ThibG
7d575c669e
Bump puma from 4.3.2 to 4.3.3 ( #13177 )
...
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
2020-03-01 22:25:13 +01:00
Thibaut Girka
13ef4d5fb0
Update puma from 4.3.2 to 4.3.3
...
Fixes #1294
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
2020-03-01 20:54:02 +01:00
Thibaut Girka
553a16c6f8
Update JS dependencies
2020-02-29 22:32:33 +01:00
Thibaut Girka
b0a7cb71be
Update glitch-soc-specific dependencies
...
- drop html2text which has been unused in a while
- update redcarpet
2020-02-29 22:32:33 +01:00
ThibG
907ebcfd43
Merge pull request #1291 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
2020-02-29 12:50:44 +01:00
Thibaut Girka
427ef4948a
Merge branch 'master' into glitch-soc/merge-upstream
2020-02-29 12:20:54 +01:00
ThibG
5393b187c4
Fix elasticsearch-api and faraday incompatibilities ( #13166 )
2020-02-29 03:05:02 +01:00
ThibG
ce17cea221
Fix installation failing when Redis password contains special characters ( #13156 )
...
* Add support for special characters in Redis passwords
Fixes #13154
* Refactor
2020-02-29 03:00:43 +01:00
dependabot-preview[bot]
047fde18c3
[Security] Bump puma from 4.3.1 to 4.3.2 ( #13167 )
...
Bumps [puma](https://github.com/puma/puma ) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-29 02:57:14 +01:00
ThibG
7b63c5469e
Fix announcements with fully-qualified mention to local user crashing WebUI ( #13164 )
2020-02-28 13:49:45 +01:00
ThibG
e1d29f7d9f
Merge pull request #1290 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
2020-02-27 12:38:17 +01:00
Thibaut Girka
51d326f852
Merge branch 'master' into glitch-soc/merge-upstream
2020-02-27 12:37:15 +01:00
Eugen Rochko
aa8568b7f2
Bump version to 3.1.2 ( #13162 )
2020-02-27 12:34:07 +01:00
Eugen Rochko
0c28a505dd
Fix leak of arbitrary statuses through unfavourite action in REST API ( #13161 )
2020-02-27 12:32:54 +01:00
ThibG
9ee8e1add9
Merge pull request #1289 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
2020-02-25 18:05:52 +01:00
ThibG
2f2b48b227
[Glitch] Fix `/web` redirecting to `/web/web` in web UI
...
Port 0f07218e53
to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-02-25 14:30:43 +01:00
Thibaut Girka
85933bc9ff
Merge branch 'master' into glitch-soc/merge-upstream
2020-02-25 14:28:13 +01:00
ThibG
7face973fa
Fix dismissing an announcement twice raising an obscure error ( #13124 )
2020-02-24 22:21:40 +01:00
ThibG
cf4fe6caef
Fix misleading error when attempting to re-send a pending follow request ( #13133 )
...
Fixes #13131
2020-02-24 21:19:19 +01:00
ThibG
d91946ae13
Fix backups failing when files are missing from media attachments ( #13146 )
...
Fixes #13123
2020-02-24 21:18:26 +01:00
ThibG
3704402dcc
Fix duplicate accounts being created when fetching an account for its key only ( #13147 )
...
Fixes #13136
When a user's canonical acct domain is different from its id's domain
(WEB_DOMAIN ≠ LOCAL_DOMAIN), two webfinger queries are required to find the
canonical domain from the URI. However, we skip webfinger queries when
updating only the key of a remote user, which led to the creation of a
duplicate account, using the URI's domain instead of the canonical acct: one.
2020-02-24 21:15:53 +01:00
dependabot-preview[bot]
5158dbeb25
Bump react-redux from 7.1.3 to 7.2.0 ( #13141 )
...
Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 7.1.3 to 7.2.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.1.3...v7.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 21:54:19 +09:00
dependabot-preview[bot]
1452d85dd2
Bump webpack-cli from 3.3.10 to 3.3.11 ( #13139 )
...
