From 2ff01f78f79d0b075e127a6aee05c4c429daf569 Mon Sep 17 00:00:00 2001 From: ThibG Date: Tue, 19 Jan 2021 06:47:36 +0100 Subject: [PATCH 01/18] Fix /activity endpoint not require signature in authorized fetch mode (#15592) Fixes #15589 Co-authored-by: Claire --- app/controllers/statuses_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index 17ddd31fbb..87612a2966 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -8,7 +8,7 @@ class StatusesController < ApplicationController layout 'public' - before_action :require_signature!, only: :show, if: -> { request.format == :json && authorized_fetch_mode? } + before_action :require_signature!, only: [:show, :activity], if: -> { request.format == :json && authorized_fetch_mode? } before_action :set_status before_action :set_instance_presenter before_action :set_link_headers From b696a902fda70e37be8edb630edf6d2252792743 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:05:06 +0900 Subject: [PATCH 02/18] Bump sass-loader from 10.1.0 to 10.1.1 (#15568) Bumps [sass-loader](https://github.com/webpack-contrib/sass-loader) from 10.1.0 to 10.1.1. - [Release notes](https://github.com/webpack-contrib/sass-loader/releases) - [Changelog](https://github.com/webpack-contrib/sass-loader/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/sass-loader/compare/v10.1.0...v10.1.1) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 001c38c9df..9833e0b69e 100644 --- a/package.json +++ b/package.json @@ -154,7 +154,7 @@ "reselect": "^4.0.0", "rimraf": "^3.0.2", "sass": "^1.32.2", - "sass-loader": "^10.1.0", + "sass-loader": "^10.1.1", "stacktrace-js": "^2.0.2", "stringz": "^2.1.0", "substring-trie": "^1.0.2", diff --git a/yarn.lock b/yarn.lock index 6fb91aaa10..636af79a48 100644 --- a/yarn.lock +++ b/yarn.lock @@ -9507,10 +9507,10 @@ sass-lint@^1.13.1: path-is-absolute "^1.0.0" util "^0.10.3" -sass-loader@^10.1.0: - version "10.1.0" - resolved "https://registry.yarnpkg.com/sass-loader/-/sass-loader-10.1.0.tgz#1727fcc0c32ab3eb197cda61d78adf4e9174a4b3" - integrity sha512-ZCKAlczLBbFd3aGAhowpYEy69Te3Z68cg8bnHHl6WnSCvnKpbM6pQrz957HWMa8LKVuhnD9uMplmMAHwGQtHeg== +sass-loader@^10.1.1: + version "10.1.1" + resolved "https://registry.yarnpkg.com/sass-loader/-/sass-loader-10.1.1.tgz#4ddd5a3d7638e7949065dd6e9c7c04037f7e663d" + integrity sha512-W6gVDXAd5hR/WHsPicvZdjAWHBcEJ44UahgxcIE196fW2ong0ZHMPO1kZuI5q0VlvMQZh32gpv69PLWQm70qrw== dependencies: klona "^2.0.4" loader-utils "^2.0.0" From 8c6a3c18ff54c554eb07b96d99bd86a51306f972 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:17:59 +0900 Subject: [PATCH 03/18] Bump webmock from 3.11.0 to 3.11.1 (#15570) Bumps [webmock](https://github.com/bblimke/webmock) from 3.11.0 to 3.11.1. - [Release notes](https://github.com/bblimke/webmock/releases) - [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md) - [Commits](https://github.com/bblimke/webmock/compare/v3.11.0...v3.11.1) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 7b677837f7..16d0e5bb69 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -660,7 +660,7 @@ GEM safety_net_attestation (~> 0.4.0) securecompare (~> 1.0) tpm-key_attestation (~> 0.9.0) - webmock (3.11.0) + webmock (3.11.1) addressable (>= 2.3.6) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) From 3126b9e9745eddf21b6dc955864e234b1d488291 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:24:38 +0900 Subject: [PATCH 04/18] Bump mini-css-extract-plugin from 1.3.3 to 1.3.4 (#15572) Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 1.3.3 to 