Commit Graph

2180 Commits (d5d0beb3ce6cae6af97c07b66b1edf9e1e33baa6)

Author SHA1 Message Date
Matt Jankowski 0877f6fda4
Remove redundant `return` in `IntentsController` (#29099) 2024-02-06 12:56:22 +00:00
Matt Jankowski 4cf07ed78c
Add missing action logging to `api/v1/admin/reports#update` (#29044) 2024-02-06 11:34:11 +00:00
Claire ff58ec0103 Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:57:08 +01:00
Claire 1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Claire bf153b384b Merge commit '42ab855b2339c5cea3229c856ab539f883736b12' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/auth/passwords_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
2024-01-27 19:06:41 +01:00
Claire dd7a66949a Fix CSS loading in redirect controller 2024-01-26 21:04:02 +01:00
Claire 5fa2821853 Merge commit '3205a654caf903002c2db872f802a3332201678b' into glitch-soc/merge-upstream 2024-01-26 20:47:20 +01:00
Claire 70de52c297 Merge commit '7a1f087659204e9d0cbba2de37e45b1921cefe20' into glitch-soc/merge-upstream 2024-01-25 19:51:19 +01:00
Matt Jankowski 42ab855b23
Add specs for `Instance` model scopes and add `with_domain_follows` scope (#28767) 2024-01-25 15:28:27 +00:00
Matt Jankowski 17ea22671d
Fix `Style/GuardClause` cop in app/controllers (#28420) 2024-01-25 15:13:41 +00:00
Matt Jankowski 7c9c6c7f80
Fix remaining `Rails/WhereExists` cop violations, regenerate todo (#28892) 2024-01-25 12:37:07 +00:00
Claire c50274a0ac
Fix redirect confirmation for accounts (#28902) 2024-01-25 10:44:25 +00:00
Claire 22cfab0ebf Merge commit '01ce9df88008cee705b7e02a4581802afa07c3df' into glitch-soc/merge-upstream
Conflicts:
- `tsconfig.json`:
  Upstream made style fixes, while glitch-soc had extra options.
  Ported upstream's style fixes.
2024-01-24 20:42:53 +01:00
Eugen Rochko b19ae521b7
Add confirmation when redirecting logged-out requests to permalink (#27792)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 10:49:19 +00:00
Eugen Rochko 5b1eb09d54
Add annual reports for accounts (#28693) 2024-01-24 09:38:10 +00:00
Matt Jankowski c0e8e457ab
Eager loading fixes for `api/` controllers (#28848) 2024-01-23 11:41:54 +00:00
Claire 102eff7c05 Merge commit 'e2d9635074ad33cc8144adc434bcd90faae9c424' into glitch-soc/merge-upstream 2024-01-22 19:19:40 +01:00
Claire 0700eb58bc Merge commit '163db814c2b3cf544b78e427e7f7bbd99b94a025' into glitch-soc/merge-upstream 2024-01-22 19:12:05 +01:00
Claire e2d9635074
Add notification email on invalid second authenticator (#28822) 2024-01-22 13:55:43 +00:00
Matt Jankowski 18004bf227
Add `Account.matches_uri_prefix` scope and use in activitypub/followers_synchronizations controller (#28820) 2024-01-22 13:55:37 +00:00
Matt Jankowski 7ecf7f5403
Move controller->request specs for api/v1/statuses/* (#28818) 2024-01-22 11:58:54 +00:00
Claire 3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00
Matt Jankowski 329911b0a3
Migrate controller->request spec for api/v1/follow* (#28811) 2024-01-19 09:32:41 +00:00
Matt Jankowski 1480573c83
Add `Account.auditable` scope, fix N+1 in admin/action_logs#index (#28812) 2024-01-19 01:39:30 +00:00
Claire 528a8fa495 Merge commit 'f866413e724c2e7f8329fbc6e96f56f0b186c62a' into glitch-soc/merge-upstream 2024-01-18 22:16:16 +01:00
