Eugen Rochko
b7a6bba0b7
Fix cookies secure flag being set when served over Tor ( #17992 )
3 years ago
dependabot[bot]
483af27d41
Bump gitlab-omniauth-openid-connect from 0.5.0 to 0.9.1 ( #17779 )
...
Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect ) from 0.5.0 to 0.9.1.
- [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags )
- [Changelog](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/blob/master/CHANGELOG.md )
- [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.5.0...v0.9.1 )
---
updated-dependencies:
- dependency-name: gitlab-omniauth-openid-connect
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
d2ba407fda
Bump fabrication from 2.27.0 to 2.28.0 ( #17960 )
...
Bumps [fabrication](https://gitlab.com/fabrication-gem/fabrication ) from 2.27.0 to 2.28.0.
- [Release notes](https://gitlab.com/fabrication-gem/fabrication/tags )
- [Changelog](https://gitlab.com/fabrication-gem/fabrication/blob/master/Changelog.markdown )
- [Commits](https://gitlab.com/fabrication-gem/fabrication/compare/2.27.0...2.28.0 )
---
updated-dependencies:
- dependency-name: fabrication
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
fd675d9fff
Bump lograge from 0.11.2 to 0.12.0 ( #17961 )
...
Bumps [lograge](https://github.com/roidrage/lograge ) from 0.11.2 to 0.12.0.
- [Release notes](https://github.com/roidrage/lograge/releases )
- [Changelog](https://github.com/roidrage/lograge/blob/master/CHANGELOG.md )
- [Commits](https://github.com/roidrage/lograge/compare/v0.11.2...v0.12.0 )
---
updated-dependencies:
- dependency-name: lograge
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
Claire
c1b85d1f99
Fix migration error handling ( #17991 )
3 years ago
Claire
2b7d558807
Fix error re-running some migrations if they get interrupted at the wrong moment ( #17989 )
3 years ago
Eugen Rochko
aa6bc541d3
Fix pagination header on empty trends responses in REST API ( #17986 )
3 years ago
Claire
d43028a0d3
Fix potentially missing statuses when reconnecting to websocket ( #17981 )
...
* Fix potentially missing statuses when reconnecting to websocket
* Add gap on reconnect rather than maintaining it constantly
3 years ago
Claire
7ee6cc230e
Fix failure when sending warning emails with custom text ( #17983 )
...
* Add tests
* Fix failure when sending warning emails with custom text
3 years ago
Eugen Rochko
62906f15ad
Fix unset `SMTP_RETURN_PATH` environment variable causing e-mail not to send ( #17982 )
3 years ago
Claire
00d429879f
Fix older items possibly disappearing on timeline updates ( #17980 )
...
In some rare cases, when receiving statuses out of order from the streaming
API then polling from the REST API, it was possible for the
`expandNormalizedTimeline` function to remove older items from the timeline.
This commit ensures that any item from the replaced slice that is older
than the oldest item retrieved from the API gets added back to the replaced
slice.
3 years ago
Eugen Rochko
cea2cd9a56
Add pagination for trending statuses in web UI ( #17976 )
3 years ago
Claire
623f8717c8
Fix possible duplicate statuses in timelines in some edge cases ( #17971 )
...
In some rare cases, when receiving statuses out of order from the streaming
API then polling from the REST API, it was possible for the
`expandNormalizedTimeline` function to insert duplicates in the timeline,
which would then result in several bugs.
This commits ensures that there are no duplicates inserted in the
timeline.
3 years ago
Claire
d62ebc9d7b
Fix spurious edits and require incoming edits to be explicitly marked as such ( #17918 )
...
* Change post text edit to not be considered significant if it's identical after reformatting
* We don't need to clear previous change information anymore
* Require status edits to be explicit, except for poll tallies
* Fix tests
* Add some tests
* Add poll-related tests
* Add HTML-formatting related tests
3 years ago
Claire
82375bdb7c
Fix error when encountering invalid pinned posts ( #17964 )
3 years ago
Eugen Rochko
f982d56b4e
Remove sign-in token authentication, instead send e-mail about new sign-in ( #17970 )
3 years ago
Claire
7790624ca4
Fix inconsistency in error handling when removing a status ( #17974 )
...
Not completely sure this could actually have any ill effect, but if
`RemoveStatusService` fails to acquire a lock in an
`ActivityPub::ProcessingWorker` job processing a `Delete`, the status
is currently discarded and causes a job failure but the next time the
job is attempted, it will skip deleting the status due to it being
discarded.
