Commit Graph

9497 Commits (dc2ea5223b17baf8363c42aa4e0a38ab6866d895)

Author SHA1 Message Date
dependabot[bot] 249ed885bf Bump brakeman from 4.8.2 to 4.9.0 (#14540)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.8.2 to 4.9.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.8.2...v4.9.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-17 02:17:00 +09:00
dependabot[bot] 63fc960206 Bump concurrent-ruby from 1.1.6 to 1.1.7 (#14539)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.6...v1.1.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-17 02:16:12 +09:00
dependabot[bot] b3e9b0bb25 Bump @babel/core from 7.10.5 to 7.11.1 (#14554)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.10.5 to 7.11.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.11.1/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-17 02:08:26 +09:00
ThibG 6436b1f77b Remove dependency on unused and unmaintained http_parser.rb gem (#14574)
It seems that years ago, the “http” gem dependend on the “http_parser.rb” gem
(it now depends on the “http-parser” gem), and, still years ago, we pulled
it from git in order to benefit from a bugfix that wasn't released yet (#7467).
2020-08-14 18:04:00 +02:00
ThibG 191fc742e9 Fix hardcoded non-breaking space in public view (#14568) 2020-08-13 12:04:28 +02:00
Eugen Rochko 0043da909b Fix destructuring error when unsubscribing without subscribing (#14566) 2020-08-12 15:36:07 +02:00
ThibG 8baad22f68 Improve email address validation (#14565)
* Increase DNS timeout from 1 second to 5 seconds for MX check

1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.

* Add more precise error messages for invalid e-mail addresses
2020-08-12 12:40:25 +02:00
ThibG ef710bbff6 Add client-side validation in password change forms (#14564)
* Fix client-side username validation at registration

It used the Account::USERNAME_RE regexp which is for *remote* users,
local user validation is stricter. Also take into account max username length.

* Add client-side form validation for password change

* Add client-side form validation to dedicated registration form

Previous changes only applied to the /about page, not the dedicated form on
/auth
2020-08-12 12:11:15 +02:00
ThibG 22aba16386 Add HTML form validation for the registration form (#14560)
* Add HTML-level validation of username in sign-up form

