Commit graph

10004 commits

Author SHA1 Message Date
Eugen Rochko
38be9af436 Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
ThibG
d41433f651 Fix crashes in SuspendAccountService/UnsuspendAccountService (#15100)
* Fix crashes in SuspendAccountService/UnsuspendAccountService

* Catch filesystem errors
2020-11-07 13:16:54 +01:00
ThibG
c11e8737dd Fix suspension/unsuspension not working because of FeedManager change (#15099) 2020-11-07 13:16:00 +01:00
Eugen Rochko
b788e7eb6f Fix cookies not having a SameSite attribute (#15098) 2020-11-06 11:57:14 +01:00
Eugen Rochko
79f71206de Add subresource integrity for JS and CSS assets (#15096)
Fix #2744
2020-11-06 11:56:31 +01:00
Mélanie Chauvel
87042c99ee Display “Show newer” and “Show older” instead of “Show more” in public pages (#15052) 2020-11-04 21:15:45 +01:00
ThibG
b1a78a5cce Change order of announcements in admin page to sort them newest-first (#15091)
* Change order of announcements in admin page to sort show newly-created first

Fixes #15090

* Use reverse-chronological rather than creation date only
2020-11-04 21:15:22 +01:00
Takeshi Umeda
385c2eac6f Add account sensitized (#14361)
* Add account sensitized

* Fix i18n normalize

* Fix description and spec

* Fix spec

* Fix wording
2020-11-04 20:45:01 +01:00
dependabot[bot]
8af56cc1df Bump puma from 5.0.2 to 5.0.4 (#15085)
Bumps [puma](https://github.com/puma/puma) from 5.0.2 to 5.0.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.2...v5.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 20:44:10 +01:00
Mashiro
7f3497bd7f Add limitation of image's max zoom rate (max to the original size of image) (#15094)
* limit image max scale rate to fit the actual image size

* replace with MIN_SCALE

* fix behavior on touch screen
2020-11-04 20:43:31 +01:00
dependabot[bot]
f799fb843e Bump webpack-merge from 4.2.2 to 5.0.9 (#14424)
* Bump webpack-merge from 4.2.2 to 5.0.9

Bumps [webpack-merge](https://github.com/survivejs/webpack-merge) from 4.2.2 to 5.0.9.
- [Release notes](https://github.com/survivejs/webpack-merge/releases)
- [Changelog](https://github.com/survivejs/webpack-merge/blob/master/CHANGELOG.md)
- [Commits](https://github.com/survivejs/webpack-merge/compare/v4.2.2...v5.0.9)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix import path

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-11-05 02:21:28 +09:00
dependabot[bot]
88dd5d3ee1 Bump detect-passive-events from 1.0.5 to 2.0.1 (#15003)
* Bump detect-passive-events from 1.0.5 to 2.0.1

Bumps [detect-passive-events](https://github.com/rafgraph/detect-passive-events) from 1.0.5 to 2.0.1.
- [Release notes](https://github.com/rafgraph/detect-passive-events/releases)
- [Commits](https://github.com/rafgraph/detect-passive-events/compare/v1.0.5...v2.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Migrate to detect-passive-events v2

