Eugen Rochko
6c1d78b277
Fix error on trending hashtags/links pages in admin UI due to missing constant ( #17044 )
2021-11-26 01:12:39 +01:00
Claire
202862753a
Fix handling of recursive toots in WebUI ( #17041 )
2021-11-25 23:46:39 +01:00
Claire
be1c45d252
Fix filtering DMs from non-followed users ( #17042 )
2021-11-25 23:46:30 +01:00
Eugen Rochko
ad73becf3e
Add trending links ( #16917 )
...
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
2021-11-25 13:07:38 +01:00
zunda
56abe9b4d7
Upgrade Ruby to 3.0.3 ( #17038 )
...
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
2021-11-24 20:29:05 +01:00
trwnh
82ae34881d
Better ordering for bug report issue template ( #17019 )
...
Logically, it makes more sense to provide the steps leading up to the bug before asking what the bug is. This change moves "steps to reproduce" above "expected behavior" and "actual behavior" to enforce the above progression and logical flow.
2021-11-24 20:24:09 +01:00
Claire
5d2ed78074
Fix error when suspending user with an already-existing canonical email block ( #17036 )
...
* Fix error when suspending user with an already-existing canonical email block
Fixes #17033
While attempting to create a `CanonicalEmailBlock` with an existing hash would
raise an `ActiveRecord::RecordNotUnique` error, this being done within a
transaction would cancel the whole transaction. For this reason, checking for
uniqueness in Rails would query the database within the transaction and avoid
invalidating the whole transaction for this reason.
A race condition is still possible, where multiple accounts sharing a canonical
email would be blocked in concurrent transactions, in which only one would
succeed, but that is way less likely to happen that the current issue, and can
always be retried after the first failure, unlike the current situation.
* Add tests
2021-11-24 17:41:03 +01:00
Claire
ab775c6cd1
Add FEDERATION.md ( #17029 )
...
Some ActivityPub projects have a FEDERATION.md which is used to describe the
various extensions they use.
Everything here is also documented elsewhere, but it's a concise starting point
with links to that documentation.
2021-11-23 00:15:31 +01:00
Claire
199022cf9d
Fix overflow of long profile fields in admin view ( #17010 )
2021-11-19 18:22:49 +01:00
Claire
3d8a884f06
Fix background-color of emoji-mart selector ( #17011 )
...
Reverts part of #16907 to fix hardcoded color
2021-11-19 18:21:37 +01:00
Takeshi Umeda
869faf5f87
Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) ( #16915 )
...
* Bump chewy from 5.2.0 to 7.2.2
* fix style (codeclimate)
* fix style
* fix style
* Bump chewy from 7.2.2 to 7.2.3
2021-11-18 22:02:08 +01:00
Mashiro
3cb518dcb4
Add lazy load to emoji-mart ( #16907 )
...
* perf: lazyload emoji-mart!
* Bump lazyload
2021-11-18 22:01:31 +01:00
Shlee
1b575f8aed
Update Dockerfile ( #16939 )
2021-11-18 22:00:38 +01:00
Shlee
ef5eb1c89e
[Docker-Compose] [Breaking] Postgres 9.6 is EOL (11th Nov 2021) - Migrate to 14 Stable ( #16947 )
...
* Update docker-compose.yml
* Update docker-compose.yml
* Update docker-compose.yml
* Update docker-compose.yml
2021-11-18 22:00:27 +01:00
Shlee
0e747afd34
Ruby 3.0.2 Upgrade ( #16982 )
...
* Update .ruby-version
* Update Gemfile
* Update Gemfile.lock
* Update Dockerfile
* Update check-i18n.yml
* Update config.yml
* Update config.yml
2021-11-18 21:59:57 +01:00
Shlee
6566ab621e
[Dockerfile] Upgrade ElasticSearch-OSS 6.8.10 to 7.10.2 ( #16956 )
...
* Update docker-compose.yml
* Update docker-compose.yml
* Update docker-compose.yml
2021-11-18 21:59:34 +01:00
dependabot[bot]
ee5a645091
Bump aws-sdk-s3 from 1.105.1 to 1.106.0 ( #17001 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.105.1 to 1.106.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:44:23 +09:00
dependabot[bot]
3ea9d6f0d1
Bump mime-types from 3.4.0 to 3.4.1 ( #17002 )
...
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types ) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases )
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/History.md )
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.4.0...v3.4.1 )
---
updated-dependencies:
- dependency-name: mime-types
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:44:08 +09:00
dependabot[bot]
135d6235ec
Bump eslint-plugin-jsx-a11y from 6.4.1 to 6.5.1 ( #16993 )
...
