Eugen Rochko
1d560713b6
Fix only one middle dot being recognized in hashtags ( #11345 )
...
Fix #10934
2019-07-18 03:02:56 +02:00
Eugen Rochko
01cff5ee60
Add aac, m4a, 3gp to allowed audio formats ( #11342 )
...
Fix #11186
2019-07-18 03:02:30 +02:00
Eugen Rochko
c27fb14e9f
Change language detection to include hashtags as words ( #11341 )
2019-07-18 03:02:15 +02:00
dependabot-preview[bot]
020daac19f
Bump rack-attack from 6.0.0 to 6.1.0 ( #11313 )
...
Bumps [rack-attack](https://github.com/kickstarter/rack-attack ) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases )
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.0.0...v6.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:07:02 +02:00
dependabot-preview[bot]
b856854767
Bump rubocop-rails from 2.2.0 to 2.2.1 ( #11308 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.2.0...v2.2.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:06:39 +02:00
dependabot-preview[bot]
f4ecf3c821
Bump puma from 3.12.1 to 4.0.1 ( #11306 )
...
Bumps [puma](https://github.com/puma/puma ) from 3.12.1 to 4.0.1.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v4.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-18 01:06:14 +02:00
ThibG
9bea975f52
Fix typo in StatusPolicy ( #11344 )
2019-07-18 00:48:26 +02:00
ThibG
9015b19e09
Add setting to disable the anti-spam ( #11296 )
...
* Add environment variable to disable the anti-spam
* Move antispam setting to admin settings
* Fix typo
* antispam → spam_check
2019-07-17 21:09:15 +02:00
Eugen Rochko
50caff4dc0
Change terms and privacy policy pages to always be accessible ( #11334 )
...
Fix #11328
2019-07-17 19:29:37 +02:00
ThibG
978792a112
Fix custom CSS controller ( #11336 )
2019-07-17 17:14:25 +02:00
ThibG
ac154ccc95
Extend AUTHORIZED_FETCH mode to user blocks as well ( #11332 )
...
* Extend AUTHORIZED_FETCH mode to user blocks as well
* Move decision to deny access to StatusPolicy
2019-07-17 01:53:37 +02:00
ThibG
a4b1083795
Fix caching headers in ActivityPub endpoints ( #11331 )
...
* Fix reverse-proxy caching in public fetch mode
* Fix caching in ActivityPub-specific controllers
2019-07-17 00:00:39 +02:00
ThibG
ab6af77728
Remove unused Account#magic_key ( #11327 )
2019-07-16 14:25:56 +02:00
Daigo 3 Dango
6354a48308
Make puma bind address configurable with BIND env var ( #11326 )
2019-07-16 06:51:36 +02:00
Eugen Rochko
9dead08055
Add option to disable real-time updates in web UI ( #9984 )
...
Fix #9031
Fix #7913
2019-07-16 06:30:47 +02:00
dependabot-preview[bot]
b5ffff8d39
Bump eslint-plugin-jsx-a11y from 6.2.1 to 6.2.3 ( #11314 )
...
Bumps [eslint-plugin-jsx-a11y](https://github.com/evcohen/eslint-plugin-jsx-a11y ) from 6.2.1 to 6.2.3.
- [Release notes](https://github.com/evcohen/eslint-plugin-jsx-a11y/releases )
- [Changelog](https://github.com/evcohen/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md )
- [Commits](https://github.com/evcohen/eslint-plugin-jsx-a11y/compare/v6.2.1...v6.2.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:24:26 +09:00
dependabot-preview[bot]
3fc46fba2c
Bump webpack from 4.34.0 to 4.35.3 ( #11309 )
...
Bumps [webpack](https://github.com/webpack/webpack ) from 4.34.0 to 4.35.3.