* Make required fields with incorrect values more visible

* Enable HTML form validation for the registration form

* Mark agreement checkbox as required client-side

* Add minimum length to password

* Add client-side password confirmation validation
2020-08-11 23:09:13 +02:00
Eugen Rochko 3d32dacbcb Add support for managing multiple stream subscriptions in a single connection (#14524) 2020-08-11 18:24:59 +02:00
ThibG ccb975df83 Fix `tootctl media` commands not handling snowflake ids for media_attachments (#14536) 2020-08-10 01:51:06 +02:00
niwatori24 ba50bc2427 Use default :edit routing (#14535) 2020-08-10 01:50:43 +02:00
niwatori24 65c9d28fa1 Cache result of SQL (#14534) 2020-08-09 15:23:42 +02:00
ThibG 09b322872a Fix crash when failing to load emoji picker (#14525)
Fixes #14523
2020-08-08 17:57:56 +02:00
abcang 739ea05d30 Fix eslint error (#14521) 2020-08-07 10:40:33 +02:00
dependabot[bot] 6b527f042f Bump node-notifier from 7.0.1 to 7.0.2 (#14499)
Bumps [node-notifier](https://github.com/mikaelbr/node-notifier) from 7.0.1 to 7.0.2.
- [Release notes](https://github.com/mikaelbr/node-notifier/releases)
- [Changelog](https://github.com/mikaelbr/node-notifier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mikaelbr/node-notifier/compare/v7.0.1...v7.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:41:07 +09:00
dependabot[bot] 8c3a2a828e Bump minipass-pipeline from 1.2.3 to 1.2.4 (#14504)
Bumps minipass-pipeline from 1.2.3 to 1.2.4.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:39:58 +09:00
dependabot[bot] 60d9c8a475 Bump @testing-library/jest-dom from 5.11.0 to 5.11.2 (#14497)
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.11.0 to 5.11.2.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/master/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.11.0...v5.11.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:39:32 +09:00
dependabot[bot] a3cb54bd91 Bump dom-accessibility-api from 0.4.6 to 0.4.7 (#14496)
Bumps [dom-accessibility-api](https://github.com/eps1lon/dom-accessibility-api) from 0.4.6 to 0.4.7.
- [Release notes](https://github.com/eps1lon/dom-accessibility-api/releases)
- [Changelog](https://github.com/eps1lon/dom-accessibility-api/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eps1lon/dom-accessibility-api/compare/v0.4.6...v0.4.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:38:46 +09:00
dependabot[bot] f26e8cbf30 Bump postcss-modules-local-by-default from 3.0.2 to 3.0.3 (#14505)
Bumps [postcss-modules-local-by-default](https://github.com/css-modules/postcss-modules-local-by-default) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/css-modules/postcss-modules-local-by-default/releases)
- [Changelog](https://github.com/css-modules/postcss-modules-local-by-default/blob/master/CHANGELOG.md)
- [Commits](https://github.com/css-modules/postcss-modules-local-by-default/compare/v3.0.2...v3.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:37:50 +09:00
dependabot[bot] 0ebfd66d2c Bump jest from 26.0.1 to 26.2.2 (#14495)
Bumps [jest](https://github.com/facebook/jest) from 26.0.1 to 26.2.2.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/compare/v26.0.1...v26.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:36:47 +09:00
dependabot[bot] 07514f12aa Bump csstype from 2.6.10 to 2.6.13 (#14503)
Bumps [csstype](https://github.com/frenic/csstype) from 2.6.10 to 2.6.13.
- [Release notes](https://github.com/frenic/csstype/releases)
- [Commits](https://github.com/frenic/csstype/compare/v2.6.10...v2.6.13)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:36:07 +09:00
dependabot[bot] 6d56f07ac4 Bump excon from 0.75.0 to 0.76.0 (#14490)
Bumps [excon](https://github.com/excon/excon) from 0.75.0 to 0.76.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.75.0...v0.76.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:35:32 +09:00
dependabot[bot] 6636adc0e9 Bump eslint from 7.5.0 to 7.6.0 (#14508)
Bumps [eslint](https://github.com/eslint/eslint) from 7.5.0 to 7.6.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.5.0...v7.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:34:48 +09:00
dependabot[bot] ea9dfd4220 Bump pghero from 2.6.0 to 2.7.0 (#14518)
Bumps [pghero](https://github.com/ankane/pghero) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.6.0...v2.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:34:12 +09:00
ThibG ed22b53180 Fallback to previous, more approximative hashtag RE on older browsers (#14513)
Fixes #14511
2020-08-05 22:39:14 +02:00
dependabot[bot] 1bedaf49a8 Bump rubocop-ast from 0.2.0 to 0.3.0 (#14498)
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v0.2.0...v0.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-05 05:31:57 +09:00
dependabot[bot] 508623bd64 Bump elasticsearch from 7.8.0 to 7.8.1 (#14501)
Bumps [elasticsearch](https://github.com/elastic/elasticsearch-ruby) from 7.8.0 to 7.8.1.
- [Release notes](https://github.com/elastic/elasticsearch-ruby/releases)
- [Changelog](https://github.com/elastic/elasticsearch-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/elastic/elasticsearch-ruby/compare/v7.8.0...v7.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-05 05:30:54 +09:00
dependabot[bot] 7a82d872ff Bump expect from 26.1.0 to 26.2.0 (#14507)
Bumps [expect](https://github.com/facebook/jest/tree/HEAD/packages/expect) from 26.1.0 to 26.2.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v26.2.0/packages/expect)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-05 05:30:03 +09:00
dependabot[bot] 7adac64445 Bump @babel/preset-env from 7.10.4 to 7.11.0 (#14502)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.10.4 to 7.11.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.11.0/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-05 05:28:07 +09:00
dependabot[bot] 06585a7a38 Bump aws-partitions from 1.345.0 to 1.349.0 (#14489)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.345.0 to 1.349.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-05 05:24:03 +09:00
ThibG be88d4f851 Fix audio/video player not using CDN_HOST in media paths on public pages (#14486) 2020-08-02 19:03:10 +02:00
ThibG 20d6fb7f1b Fix thumbnail color extraction (#14464)
* Fix contrast calculation for thumbnail color extraction

Luminance calculation was using 0-255 RGB values instead of 0-1 sRGB values,
leading to incorrectly-computed contrast values.

Since we use ColorDiff already, just use its XYZ colorspace conversion code
to get the value.