Matt Jankowski 0b853678a4
Add coverage for `api/v1/peers/search` endpoint and extract controller query to Instance scope (#28796) 2024-01-18 15:57:10 +00:00
Claire 278597c161 Merge commit '98b5f85f10a3af50a54fcd79e09fc9fd88f774fa' into glitch-soc/merge-upstream 2024-01-15 20:53:16 +01:00
Claire 2f521bc84a Merge commit 'a2f02a07758c32f0dcc6388b4f30ca5a84e762f3' into glitch-soc/merge-upstream 2024-01-15 20:27:41 +01:00
Claire 1323dfac80 Merge commit 'a90696011e563e62100cba56e2d52f6babbaff00' into glitch-soc/merge-upstream 2024-01-15 19:19:04 +01:00
Claire 98b5f85f10
Rename and refactor `User#confirm!` to `User#mark_email_as_confirmed!` (#28735) 2024-01-15 18:04:58 +00:00
Matt Jankowski e72676e83a
Improve `api/v1/markers#create` performance against simultaneous requests (#28718) 2024-01-15 09:47:25 +00:00
Claire a3b6a85521 Merge commit 'cd37048439f9b324f48e6af1f426a7894c54b4da' into glitch-soc/merge-upstream
Conflicts:
- `.prettierignore`:
  Conflict due to glitch-soc-only files.
  Kept those at the end of the file.
2024-01-13 12:11:29 +01:00
Matt Jankowski 7801db7ba4
Spec coverage for custom css endpoint (#28706) 2024-01-12 09:19:25 +00:00
Matt Jankowski 575ab085be
Disable `Rails/ApplicationController` for `HealthController` (#28705) 2024-01-12 09:08:17 +00:00
Claire 23d8bd8ce1 Merge commit '0a7cff53c2577b3e79599e069eeb344f2613ad8d' into glitch-soc/merge-upstream 2024-01-11 13:24:20 +01:00
Claire 0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire d7e13e2483
Fix potential redirection loop of streaming endpoint (#28665) 2024-01-10 15:05:46 +00:00
Jean Boussier 5a6d533c53
Enable Rails 7.1 Marshalling format (#28609) 2024-01-05 21:57:47 +00:00
Claire 419c659bc4
Add fallback redirection when getting a webfinger query `WEB_DOMAIN@WEB_DOMAIN` (#28592) 2024-01-04 14:14:46 +00:00
Claire dfdadb92e8
Add ability to require approval when users sign up using specific email domains (#28468) 2024-01-04 09:07:05 +00:00
Claire 0b5783f3f1 Merge commit 'f92d8c654df654538096efff05e9b1a989d01490' into glitch-soc/merge-upstream 2024-01-03 20:52:19 +01:00
Matt Jankowski e12d8893f4
Fix intermittent failure from unspecified order in `export_domain_blocks` controller spec (#28562) 2024-01-03 13:06:15 +00:00
Claire 9d9008666b Merge commit '092bb8a27af9ee87ff9ebabaf354477470ea3a94' into glitch-soc/merge-upstream 2024-01-03 12:38:49 +01:00
Claire 092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-03 11:29:26 +00:00
Claire b3542ac57b Merge commit '1184887b012e863fbf44f65ef5c65e0049123c27' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept our README.
2024-01-02 13:35:11 +01:00
Claire 1184887b01
Fix streaming API redirection ignoring the port of `streaming_api_base_url` (#28558) 2024-01-02 12:27:51 +00:00
Claire c5b0e6d5a0 Merge branch 'main' into glitch-soc/merge-upstream 2023-12-28 16:57:10 +01:00
Claire 92aa6e2ec9 Merge commit 'b7bdcd4f395aaa1e85930940975439d10b570f40' into glitch-soc/merge-upstream 2023-12-21 19:42:13 +01:00
Claire 30ee7339d3 Merge commit '7d9b209fe84b00eff348ea9d54905cbfffa79788' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream changed code style change, including on a line modified by glitch-soc.
  Kept glitch-soc's line but with the code style change applied.
