Commit Graph

2158 Commits (6b4c182806b141d432f4e25a194e15aacb421128)

Author SHA1 Message Date
Claire 2e49bc97b0 Merge commit '7720c684c5bf54e73e8815defe15473777d1c201' into glitch-soc/merge-upstream 2024-03-15 12:20:32 +01:00
Matt Jankowski 7720c684c5
Move common module inclusion in sub classes to `ActivityPub::BaseController` (#29560) 2024-03-15 10:40:21 +00:00
Claire e91ede5be6 Merge commit 'df6086d4027910fb160d531b4fe7ffdec26b0cd7' into glitch-soc/merge-upstream 2024-03-14 17:27:16 +01:00
Matt Jankowski f9100743ec
Add `Api::ErrorHandling` concern for api/base controller (#29574) 2024-03-14 09:09:47 +00:00
Claire 65ca37bbaa Merge commit 'a32a126cac42c73236236b5a9bd660765b9c58ee' into glitch-soc/merge-upstream
Conflicts:
- `spec/lib/sanitize/config_spec.rb`:
  Conflict due to glitch-soc having factored the file differently.
  Ported upstream's changes.
2024-03-13 20:14:18 +01:00
Claire 06881a8669 Merge commit '2c0441acd7f943a9873b650cf75d33c73d545acf' into glitch-soc/merge-upstream 2024-03-13 19:16:47 +01:00
Matt Jankowski c09b8a7164
Add `Account.without_internal` scope (#29559)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-03-13 14:11:23 +00:00
Matt Jankowski 9754967d5f
Move `pagination_max_id` and `pagination_since_id` into api/base controller (#28844) 2024-03-13 08:51:44 +00:00
Claire a5127d0ef8 Merge commit '24319836de6046fb2985ec1a24c30ad7d47584d7' into glitch-soc/merge-upstream
Conflicts:
- `config/routes/api.rb`:
  glitch-soc has an extra `:destroy` action on notifications for historical reasons.
  Kept it for now, while otherwise updating as upstream did.
2024-03-11 17:29:07 +01:00
Eugen Rochko c10bbf5fe3
Add notification policies and notification requests in web UI (#29433) 2024-03-11 15:02:21 +00:00
Eugen Rochko 5b3a8737d6
Add hints for rules (#29539) 2024-03-11 08:57:07 +00:00
Eugen Rochko 50b17f7e10
Add notification policies and notification requests (#29366) 2024-03-07 14:53:37 +00:00
Claire 4d7e7cc562 Merge commit '6dfe318f34d69066dc0f453a228fdfc6af84b62e' into glitch-soc/merge-upstream 2024-02-29 18:24:47 +01:00
Matt Jankowski eb1b8f69de
Allow pagination `Link` headers on API accounts/statuses when pinned true (#29442) 2024-02-29 14:21:56 +00:00
Claire a482932649 Merge commit '6f7615ba86afda56e1d661442286a1d68467a525' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/application_controller.rb`:
  Not a real conflict, upstream fixed a bug in a line adjacent to code
  modified by glitch-soc.
  Ported upstream's change.
2024-02-27 19:20:57 +01:00
zunda a30cdfd4d4
Specify 410 for code when responding as json while self-destruction (#29420) 2024-02-26 22:43:07 +00:00
Claire d2cfc6e5e2 Merge commit '08342ad40c1b92caf873282190efe8533a7d6e2e' into glitch-soc/merge-upstream 2024-02-24 15:02:28 +01:00
Claire ef3d15554b Merge commit 'c645490d553124d800d30488595f7d2d9d61584d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept glitch-soc's README.
- `app/models/account.rb`:
  Not a real conflict, upstream updated some lines textually adjacent
  to glitch-soc-specific lines.
  Ported upstream's changes.
2024-02-24 14:46:14 +01:00
Claire ab2f0daa10 Merge commit 'aaa58d4807377e04649499ebee91757b16b9a007' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-security.yml`:
  Changes were already cherry-picked and adapted in glitch-soc.
  Kept glitch-soc's version.
