ThibG
47dfcc601b
Fix some flash notices/alerts staying on unrelated pages ( #11364 )
2019-07-19 23:13:21 +02:00
dependabot-preview[bot]
2fe3965d17
Bump strong_migrations from 0.4.0 to 0.4.1 ( #11307 )
...
Bumps [strong_migrations](https://github.com/ankane/strong_migrations ) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases )
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.4.0...v0.4.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-20 01:08:02 +09:00
Eugen Rochko
de4ead8fc6
Change single-column mode to scroll the whole page ( #11359 )
...
Fix #10840
2019-07-19 09:25:22 +02:00
ThibG
026f3a9d2d
Fix avatar animation on hover when not logged in ( #11349 )
2019-07-19 09:18:23 +02:00
koyu
ee3ab5a51d
Added logout to dropdown menu ( #11353 )
...
* Added logout to dropdown menu
* Triggering build-and-test with empty commit as it seems it failed due to some internal failure
* Looks fine, ready to review
* Added changes from review
* method can be null without any problems
* Also target can be null
2019-07-19 03:58:46 +02:00
ThibG
773130d51a
Fix sanitizing lists contents ( #11354 )
...
* Add test
* Fix code for sanitizing nested lists stripping all tags
2019-07-19 01:44:58 +02:00
ThibG
c2126e3f98
Add ActivityPub actor representing the entire server ( #11321 )
...
* Add support for an instance actor
* Skip username validation for local Application accounts
* Add migration script to create instance actor
* Make Codeclimate happy
* Switch to id -99 for instance actor
* Remove unused `icon` and `image` attributes from instance actor
* Use if/elsif/else instead of return + ternary operator
* Add instance actor to fresh installs
* Use instance actor as instance representative
Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.
* Seed database in test environment
* Fix single-user mode
* Fix tests
* Fix specs to accomodate for an extra `Account`
* Auto-reject follows on instance actor
Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.
* Fix webfinger lookup and serialization for instance actor
* Rename instance actor
* Make it clear in the HTML view that the instance actor should not be blocked
* Raise cache time for instance actor as there's no dynamic content
* Re-use /about/more with a flash message for instance actor profile
2019-07-19 01:44:42 +02:00
Eugen Rochko
02cf7a07ae
Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml ( #11351 )
2019-07-18 20:28:05 +02:00
Eugen Rochko
1d560713b6
Fix only one middle dot being recognized in hashtags ( #11345 )
...
Fix #10934
2019-07-18 03:02:56 +02:00
Eugen Rochko
01cff5ee60
Add aac, m4a, 3gp to allowed audio formats ( #11342 )
...
Fix #11186
2019-07-18 03:02:30 +02:00
Eugen Rochko
c27fb14e9f
Change language detection to include hashtags as words ( #11341 )
2019-07-18 03:02:15 +02:00
dependabot-preview[bot]
020daac19f
Bump rack-attack from 6.0.0 to 6.1.0 ( #11313 )
...
Bumps [rack-attack](https://github.com/kickstarter/rack-attack ) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases )
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.0.0...v6.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:07:02 +02:00
dependabot-preview[bot]
b856854767
Bump rubocop-rails from 2.2.0 to 2.2.1 ( #11308 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.2.0...v2.2.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:06:39 +02:00
dependabot-preview[bot]
f4ecf3c821
Bump puma from 3.12.1 to 4.0.1 ( #11306 )
...
Bumps [puma](https://github.com/puma/puma ) from 3.12.1 to 4.0.1.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v4.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:06:14 +02:00
ThibG
9bea975f52
Fix typo in StatusPolicy ( #11344 )
2019-07-18 00:48:26 +02:00
ThibG
9015b19e09
Add setting to disable the anti-spam ( #11296 )
...
* Add environment variable to disable the anti-spam
* Move antispam setting to admin settings
* Fix typo
* antispam → spam_check
2019-07-17 21:09:15 +02:00
Eugen Rochko
50caff4dc0
Change terms and privacy policy pages to always be accessible ( #11334 )
...
