Claire
|
1726085db5
|
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation
* Bump version to 4.3.0-alpha.1
|
2024-02-01 15:56:46 +01:00 |
Matt Jankowski
|
42ab855b23
|
Add specs for `Instance` model scopes and add `with_domain_follows` scope (#28767)
|
2024-01-25 15:28:27 +00:00 |
Matt Jankowski
|
17ea22671d
|
Fix `Style/GuardClause` cop in app/controllers (#28420)
|
2024-01-25 15:13:41 +00:00 |
Matt Jankowski
|
7c9c6c7f80
|
Fix remaining `Rails/WhereExists` cop violations, regenerate todo (#28892)
|
2024-01-25 12:37:07 +00:00 |
Claire
|
c50274a0ac
|
Fix redirect confirmation for accounts (#28902)
|
2024-01-25 10:44:25 +00:00 |
Eugen Rochko
|
b19ae521b7
|
Add confirmation when redirecting logged-out requests to permalink (#27792)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2024-01-24 10:49:19 +00:00 |
Eugen Rochko
|
5b1eb09d54
|
Add annual reports for accounts (#28693)
|
2024-01-24 09:38:10 +00:00 |
Matt Jankowski
|
c0e8e457ab
|
Eager loading fixes for `api/` controllers (#28848)
|
2024-01-23 11:41:54 +00:00 |
Claire
|
e2d9635074
|
Add notification email on invalid second authenticator (#28822)
|
2024-01-22 13:55:43 +00:00 |
Matt Jankowski
|
18004bf227
|
Add `Account.matches_uri_prefix` scope and use in activitypub/followers_synchronizations controller (#28820)
|
2024-01-22 13:55:37 +00:00 |
Matt Jankowski
|
7ecf7f5403
|
Move controller->request specs for api/v1/statuses/* (#28818)
|
2024-01-22 11:58:54 +00:00 |
Claire
|
3593ee2e36
|
Add rate-limit of TOTP authentication attempts at controller level (#28801)
|
2024-01-19 12:19:49 +00:00 |
Matt Jankowski
|
329911b0a3
|
Migrate controller->request spec for api/v1/follow* (#28811)
|
2024-01-19 09:32:41 +00:00 |
Matt Jankowski
|
1480573c83
|
Add `Account.auditable` scope, fix N+1 in admin/action_logs#index (#28812)
|
2024-01-19 01:39:30 +00:00 |
Matt Jankowski
|
0b853678a4
|
Add coverage for `api/v1/peers/search` endpoint and extract controller query to Instance scope (#28796)
|
2024-01-18 15:57:10 +00:00 |
Claire
|
98b5f85f10
|
Rename and refactor `User#confirm!` to `User#mark_email_as_confirmed!` (#28735)
|
2024-01-15 18:04:58 +00:00 |
Matt Jankowski
|
e72676e83a
|
Improve `api/v1/markers#create` performance against simultaneous requests (#28718)
|
2024-01-15 09:47:25 +00:00 |
Matt Jankowski
|
7801db7ba4
|
Spec coverage for custom css endpoint (#28706)
|
2024-01-12 09:19:25 +00:00 |
Matt Jankowski
|
575ab085be
|
Disable `Rails/ApplicationController` for `HealthController` (#28705)
|
2024-01-12 09:08:17 +00:00 |
Claire
|
d7e13e2483
|
Fix potential redirection loop of streaming endpoint (#28665)
|
2024-01-10 15:05:46 +00:00 |
Jean Boussier
|
5a6d533c53
|
Enable Rails 7.1 Marshalling format (#28609)
|
2024-01-05 21:57:47 +00:00 |
Claire
|
419c659bc4
|
Add fallback redirection when getting a webfinger query `WEB_DOMAIN@WEB_DOMAIN` (#28592)
|
2024-01-04 14:14:46 +00:00 |
Claire
|
dfdadb92e8
|
Add ability to require approval when users sign up using specific email domains (#28468)
|
2024-01-04 09:07:05 +00:00 |
Matt Jankowski
|
e12d8893f4
|
Fix intermittent failure from unspecified order in `export_domain_blocks` controller spec (#28562)
|
2024-01-03 13:06:15 +00:00 |
Claire
|
092bb8a27a
|
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476)
