e09419f22a
Move old framework defaults file to regular config value ( #28623 )
2024-01-08 10:17:38 +00:00
a27a82939d
Remove the 7.1 marshalling format "todo" from new_framework_defaults ( #28625 )
2024-01-08 10:16:33 +00:00
bd415af9a1
Change streaming API host to not be overridden to localhost in development mode ( #28557 )
2024-01-03 10:23:58 +00:00
e56fb9e489
Fix `Style/SymbolProc` cop ( #28386 )
2023-12-18 09:32:02 +00:00
e5717c9bc6
Fix `Style/Lambda` cop ( #28378 )
2023-12-15 14:34:24 +00:00
1ee8d1e50e
Assign a proc to `Rack::Request.ip_filter` instead of patching method ( #28380 )
2023-12-15 14:33:56 +00:00
f37c93f3d7
Change cookie rotator to use SHA1 digest for new cookies ( #27392 )
2023-12-12 12:01:08 +00:00
42afd30324
Replace Sprockets with Propshaft ( #28239 )
2023-12-06 10:19:24 +00:00
a8473f582d
Add zeitwerk inflector for cli->CLI ( #27635 )
2023-11-30 13:55:20 +00:00
85662a5a57
Change `img-src` and `media-src` CSP directives to not include `https:` ( #28025 )
2023-11-30 13:47:01 +00:00
31bef99b9e
Move lib/mastodon/premailer_webpack_strategy to lib/ ( #27636 )
2023-11-29 10:08:55 +00:00
9429e30d75
Disable sidekiq unique jobs in test env ( #27737 )
2023-11-09 16:19:04 +00:00
c875dfc90b
Fix `Lint/UnusedBlockArgument` cop ( #27777 )
2023-11-09 09:43:26 +00:00
33cc3ae8fa
Fix `Style/StabbyLambdaParentheses` cop ( #27771 )
2023-11-08 12:01:18 +00:00
02d27de5ce
Move i18n locale configuration to separate initializer ( #27571 )
2023-11-07 15:22:14 +00:00
d6f50839e1
Fix `RSpec/SpecFilePathFormat` cops ( #27730 )
2023-11-06 16:25:40 +00:00
7ef56d6e50
Move json_ld context loaders to `config/initializers` ( #27590 )
2023-10-31 15:21:23 +00:00
3107a9410c
Silence deprecation warning about secrets/credentials with Devise patch ( #27578 )
2023-10-31 11:10:15 +00:00
eae5c7334a
Extract class from CSP configuration/initialization ( #26905 )
2023-10-27 16:20:40 +00:00
4aa05d45fc
Capture minimum postgres version 12 ( #27528 )
2023-10-26 20:35:15 +00:00
9a3d047f3e
Run `bin/rails app:update` with Rails 7.1 ( #27522 )
2023-10-25 13:56:09 +00:00
379115e601
Add SELF_DESTRUCT env variable to process self-destructions in the background ( #26439 )
2023-10-23 15:46:21 +00:00
c3e0eb3699
Change Content-Security-Policy to be tighter on media paths ( #26889 )
2023-10-23 14:27:07 +02:00
bcd0171e5e
Fix `Lint/UselessAssignment` cop ( #27472 )
2023-10-19 16:55:06 +02:00
23f8e93c64
Fixes #23135 - Allow cross origin request for /nodeinfo/2.0 API ( #27413 )
2023-10-16 13:39:25 +02:00
e0da64bb4e
Fix empty ENV variables not using default nil value ( #27400 )
2023-10-13 19:00:53 +02:00
85db392464
Autofix Rubocop cops for config/ ( #24145 )
2023-10-03 15:24:12 +02:00
56c0babc0b
Fix rubocop `Layout/ArgumentAlignment` cop ( #26060 )
2023-09-28 15:48:47 +02:00
8acc75435b
Change S3 checksum mode to be disabled by default ( #27007 )
2023-09-21 14:00:51 +02:00
a04ae16201
Fix CSP when using `ONE_CLICK_SSO_LOGIN` ( #26901 )
2023-09-13 19:54:04 +02:00
9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP ( #26857 )
2023-09-12 13:04:51 +02:00
ea31929776
Fix invalid Content-Type header for WebP images ( #26773 )
2023-09-04 09:46:33 +02:00
9e26cd5503
Add `authorized_fetch` server setting in addition to env var ( #25798 )
2023-09-01 15:41:10 +02:00
286a21afdc
Support webpacker live-reloading on Docker ( #26419 )
2023-08-29 10:17:57 +02:00
b95867ad1f
Allow setting a custom HTTP method in CacheBuster ( #26528 )
...
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
dd049fc37a
Fix ES_PRESET not being applied to Chewy's internal index ( #26489 )
2023-08-14 19:00:56 +02:00
f5778caa3a
Add `ES_PRESET` option to customize numbers of shards and replicas ( #26483 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 17:46:16 +02:00
4bc0dd751c
Add `S3_DISABLE_CHECKSUM_MODE` environment variable for compatibility with some S3-compatible providers ( #26435 )
2023-08-10 14:15:18 +02:00
12c43e4ab5
Re-add StatsD support through the `nsa` gem ( #26310 )
2023-08-03 20:28:14 +02:00
e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode ( #26252 )
2023-08-02 19:32:48 +02:00
ad81be6c8e
Update rubocop rules for linelength ( #26190 )
2023-07-28 23:11:45 +02:00
bada7a65aa
Ignore long line in regex initializer ( #26182 )
2023-07-26 09:45:27 +02:00
e5f1000ad1
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 13:34:15 +02:00
934c7b33d1
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades ( #26023 )
2023-07-21 13:17:43 +02:00
b848ba3867
Paperclip: add support for Azure blob storage ( #23607 )
2023-07-19 09:02:49 +02:00
ce43ed144c
Rails 7.0 update ( #25668 )
2023-07-13 09:36:07 +02:00
2e1391fdd2
Fix `Naming/MemoizedInstanceVariableName` cop ( #25928 )
2023-07-12 10:08:51 +02:00
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment ( #23793 )
2023-07-12 09:47:08 +02:00
e4cfe4b3db
First pass at multi-database for read replica using Rails native adapter ( #25693 )
...
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Matt Jankowski
Claire
Wladimir Palant
Renaud Chaput
Nick Schonning
CSDUMMI
Christian Schmidt
Emelia Smith
Misty De Méo
Kurtis Rainbolt-Greene