Commit Graph

1373 Commits

Author SHA1 Message Date
Claire a482932649 Merge commit '6f7615ba86afda56e1d661442286a1d68467a525' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/application_controller.rb`:
  Not a real conflict, upstream fixed a bug in a line adjacent to code
  modified by glitch-soc.
  Ported upstream's change.
2024-02-27 19:20:57 +01:00
Matt Jankowski 76d256138e
Wrap media attachment size calculation in `COALESCE` (#29415) 2024-02-27 11:52:37 +00:00
Claire ef3d15554b Merge commit 'c645490d553124d800d30488595f7d2d9d61584d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept glitch-soc's README.
- `app/models/account.rb`:
  Not a real conflict, upstream updated some lines textually adjacent
  to glitch-soc-specific lines.
  Ported upstream's changes.
2024-02-24 14:46:14 +01:00
Emelia Smith 436419cc2f Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:25:15 +01:00
Emelia Smith 68eaa804c9
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:15:34 +01:00
Claire eff447a455
Rewrite signature verification using regexps and `StringScanner` (#29133) 2024-02-07 17:24:42 +00:00
Claire 7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 2024-02-07 13:35:37 +00:00
Claire ff58ec0103 Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:57:08 +01:00
Claire 1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Claire 5fa2821853 Merge commit '3205a654caf903002c2db872f802a3332201678b' into glitch-soc/merge-upstream 2024-01-26 20:47:20 +01:00
Claire 70de52c297 Merge commit '7a1f087659204e9d0cbba2de37e45b1921cefe20' into glitch-soc/merge-upstream 2024-01-25 19:51:19 +01:00
KMY(雪あすか) 9a8293f58d
Fix process of receiving posts with bearcaps is not working (#26527) 2024-01-25 10:37:09 +00:00
Matt Jankowski 1290fede65
Fix `Rails/WhereExists` cop in app/lib (#28862) 2024-01-24 11:51:09 +00:00
Eugen Rochko b19ae521b7
Add confirmation when redirecting logged-out requests to permalink (#27792)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 10:49:19 +00:00
Matt Jankowski 7a1f087659
Add `created_before` and `updated_before` scopes to `MediaAttachment` (#28869) 2024-01-24 10:32:54 +00:00
Eugen Rochko 5b1eb09d54
Add annual reports for accounts (#28693) 2024-01-24 09:38:10 +00:00
Claire 0700eb58bc Merge commit '163db814c2b3cf544b78e427e7f7bbd99b94a025' into glitch-soc/merge-upstream 2024-01-22 19:12:05 +01:00
Matt Jankowski fd64817fbe
Fix `Rails/WhereExists` cop in app/lib/status_cache_hydrator (#28808) 2024-01-19 09:19:48 +00:00
Claire 2f521bc84a Merge commit 'a2f02a07758c32f0dcc6388b4f30ca5a84e762f3' into glitch-soc/merge-upstream 2024-01-15 20:27:41 +01:00
Claire 464051c2d2 Merge commit '1070804a1a6121170f7bba923789d73b978e6fe7' into glitch-soc/merge-upstream 2024-01-15 20:06:31 +01:00
Matt Jankowski a2f02a0775
Disable `Rails/SkipsModelValidations` cop (#28712) 2024-01-15 13:46:47 +00:00
Claire 1070804a1a
Fix `RedownloadMediaWorker` not being called on transient S3 failure (#28714) 2024-01-12 17:00:17 +00:00
MitarashiDango 2c05b8a60d
Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-12 15:58:28 +00:00
Claire 630b245bb4 Merge commit '9a73a7dcaf2e383b2ec105d71bfcea2c48cbea10' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/settings/scoped_settings.rb`:
  Removed upstream, while glitch-soc had a change related to its theming system.
  Removed as well, as it's unused.
