dependabot[bot]
3030fa64ef
Bump @babel/preset-env from 7.15.0 to 7.15.4 ( #16706 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.15.0 to 7.15.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.4/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-10 09:24:39 +09:00
Claire
05f1a6fec3
Fix media icons not being added in CWs
2021-09-09 17:14:09 +02:00
dependabot[bot]
ac09e14d7f
Bump devise-two-factor from 4.0.0 to 4.0.1 ( #16705 )
...
Bumps [devise-two-factor](https://github.com/tinfoil/devise-two-factor ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/tinfoil/devise-two-factor/releases )
- [Changelog](https://github.com/tinfoil/devise-two-factor/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tinfoil/devise-two-factor/compare/v4.0.0...v4.0.1 )
---
updated-dependencies:
- dependency-name: devise-two-factor
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:43:00 +09:00
dependabot[bot]
6740c86fb4
Bump sass from 1.38.2 to 1.39.0 ( #16707 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.38.2 to 1.39.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.38.2...1.39.0 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:42:38 +09:00
dependabot[bot]
1c4f5b4a8c
Bump axios from 0.21.1 to 0.21.4 ( #16709 )
...
Bumps [axios](https://github.com/axios/axios ) from 0.21.1 to 0.21.4.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v0.21.1...v0.21.4 )
---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:41:47 +09:00
dependabot[bot]
aa2665c570
Bump @babel/runtime from 7.15.3 to 7.15.4 ( #16710 )
...
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.15.3 to 7.15.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.4/packages/babel-runtime )
---
updated-dependencies:
- dependency-name: "@babel/runtime"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:41:26 +09:00
dependabot[bot]
ee5eddeb52
Bump react-redux from 7.2.4 to 7.2.5 ( #16708 )
...
Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 7.2.4 to 7.2.5.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.4...v7.2.5 )
---
updated-dependencies:
- dependency-name: react-redux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:41:03 +09:00
dependabot[bot]
065eb6f9aa
Bump npmlog from 5.0.0 to 5.0.1 ( #16704 )
...
Bumps [npmlog](https://github.com/npm/npmlog ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/npm/npmlog/releases )
- [Changelog](https://github.com/npm/npmlog/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/npmlog/compare/v5.0.0...v5.0.1 )
---
updated-dependencies:
- dependency-name: npmlog
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:40:14 +09:00
dependabot[bot]
0c413253c7
Bump oj from 3.13.2 to 3.13.4 ( #16703 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.13.2 to 3.13.4.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.13.2...v3.13.4 )
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:39:49 +09:00
dependabot[bot]
6fb6fcf0c2
Bump aws-sdk-s3 from 1.100.0 to 1.102.0 ( #16702 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.100.0 to 1.102.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:39:21 +09:00
dependabot[bot]
47b1649962
Bump @babel/core from 7.15.0 to 7.15.5 ( #16712 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.15.0 to 7.15.5.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.5/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:36:14 +09:00
Holger
8c688e3626
use relative path for scope
( #16714 )
...
Use relative path for `scope` in web manifest to allow users use PWA correctly via alternate domains.
2021-09-08 23:33:36 +02:00
Claire
067d10d664
Fix addressing of remote groups' followers ( #16700 )
...
Fixes #16699
2021-09-08 23:33:23 +02:00
Claire
599aa0c9e3
Fix glitch-soc front-end not linking to the provided SOURCE_URL
2021-09-08 16:36:45 +02:00
Claire
def45ddc91
Fix media attachments not being displayed on polls
...
Fixes #1595
2021-09-08 16:36:30 +02:00
Claire
01ccdc58ed
Merge pull request #1597 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2021-09-08 14:16:17 +02:00
Claire
5ac1753cfa
Merge branch 'main' into glitch-soc/merge-upstream
2021-09-08 13:27:37 +02:00
Claire
172db62946
Merge pull request #1594 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2021-09-08 13:24:54 +02:00
Claire
4893216634
Fix suspicious sign-in mail text being out of date ( #16690 )
...
Fixes #16687
2021-09-04 16:44:50 +02:00
Claire
b0e0032f5c
Merge branch 'main' into glitch-soc/merge-upstream
2021-09-02 10:52:09 +02:00
Claire
a20cb503ec
Fix processing mentions to domains with non-ascii TLDs ( #16689 )
...
