Commit Graph

1448 Commits

Author SHA1 Message Date
Claire dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski 50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Matt Jankowski 683ba5ecb1
Fix rails `rewhere` deprecation warning in directories api controller (#25625) 2023-07-01 21:48:16 +02:00
jsgoldstein 4581a528f7
Change account search to match by text when opted-in (#25599)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-06-29 13:05:21 +02:00
Claire 602c458ab6
Add finer permission requirements for managing webhooks (#25463) 2023-06-22 14:52:25 +02:00
Claire ebfeaebedb
Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-06-20 18:32:26 +02:00
Claire ec91ea4457
Fix missing validation on `default_privacy` setting (#25513) 2023-06-20 18:32:14 +02:00
Claire dd07393e75
Fix user settings not getting validated (#25508) 2023-06-19 14:06:06 +01:00
Daniel M Brasil d9c6f70cc6
Fix `ArgumentError` in `/api/v1/admin/accounts/:id/action` (#25386) 2023-06-14 15:21:36 +02:00
Claire ec59166844
Fix ArgumentError when loading newer Private Mentions (#25399) 2023-06-14 08:54:52 +02:00
Renaud Chaput 1cb4514d0e
Add missing report category translation (#25400) 2023-06-13 15:05:40 +02:00
Eugen Rochko 4c9406bdb0
Add time zone preference (#25342) 2023-06-10 03:29:37 +02:00
Eugen Rochko 67d17ce194
Add `legal` as report category (#23941) 2023-06-06 23:41:59 +02:00
Nick Schonning c66250abf1
Autofix Rubocop Regex Style rules (#23690)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
Eugen Rochko 4eda233e09
Add webhook templating (#23289)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 10:42:47 +02:00
Darius Kazemi bacb674921
Add exclusive lists (#22048)
Co-authored-by: Liam Cooke <liam@liamcooke.com>
Co-authored-by: John Holdun <john@johnholdun.com>
Co-authored-by: Effy Elden <effy@effy.space>
Co-authored-by: Lina Reyne <git@lina.pizza>
Co-authored-by: Lina <20880695+necropolina@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-05 09:37:02 +02:00
Claire 8884d1ece0
Add support for importing lists (#25203) 2023-06-01 14:47:31 +02:00
Claire 2b45fecde1
Fix multiple N+1s in ConversationsController (#25134) 2023-06-01 02:41:51 +02:00
Christian Schmidt 69057467cb
Translate CW, poll options and media descriptions (#24175)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-01 00:10:21 +02:00
Claire b6519ab3f5
Fix inconsistent naming of Instance.by_domain_and_subdomain (#25159) 2023-05-31 09:57:24 +02:00
Claire 1d588d58f1
Improve various queries against account domains (#25126) 2023-05-25 09:27:16 +02:00
Claire dfa5889fc0
Change Identity to not destroy associated User on destroy (#25098) 2023-05-23 15:00:36 +02:00
Matt Jankowski 9f5deb310b
Fix Performance/MapCompact cop (#24797)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-23 10:49:12 +02:00
Emelia Smith 19f9098551
Allow reports with long comments from remote instances, but truncate (#25028) 2023-05-22 13:15:21 +02:00
Claire bec6a1cad4
Add hCaptcha support (#25019) 2023-05-16 23:27:35 +02:00
Claire 3ed3d54bf3
Fix reports not being closed when performing batch suspensions (#24988) 2023-05-16 14:56:49 +02:00
Matt Jankowski 0b249ebdb0
Extract StatusSafeReblogInsert concern from Status (#24821) 2023-05-04 14:06:20 +02:00
Nick Schonning da3bd913ae
Autofix Rubocop Style/HashSyntax (#23754) 2023-05-04 05:54:26 +02:00
Matt Jankowski 2c6c398c60
Fix Performance/CollectionLiteralInLoop cop (#24819) 2023-05-04 05:33:55 +02:00
Claire a2a22bad23
Fix various edge cases with local moves (#24812) 2023-05-03 19:19:25 +02:00
Claire 1e75eb690d
Fix own posts not getting delivered to own lists (#24810) 2023-05-03 19:17:40 +02:00
Matt Jankowski a0c9f2447e
Fix Performance/MethodObjectAsBlock cop (#24798) 2023-05-03 10:30:54 +02:00
Matt Jankowski b5c4b47746
Fix Rails/ActiveRecordCallbacksOrder cop (#24689) 2023-05-02 18:23:35 +02:00
Matt Jankowski 38b2974a83
Extract AccountSearch concern from Account (#24716) 2023-05-02 18:21:36 +02:00
Matt Jankowski f1c1dd0118
Rename `with_lock` to `with_redis_lock` to avoid confusion with ActiveRecord's method (#24741) 2023-05-02 18:16:07 +02:00
Matt Jankowski 5e060e1f44
Fix Performance/Sum cop (#24788) 2023-05-02 16:10:40 +02:00
Claire 6693a4fe7c
Change lists to be able to include accounts with pending follow requests (#19727) 2023-05-02 14:40:36 +02:00
Matt Jankowski 88d33f361f
Fix Lint/DuplicateBranch cop (#24766) 2023-05-02 12:57:11 +02:00
