7b1d582232
Improve streaming server security ( #10818 )
...
* Check OAuth token scopes in the streaming API
* Use Sec-WebSocket-Protocol instead of query string to pass WebSocket token
Inspired by https://github.com/kubevirt/kubevirt/issues/1242
6 years ago
4e953ee471
Merge pull request #1067 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
6 years ago
ce528d61b4
Do not share a single Redcarpet::Markdown object across threads
...
There are apparently thread-safety issues: https://github.com/vmg/redcarpet/pull/672
6 years ago
630aafa3a7
Merge branch 'master' into glitch-soc/merge-upstream
6 years ago
8effca3e23
Merge pull request #1065 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
6 years ago
106cfa7553
Various improvements to single column layout ( #10809 )
...
- Add potential side panels to single column layout
- Hide FAB on large screens
6 years ago
028fb2060b
Fix possible race condition when processing statuses ( #10815 )
6 years ago
3d860417a5
[Glitch] Fix stacking order of emoji picker
...
Port 1fbe5c2fec
6 years ago
d445d5833e
Merge branch 'master' into glitch-soc/merge-upstream
...
Conflicts:
- app/models/account.rb
- app/views/settings/profiles/show.html.haml
- spec/controllers/api/v1/accounts/credentials_controller_spec.rb
Conflicts were due to an increase in account bio length upstream, which
is already covered in glitch-soc through `MAX_BIO_CHARS`.
6 years ago
f5637b174f
Move signature verification stoplight to the requests themselves ( #10813 )
...
* Move signature verification stoplight to the requests themselves
This avoids blocking messages from known keys for 5 minutes when only one fails…
* Put the stoplight on the actual client IP, not a potential reverse proxy
6 years ago
3371452f77
Add sponsor button to GitHub web UI ( #10814 )
...
- https://help.github.com/en/articles/displaying-a-sponsor-button-in-your-repository
6 years ago
4eaa4a649e
Retry ActivityPub inbox delivery on HTTP 401 and 408 errors ( #10812 )
...
HTTP 401 responses returned by Mastodon's inbox controller may
be temporary if, for instance, the requesting user's actor/key json
could not be retrieved in a timely fashion. This changes allow retries
instead of dropping the message entirely.
Also added HTTP 408 as that error is by nature temporary.
6 years ago
9a101b91ae
Make headers font size proportional
6 years ago
3117d0ac70
Allow rel=tag in status text
...
Fixes tag links in local Markdown or HTML-authored statuses
6 years ago
f9ca3d62b6
Add `forceSingleColumn` prop to `<UI />` ( #10807 )
...
* Move TabsBar rendering logic from CSS to the ColumnsArea component
* Add forceSingleColumn mode
* Add unread notifications counter to tabs bar
* Add toggle to control `forceSingleColumn`
* Increase paddings in mobile layout responsively at large sizes
6 years ago
81768812f9
Migrate from uws to cws ( #10805 )
6 years ago
1fbe5c2fec
Fix stacking order of emoji picker ( #10801 )
6 years ago
88029fd2ab
Bump aws-sdk-s3 from 1.39.0 to 1.40.0 ( #10803 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.39.0 to 1.40.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.39.0...v1.40.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
8ad21993a8
Bump rubocop from 0.69.0 to 0.70.0 ( #10802 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.69.0 to 0.70.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.69.0...v0.70.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
0a1ba7c14b
i18n: Complete frontend Bengali translation ( #10800 )
...
* i18n: Complete frontend Bengali translation
* run yarn manage:translations
6 years ago
a93c6f708b
Fix local text/html toots not being sanitized
6 years ago
140a741979
Update remote bio test from 160 to 500 ( #10799 )
6 years ago
626844dfb1
Add `account_id` param to `GET /api/v1/notifications` ( #10796 )
...
* Add `from_account` to notifications API
this adds the ability to filter notifications by the account they
originated from
* passing a non-existent user should cause none to be returned
* Fix codeclimate warnings
* fix more codeclimate warnings
* make requested changes:
* use account id instead of user@domain
* name the param `account_id` instead of `from_account`
* Don't use `return` in a lambda
6 years ago
329286f4f9
Bump httplog from 1.2.2 to 1.3.0 ( #10795 )
...
