Commit Graph

280 Commits (5fc38acb504619c38badca8d86a97c71bea7d591)

Author SHA1 Message Date
Eugen Rochko 6c328374b4 Remove unused ruby-progressbar dependency (#8896)
* Remove unused ruby-progressbar dependency

* Remove unused colorize dependency
2018-10-06 08:33:26 +09:00
dependabot[bot] 524282ff6b Bump parallel_tests from 2.21.3 to 2.23.0 (#8884)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.21.3 to 2.23.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.21.3...v2.23.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 18:59:35 +02:00
dependabot[bot] b4fedcc15e Bump puma from 3.11.4 to 3.12.0 (#8883)
Bumps [puma](https://github.com/puma/puma) from 3.11.4 to 3.12.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.11.4...v3.12.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 18:58:13 +02:00
dependabot[bot] dba3a17481 Bump fog-openstack, rspec-rails and fog-core (#8877)
Bumps [fog-openstack](https://github.com/fog/fog-openstack), [rspec-rails](https://github.com/rspec/rspec-rails) and [fog-core](https://github.com/fog/fog-core). These dependencies needed to be updated together.

Updates `fog-openstack` from 0.3.6 to 1.0.3
- [Release notes](https://github.com/fog/fog-openstack/releases)
- [Changelog](https://github.com/fog/fog-openstack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fog/fog-openstack/compare/v0.3.6...v1.0.3)

Updates `rspec-rails` from 3.7.2 to 3.8.0
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.7.2...v3.8.0)

