33ea1c9008
Fix Sidekiq warnings about JSON serialization ( #17381 )
...
* Fix Sidekiq warnings about JSON serialization
This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.
See https://github.com/mperham/sidekiq/pull/5071
We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.
* Set Sidekiq to raise on unsafe arguments in test mode
In order to more easily catch issues that would produce warnings in production
code.
2022-01-28 00:43:56 +01:00
85389ddd45
disable legacy XSS filtering ( #17289 )
...
Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.
2022-01-24 13:14:26 +01:00
e92ac5b769
Fix error-prone SQL queries ( #15828 )
...
* Fix error-prone SQL queries in Account search
While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.
This PR parameterises the `to_tsquery` input to make the query more robust.
* Harden code for Status#tagged_with_all and Status#tagged_with_none
Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.
* Remove unneeded spaces surrounding tsquery term
* Please CodeClimate
* Move advanced_search_for SQL template to its own function
This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.
* Add tests covering tagged_with, tagged_with_all and tagged_with_none
* Rewrite tagged_with_none to avoid multiple joins and make it more robust
* Remove obsolete brakeman warnings
* Revert "Remove unneeded spaces surrounding tsquery term"
The two queries are not strictly equivalent.
This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
2022-01-23 18:10:10 +01:00
06f653972a
Add OMNIAUTH_ONLY environment variable to enforce externa log-in ( #17288 )
...
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes #15959
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
2022-01-23 15:52:58 +01:00
12bb24ea35
Remove support for OAUTH_REDIRECT_AT_SIGN_IN ( #17287 )
...
Fixes #15959
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
2022-01-23 15:50:41 +01:00
68a9057420
Add post edited notice in admin and public UIs ( #17335 )
...
* Add edited toot flag on public pages
* Add toot edit flag to admin pages
2022-01-20 13:37:31 +01:00
06b698a723
Add support for editing for published statuses ( #16697 )
...
* Add support for editing for published statuses
* Fix references to stripped-out code
* Various fixes and improvements
* Further fixes and improvements
* Fix updates being potentially sent to unauthorized recipients
* Various fixes and improvements
* Fix wrong words in test
* Fix notifying accounts that were tagged but were not in the audience
* Fix mistake
2022-01-19 22:37:27 +01:00
2fb76550a9
Add notifications for statuses deleted by moderators ( #17204 )
2022-01-17 09:41:33 +01:00
5aade2baac
Add support for private pinned posts ( #16954 )
...
* Add support for private pinned toots
* Allow local user to pin private toots
* Change wording to avoid "direct message"
2022-01-17 00:49:55 +01:00
7b3972c270
Remove IP tracking columns from users table ( #16409 )
2022-01-16 13:23:50 +01:00
55fe75c5be
Fix SMTP_ENABLE_STARTTLS_AUTO/SMTP_TLS/SMTP_SSL environment variables don't work ( #17216 )
...
#17215
2022-01-13 12:05:22 +01:00
df31a1a8e6
Fix media API limit ( #17272 )
2022-01-10 14:25:24 +01:00
9a8784829f
Fix warnings on Rails boot ( #16946 )
2021-12-27 00:47:20 +01:00
d8da1689c1
Add ability for admins to delete canonical email blocks ( #16644 )
...
* Add admin option to remove canonical email blocks from a deleted account
* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
2021-12-17 23:02:14 +01:00
44c8b6ff2f
Add ability to purge undeliverable domains from admin interface ( #16686 )
...
* Add ability to purge undeliverable domains from admin interface
* Add tests
2021-12-17 23:01:21 +01:00
58178dca25
Fix incorrect singular version of some translation strings ( #17124 )
...
Fixes #17120
Co-authored-by: Mélanie Chauvel <perso@hack-libre.org>
Co-authored-by: Mélanie Chauvel <perso@hack-libre.org>
2021-12-13 18:25:25 +01:00
7bf5924339
Add batch suspend for accounts in admin UI ( #17009 )
2021-12-05 21:48:39 +01:00
8b87566072
Fix ElasticSearch to Elasticsearch ( #17050 )
2021-11-26 08:30:02 +01:00
4375813ea7
Remove Keybase integration ( #17045 )
2021-11-26 05:58:18 +01:00
ad73becf3e
Add trending links ( #16917 )
...
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
2021-11-25 13:07:38 +01:00
869faf5f87
Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) ( #16915 )
...
