dependabot[bot]
86d2d2f9df
Bump rack-attack from 6.3.1 to 6.4.0 ( #15628 )
...
Bumps [rack-attack](https://github.com/rack/rack-attack ) from 6.3.1 to 6.4.0.
- [Release notes](https://github.com/rack/rack-attack/releases )
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rack/rack-attack/compare/v6.3.1...v6.4.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 23:33:06 +09:00
Claire
9493606b11
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `CONTRIBUTING.md`:
Not a real conflict, glitch-soc quotes the upstream file, which has been
changed. Update the quote.
2021-01-26 14:01:30 +01:00
dependabot[bot]
6d1f69263c
Bump makara from 0.4.1 to 0.5.0 ( #15578 )
...
Bumps [makara](https://github.com/taskrabbit/makara ) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/taskrabbit/makara/releases )
- [Changelog](https://github.com/instacart/makara/blob/master/CHANGELOG.md )
- [Commits](https://github.com/taskrabbit/makara/compare/v0.4.1...v0.5.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-23 23:25:08 +09:00
Claire
020c4bf2af
Merge branch 'main' into glitch-soc/merge-upstream
2021-01-21 16:51:12 +01:00
dependabot[bot]
a2a49c50cb
Bump oj from 3.10.18 to 3.11.0 ( #15583 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.10.18 to 3.11.0.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.10.18...v3.11.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 21:30:56 +09:00
Claire
1a9e0432ae
Merge branch 'master' into glitch-soc/merge-upstream
2021-01-18 13:57:12 +01:00
dependabot[bot]
f0e14aa852
Bump capistrano from 3.14.1 to 3.15.0 ( #15537 )
...
* Bump capistrano from 3.14.1 to 3.15.0
Bumps [capistrano](https://github.com/capistrano/capistrano ) from 3.14.1 to 3.15.0.
- [Release notes](https://github.com/capistrano/capistrano/releases )
- [Commits](https://github.com/capistrano/capistrano/compare/v3.14.1...v3.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
* Fix config/deploy.rb
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-01-18 11:10:23 +09:00
Claire
77a975a964
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/models/public_feed.rb`:
Upstream refactored a bit, glitch-soc had specific code for local-only
statuses.
Updated glitch-soc's specific code accordingly.
2021-01-11 11:55:42 +01:00
dependabot[bot]
c31a08a6a3
Bump binding_of_caller from 0.8.0 to 1.0.0 ( #15489 )
...
Bumps [binding_of_caller](https://github.com/banister/binding_of_caller ) from 0.8.0 to 1.0.0.
- [Release notes](https://github.com/banister/binding_of_caller/releases )
- [Commits](https://github.com/banister/binding_of_caller/compare/v0.8.0...v1.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-07 14:10:49 +09:00
Claire
1ddb91d539
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `config/webpack/configuration.js`:
Upstream updated the `js-yaml` dependency, which changed how to call it.
Those changes conflicted because that code is pretty different in glitch-soc
which has to deal with its more complex theming system.
Proceeded to the same compatibility changes in glitch-soc's code.
- `package.json` and `yarn.lock`:
Not really a conflict, just glitch-soc-specific dependencies textually too
close to some dependencies updated upstream.
2021-01-06 18:08:06 +01:00
dependabot[bot]
3b33a91ce1
Bump nokogiri from 1.10.10 to 1.11.0 ( #15487 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.10.10 to 1.11.0.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.10...v1.11.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 20:01:31 +01:00
dependabot[bot]
3c3a2b74a8
Bump ruby-progressbar from 1.10.1 to 1.11.0 ( #15491 )
...
Bumps [ruby-progressbar](https://github.com/jfelchner/ruby-progressbar ) from 1.10.1 to 1.11.0.
- [Release notes](https://github.com/jfelchner/ruby-progressbar/releases )
- [Changelog](https://github.com/jfelchner/ruby-progressbar/blob/master/CHANGELOG.md )
- [Commits](https://github.com/jfelchner/ruby-progressbar/compare/releases/v1.10.1...releases/v1.11.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 02:10:33 +09:00
dependabot[bot]
ce9583f4a1
Bump simplecov from 0.20.0 to 0.21.0 ( #15485 )
...
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov ) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases )
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md )
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.20.0...v0.21.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 02:10:10 +09:00
dependabot[bot]
553968dfde
Bump cld3 from 3.3.0 to 3.4.1 ( #15391 )
...
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby ) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases )
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.3.0...v3.4.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 12:39:38 +09:00
dependabot[bot]
38291cb798
Bump webmock from 3.10.0 to 3.11.0 ( #15388 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.10.0...v3.11.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 12:17:56 +09:00
dependabot[bot]
e31ace96b2
Bump rubocop-rails from 2.8.1 to 2.9.1 ( #15390 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.8.1 to 2.9.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.8.1...v2.9.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 12:17:11 +09:00
dependabot[bot]
fc00d96c90
Bump capybara from 3.33.0 to 3.34.0 ( #15245 )
...
Bumps [capybara](https://github.com/teamcapybara/capybara ) from 3.33.0 to 3.34.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/3.33.0...3.34.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:13:48 +09:00
dependabot[bot]
b0810c945b
Bump rubocop from 1.3.1 to 1.7.0 ( #15447 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 1.3.1 to 1.7.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.3.1...v1.7.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:12:03 +09:00
dependabot[bot]
d1087e17d2
Bump rqrcode from 1.1.2 to 1.2.0 ( #15450 )
...
Bumps [rqrcode](https://github.com/whomwah/rqrcode ) from 1.1.2 to 1.2.0.
- [Release notes](https://github.com/whomwah/rqrcode/releases )
- [Commits](https://github.com/whomwah/rqrcode/commits/v1.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:11:30 +09:00
dependabot[bot]
c2393a91e1
Bump aws-sdk-s3 from 1.85.0 to 1.87.0 ( #15446 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.85.0 to 1.87.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:09:11 +09:00
dependabot[bot]
1305aa330a
Bump tty-prompt from 0.22.0 to 0.23.0 ( #15400 )
...
