Commit graph

979 commits

Author SHA1 Message Date
Claire
bdaf4179b3 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-30 13:40:10 +02:00
dependabot[bot]
ec72db60e2 Bump capistrano from 3.16.0 to 3.17.0 (#17774)
* Bump capistrano from 3.16.0 to 3.17.0

Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.16.0 to 3.17.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.16.0...v3.17.0)

---
updated-dependencies:
- dependency-name: capistrano
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* 3.17.0

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-03-29 18:49:00 +09:00
Claire
f56a3dc4e2 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/dependabot.yml`:
  Upstream modified it, but we deleted it in glitch-soc.
  Keep it deleted.
2022-03-22 17:00:38 +01:00
dependabot[bot]
8ec5dd3e79 Bump letter_opener from 1.7.0 to 1.8.1 (#17838)
Bumps [letter_opener](https://github.com/ryanb/letter_opener) from 1.7.0 to 1.8.1.
- [Release notes](https://github.com/ryanb/letter_opener/releases)
- [Changelog](https://github.com/ryanb/letter_opener/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ryanb/letter_opener/compare/v1.7.0...v1.8.1)

---
updated-dependencies:
- dependency-name: letter_opener
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 11:30:45 +09:00
dependabot[bot]
9b5cc5c86c Bump tzinfo-data from 1.2021.5 to 1.2022.1 (#17839)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2021.5 to 1.2022.1.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2021.5...v1.2022.1)

---
updated-dependencies:
- dependency-name: tzinfo-data
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-22 11:30:32 +09:00
dependabot[bot]
bf4cad4a67 Bump rubocop from 1.25.1 to 1.26.0 (#17789)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.25.1 to 1.26.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.25.1...v1.26.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-18 09:51:58 +09:00
dependabot[bot]
755ef94fed Bump rubocop-rails from 2.13.2 to 2.14.0 (#17790)
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.13.2 to 2.14.0.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.13.2...v2.14.0)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-18 09:34:57 +09:00
Claire
24c1b04f9c Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream changed their README, we have a completely different one.
  Kept our README.
2022-03-15 20:45:27 +01:00
dependabot[bot]
d28213ae72 Bump rails from 6.1.4.6 to 6.1.5 (#17791)
Bumps [rails](https://github.com/rails/rails) from 6.1.4.6 to 6.1.5.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.4.6...v6.1.5)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-15 14:05:20 +09:00
Claire
f9d00306e0 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-12 11:51:25 +01:00
dependabot[bot]
0bc38b0a8a Bump rack-attack from 6.5.0 to 6.6.0 (#17405)
* Bump rack-attack from 6.5.0 to 6.6.0

Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/rack/rack-attack/releases)
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0)

---
updated-dependencies:
- dependency-name: rack-attack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix usage of deprecated API

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-12 09:23:53 +01:00
Claire
f677c1619a Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/status.rb`:
  Upstream updated media and edit-related code textually close to glitch-soc
  additions (local-only and content-type).
  Ported upstream changes.
- `app/models/status_edit.rb`:
  Upstream changes textually close to glitch-soc additions (content-type).
  Ported upstream changes.
- `app/serializers/activitypub/note_serializer.rb`:
  Upstream changed how media attachments are handled. Not really a conflict,
  but textually close to glitch-soc additions (directMessage attribute).
  Ported upstream changes.
- `app/services/remove_status_service.rb`:
  Upstream changed how media attachments are handled. Not really a conflict,
  but textually close to glitch-soc additions (DM timeline).
  Ported upstream changes.
- `app/services/update_status_service.rb`:
  Upstream fixed an issue with language selection. Not really a conflict,
  but textually close to glitch-soc additions (content-type).
  Ported upstream changes.
- `db/schema.rb`:
  Upstream added columns to the `status_edits` table, the conflict is because
  of an additional column (`content-type`) in glitch-soc.
  Ported upstream changes.
- `package.json`:
  Upstream dependency (express) textually adjacent to a glitch-soc-specific one
  (favico.js) got updated.
  Updated it as well.
2022-03-10 09:52:45 +01:00
dependabot[bot]
e01af6f018 Bump faker from 2.19.0 to 2.20.0 (#17716)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.19.0 to 2.20.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.19.0...v2.20.0)

---
updated-dependencies:
- dependency-name: faker
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-09 21:30:35 +09:00
chandrn7
ce5bebf108 Allow login through OpenID Connect (#16221)
* added OpenID Connect as an SSO option

