Commit graph

10517 commits

Author SHA1 Message Date
Claire
55babb90ac Fix SVG files not being correctly included in templates (#16001)
In Rails 6.1, raw file inclusion in templates have to be explicitly marked as
HTML-safe, otherwise it's rendered as text.
2021-04-05 13:05:49 +02:00
dependabot[bot]
4da28621ef Bump rubocop from 1.12.0 to 1.12.1 (#15996)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.12.0...v1.12.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05 19:10:40 +09:00
dependabot[bot]
25fb8d6797 Bump webpack-assets-manifest from 4.0.1 to 4.0.2 (#15999)
Bumps [webpack-assets-manifest](https://github.com/webdeveric/webpack-assets-manifest) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/webdeveric/webpack-assets-manifest/releases)
- [Commits](https://github.com/webdeveric/webpack-assets-manifest/compare/v4.0.1...v4.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05 19:10:18 +09:00
dependabot[bot]
daa61e0b81 Bump @testing-library/react from 11.2.5 to 11.2.6 (#15997)
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 11.2.5 to 11.2.6.
- [Release notes](https://github.com/testing-library/react-testing-library/releases)
- [Changelog](https://github.com/testing-library/react-testing-library/blob/master/CHANGELOG.md)
- [Commits](https://github.com/testing-library/react-testing-library/compare/v11.2.5...v11.2.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05 19:09:50 +09:00
Eugen Rochko
19df881320 Add system checks to dashboard in admin UI (#15989) 2021-04-03 14:12:30 +02:00
Eugen Rochko
2e0cdf30d5 Change health check (#15988) 2021-04-03 02:39:04 +02:00
Claire
fb35c11084 Fix crash in old browsers (#15985)
Fixes #15984
2021-04-01 00:00:12 +02:00
abcang
57d0cb0002 Fix DB connection pool settings in CLI (#15983) 2021-03-31 17:46:17 +02:00
dependabot[bot]
3b59110499 Bump react-select from 4.0.2 to 4.3.0 (#15969)
Bumps [react-select](https://github.com/JedWatson/react-select) from 4.0.2 to 4.3.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@4.0.2...react-select@4.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31 11:39:58 +09:00
dependabot[bot]
32aba43af6 Bump eslint from 7.22.0 to 7.23.0 (#15971)
Bumps [eslint](https://github.com/eslint/eslint) from 7.22.0 to 7.23.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.22.0...v7.23.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31 10:46:57 +09:00
dependabot[bot]
5e2d8c2390 Bump @babel/preset-react from 7.12.13 to 7.13.13 (#15965)
Bumps [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react) from 7.12.13 to 7.13.13.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.13/packages/babel-preset-react)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31 07:47:28 +09:00
dependabot[bot]
3617ca657d Bump react-redux from 7.2.2 to 7.2.3 (#15963)
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.2.2 to 7.2.3.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.2...v7.2.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31 01:42:42 +09:00
dependabot[bot]
460977f47d Bump @babel/core from 7.13.10 to 7.13.14 (#15979)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.10 to 7.13.14.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.14/packages/babel-core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31 00:55:59 +09:00
dependabot[bot]
de6d254cdb Bump aws-sdk-s3 from 1.92.0 to 1.93.0 (#15973)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.92.0 to 1.93.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:58:23 +09:00
dependabot[bot]
52b09962d5 Bump eslint-plugin-react from 7.22.0 to 7.23.1 (#15967)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.22.0 to 7.23.1.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.22.0...v7.23.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:57:41 +09:00
dependabot[bot]
28a07f63bf Bump rubocop from 1.11.0 to 1.12.0 (#15970)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.11.0...v1.12.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:49:45 +09:00
dependabot[bot]
4db6679d78 Bump parallel_tests from 3.5.2 to 3.6.0 (#15968)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.5.2 to 3.6.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.5.2...v3.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:48:30 +09:00
dependabot[bot]
1973ee7976 Bump fabrication from 2.21.1 to 2.22.0 (#15966)
Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.21.1 to 2.22.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:47:06 +09:00
dependabot[bot]
d40cd3501e Bump webmock from 3.12.1 to 3.12.2 (#15964)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.12.1...v3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:44:51 +09:00
dependabot[bot]
b58db05e48 Bump @testing-library/jest-dom from 5.11.9 to 5.11.10 (#15972)
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.11.9 to 5.11.10.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.11.9...v5.11.10)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:43:15 +09:00
dependabot[bot]
b392e8aa2b Bump mini-css-extract-plugin from 1.3.9 to 1.4.0 (#15976)
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 1.3.9 to 1.4.0.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.3.9...v1.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:42:17 +09:00
dependabot[bot]
5c68da772d Bump @babel/preset-env from 7.13.10 to 7.13.12 (#15975)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.13.10 to 7.13.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.13.12/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:40:18 +09:00
dependabot[bot]
50adbe9efe Bump css-loader from 5.1.3 to 5.2.0 (#15961)
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 5.1.3 to 5.2.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.3...v5.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:38:27 +09:00
Mashiro
d6432f2cb6 build: install shared-mime-info in Dockerfile (#15978) 2021-03-30 10:10:04 +02:00
dependabot[bot]
0adfb79dd9 Bump pghero from 2.8.0 to 2.8.1 (#15962)
Bumps [pghero](https://github.com/ankane/pghero) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.8.0...v2.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 15:17:10 +02:00
dependabot[bot]
34cc6d6cc7 Bump rails from 6.1.3 to 6.1.3.1 (#15960)
Bumps [rails](https://github.com/rails/rails) from 6.1.3 to 6.1.3.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.3...v6.1.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29 14:39:37 +09:00
Claire
7e74891ff0 Fix /admin/tags/:id crashing since Rails 6.1 update (#15953)
Raw SQL passed to `pluck` now has to be explicitly marked as SQL via
Arel.sql, see https://github.com/rails/rails/pull/27947
2021-03-26 18:36:16 +01:00
Claire
151e79fe72 Add warning in admin dashboard if some required queues are not handled (#15954) 2021-03-26 18:22:54 +01:00
Eugen Rochko
6440cd74e9 Add email param to POST /api/v1/emails/confirmations (#15949)
Allow changing e-mail as long as the account is unconfirmed
2021-03-25 02:46:13 +01:00
Marcin Mikołajczak
af28865116 Add transition to media modal background (#15843)
* Add transition to media modal background

