Commit Graph

10223 Commits (a97c88abc5d7956f18341f59aa72515b06fac3ff)

Author SHA1 Message Date
dependabot[bot] a97c88abc5 Bump blurhash from 0.1.4 to 0.1.5 (#15942)
Bumps [blurhash](https://github.com/Gargron/blurhash) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/Gargron/blurhash/releases)
- [Commits](https://github.com/Gargron/blurhash/commits/v0.1.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:36:13 +01:00
dependabot[bot] ee0c66df1e Bump sidekiq-unique-jobs from 7.0.4 to 7.0.7 (#15944)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 7.0.4 to 7.0.7.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.0.4...v7.0.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:35:46 +01:00
Sandro bc5683f1b4 Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Claire d27331e99a Fix brakeman warning (#15870)
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.

This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
Claire ebe08f4335 Bypass MX validation for explicitly allowed domains (#15930)
* Bypass MX validation for explicitly allowed domains

This spares some lookups and prevent issues in some edge cases with
local domains.

* Add tests

* Fix test
2021-03-19 23:48:47 +01:00
Claire bb510a1454 Fix push notification title for polls (#15931) 2021-03-19 23:47:31 +01:00
Claire 1516b46bfa Fixing the hero widget (#15926)
* Removing last-child padding conflicts with light theme in hero widget

* Add missing background color to widget

* Reset widget.scss to default

* Hope this works

Co-authored-by: koyu <me@koyu.space>
2021-03-19 20:23:32 +01:00
Claire eee8cedfd4 Fix custom CSS when CDN_HOST is set (#15927) 2021-03-19 20:23:08 +01:00
Claire 4c9e572798 Add missing push notification title for polls (#15929) 2021-03-19 20:22:49 +01:00
Marcin Mikołajczak 4be836871a Add missing `en.notification_mailer.status.subject` (#15564)
* Add missing `en.notification_mailer.status.subject`

* Update en.yml
2021-03-19 17:15:59 +01:00
Eugen Rochko 3c1b807b94 WIP (#15222) 2021-03-19 17:15:36 +01:00
Claire 5c69eecacc Improve account counters handling (#15913)
* Improve account counters handling

* Use ActiveRecord::Base::sanitize_sql to pass values instead of interpolating them

Keep using string interpolation for `key` as it is safe and using
“ActiveRecord::Base::sanitize_sql_hash_for_assignment” would require stitching
bits of SQL in a way that is not more easily checked for safety.

* Add migration hook to catch PostgreSQL versions earlier than 9.5
2021-03-19 13:14:57 +01:00
Claire 7d180ee89c Remove MySQL-specific code from Mastodon::MigrationHelpers (#15924)
Mastodon::MigrationHelpers has been forked from Gitlab a long time ago, but
Mastodon has never supported using a MySQL database.

Removing MySQL support from Mastodon::MigrationHelpers makes it a little easier
to maintain. In particular, it removes code that would need updating with
Rails 6.
2021-03-19 13:14:40 +01:00
Claire 02e721757e Change deduplication order of tootctl maintenance fix-duplicates (#15923)
Hopefully fixes #15922

Also update support up to latest database schema version
2021-03-19 11:07:56 +01:00
Claire 6024c263bf Further preparation for Rails 6 (#15916)
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash

They do the same thing, and to_hash has been removed from Rails 6.1

* Explicitly name polymorphic indexes to workaround a bug in Rails 6.1

cf. https://github.com/rails/rails/issues/41693

* Fix incorrect usage of “foreign_key” in migration script

* Use `ActiveModel::Errors#delete` instead of deprecated clear method

* Fix link headers tests on Rails 6.1

Rails 6.1 adds values to the Link header by default, thus it is not a
LinkHeader object anymore. Fix the test to parse the Link header instead
of assuming it is a LinkHeader.
2021-03-19 02:45:34 +01:00
Claire ac03531bec Add option to opt out of unread notification markers (#15842)
Fixes #15133
2021-03-19 02:44:57 +01:00
Claire 00415d09e0 Use more robust hook for loading timestamp_id function into database (#15919) 2021-03-19 02:43:13 +01:00
Claire 3feb291d90 Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Claire b35955af26 Fix cache_collection crashing when given an empty collection (#15921)
* Fix cache_collection crashing when given an empty collection

