Commit graph

3333 commits

Author SHA1 Message Date
Matt Jankowski
eae5c7334a
Extract class from CSP configuration/initialization (#26905) 2023-10-27 16:20:40 +00:00
Matt Jankowski
2e6bf60f15
Use deliveries.size in mailer-related examples in controller specs (#27589) 2023-10-27 15:33:52 +00:00
Claire
93e4cdc31b
Fix hashtag matching pattern matching some URLs (#27584) 2023-10-27 14:04:51 +00:00
Matt Jankowski
1f5187e2e2
Misc spec/refactor to user mailer and user mailer spec (#27486) 2023-10-27 09:57:16 +00:00
Claire
bbf46cc418
Fix error and incorrect URLs in /api/v1/accounts/:id/featured_tags for remote accounts (#27459) 2023-10-27 08:35:21 +00:00
Jeong Arm
8f998cd96a
Handle featured collections without items (#27581) 2023-10-27 02:36:22 +00:00
Claire
49b8433c56
Fix confusing screen when visiting a confirmation link for an already-confirmed email (#27368) 2023-10-25 21:33:44 +00:00
Claire
4b0fb764c3 Merge commit 'e93a75f1a11d6dfdcbd39dbdc22526c5508ad881' into glitch-soc/merge-upstream
Conflicts and ported changes:
- updated `@rails/ujs` imports
2023-10-24 19:59:19 +02:00
Claire
e25cc4deb7 Merge commit '379115e601361c2b5da775fbf28b7dff9dc02e71' into glitch-soc/merge-upstream
Conflicts:
- `config/navigation.rb`:
  Conflict due to glitch-soc having extra navigation items for its theming
  system.
  Ported upstream changes.
2023-10-24 19:31:14 +02:00
Claire
787d5ad386 Merge commit 'bcae7442757845191c0e82b61cd1d0cd3ca860d1' into glitch-soc/merge-upstream
Conflicts:
- `yarn.lock`:
  Caused by a glitch-soc-only dependency (`exif-js`).
  Kept it.
2023-10-24 19:05:18 +02:00
Claire
b0c76eaadd Merge commit '0ad66175bf59a34b03d9ab2347181548d07089ea' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/features/compose/components/compose_form.jsx`:
  Upstream changed one import, close to a glitch-soc-only import to handle
  different max character counts.
  Ported upstream's change.
2023-10-24 18:41:20 +02:00
Matt Jankowski
e93a75f1a1
Rails 7.1 update (#25963) 2023-10-23 17:58:29 +00:00
Daniel M Brasil
26d2a2a0cc
Migrate to request specs in /api/v1/media (#25543) 2023-10-23 15:46:21 +00:00
Claire
bcae744275
Fix some link anchors being recognized as hashtags (#27271) 2023-10-23 14:19:38 +02:00
Matt Jankowski
b0213472df
Validate allowed schemes on preview card URLs (#27485) 2023-10-23 09:50:02 +02:00
Matt Jankowski
ab0fb81479
Configure brakeman to ignore url safe preview card urls (#25883) 2023-10-20 15:32:16 +02:00
Claire
13688539bc
Fix processing LDSigned activities from actors with unknown public keys (#27474) 2023-10-20 10:45:46 +02:00
Claire
74fd46d3ab Merge commit '9f218c9924b883207a3463a29314c92032cf06df' into glitch-soc/merge-upstream 2023-10-19 19:14:04 +02:00
Matt Jankowski
9f218c9924
Refactor appeal partial to avoid brakeman XSS warning (#25880) 2023-10-19 17:25:54 +02:00
Matt Jankowski
bcd0171e5e
Fix Lint/UselessAssignment cop (#27472) 2023-10-19 16:55:06 +02:00
Daniel M Brasil
7bc8f03162
Add test coverage for Mastodon::CLI::Accounts#migrate (#25284) 2023-10-19 16:11:15 +02:00
Matt Jankowski
a1b27d8b61