This commit makes the behavior of `RemoveStatusService` a bit more consistent
in case of failure to acquire the lock.
3 years ago
Claire
0e3717eb2d
Fix admin API unconditionally requiring CSRF token ( #17975 )
...
Fixes #17898
Since #17204 , the admin API has only been available through the web
application because of the unconditional requirement to provide a valid CSRF
token.
This commit changes it back to `null_session`, which should make it work
both with session-based authentication (provided a CSRF token) and with a
bearer token.
3 years ago
Eugen Rochko
89268074e7
Fix `GET /api/v1/trends/tags` missing `offset` param in REST API ( #17973 )
3 years ago
dependabot[bot]
c720b36d97
Bump sass from 1.49.9 to 1.49.11 ( #17959 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.49.9 to 1.49.11.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.49.9...1.49.11 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
563f53a823
Bump prettier from 2.6.1 to 2.6.2 ( #17958 )
...
Bumps [prettier](https://github.com/prettier/prettier ) from 2.6.1 to 2.6.2.
- [Release notes](https://github.com/prettier/prettier/releases )
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prettier/prettier/compare/2.6.1...2.6.2 )
---
updated-dependencies:
- dependency-name: prettier
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
c961a079a5
Bump redis from 4.0.4 to 4.0.6 ( #17957 )
...
Bumps [redis](https://github.com/redis/node-redis ) from 4.0.4 to 4.0.6.
- [Release notes](https://github.com/redis/node-redis/releases )
- [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/redis/node-redis/compare/redis@4.0.4...redis@4.0.6 )
---
updated-dependencies:
- dependency-name: redis
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
88a228f7da
Bump sidekiq-unique-jobs from 7.1.15 to 7.1.16 ( #17956 )
...
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs ) from 7.1.15 to 7.1.16.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases )
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/main/CHANGELOG.md )
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.1.15...v7.1.16 )
---
updated-dependencies:
- dependency-name: sidekiq-unique-jobs
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
58f5a39cfd
Bump react-redux from 7.2.6 to 7.2.8 ( #17955 )
...
Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 7.2.6 to 7.2.8.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.6...v7.2.8 )
---
updated-dependencies:
- dependency-name: react-redux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
631c0faec4
Bump ox from 2.14.10 to 2.14.11 ( #17954 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.14.10 to 2.14.11.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.14.10...v2.14.11 )
---
updated-dependencies:
- dependency-name: ox
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
2c41e65c6a
Bump pg from 1.3.4 to 1.3.5 ( #17953 )
...
Bumps [pg](https://github.com/ged/ruby-pg ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/ged/ruby-pg/releases )
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc )
- [Commits](https://github.com/ged/ruby-pg/commits )
---
updated-dependencies:
- dependency-name: pg
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
rinsuki
a4fa33f2be
fix: returns nil instead of empty URL on status.application.website ( #17962 )
3 years ago
CommanderRoot
07f1888854
Replace deprecated String.prototype.substr() ( #17949 )
...
* Replace deprecated String.prototype.substr()
.substr() is deprecated so we replace it with .slice() which works similarily but isn't deprecated
* Change String.prototype.substring() to String.prototype.slice()
.substring() and .slice() work very similary but .slice() is a bit faster and stricter
* Add ESLint rule to forbid usage of .substr and .substring
.substr() is deprecated and .substring() is very similar to .slice() so better to use .slice() at all times
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
3 years ago
Ondřej Pokorný
c3eacaecfe
Update en.yml ( #17942 )
...
typo
3 years ago
Claire
4001f3810c
Fix unusual number formatting in some locales ( #17929 )
...
* Fix unusual number formatting in some locales
Fixes #17904
* Fix typo
3 years ago
Holger
fb3fc6cab4
fix: `s3_force_single_request` not parsed ( #17922 )
3 years ago
Claire
b1e4e460db
Fix assets failing to build with OpenSSL 3 because of deprecated hash algorithm ( #17930 )
...
Fixes #17924
3 years ago
dependabot[bot]
042fbadf92
Bump puma from 5.6.2 to 5.6.4 ( #17914 )
...
