glitchier-soc

Author	SHA1	Message	Date
Claire	fdfcc4fcb7	Fix OpenGraph/LinkedData embeds having incorrectly-generated iframes (#16978 )	2021-11-13 03:30:27 +01:00
Claire	ef8deb0878	Fix OpenGraph/LinkedData embeds having incorrectly-generated iframes (#16978 )	2021-11-13 03:30:27 +01:00
Jeong Arm	1723b4f6b3	Rename, move, fix code	2021-11-12 19:51:35 +01:00
Jeong Arm	8b8d58c670	Rename, move, fix code	2021-11-12 19:51:35 +01:00
Jeong Arm	675b222ac5	Fix admin sidebar on Mobile layout	2021-11-12 19:51:35 +01:00
Jeong Arm	3238e60823	Fix admin sidebar on Mobile layout	2021-11-12 19:51:35 +01:00
Claire	b5960bd1f2	Fix some glitch-soc styling issues due to different class names Partial fix to #1629	2021-11-12 16:29:36 +01:00
Claire	f33878969a	Fix some glitch-soc styling issues due to different class names Partial fix to #1629	2021-11-12 16:29:36 +01:00
Yusuke Nakamura	786e5e634c	Build container image by GitHub Actions (#16973 ) * Build container image by GitHub Actions * Trigger docker build only pushed to main branch * Tweak tagging imgae - "edge" is the main branch - "latest" is the tagged latest release	2021-11-12 05:18:29 +01:00
Yusuke Nakamura	e510302a7c	Build container image by GitHub Actions (#16973 ) * Build container image by GitHub Actions * Trigger docker build only pushed to main branch * Tweak tagging imgae - "edge" is the main branch - "latest" is the tagged latest release	2021-11-12 05:18:29 +01:00
Claire	65a727c888	Fix "bundle exec rails mastodon:setup" crashing in some circumstances (#16976 ) Fix regression from #16896	2021-11-11 14:00:30 +01:00
Claire	18b885ee3a	Fix "bundle exec rails mastodon:setup" crashing in some circumstances (#16976 ) Fix regression from #16896	2021-11-11 14:00:30 +01:00
Shlee	15ac5f2a2f	[CircleCI] Test using Postgres 14 (#16948 ) * Update config.yml * Update config.yml	2021-11-06 17:13:51 +01:00
Shlee	1114935e64	[CircleCI] Test using Postgres 14 (#16948 ) * Update config.yml * Update config.yml	2021-11-06 17:13:51 +01:00
Eugen Rochko	8925737d2c	Forward port version bumps to 3.4.2 and 3.4.3 (#16945 ) * Bump version to 3.4.2 * Bump version to 3.4.3	2021-11-06 05:32:14 +01:00
Eugen Rochko	2251db42ec	Forward port version bumps to 3.4.2 and 3.4.3 (#16945 ) * Bump version to 3.4.2 * Bump version to 3.4.3	2021-11-06 05:32:14 +01:00
Claire	810f477838	Merge pull request #1628 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2021-11-06 00:33:55 +01:00
Claire	a25839340e	Merge pull request #1628 from ClearlyClaire/glitch-soc/merge-upstream Merge upstream changes	2021-11-06 00:33:55 +01:00
Claire	21e3306721	Merge branch 'main' into glitch-soc/merge-upstream	2021-11-06 00:15:38 +01:00
Claire	4bb6b1a1e7	Merge branch 'main' into glitch-soc/merge-upstream	2021-11-06 00:15:38 +01:00
Claire	9e122d774d	Fix reviving revoked sessions and invalidating login (#16943 ) Up until now, we have used Devise's Rememberable mechanism to re-log users after the end of their browser sessions. This mechanism relies on a signed cookie containing a token. That token was stored on the user's record, meaning it was shared across all logged in browsers, meaning truly revoking a browser's ability to auto-log-in involves revoking the token itself, and revoking access from all logged-in browsers. We had a session mechanism that dynamically checks whether a user's session has been disabled, and would log out the user if so. However, this would only clear a session being actively used, and a new one could be respawned with the `remember_user_token` cookie. In practice, this caused two issues: - sessions could be revived after being closed from /auth/edit (security issue) - auto-log-in would be disabled for all browsers after logging out from one of them This PR removes the `remember_token` mechanism and treats the `_session_id` cookie/token as a browser-specific `remember_token`, fixing both issues.	2021-11-06 00:13:58 +01:00