|
2024-01-03 11:29:26 +00:00 |
Claire
|
1184887b01
|
Fix streaming API redirection ignoring the port of `streaming_api_base_url` (#28558)
|
2024-01-02 12:27:51 +00:00 |
Eugen Rochko
|
b5ac61b2c5
|
Change algorithm of follow recommendations (#28314)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2023-12-19 10:59:43 +00:00 |
Matt Jankowski
|
c28976d89e
|
Handle negative offset param in `api/v2/search` (#28282)
|
2023-12-19 10:55:39 +00:00 |
Claire
|
7d9b209fe8
|
Fix call to inefficient `delete_matched` cache method in domain blocks (#28374)
|
2023-12-18 16:14:43 +00:00 |
Matt Jankowski
|
0e5b8fc46b
|
Fix `Style/RedundantReturn` cop (#28391)
|
2023-12-18 09:50:51 +00:00 |
Matt Jankowski
|
3bc437b99a
|
Fix `Style/RedundantParentheses` cop (#28176)
|
2023-12-01 16:00:44 +00:00 |
Matt Jankowski
|
d83d01eb1e
|
Fix `Lint/RedundantSafeNavigation` cop (#28172)
|
2023-12-01 15:52:56 +00:00 |
Claire
|
963354978a
|
Add `Account#unavailable?` and `Account#permanently_unavailable?` aliases (#28053)
|
2023-11-30 15:43:26 +00:00 |
Matt Jankowski
|
1f1c75bba5
|
File cleanup/organization in `controllers/concerns` (#27846)
|
2023-11-30 14:39:41 +00:00 |
Matt Jankowski
|
e7c340a634
|
Spec coverage for missing `q` param and error conditions in `api/v2/search` controller (#27842)
|
2023-11-30 13:59:46 +00:00 |
Matt Jankowski
|
bb0efe16e6
|
Remove `default_scope` from `MediaAttachment` class (#28043)
|
2023-11-30 13:30:35 +00:00 |
Matt Jankowski
|
e48ecd2929
|
Remove `default_scope` from `Admin::ActionLog` (#28026)
|
2023-11-29 10:39:59 +00:00 |
Matt Jankowski
|
291dc04e67
|
Remove un-needed `action` and `template` options to `render` in controllers (#28022)
|
2023-11-29 10:38:05 +00:00 |
Matt Jankowski
|
baf3b71e3b
|
Extract `path_without_format` private methd in accounts controller (#28091)
|
2023-11-28 09:17:26 +00:00 |
Matt Jankowski
|
9072896ae5
|
Avoid unnecessary i-var for account rss page url generation (#28092)
|
2023-11-28 08:19:08 +00:00 |
Matt Jankowski
|
dfc7154767
|
Remove unused `cached_filtered_status_page` method from accounts controller (#28090)
|
2023-11-28 07:43:16 +00:00 |
Kevin Bongart
|
7877fcd83c
|
Deduplicate IDs in relationships and familiar_followers APIs (#27982)
|
2023-11-23 10:00:09 +00:00 |
Matt Jankowski
|
4be12791e6
|
Remove `default_scope` from `StatusEdit` class (#28042)
|
2023-11-23 09:26:11 +00:00 |
Matt Jankowski
|
9742bccbe7
|
Add coverage for `api/v2/media` endpoint (#28027)
|
2023-11-22 15:39:34 +00:00 |
Matt Jankowski
|
876f5b1d12
|
Convert `/instances/*` controller specs to request specs (#27988)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2023-11-20 11:05:28 +00:00 |
Matt Jankowski
|
fe58ac8d9f
|
Improve spec coverage for `api/web/push_subscriptions` controller (#27858)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2023-11-15 13:14:51 +00:00 |
Eugen Rochko
|
d67bd44ca1
|
Add profile setup to onboarding in web UI (#27829)
|
2023-11-15 11:13:53 +00:00 |
Matt Jankowski
|
7e1a77ea51
|
Add base class for `api/v1/timelines/*` controllers (#27840)
|
2023-11-14 14:53:31 +00:00 |
Matt Jankowski
|
d562fb8459
|
Specs for minimal CSP policy in `Api::` controllers (#27845)
|
2023-11-14 14:34:30 +00:00 |
Matt Jankowski
|
1f8173ac5a
|