Fix Naming/VariableNumber cop (#27447) 2023-10-18 14:26:22 +02:00
Emelia Smith
7c3fea7275
Feature: Allow token introspection without read scope (#27142) 2023-10-18 14:10:07 +02:00
Daniel M Brasil
091a21e1bc
Add test coverage for Mastodon::CLI::Accounts#prune (#25204) 2023-10-18 10:20:50 +02:00
Claire
e9dc30cdba
Fix duplicate github annotations for rspec failures (#27450) 2023-10-18 10:18:34 +02:00
Claire
63179f0bf4 Merge commit '5ef26d8fd50081c642b858a82bf0c5431b1c7e83' into glitch-soc/merge-upstream 2023-10-17 21:59:58 +02:00
Claire
c10a667ac2 Merge commit '935d54124e80e9fe5365c724e5c8827a2b3ed5b3' into glitch-soc/merge-upstream 2023-10-17 21:42:49 +02:00
Claire
b867d4581e Merge commit 'c91c0175db1cc8b954a977d29472886234ce9586' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/timelines/tag_controller_spec.rb`:
  Glitch-soc had a few extra lines in this file to account for a different
  default setting. This file got replaced by
  `spec/requests/api/v1/timelines/tag_spec.rb`, into which the glitch-soc
  additions were moved too.

Additional changes:
- `spec/requests/api/v1/statuses/sources_spec.rb`:
  Add glitch-soc-only attribute `content_type`.
2023-10-17 21:35:07 +02:00
Claire
656a41db2a Merge commit '77098c6f1c25958960df98a1510b28352a39704f' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated its README, we have a completely different one.
  Kept ours.
- `app/views/auth/sessions/two_factor.html.haml`:
  Upstream refactored stuff and the conflict is because of glitch-soc's theming
  system.
  Ported upstream changes while accounting for the different theming system.
2023-10-17 20:59:18 +02:00
Nick Schonning
5ef26d8fd5
Add RSpec GitHub annotations gem (#24040) 2023-10-17 18:28:09 +02:00
Matt Jankowski
71447ab19f
Fix Capybara/ClickLinkOrButtonStyle cop in spec/features/admin area (#27445) 2023-10-17 16:57:19 +02:00
Matt Jankowski
2528a0721f
Update rubocop-capybara to version 2.19.0 (#26982) 2023-10-17 16:10:50 +02:00
Claire
b34a2b1b33
Fix errors in CLI specs (#27399) 2023-10-17 15:30:12 +02:00
Victor Lee
c4bddc9855
Add spec for poll model (#23399)
Co-authored-by: Nick Schonning <nschonni@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-17 14:56:24 +02:00
Matt Jankowski
12bb7be8b5
Spec speed ups on AccountsController spec (#25391) 2023-10-17 13:32:10 +02:00
Matt Jankowski
d54fec24e5
Add coverage for CLI::PreviewCards#remove command (#27441) 2023-10-17 13:06:16 +02:00
Matt Jankowski
19900f647e
Add coverage for UnreservedUsernameValidator (#25590) 2023-10-17 13:05:28 +02:00
Matt Jankowski
fc9ab61448
Expand spec coverage of CLI::Media (#27437) 2023-10-16 18:20:58 +02:00
Matt Jankowski
893b2f33fd
Extract shared example for cacheable response in specs (#25388) 2023-10-16 17:52:06 +02:00
Matt Jankowski
708299bb0d
Misc coverage improvements for Admin:: and Settings:: controllers (#25346) 2023-10-16 17:20:28 +02:00
Daniel M Brasil
e0ed0f8c7c
Migrate to request specs in /api/v1/notifications (#25553) 2023-10-16 17:15:24 +02:00
Daniel M Brasil
cafdaec6cf
Migrate to request specs in /api/v1/lists/:id/accounts (#25468) 2023-10-16 16:03:48 +02:00
Daniel M Brasil
8e6116503d
Migrate to request specs in /api/v1/blocks (#25517) 2023-10-16 16:03:35 +02:00
Daniel M Brasil
d9caa6ed24
Migrate to request specs in /api/v1/admin/accounts (#25563) 2023-10-16 15:49:12 +02:00
Matt Jankowski
f5bc1f20e2
Add coverage for ExistingUsernameValidator (#25592)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-16 15:41:23 +02:00
Matt Jankowski
f8afa0f614
Remove unused stub json ld context (#25454) 2023-10-16 15:38:27 +02:00
Matt Jankowski
00e92b4038
Add coverage for CLI::Statuses command (#25321) 2023-10-16 15:37:22 +02:00
Claire
299aa71c8f
Fix handling of inLanguage attribute in preview card processing (#27423) 2023-10-16 15:24:14 +02:00
Daniel M Brasil
82beeb2f7e
Migrate to request specs in /api/v1/admin/trends/links (#25739) 2023-10-13 16:23:16 +02:00
Matt Jankowski
1b195ce115
Speed-up on Rack::Attack spec (#25542) 2023-10-13 16:14:23 +02:00
Claire
71cfdd7865
Fix duplicate tests (#27395) 2023-10-13 16:10:43 +02:00
Matt Jankowski
cad8cc90ba
Speed-up on MoveWorker spec (#25528) 2023-10-13 15:50:46 +02:00
Daniel M Brasil
058f73a4f5
Add request specs for /api/v1/reports (#25475) 2023-10-13 15:30:40 +02:00
Matt Jankowski
abf0e1fa39
Move SignedReqestHelpers rspec config to separate file (#25453) 2023-10-13 15:19:40 +02:00
Daniel M Brasil
bc6cd27d9e
Migrate to request specs in /api/v1/followed_tags (#25472) 2023-10-13 14:43:50 +02:00
Matt Jankowski
fd9dea21d0
DB speedup in API:: controller/request specs (#25516) 2023-10-13 14:42:09 +02:00
Daniel M Brasil
ecdb31d479
Migrate to request specs in /api/v1/favourites (#25518) 2023-10-13 14:19:12 +02:00
Daniel M Brasil
7664e3b692
Migrate to request specs in /api/v1/statuses/:status_id/source (#25634) 2023-10-13 14:08:21 +02:00
Daniel M Brasil
4230d1ee0a
Migrate to request specs in /api/v1/timelines/tag/:hashtag (#25797) 2023-10-13 14:04:37 +02:00
KMY(雪あすか)
45bdd60f3c
Fix when unfollow a tag, my post also disappears from the home timeline (#27391) 2023-10-13 11:15:47 +02:00
Matt Jankowski
133f218a4d
Add system specs for admin area batch actions (#25027) 2023-10-13 10:42:59 +02:00
Claire
3735e6f79d Merge commit '27e84c069112a3d2abfad947642457cc997a261a' into glitch-soc/merge-upstream 2023-10-10 19:53:41 +02:00
Claire
27e84c0691
Fix duplicate reports being sent when reporting some remote posts (#27355) 2023-10-10 16:00:50 +02:00
Claire
53f5b27bd1 Merge commit '640421f661ee4d7e76a2aab607e7b15687940b6f' into glitch-soc/merge-upstream 2023-10-08 17:30:48 +02:00
Claire
86c9c5afa0 Merge commit '40ba6e119b7457161fd43b449875d0fb9d473c1a' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/concerns/web_app_controller_concern.rb`:
  Upstream changed the order of Action Controller filters for web app
  controllers.
  Glitch-soc has an extra filter due to its theming system.
  Changed the order accordingly.
- `app/views/settings/preferences/appearance/show.html.haml`:
  Conflict due to an extra newline in glitch-soc.
  Removed that newline and applied upstream's changes.
