Sidekiq sometimes throws errors for users that have more pinned items
than the allowed by the local instance. It should only validate the
number of pins for local accounts.
This also limits the statuses returned by API, but pagination is not
implemented in Web API yet. I still expect it brings user experience
better than making a user wait to fetch all ancestor statuses and flooding
the column with them.
* Further improvements to Reports UI
- Clean up notes display
- Clean up add new note form
- Simplify controller
- Allow reopening a report with a note
- Show created at date for reports
- Fix report details table formatting
* Show history of report using Admin::ActionLog beneath the report
* Fix incorrect log message when reopening a report
* Implement fetching of all ActionLog items that could be related to the report
* Ensure adding a report_note updates the report's updated_at
* Limit Report History to actions that happened between the report being created and the report being resolved
* Fix linting issues
* Improve report history builder
Thanks @gargron for the improvements
* Admin: Show unconfirmed email address on account page
* Admin: Allow staff to change user email addresses
* ActionLog: On change_email, log current email address and new unconfirmed email address
- Explicitly specify video codec.
When ffmpeg isn't compiled with libx264 but openh264, mpeg4 is selected as video codec.
- Swap avarage bitrate and max bitrate.
* Fix: Switching between composing direct message and mention from menus
Previously clicking "direct message" followed by "mention" resulted in the composed status staying as "direct", along with weird spacing of items in the text area. This attempts to fix that.
* Fix: Add missing proptype check for onMention in Status component
* Add the ability to send a direct message to a user from the menu on Statuses
* Add space between "Embed" and "Mention" on expanded statuses menu
ancestor_statuses and descendant_statuses used to include the root status
itself, but the behavior is confusing because the root status is not
an ancestor nor descendant.
* Hide search from Compose on mobile devices
We're presently seeing large numbers of users accidentally tooting what they're trying to search for. This PR hides the search form from the Compose view, now that we have a dedicated "search" tab on mobile.
* Don't "showSearch" on mobile if we're not currently searching (isSearchPage)
* Enable updating additional account information from user preferences via rest api
Resolves#6553
* Pacify rubocop
* Decoerce incoming settings in UserSettingsDecorator
* Create user preferences hash directly from incoming credentials instead of going through ActionController::Parameters
* Clean up user preferences update
* Use ActiveModel::Type::Boolean instead of manually checking stringified number equivalence
* Fix follow/unfollow buttons on public profile
- Present non-logged users with web+mastodon:// URLs for remote accounts
- Present logged-in users with appropriate links (authorize_follows and
remote_unfollows) for remote accounts
* Do not cache rendered cards if user is logged in
* i18n: update gender-neutral language for pt and pt-BR
Instead of using "bem-vindo(a)" (a masculine form of "Welcome"
with a "(a)" in the end to mean "bem-vinda" for the feminine form),
use "boas-vindas", which is a gender-neutral form of "Welcome").
There is already precedent for using "boas-vindas" in the
Brazilian Portuguese localization, in `config/locales/pt-BR.yml`.
European Portuguese dictionary Priberam also registers it as a valid form:
https://www.priberam.pt/dlpo/boas-vindas
* i18n: pt-BR minor orthography fix
The form "a bordo" does not take an accent.
http://oredator.com.br/curso-de-redacao/uncategorized/a-bordo-ou-a-bordo
* Adjust privacy policy to be more specific to Mastodon
Fix#6613
* Change data retention of IP addresses from 5 years to 1 year
* Add even more information
* Remove all (now invalid) translations of the privacy policy
* Add information about archive takeout, remove pointless consent section
* Emphasis on DM privacy
* Improve wording
* Add line about data use for moderation purposes
Unfortunately the new hammer.js functionality wasn't correctly tested and didn't work across devices and browsers, as such, it's best to revert PR #6944 until we can revisit this functionality and make it work across all devices and browsers that are supported by Mastodon.
This reverts commit 7551951094.
Previously these returns 302 redirects instead of 403s, which meant posting links to admin pages in slack caused them to unfurl, rather than stay as a link. Additionally, require_admin! doesn't appear to be actively used, on require_staff!
* Implement Assignment of Reports (#6967)
* Change translation of admin.report.comment.label to "Report Comment" for clarity
As we'll soon add the ability for reports to have comments on them, this clarification makes sense.
* Implement notes for Reports
This enables moderators to leave comments about a report whilst they work on it
* Fix display of report moderation notes
* Allow reports to be reopened / marked as unresolved
* Redirect to reports listing upon resolution of report
* Implement "resolve with note" functionality
* Add inverse relationship for report notes
* Remove additional database querying when loading report notes
* Fix tests for reports
* Fix localisations for report notes / reports
* Add eslint-plugin-promise to detect uncaught rejections
* Move alert generation for errors to actions/alert
* Add missing rejection handling for Promises
* Use catch() instead of onReject on then()
Then it will catches rejection from onFulfilled. This detection can be
disabled by `allowThen` option, though.
* Clear compose textarea when starting a new direct message
Previous behaviour resulted in potentially misdirected direct messages.
* Hide search when starting to compose a direct message
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/
> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems