Commit graph

14882 commits

Author SHA1 Message Date
Eugen Rochko
6732217dd0 Change languages to be listed under standard instead of native name in admin UI (#17485) 2022-02-09 04:15:38 +01:00
Eugen Rochko
948da1a958 Add edit history to web UI (#17390)
* Add edit history to web UI

* Change history reducer to store items per status

* Fix missing loading prop
2022-02-09 01:17:07 +01:00
Eugen Rochko
b0021ca3d5 Fix error in suggestions API due to typo (#17486)
Regression from #17479
2022-02-08 22:23:04 +01:00
Claire
67b4bcb642 Merge pull request #1680 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-08 19:43:59 +01:00
Claire
bab90c9e1b Merge branch 'main' into glitch-soc/merge-upstream 2022-02-08 18:23:53 +01:00
Eugen Rochko
a44cc7931a Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Eugen Rochko
1e5989c612 Add global locale param (#17464)
- Remove the session-based locale stickyness
2022-02-08 02:34:56 +01:00
Eugen Rochko
d979087a98 Fix localization of cold-start follow recommendations (#17479) 2022-02-08 01:53:49 +01:00
Claire
edd7dad3e2 Fix Ruby 2.5 incompatibility (#17465) 2022-02-07 19:57:06 +01:00
Eugen Rochko
73a585dd64 Fix structured data parsing from links choking on bad data (#17403)
* Fix structured data parsing from links choking on bad data

- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag

* Remove unnecessary slash escapes from CDATA regex pattern
2022-02-07 18:16:31 +01:00
Claire
42fdf52f0c Fix replies collection incorrectly looping (#17462)
* Refactor tests

* Add tests

* Fix replies collection incorrectly looping
2022-02-07 17:06:43 +01:00
Claire
621d92114d Fix errors when multiple Delete are received for a given actor (#17460) 2022-02-07 13:14:48 +01:00
Claire
0f43ff7a95 Merge pull request #1679 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-06 16:23:57 +01:00
Claire
aaace9f1db Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `CHANGELOG.md`:
  Upstream added newlines.
  Conflicts are because the CHANGELOG was independently merged from 3.4.6 on
  last security update.
  Took upstream's version.
- `app/helpers/context_helper.rb`:
  Conflicts because of extra vocabulary in glitch-soc. The conflicts were
  actually handled in last security merge.
  Kept our version.
2022-02-06 15:34:42 +01:00
Claire
5d53b3c8a7 Fix instance actor not being dereferenceable (#17457)
* Add tests

* Fix instance actor not being dereferenceable

* Fix tests

* Fix tests for real
2022-02-06 15:31:03 +01:00
potpro
3050472467 Update build-image.yml (#17454) 2022-02-05 17:29:54 +01:00
Claire
aa5dd344d1 Merge pull request #1678 from ClearlyClaire/glitch-soc/fixes/robust-theme-fallback
Make theme-selection fall back to default ones if configured is not found
2022-02-05 13:24:05 +01:00
Claire
c94ff7c869 Move glitch-soc-specific theming methods to ThemingConcern 2022-02-05 10:58:51 +01:00
Claire
4944068bd0 Make theme-selection fall back to default ones if configured is not found 2022-02-05 10:29:27 +01:00
Eugen Rochko
25d1195a04 Fix error on account relationships page in admin UI (#17444) 2022-02-05 05:06:34 +01:00
dependabot[bot]
6f42c1402f Bump brakeman from 5.2.0 to 5.2.1 (#17410)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v5.2.0...v5.2.1)

