Commit graph

5370 commits

Author SHA1 Message Date
Yuto Tokunaga
5eea3f9877 fix #6846 (#6914) 2018-03-27 12:30:28 +02:00
unarist
0fb7252ac4 Add a spec for UniqueUsernameValidator (#6927)
Note that this spec has a pending test about dots in the username,
because allowing it has been reverted for now.
2018-03-27 05:22:58 +02:00
Eugen Rochko
ebba6fb7f5 Fix UniqueUsernameValidator comparison (#6926)
Comparison was downcasing only one side, therefore if previously
existing account had a non-lowercase spelling, it would be ignored
when checking for duplicates.

New rake task `mastodon:maintenance:find_duplicate_usernames` will
help find constraint violations that might have occured from the
presence of this bug.

Bump version to 2.3.3
2018-03-27 04:33:57 +02:00
Akihiko Odaki
acece7a2e6 Validate HTTP response length while receiving (#6891)
to_s method of HTTP::Response keeps blocking while it receives the whole
content, no matter how it is big. This means it may waste time to receive
unacceptably large files. It may also consume memory and disk in the
process. This solves the inefficency by checking response length while
receiving.
2018-03-26 14:02:10 +02:00
Stephen Burgess
f9e88856e3 feat(ShowMore): Add classname to show more/show less button (#6904) 2018-03-26 13:59:44 +02:00
Yuto Tokunaga
480131a376 Refactor scss (#6913)
* Refactoring scss

introduce scss variables for the media modal
fix css block structure corresponding to react components
fix flex layouts
remove background image of the loaded image on the media modal

* Fix typo
2018-03-26 13:59:21 +02:00
unarist
351203118c Fix moved account handling in IndexedDB feature (#6915)
* Fix stack overflow on importFetchedAccounts

  When the account has moved property, it should process destination
  account instead of source account itself.

* Set account id instead of account object for moved property

  This restores "foo has moved to" indication on account view, and
  fixes `reblog` index on `accounts` object store.
2018-03-26 12:48:01 +02:00
Yann Klis
740f44ecc4 Missing OTP_SECRET in scalingo.json (#6917) 2018-03-26 12:47:34 +02:00
Marcin Mikołajczak
29dfe740f6 i18n: Update Polish translation (#6903)
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-03-25 23:33:07 +09:00
Akihiko Odaki
9eaa47845c Allow clients to fetch notifications made while they were offline (#6886) 2018-03-24 22:07:23 +01:00
Akihiko Odaki
34cb1a5461 Allow clients to fetch statuses made while they were offline (#6876) 2018-03-24 15:25:15 +01:00
Akihiko Odaki
42786040d1 Rename variables to have semantic meanings in notifications reducer (#6890) 2018-03-24 13:36:44 +01:00
Akihiko Odaki
43f2b0281d Store objects to IndexedDB (#6826) 2018-03-24 13:06:27 +01:00
Yamagishi Kazutoshi
6daa722e87 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
This reverts commit d35272245e.
2018-03-24 12:52:45 +01:00
Akihiko Odaki
47d2277ef1 Show media modal on public pages (#6801) 2018-03-24 12:52:26 +01:00
Marcin Mikołajczak
3386112fb1 Change “Toots with replies” to “Toots and replies” (#6875)
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-03-24 12:51:51 +01:00
Akihiko Odaki
472fba6771 Change columns in notifications nonnullable (#6764) 2018-03-24 12:51:28 +01:00
Akihiko Odaki
9125608145 Note if the user is already following the target when authorizing follow (#6325) 2018-03-24 12:50:41 +01:00
Jeroen
0bedd0bb45 Invites: Add '1 week' as expire option (#6872)
* Invites: Add '1 week' as expire option

IMO a max. of 1 day is too short. Not everyone has the time and motivation to use an invite in a 24 hour period. 1 week as a max. is I think a good compromise between convenience and security.

* Invites: Add '1 week' as expire option

IMO a max. of 1 day is too short. Not everyone has the time and motivation to use an invite in a 24 hour period. 1 week as a max. is I think a good compromise between convenience and security.