Claire 32a030dd74
Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski d902a707a3
Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
Matt Jankowski af824db398
Fix Rails/InverseOf cop (#24732) 2023-04-30 14:06:53 +02:00
Nick Schonning 49fad26eca
Drop EOL Ruby 2.7 (#24237) 2023-04-27 01:46:18 +02:00
Claire b0eba1a060
Minor clean up and optimization of the automatic post deletion code (#24613) 2023-04-21 16:53:50 +02:00
Robert R George 4db8230194
Add trend management to admin API (#24257) 2023-04-18 11:33:30 +02:00
Heitor de Melo Cardozo bc75e62ca6
Change moderation search an account using the username with @ (#24242) 2023-04-17 14:16:36 +02:00
Claire f53d009778
Refactor `Status._insert_record` slightly and tighten the test around reblogs of discarded statuses (#24516) 2023-04-12 12:47:05 +02:00
Kuba Suder aca2cd1528
fixed typo in a constant name (#24511) 2023-04-12 10:06:57 +02:00
Claire 0e919397db
Fix unescaped user input in LDAP query (#24379) 2023-04-04 12:42:38 +02:00
Nick Schonning cb2ce842b0
Autofix Rubocop Rails/IgnoredColumnsAssignment (#23761) 2023-03-31 15:07:22 +02:00
Christian Schmidt b4f38edf74
Wrong type for user setting when default is defined by lambda (#24321) 2023-03-31 07:33:17 +02:00
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire e084b5b82d
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
Eugen Rochko 9bda933740
Change media upload limits and remove client-side resizing (#23726) 2023-03-25 10:00:03 +01:00
Claire 2626097869
Fix Rails cache namespace being overriden with `v2` for cached statuses (#24202) 2023-03-22 15:47:44 +01:00
Takeshi Umeda 38c84f57b6
Refactoring relations_map (#24195) 2023-03-21 10:32:58 +01:00
Vyr Cossont 94cbd808b5
Webhooks for local status.create, status.update, account.update (#24133) 2023-03-19 07:47:54 +01:00
Eugen Rochko 75e5a6e437
Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:46:52 +01:00
Christian Schmidt bd047acc35
Replace `Status#translatable?` with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Claire 86f8aa2db2
Fix unconfirmed accounts being registered as active users (#23803) 2023-03-06 16:00:08 +01:00
Jean byroot Boussier 922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Christian Schmidt 5a8c651e8f
Only offer translation for supported languages (#23879) 2023-03-03 21:06:31 +01:00
Claire 6b16b77ab0
Fix external authentication not running onboarding code for new users (#23458) 2023-03-03 20:45:55 +01:00
Claire f8bb4d0d6b
Fix server error when failing to follow back followers from `/relationships` (#23787) 2023-03-03 20:36:18 +01:00
Claire c2a046ded1
Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-03 20:25:15 +01:00
Matt Jankowski af578e8ce0
Fix deprecation warning about merging conditions (#23618) 2023-03-02 16:21:04 +01:00
Matt Jankowski 4bb39ac3c3
Fix single-record invalid condition on PollVote (#23810) 2023-02-27 09:31:15 +01:00
Claire f682478de8
Fix inefficiency when searching accounts per username in admin interface (#23801) 2023-02-22 11:53:13 +01:00
Nick Schonning 9909b4b653
Autofix Rubocop Rails/WhereEquals (#23759) 2023-02-21 03:20:56 +09:00
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning d2dcb6c45a
Autofix Rubocop Style/UnpackFirst (#23741) 2023-02-20 06:51:43 +01:00
Nick Schonning 63e6353886
Autofix Rubocop Rails/EnumHash (#23737) 2023-02-20 05:00:36 +01:00
Nick Schonning 597767a9f7
Autofix Rubocop Rails/RedundantForeignKey (#23731) 2023-02-20 02:19:40 +01:00
Nick Schonning 2177daeae9
Autofix Rubocop Style/RedundantBegin (#23703) 2023-02-19 07:09:40 +09:00
Nick Schonning ab7816a414
Autofix Rubocop Style/Lambda (#23696) 2023-02-18 12:39:00 +01:00
Nick Schonning e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning a6f77aa28a
Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#23681) 2023-02-18 04:30:23 +01:00
Nick Schonning 669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Aaron Patterson fb8503e861
Upgrade to Ruby 3.2 (#22928)
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-15 08:30:27 +01:00
Claire a9c220242b
Fix admin-set follow recommandations being case-sensitive (#23500)
Fixes #23472
2023-02-10 11:14:58 +01:00
Claire 67de888bad
Fix server status URL being a required server setting (#23499) 2023-02-10 10:20:43 +01:00
Nick Schonning 0592937264
Apply Rubocop Rails/WhereNot (#23448)
* Apply Rubocop Rails/WhereNot

* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning 0d1f192c54
Apply Rubocop Performance/BlockGivenWithExplicitBlock (#23441)
* Apply Rubocop Performance/BlockGivenWithExplicitBlock

* Unprefix used block parameter
2023-02-08 10:36:23 +01:00
Nick Schonning f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Nick Schonning 8c1b65c7dd
Apply Rubocop Style/RedundantAssignment (#23452) 2023-02-08 07:06:50 +01:00
Nick Schonning cec005068f
Apply Rubocop Performance/RedundantBlockCall (#23440) 2023-02-08 00:58:18 +01:00
Nick Schonning ed570050c6
Autofix Rails/EagerEvaluationLogMessage (#23429)
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Eugen Rochko 8f590b0a21
Add setting for status page URL (#23390) 2023-02-04 04:56:06 +01:00
Claire 13a2abacc8
Add `roles` attribute to Account entities in REST API (#23255) 2023-01-25 19:55:40 +01:00
Claire 6883fddb19
Fix account activation being triggered before email confirmation (#23245)
* Add tests

* Fix account activation being triggered before email confirmation

Fixes #23098
2023-01-24 19:40:21 +01:00
Jeong Arm a1abda39dd
Fix Account Strike causing PG not null validation error (#23178) 2023-01-21 10:22:22 +01:00
Claire 3970a6f433
Add option to make the landing page be /about even when trends are enabled (#20808)
* Add option to make the landing page be /about even when trends are enabled

* Restablish /explore as landing page by default
2023-01-18 16:43:58 +01:00
Claire 343e1fe8e9
Add confirmation screen when handling reports (#22375)
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
2023-01-18 16:40:09 +01:00
Claire d1387579b9
Fix situations in which instance actor can be set to a Mastodon-incompatible name (#22307)
* Validate internal actor

* Use “internal.actor” by default for the server actor username

* Fix instance actor username on the fly if it includes ':'

* Change actor name from internal.actor to mastodon.internal
2023-01-18 16:33:03 +01:00
Claire fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists (#21470)
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
David Freedman ff70e50199
Don't crash on unobtainable avatars (#22462) 2023-01-13 16:40:06 +01:00
Claire 21a1a8ee88
Fix crash when marking statuses as sensitive while some statuses are deleted (#22134)
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments

* Fix crash when marking statuses as sensitive while some statuses are deleted

Fixes #21910

* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”

* Add tests
2023-01-13 10:46:52 +01:00
Kaspar V ae62e5fa53
Fix/remove calling private method with send in model (#22951)
* fix(status): remove send usage for private unlink_from_conversations

- make unlink_from_conversations public method
- rename unlink_from_conversations to unlink_from_conversations!
- fix send call on private method in statuses_vacuum and batched_remove_status_service

* fix(feeds_vacuum): replace find_in_batches with in_batches

because active record query results should be a little more efficient than
itterating with map and each. Postgres can grasp such lists of ids much quicker
than ruby can.
Will probably make allmost no difference, but cannot hurt either.
2023-01-11 21:57:24 +01:00
Darius Kazemi 264655c53a
Fix account search not returning followed accounts first (#22956)
* Make autosuggest for mentions return followed accounts first

This makes it so that (when elasticsearch is disabled) when a user types '@foo' in the compose box, they are first going to get accounts they follow ordered by the ranking algorithm, and then second they will get accounts they do not follow, also ordered by the ranking algorithm.

This makes behavior more consistent with user expectation and also with results when elasticsearch is enabled.

* Fix ranking order to correct direction

* One more fixup per @gargron suggestion

* Tweak to ranking to no longer include following modifier
2023-01-06 07:35:52 +01:00
Claire acec1fb745
Fix site upload validations (#22479)
* Fix site settings media upload handling of DimensionsValidationError

Fixes #22234

* Fix underlying validations not being performed for site uploads
2023-01-05 13:42:03 +01:00