Commit Graph

724 Commits (f9abe700e73df76963aa0f74a87e518ddc5c4584)

Author SHA1 Message Date
Claire dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire 6d8e0fae3e
Merge pull request from GHSA-ccm4-vgcc-73hp
* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
2023-07-06 15:03:33 +02:00
Claire fed9cbfd2b
Add hardened headers to user-uploaded files (#25756) 2023-07-06 14:31:37 +02:00
Claire c78280a8ce
Add translate="no" to outgoing mentions and links (#25524) 2023-06-20 18:10:19 +02:00
Matt Jankowski b5675e265e
Add coverage for `CLI::Feeds` command (#25319) 2023-06-10 18:37:36 +02:00
Matt Jankowski 07933db788
Add coverage for `CLI::Cache` command (#25238) 2023-06-10 18:36:09 +02:00
Nick Schonning c66250abf1
Autofix Rubocop Regex Style rules (#23690)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
Jed Fox 768b00c4d0
Consistently use middle dot (·) instead of bullet (•) to separate items (#25248) 2023-06-02 19:58:18 +02:00
Matt Jankowski cd4f0feab8
Extract verify options method in search cli (#25121) 2023-06-01 14:35:05 +02:00
Matt Jankowski 35c1c3e57a
Add CLI area progress bar helper (#25208) 2023-06-01 14:31:24 +02:00
Matt Jankowski dc26140d54
Use thor methods instead of tty prompt in maintenance cli (#25207) 2023-05-31 19:40:16 +02:00
Matt Jankowski 1baf40077b
Fix FormatStringToken cop in CLI (#25122) 2023-05-30 16:21:53 +02:00
Matt Jankowski 80c7de9984
Fix Rails/WhereExists cop in CLI (#25123) 2023-05-30 16:09:57 +02:00
Matt Jankowski b7b96efd17
Extract helper method for error report in cli/accounts command (#25119) 2023-05-30 16:09:15 +02:00
Matt Jankowski 2cecb2dc9e
Increment index which was previously not used in maintenance CLI loop (#25118) 2023-05-30 16:08:47 +02:00
Matt Jankowski ec9bc7e604
Consistent usage of CLI `dry_run?` method (#25116) 2023-05-30 16:07:44 +02:00
Matt Jankowski 55785b1603
Extract methods for user de-duping in maintenance CLI (#25117) 2023-05-26 09:42:16 +02:00
Claire 1d588d58f1
Improve various queries against account domains (#25126) 2023-05-25 09:27:16 +02:00
Matt Jankowski 384345b0de
Add CLI Base class for command line code (#25106) 2023-05-24 11:55:40 +02:00
Matt Jankowski b6b4ea4ca5
Move the mastodon/*_cli files to mastodon/cli/* (#24139) 2023-05-23 16:08:26 +02:00
Nick Schonning 99e2e9b81f
Fix minor typos in comments and spec names (#21831) 2023-05-19 17:13:29 +02:00
Daniel M Brasil 536dd046d4
Add ability to block sign-ups from IP using the CLI (#24870) 2023-05-09 14:46:00 +02:00
Daniel M Brasil ffb3fef7db
Fix uncaught `ActiveRecord::StatementInvalid` in Mastodon::IpBlocksCLI (#24861) 2023-05-09 14:45:47 +02:00
Renaud Chaput 830e6cefae
Add version suffixes to nightly & edge image builds (#24823) 2023-05-04 13:45:39 +02:00
Nick Schonning 569b39256b
Bump rubocop-rails 2.19.1 with update .rubocop_todo.yml (#24469) 2023-05-04 11:56:24 +02:00
Nick Schonning da3bd913ae
Autofix Rubocop Style/HashSyntax (#23754) 2023-05-04 05:54:26 +02:00
Matt Jankowski 2c6c398c60
Fix Performance/CollectionLiteralInLoop cop (#24819) 2023-05-04 05:33:55 +02:00
Matt Jankowski 24491abf6d
Fix Rails/DeprecatedActiveModelErrorsMethods cop (#24742) 2023-05-02 18:39:22 +02:00
Matt Jankowski 5e060e1f44
Fix Performance/Sum cop (#24788) 2023-05-02 16:10:40 +02:00
Claire 1ed0ff30d3
Fix `tootctl accounts cull` crashing when encountering a domain resolving to a private address (#23378) 2023-05-02 15:10:09 +02:00
Matt Jankowski 88d33f361f
Fix Lint/DuplicateBranch cop (#24766) 2023-05-02 12:57:11 +02:00
Daniel M Brasil e8fe941015
Fix `tootctl accounts approve --number N` not aproving N earliest registrations (#24605) 2023-04-30 06:50:58 +02:00
Matt Jankowski 2e43461100
Fix Rails/Output cop (#24687) 2023-04-30 06:48:16 +02:00
Matt Jankowski 60ac9e8634
Fix Rails/SquishedSQLHeredocs cop (#24694) 2023-04-30 06:43:50 +02:00
Daniel M Brasil 1d9969fadf
Fix `tootctl accounts create --reattach --force` not working with confirmed accounts (#24680) 2023-04-27 10:15:45 +02:00
Claire 528b8e7e3a
Fix crash in `tootctl accounts create --reattach --force` (#24557) 2023-04-23 22:29:31 +02:00
Daniel M Brasil faf657d709
