Matt Jankowski
a8aad4a45a
Fix Performance/RedundantMerge cop ( #24817 )
2 years ago
Matt Jankowski
bdbc9d0036
Fix Rails/CompactBlank cop ( #24690 )
2 years ago
Matt Jankowski
78f29479ab
Fix Rails/Present cop ( #24688 )
2 years ago
Nick Schonning
519ae8c0c6
Drop EOL Ruby 2.7 ( #24237 )
2 years ago
Nick Schonning
91f0da8563
Autofix Rubocop Style/NumericLiterals ( #24468 )
2 years ago
Claire
e03f9b38c5
Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )
2 years ago
Nick Schonning
2a0d2453b0
Autofix Rubocop Style/IdenticalConditionalBranches ( #24322 )
2 years ago
Eugen Rochko
c75fccf033
Change user settings to be stored in a more optimal way ( #23630 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2 years ago
Claire
af57bcd3cf
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2 years ago
Claire
852eb6ce7a
Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )
2 years ago
Jean byroot Boussier
08c2938b4a
Upgrade to latest redis-rb 4.x and fix deprecations ( #23616 )
...
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2 years ago
Jamie Hoyle
8f81dba434
Added support for specifying S3 storage classes in environment ( #22480 )
2 years ago
Eugen Rochko
d08bd66f42
Change rate limits to 1,500/5m per user, 300/5m per app ( #23347 )
2 years ago
luzpaz
11b7735fb3
Fix typos in source documentation ( #21046 )
...
Fixed 2 source comment/documentation typos
2 years ago
Claire
c863f76a62
Add logging for Rails cache timeouts ( #21667 )
...
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds
* Log cache store errors
2 years ago
Claire
d5fad31a45
Add form-action CSP directive ( #20781 )
2 years ago
trwnh
2e118aa0e6
Add missing admin scopes ( fix #20892 ) ( #20918 )
2 years ago
Eugen Rochko
c0b3ebd307
Fix wrong directive `unsafe-wasm-eval` to `wasm-unsafe-eval` ( #20729 )
2 years ago
prplecake
a4f1043bb3
Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP ( #20606 )
...
* Add "unsafe-eval" to script-src CSP
* Use 'unsafe-wasm-eval' instead of 'unsafe-eval'
2 years ago
Eugen Rochko
e18c8537e6
Fix rate limiting for paths with formats ( #20675 )
2 years ago
Matt Corallo
88b46d0a8f
Add `Cache-Control` header to openstack-stored files ( #20610 )
...
When storing files in S3, paperclip is configured with a Cache-Control header
indicating the file is immutable, however no such header was added when using
OpenStack storage.
Luckily Paperclip's fog integration makes this trivial, with a simple
`fog_file` `Cache-Control` default doing the trick.
2 years ago
David Hewitt
df557906fb
Allow unsetting x-amz-acl S3 Permission headers ( #20510 )
...
Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent.
This is tested as working with Cloudflare R2.
2 years ago
prplecake
d870657f80
Add "unsafe-eval" to script-src CSP ( #18817 )
2 years ago
Eugen Rochko
d53e1fc6d9
Fix vacuum scheduler missing lock, locks never expiring ( #19458 )
...
Remove vacuuming of orphaned preview cards
2 years ago
Eugen Rochko
a593188ded
Add user content translations with configurable backends ( #19218 )
2 years ago
Eugen Rochko
ecddc06474
Change "Allow trends without prior review" setting to include statuses ( #17977 )
...
* Change "Allow trends without prior review" setting to include posts
* Fix i18n-tasks
2 years ago
Jeong Arm
30113597e5
Support "http_hidden_proxy" ENV var for hidden service only proxy ( #18427 )
...
* Support "http_hidden_proxy" ENV var for hidden service only proxy
* Fallback to http_proxy if http_hidden_proxy is not set
2 years ago
Eugen Rochko
38d04135bf
Change how hashtags are normalized ( #18795 )
...