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-11-05 02:21:05 +09:00
dependabot[bot]
cc3ae3e856 Bump sass from 1.27.0 to 1.28.0 (#15082)
Bumps [sass](https://github.com/sass/dart-sass) from 1.27.0 to 1.28.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.27.0...1.28.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:23:05 +09:00
dependabot[bot]
16824b6bcc Bump mini-css-extract-plugin from 1.2.0 to 1.2.1 (#15077)
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.2.0...v1.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:13:15 +09:00
dependabot[bot]
d053ffe31e Bump eslint-plugin-jsx-a11y from 6.3.1 to 6.4.1 (#15078)
Bumps [eslint-plugin-jsx-a11y](https://github.com/evcohen/eslint-plugin-jsx-a11y) from 6.3.1 to 6.4.1.
- [Release notes](https://github.com/evcohen/eslint-plugin-jsx-a11y/releases)
- [Changelog](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md)
- [Commits](https://github.com/evcohen/eslint-plugin-jsx-a11y/compare/v6.3.1...v6.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:07:58 +09:00
dependabot[bot]
3b453926d2 Bump react-redux from 7.2.1 to 7.2.2 (#15079)
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.2.1 to 7.2.2.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.1...v7.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:07:03 +09:00
dependabot[bot]
a3db859d97 Bump eslint from 7.12.0 to 7.12.1 (#15080)
Bumps [eslint](https://github.com/eslint/eslint) from 7.12.0 to 7.12.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.12.0...v7.12.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:06:37 +09:00
dependabot[bot]
1e78d21909 Bump compression-webpack-plugin from 6.0.3 to 6.0.4 (#15076)
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v6.0.3...v6.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:48:28 +09:00
dependabot[bot]
939c985929 Bump file-loader from 6.1.1 to 6.2.0 (#15075)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 6.1.1 to 6.2.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v6.1.1...v6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:43:15 +09:00
dependabot[bot]
95884f1ae1 Bump wicg-inert from 3.0.3 to 3.1.0 (#15081)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.3...v3.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:41:45 +09:00
dependabot[bot]
7b78195cd6 Bump sidekiq-unique-jobs from 6.0.24 to 6.0.25 (#15083)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.24 to 6.0.25.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/commits/v6.0.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:39:02 +09:00
dependabot[bot]
466ef43c87 Bump bootsnap from 1.4.8 to 1.4.9 (#15086)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.8 to 1.4.9.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.8...v1.4.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:38:06 +09:00
Mashiro
00c6280294 add mouse scroll lock in image expand view (#15088)
* add mouse scroll lock in image expand view

* enhancement
2020-11-03 06:06:45 +01:00
Mashiro
315356cf23 Add expand/compress image button on image view box (#15068)
* add zoom image button

* enhance zoom algorithm & add translation

* code structure

* code structure

* code structure

* enhance grab performance

* rm useless state

* fix behavior on Firefox & scroll lock & horizontal scroll with mousewheel

* remove scroll lock on MouseWheelEvent

* code structure

* enhance algorithm and code structure

* rm Gemfile.lock from tree

* codeclimate

* fix a stupid mistake
2020-11-02 21:16:38 +01:00
Patrice Ferlet
1e3c688133 Fix postrgres secret name for cronjob (#15072)
The cronjob tries to get key from `mastodon` secret instead of
`mastodon-postgresql` - so the cronjob fails with this error:

Error: couldn't find key postgresql-password in Secret [NS]/mastodon

Another solution is to save the postgres password in mastodon secret,
but that means that the password is placed in two places.

Postgresql use <fullname>-postgresql name as secret name.
2020-11-02 06:16:51 +01:00
ThibG
9500d00e5f Tweak signature verification (#15069)
* Add more specific error message when request body digest is invalid

This may help other implementors debug their implementation.

* Relax Host parameter requirement to GET requests

The only POST requests processed by Mastodon need objects/actors (including
their host) to be explicitly mentioned in the request's body, so replaying
a legitimate request to another host should not be a security issue.