Fix uncaught ActiveRecord::StatementInvalid exception in `Mastodon::AccountsCLI#approve` (#24590) 2023-04-20 10:57:11 +02:00
Eugen Rochko e98c86050a
Refactor `Cache-Control` and `Vary` definitions (#24347) 2023-04-19 16:07:29 +02:00
Daniel M Brasil 3afa1fda7a
Fix email confirmation skip option in `tootctl accounts modify USERNAME --email EMAIL --confirm` (#24578) 2023-04-18 09:51:24 +02:00
Daniel M Brasil b0800d602e
tootctl: add --approve option to tootctl accounts create (#24533) 2023-04-14 14:41:15 +02:00
Matt Jankowski a2a66300d9
Clean up the post deployment migration generator (#24233) 2023-04-11 11:25:29 +02:00
Claire 3d8bd093b9
Bump version to v4.1.2 (#24427) 2023-04-07 09:01:57 +02:00
Claire 5c499f54e3
Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-03 15:05:39 +02:00
Alison Wheeler 2f7c3cb628
Update redis_config.rb to remove warning message (#24352) 2023-04-02 06:49:37 +02:00
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire 0d70deee53
Add migration tests for user mail notification settings (#24277) 2023-03-27 17:54:42 +02:00
Matt Jankowski b9e34ef098
Migration warning helper, and only run in production env (#24253) 2023-03-26 00:39:24 +01:00
Claire 7f8e1bede4
Bump version to v4.1.1 (#24201) 2023-03-21 15:04:21 +01:00
Claire bdeb6ff180
Fix crash in `tootctl` commands making use of parallelization when Elasticsearch is enabled (#24182) 2023-03-20 20:02:58 +01:00
Nick Schonning aa947a143b
Regen rubocop-todo without Max shadowing (#24076) 2023-03-16 12:31:08 +09:00
Eugen Rochko f0e727f958
Add cache headers to static files served through Rails (#24120) 2023-03-16 02:55:54 +01:00
Nick Schonning 25d36b6edd
Autofix Rubocop Style/RedundantArgument (#23798) 2023-03-16 10:34:00 +09:00
Claire 1d0ad558ff
Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call (#24034) 2023-03-15 03:45:15 +01:00
Nick Schonning e762a14c0a
Enable Rubocop Performance/DeleteSuffix (#24077) 2023-03-13 00:03:07 +01:00
Claire f432db7b9f
Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-12 23:47:55 +01:00
9p4 b715bd8e53
Add refreshing many accounts at once with "tootctl accounts refresh" (#23304) 2023-03-08 17:06:53 +01:00
Jean byroot Boussier 922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Claire 8784498ebf
Fix tootctl accounts migrate error due to typo (#23567) 2023-03-03 20:45:12 +01:00
Claire 3a6451c867
Add support for incoming rich text (#23913) 2023-03-03 20:19:29 +01:00
Nick Schonning 8fd3fc404d
Autofix Rubocop Rails/RootPathnameMethods (#23760) 2023-02-22 09:57:15 +09:00
Nick Schonning 0cfdd1a401
Enable Rubocop Style/StringConcatenation defaults (#23792) 2023-02-22 09:54:36 +09:00
Nick Schonning 59c8d43d94
Autofix Rubocop Style/RescueStandardError (#23745) 2023-02-20 11:01:20 +01:00
Nick Schonning af4c95100c
Autofix Rubocop Style/FormatString (#23743) 2023-02-20 07:58:33 +01:00
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning d2dcb6c45a
Autofix Rubocop Style/UnpackFirst (#23741) 2023-02-20 06:51:43 +01:00
Nick Schonning bf785df9fe
Audofix Rubocop Style/WordArray (#23739) 2023-02-20 06:14:10 +01:00
Nick Schonning 81ad6c2e39
Autofix Rubocop Style/StringLiterals (#23695) 2023-02-19 07:38:14 +09:00
Nick Schonning 2177daeae9
Autofix Rubocop Style/RedundantBegin (#23703) 2023-02-19 07:09:40 +09:00
Nick Schonning ab7816a414
Autofix Rubocop Style/Lambda (#23696) 2023-02-18 12:39:00 +01:00
Nick Schonning e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning a6f77aa28a
Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#23681) 2023-02-18 04:30:23 +01:00
Nick Schonning e2567df860
Enable Lint/RedundantCopDisableDirective (#23687) 2023-02-18 04:30:14 +01:00
Nick Schonning d65b2c1924
Apply Rubocop Style/RedundantConstantBase (#23463) 2023-02-18 04:30:03 +01:00
Nick Schonning ac59d6f19f
Enable Rubocop Style/NumericLiterals (#23647) 2023-02-18 11:05:57 +09:00
Nick Schonning 669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Nick Schonning 0c9d455ea5
Upgrade to Stylelint 15 with Prettier (#23558) 2023-02-13 04:57:03 +01:00
Claire 70c0d754a6
Bump version to 4.1.0 (#23471)
* Bump version to 4.1.0

