68bc5ef550
[Security] Update Dockerfile for Ruby 2.6.6 ( #13393 )
2020-04-05 12:52:07 +02:00
ef48ffc127
Fix PostgreSQL load when linking in announcements ( #13250 )
...
* Fix PostgreSQL load when linking in announcements
Fixes #13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
2020-04-05 12:51:22 +02:00
c7c2a46967
Bump version to 3.1.3 ( #13389 )
2020-04-05 06:23:46 +02:00
aa18f4e7d1
Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 ( #13387 )
...
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
2020-04-04 23:24:59 +02:00
ffd6f3fa8a
Add explanation as to why unlocked accounts may have follow requests ( #13385 )
...
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
2020-04-04 19:02:10 +02:00
97e51733ff
Update config.yml ( #13379 )
2020-04-04 15:52:42 +02:00
d527154807
Update Vagrant box to Bionic ( #13384 )
2020-04-04 15:47:48 +02:00
6932e0e2af
Add ability to filter audit log in admin UI ( #13381 )
2020-04-03 13:06:34 +02:00
37e867d3f2
Bump rspec-rails from 3.9.1 to 4.0.0 ( #13364 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-02 18:54:41 +02:00
abbc0c6a87
Improve polls: option lengths & redesign ( #13257 )
...
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
2020-04-02 17:10:55 +02:00
7045cb5d5c
Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` ( #13375 )
...
Fix #13371
2020-04-02 05:28:51 +02:00
11deb933f5
Fix returning results when searching for URL with non-zero offset ( #13377 )
...
Fix #13083
2020-04-02 03:39:37 +02:00
c2fc9bca81
Fix pinning a column in web UI sometimes redirecting out of web UI ( #13376 )
...
Fix #13216
2020-04-02 03:12:10 +02:00
61a3db761e
Bump json-ld from 3.1.1 to 3.1.2 ( #13368 )
...
Bumps [json-ld](https://github.com/ruby-rdf/json-ld ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases )
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:05:33 +09:00
cf2f9e48f5
Bump json-ld-preloaded from 3.1.1 to 3.1.2 ( #13365 )
...
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases )
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:05:26 +09:00
53438a329f
Bump bootsnap from 1.4.5 to 1.4.6 ( #13369 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:02:35 +09:00
186c25dc7a
Bump tty-prompt from 0.20.0 to 0.21.0 ( #13366 )
...
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt ) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases )
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md )
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:02:24 +09:00
4add5dd7ff
Bump faker from 2.10.1 to 2.11.0 ( #13363 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 10:01:50 +09:00
a10a1389f7
Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 ( #13367 )
...
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs ) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases )
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 09:50:25 +09:00
b1c596e8f3
Fix background jobs not using locks like they are supposed to ( #13361 )
...
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix #13349
2020-03-31 21:59:03 +02:00
899ff914da
Improve toot clicking areas ( #13327 )
...
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
2020-03-31 19:40:23 +02:00
8fa78c0ec8
Fix re-sending of e-mail confirmation not being rate limited ( #13360 )
...
Fix #13330
2020-03-31 18:20:48 +02:00
241916b0dd
Bump autoprefixer from 9.7.4 to 9.7.5 ( #13338 )
...
Bumps [autoprefixer](https://github.com/postcss/autoprefixer ) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases )
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 23:41:52 +09:00
77a0c79427
Bump @babel/preset-react from 7.8.3 to 7.9.4 ( #13335 )
...
Bumps [@babel/preset-react](https://github.com/babel/babel ) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 23:37:30 +09:00
7f0d2f4cc7
Bump babel-loader from 8.0.6 to 8.1.0 ( #13333 )
...
Bumps [babel-loader](https://github.com/babel/babel-loader ) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases )
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:15:37 +09:00
9f4d4b46e7
Bump yargs from 15.1.0 to 15.3.1 ( #13334 )
...