* Bump chewy from 5.2.0 to 7.2.2
* fix style (codeclimate)
* fix style
* fix style
* Bump chewy from 7.2.2 to 7.2.3
2021-11-18 22:02:08 +01:00
9e122d774d
Fix reviving revoked sessions and invalidating login ( #16943 )
...
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
2021-11-06 00:13:58 +01:00
31fb810ffa
Support authentication for ElasticSearch ( #16890 )
...
* Support authentication for ElasticSearch
* Fix chewy auth settings
2021-10-24 17:20:03 +02:00
c1aea260c7
Add S3_FORCE_SINGLE_REQUEST env var to work around S3 compatibility issues ( #16866 )
...
Fixes #16822
2021-10-18 18:29:04 +02:00
dae4762733
Add remove from followers api ( #16864 )
...
* Add followed_by? to account_interactions
* Add RemoveFromFollowersService
* Fix AccountBatch to use RemoveFromFollowersService
* Add remove from followers API
2021-10-18 12:02:35 +02:00
60bcba779b
New Crowdin updates ( #16354 )
...
* New translations en.json (Latvian)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations devise.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations devise.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations activerecord.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Armenian)
[ci skip]
* New translations en.json (Danish)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Sinhala)
[ci skip]
* New translations en.yml (Sardinian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Spanish, Mexico)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.json (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Bengali)
[ci skip]
* New translations en.yml (Asturian)
[ci skip]
* New translations en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.json (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.json (Sorani (Kurdish))
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Malay)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Tatar)
[ci skip]
* New translations en.yml (Malayalam)
[ci skip]
* New translations en.yml (Sorani (Kurdish))
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* Run `i18n-tasks normalize`
* Run `yarn manage:translations`
* Trim unnecessary line breaks
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-10-17 10:28:51 +09:00
95688e49b7
Allow keeping only 1 boosts/favs on auto deleting posts ( #16653 )
...
* Allow keeping 1 boosts/favs on auto deleting posts
* Fix tests
2021-10-14 21:11:14 +02:00
bdc6438ed8
Default to system ca-certificates.crt if none is specified ( #10857 )
...
Co-Authored-By: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-10-14 21:05:50 +02:00
e4dc1e1d2a
Minor memory optimizations ( #16507 )
...
Reduce constant memory usage by ~100kB and further reduce boot-up memory
allocations and temporary memory use by a further ~200kB.
2021-10-14 21:04:57 +02:00
8f43abd9f4
Add Northern Kurdish locale as requested by translator. It already has a project started on Crowdin. ( #16548 )
2021-10-14 21:02:54 +02:00
cad446611c
Add graphs and retention metrics to admin dashboard ( #16829 )
2021-10-14 20:44:59 +02:00
7d0089033f
Switch from unmaintained paperclip to kt-paperclip ( #16724 )
...
* Switch from unmaintained paperclip to kt-paperclip
* Drop some compatibility monkey-patches not required by kt-paperclip
* Drop media spoof check monkey-patching
It's broken with kt-paperclip and hopefully it won't be needed anymore
* Fix regression introduced by paperclip 6.1.0
* Do not rely on pathname to call FastImage
* Add test for ogg vorbis file with cover art
* Add audio/vorbis to the accepted content-types
This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…
* Restore missing for_as_default method
* Refactor Attachmentable concern and delay Paperclip's content-type spoof check
Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.
* Please CodeClimate
* Add audio/vorbis to the unreliable set
It doesn't correspond to a file format and thus has no extension associated.
2021-09-29 23:52:36 +02:00
9fcf63ec8b
Bump bootsnap from 1.6.0 to 1.8.1 ( #16677 )
...
* Bump bootsnap from 1.6.0 to 1.8.1
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.6.0 to 1.8.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.6.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: bootsnap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Remove deprecated bootsnap config options
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-09-19 14:42:32 +09:00
abc63d5610
Fix some Rails frameworks being unnecessarily loaded ( #16725 )
...
Saves about 10MiB of memory usage at boot
2021-09-13 18:59:56 +02:00
4893216634
Fix suspicious sign-in mail text being out of date ( #16690 )
...
Fixes #16687
2021-09-04 16:44:50 +02:00
96edc26165
Bump jest from 26.6.3 to 27.1.0 ( #16376 )
...
