Claire
9541605024
Fix ActiveRecord monkey-patching migration hack
2021-03-24 10:55:02 +01:00
Claire
d10b08ea1f
Merge branch 'main' into glitch-soc/merge-upstream
2021-03-24 10:53:50 +01:00
Claire
f60c99a8fb
Merge branch 'main' into glitch-soc/merge-upstream
2021-03-24 10:53:50 +01:00
dependabot[bot]
5119cd8a0b
Bump brakeman from 4.10.1 to 5.0.0 ( #15656 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.10.1...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-24 10:53:23 +01:00
dependabot[bot]
88d69d3261
Bump brakeman from 4.10.1 to 5.0.0 ( #15656 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.10.1...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-24 10:53:23 +01:00
Yurii Izorkin
d38973427f
templates/systemd/mastodon: enable sandbox mode ( #15937 )
2021-03-24 10:46:13 +01:00
Yurii Izorkin
297a3cf904
templates/systemd/mastodon: enable sandbox mode ( #15937 )
2021-03-24 10:46:13 +01:00
Claire
b2a89bf38e
Update Mastodon to Rails 6.1 ( #15910 )
...
* Update devise-two-factor to unreleased fork for Rails 6 support
Update tests to match new `rotp` version.
* Update nsa gem to unreleased fork for Rails 6 support
* Update rails to 6.1.3 and rails-i18n to 6.0
* Update to unreleased fork of pluck_each for Ruby 6 support
* Run "rails app:update"
* Add missing ActiveStorage config file
* Use config.ssl_options instead of removed ApplicationController#force_ssl
Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.
* Fix nonce directives by removing Rails 5 specific monkey-patching
* Fix fixture_file_upload deprecation warning
* Fix yield-based test failing with Rails 6
* Use Rails 6's index_with when possible
* Use ActiveRecord::Cache::Store#delete_multi from Rails 6
This will yield better performances when deleting an account
* Disable Rails 6.1's automatic preload link headers
Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.
In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.
* Switch to Rails 6.0 default config
* Switch to Rails 6.1 default config
* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire
cbd0ee1d07
Update Mastodon to Rails 6.1 ( #15910 )
...
* Update devise-two-factor to unreleased fork for Rails 6 support
Update tests to match new `rotp` version.
* Update nsa gem to unreleased fork for Rails 6 support
* Update rails to 6.1.3 and rails-i18n to 6.0
* Update to unreleased fork of pluck_each for Ruby 6 support
* Run "rails app:update"
* Add missing ActiveStorage config file
* Use config.ssl_options instead of removed ApplicationController#force_ssl
Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.
* Fix nonce directives by removing Rails 5 specific monkey-patching
* Fix fixture_file_upload deprecation warning
* Fix yield-based test failing with Rails 6
* Use Rails 6's index_with when possible
* Use ActiveRecord::Cache::Store#delete_multi from Rails 6
This will yield better performances when deleting an account
* Disable Rails 6.1's automatic preload link headers
Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.
In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.
* Switch to Rails 6.0 default config
* Switch to Rails 6.1 default config
* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire
edc41c6e17
Change mastodon:setup to not call assets:precompile in docker ( #13942 )
...
It appears assets are built during image build, and they shouldn't need
to be rebuilt, since we now have reproducible builds.
2021-03-24 10:37:24 +01:00
Claire
82556834cf
Change mastodon:setup to not call assets:precompile in docker ( #13942 )
...
It appears assets are built during image build, and they shouldn't need
to be rebuilt, since we now have reproducible builds.
2021-03-24 10:37:24 +01:00
Claire
f0e6f3a1d7
Fix Mastodon not understanding as:Public and Public ( #15948 )
...
Fixes #5551
2021-03-24 10:19:40 +01:00
Claire
1c4dee4554
Fix Mastodon not understanding as:Public and Public ( #15948 )
...
Fixes #5551
2021-03-24 10:19:40 +01:00
Claire
c9a92dd35a
Fix compose form behavior in mobile view ( #15555 )
...
* Fix ComposeForm being mounted twice in mobile view
Fixes #13094
* Fix compose form focus and pre-selection behavior in mobile view
* Split _updateFocusAndSelection out of componentDidUpdate
2021-03-24 10:19:07 +01:00
Claire
034f37b85a
Fix compose form behavior in mobile view ( #15555 )
...
