Commit Graph

2508 Commits (703178c11778cc5b7ccb388eb76eda33ffa67955)

Author SHA1 Message Date
Matt Jankowski 1b1ecf8ee2 Refactor `Trends::Query` to avoid brakeman sql injection warnings (#25881) 2023-07-12 14:19:20 +02:00
Matt Jankowski 034a6a0dd4 Refactor `Snowflake` to avoid brakeman sql injection warnings (#25879) 2023-07-12 10:44:58 +02:00
Matt Jankowski 08421e7b90 Fix `Naming/MemoizedInstanceVariableName` cop (#25928) 2023-07-12 10:08:51 +02:00
Matt Jankowski 4932925530 Fix `Lint/SendWithMixinArgument` cop (#25920) 2023-07-12 10:02:32 +02:00
Nick Schonning 96a8aa32ad Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Claire 086ddcb021 Update brakeman ignores (#25912) 2023-07-11 17:08:37 +02:00
Nick Schonning 639c066a09 Run brakeman in GitHub Actions (#23713) 2023-07-11 15:23:57 +02:00
Claire 2b174c0d78 Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-10 18:42:10 +02:00
Matt Jankowski 6555c33503 Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Kurtis Rainbolt-Greene a27f2686ca First pass at multi-database for read replica using Rails native adapter (#25693)
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Matt Jankowski 3f04f0c37b Regenerate brakeman ignore, pruning warnings (#25749) 2023-07-08 11:07:19 +02:00
Claire 3445bdfa45 Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko 80fee1403f Change labels of live feeds tabs in web UI (#25683) 2023-07-03 22:57:18 +02:00
Eugen Rochko edb6aab974 Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski 5cadbaa296 Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Matt Jankowski c1f496d2fb Remove unused routes (#25578) 2023-07-01 21:48:53 +02:00
Claire 3406cb0427 Add POST /api/v1/conversations/:id/unread (#25509) 2023-06-22 18:46:43 +02:00
Matt Jankowski acc8d8bf8e Use default `bootsnap/setup` in boot.rb (#25502) 2023-06-22 18:46:32 +02:00
Claire c1c87fe7b9 Add finer permission requirements for managing webhooks (#25463) 2023-06-22 14:52:25 +02:00
Eugen Rochko 989a8758e3 Change edit profile page (#25413) 2023-06-14 04:38:07 +02:00
Eugen Rochko 239ee4f5d1 Fix CAPTCHA page not following design pattern of sign-up flow (#25395) 2023-06-13 22:30:40 +02:00
Eugen Rochko 94ef94c5ea Add unsubscribe link to e-mails (#25378) 2023-06-12 14:22:46 +02:00
Eugen Rochko 272e099bce Change "bot" label to "automated" (#25356) 2023-06-11 04:47:07 +02:00
Eugen Rochko 1dd243cc09 Add time zone preference (#25342) 2023-06-10 03:29:37 +02:00
Claire 83b03b528b Fix compatibility of recent migration with PostgreSQL 10 (#25324) 2023-06-07 01:53:50 +02:00
Nick Schonning ef344388c5 Autofix Rubocop Regex Style rules (#23690)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
Eugen Rochko 2252e4d8bb Add webhook templating (#23289)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 10:42:47 +02:00
Claire f2dbbcdec5 Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-06-05 17:35:05 +02:00
Matt Jankowski c671e23d28 Remove unmaintained `nsa` gem (#25265) 2023-06-05 01:57:05 +02:00
Nick Schonning 749c9434d1 Cleanup old translationRunner (#25241) 2023-06-02 20:01:36 +02:00
Claire c7a8838bd7 Add card with who invited you to join when displaying rules on sign-up (#23475) 2023-06-02 18:35:37 +02:00
Claire 1c298d97c5 Change wording of “Content cache retention period” setting to highlight destructive implications (#23261) 2023-06-02 18:09:08 +02:00
Renaud Chaput f681f81cbf Allow carets in URL search params (#25216) 2023-06-01 12:14:49 +02:00
Claire 8ee98cfd2b Add a confirmation screen when suspending a domain (#25144) 2023-06-01 09:37:38 +02:00
