Commit Graph

12959 Commits (cdc026c2fb8dbc3c578ca06bde479fcb378beaa4)

Author SHA1 Message Date
Luxiaba cd49284155 Remove inline-css in logo (#20814) 2022-12-15 17:10:34 +01:00
Yurii Izorkin d43af3cb19 Add brotli compression (#19025) 2022-12-15 17:07:36 +01:00
Matthías Páll Gissurarson bf26ee1e27 Fix punycoded local domains not being prettified in initial state (#21440) 2022-12-15 17:05:40 +01:00
Meisam 272ae2baa8 set activation for tag follow button (#21629)
Co-authored-by: meisam <meisam@noreply.codeberg.org>
2022-12-15 17:04:52 +01:00
Claire c83083eef5 Fix inability to use local LibreTranslate without setting ALLOWED_PRIVATE_ADDRESSES (#21926)
Fixes #20029
2022-12-15 17:04:38 +01:00
Claire a85c0fc862 Add explanation text to log-in page (#20946) 2022-12-15 16:44:29 +01:00
Fries 0e5b4b87bb Add Montenegrin (cnr) (#21013) 2022-12-15 16:40:57 +01:00
Claire 8985a8d7ec Fix the top action bar appearing in multi-column layout (#20943) 2022-12-15 16:40:45 +01:00
Claire 01f0da2a4f Change CSP directives on API to be tight and concise (#20960) 2022-12-15 16:40:32 +01:00
Kaspar V d0fb555876 linting: RuboCop update, config fixes (#20574)
* fix(rubocop): update gems and add performance and rspec

fix(rubocop): update gems and add performance and rspec

- update present rubocop gems
- add rubocop-rspec and rubocop-performance gems
- move rubocop gems to gem group :development, :test in order to
  make linting in a github action that runs with RAILS_ENV=test possible

* feat(rubocop): disable some annoyance RSpec cops

To mee these prooved to be more annoying than helpful.
If not agreed, they can be enabled any time.

* fix(rubocop): do not ignore spec/**/*

Because rubocop-rspec should lint the specs as well, and they
deserve to be readable in general. It is relevant code, after all.

* fix(rubocop): change ignore db/**/* to db/schema.rb

because rails cops do some lints for migrations.
E.g. reversable migrations linting and more.

* fix(rubocop): tune rules configs

Bunch of commits squashed:

fix(rubocop): enable Layout/LineLength cop

Because this project has code with line lenghts > 500 chars.
This is not good practice at all, so I strongly suggest to
change the practice in the future.

But allow heredoc, URI and comments to still be long lines
and make the default Max: 120 explicit, by repeating it in the
config. To me this max length seems reasonable. Perhaps
a bit more could be ok for some. But > 500 chars in one line
Seems to be way too long IMHO.

fix(rubocop): Metrics/CyclomaticComplexity Max to 12

The default is 7, perhaps quite strict. But 25 is too loose,
the rule becomes pointless like that.

fix(rubocop): AllCops ruby version, cacheing and more info

- fix the target ruby version from 2.5 to 3.0
- have the cop error messages to be more informative and helpful
- enable cacheing in /tmp

fix(rubocop): Metrics/AbcSize to 34 from 115

Rubocops default is 17. If the rule is at 115 is becomes
pointless.

fix(rubocop): Metrics/BlockLength improvements

- instead of ignoring tasks completely, ignore only the
  long blocks that are specific to tasks (task, namespace)
- ignore also concern specific block methods (included, class_methods)

fix(rubocop): Metrics/ClassLength count heredoc array as one line

fix(rubocop): Metrics/MethodLength Max to 25

- the default is 10, but 65 is too loose, so perhaps 25?

fix(rubocop): Metrics/ModuleLength array and heredoc count as one

fix(rubocop): Metrics/PerceivedComplexity to 16 from 25

Rubocops default is 8, so how about only doubling that, instead
of > than tripple it?

fix(rubocop): enable Style/RedundantAssignment

Because I think that this rule would never really hurt,
but improve code quality and readability.

fix(rubocop): enable Style/RescueStandardError

I think everyone that ever had to debug what this can bring
will hopefully agree that this rule totally makes sense.
In the super rare exeptions where this is totally needed,
it can be excluded by disabling comment in that place.

fix(rubocop): Metrics/ParameterLists add explicit defaults and some excludes
2022-12-15 16:39:59 +01:00
Neil Matatall 728cfe0c1c Use Rails tag API to build RSS feed for spoilers and polls (#20163)
* Use Rails tag API to build RSS feed for spoilers and polls

While the previous method did not contain a bug or a potential issue,
the tag API can be very resilient against future problems and reduces the
amount of manual management of the escape status of the content.

I've added tests to ensure that the formatting is broken and still
escapes control characters correctly.

* this seems cleaner and passes

* Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself

* whoops, tag helper doesn't use a self-closing tag
2022-12-15 16:39:41 +01:00
Dan Peterson 2a98aad36d Fix default S3_HOSTNAME used in mastodon:setup (#19932)
s3-us-east-1.amazonaws.com does not exist.