2023-10-08 17:26:43 +02:00
Claire
ac2370778a Merge commit 'c676bc91e9c3aa81eb7cfbce3c5c5e80b84d3d02' into glitch-soc/merge-upstream
Conflicts:
- `config/environments/production.rb`:
  Upstream enforced a code style change and glitch-soc had a few different lines.
  Applied upstream's code style to glitch-soc's changes.
2023-10-08 17:21:12 +02:00
Claire
74c27e33e3 Merge commit '37bbd3c1064380a756b4e821655d7697105f99f5' into glitch-soc/merge-upstream 2023-10-08 17:10:39 +02:00
Claire
3262d1f1b6
Fix incorrect serialization of regional languages in contentMap (#27207) 2023-10-06 17:46:04 +02:00
Claire
340c390849
Fix crash when filtering for “dormant” relationships (#27306) 2023-10-06 12:58:16 +02:00
Claire
40ba6e119b
Fix Vary headers not being set on some redirects (#27272) 2023-10-05 09:50:08 +02:00
Matt Jankowski
72cec47c13
Silence deprecation warning in CacheBuster spec (#27264) 2023-10-04 10:17:36 +02:00
gunchleoc
68ec1d180a
Fix language sorting in settings (#27158) 2023-10-04 09:23:50 +02:00
Matt Jankowski
c676bc91e9
Dont match mention in url query string (#25656)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-03 17:01:45 +02:00
Claire
ceb365c419
Fix boosts of local users being filtered in account timelines (#27204) 2023-10-03 12:21:42 +02:00
Claire
f05985f8ec Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream changed their README, we have a completely different one.
  Kept our version.
2023-09-21 15:12:00 +02:00
Claire
828eebad48
Add hide_collections, discoverable and indexable attributes to credentials API (#26998) 2023-09-20 18:25:16 +02:00
Claire
f546b0c999 Merge branch 'main' into glitch-soc/merge-upstream 2023-09-19 17:07:29 +02:00
Claire
94893cf24f
Merge pull request from GHSA-hcqf-fw2r-52g4
* Revert "Fix request URL normalisation for bare domain and 8-bit characters (#26285)"

This reverts commit 8891d8945d.

* Revert "Do not normalize URL before fetching it (#26219)"

This reverts commit fd284311e7.
2023-09-19 16:52:52 +02:00
Claire
dfc05ec8df Merge commit '6273416292090b2f6bfda33f070cea325a1759df' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-nightly.yml`:
  Upstream modified this file close to a line modified by glitch-soc to
  disable the ARMv64 builder (as glitch-soc doesn't have one).
  Ported upstream's changes.
- `.github/workflows/build-releases.yml`:
  Upstream modified this file close to lines changed by glitch-soc to
  change the Docker image repositories used (only ghcr, and based on the
  organization's name).
  Ported upstream's changes.
