Merge remote-tracking branch 'glitch/main'

main
Skye 2 years ago
commit b741837ef2
Signed by: me
GPG Key ID: 0104BC05F41B77B8

@ -0,0 +1,3 @@
---
ignore:
- CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications

@ -46,7 +46,7 @@ commands:
name: Set bundler settings name: Set bundler settings
- ruby/install-deps: - ruby/install-deps:
bundler-version: '2.3.26' bundler-version: '2.3.26'
key: ruby<< parameters.ruby-version >>-gems-v1 key: ruby<< parameters.ruby-version >>-gems-v2
wait-db: wait-db:
steps: steps:
- run: - run:
@ -56,14 +56,14 @@ commands:
jobs: jobs:
build: build:
docker: docker:
- image: cimg/ruby:3.0-node - image: cimg/ruby:3.2-node
environment: environment:
RAILS_ENV: test RAILS_ENV: test
steps: steps:
- checkout - checkout
- install-system-dependencies - install-system-dependencies
- install-ruby-dependencies: - install-ruby-dependencies:
ruby-version: '3.0' ruby-version: '3.2'
- node/install-packages: - node/install-packages:
cache-version: v1 cache-version: v1
pkg-manager: yarn pkg-manager: yarn
@ -95,7 +95,7 @@ jobs:
- checkout - checkout
- install-system-dependencies - install-system-dependencies
- run: - run:
command: sudo apt-get install -y ffmpeg imagemagick libpam-dev command: sudo apt-get install -y ffmpeg imagemagick libmagickcore-dev libmagickwand-dev libjpeg-dev libpng-dev libtiff-dev libwebp-dev libpam-dev
name: Install additional system dependencies name: Install additional system dependencies
- run: - run:
command: bundle config with 'pam_authentication' command: bundle config with 'pam_authentication'
@ -110,91 +110,6 @@ jobs:
name: Load database schema name: Load database schema
- ruby/rspec-test - ruby/rspec-test
test-migrations:
executor:
name: default
ruby-version: '3.0'
steps:
- checkout
- install-system-dependencies
- install-ruby-dependencies:
ruby-version: '3.0'
- wait-db
- run:
command: ./bin/rails db:create
name: Create database
- run:
command: ./bin/rails db:migrate VERSION=20171010025614
name: Run migrations up to v2.0.0
- run:
command: ./bin/rails tests:migrations:populate_v2
name: Populate database with test data
- run:
command: ./bin/rails db:migrate VERSION=20180514140000
name: Run migrations up to v2.4.0
- run:
command: ./bin/rails tests:migrations:populate_v2_4
name: Populate database with test data
- run:
command: ./bin/rails db:migrate VERSION=20180707154237
name: Run migrations up to v2.4.3
- run:
command: ./bin/rails tests:migrations:populate_v2_4_3
name: Populate database with test data
- run:
command: ./bin/rails db:migrate
name: Run all remaining migrations
- run:
command: ./bin/rails tests:migrations:check_database
name: Check migration result
test-two-step-migrations:
executor:
name: default
ruby-version: '3.0'
steps:
- checkout
- install-system-dependencies
- install-ruby-dependencies:
ruby-version: '3.0'
- wait-db
- run:
command: ./bin/rails db:create
name: Create database
- run:
command: ./bin/rails db:migrate VERSION=20171010025614
name: Run migrations up to v2.0.0
- run:
command: ./bin/rails tests:migrations:populate_v2
name: Populate database with test data
- run:
command: ./bin/rails db:migrate VERSION=20180514140000
name: Run pre-deployment migrations up to v2.4.0
environment:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- run:
command: ./bin/rails tests:migrations:populate_v2_4
name: Populate database with test data
- run:
command: ./bin/rails db:migrate VERSION=20180707154237
name: Run migrations up to v2.4.3
environment:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- run:
command: ./bin/rails tests:migrations:populate_v2_4_3
name: Populate database with test data
- run:
command: ./bin/rails db:migrate
name: Run all remaining pre-deployment migrations
environment:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- run:
command: ./bin/rails db:migrate
name: Run all post-deployment migrations
- run:
command: ./bin/rails tests:migrations:check_database
name: Check migration result
workflows: workflows:
version: 2 version: 2
build-and-test: build-and-test:
@ -206,20 +121,8 @@ workflows:
ruby-version: ruby-version:
- '2.7' - '2.7'
- '3.0' - '3.0'
- '3.1'
- '3.2'
name: test-ruby<< matrix.ruby-version >> name: test-ruby<< matrix.ruby-version >>
requires: requires:
- build - build
- test-migrations:
requires:
- build
- test-two-step-migrations:
requires:
- build
- node/run:
cache-version: v1
name: test-webui
pkg-manager: yarn
requires:
- build
version: '16.18'
yarn-run: test:jest

@ -24,7 +24,7 @@ plugins:
brakeman: brakeman:
enabled: true enabled: true
bundler-audit: bundler-audit:
enabled: true enabled: false
eslint: eslint:
enabled: false enabled: false
rubocop: rubocop:

@ -4,16 +4,22 @@
"service": "app", "service": "app",
"workspaceFolder": "/mastodon", "workspaceFolder": "/mastodon",
// Set *default* container specific settings.json values on container create. // Configure tool-specific properties.
"settings": {}, "customizations": {
// Configure properties specific to VS Code.
"vscode": {
// Set *default* container specific settings.json values on container create.
"settings": {},
// Add the IDs of extensions you want installed when the container is created. // Add the IDs of extensions you want installed when the container is created.
"extensions": [ "extensions": [
"EditorConfig.EditorConfig", "EditorConfig.EditorConfig",
"dbaeumer.vscode-eslint", "dbaeumer.vscode-eslint",
"rebornix.Ruby", "rebornix.Ruby",
"webben.browserslist" "webben.browserslist"
], ]
}
},
"features": { "features": {
"ghcr.io/devcontainers/features/sshd:1": { "ghcr.io/devcontainers/features/sshd:1": {

@ -10,3 +10,4 @@ insert_final_newline = true
charset = utf-8 charset = utf-8
indent_style = space indent_style = space
indent_size = 2 indent_size = 2
trim_trailing_whitespace = true

@ -5,6 +5,8 @@ module.exports = {
'eslint:recommended', 'eslint:recommended',
'plugin:react/recommended', 'plugin:react/recommended',
'plugin:jsx-a11y/recommended', 'plugin:jsx-a11y/recommended',
'plugin:import/recommended',
'plugin:promise/recommended',
], ],
env: { env: {
@ -41,7 +43,7 @@ module.exports = {
version: 'detect', version: 'detect',
}, },
'import/extensions': [ 'import/extensions': [
'.js', '.js', '.jsx',
], ],
'import/ignore': [ 'import/ignore': [
'node_modules', 'node_modules',
@ -50,6 +52,7 @@ module.exports = {
'import/resolver': { 'import/resolver': {
node: { node: {
paths: ['app/javascript'], paths: ['app/javascript'],
extensions: ['.js', '.jsx'],
}, },
}, },
}, },
@ -98,7 +101,6 @@ module.exports = {
ignoreRestSiblings: true, ignoreRestSiblings: true,
}, },
], ],
'no-useless-escape': 'off',
'object-curly-spacing': ['error', 'always'], 'object-curly-spacing': ['error', 'always'],
'padded-blocks': [ 'padded-blocks': [
'error', 'error',
@ -110,6 +112,7 @@ module.exports = {
semi: 'error', semi: 'error',
'valid-typeof': 'error', 'valid-typeof': 'error',
'react/jsx-filename-extension': ['error', { 'allow': 'as-needed' }],
'react/jsx-boolean-value': 'error', 'react/jsx-boolean-value': 'error',
'react/jsx-closing-bracket-location': ['error', 'line-aligned'], 'react/jsx-closing-bracket-location': ['error', 'line-aligned'],
'react/jsx-curly-spacing': 'error', 'react/jsx-curly-spacing': 'error',
@ -178,11 +181,13 @@ module.exports = {
}, },
], ],
// See https://github.com/import-js/eslint-plugin-import/blob/main/config/recommended.js
'import/extensions': [ 'import/extensions': [
'error', 'error',
'always', 'always',
{ {
js: 'never', js: 'never',
jsx: 'never',
}, },
], ],
'import/newline-after-import': 'error', 'import/newline-after-import': 'error',
@ -196,14 +201,17 @@ module.exports = {
], ],
}, },
], ],
'import/no-unresolved': 'error',
'import/no-webpack-loader-syntax': 'error', 'import/no-webpack-loader-syntax': 'error',
'promise/always-return': 'off',
'promise/catch-or-return': [ 'promise/catch-or-return': [
'error', 'error',
{ {
allowFinally: true, allowFinally: true,
}, },
], ],
'promise/no-callback-in-promise': 'off',
'promise/no-nesting': 'off',
'promise/no-promise-in-callback': 'off',
}, },
}; };

@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
concurrency: concurrency:
group: ${{ github.ref }} group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true cancel-in-progress: true
steps: steps:

@ -14,24 +14,35 @@ permissions:
jobs: jobs:
check-i18n: check-i18n:
runs-on: ubuntu-latest runs-on: ubuntu-22.04
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Install system dependencies - name: Install system dependencies
run: | run: |
sudo apt-get update sudo apt-get update
sudo apt-get install -y libicu-dev libidn11-dev sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up Ruby - name: Set up Ruby
uses: ruby/setup-ruby@v1 uses: ruby/setup-ruby@v1
with: with:
ruby-version: .ruby-version ruby-version: .ruby-version
bundler-cache: true bundler-cache: true
- name: Check locale file normalization - name: Check locale file normalization
run: bundle exec i18n-tasks check-normalized run: bundle exec i18n-tasks check-normalized
- name: Check for unused strings - name: Check for unused strings
run: bundle exec i18n-tasks unused run: bundle exec i18n-tasks unused
- name: Check for missing strings in English
run: |
bundle exec i18n-tasks add-missing -l en
git diff --exit-code
- name: Check for wrong string interpolations - name: Check for wrong string interpolations
run: bundle exec i18n-tasks check-consistent-interpolations run: bundle exec i18n-tasks check-consistent-interpolations
- name: Check that all required locale files exist - name: Check that all required locale files exist
run: bundle exec rake repo:check_locales_files run: bundle exec rake repo:check_locales_files

@ -6,6 +6,7 @@ on:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- 'stylelint.config.js' - 'stylelint.config.js'
- '**/*.css' - '**/*.css'
@ -17,6 +18,7 @@ on:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- 'stylelint.config.js' - 'stylelint.config.js'
- '**/*.css' - '**/*.css'
@ -36,6 +38,7 @@ jobs:
uses: actions/setup-node@v3 uses: actions/setup-node@v3
with: with:
cache: yarn cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages - name: Install all yarn packages
run: yarn --frozen-lockfile run: yarn --frozen-lockfile

@ -6,18 +6,22 @@ on:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- '.eslint*' - '.eslint*'
- '**/*.js' - '**/*.js'
- '**/*.jsx'
- '.github/workflows/lint-js.yml' - '.github/workflows/lint-js.yml'
pull_request: pull_request:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- '.eslint*' - '.eslint*'
- '**/*.js' - '**/*.js'
- '**/*.jsx'
- '.github/workflows/lint-js.yml' - '.github/workflows/lint-js.yml'
jobs: jobs:
@ -32,6 +36,7 @@ jobs:
uses: actions/setup-node@v3 uses: actions/setup-node@v3
with: with:
cache: yarn cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages - name: Install all yarn packages
run: yarn --frozen-lockfile run: yarn --frozen-lockfile

@ -6,6 +6,7 @@ on:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- '**/*.json' - '**/*.json'
- '.github/workflows/lint-json.yml' - '.github/workflows/lint-json.yml'
@ -15,6 +16,7 @@ on:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- '**/*.json' - '**/*.json'
- '.github/workflows/lint-json.yml' - '.github/workflows/lint-json.yml'
@ -32,6 +34,7 @@ jobs:
uses: actions/setup-node@v3 uses: actions/setup-node@v3
with: with:
cache: yarn cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages - name: Install all yarn packages
run: yarn --frozen-lockfile run: yarn --frozen-lockfile

@ -0,0 +1,40 @@
name: Markdown Linting
on:
push:
branches-ignore:
- 'dependabot/**'
paths:
- '.github/workflows/lint-md.yml'
- '.prettier*'
- '**/*.md'
- '!AUTHORS.md'
- 'package.json'
- 'yarn.lock'
pull_request:
paths:
- '.github/workflows/lint-md.yml'
- '.prettier*'
- '**/*.md'
- '!AUTHORS.md'
- 'package.json'
- 'yarn.lock'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: Prettier
run: yarn prettier --check "**/*.md"

@ -5,7 +5,9 @@ on:
- 'dependabot/**' - 'dependabot/**'
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.rubocop.yml' - '.rubocop*.yml'
- '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb' - '**/*.rb'
- '**/*.rake' - '**/*.rake'
- '.github/workflows/lint-ruby.yml' - '.github/workflows/lint-ruby.yml'
@ -13,7 +15,9 @@ on:
pull_request: pull_request:
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.rubocop.yml' - '.rubocop*.yml'
- '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb' - '**/*.rb'
- '**/*.rake' - '**/*.rake'
- '.github/workflows/lint-ruby.yml' - '.github/workflows/lint-ruby.yml'
@ -21,21 +25,25 @@ on:
jobs: jobs:
lint: lint:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout Code - name: Clone repository
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Install native Ruby dependencies
run: sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with: with:
fetch-depth: 0 ruby-version: .ruby-version
bundler-cache: true
- name: Set-up RuboCop Problem Mathcher - name: Set-up RuboCop Problem Matcher
uses: r7kamura/rubocop-problem-matchers-action@v1 uses: r7kamura/rubocop-problem-matchers-action@v1
- name: Run rubocop - name: Run rubocop
uses: github/super-linter@v4 run: bundle exec rubocop
env:
DEFAULT_BRANCH: main - name: Run bundler-audit
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: bundle exec bundler-audit
LINTER_RULES_PATH: .
RUBY_CONFIG_FILE: .rubocop.yml
VALIDATE_ALL_CODEBASE: false
VALIDATE_RUBY: true

@ -6,6 +6,7 @@ on:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- '**/*.yaml' - '**/*.yaml'
- '**/*.yml' - '**/*.yml'
@ -16,6 +17,7 @@ on:
paths: paths:
- 'package.json' - 'package.json'
- 'yarn.lock' - 'yarn.lock'
- '.nvmrc'
- '.prettier*' - '.prettier*'
- '**/*.yaml' - '**/*.yaml'
- '**/*.yml' - '**/*.yml'
@ -34,6 +36,7 @@ jobs:
uses: actions/setup-node@v3 uses: actions/setup-node@v3
with: with:
cache: yarn cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages - name: Install all yarn packages
run: yarn --frozen-lockfile run: yarn --frozen-lockfile

@ -5,13 +5,24 @@ on:
pull_request_target: pull_request_target:
types: [synchronize] types: [synchronize]
permissions:
pull-requests: write
jobs: jobs:
label-rebase-needed: label-rebase-needed:
runs-on: ubuntu-latest runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps: steps:
- name: Check for merge conflicts - name: Check for merge conflicts
uses: eps1lon/actions-label-merge-conflict@releases/2.x uses: eps1lon/actions-label-merge-conflict@releases/2.x
with: with:
dirtyLabel: 'rebase needed :construction:' dirtyLabel: 'rebase needed :construction:'
repoToken: '${{ secrets.GITHUB_TOKEN }}' repoToken: '${{ secrets.GITHUB_TOKEN }}'
commentOnClean: This pull request has resolved merge conflicts and is ready for review.
commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged. commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
retryMax: 10
continueOnMissingPermissions: false

@ -0,0 +1,43 @@
name: JavaScript Testing
on:
push:
branches-ignore:
- 'dependabot/**'
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '**/*.js'
- '**/*.jsx'
- '**/*.snap'
- '.github/workflows/test-js.yml'
pull_request:
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '**/*.js'
- '**/*.jsx'
- '**/*.snap'
- '.github/workflows/test-js.yml'
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: Jest testing
run: yarn test:jest --reporters github-actions summary

