Commit Graph

14059 Commits (da740ec43c7203490233b1a3b4c53f3bb2617dc5)

Author SHA1 Message Date
Eugen Rochko b945f16ddf Fix trend calculation working on too many items at a time (#25835) 2023-07-08 20:16:48 +02:00
Eugen Rochko 7496c1b655 Change label and design of sensitive and unavailable media in web UI (#25712) 2023-07-08 20:05:33 +02:00
Matt Jankowski b63d71fd48 Remove unused `NotificationMailer#digest` preview (#25719) 2023-07-08 20:04:21 +02:00
Matt Jankowski 6555c33503 Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Renaud Chaput e75e734ac2 Remove unused `missed_update` state (#25832) 2023-07-08 20:02:14 +02:00
Eugen Rochko 703ff75549 Add toast with option to open post after publishing in web UI (#25564) 2023-07-08 20:01:08 +02:00
Eugen Rochko 3df957104a Fix dropdowns being disabled for logged out users in web UI (#25714) 2023-07-08 20:00:52 +02:00
Eugen Rochko 9f5eab728b Fix explore page being inaccessible when opted-out of trends in web UI (#25716) 2023-07-08 20:00:12 +02:00
Eugen Rochko 6894f5c114 Add forwarding of reported replies to servers being replied to (#25341) 2023-07-08 20:00:02 +02:00
Kurtis Rainbolt-Greene a27f2686ca First pass at multi-database for read replica using Rails native adapter (#25693)
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Renaud Chaput 9203ab410c Convert `<DismissableBanner>` to Typescript (#25582) 2023-07-08 11:12:20 +02:00
alfe b5c5e2bf36 Rewrite `<ShortNumber />` as FC and TS (#25492) 2023-07-08 11:11:58 +02:00
fusagiko / takayamaki 4106a801a0 simplify counters (#25541) 2023-07-08 11:11:22 +02:00
Matt Jankowski 3f04f0c37b Regenerate brakeman ignore, pruning warnings (#25749) 2023-07-08 11:07:19 +02:00
Renaud Chaput 7ff696d848 Fix translate button position (#25807) 2023-07-08 00:12:31 +02:00
Claire 784f7fb497 Bump version to v4.1.4 (#25805) 2023-07-07 19:42:03 +02:00
Renaud Chaput 6b6774341d Tag images with the latest tag only when running against the latest stable branch (#25803) 2023-07-07 19:31:55 +02:00
Claire 9a0cbecd67 Fix crash in admin interface when viewing a remote user with verified links (#25796) 2023-07-07 18:10:17 +02:00
Claire d979d9fe49 Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794) 2023-07-07 18:10:00 +02:00
nemobis 86c00c14a5 Fix typo in CHANGELOG.md (#25764) 2023-07-07 14:15:54 +02:00
renovate[bot] 4713b2e0b2 Update dependency sanitize to v6.0.2 [SECURITY] (#25777)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-07 13:35:54 +02:00
Claire 0b9ced4b0c Fix processing of media files with unusual names (#25788) 2023-07-07 13:35:22 +02:00
Claire 8f62bea002 Bump version to v4.1.3 (#25757) 2023-07-06 15:14:42 +02:00
Claire dab0be5aed Merge pull request from GHSA-55j9-c3mp-6fcq 2023-07-06 15:06:49 +02:00
Claire d7ed682130 Merge pull request from GHSA-9pxv-6qvf-pjwc
* Fix timeout handling of outbound HTTP requests

* Use CLOCK_MONOTONIC instead of Time.now
2023-07-06 15:06:23 +02:00
Claire 3445bdfa45 Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire 96dcfa9745 Merge pull request from GHSA-ccm4-vgcc-73hp
* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
2023-07-06 15:03:33 +02:00
Claire 5154acdb9f Add hardened headers to user-uploaded files (#25756) 2023-07-06 14:31:37 +02:00
Eugen Rochko 90911f4396 Add canonical link tags in web UI (#25715) 2023-07-05 11:25:27 +02:00
Eugen Rochko 5b05451744 Add button to see results for polls in web UI (#25726) 2023-07-05 10:32:04 +02:00
Claire cac4f7fdd7 Fix OAuth apps page crashing when listing apps with certain admin API scopes (#25713) 2023-07-04 18:58:23 +02:00
Claire 1aa9197efd Fix re-activated accounts being deleted by AccountDeletionWorker (#25711) 2023-07-04 18:36:24 +02:00
Trevor Wolf b34a0ff011 fix read more button overlapping thread line bug (#25706) 2023-07-04 14:57:46 +02:00
Claire 2c31ac0c39 Fix forgotten unconfirmed_email migration file (#25702) 2023-07-04 11:25:29 +02:00
mogaminsk f3ca8aede9 Fix local live feeds does not expand (#25694) 2023-07-04 00:37:57 +02:00
forsamori 7731fbbba7 Add at-symbol prepended to mention span title (#25684)
Co-authored-by: Sam BC <samuel.balbirnie-cumming@xdesign.com>
2023-07-03 22:58:10 +02:00
Eugen Rochko 80fee1403f Change labels of live feeds tabs in web UI (#25683) 2023-07-03 22:57:18 +02:00
Daniel M Brasil 2b877ad937 Fix `/api/v2/search` not working with following query param (#25681) 2023-07-03 18:06:57 +02:00
Eugen Rochko 12c6337c96 Fix regression of icon button colors in web UI (#25679) 2023-07-03 16:51:04 +02:00
Trevor Wolf 5f31104e1f Change button colors to increase hover/focus contrast and consistency (#25677) 2023-07-03 11:32:31 +02:00
Claire 4885232358 Add users index on unconfirmed_email (#25672) 2023-07-02 19:41:35 +02:00
Claire e052b71f15 Add superapp index on `oauth_applications` (#25670) 2023-07-02 16:56:16 +02:00
Claire fe1735f409 Fix inefficient query when requesting a new confirmation email from a logged-in account (#25669) 2023-07-02 16:08:58 +02:00
Eugen Rochko edb6aab974 Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
mogaminsk ee22b32aef Prevent duplicate concurrent calls of `/api/*/instance` in web UI (#25663) 2023-07-02 11:12:16 +02:00
Eugen Rochko f504aded26 Change dropdown icon above compose form from ellipsis to bars in web UI (#25661) 2023-07-02 10:39:55 +02:00
Matt Jankowski 5cadbaa296 Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Daniel M Brasil 2f17abc686 Fix HTTP 500 in `/api/v1/emails/check_confirmation` (#25595) 2023-07-02 00:05:44 +02:00
Claire 6ca66c8cad Change local and federated timelines to be in a single firehose column (#25641) 2023-07-02 00:05:10 +02:00
Matt Jankowski 8e2e36ba0c Update uri to version 0.12.2 (CVE fix) (#25657) 2023-07-02 00:04:21 +02:00