Commit Graph

693 Commits (adbe541e5e9af3c3335b2094daa59952d8f76e9c)

Author SHA1 Message Date
Claire c9e86e57e8 Bump version to 4.1.0rc3 (#23384) 2023-02-03 16:39:38 +01:00
Claire b26ab9916d Bump version to 4.1.0rc2 (#23220) 2023-01-25 16:20:54 +01:00
Claire efa0acc165 Bump version to 4.1.0rc1 (#23112) 2023-01-20 14:19:12 +01:00
JT Olio 2cc9a94660 Add Storj DCS to cloud object storage options (#21929)
* Add Storj DCS to cloud object storage options

More explanation here: https://forum.storj.io/t/object-storage-provider-for-mastodon-instance/11464/37

* more help for which command to use
2023-01-18 17:47:49 +01:00
Claire 908f5f4c6e Add `tootctl domains purge` options to select subdomains and keep domain blocks (#22063)
* Add --include-subdomains option to tootctl domains purge

* Add support for '*.' subdomain wildcard patterns in `tootctl domains purge`

* Fix custom emojis deletion not following subdomain and URI options

* Change `tootctl domains purge` to not purge domain blocks unless --purge-domain-blocks is passed

* Refactor `tootctl domains purge`

* Add feedback on deleted domain blocks
2023-01-18 16:50:50 +01:00
Jeong Arm 4fd439e632 Implement tootctl accounts prune (#18397)
* Implement tootctl accounts prune

* Optimise query

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-01-13 22:34:16 +01:00
Claire 8cb9cfb0ab Add `tootctl accounts migrate` (#22330)
* Add tootctl accounts replay-migration

Fixes #22281

* Change `tootctl accounts replay-migration` to `tootctl accounts migrate`
2023-01-13 17:00:23 +01:00
Claire aadf68654a Fix incorrect env file generation in mastodon:setup (#23072)
Regression from #23012
2023-01-13 10:17:07 +01:00
Claire 614dd22095 Fix sanitizer parsing link text as HTML when stripping unsupported links (#22558) 2023-01-11 22:21:10 +01:00
Claire fdea93b6be Fix `$` not being escaped in `.env.production` file generated by `mastodon:setup` (#23012)
* Fix `$` not being escaped in `.env.production` file generated by `mastodon:setup`

* Improve robustness of dotenv escaping
2023-01-11 21:53:11 +01:00
Nick Schonning 675fff259a Expand Stylelint glob to include CSS files (#22469) 2023-01-05 13:42:13 +01:00
Dan Peterson 2a98aad36d Fix default S3_HOSTNAME used in mastodon:setup (#19932)
s3-us-east-1.amazonaws.com does not exist.

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:38:51 +01:00
Claire 762efea31f Add --email and --dry-run options to `tootctl accounts delete` (#22328) 2022-12-15 14:52:50 +01:00
Evan 2d3b9084db Add command to remove avatar and header images of inactive remote accounts from the local database (#22149)
* Add tootctl subcommand media remove-profile-media

* Trigger workflows

* Correcting external linting

* External linting error

* External linting fix

* Merging with remove command

* Linting

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Remove saving a list of purged accounts

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14 19:50:07 +01:00
Claire 053d3ba6ca Fix crash and incorrect behavior in tootctl domains crawl (#19004) 2022-12-13 20:02:32 +01:00
Claire 56e253553f Fix deprecation warning in `tootctl accounts rotate` (#22120) 2022-12-07 14:13:10 +01:00
Claire 360e6f7982 Fix pre-4.0 admin action logs (#22091)
* Fix BackfillAdminActionLogs post-deployment migration

* Improve migration tests

* Backfill admin action logs again
2022-12-06 23:38:03 +01:00
Claire daf52f6c69 Remove support for Ruby 2.6 (#21477)
As pointed out by https://github.com/mastodon/mastodon/pull/21297#discussion_r1028372193
at least one of our dependencies already dropped support for Ruby 2.6, and we
had removed Ruby 2.6 tests from the CI over a year ago (#16861).