* Bump jest from 26.6.3 to 27.0.4
Bumps [jest](https://github.com/facebook/jest ) from 26.6.3 to 27.0.4.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/compare/v26.6.3...v27.0.4 )
---
updated-dependencies:
- dependency-name: jest
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Set test environment for jest
* Remove unnecessary ext
* Bump jest from 27.0.4 to 27.1.0
* Remove --coverage option
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-08-28 09:58:04 +09:00
8632cc7dc5
New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED ( #16655 )
...
When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.
We need a new environment variable like for SAML to assume the email
from CAS is verified.
* config/initializers/omniauth.rb: define CAS option for assuming
email are always verified.
* .env.nanobox: add new variable as an example.
2021-08-25 18:41:24 +02:00
8965ccd208
Fix “discoverable” account setting being tied to profile directory ( #16637 )
2021-08-20 16:11:58 +02:00
1fcf310c60
Add feature to automatically delete old toots ( #16529 )
...
* Add account statuses cleanup policy model
* Record last inspected toot to delete to speed up successive calls to statuses_to_delete
* Add service to cleanup a given account's statuses within a budget
* Add worker to go through account policies and delete old toots
* Fix last inspected status id logic
All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.
* Add tests
* Refactor scheduler and add tests
* Add user interface
* Add support for discriminating based on boosts/favs
* Add UI support for min_reblogs and min_favs, rework UI
* Address first round of review comments
* Replace Snowflake#id_at_start with with_random parameter
* Add tests
* Add tests for StatusesCleanupController
* Rework settings page
* Adjust load-avoiding mechanisms
* Please CodeClimate
2021-08-09 23:11:50 +02:00
9c1d3086af
Fix inefficiencies in auto-linking code ( #16506 )
...
The auto-linking code basically rewrote the whole string escaping non-ascii
characters in an inefficient way, and building a full character offset map
between the unescaped and escaped texts before sending the contents to
TwitterText's extractor.
Instead of doing that, this commit changes the TwitterText regexps to include
valid IRI characters in addition to valid URI characters.
2021-07-15 15:56:58 +02:00
ab4c1478b6
Change references to tootsuite/mastodon to mastodon/mastodon ( #16491 )
...
* Change references to tootsuite/mastodon to mastodon/mastodon
* Remove obsolete test fixture
* Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG
And a few other places
2021-07-13 15:46:20 +02:00
2bc9e256cc
Add ability to filter reports by origin of target account ( #16487 )
2021-07-11 11:01:38 +02:00
34dd743b58
Add ability to skip sign-in token authentication for specific users ( #16427 )
...
Remove "active within last two weeks" exception for sign in token requirement
Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00
6993e51247
Fix compression-webpack-plugin configuration ( #16356 )
...
compression-webpack-plugin 6.0.0 has changed how filenames were generated,
so from #14892 onward (Mastodon v3.3.0 and later), compressed files were
output to a file named `.gz` instead of the correct filenames.
2021-06-25 04:45:04 +02:00
2067b0bf34
Add authentication history ( #16408 )
2021-06-21 17:07:30 +02:00
d316831495
New Crowdin updates ( #16288 )
...
* New translations en.yml (Galician)
[ci skip]
* New translations activerecord.en.yml (Galician)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations devise.en.yml (Swedish)
[ci skip]
* New translations doorkeeper.en.yml (Swedish)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations activerecord.en.yml (Dutch)
[ci skip]
* New translations doorkeeper.en.yml (Dutch)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Romanian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Telugu)
[ci skip]
* New translations en.yml (Malay)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Croatian)
[ci skip]
* New translations en.yml (Uyghur)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Marathi)
[ci skip]
* New translations en.yml (Bengali)
[ci skip]
* New translations en.yml (Spanish, Mexico)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Sorani (Kurdish))
[ci skip]
* New translations en.yml (Silesian)
[ci skip]
* New translations en.yml (Taigi)
[ci skip]
* New translations en.yml (Ido)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Sanskrit)
[ci skip]
* New translations en.yml (Sardinian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Tatar)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Asturian)
[ci skip]
* New translations en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Kannada)
[ci skip]
* New translations en.yml (Cornish)
[ci skip]
* New translations en.yml (Sinhala)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Malayalam)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Armenian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Bulgarian)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Afrikaans)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Urdu (Pakistan))
