Commit Graph

12148 Commits (f186e0c91cd378b9024c71a501d2217111ac5e3d)

Author SHA1 Message Date
Yamagishi Kazutoshi fa75deb231
Add Security Policy (#13946) 2020-06-03 08:32:23 +02:00
Eugen Rochko 5d8398c8b8
Add E2EE API (#13820) 2020-06-02 19:24:53 +02:00
ThibG 9b7e3b4774
Fix mastodon:setup not running properly when some environment variables are set (#13928)
When using one of the docker-compose containers, mastodon:setup will use the
existing .env.production rather than the generated one during the setup steps.

This is because dotenv does not overwrite env variables that are alreayd
defined, and the docker-compose.yml file loads the environment variables
from .env.production.
2020-06-02 13:57:21 +02:00
Yamagishi Kazutoshi f96a891853
Fix ref attr for react-textarea-autozsize (#13936) 2020-06-02 03:24:04 +02:00
dependabot-preview[bot] d9b9c9732f
Bump react-textarea-autosize from 7.1.2 to 8.0.1 (#13901)
Bumps [react-textarea-autosize](https://github.com/Andarist/react-textarea-autosize) from 7.1.2 to 8.0.1.
- [Release notes](https://github.com/Andarist/react-textarea-autosize/releases)
- [Changelog](https://github.com/Andarist/react-textarea-autosize/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Andarist/react-textarea-autosize/compare/v7.1.2...react-textarea-autosize@8.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 05:13:13 +09:00
dependabot-preview[bot] f86e70e08d
Bump faker from 2.11.0 to 2.12.0 (#13911)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.11.0...v2.12.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:55:20 +09:00
dependabot-preview[bot] 53d056e8e9
Bump autoprefixer from 9.7.6 to 9.8.0 (#13903)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.6 to 9.8.0.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.6...9.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:55:06 +09:00
dependabot-preview[bot] 96a327dd7e
Bump file-loader from 5.1.0 to 6.0.0 (#13899)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.1.0 to 6.0.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.1.0...v6.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:53:21 +09:00
dependabot-preview[bot] 360aae27a4
Bump rdf from 3.1.1 to 3.1.2 (#13926)
Bumps [rdf](https://github.com/ruby-rdf/rdf) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/rdf/releases)
- [Changelog](https://github.com/ruby-rdf/rdf/blob/develop/CHANGES.md)
- [Commits](https://github.com/ruby-rdf/rdf/compare/3.1.1...3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:51:16 +09:00
dependabot-preview[bot] 7f849c74c4
Bump json-ld-preloaded from 3.1.2 to 3.1.3 (#13923)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.2...3.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:50:02 +09:00
dependabot-preview[bot] d704e7904c
Bump color from 3.1.0 to 3.1.2 (#13917)
Bumps [color](https://github.com/Qix-/color) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/Qix-/color/releases)
- [Commits](https://github.com/Qix-/color/compare/3.1.0...3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:48:12 +09:00
dependabot-preview[bot] 25c1a888ef
Bump tty-screen from 0.7.1 to 0.8.0 (#13915)
Bumps [tty-screen](https://github.com/piotrmurach/tty-screen) from 0.7.1 to 0.8.0.
- [Release notes](https://github.com/piotrmurach/tty-screen/releases)
- [Changelog](https://github.com/piotrmurach/tty-screen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-screen/compare/v0.7.1...v0.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:48:00 +09:00
dependabot-preview[bot] 6b422cefae
Bump responders from 3.0.0 to 3.0.1 (#13914)
Bumps [responders](https://github.com/heartcombo/responders) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/heartcombo/responders/releases)
- [Changelog](https://github.com/heartcombo/responders/blob/master/CHANGELOG.md)
- [Commits](https://github.com/heartcombo/responders/compare/v3.0.0...v3.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:46:09 +09:00
dependabot-preview[bot] 79e7b95e73
Bump minipass-pipeline from 1.2.2 to 1.2.3 (#13912)
Bumps minipass-pipeline from 1.2.2 to 1.2.3.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:45:11 +09:00
dependabot-preview[bot] ff4b2b6ec9
Bump postgres-date from 1.0.3 to 1.0.5 (#13910)
Bumps [postgres-date](https://github.com/bendrucker/postgres-date) from 1.0.3 to 1.0.5.
- [Release notes](https://github.com/bendrucker/postgres-date/releases)
- [Commits](https://github.com/bendrucker/postgres-date/compare/v1.0.3...v1.0.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:44:46 +09:00
dependabot-preview[bot] 3cb9bd16d0
Bump esquery from 1.0.1 to 1.3.1 (#13907)
Bumps [esquery](https://github.com/estools/esquery) from 1.0.1 to 1.3.1.
- [Release notes](https://github.com/estools/esquery/releases)
