3ee038ac7d
Bump @babel/plugin-transform-runtime from 7.14.5 to 7.15.0 ( #16590 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.14.5 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-23 22:03:23 +09:00
70909c5b09
Merge pull request #1589 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2021-08-20 16:30:21 +02:00
1aca5ef9bc
Merge branch 'main' into glitch-soc/merge-upstream
2021-08-20 16:14:45 +02:00
3c45dfa0fe
Fix “discoverable” account setting being tied to profile directory ( #16637 )
2021-08-20 16:11:58 +02:00
65b003cab8
Merge pull request #1588 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2021-08-20 14:26:14 +02:00
4f074b68ba
[Glitch] Fix crash if a notification contains an unprocessed media attachment
...
Port 0c24c865b7
2021-08-20 13:14:59 +02:00
0e62c38b02
[Glitch] Fix download button color in audio player
...
Port aaf24d3093
2021-08-20 13:14:03 +02:00
4e2a8c9b38
Merge branch 'main' into glitch-soc/merge-upstream
2021-08-20 13:01:50 +02:00
a2afcac7d9
Make sure nginx always send HSTS header ( #16633 )
...
By default, it'll only send those headers when the response code is one of the following:
- 200, 201, 204, 206, 301, 302, 303, 304, 307 & 308
As all the traffics should be https, the http protocol only exists to do 301 redirect,
and always send the HSTS header is almost one of the best practices, we should set
nginx to do so.
Reference:
- https://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header
- https://ssl-config.mozilla.org/
2021-08-20 10:54:11 +01:00
6702148472
Add tests for SuspendAccountService and UnsuspendAccountService ( #16627 )
...
* Add tests for SuspendAccountService
* Add tests for UnsuspendAccountService
2021-08-20 10:53:33 +01:00
90a8d4ef1c
Bump rspec-rails from 5.0.1 to 5.0.2 ( #16622 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.1...v5.0.2 )
---
updated-dependencies:
- dependency-name: rspec-rails
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-20 18:48:39 +09:00
588f48bf6f
Bump sass from 1.37.0 to 1.38.0 ( #16623 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.37.0...1.38.0 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-20 18:48:25 +09:00
63fa767c83
Bump fast_blank from 1.0.0 to 1.0.1 ( #16621 )
...
Bumps [fast_blank](https://github.com/SamSaffron/fast_blank ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/SamSaffron/fast_blank/releases )
- [Commits](https://github.com/SamSaffron/fast_blank/compare/1.0.0...v1.0.1 )
---
updated-dependencies:
- dependency-name: fast_blank
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-20 18:47:45 +09:00
e03dc3956f
Disable nginx ssl_session_tickets for better security ( #16632 )
...
It's default turned on, but it's better to turn it off for security reason.
Reference:
- https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets
- https://github.com/mozilla/server-side-tls/issues/135
2021-08-20 08:15:07 +01:00
9ac7e6fef7
Fix remotely-suspended accounts' toots being merged back into timelines ( #16628 )
...
* Fix remotely-suspended accounts' toots being merged back into timelines
* Mark remotely-deleted accounts as remotely suspended
2021-08-20 07:40:33 +01:00
0cae6c07bb
Fix #16603 ( #16605 )
...
Fix issue #16603 undefined method `serialize_payload' for Unsuspend Account Service error.
It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service.
2021-08-20 07:39:37 +01:00
ce8f41e560
Bump oj from 3.12.2 to 3.13.2 ( #16620 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.12.2 to 3.13.2.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.12.2...v3.13.2 )
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:58:07 +09:00
6cdbff88e7
Bump eslint-plugin-import from 2.23.4 to 2.24.0 ( #16592 )
...
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.23.4 to 2.24.0.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.23.4...v2.24.0 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:20:21 +09:00
c04c3e98e3
Bump yargs from 17.0.1 to 17.1.1 ( #16614 )
...
Bumps [yargs](https://github.com/yargs/yargs ) from 17.0.1 to 17.1.1.
- [Release notes](https://github.com/yargs/yargs/releases )
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/yargs/compare/v17.0.1...v17.1.1 )
---
updated-dependencies:
- dependency-name: yargs
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:19:51 +09:00
1d63f0798a
Bump ws from 8.0.0 to 8.1.0 ( #16616 )
...