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Macedonian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Punjabi)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Standard Moroccan Tamazight)
[ci skip]
* Update source file en.yml
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Lithuanian)
[ci skip]
* New translations en.json (Lithuanian)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Korean)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations devise.en.yml (Chinese Simplified)
[ci skip]
* New translations doorkeeper.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Malayalam)
[ci skip]
* New translations en.json (Malayalam)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.json (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.json (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations activerecord.en.yml (Chinese Traditional)
[ci skip]
* New translations devise.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations doorkeeper.en.yml (Chinese Traditional)
[ci skip]
* New translations devise.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.json (Croatian)
[ci skip]
* New translations en.json (Telugu)
[ci skip]
* New translations en.json (Malay)
[ci skip]
* New translations en.json (Hindi)
[ci skip]
* New translations en.json (Latvian)
[ci skip]
* New translations en.json (Estonian)
[ci skip]
* New translations en.json (Kazakh)
[ci skip]
* New translations en.json (Norwegian Nynorsk)
[ci skip]
* New translations en.json (Marathi)
[ci skip]
* New translations en.json (Esperanto)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Tamil)
[ci skip]
* New translations en.json (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Welsh)
[ci skip]
* New translations en.json (Uyghur)
[ci skip]
* New translations en.json (Urdu (Pakistan))
[ci skip]
* New translations en.json (Sorani (Kurdish))
[ci skip]
* New translations en.json (Silesian)
[ci skip]
* New translations en.json (Taigi)
[ci skip]
* New translations en.json (Ido)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.json (Sanskrit)
[ci skip]
* New translations en.json (Sardinian)
[ci skip]
* New translations en.json (Serbian (Latin))
[ci skip]
* New translations en.json (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.json (Occitan)
[ci skip]
* New translations en.json (Asturian)
[ci skip]
* New translations en.json (Kannada)
[ci skip]
* New translations en.json (Cornish)
[ci skip]
* New translations en.json (Sinhala)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.json (Tatar)
[ci skip]
* New translations en.json (Romanian)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.json (Afrikaans)
[ci skip]
* New translations en.json (Bulgarian)
[ci skip]
* New translations en.json (Serbian (Cyrillic))
[ci skip]
* New translations en.json (Macedonian)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.json (Punjabi)
[ci skip]
* New translations en.json (Norwegian)
[ci skip]
* New translations en.json (Georgian)
[ci skip]
* New translations en.json (Armenian)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.json (Standard Moroccan Tamazight)
[ci skip]
* New translations simple_form.en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Scottish Gaelic)
[ci skip]
* New translations activerecord.en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Scottish Gaelic)
[ci skip]
* New translations simple_form.en.yml (Scottish Gaelic)
[ci skip]
* New translations doorkeeper.en.yml (Scottish Gaelic)
[ci skip]
* New translations en.json (Scottish Gaelic)
[ci skip]
* New translations devise.en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations activerecord.en.yml (Spanish, Argentina)
[ci skip]
* New translations doorkeeper.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-06-02 21:09:18 +02:00
68e12deeb6
Fix some typos and improve some UI text ( #16283 )
...
* Fix typo: similiar → similar
Suggestion of unextro: https://crowdin.com/profile/unextro
* Fix typo: ChromeOS → Chrome OS
Suggestion of unextro: https://crowdin.com/profile/unextro
* Fix typo: Successfully remove → Successfully removed
Suggestion of GunChleoc: https://crowdin.com/profile/gunchleoc
* Fix typo: will now be processed in due time → will be processed
Suggestion of NCAA: https://crowdin.com/profile/ncaa
* Improve UI text: use “waiting period” instead of “cooldown period”
Suggestion of NCAA: https://crowdin.com/profile/ncaa
* Improve UI text: use “for today” instead of “for that day”
Suggestion of NCAA: https://crowdin.com/profile/ncaa
2021-05-24 03:03:01 +02:00
5892f7582d
Fix mailer jobs for deleted notifications erroring out ( #16294 )
...
Fixes an oversight in the Rails 6 migration
2021-05-24 03:02:46 +02:00
0f92d335a2
Add Actions for check i18n ( #16285 )
2021-05-22 15:00:20 +02:00
e549aef205
New Crowdin updates ( #16281 )
...
* New translations en.json (Thai)
[ci skip]
* New translations devise.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations devise.en.yml (Thai)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (Danish)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* Run `i18n-tasks normalize`
* Run `yarn manage:translations`
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-05-22 00:31:33 +09:00
Claire