So stop advertising Ruby 2.6 support, bump targeted version, and drop some
compatibility code.
2022-11-27 20:41:39 +01:00
Claire c863f76a62 Add logging for Rails cache timeouts (#21667)
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds

* Log cache store errors
2022-11-27 20:37:37 +01:00
Eugen Rochko a4d1745ffa Bump version to 4.0.2 (#20725) 2022-11-15 03:57:18 +01:00
Eugen Rochko eb1cb5b6d9 Bump version to 4.0.1 (#20696) 2022-11-14 22:21:14 +01:00
Eugen Rochko 4a307df02f Bump version to 4.0.0 (#20636) 2022-11-14 20:27:12 +01:00
Eugen Rochko c5da82cada Bump version to 4.0.0rc4 (#20634) 2022-11-14 08:50:14 +01:00
Claire abc0ea76e7 Fix index name in fix-duplicates task (#20632) 2022-11-14 08:33:48 +01:00
Eugen Rochko 8b98bebc17 Fix error when passing unknown filter param in REST API (#20626)
Fix #19156
2022-11-14 08:06:06 +01:00
Claire ac0ae9c83d Update fix-duplicates (#20502)
Fixes #19133
2022-11-13 21:01:38 +01:00
Arthur Isac bca22dc131 Copied Spaces support from packer .rake (#20573) 2022-11-13 20:58:40 +01:00
Eugen Rochko 791592c961 Bump version to 4.0.0rc3 (#20378) 2022-11-11 08:39:38 +01:00
Pierre Bourdon 4db2969701 blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388)
The Blurhash library used by Mastodon requires an input encoded as 24
bits raw RGB data. The conversion to raw RGB using Imagemagick did not
previously specify the desired bit depth. In some situations, this leads
Imagemagick to output in a pixel format using less bpp than expected.
This then manifested as segfaults of the Sidekiq process due to
out-of-bounds read, or potentially a (highly noisy) memory infoleak.

Fixes #19235.
2022-11-11 07:45:16 +01:00
Yamagishi Kazutoshi 51e199a7c0 Fix `ENV` (#20377) 2022-11-11 01:33:32 +01:00
F 24af2c05bc Make enable_starttls configurable by envvars (#20321)
ENABLE_STARTTLS is designed to replace ENABLE_STARTTLS_AUTO by accepting
three values: 'auto' (the default), 'always', and 'never'. If
ENABLE_STARTTLS isn't provided, we fall back to ENABLE_STARTTLS_AUTO. In
this way, this change should be fully backwards compatible.

Resolves #20311
2022-11-10 21:06:21 +01:00
Eugen Rochko cdbd1a8bb3 Bump version to 4.0.0rc2 (#19831) 2022-11-06 06:59:56 +01:00
Eugen Rochko e75cab5d37 Add assets from Twemoji 14.0 (#19733) 2022-11-04 16:08:41 +01:00
Claire 05bb841077 Fix admin action logs page (#19649)
* Add tests

* Fix crash when trying to display orphaned action logs

* Add migration for older admin action logs
2022-11-03 16:06:42 +01:00
Claire 6d0c85d6a8 Fix mastodon:setup not setting the admin's role properly (#19670)
* Fix mastodon:setup not setting the admin's role properly

* Set contact username when creating admin account in mastodon:setup
2022-11-02 16:35:21 +01:00
pea-sys 066fcb0d41 png optimization(loss less) (#19630) 2022-11-01 15:06:52 +01:00
Eugen Rochko 79f5e4d088 Bump version to 4.0.0rc1 (#19473) 2022-10-28 00:26:02 +02:00
Eugen Rochko c92e2658e0 Add `--remove-role` option to `tootctl accounts modify` (#19477)
Fix #19152
2022-10-27 14:31:10 +02:00
Jeong Arm 32efaf0856 Fix Ambiguous SQL error on tootctl media refresh (#19206) 2022-09-20 23:50:19 +02:00
Claire b8853ddcb9 Improve error reporting and logging when processing remote accounts (#15605)
* Add a more descriptive PrivateNetworkAddressError exception class

* Remove unnecessary exception class to rescue clause

* Remove unnecessary include to JsonLdHelper

* Give more neutral error message when too many webfinger redirects

* Remove unnecessary guard condition

* Rework how “ActivityPub::FetchRemoteAccountService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteAccountService#call (default/previous behavior).

* Rework how “ActivityPub::FetchRemoteKeyService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteKeyService#call (default/previous behavior).

* Fix Webfinger::RedirectError not being a subclass of Webfinger::Error

* Add suppress_errors option to ResolveAccountService

Defaults to true (to preserve previous behavior). If set to false,
errors will be raised instead of caught, allowing the caller to be
informed of what went wrong.