---
updated-dependencies:
- dependency-name: brakeman
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:03:12 +09:00
dependabot[bot]
6c36323b05 Bump redis from 4.0.2 to 4.0.3 (#17412)
Bumps [redis](https://github.com/redis/node-redis) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/redis/node-redis/releases)
- [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/node-redis/compare/redis@4.0.2...redis@4.0.3)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:03:06 +09:00
dependabot[bot]
97c400de92 Bump sidekiq-scheduler from 3.1.0 to 3.1.1 (#17407)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: sidekiq-scheduler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:02:57 +09:00
dependabot[bot]
ee72920b41 Bump http-link-header from 1.0.3 to 1.0.4 (#17414)
Bumps [http-link-header](https://github.com/jhermsmeier/node-http-link-header) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/jhermsmeier/node-http-link-header/releases)
- [Changelog](https://github.com/jhermsmeier/node-http-link-header/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhermsmeier/node-http-link-header/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: http-link-header
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:02:42 +09:00
Alexandra Catalina
58db467b01 Update tootsuite/mastodon Docker tag to v3.4.6 (#17436)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-03 21:29:20 +01:00
Eugen Rochko
d4e8594b82 Forward-port version bump to 3.4.6 (#17434) 2022-02-03 14:21:38 +01:00
Claire
418d45892d Merge pull request #1676 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-03 14:09:19 +01:00
Claire
b3190c2cd6 Fix compacted JSON-LD possibly causing compatibility issues on forwarding (#17428) 2022-02-03 14:09:04 +01:00
Claire
ec8cf0e39b Fix response_to_recipient? CTE (#17427) 2022-02-03 14:07:43 +01:00
Claire
b891d09d2f Compact JSON-LD signed incoming activities (#17426)
Co-authored-by: Puck Meerburg <puck@puck.moe>
2022-02-03 14:07:29 +01:00
Claire
fdf5030d85 Bump version to 3.4.6 2022-02-03 12:12:27 +01:00
Claire
eee2c187ee Fix response_to_recipient? CTE 2022-02-02 19:55:57 +01:00
Claire
77cc434f2b Fix compacted JSON-LD possibly causing compatibility issues on forwarding 2022-02-02 19:55:57 +01:00
Puck Meerburg
9d92e9204f Compact JSON-LD signed incoming activities 2022-02-02 16:13:11 +01:00
Claire
46b9ab8b81 Merge pull request #1675 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-01 21:41:58 +01:00
Claire
2341754c70 Merge branch 'main' into glitch-soc/merge-upstream 2022-02-01 20:59:28 +01:00
Alexandra Catalina
a8aba8a526 Update tootsuite/mastodon Docker tag to v3.4.5 (#17417)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-01 20:57:50 +01:00
Claire
2657ca3b5e Fix requiring an extra restart after recent post-deployment migrations (#17422)
Follow-up to #16409
2022-02-01 20:57:39 +01:00
Rohan Sharma
e96b704def Fixed prototype pollution bug and only allow trusted origin (#17420) 2022-02-01 17:34:48 +01:00
Claire
c7083702fa Bump version to 3.4.5 (#17402) 2022-01-31 21:27:40 +01:00
Claire
caca95dc85 Merge pull request #1674 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-01-31 10:51:11 +01:00
Claire
e56e9d5e03 Merge branch 'main' into glitch-soc/merge-upstream 2022-01-31 10:42:17 +01:00
Daniel Jakots
646789f51e Bump NODE_VER to 16.13.2, to solve security issues (#17399)
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
2022-01-31 00:32:03 +01:00
Claire
7389378eed Add more advanced migration tests (#17393)
- populate the database with some data when testing migrations
- try both one-step and two-step migrations (`SKIP_POST_DEPLOYMENT_MIGRATIONS`)
2022-01-30 23:50:08 +01:00
Claire
507cb23dc3 Change index corruption warning to be a little less scary (#17395) 2022-01-30 23:49:52 +01:00
Claire
f768251346 Merge pull request #1673 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-01-30 22:51:32 +01:00
Claire
71862291aa Fix edge case in migration helpers that caused crash because of PostgreSQL quirks (#17398) 2022-01-30 22:34:54 +01:00
Claire
a2bc2e14c6 Merge branch 'main' into glitch-soc/merge-upstream 2022-01-30 22:33:30 +01:00
Claire
c3e77d07d2 Fix some old migration scripts (#17394)
* Fix some old migration scripts

* Fix edge case in two-step migration from older releases
2022-01-30 21:38:54 +01:00
Claire
8919f6cf63 Change public profile pages to be disabled for unconfirmed users (#17385)
Fixes #17382

Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.
2022-01-28 14:24:37 +01:00