Merge commit '4743657ba24e83c376e9f477fbf49114e6f09a57' into glitch-soc/merge-upstream

main-rebase-security-fix
Claire 2024-06-22 20:59:23 +02:00
commit 3b4607991d
23 changed files with 111 additions and 80 deletions

2
.nvmrc
View File

@ -1 +1 @@
20.14 20.15

View File

@ -5,10 +5,6 @@ Rails/FilePath:
Rails/HttpStatus: Rails/HttpStatus:
EnforcedStyle: numeric EnforcedStyle: numeric
Rails/LexicallyScopedActionFilter:
Exclude:
- app/controllers/auth/* # Conflicts with `Lint/UselessMethodDefinition` for inherited controller actions
Rails/NegateInclude: Rails/NegateInclude:
Enabled: false Enabled: false

View File

@ -31,14 +31,6 @@ Rails/OutputSafety:
Exclude: Exclude:
- 'config/initializers/simple_form.rb' - 'config/initializers/simple_form.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
# Configuration parameters: AllowedMethods, AllowedPatterns.
# AllowedMethods: ==, equal?, eql?
Style/ClassEqualityComparison:
Exclude:
- 'app/helpers/jsonld_helper.rb'
- 'app/serializers/activitypub/outbox_serializer.rb'
# This cop supports safe autocorrection (--autocorrect). # This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: AllowedVars. # Configuration parameters: AllowedVars.
Style/FetchEnvVar: Style/FetchEnvVar:

View File

@ -19,9 +19,9 @@ ARG NODE_MAJOR_VERSION="20"
# Debian image to use for base image, change with [--build-arg DEBIAN_VERSION="bookworm"] # Debian image to use for base image, change with [--build-arg DEBIAN_VERSION="bookworm"]
ARG DEBIAN_VERSION="bookworm" ARG DEBIAN_VERSION="bookworm"
# Node image to use for base image based on combined variables (ex: 20-bookworm-slim) # Node image to use for base image based on combined variables (ex: 20-bookworm-slim)
FROM docker.io/node:${NODE_MAJOR_VERSION}-${DEBIAN_VERSION}-slim as node FROM docker.io/node:${NODE_MAJOR_VERSION}-${DEBIAN_VERSION}-slim AS node
# Ruby image to use for base image based on combined variables (ex: 3.3.x-slim-bookworm) # Ruby image to use for base image based on combined variables (ex: 3.3.x-slim-bookworm)
FROM docker.io/ruby:${RUBY_VERSION}-slim-${DEBIAN_VERSION} as ruby FROM docker.io/ruby:${RUBY_VERSION}-slim-${DEBIAN_VERSION} AS ruby
# Resulting version string is vX.X.X-MASTODON_VERSION_PRERELEASE+MASTODON_VERSION_METADATA # Resulting version string is vX.X.X-MASTODON_VERSION_PRERELEASE+MASTODON_VERSION_METADATA
# Example: v4.3.0-nightly.2023.11.09+pr-123456 # Example: v4.3.0-nightly.2023.11.09+pr-123456
@ -117,7 +117,7 @@ RUN \
; ;
# Create temporary build layer from base image # Create temporary build layer from base image
FROM ruby as build FROM ruby AS build
# Copy Node package configuration files into working directory # Copy Node package configuration files into working directory
COPY package.json yarn.lock .yarnrc.yml /opt/mastodon/ COPY package.json yarn.lock .yarnrc.yml /opt/mastodon/
@ -185,7 +185,7 @@ RUN \
corepack prepare --activate; corepack prepare --activate;
# Create temporary libvips specific build layer from build layer # Create temporary libvips specific build layer from build layer
FROM build as libvips FROM build AS libvips
# libvips version to compile, change with [--build-arg VIPS_VERSION="8.15.2"] # libvips version to compile, change with [--build-arg VIPS_VERSION="8.15.2"]
# renovate: datasource=github-releases depName=libvips packageName=libvips/libvips # renovate: datasource=github-releases depName=libvips packageName=libvips/libvips
@ -205,7 +205,7 @@ RUN \
ninja install; ninja install;
# Create temporary ffmpeg specific build layer from build layer # Create temporary ffmpeg specific build layer from build layer
FROM build as ffmpeg FROM build AS ffmpeg
# ffmpeg version to compile, change with [--build-arg FFMPEG_VERSION="7.0.x"] # ffmpeg version to compile, change with [--build-arg FFMPEG_VERSION="7.0.x"]
# renovate: datasource=repology depName=ffmpeg packageName=openpkg_current/ffmpeg # renovate: datasource=repology depName=ffmpeg packageName=openpkg_current/ffmpeg
@ -247,7 +247,7 @@ RUN \
make install; make install;
# Create temporary bundler specific build layer from build layer # Create temporary bundler specific build layer from build layer
FROM build as bundler FROM build AS bundler
ARG TARGETPLATFORM ARG TARGETPLATFORM
@ -269,7 +269,7 @@ RUN \
bundle install -j"$(nproc)"; bundle install -j"$(nproc)";
# Create temporary node specific build layer from build layer # Create temporary node specific build layer from build layer
FROM build as yarn FROM build AS yarn
ARG TARGETPLATFORM ARG TARGETPLATFORM
@ -286,7 +286,7 @@ RUN \
yarn workspaces focus --production @mastodon/mastodon; yarn workspaces focus --production @mastodon/mastodon;
# Create temporary assets build layer from build layer # Create temporary assets build layer from build layer
FROM build as precompiler FROM build AS precompiler
# Copy Mastodon sources into precompiler layer # Copy Mastodon sources into precompiler layer
COPY . /opt/mastodon/ COPY . /opt/mastodon/
@ -310,7 +310,7 @@ RUN \
rm -fr /opt/mastodon/tmp; rm -fr /opt/mastodon/tmp;
# Prep final Mastodon Ruby layer # Prep final Mastodon Ruby layer
FROM ruby as mastodon FROM ruby AS mastodon
ARG TARGETPLATFORM ARG TARGETPLATFORM