2023-09-15 21:43:49 +02:00
Claire
5ed72f668f Merge commit 'b90383d07388fe8513e59a6deb1a2391146c6561' into glitch-soc/merge-upstream 2023-09-15 21:39:21 +02:00
Claire
08b495d95c Merge commit 'b1d89071384ef028c97a3d28cf8cf6bc0ca6c4ce' into glitch-soc/merge-upstream 2023-09-15 21:06:45 +02:00
Claire
5d8c65f2a7 Merge commit '398635c0c4987ec44d937e98431ff5dee331ea94' into glitch-soc/merge-upstream 2023-09-15 20:57:40 +02:00
Claire
6273416292
Fix post edits not being forwarded as expected (#26936) 2023-09-15 19:54:32 +02:00
Robert R George
20666482ef
Added admin api for managing tags (#26872) 2023-09-13 11:22:53 +02:00
jsgoldstein
4d9186a48c
Add search tests (#26703) 2023-09-08 16:17:55 +02:00
Eugen Rochko
3a679844e4
Fix account_id, max_id and min_id params not working in search (#26847) 2023-09-08 14:25:00 +02:00
Claire
81caafbe84
Fix performances of profile directory (#26842) 2023-09-07 18:55:25 +02:00
Claire
355e3fb529
Simplify Account.by_recent_status and Account.by_recent_sign_in scopes (#26840) 2023-09-07 15:38:11 +02:00
Claire
1f99d86287
Fix blocked domain appears from account feed (#26823)
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-09-06 21:04:48 +02:00
Claire
b83e487502
Fix moderator rights inconsistencies (#26729) 2023-09-06 16:40:19 +02:00
Claire
e66f961e05 Merge branch 'main' into glitch-soc/merge-upstream 2023-09-04 18:27:46 +02:00
Eugen Rochko
ece1ff77d6
Add in:library syntax to search (#26760)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-09-04 17:20:35 +02:00
Christian Schmidt
ea31929776
Fix invalid Content-Type header for WebP images (#26773) 2023-09-04 09:46:33 +02:00
Claire
c107512fa6 Merge commit '05093266e6e3c54f9096da9cdcdafdc83703c578' into glitch-soc/merge-upstream 2023-09-02 15:02:29 +02:00
Claire
4adb12ca91 Fix test failures due to different default settings in glitch-soc 2023-09-02 14:24:47 +02:00
Claire
ac2dae0d11 Merge commit '6c4c72497a5722870e4432ef41dd4c9ec36a8928' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-releases.yml`:
  Upstream changed comments close to a line we modified to account for
  different container image repositories.
  Updated the comments as upstream did.
2023-09-02 13:50:16 +02:00
Claire
c8aa3d6d06 Merge commit 'dd72a8d28b4479afdc19ac73cac83609d85b5f9e' into glitch-soc/merge-upstream 2023-09-02 12:02:23 +02:00
Claire
6b7c47311d Merge commit '072112867b9a3ec090ad2c92d6363b47b2265d74' into glitch-soc/merge-upstream 2023-09-02 11:41:40 +02:00
Claire
16681e0f20
Add admin notifications for new Mastodon versions (#26582) 2023-09-01 17:47:07 +02:00
Eugen Rochko
e754083e8a
Fix unmatched quotes and prefixes causing search to fail (#26701) 2023-09-01 09:43:12 +02:00
Daniel M Brasil
ccca542db1
Fix /api/v1/timelines/tag/:hashtag allowing for unauthenticated access when public preview is disabled (#26237) 2023-08-31 13:53:24 +02:00
Tyler Deitz
336ec503c2
Add avatar image to webfinger responses (#26558) 2023-08-31 13:46:27 +02:00
Eugen Rochko
2304cc6456
Fix bad search type heuristic (#26673) 2023-08-28 17:08:37 +02:00
Claire
e3825a13c1
Add PublicStatusesCheck to Elasticsearch index check on admin dashboard (#26650) 2023-08-25 12:01:55 +02:00
Claire
32e67e78a3 Merge commit 'e3fd07197379f1ac7fd4a761b3ff55effa1a2a6c' into glitch-soc/merge-upstream 2023-08-24 21:50:14 +02:00
Claire
296b3d1560 Merge commit 'dc09c10fa8cc9230bf14e48d790c8f0c26043f8f' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream re-generated the file, while glitch-soc has a specific ignore
  for some file.
  Updated the file as upstream did and kept our extra ignore.
- `config/webpack/shared.js`:
  Upstream added a plugin, but our files are pretty different.
  Added the plugin as well.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored tests, but part of them were different because
  of glitch-soc's theming system.
  Applied the refactoring to glitch-soc's change.