* use reduceMotion

* Move background color transition into css

Signed-off-by: marcin mikołajczak <me@mkljczk.pl>
2021-03-24 13:51:32 +01:00
Stanislas
9c85025a11 tootctl emoji import: case insensitive duplicate check (#15738) 2021-03-24 10:55:16 +01:00
dependabot[bot]
5119cd8a0b Bump brakeman from 4.10.1 to 5.0.0 (#15656)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.10.1...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-24 10:53:23 +01:00
Yurii Izorkin
d38973427f templates/systemd/mastodon: enable sandbox mode (#15937) 2021-03-24 10:46:13 +01:00
Claire
b2a89bf38e Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire
edc41c6e17 Change mastodon:setup to not call assets:precompile in docker (#13942)
It appears assets are built during image build, and they shouldn't need
to be rebuilt, since we now have reproducible builds.
2021-03-24 10:37:24 +01:00
Claire
f0e6f3a1d7 Fix Mastodon not understanding as:Public and Public (#15948)
Fixes #5551
2021-03-24 10:19:40 +01:00
Claire
c9a92dd35a Fix compose form behavior in mobile view (#15555)
* Fix ComposeForm being mounted twice in mobile view

Fixes #13094

* Fix compose form focus and pre-selection behavior in mobile view

* Split _updateFocusAndSelection out of componentDidUpdate
2021-03-24 10:19:07 +01:00
Claire
90cd93f49a Switch from deprecated ClusterWS/cws to ws package (#15932)
* Switch from deprecated ClusterWS/cws to ws package

Fixes #15184

Co-authored-by: Edho Arief <me@nanaya.pro>

* Make bufferutil and utf-8-validate optional dependencies

Co-authored-by: Edho Arief <me@nanaya.pro>
2021-03-24 09:37:41 +01:00
dependabot[bot]
c8908a35b7 Bump react-select from 3.2.0 to 4.0.2 (#15624)
* Bump react-select from 3.2.0 to 4.0.2

Bumps [react-select](https://github.com/JedWatson/react-select) from 3.2.0 to 4.0.2.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.2.0...react-select@4.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

* Add cacheKey to NonceProvider for react-select

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-03-22 15:41:47 +09:00
dependabot[bot]
22763902bf Bump aws-sdk-s3 from 1.91.0 to 1.92.0 (#15938)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.91.0 to 1.92.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:39:39 +01:00
dependabot[bot]
50a56ad8c3 Bump css-loader from 5.1.2 to 5.1.3 (#15940)
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 5.1.2 to 5.1.3.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.2...v5.1.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:39:19 +01:00
dependabot[bot]
e02c954ed2 Bump rspec-rails from 5.0.0 to 5.0.1 (#15939)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:38:54 +01:00
dependabot[bot]
f2916a3098 Bump ox from 2.14.3 to 2.14.4 (#15941)
Bumps [ox](https://github.com/ohler55/ox) from 2.14.3 to 2.14.4.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.14.3...v2.14.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:38:23 +01:00
dependabot[bot]
96e3599dbb Bump sidekiq from 6.1.3 to 6.2.0 (#15943)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.1.3 to 6.2.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.3...v6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:37:51 +01:00
dependabot[bot]
a97c88abc5 Bump blurhash from 0.1.4 to 0.1.5 (#15942)
Bumps [blurhash](https://github.com/Gargron/blurhash) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/Gargron/blurhash/releases)
- [Commits](https://github.com/Gargron/blurhash/commits/v0.1.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:36:13 +01:00
dependabot[bot]
ee0c66df1e Bump sidekiq-unique-jobs from 7.0.4 to 7.0.7 (#15944)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 7.0.4 to 7.0.7.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.0.4...v7.0.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:35:46 +01:00
Sandro
bc5683f1b4 Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Claire
d27331e99a Fix brakeman warning (#15870)
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.

This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
Claire
ebe08f4335 Bypass MX validation for explicitly allowed domains (#15930)
* Bypass MX validation for explicitly allowed domains

This spares some lookups and prevent issues in some edge cases with
local domains.

* Add tests

* Fix test
2021-03-19 23:48:47 +01:00
Claire
bb510a1454 Fix push notification title for polls (#15931) 2021-03-19 23:47:31 +01:00