Commit Graph

12705 Commits

Author SHA1 Message Date
Claire 673c54f114
Fix inability to use local LibreTranslate without setting ALLOWED_PRIVATE_ADDRESSES (#21926)
Fixes #20029
2022-12-15 17:04:38 +01:00
Claire bbc49f15e0
Add explanation text to log-in page (#20946) 2022-12-15 16:44:29 +01:00
Fries 725f21662f
Add Montenegrin (cnr) (#21013) 2022-12-15 16:40:57 +01:00
Claire 38596e49d4
Fix the top action bar appearing in multi-column layout (#20943) 2022-12-15 16:40:45 +01:00
Claire 623d3d2e32
Change CSP directives on API to be tight and concise (#20960) 2022-12-15 16:40:32 +01:00
Kaspar V 19f78ea8fa
linting: RuboCop update, config fixes (#20574)
* fix(rubocop): update gems and add performance and rspec

fix(rubocop): update gems and add performance and rspec

- update present rubocop gems
- add rubocop-rspec and rubocop-performance gems
- move rubocop gems to gem group :development, :test in order to
  make linting in a github action that runs with RAILS_ENV=test possible

* feat(rubocop): disable some annoyance RSpec cops

To mee these prooved to be more annoying than helpful.
If not agreed, they can be enabled any time.

* fix(rubocop): do not ignore spec/**/*

Because rubocop-rspec should lint the specs as well, and they
deserve to be readable in general. It is relevant code, after all.

* fix(rubocop): change ignore db/**/* to db/schema.rb

because rails cops do some lints for migrations.
E.g. reversable migrations linting and more.

* fix(rubocop): tune rules configs

Bunch of commits squashed:

fix(rubocop): enable Layout/LineLength cop

Because this project has code with line lenghts > 500 chars.
This is not good practice at all, so I strongly suggest to
change the practice in the future.

But allow heredoc, URI and comments to still be long lines
and make the default Max: 120 explicit, by repeating it in the
config. To me this max length seems reasonable. Perhaps
a bit more could be ok for some. But > 500 chars in one line
Seems to be way too long IMHO.

fix(rubocop): Metrics/CyclomaticComplexity Max to 12

The default is 7, perhaps quite strict. But 25 is too loose,
the rule becomes pointless like that.

fix(rubocop): AllCops ruby version, cacheing and more info

- fix the target ruby version from 2.5 to 3.0
- have the cop error messages to be more informative and helpful
- enable cacheing in /tmp

fix(rubocop): Metrics/AbcSize to 34 from 115

Rubocops default is 17. If the rule is at 115 is becomes
pointless.

fix(rubocop): Metrics/BlockLength improvements

- instead of ignoring tasks completely, ignore only the
  long blocks that are specific to tasks (task, namespace)
- ignore also concern specific block methods (included, class_methods)

fix(rubocop): Metrics/ClassLength count heredoc array as one line

fix(rubocop): Metrics/MethodLength Max to 25

- the default is 10, but 65 is too loose, so perhaps 25?

fix(rubocop): Metrics/ModuleLength array and heredoc count as one

fix(rubocop): Metrics/PerceivedComplexity to 16 from 25

Rubocops default is 8, so how about only doubling that, instead
of > than tripple it?

fix(rubocop): enable Style/RedundantAssignment

Because I think that this rule would never really hurt,
but improve code quality and readability.

fix(rubocop): enable Style/RescueStandardError

I think everyone that ever had to debug what this can bring
will hopefully agree that this rule totally makes sense.
In the super rare exeptions where this is totally needed,
it can be excluded by disabling comment in that place.

fix(rubocop): Metrics/ParameterLists add explicit defaults and some excludes
2022-12-15 16:39:59 +01:00
Neil Matatall 1f5740e65c
Use Rails tag API to build RSS feed for spoilers and polls (#20163)
* Use Rails tag API to build RSS feed for spoilers and polls

While the previous method did not contain a bug or a potential issue,
the tag API can be very resilient against future problems and reduces the
amount of manual management of the escape status of the content.

I've added tests to ensure that the formatting is broken and still
escapes control characters correctly.

* this seems cleaner and passes

* Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself

* whoops, tag helper doesn't use a self-closing tag
2022-12-15 16:39:41 +01:00
Dan Peterson 3d3429243f
Fix default S3_HOSTNAME used in mastodon:setup (#19932)
s3-us-east-1.amazonaws.com does not exist.