2023-08-24 21:26:27 +02:00
Claire
88ff45a3b2 Merge commit 'facfec1ba36cee27f232ebff90b990933719235a' into glitch-soc/merge-upstream 2023-08-24 21:03:56 +02:00
Claire
fbfc4145fd Merge commit '1cdcd9dc08c91321f80ffe4822f6a3da15abeb2c' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/public.jsx`:
  Upstream updated code that we actually moved to `app/javascript/core/settings.js`.
  Applied the changes there.
2023-08-24 21:01:19 +02:00
jsgoldstein
30c191aaa0
Add new public status index (#26344)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 16:40:04 +02:00
Daniel M Brasil
f337008819
Fix timeout on invalid set of exclusionary parameters in /api/v1/timelines/public (#26239) 2023-08-23 15:50:23 +02:00
Claire
10404aece8 Merge commit '1cb978bcc3d291a045f367e072ca0af1a1c4dbbc' into glitch-soc/merge-upstream 2023-08-22 18:50:14 +02:00
Nick Schonning
b970ed6098
Update rubocop and rubocop-rspec (#26329) 2023-08-22 09:31:40 +02:00
Claire
ac0eb0533e
Add Elasticsearch cluster health check and indexes mismatch check to dashboard (#26448) 2023-08-21 16:50:22 +02:00
Claire
191d302b7f
Refactor Api::V1::ProfilesController into two separate controllers (#26573) 2023-08-21 15:47:09 +02:00
Daniel M Brasil
d24a87ce4f
Add ability to delete avatar or header picture via the API (#25124)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-21 08:44:35 +02:00
Renaud Chaput
b95867ad1f
Allow setting a custom HTTP method in CacheBuster (#26528)
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
Claire
60b9fa641d
Fix cached posts including stale stats (#26409) 2023-08-17 16:11:48 +02:00
Claire
6530f9709c Merge commit '121443c0fca383268b8022c048dd137994785aff' into glitch-soc/main
Conflicts:
- `.rubocop_todo.yml`:
  Upstream regenerated this file, glitch-soc had a specific ignore.
2023-08-13 18:47:15 +02:00
Claire
ea8802a05a Merge commit '3a4d3e9d4b573c400eec1743471d54cdccae50a5' into glitch-soc/merge-upstream 2023-08-12 09:36:38 +02:00
Claire
44a5f1b64a Merge commit '425d77f8124a50fc033e8fb3bdf7b89a6a25f4fa' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream regenerated this file, glitch-soc had a specific ignore.
- `README.md`:
  Upstream updated its README, but glitch-soc has a completely different one.
  Kept glitch-soc's README
2023-08-11 22:15:41 +02:00
Matt Jankowski
d9a9323968
Avoid connecting to a running ES instance in ES search check spec (#26413) 2023-08-09 13:15:04 +02:00
Matt Jankowski
2c88364222
Restore console behavior in test env (#26401) 2023-08-09 11:26:56 +02:00
Claire
b12d75ef4f
Fix blocking subdomains of an already-blocked domain (#26392) 2023-08-09 09:39:36 +02:00
Claire
30c64bf616
Fix list import concurrently creating lists of the same name (#26372) 2023-08-07 17:59:20 +02:00
Matt Jankowski
c363978782
Spec media attachment speedups (#25416) 2023-08-07 17:58:12 +02:00
Christian Schmidt
8da99ffb0d
Add alt text for preview card thumbnails (#26184) 2023-08-03 15:41:51 +02:00
Daniel M Brasil
3a4d3e9d4b
Add GET /api/v1/instance/languages to REST API (#24443)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-03 11:25:47 +02:00
Emelia Smith
e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
Christian Schmidt
8891d8945d
Fix request URL normalisation for bare domain and 8-bit characters (#26285) 2023-08-02 19:32:29 +02:00
Christian Schmidt
ca342d4838
Add List-Unsubscribe email header (#26085) 2023-08-01 19:34:40 +02:00
Christian Schmidt
f2257069b2
Fix AVIF attachments (#26264) 2023-08-01 19:34:11 +02:00
Christian Schmidt
fd284311e7
Do not normalize URL before fetching it (#26219) 2023-07-31 23:17:37 +02:00
Claire
73a3228e0f Fix CSP tests in glitch-soc 2023-07-30 17:30:13 +02:00
Claire
92fa9d34b0 Merge commit '3554c527954441fd924586a49c7d99a89101ac7e' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/authorize_interactions_controller.rb`:
  Small conflict due to our theming system.
