Eugen Rochko
50fa554899
Add rate limit for reporting ( #13390 )
2020-04-05 14:40:08 +02:00
ThibG
edce6fc98f
Fix “Show more” not switching to “Show less” on public pages ( #13174 )
...
* Fix “Show more” not switching to “Show less” on public pages
Fixes #13169
* Fix initial text of CW button on public pages when CW are unfolded by default
2020-04-05 14:02:22 +02:00
Shlee
d0faa56fcf
Update .ruby-version ( #13395 )
2020-04-05 13:58:43 +02:00
Shlee
68bc5ef550
[Security] Update Dockerfile for Ruby 2.6.6 ( #13393 )
2020-04-05 12:52:07 +02:00
ThibG
ef48ffc127
Fix PostgreSQL load when linking in announcements ( #13250 )
...
* Fix PostgreSQL load when linking in announcements
Fixes #13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
2020-04-05 12:51:22 +02:00
Eugen Rochko
c7c2a46967
Bump version to 3.1.3 ( #13389 )
2020-04-05 06:23:46 +02:00
Eugen Rochko
aa18f4e7d1
Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 ( #13387 )
...
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
2020-04-04 23:24:59 +02:00
ThibG
ffd6f3fa8a
Add explanation as to why unlocked accounts may have follow requests ( #13385 )
...
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
2020-04-04 19:02:10 +02:00
Shlee
97e51733ff
Update config.yml ( #13379 )
2020-04-04 15:52:42 +02:00
fuyu
d527154807
Update Vagrant box to Bionic ( #13384 )
2020-04-04 15:47:48 +02:00
Eugen Rochko
6932e0e2af
Add ability to filter audit log in admin UI ( #13381 )
2020-04-03 13:06:34 +02:00
dependabot-preview[bot]
37e867d3f2
Bump rspec-rails from 3.9.1 to 4.0.0 ( #13364 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-02 18:54:41 +02:00
Sasha Sorokin
abbc0c6a87
Improve polls: option lengths & redesign ( #13257 )
...
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
2020-04-02 17:10:55 +02:00
Eugen Rochko
7045cb5d5c
Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` ( #13375 )
...
Fix #13371
2020-04-02 05:28:51 +02:00
Eugen Rochko
11deb933f5
Fix returning results when searching for URL with non-zero offset ( #13377 )
...
Fix #13083
2020-04-02 03:39:37 +02:00
Eugen Rochko
c2fc9bca81
Fix pinning a column in web UI sometimes redirecting out of web UI ( #13376 )
...
Fix #13216
2020-04-02 03:12:10 +02:00
dependabot-preview[bot]
61a3db761e
Bump json-ld from 3.1.1 to 3.1.2 ( #13368 )
...
Bumps [json-ld](https://github.com/ruby-rdf/json-ld ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases )
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:05:33 +09:00
dependabot-preview[bot]
cf2f9e48f5
Bump json-ld-preloaded from 3.1.1 to 3.1.2 ( #13365 )
...
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases )
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:05:26 +09:00
dependabot-preview[bot]
53438a329f
Bump bootsnap from 1.4.5 to 1.4.6 ( #13369 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:02:35 +09:00
dependabot-preview[bot]
186c25dc7a
Bump tty-prompt from 0.20.0 to 0.21.0 ( #13366 )
...
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt ) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases )
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md )
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:02:24 +09:00
dependabot-preview[bot]
4add5dd7ff
Bump faker from 2.10.1 to 2.11.0 ( #13363 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:01:50 +09:00
dependabot-preview[bot]
a10a1389f7
Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 ( #13367 )
...
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs ) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases )
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 09:50:25 +09:00
Eugen Rochko
b1c596e8f3
Fix background jobs not using locks like they are supposed to ( #13361 )
...
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix #13349
2020-03-31 21:59:03 +02:00
Mélanie Chauvel (ariasuni)
899ff914da
Improve toot clicking areas ( #13327 )
...
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
2020-03-31 19:40:23 +02:00
Eugen Rochko
8fa78c0ec8
Fix re-sending of e-mail confirmation not being rate limited ( #13360 )
...
Fix #13330
2020-03-31 18:20:48 +02:00
dependabot-preview[bot]
241916b0dd
Bump autoprefixer from 9.7.4 to 9.7.5 ( #13338 )
...
Bumps [autoprefixer](https://github.com/postcss/autoprefixer ) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases )
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 23:41:52 +09:00
dependabot-preview[bot]
77a0c79427
Bump @babel/preset-react from 7.8.3 to 7.9.4 ( #13335 )
...