* Fix ComposeForm being mounted twice in mobile view
Fixes #13094
* Fix compose form focus and pre-selection behavior in mobile view
* Split _updateFocusAndSelection out of componentDidUpdate
2021-03-24 10:19:07 +01:00
Claire
4d596eeade
Merge pull request #1515 from ClearlyClaire/glitch-soc/features/notifications-design
...
Change notification settings UI to be more compact
2021-03-24 10:14:42 +01:00
Claire
d7c1c41859
Merge pull request #1515 from ClearlyClaire/glitch-soc/features/notifications-design
...
Change notification settings UI to be more compact
2021-03-24 10:14:42 +01:00
Claire
90cd93f49a
Switch from deprecated ClusterWS/cws to ws package ( #15932 )
...
* Switch from deprecated ClusterWS/cws to ws package
Fixes #15184
Co-authored-by: Edho Arief <me@nanaya.pro>
* Make bufferutil and utf-8-validate optional dependencies
Co-authored-by: Edho Arief <me@nanaya.pro>
2021-03-24 09:37:41 +01:00
Claire
49814d5799
Switch from deprecated ClusterWS/cws to ws package ( #15932 )
...
* Switch from deprecated ClusterWS/cws to ws package
Fixes #15184
Co-authored-by: Edho Arief <me@nanaya.pro>
* Make bufferutil and utf-8-validate optional dependencies
Co-authored-by: Edho Arief <me@nanaya.pro>
2021-03-24 09:37:41 +01:00
dependabot[bot]
c8908a35b7
Bump react-select from 3.2.0 to 4.0.2 ( #15624 )
...
* Bump react-select from 3.2.0 to 4.0.2
Bumps [react-select](https://github.com/JedWatson/react-select ) from 3.2.0 to 4.0.2.
- [Release notes](https://github.com/JedWatson/react-select/releases )
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md )
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.2.0...react-select@4.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
* Add cacheKey to NonceProvider for react-select
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-03-22 15:41:47 +09:00
dependabot[bot]
c3aef491d6
Bump react-select from 3.2.0 to 4.0.2 ( #15624 )
...
* Bump react-select from 3.2.0 to 4.0.2
Bumps [react-select](https://github.com/JedWatson/react-select ) from 3.2.0 to 4.0.2.
- [Release notes](https://github.com/JedWatson/react-select/releases )
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md )
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.2.0...react-select@4.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
* Add cacheKey to NonceProvider for react-select
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-03-22 15:41:47 +09:00
dependabot[bot]
22763902bf
Bump aws-sdk-s3 from 1.91.0 to 1.92.0 ( #15938 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.91.0 to 1.92.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:39:39 +01:00
dependabot[bot]
1b3ebcfe53
Bump aws-sdk-s3 from 1.91.0 to 1.92.0 ( #15938 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.91.0 to 1.92.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:39:39 +01:00
dependabot[bot]
50a56ad8c3
Bump css-loader from 5.1.2 to 5.1.3 ( #15940 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 5.1.2 to 5.1.3.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.2...v5.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:39:19 +01:00
dependabot[bot]
6b5cda6ec3
Bump css-loader from 5.1.2 to 5.1.3 ( #15940 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 5.1.2 to 5.1.3.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.2...v5.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:39:19 +01:00
dependabot[bot]
e02c954ed2
Bump rspec-rails from 5.0.0 to 5.0.1 ( #15939 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:38:54 +01:00
dependabot[bot]
229968bdff
Bump rspec-rails from 5.0.0 to 5.0.1 ( #15939 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:38:54 +01:00
dependabot[bot]
f2916a3098
Bump ox from 2.14.3 to 2.14.4 ( #15941 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.14.3 to 2.14.4.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.14.3...v2.14.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:38:23 +01:00
dependabot[bot]
b5288798a8
Bump ox from 2.14.3 to 2.14.4 ( #15941 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.14.3 to 2.14.4.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.14.3...v2.14.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:38:23 +01:00
dependabot[bot]
96e3599dbb
Bump sidekiq from 6.1.3 to 6.2.0 ( #15943 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.1.3 to 6.2.0.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.3...v6.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:37:51 +01:00
dependabot[bot]
64942fa31d
Bump sidekiq from 6.1.3 to 6.2.0 ( #15943 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.1.3 to 6.2.0.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.3...v6.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:37:51 +01:00
dependabot[bot]
a97c88abc5
Bump blurhash from 0.1.4 to 0.1.5 ( #15942 )
...
