Commit graph

812 commits

Author SHA1 Message Date
Matt Jankowski
0e1110c947
Use SECRET_KEY_BASE_DUMMY feature as placeholder during asset compilation (#30505) 2024-06-10 20:08:04 +00:00
Claire
be68f8f4af Merge commit '9cc4040308a758d4b77961f4da79cf63a044fffe' into glitch-soc/merge-upstream 2024-06-10 18:20:08 +02:00
Matt Jankowski
0cf91213c9
Opt in to remaining Rails 7.1 defaults (#30332)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-10 06:32:20 +00:00
Claire
7277d2f130 Merge commit '496c10542bd39ca86a85d4de81778c134ea4383c' into glitch-soc/merge-upstream 2024-06-07 20:30:51 +02:00
Claire
80cd001e0a
Fix linting issue (#30595) 2024-06-07 14:32:29 +00:00
Isa S
773283ffb9
Make S3's retry limit a ENV variable (#23215) 2024-06-07 13:54:55 +00:00
Victor Dyotte
299ae9bf92
Add S3_KEY_PREFIX environment variable (#30181) 2024-06-07 12:29:30 +00:00
Claire
30b00ca2b5 Merge commit '5652ca613582df03e5b838626078981414f3b897' into glitch-soc/merge-upstream 2024-06-06 12:27:26 +02:00
Emelia Smith
e02d23b549
Change read:me scope to profile scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Eugen Rochko
5f15a892fa
Add support for libvips in addition to ImageMagick (#30090)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-05 19:15:39 +00:00
Matt Jankowski
4d3748ac44
Fix rack attack match_type value typo in logging config (#30514) 2024-06-03 07:16:01 +00:00
Matt Jankowski
a22865a352
Add :email to filter parameter logging config (#30492) 2024-05-31 09:35:56 +00:00
Claire
b8271f20c5 Merge commit '7f808ff6e9148f1cfe1e16d000e2405b6e31f243' into glitch-soc/merge-upstream 2024-05-30 15:41:31 +02:00
Claire
73a78cc19d
Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) 2024-05-30 12:56:18 +00:00
Claire
3fa0dd0b88
Merge pull request from GHSA-c2r5-cfqr-c553
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
2024-05-30 14:24:29 +02:00
Claire
16249946ae
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Claire
c827a98f19 Merge commit 'd20a5c3ec9ed40a991245fe32d0acb6187dd48c4' into glitch-soc/merge-upstream
Conflicts:
- `yarn.lock`:
  Not a real conflict, just a line adjacent to a glitch-soc only dependency
  getting updated.
  Updated dependencies as upstream did.
2024-05-29 17:03:24 +02:00
Emelia Smith
d20a5c3ec9
Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-29 14:00:05 +00:00
Nick Schonning
87156f57b5
Enable Style/StringConcatenation (#30428) 2024-05-27 09:41:45 +00:00
Claire
1a2a28eb4a Fix rubocop warnings 2024-05-24 17:13:34 +02:00
Claire
d76106da12 Merge commit 'ccb6aeddacbab950d7d7f1b0d2b64212d7aa99eb' into glitch-soc/merge-upstream 2024-05-24 17:08:21 +02:00
Renaud Chaput
acc77c3836
Add instrumentation to the search services (#30350) 2024-05-24 13:13:23 +00:00
Claire
e46321e63d Merge commit 'de4815afda0809bf999519aabda1cd14c67278da' into glitch-soc/merge-upstream 2024-05-20 12:17:36 +02:00
Renaud Chaput
9658d3e580
Use the job class as span name for Sidekiq root spans (#30353) 2024-05-20 08:01:04 +00:00
Claire
57fb2cf948 Merge commit '12472e7f407c42bcff6ee204b9f1887b5824734f' into glitch-soc/merge-upstream 2024-05-17 12:33:41 +02:00
Claire
12472e7f40
Add emphasis on ActiveRecord Encryption configuration values being secret (#30340) 2024-05-17 09:28:40 +00:00
Claire
2810231180 Merge commit 'b2388be71eb0031ef9e47c492b1c038231cd8bc0' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/activitypub/collections_controller.rb`:
  Upstream renamed a helper method everywhere.
  There was one glitch-soc line involving changes because of the local-only post
  feature.
  Ported upstream's change.
2024-05-16 19:30:10 +02:00
Matt Jankowski
1b6eb2c7f0
Enable YJIT when available (#30310) 2024-05-16 09:56:48 +00:00
Renaud Chaput
283a891e92
Allow to customise the OTEL service name prefix (#30322) 2024-05-16 09:28:10 +00:00
Matt Jankowski
6beead3867
Move simplecov config into rails_helper (#30302) 2024-05-15 09:33:36 +00:00
Claire
666760f450 Merge commit '1bf661cddbc614d4076e9d9e855575fc29e976c0' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Upstream fixed a command we have modified in glitch-soc.
