e62904bcba
Update sanitize and loofah ( #6855 )
...
Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS
vulnerabilities present in these gems when built against
libxml2 >= 2.9.2.
2018-03-21 17:43:28 +01:00
53b1100144
Permit dots in usernames with conditions ( #6844 )
...
* Permit dots in usernames with conditions
- Dot cannot be the start or end of username
- a.lice and al.ice are considered the same during sign-up
* Fix regex mixin flags
2018-03-21 10:26:53 +01:00
dbd18c5cfe
Remove debug option from Babel preset env ( #6852 )
2018-03-21 10:26:15 +01:00
8ccf42c149
Bump version to 2.3.2rc4
2018-03-20 23:49:24 +01:00
59b3b38b0e
Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env ( #6845 )
...
Fix #6816 , fix #6790
2018-03-20 19:41:51 +01:00
a4d7afa3d9
Fix i18n fallback configuration conflicts with environment configurations ( #6843 )
2018-03-20 16:36:20 +01:00
ab96a9ff11
Use username/domain to match existing accounts in ActivityPub ( #6842 )
...
See also: #6837 , #6667
2018-03-20 14:57:46 +01:00
ca370217ad
Cancel outdated pending compose suggestions ( #6838 )
2018-03-20 12:40:12 +01:00
4c91be94d3
request: in the event of failure, try other IPs ( #6761 ) ( #6813 )
...
* request: in the event of failure, try other IPs (#6761 )
In the case where a name has multiple A/AAAA records, we should
try subsequent records instead of immediately failing when we have a
failure on the first IP address.
This significantly improves delivery success when there are network
connectivity problems affecting only IPv4 or IPv6.
* fix method call style
* request_spec: adjust test case to use Addrinfo
* request: Request/open: move private addr check to within begin/rescue
* request_spec: add case to test failover, fix exception check
* Double Addrinfo.foreach so that it correctly yields instances
2018-03-20 09:06:08 +01:00
99790407e2
Serialize mentions in the order they are added ( #6836 )
...
Up until now, the order seemed to be in the *opposite* order,
which caused the WebUI to populate mentions in reversed order
when replying to toots local to one's instance.
2018-03-19 20:19:35 +01:00
c4c87b8ee8
Display content warning in mail notification emails ( #6832 )
2018-03-19 20:12:20 +01:00
af08f6042d
rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) ( #6833 )
2018-03-19 20:09:26 +01:00
4fc9827b69
bugfixes and gem update ( #6831 )
...
* update to new version of devise_pam_authenticatable2
* fix behaviour if suffix is nil, fix environment loading, fix user email creation
* code cleanup/fix linter warning
2018-03-19 20:08:56 +01:00
720a45e99f
Fix e-mail changed notification ( fixes #6778 ) ( #6835 )
...
In Devise::Mailer#email_changed, the new email might be in the email attr.
See: https://github.com/plataformatec/devise/blob/master/app/views/devise/mailer/email_changed.html.erb
2018-03-19 20:07:47 +01:00
9bdedcfa48
Weblate translations 20180319 ( #6827 )
...
* Translated using Weblate (Portuguese (Brazil))
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/pt_BR/
* Translated using Weblate (Spanish)
Currently translated at 99.6% (579 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/es/
* Translated using Weblate (Spanish)
Currently translated at 100.0% (58 of 58 strings)
Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/es/
* Translated using Weblate (Japanese)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ja/
* Translated using Weblate (French)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fr/
* Translated using Weblate (Spanish)
Currently translated at 100.0% (58 of 58 strings)
Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/es/
* Translated using Weblate (Indonesian)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/
* Translated using Weblate (Spanish)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/es/
* Translated using Weblate (Indonesian)
Currently translated at 94.6% (71 of 75 strings)
Translation: Mastodon/Doorkeeper
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/doorkeeper/id/
* Translated using Weblate (Indonesian)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/
* Translated using Weblate (Arabic)
Currently translated at 100.0% (62 of 62 strings)
Translation: Mastodon/Devise
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/devise/ar/
* Translated using Weblate (Indonesian)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/
* Translated using Weblate (Dutch)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/nl/
* Translated using Weblate (Arabic)
Currently translated at 75.5% (439 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/
* Translated using Weblate (Arabic)
Currently translated at 76.2% (443 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/
* Translated using Weblate (Russian)
Currently translated at 95.8% (557 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ru/
* Translated using Weblate (Finnish)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fi/
* Translated using Weblate (Slovak)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/sk/
* Translated using Weblate (Slovak)
Currently translated at 91.7% (533 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/
* Translated using Weblate (Dutch)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/nl/
* Translated using Weblate (Spanish)
Currently translated at 99.8% (580 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/es/
* Translated using Weblate (Finnish)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fi/
* Translated using Weblate (Slovak)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/sk/
* Translated using Weblate (Spanish)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/es/
* Translated using Weblate (Swedish)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/sv/
* Translated using Weblate (Finnish)
Currently translated at 93.1% (54 of 58 strings)
Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/fi/
* Translated using Weblate (Arabic)
Currently translated at 76.7% (446 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/
* Translated using Weblate (Slovak)
Currently translated at 93.2% (542 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/
* Translated using Weblate (Arabic)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ar/
* Normalize translations
Ran i18n-tasks normalize && yarn manage:translations
2018-03-19 15:12:06 +01:00
fd86b58568
Bump version to 2.3.2rc3
2018-03-19 12:20:57 +01:00
f0bc8e8a89
Ignore media validation when attaching to status during processing ( #6822 )
...