Extract private methods in api/v1/instances/domain_blocks (#27844)
|
2023-11-14 10:31:59 +00:00 |
Matt Jankowski
|
0945e25b8f
|
Add `Api::V1::Statuses::BaseController` base controller class (#27794)
|
2023-11-13 14:53:22 +00:00 |
Claire
|
07a4059901
|
Add support for invite codes in the registration API (#27805)
|
2023-11-13 13:27:00 +00:00 |
Eugen Rochko
|
0d14fcebae
|
Change link previews to keep original URL from the status (#27312)
|
2023-11-13 09:58:28 +00:00 |
Matt Jankowski
|
ac69f90098
|
Add `Api::V1::Instances::BaseController` base controller class (#27797)
|
2023-11-10 12:46:00 +00:00 |
Claire
|
c451bbe249
|
Allow viewing and severing relationships with suspended accounts (#27667)
|
2023-11-09 14:50:25 +00:00 |
Matt Jankowski
|
13c3e59601
|
Use helper method to build batched status edits in `admin/statuses/show` (#27739)
|
2023-11-08 13:04:52 +00:00 |
Matt Jankowski
|
d6f50839e1
|
Fix `RSpec/SpecFilePathFormat` cops (#27730)
|
2023-11-06 16:25:40 +00:00 |
Claire
|
d649bbf28f
|
Add some more tests and clean up domain block controller (#27469)
|
2023-10-31 09:40:30 +00:00 |
Ricardo Trindade
|
33f8c1c5eb
|
Remove version check from update cache_concern.rb (#27592)
|
2023-10-30 14:04:12 +00:00 |
Matt Jankowski
|
1f5187e2e2
|
Misc spec/refactor to user mailer and user mailer spec (#27486)
|
2023-10-27 09:57:16 +00:00 |
Claire
|
d2f52f7f64
|
Fix report processing notice not mentioning the report number when performing a custom action (#27442)
|
2023-10-26 17:03:31 +00:00 |
Claire
|
49b8433c56
|
Fix confusing screen when visiting a confirmation link for an already-confirmed email (#27368)
|
2023-10-25 21:33:44 +00:00 |
Claire
|
379115e601
|
Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439)
|
2023-10-23 15:46:21 +00:00 |
Claire
|
99f2534cee
|
Add support for displaying unknown servers on /admin/instances/:domain (#27150)
|
2023-10-23 14:27:57 +02:00 |
Emelia Smith
|
7c3fea7275
|
Feature: Allow token introspection without read scope (#27142)
|
2023-10-18 14:10:07 +02:00 |
Matt Jankowski
|
d4c2dca874
|
Fix haml-lint `InstanceVariables` rule for auth/sessions/two_factor/o… (#27372)
|
2023-10-12 09:44:20 +02:00 |
Claire
|
40ba6e119b
|
Fix Vary headers not being set on some redirects (#27272)
|
2023-10-05 09:50:08 +02:00 |
Matt Jankowski
|
340f1a68be
|
Simplify instance presenter view access (#26046)
|
2023-09-28 16:52:37 +02:00 |
Robert R George
|
20666482ef
|
Added admin api for managing tags (#26872)
|
2023-09-13 11:22:53 +02:00 |
CSDUMMI
|
9a70cac9de
|
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857)
|
2023-09-12 13:04:51 +02:00 |
Claire
|
33c8708a1a
|
Change `GET /api/v1/directory` to use database replica rather than primary (#26856)
|
2023-09-08 17:01:02 +02:00 |
Claire
|
09ec9c6aa5
|
Downgrade signature verification debug logging from `warn` to `debug` (#26812)
|
2023-09-06 12:17:22 +02:00 |
Claire
|
548c032dbb
|
Improve interaction modal error handling (#26795)
|
2023-09-05 23:49:48 +02:00 |
Claire
|
16681e0f20
|
Add admin notifications for new Mastodon versions (#26582)
|
2023-09-01 17:47:07 +02:00 |
Claire
|
9e26cd5503
|
Add `authorized_fetch` server setting in addition to env var (#25798)
|
2023-09-01 15:41:10 +02:00 |
Daniel M Brasil
|
ccca542db1
|
Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237)