@ -0,0 +1,100 @@
name: Test one step migrations
on:
push:
branches-ignore:
- 'dependabot/**'
pull_request:
jobs:
pre_job:
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@v5
with:
paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-one-step.yml"]'
test:
runs-on: ubuntu-latest
needs: pre_job
if: needs.pre_job.outputs.should_skip != 'true'
services:
postgres:
image: postgres:14.5
env:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
redis:
image: redis:7.0
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
env:
CONTINUOUS_INTEGRATION: true
DB_HOST: localhost
DB_USER: postgres
DB_PASS: postgres
DISABLE_SIMPLECOV: true
RAILS_ENV: test
BUNDLE_CLEAN: true
BUNDLE_FROZEN: true
BUNDLE_WITHOUT: 'development production'
BUNDLE_JOBS: 3
BUNDLE_RETRY: 3
steps:
- uses: actions/checkout@v3
- name: Install native Ruby dependencies
run: sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up bundler cache
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Create database
run: './bin/rails db:create'
- name: Run migrations up to v2.0.0
run: './bin/rails db:migrate VERSION=20171010025614'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2'
- name: Run migrations up to v2.4.0
run: './bin/rails db:migrate VERSION=20180514140000'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4'
- name: Run migrations up to v2.4.3
run: './bin/rails db:migrate VERSION=20180707154237'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4_3'
- name: Run all remaining migrations
run: './bin/rails db:migrate'
- name: Check migration result
run: './bin/rails tests:migrations:check_database'

@ -0,0 +1,108 @@
name: Test two step migrations
on:
push:
branches-ignore:
- 'dependabot/**'
pull_request:
jobs:
pre_job:
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@v5
with:
paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-two-step.yml"]'
test:
runs-on: ubuntu-latest
needs: pre_job
if: needs.pre_job.outputs.should_skip != 'true'
services:
postgres:
image: postgres:14.5
env:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
redis:
image: redis:7.0
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
env:
CONTINUOUS_INTEGRATION: true
DB_HOST: localhost
DB_USER: postgres
DB_PASS: postgres
DISABLE_SIMPLECOV: true
RAILS_ENV: test
BUNDLE_CLEAN: true
BUNDLE_FROZEN: true
BUNDLE_WITHOUT: 'development production'
BUNDLE_JOBS: 3
BUNDLE_RETRY: 3
steps:
- uses: actions/checkout@v3
- name: Install native Ruby dependencies
run: sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up bundler cache
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Create database
run: './bin/rails db:create'
- name: Run migrations up to v2.0.0
run: './bin/rails db:migrate VERSION=20171010025614'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2'
- name: Run pre-deployment migrations up to v2.4.0
run: './bin/rails db:migrate VERSION=20180514140000'
env:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4'
- name: Run migrations up to v2.4.3
run: './bin/rails db:migrate VERSION=20180707154237'
env:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4_3'
- name: Run all remaining pre-deployment migrations
run: './bin/rails db:migrate'
env:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- name: Run all post-deployment migrations
run: './bin/rails db:migrate'
- name: Check migration result
run: './bin/rails tests:migrations:check_database'

@ -1 +1 @@
16 16.19

@ -51,15 +51,8 @@
*~ *~
*.swp *.swp
# Ignore npm debug log # Ignore log files
npm-debug.log *.log
# Ignore yarn log files
yarn-error.log
yarn-debug.log
# Ignore vagrant log files
*-cloudimg-console.log
# Ignore Docker option files # Ignore Docker option files
docker-compose.override.yml docker-compose.override.yml
@ -71,9 +64,28 @@ docker-compose.override.yml
/app/javascript/mastodon/locales /app/javascript/mastodon/locales
/config/locales /config/locales
# Ignore vendored CSS reset
app/javascript/styles/mastodon/reset.scss
# Ignore Javascript pending https://github.com/mastodon/mastodon/pull/23631
*.js
*.jsx
# Ignore HTML till cleaned and included in CI
*.html
# Ignore the generated AUTHORS.md
AUTHORS.md
# Ignore glitch-soc emoji map file
/app/javascript/flavours/glitch/features/emoji/emoji_map.json
# Ignore glitch-soc locale files # Ignore glitch-soc locale files
/app/javascript/flavours/glitch/locales /app/javascript/flavours/glitch/locales
/config/locales-glitch /config/locales-glitch
# Ignore glitch-soc emoji map file # Ignore glitch-soc vendored CSS reset
/app/javascript/flavours/glitch/features/emoji/emoji_map.json app/javascript/flavours/glitch/styles/reset.scss
# Ignore win95 theme
app/javascript/styles/win95.scss

@ -1,3 +1,9 @@
inherit_from: .rubocop_todo.yml
inherit_mode:
merge:
- Exclude
require: require:
- rubocop-rails - rubocop-rails
- rubocop-rspec - rubocop-rspec
@ -23,50 +29,19 @@ AllCops:
- 'lib/json_ld/*' - 'lib/json_ld/*'
- 'lib/templates/**/*' - 'lib/templates/**/*'
Bundler/OrderedGems:
Enabled: false
Layout/AccessModifierIndentation:
EnforcedStyle: indent
Layout/EmptyLineAfterMagicComment:
Enabled: false
Layout/EmptyLineAfterGuardClause:
Enabled: false
Layout/EmptyLineBetweenDefs:
AllowAdjacentOneLineDefs: true
Layout/EmptyLinesAroundAttributeAccessor:
Enabled: true
Layout/FirstHashElementIndentation: Layout/FirstHashElementIndentation:
EnforcedStyle: consistent EnforcedStyle: consistent
Layout/HashAlignment: Layout/LineLength:
Enabled: false Max: 140 # RuboCop default 120
AllowedPatterns:
Layout/SpaceAroundMethodCallOperator: # Allow comments to be long lines
Enabled: true - !ruby/regexp / \# .*$/
- !ruby/regexp /^\# .*$/
Layout/SpaceInsideHashLiteralBraces: Exclude:
EnforcedStyle: space - lib/**/*cli*.rb
- db/*migrate/**/*
Lint/DeprecatedOpenSSLConstant: - db/seeds/**/*
Enabled: true
Lint/DuplicateElsifCondition:
Enabled: true
Lint/MixedRegexpCaptureTypes:
Enabled: true
Lint/RaiseException:
Enabled: true
Lint/StructNewOverride:
Enabled: true
Lint/UselessAccessModifier: Lint/UselessAccessModifier:
ContextCreatingMethods: ContextCreatingMethods:
@ -77,403 +52,74 @@ Metrics/AbcSize:
Exclude: Exclude:
- 'lib/**/*cli*.rb' - 'lib/**/*cli*.rb'
- db/*migrate/**/* - db/*migrate/**/*
- lib/paperclip/color_extractor.rb
- app/workers/scheduler/follow_recommendations_scheduler.rb
- app/services/activitypub/fetch*_service.rb
- lib/paperclip/**/*
CountRepeatedAttributes: false
AllowedMethods:
- update_media_attachments!
- account_link_to
- attempt_oembed
- build_crutches
- calculate_scores
- cc
- dump_actor!
- filter_from_home?
- hydrate
- import_bookmarks!
- import_relationships!
- initialize
- link_to_mention
- log_target
- matches_time_window?
- parse_metadata
- perform_statuses_search!
- privatize_media_attachments!
- process_update
- publish_media_attachments!
- remotable_attachment
- render_initial_state
- render_with_cache
- searchable_by
- self.cached_filters_for
- set_fetchable_attributes!
- signed_request_actor
- statuses_to_delete
- update_poll!
Metrics/BlockLength: Metrics/BlockLength:
Max: 55 Max: 55 # Default 25
CountAsOne: [array, heredoc]
Exclude: Exclude:
- 'lib/mastodon/*_cli.rb' - 'lib/mastodon/*_cli.rb'
CountComments: false
CountAsOne: [array, heredoc]
AllowedMethods:
- task
- namespace
- class_methods
- included
Metrics/BlockNesting: Metrics/BlockNesting:
Max: 3
Exclude: Exclude:
- 'lib/mastodon/*_cli.rb' - 'lib/mastodon/*_cli.rb'
Metrics/ClassLength: Metrics/ClassLength:
CountComments: false Max: 500 # Default 100
Max: 500
CountAsOne: [array, heredoc] CountAsOne: [array, heredoc]
Exclude: Exclude:
- 'lib/mastodon/*_cli.rb' - 'lib/mastodon/*_cli.rb'
Metrics/CyclomaticComplexity: Metrics/CyclomaticComplexity:
Max: 12 Max: 12 # Default 7
Exclude: Exclude:
- lib/mastodon/*cli*.rb - lib/mastodon/*cli*.rb
- db/*migrate/**/* - db/*migrate/**/*
AllowedMethods:
- attempt_oembed
- blocked?
- build_crutches
- calculate_scores
- cc
- discover_endpoint!
- filter_from_home?
- hydrate
- klass
- link_to_mention
- log_target
- matches_time_window?
- patch_for_forwarding!
- preprocess_attributes!
- process_update
- remotable_attachment
- scan_text!
- self.cached_filters_for
- set_fetchable_attributes!
- setup_redis_env_url
- update_media_attachments!
Layout/LineLength:
Max: 140 # RuboCop default 120
AllowHeredoc: true
AllowURI: true
IgnoreCopDirectives: true
AllowedPatterns:
# Allow comments to be long lines
- !ruby/regexp / \# .*$/
- !ruby/regexp /^\# .*$/
Exclude:
- lib/**/*cli*.rb
- db/*migrate/**/*
- db/seeds/**/*
Metrics/MethodLength: Metrics/MethodLength:
CountComments: false
CountAsOne: [array, heredoc]
Max: 25 # RuboCop default 10 Max: 25 # RuboCop default 10
CountAsOne: [array, heredoc]
Exclude: Exclude:
- 'lib/mastodon/*_cli.rb' - 'lib/mastodon/*_cli.rb'
AllowedMethods:
- account_link_to
- attempt_oembed
- body_with_limit
- build_crutches
- cached_filters_for
- calculate_scores
- check_webfinger!
- clean_feeds!
- collection_items
- collection_presenter
- copy_account_notes!
- deduplicate_accounts!
- deduplicate_conversations!
- deduplicate_local_accounts!
- deduplicate_statuses!
- deduplicate_tags!
- deduplicate_users!
- discover_endpoint!
- extract_extra_uris_with_indices
- extract_hashtags_with_indices
- extract_mentions_or_lists_with_indices
- filter_from_home?
- from_elasticsearch
- handle_explicit_update!
- handle_mark_as_sensitive!
- hsl_to_rgb
- import_bookmarks!
- import_domain_blocks!
- import_relationships!
- ldap_options
- matches_time_window?
- outbox_presenter
- pam_get_user
- parallelize_with_progress
- parse_and_transform
- patch_for_forwarding!
- populate_home
- post_process_style
- preload_cache_collection_target_statuses
- privatize_media_attachments!
- provides_callback_for
- publish_media_attachments!
- relevant_account_timestamp
- remotable_attachment
- rgb_to_hsl
- rss_status_content_format
- set_fetchable_attributes!
- setup_redis_env_url
- signed_request_actor
- to_preview_card_attributes
- upgrade_storage_filesystem
- upgrade_storage_s3
- user_settings_params
- hydrate
- cc
- self_destruct
Metrics/ModuleLength: Metrics/ModuleLength:
CountComments: false Max: 200 # Default 100
Max: 200
CountAsOne: [array, heredoc] CountAsOne: [array, heredoc]
Metrics/ParameterLists:
Max: 5 # RuboCop default 5
CountKeywordArgs: true # RuboCop default true
MaxOptionalParameters: 3 # RuboCop default 3
Exclude:
- app/models/concerns/account_interactions.rb
- app/services/activitypub/fetch_remote_account_service.rb
- app/services/activitypub/fetch_remote_actor_service.rb
Metrics/PerceivedComplexity: Metrics/PerceivedComplexity:
Max: 16 # RuboCop default 8 Max: 16 # RuboCop default 8
AllowedMethods:
- attempt_oembed
- build_crutches
- calculate_scores
- deduplicate_users!
- discover_endpoint!
- filter_from_home?
- hydrate
- patch_for_forwarding!
- process_update
- remove_orphans
- update_media_attachments!
Naming/MemoizedInstanceVariableName:
Enabled: false
Naming/MethodParameterName:
Enabled: true
Rails: Rails/HttpStatus:
Enabled: true EnforcedStyle: numeric
Rails/ApplicationController:
Enabled: false
Exclude:
- 'app/controllers/well_known/**/*.rb'
Rails/BelongsTo:
Enabled: false
Rails/ContentTag:
Enabled: false
Rails/EnumHash:
Enabled: false
Rails/Exit: Rails/Exit:
Exclude: Exclude:
- 'lib/mastodon/*' - 'lib/mastodon/*_cli.rb'
- 'lib/mastodon/cli_helper.rb'
- 'lib/cli.rb' - 'lib/cli.rb'
Rails/FilePath: RSpec/NotToNot:
Enabled: false EnforcedStyle: to_not
Rails/HasAndBelongsToMany:
Enabled: false
Rails/HasManyOrHasOneDependent:
Enabled: false
Rails/HelperInstanceVariable:
Enabled: false
Rails/HttpStatus:
Enabled: false
Rails/IndexBy:
Enabled: false
Rails/InverseOf:
Enabled: false
Rails/LexicallyScopedActionFilter:
Enabled: false
Rails/OutputSafety:
Enabled: true
Rails/RakeEnvironment:
Enabled: false
Rails/RedundantForeignKey:
Enabled: false
Rails/SkipsModelValidations:
Enabled: false
Rails/UniqueValidationWithoutIndex:
Enabled: false
Style/AccessorGrouping:
Enabled: true
Style/AccessModifierDeclarations:
Enabled: false
Style/ArrayCoercion:
Enabled: true
Style/BisectedAttrAccessor:
Enabled: true
Style/CaseLikeIf:
Enabled: false
Style/ClassAndModuleChildren:
Enabled: false
Style/CollectionMethods:
Enabled: true
PreferredMethods:
find_all: 'select'
Style/Documentation:
Enabled: false
Style/DoubleNegation:
Enabled: true
Style/ExpandPathArguments:
Enabled: false
Style/ExponentialNotation:
Enabled: true
Style/FormatString: RSpec/Rails/HttpStatus:
Enabled: false EnforcedStyle: numeric
Style/FormatStringToken:
Enabled: false
Style/FrozenStringLiteralComment:
Enabled: true
Style/GuardClause:
Enabled: false
Style/HashAsLastArrayItem:
Enabled: false
Style/HashEachMethods:
Enabled: true
Style/HashLikeCase:
Enabled: true
Style/HashTransformKeys:
Enabled: true
Style/HashTransformValues:
Enabled: false
Style/HashSyntax: Style/HashSyntax:
Enabled: true
EnforcedStyle: ruby19_no_mixed_keys EnforcedStyle: ruby19_no_mixed_keys
Style/IfUnlessModifier: Style/NumericLiterals:
Enabled: false AllowedPatterns:
- \d{4}_\d{2}_\d{2}_\d{6} # For DB migration date version number readability
Style/InverseMethods:
Enabled: false
Style/Lambda:
Enabled: false
Style/MutableConstant:
Enabled: false
Style/PercentLiteralDelimiters: Style/PercentLiteralDelimiters:
PreferredDelimiters: PreferredDelimiters:
'%i': '()' '%i': '()'
'%w': '()' '%w': '()'
Style/PerlBackrefs:
AutoCorrect: false
Style/RedundantFetchBlock:
Enabled: true
Style/RedundantFileExtensionInRequire:
Enabled: true
Style/RedundantRegexpCharacterClass:
Enabled: false
Style/RedundantRegexpEscape:
Enabled: false
Style/RedundantReturn:
Enabled: true
Style/RedundantBegin:
Enabled: false
Style/RegexpLiteral:
Enabled: false
Style/RescueStandardError: Style/RescueStandardError:
Enabled: true EnforcedStyle: implicit
Style/SignalException:
Enabled: false
Style/SlicingWithRange:
Enabled: true
Style/SymbolArray:
Enabled: false
Style/TrailingCommaInArrayLiteral: Style/TrailingCommaInArrayLiteral:
EnforcedStyleForMultiline: 'comma' EnforcedStyleForMultiline: 'comma'
Style/TrailingCommaInHashLiteral: Style/TrailingCommaInHashLiteral:
EnforcedStyleForMultiline: 'comma' EnforcedStyleForMultiline: 'comma'
Style/UnpackFirst:
Enabled: false
RSpec/ScatteredSetup:
Enabled: false
RSpec/ImplicitExpect:
Enabled: false
RSpec/NamedSubject:
Enabled: false
RSpec/DescribeClass:
Enabled: false
RSpec/LetSetup:
Enabled: false

