Commit graph

8930 commits

Author SHA1 Message Date
dependabot-preview[bot]
b22f543978 Bump loglevel from 1.6.6 to 1.6.8 (#13569)
Bumps [loglevel](https://github.com/pimterry/loglevel) from 1.6.6 to 1.6.8.
- [Release notes](https://github.com/pimterry/loglevel/releases)
- [Commits](https://github.com/pimterry/loglevel/compare/v1.6.6...v1.6.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:59:00 +09:00
dependabot-preview[bot]
708d6d5768 Bump svgo from 1.1.1 to 1.3.2 (#13570)
Bumps [svgo](https://github.com/svg/svgo) from 1.1.1 to 1.3.2.
- [Release notes](https://github.com/svg/svgo/releases)
- [Changelog](https://github.com/svg/svgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/svg/svgo/compare/v1.1.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:46:20 +09:00
ThibG
3b7373ed4c Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG
df5867f072 Refactor/cleanup TIMELINE_DELETE-related code (#13175) 2020-04-28 09:53:42 +02:00
ThibG
f53bd1bef6 Fix messed up z-index when NoScript blocks media/previews (#13449)
Fixes #13444
2020-04-28 09:44:17 +02:00
ThibG
207c5ab2a3 Fix /public showing public instead of community timeline for logged-in users (#13499) 2020-04-28 09:43:45 +02:00
ThibG
09162ceb7c Add invites_enabled to API (#13501) 2020-04-28 09:43:34 +02:00
Lerk
0dd63eae8e Add tootctl emoji export (#13534)
* add emoji export command to cli

* fix codeclimate issues

* add error when no matching category was found

* add other suggestions

* exit 1 when no matching category is found

* changes according to suggestions

* 👀

* RubyNein

Y u always autoformat :c
2020-04-27 22:17:49 +02:00
dependabot-preview[bot]
475d0375ec Bump oj from 3.10.5 to 3.10.6 (#13557)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.5 to 3.10.6.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.5...v3.10.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-27 17:20:34 +02:00
Даниил Пронин
bf46f726fd Add JS IDE helper (#13012)
* add IDE helper for Webpack

* fix ESLint error in IDE helper

* fix IDE helper code style
2020-04-27 17:19:53 +02:00
mayaeh
4ec7b137de Fix naming issue (#13551) 2020-04-27 10:32:05 +02:00
Eugen Rochko
adfb22a9dd Add separate cache directory for non-local uploads (#12821) 2020-04-26 23:29:08 +02:00
Eugen Rochko
96920a7b8e Fix not being able to resolve public resources in development environment (#13505) 2020-04-25 22:01:08 +02:00
ThibG
cd3a0a17bc Fix uninformative error message when uploading unsupported image files (#13540)
Attempting to upload image files that the browser is unable to load results
in “Oops! An unexpected error occurred.”

This commit changes the error handling so that an unprocessable image results
in the file being sent anyway, which might cover a few corner cases, and
provide a slightly better error message.
2020-04-25 12:27:29 +02:00
ThibG
3526163340 Fix expanded video player issues (#13541)
Fixes #13536

- Expanding a paused video doesn't autoplay anymore
- Default volume level for the expanded video inherited from the original video

Position/playing state/volume are carried over from the original video player
to the modal, but they're not reported back to the modal as it would require
deeper changes.
2020-04-25 12:16:05 +02:00
Takeshi Umeda
f365b9d6cd Fix enable/disable relay failures (#13535) 2020-04-23 22:04:18 +02:00
Irie Aoi
cf1bf9dda9 Set max-width and max-height to gif video (#13533) 2020-04-23 15:49:33 +02:00
ThibG
69696c62b1 Fix and refactor keyboard navigation in dropdown menus (#13528)
Fixes #13527

