glitchier-soc

Commit Graph

Author	SHA1	Message	Date
Claire	3445bdfa45	Merge pull request from GHSA-9928-3cp5-93fm * Fix attachments getting processed despite failing content-type validation * Add a restrictive ImageMagick security policy tailored for Mastodon * Fix misdetection of MP3 files with large cover art * Reject unprocessable audio/video files instead of keeping them unchanged	1 year ago
Eugen Rochko	edb6aab974	Revert "Rails 7 update" (#25667 )	1 year ago
Matt Jankowski	5cadbaa296	Rails 7 update (#24241 )	1 year ago
Claire	83b03b528b	Fix compatibility of recent migration with PostgreSQL 10 (#25324 )	1 year ago
Nick Schonning	ef344388c5	Autofix Rubocop Regex Style rules (#23690 ) Co-authored-by: Claire <claire.github-309c@sitedethib.com>	1 year ago
Claire	f2dbbcdec5	Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273 )	1 year ago
Matt Jankowski	c671e23d28	Remove unmaintained `nsa` gem (#25265 )	1 year ago
Claire	1c298d97c5	Change wording of “Content cache retention period” setting to highlight destructive implications (#23261 )	1 year ago
Renaud Chaput	f681f81cbf	Allow carets in URL search params (#25216 )	1 year ago
Nick Schonning	44b7c24bd0	Autofix Rubocop spacing in config (#25022 )	1 year ago
Nick Schonning	67c5ac4971	Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#25002 )	2 years ago
Matt Jankowski	a8aad4a45a	Fix Performance/RedundantMerge cop (#24817 )	2 years ago
Matt Jankowski	bdbc9d0036	Fix Rails/CompactBlank cop (#24690 )	2 years ago
Matt Jankowski	78f29479ab	Fix Rails/Present cop (#24688 )	2 years ago
Nick Schonning	519ae8c0c6	Drop EOL Ruby 2.7 (#24237 )	2 years ago
Nick Schonning	91f0da8563	Autofix Rubocop Style/NumericLiterals (#24468 )	2 years ago
Claire	e03f9b38c5	Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327 )	2 years ago
Nick Schonning	2a0d2453b0	Autofix Rubocop Style/IdenticalConditionalBranches (#24322 )	2 years ago
Eugen Rochko	c75fccf033	Change user settings to be stored in a more optimal way (#23630 ) Co-authored-by: Claire <claire.github-309c@sitedethib.com>	2 years ago
Claire	af57bcd3cf	Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200 )	2 years ago
Claire	852eb6ce7a	Fix sidekiq jobs not triggering Elasticsearch index updates (#24046 )	2 years ago
Jean byroot Boussier	08c2938b4a	Upgrade to latest redis-rb 4.x and fix deprecations (#23616 ) Co-authored-by: Jean Boussier <jean.boussier@gmail.com>	2 years ago
Jamie Hoyle	8f81dba434	Added support for specifying S3 storage classes in environment (#22480 )	2 years ago
Eugen Rochko	d08bd66f42	Change rate limits to 1,500/5m per user, 300/5m per app (#23347 )	2 years ago
luzpaz	11b7735fb3	Fix typos in source documentation (#21046 ) Fixed 2 source comment/documentation typos	2 years ago
Claire	c863f76a62	Add logging for Rails cache timeouts (#21667 ) * Reduce redis cache store connect timeout from default 20 seconds to 5 seconds * Log cache store errors	2 years ago
Claire	d5fad31a45	Add form-action CSP directive (#20781 )	2 years ago
trwnh	2e118aa0e6	Add missing admin scopes (fix #20892 ) (#20918 )	2 years ago
Eugen Rochko	c0b3ebd307	Fix wrong directive `unsafe-wasm-eval` to `wasm-unsafe-eval` (#20729 )	2 years ago
prplecake	a4f1043bb3	Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP (#20606 ) * Add "unsafe-eval" to script-src CSP * Use 'unsafe-wasm-eval' instead of 'unsafe-eval'	2 years ago
Eugen Rochko	e18c8537e6	Fix rate limiting for paths with formats (#20675 )	2 years ago
Matt Corallo	88b46d0a8f	Add `Cache-Control` header to openstack-stored files (#20610 ) When storing files in S3, paperclip is configured with a Cache-Control header indicating the file is immutable, however no such header was added when using OpenStack storage. Luckily Paperclip's fog integration makes this trivial, with a simple `fog_file` `Cache-Control` default doing the trick.	2 years ago
David Hewitt	df557906fb	Allow unsetting x-amz-acl S3 Permission headers (#20510 ) Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent. This is tested as working with Cloudflare R2.	2 years ago
prplecake	d870657f80	Add "unsafe-eval" to script-src CSP (#18817 )	2 years ago
Eugen Rochko	d53e1fc6d9	Fix vacuum scheduler missing lock, locks never expiring (#19458 ) Remove vacuuming of orphaned preview cards	2 years ago
Eugen Rochko	a593188ded	Add user content translations with configurable backends (#19218 )	2 years ago
Eugen Rochko	ecddc06474	Change "Allow trends without prior review" setting to include statuses (#17977 ) * Change "Allow trends without prior review" setting to include posts * Fix i18n-tasks	2 years ago
Jeong Arm	30113597e5	Support "http_hidden_proxy" ENV var for hidden service only proxy (#18427 ) * Support "http_hidden_proxy" ENV var for hidden service only proxy * Fallback to http_proxy if http_hidden_proxy is not set	2 years ago
Eugen Rochko	38d04135bf	Change how hashtags are normalized (#18795 ) * Change how hashtags are normalized * Fix tests	2 years ago
Claire	45a777f9d8	Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored (#18568 )	2 years ago
Eugen Rochko	89d4d6fd3b	Fix confirmation redirect to app without `Location` header (#18523 )	2 years ago
Eugen Rochko	f4cab3ebad	Change search indexing to use batches to minimize resource usage (#18451 )	3 years ago
Eugen Rochko	a8e694233c	Fix opening and closing Redis connections instead of using a pool (#18171 ) * Fix opening and closing Redis connections instead of using a pool * Fix Redis connections not being returned to the pool in CLI commands	3 years ago
Claire	2d9ef045c5	Fix stoplight not using REDIS_NAMESPACE (#18160 )	3 years ago
Eugen Rochko	553889bc7c	Fix single Redis connection being used across all threads (#18135 ) * Fix single Redis connection being used across all Sidekiq threads * Fix tests	3 years ago
Eugen Rochko	b7a6bba0b7	Fix cookies secure flag being set when served over Tor (#17992 )	3 years ago
Holger	fb3fc6cab4	fix: `s3_force_single_request` not parsed (#17922 )	3 years ago
Eugen Rochko	5a7219e532	Refactor formatter (#17828 ) * Refactor formatter * Move custom emoji pre-rendering logic to view helpers * Move more methods out of Formatter * Fix code style issues * Remove Formatter * Add inline poll options to RSS feeds * Remove unused helper method * Fix code style issues * Various fixes and improvements * Fix test	3 years ago
Claire	c3551f4f80	Fix PgHero suggesting migrations (#17807 ) * Fix PgHero suggesting migrations Fixes #17768 * Keep migration suggestions in development env	3 years ago
Yamagishi Kazutoshi	1d96010836	Fix LetterOpennerWeb CSP (#17770 )	3 years ago

1 2 3 4 5 ...

407 Commits (9203ab410c09efbd9facf202f2570cdd0def8de0)