453 Commits (3598c2e1dbf9eafff3fc91b607c6b1b1f00c3675)

Author SHA1 Message Date
Nick Schonning c66250abf1
Autofix Rubocop Regex Style rules (#23690)
1 year ago
Claire e428670e61
Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273)
1 year ago
Matt Jankowski e49819142f
Remove unmaintained `nsa` gem (#25265)
1 year ago
Claire 94329f28e1
Change wording of “Content cache retention period” setting to highlight destructive implications (#23261)
1 year ago
Renaud Chaput 942d850b0a
Allow carets in URL search params (#25216)
1 year ago
Nick Schonning c0b9664a31
Autofix Rubocop spacing in config (#25022)
2 years ago
Nick Schonning cee4369cf5
Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#25002)
2 years ago
Matt Jankowski d9a958fcf7
Fix Performance/RedundantMerge cop (#24817)
2 years ago
Matt Jankowski d902a707a3
Fix Rails/CompactBlank cop (#24690)
2 years ago
Matt Jankowski 5a2aa06a51
Fix Rails/Present cop (#24688)
2 years ago
Nick Schonning 49fad26eca
Drop EOL Ruby 2.7 (#24237)
2 years ago
Nick Schonning 4687967176
Autofix Rubocop Style/NumericLiterals (#24468)
2 years ago
Claire 5c499f54e3
Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327)
2 years ago
Nick Schonning 500d6f93be
Autofix Rubocop Style/IdenticalConditionalBranches (#24322)
2 years ago
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
2 years ago
Claire e084b5b82d
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200)
2 years ago
Claire f432db7b9f
Fix sidekiq jobs not triggering Elasticsearch index updates (#24046)
2 years ago
Jean byroot Boussier 922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
2 years ago
Jamie Hoyle de137e6bb0
Added support for specifying S3 storage classes in environment (#22480)
2 years ago
Eugen Rochko c6ef56fd5e
Change rate limits to 1,500/5m per user, 300/5m per app (#23347)
2 years ago
luzpaz 596923da4a
Fix typos in source documentation (#21046)
2 years ago
Claire d587a268fd
Add logging for Rails cache timeouts (#21667)
2 years ago
Claire 7955d4b959
Add form-action CSP directive (#20781)
2 years ago
trwnh a2931d19ae
Add missing admin scopes (fix #20892) (#20918)
2 years ago
Eugen Rochko 43b0b2f3f4
Fix wrong directive `unsafe-wasm-eval` to `wasm-unsafe-eval` (#20729)
2 years ago
prplecake b46b7c3d5e
Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP (#20606)
2 years ago
Eugen Rochko 21fd25a269
Fix rate limiting for paths with formats (#20675)
2 years ago
Matt Corallo 9d039209cc
Add `Cache-Control` header to openstack-stored files (#20610)
2 years ago
David Hewitt 290d78cea4
Allow unsetting x-amz-acl S3 Permission headers (#20510)
2 years ago
prplecake aafbc82d88
Add "unsafe-eval" to script-src CSP (#18817)
2 years ago
Eugen Rochko bf0ab3e0fa
Fix vacuum scheduler missing lock, locks never expiring (#19458)
2 years ago
Eugen Rochko 0d6b878808
Add user content translations with configurable backends (#19218)
2 years ago
Eugen Rochko 546672e292
Change "Allow trends without prior review" setting to include statuses (#17977)
2 years ago
Jeong Arm 861b35dd54
Support "http_hidden_proxy" ENV var for hidden service only proxy (#18427)
2 years ago
Eugen Rochko e7aa2be828
Change how hashtags are normalized (#18795)
2 years ago
Claire ae4f068a84
Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored (#18568)
2 years ago
Eugen Rochko 96129c2f10
Fix confirmation redirect to app without `Location` header (#18523)
3 years ago
Eugen Rochko 679b7158e3
Change search indexing to use batches to minimize resource usage (#18451)
3 years ago
Eugen Rochko 7b0fe4aef9
Fix opening and closing Redis connections instead of using a pool (#18171)
3 years ago
Claire 8284110c55
Fix stoplight not using REDIS_NAMESPACE (#18160)
3 years ago
Eugen Rochko 3917353645
Fix single Redis connection being used across all threads (#18135)
3 years ago
Eugen Rochko 6e418bf346
Fix cookies secure flag being set when served over Tor (#17992)
3 years ago
Holger 39b489ba4c
fix: `s3_force_single_request` not parsed (#17922)
3 years ago
Eugen Rochko cefa526c6d
Refactor formatter (#17828)
3 years ago
Claire 895212bb2f
Fix PgHero suggesting migrations (#17807)
3 years ago
Yamagishi Kazutoshi eb9a7e3626
Fix LetterOpennerWeb CSP (#17770)
3 years ago
dependabot[bot] 46ad7fea9d
Bump rack-attack from 6.5.0 to 6.6.0 (#17405)
3 years ago
chandrn7 a6ed6845c9
Allow login through OpenID Connect (#16221)