2023-12-21 19:31:12 +01:00
Claire 077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
2023-12-20 22:16:50 +01:00
Claire 75580360cd Merge commit '272592d16d40e804ec325ef3b5e6de9bbad5f2dd' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
  `Metrics/AbcSize` cop.
  Glitch-soc has different code and slightly higher `AbcSize` complexity,
  modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
  Upstream changed `account.suspended?` to `account.unavailable?` to prepare
  for delete flags. Glitch-soc has additional local-only conditions.
  Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
  Upstream refactored a bunch of stuff while glitch-soc has more settings.
  Refactored as upstream did while keeping glitch-soc's settings.
2023-12-20 22:05:31 +01:00
Claire 8a5f2442cc Merge commit '0530ce5e9575c09464847412f43852f438b0494e' into glitch-soc/merge-upstream 2023-12-20 21:58:18 +01:00
Claire b8209c3b96 Merge commit '85662a5a57531af5402a6777d0b1089e78c56815' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
  Upstream reworked the CSP, we kept our version for now.
2023-12-20 20:10:45 +01:00
Claire b135b6ba8f Merge commit '8ebc94dd22a18c28c4c9763b909e92e6ba64e242' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/custom_emojis/new.html.haml`:
  Conflict caused by glitch-soc having a different file size limit constant
  name.
  Updated like upstream did while keeping glitch-soc's constant name.
2023-12-19 21:24:01 +01:00
Claire 2e786e13cb Merge commit '973597c6f1e25b16c592e5573304319aeaa375e1' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_pin_validator.rb`:
  Upstream refactored that file, while glitch-soc had configurable limits for
  pinned statuses.
  Updated the code with upstream's refactor, while keeping glitch-soc's
  configurability.
2023-12-19 20:51:37 +01:00
Claire 3ad92e8d0d Merge commit 'bd575a1dd69d87ca0f69873f7badf28d38e8b9ed' into glitch-soc/merge-upstream 2023-12-19 20:17:23 +01:00
Claire cd1e3ac2c7 Merge commit '7e1a77ea51e6dc4aecbf678f8928aa96698fa072' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/timelines/public_controller.rb`:
  Upstream refactored this code, the conflict was because of an extra supported
  parameter, `allow_local_only`.
  Updated the controller to follow upstream's refactor, and moved the extra
  parameter definition accordingly.
2023-12-19 19:51:40 +01:00
Eugen Rochko b5ac61b2c5
Change algorithm of follow recommendations (#28314)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-19 10:59:43 +00:00
Matt Jankowski c28976d89e
Handle negative offset param in `api/v2/search` (#28282) 2023-12-19 10:55:39 +00:00
Claire a111fd7a0b Merge commit 'b2c5b20ef27edd948eca8d6bd2014b7a5efaec11' into glitch-soc/merge-upstream 2023-12-18 20:47:27 +01:00
Claire d6ad9d351e Merge commit 'a36b59be8ad7656b7ceab9751c9ec5b3563e3a30' into glitch-soc/merge-upstream 2023-12-18 19:10:43 +01:00
Claire b474cbbd28 Merge commit '7840c6b75b61e64d89d7fd9f291277fb177e513f' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/accounts/relationships_controller.rb`:
  We differed by listing suspended users when requesting relationships.
  Updated to upstream's code.
2023-12-18 18:40:58 +01:00
Claire 46ddaffd40 Merge commit 'b87bfb8c96c8491f1228e0258d05119f3420db05' into glitch-soc/merge-upstream 2023-12-18 18:34:25 +01:00
Claire 7d9b209fe8
Fix call to inefficient `delete_matched` cache method in domain blocks (#28374) 2023-12-18 16:14:43 +00:00
Matt Jankowski 0e5b8fc46b
Fix `Style/RedundantReturn` cop (#28391) 2023-12-18 09:50:51 +00:00
Claire 4113fbf6e8 Merge commit 'f476d9dab2f5cca6ae44b95961df6b6557d66dab' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream enforced new code style rules, where we had different code.
  Applied the new code style rules.