Bumps [puma](https://github.com/puma/puma ) from 5.6.2 to 5.6.4.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v5.6.2...v5.6.4 )
---
updated-dependencies:
- dependency-name: puma
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
Holger
09c02b1f49
fix: PWA web manifest not changed to new routes ( #17921 )
3 years ago
Claire
812b2048f6
Fix error MethodError in Chewy::Strategy::Sidekiq::Worker ( #17912 )
...
Also refactor a bit to reduce code duplication.
3 years ago
Eugen Rochko
a7a8594f2e
Bump version to 3.5.0 ( #17911 )
3 years ago
Eugen Rochko
d6d285eb75
Fix being able to post URLs longer than 4096 characters ( #17908 )
3 years ago
Eugen Rochko
bbde6bcf6e
Fix being able to bypass e-mail restrictions ( #17909 )
3 years ago
Eugen Rochko
36d5cefeb6
Revert "Split build image actions ( #17793 )" ( #17907 )
...
This reverts commit 4eef881f84
.
3 years ago
Claire
7e57a8768c
Refactor `response_to_recipient?` CTE ( #17899 )
...
* Optimize and clean up `response_to_recipient?` CTE
Marginally improve performances, and make the CTE much more readable
* Limit max depth in `response_to_recipient?` CTE
3 years ago
Claire
a23fbf6ec5
Fix regression of status colors in actions modal in web UI ( #17903 )
...
Fixes #17900
Regression in #17844 (#17851 restored the code in the wrong place…)
3 years ago
Yurii Izorkin
b17911952a
caniuse-lite: add hash sum ( #17902 )
3 years ago
dependabot[bot]
c72a470f2a
Bump rubocop from 1.26.0 to 1.26.1 ( #17891 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.26.0 to 1.26.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.26.0...v1.26.1 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
ec72db60e2
Bump capistrano from 3.16.0 to 3.17.0 ( #17774 )
...
* Bump capistrano from 3.16.0 to 3.17.0
Bumps [capistrano](https://github.com/capistrano/capistrano ) from 3.16.0 to 3.17.0.
- [Release notes](https://github.com/capistrano/capistrano/releases )
- [Commits](https://github.com/capistrano/capistrano/compare/v3.16.0...v3.17.0 )
---
updated-dependencies:
- dependency-name: capistrano
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* 3.17.0
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
dependabot[bot]
3449768dd9
Bump concurrent-ruby from 1.1.9 to 1.1.10 ( #17889 )
...
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby ) from 1.1.9 to 1.1.10.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases )
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.9...v1.1.10 )
---
updated-dependencies:
- dependency-name: concurrent-ruby
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
bec1e27fa6
Bump babel-loader from 8.2.3 to 8.2.4 ( #17894 )
...
Bumps [babel-loader](https://github.com/babel/babel-loader ) from 8.2.3 to 8.2.4.
- [Release notes](https://github.com/babel/babel-loader/releases )
- [Changelog](https://github.com/babel/babel-loader/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel-loader/compare/v8.2.3...v8.2.4 )
---
updated-dependencies:
- dependency-name: babel-loader
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
b0923c7643
Bump @testing-library/jest-dom from 5.16.2 to 5.16.3 ( #17895 )
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 5.16.2 to 5.16.3.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.16.2...v5.16.3 )
---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
159e8c3de7
Bump prettier from 2.6.0 to 2.6.1 ( #17893 )
...
Bumps [prettier](https://github.com/prettier/prettier ) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/prettier/prettier/releases )
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prettier/prettier/compare/2.6.0...2.6.1 )
---
updated-dependencies:
- dependency-name: prettier
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
fae1c25b50
Bump devise-two-factor from 4.0.1 to 4.0.2 ( #17892 )
...
Bumps [devise-two-factor](https://github.com/tinfoil/devise-two-factor ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/tinfoil/devise-two-factor/releases )
- [Changelog](https://github.com/tinfoil/devise-two-factor/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tinfoil/devise-two-factor/compare/v4.0.1...v4.0.2 )
---
updated-dependencies:
- dependency-name: devise-two-factor
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
dependabot[bot]
179a1fb057
Bump yargs from 17.3.1 to 17.4.0 ( #17834 )
...
Bumps [yargs](https://github.com/yargs/yargs ) from 17.3.1 to 17.4.0.
- [Release notes](https://github.com/yargs/yargs/releases )
- [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md )
- [Commits](https://github.com/yargs/yargs/compare/v17.3.1...v17.4.0 )
---
updated-dependencies:
- dependency-name: yargs
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago