Commit graph

8668 commits

Author SHA1 Message Date
Eugen Rochko
a4668d994b Add specific rate limits for posting and following (#13172) 2020-03-08 15:17:39 +01:00
ThibG
1eae25af56 Fix too large announcements not being scrollable in web UI (#13211) 2020-03-06 15:20:14 +01:00
koyu
e899e0dc98 Change GIF label to be displayed even when autoplay is enabled in web UI (#13209) 2020-03-06 05:31:51 +01:00
Eugen Rochko
9619521459 Remove useless respond_to calls (#13208) 2020-03-06 01:29:38 +01:00
Eugen Rochko
03d2704430 Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
2020-03-05 23:20:49 +01:00
Eugen Rochko
df086209a2 Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes #13168
2020-03-05 15:56:01 +01:00
Eugen Rochko
635812f9ea Add tooltips to audio/video player buttons (#13203) 2020-03-05 15:52:15 +01:00
dependabot-preview[bot]
b4a1b1ac61 Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:55:52 +09:00
dependabot-preview[bot]
4655d06d86 Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:55:32 +09:00
dependabot-preview[bot]
5b635f3f81 Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:49:40 +09:00
dependabot-preview[bot]
db456a9acc Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:48:02 +09:00
dependabot-preview[bot]
0150972fc4 Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:46:56 +09:00
dependabot-preview[bot]
37c9e574d1 Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:44:44 +09:00
ThibG
d34b90c846 Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
2020-03-01 22:25:13 +01:00
ThibG
dfadd78057 Fix elasticsearch-api and faraday incompatibilities (#13166) 2020-02-29 03:05:02 +01:00
ThibG
6e937a13a8 Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords

Fixes #13154

* Refactor
2020-02-29 03:00:43 +01:00
dependabot-preview[bot]
0a969764c3 [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-29 02:57:14 +01:00
ThibG
69aefeb7ee Fix announcements with fully-qualified mention to local user crashing WebUI (#13164) 2020-02-28 13:49:45 +01:00
Eugen Rochko
1a74ffed23 Bump version to 3.1.2 (#13162) 2020-02-27 12:34:07 +01:00
Eugen Rochko
e0db9f37f5 Fix leak of arbitrary statuses through unfavourite action in REST API (#13161) 2020-02-27 12:32:54 +01:00
ThibG
c004399975 Fix dismissing an announcement twice raising an obscure error (#13124) 2020-02-24 22:21:40 +01:00
ThibG
d7da2bba02 Fix misleading error when attempting to re-send a pending follow request (#13133)
Fixes #13131
2020-02-24 21:19:19 +01:00
ThibG
910383d992 Fix backups failing when files are missing from media attachments (#13146)
Fixes #13123
2020-02-24 21:18:26 +01:00
ThibG
257354863e Fix duplicate accounts being created when fetching an account for its key only (#13147)
Fixes #13136

When a user's canonical acct domain is different from its id's domain
(WEB_DOMAIN ≠ LOCAL_DOMAIN), two webfinger queries are required to find the
canonical domain from the URI. However, we skip webfinger queries when
updating only the key of a remote user, which led to the creation of a
duplicate account, using the URI's domain instead of the canonical acct: one.
2020-02-24 21:15:53 +01:00
dependabot-preview[bot]
e9d019ef3d Bump react-redux from 7.1.3 to 7.2.0 (#13141)
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.1.3 to 7.2.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.1.3...v7.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 21:54:19 +09:00
dependabot-preview[bot]
13fe4fcab6 Bump webpack-cli from 3.3.10 to 3.3.11 (#13139)
Bumps [webpack-cli](https://github.com/webpack/webpack-cli) from 3.3.10 to 3.3.11.
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/next/CHANGELOG_v3.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.10...v3.3.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:50:25 +09:00
dependabot-preview[bot]
604438587d Bump rellax from 1.10.0 to 1.12.1 (#13140)
Bumps [rellax](https://github.com/dixonandmoe/rellax) from 1.10.0 to 1.12.1.
- [Release notes](https://github.com/dixonandmoe/rellax/releases)
- [Commits](https://github.com/dixonandmoe/rellax/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:50:18 +09:00
dependabot-preview[bot]
4b49f08506 Bump @babel/core from 7.8.3 to 7.8.4 (#13137)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.8.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:36:32 +09:00
ThibG
5ad9ee92f6 Add --reset-password option to tootctl accounts modify (#13126) 2020-02-22 01:29:14 +01:00
ThibG
13c00dc42c Fix /web redirecting to /web/web in web UI (#13128)
Fixes #13127
2020-02-22 01:27:34 +01:00
ThibG
78c15db0fa Fix previously OStatus-based accounts not being detected as ActivityPub (#13129) 2020-02-22 01:26:41 +01:00
dependabot-preview[bot]
296828907c Bump rack from 2.1.2 to 2.2.2 (#13108)
Bumps [rack](https://github.com/rack/rack) from 2.1.2 to 2.2.2.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/2.1.2...v2.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-20 09:24:16 +09:00
ThibG
729fe5bfd6 Add source-mapped stacktrace to error message in web UI (#13082)
* Add source-mapped stack trace to copyable text in error boundary

