kouhai dev
f26d104e75
th: Merge remote-tracking branch 'glitch/main'
...
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/pr/woodpecker Pipeline was successful
Details
fixes: CVE-2023-36459
fixes: CVE-2023-36460
fixes: CVE-2023-36461
fixes: CVE-2023-36462
fixes: GHSA-55j9-c3mp-6fcq
fixes: GHSA-9928-3cp5-93fm
fixes: GHSA-9pxv-6qvf-pjwc
fixes: GHSA-ccm4-vgcc-73hp
2023-07-06 12:12:21 -07:00
Claire
ff7aae3037
Merge branch 'main' into glitch-soc/merge-upstream
2023-07-06 15:16:34 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
5de49e74d4
Merge branch 'main' into glitch-soc/merge-upstream
2023-07-05 12:01:26 +02:00
kouhai dev
961ac9e493
th: merge glitch again (lol)
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2023-07-05 01:14:10 -07:00
kouhai dev
0c68cb08f5
th: add invite limits behind TH_USE_INVITE_QUOTA
...
ci/woodpecker/push/woodpecker Pipeline was successful
Details
TH_USE_INVITE_QUOTA: feature flag
TH_INVITE_MAX_USES: max uses per invite for non-moderators
TH_ACTIVE_INVITE_SLOT_QUOTA: max slots in active invites, including consumed slots
2023-07-05 00:20:28 -07:00
Daniel M Brasil
383c00819c
Fix `/api/v2/search` not working with following query param ( #25681 )
2023-07-03 18:06:57 +02:00
Claire
44e98a2740
Merge branch 'main' into glitch-soc/merge-upstream
2023-07-02 11:49:08 +02:00
Daniel M Brasil
4fe2d7cb59
Fix HTTP 500 in `/api/v1/emails/check_confirmation` ( #25595 )
2023-07-02 00:05:44 +02:00
Matt Jankowski
683ba5ecb1
Fix rails `rewhere` deprecation warning in directories api controller ( #25625 )
2023-07-01 21:48:16 +02:00
Claire
a209d1e683
Fix ResolveURLService not resolving local URLs for remote content ( #25637 )
2023-06-29 14:48:54 +02:00
jsgoldstein
4581a528f7
Change account search to match by text when opted-in ( #25599 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-06-29 13:05:21 +02:00
Claire
80a5c16ae1
Merge branch 'main' into glitch-soc/merge-upstream
2023-06-27 13:15:41 +02:00
Claire
c7c6f02ae6
Fix suspending an already-limited domain ( #25603 )
2023-06-27 12:32:51 +02:00
Claire
178e151019
Merge commit '55e7c08a83547424024bac311d5459cb82cf6dae' into glitch-soc/merge-upstream
...
Conflicts:
- `app/models/user_settings.rb`:
Upstream added a constraint on a setting textually close
to glitch-soc-only settings.
Applied upstream's change.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream added support for the `translate` attribute on a few elements,
where glitch-soc had a different set of allowed elements and attributes.
Extended glitch-soc's allowed attributes with `translate` as upstream did.
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored to use RSpec's `instance_double` instead of `double`,
but glitch-soc had changes to tests due to configurable max toot chars.
Applied upstream's changes while keeping tests against configurable max
toot chars.
2023-06-25 14:27:38 +02:00
Claire
a5b6f6da80
Change /api/v1/statuses/:id/history to always return at least one item ( #25510 )
2023-06-22 14:56:14 +02:00
Matt Jankowski
05f9e39b32
Fix `RSpec/VerifiedDoubles` cop ( #25469 )
2023-06-22 14:55:22 +02:00
Matt Jankowski
38433ccd0b
Reduce `Admin::Reports::Actions` spec db activity ( #25465 )
2023-06-22 14:53:13 +02:00
Claire
602c458ab6
Add finer permission requirements for managing webhooks ( #25463 )
2023-06-22 14:52:25 +02:00
Matt Jankowski
63d15d5330
Speed-up on `StatusesController` spec ( #25549 )
2023-06-22 14:51:53 +02:00
Matt Jankowski
0b39b9abee
Speed-up on `BackupService` spec ( #25527 )
2023-06-22 11:53:28 +02:00
Daniel M Brasil
6ac271c2a0
Migrate to request specs in `/api/v1/suggestions` ( #25540 )
2023-06-22 11:49:35 +02:00
Claire
37a9c2258a
Add per-test timeouts to AutoStatusesCleanupScheduler tests ( #24841 )
2023-06-20 18:54:05 +02:00
Claire
ebfeaebedb
Fix /api/v1/conversations sometimes returning empty accounts ( #25499 )
2023-06-20 18:32:26 +02:00
Daniel M Brasil
e53eb38a8d
Migrate to request specs in `/api/v1/admin/account_actions` ( #25514 )
2023-06-20 18:16:48 +02:00
Claire
fd23f50243
Fix wrong view being displayed when a webhook fails validation ( #25464 )
2023-06-20 18:15:35 +02:00
Claire
c78280a8ce
Add translate="no" to outgoing mentions and links ( #25524 )
2023-06-20 18:10:19 +02:00
Plastikmensch
eba3411bfa
Re-allow title attribute in <abbr> ( #2254 )
...