File diff suppressed because it is too large Load Diff

@ -1 +1 @@
3.0.4 3.2.1

@ -1,5 +1,4 @@
Changelog # Changelog
=========
All notable changes to this project will be documented in this file. All notable changes to this project will be documented in this file.
@ -219,6 +218,7 @@ All notable changes to this project will be documented in this file.
- Fix unbounded recursion in post discovery ([ClearlyClaire,nametoolong](https://github.com/mastodon/mastodon/pull/23506)) - Fix unbounded recursion in post discovery ([ClearlyClaire,nametoolong](https://github.com/mastodon/mastodon/pull/23506))
## [4.0.2] - 2022-11-15 ## [4.0.2] - 2022-11-15
### Fixed ### Fixed
- Fix wrong color on mentions hidden behind content warning in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/20724)) - Fix wrong color on mentions hidden behind content warning in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/20724))
@ -226,6 +226,7 @@ All notable changes to this project will be documented in this file.
- Fix `unsafe-eval` being used when `wasm-unsafe-eval` is enough in Content Security Policy ([Gargron](https://github.com/mastodon/mastodon/pull/20729), [prplecake](https://github.com/mastodon/mastodon/pull/20606)) - Fix `unsafe-eval` being used when `wasm-unsafe-eval` is enough in Content Security Policy ([Gargron](https://github.com/mastodon/mastodon/pull/20729), [prplecake](https://github.com/mastodon/mastodon/pull/20606))
## [4.0.1] - 2022-11-14 ## [4.0.1] - 2022-11-14
### Fixed ### Fixed
- Fix nodes order being sometimes mangled when rewriting emoji ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20677)) - Fix nodes order being sometimes mangled when rewriting emoji ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20677))
@ -429,6 +430,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix out-of-bound reads in blurhash transcoder ([delroth](https://github.com/mastodon/mastodon/pull/20388)) - Fix out-of-bound reads in blurhash transcoder ([delroth](https://github.com/mastodon/mastodon/pull/20388))
## [3.5.3] - 2022-05-26 ## [3.5.3] - 2022-05-26
### Added ### Added
- **Add language dropdown to compose form in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/18420), [ykzts](https://github.com/mastodon/mastodon/pull/18460)) - **Add language dropdown to compose form in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/18420), [ykzts](https://github.com/mastodon/mastodon/pull/18460))
@ -476,6 +478,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix confirmation redirect to app without `Location` header ([Gargron](https://github.com/mastodon/mastodon/pull/18523)) - Fix confirmation redirect to app without `Location` header ([Gargron](https://github.com/mastodon/mastodon/pull/18523))
## [3.5.2] - 2022-05-04 ## [3.5.2] - 2022-05-04
### Added ### Added
- Add warning on direct messages screen in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/18289)) - Add warning on direct messages screen in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/18289))
@ -528,6 +531,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix error in alias settings page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18004)) - Fix error in alias settings page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18004))
## [3.5.1] - 2022-04-08 ## [3.5.1] - 2022-04-08
### Added ### Added
- Add pagination for trending statuses in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17976)) - Add pagination for trending statuses in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17976))
@ -571,6 +575,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix error when indexing statuses into Elasticsearch ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17912)) - Fix error when indexing statuses into Elasticsearch ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17912))
## [3.5.0] - 2022-03-30 ## [3.5.0] - 2022-03-30
### Added ### Added
- **Add support for incoming edited posts** ([Gargron](https://github.com/mastodon/mastodon/pull/16697), [Gargron](https://github.com/mastodon/mastodon/pull/17727), [Gargron](https://github.com/mastodon/mastodon/pull/17728), [Gargron](https://github.com/mastodon/mastodon/pull/17320), [Gargron](https://github.com/mastodon/mastodon/pull/17404), [Gargron](https://github.com/mastodon/mastodon/pull/17390), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17335), [Gargron](https://github.com/mastodon/mastodon/pull/17696), [Gargron](https://github.com/mastodon/mastodon/pull/17745), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17740), [Gargron](https://github.com/mastodon/mastodon/pull/17697), [Gargron](https://github.com/mastodon/mastodon/pull/17648), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17531), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17499), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17498), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17380), [Gargron](https://github.com/mastodon/mastodon/pull/17373), [Gargron](https://github.com/mastodon/mastodon/pull/17334), [Gargron](https://github.com/mastodon/mastodon/pull/17333), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17699), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17748)) - **Add support for incoming edited posts** ([Gargron](https://github.com/mastodon/mastodon/pull/16697), [Gargron](https://github.com/mastodon/mastodon/pull/17727), [Gargron](https://github.com/mastodon/mastodon/pull/17728), [Gargron](https://github.com/mastodon/mastodon/pull/17320), [Gargron](https://github.com/mastodon/mastodon/pull/17404), [Gargron](https://github.com/mastodon/mastodon/pull/17390), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17335), [Gargron](https://github.com/mastodon/mastodon/pull/17696), [Gargron](https://github.com/mastodon/mastodon/pull/17745), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17740), [Gargron](https://github.com/mastodon/mastodon/pull/17697), [Gargron](https://github.com/mastodon/mastodon/pull/17648), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17531), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17499), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17498), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17380), [Gargron](https://github.com/mastodon/mastodon/pull/17373), [Gargron](https://github.com/mastodon/mastodon/pull/17334), [Gargron](https://github.com/mastodon/mastodon/pull/17333), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17699), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17748))
@ -770,6 +775,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix being able to bypass e-mail restrictions ([Gargron](https://github.com/mastodon/mastodon/pull/17909)) - Fix being able to bypass e-mail restrictions ([Gargron](https://github.com/mastodon/mastodon/pull/17909))
## [3.4.6] - 2022-02-03 ## [3.4.6] - 2022-02-03
### Fixed ### Fixed
- Fix `mastodon:webpush:generate_vapid_key` task requiring a functional environment ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17338)) - Fix `mastodon:webpush:generate_vapid_key` task requiring a functional environment ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17338))
@ -784,6 +790,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Disable legacy XSS filtering ([Wonderfall](https://github.com/mastodon/mastodon/pull/17289)) - Disable legacy XSS filtering ([Wonderfall](https://github.com/mastodon/mastodon/pull/17289))
## [3.4.5] - 2022-01-31 ## [3.4.5] - 2022-01-31
### Added ### Added
- Add more advanced migration tests ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17393)) - Add more advanced migration tests ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17393))
@ -798,6 +805,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix followers synchronization mechanism ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16510)) - Fix followers synchronization mechanism ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16510))
## [3.4.4] - 2021-11-26 ## [3.4.4] - 2021-11-26
### Fixed ### Fixed
- Fix error when suspending user with an already blocked canonical email ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17036)) - Fix error when suspending user with an already blocked canonical email ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17036))
@ -815,11 +823,13 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix handling of recursive toots in WebUI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17041)) - Fix handling of recursive toots in WebUI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17041))
## [3.4.3] - 2021-11-06 ## [3.4.3] - 2021-11-06
### Fixed ### Fixed
- Fix login being broken due to inaccurately applied backport fix in 3.4.2 ([Gargron](https://github.com/mastodon/mastodon/commit/5c47a18c8df3231aa25c6d1f140a71a7fac9cbf9)) - Fix login being broken due to inaccurately applied backport fix in 3.4.2 ([Gargron](https://github.com/mastodon/mastodon/commit/5c47a18c8df3231aa25c6d1f140a71a7fac9cbf9))
## [3.4.2] - 2021-11-06 ## [3.4.2] - 2021-11-06
### Added ### Added
- Add `configuration` attribute to `GET /api/v1/instance` ([Gargron](https://github.com/mastodon/mastodon/pull/16485)) - Add `configuration` attribute to `GET /api/v1/instance` ([Gargron](https://github.com/mastodon/mastodon/pull/16485))
@ -863,6 +873,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix revoking a specific session not working ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16943)) - Fix revoking a specific session not working ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16943))
## [3.4.1] - 2021-06-03 ## [3.4.1] - 2021-06-03
### Added ### Added
- Add new emoji assets from Twemoji 13.1.0 ([Gargron](https://github.com/mastodon/mastodon/pull/16345)) - Add new emoji assets from Twemoji 13.1.0 ([Gargron](https://github.com/mastodon/mastodon/pull/16345))
@ -882,6 +893,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix mailer jobs for deleted notifications erroring out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16294)) - Fix mailer jobs for deleted notifications erroring out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16294))
## [3.4.0] - 2021-05-16 ## [3.4.0] - 2021-05-16
### Added ### Added
- **Add follow recommendations for onboarding** ([Gargron](https://github.com/mastodon/mastodon/pull/15945), [Gargron](https://github.com/mastodon/mastodon/pull/16161), [Gargron](https://github.com/mastodon/mastodon/pull/16060), [Gargron](https://github.com/mastodon/mastodon/pull/16077), [Gargron](https://github.com/mastodon/mastodon/pull/16078), [Gargron](https://github.com/mastodon/mastodon/pull/16160), [Gargron](https://github.com/mastodon/mastodon/pull/16079), [noellabo](https://github.com/mastodon/mastodon/pull/16044), [noellabo](https://github.com/mastodon/mastodon/pull/16045), [Gargron](https://github.com/mastodon/mastodon/pull/16152), [Gargron](https://github.com/mastodon/mastodon/pull/16153), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16082), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16173), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16159), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16189)) - **Add follow recommendations for onboarding** ([Gargron](https://github.com/mastodon/mastodon/pull/15945), [Gargron](https://github.com/mastodon/mastodon/pull/16161), [Gargron](https://github.com/mastodon/mastodon/pull/16060), [Gargron](https://github.com/mastodon/mastodon/pull/16077), [Gargron](https://github.com/mastodon/mastodon/pull/16078), [Gargron](https://github.com/mastodon/mastodon/pull/16160), [Gargron](https://github.com/mastodon/mastodon/pull/16079), [noellabo](https://github.com/mastodon/mastodon/pull/16044), [noellabo](https://github.com/mastodon/mastodon/pull/16045), [Gargron](https://github.com/mastodon/mastodon/pull/16152), [Gargron](https://github.com/mastodon/mastodon/pull/16153), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16082), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16173), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16159), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16189))
@ -917,7 +929,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- This method allows an app through which a user signed-up to request a new confirmation e-mail to be sent, or to change the e-mail of the account before it is confirmed - This method allows an app through which a user signed-up to request a new confirmation e-mail to be sent, or to change the e-mail of the account before it is confirmed
- Add `GET /api/v1/accounts/lookup` to REST API ([Gargron](https://github.com/mastodon/mastodon/pull/15740), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/15750)) - Add `GET /api/v1/accounts/lookup` to REST API ([Gargron](https://github.com/mastodon/mastodon/pull/15740), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/15750))
- This method allows to quickly convert a username of a known account to an ID that can be used with the REST API, or to check if a username is available - This method allows to quickly convert a username of a known account to an ID that can be used with the REST API, or to check if a username is available
for sign-up for sign-up
- Add `policy` param to `POST /api/v1/push/subscriptions` in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/16040)) - Add `policy` param to `POST /api/v1/push/subscriptions` in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/16040))
- This param allows an app to control from whom notifications should be delivered as push notifications to the app - This param allows an app to control from whom notifications should be delivered as push notifications to the app
- Add `details` to error response for `POST /api/v1/accounts` in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/15803)) - Add `details` to error response for `POST /api/v1/accounts` in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/15803))
@ -1027,6 +1039,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix app name, website and redirect URIs not having a maximum length ([Gargron](https://github.com/mastodon/mastodon/pull/16042)) - Fix app name, website and redirect URIs not having a maximum length ([Gargron](https://github.com/mastodon/mastodon/pull/16042))
## [3.3.0] - 2020-12-27 ## [3.3.0] - 2020-12-27
### Added ### Added
- **Add hotkeys for audio/video control in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/15158), [Gargron](https://github.com/mastodon/mastodon/pull/15198)) - **Add hotkeys for audio/video control in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/15158), [Gargron](https://github.com/mastodon/mastodon/pull/15198))
@ -1203,6 +1216,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/15364)) - Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/15364))
## [3.2.2] - 2020-12-19 ## [3.2.2] - 2020-12-19
### Added ### Added
- Add `tootctl maintenance fix-duplicates` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14860), [Gargron](https://github.com/mastodon/mastodon/pull/15223)) - Add `tootctl maintenance fix-duplicates` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14860), [Gargron](https://github.com/mastodon/mastodon/pull/15223))
@ -1229,6 +1243,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/15364)) - Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/15364))
## [3.2.1] - 2020-10-19 ## [3.2.1] - 2020-10-19
### Added ### Added
- Add support for latest HTTP Signatures spec draft ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14556)) - Add support for latest HTTP Signatures spec draft ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14556))
@ -1258,6 +1273,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix files served as `application/octet-stream` being rejected without attempting mime type detection ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14452)) - Fix files served as `application/octet-stream` being rejected without attempting mime type detection ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14452))
## [3.2.0] - 2020-07-27 ## [3.2.0] - 2020-07-27
### Added ### Added
- Add `SMTP_SSL` environment variable ([OmmyZhang](https://github.com/mastodon/mastodon/pull/14309)) - Add `SMTP_SSL` environment variable ([OmmyZhang](https://github.com/mastodon/mastodon/pull/14309))
@ -1393,7 +1409,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix unique username constraint for local users not being enforced in database ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14099)) - Fix unique username constraint for local users not being enforced in database ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14099))
- Fix unnecessary gap under video modal in web UI ([mfmfuyu](https://github.com/mastodon/mastodon/pull/14098)) - Fix unnecessary gap under video modal in web UI ([mfmfuyu](https://github.com/mastodon/mastodon/pull/14098))
- Fix 2FA and sign in token pages not respecting user locale ([mfmfuyu](https://github.com/mastodon/mastodon/pull/14087)) - Fix 2FA and sign in token pages not respecting user locale ([mfmfuyu](https://github.com/mastodon/mastodon/pull/14087))
- Fix unapproved users being able to view profiles when in limited-federation mode *and* requiring approval for sign-ups ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14093)) - Fix unapproved users being able to view profiles when in limited-federation mode _and_ requiring approval for sign-ups ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14093))
- Fix initial audio volume not corresponding to what's displayed in audio player in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14057)) - Fix initial audio volume not corresponding to what's displayed in audio player in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14057))
- Fix timelines sometimes jumping when closing modals in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14019)) - Fix timelines sometimes jumping when closing modals in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14019))
- Fix memory usage of downloading remote files ([Gargron](https://github.com/mastodon/mastodon/pull/14184), [Gargron](https://github.com/mastodon/mastodon/pull/14181), [noellabo](https://github.com/mastodon/mastodon/pull/14356)) - Fix memory usage of downloading remote files ([Gargron](https://github.com/mastodon/mastodon/pull/14184), [Gargron](https://github.com/mastodon/mastodon/pull/14181), [noellabo](https://github.com/mastodon/mastodon/pull/14356))
@ -1411,6 +1427,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Clear out media attachments in a separate worker (slow) - Clear out media attachments in a separate worker (slow)
## [3.1.5] - 2020-07-07 ## [3.1.5] - 2020-07-07
### Security ### Security
- Fix media attachment enumeration ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14254)) - Fix media attachment enumeration ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14254))
@ -1418,6 +1435,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix other sessions not being logged out on password change ([Gargron](https://github.com/mastodon/mastodon/pull/14252)) - Fix other sessions not being logged out on password change ([Gargron](https://github.com/mastodon/mastodon/pull/14252))
## [3.1.4] - 2020-05-14 ## [3.1.4] - 2020-05-14
### Added ### Added
- Add `vi` to available locales ([taicv](https://github.com/mastodon/mastodon/pull/13542)) - Add `vi` to available locales ([taicv](https://github.com/mastodon/mastodon/pull/13542))
@ -1456,7 +1474,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix regression in `tootctl media remove-orphans` ([Gargron](https://github.com/mastodon/mastodon/pull/13405)) - Fix regression in `tootctl media remove-orphans` ([Gargron](https://github.com/mastodon/mastodon/pull/13405))
- Fix old unique jobs digests not having been cleaned up ([Gargron](https://github.com/mastodon/mastodon/pull/13683)) - Fix old unique jobs digests not having been cleaned up ([Gargron](https://github.com/mastodon/mastodon/pull/13683))
- Fix own following/followers not showing muted users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13614)) - Fix own following/followers not showing muted users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13614))
- Fix list of followed people ignoring sorting on Follows & Followers page ([taras2358](https://github.com/mastodon/mastodon/pull/13676)) - Fix list of followed people ignoring sorting on Follows & Followers page ([taras2358](https://github.com/mastodon/mastodon/pull/13676))
- Fix wrong pgHero Content-Security-Policy when `CDN_HOST` is set ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13595)) - Fix wrong pgHero Content-Security-Policy when `CDN_HOST` is set ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13595))
- Fix needlessly deduplicating usernames on collisions with remote accounts when signing-up through SAML/CAS ([kaiyou](https://github.com/mastodon/mastodon/pull/13581)) - Fix needlessly deduplicating usernames on collisions with remote accounts when signing-up through SAML/CAS ([kaiyou](https://github.com/mastodon/mastodon/pull/13581))
- Fix page incorrectly scrolling when bringing up dropdown menus in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13574)) - Fix page incorrectly scrolling when bringing up dropdown menus in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13574))
@ -1485,6 +1503,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- The issue only affects developers of apps who are shared between multiple users, such as server-side apps like cross-posters - The issue only affects developers of apps who are shared between multiple users, such as server-side apps like cross-posters
## [3.1.3] - 2020-04-05 ## [3.1.3] - 2020-04-05
### Added ### Added
- Add ability to filter audit log in admin UI ([Gargron](https://github.com/mastodon/mastodon/pull/13381)) - Add ability to filter audit log in admin UI ([Gargron](https://github.com/mastodon/mastodon/pull/13381))
@ -1558,6 +1577,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix re-sending of e-mail confirmation not being rate limited ([Gargron](https://github.com/mastodon/mastodon/pull/13360)) - Fix re-sending of e-mail confirmation not being rate limited ([Gargron](https://github.com/mastodon/mastodon/pull/13360))
