Commit graph

14520 commits

Author SHA1 Message Date
Claire
3d8a884f06 Fix background-color of emoji-mart selector (#17011)
Reverts part of #16907 to fix hardcoded color
2021-11-19 18:21:37 +01:00
Takeshi Umeda
869faf5f87 Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)
* Bump chewy from 5.2.0 to 7.2.2

* fix style (codeclimate)

* fix style

* fix style

* Bump chewy from 7.2.2 to 7.2.3
2021-11-18 22:02:08 +01:00
Mashiro
3cb518dcb4 Add lazy load to emoji-mart (#16907)
* perf: lazyload emoji-mart!

* Bump lazyload
2021-11-18 22:01:31 +01:00
Shlee
1b575f8aed Update Dockerfile (#16939) 2021-11-18 22:00:38 +01:00
Shlee
ef5eb1c89e [Docker-Compose] [Breaking] Postgres 9.6 is EOL (11th Nov 2021) - Migrate to 14 Stable (#16947)
* Update docker-compose.yml

* Update docker-compose.yml

* Update docker-compose.yml

* Update docker-compose.yml
2021-11-18 22:00:27 +01:00
Shlee
0e747afd34 Ruby 3.0.2 Upgrade (#16982)
* Update .ruby-version

* Update Gemfile

* Update Gemfile.lock

* Update Dockerfile

* Update check-i18n.yml

* Update config.yml

* Update config.yml
2021-11-18 21:59:57 +01:00
Shlee
6566ab621e [Dockerfile] Upgrade ElasticSearch-OSS 6.8.10 to 7.10.2 (#16956)
* Update docker-compose.yml

* Update docker-compose.yml

* Update docker-compose.yml
2021-11-18 21:59:34 +01:00
dependabot[bot]
ee5a645091 Bump aws-sdk-s3 from 1.105.1 to 1.106.0 (#17001)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.105.1 to 1.106.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:44:23 +09:00
dependabot[bot]
3ea9d6f0d1 Bump mime-types from 3.4.0 to 3.4.1 (#17002)
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases)
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/History.md)
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.4.0...v3.4.1)

---
updated-dependencies:
- dependency-name: mime-types
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:44:08 +09:00
dependabot[bot]
135d6235ec Bump eslint-plugin-jsx-a11y from 6.4.1 to 6.5.1 (#16993)
Bumps [eslint-plugin-jsx-a11y](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y) from 6.4.1 to 6.5.1.
- [Release notes](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/releases)
- [Changelog](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/compare/v6.4.1...v6.5.1)

---
updated-dependencies:
- dependency-name: eslint-plugin-jsx-a11y
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:42:12 +09:00
dependabot[bot]
99d33d0c03 Bump letter_opener_web from 1.4.1 to 2.0.0 (#16960)
Bumps [letter_opener_web](https://github.com/fgrehm/letter_opener_web) from 1.4.1 to 2.0.0.
- [Release notes](https://github.com/fgrehm/letter_opener_web/releases)
- [Changelog](https://github.com/fgrehm/letter_opener_web/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fgrehm/letter_opener_web/compare/v1.4.1...v2.0.0)

---
updated-dependencies:
- dependency-name: letter_opener_web
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:20:31 +09:00
dependabot[bot]
1b659a2545 Bump eslint-plugin-import from 2.25.2 to 2.25.3 (#16995)
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import) from 2.25.2 to 2.25.3.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases)
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md)
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.25.2...v2.25.3)

---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:08:10 +09:00
dependabot[bot]
a6b42b9bcf Bump @babel/runtime from 7.16.0 to 7.16.3 (#16994)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.16.0 to 7.16.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.3/packages/babel-runtime)

---
updated-dependencies:
- dependency-name: "@babel/runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:07:56 +09:00
dependabot[bot]
5d8ea35cde Bump eslint-plugin-react from 7.26.1 to 7.27.0 (#16992)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.26.1 to 7.27.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.26.1...v7.27.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-react
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:07:15 +09:00
dependabot[bot]
828526c1d7 Bump mime-types from 3.3.1 to 3.4.0 (#16991)
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases)
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/History.md)
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.3.1...v3.4.0)

