Commit graph

12048 commits

Author SHA1 Message Date
Yamagishi Kazutoshi
a33f7631e8 Add Security Policy (#13946) 2020-06-03 08:32:23 +02:00
Eugen Rochko
b864e78db8 Add E2EE API (#13820) 2020-06-02 19:24:53 +02:00
ThibG
96844da338 Fix mastodon:setup not running properly when some environment variables are set (#13928)
When using one of the docker-compose containers, mastodon:setup will use the
existing .env.production rather than the generated one during the setup steps.

This is because dotenv does not overwrite env variables that are alreayd
defined, and the docker-compose.yml file loads the environment variables
from .env.production.
2020-06-02 13:57:21 +02:00
Yamagishi Kazutoshi
196bdd3dd7 Fix ref attr for react-textarea-autozsize (#13936) 2020-06-02 03:24:04 +02:00
dependabot-preview[bot]
373a6467c5 Bump react-textarea-autosize from 7.1.2 to 8.0.1 (#13901)
Bumps [react-textarea-autosize](https://github.com/Andarist/react-textarea-autosize) from 7.1.2 to 8.0.1.
- [Release notes](https://github.com/Andarist/react-textarea-autosize/releases)
- [Changelog](https://github.com/Andarist/react-textarea-autosize/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Andarist/react-textarea-autosize/compare/v7.1.2...react-textarea-autosize@8.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 05:13:13 +09:00
dependabot-preview[bot]
a067792fef Bump faker from 2.11.0 to 2.12.0 (#13911)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.11.0...v2.12.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:55:20 +09:00
dependabot-preview[bot]
3740eddcf9 Bump autoprefixer from 9.7.6 to 9.8.0 (#13903)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.6 to 9.8.0.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.6...9.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:55:06 +09:00
dependabot-preview[bot]
0daa00ab51 Bump file-loader from 5.1.0 to 6.0.0 (#13899)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.1.0 to 6.0.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.1.0...v6.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:53:21 +09:00
dependabot-preview[bot]
acab9a4d2f Bump rdf from 3.1.1 to 3.1.2 (#13926)
Bumps [rdf](https://github.com/ruby-rdf/rdf) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/rdf/releases)
- [Changelog](https://github.com/ruby-rdf/rdf/blob/develop/CHANGES.md)
- [Commits](https://github.com/ruby-rdf/rdf/compare/3.1.1...3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:51:16 +09:00
dependabot-preview[bot]
95f0c9ee62 Bump json-ld-preloaded from 3.1.2 to 3.1.3 (#13923)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.2...3.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:50:02 +09:00
dependabot-preview[bot]
b2427601e6 Bump color from 3.1.0 to 3.1.2 (#13917)
Bumps [color](https://github.com/Qix-/color) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/Qix-/color/releases)
- [Commits](https://github.com/Qix-/color/compare/3.1.0...3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:48:12 +09:00
dependabot-preview[bot]
40e10b9b1a Bump tty-screen from 0.7.1 to 0.8.0 (#13915)
Bumps [tty-screen](https://github.com/piotrmurach/tty-screen) from 0.7.1 to 0.8.0.
- [Release notes](https://github.com/piotrmurach/tty-screen/releases)
- [Changelog](https://github.com/piotrmurach/tty-screen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-screen/compare/v0.7.1...v0.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:48:00 +09:00
dependabot-preview[bot]
93e4ccbb70 Bump responders from 3.0.0 to 3.0.1 (#13914)
Bumps [responders](https://github.com/heartcombo/responders) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/heartcombo/responders/releases)
- [Changelog](https://github.com/heartcombo/responders/blob/master/CHANGELOG.md)
- [Commits](https://github.com/heartcombo/responders/compare/v3.0.0...v3.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:46:09 +09:00
dependabot-preview[bot]
f653f8abbb Bump minipass-pipeline from 1.2.2 to 1.2.3 (#13912)
Bumps minipass-pipeline from 1.2.2 to 1.2.3.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:45:11 +09:00
dependabot-preview[bot]
65a6f327ee Bump postgres-date from 1.0.3 to 1.0.5 (#13910)
Bumps [postgres-date](https://github.com/bendrucker/postgres-date) from 1.0.3 to 1.0.5.
- [Release notes](https://github.com/bendrucker/postgres-date/releases)
- [Commits](https://github.com/bendrucker/postgres-date/compare/v1.0.3...v1.0.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:44:46 +09:00
dependabot-preview[bot]
4186a4fdc0 Bump esquery from 1.0.1 to 1.3.1 (#13907)
Bumps [esquery](https://github.com/estools/esquery) from 1.0.1 to 1.3.1.
- [Release notes](https://github.com/estools/esquery/releases)