View File

@ -69,7 +69,7 @@ gem 'oj', '~> 3.14'
gem 'ox', '~> 2.14' gem 'ox', '~> 2.14'
gem 'parslet' gem 'parslet'
gem 'premailer-rails' gem 'premailer-rails'
gem 'public_suffix', '~> 5.0' gem 'public_suffix', '~> 6.0'
gem 'pundit', '~> 2.3' gem 'pundit', '~> 2.3'
gem 'rack-attack', '~> 6.6' gem 'rack-attack', '~> 6.6'
gem 'rack-cors', '~> 2.0', require: 'rack/cors' gem 'rack-cors', '~> 2.0', require: 'rack/cors'
@ -105,7 +105,7 @@ gem 'private_address_check', '~> 0.5'
gem 'opentelemetry-api', '~> 1.2.5' gem 'opentelemetry-api', '~> 1.2.5'
group :opentelemetry do group :opentelemetry do
gem 'opentelemetry-exporter-otlp', '~> 0.27.0', require: false gem 'opentelemetry-exporter-otlp', '~> 0.28.0', require: false
gem 'opentelemetry-instrumentation-active_job', '~> 0.7.1', require: false gem 'opentelemetry-instrumentation-active_job', '~> 0.7.1', require: false
gem 'opentelemetry-instrumentation-active_model_serializers', '~> 0.20.1', require: false gem 'opentelemetry-instrumentation-active_model_serializers', '~> 0.20.1', require: false
gem 'opentelemetry-instrumentation-concurrent_ruby', '~> 0.21.2', require: false gem 'opentelemetry-instrumentation-concurrent_ruby', '~> 0.21.2', require: false

