Commit Graph

10096 Commits (c4ae7aab6f9f66073b0200a837652df5942e9b7b)

Author SHA1 Message Date
dependabot-preview[bot] 9521cacd40 [Security] Bump lodash from 4.17.11 to 4.17.13 (#11287)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.13. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
ThibG 9f67e3b9cc Fix Status.remote scope matching *all* statuses (#11265) 2019-07-15 00:48:50 +02:00
dependabot-preview[bot] c40d47b8e0 Bump faker from 1.9.3 to 1.9.6 (#11259)
Bumps [faker](https://github.com/stympy/faker) from 1.9.3 to 1.9.6.
- [Release notes](https://github.com/stympy/faker/releases)
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stympy/faker/compare/v1.9.3...1.9.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] 2f441876c7 Bump simplecov from 0.16.1 to 0.17.0 (#11260)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] 23978df143 Bump aws-sdk-s3 from 1.43.0 to 1.45.0 (#11262)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.43.0 to 1.45.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.43.0...v1.45.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] 4ea8f2189c Bump tzinfo-data from 1.2019.1 to 1.2019.2 (#11258)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2019.1 to 1.2019.2.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.1...v1.2019.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] 16340cb6ef Bump eslint-plugin-react from 7.12.1 to 7.14.2 (#11253)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.12.1 to 7.14.2.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.12.1...v7.14.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] 9699506dc4 Bump @babel/plugin-proposal-class-properties from 7.4.4 to 7.5.0 (#11254)
Bumps [@babel/plugin-proposal-class-properties](https://github.com/babel/babel) from 7.4.4 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.4.4...v7.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] ed43922483 Bump compression-webpack-plugin from 2.0.0 to 3.0.0 (#11224)
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin) from 2.0.0 to 3.0.0.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v2.0.0...v3.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] 2fa85ead32 Bump intl-relativeformat from 2.2.0 to 6.4.2 (#11255)
Bumps [intl-relativeformat](https://github.com/formatjs/formatjs) from 2.2.0 to 6.4.2.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@2.2.0...intl-relativeformat@6.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
dependabot-preview[bot] ea0c09e4fb Bump react-redux from 6.0.1 to 7.1.0 (#11256)
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 6.0.1 to 7.1.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v6.0.1...v7.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-15 00:48:50 +02:00
ThibG bd77fd6ff3 Fix BackupService crashing when an attachment is missing (#11241)
* Fix BackupService crashing when an attachment is missing

For various reasons such as admin error or out-of-sync media and
database backups, it might be possible for local attachments to be lost.

This commit allows the BackupService to continue its work even if some media
file is missing.

* Change error message
2019-07-15 00:48:49 +02:00
Georg Gadinger b073008282 Update fuubar dependency to 2.4.1 (#11248)
See also: thekompanee/fuubar#111
2019-07-15 00:48:49 +02:00
Thibaut Girka 1b074d2a50 Add link to edit each listed filter 2019-07-15 00:48:28 +02:00
Thibaut Girka f7fa11c4cd Make some strings translatable 2019-07-15 00:48:28 +02:00
Thibaut Girka fc8577cf2b Minor refactoring 2019-07-15 00:48:28 +02:00
Thibaut Girka 707b8d7d75 Move the “Show why” button inline 2019-07-15 00:48:28 +02:00
Thibaut Girka 85f3bc1ab3 Implement feature to add filtered phrases to content warnings 2019-07-15 00:48:28 +02:00
Thibaut Girka 42b59b730b Implement option to completely hide filtered toots 2019-07-15 00:48:28 +02:00
Thibaut Girka 16b79a6237 Add options to configure filtering behavior 2019-07-15 00:48:28 +02:00
Thibaut Girka bde7a415b9 Add a way to know why a status has been filtered, and show it anyway 2019-07-15 00:48:28 +02:00
Thibaut Girka e9fac2def9 Do not keep polls pre-filled in thread mode 2019-07-15 00:41:09 +02:00
Thibaut Girka e0bfa685c6 Fix error boundary CSS 2019-07-15 00:28:31 +02:00
PatOnTheBack 2ea4dbb035 Bump handlebars from 4.1.0 to 4.1.2 (#11293)
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.1.0 to 4.1.2.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.0...v4.1.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-07-14 14:05:11 +09:00
dependabot-preview[bot] 6af0c955e1 Bump rubocop-rails from 2.0.1 to 2.2.0 (#11257)
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.0.1 to 2.2.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.0.1...v2.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-13 23:52:08 +09:00
Eugen Rochko 6ff67be0f6
Add a spam check (#11217)
* Add a spam check

* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance

* Add more tests

* Add exemption when the message is a reply to something that mentions the sender

* Use Nilsimsa Compare Value instead of Levenshtein distance

* Use MD5 for messages shorter than 10 characters

* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account

* Expire spam check data after 3 months

* Add support for local statuses, reduce expiration to 1 week, always create a report