* Return more precise error when failing to fetch account signing AP payloads

* Add tests

* Fixes

* Refactor error handling a bit

* Fix various issues

* Add specific error when provided Digest is not 256 bits of base64-encoded data

* Please CodeClimate

* Improve webfinger error reporting
2022-09-20 23:30:26 +02:00
luzpaz 45ddea2f0c Fix typos (#18604)
* Fix typos

Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,pixelx,ro`

* Follow-up typo fix
2022-08-28 17:44:34 +02:00
Eugen Rochko a0bb5674d9 Add admin API for managing canonical e-mail blocks (#19067) 2022-08-28 03:31:54 +02:00
Jeong Arm 8c1ea0976b Add '--days' option to tootctl media refresh (#18425)
* Add '--days' option to tootctl media refresh

* Fix undefined scope
2022-08-25 04:40:17 +02:00
Brayd 71f41ca363 Minimal adjustments to the short description (#18001)
Minimal adjustments have been made to the short description so that it logically follows the long description
2022-08-13 15:41:12 +02:00
Eugen Rochko e164d6a687 Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Claire 90e5a9bd98 Revamp post filtering system (#18058)
* Add model for custom filter keywords

* Use CustomFilterKeyword internally

Does not change the API

* Fix /filters/edit and /filters/new

* Add migration tests

* Remove whole_word column from custom_filters (covered by custom_filter_keywords)

* Redesign /filters

Instead of a list, present a card that displays more information and handles
multiple keywords per filter.

* Redesign /filters/new and /filters/edit to add and remove keywords

This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.

* Add /api/v2/filters to edit filter with multiple keywords

Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
  `keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`

API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
  `keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
  `keywords_attributes` can also be passed to edit, delete or add keywords in
   one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
   filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword

* Change from `irreversible` boolean to `action` enum

* Remove irrelevent `irreversible_must_be_within_context` check

* Fix /filters/new and /filters/edit with update for filter_action

* Fix Rubocop/Codeclimate complaining about task names

* Refactor FeedManager#phrase_filtered?

This moves regexp building and filter caching to the `CustomFilter` class.

This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.

* Perform server-side filtering and output result in REST API

* Fix numerous filters_changed events being sent when editing multiple keywords at once

* Add some tests

* Use the new API in the WebUI

- use client-side logic for filters we have fetched rules for.
  This is so that filter changes can be retroactively applied without
  reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
  (e.g. network error, or initial timeline loading)

* Minor optimizations and refactoring

* Perform server-side filtering on the streaming server

* Change the wording of filter action labels

* Fix issues pointed out by linter

* Change design of “Show anyway” link in accordence to review comments

* Drop “irreversible” filtering behavior

* Move /api/v2/filter_keywords to /api/v1/filters/keywords

* Rename `filter_results` attribute to `filtered`

* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer

* Fix systemChannelId value in streaming server

* Simplify code by removing client-side filtering code

The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
2022-06-28 09:42:13 +02:00
Eugen Rochko c3f7041715 Fix wrong aspect ratio of logo in icons (#18639) 2022-06-11 20:32:02 +02:00
Eugen Rochko 03d2cb5146 Change brand color and logotypes (#18592)
- Add rake task for generating Apple/Android icons and favicons from SVG
- Add rake task for generating PNG icons and logos for e-mails from SVG
- Remove obsolete Microsoft icons and configuration
- Remove PWA shortcut icons
2022-06-09 22:25:23 +02:00
Claire a0556ea3f1 Remove dependency on running Redis server for db:setup (#18560) 2022-06-01 19:23:31 +02:00
Eugen Rochko 5b1c0d21ab Bump version to 3.5.3 (#18530) 2022-05-26 23:26:15 +02:00
Eugen Rochko eda9c41ed8 Change algorithm of `tootctl search deploy` to improve performance (#18463) 2022-05-22 22:16:43 +02:00
Eugen Rochko f4cab3ebad Change search indexing to use batches to minimize resource usage (#18451) 2022-05-18 23:29:14 +02:00
Claire 5cc4d2ed8b Fix redis configuration not being changed by mastodon:setup (#18383)
Fixes #18342
2022-05-09 23:19:11 +02:00
Claire ea99b93364 Bump version to 3.5.2 (#18295)
* Bump version to 3.5.2

* Change some entries to be more clear

* Add some extra notes

* Fix line wrap

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-05-04 00:57:42 +02:00
Claire a6e431baca Add ability to set approval-based registration through tootctl (#18248)
Fixes #18235

Add `tootctl settings registrations approved` with
optional `--require-reason` switch.
2022-05-02 17:41:34 +02:00
Eugen Rochko a8e694233c Fix opening and closing Redis connections instead of using a pool (#18171)
* Fix opening and closing Redis connections instead of using a pool

* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
Gaelan Steele 7a00957cbb Fix light-mode emoji borders. (#18131) 2022-04-29 19:23:03 +02:00
Eugen Rochko 553889bc7c Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Claire ef902a72cf Fix instance actor being incorrectly created when running migrations (#18109)
* Add migration test about instance actor key

* Fix old migration

* Work around incorrect database state
2022-04-26 21:22:09 +02:00
Eugen Rochko 23b61a753a Bump version to 3.5.1 (#18000) 2022-04-08 21:57:24 +02:00
0x2019 e681e8d14c Fix error resposes for `from` search prefix (#17963)
* Fix error responses in `from` search prefix (addresses mastodon/mastodon#17941)

Using unsupported prefixes now reports a 422; searching for posts from an
account the instance is not aware of reports a 404. TODO: The UI for this
on the front end is abysmal.