Bumps [eslint-plugin-jsx-a11y](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y ) from 6.4.1 to 6.5.1.
- [Release notes](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/releases )
- [Changelog](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md )
- [Commits](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/compare/v6.4.1...v6.5.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-jsx-a11y
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:42:12 +09:00
dependabot[bot]
99d33d0c03
Bump letter_opener_web from 1.4.1 to 2.0.0 ( #16960 )
...
Bumps [letter_opener_web](https://github.com/fgrehm/letter_opener_web ) from 1.4.1 to 2.0.0.
- [Release notes](https://github.com/fgrehm/letter_opener_web/releases )
- [Changelog](https://github.com/fgrehm/letter_opener_web/blob/master/CHANGELOG.md )
- [Commits](https://github.com/fgrehm/letter_opener_web/compare/v1.4.1...v2.0.0 )
---
updated-dependencies:
- dependency-name: letter_opener_web
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:20:31 +09:00
dependabot[bot]
1b659a2545
Bump eslint-plugin-import from 2.25.2 to 2.25.3 ( #16995 )
...
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.25.2 to 2.25.3.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.25.2...v2.25.3 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:08:10 +09:00
dependabot[bot]
a6b42b9bcf
Bump @babel/runtime from 7.16.0 to 7.16.3 ( #16994 )
...
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.16.0 to 7.16.3.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.16.3/packages/babel-runtime )
---
updated-dependencies:
- dependency-name: "@babel/runtime"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:07:56 +09:00
dependabot[bot]
5d8ea35cde
Bump eslint-plugin-react from 7.26.1 to 7.27.0 ( #16992 )
...
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.26.1 to 7.27.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.26.1...v7.27.0 )
---
updated-dependencies:
- dependency-name: eslint-plugin-react
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:07:15 +09:00
dependabot[bot]
828526c1d7
Bump mime-types from 3.3.1 to 3.4.0 ( #16991 )
...
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases )
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/History.md )
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.3.1...v3.4.0 )
---
updated-dependencies:
- dependency-name: mime-types
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:58 +09:00
dependabot[bot]
1d4951d667
Bump sprockets-rails from 3.2.2 to 3.4.0 ( #16990 )
...
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails ) from 3.2.2 to 3.4.0.
- [Release notes](https://github.com/rails/sprockets-rails/releases )
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.2...v3.4.0 )
---
updated-dependencies:
- dependency-name: sprockets-rails
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:40 +09:00
dependabot[bot]
eedf774202
Bump rubocop from 1.22.3 to 1.23.0 ( #16989 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.22.3 to 1.23.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.22.3...v1.23.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:26 +09:00
Shlee
2abb53ee23
[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. ( #16856 )
...
* [Security] Update NodeJS on docker.
https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/
* Update Dockerfile
* Upgrade npm package
* Update Dockerfile
2021-11-17 07:57:01 +01:00
Eugen Rochko
c32e5f820d
Add manual GitHub Actions runs ( #17000 )
2021-11-16 21:42:14 +01:00
Claire
ef730593f4
Fix upload of remote media with OpenStack Swift sometimes failing ( #16998 )
...
Under certain conditions, files fetched from remotes trigger an error when
being uploaded using OpenStack Swift. This is because in some cases, the
remote server will not return a content-length, so our ResponseWithLimitAdapter
will hold a `nil` value for `#size`, which will lead to an invalid value
for the Content-Length header of the Swift API call.
This commit fixes that by taking the size from the actually-downloaded file
size rather than the upstream-provided Content-Length header value.
2021-11-16 21:36:28 +01:00
Claire
701472d1fc
Fix confusing error when webfinger request returns empty document ( #16986 )
...
For some reason, some misconfigured servers return an empty document when
queried over webfinger. Since an empty document does not lead to a parse
error, the error is not caught properly and triggers uncaught exceptions
later on.
This PR fixes that by immediately erroring out with `Webfinger::Error` on
getting an empty response.
2021-11-14 21:55:40 +01:00
Eugen Rochko
fc187cefdf
Change workflow to push to Docker Hub ( #16980 )
2021-11-14 06:11:05 +01:00
Eugen Rochko
1bf6ec3325
Fix no link previews being generated for pages with invalid structured data ( #16979 )
...
Fix #16955
2021-11-13 23:07:13 +01:00
dependabot[bot]
4bfa20bd83
Bump react-select from 5.1.0 to 5.2.1 ( #16967 )
...
Bumps [react-select](https://github.com/JedWatson/react-select ) from 5.1.0 to 5.2.1.
