Commit Graph

8813 Commits (a223cffd3cea578ca3e11cdd20f03252431563a1)

Author SHA1 Message Date
dependabot-preview[bot] a223cffd3c Bump rack-attack from 6.2.2 to 6.3.0 (#13657)
Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 6.2.2 to 6.3.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.2.2...v6.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:44:24 +02:00
dependabot-preview[bot] 9e6c30d071 Bump strong_migrations from 0.6.2 to 0.6.5 (#13649)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.6.2 to 0.6.5.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.6.2...v0.6.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:44:00 +02:00
dependabot-preview[bot] 5179050da5 Bump brakeman from 4.8.0 to 4.8.1 (#13652)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.8.0...v4.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:42:54 +02:00
dependabot-preview[bot] ed45f38191 Bump premailer-rails from 1.10.3 to 1.11.1 (#13620)
Bumps [premailer-rails](https://github.com/fphilipe/premailer-rails) from 1.10.3 to 1.11.1.
- [Release notes](https://github.com/fphilipe/premailer-rails/releases)
- [Changelog](https://github.com/fphilipe/premailer-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fphilipe/premailer-rails/compare/v1.10.3...v1.11.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:42:05 +02:00
dependabot-preview[bot] edb62caf3c Bump doorkeeper from 5.3.2 to 5.3.3 (#13673)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.2 to 5.3.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 22:30:56 +02:00
dependabot-preview[bot] 784cfba5d0 Bump pghero from 2.4.1 to 2.4.2 (#13603)
Bumps [pghero](https://github.com/ankane/pghero) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.4.1...v2.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 20:29:15 +02:00
dependabot-preview[bot] 0adc43012d [Security] Bump doorkeeper from 5.3.1 to 5.3.2 (#13613)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.1 to 5.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v.5.3.1...v5.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 20:16:15 +02:00
dependabot-preview[bot] 231e876fd0 Bump kaminari from 1.1.1 to 1.2.0 (#13596)
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 13:53:42 +02:00
ThibG fe7b81ac6b Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595) 2020-05-04 13:52:41 +02:00
Hanage999 190768a28d Fix tootctl upgrade storage-schema failing to delete empty directories (#13593) 2020-05-04 13:51:34 +02:00
Eugen Rochko e80d4479c7 Add more ActivityPub controller tests (#13590) 2020-05-03 22:19:24 +02:00
ThibG 20ffc12cda Fix use of inline CSS in public pages (#13576)
Change `account_link_to` to use an image tag rather than some
inline CSS. Dropped the `size` parameter in the process, but it wasn't
used for anything except the default value of 36px.

Dropped CSS rules that were always overriden, and defaulted to 36px width
and height instead.
2020-05-03 22:04:18 +02:00
Yamagishi Kazutoshi cf55546c41 Revert "improve status title (#8596)" (#13591)
This reverts commit dff05cd398.
2020-05-03 18:48:13 +02:00
Eugen Rochko 0ca06d0ba9 Add more tests for ActivityPub controllers (#13585) 2020-05-03 16:30:36 +02:00
Shlee 5162535061 Fix the circleci packages for Buster. (#13583)
* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update .circleci/config.yml

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>

* Update config.yml

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-05-01 23:45:40 +02:00
Eugen Rochko 9db780b0d4 Change CircleCI test output (#13587) 2020-05-01 20:19:01 +02:00
kaiyou 7a65e2f0db Only check locally when deduplicating usernames (#13581)
When deduplicating account usernames for OAuthable users, the routine did check if any account was known with that username, including remote accounts. This caused some unnecessary deduplication, and usernames ending with unexpected trailing _1.
This fixes #13580
2020-04-30 14:39:05 +02:00
ThibG a30829deee Fix admin-facing uses of inline CSS (#13575)
* Move .back-button inline styles to CSS file

All occurrences of the back-button CSS class used the same inline
CSS rules, so moved them over to the CSS file

* Fix “Add new domain block” button using inline CSS

* Replace common pattern of inline-styled button boxes by a CSS class

In particular, switching from `float: left/right` to a flexbox with
`justify-content: space-between`. This implied changing the order of
a few HTML tags and adding an empty `div` in one case.

Also removed a `margin-bottom` rule that wasn't needed due to the
margins of surrounding elements.