2024-01-11 12:59:27 +01:00
Claire 47d213e701 Merge commit '5dc634796aba951f6a085e1ed0e1b807e25d7d41' into glitch-soc/merge-upstream 2024-01-10 18:41:04 +01:00
Claire 0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire 10203bd57a
Clean up `Setting` model and remove dead code (#28661) 2024-01-09 14:01:53 +00:00
Matt Jankowski 3e7a9266ea
Remove unused `EmojiFormatter#count_tag_nesting` method (#28643) 2024-01-08 13:36:47 +00:00
Claire 5f4643b895
Add `PAPERCLIP_ROOT_URL` to Content-Security-Policy when used (#28561) 2024-01-05 10:45:36 +00:00
Claire 9d9008666b Merge commit '092bb8a27af9ee87ff9ebabaf354477470ea3a94' into glitch-soc/merge-upstream 2024-01-03 12:38:49 +01:00
Claire 092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-03 11:29:26 +00:00
Claire c5b0e6d5a0 Merge branch 'main' into glitch-soc/merge-upstream 2023-12-28 16:57:10 +01:00
Claire 19e14654cc
Reduce CSP configuration changes with upstream (#2536) 2023-12-27 09:54:05 +01:00
Claire ea6c187fca Fix media attachment order of remote posts (#28469) 2023-12-22 18:45:36 +01:00
Claire 2bf84b93d4
Fix media attachment order of remote posts (#28469) 2023-12-22 15:10:39 +00:00
Claire 30ee7339d3 Merge commit '7d9b209fe84b00eff348ea9d54905cbfffa79788' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream changed code style change, including on a line modified by glitch-soc.
  Kept glitch-soc's line but with the code style change applied.
2023-12-21 19:31:12 +01:00
Claire a60b9acf3c Merge commit 'b2f915b31ae884e3893e93a99da4e2b8d7e9ef7b' into glitch-soc/merge-upstream 2023-12-21 19:04:20 +01:00
Claire 6e56f95285 Merge commit '4a7395d989e40c3bd4ef18173aa5ea850c8ddcdd' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream modified its README, we have a completely different one.
  Kept our README file.
2023-12-21 18:17:17 +01:00
Claire 077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
2023-12-20 22:16:50 +01:00
Claire 75580360cd Merge commit '272592d16d40e804ec325ef3b5e6de9bbad5f2dd' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
  `Metrics/AbcSize` cop.
  Glitch-soc has different code and slightly higher `AbcSize` complexity,
  modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
  Upstream changed `account.suspended?` to `account.unavailable?` to prepare
  for delete flags. Glitch-soc has additional local-only conditions.
  Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
  Upstream refactored a bunch of stuff while glitch-soc has more settings.
  Refactored as upstream did while keeping glitch-soc's settings.
2023-12-20 22:05:31 +01:00
Claire b8209c3b96 Merge commit '85662a5a57531af5402a6777d0b1089e78c56815' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
  Upstream reworked the CSP, we kept our version for now.
2023-12-20 20:10:45 +01:00
Eugen Rochko b5ac61b2c5
Change algorithm of follow recommendations (#28314)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-19 10:59:43 +00:00
Claire d6ad9d351e Merge commit 'a36b59be8ad7656b7ceab9751c9ec5b3563e3a30' into glitch-soc/merge-upstream 2023-12-18 19:10:43 +01:00
Claire 46ddaffd40 Merge commit 'b87bfb8c96c8491f1228e0258d05119f3420db05' into glitch-soc/merge-upstream 2023-12-18 18:34:25 +01:00
Matt Jankowski 0e5b8fc46b
Fix `Style/RedundantReturn` cop (#28391) 2023-12-18 09:50:51 +00:00
Claire 4113fbf6e8 Merge commit 'f476d9dab2f5cca6ae44b95961df6b6557d66dab' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream enforced new code style rules, where we had different code.
  Applied the new code style rules.
2023-12-17 23:04:16 +01:00
Claire ddf3ad9541 Merge commit '3bf896c973404261f4f7b25c25ea22adb1a85e7d' into glitch-soc/main
Conflicts:
- `package.json`:
  Upstream removed a dependency textually close to a glitch-only dependency.
  Updated as upstream while keeping our dependency.
2023-12-17 17:43:30 +01:00
Claire 1474318691 Merge commit 'a916251d8a8fffcaeb6be80eacf50138a53650dc' into glitch-soc/main
Conflicts:
- `app/models/trends/statuses.rb`:
  Upstream fixed a bug in the trending post condition.
  Glitch-soc's condition is different because we potentially allow CWed content
  to trend.
  Ported upstream's fix while keeping glitch-soc's change.
- `config/initializers/content_security_policy.rb`:
  Kept our version for now, we will switch to upstream later down the road.
2023-12-17 15:32:29 +01:00
Claire dcc24db793
Fix N+1s because of association preloaders not actually getting called (#28339) 2023-12-13 07:47:32 +00:00
Michael Stanclift afc8550b63
Change preview card deletes to be done using batch method (#28183) 2023-12-11 07:49:10 +00:00