- Fixes caught keyboard events being needlessly propagated
- Let up/down arrows wrap around like the tab key does
- Refactor common code
2020-04-21 15:13:26 +02:00
dependabot-preview[bot]
18646e4792 Bump parser from 2.7.1.0 to 2.7.1.1 (#13508)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.0 to 2.7.1.1.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.0...v2.7.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-21 00:05:08 +09:00
dependabot-preview[bot]
3a78a8a599 Bump globule from 1.2.1 to 1.3.1 (#13521)
Bumps [globule](https://github.com/cowboy/node-globule) from 1.2.1 to 1.3.1.
- [Release notes](https://github.com/cowboy/node-globule/releases)
- [Commits](https://github.com/cowboy/node-globule/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-21 00:00:34 +09:00
dependabot-preview[bot]
7ce1846e6e Bump stream-shift from 1.0.0 to 1.0.1 (#13522)
Bumps [stream-shift](https://github.com/mafintosh/stream-shift) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/mafintosh/stream-shift/releases)
- [Commits](https://github.com/mafintosh/stream-shift/compare/v1.0.0...v1.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:58:35 +09:00
dependabot-preview[bot]
2b8cce6b52 Bump redis-actionpack from 5.0.2 to 5.2.0 (#13510)
Bumps [redis-actionpack](http://redis-store.org/redis-actionpack) from 5.0.2 to 5.2.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:57:04 +09:00
dependabot-preview[bot]
1deabd9c0e Bump uuid from 7.0.2 to 7.0.3 (#13520)
Bumps [uuid](https://github.com/uuidjs/uuid) from 7.0.2 to 7.0.3.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v7.0.2...v7.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:55:32 +09:00
dependabot-preview[bot]
81099ace39 Bump sisteransi from 1.0.0 to 1.0.5 (#13523)
Bumps [sisteransi](https://github.com/terkelg/sisteransi) from 1.0.0 to 1.0.5.
- [Release notes](https://github.com/terkelg/sisteransi/releases)
- [Commits](https://github.com/terkelg/sisteransi/compare/v1.0.0...v1.0.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:53:18 +09:00
dependabot-preview[bot]
a4b29ce7b4 Bump signal-exit from 3.0.2 to 3.0.3 (#13519)
Bumps [signal-exit](https://github.com/tapjs/signal-exit) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/tapjs/signal-exit/releases)
- [Changelog](https://github.com/tapjs/signal-exit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tapjs/signal-exit/compare/v3.0.2...v3.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:50:57 +09:00
dependabot-preview[bot]
fda2326b5f Bump pako from 1.0.10 to 1.0.11 (#13518)
Bumps [pako](https://github.com/nodeca/pako) from 1.0.10 to 1.0.11.
- [Release notes](https://github.com/nodeca/pako/releases)
- [Changelog](https://github.com/nodeca/pako/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/pako/compare/1.0.10...1.0.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:43:58 +09:00
dependabot-preview[bot]
32393c90c0 Bump nokogumbo from 2.0.1 to 2.0.2 (#13509)
Bumps [nokogumbo](https://github.com/rubys/nokogumbo) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/rubys/nokogumbo/releases)
- [Changelog](https://github.com/rubys/nokogumbo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubys/nokogumbo/compare/v2.0.1...v2.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:33:55 +09:00
dependabot-preview[bot]
0a48b2a262 Bump excon from 0.71.0 to 0.73.0 (#13507)
Bumps [excon](https://github.com/excon/excon) from 0.71.0 to 0.73.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.71.0...v0.73.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:24:35 +09:00
dependabot-preview[bot]
3c4da0e5d0 Bump redis-rack from 2.0.4 to 2.1.2 (#13512)
Bumps [redis-rack](http://redis-store.org/redis-rack) from 2.0.4 to 2.1.2.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:05:09 +09:00
dependabot-preview[bot]
8cfe3a4e9b Bump rqrcode_core from 0.1.1 to 0.1.2 (#13506)
Bumps [rqrcode_core](https://github.com/whomwah/rqrcode_core) from 0.1.1 to 0.1.2.
- [Release notes](https://github.com/whomwah/rqrcode_core/releases)
- [Commits](https://github.com/whomwah/rqrcode_core/commits/v0.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 22:29:14 +09:00
dependabot-preview[bot]
cf1286761a Bump aws-sigv4 from 1.1.1 to 1.1.2 (#13513)
Bumps [aws-sigv4](https://github.com/aws/aws-sdk-ruby) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sigv4/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.1.1...1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 22:24:40 +09:00
dependabot-preview[bot]
969d833ba9 Bump axobject-query from 2.0.2 to 2.1.2 (#13514)
Bumps [axobject-query](https://github.com/A11yance/axobject-query) from 2.0.2 to 2.1.2.
- [Release notes](https://github.com/A11yance/axobject-query/releases)
- [Changelog](https://github.com/A11yance/axobject-query/blob/master/CHANGELOG.md)
- [Commits](https://github.com/A11yance/axobject-query/compare/v2.0.2...v2.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 22:22:06 +09:00
dependabot-preview[bot]
21ccc2ccd8 Bump console-browserify from 1.1.0 to 1.2.0 (#13515)
Bumps [console-browserify](https://github.com/browserify/console-browserify) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/browserify/console-browserify/releases)
- [Changelog](https://github.com/browserify/console-browserify/blob/master/CHANGELOG.md)
- [Commits](https://github.com/browserify/console-browserify/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 22:18:04 +09:00
dependabot-preview[bot]
3497d685e7 Bump css-what from 2.1.2 to 2.1.3 (#13516)
Bumps [css-what](https://github.com/fb55/css-what) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/fb55/css-what/releases)
- [Commits](https://github.com/fb55/css-what/compare/v2.1.2...v2.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 22:15:03 +09:00
sternenseemann
674005c08e Allow users to delete their header and avatar (#13234)
This is achieved by sending a DELETE request to
/settings/profile/pictures/{avatar,header} via a link that is part of
the upload form's hint of the respective picture.
2020-04-20 14:03:03 +02:00
D Anzorge
945c8e207e Update Twemoji to 12.1.5 (#13021)
* Update Twemoji to 12.1.5