---
updated-dependencies:
- dependency-name: mime-types
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:58 +09:00
dependabot[bot]
1d4951d667 Bump sprockets-rails from 3.2.2 to 3.4.0 (#16990)
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails) from 3.2.2 to 3.4.0.
- [Release notes](https://github.com/rails/sprockets-rails/releases)
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.2...v3.4.0)

---
updated-dependencies:
- dependency-name: sprockets-rails
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:40 +09:00
dependabot[bot]
eedf774202 Bump rubocop from 1.22.3 to 1.23.0 (#16989)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.22.3 to 1.23.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.22.3...v1.23.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:26 +09:00
Shlee
2abb53ee23 [Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. (#16856)
* [Security] Update NodeJS on docker.

https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/

* Update Dockerfile

* Upgrade npm package

* Update Dockerfile
2021-11-17 07:57:01 +01:00
Eugen Rochko
c32e5f820d Add manual GitHub Actions runs (#17000) 2021-11-16 21:42:14 +01:00
Claire
ef730593f4 Fix upload of remote media with OpenStack Swift sometimes failing (#16998)
Under certain conditions, files fetched from remotes trigger an error when
being uploaded using OpenStack Swift. This is because in some cases, the
remote server will not return a content-length, so our ResponseWithLimitAdapter
will hold a `nil` value for `#size`, which will lead to an invalid value
for the Content-Length header of the Swift API call.

This commit fixes that by taking the size from the actually-downloaded file
size rather than the upstream-provided Content-Length header value.
2021-11-16 21:36:28 +01:00
Claire
701472d1fc Fix confusing error when webfinger request returns empty document (#16986)
For some reason, some misconfigured servers return an empty document when
queried over webfinger. Since an empty document does not lead to a parse
error, the error is not caught properly and triggers uncaught exceptions
later on.

This PR fixes that by immediately erroring out with `Webfinger::Error` on
getting an empty response.
2021-11-14 21:55:40 +01:00
Eugen Rochko
fc187cefdf Change workflow to push to Docker Hub (#16980) 2021-11-14 06:11:05 +01:00
Eugen Rochko
1bf6ec3325 Fix no link previews being generated for pages with invalid structured data (#16979)
Fix #16955
2021-11-13 23:07:13 +01:00
dependabot[bot]
4bfa20bd83 Bump react-select from 5.1.0 to 5.2.1 (#16967)
Bumps [react-select](https://github.com/JedWatson/react-select) from 5.1.0 to 5.2.1.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@5.1.0...react-select@5.2.1)

---
updated-dependencies:
- dependency-name: react-select
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:51:42 +09:00
dependabot[bot]
1b83dee0b7 Bump @testing-library/jest-dom from 5.14.1 to 5.15.0 (#16966)
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.14.1 to 5.15.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.14.1...v5.15.0)

---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:51:07 +09:00
dependabot[bot]
aa395541aa Bump reselect from 4.1.1 to 4.1.2 (#16963)
Bumps [reselect](https://github.com/reduxjs/reselect) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/reduxjs/reselect/releases)
- [Changelog](https://github.com/reduxjs/reselect/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/reselect/compare/v4.1.1...v4.1.2)

---
updated-dependencies:
- dependency-name: reselect
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:49:38 +09:00
dependabot[bot]
732064b0be Bump sidekiq from 6.2.2 to 6.3.1 (#16965)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.2.2 to 6.3.1.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.2...v6.3.1)

---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:48:34 +09:00
dependabot[bot]
0c80690efd Bump webpack-dev-server from 3.11.2 to 3.11.3 (#16964)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.11.2 to 3.11.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/v3.11.3/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.11.2...v3.11.3)

---
updated-dependencies:
- dependency-name: webpack-dev-server
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:46:14 +09:00
Claire
5e63db936e Merge pull request #1632 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2021-11-13 10:41:25 +01:00
dependabot[bot]
b68c8bf341 Bump aws-sdk-s3 from 1.104.0 to 1.105.1 (#16962)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.104.0 to 1.105.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:36:28 +09:00
dependabot[bot]
6f4d419f5e Bump ox from 2.14.5 to 2.14.6 (#16961)
Bumps [ox](https://github.com/ohler55/ox) from 2.14.5 to 2.14.6.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.14.5...v2.14.6)

