Commit Graph

14682 Commits

Author SHA1 Message Date
Claire bc2eaf3581 Remove unused noModal prop 2022-02-09 16:40:23 +01:00
Claire f03dc97070 Some more refactoring 2022-02-09 16:40:23 +01:00
Claire f87ce13afc Refactor dropdown and action modal code slightly
Simplify it a bit and make it closer to upstream
2022-02-09 13:23:12 +01:00
Claire 2fd1db7c9d
Merge pull request from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-08 19:43:59 +01:00
Claire 692963d43b Merge branch 'main' into glitch-soc/merge-upstream 2022-02-08 18:23:53 +01:00
Eugen Rochko b6d7726ecb
Remove language detection through cld3 ()
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Eugen Rochko 85b86fe28c
Add global `locale` param ()
- Remove the session-based locale stickyness
2022-02-08 02:34:56 +01:00
Eugen Rochko 35850f8195
Fix localization of cold-start follow recommendations () 2022-02-08 01:53:49 +01:00
Claire 52c1b86964
Fix Ruby 2.5 incompatibility () 2022-02-07 19:57:06 +01:00
Eugen Rochko f1f6ddd536
Fix structured data parsing from links choking on bad data ()
* Fix structured data parsing from links choking on bad data

- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag

* Remove unnecessary slash escapes from CDATA regex pattern
2022-02-07 18:16:31 +01:00
Claire 73a782391c
Fix replies collection incorrectly looping ()
* Refactor tests

* Add tests

* Fix replies collection incorrectly looping
2022-02-07 17:06:43 +01:00
Claire 0d2cf3cd4a
Fix errors when multiple Delete are received for a given actor () 2022-02-07 13:14:48 +01:00
Claire b1983623ae
Merge pull request from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-06 16:23:57 +01:00
Claire aa832d623a Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `CHANGELOG.md`:
  Upstream added newlines.
  Conflicts are because the CHANGELOG was independently merged from 3.4.6 on
  last security update.
  Took upstream's version.
- `app/helpers/context_helper.rb`:
  Conflicts because of extra vocabulary in glitch-soc. The conflicts were
  actually handled in last security merge.
  Kept our version.
2022-02-06 15:34:42 +01:00
Claire 92658f0fb0
Fix instance actor not being dereferenceable ()
* Add tests

* Fix instance actor not being dereferenceable

* Fix tests

* Fix tests for real
2022-02-06 15:31:03 +01:00
potpro 097c4903f1
Update build-image.yml () 2022-02-05 17:29:54 +01:00
Claire 24d1ddcc24
Merge pull request from ClearlyClaire/glitch-soc/fixes/robust-theme-fallback
Make theme-selection fall back to default ones if configured is not found
2022-02-05 13:24:05 +01:00
Claire 08f44d1953 Move glitch-soc-specific theming methods to ThemingConcern 2022-02-05 10:58:51 +01:00
Claire 5f48ec9e42 Make theme-selection fall back to default ones if configured is not found 2022-02-05 10:29:27 +01:00
Eugen Rochko e03e7ac290
Fix error on account relationships page in admin UI () 2022-02-05 05:06:34 +01:00
dependabot[bot] 6a649e9131
Bump brakeman from 5.2.0 to 5.2.1 ()
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v5.2.0...v5.2.1)