- [Commits](https://github.com/estools/esquery/compare/v1.0.1...v1.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:44:23 +09:00
dependabot-preview[bot]
8d23ef44ed Bump webpack-bundle-analyzer from 3.7.0 to 3.8.0 (#13909)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.7.0...v3.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:44:10 +09:00
dependabot-preview[bot]
5cdb4c5f4e Bump http-proxy from 1.18.0 to 1.18.1 (#13908)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:43:51 +09:00
dependabot-preview[bot]
628f721b41 Bump eslint-plugin-react from 7.19.0 to 7.20.0 (#13906)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.19.0 to 7.20.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.19.0...v7.20.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:41:37 +09:00
dependabot-preview[bot]
b12446b446 Bump regjsgen from 0.5.1 to 0.5.2 (#13902)
Bumps [regjsgen](https://github.com/bnjmnt4n/regjsgen) from 0.5.1 to 0.5.2.
- [Release notes](https://github.com/bnjmnt4n/regjsgen/releases)
- [Commits](https://github.com/bnjmnt4n/regjsgen/compare/0.5.1...0.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:41:08 +09:00
dependabot-preview[bot]
407ccfe819 Bump node-releases from 1.1.56 to 1.1.57 (#13898)
Bumps [node-releases](https://github.com/chicoxyzzy/node-releases) from 1.1.56 to 1.1.57.
- [Release notes](https://github.com/chicoxyzzy/node-releases/releases)
- [Commits](https://github.com/chicoxyzzy/node-releases/compare/v1.1.56...v1.1.57)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:39:57 +09:00
dependabot-preview[bot]
7b8abf3c2d Bump aws-sigv4 from 1.1.3 to 1.1.4 (#13916)
Bumps [aws-sigv4](https://github.com/aws/aws-sdk-ruby) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sigv4/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/1.1.3...1.1.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:38:52 +09:00
dependabot-preview[bot]
00554f82d2 Bump fugit from 1.3.5 to 1.3.6 (#13918)
Bumps [fugit](https://github.com/floraison/fugit) from 1.3.5 to 1.3.6.
- [Release notes](https://github.com/floraison/fugit/releases)
- [Changelog](https://github.com/floraison/fugit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/floraison/fugit/compare/v1.3.5...v1.3.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:38:29 +09:00
dependabot-preview[bot]
865baecccf Bump @babel/preset-env from 7.9.6 to 7.10.2 (#13920)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.9.6 to 7.10.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.10.2/packages/babel-preset-env)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:37:53 +09:00
dependabot-preview[bot]
80de6dd2c3 Bump coderay from 1.1.2 to 1.1.3 (#13921)
Bumps [coderay](https://github.com/rubychan/coderay) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/rubychan/coderay/releases)
- [Changelog](https://github.com/rubychan/coderay/blob/master/Changes.textile)
- [Commits](https://github.com/rubychan/coderay/compare/v1.1.2...v1.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:37:30 +09:00
dependabot-preview[bot]
c2b157c803 Bump parser from 2.7.1.2 to 2.7.1.3 (#13922)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.2 to 2.7.1.3.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.2...v2.7.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:36:10 +09:00
dependabot-preview[bot]
c5ef1937b9 Bump browser from 4.1.0 to 4.2.0 (#13924)
Bumps [browser](https://github.com/fnando/browser) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v4.1.0...v4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:35:03 +09:00
dependabot-preview[bot]
d5f78355a8 Bump aws-partitions from 1.320.0 to 1.322.0 (#13927)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.320.0 to 1.322.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-02 04:34:11 +09:00
ThibG
07660f22ca Merge pull request #1347 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2020-06-01 19:41:33 +02:00
Christopher Choi
dba59712ca [Glitch] Adjust flash alert contrast for better readability
Port 2b1a6e7597 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-06-01 18:31:45 +02:00
Brian C. Lindner
f8980d714a [Glitch] Allow Ctrl-click to keep EmojiPicker window open
Port f8f195b8c2 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-06-01 18:31:42 +02:00
Thibaut Girka
61f1d4dbbf Merge branch 'master' into glitch-soc/merge-upstream 2020-06-01 18:21:43 +02:00
ariasuni
dfc9dd7c99 Improve appearance of notification cleaning UI
- Use smaller font-size for consistency with the rest of the UI
- Make better use of the horizontal space when available
2020-06-01 12:28:27 +02:00
ThibG
4255757678 Fix admin page crashing when trying to block an invalid domain name (#13884)
* Fix admin page crashing when trying to block an invalid domain name