Bumps [@babel/preset-react](https://github.com/babel/babel ) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 23:37:30 +09:00
dependabot-preview[bot]
7f0d2f4cc7
Bump babel-loader from 8.0.6 to 8.1.0 ( #13333 )
...
Bumps [babel-loader](https://github.com/babel/babel-loader ) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases )
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:15:37 +09:00
dependabot-preview[bot]
9f4d4b46e7
Bump yargs from 15.1.0 to 15.3.1 ( #13334 )
...
Bumps [yargs](https://github.com/yargs/yargs ) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases )
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:15:06 +09:00
dependabot-preview[bot]
0c725a074b
Bump @babel/preset-env from 7.8.3 to 7.9.0 ( #13336 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel ) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:13:31 +09:00
dependabot-preview[bot]
8091b8d433
Bump babel-jest from 25.1.0 to 25.2.4 ( #13332 )
...
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest ) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:12:52 +09:00
dependabot-preview[bot]
fa494a085c
Bump stringz from 2.0.0 to 2.1.0 ( #13331 )
...
Bumps [stringz](https://github.com/sallar/stringz ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases )
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sallar/stringz/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:11:00 +09:00
dependabot-preview[bot]
b0915c7c49
Bump react from 16.12.0 to 16.13.1 ( #13337 )
...
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react ) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases )
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:10:25 +09:00
dependabot-preview[bot]
5607fae147
Bump concurrent-ruby from 1.1.5 to 1.1.6 ( #13346 )
...
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby ) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases )
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:09:14 +09:00
ThibG
41ca3cdb37
Fix content warning being unnecessarily cleared when enabling/disabling CW ( #13348 )
2020-03-31 14:10:18 +02:00
dependabot-preview[bot]
ee400d1c6c
Bump uuid from 3.4.0 to 7.0.2 ( #13295 )
...
Bumps [uuid](https://github.com/uuidjs/uuid ) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases )
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:47:04 +02:00
dependabot-preview[bot]
28b80460f1
Bump parallel_tests from 2.30.1 to 2.32.0 ( #13341 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:44:33 +02:00
Takeshi Umeda
1c2a286244
Fix ImportsController param to permit :mode ( #13347 )
2020-03-31 12:43:42 +02:00
dependabot-preview[bot]
a6f9f5aaaa
Bump better_errors from 2.5.1 to 2.6.0 ( #13340 )
...
Bumps [better_errors](https://github.com/BetterErrors/better_errors ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases )
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:42:44 +02:00
dependabot-preview[bot]
31057178a7
Bump ox from 2.12.1 to 2.13.2 ( #13342 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:42:17 +02:00
dependabot-preview[bot]
8b0500e8b0
Bump iso-639 from 0.2.8 to 0.3.5 ( #13343 )
...
Bumps [iso-639](https://github.com/xwmx/iso-639 ) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases )
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:41:55 +02:00
dependabot-preview[bot]
d5046055c3
Bump oj from 3.10.3 to 3.10.5 ( #13345 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:40:54 +02:00
dependabot-preview[bot]
7186329a38
Bump pg from 1.2.2 to 1.2.3 ( #13344 )
...
Bumps [pg](https://github.com/ged/ruby-pg ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases )
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc )
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:40:33 +02:00
Mélanie Chauvel (ariasuni)
5a211c478d
Fix wrong color for ellipsis in boost confirmation dialog in Web UI ( #13355 )
2020-03-31 12:39:50 +02:00
Takeshi Umeda
02b0321713
Fix incorrect deletion of local accounts imported by overwriting ( #13350 )
2020-03-30 20:32:34 +02:00
ThibG
1a993f9675
Fix 404 and 410 API errors being silently discarded in WebUI ( #13279 )
...
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes #13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
2020-03-28 17:59:45 +01:00
ThibG
246c4d4fbf
Fix OCR not working on Safari because of unsupported worker-src CSP ( #13323 )
...
Fixes #13321
2020-03-27 22:35:57 +01:00
dependabot-preview[bot]
8e4eaaf71e
Bump brakeman from 4.7.2 to 4.8.0 ( #13309 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-27 22:35:49 +01:00
ThibG
5e544da8a4
Fix Paperclip using deprecated URI.escape function ( #13320 )
...
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
2020-03-26 15:09:16 +01:00
dependabot-preview[bot]
e4a6343e62
Bump webpack from 4.41.5 to 4.42.1 ( #13319 )
...
Bumps [webpack](https://github.com/webpack/webpack ) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases )
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-26 12:45:12 +09:00