## [v3.1.2] - 2020-02-27 ## [v3.1.2] - 2020-02-27
### Added ### Added
- Add `--reset-password` option to `tootctl accounts modify` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13126)) - Add `--reset-password` option to `tootctl accounts modify` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13126))
@ -1584,11 +1604,13 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix leak of arbitrary statuses through unfavourite action in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/13161)) - Fix leak of arbitrary statuses through unfavourite action in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/13161))
## [3.1.1] - 2020-02-10 ## [3.1.1] - 2020-02-10
### Fixed ### Fixed
- Fix yanked dependency preventing installation ([mayaeh](https://github.com/mastodon/mastodon/pull/13059)) - Fix yanked dependency preventing installation ([mayaeh](https://github.com/mastodon/mastodon/pull/13059))
## [3.1.0] - 2020-02-09 ## [3.1.0] - 2020-02-09
### Added ### Added
- Add bookmarks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/7107), [Gargron](https://github.com/mastodon/mastodon/pull/12494), [Gomasy](https://github.com/mastodon/mastodon/pull/12381)) - Add bookmarks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/7107), [Gargron](https://github.com/mastodon/mastodon/pull/12494), [Gomasy](https://github.com/mastodon/mastodon/pull/12381))
@ -1753,6 +1775,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix settings pages being cacheable by the browser ([Gargron](https://github.com/mastodon/mastodon/pull/12714)) - Fix settings pages being cacheable by the browser ([Gargron](https://github.com/mastodon/mastodon/pull/12714))
## [3.0.1] - 2019-10-10 ## [3.0.1] - 2019-10-10
### Added ### Added
- Add `tootctl media usage` command ([Gargron](https://github.com/mastodon/mastodon/pull/12115)) - Add `tootctl media usage` command ([Gargron](https://github.com/mastodon/mastodon/pull/12115))
@ -1786,6 +1809,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix `tootctl accounts cull` advertising unused option flag ([Kjwon15](https://github.com/mastodon/mastodon/pull/12074)) - Fix `tootctl accounts cull` advertising unused option flag ([Kjwon15](https://github.com/mastodon/mastodon/pull/12074))
## [3.0.0] - 2019-10-03 ## [3.0.0] - 2019-10-03
### Added ### Added
- Add "not available" label to unloaded media attachments in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/11715), [Gargron](https://github.com/mastodon/mastodon/pull/11745)) - Add "not available" label to unloaded media attachments in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/11715), [Gargron](https://github.com/mastodon/mastodon/pull/11745))
@ -1982,6 +2006,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix performance of GIF re-encoding and always strip EXIF data from videos ([Gargron](https://github.com/mastodon/mastodon/pull/12057)) - Fix performance of GIF re-encoding and always strip EXIF data from videos ([Gargron](https://github.com/mastodon/mastodon/pull/12057))
## [2.9.3] - 2019-08-10 ## [2.9.3] - 2019-08-10
### Added ### Added
- Add GIF and WebP support for custom emojis ([Gargron](https://github.com/mastodon/mastodon/pull/11519)) - Add GIF and WebP support for custom emojis ([Gargron](https://github.com/mastodon/mastodon/pull/11519))
@ -2041,6 +2066,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix blocked domains still being able to fill database with account records ([Gargron](https://github.com/mastodon/mastodon/pull/11219)) - Fix blocked domains still being able to fill database with account records ([Gargron](https://github.com/mastodon/mastodon/pull/11219))
## [2.9.2] - 2019-06-22 ## [2.9.2] - 2019-06-22
### Added ### Added
- Add `short_description` and `approval_required` to `GET /api/v1/instance` ([Gargron](https://github.com/mastodon/mastodon/pull/11146)) - Add `short_description` and `approval_required` to `GET /api/v1/instance` ([Gargron](https://github.com/mastodon/mastodon/pull/11146))
@ -2055,6 +2081,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix audio not being downloaded from remote servers ([Gargron](https://github.com/mastodon/mastodon/pull/11145)) - Fix audio not being downloaded from remote servers ([Gargron](https://github.com/mastodon/mastodon/pull/11145))
## [2.9.1] - 2019-06-22 ## [2.9.1] - 2019-06-22
### Added ### Added
- Add moderation API ([Gargron](https://github.com/mastodon/mastodon/pull/9387)) - Add moderation API ([Gargron](https://github.com/mastodon/mastodon/pull/9387))
@ -2080,6 +2107,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix scrolling behaviour in compose form ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/11093)) - Fix scrolling behaviour in compose form ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/11093))
## [2.9.0] - 2019-06-13 ## [2.9.0] - 2019-06-13
### Added ### Added
- **Add single-column mode in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/10807), [Gargron](https://github.com/mastodon/mastodon/pull/10848), [Gargron](https://github.com/mastodon/mastodon/pull/11003), [Gargron](https://github.com/mastodon/mastodon/pull/10961), [Hanage999](https://github.com/mastodon/mastodon/pull/10915), [noellabo](https://github.com/mastodon/mastodon/pull/10917), [abcang](https://github.com/mastodon/mastodon/pull/10859), [Gargron](https://github.com/mastodon/mastodon/pull/10820), [Gargron](https://github.com/mastodon/mastodon/pull/10835), [Gargron](https://github.com/mastodon/mastodon/pull/10809), [Gargron](https://github.com/mastodon/mastodon/pull/10963), [noellabo](https://github.com/mastodon/mastodon/pull/10883), [Hanage999](https://github.com/mastodon/mastodon/pull/10839)) - **Add single-column mode in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/10807), [Gargron](https://github.com/mastodon/mastodon/pull/10848), [Gargron](https://github.com/mastodon/mastodon/pull/11003), [Gargron](https://github.com/mastodon/mastodon/pull/10961), [Hanage999](https://github.com/mastodon/mastodon/pull/10915), [noellabo](https://github.com/mastodon/mastodon/pull/10917), [abcang](https://github.com/mastodon/mastodon/pull/10859), [Gargron](https://github.com/mastodon/mastodon/pull/10820), [Gargron](https://github.com/mastodon/mastodon/pull/10835), [Gargron](https://github.com/mastodon/mastodon/pull/10809), [Gargron](https://github.com/mastodon/mastodon/pull/10963), [noellabo](https://github.com/mastodon/mastodon/pull/10883), [Hanage999](https://github.com/mastodon/mastodon/pull/10839))
@ -2134,6 +2162,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix login sometimes redirecting to paths that are not pages ([Gargron](https://github.com/mastodon/mastodon/pull/11019)) - Fix login sometimes redirecting to paths that are not pages ([Gargron](https://github.com/mastodon/mastodon/pull/11019))
## [2.8.4] - 2019-05-24 ## [2.8.4] - 2019-05-24
### Fixed ### Fixed
- Fix delivery not retrying on some inbox errors that should be retriable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10812)) - Fix delivery not retrying on some inbox errors that should be retriable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10812))
@ -2145,6 +2174,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Require specific OAuth scopes for specific endpoints of the streaming API, instead of merely requiring a token for all endpoints, and allow using WebSockets protocol negotiation to specify the access token instead of using a query string ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10818)) - Require specific OAuth scopes for specific endpoints of the streaming API, instead of merely requiring a token for all endpoints, and allow using WebSockets protocol negotiation to specify the access token instead of using a query string ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10818))
## [2.8.3] - 2019-05-19 ## [2.8.3] - 2019-05-19
### Added ### Added
- Add `og:image:alt` OpenGraph tag ([BenLubar](https://github.com/mastodon/mastodon/pull/10779)) - Add `og:image:alt` OpenGraph tag ([BenLubar](https://github.com/mastodon/mastodon/pull/10779))
@ -2167,6 +2197,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix "invited by" not showing up in admin UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10791)) - Fix "invited by" not showing up in admin UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10791))
## [2.8.2] - 2019-05-05 ## [2.8.2] - 2019-05-05
### Added ### Added
- Add `SOURCE_TAG` environment variable ([ushitora-anqou](https://github.com/mastodon/mastodon/pull/10698)) - Add `SOURCE_TAG` environment variable ([ushitora-anqou](https://github.com/mastodon/mastodon/pull/10698))
@ -2179,6 +2210,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix closing video modal scrolling timelines to top ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10695)) - Fix closing video modal scrolling timelines to top ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10695))
## [2.8.1] - 2019-05-04 ## [2.8.1] - 2019-05-04
### Added ### Added
- Add link to existing domain block when trying to block an already-blocked domain ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10663)) - Add link to existing domain block when trying to block an already-blocked domain ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10663))
@ -2218,6 +2250,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix confirmation modals being too narrow for a secondary action button ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10586)) - Fix confirmation modals being too narrow for a secondary action button ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10586))
## [2.8.0] - 2019-04-10 ## [2.8.0] - 2019-04-10
### Added ### Added
- Add polls ([Gargron](https://github.com/mastodon/mastodon/pull/10111), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10155), [Gargron](https://github.com/mastodon/mastodon/pull/10184), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10196), [Gargron](https://github.com/mastodon/mastodon/pull/10248), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10255), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10322), [Gargron](https://github.com/mastodon/mastodon/pull/10138), [Gargron](https://github.com/mastodon/mastodon/pull/10139), [Gargron](https://github.com/mastodon/mastodon/pull/10144), [Gargron](https://github.com/mastodon/mastodon/pull/10145),[Gargron](https://github.com/mastodon/mastodon/pull/10146), [Gargron](https://github.com/mastodon/mastodon/pull/10148), [Gargron](https://github.com/mastodon/mastodon/pull/10151), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10150), [Gargron](https://github.com/mastodon/mastodon/pull/10168), [Gargron](https://github.com/mastodon/mastodon/pull/10165), [Gargron](https://github.com/mastodon/mastodon/pull/10172), [Gargron](https://github.com/mastodon/mastodon/pull/10170), [Gargron](https://github.com/mastodon/mastodon/pull/10171), [Gargron](https://github.com/mastodon/mastodon/pull/10186), [Gargron](https://github.com/mastodon/mastodon/pull/10189), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10200), [rinsuki](https://github.com/mastodon/mastodon/pull/10203), [Gargron](https://github.com/mastodon/mastodon/pull/10213), [Gargron](https://github.com/mastodon/mastodon/pull/10246), [Gargron](https://github.com/mastodon/mastodon/pull/10265), [Gargron](https://github.com/mastodon/mastodon/pull/10261), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10333), [Gargron](https://github.com/mastodon/mastodon/pull/10352), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10140), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10142), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10141), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10162), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10161), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10158), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10156), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10160), [Gargron](https://github.com/mastodon/mastodon/pull/10185), [Gargron](https://github.com/mastodon/mastodon/pull/10188), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10195), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10208), [Gargron](https://github.com/mastodon/mastodon/pull/10187), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10214), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10209)) - Add polls ([Gargron](https://github.com/mastodon/mastodon/pull/10111), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10155), [Gargron](https://github.com/mastodon/mastodon/pull/10184), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10196), [Gargron](https://github.com/mastodon/mastodon/pull/10248), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10255), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10322), [Gargron](https://github.com/mastodon/mastodon/pull/10138), [Gargron](https://github.com/mastodon/mastodon/pull/10139), [Gargron](https://github.com/mastodon/mastodon/pull/10144), [Gargron](https://github.com/mastodon/mastodon/pull/10145),[Gargron](https://github.com/mastodon/mastodon/pull/10146), [Gargron](https://github.com/mastodon/mastodon/pull/10148), [Gargron](https://github.com/mastodon/mastodon/pull/10151), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10150), [Gargron](https://github.com/mastodon/mastodon/pull/10168), [Gargron](https://github.com/mastodon/mastodon/pull/10165), [Gargron](https://github.com/mastodon/mastodon/pull/10172), [Gargron](https://github.com/mastodon/mastodon/pull/10170), [Gargron](https://github.com/mastodon/mastodon/pull/10171), [Gargron](https://github.com/mastodon/mastodon/pull/10186), [Gargron](https://github.com/mastodon/mastodon/pull/10189), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10200), [rinsuki](https://github.com/mastodon/mastodon/pull/10203), [Gargron](https://github.com/mastodon/mastodon/pull/10213), [Gargron](https://github.com/mastodon/mastodon/pull/10246), [Gargron](https://github.com/mastodon/mastodon/pull/10265), [Gargron](https://github.com/mastodon/mastodon/pull/10261), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10333), [Gargron](https://github.com/mastodon/mastodon/pull/10352), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10140), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10142), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10141), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10162), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10161), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10158), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10156), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10160), [Gargron](https://github.com/mastodon/mastodon/pull/10185), [Gargron](https://github.com/mastodon/mastodon/pull/10188), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10195), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10208), [Gargron](https://github.com/mastodon/mastodon/pull/10187), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10214), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/10209))
@ -2301,6 +2334,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix `tootctl accounts cull` sometimes removing accounts that are temporarily unreachable ([BenLubar](https://github.com/mastodon/mastodon/pull/10460)) - Fix `tootctl accounts cull` sometimes removing accounts that are temporarily unreachable ([BenLubar](https://github.com/mastodon/mastodon/pull/10460))
## [2.7.4] - 2019-03-05 ## [2.7.4] - 2019-03-05
### Fixed ### Fixed
- Fix web UI not cleaning up notifications after block ([Gargron](https://github.com/mastodon/mastodon/pull/10108)) - Fix web UI not cleaning up notifications after block ([Gargron](https://github.com/mastodon/mastodon/pull/10108))
@ -2315,6 +2349,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix edit profile page crash for suspended-then-unsuspended users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10178)) - Fix edit profile page crash for suspended-then-unsuspended users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10178))
## [2.7.3] - 2019-02-23 ## [2.7.3] - 2019-02-23
### Added ### Added
- Add domain filter to the admin federation page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10071)) - Add domain filter to the admin federation page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/10071))
@ -2332,6 +2367,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Change custom emojis to randomize stored file name ([hinaloe](https://github.com/mastodon/mastodon/pull/10090)) - Change custom emojis to randomize stored file name ([hinaloe](https://github.com/mastodon/mastodon/pull/10090))
## [2.7.2] - 2019-02-17 ## [2.7.2] - 2019-02-17
### Added ### Added
- Add support for IPv6 in e-mail validation ([zoc](https://github.com/mastodon/mastodon/pull/10009)) - Add support for IPv6 in e-mail validation ([zoc](https://github.com/mastodon/mastodon/pull/10009))
@ -2373,6 +2409,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Change error graphic to hover-to-play ([Gargron](https://github.com/mastodon/mastodon/pull/10055)) - Change error graphic to hover-to-play ([Gargron](https://github.com/mastodon/mastodon/pull/10055))
## [2.7.1] - 2019-01-28 ## [2.7.1] - 2019-01-28
### Fixed ### Fixed
- Fix SSO authentication not working due to missing agreement boolean ([Gargron](https://github.com/mastodon/mastodon/pull/9915)) - Fix SSO authentication not working due to missing agreement boolean ([Gargron](https://github.com/mastodon/mastodon/pull/9915))
@ -2387,6 +2424,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix missing strong style for landing page description ([Kjwon15](https://github.com/mastodon/mastodon/pull/9892)) - Fix missing strong style for landing page description ([Kjwon15](https://github.com/mastodon/mastodon/pull/9892))
## [2.7.0] - 2019-01-20 ## [2.7.0] - 2019-01-20
### Added ### Added
- Add link for adding a user to a list from their profile ([namelessGonbai](https://github.com/mastodon/mastodon/pull/9062)) - Add link for adding a user to a list from their profile ([namelessGonbai](https://github.com/mastodon/mastodon/pull/9062))
@ -2516,6 +2554,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Add tombstones for remote statuses to prevent replay attacks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9830)) - Add tombstones for remote statuses to prevent replay attacks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9830))
## [2.6.5] - 2018-12-01 ## [2.6.5] - 2018-12-01
### Changed ### Changed
- Change lists to display replies to others on the list and list owner ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9324)) - Change lists to display replies to others on the list and list owner ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9324))
@ -2525,11 +2564,13 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix failures caused by commonly-used JSON-LD contexts being unavailable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9412)) - Fix failures caused by commonly-used JSON-LD contexts being unavailable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9412))
## [2.6.4] - 2018-11-30 ## [2.6.4] - 2018-11-30
### Fixed ### Fixed
- Fix yarn dependencies not installing due to yanked event-stream package ([Gargron](https://github.com/mastodon/mastodon/pull/9401)) - Fix yarn dependencies not installing due to yanked event-stream package ([Gargron](https://github.com/mastodon/mastodon/pull/9401))
## [2.6.3] - 2018-11-30 ## [2.6.3] - 2018-11-30
### Added ### Added
- Add hyphen to characters allowed in remote usernames ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9345)) - Add hyphen to characters allowed in remote usernames ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9345))
@ -2549,6 +2590,7 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix TLS handshake timeout not being enforced ([Gargron](https://github.com/mastodon/mastodon/pull/9381)) - Fix TLS handshake timeout not being enforced ([Gargron](https://github.com/mastodon/mastodon/pull/9381))
## [2.6.2] - 2018-11-23 ## [2.6.2] - 2018-11-23
### Added ### Added
- Add Page to whitelisted ActivityPub types ([mbajur](https://github.com/mastodon/mastodon/pull/9188)) - Add Page to whitelisted ActivityPub types ([mbajur](https://github.com/mastodon/mastodon/pull/9188))
@ -2583,12 +2625,14 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix HTTP connection timeout of 10s not being enforced ([Gargron](https://github.com/mastodon/mastodon/pull/9329)) - Fix HTTP connection timeout of 10s not being enforced ([Gargron](https://github.com/mastodon/mastodon/pull/9329))
## [2.6.1] - 2018-10-30 ## [2.6.1] - 2018-10-30
### Fixed ### Fixed
- Fix resolving resources by URL not working due to a regression in [valerauko](https://github.com/mastodon/mastodon/pull/9132) ([Gargron](https://github.com/mastodon/mastodon/pull/9171)) - Fix resolving resources by URL not working due to a regression in [valerauko](https://github.com/mastodon/mastodon/pull/9132) ([Gargron](https://github.com/mastodon/mastodon/pull/9171))
- Fix reducer error in web UI when a conversation has no last status ([Gargron](https://github.com/mastodon/mastodon/pull/9173)) - Fix reducer error in web UI when a conversation has no last status ([Gargron](https://github.com/mastodon/mastodon/pull/9173))
## [2.6.0] - 2018-10-30 ## [2.6.0] - 2018-10-30
### Added ### Added
- Add link ownership verification ([Gargron](https://github.com/mastodon/mastodon/pull/8703)) - Add link ownership verification ([Gargron](https://github.com/mastodon/mastodon/pull/8703))
@ -2693,11 +2737,13 @@ Some of the features in this release have been funded through the [NGI0 Discover
- Fix handling of content types with profile ([valerauko](https://github.com/mastodon/mastodon/pull/9132)) - Fix handling of content types with profile ([valerauko](https://github.com/mastodon/mastodon/pull/9132))
## [2.5.2] - 2018-10-12 ## [2.5.2] - 2018-10-12
### Security ### Security
- Fix XSS vulnerability ([Gargron](https://github.com/mastodon/mastodon/pull/8959)) - Fix XSS vulnerability ([Gargron](https://github.com/mastodon/mastodon/pull/8959))
## [2.5.1] - 2018-10-07 ## [2.5.1] - 2018-10-07
### Fixed ### Fixed
- Fix database migrations for PostgreSQL below 9.5 ([Gargron](https://github.com/mastodon/mastodon/pull/8903)) - Fix database migrations for PostgreSQL below 9.5 ([Gargron](https://github.com/mastodon/mastodon/pull/8903))