- [Commits](https://github.com/estools/esquery/compare/v1.0.1...v1.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:44:23 +09:00
dependabot-preview[bot] f28053d7f9
Bump webpack-bundle-analyzer from 3.7.0 to 3.8.0 (#13909)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.7.0...v3.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:44:10 +09:00
dependabot-preview[bot] 9b53ffe486
Bump http-proxy from 1.18.0 to 1.18.1 (#13908)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:43:51 +09:00
dependabot-preview[bot] 1b556caca4
Bump eslint-plugin-react from 7.19.0 to 7.20.0 (#13906)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.19.0 to 7.20.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.19.0...v7.20.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:41:37 +09:00
dependabot-preview[bot] 9fe02bc962
Bump regjsgen from 0.5.1 to 0.5.2 (#13902)
Bumps [regjsgen](https://github.com/bnjmnt4n/regjsgen) from 0.5.1 to 0.5.2.
- [Release notes](https://github.com/bnjmnt4n/regjsgen/releases)
- [Commits](https://github.com/bnjmnt4n/regjsgen/compare/0.5.1...0.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:41:08 +09:00
dependabot-preview[bot] 70668488e7
Bump node-releases from 1.1.56 to 1.1.57 (#13898)
Bumps [node-releases](https://github.com/chicoxyzzy/node-releases) from 1.1.56 to 1.1.57.
- [Release notes](https://github.com/chicoxyzzy/node-releases/releases)
- [Commits](https://github.com/chicoxyzzy/node-releases/compare/v1.1.56...v1.1.57)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:39:57 +09:00
dependabot-preview[bot] c1d41ea6a9
Bump aws-sigv4 from 1.1.3 to 1.1.4 (#13916)
Bumps [aws-sigv4](https://github.com/aws/aws-sdk-ruby) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sigv4/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.1.3...1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:38:52 +09:00
dependabot-preview[bot] 9b41525529
Bump fugit from 1.3.5 to 1.3.6 (#13918)
Bumps [fugit](https://github.com/floraison/fugit) from 1.3.5 to 1.3.6.
- [Release notes](https://github.com/floraison/fugit/releases)
- [Changelog](https://github.com/floraison/fugit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/floraison/fugit/compare/v1.3.5...v1.3.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:38:29 +09:00
dependabot-preview[bot] a9cad703f8
Bump @babel/preset-env from 7.9.6 to 7.10.2 (#13920)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.9.6 to 7.10.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.10.2/packages/babel-preset-env)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:37:53 +09:00
dependabot-preview[bot] a0e3e20642
Bump coderay from 1.1.2 to 1.1.3 (#13921)
Bumps [coderay](https://github.com/rubychan/coderay) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/rubychan/coderay/releases)
- [Changelog](https://github.com/rubychan/coderay/blob/master/Changes.textile)
- [Commits](https://github.com/rubychan/coderay/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:37:30 +09:00
dependabot-preview[bot] b94333c167
Bump parser from 2.7.1.2 to 2.7.1.3 (#13922)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.2 to 2.7.1.3.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.2...v2.7.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:36:10 +09:00
dependabot-preview[bot] 0c5bf954e6
Bump browser from 4.1.0 to 4.2.0 (#13924)
Bumps [browser](https://github.com/fnando/browser) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v4.1.0...v4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:35:03 +09:00
dependabot-preview[bot] 8d9c12cb2f
Bump aws-partitions from 1.320.0 to 1.322.0 (#13927)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.320.0 to 1.322.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:34:11 +09:00
ThibG f328f2faa3
Merge pull request #1347 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2020-06-01 19:41:33 +02:00
Christopher Choi c225ac8b9e [Glitch] Adjust flash alert contrast for better readability
Port b4a8400afd to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-06-01 18:31:45 +02:00
Brian C. Lindner a8559458c3 [Glitch] Allow Ctrl-click to keep EmojiPicker window open
Port 64154c5161 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-06-01 18:31:42 +02:00
Thibaut Girka 89de02f7aa Merge branch 'master' into glitch-soc/merge-upstream 2020-06-01 18:21:43 +02:00
ariasuni 1f94f4009e Improve appearance of notification cleaning UI
- Use smaller font-size for consistency with the rest of the UI
- Make better use of the horizontal space when available
2020-06-01 12:28:27 +02:00
ThibG 51ff679b9d
Fix admin page crashing when trying to block an invalid domain name (#13884)
* Fix admin page crashing when trying to block an invalid domain name