Searching `from:username@domain` now succeeds when `domain` is the local
domain; searching `from:@username(@domain)?` now works as expected.

* Remove unused methods on new Error classes as they are not being used

Currently when `raise`d there are error messages being supplied, but
this is not actually being used. The associated `raise`s have been
edited accordingly.

* Remove needless comments

* Satisfy rubocop

* Try fixing tests being unable to find AccountFindingConcern methods

* Satisfy rubocop

* Simplify `from` prefix logic

This incorporates @ClearlyClaire's suggestion (see
https://github.com/mastodon/mastodon/pull/17963#pullrequestreview-933986737).

Accepctable account strings in `from:` clauses are more lenient than
before this commit; for example, `from:@user@example.org@asnteo +cat`
will not error, and return posts by @user@example.org containing the
word "cat". This is more consistent with how Mastodon matches mentions
in statuses. In addition, `from` clauses will not be checked for
syntatically invalid usernames or domain names, simply 404ing when
`Account.find_remote!` raises ActiveRecord::NotFound.

New code for this PR that is no longer used has been removed.
2022-04-08 21:21:49 +02:00
Eugen Rochko b7a6bba0b7 Fix cookies secure flag being set when served over Tor (#17992) 2022-04-08 12:47:18 +02:00
Claire c1b85d1f99 Fix migration error handling (#17991) 2022-04-07 20:46:30 +02:00
Claire 2b7d558807 Fix error re-running some migrations if they get interrupted at the wrong moment (#17989) 2022-04-07 20:17:49 +02:00
Eugen Rochko f982d56b4e Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 2022-04-06 20:58:12 +02:00
Holger fb3fc6cab4 fix: `s3_force_single_request` not parsed (#17922) 2022-04-01 23:56:23 +02:00
Eugen Rochko a7a8594f2e Bump version to 3.5.0 (#17911) 2022-03-30 14:52:37 +02:00
Eugen Rochko 91dd5ce8b7 Bump version to 3.5.0rc3 (#17876) 2022-03-26 04:29:36 +01:00
Eugen Rochko bd42dab872 Bump version to 3.5.0rc2 (#17855) 2022-03-26 02:54:11 +01:00
Claire ef643e9224 Fix tootctl email_domain_blocks add (#17842)
Fixes #17831
2022-03-21 19:10:09 +01:00
Claire b167133918 Fix wrong language code for Kurdish languages (#17812) 2022-03-17 01:37:03 +01:00
Eugen Rochko de14ccc13b Bump version to 3.5.0rc1 (#17618)
* Bump version to 3.5.0rc1

* Various fixes and improvements

* Update AUTHORS.md

* Various fixes and improvements

* Update README.md
2022-03-15 08:16:45 +01:00
Claire 503f16a333 Update fix-duplicates maintenance task (#17731)
* Update fix-duplicates task to 2022_02_10_153119

Also add support for Appeal to AccountMerging#merge_with!

* Update fix-duplicates task to 2022_03_07_094650

* Update fix-duplicates task to 2022_03_09_213005

* Update fix-duplicates task to 2022_03_07_083603

* Update fix-duplicates task to 2022_03_10_060626

* Update fix-duplicates script to 2022_03_07_083603

* Update fix-duplicates task to 2022_03_10_060706

* Update fix-duplicates task to 2022_03_10_060959

* Silence CodeClimate
2022-03-12 08:33:11 +01:00
Eugen Rochko 02d910cf90 Fix null values being included in some indexes (#17711)
* Fix null values being included in some indexes

* Update lib/mastodon/migration_helpers.rb

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Add documentation link to corruption error message

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-12 08:12:57 +01:00
Claire e8db3d38cf Add more migration tests (#17710)
* Add migration tests for hide_network settings migration

* Add tests about suspended/suspended_at

* Add more tests regarding the results of migrations

* Fix migration test regarding stale conflicting remote account

* Add migration tests about AccountConversation
2022-03-07 23:40:55 +01:00
Rens Groothuijsen d99303533e Enable importing GIF emojis in CLI (#17706) 2022-03-06 23:41:44 +01:00
Josh Soref 1c070bd94c Spelling (#17705)
* spelling: account

