21fb3f3684
Drop dependency on secure_headers, fix response headers ( #15712 )
...
* Drop dependency on secure_headers, use always_write_cookie instead
* Fix cookies in Tor Hidden Services by moving configuration to application.rb
* Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
4 years ago
eb23f98592
Fixed issue with .env.vagrant not setting RAILS_ENV variable ( #15709 )
...
* Fixed issue with .env.vagrant not setting RAILS_ENV variable
* made change to fix RAILS_ENV issue in Vagrantfile instead of .env.vagrant
4 years ago
08ae116dc6
Fixed WebUI crash when a status opened in the media modal is deleted ( #15701 )
...
* Fixed picture in picture compatibility error in WebUI when status is deleted
* Revert "Fixed picture in picture compatibility error in WebUI when status is deleted"
This reverts commit f003b7d9d88688e9504f7dfae1545d7522fcfd98.
* Close the modal display of the image when status is deleted
* Fixed the case statement before the default statement
* Removed unnecessary parts
4 years ago
01e44b886d
Downgrade bootsnap to 1.6.0 ( #15711 )
...
* Revert "Bump bootsnap from 1.5.1 to 1.7.1 (#15669 )"
This reverts commit c3d1b7a2f5
4 years ago
ba8039d024
Bump react-textarea-autosize from 8.3.0 to 8.3.1 ( #15708 )
...
Bumps [react-textarea-autosize](https://github.com/Andarist/react-textarea-autosize ) from 8.3.0 to 8.3.1.
- [Release notes](https://github.com/Andarist/react-textarea-autosize/releases )
- [Changelog](https://github.com/Andarist/react-textarea-autosize/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Andarist/react-textarea-autosize/compare/v8.3.0...v8.3.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
71a3d4e243
Bump @rails/ujs from 6.1.1 to 6.1.2 ( #15698 )
...
Bumps [@rails/ujs](https://github.com/rails/rails ) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v6.1.1...v6.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
81d3bbb91d
Bump eslint-plugin-promise from 4.2.1 to 4.3.1 ( #15707 )
...
Bumps [eslint-plugin-promise](https://github.com/xjamundx/eslint-plugin-promise ) from 4.2.1 to 4.3.1.
- [Release notes](https://github.com/xjamundx/eslint-plugin-promise/releases )
- [Changelog](https://github.com/xjamundx/eslint-plugin-promise/blob/development/CHANGELOG.md )
- [Commits](https://github.com/xjamundx/eslint-plugin-promise/compare/v4.2.1...v4.3.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
02799860ac
Bump sass from 1.32.5 to 1.32.7 ( #15697 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.32.5 to 1.32.7.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.32.5...1.32.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
b79e118866
Bump css-loader from 5.0.1 to 5.0.2 ( #15700 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.0.1...v5.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
3434982d56
Bump mini-css-extract-plugin from 1.3.5 to 1.3.6 ( #15699 )
...
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin ) from 1.3.5 to 1.3.6.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.3.5...v1.3.6 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
c06cd499a6
Bump @babel/plugin-transform-runtime from 7.12.10 to 7.12.15 ( #15673 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.12.10 to 7.12.15.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.12.15/packages/babel-plugin-transform-runtime )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
3fcc6b9aff
Bump rubocop from 1.8.1 to 1.9.1 ( #15677 )
...
* Bump rubocop from 1.8.1 to 1.9.1
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 1.8.1 to 1.9.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.8.1...v1.9.1 )
Signed-off-by: dependabot[bot] <support@github.com>
* Fix .codeclimate.yml
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
4 years ago
69c1889a6a
Bump rack-attack from 6.4.0 to 6.5.0 ( #15671 )
...
Bumps [rack-attack](https://github.com/rack/rack-attack ) from 6.4.0 to 6.5.0.
- [Release notes](https://github.com/rack/rack-attack/releases )
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rack/rack-attack/compare/v6.4.0...v6.5.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
4fb7dc3f58
Bump @babel/core from 7.12.10 to 7.12.13 ( #15678 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.12.10 to 7.12.13.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.12.13/packages/babel-core )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
e07d5c708f
Bump @testing-library/react from 11.2.3 to 11.2.5 ( #15680 )
...
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library ) from 11.2.3 to 11.2.5.