* Add the error message to the copied report, not only the stack trace
2020-02-19 22:36:52 +01:00
ThibG
8e8d9b3727 Fix account JSON/RSS not being cacheable due to wrong mime type comparison (#13116)
`request.format` is not a symbol but a `Mime::Type`, so the condition actually
never matched, and a session was created even for those requests, preventing
caching.
2020-02-19 22:31:53 +01:00
ThibG
3cdaa34783 Fix old browsers crashing because of missing finally polyfill in web UI (#13115)
Fix #13015
2020-02-18 17:22:44 +01:00
dependabot-preview[bot]
2d1e769137 Bump simplecov from 0.18.1 to 0.18.2 (#13106)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.1 to 0.18.2.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.1...v0.18.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:27:19 +09:00
dependabot-preview[bot]
79edec6f3a Bump pkg-config from 1.4.0 to 1.4.1 (#13105)
Bumps [pkg-config](https://github.com/ruby-gnome/pkg-config) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/ruby-gnome/pkg-config/releases)
- [Changelog](https://github.com/ruby-gnome/pkg-config/blob/master/NEWS)
- [Commits](https://github.com/ruby-gnome/pkg-config/compare/1.4.0...1.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:24:20 +09:00
dependabot-preview[bot]
1d44123599 Bump nokogiri from 1.10.7 to 1.10.8 (#13110)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.7 to 1.10.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.7...v1.10.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:22:43 +09:00
dependabot-preview[bot]
a02bee425b Bump rimraf from 3.0.0 to 3.0.2 (#13104)
Bumps [rimraf](https://github.com/isaacs/rimraf) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/isaacs/rimraf/releases)
- [Changelog](https://github.com/isaacs/rimraf/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/rimraf/compare/v3.0.0...v3.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:58:14 +09:00
dependabot-preview[bot]
a799d849ac Bump react-swipeable-views from 0.13.4 to 0.13.9 (#13103)
Bumps [react-swipeable-views](https://github.com/oliviertassinari/react-swipeable-views) from 0.13.4 to 0.13.9.
- [Release notes](https://github.com/oliviertassinari/react-swipeable-views/releases)
- [Changelog](https://github.com/oliviertassinari/react-swipeable-views/blob/master/CHANGELOG.md)
- [Commits](https://github.com/oliviertassinari/react-swipeable-views/commits/v0.13.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:57:29 +09:00
dependabot-preview[bot]
99cf292bec Bump eslint-plugin-import from 2.20.0 to 2.20.1 (#13101)
Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import) from 2.20.0 to 2.20.1.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases)
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md)
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.20.0...v2.20.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:53:02 +09:00
dependabot-preview[bot]
4ee8fbcfab Bump terser-webpack-plugin from 2.3.2 to 2.3.5 (#13100)
Bumps [terser-webpack-plugin](https://github.com/webpack-contrib/terser-webpack-plugin) from 2.3.2 to 2.3.5.
- [Release notes](https://github.com/webpack-contrib/terser-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/terser-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/terser-webpack-plugin/compare/v2.3.2...v2.3.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:49:21 +09:00
ThibG
e2b6503921 Fix account's bio not being shown if there are no proofs/fields in admin UI (#13075) 2020-02-17 16:38:59 +01:00
ThibG
ddd9bad7f1 Fix sign-ups without checked user agreement being accepted through the web form (#13088)
* Fix user agreement not being verified

* Fix tests

* Fix up agreement field being dismissed
2020-02-16 12:56:53 +01:00
Sara Aimée Smiseth
8af34e6a64 Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
ThibG
d5a71bf924 Fix invite request input not being shown on sign-up error if left empty (#13089)
If the “Why do you want to join?” textarea is left empty and the entered params
do not validate, the textarea isn't shown again, unlike other fields.

This commit fixes that by populating an empty `UserInviteRequest` when needed.
2020-02-16 12:38:22 +01:00
Marcin Cieślak
dc6fbdb6c9 Do not suggest to login into the GitLab database (#13084)
As pointed out on Discourse:

https://discourse.joinmastodon.org/t/obscure-wtf-error-message-running-migrations-for-3-1/2524

The message the administrators were getting was telling them
to log in to the "GitLab database" and also mentions MySQL
2020-02-15 12:52:57 +01:00
dependabot-preview[bot]
00ac179f00 Bump @babel/plugin-transform-runtime from 7.7.6 to 7.8.3 (#12980)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.7.6 to 7.8.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.6...v7.8.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 21:34:03 +09:00
dependabot-preview[bot]
8532bc72bd Bump json-ld-preloaded from 3.0.6 to 3.1.0 (#12982)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.0.6 to 3.1.0.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.0.6...3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 21:26:53 +09:00
dependabot-preview[bot]
f00064da6b Bump rubocop-rails from 2.4.1 to 2.4.2 (#12984)
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.4.1...v2.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 21:18:07 +09:00