Bumps [httplog](https://github.com/trusche/httplog ) from 1.2.2 to 1.3.0.
- [Release notes](https://github.com/trusche/httplog/releases )
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md )
- [Commits](https://github.com/trusche/httplog/commits/v1.3.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
a0b7246388
Refactor contentType selection in glitch composer
6 years ago
42bdd0766d
Update sk.yml ( #10788 )
...
* Update sk.yml
* Update sk.yml
* Update sk.yml
* Update sk.yml
* Update sk.yml
* Update sk.yml
* normalize
6 years ago
cb37c92e7b
Bump lograge from 0.11.0 to 0.11.1 ( #10793 )
...
Bumps [lograge](https://github.com/roidrage/lograge ) from 0.11.0 to 0.11.1.
- [Release notes](https://github.com/roidrage/lograge/releases )
- [Changelog](https://github.com/roidrage/lograge/blob/master/CHANGELOG.md )
- [Commits](https://github.com/roidrage/lograge/compare/v0.11.0...v0.11.1 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
584ab2879e
Bump capybara from 3.20.0 to 3.20.2 ( #10794 )
...
Bumps [capybara](https://github.com/teamcapybara/capybara ) from 3.20.0 to 3.20.2.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/3.20.0...3.20.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
6 years ago
0bc9d4f6d3
Use glitch-soc's poll component instead of upstream's
6 years ago
d8e5268939
Change bio limit from 160 to 500 ( #10790 )
...
* Change note_length validator from 160 to 500
* Change input maxlength from 160 to 500
* update bio test from 160 to 500
* Multiply a string 30 times instead of 10
6 years ago
d428d2923d
Merge pull request #1055 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
6 years ago
e21662d370
Merge branch 'master' into glitch-soc/merge-upstream
6 years ago
6f6382d81c
Merge pull request #1054 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
6 years ago
4ad004d2ef
Fix “invited by” not showing up for invited accounts in admin interface ( #10791 )
6 years ago
7a88a5b44a
sk.yml grammar update ( #10786 )
...
* sk.yml grammar update
* bundle exec i18n-tasks normalize
6 years ago
4de9bd3870
fix `isSubmitting` prop case ( #10785 )
6 years ago
fd5da4033e
Merge branch 'master' into glitch-soc/merge-upstream
6 years ago
875d18d636
Small corrections for sk translation ( #10784 )
6 years ago
b96cc31682
Add post-deployment migration script to delete public-boosts-of-private-toots ( #10783 )
6 years ago
decaffc020
Upgrade redis in docker-compose.yml from 4 to 5 ( #9063 )
6 years ago
7660ac5008
I18n: Update Czech translation ( #10781 )
6 years ago
8ec309ee64
add og:image:alt for media attachments in embeds ( #10779 )
6 years ago
3a4761c665
Change poll options to alphabetic letters when status text is hidden ( #10685 )
...
Fix #10569
6 years ago
bf0766358b
Remove 'Weblate' from CONTRIBUTING.md ( #10778 )
...
The mastodon project no longer used weblate to translate UI
sentences. (ref #10385 )
6 years ago
66430720c1
Merge pull request #1053 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
6 years ago
08a793cbd9
Merge branch 'master' into glitch-soc/merge-upstream
6 years ago
1fec2ff78f
Prevent from publicly boosting one's own private toots ( #10775 )
6 years ago
d48d1ed534
Minor optimization
6 years ago
b83cdc9b02
Export fallback content type and use it as default in WebUI
6 years ago
3d03d084cd
Properly escape HTML in code blocks
6 years ago
ThibG
Eugen Rochko
nzws
Yamagishi Kazutoshi
abcang
dependabot[bot]
dxwc
trwnh
Paul Woolcock
Marek Ľach
Hinaloe
Shlee
Aditoo17
Ben Lubar
Yusuke Nakamura