* Re-allow title attribute in <abbr>
This was accidentally removed in 7623e18124
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
* Add test
Add a new test to check that title attribute on <abbr> is kept.
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
---------
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
2023-06-19 18:01:35 +02:00
Claire
dd07393e75
Fix user settings not getting validated ( #25508 )
2023-06-19 14:06:06 +01:00
Matt Jankowski
e1c9d52e91
Reduce `sleep` time in request pool spec ( #25470 )
2023-06-19 13:48:25 +02:00
Matt Jankowski
3a65fb044f
Add coverage for `UserMailer` methods ( #25484 )
2023-06-19 09:50:35 +02:00
Matt Jankowski
e835198b26
Combine assertions in api/v1/notifications spec ( #25486 )
2023-06-19 09:05:42 +02:00
Daniel M Brasil
b9bc9d0bda
Fix incorrect pagination headers in `/api/v2/admin/accounts` ( #25477 )
2023-06-19 08:53:05 +02:00
Daniel M Brasil
0a0a1f1495
Migrate to request specs in `/api/v1/tags` ( #25439 )
2023-06-19 08:51:40 +02:00
Claire
e5978184a6
Fix glitch-soc-only test being broken by refactor of the surrounding tests
2023-06-18 13:59:47 +02:00
Claire
6c99479ef4
Merge commit '9e245d147bcb2c72cc552ff8c276a1c34e2f686d' into glitch-soc/merge-upstream
...
Conflicts:
- `app/views/settings/profiles/show.html.haml`:
Upstream redesigned the settings page, where glitch-soc had changes because of
the ability to set some custom limits.
Went with upstream's design while keeping our custom limits.
- `yarn.lock`:
Upstream updated dependencies textually close to a glitch-soc-only dependency.
Updated the dependnencies as well.
2023-06-18 13:41:33 +02:00
Claire
65cbcce997
Merge commit '39110d1d0af5e3d9cf452ae47496a52797249fd0' into glitch-soc/merge-upstream
2023-06-18 10:36:14 +02:00
Matt Jankowski
b276b3bb83
Remove Ruby GC config from spec helper ( #25455 )
2023-06-15 22:14:46 +01:00
Daniel M Brasil
b10c05e702
Migrate to request specs in `/api/v1/lists` ( #25443 )
2023-06-15 10:19:51 +02:00
Matt Jankowski
4c5aa0e470
Update rubocop-rspec to version 2.22.0, fix `RSpec/IndexedLet` cop ( #24698 )
2023-06-14 16:44:37 +02:00
Daniel M Brasil
24015ef0cc
Migrate to request specs in `/api/v1/domain_blocks` ( #25414 )
2023-06-14 16:08:53 +02:00
Daniel M Brasil
87aff5aad8
Migrate to request specs in `/api/v1/follow_requests` ( #25411 )
2023-06-14 15:43:50 +02:00
Daniel M Brasil
d9c6f70cc6
Fix `ArgumentError` in `/api/v1/admin/accounts/:id/action` ( #25386 )
2023-06-14 15:21:36 +02:00
Matt Jankowski
ae9f5379d1
Reduce factory data created in spec/models/trends/statuses spec ( #25410 )
2023-06-14 09:57:06 +02:00
Matt Jankowski
31d5bc89d1
Speed improvement for `AccountsStatusesCleanupScheduler` spec ( #25406 )
2023-06-14 09:56:11 +02:00
Daniel M Brasil
a5b62e56d0
Migrate to request specs in `/api/v1/apps/verify_credentials` ( #25404 )
2023-06-14 09:48:57 +02:00
Daniel M Brasil
a6407aa662
Migrate to request specs in `/api/v1/apps` ( #25401 )
2023-06-14 09:48:48 +02:00
Matt Jankowski
4c5f62de99
Extract shared examples from api specs ( #25387 )
2023-06-14 09:34:01 +02:00
Claire
ec59166844
Fix ArgumentError when loading newer Private Mentions ( #25399 )
2023-06-14 08:54:52 +02:00
Matt Jankowski
10746af82f
Remove unused shared examples for scoped settings ( #25389 )
2023-06-13 14:59:04 +02:00