View File

@ -89,8 +89,8 @@ GEM
minitest (>= 5.1) minitest (>= 5.1)
mutex_m mutex_m
tzinfo (~> 2.0) tzinfo (~> 2.0)
addressable (2.8.6) addressable (2.8.7)
public_suffix (>= 2.0.2, < 6.0) public_suffix (>= 2.0.2, < 7.0)
aes_key_wrap (1.1.0) aes_key_wrap (1.1.0)
android_key_attestation (0.3.0) android_key_attestation (0.3.0)
annotate (3.2.0) annotate (3.2.0)
@ -143,7 +143,7 @@ GEM
brpoplpush-redis_script (0.1.3) brpoplpush-redis_script (0.1.3)
concurrent-ruby (~> 1.0, >= 1.0.5) concurrent-ruby (~> 1.0, >= 1.0.5)
redis (>= 1.0, < 6) redis (>= 1.0, < 6)
builder (3.2.4) builder (3.3.0)
bundler-audit (0.9.1) bundler-audit (0.9.1)
bundler (>= 1.2.0, < 3) bundler (>= 1.2.0, < 3)
thor (~> 1.0) thor (~> 1.0)
@ -195,7 +195,7 @@ GEM
railties (>= 4.1.0) railties (>= 4.1.0)
responders responders
warden (~> 1.2.3) warden (~> 1.2.3)
devise-two-factor (5.0.0) devise-two-factor (5.1.0)
activesupport (~> 7.0) activesupport (~> 7.0)
devise (~> 4.0) devise (~> 4.0)
railties (~> 7.0) railties (~> 7.0)
@ -226,7 +226,7 @@ GEM
htmlentities (~> 4.3.3) htmlentities (~> 4.3.3)
launchy (~> 2.1) launchy (~> 2.1)
mail (~> 2.7) mail (~> 2.7)
erubi (1.12.0) erubi (1.13.0)
et-orbi (1.2.11) et-orbi (1.2.11)
tzinfo tzinfo
excon (0.110.0) excon (0.110.0)
@ -398,6 +398,7 @@ GEM
llhttp-ffi (0.5.0) llhttp-ffi (0.5.0)
ffi-compiler (~> 1.0) ffi-compiler (~> 1.0)
rake (~> 13.0) rake (~> 13.0)
logger (1.6.0)
lograge (0.14.0) lograge (0.14.0)
actionpack (>= 4) actionpack (>= 4)
activesupport (>= 4) activesupport (>= 4)
@ -489,8 +490,8 @@ GEM
opentelemetry-api (1.2.5) opentelemetry-api (1.2.5)
opentelemetry-common (0.20.1) opentelemetry-common (0.20.1)
opentelemetry-api (~> 1.0) opentelemetry-api (~> 1.0)
opentelemetry-exporter-otlp (0.27.0) opentelemetry-exporter-otlp (0.28.0)
google-protobuf (~> 3.14) google-protobuf (>= 3.18)
googleapis-common-protos-types (~> 1.3) googleapis-common-protos-types (~> 1.3)
opentelemetry-api (~> 1.1) opentelemetry-api (~> 1.1)
opentelemetry-common (~> 0.20) opentelemetry-common (~> 0.20)
@ -602,7 +603,7 @@ GEM
railties (>= 7.0.0) railties (>= 7.0.0)
psych (5.1.2) psych (5.1.2)
stringio stringio
public_suffix (5.1.1) public_suffix (6.0.0)
puma (6.4.2) puma (6.4.2)
nio4r (~> 2.0) nio4r (~> 2.0)
pundit (2.3.2) pundit (2.3.2)
@ -675,7 +676,7 @@ GEM
link_header (~> 0.0, >= 0.0.8) link_header (~> 0.0, >= 0.0.8)
rdf-normalize (0.7.0) rdf-normalize (0.7.0)
rdf (~> 3.3) rdf (~> 3.3)
rdoc (6.6.3.1) rdoc (6.7.0)
psych (>= 4.0.0) psych (>= 4.0.0)
redcarpet (3.6.0) redcarpet (3.6.0)
redis (4.8.1) redis (4.8.1)
@ -771,8 +772,9 @@ GEM
scenic (1.8.0) scenic (1.8.0)
activerecord (>= 4.0.0) activerecord (>= 4.0.0)
railties (>= 4.0.0) railties (>= 4.0.0)
selenium-webdriver (4.21.1) selenium-webdriver (4.22.0)
base64 (~> 0.2) base64 (~> 0.2)
logger (~> 1.4)
rexml (~> 3.2, >= 3.2.5) rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2, < 3.0) rubyzip (>= 1.2.2, < 3.0)
websocket (~> 1.0) websocket (~> 1.0)
@ -972,7 +974,7 @@ DEPENDENCIES
omniauth-saml (~> 2.0) omniauth-saml (~> 2.0)
omniauth_openid_connect (~> 0.6.1) omniauth_openid_connect (~> 0.6.1)
opentelemetry-api (~> 1.2.5) opentelemetry-api (~> 1.2.5)
opentelemetry-exporter-otlp (~> 0.27.0) opentelemetry-exporter-otlp (~> 0.28.0)
opentelemetry-instrumentation-active_job (~> 0.7.1) opentelemetry-instrumentation-active_job (~> 0.7.1)
opentelemetry-instrumentation-active_model_serializers (~> 0.20.1) opentelemetry-instrumentation-active_model_serializers (~> 0.20.1)
opentelemetry-instrumentation-concurrent_ruby (~> 0.21.2) opentelemetry-instrumentation-concurrent_ruby (~> 0.21.2)
@ -994,7 +996,7 @@ DEPENDENCIES
premailer-rails premailer-rails
private_address_check (~> 0.5) private_address_check (~> 0.5)
propshaft propshaft
public_suffix (~> 5.0) public_suffix (~> 6.0)
puma (~> 6.3) puma (~> 6.3)
pundit (~> 2.3) pundit (~> 2.3)
rack (~> 2.2.7) rack (~> 2.2.7)