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:38:51 +01:00
Colin Mitchell 017ec81873 Add environment variable to configure sidekiq concurrency (#19589)
Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:38:37 +01:00
Nick Schonning 691a69adf5 Fix typo in handler function call name (#21829) 2022-12-15 16:37:17 +01:00
Connor Shea 5475089960 Increase the width of the unread notification border. (#21692)
The smaller border is difficult to see for some users, especially
when the browser window was thinner, and so the unread border is at the
very left edge of the window.
2022-12-15 16:37:07 +01:00
Francis Murillo 1bfc5af0a7 Render current day formats in the client timezone (#21878)
* Fix remaining plain %time to %time.formatted

* Add %time.relative-formatted to client format dates on the current day

* Add missing comma dangle to formats

* Use client side message format instead of the server

* Add fallback message to relatve_format.today

* Remove unused translation key and fix js lint issue

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:35:25 +01:00
trwnh c6161591bf Add localization for new admin scopes (#20979)
* Add localization for new admin scopes

* run bundle exec i18n-tasks normalize
2022-12-15 16:21:13 +01:00
Ikko Ashimine 3c4c932938 Fix typo in application_helper_spec.rb (#20981)
enviroment -> environment
2022-12-15 16:20:55 +01:00
Yamagishi Kazutoshi 21ffc2340f `FormattedMessage` must be used directly (#20982)
* `FormattedMessage` must be used directly

* rollback
2022-12-15 16:20:46 +01:00
Pleclown 8993b7d630 Adding 12 hours option for polls (#21131)
* Adding 12 hours option for polls

Adding 12 hours option for polls

* Adding 12 hours option for polls

Missing > on a line
2022-12-15 16:20:34 +01:00
Alex Stine ce1103a154 Fix hidden label causing accessibility issue for search inputs (#21275)
* Try unhiding search label.

* Use aria-label. Remove label as empty labels are useless.

* Remove addition of package-lock.json.
2022-12-15 16:20:21 +01:00
Matt Hodges 7ea3a33c86 Embed js height fix (#22141)
* only begin iframe reheight once document state is complete

* format

* lint fixes

* Update public/embed.js to use readystatechange event listener

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Call loaded() if ready, otherwise add listenter

* lint fix

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-15 16:18:59 +01:00
Jeremy Kescher 4afb0ba152 Fix being unable to react with the keycap number sign emoji (#22231)
#⃣

This bug is caused by the emoji consisting of:
U+23 #
U+FE0F
U+20E3  ⃣

Because it starts with a #, it's interpreted as an anchor link, which is not passed to the API. Therefore, the API sees no emoji to react with and answers correctly with a 404.
2022-12-15 16:18:39 +01:00
nametoolong 93ad2aba5e Fix N+1 queries from in NotificationsController (#21202)
Co-authored-by: Nonexistent <nx@example.org>
2022-12-15 16:18:20 +01:00
luzpaz 11b7735fb3 Fix typos in source documentation (#21046)
Fixed 2 source comment/documentation typos
2022-12-15 15:57:26 +01:00
Moritz Heiber c16cab7c3c Add hadolint as Dockerfile linter (#20993)
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile

* Use more specific version of hadolint Action

* Bumpt hadolint Action version to latest version to avoid deprecation notice

* Being _really_ specific now
2022-12-15 15:57:17 +01:00
Riedler b80d7c9f00 Fix profile avatar being slightly offset into left border (fixes #20822) (#20994)
* hotfix for #20822

I don't know why it was shifted in the first place or why the width is specified twice, but this fixes the problem, so it looks fine to me.

* realigned pfp with content below

* fixed formatting 

my bad

* added comment to explain the negative margin

before I forget - comments are *important* !

Co-authored-by: Riedler <riedler@gelse.eu>
2022-12-15 15:57:02 +01:00
s0 289097866b Fix crash in elasticsearch_check.rb (#21006)
Nil unwrap causes the admin dashboard to crash/500 when the Chewy client info version number value is nil.
This occurs when running another ES-compatible backend such as MeiliSearch.
Obviously it would be good for chewy to recognise upstream but at least avoiding the crash would be fine.
2022-12-15 15:56:48 +01:00
Effy Elden c7d4d21d99 Allow adding relays while secure mode & limited federation mode are enabled (#22324) 2022-12-15 15:56:05 +01:00
Claire cd7d124e21 Fix invalid CSS for links in warning and strike cards (#22302) 2022-12-15 15:52:18 +01:00
Jeong Arm 53b6623136 Don't delivery a reply to domains which are blocked by author (#22117)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-15 15:52:06 +01:00
Justin Hutchings ee1ff3bd9f Add CodeQL workflow (#21894) 2022-12-15 15:51:13 +01:00
Claire 50aecc6738 Fix missing Javascript in domain block import confirmation page (#21471)
Follow-up to #20597
2022-12-15 15:47:23 +01:00
Francis Murillo 3a11a90dd3 Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Claire 4adc6160ad Change dropdown menu to contain “Copy link to post” even for non-public posts (#21316)
Fixes #21244
2022-12-15 15:43:16 +01:00
Meisam ad2610c413 Validate nodeinfo response by schema (#21395)
* add json-schema to :test in Gemfile