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: affiliated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: appearance

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: autosuggest

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: cacheable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: component

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: conversations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: domain.example

Clarify what's distinct and use RFC friendly domain space.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: environment

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: exceeds

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: functional

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: inefficiency

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: not

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: notifications

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: occurring

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: position

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: progress

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: promotable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: reblogging

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: repetitive

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: resolve

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: saturated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: similar

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: strategies

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: success

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: targeting

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: thumbnails

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unauthorized

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unsensitizes

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: validations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: various

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2022-03-06 22:51:40 +01:00
Jeong Arm c3e00dcda1 Calculate max_id without random vector (#17623) 2022-02-23 16:44:59 +01:00
Claire f499f086a9 Fix some media attachments being converted with too high framerates (#17619)
Video files with variable framerates are converted to constant framerate videos
and the output framerate picked by ffmpeg is based on the original file's
container framerate (which can be different from the average framerate).

This means that an input video with variable framerate with about 30 frames per
second on average, but a maximum of 120 fps will be converted to a constant 120
fps file, which won't be processed by other Mastodon servers.

This commit changes it so that input files with VFR and a maximum framerate
above the framerate threshold are converted to VFR files with the maximum frame
rate enforced.
2022-02-22 17:11:22 +01:00
Eugen Rochko a44cc7931a Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Eugen Rochko d4e8594b82 Forward-port version bump to 3.4.6 (#17434) 2022-02-03 14:21:38 +01:00
Claire c7083702fa Bump version to 3.4.5 (#17402) 2022-01-31 21:27:40 +01:00
Claire 7389378eed Add more advanced migration tests (#17393)
- populate the database with some data when testing migrations
- try both one-step and two-step migrations (`SKIP_POST_DEPLOYMENT_MIGRATIONS`)
2022-01-30 23:50:08 +01:00
Claire 507cb23dc3 Change index corruption warning to be a little less scary (#17395) 2022-01-30 23:49:52 +01:00
Claire 71862291aa Fix edge case in migration helpers that caused crash because of PostgreSQL quirks (#17398) 2022-01-30 22:34:54 +01:00
Claire 8114f4208f Remove leftover database columns from Devise::Models::Rememberable (#17191)
* Remove leftover database columns from Devise::Models::Rememberable

* Update fix-duplication maintenance script

* Improve errors/warnings in the fix-duplicates maintenance script
2022-01-23 15:46:30 +01:00
Claire efd2f303fe Change mastodon:webpush:generate_vapid_key task to not require functional env (#17338)
Fixes #17297
2022-01-20 14:51:23 +01:00
Eugen Rochko 9a8784829f Fix warnings on Rails boot (#16946) 2021-12-27 00:47:20 +01:00
Claire d8da1689c1 Add ability for admins to delete canonical email blocks (#16644)
* Add admin option to remove canonical email blocks from a deleted account

* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
2021-12-17 23:02:14 +01:00
Takeshi Umeda 6546346818 Add remove orphans to tootctl statuses remove (#17067)
* Add remove orphans to tootctl statuses remove

* Add REINDEX and change option from vacuum to compression-database

* Changed to extract the deletion target of conversations to a temporary table

* Support progress bar and exceptions when media remove

* Add continue option

* Fix compression to compress

* Remove skip_remove_orphans
2021-12-12 06:09:14 +01:00
Takeshi Umeda 3b1320f817 Fix performance of tootctl statuses remove (#17052)
* Fix performance of tootctl statuses remove

* Fix model class
2021-11-26 22:08:47 +01:00
Takeshi Umeda 8b87566072 Fix ElasticSearch to Elasticsearch (#17050) 2021-11-26 08:30:02 +01:00
OSAMU SATO 20ad635c3c Add batch_size option to bin/tootctl search deploy (#17049) 2021-11-26 08:29:53 +01:00
Eugen Rochko ad73becf3e Add trending links (#16917)
* Add trending links

* Add overriding specific links trendability

* Add link type to preview cards and only trend articles

Change trends review notifications from being sent every 5 minutes to being sent every 2 hours

Change threshold from 5 unique accounts to 15 unique accounts

* Fix tests
2021-11-25 13:07:38 +01:00
Takeshi Umeda 869faf5f87 Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)
* Bump chewy from 5.2.0 to 7.2.2

* fix style (codeclimate)

* fix style

* fix style

* Bump chewy from 7.2.2 to 7.2.3
2021-11-18 22:02:08 +01:00
Claire ef730593f4 Fix upload of remote media with OpenStack Swift sometimes failing (#16998)
Under certain conditions, files fetched from remotes trigger an error when
being uploaded using OpenStack Swift. This is because in some cases, the
remote server will not return a content-length, so our ResponseWithLimitAdapter
will hold a `nil` value for `#size`, which will lead to an invalid value
for the Content-Length header of the Swift API call.

