Merge pull request #2754 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes up to 6527d50391
main-rebase-security-fix
Claire 2024-06-24 21:21:37 +02:00 committed by GitHub
commit 9aee910cc1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
15 changed files with 46 additions and 22 deletions

View File

@ -14,9 +14,6 @@
// to `null` after any other rule set it to something.
dependencyDashboardHeader: 'This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. Before approving any upgrade: read the description and comments in the [`renovate.json5` file](https://github.com/mastodon/mastodon/blob/main/.github/renovate.json5).',
postUpdateOptions: ['yarnDedupeHighest'],
lockFileMaintenance: {
enabled: true,
},
packageRules: [
{
// Require Dependency Dashboard Approval for major version bumps of these node packages

View File

@ -1,4 +1,7 @@
---
Rails/BulkChangeTable:
Enabled: false # Conflicts with strong_migrations features
Rails/FilePath:
EnforcedStyle: arguments
@ -18,6 +21,3 @@ Rails/RakeEnvironment:
Rails/SkipsModelValidations:
Enabled: false
Rails/UnusedIgnoredColumns:
Enabled: false # Preserve ability to migrate from arbitrary old versions

View File

@ -532,7 +532,7 @@ GEM
opentelemetry-instrumentation-excon (0.22.3)
opentelemetry-api (~> 1.0)
opentelemetry-instrumentation-base (~> 0.22.1)
opentelemetry-instrumentation-faraday (0.24.4)
opentelemetry-instrumentation-faraday (0.24.5)
opentelemetry-api (~> 1.0)
opentelemetry-instrumentation-base (~> 0.22.1)
opentelemetry-instrumentation-http (0.23.3)

View File

@ -118,6 +118,7 @@
"confirmations.delete_list.confirm": "Tanggalin",
"confirmations.delete_list.message": "Sigurado ka bang gusto mong burahin ang listahang ito?",
"confirmations.discard_edit_media.confirm": "Ipagpaliban",
"confirmations.domain_block.confirm": "Harangan ang serbiro",
"confirmations.edit.confirm": "Baguhin",
"confirmations.reply.confirm": "Tumugon",
"conversation.mark_as_read": "Markahan bilang nabasa na",
@ -186,6 +187,7 @@
"follow_request.authorize": "Tanggapin",
"follow_request.reject": "Tanggihan",
"follow_suggestions.dismiss": "Huwag nang ipakita muli",
"follow_suggestions.popular_suggestion_longer": "Sikat sa {domain}",
"follow_suggestions.view_all": "Tingnan lahat",
"follow_suggestions.who_to_follow": "Sinong maaaring sundan",
"footer.about": "Tungkol dito",
@ -220,6 +222,7 @@
"link_preview.author": "Ni/ng {name}",
"lists.account.add": "Idagdag sa talaan",
"lists.account.remove": "Tanggalin mula sa talaan",
"lists.delete": "Burahin ang talaan",
"lists.new.create": "Idagdag sa talaan",
"lists.new.title_placeholder": "Bagong pangalan ng talaan",
"lists.replies_policy.title": "Ipakita ang mga tugon sa:",
@ -287,9 +290,13 @@
"reply_indicator.cancel": "Ipagpaliban",
"report.block": "Harangan",
"report.categories.other": "Iba pa",
"report.categories.violation": "Lumalabag ang nilalaman sa isa o higit pang mga patakaran ng serbiro",
"report.category.subtitle": "Piliin ang pinakamahusay na tugma",
"report.category.title": "Sabihin mo sa amin kung anong nangyari sa {type} na ito",
"report.close": "Tapos na",
"report.next": "Sunod",
"report.placeholder": "Mga Karagdagang Puna",
"report.reasons.dislike": "Hindi ko gusto ito",
"report.reasons.violation": "Lumalabag ito sa mga panuntunan ng serbiro",
"report.reasons.violation_description": "Alam mo na lumalabag ito sa mga partikular na panuntunan",
"report.rules.title": "Aling mga patakaran ang nilabag?",

View File

@ -415,6 +415,7 @@
"limited_account_hint.title": "Este perfil foi ocultado pelos moderadores do {domain}.",
"link_preview.author": "Por {name}",
"link_preview.more_from_author": "Mais de {name}",
"link_preview.shares": "{count, plural, one {{counter} publicação} other {{counter} publicações}}",
"lists.account.add": "Adicionar à lista",
"lists.account.remove": "Remover da lista",
"lists.delete": "Excluir lista",
@ -695,8 +696,11 @@
"server_banner.about_active_users": "Pessoas usando este servidor durante os últimos 30 dias (Usuários ativos mensalmente)",
"server_banner.active_users": "usuários ativos",
"server_banner.administered_by": "Administrado por:",
"server_banner.is_one_of_many": "{domain} é um dos muitos servidores Mastodon independentes que você pode usar para participar do fediverso.",
"server_banner.server_stats": "Estatísticas do servidor:",
"sign_in_banner.create_account": "Criar conta",
"sign_in_banner.follow_anyone": "Siga alguém pelo fediverso e veja tudo em ordem cronológica. Sem algoritmos, anúncios ou clickbait à vista.",
"sign_in_banner.mastodon_is": "O Mastodon é a melhor maneira de acompanhar o que está acontecendo.",
"sign_in_banner.sign_in": "Entrar",
"sign_in_banner.sso_redirect": "Entrar ou Registrar-se",
"status.admin_account": "Abrir interface de moderação para @{name}",