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:38:51 +01:00
Colin Mitchell 22e36271c5
Add environment variable to configure sidekiq concurrency (#19589)
Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:38:37 +01:00
Nick Schonning 72a8af8088
Fix typo in handler function call name (#21829) 2022-12-15 16:37:17 +01:00
Connor Shea 08c0e43b6f
Increase the width of the unread notification border. (#21692)
The smaller border is difficult to see for some users, especially
when the browser window was thinner, and so the unread border is at the
very left edge of the window.
2022-12-15 16:37:07 +01:00
Francis Murillo c50e9d078a
Render current day formats in the client timezone (#21878)
* Fix remaining plain %time to %time.formatted

* Add %time.relative-formatted to client format dates on the current day

* Add missing comma dangle to formats

* Use client side message format instead of the server

* Add fallback message to relatve_format.today

* Remove unused translation key and fix js lint issue

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:35:25 +01:00
trwnh f0cebaee00
Add localization for new admin scopes (#20979)
* Add localization for new admin scopes

* run bundle exec i18n-tasks normalize
2022-12-15 16:21:13 +01:00
Ikko Ashimine baecdf2882
Fix typo in application_helper_spec.rb (#20981)
enviroment -> environment
2022-12-15 16:20:55 +01:00
Yamagishi Kazutoshi 58200132d0
`FormattedMessage` must be used directly (#20982)
* `FormattedMessage` must be used directly

* rollback
2022-12-15 16:20:46 +01:00
Pleclown 3a59ffde8d
Adding 12 hours option for polls (#21131)
* Adding 12 hours option for polls

Adding 12 hours option for polls

* Adding 12 hours option for polls

Missing > on a line
2022-12-15 16:20:34 +01:00
Alex Stine 903e5a3f45
Fix hidden label causing accessibility issue for search inputs (#21275)
* Try unhiding search label.

* Use aria-label. Remove label as empty labels are useless.

* Remove addition of package-lock.json.
2022-12-15 16:20:21 +01:00
Matt Hodges 4114a7088a
Embed js height fix (#22141)
* only begin iframe reheight once document state is complete

* format

* lint fixes

* Update public/embed.js to use readystatechange event listener

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Call loaded() if ready, otherwise add listenter

* lint fix

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-15 16:18:59 +01:00
Jeremy Kescher 04c611daa1
Fix being unable to react with the keycap number sign emoji (#22231)
#⃣

This bug is caused by the emoji consisting of:
U+23 #
U+FE0F
U+20E3  ⃣

Because it starts with a #, it's interpreted as an anchor link, which is not passed to the API. Therefore, the API sees no emoji to react with and answers correctly with a 404.
2022-12-15 16:18:39 +01:00
nametoolong 63b379c2d9
Fix N+1 queries from in NotificationsController (#21202)
Co-authored-by: Nonexistent <nx@example.org>
2022-12-15 16:18:20 +01:00
luzpaz 596923da4a
Fix typos in source documentation (#21046)
Fixed 2 source comment/documentation typos
2022-12-15 15:57:26 +01:00
Moritz Heiber a0813806d6
Add hadolint as Dockerfile linter (#20993)
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile

* Use more specific version of hadolint Action

* Bumpt hadolint Action version to latest version to avoid deprecation notice

* Being _really_ specific now
2022-12-15 15:57:17 +01:00
Riedler c3388f4ab1
Fix profile avatar being slightly offset into left border (fixes #20822) (#20994)
* hotfix for #20822

I don't know why it was shifted in the first place or why the width is specified twice, but this fixes the problem, so it looks fine to me.

* realigned pfp with content below

* fixed formatting 

my bad

* added comment to explain the negative margin

before I forget - comments are *important* !

Co-authored-by: Riedler <riedler@gelse.eu>
2022-12-15 15:57:02 +01:00
s0 52540771b0
Fix crash in elasticsearch_check.rb (#21006)
Nil unwrap causes the admin dashboard to crash/500 when the Chewy client info version number value is nil.
This occurs when running another ES-compatible backend such as MeiliSearch.
Obviously it would be good for chewy to recognise upstream but at least avoiding the crash would be fine.
2022-12-15 15:56:48 +01:00
Effy Elden 441cac758f
Allow adding relays while secure mode & limited federation mode are enabled (#22324) 2022-12-15 15:56:05 +01:00
Claire 7b68e6409b
Fix invalid CSS for links in warning and strike cards (#22302) 2022-12-15 15:52:18 +01:00
Jeong Arm e8cc63105f
Don't delivery a reply to domains which are blocked by author (#22117)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-15 15:52:06 +01:00
Justin Hutchings e5d15a5b56
Add CodeQL workflow (#21894) 2022-12-15 15:51:13 +01:00
Claire bae6ef315e
Fix missing Javascript in domain block import confirmation page (#21471)
Follow-up to #20597
2022-12-15 15:47:23 +01:00
Francis Murillo 5fb1c3e934
Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Claire fe9eab51d1
Change dropdown menu to contain “Copy link to post” even for non-public posts (#21316)
Fixes #21244
2022-12-15 15:43:16 +01:00
Meisam 6cdbc345f4
Validate nodeinfo response by schema (#21395)
* add json-schema to :test in Gemfile

* Create node_info_2.0_schema.json

* test match_response_schema

* Create match_response_schema.rb

* Update nodeinfo_controller_spec.rb

* Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json

* Update match_response_schema.rb

* cleanup

* additionally validate the json schema itself

disable throwing errors

test the schema matcher

* rename nodeinfo schema to nodeinfo_2.0

* use Rails.root.join to construct the path

* prettify json

* sync Gemfile.lock
2022-12-15 15:43:05 +01:00
Claire f239d31f23
Add --email and --dry-run options to `tootctl accounts delete` (#22328) 2022-12-15 14:52:50 +01:00
Claire 5917b46c05
Allow admins to refresh remotely-suspended accounts (#22327)
* Change suspension text to mention that a remotely suspended account is not locally-suspended