Fix #11328
2019-07-17 19:29:37 +02:00
ThibG
978792a112
Fix custom CSS controller ( #11336 )
2019-07-17 17:14:25 +02:00
ThibG
ac154ccc95
Extend AUTHORIZED_FETCH mode to user blocks as well ( #11332 )
...
* Extend AUTHORIZED_FETCH mode to user blocks as well
* Move decision to deny access to StatusPolicy
2019-07-17 01:53:37 +02:00
ThibG
a4b1083795
Fix caching headers in ActivityPub endpoints ( #11331 )
...
* Fix reverse-proxy caching in public fetch mode
* Fix caching in ActivityPub-specific controllers
2019-07-17 00:00:39 +02:00
ThibG
ab6af77728
Remove unused Account#magic_key ( #11327 )
2019-07-16 14:25:56 +02:00
Daigo 3 Dango
6354a48308
Make puma bind address configurable with BIND env var ( #11326 )
2019-07-16 06:51:36 +02:00
Eugen Rochko
9dead08055
Add option to disable real-time updates in web UI ( #9984 )
...
Fix #9031
Fix #7913
2019-07-16 06:30:47 +02:00
dependabot-preview[bot]
b5ffff8d39
Bump eslint-plugin-jsx-a11y from 6.2.1 to 6.2.3 ( #11314 )
...
Bumps [eslint-plugin-jsx-a11y](https://github.com/evcohen/eslint-plugin-jsx-a11y ) from 6.2.1 to 6.2.3.
- [Release notes](https://github.com/evcohen/eslint-plugin-jsx-a11y/releases )
- [Changelog](https://github.com/evcohen/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md )
- [Commits](https://github.com/evcohen/eslint-plugin-jsx-a11y/compare/v6.2.1...v6.2.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:24:26 +09:00
dependabot-preview[bot]
3fc46fba2c
Bump webpack from 4.34.0 to 4.35.3 ( #11309 )
...
Bumps [webpack](https://github.com/webpack/webpack ) from 4.34.0 to 4.35.3.
- [Release notes](https://github.com/webpack/webpack/releases )
- [Commits](https://github.com/webpack/webpack/compare/v4.34.0...v4.35.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:13:57 +09:00
dependabot-preview[bot]
19eabae239
Bump lodash from 4.17.13 to 4.17.14 ( #11312 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.13 to 4.17.14.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.13...4.17.14 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:06:30 +09:00
dependabot-preview[bot]
4bfffcfce1
Bump @babel/runtime from 7.4.5 to 7.5.4 ( #11315 )
...
Bumps [@babel/runtime](https://github.com/babel/babel ) from 7.4.5 to 7.5.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.4.5...v7.5.4 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:04:46 +09:00
dependabot-preview[bot]
08a927817e
Bump eslint-plugin-import from 2.17.3 to 2.18.0 ( #11310 )
...
Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import ) from 2.17.3 to 2.18.0.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases )
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.17.3...v2.18.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 00:52:23 +09:00
Yamagishi Kazutoshi
d309685866
Fix consistent interpolations ( #11317 )
2019-07-15 16:10:24 +02:00
Eugen Rochko
ac853dca51
Add periodic removal of older thumbnails for preview cards ( #11304 )
2019-07-15 07:50:14 +02:00
Eugen Rochko
c4a05eaa87
New Crowdin translations ( #11153 )
...
* New translations activerecord.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Norwegian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Telugu)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations simple_form.en.yml (Esperanto)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Georgian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Ido)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Czech)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations doorkeeper.en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.json (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Welsh)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations doorkeeper.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations simple_form.en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations devise.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations doorkeeper.en.yml (Basque)
[ci skip]
* New translations en.json (Korean)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Asturian)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations doorkeeper.en.yml (Spanish)
[ci skip]
* New translations doorkeeper.en.yml (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations doorkeeper.en.yml (Spanish)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations devise.en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations activerecord.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
2019-07-15 06:12:05 +02:00
Eugen Rochko
fe299d3417
Change default interface of web and streaming from 0.0.0.0 to 127.0.0.1 ( #11302 )
2019-07-15 05:56:35 +02:00
ThibG
a7b0224699
Disable LDSigning when AUTHORIZED_FETCH is set to true ( #11295 )
2019-07-15 02:29:39 +02:00
ThibG
3f12a0b8fd
Fix leaking private statuses the admin account follows ( #11300 )
...