View File

@ -62,7 +62,7 @@
"account.requested": "正在等候審核。按一下以取消跟隨請求",
"account.requested_follow": "{name} 要求跟隨您",
"account.share": "分享 @{name} 的個人檔案",
"account.show_reblogs": "顯示來自 @{name} 的",
"account.show_reblogs": "顯示來自 @{name} 的嘟",
"account.statuses_counter": "{count, plural,one {{counter} 則}other {{counter} 則}}嘟文",
"account.unblock": "解除封鎖 @{name}",
"account.unblock_domain": "解除封鎖網域 {domain}",

View File

@ -43,7 +43,7 @@ class StatusEdit < ApplicationRecord
scope :ordered, -> { order(id: :asc) }
delegate :local?, :application, :edited?, :edited_at,
:discarded?, :visibility, to: :status
:discarded?, :visibility, :language, to: :status
def emojis
return @emojis if defined?(@emojis)

View File

@ -3,13 +3,17 @@
if ENV['STATSD_ADDR'].present?
host, port = ENV['STATSD_ADDR'].split(':')
statsd = Statsd.new(host, port)
statsd.namespace = ENV.fetch('STATSD_NAMESPACE') { ['Mastodon', Rails.env].join('.') }
begin
statsd = Statsd.new(host, port)
statsd.namespace = ENV.fetch('STATSD_NAMESPACE') { ['Mastodon', Rails.env].join('.') }
NSA.inform_statsd(statsd) do |informant|
informant.collect(:action_controller, :web)
informant.collect(:active_record, :db)
informant.collect(:active_support_cache, :cache)
informant.collect(:sidekiq, :sidekiq) if ENV['STATSD_SIDEKIQ'] == 'true'
NSA.inform_statsd(statsd) do |informant|
informant.collect(:action_controller, :web)
informant.collect(:active_record, :db)
informant.collect(:active_support_cache, :cache)
informant.collect(:sidekiq, :sidekiq) if ENV['STATSD_SIDEKIQ'] == 'true'
end
rescue
Rails.logger.warn("statsd address #{ENV['STATSD_ADDR']} not reachable, proceeding without statsd")
end
end

View File

@ -135,6 +135,7 @@ pt-BR:
media: Mídias anexadas
mutes: Silenciados
notifications: Notificações
profile: Seu perfil do Mastodon
push: Notificações push
reports: Denúncias
search: Buscar
@ -165,6 +166,7 @@ pt-BR:
admin:write:reports: executar ações de moderação em denúncias
crypto: usar criptografia de ponta-a-ponta
follow: alterar o relacionamento das contas
profile: ler somente as informações do perfil da sua conta
push: receber notificações push
read: ler todos os dados da sua conta
read:accounts: ver informações das contas

View File

@ -293,6 +293,7 @@ pt-BR:
filter_by_action: Filtrar por ação
filter_by_user: Filtrar por usuário
title: Auditar histórico
unavailable_instance: "(nome de domínio indisponível)"
announcements:
destroyed_msg: Anúncio excluído!
edit:

View File

@ -1699,6 +1699,7 @@ ru:
import: Импорт
import_and_export: Импорт и экспорт
migrate: Миграция учётной записи
notifications: Уведомления по электронной почте
preferences: Настройки
profile: Профиль
relationships: Подписки и подписчики
@ -1706,6 +1707,9 @@ ru:
strikes: Замечания модерации
two_factor_authentication: Подтверждение входа
webauthn_authentication: Ключи безопасности
severed_relationships:
event_type:
user_domain_block: Вы заблокировали %{target_name}
statuses:
attached:
audio:

View File

@ -44,6 +44,11 @@ describe Admin::StatusesController do
describe 'GET #show' do
before do
status.media_attachments << Fabricate(:media_attachment, type: :image, account: status.account)
status.save!
status.snapshot!(at_time: status.created_at, rate_limit: false)
status.update!(text: 'Hello, this is an edited post')
status.snapshot!(rate_limit: false)
get :show, params: { account_id: account.id, id: status.id }
end

View File

@ -110,4 +110,4 @@ USER mastodon
# Expose default Streaming ports
EXPOSE 4000
# Run streaming when started
CMD [ node ./streaming/index.js ]
CMD [ "node", "./streaming/index.js" ]

View File

@ -12,7 +12,7 @@ import { Redis } from 'ioredis';
import { JSDOM } from 'jsdom';
import pg from 'pg';
import pgConnectionString from 'pg-connection-string';
import WebSocket from 'ws';
import { WebSocketServer } from 'ws';
import { AuthenticationError, RequestError, extractStatusAndMessage as extractErrorStatusAndMessage } from './errors.js';
import { logger, httpLogger, initializeLogLevel, attachWebsocketHttpLogger, createWebsocketLogger } from './logging.js';
@ -289,7 +289,7 @@ const CHANNEL_NAMES = [
const startServer = async () => {
const pgPool = new pg.Pool(pgConfigFromEnv(process.env));
const server = http.createServer();
const wss = new WebSocket.Server({ noServer: true });
const wss = new WebSocketServer({ noServer: true });
// Set the X-Request-Id header on WebSockets:
wss.on("headers", function onHeaders(headers, req) {

View File

@ -3625,11 +3625,11 @@ __metadata:
linkType: hard
"@types/http-link-header@npm:^1.0.3":
version: 1.0.5
resolution: "@types/http-link-header@npm:1.0.5"
version: 1.0.6
resolution: "@types/http-link-header@npm:1.0.6"
dependencies:
"@types/node": "npm:*"
checksum: 10c0/adeb13381b38c3625478149820772924c154b4a7250dca62c346810a8378f8968fc7f3a9a4f55ec61de5d06083637540f862c8a920f6a710310c9645d19a077d
checksum: 10c0/63f3f7ab5ff6312280727ba8cf836abf5d1b76f9dc5eefc8cd4389db29d57a72fb0e028db99735ada5ccfd3c2cc6607e096b5cc142fc53c2bb5688b6295f61af
languageName: node
linkType: hard