Bumps [ws](https://github.com/websockets/ws ) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.0.0...8.1.0 )
---
updated-dependencies:
- dependency-name: ws
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:19:31 +09:00
f5a8011cf4
Bump bullet from 6.1.4 to 6.1.5 ( #16617 )
...
Bumps [bullet](https://github.com/flyerhzm/bullet ) from 6.1.4 to 6.1.5.
- [Release notes](https://github.com/flyerhzm/bullet/releases )
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md )
- [Commits](https://github.com/flyerhzm/bullet/compare/6.1.4...6.1.5 )
---
updated-dependencies:
- dependency-name: bullet
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:01:31 +09:00
00944fc0f4
Bump fastimage from 2.2.4 to 2.2.5 ( #16609 )
...
Bumps [fastimage](https://github.com/sdsykes/fastimage ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/sdsykes/fastimage/releases )
- [Changelog](https://github.com/sdsykes/fastimage/blob/master/CHANGELOG )
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.4...v2.2.5 )
---
updated-dependencies:
- dependency-name: fastimage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:00:53 +09:00
3318aa26f2
Bump nokogiri from 1.12.2 to 1.12.3 ( #16610 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.12.2 to 1.12.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.2...v1.12.3 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:00:37 +09:00
358b43c3a6
Bump blurhash from 1.1.3 to 1.1.4 ( #16613 )
...
Bumps [blurhash](https://github.com/woltapp/blurhash ) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/woltapp/blurhash/releases )
- [Commits](https://github.com/woltapp/blurhash/commits )
---
updated-dependencies:
- dependency-name: blurhash
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:00:17 +09:00
68e9e9ee0f
Bump pundit from 2.1.0 to 2.1.1 ( #16615 )
...
Bumps [pundit](https://github.com/varvet/pundit ) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/varvet/pundit/releases )
- [Changelog](https://github.com/varvet/pundit/blob/master/CHANGELOG.md )
- [Commits](https://github.com/varvet/pundit/compare/v2.1.0...v2.1.1 )
---
updated-dependencies:
- dependency-name: pundit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:00:04 +09:00
f77d347f88
Bump path-parse from 1.0.6 to 1.0.7 ( #16597 )
...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases )
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7 )
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:58:37 +09:00
81d11b01fc
Bump parallel_tests from 3.7.0 to 3.7.1 ( #16612 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.7.0 to 3.7.1.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.7.0...v3.7.1 )
---
updated-dependencies:
- dependency-name: parallel_tests
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:49:59 +09:00
ec0b8f7e81
Bump aws-sdk-s3 from 1.98.0 to 1.99.0 ( #16611 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.98.0 to 1.99.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:49:21 +09:00
f3084bbf7c
Bump webmock from 3.13.0 to 3.14.0 ( #16587 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.13.0 to 3.14.0.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.13.0...v3.14.0 )
---
updated-dependencies:
- dependency-name: webmock
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:49:00 +09:00
30cf90c931
Bump redux from 4.1.0 to 4.1.1 ( #16586 )
...
Bumps [redux](https://github.com/reduxjs/redux ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/reduxjs/redux/releases )
- [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/redux/compare/v4.1.0...v4.1.1 )
---
updated-dependencies:
- dependency-name: redux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:41:01 +09:00
479a8d1004
Bump rubocop from 1.18.4 to 1.19.0 ( #16618 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.18.4 to 1.19.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.18.4...v1.19.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:40:17 +09:00
2d080f5e04
Bump strong_migrations from 0.7.7 to 0.7.8 ( #16584 )
...
Bumps [strong_migrations](https://github.com/ankane/strong_migrations ) from 0.7.7 to 0.7.8.
- [Release notes](https://github.com/ankane/strong_migrations/releases )
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.7...v0.7.8 )
---
updated-dependencies:
- dependency-name: strong_migrations
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:32:29 +09:00
d5b4290caa
Bump @babel/runtime from 7.14.8 to 7.15.3 ( #16619 )
...