Fix #6821
2018-03-19 01:51:19 +01:00
b95c3ef3ee
Revert #6479 , hide sensitive text/images from OpenGraph previews ( #6818 )
...
Display summary of attachments in description, and mark up content
warning if present, e.g.:
Attached: 3 images · Content warning: Dota 2
When text is not supposed to be hidden, it looks more like:
Attached: 3 images
Here is the text of the toot
With #6817 , multilinguagility should be assured...
2018-03-18 20:33:07 +01:00
6d00359015
Fix elephant graphic being draggable and selectable ( #6819 )
2018-03-18 20:32:44 +01:00
77badbc85a
If DEFAULT_LOCALE is set, enforce it instead of HTTP request locale ( #6817 )
...
Fix #6784
2018-03-18 16:57:04 +01:00
cabb197337
Synchronize HTML page cache with sessions ( #6815 )
2018-03-18 15:14:38 +01:00
2902b97c83
Add entropy to download filenames ( #6811 )
...
pretty quick fix, and with the 1 week expiration i don't think we need to be too worried about the existing files
closes #6798
2018-03-17 17:39:28 +01:00
a9538ac293
Bump version to 2.3.2rc2
2018-03-17 15:28:52 +01:00
a235678802
Re-add git and nodejs-npm to Dockerfile ( #6810 )
...
Fix #6809
I don't know why, either
2018-03-17 15:28:09 +01:00
d35272245e
Revert "Upgrade Paperclip to version 6.0.0" ( #6807 )
...
* Revert "Bump version to 2.3.2rc1"
This reverts commit 64d5c8a512#6806 )"
This reverts commit 36734278ba#6782 )"
This reverts commit 8f374100ed#6800 )"
This reverts commit 7b247b15f2#6754 )"
This reverts commit cd6dee83a1
2018-03-17 14:20:35 +01:00
64d5c8a512
Bump version to 2.3.2rc1
2018-03-17 14:07:00 +01:00
36734278ba
Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 ( #6806 )
...
Fix 6734
2018-03-17 14:06:25 +01:00
8f374100ed
Handle Mastodon::HostValidationError when pulling remoteable assets ( #6782 )
...
This will prevent, for example, `rake mastodon:redownload_avatars` from crashing when an instance is no longer responding to connection attempts, instead silently continuing as expected.
2018-03-17 13:27:50 +01:00
7b247b15f2
Correct the reference to user's password in mastodon:add_user task ( #6800 )
2018-03-17 13:27:19 +01:00
cd6dee83a1
Upgrade Paperclip to version 6.0.0 ( #6754 )
2018-03-17 12:37:58 +01:00
e3984f76a4
Properly center .nothing-here ( #6787 ) ( #6788 )
...
Apply "margin: 0 auto;" at line 443 to fix issue #6787
2018-03-17 12:35:35 +01:00
8b645b5bca
Cache HTML page with Service Worker ( #6802 )
...
This is the first step to make Mastodon work offline. It is also required
by Chromium to trigger Web Manifest automated install prompt.
2018-03-17 12:35:13 +01:00
354d34a053
[Nanobox] Stream backups to the warehouse ( #6799 )
...
