Commit Graph

20620 Commits (53b73ed6a27d2d0efe8424729b3f5a90e6fc3f42)

Author SHA1 Message Date
Claire 53b73ed6a2 Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:25:15 +01:00
Emelia Smith 436419cc2f Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:25:15 +01:00
Claire 3c3ef8b9d3 Add `sidekiq_unique_jobs:delete_all_locks` task and disable `sidekiq-unique-jobs` UI by default (#29199) 2024-02-14 13:42:15 +01:00
Emelia Smith eae436c5a8 Disable administrative doorkeeper routes (#29187) 2024-02-13 20:03:00 +01:00
Emelia Smith b83076647e Ignore legacy moderator and admin columns on User model (#29188) 2024-02-13 20:03:00 +01:00
renovate[bot] 7100106f3f Update dependency sidekiq-unique-jobs to v7.1.33 (#29175)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
renovate[bot] 04da8f887b Update dependency pghero to v3.4.1 (#29144)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
renovate[bot] d9d0a6ef33 Update dependency irb to v1.11.2 (#29135)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
renovate[bot] 93b365bfc0 Update dependency webmock to v3.20.0 (#29120)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
Claire e3c4e90646
Fix new list button being blank (#2616) 2024-02-13 12:48:01 +01:00
Claire 084d051e6c
Merge pull request #2608 from ClearlyClaire/glitch-soc/refactor/monolithic-components-css
Merge SCSS in a single `components.scss` file
2024-02-12 22:18:55 +01:00
Claire c249c10f74 Fix account suggestion size inconsistency with upstream 2024-02-11 21:55:36 +01:00
Claire d391e01b59 Revert notification bar color for now 2024-02-08 21:12:57 +01:00
Claire 3f89cec3c9 Further reduce differences with upstream 2024-02-08 19:52:03 +01:00
Claire f6f62002c7 Remove leftovers from glitch-soc's layout option 2024-02-08 19:21:35 +01:00
Claire 189b70cd6a Merge SCSS in a single `components.scss` file 2024-02-08 18:50:38 +01:00
Claire 8c76a208ed
Merge pull request #2607 from ClearlyClaire/glitch-soc/cherry-pick-upstream
Cherry-pick upstream changes
2024-02-06 21:56:01 +01:00
Eugen Rochko 65eb943b9d Fix confirmation e-mails when signing up through an app (#29064) 2024-02-06 21:00:33 +01:00
Claire 19f1ffe287 Fix self-destruct schedule not actually replacing initial schedule (#29049) 2024-02-06 21:00:09 +01:00
renovate[bot] 5ea36a3606 Update dependency brakeman to v6.1.2 (#29062)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-06 20:59:51 +01:00
renovate[bot] b27cad27c2 Update dependency bootsnap to '~> 1.18.0' (#29019)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-06 20:59:51 +01:00
renovate[bot] 63f1f1465a Update dependency tzinfo-data to v1.2024.1 (#29052)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-06 20:59:51 +01:00
Matt Jankowski 4cd00c0dd9 Update `nsa` gem to version 0.3.0 (#29065) 2024-02-06 20:59:51 +01:00
renovate[bot] c6f7e3a1fb Update dependency haml_lint to v0.56.0 (#29082)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-06 20:59:51 +01:00
renovate[bot] 93aa783aa1 Update dependency nokogiri to v1.16.2 [SECURITY] (#29106)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-06 20:59:51 +01:00
renovate[bot] 868333c86f Update dependency capybara to v3.40.0 (#28966)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-06 20:59:51 +01:00
renovate[bot] ac49514bd6 Update dependency chewy to v7.5.1 (#29018)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-06 20:59:51 +01:00
github-actions[bot] a2611d782c
New Crowdin Translations (automated) (#2588)
* New Crowdin translations

* Fix bogus translation files

---------

Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-06 20:45:07 +01:00
JS Moore 541cbdd963
Add env variable support for number of followable hashtags in feed column (#2500)
* Add env variable support for number of followable hashtags in feed column.

* Add a note about performance concerns for higher values.

See discussion in https://github.com/glitch-soc/mastodon/pull/2500

* Update .devcontainer/docker-compose.yml

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-06 20:23:36 +01:00
Essem 08e511cecb
Fix doodle modal icons (#2597) 2024-02-06 20:22:42 +01:00
Claire 5bc39b3196 Fix build-security docker tags 2024-02-01 20:30:35 +01:00
Claire c3936cbbe3 Temporary hack to correctly tag the security docker image… 2024-02-01 18:40:40 +01:00
Aaron Brady 970320d73c
Restore -streaming suffix for security builds (#2602) 2024-02-01 17:20:08 +01:00
Claire 63d7a30503 Fix build-security workflow for glitch-soc 2024-02-01 16:09:51 +01:00
Claire ff58ec0103 Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:57:08 +01:00
Claire 3866597e24
Merge pull request #2601 from ClearlyClaire/glitch-soc/fixes/security-builds-latest
Fix security builds not being tagged latest
2024-02-01 11:48:45 +01:00
Claire a7b16003e1 Fix security builds not being marked latest 2024-02-01 11:31:29 +01:00
Claire 626ff320cf
Merge pull request #2600 from ClearlyClaire/glitch-soc/fixes/failures
Configure selenium to use Chrome version 120 (#29038)
2024-02-01 11:30:34 +01:00
Matt Jankowski f4416e6b3a Configure selenium to use Chrome version 120 (#29038) 2024-02-01 11:15:23 +01:00
Claire 7bb5f6efbc
Merge pull request #2599 from ClearlyClaire/glitch-soc/build-action
Add github action workflow for manual security builds
2024-02-01 11:14:40 +01:00
Claire 883f589653 Fix missing `workflow_dispatch` trigger for `build-security` (#29041) 2024-02-01 10:58:10 +01:00
Claire 85bdd145dc Adapt workflow to glitch-soc 2024-02-01 10:40:04 +01:00
Claire a48447a6b2 Add github action workflow for manual security builds (#29040) 2024-02-01 10:39:23 +01:00
Claire 8b87673f5e
Remove obsolete locale file (#2596) 2024-01-30 23:21:35 +01:00
Claire 3ede233146
Fix crash in private mention conversations in glitch-soc flavor (#2595) 2024-01-30 22:42:22 +01:00
Claire 80308d384a
[Glitch] Refactor conversations components in web UI (#2589)
Port 3205a654ca to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2024-01-28 14:53:08 +01:00
Claire a4e7cc2d94
Merge pull request #2590 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes up to bf153b384b
2024-01-28 14:47:35 +01:00
Claire bf153b384b Merge commit '42ab855b2339c5cea3229c856ab539f883736b12' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/auth/passwords_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
2024-01-27 19:06:41 +01:00
Claire 420ca90071
Merge pull request #2585 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes up to 3205a654ca
2024-01-27 18:35:29 +01:00
Claire dd7a66949a Fix CSS loading in redirect controller 2024-01-26 21:04:02 +01:00