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.14.8 to 7.15.3.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.3/packages/babel-runtime )
---
updated-dependencies:
- dependency-name: "@babel/runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:31:14 +09:00
1bdd3dafb8
Bump @babel/core from 7.14.8 to 7.15.0 ( #16588 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.14.8 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:30:54 +09:00
2ddf0fdb87
Bump @testing-library/react from 11.2.7 to 12.0.0 ( #16440 )
...
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library ) from 11.2.7 to 12.0.0.
- [Release notes](https://github.com/testing-library/react-testing-library/releases )
- [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/react-testing-library/compare/v11.2.7...v12.0.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/react"
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:30:15 +09:00
0c24c865b7
Fix crash if a notification contains an unprocessed media attachment ( #16573 )
...
* Refactor AttachmentList
* Do not crash if a notification contains an unprocessed media attachment
Fixes #16530
* Fix spacing in compact form
2021-08-11 17:49:10 +02:00
aaf24d3093
Fix download button color in audio player ( #16572 )
...
Fixes #16571
2021-08-11 17:48:55 +02:00
5efb1ff337
Fix followers synchronization mechanism not working when URI has empty path ( #16510 )
...
* Fix followers synchronization mechanism not working when URI has empty path
To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org instead of
something like https://example.org/actor ) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.
Also adds tests and rename them to reflect the proper method names.
* Move url prefix regexp to its own constant
2021-08-11 17:48:42 +02:00
4a364de500
Merge pull request #1585 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2021-08-11 17:25:06 +02:00
47ea9b2d67
Merge branch 'main' into glitch-soc/merge-upstream
2021-08-11 16:41:59 +02:00
13b08610a0
Fix crash when encountering invalid account fields ( #16598 )
...
* Add test
* Fix crash when encountering invalid account fields
2021-08-11 16:40:55 +02:00
229f5d1681
NodeJS 14 support - circleci/docker/.nvmrc ( #16163 )
...
* Update config.yml
* Update Dockerfile
* Update .nvmrc
* Update Dockerfile
* NodeJS 10 is EOL.
* Update package.json
* Update README.md
* Update Vagrantfile
* Update Dockerfile
* Update Dockerfile
2021-08-10 22:56:13 +02:00
70b7ac9ff3
Merge pull request #1583 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2021-08-10 00:25:33 +02:00
8681ef85d0
[Glitch] Fix logout link not working in safari
...
Port b2875b1864
2021-08-09 23:45:58 +02:00
8d55cb7d71
[Glitch] Fix trends layout
...
Port 6e0ab6814f
2021-08-09 23:40:31 +02:00
76c7226eb0
Fix account statuses cleanup settings controller for glitch-soc's theming system
2021-08-09 23:28:06 +02:00
8ec4be4233
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `Gemfile.lock`:
Not a real conflict, upstream-updated dependency (redis) textually too
close to glitch-soc-only dependecy.
Updated redis gem like upstream did.
2021-08-09 23:25:49 +02:00
4ac78e2a06
Add feature to automatically delete old toots ( #16529 )
...
* Add account statuses cleanup policy model
* Record last inspected toot to delete to speed up successive calls to statuses_to_delete
* Add service to cleanup a given account's statuses within a budget
* Add worker to go through account policies and delete old toots
* Fix last inspected status id logic
All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.
* Add tests
* Refactor scheduler and add tests
* Add user interface
* Add support for discriminating based on boosts/favs
* Add UI support for min_reblogs and min_favs, rework UI
* Address first round of review comments
* Replace Snowflake#id_at_start with with_random parameter
* Add tests
* Add tests for StatusesCleanupController
* Rework settings page
* Adjust load-avoiding mechanisms
* Please CodeClimate
2021-08-09 23:11:50 +02:00
432e3d1eaf
Bump sanitize from 5.2.3 to 6.0.0 ( #16580 )
...
Fixes nokogumbo/nokogiri conflicts by dropping the nokogumbo gem, as it has
been merged in the nokogiri gem.
2021-08-09 20:46:57 +02:00
709876bd6c
Fix invalid blurhash handling in Create activity ( #16583 )
2021-08-09 13:33:19 +02:00
dependabot[bot]
Claire
Peter Dave Hello
Holger
Shlee
Takeshi Umeda
Jeong Arm