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt ) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases )
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md )
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.22.0...v0.23.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:08:23 +09:00
dependabot[bot]
6b123044d3
Bump ox from 2.13.4 to 2.14.0 ( #15396 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.13.4 to 2.14.0.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.13.4...v2.14.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:08:06 +09:00
dependabot[bot]
6ba3e72713
Bump puma from 5.0.4 to 5.1.1 ( #15339 )
...
Bumps [puma](https://github.com/puma/puma ) from 5.0.4 to 5.1.1.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v5.0.4...v5.1.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:55:32 +09:00
dependabot[bot]
bcf0998b24
Bump simplecov from 0.19.1 to 0.20.0 ( #15244 )
...
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov ) from 0.19.1 to 0.20.0.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases )
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md )
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.19.1...v0.20.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:40:35 +09:00
dependabot[bot]
f590a368a2
Bump net-ldap from 0.16.3 to 0.17.0 ( #15242 )
...
Bumps [net-ldap](https://github.com/ruby-ldap/ruby-net-ldap ) from 0.16.3 to 0.17.0.
- [Release notes](https://github.com/ruby-ldap/ruby-net-ldap/releases )
- [Changelog](https://github.com/ruby-ldap/ruby-net-ldap/blob/master/History.rdoc )
- [Commits](https://github.com/ruby-ldap/ruby-net-ldap/compare/v0.16.3...v0.17.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:32:37 +09:00
dependabot[bot]
659557fb99
Bump faker from 2.14.0 to 2.15.1 ( #15239 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 2.14.0 to 2.15.1.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v2.14.0...v2.15.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:28:58 +09:00
Claire
e590177b29
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/models/form/admin_settings.rb`:
New setting added upstream. Ported it.
- `app/views/statuses/_simple_status.html.haml`:
Upstream removed RTL classes. Did the same.
- `config/settings.yml`:
New setting added upstream. Ported it.
2020-12-15 14:27:06 +01:00
Eugen Rochko
df8874b24e
Fix performance on instances list in admin UI ( #15282 )
...
- Reduce duplicate queries
- Remove n+1 queries
- Add accounts count to detailed view
- Add separate action log entry for updating existing domain blocks
2020-12-14 09:06:34 +01:00
Claire
ec5783c59c
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/services/remove_status_service.rb`:
Conflict caused by us having a distinc Direct timeline.
Ported upstream changes.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
Conflict between glitch-soc's variable character limit and upstream
refactoring that part of the code.
Ported upstream changes.
2020-12-05 17:33:37 +01:00
Eugen Rochko
a217a14b58
Fix omniauth (SAML/CAS) sign-in routes not having CSRF protection ( #15228 )
2020-11-28 05:17:53 +01:00
Thibaut Girka
060df6c5c9
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `Gemfile.lock`:
glitch-soc-only dependency textually too close to updated upstream
dependencies. Updated to upsteam dependencies.
2020-11-25 15:31:45 +01:00
dependabot[bot]
65f5857b19
Bump parallel_tests from 3.3.0 to 3.4.0 ( #15203 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.3.0...v3.4.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 17:02:30 +09:00
dependabot[bot]
2813d4014d
Bump aws-sdk-s3 from 1.84.1 to 1.85.0 ( #15207 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.84.1 to 1.85.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 16:59:45 +09:00
Thibaut Girka
3216868024
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `.github/ISSUE_TEMPLATE/bug_report.md`:
Upstream added the `bug` label to bug reports.
Did the same.
- `app/services/fan_out_on_write_service.rb`:
Upstream put DMs back into timelines, glitch-soc was already doing it.
Ignored upstream changes.
2020-11-20 13:27:48 +01:00
Daigo 3 Dango
75585748c9
Use Ruby 2.7.2 ( #15150 )
...
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
dependabot[bot]
dcdd6e2a47
Bump omniauth-cas from 1.1.1 to 2.0.0 ( #15165 )
...
Bumps [omniauth-cas](https://github.com/dlindahl/omniauth-cas ) from 1.1.1 to 2.0.0.
- [Release notes](https://github.com/dlindahl/omniauth-cas/releases )
- [Changelog](https://github.com/dlindahl/omniauth-cas/blob/master/CHANGELOG.md )
- [Commits](https://github.com/dlindahl/omniauth-cas/compare/v1.1.1...v2.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-19 17:43:58 +01:00
dependabot[bot]
ae40e9324b
Bump rubocop from 0.93.1 to 1.3.0 ( #15170 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.93.1 to 1.3.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.93.1...v1.3.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-19 17:43:35 +01:00
dependabot[bot]
a22d74c822
Bump webmock from 3.9.5 to 3.10.0 ( #15172 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.9.5 to 3.10.0.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.9.5...v3.10.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-19 10:42:05 +09:00
Thibaut Girka
8abcd267f5
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/controllers/relationships_controller.rb`:
Upstream changed a line too close to a glitch-soc only line related to
glitch-soc's theming system.
Applied upstream changes accordingly.
2020-11-12 22:13:57 +01:00
dependabot[bot]
551a89f594
Bump better_errors from 2.8.3 to 2.9.1 ( #15117 )
...
Bumps [better_errors](https://github.com/BetterErrors/better_errors ) from 2.8.3 to 2.9.1.
- [Release notes](https://github.com/BetterErrors/better_errors/releases )
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.8.3...v2.9.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 23:11:15 +09:00
dependabot[bot]
bcb83a1c09
Bump aws-sdk-s3 from 1.83.1 to 1.84.0 ( #15135 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.83.1 to 1.84.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 18:29:30 +09:00
dependabot[bot]
f8549dd617
Bump bootsnap from 1.4.9 to 1.5.0 ( #15116 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.4.9 to 1.5.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.9...v1.5.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 18:23:24 +09:00
dependabot[bot]
958aad57e8
Bump parallel from 1.19.2 to 1.20.0 ( #15115 )
...
Bumps [parallel](https://github.com/grosser/parallel ) from 1.19.2 to 1.20.0.