* Support Digest headers using multiple algorithms or lowercase alogirthm names
2020-11-01 23:38:31 +01:00
ThibG
2d5f0a0002 Fix some account media gallery items having empty labels (#15073)
Remove the labels entirely for images instead of putting an empty label.
2020-11-01 18:31:39 +01:00
ThibG
2b0491bb3c Fix poll ending notifications being created for each vote (#15071)
On a poll ending, notifications were created for each vote instead
of for each voter.
2020-11-01 06:34:43 +01:00
Darius Kazemi
a0b695b0c6 Show announcements in reverse chronological order (#15065) 2020-10-30 13:09:51 +01:00
fuyu
5ba6548e62 Fix wrong seek bar width on media player (#15060) 2020-10-30 13:09:20 +01:00
dependabot[bot]
7fcdf658d0 Bump mini-css-extract-plugin from 0.11.3 to 1.2.0 (#15034)
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 0.11.3 to 1.2.0.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v0.11.3...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 17:02:55 +09:00
dependabot[bot]
7719e5193c Bump css-loader from 4.3.0 to 5.0.0 (#15011)
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v4.3.0...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 16:55:59 +09:00
mayaeh
c15c3b01eb Fix width of content text fluctuating over time (#15055) 2020-10-27 13:34:02 +01:00
Mélanie Chauvel
6c072d8dec Make “Mark media as sensitive” properly translatable (#15051) 2020-10-27 03:05:50 +01:00
Mélanie Chauvel
f7eae6d264 Make visibility icon clickable as part of the time of a toot (#15053)
- Makes permalink to a toot more easily clickable
- Fix clicking between icon and time in fact clicking the display name
- Fix clicking slightly under time in fact clicking the display name
2020-10-27 03:00:47 +01:00
Mélanie Chauvel
c93e98ad47 Sort filters by “keyword or phrase” in Settings (#15050) 2020-10-27 03:00:06 +01:00
Mélanie Chauvel
988d029417 Make click area of video/audio player buttons bigger in WebUI (#15049) 2020-10-27 02:58:47 +01:00
dependabot[bot]
34c7c51d94 Bump jest from 26.5.3 to 26.6.1 (#15037)
Bumps [jest](https://github.com/facebook/jest) from 26.5.3 to 26.6.1.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/compare/v26.5.3...v26.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 09:06:10 +09:00
dependabot[bot]
d0734e7604 Bump babel-jest from 26.5.2 to 26.6.1 (#15036)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 26.5.2 to 26.6.1.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v26.6.1/packages/babel-jest)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 08:36:39 +09:00
dependabot[bot]
9e51601e31 Bump axios from 0.20.0 to 0.21.0 (#15033)
Bumps [axios](https://github.com/axios/axios) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v0.20.0...v0.21.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:54:31 +09:00
dependabot[bot]
2e15d3269d Bump react-test-renderer from 16.13.1 to 16.14.0 (#15038)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.13.1 to 16.14.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.14.0/packages/react-test-renderer)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:52:38 +09:00
dependabot[bot]
ff68ae5633 Bump eslint from 7.11.0 to 7.12.0 (#15040)
Bumps [eslint](https://github.com/eslint/eslint) from 7.11.0 to 7.12.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.11.0...v7.12.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:51:12 +09:00
dependabot[bot]
ed439a4eb2 Bump @testing-library/jest-dom from 5.11.4 to 5.11.5 (#15039)
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.11.4 to 5.11.5.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/master/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.11.4...v5.11.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:47:24 +09:00
dependabot[bot]
6133ded060 Bump tzinfo-data from 1.2020.3 to 1.2020.4 (#15041)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2020.3 to 1.2020.4.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2020.3...v1.2020.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:44:48 +09:00
dependabot[bot]
030ec4c789 Bump sass-loader from 10.0.3 to 10.0.4 (#15035)
Bumps [sass-loader](https://github.com/webpack-contrib/sass-loader) from 10.0.3 to 10.0.4.
- [Release notes](https://github.com/webpack-contrib/sass-loader/releases)
- [Changelog](https://github.com/webpack-contrib/sass-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/sass-loader/compare/v10.0.3...v10.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:44:27 +09:00
dependabot[bot]
371d1209d9 Bump eslint-plugin-react from 7.21.4 to 7.21.5 (#15043)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.21.4 to 7.21.5.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.21.4...v7.21.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:43:57 +09:00
dependabot[bot]
37839573f2 Bump strong_migrations from 0.7.1 to 0.7.2 (#15044)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.1...v0.7.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:43:19 +09:00
dependabot[bot]
9d7bc3cbc3 Bump simplecov from 0.19.0 to 0.19.1 (#15042)
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases)
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md)
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.19.0...v0.19.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:41:36 +09:00
dependabot[bot]
e223ef29b8 Bump aws-sdk-s3 from 1.83.0 to 1.83.1 (#15045)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.83.0 to 1.83.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:41:15 +09:00
dependabot[bot]
c974812908 Bump stackprof from 0.2.15 to 0.2.16 (#15046)
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.15 to 0.2.16.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.15...v0.2.16)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-27 02:40:37 +09:00