* minor fixes

* added comments, removed an option that shouldn't be set

* fixed Gemfile.lock

* added newline to end of Gemfile.lock

* removed tab from Gemfile.lock

* remove chomp

* codeclimate changes and small name change to make function's purpose clearer

* codeclimate fix

* added SSO buttons to /about page

* minor refactor

* minor style change

* removed spurious change

* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth

* minor changes
2022-03-09 12:07:35 +01:00
Claire
8e04ac45be Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Not a real conflict, just upstream getting rid of unused constants too close
  to glitch-soc-specific contents.
  Removed unused constants like upstream did.
- `app/models/trends.rb`:
  Conflict because glitch-soc disabled email notifications for trending links.
  Upstream has refactored this quite a bit and added trending posts.
  Took upstream code, but disabling the extra trending stuff will come in
  another commit.
- `app/views/admin/trends/links/index.html.haml`:
  Conflict due to glitch-soc's theming system.
  Ported upstream changes accordingly.
2022-02-26 09:29:23 +01:00
dependabot[bot]
e64561e4ae Bump aws-sdk-s3 from 1.112.0 to 1.113.0 (#17642)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.112.0 to 1.113.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-25 01:48:46 +01:00
Claire
ddf6fa684b Merge branch 'main' into glitch-soc/merge-upstream 2022-02-19 11:33:18 +01:00
dependabot[bot]
823d816c06 Bump pundit from 2.1.1 to 2.2.0 (#17543)
* Bump pundit from 2.1.1 to 2.2.0

Bumps [pundit](https://github.com/varvet/pundit) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/varvet/pundit/releases)
- [Changelog](https://github.com/varvet/pundit/blob/main/CHANGELOG.md)
- [Commits](https://github.com/varvet/pundit/compare/v2.1.1...v2.2.0)

---
updated-dependencies:
- dependency-name: pundit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* `include Pundit` is deprecated

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-19 13:30:06 +09:00
Claire
175446f293 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `db/schema.rb`:
  Conflict due to glitch-soc adding the `content_type` column on status edits
  and thus having a different schema version number.
  Solved by taking upstream's schema version number, as it is higher than
  glitch-soc's.
2022-02-17 10:58:44 +01:00
dependabot[bot]
349e244fb8 Bump scenic from 1.5.5 to 1.6.0 (#17547)
Bumps [scenic](https://github.com/scenic-views/scenic) from 1.5.5 to 1.6.0.
- [Release notes](https://github.com/scenic-views/scenic/releases)
- [Changelog](https://github.com/scenic-views/scenic/blob/main/CHANGELOG.md)
- [Commits](https://github.com/scenic-views/scenic/compare/v1.5.5...v1.6.0)

---
updated-dependencies:
- dependency-name: scenic
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-16 19:18:09 +09:00
Claire
47c24cf2eb Revert "Bump strong_migrations from 0.7.9 to 0.8.0 (#17504)" (#17540)
This reverts commit 6b996fca0f.
2022-02-14 16:08:23 +01:00
dependabot[bot]
64cdb83d94 Bump kt-paperclip from 7.0.1 to 7.1.1 (#17502)
Bumps [kt-paperclip](https://github.com/kreeti/kt-paperclip) from 7.0.1 to 7.1.1.
- [Release notes](https://github.com/kreeti/kt-paperclip/releases)
- [Changelog](https://github.com/kreeti/kt-paperclip/blob/master/NEWS)
- [Commits](https://github.com/kreeti/kt-paperclip/compare/v7.0.1...v7.1.1)

---
updated-dependencies:
- dependency-name: kt-paperclip
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-13 20:21:09 +09:00
dependabot[bot]
6b996fca0f Bump strong_migrations from 0.7.9 to 0.8.0 (#17504)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.7.9 to 0.8.0.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.9...v0.8.0)

---
updated-dependencies:
- dependency-name: strong_migrations
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-13 08:05:22 +09:00
dependabot[bot]
bb445a991f Bump annotate from 3.1.1 to 3.2.0 (#17503)
Bumps [annotate](https://github.com/ctran/annotate_models) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ctran/annotate_models/compare/v3.1.1...v3.2.0)

---
updated-dependencies:
- dependency-name: annotate
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-13 08:04:32 +09:00
dependabot[bot]
90097e55a0 Bump rspec-rails from 5.0.2 to 5.1.0 (#17406)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.2...v5.1.0)

---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-13 08:00:26 +09:00
Claire
b7882a75d2 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/statuses_controller.rb`:
  Upstream moved things around in a place where glitch-soc had support for
  an extra parameter (`content_type`).
  Follow upstream but reintroduce `content_type`.
2022-02-10 19:09:27 +01:00
dependabot[bot]
8bfbe14288 Bump fabrication from 2.24.0 to 2.27.0 (#17447)
Bumps [fabrication](https://gitlab.com/fabrication-gem/fabrication) from 2.24.0 to 2.27.0.
- [Release notes](https://gitlab.com/fabrication-gem/fabrication/tags)
- [Changelog](https://gitlab.com/fabrication-gem/fabrication/blob/master/Changelog.markdown)
- [Commits](https://gitlab.com/fabrication-gem/fabrication/compare/2.24.0...2.27.0)