Renaud Chaput 76960f128a Upgrade react-intl (#24906) 2023-05-31 23:43:39 +02:00
Renaud Chaput 7b5a274836 Enforce import order with ESLint (#25096) 2023-05-23 17:15:17 +02:00
Nick Schonning 44b7c24bd0 Autofix Rubocop spacing in config (#25022) 2023-05-22 13:17:56 +02:00
Claire b030441368 Fix being able to vote on your own polls (#25015) 2023-05-17 00:08:42 +02:00
Claire 844d8e101e Add hCaptcha support (#25019) 2023-05-16 23:27:35 +02:00
Claire 86961b5b7b Add polling and automatic redirection to `/start` on email confirmation (#25013) 2023-05-16 18:03:52 +02:00
Nick Schonning 67c5ac4971 Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#25002) 2023-05-16 10:51:59 +02:00
Renaud Chaput dae330bf32 Bump `mkdirp` major version (#24978) 2023-05-15 09:40:24 +02:00
Eugen Rochko d05ff56746 Change "Sign in" to "Login" (#24942) 2023-05-10 20:17:55 +02:00
Renaud Chaput cabc9e5979 Make Webpack fail on failed imports (#24908) 2023-05-09 03:10:04 +02:00
Nick Schonning dfbb3a61c9 Enable Rubocop Rails/FilePath (#23854) 2023-05-04 05:50:40 +02:00
Matt Jankowski e8537a3a01 Fix Performance/CollectionLiteralInLoop cop (#24819) 2023-05-04 05:33:55 +02:00
Matt Jankowski 326df0d712 Update capistrano config lock version to match bundle (#24820) 2023-05-04 05:31:04 +02:00
Matt Jankowski a8aad4a45a Fix Performance/RedundantMerge cop (#24817) 2023-05-04 05:25:43 +02:00
Matt Jankowski b50c75ee8b Extract large route namespace blocks to separate files (#23914) 2023-05-02 15:41:20 +02:00
Claire abce7cf2b9 Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski bdbc9d0036 Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
Nick Schonning 040763ae9a Remove empty HTTP error translations (#24210) 2023-04-30 17:04:15 +09:00
Eugen Rochko b9f44a797a New Crowdin updates (#24678)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-30 17:02:11 +09:00
Mark Roszko 8c1fb86333 Remove the u in Favorite for non-gb english (#24667)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-30 16:33:37 +09:00
João Pedro Marques d00c43b9c1 Adds new follower/following routes (#24601) 2023-04-30 09:01:42 +02:00
Matt Jankowski 78f29479ab Fix Rails/Present cop (#24688) 2023-04-30 06:47:50 +02:00
mogaminsk 8b7b9ca887 Change i18n-fallbacks to English (#24727) 2023-04-30 02:22:20 +02:00
Nick Schonning 519ae8c0c6 Drop EOL Ruby 2.7 (#24237) 2023-04-27 01:46:18 +02:00
Eugen Rochko 231c132159 New Crowdin updates (#24617)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-27 04:55:06 +09:00
Christian Schmidt 7598355527 Remove `tai` locale (#23880) 2023-04-23 22:49:07 +02:00
Nick Schonning 92e237574f Remove empty Kushubian (csb) local files (#24151) 2023-04-23 22:43:12 +02:00
Nick Schonning 91f0da8563 Autofix Rubocop Style/NumericLiterals (#24468) 2023-04-23 22:30:07 +02:00
Eugen Rochko 4a0aa54a87 New Crowdin updates (#24517)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-22 19:37:41 +09:00
Eugen Rochko 3ca64638d4 Refactor `Cache-Control` and `Vary` definitions (#24347) 2023-04-19 16:07:29 +02:00
Robert R George 335b53ab48 Add trend management to admin API (#24257) 2023-04-18 11:33:30 +02:00
Eugen Rochko 9a7a4d79ec Add progress indicator to sign-up flow (#24545) 2023-04-16 07:01:24 +02:00
Eugen Rochko 7636512acb New Crowdin updates (#24447)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-12 20:21:32 +09:00
Eugen Rochko 66cbd18531 New Crowdin updates (#24378)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-06 23:24:31 +09:00
Claire e03f9b38c5 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-03 15:05:39 +02:00
Eugen Rochko 1c1bbbebd6 New Crowdin updates (#24276)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-03 14:44:43 +02:00