|
2023-08-31 13:53:24 +02:00 |
Claire
|
25bf640629
|
Add debug logging on signature verification failure (#26637)
|
2023-08-29 10:29:07 +02:00 |
Lukas Martini
|
a7d96e6aff
|
Improve error messages when DeepL quota is exceeded (#26704)
|
2023-08-29 09:14:44 +02:00 |
jsgoldstein
|
30c191aaa0
|
Add new public status index (#26344)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2023-08-24 16:40:04 +02:00 |
Claire
|
191d302b7f
|
Refactor `Api::V1::ProfilesController` into two separate controllers (#26573)
|
2023-08-21 15:47:09 +02:00 |
Daniel M Brasil
|
d24a87ce4f
|
Add ability to delete avatar or header picture via the API (#25124)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2023-08-21 08:44:35 +02:00 |
Claire
|
cc4560d95b
|
Change “privacy and reach” settings so that unchecking boxes always increase privacy and checking them always increase reach (#26508)
|
2023-08-17 09:13:26 +02:00 |
Claire
|
fc5ab2dc83
|
Add privacy tab in profile settings (#26484)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
|
2023-08-14 18:52:45 +02:00 |
Claire
|
b12d75ef4f
|
Fix blocking subdomains of an already-blocked domain (#26392)
|
2023-08-09 09:39:36 +02:00 |
Claire
|
8b37dd2c86
|
Fix Content Security Policy sometimes unnecessarily allowing hCaptcha scripts (#26388)
|
2023-08-08 15:41:38 +02:00 |
CSDUMMI
|
120f5802c0
|
Add direct link to the Single-Sign On provider if there is only one sign up method available (#26083)
|
2023-08-03 16:43:15 +02:00 |
Daniel M Brasil
|
3a4d3e9d4b
|
Add `GET /api/v1/instance/languages` to REST API (#24443)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2023-08-03 11:25:47 +02:00 |
Emelia Smith
|
e258b4cb64
|
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252)
|
2023-08-02 19:32:48 +02:00 |
Christian Schmidt
|
ca342d4838
|
Add List-Unsubscribe email header (#26085)
|
2023-08-01 19:34:40 +02:00 |
Claire
|
6c39125761
|
Change /api/v1/peers/search to be case-insensitive when using Elasticsearch (#26268)
|
2023-08-01 14:52:32 +02:00 |
Misty De Méo
|
12a6cf569e
|
Storage: add :azure to remaining callers (#26080)
|
2023-07-27 16:13:45 +02:00 |
Claire
|
b4e739ff0f
|
Change interaction modal in web UI (#26075)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
|
2023-07-27 16:11:17 +02:00 |
Matt Jankowski
|
50ff3d3342
|
Coverage for `Auth::OmniauthCallbacks` controller (#26147)
|
2023-07-25 09:46:57 +02:00 |
Claire
|
b629e21515
|
Fix unexpected redirection to /explore after sign-in (#26143)
|
2023-07-24 16:06:32 +02:00 |
Christian Schmidt
|
4c18928a93
|
Wrong count in response when removing favourite/reblog (#24365)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
2023-07-19 09:02:30 +02:00 |
Claire
|
943f27f437
|
Remove unfollowed hashtag posts from home feed (#26028)
|
2023-07-17 13:56:28 +02:00 |
Claire
|
41f65edb21
|
Fix embed dropdown menu item for unauthenticated users (#25964)
|
2023-07-13 15:53:03 +02:00 |
Eugen Rochko
|
8d0c69529a
|
Change markers API to use a replica (#25851)
|
2023-07-12 18:57:40 +02:00 |
Eugen Rochko
|
fdc3ff7c2d
|
Change notifications API to use a replica (#25874)
|
2023-07-12 17:06:00 +02:00 |
Matt Jankowski
|
2e1391fdd2
|
Fix `Naming/MemoizedInstanceVariableName` cop (#25928)
|
2023-07-12 10:08:51 +02:00 |