Fixes #13880

* Fix trailing and leading spaces not being properly stripped for domain blocks
2020-06-01 03:47:20 +02:00
ThibG
0c7a21a38c Fix unsent toot confirmation dialog not popping up in single column (#13888) 2020-05-31 20:38:56 +02:00
Christopher Choi
2b1a6e7597 Adjust flash alert contrast for better readability (#13892) 2020-05-31 20:35:18 +02:00
Brian C. Lindner
f8f195b8c2 Allow Ctrl-click to keep EmojiPicker window open (#13896) 2020-05-31 20:34:34 +02:00
Thibaut Girka
ac9b14d93b Hide local-only pinned toots from public profiles
Fixes #1336

This also fixes federating pinned toots when some of them are local-only.

Public profiles will not show public toots, whether you are logged in
or not (this is consistent with local-only toots that are not pinned).
2020-05-31 17:20:15 +02:00
Thibaut Girka
0b7387cf40 Fix backup archive including outgoing-only content warnings 2020-05-30 18:27:00 +02:00
Thibaut Girka
7a7574317f Add support for setting Content Warning for CW-less outgoing toots 2020-05-30 18:27:00 +02:00
Thibaut Girka
66f20c8a77 Move glitch-specific ruby-side locales to their own files 2020-05-30 12:54:17 +02:00
ThibG
84e94773fe Merge pull request #1341 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2020-05-29 22:13:06 +02:00
ThibG
ed6300f3c5 [Glitch] Fix timeline markers in Firefox
Port 366942b60f to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-05-29 20:02:30 +02:00
ThibG
948f988a04 [Glitch] Fix timeline markers not working on Chrome
Port bf68cd3bf0 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-05-29 20:02:30 +02:00
Thibaut Girka
cb592b80aa Merge branch 'master' into glitch-soc/merge-upstream 2020-05-29 19:27:21 +02:00
ThibG
366942b60f Fix timeline markers in Firefox (regression from #13887) (#13889)
Unfortunately, Firefox does not support the `keepalive` parameter
I used in the previous PR. However it supports the `navigator.sendBeacon`
API that allows that kind of things, but does not allow setting headers.

Therefore, this PR replaces it with a `sendBeacon` call that passes the
bearer token in the POST data.

Doorkeeper will then handle the auth token out of the box, as long as
it is passed as form data. Passing the query as JSON does not work.
2020-05-29 19:25:57 +02:00
ThibG
bf68cd3bf0 Fix timeline markers not working on Chrome (#13887)
* Periodically save timeline markers

This saves timeline markers immediately upon message arrival, but not more
than once every 5 minutes.

This does not change how the markers are saved on closing the window,
except that it avoids submitting them if there is no need for it.

* Use the Fetch API when possible instead of XHR on window unload
2020-05-29 16:14:16 +02:00
dependabot-preview[bot]
34e0a31a58 [Security] Bump kaminari from 1.2.0 to 1.2.1 (#13886)
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.2.0 to 1.2.1. **This update includes a security fix.**
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.2.0...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 23:50:24 +02:00
dependabot-preview[bot]
0cc885e3ef Bump is-promise from 2.1.0 to 2.2.2 (#13870)
Bumps [is-promise](https://github.com/then/is-promise) from 2.1.0 to 2.2.2.
- [Release notes](https://github.com/then/is-promise/releases)
- [Commits](https://github.com/then/is-promise/compare/v2.1.0...2.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 23:44:53 +09:00
dependabot-preview[bot]
b025c3a88e Bump react-transition-group from 2.5.2 to 2.9.0 (#13860)
Bumps [react-transition-group](https://github.com/reactjs/react-transition-group) from 2.5.2 to 2.9.0.
- [Release notes](https://github.com/reactjs/react-transition-group/releases)
- [Changelog](https://github.com/reactjs/react-transition-group/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reactjs/react-transition-group/compare/v2.5.2...v2.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 23:38:51 +09:00