3 years ago
Josh Soref b5329e0035
Spelling (#17705)
3 years ago
luzpaz 73f5e4a1d9
Fix various typos (#17621)
3 years ago
Claire 8603a07504
Fix error when trying to register (#17600)
3 years ago
zunda f9e7f2e409
Avoid return within block (#17590)
3 years ago
Jeong Arm 1de2e3f980
Throttle IPv6 signup for subnet (#17588)
3 years ago
Claire cfa583fa71
Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)
3 years ago
Eugen Rochko 8e84ebf0cb
Remove IP tracking columns from users table (#16409)
3 years ago
Jeong Arm ea61d3acd6
Fix media API limit (#17272)
3 years ago
Eugen Rochko fe71548844
Fix warnings on Rails boot (#16946)
3 years ago
Takeshi Umeda 06631fdc53
Fix ElasticSearch to Elasticsearch (#17050)
3 years ago
Takeshi Umeda 3419d3ec84
Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)
3 years ago
Claire 6da135a493
Fix reviving revoked sessions and invalidating login (#16943)
3 years ago
Jeong Arm c8ce728705
Support authentication for ElasticSearch (#16890)
3 years ago
Claire b21f3aa21d
Minor memory optimizations (#16507)
3 years ago
Daniel 2ed1c92c63
New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED (#16655)
3 years ago
Claire 211d5c3c30
Fix inefficiencies in auto-linking code (#16506)
3 years ago
Claire b715cede4d
Fix mailer jobs for deleted notifications erroring out (#16294)
4 years ago
Claire 97539b6a96
Fix host check on healthcheck path not being disabled (#16270)
4 years ago
Jeong Arm f09322f9cc
Disable host check on healthcheck path (#16243)
4 years ago
Takeshi Umeda 9b18914c35
Add a Redis environment variable for sidekiq (#16188)
4 years ago
Claire 566fc90913
Add Ruby 3.0 support (#16046)
4 years ago
Takeshi Umeda 2360191434
Fix guard against DNS rebinding attacks (#16095)
4 years ago
Takeshi Umeda 8323023464
Add guard against DNS rebinding attacks (#16087)
4 years ago
Eugen Rochko 3b8d085436
Fix app name, website and redirect URIs not having a maximum length (#16042)
4 years ago
Eugen Rochko 3f2533ca8e
Fix autoloading deprecation warnings from Rails 6 (#16010)
4 years ago
Eugen Rochko 82cce18227
Change health check (#15988)
4 years ago
Claire cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
4 years ago
Claire a4dcaef53b
Prepare Mastodon for zeitwerk autoloader (#15917)
4 years ago
Claire 43eff898a0
Prepare Mastodon for Rails 6 (#15911)
4 years ago
Eugen Rochko e89e976e92
Fix configuration for sidekiq-unique-jobs after 7.x upgrade (#15908)
4 years ago
Claire 65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
4 years ago
Eugen Rochko ee1119208c
Add `POST /api/v1/emails/confirmations` to REST API (#15816)
4 years ago
Shlee ab9c2ed98d
Delete pagination.rb (#15754)
4 years ago
Claire 21fb3f3684
Drop dependency on secure_headers, fix response headers (#15712)
4 years ago
Cecylia Bocovich e79f8dd85c
Onion service related changes to HTTPS handling (#15560)
4 years ago
Shubhendra Singh Chauhan c8d11b8bdb
Fixed code quality issues (#15541)
4 years ago
luigi eb51e43fb4
Optimize some regex matching (#15528)
4 years ago
kaiyou f47c177eb7
Support clock drift in Omniauth SAML provider (#15511)
4 years ago
Eugen Rochko 9915d11c0d
Fix unnecessary queries when batch-removing statuses, 100x faster (#15387)
4 years ago
Eugen Rochko 1045549f85
Add stoplight for object storage failures, return HTTP 503 (#13043)
4 years ago
Eugen Rochko df1653174b
Add cache buster feature for media files (#15155)
4 years ago
Eugen Rochko acc1c03861
Fix cookies not having a SameSite attribute (#15098)
4 years ago
Josh Leeb-du Toit 0c24f4dce2
Add support for Gemini urls (#15013)
4 years ago
Eugen Rochko 5e1364c448
Add IP-based rules (#14963)
4 years ago
tateisu 7919418e4c
add S3_READ_TIMEOUT environment variable (#14952)
4 years ago
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
4 years ago
Eugen Rochko 81a3db1564
Change rate limits for various paths (#14253)
4 years ago
ThibG a783bdf4ad
Fix hashtag column options styling (#14247)
4 years ago
Eugen Rochko 6d23d40420
Change Redis#exists calls to Redis#exists? to avoid deprecation warning (#14191)
4 years ago
Eugen Rochko 7aaf2b44ec
Fix remote files not using Content-Type header, streaming (#14184)
4 years ago
Eugen Rochko 8c04e37b03
Remove the terms blacklist and whitelist from UX (#14149)
4 years ago
mayaeh f56129a947
Suppress Redis#exists(key) warning (#14067)
4 years ago