* Move account admin view inline CSS to CSS file
2020-04-28 19:39:16 +02:00
dependabot-preview[bot] 1ddf4ed6bf Bump parslet from 1.8.2 to 2.0.0 (#13564)
Bumps [parslet](https://github.com/kschiess/parslet) from 1.8.2 to 2.0.0.
- [Release notes](https://github.com/kschiess/parslet/releases)
- [Changelog](https://github.com/kschiess/parslet/blob/master/HISTORY.txt)
- [Commits](https://github.com/kschiess/parslet/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 01:39:21 +09:00
dependabot-preview[bot] dfae78960e Bump json-ld from 3.1.2 to 3.1.3 (#13566)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.2...3.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:30:53 +09:00
dependabot-preview[bot] ff9179ab0c Bump ruby-saml from 1.9.0 to 1.11.0 (#13559)
Bumps [ruby-saml](https://github.com/onelogin/ruby-saml) from 1.9.0 to 1.11.0.
- [Release notes](https://github.com/onelogin/ruby-saml/releases)
- [Changelog](https://github.com/onelogin/ruby-saml/blob/master/changelog.md)
- [Commits](https://github.com/onelogin/ruby-saml/compare/v1.9.0...v1.11.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:26:15 +09:00
dependabot-preview[bot] 3869798e81 Bump mime-types-data from 3.2019.1009 to 3.2020.0425 (#13554)
Bumps [mime-types-data](https://github.com/mime-types/mime-types-data) from 3.2019.1009 to 3.2020.0425.
- [Release notes](https://github.com/mime-types/mime-types-data/releases)
- [Changelog](https://github.com/mime-types/mime-types-data/blob/master/History.md)
- [Commits](https://github.com/mime-types/mime-types-data/compare/v3.2019.1009...v3.2020.0425)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:24:52 +09:00
dependabot-preview[bot] 451b3fd846 Bump http-form_data from 2.2.0 to 2.3.0 (#13560)
Bumps [http-form_data](https://github.com/httprb/form_data.rb) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/httprb/form_data.rb/releases)
- [Changelog](https://github.com/httprb/form_data/blob/master/CHANGES.md)
- [Commits](https://github.com/httprb/form_data.rb/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:21:53 +09:00
dependabot-preview[bot] 0dc372314d Bump aws-sdk-s3 from 1.61.2 to 1.63.0 (#13562)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.61.2 to 1.63.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits/v1.63.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:21:33 +09:00
dependabot-preview[bot] 9733f7cfcc Bump aws-partitions from 1.296.0 to 1.303.0 (#13552)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.296.0 to 1.303.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:15:52 +09:00
ThibG e88a05f707 Fix page incorrectly scrolling when bringing up dropdown menus (#13574)
Fixes #13573

For some reason (I suspect this may be related to focusing the item before it
got drown by the browser), Firefox scrolls to top when bringing up dropdown
menus with pre-selected items.