- [Release notes](https://github.com/JedWatson/react-select/releases )
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md )
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@5.1.0...react-select@5.2.1 )
---
updated-dependencies:
- dependency-name: react-select
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:51:42 +09:00
dependabot[bot]
1b83dee0b7
Bump @testing-library/jest-dom from 5.14.1 to 5.15.0 ( #16966 )
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 5.14.1 to 5.15.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.14.1...v5.15.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:51:07 +09:00
dependabot[bot]
aa395541aa
Bump reselect from 4.1.1 to 4.1.2 ( #16963 )
...
Bumps [reselect](https://github.com/reduxjs/reselect ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/reduxjs/reselect/releases )
- [Changelog](https://github.com/reduxjs/reselect/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/reselect/compare/v4.1.1...v4.1.2 )
---
updated-dependencies:
- dependency-name: reselect
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:49:38 +09:00
dependabot[bot]
732064b0be
Bump sidekiq from 6.2.2 to 6.3.1 ( #16965 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.2.2 to 6.3.1.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.2...v6.3.1 )
---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:48:34 +09:00
dependabot[bot]
0c80690efd
Bump webpack-dev-server from 3.11.2 to 3.11.3 ( #16964 )
...
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server ) from 3.11.2 to 3.11.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases )
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/v3.11.3/CHANGELOG.md )
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.11.2...v3.11.3 )
---
updated-dependencies:
- dependency-name: webpack-dev-server
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:46:14 +09:00
dependabot[bot]
b68c8bf341
Bump aws-sdk-s3 from 1.104.0 to 1.105.1 ( #16962 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.104.0 to 1.105.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:36:28 +09:00
dependabot[bot]
6f4d419f5e
Bump ox from 2.14.5 to 2.14.6 ( #16961 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.14.5 to 2.14.6.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.14.5...v2.14.6 )
---
updated-dependencies:
- dependency-name: ox
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:35:52 +09:00
dependabot[bot]
8a1f69b3d8
Bump i18n-tasks from 0.9.34 to 0.9.35 ( #16959 )
...
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks ) from 0.9.34 to 0.9.35.
- [Release notes](https://github.com/glebm/i18n-tasks/releases )
- [Changelog](https://github.com/glebm/i18n-tasks/blob/main/CHANGES.md )
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.34...v0.9.35 )
---
updated-dependencies:
- dependency-name: i18n-tasks
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:34:28 +09:00
dependabot[bot]
0f994bac51
Bump idn-ruby from 0.1.2 to 0.1.4 ( #16958 )
...
Bumps [idn-ruby](https://github.com/deepfryed/idn-ruby ) from 0.1.2 to 0.1.4.
- [Release notes](https://github.com/deepfryed/idn-ruby/releases )
- [Changelog](https://github.com/deepfryed/idn-ruby/blob/master/CHANGES )
- [Commits](https://github.com/deepfryed/idn-ruby/compare/v0.1.2...v0.1.4 )
---
updated-dependencies:
- dependency-name: idn-ruby
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:34:00 +09:00
Claire
fdfcc4fcb7
Fix OpenGraph/LinkedData embeds having incorrectly-generated iframes ( #16978 )
2021-11-13 03:30:27 +01:00
Yusuke Nakamura
786e5e634c
Build container image by GitHub Actions ( #16973 )
...
* Build container image by GitHub Actions
* Trigger docker build only pushed to main branch
* Tweak tagging imgae
- "edge" is the main branch
- "latest" is the tagged latest release
2021-11-12 05:18:29 +01:00
Claire
65a727c888
Fix "bundle exec rails mastodon:setup" crashing in some circumstances ( #16976 )
...
Fix regression from #16896
2021-11-11 14:00:30 +01:00
Shlee
15ac5f2a2f
[CircleCI] Test using Postgres 14 ( #16948 )
...
* Update config.yml
* Update config.yml
2021-11-06 17:13:51 +01:00
Eugen Rochko
8925737d2c
Forward port version bumps to 3.4.2 and 3.4.3 ( #16945 )
...
* Bump version to 3.4.2
* Bump version to 3.4.3
2021-11-06 05:32:14 +01:00
Claire
9e122d774d
Fix reviving revoked sessions and invalidating login ( #16943 )
...
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
2021-11-06 00:13:58 +01:00
Claire
925adbf7af
Fix AccountNote not having a maximum length ( #16942 )
2021-11-06 00:12:25 +01:00
Eugen Rochko
4dc87ffc06
Add support for structured data and more OpenGraph tags to link cards ( #16938 )
...
Save preview cards under their canonical URL
Increase max redirects to follow from 2 to 3
2021-11-05 23:23:05 +01:00
Claire
91bd8b921b
Fix handling announcements with links ( #16941 )
...
Broken since #15827
2021-11-05 21:14:35 +01:00