  Updated as upstream did.
2024-05-14 20:47:14 +02:00
Nick Schonning
13fb54920b
Enable Style/IfUnlessModifier RuboCop (#30260) 2024-05-13 09:54:15 +00:00
Claire
f35ba6963d Merge commit '1959365c2f410aa82874c5c05ab92c4eca4c4055' into glitch-soc/merge-upstream 2024-05-11 22:10:56 +02:00
Renaud Chaput
68b9fe824d
Add OpenTelemetry instrumentation (#30130)
Co-authored-by: Juliano Costa <juliano.costa@datadoghq.com>
Co-authored-by: Robb Kidd <robbkidd@honeycomb.io>
2024-05-10 12:40:20 +00:00
Matt Jankowski
040aaf3a48
Use default: ... assignment for Devise config, fixes Style/ClassVars cop (#30214) 2024-05-10 09:42:01 +00:00
Claire
3789d9f825 Merge commit 'b7902225d698a107df2cf8b4ca221caad38fa464' into glitch-soc/merge-upstream
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
  Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
  while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
  Switched to using upstream's implementation of the tests.
2024-05-04 16:28:30 +02:00
Claire
bceb45adda Merge commit '3f6887557b23d363e7f8f18518db4447739d64bb' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/entrypoints/common.js`:
  Upstream moved everything from `app/javascript/packs` to
  `app/javascript/entrypoints` while this file was a glitch-soc
  addition. Moved it like the rest.
- `tsconfig.json`:
  Conflict due to glitch-soc's flavor.
  Updated like upstream.

Also moved and updated the following files accordingly:
- `app/javascript/flavours/vanilla/theme.yml`
- `app/javascript/flavours/glitch/theme.yml`
- everything in `app/javascript/flavours/glitch/packs`
2024-05-04 14:59:00 +02:00
Claire
33368e3e79
Change ActiveRecordEncryption variable to be more explicit (#30151) 2024-05-03 09:26:24 +00:00
Claire
b039e62194 Merge commit 'a2399046ca600d492b492b8dae88011de687bece' into glitch-soc/merge-upstream 2024-05-01 19:49:59 +02:00
Claire
eeefb7cdbc Merge commit 'a15139bc02d279b9ef85e95990f41e3e88838d20' into glitch-soc/merge-upstream 2024-05-01 19:42:34 +02:00
Claire
6204d13a2e Merge commit 'ec71c02c4b028c3541742f023729aeb295a51559' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile`:
  There was an extra newline in glitch-soc for some reason.
  Removed it.
2024-05-01 19:38:34 +02:00
Claire
946bd2e7e1 Merge commit '0622107449e72d35b22afeeba2f0ba983e914803' into glitch-soc/merge-upstream 2024-05-01 19:16:48 +02:00
Claire
15f6d2d038 Merge commit 'd27eb181f6ab419d1745a1fe9b94094be17a618f' into glitch-soc/merge-upstream
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
  Conflict due to glitch-soc having a different default site name.
  Updated the tests as upstream did, keeping glitch-soc's default name.
2024-05-01 17:22:02 +02:00
Matt Jankowski
32ead51e5a
Add material design icons to admin/settings views (#27780)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-04-23 16:43:49 +00:00
Emelia Smith
049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
Tim Rogers
1ca6ff8ca5
Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-04-22 09:00:24 +00:00
Matt Jankowski
c7384adc00
Fix Style/TrailingCommaInArguments cop (#30003) 2024-04-19 20:37:18 +00:00
Matt Jankowski
933189887b
Fix Style/StringLiterals cop (#30005) 2024-04-19 20:33:00 +00:00
Matt Jankowski
8d47ba893a
Fix Style/PercentLiteralDelimiters cop (#30006) 2024-04-19 20:32:26 +00:00
Matt Jankowski
828299e71c
Enable AR Encryption (#29831) 2024-04-17 09:19:02 +00:00
Matt Jankowski
0d9ad96d3f
Rename PremailerWebpackStrategy -> PremailerBundledAssetStrategy (#29934) 2024-04-15 09:16:59 +00:00
Claire
903dc53522 Merge commit '05eda8d19330a9c27c0cf07de19a87edff269057' into glitch-soc/merge-upstream 2024-04-06 20:01:25 +02:00
Matt Jankowski
edde54e991
Update stoplight to version 4.1.0 (#28366) 2024-04-02 15:47:40 +00:00
Matt Jankowski
a59f5694fe
Add empty line after magic frozen string comment (#29696) 2024-03-21 14:12:50 +00:00
Claire
876aa35350 Merge commit 'ffc5be4820ed7bad4656489f096230dd7965140b' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Upstream updated a dependency that is on an adjacent line to a
  glitch-soc-only dependency in that file.