* Add content warnings to the spam check and exempt empty statuses

* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check

* Add all matched statuses into automatic report
2019-07-13 16:45:50 +02:00
han@highemelry 402302776c Change the retry limit in error of web push notification (#11292)
- Change the maximum count of retry for web push notification (Default -> 5).
   - In case of high load of subscribe server, the retries will be repeated many times.
   - Because the retries occupy the default queue, maximum retry count should be reduced.
2019-07-12 18:46:21 +02:00
Eugen Rochko 5bf67ca913
Add ActivityPub secure mode (#11269)
* Add HTTP signature requirement for served ActivityPub resources

* Change `SECURE_MODE` to `AUTHORIZED_FETCH`

* Add 'Signature' to 'Vary' header and improve code style

* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
ThibG 4e1260feaa Fix BlockService trying to reject incorrect follow request (#11288)
Fixes #11148
2019-07-11 14:50:27 +02:00
Eugen Rochko 4e8dcc5dbb
Add HTTP signatures to all outgoing ActivityPub GET requests (#11284) 2019-07-11 14:49:55 +02:00
dependabot-preview[bot] a6dc6a242f [Security] Bump lodash from 4.17.11 to 4.17.13 (#11287)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.13. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-11 06:33:07 +02:00
Thibaut Girka 0baaee495f Fix report dialog crashing when a toot gets deleted
Fixes #1155
2019-07-10 19:53:31 +02:00
Eugen Rochko 5d3feed191
Refactor fetching of remote resources (#11251) 2019-07-10 18:59:28 +02:00
ThibG d04c584159 Drop magic-public-key from webfinger replies as it's only used for OStatus (#11280) 2019-07-10 17:10:43 +02:00
ThibG 85eb418e1f Fix handling of webfinger redirects in ResolveAccountService (#11279) 2019-07-10 17:10:12 +02:00
ThibG 27ad4c1501 Fix old migration script depending on the StreamEntry model (#11278) 2019-07-10 17:09:10 +02:00
Eugen Rochko 6172263a63
Fix activity being rendered within activity due to caching (#11271)
Fix #11270
2019-07-10 00:43:30 +02:00
Eugen Rochko 4e92183227
Refactor domain block checks (#11268) 2019-07-09 03:27:35 +02:00
ThibG 1e7187f2a8 Fix Status.remote scope matching *all* statuses (#11265) 2019-07-08 18:17:22 +02:00
Eugen Rochko ef15246397
Remove unused remote unfollow controller (#11250) 2019-07-08 12:04:06 +02:00
Eugen Rochko 63c7fe8e48
Refactor controllers for statuses, accounts, and more (#11249) 2019-07-08 12:03:45 +02:00
dependabot-preview[bot] f14776475d Bump faker from 1.9.3 to 1.9.6 (#11259)
Bumps [faker](https://github.com/stympy/faker) from 1.9.3 to 1.9.6.
- [Release notes](https://github.com/stympy/faker/releases)
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stympy/faker/compare/v1.9.3...1.9.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:29:00 +09:00
dependabot-preview[bot] d76ca8964c Bump simplecov from 0.16.1 to 0.17.0 (#11260)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:28:33 +09:00
dependabot-preview[bot] 01ee35f14a Bump aws-sdk-s3 from 1.43.0 to 1.45.0 (#11262)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.43.0 to 1.45.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.43.0...v1.45.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:26:41 +09:00
dependabot-preview[bot] f935004a74 Bump tzinfo-data from 1.2019.1 to 1.2019.2 (#11258)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2019.1 to 1.2019.2.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.1...v1.2019.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:26:12 +09:00
dependabot-preview[bot] d0b40ae7dd Bump eslint-plugin-react from 7.12.1 to 7.14.2 (#11253)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.12.1 to 7.14.2.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.12.1...v7.14.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:25:20 +09:00
dependabot-preview[bot] 76d5fd1c5c Bump @babel/plugin-proposal-class-properties from 7.4.4 to 7.5.0 (#11254)
Bumps [@babel/plugin-proposal-class-properties](https://github.com/babel/babel) from 7.4.4 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.4.4...v7.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:24:38 +09:00
dependabot-preview[bot] 1a8bbcdca4 Bump compression-webpack-plugin from 2.0.0 to 3.0.0 (#11224)
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin) from 2.0.0 to 3.0.0.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v2.0.0...v3.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 16:49:47 +09:00
dependabot-preview[bot] 6a313f872a Bump intl-relativeformat from 2.2.0 to 6.4.2 (#11255)
Bumps [intl-relativeformat](https://github.com/formatjs/formatjs) from 2.2.0 to 6.4.2.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@2.2.0...intl-relativeformat@6.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 16:49:26 +09:00
dependabot-preview[bot] 239befc6e8 Bump react-redux from 6.0.1 to 7.1.0 (#11256)
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 6.0.1 to 7.1.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v6.0.1...v7.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 16:48:44 +09:00