Clients have access to the database schema name directly now via the
config.

This allows clients to choose different localization strategies, and
generally provides more fle...

Allows clients to change behavior when the dev command line flag is
passed into the binary.

Allows client applications to save arbitrary data onto the session.

Follows are now locally tested to be successful.

Need to modify the app's example note-fetching...

Not yet tested.

Not yet tested in the wild.

Fetches follow requests from the local & federated tables that have no
Accept and no Reject acti...

Updating the example application to manage followers, I believe that the
ActivityStreams logic w...

Add ServerConfig.HttpsPort

Sanitize content and summary XML fields (possible XSS)

Login handler relies on email address

Fix nil pointer with enforceOneRow

Fix spelling

This option specifies the port to serve HTTPS requests on.

This happens if the mail address does not exist in the database

that is why we have to ensure that the mail address is unique too

The session is also cleared in the case when the reuqest is not
authenticated.

The configuration was auto-generating digest algorithms as if they were
signing/verifying algori...

Plus a bugfix in the users service with improperly casting the Actor
instead of unwrapping the A...

This showcases the ability of the application to run arbitrary SQL to
obtain ActivityStreams dat...

This ensure that, when there is an expired credential that cannot be
deleted, the session is sti...

Required refactoring the way these handlers were registered, but they
now support pagination.

Cleaned up the helpers in the example application, and ensured that the
POST and GET for inbox/o...

Ensures the browser is able to be registered as a proper OAuth2 client
without clashing with ano...

Prepare for changes supporting first-party dynamic client registration.

Otherwise browsers will reject the cookie. It should be an attribute
normally enabled for any ot...

The retrier and oauth servers now use a SafeStartStop type, which
provides guarantees about peri...

Also fixed token info tests creating empty tokens.

Refactored the OAuth2 endpoints to flow properly, in context of having a
"website" that acts as ...

Further changes are needed for proper PKCE support at the db level.

This involved renaming the package to use the correct module reference,
as well as finally being...

Allow fetching the instance actor using the Data service.

This allows the URLs to correctly fetch these collection pages. We had
to introduce the code to ...

This was causing a subtle bug in init-db commands, where the actor being
generated was pointing ...

The instance-actor-specific behavior was improperly returning the user
behavior types instead.

This allows handlers to fetch the actors' ActivityStreams
representations themselves.

This allows the development server to create and serve data for testing
purposes solely over HTT...

This will let us use scheme-specific variants of handlers.

The gorilla/mux package had a bug with the handling of schemes that was
fixed with 1.8.0, which ...

This should make it clearer that the Application interface must be
implemented, while the C2S an...

These don't have interesting content at the moment, but provide a basis
to render some bland HTM...

These are quality of life changes to support easier debugging of the
templates.

The framework was improperly serving it under /, swamping all other
pattern matches.

Furthermor...

There was a bug where the HTTPS server was attempted to be started
instead.