* Update en.yml
2018-03-24 12:50:14 +01:00
Akihiko Odaki
11c19f6cc9 Close http connection in perform method of Request class (#6889)
HTTP connections must be explicitly closed in many cases, and letting
perform method close connections makes its callers less redundant and
prevent them from forgetting to close connections.
2018-03-24 12:49:54 +01:00
Akihiko Odaki
e8a1d0b4d4 Internationalize unexpected error message (#6887) 2018-03-24 10:54:19 +01:00
Yamagishi Kazutoshi
ed074766aa Weblate translations (2018-03-23) (#6874)
* Translated using Weblate (Galician)

Currently translated at 100.0% (587 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/gl/

* Translated using Weblate (Dutch)

Currently translated at 100.0% (587 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/nl/

* Translated using Weblate (Catalan)

Currently translated at 100.0% (587 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ca/

* Translated using Weblate (Arabic)

Currently translated at 76.4% (449 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/

* Translated using Weblate (Japanese)

Currently translated at 99.8% (586 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ja/

* Translated using Weblate (Slovak)

Currently translated at 92.3% (542 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/

* Translated using Weblate (Slovak)

Currently translated at 92.3% (542 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/

* Translated using Weblate (Slovak)

Currently translated at 100.0% (58 of 58 strings)

Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/sk/

* Translated using Weblate (Polish)

Currently translated at 98.9% (581 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/pl/

* Translated using Weblate (French)

Currently translated at 99.6% (585 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/fr/

* Translated using Weblate (Portuguese (Brazil))

Currently translated at 99.8% (586 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/pt_BR/

* Translated using Weblate (Catalan)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ca/

* bundle exec i18n-tasks normalize && yarn manage:translations
2018-03-24 01:04:02 +01:00
Quentí
a8c2ce486f [i18n] Occitan update (#6869)
* Update oc.yml

* Update simple_form.oc.yml

* Update oc.json

* Update oc.yml

* bundle exec i18n-tasks normalize
2018-03-23 18:52:25 +09:00
Eugen Rochko
3939ca8a33 Bump version to 2.3.2 2018-03-22 14:13:46 +01:00
Eugen Rochko
f4ef86a334 Bump version to 2.3.2rc5 2018-03-22 11:31:52 +01:00
Eugen Rochko
6383580e6f Do not re-query mentions from serializers (#6858)
Fix performance regression from #6836
2018-03-22 11:31:17 +01:00
Eugen Rochko
f4e8e39c99 Restore username validation to disallow dots, for now (#6863)
Usernames with dots in them do not work with routes, because the dot usually separates the desired page format (e.g. json). I don't want to mess with changing route constraints for this patch release.
2018-03-22 11:30:22 +01:00
ThibG
7d7a725e82 Fix MENTION_RE to not match nil usernames (#6862) 2018-03-22 10:45:48 +01:00
Eugen Rochko
692d03239b Hide floating action button on thread views (#6859) 2018-03-22 09:33:14 +01:00
Patrick Figel
e62904bcba Update sanitize and loofah (#6855)
Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS
vulnerabilities present in these gems when built against
libxml2 >= 2.9.2.
2018-03-21 17:43:28 +01:00
Eugen Rochko
53b1100144 Permit dots in usernames with conditions (#6844)
* Permit dots in usernames with conditions

- Dot cannot be the start or end of username
- a.lice and al.ice are considered the same during sign-up

* Fix regex mixin flags
2018-03-21 10:26:53 +01:00
Akihiko Odaki
dbd18c5cfe Remove debug option from Babel preset env (#6852) 2018-03-21 10:26:15 +01:00
Eugen Rochko
8ccf42c149 Bump version to 2.3.2rc4 2018-03-20 23:49:24 +01:00
Eugen Rochko
59b3b38b0e Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env (#6845)
Fix #6816, fix #6790
2018-03-20 19:41:51 +01:00
Akihiko Odaki
a4d7afa3d9 Fix i18n fallback configuration conflicts with environment configurations (#6843) 2018-03-20 16:36:20 +01:00
Eugen Rochko
ab96a9ff11 Use username/domain to match existing accounts in ActivityPub (#6842)
See also: #6837, #6667
2018-03-20 14:57:46 +01:00
ThibG
ca370217ad Cancel outdated pending compose suggestions (#6838) 2018-03-20 12:40:12 +01:00
Rey Tucker
4c91be94d3 request: in the event of failure, try other IPs (#6761) (#6813)
* request: in the event of failure, try other IPs (#6761)

In the case where a name has multiple A/AAAA records, we should
try subsequent records instead of immediately failing when we have a
failure on the first IP address.

This significantly improves delivery success when there are network
connectivity problems affecting only IPv4 or IPv6.