- [Release notes](https://github.com/webpack/webpack/releases )
- [Commits](https://github.com/webpack/webpack/compare/v4.34.0...v4.35.3 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:13:57 +09:00
dependabot-preview[bot]
19eabae239
Bump lodash from 4.17.13 to 4.17.14 ( #11312 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.13 to 4.17.14.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.13...4.17.14 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:06:30 +09:00
dependabot-preview[bot]
4bfffcfce1
Bump @babel/runtime from 7.4.5 to 7.5.4 ( #11315 )
...
Bumps [@babel/runtime](https://github.com/babel/babel ) from 7.4.5 to 7.5.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.4.5...v7.5.4 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 01:04:46 +09:00
dependabot-preview[bot]
08a927817e
Bump eslint-plugin-import from 2.17.3 to 2.18.0 ( #11310 )
...
Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import ) from 2.17.3 to 2.18.0.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases )
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.17.3...v2.18.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-16 00:52:23 +09:00
Yamagishi Kazutoshi
d309685866
Fix consistent interpolations ( #11317 )
2019-07-15 16:10:24 +02:00
Eugen Rochko
ac853dca51
Add periodic removal of older thumbnails for preview cards ( #11304 )
2019-07-15 07:50:14 +02:00
Eugen Rochko
c4a05eaa87
New Crowdin translations ( #11153 )
...
* New translations activerecord.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Norwegian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Telugu)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations simple_form.en.yml (Esperanto)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Georgian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Ido)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Czech)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations doorkeeper.en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.json (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Welsh)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations doorkeeper.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations simple_form.en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Serbian (Latin))
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations devise.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations doorkeeper.en.yml (Basque)
[ci skip]
* New translations en.json (Korean)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Asturian)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations doorkeeper.en.yml (Spanish)
[ci skip]
* New translations doorkeeper.en.yml (Spanish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations doorkeeper.en.yml (Spanish)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations devise.en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations activerecord.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* New translations devise.en.yml (Bengali)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
2019-07-15 06:12:05 +02:00
Eugen Rochko
fe299d3417
Change default interface of web and streaming from 0.0.0.0 to 127.0.0.1 ( #11302 )
2019-07-15 05:56:35 +02:00
ThibG
a7b0224699
Disable LDSigning when AUTHORIZED_FETCH is set to true ( #11295 )
2019-07-15 02:29:39 +02:00
ThibG
3f12a0b8fd
Fix leaking private statuses the admin account follows ( #11300 )
...
Now that the request is signed, it can return private toots. Do not leak them.
2019-07-15 02:29:04 +02:00
PatOnTheBack
45be10c041
Bump handlebars from 4.1.0 to 4.1.2 ( #11293 )
...
Bumps [handlebars](https://github.com/wycats/handlebars.js ) from 4.1.0 to 4.1.2.
- [Release notes](https://github.com/wycats/handlebars.js/releases )
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md )
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.0...v4.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2019-07-14 14:05:11 +09:00
dependabot-preview[bot]
4338666b5f
Bump rubocop-rails from 2.0.1 to 2.2.0 ( #11257 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.0.1 to 2.2.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.0.1...v2.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-13 23:52:08 +09:00
Eugen Rochko
f70b20a01c
Add a spam check ( #11217 )
...
* Add a spam check
* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance
* Add more tests
* Add exemption when the message is a reply to something that mentions the sender
* Use Nilsimsa Compare Value instead of Levenshtein distance
* Use MD5 for messages shorter than 10 characters
* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account
* Expire spam check data after 3 months
* Add support for local statuses, reduce expiration to 1 week, always create a report
* Add content warnings to the spam check and exempt empty statuses
* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check
* Add all matched statuses into automatic report
2019-07-13 16:45:50 +02:00
han@highemelry
b6997d2622
Change the retry limit in error of web push notification ( #11292 )
...
- Change the maximum count of retry for web push notification (Default -> 5).
- In case of high load of subscribe server, the retries will be repeated many times.
- Because the retries occupy the default queue, maximum retry count should be reduced.