- [Release notes](https://github.com/grosser/parallel/releases )
- [Commits](https://github.com/grosser/parallel/compare/v1.19.2...v1.20.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 18:20:41 +09:00
Thibaut Girka
b03d3117c3
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/services/process_mentions_service.rb`:
glitch-soc local-only handling, ported upstream changes
2020-10-26 15:48:16 +01:00
dependabot[bot]
62d69df815
Bump active_record_query_trace from 1.7 to 1.8 ( #14999 )
...
Bumps [active_record_query_trace](https://github.com/brunofacca/active-record-query-trace ) from 1.7 to 1.8.
- [Release notes](https://github.com/brunofacca/active-record-query-trace/releases )
- [Changelog](https://github.com/brunofacca/active-record-query-trace/blob/master/HISTORY.md )
- [Commits](https://github.com/brunofacca/active-record-query-trace/compare/v1.7...v1.8 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-22 12:11:20 +09:00
Thibaut Girka
6fdc4e8d47
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `.github/dependabot.yml`:
Updated upstream, we deleted it to not be flooded by Depandabot.
Kept deleted.
- `Gemfile.lock`:
Puma updated on both sides, went for the most recent version.
- `app/controllers/api/v1/mutes_controller.rb`:
Upstream updated the serializer to support timed mutes, while
glitch-soc added a custom API ages ago to get information that
is already available elsewhere.
Dropped the glitch-soc-specific API, went with upstream changes.
- `app/javascript/core/admin.js`:
Conflict due to changing how assets are loaded. Went with upstream.
- `app/javascript/packs/public.js`:
Conflict due to changing how assets are loaded. Went with upstream.
- `app/models/mute.rb`:
🤷
- `app/models/user.rb`:
New user setting added upstream while we have glitch-soc-specific
user settings. Added upstream's user setting.
- `config/settings.yml`:
Upstream added a new user setting close to a user setting we had
changed the defaults for. Added the new upstream setting.
- `package.json`:
Upstream dependency updated “too close” to a glitch-soc-specific
dependency. No real conflict. Updated the dependency.
2020-10-21 19:10:50 +02:00
ThibG
694a5e33d5
Add follower synchronization mechanism ( #14510 )
...
* Add support for followers synchronization on the receiving end
Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.
* Add tests for followers synchronization on the receiving end
* Add support for follower synchronization on the sender's end
* Add tests for the sending end
* Switch from AS attributes to HTTP header
Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
receiving instance (where “receiving instance” is determined by accounts
sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor
Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.
* Add environment variable to disable followers synchronization
Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.
The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
netloc as a managed account must be managed by the same Mastodon instance
as well.
As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.
Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.
* Only set follower synchronization header on non-public statuses
This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)
* Change how ActivityPub::SynchronizeFollowersService handles follow requests
If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.
* Integrate review feeback
- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes
* Only select required fields when computing followers_hash
* Use actor URI rather than webfinger domain in synchronization endpoint
* Change hash computation to be a XOR of individual hashes
Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.
* Marginally improve followers_hash computation speed
* Further improve hash computation performances by using pluck_each
2020-10-21 18:04:09 +02:00
dependabot[bot]
4b104d4502
Bump rubocop from 0.92.0 to 0.93.0 ( #14967 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.92.0 to 0.93.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.92.0...v0.93.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-13 15:45:37 +09:00
Eugen Rochko
adaf3f7b7a
Remove dependency on goldfinger gem ( #14919 )
...
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.
Fix #14091
2020-10-08 00:34:57 +02:00
dependabot[bot]
47dfe9b5b0
Bump brakeman from 4.9.1 to 4.10.0 ( #14933 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.9.1 to 4.10.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.9.1...v4.10.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 17:07:50 +09:00
dependabot[bot]
eb6766c150
Bump aws-sdk-s3 from 1.81.1 to 1.83.0 ( #14929 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.81.1 to 1.83.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 16:56:13 +09:00
dependabot[bot]
04ce183590
Bump rubocop from 0.91.0 to 0.92.0 ( #14885 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.91.0 to 0.92.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.91.0...v0.92.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-29 14:59:31 +09:00
Thibaut Girka
7a84a84fc1
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `Gemfile.lock`:
Not a real conflict, upstream updated dependencies that were too close to
glitch-soc-only ones in the file.
- `app/controllers/oauth/authorized_applications_controller.rb`:
Upstream changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's theming system.
Ported upstream changes.
- `app/controllers/settings/base_controller.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's theming system.
Ported upstream changes.
- `app/controllers/settings/sessions_controller.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's theming system.
Ported upstream changes.
- `app/models/user.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc not preventing moved accounts from logging
in.
Ported upstream changes while keeping the ability for moved accounts to log
in.
- `app/policies/status_policy.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's local-only toots.
Ported upstream changes.
- `app/serializers/rest/account_serializer.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's ability to hide followers count.
Ported upstream changes.
- `app/services/process_mentions_service.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's local-only toots.
Ported upstream changes.
- `package.json`:
Not a real conflict, upstream updated dependencies that were too close to
glitch-soc-only ones in the file.
2020-09-28 14:13:30 +02:00
dependabot[bot]
c92a7aab4e
Bump puma from 4.3.6 to 5.0.0 ( #14830 )
...
Bumps [puma](https://github.com/puma/puma ) from 4.3.6 to 5.0.0.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v4.3.6...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-22 15:23:36 +02:00
dependabot[bot]
efdb7197a4
Bump parallel_tests from 3.2.0 to 3.3.0 ( #14843 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.2.0...v3.3.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-22 16:53:24 +09:00
dependabot[bot]
50cb1f7f58
Bump rubocop from 0.90.0 to 0.91.0 ( #14835 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.90.0 to 0.91.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.90.0...v0.91.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-22 14:36:46 +09:00
dependabot[bot]
d652d52a87
Bump aws-sdk-s3 from 1.80.0 to 1.81.0 ( #14826 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.80.0 to 1.81.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 21:25:53 +09:00
dependabot[bot]
78eddf5607
Bump better_errors from 2.7.1 to 2.8.1 ( #14825 )
...