Updates `fog-core` from 1.45.0 to 2.1.2
- [Release notes](https://github.com/fog/fog-core/releases)
- [Changelog](https://github.com/fog/fog-core/blob/master/changelog.md)
- [Commits](https://github.com/fog/fog-core/compare/v1.45.0...v2.1.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 15:35:18 +02:00
dependabot[bot] 5c7944c05d Bump webmock from 3.3.0 to 3.4.2 (#8874)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.3.0 to 3.4.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.3.0...v3.4.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:34:17 +02:00
dependabot[bot] f2fb5ff317 Bump fuubar from 2.3.1 to 2.3.2 (#8875)
Bumps [fuubar](https://github.com/thekompanee/fuubar) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/thekompanee/fuubar/releases)
- [Changelog](https://github.com/thekompanee/fuubar/blob/master/CHANGELOG.md)
- [Commits](https://github.com/thekompanee/fuubar/compare/releases/v2.3.1...releases/v2.3.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:33:02 +02:00
dependabot[bot] d5137ab0e0 Bump http from 3.2.0 to 3.3.0 (#8871)
Bumps [http](https://github.com/httprb/http) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/httprb/http/releases)
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md)
- [Commits](https://github.com/httprb/http/compare/v3.2.0...v3.3.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:32:26 +02:00
dependabot[bot] f038cd9386 Bump brakeman from 4.2.1 to 4.3.1 (#8872)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.2.1 to 4.3.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.2.1...v4.3.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:31:22 +02:00
dependabot[bot] 236c64d3f2 Bump fog-openstack from 0.1.25 to 0.3.6 (#8860)
Bumps [fog-openstack](https://github.com/fog/fog-openstack) from 0.1.25 to 0.3.6.
- [Release notes](https://github.com/fog/fog-openstack/releases)
- [Changelog](https://github.com/fog/fog-openstack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fog/fog-openstack/compare/v0.1.25...v0.3.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 01:07:13 +02:00
dependabot[bot] df36e809d0 Bump aws-sdk-s3 from 1.9.1 to 1.20.0 (#8848)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.9.1 to 1.20.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 01:06:54 +02:00
dependabot[bot] 31e72c8d8a Bump capybara from 2.18.0 to 3.8.2 (#8858)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 2.18.0 to 3.8.2.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/2.18.0...3.8.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:24:48 +02:00
dependabot[bot] 180c80e6a3 Bump pg from 1.0.0 to 1.1.3 (#8856)
Bumps [pg](https://bitbucket.org/ged/ruby-pg) from 1.0.0 to 1.1.3.
- [Changelog](https://bitbucket.org/ged/ruby-pg/src/master/History.rdoc)
- [Commits](https://bitbucket.org/ged/ruby-pg/branches/compare/v1.1.3..v1.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:20:56 +02:00
dependabot[bot] ae98c83af8 Bump httplog from 1.0.2 to 1.1.1 (#8839)
Bumps [httplog](https://github.com/trusche/httplog) from 1.0.2 to 1.1.1.
- [Release notes](https://github.com/trusche/httplog/releases)
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trusche/httplog/compare/v1.0.2...v1.1.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 04:56:00 +02:00
dependabot[bot] a7dcf7d1a8 Bump rubocop from 0.55.0 to 0.59.2 (#8849)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.55.0 to 0.59.2.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.55.0...v0.59.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 20:16:51 +02:00
dependabot[bot] e1e167a18f Bump rack-attack from 5.2.0 to 5.4.1 (#8838)
Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 5.2.0 to 5.4.1.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v5.2.0...v5.4.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 22:49:26 +02:00
Grey Baker 5e51b53fc8 Promote colorize to top-level dependency (#8844) 2018-10-02 05:34:25 +09:00
dependabot[bot] d54f7a2a91 Bump ox from 2.9.2 to 2.10.0 (#8837)
Bumps [ox](https://github.com/ohler55/ox) from 2.9.2 to 2.10.0.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.9.2...v2.10.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 14:08:33 +02:00
Eugen Rochko 09016dbda4 Adjust bootsnap configuration for newer version (#8826) 2018-09-29 18:34:36 +02:00
dependabot[bot] 20af1615c1 Bump oj from 3.5.1 to 3.6.11 (#8815)
Bumps [oj](https://github.com/ohler55/oj) from 3.5.1 to 3.6.11.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.5.1...v3.6.11)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:34:31 +02:00
dependabot[bot] 9464903154 Bump capistrano from 3.10.2 to 3.11.0 (#8801)
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.10.2 to 3.11.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Changelog](https://github.com/capistrano/capistrano/blob/master/CHANGELOG.md)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.10.2...v3.11.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 18:24:06 +02:00
dependabot[bot] 1b0972c6d7 Bump sidekiq-scheduler from 2.2.1 to 3.0.0 (#8789)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 2.2.1 to 3.0.0.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v2.2.1...v3.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:11:21 +09:00
dependabot[bot] 43361423cf Bump tty-prompt from 0.16.0 to 0.17.0 (#8791)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.16.0...v0.17.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:02:38 +09:00
Grey Baker 34203564d8 Bump devise from 4.4.3 to 4.5.0 (#8778)
Bumps [devise](https://github.com/plataformatec/devise) from 4.4.3 to 4.5.0.
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/plataformatec/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v4.4.3...v4.5.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 04:27:53 +09:00
dependabot[bot] e1d6309727 Bump sidekiq from 5.1.3 to 5.2.2 (#8779)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.1.3 to 5.2.2.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.1.3...v5.2.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:33:00 +02:00
dependabot[bot] ac467a1f7f Bump mime-types from 3.1 to 3.2.2 (#8781)
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.1 to 3.2.2.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases)
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/master/History.md)
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.1...v3.2.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:32:37 +02:00
dependabot[bot] c7bd9b4ea6 Bump pghero from 2.1.0 to 2.2.0 (#8782)
Bumps [pghero](https://github.com/ankane/pghero) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.1.0...v2.2.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:31:40 +02:00
Eugen Rochko 9937eedb55 Update ruby dependencies (#8743)
* Update ffi to 1.9.25

* Update private_address_check to 0.5.0
2018-09-21 00:42:59 +02:00
Yamagishi Kazutoshi 23ab704b2b Upgrade Babel to version 7.0.0 (#5925) 2018-09-14 17:59:48 +02:00
Alexander 9c693844d0 update devise_pam_authenticatable2, new feature: pam gets ip address of client (#8623) 2018-09-14 17:42:45 +02:00
Eugen Rochko 97c292e0d1 Add thor to Gemfile directly (#8467)
It's a common dependency, but just in case
2018-08-26 20:02:32 +02:00
Eugen Rochko e6e600bffa Upgrade Doorkeeper to 5.0.0 (#8409)
See doorkeeper-gem/doorkeeper#1137
2018-08-24 18:17:11 +02:00
ThibG 97f2dc6761 Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote (#8339)
* Fix uncaching worker

* Revert to using Paperclip's filesystem backend instead of fog-local

fog-local has lots of concurrency issues, causing failure to delete files,
dangling file records, and spurious errors UncacheMediaWorker
2018-08-21 17:53:01 +02:00
ThibG b572332710 Upgrade doorkeeper to 4.4.2 (#8321) 2018-08-20 22:42:02 +02:00
AkiraFukushima 464f5ec269 Revert "Upgrade Doorkeeper to 4.4.1 (#8197)" (#8231)
* Revert "Upgrade Doorkeeper to 4.4.1 (#8197)"

This reverts commit 659556ab1f.