2023-12-17 23:04:16 +01:00
Claire 1474318691 Merge commit 'a916251d8a8fffcaeb6be80eacf50138a53650dc' into glitch-soc/main
Conflicts:
- `app/models/trends/statuses.rb`:
  Upstream fixed a bug in the trending post condition.
  Glitch-soc's condition is different because we potentially allow CWed content
  to trend.
  Ported upstream's fix while keeping glitch-soc's change.
- `config/initializers/content_security_policy.rb`:
  Kept our version for now, we will switch to upstream later down the road.
2023-12-17 15:32:29 +01:00
Claire 9f92b05bd2 Merge commit '2e6bf60f1549e5c1f1cfea2d614f978bea17b8a2' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated their README but we have a completely different one.
  Kept our version of `README.md`
2023-12-10 18:05:02 +01:00
Claire 73a94c3b3f
Fix self-destruct page not using theme styles (#2490) 2023-12-02 14:54:35 +01:00
Matt Jankowski 3bc437b99a
Fix `Style/RedundantParentheses` cop (#28176) 2023-12-01 16:00:44 +00:00
Matt Jankowski d83d01eb1e
Fix `Lint/RedundantSafeNavigation` cop (#28172) 2023-12-01 15:52:56 +00:00
Claire 963354978a
Add `Account#unavailable?` and `Account#permanently_unavailable?` aliases (#28053) 2023-11-30 15:43:26 +00:00
Matt Jankowski 1f1c75bba5
File cleanup/organization in `controllers/concerns` (#27846) 2023-11-30 14:39:41 +00:00
Matt Jankowski e7c340a634
Spec coverage for missing `q` param and error conditions in `api/v2/search` controller (#27842) 2023-11-30 13:59:46 +00:00
Matt Jankowski bb0efe16e6
Remove `default_scope` from `MediaAttachment` class (#28043) 2023-11-30 13:30:35 +00:00
Matt Jankowski e48ecd2929
Remove `default_scope` from `Admin::ActionLog` (#28026) 2023-11-29 10:39:59 +00:00
Matt Jankowski 291dc04e67
Remove un-needed `action` and `template` options to `render` in controllers (#28022) 2023-11-29 10:38:05 +00:00
Matt Jankowski baf3b71e3b
Extract `path_without_format` private methd in accounts controller (#28091) 2023-11-28 09:17:26 +00:00
Matt Jankowski 9072896ae5
Avoid unnecessary i-var for account rss page url generation (#28092) 2023-11-28 08:19:08 +00:00
Matt Jankowski dfc7154767
Remove unused `cached_filtered_status_page` method from accounts controller (#28090) 2023-11-28 07:43:16 +00:00
Kevin Bongart 7877fcd83c
Deduplicate IDs in relationships and familiar_followers APIs (#27982) 2023-11-23 10:00:09 +00:00
Matt Jankowski 4be12791e6
Remove `default_scope` from `StatusEdit` class (#28042) 2023-11-23 09:26:11 +00:00
Matt Jankowski 9742bccbe7
Add coverage for `api/v2/media` endpoint (#28027) 2023-11-22 15:39:34 +00:00
Matt Jankowski 876f5b1d12
Convert `/instances/*` controller specs to request specs (#27988)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-11-20 11:05:28 +00:00
Matt Jankowski fe58ac8d9f
Improve spec coverage for `api/web/push_subscriptions` controller (#27858)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-11-15 13:14:51 +00:00
Eugen Rochko d67bd44ca1
Add profile setup to onboarding in web UI (#27829) 2023-11-15 11:13:53 +00:00
Matt Jankowski 7e1a77ea51
Add base class for `api/v1/timelines/*` controllers (#27840) 2023-11-14 14:53:31 +00:00
Matt Jankowski d562fb8459
Specs for minimal CSP policy in `Api::` controllers (#27845) 2023-11-14 14:34:30 +00:00
Matt Jankowski 1f8173ac5a
Extract private methods in api/v1/instances/domain_blocks (#27844) 2023-11-14 10:31:59 +00:00
Matt Jankowski 0945e25b8f
Add `Api::V1::Statuses::BaseController` base controller class (#27794) 2023-11-13 14:53:22 +00:00
Claire 07a4059901