2019-07-12 18:46:21 +02:00
Eugen Rochko
39719ae981
Add ActivityPub secure mode ( #11269 )
...
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
ThibG
4bf0ee9467
Fix BlockService trying to reject incorrect follow request ( #11288 )
...
Fixes #11148
2019-07-11 14:50:27 +02:00
Eugen Rochko
317b79d673
Add HTTP signatures to all outgoing ActivityPub GET requests ( #11284 )
2019-07-11 14:49:55 +02:00
dependabot-preview[bot]
727472af94
[Security] Bump lodash from 4.17.11 to 4.17.13 ( #11287 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.11 to 4.17.13. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-11 06:33:07 +02:00
Eugen Rochko
6baf5099a6
Refactor fetching of remote resources ( #11251 )
2019-07-10 18:59:28 +02:00
ThibG
f9548fd31f
Drop magic-public-key from webfinger replies as it's only used for OStatus ( #11280 )
2019-07-10 17:10:43 +02:00
ThibG
e39e4786b4
Fix handling of webfinger redirects in ResolveAccountService ( #11279 )
2019-07-10 17:10:12 +02:00
ThibG
80b5a5d735
Fix old migration script depending on the StreamEntry model ( #11278 )
2019-07-10 17:09:10 +02:00
Eugen Rochko
f83ce1d943
Fix activity being rendered within activity due to caching ( #11271 )
...
Fix #11270
2019-07-10 00:43:30 +02:00
Eugen Rochko
d0b0b63b1a
Refactor domain block checks ( #11268 )
2019-07-09 03:27:35 +02:00
ThibG
5031bc3998
Fix Status.remote scope matching *all* statuses ( #11265 )
2019-07-08 18:17:22 +02:00
Eugen Rochko
e17c937f65
Remove unused remote unfollow controller ( #11250 )
2019-07-08 12:04:06 +02:00
Eugen Rochko
56f0203c66
Refactor controllers for statuses, accounts, and more ( #11249 )
2019-07-08 12:03:45 +02:00
dependabot-preview[bot]
608b927f5d
Bump faker from 1.9.3 to 1.9.6 ( #11259 )
...
Bumps [faker](https://github.com/stympy/faker ) from 1.9.3 to 1.9.6.
- [Release notes](https://github.com/stympy/faker/releases )
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/stympy/faker/compare/v1.9.3...1.9.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:29:00 +09:00
dependabot-preview[bot]
763d9b2ea3
Bump simplecov from 0.16.1 to 0.17.0 ( #11260 )
...
Bumps [simplecov](https://github.com/colszowka/simplecov ) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/colszowka/simplecov/releases )
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md )
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:28:33 +09:00
dependabot-preview[bot]
08a75dad8e
Bump aws-sdk-s3 from 1.43.0 to 1.45.0 ( #11262 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.43.0 to 1.45.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.43.0...v1.45.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:26:41 +09:00
dependabot-preview[bot]
dabc6ca8d9
Bump tzinfo-data from 1.2019.1 to 1.2019.2 ( #11258 )
...
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2019.1 to 1.2019.2.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.1...v1.2019.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:26:12 +09:00
dependabot-preview[bot]
2a96fc5b26
Bump eslint-plugin-react from 7.12.1 to 7.14.2 ( #11253 )
...
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.12.1 to 7.14.2.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.12.1...v7.14.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:25:20 +09:00
dependabot-preview[bot]
eed3dd4c61
Bump @babel/plugin-proposal-class-properties from 7.4.4 to 7.5.0 ( #11254 )
...
Bumps [@babel/plugin-proposal-class-properties](https://github.com/babel/babel ) from 7.4.4 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.4.4...v7.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 18:24:38 +09:00
dependabot-preview[bot]
3cbaded97c
Bump compression-webpack-plugin from 2.0.0 to 3.0.0 ( #11224 )
...
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin ) from 2.0.0 to 3.0.0.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v2.0.0...v3.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08 16:49:47 +09:00