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
2024-02-24 14:27:43 +01:00
Matt Jankowski 785e2f9399
Add scope `providing_styles` to `UserRole` (#29286) 2024-02-20 09:18:05 +00:00
Claire e7ca82762d Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:12:59 +01:00
Claire d4d0565b0f
Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 21:49:45 +00:00
Claire 53b73ed6a2 Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:25:15 +01:00
Claire b31af34c97
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Claire 7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 2024-02-07 13:35:37 +00:00
Claire eeabf9af72
Fix compatibility with Redis <6.2 (#29123) 2024-02-07 11:52:38 +00:00
Matt Jankowski 2f19ddd1fa
Move status serializer error handling to private method (#29031) 2024-02-06 14:54:26 +00:00
Matt Jankowski 93a5b3f9df
Move status serializer chooser to private method (#29030) 2024-02-06 13:33:42 +00:00
Matt Jankowski 0877f6fda4
Remove redundant `return` in `IntentsController` (#29099) 2024-02-06 12:56:22 +00:00
Matt Jankowski 4cf07ed78c
Add missing action logging to `api/v1/admin/reports#update` (#29044) 2024-02-06 11:34:11 +00:00
Claire ff58ec0103 Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:57:08 +01:00
Claire 1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Claire bf153b384b Merge commit '42ab855b2339c5cea3229c856ab539f883736b12' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/auth/passwords_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
2024-01-27 19:06:41 +01:00
Claire dd7a66949a Fix CSS loading in redirect controller 2024-01-26 21:04:02 +01:00
Claire 5fa2821853 Merge commit '3205a654caf903002c2db872f802a3332201678b' into glitch-soc/merge-upstream 2024-01-26 20:47:20 +01:00
Claire 70de52c297 Merge commit '7a1f087659204e9d0cbba2de37e45b1921cefe20' into glitch-soc/merge-upstream 2024-01-25 19:51:19 +01:00
Matt Jankowski 42ab855b23
Add specs for `Instance` model scopes and add `with_domain_follows` scope (#28767) 2024-01-25 15:28:27 +00:00
Matt Jankowski 17ea22671d
Fix `Style/GuardClause` cop in app/controllers (#28420) 2024-01-25 15:13:41 +00:00
Matt Jankowski 7c9c6c7f80
Fix remaining `Rails/WhereExists` cop violations, regenerate todo (#28892) 2024-01-25 12:37:07 +00:00
Claire c50274a0ac
Fix redirect confirmation for accounts (#28902) 2024-01-25 10:44:25 +00:00
Claire 22cfab0ebf Merge commit '01ce9df88008cee705b7e02a4581802afa07c3df' into glitch-soc/merge-upstream
Conflicts:
- `tsconfig.json`:
  Upstream made style fixes, while glitch-soc had extra options.
  Ported upstream's style fixes.
2024-01-24 20:42:53 +01:00
Eugen Rochko b19ae521b7
Add confirmation when redirecting logged-out requests to permalink (#27792)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 10:49:19 +00:00
Eugen Rochko 5b1eb09d54
Add annual reports for accounts (#28693) 2024-01-24 09:38:10 +00:00
Matt Jankowski c0e8e457ab
Eager loading fixes for `api/` controllers (#28848) 2024-01-23 11:41:54 +00:00
Claire 102eff7c05 Merge commit 'e2d9635074ad33cc8144adc434bcd90faae9c424' into glitch-soc/merge-upstream 2024-01-22 19:19:40 +01:00
Claire 0700eb58bc Merge commit '163db814c2b3cf544b78e427e7f7bbd99b94a025' into glitch-soc/merge-upstream 2024-01-22 19:12:05 +01:00
Claire e2d9635074
Add notification email on invalid second authenticator (#28822) 2024-01-22 13:55:43 +00:00
Matt Jankowski 18004bf227
Add `Account.matches_uri_prefix` scope and use in activitypub/followers_synchronizations controller (#28820) 2024-01-22 13:55:37 +00:00
Matt Jankowski 7ecf7f5403
Move controller->request specs for api/v1/statuses/* (#28818) 2024-01-22 11:58:54 +00:00
Claire 3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00
Matt Jankowski 329911b0a3
Migrate controller->request spec for api/v1/follow* (#28811) 2024-01-19 09:32:41 +00:00
Matt Jankowski 1480573c83
Add `Account.auditable` scope, fix N+1 in admin/action_logs#index (#28812) 2024-01-19 01:39:30 +00:00
Claire 528a8fa495 Merge commit 'f866413e724c2e7f8329fbc6e96f56f0b186c62a' into glitch-soc/merge-upstream 2024-01-18 22:16:16 +01:00
Matt Jankowski 0b853678a4
Add coverage for `api/v1/peers/search` endpoint and extract controller query to Instance scope (#28796) 2024-01-18 15:57:10 +00:00
Claire 278597c161 Merge commit '98b5f85f10a3af50a54fcd79e09fc9fd88f774fa' into glitch-soc/merge-upstream 2024-01-15 20:53:16 +01:00
Claire 2f521bc84a Merge commit 'a2f02a07758c32f0dcc6388b4f30ca5a84e762f3' into glitch-soc/merge-upstream 2024-01-15 20:27:41 +01:00
Claire 1323dfac80 Merge commit 'a90696011e563e62100cba56e2d52f6babbaff00' into glitch-soc/merge-upstream 2024-01-15 19:19:04 +01:00
Claire 98b5f85f10
Rename and refactor `User#confirm!` to `User#mark_email_as_confirmed!` (#28735) 2024-01-15 18:04:58 +00:00
Matt Jankowski e72676e83a
Improve `api/v1/markers#create` performance against simultaneous requests (#28718) 2024-01-15 09:47:25 +00:00
Claire a3b6a85521 Merge commit 'cd37048439f9b324f48e6af1f426a7894c54b4da' into glitch-soc/merge-upstream
Conflicts:
- `.prettierignore`:
  Conflict due to glitch-soc-only files.