Add support for invite codes in the registration API (#27805) 2023-11-13 13:27:00 +00:00
Eugen Rochko 0d14fcebae
Change link previews to keep original URL from the status (#27312) 2023-11-13 09:58:28 +00:00
Matt Jankowski ac69f90098
Add `Api::V1::Instances::BaseController` base controller class (#27797) 2023-11-10 12:46:00 +00:00
Claire c451bbe249
Allow viewing and severing relationships with suspended accounts (#27667) 2023-11-09 14:50:25 +00:00
Matt Jankowski 13c3e59601
Use helper method to build batched status edits in `admin/statuses/show` (#27739) 2023-11-08 13:04:52 +00:00
Matt Jankowski d6f50839e1
Fix `RSpec/SpecFilePathFormat` cops (#27730) 2023-11-06 16:25:40 +00:00
Claire d649bbf28f
Add some more tests and clean up domain block controller (#27469) 2023-10-31 09:40:30 +00:00
Ricardo Trindade 33f8c1c5eb
Remove version check from update cache_concern.rb (#27592) 2023-10-30 14:04:12 +00:00
Matt Jankowski 1f5187e2e2
Misc spec/refactor to user mailer and user mailer spec (#27486) 2023-10-27 09:57:16 +00:00
Claire d2f52f7f64
Fix report processing notice not mentioning the report number when performing a custom action (#27442) 2023-10-26 17:03:31 +00:00
Claire 49b8433c56
Fix confusing screen when visiting a confirmation link for an already-confirmed email (#27368) 2023-10-25 21:33:44 +00:00
Claire e25cc4deb7 Merge commit '379115e601361c2b5da775fbf28b7dff9dc02e71' into glitch-soc/merge-upstream
Conflicts:
- `config/navigation.rb`:
  Conflict due to glitch-soc having extra navigation items for its theming
  system.
  Ported upstream changes.
2023-10-24 19:31:14 +02:00
Claire 57c0de949b Merge commit '8b770ce8110e6cd609a6769c66210d95e291e3e5' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream changed how asset host CSP directives are used, and glitch-soc has
  a pretty different CSP file.
  It may be worth reconsidering the differences between upstream and glitch-soc
  but for now, just port the change.
2023-10-24 19:17:20 +02:00
Claire 379115e601
Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 2023-10-23 15:46:21 +00:00
Claire 99f2534cee
Add support for displaying unknown servers on /admin/instances/:domain (#27150) 2023-10-23 14:27:57 +02:00
Claire 74fd46d3ab Merge commit '9f218c9924b883207a3463a29314c92032cf06df' into glitch-soc/merge-upstream 2023-10-19 19:14:04 +02:00
Emelia Smith 7c3fea7275
Feature: Allow token introspection without read scope (#27142) 2023-10-18 14:10:07 +02:00
Claire 656a41db2a Merge commit '77098c6f1c25958960df98a1510b28352a39704f' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated its README, we have a completely different one.
  Kept ours.
- `app/views/auth/sessions/two_factor.html.haml`:
  Upstream refactored stuff and the conflict is because of glitch-soc's theming
  system.
  Ported upstream changes while accounting for the different theming system.
2023-10-17 20:59:18 +02:00
Matt Jankowski d4c2dca874
Fix haml-lint `InstanceVariables` rule for auth/sessions/two_factor/o… (#27372) 2023-10-12 09:44:20 +02:00
Claire 86c9c5afa0 Merge commit '40ba6e119b7457161fd43b449875d0fb9d473c1a' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/concerns/web_app_controller_concern.rb`:
  Upstream changed the order of Action Controller filters for web app
  controllers.
  Glitch-soc has an extra filter due to its theming system.
  Changed the order accordingly.
- `app/views/settings/preferences/appearance/show.html.haml`:
  Conflict due to an extra newline in glitch-soc.
  Removed that newline and applied upstream's changes.
