Commit graph

20953 commits

Author SHA1 Message Date
Claire
6c1b6194f7 Merge pull request from GHSA-jhrq-qvrm-qr36
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
2024-02-16 12:17:15 +01:00
Claire
5f21a1f5a3
Bump version to v4.3.0-alpha.3 (#29241) 2024-02-16 11:06:47 +00:00
Claire
9fee5e8526
Merge pull request from GHSA-jhrq-qvrm-qr36
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
2024-02-16 11:56:12 +01:00
renovate[bot]
63080e10a9 Update dependency pg to v1.5.5 (#29230)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-16 10:06:25 +01:00
renovate[bot]
a8ee6fdd62
Update dependency pg to v1.5.5 (#29230)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-16 08:12:10 +00:00
Matt Jankowski
a9f9b0097b
Reduce RSpec/MultipleExpectations in captcha feature spec (#29226) 2024-02-16 07:52:57 +00:00
Matt Jankowski
4b7f04e3ea
Reduce RSpec/MultipleExpectations in post_status_service spec (#29225) 2024-02-16 07:52:29 +00:00
github-actions[bot]
1c93d625c6
New Crowdin Translations (automated) (#29195)
Co-authored-by: GitHub Actions <noreply@github.com>
2024-02-16 07:51:13 +00:00
Matt Jankowski
ed4939296a
Reduce RSpec/MultipleExpectations in ap/activity/create spec (#29224) 2024-02-16 07:43:00 +00:00
Matt Jankowski
1df2ffc3ee
Use subject in blacklist email validator spec (#29211) 2024-02-16 07:42:03 +00:00
Matt Jankowski
fc4f823464
Avoid local block var assignment in ap/process_status_update_service spec (#29210) 2024-02-16 07:41:25 +00:00
Claire
e7ca82762d Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:12:59 +01:00
Claire
d4d0565b0f
Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 21:49:45 +00:00
Matt Jankowski
844aa59bdf
Doc update about ruby version 3.0+ (#29202) 2024-02-14 16:44:27 +00:00
Claire
486e4bc7d3 Fix OmniAuth tests (#29201) 2024-02-14 16:07:28 +01:00
Claire
bbbbf00084
Fix OmniAuth tests (#29201) 2024-02-14 14:57:49 +00:00
Claire
40439399c6 Bump version to v4.3.0-alpha.2 (#29200) 2024-02-14 15:26:18 +01:00
Claire
53b73ed6a2 Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:25:15 +01:00
Emelia Smith
436419cc2f Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:25:15 +01:00
Claire
8e8e0f104f
Bump version to v4.3.0-alpha.2 (#29200) 2024-02-14 14:20:02 +00:00
Claire
b31af34c97
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Emelia Smith
68eaa804c9
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:15:34 +01:00
Claire
3c3ef8b9d3 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:42:15 +01:00
Claire
554e2a019e
Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 12:12:13 +00:00
Emelia Smith
eae436c5a8 Disable administrative doorkeeper routes (#29187) 2024-02-13 20:03:00 +01:00
Emelia Smith
b83076647e Ignore legacy moderator and admin columns on User model (#29188) 2024-02-13 20:03:00 +01:00
renovate[bot]
7100106f3f Update dependency sidekiq-unique-jobs to v7.1.33 (#29175)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
renovate[bot]
04da8f887b Update dependency pghero to v3.4.1 (#29144)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
renovate[bot]
d9d0a6ef33 Update dependency irb to v1.11.2 (#29135)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
renovate[bot]
93b365bfc0 Update dependency webmock to v3.20.0 (#29120)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 20:03:00 +01:00
Emelia Smith
46142cdbdd
Disable administrative doorkeeper routes (#29187) 2024-02-13 18:11:47 +00:00
Emelia Smith
e8b66a0525
Ignore legacy moderator and admin columns on User model (#29188) 2024-02-13 17:14:49 +00:00
Nicolas Hoffmann
476a043fc5
Fix modal container bounds (#29185) 2024-02-13 12:58:21 +00:00
Claire
e3c4e90646
Fix new list button being blank (#2616) 2024-02-13 12:48:01 +01:00
github-actions[bot]
5de1ce23c3
New Crowdin Translations (automated) (#29182)
Co-authored-by: GitHub Actions <noreply@github.com>
2024-02-13 09:08:55 +00:00
renovate[bot]
e25d9dfb25
Update dependency dotenv to v16.4.3 (#29174)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 08:02:55 +00:00
renovate[bot]
b244e5cb81
Update dependency sidekiq-unique-jobs to v7.1.33 (#29175)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-13 07:56:46 +00:00
Claire
084d051e6c
Merge pull request #2608 from ClearlyClaire/glitch-soc/refactor/monolithic-components-css
Merge SCSS in a single `components.scss` file
2024-02-12 22:18:55 +01:00
renovate[bot]
819ede190e
Update dependency dotenv to v16.4.2 (#29157)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 10:39:31 +00:00
renovate[bot]
cf0d6bef8b
Update eslint (non-major) (#29166)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 10:21:17 +00:00
renovate[bot]
58918844a9
Update peter-evans/create-pull-request action to v6 (#29167)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 10:20:54 +00:00
github-actions[bot]
6482948547
New Crowdin Translations (automated) (#29156)
Co-authored-by: GitHub Actions <noreply@github.com>
2024-02-12 09:59:05 +00:00
Claire
8125dae5a8
Rename ES_CA_CERT to ES_CA_FILE for consistency (#29147) 2024-02-12 09:54:06 +00:00
Claire
c249c10f74 Fix account suggestion size inconsistency with upstream 2024-02-11 21:55:36 +01:00
github-actions[bot]
c07028b2fa
New Crowdin Translations (automated) (#29152)
Co-authored-by: GitHub Actions <noreply@github.com>
2024-02-09 09:55:30 +00:00
Claire
d391e01b59 Revert notification bar color for now 2024-02-08 21:12:57 +01:00
Claire
ca8fbda5d0
Add end-to-end test for OCR in media uploads (#29148) 2024-02-08 19:13:44 +00:00
Claire
3f89cec3c9 Further reduce differences with upstream 2024-02-08 19:52:03 +01:00
Claire
f6f62002c7 Remove leftovers from glitch-soc's layout option 2024-02-08 19:21:35 +01:00
Claire
189b70cd6a Merge SCSS in a single components.scss file 2024-02-08 18:50:38 +01:00