* Except migration files from revert commit
2018-08-19 03:20:37 +02:00
Eugen Rochko 59e3ad5162 Add Makara dependency to support read-replicas (#8216)
Not active by default unless config/database.yml is edited
2018-08-18 21:06:12 +02:00
Eugen Rochko 659556ab1f Upgrade Doorkeeper to 4.4.1 (#8197) 2018-08-14 20:24:47 +02:00
S.H 81bd37b1a7 Update Rails (#8141)
* Update Rails

* fix Update Rails
2018-08-12 12:25:23 +02:00
Eugen Rochko 9ed3212e35 Remove rack-timeout (#7809)
Timeout considered harmful due to leaving the app in a broken
state, including unreaped database connections
2018-06-15 19:46:25 +02:00
MIYAGI Hikaru f291907ae5 Upgrade posix-spawn to master (#7542) 2018-05-19 02:20:43 +02:00
MIYAGI Hikaru a922fb60f5 Fix posix-spawn to version 0.3.12 (#7517)
Because 0.3.13 causes build error in x86 or other ILP32 environments.
closes #7453
2018-05-16 16:52:19 +02:00
Yamagishi Kazutoshi 15a8a75117 Update http_parser.rb to head version (#7467) 2018-05-13 11:32:46 +02:00
Yamagishi Kazutoshi a846656008 Downgrade doorkeeper to version 4.2.6 (#7456)
ref https://github.com/doorkeeper-gem/doorkeeper/pull/1060
2018-05-12 12:08:12 +02:00
Yamagishi Kazutoshi 9d64bcdac7 Port travis_retry for CI (#7379)
* Port travis_retry for CI

* Add license
2018-05-06 10:55:50 +02:00
Eugen Rochko 860701a9a8 Marginally improve convert/ffmpeg calls performance with posix-spawn (#7346) 2018-05-04 13:22:23 +02:00
Shuhei Kitagawa 7236e9effe Add pry-byebug (#7307) 2018-05-03 12:08:54 +02:00
Eugen Rochko ca1c696dbd Slightly reduce RAM usage (#7301)
* No need to re-require sidekiq plugins, they are required via Gemfile

* Add derailed_benchmarks tool, no need to require TTY gems in Gemfile

* Replace ruby-oembed with FetchOEmbedService

Reduce startup by 45382 allocated objects

* Remove preloaded JSON-LD in favour of caching HTTP responses

Reduce boot RAM by about 6 MiB

* Fix tests

* Fix test suite by stubbing out JSON-LD contexts
2018-05-02 18:58:48 +02:00
Yamagishi Kazutoshi e83e74f36d Update dependencies for Ruby (2018-04-23) (#7237)
* Update annotate to version 2.7.3

* Update aws-sdk-s3 to version 1.9.2

* Update browser to version 2.5.3

* Update capistrano to version 3.10.2

* Update domain_name to version 0.5.20180417

* Update http to version 3.2.0

* Update lograge to version 0.10.0

* Update oj to version 3.5.1

* Update parallel_tests to version 2.21.3

* Update puma to version 3.11.4

* Update rubocop to version 0.55.0

* Update scss_lint to version 0.57.0

* Update simplecov to version 0.16.1

* Update tty-command to version 0.8.0

* Update tty-prompt to version 0.16.0

* Update pkg-config to version 1.3.0

* Update fog-local to version 0.5.0

* Update fog-openstack to version 0.1.25

* Update devise-two-factor to version 3.0.3

* bundle update
2018-04-23 11:29:17 +02:00
Yamagishi Kazutoshi 0d4342e146 Introduce rspec-retry (#7206) 2018-04-20 19:31:30 +02:00
Yamagishi Kazutoshi 9761b940ac Upgrade Rails to version 5.2.0 (#5898) 2018-04-12 14:45:17 +02:00
Alexander 8a9da4c414 update gem, test pam authentication (#7028)
* update gem, test pam authentication