Bumps [yargs](https://github.com/yargs/yargs ) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases )
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:15:06 +09:00
0c725a074b
Bump @babel/preset-env from 7.8.3 to 7.9.0 ( #13336 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel ) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:13:31 +09:00
8091b8d433
Bump babel-jest from 25.1.0 to 25.2.4 ( #13332 )
...
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest ) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:12:52 +09:00
fa494a085c
Bump stringz from 2.0.0 to 2.1.0 ( #13331 )
...
Bumps [stringz](https://github.com/sallar/stringz ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases )
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sallar/stringz/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:11:00 +09:00
b0915c7c49
Bump react from 16.12.0 to 16.13.1 ( #13337 )
...
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react ) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases )
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:10:25 +09:00
5607fae147
Bump concurrent-ruby from 1.1.5 to 1.1.6 ( #13346 )
...
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby ) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases )
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:09:14 +09:00
41ca3cdb37
Fix content warning being unnecessarily cleared when enabling/disabling CW ( #13348 )
2020-03-31 14:10:18 +02:00
ee400d1c6c
Bump uuid from 3.4.0 to 7.0.2 ( #13295 )
...
Bumps [uuid](https://github.com/uuidjs/uuid ) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases )
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:47:04 +02:00
28b80460f1
Bump parallel_tests from 2.30.1 to 2.32.0 ( #13341 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:44:33 +02:00
1c2a286244
Fix ImportsController param to permit :mode ( #13347 )
2020-03-31 12:43:42 +02:00
a6f9f5aaaa
Bump better_errors from 2.5.1 to 2.6.0 ( #13340 )
...
Bumps [better_errors](https://github.com/BetterErrors/better_errors ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases )
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:42:44 +02:00
31057178a7
Bump ox from 2.12.1 to 2.13.2 ( #13342 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:42:17 +02:00
8b0500e8b0
Bump iso-639 from 0.2.8 to 0.3.5 ( #13343 )
...
Bumps [iso-639](https://github.com/xwmx/iso-639 ) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases )
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:41:55 +02:00
d5046055c3
Bump oj from 3.10.3 to 3.10.5 ( #13345 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:40:54 +02:00
7186329a38
Bump pg from 1.2.2 to 1.2.3 ( #13344 )
...
Bumps [pg](https://github.com/ged/ruby-pg ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases )
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc )
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:40:33 +02:00
5a211c478d
Fix wrong color for ellipsis in boost confirmation dialog in Web UI ( #13355 )
2020-03-31 12:39:50 +02:00
02b0321713
Fix incorrect deletion of local accounts imported by overwriting ( #13350 )
2020-03-30 20:32:34 +02:00
1a993f9675
Fix 404 and 410 API errors being silently discarded in WebUI ( #13279 )
...
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes #13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
2020-03-28 17:59:45 +01:00
246c4d4fbf
Fix OCR not working on Safari because of unsupported worker-src CSP ( #13323 )
...
Fixes #13321
2020-03-27 22:35:57 +01:00
8e4eaaf71e
Bump brakeman from 4.7.2 to 4.8.0 ( #13309 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-27 22:35:49 +01:00
5e544da8a4
Fix Paperclip using deprecated URI.escape function ( #13320 )
...
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
2020-03-26 15:09:16 +01:00
e4a6343e62
Bump webpack from 4.41.5 to 4.42.1 ( #13319 )
...
Bumps [webpack](https://github.com/webpack/webpack ) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases )
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-26 12:45:12 +09:00
5aa993edc3
Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 ( #13301 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel ) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-26 12:44:47 +09:00
55b0babc90
Bump react-select from 3.0.8 to 3.1.0 ( #13296 )
...
Bumps [react-select](https://github.com/JedWatson/react-select ) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases )
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js )
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-26 09:57:34 +09:00
1cb4645638
Change `tootctl media remove-orphans` to work for all classes ( #13316 )
...
Change `tootctl media lookup` to not use an interactive prompt
2020-03-26 01:56:41 +01:00
Shlee