* Editorialize changelog some more and highlight API changes

* Update changelog
2023-02-10 22:21:23 +01:00
Nick Schonning 11557d1c5a
Apply Rubocop Rails/RootPublicPath (#23447) 2023-02-08 10:38:07 +01:00
Nick Schonning f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Nick Schonning 203739dd3a
Apply Rubocop Performance/StringIdentifierArgument (#23444) 2023-02-08 02:36:20 +01:00
Nick Schonning c92e033cdd
Apply Rubocop Performance/BindCall (#23437) 2023-02-08 09:10:25 +09:00
Claire 79ca19e9b2
Bump version to 4.1.0rc3 (#23384) 2023-02-03 16:39:38 +01:00
Claire 2f112432e6
Bump version to 4.1.0rc2 (#23220) 2023-01-25 16:20:54 +01:00
Claire 8180f7ba19
Bump version to 4.1.0rc1 (#23112) 2023-01-20 14:19:12 +01:00
JT Olio a5fd2fe1cb
Add Storj DCS to cloud object storage options (#21929)
* Add Storj DCS to cloud object storage options

More explanation here: https://forum.storj.io/t/object-storage-provider-for-mastodon-instance/11464/37

* more help for which command to use
2023-01-18 17:47:49 +01:00
Claire cb4e28f405
Add `tootctl domains purge` options to select subdomains and keep domain blocks (#22063)
* Add --include-subdomains option to tootctl domains purge

* Add support for '*.' subdomain wildcard patterns in `tootctl domains purge`

* Fix custom emojis deletion not following subdomain and URI options

* Change `tootctl domains purge` to not purge domain blocks unless --purge-domain-blocks is passed

* Refactor `tootctl domains purge`

* Add feedback on deleted domain blocks
2023-01-18 16:50:50 +01:00
Jeong Arm 0e8f8a1a1c
Implement tootctl accounts prune (#18397)
* Implement tootctl accounts prune

* Optimise query

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-01-13 22:34:16 +01:00
Claire 745bdb11a0
Add `tootctl accounts migrate` (#22330)
* Add tootctl accounts replay-migration

Fixes #22281

* Change `tootctl accounts replay-migration` to `tootctl accounts migrate`
2023-01-13 17:00:23 +01:00
Claire a3a5aa1597
Fix incorrect env file generation in mastodon:setup (#23072)
Regression from #23012
2023-01-13 10:17:07 +01:00
Claire 15b88a83ab
Fix sanitizer parsing link text as HTML when stripping unsupported links (#22558) 2023-01-11 22:21:10 +01:00
Claire a65f86ae55
Fix `$` not being escaped in `.env.production` file generated by `mastodon:setup` (#23012)
* Fix `$` not being escaped in `.env.production` file generated by `mastodon:setup`

* Improve robustness of dotenv escaping
2023-01-11 21:53:11 +01:00
Nick Schonning 558ac411c4
Expand Stylelint glob to include CSS files (#22469) 2023-01-05 13:42:13 +01:00
Dan Peterson 3d3429243f
Fix default S3_HOSTNAME used in mastodon:setup (#19932)
s3-us-east-1.amazonaws.com does not exist.

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:38:51 +01:00
Claire f239d31f23
Add --email and --dry-run options to `tootctl accounts delete` (#22328) 2022-12-15 14:52:50 +01:00
Evan 78ef635980
Add command to remove avatar and header images of inactive remote accounts from the local database (#22149)
* Add tootctl subcommand media remove-profile-media

* Trigger workflows

* Correcting external linting

* External linting error

* External linting fix

* Merging with remove command

* Linting

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Remove saving a list of purged accounts

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14 19:50:07 +01:00
Claire 55b210b3e5
Fix crash and incorrect behavior in tootctl domains crawl (#19004) 2022-12-13 20:02:32 +01:00
Claire c52263f6f8
Fix deprecation warning in `tootctl accounts rotate` (#22120) 2022-12-07 14:13:10 +01:00
Claire 66a70ebb6e
Fix pre-4.0 admin action logs (#22091)
* Fix BackfillAdminActionLogs post-deployment migration

* Improve migration tests

* Backfill admin action logs again
2022-12-06 23:38:03 +01:00
Claire 098ced7420
Remove support for Ruby 2.6 (#21477)
As pointed out by https://github.com/mastodon/mastodon/pull/21297#discussion_r1028372193
at least one of our dependencies already dropped support for Ruby 2.6, and we
had removed Ruby 2.6 tests from the CI over a year ago (#16861).

So stop advertising Ruby 2.6 support, bump targeted version, and drop some
compatibility code.
2022-11-27 20:41:39 +01:00
Claire d587a268fd
Add logging for Rails cache timeouts (#21667)
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds

* Log cache store errors
2022-11-27 20:37:37 +01:00