This commit fixes that by taking the size from the actually-downloaded file
size rather than the upstream-provided Content-Length header value.
2021-11-16 21:36:28 +01:00
Claire 65a727c888 Fix "bundle exec rails mastodon:setup" crashing in some circumstances (#16976)
Fix regression from #16896
2021-11-11 14:00:30 +01:00
Eugen Rochko 8925737d2c Forward port version bumps to 3.4.2 and 3.4.3 (#16945)
* Bump version to 3.4.2

* Bump version to 3.4.3
2021-11-06 05:32:14 +01:00
Jeong Arm a38eceedb1 Skip blocked domains media on tootctl media refresh (#16914) 2021-10-28 19:30:44 +02:00
Claire ee098c8342 Fix mastodon:setup to take dotenv/docker-compose differences into account (#16896)
In order to work around https://github.com/mastodon/mastodon/issues/16895,
add a warning to .env.production.sample, and change the mastodon:setup rake
task to:
- output a warning if a variable will be interpreted differently by dotenv
  and docker-compose
- ensure the printed config is compatible with docker-compose
2021-10-25 16:34:15 +02:00
Claire c1aea260c7 Add S3_FORCE_SINGLE_REQUEST env var to work around S3 compatibility issues (#16866)
Fixes #16822
2021-10-18 18:29:04 +02:00
Jeong Arm 5f554f1171 Add optional domain restrict to tootctl accounts cull (#16511)
* Add optional domain restrict to accounts cull

* Use "unless" - codeclimate
2021-10-14 21:09:56 +02:00
Claire f940e4871d Fix `tootctl accounts cull` not excluding domains on timeouts and certificate issues (#16433)
Fixes #16410
2021-10-14 21:08:37 +02:00
Claire 15d35ed5fa Fix tootctl self-destruct not sending Delete activities for recently-suspended accounts (#16688)
* Do not block existing users' emails on self-destruct

That is wasteful and unintuitive

* Do not close registrations when running tootctl self-destruct with --dry-run

* Close registrations on self-destruct regardless of known remote accounts

* Fix tootctl self-destruct not sending Deletes for recently-suspended accounts

* Suspend local users even if no remote account is known

* Do not show scary confirmation text if ran with --dry-run
2021-10-14 19:59:28 +02:00
Claire 7d0089033f Switch from unmaintained paperclip to kt-paperclip (#16724)
* Switch from unmaintained paperclip to kt-paperclip

* Drop some compatibility monkey-patches not required by kt-paperclip

* Drop media spoof check monkey-patching

It's broken with kt-paperclip and hopefully it won't be needed anymore

* Fix regression introduced by paperclip 6.1.0

* Do not rely on pathname to call FastImage

* Add test for ogg vorbis file with cover art

* Add audio/vorbis to the accepted content-types

This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…

* Restore missing for_as_default method

* Refactor Attachmentable concern and delay Paperclip's content-type spoof check

Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.

* Please CodeClimate

* Add audio/vorbis to the unreliable set

It doesn't correspond to a file format and thus has no extension associated.
2021-09-29 23:52:36 +02:00
Claire 1fcf310c60 Add feature to automatically delete old toots (#16529)
* Add account statuses cleanup policy model

* Record last inspected toot to delete to speed up successive calls to statuses_to_delete

* Add service to cleanup a given account's statuses within a budget

* Add worker to go through account policies and delete old toots

* Fix last inspected status id logic

All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.

* Add tests

* Refactor scheduler and add tests

* Add user interface

* Add support for discriminating based on boosts/favs

* Add UI support for min_reblogs and min_favs, rework UI

* Address first round of review comments

* Replace Snowflake#id_at_start with with_random parameter

* Add tests

* Add tests for StatusesCleanupController

* Rework settings page

* Adjust load-avoiding mechanisms

* Please CodeClimate
2021-08-09 23:11:50 +02:00
Takeshi Umeda ba1bc51afd Fix unsupported video error message handling (#16581) 2021-08-08 15:28:57 +02:00
Claire ab4c1478b6 Change references to tootsuite/mastodon to mastodon/mastodon (#16491)
* Change references to tootsuite/mastodon to mastodon/mastodon

