Stanislas
d33351af3c
tootctl emoji import: case insensitive duplicate check ( #15738 )
4 years ago
dependabot[bot]
88d69d3261
Bump brakeman from 4.10.1 to 5.0.0 ( #15656 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.10.1...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Yurii Izorkin
297a3cf904
templates/systemd/mastodon: enable sandbox mode ( #15937 )
4 years ago
Claire
cbd0ee1d07
Update Mastodon to Rails 6.1 ( #15910 )
...
* Update devise-two-factor to unreleased fork for Rails 6 support
Update tests to match new `rotp` version.
* Update nsa gem to unreleased fork for Rails 6 support
* Update rails to 6.1.3 and rails-i18n to 6.0
* Update to unreleased fork of pluck_each for Ruby 6 support
* Run "rails app:update"
* Add missing ActiveStorage config file
* Use config.ssl_options instead of removed ApplicationController#force_ssl
Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.
* Fix nonce directives by removing Rails 5 specific monkey-patching
* Fix fixture_file_upload deprecation warning
* Fix yield-based test failing with Rails 6
* Use Rails 6's index_with when possible
* Use ActiveRecord::Cache::Store#delete_multi from Rails 6
This will yield better performances when deleting an account
* Disable Rails 6.1's automatic preload link headers
Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.
In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.
* Switch to Rails 6.0 default config
* Switch to Rails 6.1 default config
* Do not include autoload paths in the load path
4 years ago
Claire
82556834cf
Change mastodon:setup to not call assets:precompile in docker ( #13942 )
...
It appears assets are built during image build, and they shouldn't need
to be rebuilt, since we now have reproducible builds.
4 years ago
Claire
1c4dee4554
Fix Mastodon not understanding as:Public and Public ( #15948 )
...
Fixes #5551
4 years ago
Claire
034f37b85a
Fix compose form behavior in mobile view ( #15555 )
...
* Fix ComposeForm being mounted twice in mobile view
Fixes #13094
* Fix compose form focus and pre-selection behavior in mobile view
* Split _updateFocusAndSelection out of componentDidUpdate
4 years ago
Claire
49814d5799
Switch from deprecated ClusterWS/cws to ws package ( #15932 )
...
* Switch from deprecated ClusterWS/cws to ws package
Fixes #15184
Co-authored-by: Edho Arief <me@nanaya.pro>
* Make bufferutil and utf-8-validate optional dependencies
Co-authored-by: Edho Arief <me@nanaya.pro>
4 years ago
dependabot[bot]
c3aef491d6
Bump react-select from 3.2.0 to 4.0.2 ( #15624 )
...
* Bump react-select from 3.2.0 to 4.0.2
Bumps [react-select](https://github.com/JedWatson/react-select ) from 3.2.0 to 4.0.2.
- [Release notes](https://github.com/JedWatson/react-select/releases )
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md )
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.2.0...react-select@4.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
* Add cacheKey to NonceProvider for react-select
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
4 years ago
dependabot[bot]
1b3ebcfe53
Bump aws-sdk-s3 from 1.91.0 to 1.92.0 ( #15938 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.91.0 to 1.92.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
6b5cda6ec3
Bump css-loader from 5.1.2 to 5.1.3 ( #15940 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 5.1.2 to 5.1.3.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.2...v5.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
229968bdff
Bump rspec-rails from 5.0.0 to 5.0.1 ( #15939 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
b5288798a8
Bump ox from 2.14.3 to 2.14.4 ( #15941 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.14.3 to 2.14.4.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.14.3...v2.14.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
64942fa31d
Bump sidekiq from 6.1.3 to 6.2.0 ( #15943 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.1.3 to 6.2.0.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.3...v6.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
472d5005c0
Bump blurhash from 0.1.4 to 0.1.5 ( #15942 )
...
Bumps [blurhash](https://github.com/Gargron/blurhash ) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/Gargron/blurhash/releases )
- [Commits](https://github.com/Gargron/blurhash/commits/v0.1.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
829a598f1d
Bump sidekiq-unique-jobs from 7.0.4 to 7.0.7 ( #15944 )
...