* add description for test parameters

* fix inclusion of optional group
2018-04-11 21:40:38 +02:00
Eugen Rochko a814aa8e4d Add a circuit breaker for ActivityPub deliveries (#7053) 2018-04-07 21:36:58 +02:00
Pierre-Morgan Gate ccacb263da Upgrade charlock_holmes to version 0.7.6 (#6966)
This version fixes compilation errors when trying to build its native extension with ICU 61.
2018-03-30 09:52:44 +02:00
Yamagishi Kazutoshi 6daa722e87 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
This reverts commit d35272245e.
2018-03-24 12:52:45 +01:00
Patrick Figel e62904bcba Update sanitize and loofah (#6855)
Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS
vulnerabilities present in these gems when built against
libxml2 >= 2.9.2.
2018-03-21 17:43:28 +01:00
Alexander 4fc9827b69 bugfixes and gem update (#6831)
* update to new version of devise_pam_authenticatable2

* fix behaviour if suffix is nil, fix environment loading, fix user email creation

* code cleanup/fix linter warning
2018-03-19 20:08:56 +01:00
Eugen Rochko d35272245e Revert "Upgrade Paperclip to version 6.0.0" (#6807)
* Revert "Bump version to 2.3.2rc1"

This reverts commit 64d5c8a512.

* Revert "Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)"

This reverts commit 36734278ba.

* Revert "Handle Mastodon::HostValidationError when pulling remoteable assets (#6782)"

This reverts commit 8f374100ed.

* Revert "Correct the reference to user's password in mastodon:add_user task (#6800)"

This reverts commit 7b247b15f2.

* Revert "Upgrade Paperclip to version 6.0.0 (#6754)"

This reverts commit cd6dee83a1.
2018-03-17 14:20:35 +01:00
Yamagishi Kazutoshi cd6dee83a1 Upgrade Paperclip to version 6.0.0 (#6754) 2018-03-17 12:37:58 +01:00
Eugen Rochko 3e8713636b Always install LDAP, CAS and SAML gems, because they don't require deps (#6663)
Fix #6534

PAM requires a system dependency so...
2018-03-07 02:25:17 +01:00
Yamagishi Kazutoshi 3008a0f73a Upgrade chewy to version 5.0.0 (#6649) 2018-03-06 06:14:26 +01:00
Patrick Figel faa3fe644d Update omniauth-saml to 1.10 (#6587)
Fixes CVE-2017-11428
2018-03-02 02:32:08 +01:00
Eugen Rochko 9721b7746a Fix #942: Seamless LDAP login (#6556) 2018-02-28 19:04:53 +01:00
masarakki eed7c16ab0 remove-uglifier (#6561) 2018-02-26 16:19:48 +01:00
Akihiko Odaki a5a434a8f6 Raise Mastodon::HostValidationError when host for HTTP request is private (#6410) 2018-02-24 19:16:11 +01:00
Eugen Rochko f6884555d7 Account archive download (#6460)
* Fix #201: Account archive download

* Export actor and private key in the archive

* Optimize BackupService

- Add conversation to cached associations of status, because
  somehow it was forgotten and is source of N+1 queries
- Explicitly call GC between batches of records being fetched
  (Model class allocations are the worst offender)
- Stream media files into the tar in 1MB chunks
  (Do not allocate media file (up to 8MB) as string into memory)
- Use #bytesize instead of #size to calculate file size for JSON
  (Fix FileOverflow error)
- Segment media into subfolders by status ID because apparently
  GIF-to-MP4 media are all named "media.mp4" for some reason

* Keep uniquely generated filename in Paperclip::GifTranscoder

* Ensure dumped files do not overwrite each other by maintaing directory partitions

* Give tar archives a good name

* Add scheduler to remove week-old backups

* Fix code style issue
2018-02-21 23:21:32 +01:00
Eugen Rochko c34ff9fb82 Fix avatar and header issues by using custom geometry detector (#6515)
* Fix avatar and header issues by using custom geometry detector

Revert a part of #6508. The file passed to dynamic styles method
was not actually a file, but an instance of Paperclip::Attachment,
which broke all styles by always returning {} from the method.

One problem with GIF avatars was that Paperclip::GeometryDetector
reported wrong dimensions for them, e.g. 120x120 GIF avatar would
for some reason be detected as 120x53. By writing our own geometry
parser, we can use FastImage, which also happens to be faster than
ImageMagick, to detect image dimensions, which are also correct.