@ -8,19 +8,19 @@ In the interest of fostering an open and welcoming environment, we as contributo
Examples of behavior that contributes to creating a positive environment include: Examples of behavior that contributes to creating a positive environment include:
* Using welcoming and inclusive language - Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences - Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism - Gracefully accepting constructive criticism
* Focusing on what is best for the community - Focusing on what is best for the community
* Showing empathy towards other community members - Showing empathy towards other community members
Examples of unacceptable behavior by participants include: Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or advances - The use of sexualized language or imagery and unwelcome sexual attention or advances
* Trolling, insulting/derogatory comments, and personal or political attacks - Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment - Public or private harassment
* Publishing others' private information, such as a physical or electronic address, without explicit permission - Publishing others' private information, such as a physical or electronic address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a professional setting - Other conduct which could reasonably be considered inappropriate in a professional setting
## Our Responsibilities ## Our Responsibilities

@ -37,9 +37,7 @@ You should also try to follow the guidelines set out in the original `CONTRIBUTI
<blockquote> <blockquote>
CONTRIBUTING # Contributing
=======
Contributing
Thank you for considering contributing to Mastodon 🐘 Thank you for considering contributing to Mastodon 🐘
@ -68,9 +66,9 @@ You can submit translations via [Crowdin](https://crowdin.com/project/mastodon).
Example: Example:
|Not ideal|Better| | Not ideal | Better |
|---|----| | ------------------------------------ | ------------------------------------------------------------- |
|Fixed NoMethodError in RemovalWorker|Fix nil error when removing statuses caused by race condition| | Fixed NoMethodError in RemovalWorker | Fix nil error when removing statuses caused by race condition |
It is not always possible to phrase every change in such a manner, but it is desired. It is not always possible to phrase every change in such a manner, but it is desired.

@ -1,4 +1,5 @@
# frozen_string_literal: true # frozen_string_literal: true
require 'capistrano/setup' require 'capistrano/setup'
require 'capistrano/deploy' require 'capistrano/deploy'
require 'capistrano/scm/git' require 'capistrano/scm/git'

@ -1,8 +1,8 @@
# syntax=docker/dockerfile:1.4 # syntax=docker/dockerfile:1.4
# This needs to be bullseye-slim because the Ruby image is built on bullseye-slim # This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
ARG NODE_VERSION="16.18.1-bullseye-slim" ARG NODE_VERSION="16.19-bullseye-slim"
FROM ghcr.io/moritzheiber/ruby-jemalloc:3.0.4-slim as ruby FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.1-slim as ruby
FROM node:${NODE_VERSION} as build FROM node:${NODE_VERSION} as build
COPY --link --from=ruby /opt/ruby /opt/ruby COPY --link --from=ruby /opt/ruby /opt/ruby
@ -37,7 +37,8 @@ RUN apt-get update && \
bundle config set --local without 'development test' && \ bundle config set --local without 'development test' && \
bundle config set silence_root_warning true && \ bundle config set silence_root_warning true && \
bundle install -j"$(nproc)" && \ bundle install -j"$(nproc)" && \
yarn install --pure-lockfile --network-timeout 600000 yarn install --pure-lockfile --network-timeout 600000 && \
yarn cache clean
FROM node:${NODE_VERSION} FROM node:${NODE_VERSION}
@ -91,8 +92,7 @@ USER mastodon
WORKDIR /opt/mastodon WORKDIR /opt/mastodon
# Precompile assets # Precompile assets
RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \ RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile
yarn cache clean
# Set the work dir and the container entry point # Set the work dir and the container entry point
ENTRYPOINT ["/usr/bin/tini", "--"] ENTRYPOINT ["/usr/bin/tini", "--"]

@ -1,7 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
source 'https://rubygems.org' source 'https://rubygems.org'
ruby '>= 2.7.0', '< 3.1.0' ruby '>= 2.7.0', '< 3.3.0'
gem 'pkg-config', '~> 1.5' gem 'pkg-config', '~> 1.5'
gem 'rexml', '~> 3.2' gem 'rexml', '~> 3.2'
@ -12,7 +12,7 @@ gem 'sprockets', '~> 3.7.2'
gem 'thor', '~> 1.2' gem 'thor', '~> 1.2'
gem 'rack', '~> 2.2.6' gem 'rack', '~> 2.2.6'
gem 'hamlit-rails', '~> 0.2' gem 'haml-rails', '~>2.0'
gem 'pg', '~> 1.4' gem 'pg', '~> 1.4'
gem 'makara', '~> 0.5' gem 'makara', '~> 0.5'
gem 'pghero' gem 'pghero'
@ -21,7 +21,7 @@ gem 'dotenv-rails', '~> 2.8'
gem 'aws-sdk-s3', '~> 1.119', require: false gem 'aws-sdk-s3', '~> 1.119', require: false
gem 'fog-core', '<= 2.4.0' gem 'fog-core', '<= 2.4.0'
gem 'fog-openstack', '~> 0.3', require: false gem 'fog-openstack', '~> 0.3', require: false
gem 'kt-paperclip', '~> 7.1' gem 'kt-paperclip', '~> 7.1', github: 'kreeti/kt-paperclip', ref: '11abf222dc31bff71160a1d138b445214f434b2b'
gem 'blurhash', '~> 0.1' gem 'blurhash', '~> 0.1'
gem 'active_model_serializers', '~> 0.10' gem 'active_model_serializers', '~> 0.10'
@ -30,7 +30,7 @@ gem 'bootsnap', '~> 1.16.0', require: false
gem 'browser' gem 'browser'
gem 'charlock_holmes', '~> 0.7.7' gem 'charlock_holmes', '~> 0.7.7'
gem 'chewy', '~> 7.2' gem 'chewy', '~> 7.2'
gem 'devise', '~> 4.8' gem 'devise', '~> 4.9'
gem 'devise-two-factor', '~> 4.0' gem 'devise-two-factor', '~> 4.0'
group :pam_authentication, optional: true do group :pam_authentication, optional: true do
@ -40,7 +40,7 @@ end
gem 'net-ldap', '~> 0.17' gem 'net-ldap', '~> 0.17'
gem 'omniauth-cas', '~> 2.0' gem 'omniauth-cas', '~> 2.0'
gem 'omniauth-saml', '~> 1.10' gem 'omniauth-saml', '~> 1.10'
gem 'gitlab-omniauth-openid-connect', '~>0.10.1', require: 'omniauth_openid_connect' gem 'omniauth_openid_connect', '~> 0.6.0'
gem 'omniauth', '~> 1.9' gem 'omniauth', '~> 1.9'
gem 'omniauth-rails_csrf_protection', '~> 0.1' gem 'omniauth-rails_csrf_protection', '~> 0.1'
@ -62,7 +62,7 @@ gem 'link_header', '~> 0.0'
gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar' gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar'
gem 'nokogiri', '~> 1.14' gem 'nokogiri', '~> 1.14'
gem 'nsa', '~> 0.2' gem 'nsa', '~> 0.2'
gem 'oj', '~> 3.13' gem 'oj', '~> 3.14'
gem 'ox', '~> 2.14' gem 'ox', '~> 2.14'
gem 'parslet' gem 'parslet'
gem 'posix-spawn' gem 'posix-spawn'
@ -72,7 +72,7 @@ gem 'premailer-rails'
gem 'rack-attack', '~> 6.6' gem 'rack-attack', '~> 6.6'
gem 'rack-cors', '~> 1.1', require: 'rack/cors' gem 'rack-cors', '~> 1.1', require: 'rack/cors'
gem 'rails-i18n', '~> 6.0' gem 'rails-i18n', '~> 6.0'
gem 'rails-settings-cached', '~> 0.6' gem 'rails-settings-cached', '~> 0.6', git: 'https://github.com/mastodon/rails-settings-cached.git', branch: 'v0.6.6-aliases-true'
gem 'redcarpet', '~> 3.6' gem 'redcarpet', '~> 3.6'
gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis'] gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock' gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
@ -81,7 +81,7 @@ gem 'ruby-progressbar', '~> 1.11'
gem 'sanitize', '~> 6.0' gem 'sanitize', '~> 6.0'
gem 'scenic', '~> 1.7' gem 'scenic', '~> 1.7'
gem 'sidekiq', '~> 6.5' gem 'sidekiq', '~> 6.5'
gem 'sidekiq-scheduler', '~> 4.0' gem 'sidekiq-scheduler', '~> 5.0'
gem 'sidekiq-unique-jobs', '~> 7.1' gem 'sidekiq-unique-jobs', '~> 7.1'
gem 'sidekiq-bulk', '~> 0.2.0' gem 'sidekiq-bulk', '~> 0.2.0'
gem 'simple-navigation', '~> 4.4' gem 'simple-navigation', '~> 4.4'
@ -94,7 +94,7 @@ gem 'twitter-text', '~> 3.1.0'
gem 'tzinfo-data', '~> 1.2022' gem 'tzinfo-data', '~> 1.2022'
gem 'webpacker', '~> 5.4' gem 'webpacker', '~> 5.4'
gem 'webpush', github: 'ClearlyClaire/webpush', ref: 'f14a4d52e201128b1b00245d11b6de80d6cfdcd9' gem 'webpush', github: 'ClearlyClaire/webpush', ref: 'f14a4d52e201128b1b00245d11b6de80d6cfdcd9'
gem 'webauthn', '~> 2.5' gem 'webauthn', '~> 3.0'
gem 'json-ld' gem 'json-ld'
gem 'json-ld-preloaded', '~> 3.2' gem 'json-ld-preloaded', '~> 3.2'
@ -122,7 +122,7 @@ group :test do
gem 'climate_control', '~> 0.2' gem 'climate_control', '~> 0.2'
gem 'faker', '~> 3.1' gem 'faker', '~> 3.1'
gem 'json-schema', '~> 3.0' gem 'json-schema', '~> 3.0'
gem 'rack-test', '~> 2.0' gem 'rack-test', '~> 2.0'
gem 'rails-controller-testing', '~> 1.0' gem 'rails-controller-testing', '~> 1.0'
gem 'rspec_junit_formatter', '~> 0.6' gem 'rspec_junit_formatter', '~> 0.6'
gem 'rspec-sidekiq', '~> 3.1' gem 'rspec-sidekiq', '~> 3.1'
@ -160,3 +160,5 @@ gem 'xorcist', '~> 1.1'
gem 'hcaptcha', '~> 7.1' gem 'hcaptcha', '~> 7.1'
gem 'cocoon', '~> 1.2' gem 'cocoon', '~> 1.2'
gem 'net-http', '~> 0.3.2'