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs ) from 7.0.4 to 7.0.7.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases )
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.0.4...v7.0.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Sandro
46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions ( #10823 )
...
* Format, apply hadolint suggestions, little nitpicks
* Use pre compiled jemalloc
* Use tini from package repository
4 years ago
Claire
876840e9ef
Fix brakeman warning ( #15870 )
...
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.
This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
4 years ago
Claire
051efed5ed
Bypass MX validation for explicitly allowed domains ( #15930 )
...
* Bypass MX validation for explicitly allowed domains
This spares some lookups and prevent issues in some edge cases with
local domains.
* Add tests
* Fix test
4 years ago
Claire
d023eefbcc
Fix push notification title for polls ( #15931 )
4 years ago
Claire
5d48402be1
Fixing the hero widget ( #15926 )
...
* Removing last-child padding conflicts with light theme in hero widget
* Add missing background color to widget
* Reset widget.scss to default
* Hope this works
Co-authored-by: koyu <me@koyu.space>
4 years ago
Claire
39a490c70e
Fix custom CSS when CDN_HOST is set ( #15927 )
4 years ago
Claire
0ff4264c3e
Add missing push notification title for polls ( #15929 )
4 years ago
Marcin Mikołajczak
8fa11b0e83
Add missing `en.notification_mailer.status.subject` ( #15564 )
...
* Add missing `en.notification_mailer.status.subject`
* Update en.yml
4 years ago
Eugen Rochko
af8fe6e1e9
WIP ( #15222 )
4 years ago
Claire
741d0952b1
Improve account counters handling ( #15913 )
...
* Improve account counters handling
* Use ActiveRecord::Base::sanitize_sql to pass values instead of interpolating them
Keep using string interpolation for `key` as it is safe and using
“ActiveRecord::Base::sanitize_sql_hash_for_assignment” would require stitching
bits of SQL in a way that is not more easily checked for safety.
* Add migration hook to catch PostgreSQL versions earlier than 9.5
4 years ago
Claire
c31c95ffe4
Remove MySQL-specific code from Mastodon::MigrationHelpers ( #15924 )
...
Mastodon::MigrationHelpers has been forked from Gitlab a long time ago, but
Mastodon has never supported using a MySQL database.
Removing MySQL support from Mastodon::MigrationHelpers makes it a little easier
to maintain. In particular, it removes code that would need updating with
Rails 6.
4 years ago
Claire
82caed594c
Change deduplication order of tootctl maintenance fix-duplicates ( #15923 )
...
Hopefully fixes #15922
Also update support up to latest database schema version
4 years ago
Claire
b358229834
Further preparation for Rails 6 ( #15916 )
...
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash
They do the same thing, and to_hash has been removed from Rails 6.1
* Explicitly name polymorphic indexes to workaround a bug in Rails 6.1
cf. https://github.com/rails/rails/issues/41693
* Fix incorrect usage of “foreign_key” in migration script
* Use `ActiveModel::Errors#delete` instead of deprecated clear method
* Fix link headers tests on Rails 6.1
Rails 6.1 adds values to the Link header by default, thus it is not a
LinkHeader object anymore. Fix the test to parse the Link header instead
of assuming it is a LinkHeader.
4 years ago
Claire
55ac2b9c60
Add option to opt out of unread notification markers ( #15842 )
...
Fixes #15133
4 years ago
Claire
9aaaa96d2f
Use more robust hook for loading timestamp_id function into database ( #15919 )
4 years ago
Claire
a4dcaef53b
Prepare Mastodon for zeitwerk autoloader ( #15917 )
...
* Prepare Mastodon for zeitwerk autoloader (Rails 6)
Add inflections and rename/move a few classes.
In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.
* Add inflection for Url → URL
4 years ago
Claire
5027abecd1
Fix cache_collection crashing when given an empty collection ( #15921 )
...
* Fix cache_collection crashing when given an empty collection
* Add tests
4 years ago
Claire
43eff898a0
Prepare Mastodon for Rails 6 ( #15911 )
...
* Fix misuse of foreign_type
* Fix use of removed "add_template_helper"
* Use response.media_type instead of response.content_type in tests
* Fix CSV export controller test on Rails 6
Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.
This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.
* Fix emoji formatting with Rails 6
* Make emoji output more idiomatic and robust
* Switch from redis-rails gem to built-in Rails redis cache storage
4 years ago
dependabot[bot]
9cb6bc56fa
Bump rspec-rails from 4.1.0 to 5.0.0 ( #15876 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v4.1.0...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
0c9ce7b451
Bump @babel/plugin-transform-runtime from 7.13.9 to 7.13.10 ( #15903 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.13.9 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-plugin-transform-runtime )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
506010abc5
Bump bundler-audit from 0.7.0.1 to 0.8.0 ( #15877 )
...
Bumps [bundler-audit](https://github.com/postmodern/bundler-audit ) from 0.7.0.1 to 0.8.0.
- [Release notes](https://github.com/postmodern/bundler-audit/releases )
- [Changelog](https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md )
- [Commits](https://github.com/postmodern/bundler-audit/compare/v0.7.0.1...v0.8.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
8066f7baf0
Bump @babel/runtime from 7.13.9 to 7.13.10 ( #15904 )
...
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.13.9 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-runtime )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
aa97433e00
Bump @babel/preset-env from 7.13.9 to 7.13.10 ( #15901 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.13.9 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-preset-env )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
89ff042292
Bump eslint from 7.21.0 to 7.22.0 ( #15906 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 7.21.0 to 7.22.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.21.0...v7.22.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
9cd6a076b7
Bump css-loader from 5.1.1 to 5.1.2 ( #15905 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.1...v5.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
211e5164c4
Bump @babel/core from 7.13.8 to 7.13.10 ( #15902 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.13.8 to 7.13.10.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.13.10/packages/babel-core )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
a5b178094b
Bump react-toggle from 4.1.1 to 4.1.2 ( #15900 )
...
Bumps [react-toggle](https://github.com/aaronshaf/react-toggle ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/aaronshaf/react-toggle/releases )
- [Changelog](https://github.com/aaronshaf/react-toggle/blob/master/CHANGELOG.md )
- [Commits](https://github.com/aaronshaf/react-toggle/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Eugen Rochko
e89e976e92
Fix configuration for sidekiq-unique-jobs after 7.x upgrade ( #15908 )
...
Remove locks from scheduled jobs
4 years ago
dependabot[bot]
33198d8c05
Bump pghero from 2.7.4 to 2.8.0 ( #15907 )
...
Bumps [pghero](https://github.com/ankane/pghero ) from 2.7.4 to 2.8.0.
- [Release notes](https://github.com/ankane/pghero/releases )
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/pghero/compare/v2.7.4...v2.8.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Filipe Rodrigues
3dc94d9f91
Fix reference to non-existing translation in the exports page. ( #15894 )
...
The exports page showed a different "CSV" capitalisation in the
"Bookmarks" row ("Csv") compared to the other rows ("CSV").
This was due to a referece to a translation string that does not exist,
`bookmarks.csv`, defaulting to the key's last segment in title case.
This issue was introduced in commit dcd86204 (PR #14956 ).
(h/t @meqif for helping with figuring out the bug)
4 years ago
dependabot[bot]
43983bb332
Bump json-ld-preloaded from 3.1.4 to 3.1.5 ( #15880 )
...
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded ) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases )
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.4...3.1.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
1595233185
Bump oj from 3.11.2 to 3.11.3 ( #15874 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.11.2 to 3.11.3.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.11.2...v3.11.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
34643df65f
Bump nokogiri from 1.11.1 to 1.11.2 ( #15881 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.11.1 to 1.11.2.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.1...v1.11.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
ba85109dc1
Bump parallel_tests from 3.5.1 to 3.5.2 ( #15882 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.5.1 to 3.5.2.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.5.1...v3.5.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago