glitchier-soc

Author	SHA1	Message	Date
Claire	0f43ff7a95	Merge pull request #1679 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2022-02-06 16:23:57 +01:00
Claire	aaace9f1db	Merge branch 'main' into glitch-soc/merge-upstream Conflicts: - `CHANGELOG.md`: Upstream added newlines. Conflicts are because the CHANGELOG was independently merged from 3.4.6 on last security update. Took upstream's version. - `app/helpers/context_helper.rb`: Conflicts because of extra vocabulary in glitch-soc. The conflicts were actually handled in last security merge. Kept our version.	2022-02-06 15:34:42 +01:00
Claire	5d53b3c8a7	Fix instance actor not being dereferenceable (#17457 ) * Add tests * Fix instance actor not being dereferenceable * Fix tests * Fix tests for real	2022-02-06 15:31:03 +01:00
potpro	3050472467	Update build-image.yml (#17454 )	2022-02-05 17:29:54 +01:00
Claire	aa5dd344d1	Merge pull request #1678 from ClearlyClaire/glitch-soc/fixes/robust-theme-fallback Make theme-selection fall back to default ones if configured is not found	2022-02-05 13:24:05 +01:00
Claire	c94ff7c869	Move glitch-soc-specific theming methods to ThemingConcern	2022-02-05 10:58:51 +01:00
Claire	4944068bd0	Make theme-selection fall back to default ones if configured is not found	2022-02-05 10:29:27 +01:00
Eugen Rochko	25d1195a04	Fix error on account relationships page in admin UI (#17444 )	2022-02-05 05:06:34 +01:00
dependabot[bot]	6f42c1402f	Bump brakeman from 5.2.0 to 5.2.1 (#17410 ) Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.2.0 to 5.2.1. - [Release notes](https://github.com/presidentbeef/brakeman/releases) - [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md) - [Commits](https://github.com/presidentbeef/brakeman/compare/v5.2.0...v5.2.1) --- updated-dependencies: - dependency-name: brakeman dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-02-05 13:03:12 +09:00
dependabot[bot]	6c36323b05	Bump redis from 4.0.2 to 4.0.3 (#17412 ) Bumps [redis](https://github.com/redis/node-redis) from 4.0.2 to 4.0.3. - [Release notes](https://github.com/redis/node-redis/releases) - [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md) - [Commits](https://github.com/redis/node-redis/compare/redis@4.0.2...redis@4.0.3) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-02-05 13:03:06 +09:00
dependabot[bot]	97c400de92	Bump sidekiq-scheduler from 3.1.0 to 3.1.1 (#17407 ) Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases) - [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.1.0...v3.1.1) --- updated-dependencies: - dependency-name: sidekiq-scheduler dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-02-05 13:02:57 +09:00
dependabot[bot]	ee72920b41	Bump http-link-header from 1.0.3 to 1.0.4 (#17414 ) Bumps [http-link-header](https://github.com/jhermsmeier/node-http-link-header) from 1.0.3 to 1.0.4. - [Release notes](https://github.com/jhermsmeier/node-http-link-header/releases) - [Changelog](https://github.com/jhermsmeier/node-http-link-header/blob/master/CHANGELOG.md) - [Commits](https://github.com/jhermsmeier/node-http-link-header/compare/v1.0.3...v1.0.4) --- updated-dependencies: - dependency-name: http-link-header dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-02-05 13:02:42 +09:00
Alexandra Catalina	58db467b01	Update tootsuite/mastodon Docker tag to v3.4.6 (#17436 ) Co-authored-by: Renovate Bot <bot@renovateapp.com>	2022-02-03 21:29:20 +01:00
Eugen Rochko	d4e8594b82	Forward-port version bump to 3.4.6 (#17434 )	2022-02-03 14:21:38 +01:00
Claire	418d45892d	Merge pull request #1676 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2022-02-03 14:09:19 +01:00
Claire	b3190c2cd6	Fix compacted JSON-LD possibly causing compatibility issues on forwarding (#17428 )	2022-02-03 14:09:04 +01:00
Claire	ec8cf0e39b	Fix response_to_recipient? CTE (#17427 )	2022-02-03 14:07:43 +01:00
Claire	b891d09d2f	Compact JSON-LD signed incoming activities (#17426 ) Co-authored-by: Puck Meerburg <puck@puck.moe>	2022-02-03 14:07:29 +01:00
Claire	fdf5030d85	Bump version to 3.4.6	2022-02-03 12:12:27 +01:00
Claire	eee2c187ee	Fix response_to_recipient? CTE	2022-02-02 19:55:57 +01:00
Claire	77cc434f2b	Fix compacted JSON-LD possibly causing compatibility issues on forwarding	2022-02-02 19:55:57 +01:00
Puck Meerburg	9d92e9204f	Compact JSON-LD signed incoming activities	2022-02-02 16:13:11 +01:00
Claire	46b9ab8b81	Merge pull request #1675 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2022-02-01 21:41:58 +01:00
Claire	2341754c70	Merge branch 'main' into glitch-soc/merge-upstream	2022-02-01 20:59:28 +01:00
Alexandra Catalina	a8aba8a526	Update tootsuite/mastodon Docker tag to v3.4.5 (#17417 ) Co-authored-by: Renovate Bot <bot@renovateapp.com>	2022-02-01 20:57:50 +01:00
Claire	2657ca3b5e	Fix requiring an extra restart after recent post-deployment migrations (#17422 ) Follow-up to #16409	2022-02-01 20:57:39 +01:00
Rohan Sharma	e96b704def	Fixed prototype pollution bug and only allow trusted origin (#17420 )	2022-02-01 17:34:48 +01:00
Claire	c7083702fa	Bump version to 3.4.5 (#17402 )	2022-01-31 21:27:40 +01:00
Claire	caca95dc85	Merge pull request #1674 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2022-01-31 10:51:11 +01:00
Claire	e56e9d5e03	Merge branch 'main' into glitch-soc/merge-upstream	2022-01-31 10:42:17 +01:00