* Require at least 3:1 contrast for both accent and foreground colors

* Lower required contrast for the accent color
2020-08-02 18:47:44 +02:00
ThibG 62324e9870 Fix audio player on Safari (#14485) 2020-08-02 18:47:09 +02:00
ThibG bc1d925629 Fix disabled boost icon being replaced by private boost icon on hover (#14456)
Fixes #14455
2020-08-02 11:21:28 +02:00
ThibG 0dd641dcea Change content-type to be always computed from file data (#14452)
* Change content-type to be always computed from file data

Restore previous behavior, detecting the content-type isn't very
expensive, and some instances may serve files as application/octet-stream
regardless of their true type, making fetching media from them fail, while
it used to work pre-3.2.0.

* Add test
2020-08-02 11:21:10 +02:00
Alex Dunn 6c46d45ee5 helm: bump default image tag to v3.2.0 (#14476) 2020-08-02 11:20:31 +02:00
ThibG 1f34bd4ff7 Fix new audio player features not working on Safari (#14465)
Fixes #14462
2020-08-02 11:20:17 +02:00
ThibG 9a709d63c2 Fix wrong proptypes for onEditAccountNote (#14481)
Also add missing PropTypes to the correct component

Fixes #14478
2020-08-02 11:20:02 +02:00
kedama a903875e3c Fix the hashtag judgment of the compose form to be the same as the server side (#14484) 2020-08-02 11:19:43 +02:00
ThibG d6f2d1d3f2 Fix handling of Reject Follow when a matching follow relationship exists (#14479)
* Add tests

* Fix handling of Reject Follow when a matching follow relationship exists

Regression from #12199
2020-08-01 18:20:37 +02:00
dependabot[bot] 565a0c571e Bump eslint from 6.8.0 to 7.5.0 (#14454)
* Bump eslint from 6.8.0 to 7.5.0

Bumps [eslint](https://github.com/eslint/eslint) from 6.8.0 to 7.5.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v6.8.0...v7.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix .codeclimate.yml

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-07-29 04:52:35 +09:00
dependabot[bot] 5f1cafd4cc Bump strong_migrations from 0.6.8 to 0.7.1 (#14463)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.6.8 to 0.7.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.6.8...v0.7.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 02:18:59 +09:00
dependabot[bot] ad04183b21 Bump posix-spawn from 58465d2e213991f8afb13b984854a49fcdcc980c to 0.3.15 (#14433)
Bumps [posix-spawn](https://github.com/rtomayko/posix-spawn) from 58465d2e213991f8afb13b984854a49fcdcc980c to 0.3.15. This release includes the previously tagged commit.
- [Release notes](https://github.com/rtomayko/posix-spawn/releases)
- [Commits](58465d2e21...v0.3.15)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:59:29 +09:00
dependabot[bot] 8f8b06d997 Bump sidekiq from 6.1.0 to 6.1.1 (#14427)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.0...v6.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:54:00 +09:00
dependabot[bot] 8151e26deb Bump browserslist from 4.12.0 to 4.13.0 (#14409)
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.12.0 to 4.13.0.
- [Release notes](https://github.com/browserslist/browserslist/releases)
- [Changelog](https://github.com/browserslist/browserslist/blob/master/CHANGELOG.md)
- [Commits](https://github.com/browserslist/browserslist/compare/4.12.0...4.13.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:51:49 +09:00
dependabot[bot] 5d3543b73d Bump tty-prompt from 0.21.0 to 0.22.0 (#14430)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.21.0 to 0.22.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.21.0...v0.22.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:51:15 +09:00
dependabot[bot] 91ef72990d Bump webpack from 4.43.0 to 4.44.0 (#14435)
Bumps [webpack](https://github.com/webpack/webpack) from 4.43.0 to 4.44.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.43.0...v4.44.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:50:24 +09:00
dependabot[bot] dc8cabd5ac Bump @babel/core from 7.10.3 to 7.10.5 (#14334)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.10.3 to 7.10.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.10.5/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 13:43:18 +09:00
dependabot[bot] fb08a6342a Bump capistrano-rails from 1.5.0 to 1.6.1 (#14415)
Bumps [capistrano-rails](https://github.com/capistrano/rails) from 1.5.0 to 1.6.1.
- [Release notes](https://github.com/capistrano/rails/releases)
- [Commits](https://github.com/capistrano/rails/compare/v1.5.0...v1.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 12:24:53 +09:00