2023-10-08 17:26:43 +02:00
Claire 702d162998 Merge commit '5393be7a21331c8615ffb79c2271db92f6959458' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/auth/registrations_controller.rb`:
  Not a real conflict. Upstream removed the `set_instance_presenter` private
  method from this class, and glitch-soc has an extra private method right
  besides it for the theming system.
  Removed `set_instance_presenter` as upstream did.
- `app/controllers/auth/sessions_controller.rb`:
  Not a real conflict. Upstream removed the `set_instance_presenter` private
  method from this class, and glitch-soc has an extra private method right
  besides it for the theming system.
  Removed `set_instance_presenter` as upstream did.
2023-10-08 16:48:19 +02:00
Claire 40ba6e119b
Fix Vary headers not being set on some redirects (#27272) 2023-10-05 09:50:08 +02:00
Matt Jankowski 340f1a68be
Simplify instance presenter view access (#26046) 2023-09-28 16:52:37 +02:00
Claire 5ed72f668f Merge commit 'b90383d07388fe8513e59a6deb1a2391146c6561' into glitch-soc/merge-upstream 2023-09-15 21:39:21 +02:00
Claire e193c848fe Merge commit '97e4011c3ce31c6d492d5f103e95a35b6ebdc9bd' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream added some code to add the Identity Provider's sign-in endpoint to
  the `form-action` Content Security Policy directive but our version of the
  file is pretty different.
  Ported the change.
2023-09-15 21:25:05 +02:00
Claire 08b495d95c Merge commit 'b1d89071384ef028c97a3d28cf8cf6bc0ca6c4ce' into glitch-soc/merge-upstream 2023-09-15 21:06:45 +02:00
Claire 3ca94f6d4a Merge commit '93d051e47d27b5bd10be922a81d4d4eb6c306330' into glitch-soc/merge-upstream 2023-09-15 20:21:40 +02:00
Claire e14372c2d1 Merge commit '548c032dbb90ae9c06b05fc05724c49d0b552fd9' into glitch-soc/merge-upstream 2023-09-15 20:08:09 +02:00
Robert R George 20666482ef
Added admin api for managing tags (#26872) 2023-09-13 11:22:53 +02:00
CSDUMMI 9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857) 2023-09-12 13:04:51 +02:00
Claire 33c8708a1a
Change `GET /api/v1/directory` to use database replica rather than primary (#26856) 2023-09-08 17:01:02 +02:00
Claire 09ec9c6aa5
Downgrade signature verification debug logging from `warn` to `debug` (#26812) 2023-09-06 12:17:22 +02:00
Claire 548c032dbb
Improve interaction modal error handling (#26795) 2023-09-05 23:49:48 +02:00
Claire c107512fa6 Merge commit '05093266e6e3c54f9096da9cdcdafdc83703c578' into glitch-soc/merge-upstream 2023-09-02 15:02:29 +02:00
Claire 4ed629cd7e Merge commit 'be991f1d18006a4820c1e9ca6625bf2bd2bfedac' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream added the notion of overriden settings, while we had extra code for
  pseudo-settings (only used to combine flavour and skin in a single select
  field).
  Ported upstream changes.
- `config/i18n-tasks.yml`:
  Upstream added `simple_form.overridden` to `ignore_unused`,
  we had `simple_form.glitch_only`.
  Added `simple_form.glitch_only` as well.
2023-09-02 14:44:47 +02:00
Claire ac2dae0d11 Merge commit '6c4c72497a5722870e4432ef41dd4c9ec36a8928' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-releases.yml`:
  Upstream changed comments close to a line we modified to account for
  different container image repositories.
  Updated the comments as upstream did.
2023-09-02 13:50:16 +02:00
Claire afc3b12217 Merge commit '4ad1c5aa7174e5cef4ba9608a44429916a119bee' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated their README, we have a completely different one.
  Kept ours.
- `config/initializers/content_security_policy.rb`:
  Upstream has updated their development CSPs, while we disable CSPs in
  the development environment.
  Kept our version.