* Create node_info_2.0_schema.json

* test match_response_schema

* Create match_response_schema.rb

* Update nodeinfo_controller_spec.rb

* Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json

* Update match_response_schema.rb

* cleanup

* additionally validate the json schema itself

disable throwing errors

test the schema matcher

* rename nodeinfo schema to nodeinfo_2.0

* use Rails.root.join to construct the path

* prettify json

* sync Gemfile.lock
2022-12-15 15:43:05 +01:00
Claire 762efea31f Add --email and --dry-run options to `tootctl accounts delete` (#22328) 2022-12-15 14:52:50 +01:00
Claire 747da76540 Allow admins to refresh remotely-suspended accounts (#22327)
* Change suspension text to mention that a remotely suspended account is not locally-suspended

* Add ability to refresh profile of remotely suspended accounts
2022-12-15 14:15:50 +01:00
Claire 76d3dc633f Fix wasteful request to /api/v1/custom_emojis when not logged in (#22326) 2022-12-15 14:07:34 +01:00
Evan 2d3b9084db Add command to remove avatar and header images of inactive remote accounts from the local database (#22149)
* Add tootctl subcommand media remove-profile-media

* Trigger workflows

* Correcting external linting

* External linting error

* External linting fix

* Merging with remove command

* Linting

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Remove saving a list of purged accounts

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14 19:50:07 +01:00
dependabot[bot] 10e6493c7c Bump postcss from 8.4.19 to 8.4.20 (#22256)
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.19 to 8.4.20.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.19...8.4.20)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:41:52 +09:00
dependabot[bot] c452585f04 Bump rails-html-sanitizer from 1.4.3 to 1.4.4 (#22279)
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/rails/rails-html-sanitizer/releases)
- [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.4.3...v1.4.4)

---
updated-dependencies:
- dependency-name: rails-html-sanitizer
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:41:34 +09:00
dependabot[bot] d8542c2459 Bump loofah from 2.19.0 to 2.19.1 (#22278)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.19.0 to 2.19.1.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.19.0...v2.19.1)

---
updated-dependencies:
- dependency-name: loofah
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:34:07 +09:00
dependabot[bot] 135882f9f8 Bump public_suffix from 5.0.0 to 5.0.1 (#22259)
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/main/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/v5.0.0...v5.0.1)

---
updated-dependencies:
- dependency-name: public_suffix
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:31:21 +09:00
dependabot[bot] 650ffa8ea6 Bump sass from 1.56.1 to 1.56.2 (#22257)
Bumps [sass](https://github.com/sass/dart-sass) from 1.56.1 to 1.56.2.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.56.1...1.56.2)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:30:26 +09:00
dependabot[bot] 3313d02176 Bump prettier from 2.8.0 to 2.8.1 (#22255)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.0...2.8.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:29:33 +09:00
zunda 65922f50fc Add single splat to callback method definitions to avoid ArgumentError (#22246)
It looks like a [bug](https://bugs.ruby-lang.org/issues/18633) around
autosplat is [fixed](fbaadd1cfe)
on ruby-3.2.0-rc1 and breaks a test (but not on ruby <= 3.1.3):

```
$ bundle exec rspec ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:41
  :
  1) Api::V1::Emails::ConfirmationsController#create with an oauth token from an app that created the account when the account is already confirmed but user changed e-mail and has not confirmed it returns http success
     Failure/Error:
         def email_changed(user, **)
           @resource = user
           @instance = Rails.configuration.x.local_domain

           return unless @resource.active_for_authentication?

           I18n.with_locale(locale) do
             mail to: @resource.email, subject: I18n.t('devise.mailer.email_changed.subject')
           end
         end

     ArgumentError:
       wrong number of arguments (given 2, expected 1)
     # ./app/mailers/user_mailer.rb:51:in `email_changed'
     # ./app/models/user.rb:444:in `render_and_send_devise_message'
     # ./app/models/user.rb:430:in `block in send_pending_devise_notifications'
     # ./app/models/user.rb:429:in `each'
     # ./app/models/user.rb:429:in `send_pending_devise_notifications'
     # ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:38:in `block (7 levels) in <top (required)>'
```
2022-12-13 20:03:16 +01:00
Rin 5015e7cee2 fix missing style in warning and strike cards (#22177) 2022-12-13 20:03:09 +01:00
Claire 053d3ba6ca Fix crash and incorrect behavior in tootctl domains crawl (#19004) 2022-12-13 20:02:32 +01:00
cadars 40bf70b802 Make handle more easily selectable on profile page (#21479)
* Make handle more easily selectable on profile page

* Wrap handle in a span

* Add `user-select: all` to span

* remove whitespace
2022-12-13 19:43:03 +01:00