Claire	6da135a493	Fix reviving revoked sessions and invalidating login (#16943 ) Up until now, we have used Devise's Rememberable mechanism to re-log users after the end of their browser sessions. This mechanism relies on a signed cookie containing a token. That token was stored on the user's record, meaning it was shared across all logged in browsers, meaning truly revoking a browser's ability to auto-log-in involves revoking the token itself, and revoking access from all logged-in browsers. We had a session mechanism that dynamically checks whether a user's session has been disabled, and would log out the user if so. However, this would only clear a session being actively used, and a new one could be respawned with the `remember_user_token` cookie. In practice, this caused two issues: - sessions could be revived after being closed from /auth/edit (security issue) - auto-log-in would be disabled for all browsers after logging out from one of them This PR removes the `remember_token` mechanism and treats the `_session_id` cookie/token as a browser-specific `remember_token`, fixing both issues.	2021-11-06 00:13:58 +01:00
Claire	925adbf7af	Fix AccountNote not having a maximum length (#16942 )	2021-11-06 00:12:25 +01:00
Claire	87085a5152	Fix AccountNote not having a maximum length (#16942 )	2021-11-06 00:12:25 +01:00
Eugen Rochko	4dc87ffc06	Add support for structured data and more OpenGraph tags to link cards (#16938 ) Save preview cards under their canonical URL Increase max redirects to follow from 2 to 3	2021-11-05 23:23:05 +01:00
Eugen Rochko	39cdf61ab7	Add support for structured data and more OpenGraph tags to link cards (#16938 ) Save preview cards under their canonical URL Increase max redirects to follow from 2 to 3	2021-11-05 23:23:05 +01:00
Claire	91bd8b921b	Fix handling announcements with links (#16941 ) Broken since #15827	2021-11-05 21:14:35 +01:00
Claire	989c67d29d	Fix handling announcements with links (#16941 ) Broken since #15827	2021-11-05 21:14:35 +01:00
Jeong Arm	33110dee93	Fix statuses order in account's statuses admin page (#16937 )	2021-11-04 15:49:35 +01:00
Jeong Arm	458830ee7c	Fix statuses order in account's statuses admin page (#16937 )	2021-11-04 15:49:35 +01:00
dependabot[bot]	27226444d1	Bump @babel/preset-env from 7.15.8 to 7.16.0 (#16923 ) Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.15.8 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 22:15:45 +09:00
dependabot[bot]	afb2b19ff5	Bump @babel/preset-env from 7.15.8 to 7.16.0 (#16923 ) Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.15.8 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 22:15:45 +09:00
dependabot[bot]	1fab15e868	Bump @babel/preset-react from 7.14.5 to 7.16.0 (#16926 ) Bumps [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react) from 7.14.5 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-preset-react) --- updated-dependencies: - dependency-name: "@babel/preset-react" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:57:45 +09:00
dependabot[bot]	47243e9815	Bump @babel/preset-react from 7.14.5 to 7.16.0 (#16926 ) Bumps [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react) from 7.14.5 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-preset-react) --- updated-dependencies: - dependency-name: "@babel/preset-react" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:57:45 +09:00
dependabot[bot]	ffd5671fae	Bump @babel/plugin-proposal-decorators from 7.15.8 to 7.16.0 (#16924 ) Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.15.8 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-plugin-proposal-decorators) --- updated-dependencies: - dependency-name: "@babel/plugin-proposal-decorators" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:52:51 +09:00
dependabot[bot]	547642fc36	Bump @babel/plugin-proposal-decorators from 7.15.8 to 7.16.0 (#16924 ) Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.15.8 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-plugin-proposal-decorators) --- updated-dependencies: - dependency-name: "@babel/plugin-proposal-decorators" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:52:51 +09:00
dependabot[bot]	f50cb26c77	Bump @babel/plugin-transform-runtime from 7.15.8 to 7.16.0 (#16927 ) Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.15.8 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-plugin-transform-runtime) --- updated-dependencies: - dependency-name: "@babel/plugin-transform-runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:39:29 +09:00
dependabot[bot]	59415607e0	Bump @babel/plugin-transform-runtime from 7.15.8 to 7.16.0 (#16927 ) Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.15.8 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-plugin-transform-runtime) --- updated-dependencies: - dependency-name: "@babel/plugin-transform-runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:39:29 +09:00
dependabot[bot]	5e54e7e045	Bump reselect from 4.0.0 to 4.1.1 (#16931 ) Bumps [reselect](https://github.com/reduxjs/reselect) from 4.0.0 to 4.1.1. - [Release notes](https://github.com/reduxjs/reselect/releases) - [Changelog](https://github.com/reduxjs/reselect/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/reselect/compare/v4.0.0...v4.1.1) --- updated-dependencies: - dependency-name: reselect dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:30:11 +09:00
dependabot[bot]	31c8f8837c	Bump reselect from 4.0.0 to 4.1.1 (#16931 ) Bumps [reselect](https://github.com/reduxjs/reselect) from 4.0.0 to 4.1.1. - [Release notes](https://github.com/reduxjs/reselect/releases) - [Changelog](https://github.com/reduxjs/reselect/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/reselect/compare/v4.0.0...v4.1.1) --- updated-dependencies: - dependency-name: reselect dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:30:11 +09:00
dependabot[bot]	30936af9fc	Bump sass from 1.43.3 to 1.43.4 (#16922 ) Bumps [sass](https://github.com/sass/dart-sass) from 1.43.3 to 1.43.4. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.43.3...1.43.4) --- updated-dependencies: - dependency-name: sass dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:27:13 +09:00
dependabot[bot]	89b1f76124	Bump sass from 1.43.3 to 1.43.4 (#16922 ) Bumps [sass](https://github.com/sass/dart-sass) from 1.43.3 to 1.43.4. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.43.3...1.43.4) --- updated-dependencies: - dependency-name: sass dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:27:13 +09:00
dependabot[bot]	24050affa5	Bump redux-thunk from 2.3.0 to 2.4.0 (#16932 ) Bumps [redux-thunk](https://github.com/reduxjs/redux-thunk) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/reduxjs/redux-thunk/releases) - [Commits](https://github.com/reduxjs/redux-thunk/compare/v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: redux-thunk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:26:55 +09:00
dependabot[bot]	75b79b9619	Bump redux-thunk from 2.3.0 to 2.4.0 (#16932 ) Bumps [redux-thunk](https://github.com/reduxjs/redux-thunk) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/reduxjs/redux-thunk/releases) - [Commits](https://github.com/reduxjs/redux-thunk/compare/v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: redux-thunk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:26:55 +09:00
dependabot[bot]	100cfa0cba	Bump redux from 4.1.1 to 4.1.2 (#16928 ) Bumps [redux](https://github.com/reduxjs/redux) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/reduxjs/redux/releases) - [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/redux/compare/v4.1.1...v4.1.2) --- updated-dependencies: - dependency-name: redux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:26:31 +09:00
dependabot[bot]	6305090341	Bump redux from 4.1.1 to 4.1.2 (#16928 ) Bumps [redux](https://github.com/reduxjs/redux) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/reduxjs/redux/releases) - [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/redux/compare/v4.1.1...v4.1.2) --- updated-dependencies: - dependency-name: redux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:26:31 +09:00
dependabot[bot]	3bc8a444a9	Bump brakeman from 5.1.1 to 5.1.2 (#16920 ) Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/presidentbeef/brakeman/releases) - [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md) - [Commits](https://github.com/presidentbeef/brakeman/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: brakeman dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:25:57 +09:00
dependabot[bot]	bb08297c99	Bump brakeman from 5.1.1 to 5.1.2 (#16920 ) Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/presidentbeef/brakeman/releases) - [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md) - [Commits](https://github.com/presidentbeef/brakeman/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: brakeman dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:25:57 +09:00
dependabot[bot]	d66f3cd20d	Bump @babel/runtime from 7.15.4 to 7.16.0 (#16930 ) Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.15.4 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:23:00 +09:00
dependabot[bot]	f604f63fa2	Bump @babel/runtime from 7.15.4 to 7.16.0 (#16930 ) Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.15.4 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-11-02 21:23:00 +09:00

... 225 226 227 228 229 ...

39663 commits