Bumps [webpack-cli](https://github.com/webpack/webpack-cli ) from 3.3.10 to 3.3.11.
- [Release notes](https://github.com/webpack/webpack-cli/releases )
- [Changelog](https://github.com/webpack/webpack-cli/blob/next/CHANGELOG_v3.md )
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.10...v3.3.11 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:50:25 +09:00
dependabot-preview[bot]
6518ee6c43
Bump rellax from 1.10.0 to 1.12.1 ( #13140 )
...
Bumps [rellax](https://github.com/dixonandmoe/rellax ) from 1.10.0 to 1.12.1.
- [Release notes](https://github.com/dixonandmoe/rellax/releases )
- [Commits](https://github.com/dixonandmoe/rellax/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:50:18 +09:00
dependabot-preview[bot]
3d9e9ca375
Bump @babel/core from 7.8.3 to 7.8.4 ( #13137 )
...
Bumps [@babel/core](https://github.com/babel/babel ) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.8.4 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:36:32 +09:00
Thibaut Girka
0d41fef506
Document alt+enter
2020-02-22 23:07:29 +01:00
ThibG
ca7ee9f1cf
Add `--reset-password` option to `tootctl accounts modify` ( #13126 )
2020-02-22 01:29:14 +01:00
ThibG
0f07218e53
Fix `/web` redirecting to `/web/web` in web UI ( #13128 )
...
Fixes #13127
2020-02-22 01:27:34 +01:00
ThibG
983ab40086
Fix previously OStatus-based accounts not being detected as ActivityPub ( #13129 )
2020-02-22 01:26:41 +01:00
dependabot-preview[bot]
89a9eeb675
Bump rack from 2.1.2 to 2.2.2 ( #13108 )
...
Bumps [rack](https://github.com/rack/rack ) from 2.1.2 to 2.2.2.
- [Release notes](https://github.com/rack/rack/releases )
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rack/rack/compare/2.1.2...v2.2.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-20 09:24:16 +09:00
ThibG
6680983032
Merge pull request #1287 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
2020-02-20 00:52:50 +01:00
Thibaut Girka
bc4de2f661
[Glitch] Add source-mapped stacktrace to error message in web UI
...
Port ff3a11d01d
to glitch-soc
2020-02-19 23:31:15 +01:00
ThibG
c9166a5943
[Glitch] Fix old browsers crashing because of missing `finally` polyfill in web UI
...
Port 1314bba68a
to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-02-19 23:10:37 +01:00
Thibaut Girka
e037002401
Merge branch 'master' into glitch-soc/merge-upstream
2020-02-19 23:04:18 +01:00
ThibG
ff3a11d01d
Add source-mapped stacktrace to error message in web UI ( #13082 )
...
* Add source-mapped stack trace to copyable text in error boundary
* Add the error message to the copied report, not only the stack trace
2020-02-19 22:36:52 +01:00
ThibG
d8e9bae482
Fix account JSON/RSS not being cacheable due to wrong mime type comparison ( #13116 )
...
`request.format` is not a symbol but a `Mime::Type`, so the condition actually
never matched, and a session was created even for those requests, preventing
caching.
2020-02-19 22:31:53 +01:00
ThibG
1314bba68a
Fix old browsers crashing because of missing `finally` polyfill in web UI ( #13115 )
...
Fix #13015
2020-02-18 17:22:44 +01:00
dependabot-preview[bot]
7584342d83
Bump simplecov from 0.18.1 to 0.18.2 ( #13106 )
...
Bumps [simplecov](https://github.com/colszowka/simplecov ) from 0.18.1 to 0.18.2.
- [Release notes](https://github.com/colszowka/simplecov/releases )
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md )
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.1...v0.18.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:27:19 +09:00
dependabot-preview[bot]
fe388e5fe9
Bump pkg-config from 1.4.0 to 1.4.1 ( #13105 )
...
Bumps [pkg-config](https://github.com/ruby-gnome/pkg-config ) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/ruby-gnome/pkg-config/releases )
- [Changelog](https://github.com/ruby-gnome/pkg-config/blob/master/NEWS )
- [Commits](https://github.com/ruby-gnome/pkg-config/compare/1.4.0...1.4.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:24:20 +09:00
dependabot-preview[bot]
28dec37101
Bump nokogiri from 1.10.7 to 1.10.8 ( #13110 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.10.7 to 1.10.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.7...v1.10.8 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:22:43 +09:00
dependabot-preview[bot]
eadd26f3aa
Bump rimraf from 3.0.0 to 3.0.2 ( #13104 )
...
Bumps [rimraf](https://github.com/isaacs/rimraf ) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/isaacs/rimraf/releases )
- [Changelog](https://github.com/isaacs/rimraf/blob/master/CHANGELOG.md )
- [Commits](https://github.com/isaacs/rimraf/compare/v3.0.0...v3.0.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:58:14 +09:00
dependabot-preview[bot]
9547417353
Bump react-swipeable-views from 0.13.4 to 0.13.9 ( #13103 )
...
Bumps [react-swipeable-views](https://github.com/oliviertassinari/react-swipeable-views ) from 0.13.4 to 0.13.9.
- [Release notes](https://github.com/oliviertassinari/react-swipeable-views/releases )
- [Changelog](https://github.com/oliviertassinari/react-swipeable-views/blob/master/CHANGELOG.md )
- [Commits](https://github.com/oliviertassinari/react-swipeable-views/commits/v0.13.9 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:57:29 +09:00
dependabot-preview[bot]
e724541661
Bump eslint-plugin-import from 2.20.0 to 2.20.1 ( #13101 )
...
Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import ) from 2.20.0 to 2.20.1.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases )
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.20.0...v2.20.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:53:02 +09:00
dependabot-preview[bot]
6c66985302
Bump terser-webpack-plugin from 2.3.2 to 2.3.5 ( #13100 )
...
Bumps [terser-webpack-plugin](https://github.com/webpack-contrib/terser-webpack-plugin ) from 2.3.2 to 2.3.5.
- [Release notes](https://github.com/webpack-contrib/terser-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/terser-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/terser-webpack-plugin/compare/v2.3.2...v2.3.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:49:21 +09:00
ThibG
4dec392ea8
Fix account's bio not being shown if there are no proofs/fields in admin UI ( #13075 )
2020-02-17 16:38:59 +01:00
ThibG
c48d895ea7
Fix sign-ups without checked user agreement being accepted through the web form ( #13088 )
...
* Fix user agreement not being verified
* Fix tests
* Fix up agreement field being dismissed
2020-02-16 12:56:53 +01:00
Sara Aimée Smiseth
250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture ( #13081 )
...
* Use ARCH variable instead of hardcoded x64
* fix formating
2020-02-16 12:54:57 +01:00
ThibG
cb28f61a6c
Fix invite request input not being shown on sign-up error if left empty ( #13089 )
...
If the “Why do you want to join?” textarea is left empty and the entered params
do not validate, the textarea isn't shown again, unlike other fields.
This commit fixes that by populating an empty `UserInviteRequest` when needed.
2020-02-16 12:38:22 +01:00
Thibaut Girka
955f838f9d
Fix clicking on the “TOOT” button send bogus visibility parameter
2020-02-16 00:10:45 +01:00
Marcin Cieślak
bd4bbba98a
Do not suggest to login into the GitLab database ( #13084 )
...
As pointed out on Discourse:
https://discourse.joinmastodon.org/t/obscure-wtf-error-message-running-migrations-for-3-1/2524
The message the administrators were getting was telling them
to log in to the "GitLab database" and also mentions MySQL
2020-02-15 12:52:57 +01:00