Bumps [better_errors](https://github.com/BetterErrors/better_errors ) from 2.7.1 to 2.8.1.
- [Release notes](https://github.com/BetterErrors/better_errors/releases )
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.7.1...v2.8.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 16:12:11 +09:00
dependabot[bot]
11ebc21a30
Bump faker from 2.13.0 to 2.14.0 ( #14824 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v2.13.0...v2.14.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 16:11:55 +09:00
dependabot[bot]
789be79b4b
Bump thor from 0.20.3 to 1.0.1 ( #14783 )
...
Bumps [thor](https://github.com/erikhuda/thor ) from 0.20.3 to 1.0.1.
- [Release notes](https://github.com/erikhuda/thor/releases )
- [Changelog](https://github.com/erikhuda/thor/blob/master/CHANGELOG.md )
- [Commits](https://github.com/erikhuda/thor/compare/v0.20.3...v1.0.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 20:40:12 +02:00
dependabot[bot]
7cf9c24a22
Bump webmock from 3.8.3 to 3.9.1 ( #14780 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.8.3 to 3.9.1.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.3...v3.9.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 12:45:52 +09:00
dependabot[bot]
3751588442
Bump rails from 5.2.4.3 to 5.2.4.4 ( #14792 )
...
Bumps [rails](https://github.com/rails/rails ) from 5.2.4.3 to 5.2.4.4.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v5.2.4.3...v5.2.4.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 22:08:13 +09:00
dependabot[bot]
6942d6f624
Bump aws-sdk-s3 from 1.79.1 to 1.80.0 ( #14789 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.79.1 to 1.80.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 22:02:42 +09:00
Thibaut Girka
04f2c25e5d
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/controllers/api/v1/timelines/public_controller.rb
- app/lib/feed_manager.rb
- app/models/status.rb
- app/services/precompute_feed_service.rb
- app/workers/feed_insert_worker.rb
- spec/models/status_spec.rb
All conflicts are due to upstream refactoring feed management and us having
local-only toots on top of that. Rewrote local-only toots management for
upstream's changes.
2020-09-08 16:26:47 +02:00
dependabot[bot]
f394d83032
Bump rubocop from 0.88.0 to 0.90.0 ( #14747 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.88.0 to 0.90.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.88.0...v0.90.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-08 08:22:54 +09:00
dependabot[bot]
275451d3c8
Bump rubocop-rails from 2.6.0 to 2.8.0 ( #14734 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.6.0 to 2.8.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.6.0...v2.8.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-08 05:08:17 +09:00
Thibaut Girka
5b8a4f96de
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `config/webpack/shared.js`:
Upstream has changed how Tesseract.js gets included and dropped a dependency.
The conflict is caused by glitch-soc having different code due to its
theming system.
Ported upstream changes.
- `lib/mastodon/version.rb`:
Upstream refactor/code style change in a place we replaced upstream's
repo URL with ours.
Ported upstram changes, keeping our repo URL.
- `yarn.lock`:
Upstream dropped dependencies, one of which was textually too close to
a glitch-soc-specific dependency. Not a real conflict.
2020-09-01 17:02:18 +02:00
dependabot[bot]
61b768572e
Bump rubocop from 0.86.0 to 0.88.0 ( #14412 )
...
* Bump rubocop from 0.86.0 to 0.88.0
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.86.0 to 0.88.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.86.0...v0.88.0 )
Signed-off-by: dependabot[bot] <support@github.com>
* Fix for latest RuboCop
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-09-01 03:04:00 +02:00
dependabot[bot]
1bfda1a5cb
Bump aws-sdk-s3 from 1.78.0 to 1.79.1 ( #14691 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.78.0 to 1.79.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-01 02:56:53 +02:00
dependabot[bot]
99900ffe0f
Bump parallel_tests from 3.1.0 to 3.2.0 ( #14702 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.1.0...v3.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-01 02:55:16 +02:00
Thibaut Girka
37e746eab6
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/controllers/accounts_controller.rb`:
Upstream change too close to a glitch-soc change related to
instance-local toots. Merged upstream changes.
- `app/services/fan_out_on_write_service.rb`:
Minor conflict due to glitch-soc's handling of Direct Messages,
merged upstream changes.
- `yarn.lock`:
Not really a conflict, caused by glitch-soc-only dependencies
being textually too close to updated upstream dependencies.
Merged upstream changes.
2020-08-30 16:13:08 +02:00
dependabot[bot]
2dfe7bc8de
Bump redis-namespace from 1.7.0 to 1.8.0 ( #14623 )
...
Bumps [redis-namespace](https://github.com/resque/redis-namespace ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/resque/redis-namespace/releases )
- [Changelog](https://github.com/resque/redis-namespace/blob/master/CHANGELOG.md )
- [Commits](https://github.com/resque/redis-namespace/compare/v1.7.0...v1.8.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-25 20:57:44 +09:00
santiagorodriguez96
f142983484
Add WebAuthn as an alternative 2FA method ( #14466 )
...
* feat: add possibility of adding WebAuthn security keys to use as 2FA
This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: add request for WebAuthn as second factor at login if enabled
This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: add possibility of deleting WebAuthn Credentials
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: disable WebAuthn when an Admin disables 2FA for a user
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA
Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.
* We had to change a little the flow for setting up TOTP, given that now
it's possible to setting up again if you already had TOTP, in order to
let users modify their authenticator app – given that now it's not
possible for them to disable TOTP and set it up again with another
authenticator app.
So, basically, now instead of storing the new `otp_secret` in the
user, we store it in the session until the process of set up is
finished.
This was because, as it was before, when users clicked on 'Edit' in
the new two-factor methods lists page, but then went back without
finishing the flow, their `otp_secret` had been changed therefore
invalidating their previous authenticator app, making them unable to
log in again using TOTP.
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* refactor: fix eslint errors
The PR build was failing given that linting returning some errors.
This commit attempts to fix them.
* refactor: normalize i18n translations
The build was failing given that i18n translations files were not
normalized.
This commits fixes that.
* refactor: avoid having the webauthn gem locked to a specific version
* refactor: use symbols for routes without '/'
* refactor: avoid sending webauthn disabled email when 2FA is disabled
When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.