- `streaming/index.js`:
  Upstream refactored part of the streaming server.
  We had some extra logic for handling local-only posts.
  Applied the refactor.
2023-07-30 16:11:55 +02:00
Claire
454d8567d4 Merge commit '1814990a3d117555153321216fa593e4d9e84de3' into glitch-soc/merge-upstream 2023-07-30 15:54:34 +02:00
Claire
bd349cb850 Merge commit 'ce1f35d7e213327549b960bb64f63c67a141ea40' into glitch-soc/merge-upstream
Conflicts:
- `db/schema.rb`:
  Upstream regenerated the schema file using Rails 7, the conflicts are
  caused by our extra columns.
  Applied upstream's changes, but keeping our extra columns.
2023-07-30 14:58:56 +02:00
Claire
42f36aa55a Merge commit '5b457961fc1189a71599dc6c06b3f159b195a455' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream fixed an issue that was not present in glitch-soc.
  Kept our version.
2023-07-30 13:49:35 +02:00
Claire
7635c67450 Merge commit '144a406d332b034caa812ade2629df03ed4898d7' into glitch-soc/merge-upstream
Conflicts:
- `app/views/layouts/application.html.haml`:
  Upstream removed the `crossorigin` attribute from `preload_pack_asset`.
  Glitch-soc had different calls to `preload_pack_asset` because of the
  different theming system.
  Ported the change.
- `app/views/layouts/embedded.html.haml`:
  Upstream removed the `crossorigin` attribute from `preload_pack_asset`.
  Glitch-soc had different calls to `preload_pack_asset` because of the
  different theming system.
  Ported the change.
2023-07-30 13:42:06 +02:00
Claire
993d0a9950 Merge commit '1e3b19230a48174acf524cf1a9f5a498e220ea7d' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Upstream added new validations close to lines on which glitch-soc had
  modified validations to handle custom limits set through environment
  variables.
  Ported upstream changes.
- `config/initializers/content_security_policy.rb`:
  Upstream added `AZURE_ALIAS_HOST`. Glitch-soc's version of the file is
  completely different.
  Added `AZURE_ALIAS_HOST` to our version of the file.
2023-07-30 13:15:01 +02:00
Matt Jankowski
7581b1ff96
Profiling tools configuration improvement (#25383) 2023-07-28 23:16:23 +02:00
Matt Jankowski
6f1fa1364f
Fix RSpec/EmptyExampleGroup cop (#24735) 2023-07-28 23:15:33 +02:00
Matt Jankowski
660993b415
Add coverage for URLValidator (#25591) 2023-07-28 23:12:25 +02:00
Matt Jankowski
6602edf064
Add coverage for LanguageValidator (#25593) 2023-07-28 23:12:09 +02:00
Renaud Chaput
4d1b67f664
Add end-to-end (system) tests (#25461) 2023-07-28 23:09:49 +02:00
Christian Schmidt
f96e4b3047
Use original URL in preview if it redirects to 4xx page (#26200) 2023-07-28 23:02:08 +02:00
Claire
6c3c5bbbc3
Fix crash when processing Flag activity with no status (#26189) 2023-07-27 16:11:56 +02:00
Claire
b4e739ff0f
Change interaction modal in web UI (#26075)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-27 16:11:17 +02:00
Daniel M Brasil
812a84ff5f
Migrate to request specs in /api/v2/filters (#25721) 2023-07-27 14:58:20 +02:00
Matt Jankowski
f48d345de1
Use correct naming on controller concern specs (#26197) 2023-07-27 14:27:21 +02:00
Matt Jankowski
2d9808f648
Reformat large key values in service specs (#26181) 2023-07-26 09:45:50 +02:00
Matt Jankowski
7d62e3b198
