diff --git a/Gemfile b/Gemfile index 43d8d2fd08..991ef0861d 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ ruby '>= 2.4.0', '< 2.7.0' gem 'pkg-config', '~> 1.3' -gem 'puma', '~> 4.0' +gem 'puma', '~> 4.1' gem 'rails', '~> 5.2.3' gem 'thor', '~> 0.20' @@ -32,7 +32,7 @@ gem 'iso-639' gem 'chewy', '~> 5.0' gem 'cld3', '~> 3.2.4' gem 'devise', '~> 4.6' -gem 'devise-two-factor', '~> 3.0' +gem 'devise-two-factor', '~> 3.1' group :pam_authentication, optional: true do gem 'devise_pam_authenticatable2', '~> 9.2' diff --git a/Gemfile.lock b/Gemfile.lock index 6979c7a0f8..3df823eafe 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -112,7 +112,7 @@ GEM aws-sigv4 (~> 1.1) aws-sigv4 (1.1.0) aws-eventstream (~> 1.0, >= 1.0.2) - bcrypt (3.1.12) + bcrypt (3.1.13) benchmark-ips (2.7.2) better_errors (2.5.1) coderay (>= 1.0.0) @@ -194,11 +194,11 @@ GEM railties (>= 4.1.0, < 6.0) responders warden (~> 1.2.3) - devise-two-factor (3.0.3) - activesupport (< 5.3) + devise-two-factor (3.1.0) + activesupport (< 6.1) attr_encrypted (>= 1.3, < 4, != 2) devise (~> 4.0) - railties (< 5.3) + railties (< 6.1) rotp (~> 2.0) devise_pam_authenticatable2 (9.2.0) devise (>= 4.0.0) @@ -229,8 +229,8 @@ GEM tzinfo excon (0.62.0) fabrication (2.20.2) - faker (2.1.0) - i18n (>= 0.7) + faker (2.1.2) + i18n (>= 0.8) faraday (0.15.0) multipart-post (>= 1.2, < 3) fast_blank (1.0.0) @@ -377,8 +377,8 @@ GEM net-scp (1.2.1) net-ssh (>= 2.6.5) net-ssh (5.0.2) - nio4r (2.3.1) - nokogiri (1.10.3) + nio4r (2.4.0) + nokogiri (1.10.4) mini_portile2 (~> 2.4.0) nokogumbo (2.0.0) nokogiri (~> 1.8, >= 1.8.4) @@ -414,7 +414,7 @@ GEM av (~> 0.9.0) paperclip (>= 2.5.2) parallel (1.17.0) - parallel_tests (2.29.1) + parallel_tests (2.29.2) parallel parser (2.6.3.0) ast (~> 2.4.0) @@ -443,7 +443,7 @@ GEM pry-rails (0.3.9) pry (>= 0.10.4) public_suffix (3.1.1) - puma (4.0.1) + puma (4.1.0) nio4r (~> 2.0) pundit (2.0.1) activesupport (>= 3.0.0) @@ -478,7 +478,7 @@ GEM rails-dom-testing (2.0.3) activesupport (>= 4.2.0) nokogiri (>= 1.6) - rails-html-sanitizer (1.1.0) + rails-html-sanitizer (1.2.0) loofah (~> 2.2, >= 2.2.2) rails-i18n (5.1.3) i18n (>= 0.7, < 2) @@ -521,9 +521,9 @@ GEM regexp_parser (1.6.0) request_store (1.4.1) rack (>= 1.4) - responders (2.4.1) - actionpack (>= 4.2.0, < 6.0) - railties (>= 4.2.0, < 6.0) + responders (3.0.0) + actionpack (>= 5.0) + railties (>= 5.0) rotp (2.1.2) rpam2 (4.0.2) rqrcode (0.10.1) @@ -693,7 +693,7 @@ DEPENDENCIES connection_pool derailed_benchmarks devise (~> 4.6) - devise-two-factor (~> 3.0) + devise-two-factor (~> 3.1) devise_pam_authenticatable2 (~> 9.2) doorkeeper (~> 5.1) dotenv-rails (~> 2.7) @@ -750,7 +750,7 @@ DEPENDENCIES private_address_check (~> 0.5) pry-byebug (~> 3.7) pry-rails (~> 0.3) - puma (~> 4.0) + puma (~> 4.1) pundit (~> 2.0) rack-attack (~> 6.1) rack-cors (~> 1.0) diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb index 1aed1af8dd..1a876b831b 100644 --- a/app/controllers/accounts_controller.rb +++ b/app/controllers/accounts_controller.rb @@ -9,6 +9,8 @@ class AccountsController < ApplicationController before_action :set_cache_headers before_action :set_body_classes + skip_around_action :set_locale, if: -> { request.format == :json } + def show respond_to do |format| format.html do diff --git a/app/controllers/admin/tags_controller.rb b/app/controllers/admin/tags_controller.rb index d62361eaa2..39aca2a4b3 100644 --- a/app/controllers/admin/tags_controller.rb +++ b/app/controllers/admin/tags_controller.rb @@ -71,7 +71,7 @@ module Admin now = Time.now.utc.beginning_of_day.to_date (Date.commercial(now.cwyear, now.cweek)..now).map do |date| - date.to_time.utc.beginning_of_day.to_i + date.to_time(:utc).beginning_of_day.to_i end end end diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 109e38ffab..de8fff30e0 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -14,6 +14,8 @@ class Api::BaseController < ApplicationController