  Updated as upstream did.
- `yarn.lock`:
  Upstream updated a dependency that is on an adjacent line to a
  glitch-soc-only dependency in that file.
  Updated as upstream did.
2024-03-19 19:21:12 +01:00
Matt Jankowski
6c68c3c0ce
Introduce inline_svg gem, minimal usage, prep for material design icons (#29612) 2024-03-19 09:03:15 +00:00
Claire
a5127d0ef8 Merge commit '24319836de6046fb2985ec1a24c30ad7d47584d7' into glitch-soc/merge-upstream
Conflicts:
- `config/routes/api.rb`:
  glitch-soc has an extra `:destroy` action on notifications for historical reasons.
  Kept it for now, while otherwise updating as upstream did.
2024-03-11 17:29:07 +01:00
Matt Jankowski
a38e424185
Use unchanging github links in docs/comments (#29545) 2024-03-11 15:14:55 +00:00
Claire
45e56db8e4 Merge commit 'f89512fbedb547f66a72eefdff047768fb505eb6' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept our version.
2024-03-05 16:25:50 +01:00
Dave MacLeod
b6b94c971f
Add Interlingue to available_locales (#28630) 2024-03-01 17:51:22 +00:00
Claire
ef3d15554b Merge commit 'c645490d553124d800d30488595f7d2d9d61584d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept glitch-soc's README.
- `app/models/account.rb`:
  Not a real conflict, upstream updated some lines textually adjacent
  to glitch-soc-specific lines.
  Ported upstream's changes.
2024-02-24 14:46:14 +01:00
Emelia Smith
eae436c5a8 Disable administrative doorkeeper routes (#29187) 2024-02-13 20:03:00 +01:00
Emelia Smith
46142cdbdd
Disable administrative doorkeeper routes (#29187) 2024-02-13 18:11:47 +00:00
Claire
8125dae5a8
Rename ES_CA_CERT to ES_CA_FILE for consistency (#29147) 2024-02-12 09:54:06 +00:00
Claire
2912829411
Add support for specifying custom CA cert for Elasticsearch (#29122) 2024-02-07 12:09:43 +00:00
Claire
19f1ffe287 Fix self-destruct schedule not actually replacing initial schedule (#29049) 2024-02-06 21:00:09 +01:00
Claire
64300e0fe3
Fix self-destruct schedule not actually replacing initial schedule (#29049) 2024-02-06 15:32:09 +00:00
Claire
c59fb65ddc Merge commit '127503eb2cdd67126974bee304dde0f183300b84' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/accounts_helper.rb`:
  Conflict due to glitch-soc's option to hide followers count.
  Ported upstream changes.

Additional changes:
- `app/views/application/mailer/_account.html.haml`:
  Ported glitch-soc's option to hide followers count.
- `app/views/settings/flavours/show.html.haml`:
  Ported the `frontend_asset_url` helper change to glitch-soc.
2024-01-17 18:32:15 +01:00
Matt Jankowski
c523a9601b
Rename local webpack* var in development env CSP config (#28766) 2024-01-17 09:22:16 +00:00
Matt Jankowski
0ce081fe49
Remove monkey patch in favor of supported Devise config value (#28760) 2024-01-17 09:08:17 +00:00
Claire
34c9f77b3e Merge commit '7f471e70c0e1cc106747634d20f173a68a9272d7' into glitch-soc/merge-upstream
Conflicts:
- `app/views/layouts/mailer.html.haml`:
  Conflict caused by glitch-soc's theming system.
  Used glitch-soc's path for the mailer pack.
2024-01-15 21:30:00 +01:00
HTeuMeuLeu
7f471e70c0
Update new email templates (#28416)
Co-authored-by: Matt Jankowski <matt@jankowski.online>
2024-01-15 18:18:59 +00:00
Claire
630b245bb4 Merge commit '9a73a7dcaf2e383b2ec105d71bfcea2c48cbea10' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/settings/scoped_settings.rb`:
  Removed upstream, while glitch-soc had a change related to its theming system.
  Removed as well, as it's unused.