* fix method call style

* request_spec: adjust test case to use Addrinfo

* request: Request/open: move private addr check to within begin/rescue

* request_spec: add case to test failover, fix exception check

* Double Addrinfo.foreach so that it correctly yields instances
2018-03-20 09:06:08 +01:00
ThibG
99790407e2 Serialize mentions in the order they are added (#6836)
Up until now, the order seemed to be in the *opposite* order,
which caused the WebUI to populate mentions in reversed order
when replying to toots local to one's instance.
2018-03-19 20:19:35 +01:00
ThibG
c4c87b8ee8 Display content warning in mail notification emails (#6832) 2018-03-19 20:12:20 +01:00
Alexander
af08f6042d rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) (#6833) 2018-03-19 20:09:26 +01:00
Alexander
4fc9827b69 bugfixes and gem update (#6831)
* update to new version of devise_pam_authenticatable2

* fix behaviour if suffix is nil, fix environment loading, fix user email creation

* code cleanup/fix linter warning
2018-03-19 20:08:56 +01:00
ThibG
720a45e99f Fix e-mail changed notification (fixes #6778) (#6835)
In Devise::Mailer#email_changed, the new email might be in the email attr.
See: https://github.com/plataformatec/devise/blob/master/app/views/devise/mailer/email_changed.html.erb
2018-03-19 20:07:47 +01:00
Renato "Lond" Cerqueira
9bdedcfa48 Weblate translations 20180319 (#6827)
* Translated using Weblate (Portuguese (Brazil))

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/pt_BR/

* Translated using Weblate (Spanish)

Currently translated at 99.6% (579 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/es/

* Translated using Weblate (Spanish)

Currently translated at 100.0% (58 of 58 strings)

Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/es/

* Translated using Weblate (Japanese)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ja/

* Translated using Weblate (French)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fr/

* Translated using Weblate (Spanish)

Currently translated at 100.0% (58 of 58 strings)

Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/es/

* Translated using Weblate (Indonesian)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/

* Translated using Weblate (Spanish)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/es/

* Translated using Weblate (Indonesian)

Currently translated at 94.6% (71 of 75 strings)

Translation: Mastodon/Doorkeeper
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/doorkeeper/id/

* Translated using Weblate (Indonesian)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/

* Translated using Weblate (Arabic)

Currently translated at 100.0% (62 of 62 strings)

Translation: Mastodon/Devise
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/devise/ar/

* Translated using Weblate (Indonesian)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/id/

* Translated using Weblate (Dutch)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/nl/

* Translated using Weblate (Arabic)

Currently translated at 75.5% (439 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/

* Translated using Weblate (Arabic)

Currently translated at 76.2% (443 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/

* Translated using Weblate (Russian)

Currently translated at 95.8% (557 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ru/

* Translated using Weblate (Finnish)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fi/

* Translated using Weblate (Slovak)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/sk/

* Translated using Weblate (Slovak)

Currently translated at 91.7% (533 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/

* Translated using Weblate (Dutch)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/nl/

* Translated using Weblate (Spanish)

Currently translated at 99.8% (580 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/es/

* Translated using Weblate (Finnish)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fi/

* Translated using Weblate (Slovak)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/sk/

* Translated using Weblate (Spanish)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/es/

* Translated using Weblate (Swedish)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/sv/

* Translated using Weblate (Finnish)

Currently translated at 93.1% (54 of 58 strings)

Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/fi/

* Translated using Weblate (Arabic)

Currently translated at 76.7% (446 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/

* Translated using Weblate (Slovak)

Currently translated at 93.2% (542 of 581 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/

* Translated using Weblate (Arabic)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ar/

* Normalize translations
Ran i18n-tasks normalize && yarn manage:translations
2018-03-19 15:12:06 +01:00
Eugen Rochko
fd86b58568 Bump version to 2.3.2rc3 2018-03-19 12:20:57 +01:00
Eugen Rochko
f0bc8e8a89 Ignore media validation when attaching to status during processing (#6822)
Fix #6821
2018-03-19 01:51:19 +01:00
Eugen Rochko
b95c3ef3ee Revert #6479, hide sensitive text/images from OpenGraph previews (#6818)
Display summary of attachments in description, and mark up content
warning if present, e.g.:

    Attached: 3 images · Content warning: Dota 2

When text is not supposed to be hidden, it looks more like:

    Attached: 3 images

    Here is the text of the toot

With #6817, multilinguagility should be assured...
2018-03-18 20:33:07 +01:00
Eugen Rochko
6d00359015 Fix elephant graphic being draggable and selectable (#6819) 2018-03-18 20:32:44 +01:00
Eugen Rochko
77badbc85a If DEFAULT_LOCALE is set, enforce it instead of HTTP request locale (#6817)
Fix #6784
2018-03-18 16:57:04 +01:00
Akihiko Odaki
cabb197337 Synchronize HTML page cache with sessions (#6815) 2018-03-18 15:14:38 +01:00