@ -7,6 +7,26 @@ GIT
hkdf (~> 0.2) hkdf (~> 0.2)
jwt (~> 2.0) jwt (~> 2.0)
GIT
remote: https://github.com/kreeti/kt-paperclip.git
revision: 11abf222dc31bff71160a1d138b445214f434b2b
ref: 11abf222dc31bff71160a1d138b445214f434b2b
specs:
kt-paperclip (7.1.1)
activemodel (>= 4.2.0)
activesupport (>= 4.2.0)
marcel (~> 1.0.1)
mime-types
terrapin (~> 0.6.0)
GIT
remote: https://github.com/mastodon/rails-settings-cached.git
revision: 86328ef0bd04ce21cc0504ff5e334591e8c2ccab
branch: v0.6.6-aliases-true
specs:
rails-settings-cached (0.6.6)
rails (>= 4.2.0)
GEM GEM
remote: https://rubygems.org/ remote: https://rubygems.org/
specs: specs:
@ -90,7 +110,7 @@ GEM
attr_required (1.0.1) attr_required (1.0.1)
awrence (1.2.1) awrence (1.2.1)
aws-eventstream (1.2.0) aws-eventstream (1.2.0)
aws-partitions (1.701.0) aws-partitions (1.711.0)
aws-sdk-core (3.170.0) aws-sdk-core (3.170.0)
aws-eventstream (~> 1, >= 1.0.2) aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.651.0) aws-partitions (~> 1, >= 1.651.0)
@ -99,13 +119,13 @@ GEM
aws-sdk-kms (1.62.0) aws-sdk-kms (1.62.0)
aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-core (~> 3, >= 3.165.0)
aws-sigv4 (~> 1.1) aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.119.0) aws-sdk-s3 (1.119.1)
aws-sdk-core (~> 3, >= 3.165.0) aws-sdk-core (~> 3, >= 3.165.0)
aws-sdk-kms (~> 1) aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4) aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2) aws-sigv4 (1.5.2)
aws-eventstream (~> 1, >= 1.0.2) aws-eventstream (~> 1, >= 1.0.2)
bcrypt (3.1.17) bcrypt (3.1.18)
better_errors (2.9.1) better_errors (2.9.1)
coderay (>= 1.0.0) coderay (>= 1.0.0)
erubi (>= 1.0.0) erubi (>= 1.0.0)
@ -117,11 +137,10 @@ GEM
erubi (~> 1.4) erubi (~> 1.4)
parser (>= 2.4) parser (>= 2.4)
smart_properties smart_properties
bindata (2.4.14) bindata (2.4.15)
binding_of_caller (1.0.0) binding_of_caller (1.0.0)
debug_inspector (>= 0.0.1) debug_inspector (>= 0.0.1)
blurhash (0.1.6) blurhash (0.1.7)
ffi (~> 1.14)
bootsnap (1.16.0) bootsnap (1.16.0)
msgpack (~> 1.2) msgpack (~> 1.2)
brakeman (5.4.0) brakeman (5.4.0)
@ -137,7 +156,7 @@ GEM
bundler (>= 1.2.0, < 3) bundler (>= 1.2.0, < 3)
thor (~> 1.0) thor (~> 1.0)
byebug (11.1.3) byebug (11.1.3)
capistrano (3.17.1) capistrano (3.17.2)
airbrussh (>= 1.0.0) airbrussh (>= 1.0.0)
i18n i18n
rake (>= 10.0.0) rake (>= 10.0.0)
@ -165,7 +184,7 @@ GEM
activesupport activesupport
cbor (0.5.9.6) cbor (0.5.9.6)
charlock_holmes (0.7.7) charlock_holmes (0.7.7)
chewy (7.2.4) chewy (7.2.7)
activesupport (>= 5.2) activesupport (>= 5.2)
elasticsearch (>= 7.12.0, < 7.14.0) elasticsearch (>= 7.12.0, < 7.14.0)
elasticsearch-dsl elasticsearch-dsl
@ -176,7 +195,7 @@ GEM
color_diff (0.1) color_diff (0.1)
concurrent-ruby (1.2.0) concurrent-ruby (1.2.0)
connection_pool (2.3.0) connection_pool (2.3.0)
cose (1.2.1) cose (1.3.0)
cbor (~> 0.5.9) cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0) openssl-signature_algorithm (~> 1.0)
crack (0.4.5) crack (0.4.5)
@ -186,7 +205,7 @@ GEM
addressable addressable
date (3.3.3) date (3.3.3)
debug_inspector (1.0.0) debug_inspector (1.0.0)
devise (4.8.1) devise (4.9.0)
bcrypt (~> 3.0) bcrypt (~> 3.0)
orm_adapter (~> 0.1) orm_adapter (~> 0.1)
railties (>= 4.1.0) railties (>= 4.1.0)
@ -231,7 +250,7 @@ GEM
fabrication (2.30.0) fabrication (2.30.0)
faker (3.1.1) faker (3.1.1)
i18n (>= 1.8.11, < 2) i18n (>= 1.8.11, < 2)
faraday (1.9.3) faraday (1.10.3)
faraday-em_http (~> 1.0) faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0) faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1) faraday-excon (~> 1.1)
@ -247,8 +266,8 @@ GEM
faraday-em_synchrony (1.0.0) faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0) faraday-excon (1.1.0)
faraday-httpclient (1.0.1) faraday-httpclient (1.0.1)
faraday-multipart (1.0.3) faraday-multipart (1.0.4)
multipart-post (>= 1.2, < 3) multipart-post (~> 2)
faraday-net_http (1.0.1) faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0) faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0) faraday-patron (1.0.0)
@ -273,27 +292,23 @@ GEM
fog-json (>= 1.0) fog-json (>= 1.0)
ipaddress (>= 0.8) ipaddress (>= 0.8)
formatador (0.3.0) formatador (0.3.0)
fugit (1.7.1) fugit (1.8.1)
et-orbi (~> 1, >= 1.2.7) et-orbi (~> 1, >= 1.2.7)
raabro (~> 1.4) raabro (~> 1.4)
fuubar (2.5.1) fuubar (2.5.1)
rspec-core (~> 3.0) rspec-core (~> 3.0)
ruby-progressbar (~> 1.4) ruby-progressbar (~> 1.4)
gitlab-omniauth-openid-connect (0.10.1)
addressable (~> 2.7)
omniauth (>= 1.9, < 3)
openid_connect (~> 1.2)
globalid (1.1.0) globalid (1.1.0)
activesupport (>= 5.0) activesupport (>= 5.0)
hamlit (2.13.0) haml (6.1.1)
temple (>= 0.8.2) temple (>= 0.8.2)
thor thor
tilt tilt
hamlit-rails (0.2.3) haml-rails (2.1.0)
actionpack (>= 4.0.1) actionpack (>= 5.1)
activesupport (>= 4.0.1) activesupport (>= 5.1)
hamlit (>= 1.2.0) haml (>= 4.0.6)
railties (>= 4.0.1) railties (>= 5.1)
hashdiff (1.0.1) hashdiff (1.0.1)
hashie (5.0.0) hashie (5.0.0)
hcaptcha (7.1.0) hcaptcha (7.1.0)
@ -351,7 +366,7 @@ GEM
json-schema (3.0.0) json-schema (3.0.0)
addressable (>= 2.8) addressable (>= 2.8)
jsonapi-renderer (0.2.2) jsonapi-renderer (0.2.2)
jwt (2.5.0) jwt (2.7.0)
kaminari (1.2.2) kaminari (1.2.2)
activesupport (>= 4.1.0) activesupport (>= 4.1.0)
kaminari-actionview (= 1.2.2) kaminari-actionview (= 1.2.2)
@ -364,12 +379,6 @@ GEM
activerecord activerecord
kaminari-core (= 1.2.2) kaminari-core (= 1.2.2)
kaminari-core (1.2.2) kaminari-core (1.2.2)
kt-paperclip (7.1.1)
activemodel (>= 4.2.0)
activesupport (>= 4.2.0)
marcel (~> 1.0.1)
mime-types
terrapin (~> 0.6.0)
launchy (2.5.0) launchy (2.5.0)
addressable (~> 2.7) addressable (~> 2.7)
letter_opener (1.8.1) letter_opener (1.8.1)
@ -412,7 +421,9 @@ GEM
minitest (5.17.0) minitest (5.17.0)
msgpack (1.6.0) msgpack (1.6.0)
multi_json (1.15.0) multi_json (1.15.0)
multipart-post (2.1.1) multipart-post (2.3.0)
net-http (0.3.2)
uri
net-imap (0.3.4) net-imap (0.3.4)
date date
net-protocol net-protocol
@ -421,13 +432,13 @@ GEM
net-protocol net-protocol
net-protocol (0.2.1) net-protocol (0.2.1)
timeout timeout
net-scp (4.0.0.rc1) net-scp (4.0.0)
net-ssh (>= 2.6.5, < 8.0.0) net-ssh (>= 2.6.5, < 8.0.0)
net-smtp (0.3.3) net-smtp (0.3.3)
net-protocol net-protocol
net-ssh (7.0.1) net-ssh (7.0.1)
nio4r (2.5.8) nio4r (2.5.8)
nokogiri (1.14.1) nokogiri (1.14.2)
mini_portile2 (~> 2.8.0) mini_portile2 (~> 2.8.0)
racc (~> 1.4) racc (~> 1.4)
nsa (0.2.8) nsa (0.2.8)
@ -435,7 +446,7 @@ GEM
concurrent-ruby (~> 1.0, >= 1.0.2) concurrent-ruby (~> 1.0, >= 1.0.2)
sidekiq (>= 3.5) sidekiq (>= 3.5)
statsd-ruby (~> 1.4, >= 1.4.0) statsd-ruby (~> 1.4, >= 1.4.0)
oj (3.13.23) oj (3.14.2)
omniauth (1.9.2) omniauth (1.9.2)
hashie (>= 3.4.6) hashie (>= 3.4.6)
rack (>= 1.6.2, < 3) rack (>= 1.6.2, < 3)
@ -449,6 +460,9 @@ GEM
omniauth-saml (1.10.3) omniauth-saml (1.10.3)
omniauth (~> 1.3, >= 1.3.2) omniauth (~> 1.3, >= 1.3.2)
ruby-saml (~> 1.9) ruby-saml (~> 1.9)
omniauth_openid_connect (0.6.0)
omniauth (>= 1.9, < 3)
openid_connect (~> 1.1)
openid_connect (1.4.2) openid_connect (1.4.2)
activemodel activemodel
attr_required (>= 1.0.0) attr_required (>= 1.0.0)
@ -460,13 +474,13 @@ GEM
validate_email validate_email
validate_url validate_url
webfinger (~> 1.2) webfinger (~> 1.2)
openssl (3.0.0) openssl (3.1.0)
openssl-signature_algorithm (1.2.1) openssl-signature_algorithm (1.3.0)
openssl (> 2.0, < 3.1) openssl (> 2.0)
orm_adapter (0.5.0) orm_adapter (0.5.0)
ox (2.14.14) ox (2.14.14)
parallel (1.22.1) parallel (1.22.1)
parser (3.2.0.0) parser (3.2.1.0)
ast (~> 2.4.1) ast (~> 2.4.1)
parslet (2.0.0) parslet (2.0.0)
pastel (0.8.0) pastel (0.8.0)
@ -542,8 +556,6 @@ GEM
rails-i18n (6.0.0) rails-i18n (6.0.0)
i18n (>= 0.7, < 2) i18n (>= 0.7, < 2)
railties (>= 6.0.0, < 7) railties (>= 6.0.0, < 7)
rails-settings-cached (0.6.6)
rails (>= 4.2.0)
railties (6.1.7.2) railties (6.1.7.2)
actionpack (= 6.1.7.2) actionpack (= 6.1.7.2)
activesupport (= 6.1.7.2) activesupport (= 6.1.7.2)
@ -562,12 +574,12 @@ GEM
redis (>= 4) redis (>= 4)
redlock (1.3.2) redlock (1.3.2)
redis (>= 3.0.0, < 6.0) redis (>= 3.0.0, < 6.0)
regexp_parser (2.6.2) regexp_parser (2.7.0)
request_store (1.5.1) request_store (1.5.1)
rack (>= 1.4) rack (>= 1.4)
responders (3.0.1) responders (3.1.0)
actionpack (>= 5.0) actionpack (>= 5.2)
railties (>= 5.0) railties (>= 5.2)
rexml (3.2.5) rexml (3.2.5)
rotp (6.2.0) rotp (6.2.0)
rpam2 (4.0.2) rpam2 (4.0.2)
@ -597,7 +609,7 @@ GEM
rspec-support (3.11.1) rspec-support (3.11.1)
rspec_junit_formatter (0.6.0) rspec_junit_formatter (0.6.0)
rspec-core (>= 2, < 4, != 2.12.0) rspec-core (>= 2, < 4, != 2.12.0)
rubocop (1.44.1) rubocop (1.45.1)
json (~> 2.3) json (~> 2.3)
parallel (~> 1.10) parallel (~> 1.10)
parser (>= 3.2.0.0) parser (>= 3.2.0.0)
@ -643,10 +655,9 @@ GEM
redis (>= 4.5.0, < 5) redis (>= 4.5.0, < 5)
sidekiq-bulk (0.2.0) sidekiq-bulk (0.2.0)
sidekiq sidekiq
sidekiq-scheduler (4.0.3) sidekiq-scheduler (5.0.1)
redis (>= 4.2.0)
rufus-scheduler (~> 3.2) rufus-scheduler (~> 3.2)
sidekiq (>= 4, < 7) sidekiq (>= 4, < 8)
tilt (>= 1.4.0) tilt (>= 1.4.0)
sidekiq-unique-jobs (7.1.29) sidekiq-unique-jobs (7.1.29)
brpoplpush-redis_script (> 0.1.1, <= 2.0.0) brpoplpush-redis_script (> 0.1.1, <= 2.0.0)
@ -673,7 +684,7 @@ GEM
actionpack (>= 5.2) actionpack (>= 5.2)
activesupport (>= 5.2) activesupport (>= 5.2)
sprockets (>= 3.0.0) sprockets (>= 3.0.0)
sshkit (1.21.2) sshkit (1.21.4)
net-scp (>= 1.1.2) net-scp (>= 1.1.2)
net-ssh (>= 2.8.0) net-ssh (>= 2.8.0)
stackprof (0.2.23) stackprof (0.2.23)
@ -686,7 +697,7 @@ GEM
activesupport (>= 3) activesupport (>= 3)
attr_required (>= 0.0.5) attr_required (>= 0.0.5)
httpclient (>= 2.4) httpclient (>= 2.4)
temple (0.8.2) temple (0.10.0)
terminal-table (3.0.2) terminal-table (3.0.2)
unicode-display_width (>= 1.1.1, < 3) unicode-display_width (>= 1.1.1, < 3)
terrapin (0.6.0) terrapin (0.6.0)
@ -694,9 +705,9 @@ GEM
thor (1.2.1) thor (1.2.1)
tilt (2.0.11) tilt (2.0.11)
timeout (0.3.1) timeout (0.3.1)
tpm-key_attestation (0.11.0) tpm-key_attestation (0.12.0)
bindata (~> 2.4) bindata (~> 2.4)
openssl (> 2.0, < 3.1) openssl (> 2.0)
openssl-signature_algorithm (~> 1.0) openssl-signature_algorithm (~> 1.0)
tty-color (0.6.0) tty-color (0.6.0)
tty-cursor (0.7.1) tty-cursor (0.7.1)
@ -720,6 +731,7 @@ GEM
unf_ext (0.0.8.2) unf_ext (0.0.8.2)
unicode-display_width (2.4.2) unicode-display_width (2.4.2)
uniform_notifier (1.16.0) uniform_notifier (1.16.0)
uri (0.12.0)
validate_email (0.1.6) validate_email (0.1.6)
activemodel (>= 3.0) activemodel (>= 3.0)
mail (>= 2.2.5) mail (>= 2.2.5)
@ -728,15 +740,15 @@ GEM
public_suffix public_suffix
warden (1.2.9) warden (1.2.9)
rack (>= 2.0.9) rack (>= 2.0.9)
webauthn (2.5.2) webauthn (3.0.0)
android_key_attestation (~> 0.3.0) android_key_attestation (~> 0.3.0)
awrence (~> 1.1) awrence (~> 1.1)
bindata (~> 2.4) bindata (~> 2.4)
cbor (~> 0.5.9) cbor (~> 0.5.9)
cose (~> 1.1) cose (~> 1.1)
openssl (>= 2.2, < 3.1) openssl (>= 2.2)
safety_net_attestation (~> 0.4.0) safety_net_attestation (~> 0.4.0)
tpm-key_attestation (~> 0.11.0) tpm-key_attestation (~> 0.12.0)
webfinger (1.2.0) webfinger (1.2.0)
activesupport activesupport
httpclient (>= 2.4) httpclient (>= 2.4)
@ -756,7 +768,7 @@ GEM
xorcist (1.1.3) xorcist (1.1.3)
xpath (3.2.0) xpath (3.2.0)
nokogiri (~> 1.8) nokogiri (~> 1.8)
zeitwerk (2.6.6) zeitwerk (2.6.7)
PLATFORMS PLATFORMS
ruby ruby
@ -787,7 +799,7 @@ DEPENDENCIES
color_diff (~> 0.1) color_diff (~> 0.1)
concurrent-ruby concurrent-ruby
connection_pool connection_pool
devise (~> 4.8) devise (~> 4.9)
devise-two-factor (~> 4.0) devise-two-factor (~> 4.0)
devise_pam_authenticatable2 (~> 9.2) devise_pam_authenticatable2 (~> 9.2)
discard (~> 1.2) discard (~> 1.2)
@ -801,8 +813,7 @@ DEPENDENCIES
fog-core (<= 2.4.0) fog-core (<= 2.4.0)
fog-openstack (~> 0.3) fog-openstack (~> 0.3)
fuubar (~> 2.5) fuubar (~> 2.5)
gitlab-omniauth-openid-connect (~> 0.10.1) haml-rails (~> 2.0)
hamlit-rails (~> 0.2)
hcaptcha (~> 7.1) hcaptcha (~> 7.1)
hiredis (~> 0.6) hiredis (~> 0.6)
htmlentities (~> 4.3) htmlentities (~> 4.3)
@ -815,7 +826,7 @@ DEPENDENCIES
json-ld-preloaded (~> 3.2) json-ld-preloaded (~> 3.2)
json-schema (~> 3.0) json-schema (~> 3.0)
kaminari (~> 1.2) kaminari (~> 1.2)
kt-paperclip (~> 7.1) kt-paperclip (~> 7.1)!
letter_opener (~> 1.8) letter_opener (~> 1.8)
letter_opener_web (~> 2.0) letter_opener_web (~> 2.0)
link_header (~> 0.0) link_header (~> 0.0)
@ -824,14 +835,16 @@ DEPENDENCIES
mario-redis-lock (~> 1.2) mario-redis-lock (~> 1.2)
memory_profiler memory_profiler
mime-types (~> 3.4.1) mime-types (~> 3.4.1)
net-http (~> 0.3.2)
net-ldap (~> 0.17) net-ldap (~> 0.17)
nokogiri (~> 1.14) nokogiri (~> 1.14)
nsa (~> 0.2) nsa (~> 0.2)
oj (~> 3.13) oj (~> 3.14)
omniauth (~> 1.9) omniauth (~> 1.9)
omniauth-cas (~> 2.0) omniauth-cas (~> 2.0)
omniauth-rails_csrf_protection (~> 0.1) omniauth-rails_csrf_protection (~> 0.1)
omniauth-saml (~> 1.10) omniauth-saml (~> 1.10)
omniauth_openid_connect (~> 0.6.0)
ox (~> 2.14) ox (~> 2.14)
parslet parslet
pg (~> 1.4) pg (~> 1.4)
@ -852,7 +865,7 @@ DEPENDENCIES
rails (~> 6.1.7) rails (~> 6.1.7)
rails-controller-testing (~> 1.0) rails-controller-testing (~> 1.0)
rails-i18n (~> 6.0) rails-i18n (~> 6.0)
rails-settings-cached (~> 0.6) rails-settings-cached (~> 0.6)!
rdf-normalize (~> 0.5) rdf-normalize (~> 0.5)
redcarpet (~> 3.6) redcarpet (~> 3.6)
redis (~> 4.5) redis (~> 4.5)
@ -871,7 +884,7 @@ DEPENDENCIES
scenic (~> 1.7) scenic (~> 1.7)
sidekiq (~> 6.5) sidekiq (~> 6.5)
sidekiq-bulk (~> 0.2.0) sidekiq-bulk (~> 0.2.0)
sidekiq-scheduler (~> 4.0) sidekiq-scheduler (~> 5.0)
sidekiq-unique-jobs (~> 7.1) sidekiq-unique-jobs (~> 7.1)
simple-navigation (~> 4.4) simple-navigation (~> 4.4)
simple_form (~> 5.2) simple_form (~> 5.2)
@ -885,7 +898,7 @@ DEPENDENCIES
tty-prompt (~> 0.23) tty-prompt (~> 0.23)
twitter-text (~> 3.1.0) twitter-text (~> 3.1.0)
tzinfo-data (~> 1.2022) tzinfo-data (~> 1.2022)
webauthn (~> 2.5) webauthn (~> 3.0)
webmock (~> 3.18) webmock (~> 3.18)
webpacker (~> 5.4) webpacker (~> 5.4)
webpush! webpush!

