Claire
5664c5370f
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 13:34:15 +02:00
Claire
c5b79558e2
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades ( #26023 )
2023-07-21 13:17:43 +02:00
Misty De Méo
9e19cfdb05
Paperclip: add support for Azure blob storage ( #23607 )
2023-07-19 09:02:49 +02:00
Matt Jankowski
5cdc196e44
Rails 7.0 update ( #25668 )
2023-07-13 09:36:07 +02:00
Matt Jankowski
08421e7b90
Fix Naming/MemoizedInstanceVariableName
cop ( #25928 )
2023-07-12 10:08:51 +02:00
Nick Schonning
96a8aa32ad
Enable Rubocop Style/FrozenStringLiteralComment ( #23793 )
2023-07-12 09:47:08 +02:00
Kurtis Rainbolt-Greene
a27f2686ca
First pass at multi-database for read replica using Rails native adapter ( #25693 )
...
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Claire
3445bdfa45
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko
edb6aab974
Revert "Rails 7 update" ( #25667 )
2023-07-02 11:14:22 +02:00
Matt Jankowski
5cadbaa296
Rails 7 update ( #24241 )
2023-07-02 10:38:53 +02:00
Claire
83b03b528b
Fix compatibility of recent migration with PostgreSQL 10 ( #25324 )
2023-06-07 01:53:50 +02:00
Nick Schonning
ef344388c5
Autofix Rubocop Regex Style rules ( #23690 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
Claire
f2dbbcdec5
Fix CSP headers when S3_ALIAS_HOST includes a path component ( #25273 )
2023-06-05 17:35:05 +02:00
Matt Jankowski
c671e23d28
Remove unmaintained nsa
gem ( #25265 )
2023-06-05 01:57:05 +02:00
Claire
1c298d97c5
Change wording of “Content cache retention period” setting to highlight destructive implications ( #23261 )
2023-06-02 18:09:08 +02:00
Renaud Chaput
f681f81cbf
Allow carets in URL search params ( #25216 )
2023-06-01 12:14:49 +02:00
Nick Schonning
44b7c24bd0
Autofix Rubocop spacing in config ( #25022 )
2023-05-22 13:17:56 +02:00
Nick Schonning
67c5ac4971
Autofix Rubocop Lint/AmbiguousOperatorPrecedence ( #25002 )
2023-05-16 10:51:59 +02:00
Matt Jankowski
a8aad4a45a
Fix Performance/RedundantMerge cop ( #24817 )
2023-05-04 05:25:43 +02:00
Matt Jankowski
bdbc9d0036
Fix Rails/CompactBlank cop ( #24690 )
2023-04-30 14:07:21 +02:00
Matt Jankowski
78f29479ab
Fix Rails/Present cop ( #24688 )
2023-04-30 06:47:50 +02:00
Nick Schonning
519ae8c0c6
Drop EOL Ruby 2.7 ( #24237 )
2023-04-27 01:46:18 +02:00
Nick Schonning
91f0da8563
Autofix Rubocop Style/NumericLiterals ( #24468 )
2023-04-23 22:30:07 +02:00
Claire
e03f9b38c5
Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )
2023-04-03 15:05:39 +02:00
Nick Schonning
2a0d2453b0
Autofix Rubocop Style/IdenticalConditionalBranches ( #24322 )
2023-03-31 09:33:52 +02:00
Eugen Rochko
c75fccf033
Change user settings to be stored in a more optimal way ( #23630 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire
af57bcd3cf
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2023-03-27 17:07:37 +02:00
Claire
852eb6ce7a
Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )
2023-03-12 23:47:55 +01:00
Jean byroot Boussier
08c2938b4a
Upgrade to latest redis-rb 4.x and fix deprecations ( #23616 )
...
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Jamie Hoyle
8f81dba434
Added support for specifying S3 storage classes in environment ( #22480 )
2023-03-03 20:53:37 +01:00
Eugen Rochko
d08bd66f42
Change rate limits to 1,500/5m per user, 300/5m per app ( #23347 )
2023-02-02 00:07:49 +01:00
luzpaz
11b7735fb3
Fix typos in source documentation ( #21046 )
...
Fixed 2 source comment/documentation typos
2022-12-15 15:57:26 +01:00
Claire
c863f76a62
Add logging for Rails cache timeouts ( #21667 )
...
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds
* Log cache store errors
2022-11-27 20:37:37 +01:00
Claire
d5fad31a45
Add form-action CSP directive ( #20781 )
2022-11-17 10:55:03 +01:00
trwnh
2e118aa0e6
Add missing admin scopes ( fix #20892 ) ( #20918 )
2022-11-17 10:50:21 +01:00
Eugen Rochko
c0b3ebd307
Fix wrong directive unsafe-wasm-eval
to wasm-unsafe-eval
( #20729 )
2022-11-15 03:39:06 +01:00
prplecake
a4f1043bb3
Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP ( #20606 )
...
* Add "unsafe-eval" to script-src CSP
* Use 'unsafe-wasm-eval' instead of 'unsafe-eval'
2022-11-15 03:22:38 +01:00
Eugen Rochko
e18c8537e6
Fix rate limiting for paths with formats ( #20675 )
2022-11-14 20:26:31 +01:00
Matt Corallo
88b46d0a8f
Add Cache-Control
header to openstack-stored files ( #20610 )
...
When storing files in S3, paperclip is configured with a Cache-Control header
indicating the file is immutable, however no such header was added when using
OpenStack storage.
Luckily Paperclip's fog integration makes this trivial, with a simple
`fog_file` `Cache-Control` default doing the trick.
2022-11-14 05:26:49 +01:00
David Hewitt
df557906fb
Allow unsetting x-amz-acl S3 Permission headers ( #20510 )
...
Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent.
This is tested as working with Cloudflare R2.
2022-11-13 06:57:10 +01:00
prplecake
d870657f80
Add "unsafe-eval" to script-src CSP ( #18817 )
2022-10-26 19:23:16 +02:00
Eugen Rochko
d53e1fc6d9
Fix vacuum scheduler missing lock, locks never expiring ( #19458 )
...
Remove vacuuming of orphaned preview cards
2022-10-26 12:10:48 +02:00
Eugen Rochko
a593188ded
Add user content translations with configurable backends ( #19218 )
2022-09-23 23:00:12 +02:00
Eugen Rochko
ecddc06474
Change "Allow trends without prior review" setting to include statuses ( #17977 )
...
* Change "Allow trends without prior review" setting to include posts
* Fix i18n-tasks
2022-08-28 04:00:39 +02:00
Jeong Arm
30113597e5
Support "http_hidden_proxy" ENV var for hidden service only proxy ( #18427 )
...
* Support "http_hidden_proxy" ENV var for hidden service only proxy
* Fallback to http_proxy if http_hidden_proxy is not set
2022-08-25 04:41:14 +02:00
Eugen Rochko
38d04135bf
Change how hashtags are normalized ( #18795 )
...
* Change how hashtags are normalized
* Fix tests
2022-07-13 15:03:28 +02:00
Claire
45a777f9d8
Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored ( #18568 )
2022-06-01 19:22:55 +02:00
Eugen Rochko
89d4d6fd3b
Fix confirmation redirect to app without Location
header ( #18523 )
2022-05-26 22:03:54 +02:00
Eugen Rochko
f4cab3ebad
Change search indexing to use batches to minimize resource usage ( #18451 )
2022-05-18 23:29:14 +02:00
Eugen Rochko
a8e694233c
Fix opening and closing Redis connections instead of using a pool ( #18171 )
...
* Fix opening and closing Redis connections instead of using a pool
* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00