2023-09-02 13:31:15 +02:00
Claire fbbe9f1c12 Merge commit 'a7d96e6affd4a2da65f09f3f4ffa1b9350bb9a42' into glitch-soc/merge-upstream 2023-09-02 12:20:33 +02:00
Claire 6b7c47311d Merge commit '072112867b9a3ec090ad2c92d6363b47b2265d74' into glitch-soc/merge-upstream 2023-09-02 11:41:40 +02:00
Claire 16681e0f20
Add admin notifications for new Mastodon versions (#26582) 2023-09-01 17:47:07 +02:00
Claire 9e26cd5503
Add `authorized_fetch` server setting in addition to env var (#25798) 2023-09-01 15:41:10 +02:00
Daniel M Brasil ccca542db1
Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237) 2023-08-31 13:53:24 +02:00
Claire 25bf640629
Add debug logging on signature verification failure (#26637) 2023-08-29 10:29:07 +02:00
Lukas Martini a7d96e6aff
Improve error messages when DeepL quota is exceeded (#26704) 2023-08-29 09:14:44 +02:00
Claire 88ff45a3b2 Merge commit 'facfec1ba36cee27f232ebff90b990933719235a' into glitch-soc/merge-upstream 2023-08-24 21:03:56 +02:00
Claire fbfc4145fd Merge commit '1cdcd9dc08c91321f80ffe4822f6a3da15abeb2c' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/public.jsx`:
  Upstream updated code that we actually moved to `app/javascript/core/settings.js`.
  Applied the changes there.
2023-08-24 21:01:19 +02:00
jsgoldstein 30c191aaa0
Add new public status index (#26344)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 16:40:04 +02:00
Claire 10404aece8 Merge commit '1cb978bcc3d291a045f367e072ca0af1a1c4dbbc' into glitch-soc/merge-upstream 2023-08-22 18:50:14 +02:00
Claire 2126812f65 Merge commit 'd9c21293aa6e105cedeff6b5e469af40a20909d9' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/preferences/other/show.html.haml`:
  Upstream moved some settings, where glitch-soc has an extra setting.
  Ported upstream changes, moving the same settings as them.
2023-08-22 18:31:28 +02:00
Claire 191d302b7f
Refactor `Api::V1::ProfilesController` into two separate controllers (#26573) 2023-08-21 15:47:09 +02:00
Daniel M Brasil d24a87ce4f
Add ability to delete avatar or header picture via the API (#25124)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-21 08:44:35 +02:00
Claire cc4560d95b
Change “privacy and reach” settings so that unchecking boxes always increase privacy and checking them always increase reach (#26508) 2023-08-17 09:13:26 +02:00
Claire fc5ab2dc83
Add privacy tab in profile settings (#26484)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 18:52:45 +02:00
Claire 6530f9709c Merge commit '121443c0fca383268b8022c048dd137994785aff' into glitch-soc/main
Conflicts:
- `.rubocop_todo.yml`:
  Upstream regenerated this file, glitch-soc had a specific ignore.
2023-08-13 18:47:15 +02:00
Claire ea8802a05a Merge commit '3a4d3e9d4b573c400eec1743471d54cdccae50a5' into glitch-soc/merge-upstream 2023-08-12 09:36:38 +02:00
Claire 44a5f1b64a Merge commit '425d77f8124a50fc033e8fb3bdf7b89a6a25f4fa' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream regenerated this file, glitch-soc had a specific ignore.
- `README.md`:
  Upstream updated its README, but glitch-soc has a completely different one.
  Kept glitch-soc's README
2023-08-11 22:15:41 +02:00
Claire b12d75ef4f
Fix blocking subdomains of an already-blocked domain (#26392) 2023-08-09 09:39:36 +02:00
Claire 8b37dd2c86
Fix Content Security Policy sometimes unnecessarily allowing hCaptcha scripts (#26388) 2023-08-08 15:41:38 +02:00
CSDUMMI 120f5802c0
Add direct link to the Single-Sign On provider if there is only one sign up method available (#26083) 2023-08-03 16:43:15 +02:00
Daniel M Brasil 3a4d3e9d4b
Add `GET /api/v1/instance/languages` to REST API (#24443)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-03 11:25:47 +02:00