Fixes #13880

* Fix trailing and leading spaces not being properly stripped for domain blocks
2020-06-01 03:47:20 +02:00
ThibG eeddb1a624
Fix unsent toot confirmation dialog not popping up in single column (#13888) 2020-05-31 20:38:56 +02:00
Christopher Choi b4a8400afd
Adjust flash alert contrast for better readability (#13892) 2020-05-31 20:35:18 +02:00
Brian C. Lindner 64154c5161
Allow Ctrl-click to keep EmojiPicker window open (#13896) 2020-05-31 20:34:34 +02:00
Thibaut Girka 18f2c39074 Hide local-only pinned toots from public profiles
Fixes #1336

This also fixes federating pinned toots when some of them are local-only.

Public profiles will not show public toots, whether you are logged in
or not (this is consistent with local-only toots that are not pinned).
2020-05-31 17:20:15 +02:00
Thibaut Girka ddcd9fe9f0 Fix backup archive including outgoing-only content warnings 2020-05-30 18:27:00 +02:00
Thibaut Girka 9e04b9d8df Add support for setting Content Warning for CW-less outgoing toots 2020-05-30 18:27:00 +02:00
Thibaut Girka 041c769182 Move glitch-specific ruby-side locales to their own files 2020-05-30 12:54:17 +02:00
ThibG 491588f6b4
Merge pull request #1341 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2020-05-29 22:13:06 +02:00
ThibG 9707dbee6f [Glitch] Fix timeline markers in Firefox
Port cc650bc023 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-05-29 20:02:30 +02:00
ThibG 9bd30b8dd5 [Glitch] Fix timeline markers not working on Chrome
Port 5aff2a6957 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-05-29 20:02:30 +02:00
Thibaut Girka 60b43050cb Merge branch 'master' into glitch-soc/merge-upstream 2020-05-29 19:27:21 +02:00
ThibG cc650bc023
Fix timeline markers in Firefox (regression from #13887) (#13889)
Unfortunately, Firefox does not support the `keepalive` parameter
I used in the previous PR. However it supports the `navigator.sendBeacon`
API that allows that kind of things, but does not allow setting headers.

Therefore, this PR replaces it with a `sendBeacon` call that passes the
bearer token in the POST data.

Doorkeeper will then handle the auth token out of the box, as long as
it is passed as form data. Passing the query as JSON does not work.
2020-05-29 19:25:57 +02:00
ThibG 5aff2a6957
Fix timeline markers not working on Chrome (#13887)
* Periodically save timeline markers

This saves timeline markers immediately upon message arrival, but not more
than once every 5 minutes.

This does not change how the markers are saved on closing the window,
except that it avoids submitting them if there is no need for it.

* Use the Fetch API when possible instead of XHR on window unload
2020-05-29 16:14:16 +02:00
dependabot-preview[bot] 8bbc81c71e
[Security] Bump kaminari from 1.2.0 to 1.2.1 (#13886)
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.2.0 to 1.2.1. **This update includes a security fix.**
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.2.0...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 23:50:24 +02:00
dependabot-preview[bot] 82119a4f7c
Bump is-promise from 2.1.0 to 2.2.2 (#13870)
Bumps [is-promise](https://github.com/then/is-promise) from 2.1.0 to 2.2.2.
- [Release notes](https://github.com/then/is-promise/releases)
- [Commits](https://github.com/then/is-promise/compare/v2.1.0...2.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 23:44:53 +09:00
dependabot-preview[bot] e4efe02d99
Bump react-transition-group from 2.5.2 to 2.9.0 (#13860)
Bumps [react-transition-group](https://github.com/reactjs/react-transition-group) from 2.5.2 to 2.9.0.
- [Release notes](https://github.com/reactjs/react-transition-group/releases)
- [Changelog](https://github.com/reactjs/react-transition-group/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reactjs/react-transition-group/compare/v2.5.2...v2.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 23:38:51 +09:00