- [Release notes](https://github.com/testing-library/react-testing-library/releases )
- [Changelog](https://github.com/testing-library/react-testing-library/blob/master/CHANGELOG.md )
- [Commits](https://github.com/testing-library/react-testing-library/compare/v11.2.3...v11.2.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
5dd76ca30e
Bump redis-namespace from 1.8.0 to 1.8.1 ( #15676 )
...
Bumps [redis-namespace](https://github.com/resque/redis-namespace ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/resque/redis-namespace/releases )
- [Changelog](https://github.com/resque/redis-namespace/blob/master/CHANGELOG.md )
- [Commits](https://github.com/resque/redis-namespace/compare/v1.8.0...v1.8.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
404fd8918c
Bump json-ld from 3.1.7 to 3.1.8 ( #15674 )
...
Bumps [json-ld](https://github.com/ruby-rdf/json-ld ) from 3.1.7 to 3.1.8.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases )
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.7...3.1.8 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
7ec3a9a735
Bump pkg-config from 1.4.4 to 1.4.5 ( #15672 )
...
Bumps [pkg-config](https://github.com/ruby-gnome/pkg-config ) from 1.4.4 to 1.4.5.
- [Release notes](https://github.com/ruby-gnome/pkg-config/releases )
- [Changelog](https://github.com/ruby-gnome/pkg-config/blob/master/NEWS )
- [Commits](https://github.com/ruby-gnome/pkg-config/compare/1.4.4...1.4.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
c3d1b7a2f5
Bump bootsnap from 1.5.1 to 1.7.1 ( #15669 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.5.1 to 1.7.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.5.1...v1.7.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
cf2d158fd7
Bump eslint from 7.18.0 to 7.19.0 ( #15655 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 7.18.0 to 7.19.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.18.0...v7.19.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
fdb39ea7cb
Bump @babel/preset-react from 7.12.10 to 7.12.13 ( #15681 )
...
Bumps [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react ) from 7.12.10 to 7.12.13.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.12.13/packages/babel-preset-react )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
7927959d8f
fix typo ( #15705 )
4 years ago
e79f8dd85c
Onion service related changes to HTTPS handling ( #15560 )
...
* Enable secure cookie flag for https only
* Disable force_ssl for .onion hosts only
Co-authored-by: Aiden McClelland <me@drbonez.dev>
4 years ago
d499bb031f
Use custom mascot on static share page ( #15687 )
...
* Use custom mascot on static share page
* Use full_asset_url
4 years ago
6feaad33f2
Fix obsolete digitalocean.rake file breaking rake tasks ( #15618 )
4 years ago
be3b9f8151
Fix URI of repeat follow requests not being recorded ( #15662 )
...
* Fix URI of repeat follow requests not being recorded
In case we receive a “repeat” or “duplicate” follow request, we automatically
fast-forward the accept with the latest received Activity `id`, but we don't
record it.
In general, a “repeat” or “duplicate” follow request may happen if for some
reason (e.g. inconsistent handling of Block or Undo Accept activities, an
instance being brought back up from the dead, etc.) the local instance thought
the remote actor were following them while the remote actor thought otherwise.
In those cases, the remote instance does not know about the older Follow
activity `id`, so keeping that record serves no purpose, but knowing the most
recent one is useful if the remote implementation at some point refers to it
by `id` without inlining it.
* Add tests
4 years ago
f5fefdc11a
Slightly reorder three dots menu on toots to make it more intuitive ( #15647 )
...
* Slightly reorder three dots menu on toots to make it more intuitive
- Make “Pin to profile” always appear at the same place
- Add separator to group “Bookmark” and “Pin to profile”
- Fix separator being the first item in some cases
* Fix missing semicolon and keep status_action_bar.js and action_bar.js in sync
4 years ago
07b46cb332
Add dropdown for boost privacy in boost confirmation modal ( #15704 )
...
* Various dropdown code quality fixes
* Prepare support for privacy selection in boost modal
* Add dropdown for boost privacy in boost confirmation modal
4 years ago
8b8c6726ce
Bump @babel/preset-env from 7.12.11 to 7.12.13 ( #15682 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.12.11 to 7.12.13.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.12.13/packages/babel-preset-env )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
9962d5c237
Bump pghero from 2.7.3 to 2.7.4 ( #15668 )
...
Bumps [pghero](https://github.com/ankane/pghero ) from 2.7.3 to 2.7.4.
- [Release notes](https://github.com/ankane/pghero/releases )
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/pghero/compare/v2.7.3...v2.7.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
0a630a1bc3
Bump aws-sdk-s3 from 1.87.0 to 1.88.0 ( #15667 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.87.0 to 1.88.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
acdeb162b8
Create instance actor if it hasn't been properly seeded ( #15693 )
...