2024-01-11 12:59:27 +01:00
Claire
0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Matt Jankowski
4e02838832
Enable "low risk" Rails 7.1 setting defaults (#28626) 2024-01-09 12:50:57 +00:00
gunchleoc
173953c23e
Fix ISO code for Canadian French (#26015)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-09 10:56:13 +00:00
Matt Jankowski
e09419f22a
Move old framework defaults file to regular config value (#28623) 2024-01-08 10:17:38 +00:00
Matt Jankowski
a27a82939d
Remove the 7.1 marshalling format "todo" from new_framework_defaults (#28625) 2024-01-08 10:16:33 +00:00
Claire
9d9008666b Merge commit '092bb8a27af9ee87ff9ebabaf354477470ea3a94' into glitch-soc/merge-upstream 2024-01-03 12:38:49 +01:00
Claire
bd415af9a1
Change streaming API host to not be overridden to localhost in development mode (#28557) 2024-01-03 10:23:58 +00:00
Claire
19e14654cc
Reduce CSP configuration changes with upstream (#2536) 2023-12-27 09:54:05 +01:00
Claire
30ee7339d3 Merge commit '7d9b209fe84b00eff348ea9d54905cbfffa79788' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream changed code style change, including on a line modified by glitch-soc.
  Kept glitch-soc's line but with the code style change applied.
2023-12-21 19:31:12 +01:00
Claire
f5b7307890 Merge commit 'f99e05710ea06cf10bbd3fb64ae8c00b095cb455' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Took upstream's version of the conflicting lines.
2023-12-21 19:24:10 +01:00
Claire
a60b9acf3c Merge commit 'b2f915b31ae884e3893e93a99da4e2b8d7e9ef7b' into glitch-soc/merge-upstream 2023-12-21 19:04:20 +01:00
Claire
b2961dad2b Fix lint issue in glitch-soc-only file 2023-12-20 22:25:23 +01:00
Claire
077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
2023-12-20 22:16:50 +01:00
Claire
8a5f2442cc Merge commit '0530ce5e9575c09464847412f43852f438b0494e' into glitch-soc/merge-upstream 2023-12-20 21:58:18 +01:00
Claire
b8209c3b96 Merge commit '85662a5a57531af5402a6777d0b1089e78c56815' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
  Upstream reworked the CSP, we kept our version for now.
2023-12-20 20:10:45 +01:00
Claire
6c00d5b0c4 Fix test failure caused by glitch-soc changes 2023-12-19 21:14:39 +01:00
Claire
b474cbbd28 Merge commit '7840c6b75b61e64d89d7fd9f291277fb177e513f' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/accounts/relationships_controller.rb`:
  We differed by listing suspended users when requesting relationships.
  Updated to upstream's code.
2023-12-18 18:40:58 +01:00
Claire
46ddaffd40 Merge commit 'b87bfb8c96c8491f1228e0258d05119f3420db05' into glitch-soc/merge-upstream 2023-12-18 18:34:25 +01:00
Claire
bc33be0342 Merge commit '23e32a4b3031d1da8b911e0145d61b4dd47c4f96' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict because we had updated the `json-ld` gem to fix a yanked dependency.
  Kept our version of `json-ld` while updating other dependencies.
2023-12-18 18:07:24 +01:00
Matt Jankowski
e56fb9e489
Fix Style/SymbolProc cop (#28386) 2023-12-18 09:32:02 +00:00
Claire
33dd5d8179 Fix Ruby lint issues 2023-12-17 23:17:55 +01:00
Claire
4113fbf6e8 Merge commit 'f476d9dab2f5cca6ae44b95961df6b6557d66dab' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream enforced new code style rules, where we had different code.
  Applied the new code style rules.
2023-12-17 23:04:16 +01:00
Claire
ddf3ad9541 Merge commit '3bf896c973404261f4f7b25c25ea22adb1a85e7d' into glitch-soc/main
Conflicts:
- `package.json`:
  Upstream removed a dependency textually close to a glitch-only dependency.
  Updated as upstream while keeping our dependency.
2023-12-17 17:43:30 +01:00
Matt Jankowski
e5717c9bc6
Fix Style/Lambda cop (#28378) 2023-12-15 14:34:24 +00:00
Matt Jankowski
1ee8d1e50e
Assign a proc to Rack::Request.ip_filter instead of patching method (#28380) 2023-12-15 14:33:56 +00:00
Claire
f37c93f3d7
Change cookie rotator to use SHA1 digest for new cookies (#27392) 2023-12-12 12:01:08 +00:00
Claire
9f92b05bd2 Merge commit '2e6bf60f1549e5c1f1cfea2d614f978bea17b8a2' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated their README but we have a completely different one.
  Kept our version of `README.md`
2023-12-10 18:05:02 +01:00