* Add tests
2021-03-18 00:41:32 +01:00
Claire 1634e71bd6 Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-17 10:09:55 +01:00
dependabot[bot] d0fbc2d04c Bump rspec-rails from 4.1.0 to 5.0.0 (#15876)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v4.1.0...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 07:55:43 +09:00
dependabot[bot] 221cb828dc Bump @babel/plugin-transform-runtime from 7.13.9 to 7.13.10 (#15903)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.13.9 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-plugin-transform-runtime)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 07:52:23 +09:00
dependabot[bot] a6b92df04f Bump bundler-audit from 0.7.0.1 to 0.8.0 (#15877)
Bumps [bundler-audit](https://github.com/postmodern/bundler-audit) from 0.7.0.1 to 0.8.0.
- [Release notes](https://github.com/postmodern/bundler-audit/releases)
- [Changelog](https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md)
- [Commits](https://github.com/postmodern/bundler-audit/compare/v0.7.0.1...v0.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 21:19:16 +09:00
dependabot[bot] 70e2c5e2c2 Bump @babel/runtime from 7.13.9 to 7.13.10 (#15904)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.13.9 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-runtime)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 21:04:03 +09:00
dependabot[bot] 7493db1aab Bump @babel/preset-env from 7.13.9 to 7.13.10 (#15901)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.13.9 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 21:03:46 +09:00
dependabot[bot] 7133e72e4d Bump eslint from 7.21.0 to 7.22.0 (#15906)
Bumps [eslint](https://github.com/eslint/eslint) from 7.21.0 to 7.22.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.21.0...v7.22.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 21:03:19 +09:00
dependabot[bot] a3b1c1eef3 Bump css-loader from 5.1.1 to 5.1.2 (#15905)
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.1...v5.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 21:03:02 +09:00
dependabot[bot] 5e7847b44b Bump @babel/core from 7.13.8 to 7.13.10 (#15902)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.8 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 21:02:24 +09:00
dependabot[bot] 52823bcb0b Bump react-toggle from 4.1.1 to 4.1.2 (#15900)
Bumps [react-toggle](https://github.com/aaronshaf/react-toggle) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/aaronshaf/react-toggle/releases)
- [Changelog](https://github.com/aaronshaf/react-toggle/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aaronshaf/react-toggle/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 20:56:59 +09:00
Eugen Rochko 9f16bd9c89 Fix configuration for sidekiq-unique-jobs after 7.x upgrade (#15908)
Remove locks from scheduled jobs
2021-03-15 11:17:43 +01:00
dependabot[bot] 335e7f37a4 Bump pghero from 2.7.4 to 2.8.0 (#15907)
Bumps [pghero](https://github.com/ankane/pghero) from 2.7.4 to 2.8.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.7.4...v2.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 08:09:47 +01:00
Filipe Rodrigues bbed5ea557 Fix reference to non-existing translation in the exports page. (#15894)
The exports page showed a different "CSV" capitalisation in the
"Bookmarks" row ("Csv") compared to the other rows ("CSV").
This was due to a referece to a translation string that does not exist,
`bookmarks.csv`, defaulting to the key's last segment in title case.

This issue was introduced in commit dcd86204 (PR #14956).

(h/t @meqif for helping with figuring out the bug)
2021-03-15 02:17:29 +01:00
dependabot[bot] 5e563b4f2f Bump json-ld-preloaded from 3.1.4 to 3.1.5 (#15880)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.4...3.1.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-13 09:04:13 +09:00
dependabot[bot] c35fa4338e Bump oj from 3.11.2 to 3.11.3 (#15874)
Bumps [oj](https://github.com/ohler55/oj) from 3.11.2 to 3.11.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.11.2...v3.11.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 23:06:29 +09:00
dependabot[bot] d70513a7de Bump nokogiri from 1.11.1 to 1.11.2 (#15881)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.1 to 1.11.2.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.1...v1.11.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 22:55:06 +09:00
dependabot[bot] 67b904ba2e Bump parallel_tests from 3.5.1 to 3.5.2 (#15882)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.5.1 to 3.5.2.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.5.1...v3.5.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 22:11:26 +09:00
dependabot[bot] 3356e2a4e4 Bump ox from 2.14.2 to 2.14.3 (#15875)
Bumps [ox](https://github.com/ohler55/ox) from 2.14.2 to 2.14.3.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.14.2...v2.14.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 22:11:05 +09:00
dependabot[bot] 266a038fac Bump aws-sdk-s3 from 1.89.0 to 1.91.0 (#15879)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.89.0 to 1.91.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 16:56:43 +09:00
dependabot[bot] dd7e9318c9 Bump sidekiq-unique-jobs from 6.0.25 to 7.0.4 (#15878)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.25 to 7.0.4.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.25...v7.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 16:55:32 +09:00
dependabot[bot] b47b75536e Bump faker from 2.16.0 to 2.17.0 (#15873)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.16.0 to 2.17.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.16.0...v2.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 15:21:05 +09:00
dependabot[bot] 182f2661fc Bump sidekiq-unique-jobs from 6.0.25 to 7.0.1 (#15627)
* Bump sidekiq-unique-jobs from 6.0.25 to 7.0.1

Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.25 to 7.0.1.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.25...v7.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix migration being broken by sidekiq-unique-jobs update

* Fix migration script following API changes in dependency

* Fixup

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: ThibG <thib@sitedethib.com>
2021-03-12 05:39:58 +01:00
Alexandra Catalina 0eb7728a63 helm: upgrade elasticsearch chart to 14 (#15767) 2021-03-12 05:39:09 +01:00
dependabot[bot] 01c5964bf3 Bump rubocop from 1.9.1 to 1.11.0 (#15820)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.9.1 to 1.11.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.9.1...v1.11.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 05:38:44 +01:00
Shlee 32cf85aa92 Update Dockerfile (#15869) 2021-03-12 05:33:35 +01:00
gol-cha f015e19179 Remove IE11 from browserslist (#15779) 2021-03-12 05:32:49 +01:00
Claire f05b0ab58a Fix not being able to change world filter expiration back to “Never” (#15858)
Fixes #15849
2021-03-12 05:25:50 +01:00
Claire e78f476c58 Remove subscription_expires_at leftover from OStatus (#15857) 2021-03-12 05:25:24 +01:00
dependabot[bot] 8dfcce2edd Bump elliptic from 6.5.3 to 6.5.4 (#15864)
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-09 11:08:10 +09:00
dependabot[bot] dcb2266d34 Bump rspec-rails from 4.0.2 to 4.1.0 (#15852)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 4.0.2 to 4.1.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v4.0.2...v4.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-08 23:05:35 +09:00
dependabot[bot] 28eca77ebc Bump react-textarea-autosize from 8.3.1 to 8.3.2 (#15838)
Bumps [react-textarea-autosize](https://github.com/Andarist/react-textarea-autosize) from 8.3.1 to 8.3.2.
- [Release notes](https://github.com/Andarist/react-textarea-autosize/releases)
- [Changelog](https://github.com/Andarist/react-textarea-autosize/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Andarist/react-textarea-autosize/compare/v8.3.1...v8.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-08 23:04:54 +09:00