Unfortunately, this PR does not implement skipping a `convert`
entirely if the dimensions are already correct, as I found no easy
way to write that behaviour into Paperclip without rewriting the
Paperclip::Thumbnail class.

* Only invoke convert if dimension or format needs to be changed
2018-02-21 03:40:12 +01:00
Eugen Rochko 9b7490cede Save video metadata and improve video OpenGraph tags (#6481)
* Save metadata from video attachments, put correct dimensions into OG tags

* Add twitter:player for videos

* Fix code style and test
2018-02-16 07:22:20 +01:00
Eugen Rochko e8e6786d6f Interactive `rake mastodon:setup` task (#6451)
* Add better CLI prompt

* Add rake mastodon:setup interactive wizard

* Test db/redis/smtp configurations and add admin user at the end

* Test database connection even when database does not exist yet
2018-02-11 18:40:57 +01:00
Eugen Rochko 7ca5a06505 Full-text search for authorized statuses (#6423)
* Add full-text search for authorized statuses

- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index

Fix #5880
Fix #4293
Fix #1152

* Add commented out docker-compose configuration for ES container

* Optimize index import, filter search results

* Add basic normalization to the index

* Add better stemming and normalization to the index

* Skip webfinger request if search query includes both @ and a space

* Fix code style

* Visually separate search result sections

* Fix code style issues
2018-02-09 23:04:47 +01:00
Eugen Rochko 555e7205da Make PAM gem optional, allow configuration over environment (#6415) 2018-02-04 15:05:53 +01:00
Eugen Rochko 5322013f25 CAS + SAML authentication feature (#6425)
* Cas authentication feature

* Config

* Remove class_eval + Omniauth initializer

* Codeclimate review

* Codeclimate review 2

* Codeclimate review 3

* Remove uid/email reconciliation

* SAML authentication

* Clean up code

* Improve login form

* Fix code style issues

* Add locales
2018-02-04 05:42:13 +01:00
Alexander 23ce0c86da pam authentication (#5303)
* add pam support, without extra column

* bugfixes for pam login

* document options

* fix code style

* fix codestyle

* fix tests

* don't call remember_me without password

* fix codestyle

* improve checks for pam usage (should fix tests)

* fix remember_me part 1

* add remember_token column because :rememberable requires either a password or this column.

* migrate db for remember_token

* move pam_authentication to the right place, fix logic bug in edit.html.haml

* fix tests

* fix pam authentication, improve username lookup, add comment

* valid? is sometimes not honored, return nil instead trying to authenticate with pam

* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests

* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user

* codeconvention fixes

* code convention fixes

* fix idention

* update dependency, explicit conflict check

* fix disabled password updates if in pam mode

* fix check password if password is present, fix templates

* block registration if account is maintained by pam

* Revert "block registration if account is maintained by pam"

This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.

* fix identation error introduced by rebase

* block usernames maintained by pam

* document pam settings better

* fix code style
2018-02-02 10:18:55 +01:00
Eugen Rochko 0efaa528c4 Update goldfinger, ostatus2 and http.rb versions (#6337) 2018-01-23 14:30:42 +01:00
Yamagishi Kazutoshi 2df7c3a008 Add support Ruby v2.5.0 (#6097) 2018-01-19 20:53:30 +01:00
Eugen Rochko 9613c3238c HTML e-mails for UserMailer (#6256)
- premailer gem to turn CSS into inline styles automatically
- rework UserMailer templates
- reword UserMailer templates
2018-01-16 03:29:11 +01:00
Patrick Figel 3c20cfd734 Add confirmation step for email changes (#6071)
* Add confirmation step for email changes

This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.

Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.

Fixes #3871

* Add review fixes
2018-01-02 16:55:00 +01:00
beatrix e2ccf65789 add ruby-progressbar to gemfile (fixes #6110) (#6111) 2017-12-26 18:43:52 +01:00
Yamagishi Kazutoshi f76681ebd6 Revert fog-aws (ref #5604) (#5934) 2017-12-09 00:47:52 +01:00
Eugen Rochko b037fbf9f4 Remove rabl dependency (#5894)
* Remove rabl dependency

* Replicate old Oj configuration
2017-12-06 15:04:49 +09:00
Yamagishi Kazutoshi a624688ebd Unify file upload to using fog (#5604) 2017-11-07 14:30:31 +01:00
Yamagishi Kazutoshi 10b30bd94e Update dependencies for Ruby (2017-10-30) (#5566)
* Update better_errors to version 2.4.0