protect_from_forgery with: :null_session + skip_around_action :set_locale + rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e| render json: { error: e.to_s }, status: 422 end diff --git a/app/controllers/api/v1/accounts/statuses_controller.rb b/app/controllers/api/v1/accounts/statuses_controller.rb index 8cd8f8e799..13cb4caf12 100644 --- a/app/controllers/api/v1/accounts/statuses_controller.rb +++ b/app/controllers/api/v1/accounts/statuses_controller.rb @@ -3,7 +3,8 @@ class Api::V1::Accounts::StatusesController < Api::BaseController before_action -> { authorize_if_got_token! :read, :'read:statuses' } before_action :set_account - after_action :insert_pagination_headers + + after_action :insert_pagination_headers, unless: -> { truthy_param?(:pinned) } respond_to :json diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index 3d7e61e771..83c412d5cb 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -18,6 +18,8 @@ class StatusesController < ApplicationController before_action :set_body_classes before_action :set_autoplay, only: :embed + skip_around_action :set_locale, if: -> { request.format == :json } + content_security_policy only: :embed do |p| p.frame_ancestors(false) end diff --git a/app/javascript/mastodon/components/button.js b/app/javascript/mastodon/components/button.js index 51e2e6a7a8..eb8dd7dc8e 100644 --- a/app/javascript/mastodon/components/button.js +++ b/app/javascript/mastodon/components/button.js @@ -12,6 +12,7 @@ export default class Button extends React.PureComponent { secondary: PropTypes.bool, size: PropTypes.number, className: PropTypes.string, + title: PropTypes.string, style: PropTypes.object, children: PropTypes.node, }; @@ -54,6 +55,7 @@ export default class Button extends React.PureComponent { onClick={this.handleClick} ref={this.setRef} style={style} + title={this.props.title} > {this.props.text || this.props.children} diff --git a/app/javascript/mastodon/components/status_content.js b/app/javascript/mastodon/components/status_content.js index 76117f1d92..6aa0bfcc26 100644 --- a/app/javascript/mastodon/components/status_content.js +++ b/app/javascript/mastodon/components/status_content.js @@ -166,11 +166,6 @@ export default class StatusContent extends React.PureComponent { } } - handleCollapsedClick = (e) => { - e.preventDefault(); - this.setState({ collapsed: !this.state.collapsed }); - } - setRef = (c) => { this.node = c; } @@ -234,15 +229,19 @@ export default class StatusContent extends React.PureComponent { ); } else if (this.props.onClick) { - return ( + const output = [
- {!!this.state.collapsed && readMoreButton} - {!!status.get('poll') && } -
- ); +
, + ]; + + if (this.state.collapsed) { + output.push(readMoreButton); + } + + return output; } else { return (
diff --git a/app/javascript/mastodon/features/account/components/header.js b/app/javascript/mastodon/features/account/components/header.js index cab67c6078..ac97bad712 100644 --- a/app/javascript/mastodon/features/account/components/header.js +++ b/app/javascript/mastodon/features/account/components/header.js @@ -15,6 +15,7 @@ import DropdownMenuContainer from 'mastodon/containers/dropdown_menu_container'; const messages = defineMessages({ unfollow: { id: 'account.unfollow', defaultMessage: 'Unfollow' }, follow: { id: 'account.follow', defaultMessage: 'Follow' }, + cancel_follow_request: { id: 'account.cancel_follow_request', defaultMessage: 'Cancel follow request' }, requested: { id: 'account.requested', defaultMessage: 'Awaiting approval. Click to cancel follow request' }, unblock: { id: 'account.unblock', defaultMessage: 'Unblock @{name}' }, edit_profile: { id: 'account.edit_profile', defaultMessage: 'Edit profile' }, @@ -148,7 +149,7 @@ class Header extends ImmutablePureComponent { if (!account.get('relationship')) { // Wait until the relationship is loaded actionBtn = ''; } else if (account.getIn(['relationship', 'requested'])) { - actionBtn =