---
updated-dependencies:
- dependency-name: fabrication
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-10 15:25:42 +01:00
dependabot[bot]
06882c8097 Bump aws-sdk-s3 from 1.111.3 to 1.112.0 (#17452)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.111.3 to 1.112.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-10 15:12:09 +01:00
dependabot[bot]
0296013d2e Bump bootsnap from 1.10.2 to 1.10.3 (#17466)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.10.2...v1.10.3)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-10 15:11:41 +01:00
dependabot[bot]
9a270fd54a Bump puma from 5.5.2 to 5.6.1 (#17411)
Bumps [puma](https://github.com/puma/puma) from 5.5.2 to 5.6.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.5.2...v5.6.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-10 15:09:06 +01:00
Claire
bab90c9e1b Merge branch 'main' into glitch-soc/merge-upstream 2022-02-08 18:23:53 +01:00
Eugen Rochko
a44cc7931a Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Claire
daab277c0e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Upstream-updated lib textually too close to glitch-soc-only dep.
  Updated like upstream.
2022-01-28 08:58:32 +01:00
dependabot[bot]
5801e6d7ef Bump pg from 1.2.3 to 1.3.0 (#17349)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.3 to 1.3.0.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.3...v1.3.0)

---
updated-dependencies:
- dependency-name: pg
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-27 20:26:40 +09:00
dependabot[bot]
b7de46786d Bump rdf-normalize from 0.4.0 to 0.5.0 (#17226)
Bumps [rdf-normalize](https://github.com/ruby-rdf/rdf-normalize) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/ruby-rdf/rdf-normalize/releases)
- [Commits](https://github.com/ruby-rdf/rdf-normalize/compare/0.4.0...0.5.0)

---
updated-dependencies:
- dependency-name: rdf-normalize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-27 20:25:18 +09:00
Claire
56a49e9334 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `config/environments/production.rb`:
  Upstream changed a header but we had different default headers.
  Applied the same change, and also dropped HSTS headers redundant with
  Rails'.
2022-01-26 22:32:21 +01:00
dependabot[bot]
cb80dc6c35 Bump json-ld-preloaded from 3.1.6 to 3.2.0 (#17353)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.6 to 3.2.0.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.6...3.2.0)

---
updated-dependencies:
- dependency-name: json-ld-preloaded
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 21:23:42 +09:00
dependabot[bot]
e2e7aad5e8 Bump fabrication from 2.23.1 to 2.24.0 (#17356)
Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.23.1 to 2.24.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/commits)

---
updated-dependencies:
- dependency-name: fabrication
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 21:22:51 +09:00
dependabot[bot]
5a3db0d7b9 Bump sidekiq from 6.3.1 to 6.4.0 (#17350)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.3.1 to 6.4.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.3.1...v6.4.0)

---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 21:22:10 +09:00
dependabot[bot]
67ce5d774c Bump cld3 from 3.4.3 to 3.4.4 (#17357)
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.4.3 to 3.4.4.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.4.3...v3.4.4)

---
updated-dependencies:
- dependency-name: cld3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 20:48:05 +09:00
dependabot[bot]
e23ac7533c Bump bootsnap from 1.10.1 to 1.10.2 (#17367)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.10.1...v1.10.2)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 20:45:45 +09:00
dependabot[bot]
2a3e637e56 Bump rubocop from 1.24.1 to 1.25.0 (#17322)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.24.1 to 1.25.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.24.1...v1.25.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 20:39:08 +09:00
Claire
d36eb0503f Please CodeClimate 2022-01-24 21:29:50 +01:00
Claire
5c88cb1a67 Add optional hCaptcha support
Fixes #1649

This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then
enabling the admin setting at
`/admin/settings/edit#form_admin_settings_captcha_enabled`

Subsequently, a hCaptcha widget will be displayed on `/about` and
`/auth/sign_up` unless:
- the user is already signed-up already
- the user has used an invite link
- the user has already solved the captcha (and registration failed for another
  reason)

The Content-Security-Policy headers are altered automatically to allow the
third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same
rules as above.
2022-01-24 21:22:13 +01:00
Claire
ad5fd97277 Merge branch 'main' into glitch-soc/merge-upstream 2022-01-19 12:32:44 +01:00
dependabot[bot]
14a82cadc5 Bump thor from 1.1.0 to 1.2.1 (#17250)
Bumps [thor](https://github.com/rails/thor) from 1.1.0 to 1.2.1.
- [Release notes](https://github.com/rails/thor/releases)
- [Commits](https://github.com/rails/thor/compare/v1.1.0...v1.2.1)

---
updated-dependencies:
- dependency-name: thor
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-19 11:07:37 +09:00
dependabot[bot]
98ab5025d7 Bump nokogiri from 1.12.5 to 1.13.1 (#17306)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.1)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-19 11:06:17 +09:00
dependabot[bot]
2e46fca321 Bump aws-sdk-s3 from 1.109.0 to 1.111.1 (#17277)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.109.0 to 1.111.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-19 11:04:34 +09:00
dependabot[bot]
85d321a874 Bump ed25519 from 1.2.4 to 1.3.0 (#17310)
Bumps [ed25519](https://github.com/RubyCrypto/ed25519) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/RubyCrypto/ed25519/releases)
- [Changelog](https://github.com/RubyCrypto/ed25519/blob/main/CHANGES.md)
- [Commits](https://github.com/RubyCrypto/ed25519/compare/v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: ed25519
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-19 11:04:11 +09:00
dependabot[bot]
e6eb819c82 Bump bootsnap from 1.9.3 to 1.10.1 (#17311)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.9.3 to 1.10.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.9.3...v1.10.1)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-19 11:03:28 +09:00