View File

@ -25,6 +25,14 @@ class Auth::RegistrationsController < Devise::RegistrationsController
super(&:build_invite_request) super(&:build_invite_request)
end end
def edit # rubocop:disable Lint/UselessMethodDefinition
super
end
def create # rubocop:disable Lint/UselessMethodDefinition
super
end
def update def update
super do |resource| super do |resource|
resource.clear_other_sessions(current_session.session_id) if resource.saved_change_to_encrypted_password? resource.clear_other_sessions(current_session.session_id) if resource.saved_change_to_encrypted_password?

View File

@ -141,7 +141,7 @@ module JsonLdHelper
def safe_for_forwarding?(original, compacted) def safe_for_forwarding?(original, compacted)
original.without('@context', 'signature').all? do |key, value| original.without('@context', 'signature').all? do |key, value|
compacted_value = compacted[key] compacted_value = compacted[key]
return false unless value.class == compacted_value.class return false unless value.instance_of?(compacted_value.class)
if value.is_a?(Hash) if value.is_a?(Hash)
safe_for_forwarding?(value, compacted_value) safe_for_forwarding?(value, compacted_value)

View File

@ -2,13 +2,8 @@
class CacheBuster class CacheBuster
def initialize(options = {}) def initialize(options = {})
Rails.application.deprecators[:mastodon].warn('Default values for the cache buster secret header name and values will be removed in Mastodon 4.3. Please set them explicitely if you rely on those.') unless options[:http_method] || (options[:secret] && options[:secret_header]) @secret_header = options[:secret_header]
@secret = options[:secret]
@secret_header = options[:secret_header] ||
(options[:http_method] ? nil : 'Secret-Header')
@secret = options[:secret] ||
(options[:http_method] ? nil : 'True')
@http_method = options[:http_method] || 'GET' @http_method = options[:http_method] || 'GET'
end end

View File

@ -269,16 +269,21 @@ class LinkDetailsExtractor
end end
def document def document
@document ||= Nokogiri::HTML(@html, nil, encoding) @document ||= detect_encoding_and_parse_document
end end
def encoding def detect_encoding_and_parse_document
@encoding ||= begin [detect_encoding, nil, @html_charset, 'UTF-8'].uniq.each do |encoding|
guess = detector.detect(@html, @html_charset) document = Nokogiri::HTML(@html, nil, encoding)
guess&.fetch(:confidence, 0).to_i > 60 ? guess&.fetch(:encoding, nil) : nil return document if document.to_s.valid_encoding?
end end
end end
def detect_encoding
guess = detector.detect(@html, @html_charset)
guess&.fetch(:confidence, 0).to_i > 60 ? guess&.fetch(:encoding, nil) : nil
end
def detector def detector
@detector ||= CharlockHolmes::EncodingDetector.new.tap do |detector| @detector ||= CharlockHolmes::EncodingDetector.new.tap do |detector|
detector.strip_tags = true detector.strip_tags = true

View File

@ -2,7 +2,7 @@
class ActivityPub::OutboxSerializer < ActivityPub::CollectionSerializer class ActivityPub::OutboxSerializer < ActivityPub::CollectionSerializer
def self.serializer_for(model, options) def self.serializer_for(model, options)
if model.class.name == 'ActivityPub::ActivityPresenter' if model.instance_of?(::ActivityPub::ActivityPresenter)
ActivityPub::ActivitySerializer ActivityPub::ActivitySerializer
else else
super super

View File

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
class AddAttachmentAvatarToAccounts < ActiveRecord::Migration[4.2] class AddAttachmentAvatarToAccounts < ActiveRecord::Migration[4.2]
def self.up def up
change_table :accounts do |t| change_table :accounts do |t|
# The following corresponds to `t.attachment :avatar` in an older version of Paperclip # The following corresponds to `t.attachment :avatar` in an older version of Paperclip
t.string :avatar_file_name t.string :avatar_file_name
@ -11,7 +11,7 @@ class AddAttachmentAvatarToAccounts < ActiveRecord::Migration[4.2]
end end
end end
def self.down def down
remove_attachment :accounts, :avatar remove_attachment :accounts, :avatar
end end
end end

View File

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
class AddDeviseToUsers < ActiveRecord::Migration[4.2] class AddDeviseToUsers < ActiveRecord::Migration[4.2]
def self.up def up
change_table(:users, bulk: true) do |t| change_table(:users, bulk: true) do |t|
## Database authenticatable ## Database authenticatable
t.string :encrypted_password, null: false, default: '' t.string :encrypted_password, null: false, default: ''
@ -24,7 +24,7 @@ class AddDeviseToUsers < ActiveRecord::Migration[4.2]
add_index :users, :reset_password_token, unique: true add_index :users, :reset_password_token, unique: true
end end
def self.down def down
remove_index :users, :reset_password_token remove_index :users, :reset_password_token
remove_column :users, :encrypted_password remove_column :users, :encrypted_password

View File

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
class AddAttachmentHeaderToAccounts < ActiveRecord::Migration[4.2] class AddAttachmentHeaderToAccounts < ActiveRecord::Migration[4.2]
def self.up def up
change_table :accounts do |t| change_table :accounts do |t|
# The following corresponds to `t.attachment :header` in an older version of Paperclip # The following corresponds to `t.attachment :header` in an older version of Paperclip
t.string :header_file_name t.string :header_file_name
@ -11,7 +11,7 @@ class AddAttachmentHeaderToAccounts < ActiveRecord::Migration[4.2]
end end
end end
def self.down def down
remove_attachment :accounts, :header remove_attachment :accounts, :header
end end
end end

View File

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
class RailsSettingsMigration < ActiveRecord::Migration[5.0] class RailsSettingsMigration < ActiveRecord::Migration[5.0]
def self.up def up
create_table :settings do |t| create_table :settings do |t|
t.string :var, null: false t.string :var, null: false
t.text :value t.text :value
@ -11,7 +11,7 @@ class RailsSettingsMigration < ActiveRecord::Migration[5.0]
add_index :settings, [:target_type, :target_id, :var], unique: true add_index :settings, [:target_type, :target_id, :var], unique: true
end end
def self.down def down
drop_table :settings drop_table :settings
end end
end end

View File

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
class AddAttachmentDataToImports < ActiveRecord::Migration[4.2] class AddAttachmentDataToImports < ActiveRecord::Migration[4.2]
def self.up def up
change_table :imports do |t| change_table :imports do |t|
# The following corresponds to `t.attachment :data` in an older version of Paperclip # The following corresponds to `t.attachment :data` in an older version of Paperclip
t.string :data_file_name t.string :data_file_name
@ -11,7 +11,7 @@ class AddAttachmentDataToImports < ActiveRecord::Migration[4.2]
end end
end end
def self.down def down
remove_attachment :imports, :data remove_attachment :imports, :data
end end
end end

View File

@ -1,7 +1,7 @@
{ {
"name": "@mastodon/mastodon", "name": "@mastodon/mastodon",
"license": "AGPL-3.0-or-later", "license": "AGPL-3.0-or-later",
"packageManager": "yarn@4.3.0", "packageManager": "yarn@4.3.1",
"engines": { "engines": {
"node": ">=18" "node": ">=18"
}, },

View File

@ -0,0 +1,17 @@
HTTP/1.1 200 OK
server: nginx
date: Thu, 13 Jun 2024 14:33:13 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 158
accept-ranges: bytes
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Tofu á l'orange</title>
</head>
<body>
<h2>Tofu á l'orange</h2>
</body>
</html>