1.3.4. - [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases) - [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.3.3...v1.3.4) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 9833e0b69e..220e521177 100644 --- a/package.json +++ b/package.json @@ -111,7 +111,7 @@ "lodash": "^4.17.19", "mark-loader": "^0.1.6", "marky": "^1.2.1", - "mini-css-extract-plugin": "^1.3.3", + "mini-css-extract-plugin": "^1.3.4", "mkdirp": "^1.0.4", "npmlog": "^4.1.2", "object-assign": "^4.1.1", diff --git a/yarn.lock b/yarn.lock index 636af79a48..848bec647a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7105,10 +7105,10 @@ min-indent@^1.0.0: resolved "https://registry.yarnpkg.com/min-indent/-/min-indent-1.0.1.tgz#a63f681673b30571fbe8bc25686ae746eefa9869" integrity sha512-I9jwMn07Sy/IwOj3zVkVik2JTvgpaykDZEigL6Rx6N9LbMywwUSMtxET+7lVoDLLd3O3IXwJwvuuns8UB/HeAg== -mini-css-extract-plugin@^1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/mini-css-extract-plugin/-/mini-css-extract-plugin-1.3.3.tgz#7802e62b34199aa7d1a62e654395859a836486a0" - integrity sha512-7lvliDSMiuZc81kI+5/qxvn47SCM7BehXex3f2c6l/pR3Goj58IQxZh9nuPQ3AkGQgoETyXuIqLDaO5Oa0TyBw== +mini-css-extract-plugin@^1.3.4: + version "1.3.4" + resolved "https://registry.yarnpkg.com/mini-css-extract-plugin/-/mini-css-extract-plugin-1.3.4.tgz#706e69632cdcdb8b15bf8e638442a0dba304a9c8" + integrity sha512-dNjqyeogUd8ucUgw5sxm1ahvSfSUgef7smbmATRSbDm4EmNx5kQA6VdUEhEeCKSjX6CTYjb5vxgMUvRjqP3uHg== dependencies: loader-utils "^2.0.0" schema-utils "^3.0.0" From f7c205d8c1c0cb04d0d983e1160ba5d182a539de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:27:49 +0900 Subject: [PATCH 05/18] Bump @testing-library/jest-dom from 5.11.8 to 5.11.9 (#15574) Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.11.8 to 5.11.9. - [Release notes](https://github.com/testing-library/jest-dom/releases) - [Changelog](https://github.com/testing-library/jest-dom/blob/master/CHANGELOG.md) - [Commits](https://github.com/testing-library/jest-dom/compare/v5.11.8...v5.11.9) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 220e521177..261f1c0b5f 100644 --- a/package.json +++ b/package.json @@ -171,7 +171,7 @@ "wicg-inert": "^3.1.0" }, "devDependencies": { - "@testing-library/jest-dom": "^5.11.8", + "@testing-library/jest-dom": "^5.11.9", "@testing-library/react": "^11.2.3", "babel-eslint": "^10.1.0", "babel-jest": "^26.6.3", diff --git a/yarn.lock b/yarn.lock index 848bec647a..1501dec2a0 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1385,10 +1385,10 @@ lz-string "^1.4.4" pretty-format "^26.6.2" -"@testing-library/jest-dom@^5.11.8": - version "5.11.8" - resolved "https://registry.yarnpkg.com/@testing-library/jest-dom/-/jest-dom-5.11.8.tgz#433a84d6f9a089485101b9e112ef03e5c30bcbfc" - integrity sha512-ScyKrWQM5xNcr79PkSewnA79CLaoxVskE+f7knTOhDD9ftZSA1Jw8mj+pneqhEu3x37ncNfW84NUr7lqK+mXjA== +"@testing-library/jest-dom@^5.11.9": + version "5.11.9" + resolved "https://registry.yarnpkg.com/@testing-library/jest-dom/-/jest-dom-5.11.9.tgz#e6b3cd687021f89f261bd53cbe367041fbd3e975" + integrity sha512-Mn2gnA9d1wStlAIT2NU8J15LNob0YFBVjs2aEQ3j8rsfRQo+lAs7/ui1i2TGaJjapLmuNPLTsrm+nPjmZDwpcQ== dependencies: "@babel/runtime" "^7.9.2" "@types/testing-library__jest-dom" "^5.9.1" From d1d2a4e8692ac846e8aafbefd445d25711340607 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:28:45 +0900 Subject: [PATCH 06/18] Bump webpack-dev-server from 3.11.1 to 3.11.2 (#15577) Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.11.1 to 3.11.2. - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/v3.11.2/CHANGELOG.md) - [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.11.1...v3.11.2) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 