Fixes #16602
2021-09-01 22:06:40 +02:00
dependabot[bot]
295e5846ca
Bump eslint-plugin-react from 7.24.0 to 7.25.1 ( #16680 )
...
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.24.0 to 7.25.1.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.24.0...v7.25.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-react
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-01 08:18:55 +09:00
dependabot[bot]
d95e09dbe2
Bump tar from 6.1.3 to 6.1.11 ( #16685 )
...
Bumps [tar](https://github.com/npm/node-tar ) from 6.1.3 to 6.1.11.
- [Release notes](https://github.com/npm/node-tar/releases )
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/node-tar/compare/v6.1.3...v6.1.11 )
---
updated-dependencies:
- dependency-name: tar
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-01 08:18:29 +09:00
dependabot[bot]
00ed4bc743
Bump rqrcode from 2.0.0 to 2.1.0 ( #16678 )
...
Bumps [rqrcode](https://github.com/whomwah/rqrcode ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/whomwah/rqrcode/releases )
- [Changelog](https://github.com/whomwah/rqrcode/blob/master/CHANGELOG.md )
- [Commits](https://github.com/whomwah/rqrcode/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: rqrcode
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:58:34 +09:00
dependabot[bot]
443c806900
Bump rubocop from 1.19.1 to 1.20.0 ( #16674 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.19.1 to 1.20.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.19.1...v1.20.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:56:14 +09:00
dependabot[bot]
31d98ce24d
Bump nokogiri from 1.12.3 to 1.12.4 ( #16675 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.12.3 to 1.12.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.3...v1.12.4 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:56:07 +09:00
dependabot[bot]
7d63710348
Bump aws-sdk-s3 from 1.99.0 to 1.100.0 ( #16676 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.99.0 to 1.100.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:56:01 +09:00
dependabot[bot]
76adb47a91
Bump ws from 8.2.0 to 8.2.1 ( #16679 )
...
Bumps [ws](https://github.com/websockets/ws ) from 8.2.0 to 8.2.1.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.2.0...8.2.1 )
---
updated-dependencies:
- dependency-name: ws
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:55:49 +09:00
dependabot[bot]
ec1cb262a0
Bump sass from 1.38.0 to 1.38.2 ( #16671 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.38.0 to 1.38.2.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.38.0...1.38.2 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-29 09:00:57 +09:00
dependabot[bot]
29cc9b7f3c
Bump eslint-plugin-import from 2.24.1 to 2.24.2 ( #16668 )
...
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.24.1 to 2.24.2.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.24.1...v2.24.2 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-29 09:00:41 +09:00
dependabot[bot]
36b6572f15
Bump url-parse from 1.5.1 to 1.5.3 ( #16666 )
...
Bumps [url-parse](https://github.com/unshiftio/url-parse ) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases )
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3 )
---
updated-dependencies:
- dependency-name: url-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-28 18:18:58 +02:00
dependabot[bot]
e07cd410cf
Bump color-string from 1.5.3 to 1.6.0 ( #16665 )
...
Bumps [color-string](https://github.com/Qix-/color-string ) from 1.5.3 to 1.6.0.
- [Release notes](https://github.com/Qix-/color-string/releases )
- [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Qix-/color-string/commits/1.6.0 )
---
updated-dependencies:
- dependency-name: color-string
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-28 18:18:35 +02:00
dependabot[bot]
61d8996cda
Bump http from 4.4.1 to 5.0.1 ( #16438 )
...
Bumps [http](https://github.com/httprb/http ) from 4.4.1 to 5.0.1.
- [Release notes](https://github.com/httprb/http/releases )
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md )
- [Commits](https://github.com/httprb/http/compare/v4.4.1...v5.0.1 )
---
updated-dependencies:
- dependency-name: http
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-28 18:17:59 +02:00
dependabot[bot]
26536c2401
Bump y18n from 4.0.0 to 4.0.3 ( #16664 )
...
Bumps [y18n](https://github.com/yargs/y18n ) from 4.0.0 to 4.0.3.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/compare/v4.0.0...y18n-v4.0.3 )
---
updated-dependencies:
- dependency-name: y18n
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-28 18:15:05 +02:00
dependabot[bot]
96edc26165
Bump jest from 26.6.3 to 27.1.0 ( #16376 )
...