* Change how hashtags are normalized
* Fix tests
2 years ago
Claire
45a777f9d8
Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored ( #18568 )
2 years ago
Eugen Rochko
89d4d6fd3b
Fix confirmation redirect to app without `Location` header ( #18523 )
2 years ago
Eugen Rochko
f4cab3ebad
Change search indexing to use batches to minimize resource usage ( #18451 )
3 years ago
Eugen Rochko
a8e694233c
Fix opening and closing Redis connections instead of using a pool ( #18171 )
...
* Fix opening and closing Redis connections instead of using a pool
* Fix Redis connections not being returned to the pool in CLI commands
3 years ago
Claire
2d9ef045c5
Fix stoplight not using REDIS_NAMESPACE ( #18160 )
3 years ago
Eugen Rochko
553889bc7c
Fix single Redis connection being used across all threads ( #18135 )
...
* Fix single Redis connection being used across all Sidekiq threads
* Fix tests
3 years ago
Eugen Rochko
b7a6bba0b7
Fix cookies secure flag being set when served over Tor ( #17992 )
3 years ago
Holger
fb3fc6cab4
fix: `s3_force_single_request` not parsed ( #17922 )
3 years ago
Eugen Rochko
5a7219e532
Refactor formatter ( #17828 )
...
* Refactor formatter
* Move custom emoji pre-rendering logic to view helpers
* Move more methods out of Formatter
* Fix code style issues
* Remove Formatter
* Add inline poll options to RSS feeds
* Remove unused helper method
* Fix code style issues
* Various fixes and improvements
* Fix test
3 years ago
Claire
c3551f4f80
Fix PgHero suggesting migrations ( #17807 )
...
* Fix PgHero suggesting migrations
Fixes #17768
* Keep migration suggestions in development env
3 years ago
Yamagishi Kazutoshi
1d96010836
Fix LetterOpennerWeb CSP ( #17770 )
3 years ago
dependabot[bot]
0bc38b0a8a
Bump rack-attack from 6.5.0 to 6.6.0 ( #17405 )
...
* Bump rack-attack from 6.5.0 to 6.6.0
Bumps [rack-attack](https://github.com/rack/rack-attack ) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/rack/rack-attack/releases )
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0 )
---
updated-dependencies:
- dependency-name: rack-attack
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fix usage of deprecated API
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
3 years ago
chandrn7
ce5bebf108
Allow login through OpenID Connect ( #16221 )
...
* added OpenID Connect as an SSO option
* minor fixes
* added comments, removed an option that shouldn't be set
* fixed Gemfile.lock
* added newline to end of Gemfile.lock
* removed tab from Gemfile.lock
* remove chomp
* codeclimate changes and small name change to make function's purpose clearer
* codeclimate fix
* added SSO buttons to /about page
* minor refactor
* minor style change
* removed spurious change
* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth
* minor changes
3 years ago
Josh Soref
1c070bd94c
Spelling ( #17705 )
...
* spelling: account
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: affiliated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: appearance
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: autosuggest
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: cacheable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: component
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: conversations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: domain.example
Clarify what's distinct and use RFC friendly domain space.
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: environment
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: exceeds
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: functional
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: inefficiency
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: not
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: notifications
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: occurring
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: position
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: progress
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: promotable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: reblogging
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: repetitive
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: resolve
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: saturated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: similar
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: strategies
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: success
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: targeting
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: thumbnails
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unauthorized
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unsensitizes
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: validations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: various
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
3 years ago
luzpaz
b97e7364f3
Fix various typos ( #17621 )
...
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
3 years ago
Claire
9f9e82918f
Fix error when trying to register ( #17600 )
3 years ago
zunda
8009c67a09
Avoid return within block ( #17590 )
...
This prevents the error: LocalJumpError (unexpected return)
3 years ago
Jeong Arm
ec4e4ada63
Throttle IPv6 signup for subnet ( #17588 )
3 years ago
Claire
12bb24ea35
Remove support for OAUTH_REDIRECT_AT_SIGN_IN ( #17287 )
...
Fixes #15959
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
3 years ago
Eugen Rochko
7b3972c270
Remove IP tracking columns from users table ( #16409 )
3 years ago
Jeong Arm
df31a1a8e6
Fix media API limit ( #17272 )
3 years ago
Eugen Rochko
9a8784829f
Fix warnings on Rails boot ( #16946 )
3 years ago