---
updated-dependencies:
- dependency-name: brakeman
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:03:12 +09:00
dependabot[bot] bfe5ad5fee
Bump redis from 4.0.2 to 4.0.3 ()
Bumps [redis](https://github.com/redis/node-redis) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/redis/node-redis/releases)
- [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/node-redis/compare/redis@4.0.2...redis@4.0.3)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:03:06 +09:00
dependabot[bot] e001e116da
Bump sidekiq-scheduler from 3.1.0 to 3.1.1 ()
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: sidekiq-scheduler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:02:57 +09:00
dependabot[bot] e0263c7369
Bump http-link-header from 1.0.3 to 1.0.4 ()
Bumps [http-link-header](https://github.com/jhermsmeier/node-http-link-header) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/jhermsmeier/node-http-link-header/releases)
- [Changelog](https://github.com/jhermsmeier/node-http-link-header/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhermsmeier/node-http-link-header/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: http-link-header
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-05 13:02:42 +09:00
Alexandra Catalina 50ab3f3dcb
Update tootsuite/mastodon Docker tag to v3.4.6 ()
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-03 21:29:20 +01:00
Eugen Rochko 3413f1c44b
Forward-port version bump to 3.4.6 () 2022-02-03 14:21:38 +01:00
Claire 73b730e649
Merge pull request from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-03 14:09:19 +01:00
Claire c8b1e72a4f
Fix compacted JSON-LD possibly causing compatibility issues on forwarding () 2022-02-03 14:09:04 +01:00
Claire 948235592a
Fix response_to_recipient? CTE () 2022-02-03 14:07:43 +01:00
Claire d1ecc323e7
Compact JSON-LD signed incoming activities ()
Co-authored-by: Puck Meerburg <puck@puck.moe>
2022-02-03 14:07:29 +01:00
Claire 2beb0a7af5 Bump version to 3.4.6 2022-02-03 12:12:27 +01:00
Claire a3e0dacf5c Fix response_to_recipient? CTE 2022-02-02 19:55:57 +01:00
Claire 7b969436a0 Fix compacted JSON-LD possibly causing compatibility issues on forwarding 2022-02-02 19:55:57 +01:00
Puck Meerburg 63da32468c Compact JSON-LD signed incoming activities 2022-02-02 16:13:11 +01:00
Claire 20a4b8081f
Merge pull request from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-02-01 21:41:58 +01:00
Claire 098f2bc1e1 Merge branch 'main' into glitch-soc/merge-upstream 2022-02-01 20:59:28 +01:00
Alexandra Catalina d0d15bf49c
Update tootsuite/mastodon Docker tag to v3.4.5 ()
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2022-02-01 20:57:50 +01:00
Claire 987d88ea56
Fix requiring an extra restart after recent post-deployment migrations ()
Follow-up to 
2022-02-01 20:57:39 +01:00
Rohan Sharma 4d6d4b43c6
Fixed prototype pollution bug and only allow trusted origin () 2022-02-01 17:34:48 +01:00
Claire 54581d43e7
Bump version to 3.4.5 () 2022-01-31 21:27:40 +01:00
Claire d6f3261c6c
Merge pull request from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-01-31 10:51:11 +01:00
Claire 2fcf652fff Merge branch 'main' into glitch-soc/merge-upstream 2022-01-31 10:42:17 +01:00
Daniel Jakots aa45404578
Bump NODE_VER to 16.13.2, to solve security issues ()
Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
2022-01-31 00:32:03 +01:00
Claire a0e06c3c3e
Add more advanced migration tests ()
- populate the database with some data when testing migrations
- try both one-step and two-step migrations (`SKIP_POST_DEPLOYMENT_MIGRATIONS`)
2022-01-30 23:50:08 +01:00
Claire c6b291afc3
Change index corruption warning to be a little less scary () 2022-01-30 23:49:52 +01:00
Claire b54e263712
Merge pull request from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
2022-01-30 22:51:32 +01:00
Claire a99adeaad3
Fix edge case in migration helpers that caused crash because of PostgreSQL quirks () 2022-01-30 22:34:54 +01:00
Claire 7679ddcd5e Merge branch 'main' into glitch-soc/merge-upstream 2022-01-30 22:33:30 +01:00
Claire ac583fce21
Fix some old migration scripts ()
* Fix some old migration scripts

* Fix edge case in two-step migration from older releases
2022-01-30 21:38:54 +01:00
Claire f5639e1cbe
Change public profile pages to be disabled for unconfirmed users ()
Fixes 

Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.
2022-01-28 14:24:37 +01:00