View File

@ -28,14 +28,6 @@ describe CacheBuster do
end end
context 'when using default options' do context 'when using default options' do
around do |example|
# Disables the CacheBuster.new deprecation warning about default arguments.
# Remove this `silence` block when default arg support is removed from CacheBuster
Rails.application.deprecators[:mastodon].silence do
example.run
end
end
include_examples 'makes_request' include_examples 'makes_request'
end end

View File

@ -26,6 +26,7 @@ RSpec.describe FetchLinkCardService do
stub_request(:get, 'http://example.com/sjis_with_wrong_charset').to_return(request_fixture('sjis_with_wrong_charset.txt')) stub_request(:get, 'http://example.com/sjis_with_wrong_charset').to_return(request_fixture('sjis_with_wrong_charset.txt'))
stub_request(:get, 'http://example.com/koi8-r').to_return(request_fixture('koi8-r.txt')) stub_request(:get, 'http://example.com/koi8-r').to_return(request_fixture('koi8-r.txt'))
stub_request(:get, 'http://example.com/windows-1251').to_return(request_fixture('windows-1251.txt')) stub_request(:get, 'http://example.com/windows-1251').to_return(request_fixture('windows-1251.txt'))
stub_request(:get, 'http://example.com/low_confidence_latin1').to_return(request_fixture('low_confidence_latin1.txt'))
Rails.cache.write('oembed_endpoint:example.com', oembed_cache) if oembed_cache Rails.cache.write('oembed_endpoint:example.com', oembed_cache) if oembed_cache
@ -148,6 +149,14 @@ RSpec.describe FetchLinkCardService do
end end
end end
context 'with a URL of a page in ISO-8859-1 encoding, that charlock_holmes cannot detect' do
let(:status) { Fabricate(:status, text: 'Check out http://example.com/low_confidence_latin1') }
it 'decodes the HTML' do
expect(status.preview_card.title).to eq("Tofu á l'orange")
end
end
context 'with a Japanese path URL' do context 'with a Japanese path URL' do
let(:status) { Fabricate(:status, text: 'テストhttp://example.com/日本語') } let(:status) { Fabricate(:status, text: 'テストhttp://example.com/日本語') }

View File

@ -13,7 +13,14 @@ ARG NODE_MAJOR_VERSION="20"
# Debian image to use for base image, change with [--build-arg DEBIAN_VERSION="bookworm"] # Debian image to use for base image, change with [--build-arg DEBIAN_VERSION="bookworm"]
ARG DEBIAN_VERSION="bookworm" ARG DEBIAN_VERSION="bookworm"
# Node image to use for base image based on combined variables (ex: 20-bookworm-slim) # Node image to use for base image based on combined variables (ex: 20-bookworm-slim)
FROM docker.io/node:${NODE_MAJOR_VERSION}-${DEBIAN_VERSION}-slim as streaming FROM docker.io/node:${NODE_MAJOR_VERSION}-${DEBIAN_VERSION}-slim AS streaming
# Resulting version string is vX.X.X-MASTODON_VERSION_PRERELEASE+MASTODON_VERSION_METADATA
# Example: v4.3.0-nightly.2023.11.09+pr-123456
# Overwrite existence of 'alpha.X' in version.rb [--build-arg MASTODON_VERSION_PRERELEASE="nightly.2023.11.09"]
ARG MASTODON_VERSION_PRERELEASE=""
# Append build metadata or fork information to version.rb [--build-arg MASTODON_VERSION_METADATA="pr-123456"]
ARG MASTODON_VERSION_METADATA=""
# Timezone used by the Docker container and runtime, change with [--build-arg TZ=Europe/Berlin] # Timezone used by the Docker container and runtime, change with [--build-arg TZ=Europe/Berlin]
ARG TZ="Etc/UTC" ARG TZ="Etc/UTC"

View File

@ -1,7 +1,7 @@
{ {
"name": "@mastodon/streaming", "name": "@mastodon/streaming",
"license": "AGPL-3.0-or-later", "license": "AGPL-3.0-or-later",
"packageManager": "yarn@4.3.0", "packageManager": "yarn@4.3.1",
"engines": { "engines": {
"node": ">=18" "node": ">=18"
}, },
@ -34,7 +34,7 @@
"@types/cors": "^2.8.16", "@types/cors": "^2.8.16",
"@types/express": "^4.17.17", "@types/express": "^4.17.17",
"@types/pg": "^8.6.6", "@types/pg": "^8.6.6",
"@types/uuid": "^9.0.0", "@types/uuid": "^10.0.0",
"@types/ws": "^8.5.9", "@types/ws": "^8.5.9",
"eslint-define-config": "^2.0.0", "eslint-define-config": "^2.0.0",
"pino-pretty": "^11.0.0", "pino-pretty": "^11.0.0",