261f1c0b5f..737d4acde2 100644 --- a/package.json +++ b/package.json @@ -185,7 +185,7 @@ "react-intl-translations-manager": "^5.0.3", "react-test-renderer": "^16.14.0", "sass-lint": "^1.13.1", - "webpack-dev-server": "^3.11.1", + "webpack-dev-server": "^3.11.2", "yargs": "^16.2.0" }, "resolutions": { diff --git a/yarn.lock b/yarn.lock index 1501dec2a0..2e084f748e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11112,10 +11112,10 @@ webpack-dev-middleware@^3.7.2: range-parser "^1.2.1" webpack-log "^2.0.0" -webpack-dev-server@^3.11.1: - version "3.11.1" - resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-3.11.1.tgz#c74028bf5ba8885aaf230e48a20e8936ab8511f0" - integrity sha512-u4R3mRzZkbxQVa+MBWi2uVpB5W59H3ekZAJsQlKUTdl7Elcah2EhygTPLmeFXybQkf9i2+L0kn7ik9SnXa6ihQ== +webpack-dev-server@^3.11.2: + version "3.11.2" + resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-3.11.2.tgz#695ebced76a4929f0d5de7fd73fafe185fe33708" + integrity sha512-A80BkuHRQfCiNtGBS1EMf2ChTUs0x+B3wGDFmOeT4rmJOHhHTCH2naNxIHhmkr0/UillP4U3yeIyv1pNp+QDLQ== dependencies: ansi-html "0.0.7" bonjour "^3.5.0" From 266a95ee8f0d3a077a17a9d968aede129ad998d1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:29:29 +0900 Subject: [PATCH 07/18] Bump ox from 2.14.0 to 2.14.1 (#15576) Bumps [ox](https://github.com/ohler55/ox) from 2.14.0 to 2.14.1. - [Release notes](https://github.com/ohler55/ox/releases) - [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md) - [Commits](https://github.com/ohler55/ox/compare/v2.14.0...v2.14.1) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 16d0e5bb69..dcd64001d0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -386,7 +386,7 @@ GEM openssl (2.2.0) openssl-signature_algorithm (0.4.0) orm_adapter (0.5.0) - ox (2.14.0) + ox (2.14.1) paperclip (6.0.0) activemodel (>= 4.2.0) activesupport (>= 4.2.0) From c0499c1fcb1cdfed9b86bd61166150cef93171f4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:30:56 +0900 Subject: [PATCH 08/18] Bump oj from 3.10.18 to 3.11.0 (#15583) Bumps [oj](https://github.com/ohler55/oj) from 3.10.18 to 3.11.0. - [Release notes](https://github.com/ohler55/oj/releases) - [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md) - [Commits](https://github.com/ohler55/oj/compare/v3.10.18...v3.11.0) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 5454140ea6..f32e00ec88 100644 --- a/Gemfile +++ b/Gemfile @@ -66,7 +66,7 @@ gem 'mime-types', '~> 3.3.1', require: 'mime/types/columnar' gem 'nilsimsa', git: 'https://github.com/witgo/nilsimsa', ref: 'fd184883048b922b176939f851338d0a4971a532' gem 'nokogiri', '~> 1.11' gem 'nsa', '~> 0.2' -gem 'oj', '~> 3.10' +gem 'oj', '~> 3.11' gem 'ox', '~> 2.14' gem 'parslet' gem 'parallel', '~> 1.20' diff --git a/Gemfile.lock b/Gemfile.lock index dcd64001d0..28916d1dc6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -369,7 +369,7 @@ GEM concurrent-ruby (~> 1.0, >= 1.0.2) sidekiq (>= 3.5) statsd-ruby (~> 1.4, >= 1.4.0) - oj (3.10.18) + oj (3.11.0) omniauth (1.9.1) hashie (>= 3.4.6) rack (>= 1.6.2, < 3) @@ -749,7 +749,7 @@ DEPENDENCIES nilsimsa! nokogiri (~> 1.11) nsa (~> 0.2) - oj (~> 3.10) + oj (~> 3.11) omniauth (~> 1.9) omniauth-cas (~> 2.0) omniauth-rails_csrf_protection (~> 0.1) From 041a6f9242dab2ac03d22cbd4226d1155162f1b6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:32:06 +0900 Subject: [PATCH 09/18] Bump webpack-assets-manifest from 4.0.0 to 4.0.1 (#15579) Bumps [webpack-assets-manifest](https://github.com/webdeveric/webpack-assets-manifest) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/webdeveric/webpack-assets-manifest/releases) - [Commits](https://github.com/webdeveric/webpack-assets-manifest/compare/v4.0.0...v4.0.1) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 737d4acde2..7ebd74d38d 100644 --- a/package.json +++ b/package.json @@ -164,7 +164,7 @@ "tiny-queue": "^0.2.1", "uuid": "^8.3.1", "webpack": "^4.45.0", - "webpack-assets-manifest": "^4.0.0", + "webpack-assets-manifest": "^4.0.1", "webpack-bundle-analyzer": "^4.3.0", "webpack-cli": "^3.3.12", "webpack-merge": "^5.7.3", diff --git a/yarn.lock b/yarn.lock index 2e084f748e..13288444a9 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11053,10 +11053,10 @@ webidl-conversions@^6.1.0: resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-6.1.0.tgz#9111b4d7ea80acd40f5270d666621afa78b69514" integrity sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w== -webpack-assets-manifest@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/webpack-assets-manifest/-/webpack-assets-manifest-4.0.0.tgz#6c906f6a77945aa326822e158f22d172ccc59f0f" - integrity sha512-zbozd1Cr6gS5XMWWHfISusocOO2bO05ktpJXWdoYtv12/FSXsNqyVjNwLE9ehBXDsEOwRtqd3kPDdTZKFjjD/w== +webpack-assets-manifest@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/webpack-assets-manifest/-/webpack-assets-manifest-4.0.1.tgz#918989c51a7800be6683aaa27b9f36bcc7a9afdc" + integrity sha512-NS7Bx2C3JsEj6a0MB/PPmPOD/BzDYjB3PaKcI7/r2fKXq0PuZ4YtcbZ5Og+q4gkmetGX9v21vejeAlbru/Fvhw== dependencies: chalk "^4.0" deepmerge "^4.2.2" From 77368d8ff9a6e282a1f584b0cc8616b908ccdd68 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:40:39 +0900 Subject: [PATCH 10/18] Bump strong_migrations from 0.7.4 to 0.7.6 (#15581) Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.7.4 to 0.7.6. - [Release notes](https://github.com/ankane/strong_migrations/releases) - [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md) - [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.4...v0.7.6) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 28916d1dc6..caf1ec0f8a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -350,7 +350,7 @@ GEM mimemagic (0.3.5) mini_mime (1.0.2) mini_portile2 (2.5.0) - minitest (5.14.2) + minitest (5.14.3) msgpack (1.3.3) multi_json (1.15.0) multipart-post (2.1.1) @@ -612,7 +612,7 @@ GEM stoplight (2.2.1) streamio-ffmpeg (3.0.2) multi_json (~> 1.8) - strong_migrations (0.7.4) + strong_migrations (0.7.6) activerecord (>= 5) temple (0.8.2) terminal-table (2.0.0) From d8d75cd6c285f92863d150ed7176cad03264dd9c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Jan 2021 21:42:34 +0900 Subject: [PATCH 11/18] Bump sanitize from 5.2.2 to 5.2.3 (#15582) Bumps [sanitize](https://github.com/rgrove/sanitize) from 5.2.2 to 5.2.3. - [Release notes](https://github.com/rgrove/sanitize/releases) - [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md) - [Commits](https://github.com/rgrove/sanitize/compare/v5.2.2...v5.2.3) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index caf1ec0f8a..038566a5d4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -560,7 +560,7 @@ GEM fugit (~> 1.1, >= 1.1.6) safety_net_attestation (0.4.0) jwt (~> 2.0) - sanitize (5.2.2) + sanitize (5.2.3) crass (~> 1.0.2) nokogiri (>= 1.8.0) nokogumbo (~> 2.0) From e955ca5463dc399694455bc25301d56499a1b6ef Mon Sep 17 00:00:00 2001 From: ThibG Date: Thu, 21 Jan 2021 06:18:30 +0100 Subject: [PATCH 12/18] Fix sign-up restrictions based on IP addresses not being enforced (#15607) Fixes #15606 Co-authored-by: Claire --- app/models/user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/user.rb b/app/models/user.rb index f8c8a6ab55..b4508c2ebb 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -152,7 +152,7 @@ class User < ApplicationRecord def confirm new_user = !confirmed? - self.approved = true if open_registrations? + self.approved = true if open_registrations? && !sign_up_from_ip_requires_approval? super From a0e1c9a35bcf42ae7c697d398bb2b2bad8383899 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Jan 2021 21:46:16 +0900 Subject: [PATCH 13/18] Bump sass from 1.32.2 to 1.32.5 (#15603) Bumps [sass](https://github.com/sass/dart-sass) from 1.32.2 to 1.32.5. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.32.2...1.32.5) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 7ebd74d38d..a3be05cfcb 100644 --- a/package.json +++ b/package.json @@ -153,7 +153,7 @@ "requestidlecallback": "^0.3.0", "reselect": "^4.0.0", "rimraf": "^3.0.2", - "sass": "^1.32.2", + "sass": "^1.32.5", "sass-loader": "^10.1.1", "stacktrace-js": "^2.0.2", "stringz": "^2.1.0", diff --git a/yarn.lock b/yarn.lock index 13288444a9..2b9e31f965 100644 --- a/yarn.lock +++ b/yarn.lock @@ -9518,10 +9518,10 @@ sass-loader@^10.1.1: schema-utils "^3.0.0" semver "^7.3.2" -sass@^1.32.2: - version "1.32.2" - resolved "https://registry.yarnpkg.com/sass/-/sass-1.32.2.tgz#66dc0250bc86c15d19ddee7135e93d0cf3d3257b" - integrity sha512-u1pUuzqwz3SAgvHSWp1k0mRhX82b2DdlVnP6UIetQPZtYbuJUDaPQhZE12jyjB7vYeOScfz9WPsZJB6Rpk7heA== +sass@^1.32.5: + version "1.32.5" + resolved "https://registry.yarnpkg.com/sass/-/sass-1.32.5.tgz#2882d22ad5748c05fa9bff6c3b0ffbc4f4b9e1dc" + integrity sha512-kU1yJ5zUAmPxr7f3q0YXTAd1oZjSR1g3tYyv+xu0HZSl5JiNOaE987eiz7wCUvbm4I9fGWGU2TgApTtcP4GMNQ== dependencies: chokidar ">=2.0.0 <4.0.0" From 71a019d63204217077e7b4cc1a215ac6de0cbab0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Jan 2021 21:46:37 +0900 Subject: [PATCH 14/18] Bump concurrent-ruby from 1.1.7 to 1.1.8 (#15601) Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.7 to 1.1.8. - [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases) - [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.7...v1.1.8) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 038566a5d4..38174e0f7e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -155,7 +155,7 @@ GEM climate_control (>= 0.0.3, < 1.0) coderay (1.1.3) color_diff (0.1) - concurrent-ruby (1.1.7) + concurrent-ruby (1.1.8) connection_pool (2.2.3) cose (1.0.0) cbor (~> 0.5.9) From 0180682e21311f672c28bfc1100527d8db7c73b1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Jan 2021 21:46:54 +0900 Subject: [PATCH 15/18] Bump webpack from 4.45.0 to 4.46.0 (#15580) Bumps [webpack](https://github.com/webpack/webpack) from 4.45.0 to 4.46.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v4.45.0...v4.46.0) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index a3be05cfcb..d5bee684f6 100644 --- a/package.json +++ b/package.json @@ -163,7 +163,7 @@ "throng": "^4.0.0", "tiny-queue": "^0.2.1", "uuid": "^8.3.1", - "webpack": "^4.45.0", + "webpack": "^4.46.0", "webpack-assets-manifest": "^4.0.1", "webpack-bundle-analyzer": "^4.3.0", "webpack-cli": "^3.3.12", diff --git a/yarn.lock b/yarn.lock index 2b9e31f965..cee68c4fd8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3968,10 +3968,10 @@ end-of-stream@^1.0.0, end-of-stream@^1.1.0: dependencies: once "^1.4.0" -enhanced-resolve@^4.1.1, enhanced-resolve@^4.3.0: - version "4.3.0" - resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-4.3.0.tgz#3b806f3bfafc1ec7de69551ef93cca46c1704126" - integrity