Commit Graph

2488 Commits (bac5e8202a75f9bae4c52ecb61f0c1c267fd4068)

Author SHA1 Message Date
Claire f5a9971cac Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated copyright year, we don't mention it so kept our version.
- `app/controllers/admin/dashboard_controller.rb`:
  Not really a conflict, upstream change (removing the spam checker) too close
  to glitch-soc changes. Ported upstream changes.
- `app/models/form/admin_settings.rb`:
  Same.
- `app/services/remove_status_service.rb`:
  Same.
- `app/views/admin/settings/edit.html.haml`:
  Same.
- `config/settings.yml`:
  Same.
- `config/environments/production.rb`:
  Not a real conflict, upstream added a default HTTP header, but we have
  extra headers in glitch-soc.
  Added the header.
2021-04-20 12:17:14 +02:00
Claire 21ebf536e4 Add Message-ID header to outgoing emails (#16076)
* Add Message-ID header to outgoing emails

* Use email domain name from SMTP_FROM_ADDRESS, fallback on WEB_DOMAIN on failure

* Use notifications@localhost as fallback for SMTP_FROM_ADDRESS, do not catch parse errors
2021-04-19 18:41:29 +02:00
Eugen Rochko 6d78b064e3 Fix missing source strings and inconsistent lead text style in admin UI (#16052) 2021-04-17 11:12:49 +02:00
Eugen Rochko 5d0cbe4892 Fix app name, website and redirect URIs not having a maximum length (#16042)
Fix app scopes not being validated
2021-04-15 16:28:43 +02:00
Eugen Rochko f45b084e1c Change option labels on edit profile page (#16041) 2021-04-15 16:28:20 +02:00
Claire 8bb856c1ef Add HTTP header to explicitly opt out of FLoC by default (#16036)
Fixes #16034
2021-04-13 23:43:41 +02:00
Eugen Rochko 92b2d926bf Add cold-start follow recommendations (#15945) 2021-04-12 12:37:14 +02:00
Eugen Rochko b0ba97e1c1 Remove dependency on pluck_each gem (#16012) 2021-04-12 03:35:58 +02:00
Eugen Rochko 2e8a673376 Remove spam check and dependency on nilsimsa gem (#16011) 2021-04-11 11:22:50 +02:00
Eugen Rochko 1189a308c9 Fix autoloading deprecation warnings from Rails 6 (#16010) 2021-04-09 02:31:20 +02:00
Eugen Rochko 6890846e47 Fix deprecation warning for Sidekiq web session secret (#16009) 2021-04-09 02:31:11 +02:00
Claire ba9921c644 Merge branch 'main' into glitch-soc/merge-upstream 2021-04-05 14:31:07 +02:00
Eugen Rochko 19df881320 Add system checks to dashboard in admin UI (#15989) 2021-04-03 14:12:30 +02:00
Eugen Rochko 2e0cdf30d5 Change health check (#15988) 2021-04-03 02:39:04 +02:00
Claire 88048a8d8a Merge branch 'main' into glitch-soc/merge-upstream 2021-03-31 10:34:29 +02:00
Claire 151e79fe72 Add warning in admin dashboard if some required queues are not handled (#15954) 2021-03-26 18:22:54 +01:00
Claire 3fee89578b Fix ActiveRecord monkey-patching migration hack 2021-03-24 10:55:02 +01:00
Claire d10b08ea1f Merge branch 'main' into glitch-soc/merge-upstream 2021-03-24 10:53:50 +01:00
Claire b2a89bf38e Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire d27331e99a Fix brakeman warning (#15870)
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.

This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
Claire bb510a1454 Fix push notification title for polls (#15931) 2021-03-19 23:47:31 +01:00
Claire 4c9e572798 Add missing push notification title for polls (#15929) 2021-03-19 20:22:49 +01:00
Marcin Mikołajczak 4be836871a Add missing `en.notification_mailer.status.subject` (#15564)
* Add missing `en.notification_mailer.status.subject`