  Kept those at the end of the file.
2024-01-13 12:11:29 +01:00
Matt Jankowski 7801db7ba4
Spec coverage for custom css endpoint (#28706) 2024-01-12 09:19:25 +00:00
Matt Jankowski 575ab085be
Disable `Rails/ApplicationController` for `HealthController` (#28705) 2024-01-12 09:08:17 +00:00
Claire 23d8bd8ce1 Merge commit '0a7cff53c2577b3e79599e069eeb344f2613ad8d' into glitch-soc/merge-upstream 2024-01-11 13:24:20 +01:00
Claire 0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire d7e13e2483
Fix potential redirection loop of streaming endpoint (#28665) 2024-01-10 15:05:46 +00:00
Jean Boussier 5a6d533c53
Enable Rails 7.1 Marshalling format (#28609) 2024-01-05 21:57:47 +00:00
Claire 419c659bc4
Add fallback redirection when getting a webfinger query `WEB_DOMAIN@WEB_DOMAIN` (#28592) 2024-01-04 14:14:46 +00:00
Claire dfdadb92e8
Add ability to require approval when users sign up using specific email domains (#28468) 2024-01-04 09:07:05 +00:00
Claire 0b5783f3f1 Merge commit 'f92d8c654df654538096efff05e9b1a989d01490' into glitch-soc/merge-upstream 2024-01-03 20:52:19 +01:00
Matt Jankowski e12d8893f4
Fix intermittent failure from unspecified order in `export_domain_blocks` controller spec (#28562) 2024-01-03 13:06:15 +00:00
Claire 9d9008666b Merge commit '092bb8a27af9ee87ff9ebabaf354477470ea3a94' into glitch-soc/merge-upstream 2024-01-03 12:38:49 +01:00
Claire 092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-03 11:29:26 +00:00
Claire b3542ac57b Merge commit '1184887b012e863fbf44f65ef5c65e0049123c27' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept our README.
2024-01-02 13:35:11 +01:00
Claire 1184887b01
Fix streaming API redirection ignoring the port of `streaming_api_base_url` (#28558) 2024-01-02 12:27:51 +00:00
Claire c5b0e6d5a0 Merge branch 'main' into glitch-soc/merge-upstream 2023-12-28 16:57:10 +01:00
Claire 92aa6e2ec9 Merge commit 'b7bdcd4f395aaa1e85930940975439d10b570f40' into glitch-soc/merge-upstream 2023-12-21 19:42:13 +01:00
Claire 30ee7339d3 Merge commit '7d9b209fe84b00eff348ea9d54905cbfffa79788' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream changed code style change, including on a line modified by glitch-soc.
  Kept glitch-soc's line but with the code style change applied.
2023-12-21 19:31:12 +01:00
Claire 077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
2023-12-20 22:16:50 +01:00
Claire 75580360cd Merge commit '272592d16d40e804ec325ef3b5e6de9bbad5f2dd' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
  `Metrics/AbcSize` cop.
  Glitch-soc has different code and slightly higher `AbcSize` complexity,
  modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
  Upstream changed `account.suspended?` to `account.unavailable?` to prepare
  for delete flags. Glitch-soc has additional local-only conditions.
  Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
  Upstream refactored a bunch of stuff while glitch-soc has more settings.
  Refactored as upstream did while keeping glitch-soc's settings.
2023-12-20 22:05:31 +01:00
Claire 8a5f2442cc Merge commit '0530ce5e9575c09464847412f43852f438b0494e' into glitch-soc/merge-upstream 2023-12-20 21:58:18 +01:00
Claire b8209c3b96 Merge commit '85662a5a57531af5402a6777d0b1089e78c56815' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
  Upstream reworked the CSP, we kept our version for now.