Now that the request is signed, it can return private toots. Do not leak them.
2019-07-15 02:29:04 +02:00
PatOnTheBack
45be10c041
Bump handlebars from 4.1.0 to 4.1.2 ( #11293 )
...
Bumps [handlebars](https://github.com/wycats/handlebars.js ) from 4.1.0 to 4.1.2.
- [Release notes](https://github.com/wycats/handlebars.js/releases )
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md )
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.0...v4.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2019-07-14 14:05:11 +09:00
dependabot-preview[bot]
4338666b5f
Bump rubocop-rails from 2.0.1 to 2.2.0 ( #11257 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.0.1 to 2.2.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.0.1...v2.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-13 23:52:08 +09:00
Eugen Rochko
f70b20a01c
Add a spam check ( #11217 )
...
* Add a spam check
* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance
* Add more tests
* Add exemption when the message is a reply to something that mentions the sender
* Use Nilsimsa Compare Value instead of Levenshtein distance
* Use MD5 for messages shorter than 10 characters
* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account
* Expire spam check data after 3 months
* Add support for local statuses, reduce expiration to 1 week, always create a report
* Add content warnings to the spam check and exempt empty statuses
* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check
* Add all matched statuses into automatic report
2019-07-13 16:45:50 +02:00
han@highemelry
b6997d2622
Change the retry limit in error of web push notification ( #11292 )
...
- Change the maximum count of retry for web push notification (Default -> 5).
- In case of high load of subscribe server, the retries will be repeated many times.
- Because the retries occupy the default queue, maximum retry count should be reduced.
2019-07-12 18:46:21 +02:00
Eugen Rochko
39719ae981
Add ActivityPub secure mode ( #11269 )
...
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
ThibG
4bf0ee9467
Fix BlockService trying to reject incorrect follow request ( #11288 )
...
Fixes #11148
2019-07-11 14:50:27 +02:00
Eugen Rochko
317b79d673
Add HTTP signatures to all outgoing ActivityPub GET requests ( #11284 )
2019-07-11 14:49:55 +02:00
dependabot-preview[bot]
727472af94
[Security] Bump lodash from 4.17.11 to 4.17.13 ( #11287 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.11 to 4.17.13. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-11 06:33:07 +02:00
Eugen Rochko
6baf5099a6
Refactor fetching of remote resources ( #11251 )
2019-07-10 18:59:28 +02:00
ThibG
f9548fd31f
Drop magic-public-key from webfinger replies as it's only used for OStatus ( #11280 )
2019-07-10 17:10:43 +02:00
ThibG
e39e4786b4
Fix handling of webfinger redirects in ResolveAccountService ( #11279 )
2019-07-10 17:10:12 +02:00
ThibG
80b5a5d735
Fix old migration script depending on the StreamEntry model ( #11278 )
2019-07-10 17:09:10 +02:00
Eugen Rochko
f83ce1d943
Fix activity being rendered within activity due to caching ( #11271 )
...
Fix #11270
2019-07-10 00:43:30 +02:00
Eugen Rochko
d0b0b63b1a
Refactor domain block checks ( #11268 )
2019-07-09 03:27:35 +02:00
ThibG
5031bc3998
Fix Status.remote scope matching *all* statuses ( #11265 )
2019-07-08 18:17:22 +02:00
Eugen Rochko
e17c937f65
Remove unused remote unfollow controller ( #11250 )
2019-07-08 12:04:06 +02:00