sha512-3e87LvavsdxyoCfGusJnrZ5G8SLPOFeHSNpZI/ATL9a5leXo2k0w6MKnbqhdBad9qTobSfB20Ld7UmgoNbAZkQ== +enhanced-resolve@^4.1.1, enhanced-resolve@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-4.5.0.tgz#2f3cfd84dbe3b487f18f2db2ef1e064a571ca5ec" + integrity sha512-Nv9m36S/vxpsI+Hc4/ZGRs0n9mXqSWGGq49zxb/cJfPAQMbUtttJAlNPS4AQzaBdw/pKskw5bMbekT/Y7W/Wlg== dependencies: graceful-fs "^4.1.2" memory-fs "^0.5.0" @@ -11175,10 +11175,10 @@ webpack-sources@^1.0, webpack-sources@^1.1.0, webpack-sources@^1.4.0, webpack-so source-list-map "^2.0.0" source-map "~0.6.1" -webpack@^4.45.0: - version "4.45.0" - resolved "https://registry.yarnpkg.com/webpack/-/webpack-4.45.0.tgz#bcdc1ddb43959adb47f8974e60d944027267c1be" - integrity sha512-JhDaVi4CbRcwLLAoqC7eugMSMJnZbIfE2AyjaZ19pnOIh/R2O/lXOiXA2tQFN0iXEcxgpPJsPJHW2wOWqiTLcw== +webpack@^4.46.0: + version "4.46.0" + resolved "https://registry.yarnpkg.com/webpack/-/webpack-4.46.0.tgz#bf9b4404ea20a073605e0a011d188d77cb6ad542" + integrity sha512-6jJuJjg8znb/xRItk7bkT0+Q7AHCYjjFnvKIWQPkNIOyRqoCGvkOs0ipeQzrqz4l5FtN5ZI/ukEHroeX/o1/5Q== dependencies: "@webassemblyjs/ast" "1.9.0" "@webassemblyjs/helper-module-context" "1.9.0" @@ -11188,7 +11188,7 @@ webpack@^4.45.0: ajv "^6.10.2" ajv-keywords "^3.4.1" chrome-trace-event "^1.0.2" - enhanced-resolve "^4.3.0" + enhanced-resolve "^4.5.0" eslint-scope "^4.0.3" json-parse-better-errors "^1.0.2" loader-runner "^2.4.0" From a47f001c12005e7fabd1bdfc9ccd17001b1a6a0f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Jan 2021 21:47:33 +0900 Subject: [PATCH 16/18] Bump eslint from 7.17.0 to 7.18.0 (#15569) Bumps [eslint](https://github.com/eslint/eslint) from 7.17.0 to 7.18.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v7.17.0...v7.18.0) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package.json b/package.json index d5bee684f6..bb9177d144 100644 --- a/package.json +++ b/package.json @@ -175,7 +175,7 @@ "@testing-library/react": "^11.2.3", "babel-eslint": "^10.1.0", "babel-jest": "^26.6.3", - "eslint": "^7.17.0", + "eslint": "^7.18.0", "eslint-plugin-import": "~2.22.1", "eslint-plugin-jsx-a11y": "~6.4.1", "eslint-plugin-promise": "~4.2.1", diff --git a/yarn.lock b/yarn.lock index cee68c4fd8..c240896a51 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1105,10 +1105,10 @@ resolved "https://registry.yarnpkg.com/@emotion/weak-memoize/-/weak-memoize-0.2.4.tgz#622a72bebd1e3f48d921563b4b60a762295a81fc" integrity sha512-6PYY5DVdAY1ifaQW6XYTnOMihmBVT27elqSjEoodchsGjzYlEsTQMcEhSud99kVawatyTZRTiVkJ/c6lwbQ7nA== -"@eslint/eslintrc@^0.2.2": - version "0.2.2" - resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-0.2.2.tgz#d01fc791e2fc33e88a29d6f3dc7e93d0cd784b76" - integrity sha512-EfB5OHNYp1F4px/LI/FEnGylop7nOqkQ1LRzCM0KccA2U8tvV8w01KBv37LbO7nW4H+YhKyo2LcJhRwjjV17QQ== +"@eslint/eslintrc@^0.3.0": + version "0.3.0" + resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-0.3.0.tgz#d736d6963d7003b6514e6324bec9c602ac340318" + integrity sha512-1JTKgrOKAHVivSvOYw+sJOunkBjUOvjqWk1DPja7ZFhIS2mX/4EgTT8M7eTK9jrKhL/FvXXEbQwIs3pg1xp3dg== dependencies: ajv "^6.12.4" debug "^4.1.1" @@ -1117,7 +1117,7 @@ ignore "^4.0.6" import-fresh "^3.2.1" js-yaml "^3.13.1" - lodash "^4.17.19" + lodash "^4.17.20" minimatch "^3.0.4" strip-json-comments "^3.1.1" @@ -4309,13 +4309,13 @@ eslint@^2.7.0: text-table "~0.2.0" user-home "^2.0.0" -eslint@^7.17.0: - version "7.17.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.17.0.tgz#4ccda5bf12572ad3bf760e6f195886f50569adb0" - integrity sha512-zJk08MiBgwuGoxes5sSQhOtibZ75pz0J35XTRlZOk9xMffhpA9BTbQZxoXZzOl5zMbleShbGwtw+1kGferfFwQ== +eslint@^7.18.0: + version "7.18.