } activitypub_federation = { version = "0.4.4", default-features = false, features = ["actix-web"] } diesel = "2.1.0" diesel_migrations = "2.1.0" diff --git a/crates/utils/translations b/crates/utils/translations index 5a9d44656..f9ed06989 160000 --- a/crates/utils/translations +++ b/crates/utils/translations @@ -1 +1 @@ -Subproject commit 5a9d44656e2658ab7cb2dbec3fd1bfaf57654533 +Subproject commit f9ed0698944cb6d44dc733677a4634b7bc916536 From f0e487f18a29afc0671eaf245801b80c442fdd1c Mon Sep 17 00:00:00 2001 From: Dessalines Date: Mon, 3 Jul 2023 18:02:57 -0400 Subject: [PATCH 2/2] 300 comment limit. (#3306) * 300 comment limit. * Another fix. --- crates/api_common/src/utils.rs | 1 - crates/db_views/src/comment_view.rs | 9 ++++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/crates/api_common/src/utils.rs b/crates/api_common/src/utils.rs index f400cc9a8..fd143ed90 100644 --- a/crates/api_common/src/utils.rs +++ b/crates/api_common/src/utils.rs @@ -670,7 +670,6 @@ pub async fn remove_user_data_in_community( .pool(pool) .creator_id(Some(banned_person_id)) .community_id(Some(community_id)) - .limit(Some(i64::MAX)) .build() .list() .await?; diff --git a/crates/db_views/src/comment_view.rs b/crates/db_views/src/comment_view.rs index 7c33158d6..f3b1f83a8 100644 --- a/crates/db_views/src/comment_view.rs +++ b/crates/db_views/src/comment_view.rs @@ -36,7 +36,7 @@ use lemmy_db_schema::{ post::Post, }, traits::JoinView, - utils::{fuzzy_search, get_conn, limit_and_offset_unlimited, DbPool}, + utils::{fuzzy_search, get_conn, limit_and_offset, DbPool}, CommentSortType, ListingType, }; @@ -340,9 +340,12 @@ impl<'a> CommentQuery<'a> { // This does not work for comment trees, and the limit should be manually set to a high number // // If a max depth is given, then you know its a tree fetch, and limits should be ignored - (i64::MAX, 0) + // TODO a kludge to prevent attacks. Limit comments to 300 for now. + // (i64::MAX, 0) + (300, 0) } else { - limit_and_offset_unlimited(self.page, self.limit) + // limit_and_offset_unlimited(self.page, self.limit) + limit_and_offset(self.page, self.limit)? }; query = match self.sort.unwrap_or(CommentSortType::Hot) {