Bumps [blurhash](https://github.com/Gargron/blurhash ) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/Gargron/blurhash/releases )
- [Commits](https://github.com/Gargron/blurhash/commits/v0.1.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:36:13 +01:00
dependabot[bot]
472d5005c0
Bump blurhash from 0.1.4 to 0.1.5 ( #15942 )
...
Bumps [blurhash](https://github.com/Gargron/blurhash ) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/Gargron/blurhash/releases )
- [Commits](https://github.com/Gargron/blurhash/commits/v0.1.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:36:13 +01:00
dependabot[bot]
ee0c66df1e
Bump sidekiq-unique-jobs from 7.0.4 to 7.0.7 ( #15944 )
...
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs ) from 7.0.4 to 7.0.7.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases )
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.0.4...v7.0.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:35:46 +01:00
dependabot[bot]
829a598f1d
Bump sidekiq-unique-jobs from 7.0.4 to 7.0.7 ( #15944 )
...
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs ) from 7.0.4 to 7.0.7.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases )
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.0.4...v7.0.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:35:46 +01:00
Sandro
bc5683f1b4
Docker: Use precompiled jemalloc, format, apply hadolint suggestions ( #10823 )
...
* Format, apply hadolint suggestions, little nitpicks
* Use pre compiled jemalloc
* Use tini from package repository
2021-03-20 21:21:57 +01:00
Sandro
46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions ( #10823 )
...
* Format, apply hadolint suggestions, little nitpicks
* Use pre compiled jemalloc
* Use tini from package repository
2021-03-20 21:21:57 +01:00
Claire
d27331e99a
Fix brakeman warning ( #15870 )
...
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.
This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
Claire
876840e9ef
Fix brakeman warning ( #15870 )
...
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.
This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
Claire
ebe08f4335
Bypass MX validation for explicitly allowed domains ( #15930 )
...
* Bypass MX validation for explicitly allowed domains
This spares some lookups and prevent issues in some edge cases with
local domains.
* Add tests
* Fix test
2021-03-19 23:48:47 +01:00
Claire
051efed5ed
Bypass MX validation for explicitly allowed domains ( #15930 )
...
* Bypass MX validation for explicitly allowed domains
This spares some lookups and prevent issues in some edge cases with
local domains.
* Add tests
* Fix test
2021-03-19 23:48:47 +01:00
Claire
bb510a1454
Fix push notification title for polls ( #15931 )
2021-03-19 23:47:31 +01:00
Claire
d023eefbcc
Fix push notification title for polls ( #15931 )
2021-03-19 23:47:31 +01:00
Claire
1516b46bfa
Fixing the hero widget ( #15926 )
...
* Removing last-child padding conflicts with light theme in hero widget
* Add missing background color to widget
* Reset widget.scss to default
* Hope this works
Co-authored-by: koyu <me@koyu.space>
2021-03-19 20:23:32 +01:00
Claire
5d48402be1
Fixing the hero widget ( #15926 )
...
* Removing last-child padding conflicts with light theme in hero widget
* Add missing background color to widget
* Reset widget.scss to default
* Hope this works
Co-authored-by: koyu <me@koyu.space>
2021-03-19 20:23:32 +01:00
Claire
eee8cedfd4
Fix custom CSS when CDN_HOST is set ( #15927 )
2021-03-19 20:23:08 +01:00
Claire
39a490c70e
Fix custom CSS when CDN_HOST is set ( #15927 )
2021-03-19 20:23:08 +01:00
Claire
4c9e572798
Add missing push notification title for polls ( #15929 )
2021-03-19 20:22:49 +01:00
Claire
0ff4264c3e
Add missing push notification title for polls ( #15929 )
2021-03-19 20:22:49 +01:00
Marcin Mikołajczak
4be836871a
Add missing en.notification_mailer.status.subject
( #15564 )
...
* Add missing `en.notification_mailer.status.subject`
* Update en.yml
2021-03-19 17:15:59 +01:00