An uncommon but somewhat difficult to digagnose issue is dealing with
improperly-seeded databases. In such cases, instance-signed fetches will
fail with a ActiveRecord::RecordNotFound error, usually caught and handled
as generic 404, leading people to think the remote resource itself has not
been found, while it's the local instance actor that does not exist.
This commit changes the code so that failure to find the instance actor
automatically creates a new one, so that improperly-seeded databases do
not cause any issue.
4 years ago
acf1842896
Change max. image dimensions to 1920x1080px (1080p) ( #15690 )
...
* Change max. image size to 1920x1080px
* Change it in web UI too
4 years ago
4e933924bd
Update Doorkeeper strings for `doorkeeper.errors.messages.invalid_request` ( #15659 )
...
* Update Doorkeeper strings for doorkeeper.errors.messages.invalid_request
Signed-off-by: marcin mikołajczak <me@mkljczk.pl>
* Update config/locales/doorkeeper.en.yml
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
4 years ago
1d96bf9f43
Bump oj from 3.11.1 to 3.11.2 ( #15657 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.11.1 to 3.11.2.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.11.1...v3.11.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
b8aed2d255
Bump fastimage from 2.2.1 to 2.2.2 ( #15651 )
...
Bumps [fastimage](https://github.com/sdsykes/fastimage ) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/sdsykes/fastimage/releases )
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.1...v2.2.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
fd7f4056af
Bump mini-css-extract-plugin from 1.3.4 to 1.3.5 ( #15654 )
...
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.3.4...v1.3.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
2620e2cfa3
Bump webmock from 3.11.1 to 3.11.2 ( #15650 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.11.1 to 3.11.2.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.11.1...v3.11.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
b109df0e2c
Bump capybara from 3.34.0 to 3.35.3 ( #15649 )
...
Bumps [capybara](https://github.com/teamcapybara/capybara ) from 3.34.0 to 3.35.3.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/3.34.0...3.35.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
ab39d5fda5
Bump chewy from 5.1.0 to 5.2.0 ( #15648 )
...
Bumps [chewy](https://github.com/toptal/chewy ) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/toptal/chewy/releases )
- [Changelog](https://github.com/toptal/chewy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/toptal/chewy/compare/v5.1.0...v5.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
a044ddac5b
Fix race conditions on account migration creation ( #15597 )
...
* Atomically check for processing lock in Move handler
* Prevent race condition when creating account migrations
Fixes #15595
* Add tests
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
c8d11b8bdb
Fixed code quality issues ( #15541 )
...
* Added .deepsource.toml
* Removed bad use of `alias`
* Fixed operand order in the binary expression
* Prefixed unused method arguments with an underscore
* Replaced the old OpenSSL algorithmic constants with the newer strings initializers.
* Removed unnecessary UTF-8 encoding comment
4 years ago
3efa0c54b6
Change custom emoji to be animated when hovering container ( #15637 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
7ab53f221a
Improved performance of notification preloading ( #15640 )
...
* Improved performance of notification preloading
* Remove Cacheable from Notification
* Fix test
4 years ago
c8c764dd8b
Fix N+1 query when rendering with StatusSerializer ( #15641 )
4 years ago
eb0f9e3159
Bump rubocop from 1.7.0 to 1.8.1 ( #15573 )
...
* Bump rubocop from 1.7.0 to 1.8.1
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 1.7.0 to 1.8.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.7.0...v1.8.1 )
Signed-off-by: dependabot[bot] <support@github.com>
* Fix .codeclimate.yml
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
4 years ago
13d5b81579
Fix “tootctl accounts unfollow” ( #15639 )
...
Fixes #15635
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
b4281f5a51
Update to Node.js-12.20.1 ( #15558 )
...
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
4 years ago
2319e85a8a
Fix react/jsx-no-duplicate-props ( #15636 )
4 years ago
38f5631588
Bump sidekiq from 6.1.2 to 6.1.3 ( #15621 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.1.2 to 6.1.3.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.2...v6.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Claire
chandrn7
kaias1jp
dependabot[bot]
Takeshi Umeda
Cecylia Bocovich
Jeong Arm
Mélanie Chauvel
Eugen Rochko
Marcin Mikołajczak
ThibG
Shubhendra Singh Chauhan
abcang
Daniel Jakots