SVGs from Twemoji repo https://github.com/twitter/twemoji

* Update emoji_map.json to Unicode 12
2020-04-19 23:38:31 +02:00
Takeshi Umeda
f5606cdab4 Add local only to hashtag timeline (#13502) 2020-04-18 21:52:39 +02:00
ThibG
2444658e4b Fix uploaded image orientation in some browsers (#13493)
Some browsers (at least recent Chrome versions) automatically take
image metadata into account when drawing images into a canvas.
There seem to be no way to prevent that behavior, and the only
way to detect it seems to compare with a known image.

See: https://github.com/w3c/csswg-drafts/issues/4666
Solution adapted from: 1e4df70782
2020-04-18 15:37:03 +02:00
ThibG
0f3317fbe2 Fix not being able to vote (#13490)
Fix regression introduced by 53f9f8a4ce
2020-04-17 21:54:25 +02:00
ThibG
a93fc74d31 Fix admin actions log crash when displaying updates of deleted announcements (#13489)
Fixes #13487
2020-04-17 19:54:58 +02:00
Eugen Rochko
efd5db8f21 Fix search not working due to proxy settings when using hidden services (#13488)
Fix #13484
2020-04-17 15:14:24 +02:00
Gurgen Hayrapetyan
53f9f8a4ce Fix Poll fetchPoll action not being debounced. (#13485)
* Fix Poll fetchPoll action not being debounced.

* Fix unused import in the Poll component
2020-04-16 20:16:20 +02:00
Takeshi Umeda
8eca96eb77 Fix DeliveryWorker not to call failure_tracker when inbox_url is unavailable (#13482) 2020-04-16 08:04:10 +02:00
Takeshi Umeda
1eb59ace5c Fix migration 20200407202420_migrate_unavailable_inboxes (#13481) 2020-04-16 08:03:24 +02:00
ThibG
c162748a14 Fix confusing error when failing to add an alias to an unknown account (#13480)
Follow-up to #13452, fixing broken `uri.nil?` test.

Also remove the separate check for `uri` presence, as that would result
in a “Please review 2 errors below” while only one would be listed.
2020-04-15 20:33:53 +02:00
Eugen Rochko
2d3219549b Change delivery failure tracking to work with hostnames instead of URLs (#13437) 2020-04-15 20:33:24 +02:00
ThibG
add34dd132 Fix “Email changed” notification sometimes having wrong e-mail (#13475)
* Fix “Email changed” notification sometimes having wrong e-mail

Fixes #6778

The root of the issue is that `send_devise_notification` was called before
the changes were properly commited to the database, causing the mailer to
pick previous values if running too early.

Devise's documentation provides guidance on how to handle that[1][2], however,
I have found it to not be working, as the following happens, in that order:
- `send_devise_notification` is called for the `email_changed` notification.
  In that case, `changed?` is false and `saved_changes?` is true, so
  if we use the former, we have the same issue.
- the `after_commit` hook is called
- `send_devise_notification` is called for the `confirmation_instructions`
  notification.
  In that case, `changed?` is still false, and `saved_changes?` still true,
  so if we use the latter, that second notification email is simply not
  going to be sent (as we would be queuing the notification *after*
  executing the after_commit hook).

This is because it may be called from either an `after_update` or
`after_commit` hook, the difference not being a call to `save` but the
transaction actually being committed to the database. This may arguably
be a bug in Devise, or Devise's notification.

The proposed workaround is inspired by Devise's documentation but checks
whether a transaction is open to make the call whether to immediately
send the notification or defer it to the `after_commit` hook.

[1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification
[2]: 406915cb78/lib/devise/models/authenticatable.rb (L133-L194)

* Fix cases when sending notifications without changing the model

* Defer sending if and only if in transaction including current record
2020-04-15 16:13:44 +02:00
dependabot-preview[bot]
7ebaef064e Bump watchpack from 1.6.0 to 1.6.1 (#13462)
Bumps [watchpack](https://github.com/webpack/watchpack) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/webpack/watchpack/releases)
- [Commits](https://github.com/webpack/watchpack/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-14 00:35:20 +09:00
dependabot-preview[bot]
54fb8967cd Bump regexp_parser from 1.6.0 to 1.7.0 (#13460)
Bumps [regexp_parser](https://github.com/ammar/regexp_parser) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/ammar/regexp_parser/releases)
- [Changelog](https://github.com/ammar/regexp_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ammar/regexp_parser/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-13 23:40:22 +09:00
dependabot-preview[bot]
34d4ff13a6 Bump rubocop-rails from 2.4.2 to 2.5.2 (#13459)
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.4.2 to 2.5.2.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.4.2...v2.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-13 23:36:57 +09:00