* Update binding_of_caller to version 0.7.3

* Update bootsnap to version 1.1.5

* Update browser to version 2.5.2

* Update capistrano to version 3.10.0

* Update capistrano-bundler to version 1.3.0

* Update capistrano-rbenv to version 2.1.2

* Update capybara to version 2.15.4

* Update cld3 to version 3.2.1

* Update fabrication to version 2.18.0

* Update fog-openstack to version 0.1.22

* Update kaminari to version 1.1.1

* Update lograge to version 0.7.1

* Update nokogiri to version 1.8.1

* Update oj to version 3.3.9

* Update ox to version 2.8.1

* Update parallel_tests to version 2.17.0

* Update pkg-config to version 1.2.8

* Update rspec-rails to version 3.7.1

* Update rubocop to version 0.51.0

* Update scss_lint to version 0.55.0

* Update sidekiq to version 5.0.5

* Update sidekiq-scheduler to version 2.1.10

* Update tzinfo-data to version 1.2017.3

* Update webpacker to version 3.0.2

* bundle update
2017-10-31 12:22:32 +01:00
unarist 44cc417709 Add strong_migrations to production dependency (#5234) 2017-10-06 03:24:54 +02:00
Eugen Rochko 6033b8eac1 Replace self-rolled statsd instrumention with localshred/nsa (#5118) 2017-09-29 03:16:44 +02:00
Yamagishi Kazutoshi 12b7306a03 Upgrade Webpacker to version 3.0.1 (#5122) 2017-09-27 14:41:54 +02:00
Eugen Rochko a90aac6953 Update brakeman to 3.0 and bundler-audit to 0.6 (#5117) 2017-09-27 03:13:09 +02:00
Eugen Rochko 65827bd2b4 Add strong_migrations gem to warn when creating unsafe migrations (#5078) 2017-09-25 02:11:14 +02:00
Akihiko Odaki d4a1ddd46a Fix filterable_languages method of SettingsHelper (#4966) 2017-09-16 14:59:41 +02:00
Grey Baker 4b1d1a698d Bump puma from 3.9.1 to 3.10.0 (#4879)
Bumps [puma](https://github.com/puma/puma) from 3.9.1 to 3.10.0.
- [Release notes](https://github.com/puma/puma/releases/tag/v3.10.0)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.9.1...v3.10.0)
2017-09-11 23:43:19 +02:00
Grey Baker 05b12e52ac Bump rails from 5.1.3 to 5.1.4 (#4875)
Bumps [rails](https://github.com/rails/rails) from 5.1.3 to 5.1.4.
- [Commits](https://github.com/rails/rails/compare/v5.1.3...v5.1.4)
2017-09-11 23:03:14 +02:00
Eugen Rochko a27821f725 Fix language filter codes (#4841)
* Fix language filter codes

CLD3 returns BCP-47 language identifier, filter settings expect
identifiers in the ISO 639-1 format. Convert between formats,
and exclude duplicate languages from filter choices (zh-CN->zh)

* Fix zh name
2017-09-08 12:32:22 +02:00
Adam Thurlow 57a821d4b9 swift-enable the paperclip! 📎 (#2322) 2017-09-05 23:17:06 +02:00
Eugen Rochko 5147147da9 Add handling of Linked Data Signatures in payloads (#4687)
* Add handling of Linked Data Signatures in payloads

* Add a way to sign JSON, fix canonicalization of signature options

* Fix signatureValue encoding, send out signed JSON when distributing

* Add missing security context
2017-08-26 13:47:38 +02:00
nullkal e3eb31818f Update charlock_holmes to 0.7.5 (#4620) 2017-08-17 14:46:53 +02:00
Eugen Rochko 92e49e5c5d Update Goldfinger gem to 2.0 (#4286)
- No masking of HTTP::Error and OpenSSL::SSL::SSLError
- No longer accepts non-HTTPS WebFinger endpoints
2017-07-21 13:40:48 +02:00
Eugen Rochko 65a1c48653 Use the same emoji data on the frontend and backend (#4284)
* Use the same emoji data on the frontend and backend

* Move emoji.json to repository, add tests

This way you don't need to install node dependencies if you only
want to run Ruby code
2017-07-21 04:27:40 +02:00
Eugen Rochko df59dc6639 Refactor ResolveRemoteAccountService (#4258)
* Refactor ResolveRemoteAccountService