This commit uses the “preventScroll” option as, due to the placement behavior,
the menu should be visible anyway and not trigger scrolling.
2020-04-28 13:19:39 +02:00
dependabot-preview[bot] 4645624df0 Bump normalize-package-data from 2.4.0 to 2.5.0 (#13561)
Bumps [normalize-package-data](https://github.com/npm/normalize-package-data) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/npm/normalize-package-data/releases)
- [Commits](https://github.com/npm/normalize-package-data/compare/v2.4.0...v2.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 19:23:13 +09:00
dependabot-preview[bot] 5c943c4e13 Bump flatted from 2.0.0 to 2.0.2 (#13558)
Bumps [flatted](https://github.com/WebReflection/flatted) from 2.0.0 to 2.0.2.
- [Release notes](https://github.com/WebReflection/flatted/releases)
- [Commits](https://github.com/WebReflection/flatted/compare/v2.0.0...v2.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 19:02:30 +09:00
dependabot-preview[bot] 629e1a771d Bump nearley from 2.16.0 to 2.19.2 (#13556)
Bumps [nearley](https://github.com/hardmath123/nearley) from 2.16.0 to 2.19.2.
- [Release notes](https://github.com/hardmath123/nearley/releases)
- [Commits](https://github.com/hardmath123/nearley/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:47:03 +09:00
dependabot-preview[bot] bc2f84c467 Bump core-js-pure from 3.6.4 to 3.6.5 (#13553)
Bumps [core-js-pure](https://github.com/zloirock/core-js) from 3.6.4 to 3.6.5.
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/compare/v3.6.4...v3.6.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:30:51 +09:00
dependabot-preview[bot] 753aa32bcf Bump request from 2.88.0 to 2.88.2 (#13565)
Bumps [request](https://github.com/request/request) from 2.88.0 to 2.88.2.
- [Release notes](https://github.com/request/request/releases)
- [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md)
- [Commits](https://github.com/request/request/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:26:30 +09:00
dependabot-preview[bot] 522cf6deb2 Bump cacache from 12.0.3 to 12.0.4 (#13567)
Bumps [cacache](https://github.com/npm/cacache) from 12.0.3 to 12.0.4.
- [Release notes](https://github.com/npm/cacache/releases)
- [Changelog](https://github.com/npm/cacache/blob/v12.0.4/CHANGELOG.md)
- [Commits](https://github.com/npm/cacache/compare/v12.0.3...v12.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:15:18 +09:00
dependabot-preview[bot] 1c881a2da1 Bump functions-have-names from 1.2.0 to 1.2.1 (#13568)
Bumps [functions-have-names](https://github.com/ljharb/functions-have-names) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/ljharb/functions-have-names/releases)
- [Changelog](https://github.com/inspect-js/functions-have-names/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ljharb/functions-have-names/compare/v1.2.0...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:12:55 +09:00
dependabot-preview[bot] b22f543978 Bump loglevel from 1.6.6 to 1.6.8 (#13569)
Bumps [loglevel](https://github.com/pimterry/loglevel) from 1.6.6 to 1.6.8.
- [Release notes](https://github.com/pimterry/loglevel/releases)
- [Commits](https://github.com/pimterry/loglevel/compare/v1.6.6...v1.6.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:59:00 +09:00
dependabot-preview[bot] 708d6d5768 Bump svgo from 1.1.1 to 1.3.2 (#13570)
Bumps [svgo](https://github.com/svg/svgo) from 1.1.1 to 1.3.2.
- [Release notes](https://github.com/svg/svgo/releases)
- [Changelog](https://github.com/svg/svgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/svg/svgo/compare/v1.1.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:46:20 +09:00
ThibG 3b7373ed4c Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG df5867f072 Refactor/cleanup TIMELINE_DELETE-related code (#13175) 2020-04-28 09:53:42 +02:00
ThibG f53bd1bef6 Fix messed up z-index when NoScript blocks media/previews (#13449)
Fixes #13444
2020-04-28 09:44:17 +02:00
ThibG 207c5ab2a3 Fix /public showing public instead of community timeline for logged-in users (#13499) 2020-04-28 09:43:45 +02:00
ThibG 09162ceb7c Add `invites_enabled` to API (#13501) 2020-04-28 09:43:34 +02:00
Lerk 0dd63eae8e Add `tootctl emoji export` (#13534)
* add emoji export command to cli

* fix codeclimate issues

* add error when no matching category was found

* add other suggestions

* exit 1 when no matching category is found

* changes according to suggestions

* 👀

* RubyNein

Y u always autoformat :c
2020-04-27 22:17:49 +02:00
dependabot-preview[bot] 475d0375ec Bump oj from 3.10.5 to 3.10.6 (#13557)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.5 to 3.10.6.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.5...v3.10.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-27 17:20:34 +02:00
Даниил Пронин bf46f726fd Add JS IDE helper (#13012)
* add IDE helper for Webpack

* fix ESLint error in IDE helper

* fix IDE helper code style
2020-04-27 17:19:53 +02:00
mayaeh 4ec7b137de Fix naming issue (#13551) 2020-04-27 10:32:05 +02:00
Eugen Rochko adfb22a9dd Add separate cache directory for non-local uploads (#12821) 2020-04-26 23:29:08 +02:00
Eugen Rochko 96920a7b8e Fix not being able to resolve public resources in development environment (#13505) 2020-04-25 22:01:08 +02:00
ThibG cd3a0a17bc Fix uninformative error message when uploading unsupported image files (#13540)
Attempting to upload image files that the browser is unable to load results
in “Oops! An unexpected error occurred.”

This commit changes the error handling so that an unprocessable image results
in the file being sent anyway, which might cover a few corner cases, and
provide a slightly better error message.
2020-04-25 12:27:29 +02:00
ThibG 3526163340 Fix expanded video player issues (#13541)
Fixes #13536

- Expanding a paused video doesn't autoplay anymore
- Default volume level for the expanded video inherited from the original video

Position/playing state/volume are carried over from the original video player
to the modal, but they're not reported back to the modal as it would require
deeper changes.
2020-04-25 12:16:05 +02:00
Takeshi Umeda f365b9d6cd Fix enable/disable relay failures (#13535) 2020-04-23 22:04:18 +02:00
Irie Aoi cf1bf9dda9 Set max-width and max-height to gif video (#13533) 2020-04-23 15:49:33 +02:00