* Remove obsolete test fixture

* Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG

And a few other places
2021-07-13 15:46:20 +02:00
Eugen Rochko 34dd743b58 Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00
Claire 45893a757e Add --by-uri option to `tootctl domains purge` (#16434)
Fixes #16410
2021-07-07 21:17:00 +02:00
Claire 36031e5e5c Update emoji codepoint mappings to v13.1 (#16352) 2021-06-03 16:08:07 +02:00
Eugen Rochko 2b38d0f349 Bump version to 3.4.1 (#16350) 2021-06-03 04:26:02 +02:00
Claire 273e1258ce Fix migration script not being able to run if it fails midway (#16312)
* Fix migration script not being able to run if it fails midway

* Fix old migration script

* Fix old migration script

* Refactor CorruptionError
2021-06-02 19:15:17 +02:00
Claire 2c3a1f32ad Fix account deletion sometimes failing because of optimistic locks (#16317)
* Fix account deletion sometimes failing because of optimistic locks

In some rare occasions[1], deleting accounts would fail with a
`StaleObjectError` exception.

Indeed, account deletion manually sets the `AccountStat` values without
handling cases where the optimistic locking on `AccountStat` would fail.

To my knowledge, with the rewrite of account counters in #15913, the
`DeleteAccountService` is now the only place that changes the counters in
a way that is not atomic.

Since in this specific case, we do not care about the previous values of the
account counters, it appears we don't need locking at all for this table
anymore.

[1]: https://discourse.joinmastodon.org/t/account-cant-be-deleted/3602

* Bump MAX_SUPPORTED_VERSION in maintenance script
2021-06-02 17:41:25 +02:00
Claire 7f6a00ed0a Fix `tootctl search deploy` on Ruby 3 (#16346)
Fixes #16344
2021-06-01 17:31:49 +02:00
Eugen Rochko 85740837c6 Bump version to 3.4.0 (#16239) 2021-05-16 23:55:07 +02:00
Eugen Rochko 0be04106b2 Add more checks to `repo:check_locales_files` (#16249) 2021-05-16 23:54:46 +02:00
Claire 2934b06a25 Update fix-duplicates maintenance script to support latest migrations (#16231)
* Update maintenance script to support latest database migrations

* Update Account#merge_with!
2021-05-12 23:19:44 +02:00
rinsuki 503d7feb99 Fix animated GIF generates animated thumbnail (#16216) 2021-05-11 19:15:11 +02:00
Eugen Rochko cafaf8e783 Bump version to 3.4.0rc2 (#16206) 2021-05-10 22:23:48 +02:00
Takeshi Umeda 00f4204d05 Add a Redis environment variable for sidekiq (#16188) 2021-05-09 10:40:17 +02:00
Eugen Rochko 0245174bae Bump version to 3.4.0rc1 (#16053) 2021-05-08 17:15:06 +02:00
Claire bb69774177 Fix older migrations on Ruby 3 (#16174) 2021-05-07 15:56:45 +02:00
Claire 86f5fad111 Add Ruby 3.0 support (#16046)
* Fix issues with POSIX::Spawn, Terrapin and Ruby 3.0

Also improve the Terrapin monkey-patch for the stderr/stdout issue.

* Fix keyword argument handling throughout the codebase

* Monkey-patch Paperclip to fix keyword arguments handling in validators

* Change validation_extensions to please CodeClimate

* Bump microformats from 4.2.1 to 4.3.1

* Allow Ruby 3.0

* Add Ruby 3.0 test target to CircleCI

* Add test for admin dashboard warnings

* Fix admin dashboard warnings on Ruby 3.0
2021-05-06 14:22:54 +02:00
Eugen Rochko 115cdee0ed Fix media redownload worker retrying on unexpected response codes (#16111) 2021-05-05 23:46:59 +02:00
Eugen Rochko 1c2b085a64 Fix media processing getting stuck on too much stdin/stderr (#16136)
* Fix media processing getting stuck on too much stdin/stderr

See thoughtbot/terrapin#5

* Remove dependency on paperclip-av-transcoder gem

* Remove dependency on streamio-ffmpeg gem

* Disable stdin on ffmpeg process
2021-05-05 19:44:01 +02:00
Takeshi Umeda 7bcd4a83f8 Fix how to change connection pool for rails 6 (#16158)
* Fix how to change connection pool for rails 6