Daniel Jakots	646789f51e	Bump NODE_VER to 16.13.2, to solve security issues (#17399 ) Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824. See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/	2022-01-31 00:32:03 +01:00
Claire	7389378eed	Add more advanced migration tests (#17393 ) - populate the database with some data when testing migrations - try both one-step and two-step migrations (`SKIP_POST_DEPLOYMENT_MIGRATIONS`)	2022-01-30 23:50:08 +01:00
Claire	507cb23dc3	Change index corruption warning to be a little less scary (#17395 )	2022-01-30 23:49:52 +01:00
Claire	f768251346	Merge pull request #1673 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2022-01-30 22:51:32 +01:00
Claire	71862291aa	Fix edge case in migration helpers that caused crash because of PostgreSQL quirks (#17398 )	2022-01-30 22:34:54 +01:00
Claire	a2bc2e14c6	Merge branch 'main' into glitch-soc/merge-upstream	2022-01-30 22:33:30 +01:00
Claire	c3e77d07d2	Fix some old migration scripts (#17394 ) * Fix some old migration scripts * Fix edge case in two-step migration from older releases	2022-01-30 21:38:54 +01:00
Claire	8919f6cf63	Change public profile pages to be disabled for unconfirmed users (#17385 ) Fixes #17382 Note that unconfirmed and unapproved accounts can still be searched for and their (empty) account retrieved using the REST API.	2022-01-28 14:24:37 +01:00
Claire	482ba7ced5	Merge pull request #1668 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2022-01-28 09:38:44 +01:00
Claire	de596a03c0	Fix Sidekiq warning when pushing DMs to direct timeline	2022-01-28 09:07:56 +01:00
Claire	daab277c0e	Merge branch 'main' into glitch-soc/merge-upstream Conflicts: - `Gemfile.lock`: Upstream-updated lib textually too close to glitch-soc-only dep. Updated like upstream.	2022-01-28 08:58:32 +01:00
Claire	1f07ab014d	Refactor and improve tests (#17386 ) * Change account and user fabricators to simplify and improve tests - `Fabricate(:account)` implicitly fabricates an associated `user` if no `domain` attribute is given (an account with `domain: nil` is considered a local account, but no user record was created), unless `user: nil` is passed - `Fabricate(:account, user: Fabricate(:user))` should still be possible but is discouraged. * Fix and refactor tests - avoid passing unneeded attributes to `Fabricate(:user)` or `Fabricate(:account)` - avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other way around - prefer `Fabricate(:user, account_attributes: …)` to `Fabricate(:user, account: Fabricate(:account, …)` - also, some tests were using remote accounts with local user records, which is not representative of production code.	2022-01-28 00:46:42 +01:00
Claire	33ea1c9008	Fix Sidekiq warnings about JSON serialization (#17381 ) * Fix Sidekiq warnings about JSON serialization This occurs on every symbol argument we pass, and every symbol key in hashes, because Sidekiq expects strings instead. See https://github.com/mperham/sidekiq/pull/5071 We do not need to change how workers parse their arguments because this has not changed and we were already converting to symbols adequately or using `with_indifferent_access`. * Set Sidekiq to raise on unsafe arguments in test mode In order to more easily catch issues that would produce warnings in production code.	2022-01-28 00:43:56 +01:00
Claire	1d846bd6fb	Fix some old database migrations (#17379 )	2022-01-27 18:13:41 +01:00
dependabot[bot]	5801e6d7ef	Bump pg from 1.2.3 to 1.3.0 (#17349 ) Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.3 to 1.3.0. - [Release notes](https://github.com/ged/ruby-pg/releases) - [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc) - [Commits](https://github.com/ged/ruby-pg/compare/v1.2.3...v1.3.0) --- updated-dependencies: - dependency-name: pg dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-01-27 20:26:40 +09:00
dependabot[bot]	f5401e89f3	Bump axios from 0.24.0 to 0.25.0 (#17354 ) Bumps [axios](https://github.com/axios/axios) from 0.24.0 to 0.25.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v0.24.0...v0.25.0) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-01-27 20:26:18 +09:00
dependabot[bot]	b7de46786d	Bump rdf-normalize from 0.4.0 to 0.5.0 (#17226 ) Bumps [rdf-normalize](https://github.com/ruby-rdf/rdf-normalize) from 0.4.0 to 0.5.0. - [Release notes](https://github.com/ruby-rdf/rdf-normalize/releases) - [Commits](https://github.com/ruby-rdf/rdf-normalize/compare/0.4.0...0.5.0) --- updated-dependencies: - dependency-name: rdf-normalize dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-01-27 20:25:18 +09:00
Claire	56a49e9334	Merge branch 'main' into glitch-soc/merge-upstream Conflicts: - `config/environments/production.rb`: Upstream changed a header but we had different default headers. Applied the same change, and also dropped HSTS headers redundant with Rails'.	2022-01-26 22:32:21 +01:00
Claire	6e8d231e27	Fix local distribution of edited statuses (#17380 ) Because `FanOutOnWriteService#update?` was broken, edits were considered as new toots and a regular `update` payload was sent.	2022-01-26 20:53:50 +01:00
Su Yang	43b5489c0f	Add healthcheck for sidekiq (#17365 )	2022-01-26 18:08:49 +01:00

1 2 3 4 5 ...

14670 commits