* refactor: avoid creating new env variable for webauthn_origin config
* refactor: improve flash error messages for webauthn pages
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
2020-08-24 16:46:27 +02:00
dependabot[bot]
755c76d19f
Bump simplecov from 0.18.5 to 0.19.0 ( #14590 )
...
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov ) from 0.18.5 to 0.19.0.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases )
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md )
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.18.5...v0.19.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-21 05:31:28 +09:00
dependabot[bot]
1d9e5b643a
Bump webpacker from 5.1.1 to 5.2.0 ( #14586 )
...
Bumps [webpacker](https://github.com/rails/webpacker ) from 5.1.1 to 5.2.0.
- [Release notes](https://github.com/rails/webpacker/releases )
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rails/webpacker/compare/v5.1.1...v5.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-21 05:23:52 +09:00
dependabot[bot]
b1b2627d8e
Bump aws-sdk-s3 from 1.76.0 to 1.78.0 ( #14583 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.76.0 to 1.78.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-21 05:14:30 +09:00
Thibaut Girka
f800c99b60
Merge branch 'master' into glitch-soc/merge-upstream
2020-08-19 19:16:41 +02:00
dependabot[bot]
7892a04c05
Bump aws-sdk-s3 from 1.75.0 to 1.76.0 ( #14542 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.75.0 to 1.76.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-17 02:18:25 +09:00
dependabot[bot]
249ed885bf
Bump brakeman from 4.8.2 to 4.9.0 ( #14540 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.8.2 to 4.9.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.8.2...v4.9.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-17 02:17:00 +09:00
ThibG
6436b1f77b
Remove dependency on unused and unmaintained http_parser.rb gem ( #14574 )
...
It seems that years ago, the “http” gem dependend on the “http_parser.rb” gem
(it now depends on the “http-parser” gem), and, still years ago, we pulled
it from git in order to benefit from a bugfix that wasn't released yet (#7467 ).
2020-08-14 18:04:00 +02:00
Thibaut Girka
be0475e5a1
Merge branch 'master' into glitch-soc/merge-upstream
2020-08-08 19:10:40 +02:00
dependabot[bot]
ea9dfd4220
Bump pghero from 2.6.0 to 2.7.0 ( #14518 )
...
Bumps [pghero](https://github.com/ankane/pghero ) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/ankane/pghero/releases )
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/pghero/compare/v2.6.0...v2.7.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-07 00:34:12 +09:00
Thibaut Girka
0afe3c1562
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `yarn.lock`:
No real conflict, just a glitch-soc-only dependency textually too close to
one updated upstream. Ported upstream changes.
2020-08-01 20:24:23 +02:00
dependabot[bot]
5f1cafd4cc
Bump strong_migrations from 0.6.8 to 0.7.1 ( #14463 )
...
Bumps [strong_migrations](https://github.com/ankane/strong_migrations ) from 0.6.8 to 0.7.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases )
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.6.8...v0.7.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 02:18:59 +09:00
dependabot[bot]
ad04183b21
Bump posix-spawn from 58465d2e213991f8afb13b984854a49fcdcc980c to 0.3.15 ( #14433 )
...
Bumps [posix-spawn](https://github.com/rtomayko/posix-spawn ) from 58465d2e213991f8afb13b984854a49fcdcc980c to 0.3.15. This release includes the previously tagged commit.
- [Release notes](https://github.com/rtomayko/posix-spawn/releases )
- [Commits](58465d2e21
...v0.3.15)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:59:29 +09:00
dependabot[bot]
8f8b06d997
Bump sidekiq from 6.1.0 to 6.1.1 ( #14427 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.0...v6.1.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:54:00 +09:00
dependabot[bot]
5d3543b73d
Bump tty-prompt from 0.21.0 to 0.22.0 ( #14430 )
...
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt ) from 0.21.0 to 0.22.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases )
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md )
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.21.0...v0.22.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-29 00:51:15 +09:00
dependabot[bot]
fb08a6342a
Bump capistrano-rails from 1.5.0 to 1.6.1 ( #14415 )
...
Bumps [capistrano-rails](https://github.com/capistrano/rails ) from 1.5.0 to 1.6.1.
- [Release notes](https://github.com/capistrano/rails/releases )
- [Commits](https://github.com/capistrano/rails/compare/v1.5.0...v1.6.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 12:24:53 +09:00
dependabot[bot]
49fa91a8d3
Bump thwait from 0.1.0 to 0.2.0 ( #14436 )
...
Bumps [thwait](https://github.com/ruby/thwait ) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/ruby/thwait/releases )
- [Commits](https://github.com/ruby/thwait/compare/v0.1.0...v0.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 07:01:59 +09:00
dependabot[bot]
a33ad403ad
Bump parallel_tests from 3.0.0 to 3.1.0 ( #14406 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.0.0...v3.1.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 06:57:34 +09:00
dependabot[bot]
63b4378b2d
Bump capistrano-rbenv from 2.1.6 to 2.2.0 ( #14411 )
...
Bumps [capistrano-rbenv](https://github.com/capistrano/rbenv ) from 2.1.6 to 2.2.0.
- [Release notes](https://github.com/capistrano/rbenv/releases )
- [Commits](https://github.com/capistrano/rbenv/compare/v2.1.6...v2.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 03:24:09 +09:00
dependabot[bot]
ba57e8d191
Bump stoplight from 2.2.0 to 2.2.1 ( #14432 )
...
Bumps [stoplight](https://github.com/orgsync/stoplight ) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/orgsync/stoplight/releases )
- [Changelog](https://github.com/orgsync/stoplight/blob/master/CHANGELOG.md )
- [Commits](https://github.com/orgsync/stoplight/compare/v2.2.0...v2.2.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 03:00:35 +09:00
dependabot[bot]
e910eabfec
Bump aws-sdk-s3 from 1.73.0 to 1.75.0 ( #14401 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.73.0 to 1.75.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 02:26:13 +09:00
dependabot[bot]
2ed1a48ba3
Bump pghero from 2.5.1 to 2.6.0 ( #14423 )
...