* Add ability to refresh profile of remotely suspended accounts
2022-12-15 14:15:50 +01:00
Claire 1f762f4271
Fix wasteful request to /api/v1/custom_emojis when not logged in (#22326) 2022-12-15 14:07:34 +01:00
Evan 78ef635980
Add command to remove avatar and header images of inactive remote accounts from the local database (#22149)
* Add tootctl subcommand media remove-profile-media

* Trigger workflows

* Correcting external linting

* External linting error

* External linting fix

* Merging with remove command

* Linting

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Correct long option names

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Remove saving a list of purged accounts

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14 19:50:07 +01:00
dependabot[bot] a9bd5f65bb
Bump postcss from 8.4.19 to 8.4.20 (#22256)
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.19 to 8.4.20.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.19...8.4.20)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:41:52 +09:00
dependabot[bot] 1133e05e3d
Bump rails-html-sanitizer from 1.4.3 to 1.4.4 (#22279)
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/rails/rails-html-sanitizer/releases)
- [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.4.3...v1.4.4)

---
updated-dependencies:
- dependency-name: rails-html-sanitizer
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:41:34 +09:00
dependabot[bot] 44739096ec
Bump loofah from 2.19.0 to 2.19.1 (#22278)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.19.0 to 2.19.1.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.19.0...v2.19.1)

---
updated-dependencies:
- dependency-name: loofah
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:34:07 +09:00
dependabot[bot] 062197a193
Bump public_suffix from 5.0.0 to 5.0.1 (#22259)
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/main/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/v5.0.0...v5.0.1)

---
updated-dependencies:
- dependency-name: public_suffix
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:31:21 +09:00
dependabot[bot] 7e2d5e8aa7
Bump sass from 1.56.1 to 1.56.2 (#22257)
Bumps [sass](https://github.com/sass/dart-sass) from 1.56.1 to 1.56.2.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.56.1...1.56.2)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:30:26 +09:00
dependabot[bot] 364f5f1f45
Bump prettier from 2.8.0 to 2.8.1 (#22255)
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.0...2.8.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 05:29:33 +09:00
zunda 09191dee66
Add single splat to callback method definitions to avoid ArgumentError (#22246)
It looks like a [bug](https://bugs.ruby-lang.org/issues/18633) around
autosplat is [fixed](fbaadd1cfe)
on ruby-3.2.0-rc1 and breaks a test (but not on ruby <= 3.1.3):

```
$ bundle exec rspec ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:41
  :
  1) Api::V1::Emails::ConfirmationsController#create with an oauth token from an app that created the account when the account is already confirmed but user changed e-mail and has not confirmed it returns http success
     Failure/Error:
         def email_changed(user, **)
           @resource = user
           @instance = Rails.configuration.x.local_domain

           return unless @resource.active_for_authentication?

           I18n.with_locale(locale) do
             mail to: @resource.email, subject: I18n.t('devise.mailer.email_changed.subject')
           end
         end

     ArgumentError:
       wrong number of arguments (given 2, expected 1)
     # ./app/mailers/user_mailer.rb:51:in `email_changed'
     # ./app/models/user.rb:444:in `render_and_send_devise_message'
     # ./app/models/user.rb:430:in `block in send_pending_devise_notifications'
     # ./app/models/user.rb:429:in `each'
     # ./app/models/user.rb:429:in `send_pending_devise_notifications'
     # ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:38:in `block (7 levels) in <top (required)>'
```
2022-12-13 20:03:16 +01:00
Rin 42e16ea52d
fix missing style in warning and strike cards (#22177) 2022-12-13 20:03:09 +01:00
Claire 55b210b3e5
Fix crash and incorrect behavior in tootctl domains crawl (#19004) 2022-12-13 20:02:32 +01:00
cadars 52a50c5e43
Make handle more easily selectable on profile page (#21479)
* Make handle more easily selectable on profile page

* Wrap handle in a span

* Add `user-select: all` to span

* remove whitespace
2022-12-13 19:43:03 +01:00
Claire f70bdba926
Change default reply language to be default language when replying to a translated reply (#22272)
Fixes #22250
2022-12-13 19:41:53 +01:00
Nick Schonning 736b4283b0
Update Node 16.18.1 for latest security release (#22019)
* Update Node 16.18.1 for latest security release

* Increase Yarn network timeout for build error
2022-12-11 07:37:00 +01:00
prplecake 714e68db38
Add noindex setting to Admin settings Discovery page (#22205)
* Add noindex setting to Admin settings Discovery page

* Replace default_noindex i18n
2022-12-11 07:27:44 +01:00
dependabot[bot] ad568924c0
Bump axios from 1.2.0 to 1.2.1 (#22076)
Bumps [axios](https://github.com/axios/axios) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.2.0...v1.2.1)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-10 00:58:15 +09:00