* Bump jest from 26.6.3 to 27.0.4
Bumps [jest](https://github.com/facebook/jest ) from 26.6.3 to 27.0.4.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/compare/v26.6.3...v27.0.4 )
---
updated-dependencies:
- dependency-name: jest
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Set test environment for jest
* Remove unnecessary ext
* Bump jest from 27.0.4 to 27.1.0
* Remove --coverage option
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-08-28 09:58:04 +09:00
dependabot[bot]
516c97b6e5
Bump sidekiq from 6.2.1 to 6.2.2 ( #16647 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.1...v6.2.2 )
---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-28 08:59:45 +09:00
Claire
0e9be76fcb
Merge pull request #1591 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2021-08-27 15:28:00 +02:00
dependabot[bot]
58ce453c86
Bump webpacker from 5.4.0 to 5.4.2 ( #16648 )
...
Bumps [webpacker](https://github.com/rails/webpacker ) from 5.4.0 to 5.4.2.
- [Release notes](https://github.com/rails/webpacker/releases )
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rails/webpacker/compare/v5.4.0...v5.4.2 )
---
updated-dependencies:
- dependency-name: webpacker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-27 21:47:43 +09:00
dependabot[bot]
8a40b1b40a
Bump faker from 2.18.0 to 2.19.0 ( #16646 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 2.18.0 to 2.19.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v2.18.0...v2.19.0 )
---
updated-dependencies:
- dependency-name: faker
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-27 21:47:00 +09:00
dependabot[bot]
3e6c085559
Bump rubocop from 1.19.0 to 1.19.1 ( #16649 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.19.0...v1.19.1 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-27 21:46:28 +09:00
matildepark
694295f171
[Glitch] Fix follow request count to dynamically update
...
Port 28796d1342
to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-08-27 11:31:09 +02:00
Claire
d856b8f239
Merge branch 'main' into glitch-soc/merge-upstream
2021-08-27 11:29:03 +02:00
Truong Nguyen
567021abeb
Explicitly set userVerification to discoraged ( #16545 )
2021-08-26 09:51:22 -05:00
Claire
84566f17de
Fix authentication failures after going halfway through a sign-in attempt ( #16607 )
...
* Add tests
* Add security-related tests
My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.
* Fix authentication failures after going halfway through a sign-in attempt
* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
Daniel
8632cc7dc5
New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED ( #16655 )
...
When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.
We need a new environment variable like for SAML to assume the email
from CAS is verified.
* config/initializers/omniauth.rb: define CAS option for assuming
email are always verified.
* .env.nanobox: add new variable as an example.
2021-08-25 18:41:24 +02:00
dependabot[bot]
fc9f57c442
Bump rails from 6.1.4 to 6.1.4.1 ( #16650 )
...
Bumps [rails](https://github.com/rails/rails ) from 6.1.4 to 6.1.4.1.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v6.1.4...v6.1.4.1 )
---
updated-dependencies:
- dependency-name: rails
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-26 01:39:55 +09:00
matildepark
28796d1342
Fix follow request count to dynamically update ( #16652 )
2021-08-25 17:46:29 +02:00
Daniel
eb30899df2
Fix undefined variable for Auth::OmniauthCallbacksController ( #16654 )
...
The addition of authentication history broke the omniauth login with
the following error:
method=GET path=/auth/auth/cas/callback format=html
controller=Auth::OmniauthCallbacksController action=cas status=500
error='NameError: undefined local variable or method `user' for
#<Auth::OmniauthCallbacksController:0x00000000036290>
Did you mean? @user' duration=435.93 view=0.00 db=36.19
* app/controllers/auth/omniauth_callbacks_controller.rb: fix variable
name to `@user`
2021-08-25 17:40:56 +02:00
dependabot[bot]
9c6cecb7a9
Bump eslint-plugin-import from 2.24.0 to 2.24.1 ( #16635 )
...
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.24.0 to 2.24.1.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.24.0...v2.24.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-23 22:03:53 +09:00
dependabot[bot]
3f2ddcda8a
Bump ws from 8.1.0 to 8.2.0 ( #16636 )
...
Bumps [ws](https://github.com/websockets/ws ) from 8.1.0 to 8.2.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.1.0...8.2.0 )
---
updated-dependencies:
- dependency-name: ws
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-23 22:03:38 +09:00