Commit Graph

189 Commits (4655be0da6c0f9a58f4d09a32189cbe5619c42d1)

Author SHA1 Message Date
Eugen Rochko 5f15a892fa
Add support for libvips in addition to ImageMagick (#30090)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-05 19:15:39 +00:00
Claire 974335e414
Add experimental server-side notification grouping (#29889) 2024-06-03 08:35:59 +00:00
Claire 3fa0dd0b88
Merge pull request from GHSA-c2r5-cfqr-c553
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
2024-05-30 14:24:29 +02:00
Claire b5b84fad65
Fix OpenSearch compatibility issue (#30278) 2024-05-14 17:54:28 +00:00
Matt Jankowski 75470f1256
Use implicit dotenv load (#30121) 2024-04-30 13:00:39 +00:00
renovate[bot] 483fabf48a
Update dependency http to '~> 5.2.0' (#30027)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-04-22 14:02:47 +00:00
Claire 2ef098d01c
Revert "Rely on dotenv autoload instead of explicit call (#30007)" (#30028) 2024-04-22 14:02:24 +00:00
Matt Jankowski 18737aad49
Rely on dotenv autoload instead of explicit call (#30007) 2024-04-22 08:31:20 +00:00
Matt Jankowski f386eb6c63
Replace deprecated `dotenv-rails` gem with `dotenv` gem (#29173) 2024-04-19 14:25:14 +00:00
Jean Boussier 5a6d533c53
Enable Rails 7.1 Marshalling format (#28609) 2024-01-05 21:57:47 +00:00
Claire 393e851649
Change Rails' cache format to 7.0 (#27393) 2023-12-12 12:00:23 +00:00
Matt Jankowski 42afd30324
Replace Sprockets with Propshaft (#28239) 2023-12-06 10:19:24 +00:00
Matt Jankowski a1636fce7f
Move lib/devise/* to lib/devise/strategies/* (#27638) 2023-11-29 10:10:21 +00:00
Matt Jankowski 02d27de5ce
Move i18n locale configuration to separate initializer (#27571) 2023-11-07 15:22:14 +00:00
Matt Jankowski bbad5b6456
Remove false positive cop detection (#27457) 2023-11-07 10:44:15 +00:00
Matt Jankowski 12550a6a28
Use `Rails.env.local?` shorthand method to check env (#27519) 2023-10-26 21:20:41 +00:00
Matt Jankowski 9a3d047f3e
Run `bin/rails app:update` with Rails 7.1 (#27522) 2023-10-25 13:56:09 +00:00
Matt Jankowski e93a75f1a1
Rails 7.1 update (#25963) 2023-10-23 17:58:29 +00:00
Nick Schonning 85db392464
Autofix Rubocop cops for config/ (#24145) 2023-10-03 15:24:12 +02:00
Renaud Chaput b95867ad1f
Allow setting a custom HTTP method in CacheBuster (#26528)
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
Claire f5778caa3a
Add `ES_PRESET` option to customize numbers of shards and replicas (#26483)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 17:46:16 +02:00
Christian Schmidt d76f79f647
Remove obsolete backport from Rails 7 (#26254) 2023-07-29 22:28:05 +02:00
Renaud Chaput 4d1b67f664
Add end-to-end (system) tests (#25461) 2023-07-28 23:09:49 +02:00
Christian Schmidt 296ec6cf57
Override default Action Mailer `preview_path` (#26110) 2023-07-21 21:12:57 +02:00
Matt Jankowski ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Matt Jankowski b786911c55
Fix `Lint/SendWithMixinArgument` cop (#25920) 2023-07-12 10:02:32 +02:00
Nick Schonning 1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Claire dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski 50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Christian Schmidt 5141697323
Remove `tai` locale (#23880) 2023-04-23 22:49:07 +02:00
Eugen Rochko e98c86050a
Refactor `Cache-Control` and `Vary` definitions (#24347) 2023-04-19 16:07:29 +02:00
Claire 5c499f54e3
Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-03 15:05:39 +02:00
Eugen Rochko f0e727f958
Add cache headers to static files served through Rails (#24120) 2023-03-16 02:55:54 +01:00
Nick Schonning 6a5e447753
Address check-i18n warnings (#23313)
* Address check-i18n warnings

* Add language names to language helpers
2023-02-02 10:14:19 +09:00
Yamagishi Kazutoshi f847f67410
Add Western Frisian support (#18602) 2022-12-15 19:03:44 +01:00
Mikhail Paulyshka f80c3d40e8
enable be locale (#22022)
It already has 80+% completion, which is enough for everyday use.
Test instance runs on https://meowstodon.net/
2022-12-07 00:00:56 +01:00
Claire 098ced7420
Remove support for Ruby 2.6 (#21477)
As pointed out by https://github.com/mastodon/mastodon/pull/21297#discussion_r1028372193
at least one of our dependencies already dropped support for Ruby 2.6, and we
had removed Ruby 2.6 tests from the CI over a year ago (#16861).

So stop advertising Ruby 2.6 support, bump targeted version, and drop some
compatibility code.
2022-11-27 20:41:39 +01:00
Eugen Rochko 45ce858fd9
Fix `mailers` queue not being used for mailers (#20274)
Regression since Rails 6.1
2022-11-10 02:31:09 +01:00
gol-cha 8d33189104
Remove Rack::Deflater (#17937)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-08-13 15:40:00 +02:00
Eugen Rochko 44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Eugen Rochko 679b7158e3
Change search indexing to use batches to minimize resource usage (#18451) 2022-05-18 23:29:14 +02:00
Eugen Rochko 3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Eugen Rochko 6e418bf346
Fix cookies secure flag being set when served over Tor (#17992) 2022-04-08 12:47:18 +02:00
Holger 39b489ba4c
fix: `s3_force_single_request` not parsed (#17922) 2022-04-01 23:56:23 +02:00
Claire b07906bdb0
Fix wrong language code for Kurdish languages (#17812) 2022-03-17 01:37:03 +01:00
Eugen Rochko 85b86fe28c
Add global `locale` param (#17464)
- Remove the session-based locale stickyness
2022-02-08 02:34:56 +01:00
Claire 6ba8bc45cb
Add S3_FORCE_SINGLE_REQUEST env var to work around S3 compatibility issues (#16866)
Fixes #16822
2021-10-18 18:29:04 +02:00
gunchleoc 8ce42640e5
Add Northern Kurdish locale as requested by translator. It already has a project started on Crowdin. (#16548) 2021-10-14 21:02:54 +02:00
Claire fc3ae1343d
Switch from unmaintained paperclip to kt-paperclip (#16724)
* Switch from unmaintained paperclip to kt-paperclip

* Drop some compatibility monkey-patches not required by kt-paperclip

* Drop media spoof check monkey-patching

It's broken with kt-paperclip and hopefully it won't be needed anymore

* Fix regression introduced by paperclip 6.1.0

* Do not rely on pathname to call FastImage

* Add test for ogg vorbis file with cover art

* Add audio/vorbis to the accepted content-types

This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…

* Restore missing for_as_default method

* Refactor Attachmentable concern and delay Paperclip's content-type spoof check

Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.

* Please CodeClimate

* Add audio/vorbis to the unreliable set

It doesn't correspond to a file format and thus has no extension associated.
2021-09-29 23:52:36 +02:00