---
updated-dependencies:
- dependency-name: ox
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:35:52 +09:00
dependabot[bot]
8a1f69b3d8 Bump i18n-tasks from 0.9.34 to 0.9.35 (#16959)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.34 to 0.9.35.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/main/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.34...v0.9.35)

---
updated-dependencies:
- dependency-name: i18n-tasks
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:34:28 +09:00
dependabot[bot]
0f994bac51 Bump idn-ruby from 0.1.2 to 0.1.4 (#16958)
Bumps [idn-ruby](https://github.com/deepfryed/idn-ruby) from 0.1.2 to 0.1.4.
- [Release notes](https://github.com/deepfryed/idn-ruby/releases)
- [Changelog](https://github.com/deepfryed/idn-ruby/blob/master/CHANGES)
- [Commits](https://github.com/deepfryed/idn-ruby/compare/v0.1.2...v0.1.4)

---
updated-dependencies:
- dependency-name: idn-ruby
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:34:00 +09:00
Claire
95073de3ea Merge branch 'main' into glitch-soc/merge-upstream 2021-11-13 09:40:13 +01:00
Claire
fdfcc4fcb7 Fix OpenGraph/LinkedData embeds having incorrectly-generated iframes (#16978) 2021-11-13 03:30:27 +01:00
Jeong Arm
1723b4f6b3 Rename, move, fix code 2021-11-12 19:51:35 +01:00
Jeong Arm
675b222ac5 Fix admin sidebar on Mobile layout 2021-11-12 19:51:35 +01:00
Claire
b5960bd1f2 Fix some glitch-soc styling issues due to different class names
Partial fix to #1629
2021-11-12 16:29:36 +01:00
Yusuke Nakamura
786e5e634c Build container image by GitHub Actions (#16973)
* Build container image by GitHub Actions

* Trigger docker build only pushed to main branch

* Tweak tagging imgae

- "edge" is the main branch
- "latest" is the tagged latest release
2021-11-12 05:18:29 +01:00
Claire
65a727c888 Fix "bundle exec rails mastodon:setup" crashing in some circumstances (#16976)
Fix regression from #16896
2021-11-11 14:00:30 +01:00
Shlee
15ac5f2a2f [CircleCI] Test using Postgres 14 (#16948)
* Update config.yml

* Update config.yml
2021-11-06 17:13:51 +01:00
Eugen Rochko
8925737d2c Forward port version bumps to 3.4.2 and 3.4.3 (#16945)
* Bump version to 3.4.2

* Bump version to 3.4.3
2021-11-06 05:32:14 +01:00
Claire
810f477838 Merge pull request #1628 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2021-11-06 00:33:55 +01:00
Claire
21e3306721 Merge branch 'main' into glitch-soc/merge-upstream 2021-11-06 00:15:38 +01:00
Claire
9e122d774d Fix reviving revoked sessions and invalidating login (#16943)
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.

We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.

In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
  of them

This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
2021-11-06 00:13:58 +01:00
Claire
925adbf7af Fix AccountNote not having a maximum length (#16942) 2021-11-06 00:12:25 +01:00
Eugen Rochko
4dc87ffc06 Add support for structured data and more OpenGraph tags to link cards (#16938)
Save preview cards under their canonical URL

Increase max redirects to follow from 2 to 3
2021-11-05 23:23:05 +01:00
Claire
91bd8b921b Fix handling announcements with links (#16941)
Broken since #15827
2021-11-05 21:14:35 +01:00
Jeong Arm
33110dee93 Fix statuses order in account's statuses admin page (#16937) 2021-11-04 15:49:35 +01:00
dependabot[bot]
27226444d1 Bump @babel/preset-env from 7.15.8 to 7.16.0 (#16923)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.15.8 to 7.16.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-02 22:15:45 +09:00