Bumps [pghero](https://github.com/ankane/pghero ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/ankane/pghero/releases )
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/pghero/compare/v2.5.1...v2.6.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-28 02:25:06 +09:00
Thibaut Girka
c2347f6cf6
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `package.json`:
Not really a conflict, just some glitch-soc-specific dependency
too close to an upstream-updated one.
2020-07-07 15:58:45 +02:00
dependabot[bot]
9decf0a2c7
Bump aws-sdk-s3 from 1.72.0 to 1.73.0 ( #14219 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.72.0 to 1.73.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-06 22:07:46 +09:00
Thibaut Girka
f5afdaa2e0
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `.env.production.sample`:
Upstream changed it completely.
Changed ours to merge upstream's new structure, but
keeping most of the information.
2020-07-05 19:35:56 +02:00
Eugen Rochko
8517a5fdb4
Add color extraction for audio thumbnails ( #14209 )
2020-07-05 18:28:25 +02:00
Thibaut Girka
2a2af880b8
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `.env.production.sample`:
Upstream deleted it, I decided to keep it.
- `package.json`:
Upstream updated a dependency textually too close to wavesurfer.js
which has been deleted from upstream but is kept in glitch-soc for now.
2020-06-30 23:00:20 +02:00
dependabot[bot]
c3070c905d
Bump faker from 2.12.0 to 2.13.0 ( #14174 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 2.12.0 to 2.13.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v2.12.0...v2.13.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-30 13:18:25 +09:00
dependabot[bot]
09b5865109
Bump rubocop from 0.85.1 to 0.86.0 ( #14171 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.85.1 to 0.86.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.85.1...v0.86.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-29 21:44:32 +09:00
dependabot[bot]
24a512e418
Bump aws-sdk-s3 from 1.69.0 to 1.72.0 ( #14158 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.69.0 to 1.72.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-29 21:43:31 +09:00
Thibaut Girka
0e33582bff
Merge branch 'master' into glitch-soc/merge-upstream
2020-06-26 13:02:14 +02:00
dependabot[bot]
d239de61d8
Bump aws-sdk-s3 from 1.68.1 to 1.69.0 ( #14109 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.68.1 to 1.69.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-25 17:49:34 +09:00
dependabot[bot]
fc815a8e08
Bump capybara from 3.32.2 to 3.33.0 ( #14105 )
...
Bumps [capybara](https://github.com/teamcapybara/capybara ) from 3.32.2 to 3.33.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/3.32.2...3.33.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-25 17:48:40 +09:00
dependabot[bot]
f427fb70d5
Bump rspec-sidekiq from 3.0.3 to 3.1.0 ( #14104 )
...
Bumps [rspec-sidekiq](https://github.com/philostler/rspec-sidekiq ) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/philostler/rspec-sidekiq/releases )
- [Changelog](https://github.com/philostler/rspec-sidekiq/blob/develop/CHANGES.md )
- [Commits](https://github.com/philostler/rspec-sidekiq/compare/v3.0.3...v3.1.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-25 17:47:34 +09:00
Thibaut Girka
4d5ff62de5
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `Gemfile.lock`: not a real conflict, upstream update too close
to a glitch-soc-specific dependency
2020-06-17 17:10:15 +02:00
mayaeh
759ad1511b
[Security] Bump rack from 2.2.2 to 2.2.3 ( #14064 )
2020-06-17 06:30:57 +02:00
dependabot[bot]
01a4c7844c
Bump parallel_tests from 2.32.0 to 3.0.0 ( #14044 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 2.32.0 to 3.0.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.32.0...v3.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-16 01:00:56 +09:00
dependabot[bot]
2395cbb497
Bump bundler-audit from 0.6.1 to 0.7.0.1 ( #14034 )
...
Bumps [bundler-audit](https://github.com/postmodern/bundler-audit ) from 0.6.1 to 0.7.0.1.
- [Release notes](https://github.com/postmodern/bundler-audit/releases )
- [Changelog](https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md )
- [Commits](https://github.com/postmodern/bundler-audit/compare/v0.6.1...v0.7.0.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-16 00:57:20 +09:00
dependabot[bot]
9f71b98b19
Bump rubocop-rails from 2.5.2 to 2.6.0 ( #14047 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.5.2 to 2.6.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.5.2...v2.6.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-15 23:26:27 +09:00
dependabot[bot]
01bafc81ea
Bump httplog from 1.4.2 to 1.4.3 ( #14043 )
...
Bumps [httplog](https://github.com/trusche/httplog ) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/trusche/httplog/releases )
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md )
- [Commits](https://github.com/trusche/httplog/compare/v1.4.2...v1.4.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-15 23:22:01 +09:00
dependabot[bot]
b7e2bac9f7
Bump redis from 4.1.4 to 4.2.1 ( #14038 )
...
Bumps [redis](https://github.com/redis/redis-rb ) from 4.1.4 to 4.2.1.
- [Release notes](https://github.com/redis/redis-rb/releases )
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md )
- [Commits](https://github.com/redis/redis-rb/compare/v4.1.4...v4.2.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-15 23:11:20 +09:00
dependabot[bot]
311060c803
Bump aws-sdk-s3 from 1.67.1 to 1.68.1 ( #14033 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.67.1 to 1.68.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-15 22:31:23 +09:00
Thibaut Girka
83dc54c487
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/controllers/activitypub/collections_controller.rb`:
Conflict due to glitch-soc having to take care of local-only
pinned toots in that controller.
Took upstream's changes and restored the local-only special
handling.
- `app/controllers/auth/sessions_controller.rb`:
Minor conflicts due to the theming system, applied upstream
changes, adapted the following two files for glitch-soc's
theming system:
- `app/controllers/concerns/sign_in_token_authentication_concern.rb`
- `app/controllers/concerns/two_factor_authentication_concern.rb`
- `app/services/backup_service.rb`:
Minor conflict due to glitch-soc having to handle local-only
toots specially. Applied upstream changes and restored
the local-only special handling.
- `app/views/admin/custom_emojis/index.html.haml`:
Minor conflict due to the theming system.
- `package.json`:
Upstream dependency updated, too close to a glitch-soc-only
dependency in the file.
- `yarn.lock`:
Upstream dependency updated, too close to a glitch-soc-only
dependency in the file.
2020-06-09 10:39:20 +02:00
dependabot[bot]
81a7addbfd
Bump sanitize from 5.1.0 to 5.2.0 ( #14006 )
...
Bumps [sanitize](https://github.com/rgrove/sanitize ) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/rgrove/sanitize/releases )
- [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md )
- [Commits](https://github.com/rgrove/sanitize/compare/v5.1.0...v5.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-08 15:02:10 +09:00
dependabot[bot]
d32e9a8a96
Bump aws-sdk-s3 from 1.66.0 to 1.67.1 ( #14000 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.66.0 to 1.67.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-07 02:50:28 +09:00
dependabot[bot]
5e62c6c7d1
Bump rubocop from 0.84.0 to 0.85.0 ( #13961 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.84.0 to 0.85.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.84.0...v0.85.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-06 06:47:19 +09:00
ThibG
8bb1747946
Fix mastodon:setup choking on env variables containing '%' ( #13940 )
...
Fix a regression introduced in #13928 , caused by TTY::Command building
shell commands by chaining string substitutions.
Ditch TTY::Command and use system instead (both do shell out).
2020-06-03 20:18:52 +02:00
Eugen Rochko
b864e78db8
Add E2EE API ( #13820 )
2020-06-02 19:24:53 +02:00
dependabot-preview[bot]
a067792fef
Bump faker from 2.11.0 to 2.12.0 ( #13911 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v2.11.0...v2.12.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:55:20 +09:00
Thibaut Girka
dcb3e180b9
Merge branch 'master' into glitch-soc/merge-upstream
2020-05-28 13:44:57 +02:00
dependabot-preview[bot]
2540d34b5b
Bump rubocop from 0.83.0 to 0.84.0 ( #13843 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.83.0 to 0.84.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.83.0...v0.84.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-25 21:57:53 +09:00
dependabot-preview[bot]
c8bc87482e
Bump aws-sdk-s3 from 1.64.0 to 1.66.0 ( #13847 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.64.0 to 1.66.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.64.0...v1.66.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-25 21:56:51 +09:00
dependabot-preview[bot]
fbf47751df
Bump pghero from 2.4.2 to 2.5.0 ( #13848 )
...
Bumps [pghero](https://github.com/ankane/pghero ) from 2.4.2 to 2.5.0.
- [Release notes](https://github.com/ankane/pghero/releases )
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/pghero/compare/v2.4.2...v2.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-25 21:56:04 +09:00
dependabot-preview[bot]
ccce394693
Bump rails from 5.2.4.2 to 5.2.4.3 ( #13844 )
...
Bumps [rails](https://github.com/rails/rails ) from 5.2.4.2 to 5.2.4.3.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v5.2.4.2...v5.2.4.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-25 14:02:19 +02:00
dependabot-preview[bot]
0e3139cb53
Bump capistrano-rails from 1.4.0 to 1.5.0 ( #13794 )
...
Bumps [capistrano-rails](https://github.com/capistrano/rails ) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/capistrano/rails/releases )
- [Changelog](https://github.com/capistrano/rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/capistrano/rails/compare/v1.4.0...v1.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-21 23:47:37 +09:00
dependabot-preview[bot]
2ea95555e0
Bump rubocop from 0.82.0 to 0.83.0 ( #13806 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.82.0 to 0.83.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.82.0...v0.83.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-21 23:14:05 +09:00
Thibaut Girka
4853a87df8
Merge branch 'master' into glitch-soc/merge-upstream
2020-05-13 22:11:49 +02:00
dependabot-preview[bot]
e7e09d3b7b
Bump doorkeeper from 5.3.3 to 5.4.0 ( #13733 )
...
* Bump doorkeeper from 5.3.3 to 5.4.0
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper ) from 5.3.3 to 5.4.0.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases )
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md )
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.3.3...v5.4.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix tests
* Fix use of Doorkeeper::AccessToken.find_or_create_for
* Fix tests?
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
2020-05-12 15:25:33 +02:00
Thibaut Girka
4e4e5316c1
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `Gemfile.lock`:
Not a real conflict, just a glitch-soc-only dependency too close to a
dependency that got updated upstream. Updated as well.
- `app/models/status.rb`:
Not a real conflict, just a change too close to glitch-soc-changed code
for optionally showing boosts in public timelines.
Applied upstream changes.
- `app/views/layouts/application.html.haml`:
Upstream a new, static CSS file, conflict due to glitch-soc's theming
system, include the file regardless of the theme.
- `config/initializers/content_security_policy.rb`:
Upstream dropped 'unsafe-inline' from the 'style-src' directive, but
both files are very different. Removed 'unsafe-inline' as well.
2020-05-10 16:19:56 +02:00
dependabot-preview[bot]
139c853aac
Bump capistrano from 3.13.0 to 3.14.0 ( #13624 )
...
* Bump capistrano from 3.13.0 to 3.14.0
Bumps [capistrano](https://github.com/capistrano/capistrano ) from 3.13.0 to 3.14.0.
- [Release notes](https://github.com/capistrano/capistrano/releases )
- [Commits](https://github.com/capistrano/capistrano/compare/v3.13.0...v3.14.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Update deploy.rb
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-05-08 21:29:03 +02:00
dependabot-preview[bot]
9c5306bfcf
Bump rubocop from 0.79.0 to 0.82.0 ( #13677 )
...
* Bump rubocop from 0.79.0 to 0.82.0
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.79.0 to 0.82.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.79.0...v0.82.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Update .codeclimate.yml
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-05-08 20:24:26 +02:00
dependabot-preview[bot]
c4b78c07e3
Bump pry-byebug from 3.8.0 to 3.9.0 ( #13653 )
...
Bumps [pry-byebug](https://github.com/deivid-rodriguez/pry-byebug ) from 3.8.0 to 3.9.0.