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.18.0.tgz#7fdcd2f3715a41fe6295a16234bd69aed2c75e67" + integrity sha512-fbgTiE8BfUJZuBeq2Yi7J3RB3WGUQ9PNuNbmgi6jt9Iv8qrkxfy19Ds3OpL1Pm7zg3BtTVhvcUZbIRQ0wmSjAQ== dependencies: "@babel/code-frame" "^7.0.0" - "@eslint/eslintrc" "^0.2.2" + "@eslint/eslintrc" "^0.3.0" ajv "^6.10.0" chalk "^4.0.0" cross-spawn "^7.0.2" @@ -4339,7 +4339,7 @@ eslint@^7.17.0: js-yaml "^3.13.1" json-stable-stringify-without-jsonify "^1.0.1" levn "^0.4.1" - lodash "^4.17.19" + lodash "^4.17.20" minimatch "^3.0.4" natural-compare "^1.4.0" optionator "^0.9.1" From 80469897883d4b008c2b0ef79a2a855268b69acc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Jan 2021 21:47:55 +0900 Subject: [PATCH 17/18] Bump react-select from 3.1.1 to 3.2.0 (#15571) Bumps [react-select](https://github.com/JedWatson/react-select) from 3.1.1 to 3.2.0. - [Release notes](https://github.com/JedWatson/react-select/releases) - [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.1.1...react-select@3.2.0) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index bb9177d144..cc88ee2c61 100644 --- a/package.json +++ b/package.json @@ -139,7 +139,7 @@ "react-redux-loading-bar": "^4.0.8", "react-router-dom": "^4.1.1", "react-router-scroll-4": "^1.0.0-beta.1", - "react-select": "^3.1.1", + "react-select": "^3.2.0", "react-sparklines": "^1.7.0", "react-swipeable-views": "^0.13.9", "react-textarea-autosize": "^8.3.0", diff --git a/yarn.lock b/yarn.lock index c240896a51..1110d9dfc7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -8745,10 +8745,10 @@ react-infinite-scroller@^1.0.12: dependencies: prop-types "^15.5.8" -react-input-autosize@^2.2.2: - version "2.2.2" - resolved "https://registry.yarnpkg.com/react-input-autosize/-/react-input-autosize-2.2.2.tgz#fcaa7020568ec206bc04be36f4eb68e647c4d8c2" - integrity sha512-jQJgYCA3S0j+cuOwzuCd1OjmBmnZLdqQdiLKRYrsMMzbjUrVDS5RvJUDwJqA7sKuksDuzFtm6hZGKFu7Mjk5aw== +react-input-autosize@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/react-input-autosize/-/react-input-autosize-3.0.0.tgz#6b5898c790d4478d69420b55441fcc31d5c50a85" + integrity sha512-nL9uS7jEs/zu8sqwFE5MAPx6pPkNAriACQ2rGLlqmKr2sPGtN7TXTyDdQt4lbNXVx7Uzadb40x8qotIuru6Rhg== dependencies: prop-types "^15.5.8" @@ -8877,10 +8877,10 @@ react-router@^4.3.1: prop-types "^15.6.1" warning "^4.0.1" -react-select@^3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/react-select/-/react-select-3.1.1.tgz#156a5b4a6c22b1e3d62a919cb1fd827adb4060bc" - integrity sha512-HjC6jT2BhUxbIbxMZWqVcDibrEpdUJCfGicN0MMV+BQyKtCaPTgFekKWiOizSCy4jdsLMGjLqcFGJMhVGWB0Dg== +react-select@^3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/react-select/-/react-select-3.2.0.tgz#de9284700196f5f9b5277c5d850a9ce85f5c72fe" + integrity sha512-B/q3TnCZXEKItO0fFN/I0tWOX3WJvi/X2wtdffmwSQVRwg5BpValScTO1vdic9AxlUgmeSzib2hAZAwIUQUZGQ== dependencies: "@babel/runtime" "^7.4.4" "@emotion/cache" "^10.0.9" @@ -8888,7 +8888,7 @@ react-select@^3.1.1: "@emotion/css" "^10.0.9" memoize-one "^5.0.0" prop-types "^15.6.0" - react-input-autosize "^2.2.2" + react-input-autosize "^3.0.0" react-transition-group "^4.3.0" react-sparklines@^1.7.0: From 7d0031a515a9ccd552fab9ad55b6edb7e0e5ba32 Mon Sep 17 00:00:00 2001 From: ThibG Date: Thu, 21 Jan 2021 14:29:54 +0100 Subject: [PATCH 18/18] Fix Google Translate breaking web interface (#15610) - marks the page as a whole as untranslatable - still marks user text as translatable Co-authored-by: Claire --- app/javascript/mastodon/components/status_content.js | 8 ++++---- .../mastodon/features/account/components/header.js | 6 +++--- .../features/getting_started/components/announcements.js | 2 +- app/views/home/index.html.haml | 2 +- app/views/public_timelines/show.html.haml | 2 +- app/views/tags/show.html.haml | 2 +- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/app/javascript/mastodon/components/status_content.js b/app/javascript/mastodon/components/status_content.js index 185a2a663f..190ced1a80 100644 --- a/app/javascript/mastodon/components/status_content.js +++ b/app/javascript/mastodon/components/status_content.js @@ -221,14 +221,14 @@ export default class StatusContent extends React.PureComponent { return (
{mentionsPlaceholder} -
+
{!hidden && !!status.get('poll') && } @@ -238,7 +238,7 @@ export default class StatusContent extends React.PureComponent { } else if (this.props.onClick) { const output = [
-
+
{!!status.get('poll') && } @@ -254,7 +254,7 @@ export default class StatusContent extends React.PureComponent { } else { return (
-
+
{!!status.get('poll') && } diff --git a/app/javascript/mastodon/features/account/components/header.js b/app/javascript/mastodon/features/account/components/header.js index b47ebed62e..0b4431d625 100644 --- a/app/javascript/mastodon/features/account/components/header.js +++ b/app/javascript/mastodon/features/account/components/header.js @@ -328,9 +328,9 @@ class Header extends ImmutablePureComponent { ))} {fields.map((pair, i) => (
-
+
-
+
{pair.get('verified_at') && }
@@ -340,7 +340,7 @@ class Header extends ImmutablePureComponent { {account.get('id') !== me && !suspended && } - {account.get('note').length > 0 && account.get('note') !== '

' &&
} + {account.get('note').length > 0 && account.get('note') !== '

' &&
}
{!suspended && ( diff --git a/app/javascript/mastodon/features/getting_started/components/announcements.js b/app/javascript/mastodon/features/getting_started/components/announcements.js index 5bc3abac66..4534f7121d 100644 --- a/app/javascript/mastodon/features/getting_started/components/announcements.js +++ b/app/javascript/mastodon/features/getting_started/components/announcements.js @@ -145,7 +145,7 @@ class Content extends ImmutablePureComponent { return (
diff --git a/app/views/home/index.html.haml b/app/views/home/index.html.haml index 94cc782b2b..3d6283fba1 100644 --- a/app/views/home/index.html.haml +++ b/app/views/home/index.html.haml @@ -8,7 +8,7 @@ = render_initial_state = javascript_pack_tag 'application', crossorigin: 'anonymous' -.app-holder#mastodon{ data: { props: Oj.dump(default_props) } } +.notranslate.app-holder#mastodon{ data: { props: Oj.dump(default_props) } } %noscript = image_pack_tag 'logo.svg', alt: 'Mastodon' diff --git a/app/views/public_timelines/show.html.haml b/app/views/public_timelines/show.html.haml index 3325be5bf1..9254bd3485 100644 --- a/app/views/public_timelines/show.html.haml +++ b/app/views/public_timelines/show.html.haml @@ -14,4 +14,4 @@ %p= t('about.browse_local_posts') #mastodon-timeline{ data: { props: Oj.dump(default_props.merge(local: !Setting.show_known_fediverse_at_about_page)) }} -#modal-container +.notranslate#modal-container diff --git a/app/views/tags/show.html.haml b/app/views/tags/show.html.haml index beeeb56f2d..5cd513b320 100644 --- a/app/views/tags/show.html.haml +++ b/app/views/tags/show.html.haml @@ -13,4 +13,4 @@ %p= t('about.about_hashtag_html', hashtag: @tag.name) #mastodon-timeline{ data: { props: Oj.dump(default_props.merge(hashtag: @tag.name, local: @local)) }} -#modal-container +.notranslate#modal-container