* Remove trailing whitespace

* Use redis locks around critical ResolveRemoteAccountService code

* Add test for race condition of lock
2017-07-19 14:44:04 +02:00
ThibG 9c1791c546 Optimize uri normalization (#4212)
* Add dependency on idn-ruby to speed up URI normalization

* Use normalized_host instead of normalize.host when applicable

When we are only interested in the normalized host, calling normalized_host
avoids normalizing the other components of the URI as well as creating a
new object
2017-07-15 17:24:35 +02:00
unarist 1065b0ac32 Follow renaming of microformats2 gem (#4203) 2017-07-14 19:57:49 +02:00
Eugen Rochko 5138dde794 Fix #4149, fix #1199 - Store emojis as unicode (#4189)
- Use unicode when selecting emoji through picker
- Convert shortcodes to unicode when storing text input server-side
- Do not convert shortcodes in JS anymore
2017-07-14 19:47:53 +02:00
Sorin Davidoi ecab38fd66 Web Push Notifications (#3243)
* feat: Register push subscription

* feat: Notify when mentioned

* feat: Boost, favourite, reply, follow, follow request

* feat: Notification interaction

* feat: Handle change of public key

* feat: Unsubscribe if things go wrong

* feat: Do not send normal notifications if push is enabled

* feat: Focus client if open

* refactor: Move push logic to WebPushSubscription

* feat: Better title and body

* feat: Localize messages

* chore: Fix lint errors

* feat: Settings

* refactor: Lazy load

* fix: Check if push settings exist

* feat: Device-based preferences

* refactor: Simplify logic

* refactor: Pull request feedback

* refactor: Pull request feedback

* refactor: Create /api/web/push_subscriptions endpoint

* feat: Spec PushSubscriptionController

* refactor: WebPushSubscription => Web::PushSubscription

* feat: Spec Web::PushSubscription

* feat: Display first media attachment

* feat: Support direction

* fix: Stuff broken while rebasing

* refactor: Integration with session activations

* refactor: Cleanup

* refactor: Simplify implementation

* feat: Set VAPID keys via environment

* chore: Comments

* fix: Crash when no alerts

* fix: Set VAPID keys in testing environment

* fix: Follow link

* feat: Notification actions

* fix: Delete previous subscription

* chore: Temporary logs

* refactor: Move migration to a later date

* fix: Fetch the correct session activation and misc bugs

* refactor: Move migration to a later date

* fix: Remove follow request (no notifications)

* feat: Send administrator contact to push service

* feat: Set time-to-live

* fix: Do not show sensitive images

* fix: Reducer crash in error handling

* feat: Add badge

* chore: Fix lint error

* fix: Checkbox label overlap

* fix: Check for payload support

* fix: Rename action "type" (crash in latest Chrome)

* feat: Action to expand notification

* fix: Lint errors

* fix: Unescape notification body

* fix: Do not allow boosting if the status is hidden

* feat: Add VAPID keys to the production sample environment

* fix: Strip HTML tags from status

* refactor: Better error messages

* refactor: Handle browser not implementing the VAPID protocol (Samsung Internet)

* fix: Error when target_status is nil

* fix: Handle lack of image

* fix: Delete reference to invalid subscriptions

* feat: Better error handling

* fix: Unescape HTML characters after tags are striped

* refactor: Simpify code

* fix: Modify to work with #4091

* Sort strings alphabetically

* i18n: Updated Polish translation

it annoys me that it's not fully localized :P

* refactor: Use current_session in PushSubscriptionController

* fix: Rebase mistake

* fix: Set cacheName to mastodon

* refactor: Pull request feedback

* refactor: Remove logging statements

* chore(yarn): Fix conflicts with master

* chore(yarn): Copy latest from master

* chore(yarn): Readd offline-plugin

* refactor: Use save! and update!

* refactor: Send notifications async

* fix: Allow retry when push fails

* fix: Save track for failed pushes

* fix: Minify sw.js

* fix: Remove account_id from fabricator
2017-07-13 22:15:32 +02:00
nullkal 07024f56df Use charlock_holmes instead of nkf at FetchLinkCardService (#4080)
* Specs for language detection

* Use CharlockHolmes instead of NKF

* Correct mistakes

* Correct style

* Set hint_enc instead of falling back and strip_tags

* Improve specs

* Add dependencies
2017-07-08 22:44:31 +02:00