@ -2,7 +2,7 @@
If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can reach us at <security@joinmastodon.org>. If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can reach us at <security@joinmastodon.org>.
You should *not* report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk. You should _not_ report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
## Scope ## Scope
@ -11,7 +11,8 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through
## Supported Versions ## Supported Versions
| Version | Supported | | Version | Supported |
| ------- | ----------| | ------- | --------- |
| 4.1.x | Yes |
| 4.0.x | Yes | | 4.0.x | Yes |
| 3.5.x | Yes | | 3.5.x | Yes |
| < 3.5 | No | | < 3.5 | No |

@ -18,13 +18,11 @@ module Admin
private private
def redis_info def redis_info
@redis_info ||= begin @redis_info ||= if redis.is_a?(Redis::Namespace)
if redis.is_a?(Redis::Namespace) redis.redis.info
redis.redis.info else
else redis.info
redis.info end
end
end
end end
end end
end end

@ -90,9 +90,7 @@ module Admin
end end
def action_from_button def action_from_button
if params[:save] 'save' if params[:save]
'save'
end
end end
end end
end end

@ -45,15 +45,11 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_account_followers_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_account_followers_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @accounts.empty? api_v1_account_followers_url pagination_params(since_id: pagination_since_id) unless @accounts.empty?
api_v1_account_followers_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -45,15 +45,11 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_account_following_index_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_account_following_index_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @accounts.empty? api_v1_account_following_index_url pagination_params(since_id: pagination_since_id) unless @accounts.empty?
api_v1_account_following_index_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -39,15 +39,11 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_account_statuses_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_account_statuses_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @statuses.empty? api_v1_account_statuses_url pagination_params(min_id: pagination_since_id) unless @statuses.empty?
api_v1_account_statuses_url pagination_params(min_id: pagination_since_id)
end
end end
def records_continue? def records_continue?

@ -30,7 +30,7 @@ class Api::V1::AccountsController < Api::BaseController
self.response_body = Oj.dump(response.body) self.response_body = Oj.dump(response.body)
self.status = response.status self.status = response.status
rescue ActiveRecord::RecordInvalid => e rescue ActiveRecord::RecordInvalid => e
render json: ValidationErrorFormatter.new(e, 'account.username': :username, 'invite_request.text': :reason).as_json, status: :unprocessable_entity render json: ValidationErrorFormatter.new(e, 'account.username': :username, 'invite_request.text': :reason).as_json, status: 422
end end
def follow def follow

@ -120,9 +120,7 @@ class Api::V1::Admin::AccountsController < Api::BaseController
translated_params[:status] = status.to_s if params[status].present? translated_params[:status] = status.to_s if params[status].present?
end end
if params[:staff].present? translated_params[:role_ids] = UserRole.that_can(:manage_reports).map(&:id) if params[:staff].present?
translated_params[:role_ids] = UserRole.that_can(:manage_reports).map(&:id)
end
translated_params translated_params
end end

@ -18,9 +18,7 @@ class Api::V1::AnnouncementsController < Api::BaseController
private private
def set_announcements def set_announcements
@announcements = begin @announcements = Announcement.published.chronological
Announcement.published.chronological
end
end end
def set_announcement def set_announcement

@ -33,15 +33,11 @@ class Api::V1::BlocksController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_blocks_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_blocks_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless paginated_blocks.empty? api_v1_blocks_url pagination_params(since_id: pagination_since_id) unless paginated_blocks.empty?
api_v1_blocks_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -40,15 +40,11 @@ class Api::V1::ConversationsController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_conversations_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_conversations_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @conversations.empty? api_v1_conversations_url pagination_params(min_id: pagination_since_id) unless @conversations.empty?
api_v1_conversations_url pagination_params(min_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -43,15 +43,11 @@ class Api::V1::DomainBlocksController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_domain_blocks_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_domain_blocks_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @blocks.empty? api_v1_domain_blocks_url pagination_params(since_id: pagination_since_id) unless @blocks.empty?
api_v1_domain_blocks_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -15,10 +15,10 @@ class Api::V1::Emails::ConfirmationsController < Api::BaseController
private private
def require_user_owned_by_application! def require_user_owned_by_application!
render json: { error: 'This method is only available to the application the user originally signed-up with' }, status: :forbidden unless current_user && current_user.created_by_application_id == doorkeeper_token.application_id render json: { error: 'This method is only available to the application the user originally signed-up with' }, status: 403 unless current_user && current_user.created_by_application_id == doorkeeper_token.application_id
end end
def require_user_not_confirmed! def require_user_not_confirmed!
render json: { error: 'This method is only available while the e-mail is awaiting confirmation' }, status: :forbidden unless !current_user.confirmed? || current_user.unconfirmed_email.present? render json: { error: 'This method is only available while the e-mail is awaiting confirmation' }, status: 403 unless !current_user.confirmed? || current_user.unconfirmed_email.present?
end end
end end

@ -35,17 +35,13 @@ class Api::V1::EndorsementsController < Api::BaseController
def next_path def next_path
return if unlimited? return if unlimited?
if records_continue? api_v1_endorsements_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_endorsements_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
return if unlimited? return if unlimited?
unless @accounts.empty? api_v1_endorsements_url pagination_params(since_id: pagination_since_id) unless @accounts.empty?
api_v1_endorsements_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -36,15 +36,11 @@ class Api::V1::FavouritesController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_favourites_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_favourites_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless results.empty? api_v1_favourites_url pagination_params(min_id: pagination_since_id) unless results.empty?
api_v1_favourites_url pagination_params(min_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -53,15 +53,11 @@ class Api::V1::FollowRequestsController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_follow_requests_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_follow_requests_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @accounts.empty? api_v1_follow_requests_url pagination_params(since_id: pagination_since_id) unless @accounts.empty?
api_v1_follow_requests_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -62,17 +62,13 @@ class Api::V1::Lists::AccountsController < Api::BaseController
def next_path def next_path
return if unlimited? return if unlimited?
if records_continue? api_v1_list_accounts_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_list_accounts_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
return if unlimited? return if unlimited?
unless @accounts.empty? api_v1_list_accounts_url pagination_params(since_id: pagination_since_id) unless @accounts.empty?
api_v1_list_accounts_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -33,15 +33,11 @@ class Api::V1::MutesController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_mutes_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_mutes_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless paginated_mutes.empty? api_v1_mutes_url pagination_params(since_id: pagination_since_id) unless paginated_mutes.empty?
api_v1_mutes_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -28,7 +28,7 @@ class Api::V1::NotificationsController < Api::BaseController
end end
def dismiss def dismiss
current_account.notifications.find_by!(id: params[:id]).destroy! current_account.notifications.find(params[:id]).destroy!
render_empty render_empty
end end
@ -67,15 +67,11 @@ class Api::V1::NotificationsController < Api::BaseController
end end
def next_path def next_path
unless @notifications.empty? api_v1_notifications_url pagination_params(max_id: pagination_max_id) unless @notifications.empty?
api_v1_notifications_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @notifications.empty? api_v1_notifications_url pagination_params(min_id: pagination_since_id) unless @notifications.empty?
api_v1_notifications_url pagination_params(min_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -52,15 +52,11 @@ class Api::V1::ScheduledStatusesController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_scheduled_statuses_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_scheduled_statuses_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @statuses.empty? api_v1_scheduled_statuses_url pagination_params(min_id: pagination_since_id) unless @statuses.empty?
api_v1_scheduled_statuses_url pagination_params(min_id: pagination_since_id)
end
end end
def records_continue? def records_continue?

@ -41,15 +41,11 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_status_favourited_by_index_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_status_favourited_by_index_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @accounts.empty? api_v1_status_favourited_by_index_url pagination_params(since_id: pagination_since_id) unless @accounts.empty?
api_v1_status_favourited_by_index_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -37,15 +37,11 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
end end
def next_path def next_path
if records_continue? api_v1_status_reblogged_by_index_url pagination_params(max_id: pagination_max_id) if records_continue?
api_v1_status_reblogged_by_index_url pagination_params(max_id: pagination_max_id)
end
end end
def prev_path def prev_path
unless @accounts.empty? api_v1_status_reblogged_by_index_url pagination_params(since_id: pagination_since_id) unless @accounts.empty?
api_v1_status_reblogged_by_index_url pagination_params(since_id: pagination_since_id)
end
end end
def pagination_max_id def pagination_max_id

@ -64,6 +64,7 @@ class Api::V1::StatusesController < Api::BaseController
application: doorkeeper_token.application, application: doorkeeper_token.application,
poll: status_params[:poll], poll: status_params[:poll],
content_type: status_params[:content_type], content_type: status_params[:content_type],
allowed_mentions: status_params[:allowed_mentions],
idempotency: request.headers['Idempotency-Key'], idempotency: request.headers['Idempotency-Key'],
local_only: status_params[:local_only], local_only: status_params[:local_only],
with_rate_limit: true, with_rate_limit: true,
@ -71,6 +72,12 @@ class Api::V1::StatusesController < Api::BaseController
) )
render json: @status, serializer: @status.is_a?(ScheduledStatus) ? REST::ScheduledStatusSerializer : REST::StatusSerializer render json: @status, serializer: @status.is_a?(ScheduledStatus) ? REST::ScheduledStatusSerializer : REST::StatusSerializer
rescue PostStatusService::UnexpectedMentionsError => e
unexpected_accounts = ActiveModel::Serializer::CollectionSerializer.new(
e.accounts,
serializer: REST::AccountSerializer
)
render json: { error: e.message, unexpected_accounts: unexpected_accounts }, status: 422
end end
def update def update
@ -135,6 +142,7 @@ class Api::V1::StatusesController < Api::BaseController
:quote_id, :quote_id,
:content_type, :content_type,
:local_only, :local_only,
allowed_mentions: [],
media_ids: [], media_ids: [],
media_attributes: [ media_attributes: [
:id, :id,

@ -25,6 +25,7 @@ class Api::V1::TagsController < Api::BaseController
def set_or_create_tag def set_or_create_tag
return not_found unless Tag::HASHTAG_NAME_RE.match?(params[:id]) return not_found unless Tag::HASHTAG_NAME_RE.match?(params[:id])
@tag = Tag.find_normalized(params[:id]) || Tag.new(name: Tag.normalize(params[:id]), display_name: params[:id]) @tag = Tag.find_normalized(params[:id]) || Tag.new(name: Tag.normalize(params[:id]), display_name: params[:id])
end end
end end

@ -18,13 +18,11 @@ class Api::V1::Trends::LinksController < Api::BaseController
end end
def set_links def set_links
@links = begin @links = if enabled?
if enabled? links_from_trends.offset(offset_param).limit(limit_param(DEFAULT_LINKS_LIMIT))
links_from_trends.offset(offset_param).limit(limit_param(DEFAULT_LINKS_LIMIT)) else
else []
[] end
end
end
end end
def links_from_trends def links_from_trends