* Fix to match the code elsewhere
2021-05-05 04:41:10 +02:00
Takeshi Umeda 465434aac8 Fix cache redis not being used (#16131) 2021-04-29 15:43:49 +02:00
Ikko Ashimine 02941921a6 Fix typo in db.rake (#16126)
occured -> occurred
2021-04-27 16:25:24 +02:00
Claire 89ef33df51 Add border to 🚲 emoji (#16035) 2021-04-13 23:43:51 +02:00
Eugen Rochko b0ba97e1c1 Remove dependency on pluck_each gem (#16012) 2021-04-12 03:35:58 +02:00
abcang 57d0cb0002 Fix DB connection pool settings in CLI (#15983) 2021-03-31 17:46:17 +02:00
Stanislas 9c85025a11 tootctl emoji import: case insensitive duplicate check (#15738) 2021-03-24 10:55:16 +01:00
Claire b2a89bf38e Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire edc41c6e17 Change mastodon:setup to not call assets:precompile in docker (#13942)
It appears assets are built during image build, and they shouldn't need
to be rebuilt, since we now have reproducible builds.
2021-03-24 10:37:24 +01:00
Claire 5c69eecacc Improve account counters handling (#15913)
* Improve account counters handling

* Use ActiveRecord::Base::sanitize_sql to pass values instead of interpolating them

Keep using string interpolation for `key` as it is safe and using
“ActiveRecord::Base::sanitize_sql_hash_for_assignment” would require stitching
bits of SQL in a way that is not more easily checked for safety.

* Add migration hook to catch PostgreSQL versions earlier than 9.5
2021-03-19 13:14:57 +01:00
Claire 7d180ee89c Remove MySQL-specific code from Mastodon::MigrationHelpers (#15924)
Mastodon::MigrationHelpers has been forked from Gitlab a long time ago, but
Mastodon has never supported using a MySQL database.

Removing MySQL support from Mastodon::MigrationHelpers makes it a little easier
to maintain. In particular, it removes code that would need updating with
Rails 6.
2021-03-19 13:14:40 +01:00
Claire 02e721757e Change deduplication order of tootctl maintenance fix-duplicates (#15923)
Hopefully fixes #15922

Also update support up to latest database schema version
2021-03-19 11:07:56 +01:00
Claire 6024c263bf Further preparation for Rails 6 (#15916)
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash

They do the same thing, and to_hash has been removed from Rails 6.1

* Explicitly name polymorphic indexes to workaround a bug in Rails 6.1

cf. https://github.com/rails/rails/issues/41693

* Fix incorrect usage of “foreign_key” in migration script

* Use `ActiveModel::Errors#delete` instead of deprecated clear method

* Fix link headers tests on Rails 6.1

Rails 6.1 adds values to the Link header by default, thus it is not a
LinkHeader object anymore. Fix the test to parse the Link header instead
of assuming it is a LinkHeader.
2021-03-19 02:45:34 +01:00
Claire 00415d09e0 Use more robust hook for loading timestamp_id function into database (#15919) 2021-03-19 02:43:13 +01:00
Claire 3feb291d90 Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Claire 1634e71bd6 Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-17 10:09:55 +01:00
Claire 9208810829 Add borders to 📱 and 📲 emojis (#15794) 2021-03-01 21:22:54 +01:00
Justin Tracey cbcf083cb4 replace all instances of "ends_with?" with "end_with?" (#15745)
The "ends_with?" method is just a Rails alias of Ruby's "end_with?" method.
Using the latter makes the code less brittle.
2021-02-19 09:56:14 +01:00
Justin Tracey adb482477e use host instead of headers to make Rack happy (#15741)
"headers" is provided by Rails, Rack can't rely on it
2021-02-16 15:28:17 +01:00
Cecylia Bocovich 6f95d30ef9 Monkey patch Rack::Session to send secure cookies to onions (#15725) 2021-02-14 00:10:52 +01:00
Claire e47570388a Drop dependency on secure_headers, fix response headers (#15712)
* Drop dependency on secure_headers, use always_write_cookie instead

* Fix cookies in Tor Hidden Services by moving configuration to application.rb

* Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
2021-02-11 23:47:05 +01:00
Claire df53900b13 Fix obsolete digitalocean.rake file breaking rake tasks (#15618) 2021-02-11 02:11:30 +01:00
Shubhendra Singh Chauhan daea469385 Fixed code quality issues (#15541)
* Added .deepsource.toml

* Removed bad use of `alias`

* Fixed operand order in the binary expression

* Prefixed unused method arguments with an underscore

* Replaced the old OpenSSL algorithmic constants with the newer strings initializers.

* Removed unnecessary UTF-8 encoding comment
2021-01-31 21:26:09 +01:00
ThibG aa34a9519e Fix “tootctl accounts unfollow” (#15639)
Fixes #15635

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-01-29 18:38:56 +01:00