View File

@ -2928,7 +2928,7 @@ __metadata:
"@types/cors": "npm:^2.8.16" "@types/cors": "npm:^2.8.16"
"@types/express": "npm:^4.17.17" "@types/express": "npm:^4.17.17"
"@types/pg": "npm:^8.6.6" "@types/pg": "npm:^8.6.6"
"@types/uuid": "npm:^9.0.0" "@types/uuid": "npm:^10.0.0"
"@types/ws": "npm:^8.5.9" "@types/ws": "npm:^8.5.9"
bufferutil: "npm:^4.0.7" bufferutil: "npm:^4.0.7"
cors: "npm:^2.8.5" cors: "npm:^2.8.5"
@ -4048,10 +4048,10 @@ __metadata:
languageName: node languageName: node
linkType: hard linkType: hard
"@types/uuid@npm:^9.0.0": "@types/uuid@npm:^10.0.0":
version: 9.0.8 version: 10.0.0
resolution: "@types/uuid@npm:9.0.8" resolution: "@types/uuid@npm:10.0.0"
checksum: 10c0/b411b93054cb1d4361919579ef3508a1f12bf15b5fdd97337d3d351bece6c921b52b6daeef89b62340fd73fd60da407878432a1af777f40648cbe53a01723489 checksum: 10c0/9a1404bf287164481cb9b97f6bb638f78f955be57c40c6513b7655160beb29df6f84c915aaf4089a1559c216557dc4d2f79b48d978742d3ae10b937420ddac60
languageName: node languageName: node
linkType: hard linkType: hard
@ -8948,17 +8948,18 @@ __metadata:
linkType: hard linkType: hard
"glob@npm:^10.2.2, glob@npm:^10.2.6, glob@npm:^10.3.10": "glob@npm:^10.2.2, glob@npm:^10.2.6, glob@npm:^10.3.10":
version: 10.4.1 version: 10.4.2
resolution: "glob@npm:10.4.1" resolution: "glob@npm:10.4.2"
dependencies: dependencies:
foreground-child: "npm:^3.1.0" foreground-child: "npm:^3.1.0"
jackspeak: "npm:^3.1.2" jackspeak: "npm:^3.1.2"
minimatch: "npm:^9.0.4" minimatch: "npm:^9.0.4"
minipass: "npm:^7.1.2" minipass: "npm:^7.1.2"
package-json-from-dist: "npm:^1.0.0"
path-scurry: "npm:^1.11.1" path-scurry: "npm:^1.11.1"
bin: bin:
glob: dist/esm/bin.mjs glob: dist/esm/bin.mjs
checksum: 10c0/77f2900ed98b9cc2a0e1901ee5e476d664dae3cd0f1b662b8bfd4ccf00d0edc31a11595807706a274ca10e1e251411bbf2e8e976c82bed0d879a9b89343ed379 checksum: 10c0/2c7296695fa75a935f3ad17dc62e4e170a8bb8752cf64d328be8992dd6ad40777939003754e10e9741ff8fbe43aa52fba32d6930d0ffa0e3b74bc3fb5eebaa2f
languageName: node languageName: node
linkType: hard linkType: hard
@ -12692,6 +12693,13 @@ __metadata:
languageName: node languageName: node
linkType: hard linkType: hard
"package-json-from-dist@npm:^1.0.0":
version: 1.0.0
resolution: "package-json-from-dist@npm:1.0.0"
checksum: 10c0/e3ffaf6ac1040ab6082a658230c041ad14e72fabe99076a2081bb1d5d41210f11872403fc09082daf4387fc0baa6577f96c9c0e94c90c394fd57794b66aa4033
languageName: node
linkType: hard
"pako@npm:~1.0.5": "pako@npm:~1.0.5":
version: 1.0.11 version: 1.0.11
resolution: "pako@npm:1.0.11" resolution: "pako@npm:1.0.11"