* Update en.yml
2021-03-19 17:15:59 +01:00
Claire e19ca0e913 Merge branch 'main' into glitch-soc/merge-upstream 2021-03-19 13:57:15 +01:00
Claire 00415d09e0 Use more robust hook for loading timestamp_id function into database (#15919) 2021-03-19 02:43:13 +01:00
Claire 3feb291d90 Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Claire 1634e71bd6 Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-17 10:09:55 +01:00
Claire 3c09518a1d Merge branch 'main' into glitch-soc/merge-upstream 2021-03-15 11:26:59 +01:00
Eugen Rochko 9f16bd9c89 Fix configuration for sidekiq-unique-jobs after 7.x upgrade (#15908)
Remove locks from scheduled jobs
2021-03-15 11:17:43 +01:00
Claire cf6d132a58 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_length_validator.rb`:
  Conflict due to glitch-soc's configurable maximum toot chars.
  Ported upstream changes.
2021-03-11 16:08:15 +01:00
Claire 6451cfcd83 Fix some ignored brakeman warnings (#15829) 2021-03-07 07:06:56 +01:00
dependabot[bot] b999d1608c Bump capistrano from 3.15.0 to 3.16.0 (#15818)
* Bump capistrano from 3.15.0 to 3.16.0

Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.15.0 to 3.16.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.15.0...v3.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

* 3.16

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-03-05 06:38:52 +09:00
Claire 5a89279d20 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_length_validator.rb`:
  Upstream changes too close to glitch-soc MAX_CHARS changes, but not a real
  conflict.
  Applied upstream changes.
- `package.json`:
  glitch-soc-only dependency textually too close to a dependency updated
  upstream, not a real conflict.
  Applied upstream changes.
2021-03-02 12:06:58 +01:00
Claire a33f8f787a Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
2021-03-02 12:02:56 +01:00
Eugen Rochko 28399e88b5 Add `POST /api/v1/emails/confirmations` to REST API (#15816)
Only available to the application the user originally signed-up with
2021-03-01 18:39:47 +01:00
Eugen Rochko ade70733f7 Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803) 2021-03-01 04:59:13 +01:00
Claire 37d5bae34f Add inline description of moderation actions in moderation interface (#15792) 2021-02-24 16:53:16 +01:00
Claire dd60ecfc04 Merge branch 'main' into glitch-soc/merge-upstream 2021-02-22 15:23:46 +01:00
Eugen Rochko 4930e71ae7 Add server rules (#15769) 2021-02-21 19:50:12 +01:00
Shlee b6b7b6a1f5 Delete pagination.rb (#15754) 2021-02-19 09:52:58 +01:00
Eugen Rochko e4ba5635ee Add `GET /api/v1/accounts/lookup` REST API (#15740) 2021-02-16 15:28:32 +01:00
Claire 489a5a539c Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/styles/mastodon/modal.scss`:
  For some reason we changed the file loading path in glitch-soc,
  but now upstream has completely changed how the logo is loaded.
  Applied upstream changes.
2021-02-12 10:28:32 +01:00
Claire e47570388a Drop dependency on secure_headers, fix response headers (#15712)
* Drop dependency on secure_headers, use always_write_cookie instead

* Fix cookies in Tor Hidden Services by moving configuration to application.rb

* Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
2021-02-11 23:47:05 +01:00
Cecylia Bocovich 6c300f08e5 Onion service related changes to HTTPS handling (#15560)
* Enable secure cookie flag for https only

* Disable force_ssl for .onion hosts only

Co-authored-by: Aiden McClelland <me@drbonez.dev>
2021-02-11 04:40:13 +01:00
Claire df53900b13 Fix obsolete digitalocean.rake file breaking rake tasks (#15618) 2021-02-11 02:11:30 +01:00
Claire 85e0b5ce91 Merge branch 'main' into glitch-soc/merge-upstream 2021-02-03 17:02:48 +01:00
Marcin Mikołajczak 4bcb2a9a34 Update Doorkeeper strings for `doorkeeper.errors.messages.invalid_request` (#15659)
* Update Doorkeeper strings for doorkeeper.errors.messages.invalid_request

Signed-off-by: marcin mikołajczak <me@mkljczk.pl>

* Update config/locales/doorkeeper.en.yml

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-02-03 00:38:48 +01:00
Shubhendra Singh Chauhan daea469385 Fixed code quality issues (#15541)
* Added .deepsource.toml

* Removed bad use of `alias`

* Fixed operand order in the binary expression

* Prefixed unused method arguments with an underscore

* Replaced the old OpenSSL algorithmic constants with the newer strings initializers.

* Removed unnecessary UTF-8 encoding comment
2021-01-31 21:26:09 +01:00
Claire 875d894a42 Change default site title to not point to dev.glitch.social 2021-01-27 14:45:45 +01:00
Claire 9493606b11 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `CONTRIBUTING.md`:
  Not a real conflict, glitch-soc quotes the upstream file, which has been
  changed. Update the quote.
2021-01-26 14:01:30 +01:00