fusagiko / takayamaki 4866812b28 [Proposal] Make able to write React in Typescript (#16210)
Co-authored-by: berlysia <berlysia@gmail.com>
Co-authored-by: fusagiko / takayamaki <takayamaki@users.noreply.github.com>
2023-04-03 03:31:39 +02:00
Nick Schonning 2a0d2453b0 Autofix Rubocop Style/IdenticalConditionalBranches (#24322) 2023-03-31 09:33:52 +02:00
Eugen Rochko c75fccf033 Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire af57bcd3cf Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
Eugen Rochko 5b9c983305 New Crowdin updates (#24130)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-03-27 20:01:47 +09:00
Simon Elvery a3674b0e32 Update profile link verification instructions (#19723)
Co-authored-by: Effy Elden <effy@effy.space>
2023-03-22 11:22:35 +01:00
Matt Jankowski 7a82026971 Remove references to non-existent actions (#24183) 2023-03-20 20:03:44 +01:00
Eugen Rochko 336cf95418 Remove `Permissions-Policy` header from all responses (#24124) 2023-03-20 20:02:09 +01:00
Jean byroot Boussier dfc075c9d4 Workaround the ActiveRecord / Marshal serialization bug on Ruby 3.2 (#24142)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-17 14:37:30 +01:00
CSDUMMI e7c5ccafca Link to the Identity provider's account settings from the account settings (#24100)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-17 10:09:01 +01:00
Claire 3b17f2f718 Add warning for object storage misconfiguration (#24137) 2023-03-16 22:47:01 +01:00
Eugen Rochko ef0c6a43ed Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:46:52 +01:00
Eugen Rochko 83f302c101 New Crowdin updates (#23904)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-03-16 21:02:00 +09:00
Christian Schmidt 7583523bf0 Replace `Status#translatable?` with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Eugen Rochko f0734513f4 Refactor monkey-patching of `PrivateAddressCheck` (#24122) 2023-03-16 04:33:38 +01:00
Eugen Rochko 8819143d8b Add cache headers to static files served through Rails (#24120) 2023-03-16 02:55:54 +01:00
Eugen Rochko 5c07fc3260 Add `SENDFILE_HEADER` environment variable (#24123) 2023-03-16 02:55:13 +01:00
Eugen Rochko 4ea5355857 Remove `bullet` and `active_record_query_trace` gems (#24121) 2023-03-16 02:53:55 +01:00
CSDUMMI ee757aadb6 Support the PROXY protocol through the PROXY_PROTO_V1 env variable (#24064) 2023-03-14 14:47:57 +01:00
Claire 852eb6ce7a Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-12 23:47:55 +01:00
Nick Schonning 88aa9e012d Convert CircleCI to GitHub Actions (#23608) 2023-03-07 04:49:43 +01:00
Claire db1cece337 Fix `/api/v1/streaming` sub-paths not being redirected (#23988) 2023-03-06 17:44:55 +01:00
Claire aadb1317a5 Remove sidebar dead code (#23984) 2023-03-06 16:25:35 +01:00
Eugen Rochko 59491ba42b Fix pgBouncer resetting application name on every transaction (#23958) 2023-03-05 01:52:42 +01:00
Matt Jankowski 25aed1dafa Update browser gem to version 5.3.1 (#23945) 2023-03-05 00:33:08 +01:00
Jean byroot Boussier 08c2938b4a Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Jamie Hoyle 8f81dba434 Added support for specifying S3 storage classes in environment (#22480) 2023-03-03 20:53:37 +01:00
Claire 30c34fe90f Change unintended SMTP read timeout from 5 seconds to 20 seconds (#23750) 2023-03-03 20:37:22 +01:00
Claire 6943192f5e Fix server error when failing to follow back followers from `/relationships` (#23787) 2023-03-03 20:36:18 +01:00
Eugen Rochko 096f622340 New Crowdin updates (#23802)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-02-28 23:01:05 +09:00