The `curl` docs are terrible. Use `-X POST -T` instead of `--data-binary`, to avoid loading entire backups into memory _before_ transferring to the warehouse, and just stream the data across as it comes in.
2018-03-17 08:39:14 +01:00
ba9b93b08b
i18n: Update Polish translation ( #6780 )
...
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-03-14 02:17:48 +09:00
b83c1d7c5d
Weblate translations (2018-03-13) ( #6777 )
...
* Translated using Weblate (Portuguese (Brazil))
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/pt_BR/
* Translated using Weblate (Spanish)
Currently translated at 99.6% (579 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/es/
* Translated using Weblate (Spanish)
Currently translated at 100.0% (58 of 58 strings)
Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/es/
* Translated using Weblate (Japanese)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ja/
* Translated using Weblate (French)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fr/
* Translated using Weblate (Spanish)
Currently translated at 100.0% (58 of 58 strings)
Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/es/
* Translated using Weblate (Indonesian)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/
* Translated using Weblate (Spanish)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/es/
* Translated using Weblate (Indonesian)
Currently translated at 94.6% (71 of 75 strings)
Translation: Mastodon/Doorkeeper
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/doorkeeper/id/
* Translated using Weblate (Indonesian)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/
* Translated using Weblate (Arabic)
Currently translated at 100.0% (62 of 62 strings)
Translation: Mastodon/Devise
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/devise/ar/
* Translated using Weblate (Indonesian)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/
* Translated using Weblate (Dutch)
Currently translated at 100.0% (280 of 280 strings)
Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/nl/
* Translated using Weblate (Arabic)
Currently translated at 75.5% (439 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/
* Translated using Weblate (Arabic)
Currently translated at 76.2% (443 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/
* Translated using Weblate (Russian)
Currently translated at 95.8% (557 of 581 strings)
Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ru/
* Normalize translations
Ran i18n-tasks normalize && yarn manage:translations
2018-03-13 16:16:51 +01:00
61ad11683d
Bump version to 2.3.1
2018-03-13 15:50:15 +01:00
5605b5ad7a
Hide loading bar on status interactions ( #6774 )
2018-03-13 14:30:01 +01:00
3bf841c74e
Bump version to 2.3.1rc3
2018-03-13 09:21:21 +01:00
2fc9ce3b90
Merge branch 'kagucho-spoiler'
2018-03-13 09:18:27 +01:00
66da2b8db3
Merge branch 'spoiler' of git://github.com/kagucho/mastodon into kagucho-spoiler
2018-03-13 09:18:11 +01:00
3a29705806
Log BackupWorker backtrace, delete Backup if retries exhausted ( #6769 )
2018-03-13 08:15:24 +01:00
aef3f2775e
Fix #6757 : Adjust RTL styles for landing page ( #6768 )
2018-03-13 08:14:08 +01:00
3d86e754f4
Change the title of sensitive button by state ( #6771 )
...
Icon showing the state may be confusing. (does the slahed eye icon mean
the state that it is sensitive, or to mark it as sensitive?) Moreover, it
may not help for blind people.
The title will give the precise representation of the current state.
2018-03-13 08:10:12 +01:00
c81215b994
Change the title of spoiler button by state
...
The title will give the precise representation of the current state. It
would be helpful for blind people.
2018-03-13 15:58:55 +09:00
59b769ff06
Fix #6762 : Do not overwrite some status attributes in reducer ( #6767 )
2018-03-13 07:16:43 +01:00
6088de7bdd
[Nanobox] Fix DB backup task ( #6766 )
...
Not sure how I missed that it had been using the wrong evar this entire time...
2018-03-13 06:07:02 +01:00
3544f19528
Do not run lint in Travis CI ( #6763 )
...
Lint is done by codeclimate
2018-03-13 06:06:14 +01:00
44917a10ad
Detailed SMTP setup ( #6759 )
...
* add detailed SMTP settings setup in mastodon:setup
* add localhost SMTP settings setup in mastodon:setup
* SMTP settings setup should exit after successful delivery of test mail
2018-03-12 21:41:26 +01:00
aa3b1144d1
set SAFETY_ASSURED=1 of db:setup in mastodon:setup ( #6758 )
2018-03-12 16:21:48 +01:00
9350e691cc
Bump version to 2.3.1rc2
2018-03-12 12:48:49 +01:00
Patrick Figel