@ -16,13 +16,11 @@ class Api::V1::Trends::StatusesController < Api::BaseController
end end
def set_statuses def set_statuses
@statuses = begin @statuses = if enabled?
if enabled? cache_collection(statuses_from_trends.offset(offset_param).limit(limit_param(DEFAULT_STATUSES_LIMIT)), Status)
cache_collection(statuses_from_trends.offset(offset_param).limit(limit_param(DEFAULT_STATUSES_LIMIT)), Status) else
else []
[] end
end
end
end end
def statuses_from_trends def statuses_from_trends

@ -18,13 +18,11 @@ class Api::V1::Trends::TagsController < Api::BaseController
end end
def set_tags def set_tags
@tags = begin @tags = if enabled?
if enabled? tags_from_trends.offset(offset_param).limit(limit_param(DEFAULT_TAGS_LIMIT))
tags_from_trends.offset(offset_param).limit(limit_param(DEFAULT_TAGS_LIMIT)) else
else []
[] end
end
end
end end
def tags_from_trends def tags_from_trends

@ -25,9 +25,7 @@ class Api::V2::Admin::AccountsController < Api::V1::Admin::AccountsController
def translated_filter_params def translated_filter_params
translated_params = filter_params.slice(*AccountFilter::KEYS) translated_params = filter_params.slice(*AccountFilter::KEYS)
if params[:permissions] == 'staff' translated_params[:role_ids] = UserRole.that_can(:manage_reports).map(&:id) if params[:permissions] == 'staff'
translated_params[:role_ids] = UserRole.that_can(:manage_reports).map(&:id)
end
translated_params translated_params
end end

@ -31,9 +31,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
def update def update
super do |resource| super do |resource|
if resource.saved_change_to_encrypted_password? resource.clear_other_sessions(current_session.session_id) if resource.saved_change_to_encrypted_password?
resource.clear_other_sessions(current_session.session_id)
end
end end
end end

@ -53,9 +53,9 @@ class Auth::SessionsController < Devise::SessionsController
session[:webauthn_challenge] = options_for_get.challenge session[:webauthn_challenge] = options_for_get.challenge
render json: options_for_get, status: :ok render json: options_for_get, status: 200
else else
render json: { error: t('webauthn_credentials.not_enabled') }, status: :unauthorized render json: { error: t('webauthn_credentials.not_enabled') }, status: 401
end end
end end
@ -115,9 +115,7 @@ class Auth::SessionsController < Devise::SessionsController
def home_paths(resource) def home_paths(resource)
paths = [about_path] paths = [about_path]
if single_user_mode? && resource.is_a?(User) paths << short_account_path(username: resource.account) if single_user_mode? && resource.is_a?(User)
paths << short_account_path(username: resource.account)
end
paths paths
end end

@ -6,13 +6,11 @@ module RateLimitHeaders
class_methods do class_methods do
def override_rate_limit_headers(method_name, options = {}) def override_rate_limit_headers(method_name, options = {})
around_action(only: method_name, if: :current_account) do |_controller, block| around_action(only: method_name, if: :current_account) do |_controller, block|
begin block.call
block.call ensure
ensure rate_limiter = RateLimiter.new(current_account, options)
rate_limiter = RateLimiter.new(current_account, options) rate_limit_headers = rate_limiter.to_headers
rate_limit_headers = rate_limiter.to_headers response.headers.merge!(rate_limit_headers) unless response.headers['X-RateLimit-Remaining'].present? && rate_limit_headers['X-RateLimit-Remaining'].to_i > response.headers['X-RateLimit-Remaining'].to_i
response.headers.merge!(rate_limit_headers) unless response.headers['X-RateLimit-Remaining'].present? && rate_limit_headers['X-RateLimit-Remaining'].to_i > response.headers['X-RateLimit-Remaining'].to_i
end
end end
end end
end end
@ -67,6 +65,6 @@ module RateLimitHeaders
end end
def reset_period_offset def reset_period_offset
api_throttle_data[:period] - request_time.to_i % api_throttle_data[:period] api_throttle_data[:period] - (request_time.to_i % api_throttle_data[:period])
end end
end end

@ -13,6 +13,7 @@ module SessionTrackingConcern
def set_session_activity def set_session_activity
return unless session_needs_update? return unless session_needs_update?
current_session.touch current_session.touch
end end

@ -165,6 +165,7 @@ module SignatureVerification
end end
raise SignatureVerificationError, "Invalid Digest value. The provided Digest value is not a SHA-256 digest. Given digest: #{sha256[1]}" if digest_size != 32 raise SignatureVerificationError, "Invalid Digest value. The provided Digest value is not a SHA-256 digest. Given digest: #{sha256[1]}" if digest_size != 32
raise SignatureVerificationError, "Invalid Digest value. Computed SHA-256 digest: #{body_digest}; given: #{sha256[1]}" raise SignatureVerificationError, "Invalid Digest value. Computed SHA-256 digest: #{body_digest}; given: #{sha256[1]}"
end end

@ -57,10 +57,10 @@ module TwoFactorAuthenticationConcern
if valid_webauthn_credential?(user, webauthn_credential) if valid_webauthn_credential?(user, webauthn_credential)
on_authentication_success(user, :webauthn) on_authentication_success(user, :webauthn)
render json: { redirect_path: after_sign_in_path_for(user) }, status: :ok render json: { redirect_path: after_sign_in_path_for(user) }, status: 200
else else
on_authentication_failure(user, :webauthn, :invalid_credential) on_authentication_failure(user, :webauthn, :invalid_credential)
render json: { error: t('webauthn_credentials.invalid_credential') }, status: :unprocessable_entity render json: { error: t('webauthn_credentials.invalid_credential') }, status: 422
end end
end end
@ -81,13 +81,11 @@ module TwoFactorAuthenticationConcern
@body_classes = 'lighter' @body_classes = 'lighter'
@webauthn_enabled = user.webauthn_enabled? @webauthn_enabled = user.webauthn_enabled?
@scheme_type = begin @scheme_type = if user.webauthn_enabled? && user_params[:otp_attempt].blank?
if user.webauthn_enabled? && user_params[:otp_attempt].blank? 'webauthn'
'webauthn' else
else 'totp'
'totp' end
end
end
set_locale { render :two_factor } set_locale { render :two_factor }
end end

@ -43,9 +43,7 @@ class Filters::StatusesController < ApplicationController
end end
def action_from_button def action_from_button
if params[:remove] 'remove' if params[:remove]
'remove'
end
end end
def set_body_classes def set_body_classes

@ -33,7 +33,7 @@ class MediaController < ApplicationController
scope = MediaAttachment.local.attached scope = MediaAttachment.local.attached
# If id is 19 characters long, it's a shortcode, otherwise it's an identifier # If id is 19 characters long, it's a shortcode, otherwise it's an identifier
@media_attachment = id.size == 19 ? scope.find_by!(shortcode: id) : scope.find_by!(id: id) @media_attachment = id.size == 19 ? scope.find_by!(shortcode: id) : scope.find(id)
end end
def verify_permitted_status! def verify_permitted_status!

@ -27,7 +27,7 @@ module Settings
session[:webauthn_challenge] = options_for_create.challenge session[:webauthn_challenge] = options_for_create.challenge
render json: options_for_create, status: :ok render json: options_for_create, status: 200
end end
def create def create

@ -58,7 +58,7 @@ class TagsController < ApplicationController
def collection_presenter def collection_presenter
ActivityPub::CollectionPresenter.new( ActivityPub::CollectionPresenter.new(
id: tag_url(@tag), id: tag_url(@tag),
type: :ordered, type: :ordered
) )
end end
end end

@ -19,19 +19,17 @@ module Admin::DashboardHelper
end end
def relevant_account_timestamp(account) def relevant_account_timestamp(account)
timestamp, exact = begin timestamp, exact = if account.user_current_sign_in_at && account.user_current_sign_in_at < 24.hours.ago
if account.user_current_sign_in_at && account.user_current_sign_in_at < 24.hours.ago [account.user_current_sign_in_at, true]
[account.user_current_sign_in_at, true] elsif account.user_current_sign_in_at
elsif account.user_current_sign_in_at [account.user_current_sign_in_at, false]
[account.user_current_sign_in_at, false] elsif account.user_pending?
elsif account.user_pending? [account.user_created_at, true]
[account.user_created_at, true] elsif account.last_status_at.present?
elsif account.last_status_at.present? [account.last_status_at, true]
[account.last_status_at, true] else
else [nil, false]
[nil, false] end
end
end
return '-' if timestamp.nil? return '-' if timestamp.nil?
return t('generic.today') unless exact return t('generic.today') unless exact

@ -2,13 +2,11 @@
module Admin::Trends::StatusesHelper module Admin::Trends::StatusesHelper
def one_line_preview(status) def one_line_preview(status)
text = begin text = if status.local?
if status.local? status.text.split("\n").first
status.text.split("\n").first else
else Nokogiri::HTML(status.text).css('html > body > *').first&.text
Nokogiri::HTML(status.text).css('html > body > *').first&.text end
end
end
return '' if text.blank? return '' if text.blank?

@ -105,6 +105,7 @@ module ApplicationHelper
def can?(action, record) def can?(action, record)
return false if record.nil? return false if record.nil?
policy(record).public_send("#{action}?") policy(record).public_send("#{action}?")
end end
@ -217,9 +218,7 @@ module ApplicationHelper
state_params[:moved_to_account] = current_account.moved_to_account state_params[:moved_to_account] = current_account.moved_to_account
end end
if single_user_mode? state_params[:owner] = Account.local.without_suspended.where('id > 0').first if single_user_mode?
state_params[:owner] = Account.local.without_suspended.where('id > 0').first
end
json = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(state_params), serializer: InitialStateSerializer).to_json json = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(state_params), serializer: InitialStateSerializer).to_json
# rubocop:disable Rails/OutputSafety # rubocop:disable Rails/OutputSafety

@ -23,14 +23,12 @@ module BrandingHelper
end end
def render_symbol(version = :icon) def render_symbol(version = :icon)
path = begin path = case version
case version when :icon
when :icon 'logo-symbol-icon.svg'
'logo-symbol-icon.svg' when :wordmark
when :wordmark 'logo-symbol-wordmark.svg'
'logo-symbol-wordmark.svg' end
end
end
render(file: Rails.root.join('app', 'javascript', 'images', path)).html_safe # rubocop:disable Rails/OutputSafety render(file: Rails.root.join('app', 'javascript', 'images', path)).html_safe # rubocop:disable Rails/OutputSafety
end end

@ -4,13 +4,11 @@ module DomainControlHelper
def domain_not_allowed?(uri_or_domain) def domain_not_allowed?(uri_or_domain)
return if uri_or_domain.blank? return if uri_or_domain.blank?
domain = begin domain = if uri_or_domain.include?('://')
if uri_or_domain.include?('://') Addressable::URI.parse(uri_or_domain).host
Addressable::URI.parse(uri_or_domain).host else
else uri_or_domain
uri_or_domain end
end
end
if whitelist_mode? if whitelist_mode?
!DomainAllow.allowed?(domain) !DomainAllow.allowed?(domain)

@ -31,30 +31,26 @@ module FormattingHelper
def rss_status_content_format(status) def rss_status_content_format(status)
html = status_content_format(status) html = status_content_format(status)
before_html = begin before_html = if status.spoiler_text?
if status.spoiler_text? tag.p do
tag.p do tag.strong do
tag.strong do I18n.t('rss.content_warning', locale: available_locale_or_nil(status.language) || I18n.default_locale)
I18n.t('rss.content_warning', locale: available_locale_or_nil(status.language) || I18n.default_locale) end
end
status.spoiler_text status.spoiler_text
end + tag.hr end + tag.hr
end end
end
after_html = begin after_html = if status.preloadable_poll
if status.preloadable_poll tag.p do
tag.p do safe_join(
safe_join( status.preloadable_poll.options.map do |o|
status.preloadable_poll.options.map do |o| tag.send(status.preloadable_poll.multiple? ? 'checkbox' : 'radio', o, disabled: true)
tag.send(status.preloadable_poll.multiple? ? 'checkbox' : 'radio', o, disabled: true) end,
end, tag.br
tag.br )
) end
end end
end
end
prerender_custom_emojis( prerender_custom_emojis(
safe_join([before_html, html, after_html]), safe_join([before_html, html, after_html]),

@ -10,13 +10,11 @@ module InstanceHelper
end end
def description_for_sign_up def description_for_sign_up
prefix = begin prefix = if @invite.present?
if @invite.present? I18n.t('auth.description.prefix_invited_by_user', name: @invite.user.account.username)
I18n.t('auth.description.prefix_invited_by_user', name: @invite.user.account.username) else
else I18n.t('auth.description.prefix_sign_up')
I18n.t('auth.description.prefix_sign_up') end
end
end
safe_join([prefix, I18n.t('auth.description.suffix')], ' ') safe_join([prefix, I18n.t('auth.description.suffix')], ' ')
end end

@ -26,15 +26,13 @@ module JsonLdHelper
# The url attribute can be a string, an array of strings, or an array of objects. # The url attribute can be a string, an array of strings, or an array of objects.
# The objects could include a mimeType. Not-included mimeType means it's text/html. # The objects could include a mimeType. Not-included mimeType means it's text/html.
def url_to_href(value, preferred_type = nil) def url_to_href(value, preferred_type = nil)
single_value = begin single_value = if value.is_a?(Array) && !value.first.is_a?(String)
if value.is_a?(Array) && !value.first.is_a?(String) value.find { |link| preferred_type.nil? || ((link['mimeType'].presence || 'text/html') == preferred_type) }
value.find { |link| preferred_type.nil? || ((link['mimeType'].presence || 'text/html') == preferred_type) } elsif value.is_a?(Array)
elsif value.is_a?(Array) value.first
value.first else
else value
value end
end
end
if single_value.nil? || single_value.is_a?(String) if single_value.nil? || single_value.is_a?(String)
single_value single_value

@ -1,4 +1,5 @@
# frozen_string_literal: true # frozen_string_literal: true
# rubocop:disable Metrics/ModuleLength, Style/WordArray # rubocop:disable Metrics/ModuleLength, Style/WordArray
module LanguagesHelper module LanguagesHelper

@ -204,11 +204,19 @@ export function submitCompose(routerHistory) {
// API call. // API call.
let media_attributes; let media_attributes;
if (statusId !== null) { if (statusId !== null) {
media_attributes = media.map(item => ({ media_attributes = media.map(item => {
id: item.get('id'), let focus;
description: item.get('description'),
focus: item.get('focus'), if (item.getIn(['meta', 'focus'])) {
})); focus = `${item.getIn(['meta', 'focus', 'x']).toFixed(2)},${item.getIn(['meta', 'focus', 'y']).toFixed(2)}`;
}
return {
id: item.get('id'),
description: item.get('description'),
focus,
};
});
} }
api(getState).request({ api(getState).request({

@ -6,7 +6,7 @@ import { setBrowserSupport, setSubscription, clearSubscription } from './setter'
const urlBase64ToUint8Array = (base64String) => { const urlBase64ToUint8Array = (base64String) => {
const padding = '='.repeat((4 - base64String.length % 4) % 4); const padding = '='.repeat((4 - base64String.length % 4) % 4);
const base64 = (base64String + padding) const base64 = (base64String + padding)
.replace(/\-/g, '+') .replace(/-/g, '+')
.replace(/_/g, '/'); .replace(/_/g, '/');
const rawData = window.atob(base64); const rawData = window.atob(base64);

@ -51,7 +51,7 @@ export default class AutosuggestInput extends ImmutablePureComponent {
searchTokens: PropTypes.arrayOf(PropTypes.string), searchTokens: PropTypes.arrayOf(PropTypes.string),
maxLength: PropTypes.number, maxLength: PropTypes.number,
lang: PropTypes.string, lang: PropTypes.string,
spellCheck: PropTypes.string, spellCheck: PropTypes.bool,
}; };
static defaultProps = { static defaultProps = {

Some files were not shown because too many files have changed in this diff Show More

Loading…
Cancel
Save