2023-12-20 20:10:45 +01:00
Claire b135b6ba8f Merge commit '8ebc94dd22a18c28c4c9763b909e92e6ba64e242' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/custom_emojis/new.html.haml`:
  Conflict caused by glitch-soc having a different file size limit constant
  name.
  Updated like upstream did while keeping glitch-soc's constant name.
2023-12-19 21:24:01 +01:00
Claire 2e786e13cb Merge commit '973597c6f1e25b16c592e5573304319aeaa375e1' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_pin_validator.rb`:
  Upstream refactored that file, while glitch-soc had configurable limits for
  pinned statuses.
  Updated the code with upstream's refactor, while keeping glitch-soc's
  configurability.
2023-12-19 20:51:37 +01:00
Claire 3ad92e8d0d Merge commit 'bd575a1dd69d87ca0f69873f7badf28d38e8b9ed' into glitch-soc/merge-upstream 2023-12-19 20:17:23 +01:00
Claire cd1e3ac2c7 Merge commit '7e1a77ea51e6dc4aecbf678f8928aa96698fa072' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/timelines/public_controller.rb`:
  Upstream refactored this code, the conflict was because of an extra supported
  parameter, `allow_local_only`.
  Updated the controller to follow upstream's refactor, and moved the extra
  parameter definition accordingly.
2023-12-19 19:51:40 +01:00
Eugen Rochko b5ac61b2c5
Change algorithm of follow recommendations (#28314)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-19 10:59:43 +00:00
Matt Jankowski c28976d89e
Handle negative offset param in `api/v2/search` (#28282) 2023-12-19 10:55:39 +00:00
Claire a111fd7a0b Merge commit 'b2c5b20ef27edd948eca8d6bd2014b7a5efaec11' into glitch-soc/merge-upstream 2023-12-18 20:47:27 +01:00
Claire d6ad9d351e Merge commit 'a36b59be8ad7656b7ceab9751c9ec5b3563e3a30' into glitch-soc/merge-upstream 2023-12-18 19:10:43 +01:00
Claire b474cbbd28 Merge commit '7840c6b75b61e64d89d7fd9f291277fb177e513f' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/accounts/relationships_controller.rb`:
  We differed by listing suspended users when requesting relationships.
  Updated to upstream's code.
2023-12-18 18:40:58 +01:00
Claire 46ddaffd40 Merge commit 'b87bfb8c96c8491f1228e0258d05119f3420db05' into glitch-soc/merge-upstream 2023-12-18 18:34:25 +01:00
Claire 7d9b209fe8
Fix call to inefficient `delete_matched` cache method in domain blocks (#28374) 2023-12-18 16:14:43 +00:00
Matt Jankowski 0e5b8fc46b
Fix `Style/RedundantReturn` cop (#28391) 2023-12-18 09:50:51 +00:00
Claire 4113fbf6e8 Merge commit 'f476d9dab2f5cca6ae44b95961df6b6557d66dab' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream enforced new code style rules, where we had different code.
  Applied the new code style rules.
2023-12-17 23:04:16 +01:00
Claire 1474318691 Merge commit 'a916251d8a8fffcaeb6be80eacf50138a53650dc' into glitch-soc/main
Conflicts:
- `app/models/trends/statuses.rb`:
  Upstream fixed a bug in the trending post condition.
  Glitch-soc's condition is different because we potentially allow CWed content
  to trend.
  Ported upstream's fix while keeping glitch-soc's change.
- `config/initializers/content_security_policy.rb`:
  Kept our version for now, we will switch to upstream later down the road.
2023-12-17 15:32:29 +01:00
Claire 9f92b05bd2 Merge commit '2e6bf60f1549e5c1f1cfea2d614f978bea17b8a2' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated their README but we have a completely different one.
  Kept our version of `README.md`
2023-12-10 18:05:02 +01:00
Claire 73a94c3b3f
Fix self-destruct page not using theme styles (#2490) 2023-12-02 14:54:35 +01:00
Matt Jankowski 3bc437b99a
Fix `Style/RedundantParentheses` cop (#28176) 2023-12-01 16:00:44 +00:00
Matt Jankowski d83d01eb1e
Fix `Lint/RedundantSafeNavigation` cop (#28172) 2023-12-01 15:52:56 +00:00
Claire 963354978a
Add `Account#unavailable?` and `Account#permanently_unavailable?` aliases (#28053) 2023-11-30 15:43:26 +00:00