- [Release notes](https://github.com/deivid-rodriguez/pry-byebug/releases )
- [Changelog](https://github.com/deivid-rodriguez/pry-byebug/blob/master/CHANGELOG.md )
- [Commits](https://github.com/deivid-rodriguez/pry-byebug/compare/v3.8.0...v3.9.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 18:52:57 +02:00
dependabot-preview[bot]
f8330c501b
Bump capybara from 3.31.0 to 3.32.1 ( #13641 )
...
Bumps [capybara](https://github.com/teamcapybara/capybara ) from 3.31.0 to 3.32.1.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/3.31.0...3.32.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 18:51:49 +02:00
dependabot-preview[bot]
aa95acd357
Bump tzinfo-data from 1.2019.3 to 1.2020.1 ( #13645 )
...
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2019.3 to 1.2020.1.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.3...v1.2020.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 18:50:36 +02:00
dependabot-preview[bot]
aa798c7b80
Bump better_errors from 2.6.0 to 2.7.0 ( #13663 )
...
Bumps [better_errors](https://github.com/BetterErrors/better_errors ) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases )
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.6.0...v2.7.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 18:48:12 +02:00
dependabot-preview[bot]
33d85a6333
Bump aws-sdk-s3 from 1.63.0 to 1.64.0 ( #13675 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.63.0 to 1.64.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.63.0...v1.64.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 18:45:34 +02:00
dependabot-preview[bot]
150708a524
Bump http from 4.3.0 to 4.4.1 ( #13598 )
...
Bumps [http](https://github.com/httprb/http ) from 4.3.0 to 4.4.1.
- [Release notes](https://github.com/httprb/http/releases )
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md )
- [Commits](https://github.com/httprb/http/compare/v4.3.0...v4.4.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 18:42:12 +02:00
dependabot-preview[bot]
07d55e7c2e
Bump webpacker from 4.2.2 to 5.1.1 ( #13631 )
...
Bumps [webpacker](https://github.com/rails/webpacker ) from 4.2.2 to 5.1.1.
- [Release notes](https://github.com/rails/webpacker/releases )
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rails/webpacker/compare/v4.2.2...v5.1.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:52:54 +02:00
dependabot-preview[bot]
a223cffd3c
Bump rack-attack from 6.2.2 to 6.3.0 ( #13657 )
...
Bumps [rack-attack](https://github.com/kickstarter/rack-attack ) from 6.2.2 to 6.3.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases )
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.2.2...v6.3.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:44:24 +02:00
dependabot-preview[bot]
231e876fd0
Bump kaminari from 1.1.1 to 1.2.0 ( #13596 )
...
Bumps [kaminari](https://github.com/kaminari/kaminari ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/kaminari/kaminari/releases )
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 13:53:42 +02:00
Thibaut Girka
dfa13deaa1
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `app/controllers/statuses_controller.rb`:
Upstream disabled the embed controller for reblogs.
Not a real conflict, but glitch-soc has an extra line to deal
with its theming system.
Ported upstream changes.
- `app/javascript/packs/public.js`:
Upstream made changes to get rid of most inline CSS, this changes
javascript for public pages, which in glitch are split between
different files. Ported those changes.
- `app/models/status.rb`:
Upstream changed the block check in `Status#permitted_for` to
include domain-block checks. Not a real conflict with glitch-soc,
but our scope is slightly different, as our scope for
unauthenticated access do not include instance-local toots.
Ported upstream changes.
- `app/serializers/rest/instance_serializer.rb`:
Not a real conflict, upstream added a new field to the instance
serializer, the conflict is one line above since we added more of
that.
Ported upstream changes.
- `app/views/settings/profiles/show.html.haml`:
Upstream got rid of most inline CSS and moved hidden elements
to data attributes in the process, in fields were we have
different values.
Ported upstream changes while keeping our glitch-specific
values.
- `app/views/statuses/_simple_status.html.haml`:
Upstream got rid of inline CSS on an HAML line we treat
differently, stripping empty text nodes.
Ported upstream changes to the style attribute, keeping
the empty text node stripping behavior.
2020-05-03 21:23:49 +02:00
Eugen Rochko
9db780b0d4
Change CircleCI test output ( #13587 )
2020-05-01 20:19:01 +02:00
dependabot-preview[bot]
0dc372314d
Bump aws-sdk-s3 from 1.61.2 to 1.63.0 ( #13562 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.61.2 to 1.63.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits/v1.63.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:21:33 +09:00
Thibaut Girka
f9d5864e04
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `package.json`:
No real conflict, upstream updated a dependency which is
textually adjacent to a glitch-soc-specific dependency.
Updated it.
- `yarn.lock`:
No real conflict, upstream updated a dependency which is
textually adjacent to a glitch-soc-specific dependency.
Updated it.
2020-04-15 17:07:49 +02:00
dependabot-preview[bot]
34d4ff13a6
Bump rubocop-rails from 2.4.2 to 2.5.2 ( #13459 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.4.2 to 2.5.2.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.4.2...v2.5.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-13 23:36:57 +09:00
dependabot-preview[bot]
d5002774dd
Bump capistrano from 3.12.1 to 3.13.0 ( #13455 )
...
Bumps [capistrano](https://github.com/capistrano/capistrano ) from 3.12.1 to 3.13.0.
- [Release notes](https://github.com/capistrano/capistrano/releases )
- [Commits](https://github.com/capistrano/capistrano/compare/v3.12.1...v3.13.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-13 23:33:53 +09:00
Thibaut Girka
2f49575839
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- `README.md`:
We have a different README than upstream, discarded upstream changes
and kept ours.
2020-04-12 16:50:27 +02:00
dependabot-preview[bot]
fe3d5bfc43
Bump annotate from 3.0.3 to 3.1.1 ( #13417 )
...
Bumps [annotate](https://github.com/ctran/annotate_models ) from 3.0.3 to 3.1.1.
- [Release notes](https://github.com/ctran/annotate_models/releases )
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ctran/annotate_models/compare/v3.0.3...v3.1.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-10 03:32:39 +09:00