Reformat large text arg in FetchLinkCardService spec (#26183) 2023-07-26 09:44:51 +02:00
Matt Jankowski
50ff3d3342
Coverage for Auth::OmniauthCallbacks controller (#26147) 2023-07-25 09:46:57 +02:00
Claire
5b457961fc
Fix linting issue (#26106) 2023-07-21 14:21:10 +02:00
Claire
e5f1000ad1
Fix CSP headers being unintendedly wide (#26105) 2023-07-21 13:34:15 +02:00
Claire
144a406d33
Clean up unused application records (#24871) 2023-07-21 13:13:16 +02:00
Claire
1e3b19230a
Add stricter protocol fields validation for accounts (#25937) 2023-07-20 18:23:48 +02:00
Matt Jankowski
1cceb62afd
Fix Lint/Void cop (#25922) 2023-07-20 17:31:34 +02:00
Matt Jankowski
285a3df56c
Move localized subject mailer shared example to separate file (#25889) 2023-07-20 15:50:50 +02:00
Christian Schmidt
4c18928a93
Wrong count in response when removing favourite/reblog (#24365)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-19 09:02:30 +02:00
Matt Jankowski
6edd404482
Cleanup unused portions of statuses/status partial (#26045) 2023-07-19 08:44:16 +02:00
Claire
0092fe50ac Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream entirely refactored this, while we changed the docker repository
  to upload to and disabled the “latest” tag.
  Applied the repository change to `.github/workflows/build-*.yml`, as well
  as disabling native ARMv64 builds.
- `README.md`:
  We have a completely different README.
  Kept ours.
- `app/views/admin/settings/shared/_links.html.haml`:
  Upstream refactored, we had an extra item.
  Refactored as upstream did.
- `spec/controllers/api/v1/timelines/public_controller_spec.rb`:
  Upstream deleted this file, to be replaced by a request spec at
  `spec/requests/api/v1/timelines/public_spec.rb`.
  We had an extra bit about enabling the public timelines because we have
  different defaults than upstream.
  Moved that bit to `spec/requests/api/v1/timelines/public_spec.rb`
2023-07-19 07:35:51 +02:00
Daniel M Brasil
59b38f9ee4
Migrate to request specs in /api/v1/mutes (#25622) 2023-07-18 13:05:19 +02:00
Daniel M Brasil
58bfe8c43a
Migrate to request specs in /api/v1/bookmarks (#25520) 2023-07-18 09:15:50 +02:00
Daniel M Brasil
5a7c6c6597
Migrate to request specs in /api/v1/timelines/public (#25746)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-18 09:15:18 +02:00
Claire
c04f2d0cf7 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/settings/appearance/show.html.haml`:
  Upstream enforced an uniform code style around lambdas, and glitch-soc
  had a different lambda due to its theming system.
  Applied the same code style changes.
- `app/views/settings/preferences/appearance/show.html.haml`:
  Upstream enforced an uniform code style around lambdas, and glitch-soc
  removed some code just after the lambda.
  Applied the same code style changes.
2023-07-17 19:02:23 +02:00
Daniel M Brasil
19208aa422
Migrate to request specs in /api/v1/statuses/:status_id/favourite (#25626) 2023-07-17 16:53:57 +02:00
Daniel M Brasil
6fb4a756ff
Migrate to request specs in /api/v1/statuses/:status_id/bookmark (#25624) 2023-07-17 16:51:49 +02:00
Daniel M Brasil
4859958a0c
Migrate to request specs in /api/v1/polls (#25596) 2023-07-17 16:50:00 +02:00
Daniel M Brasil
1aea938d3d
Migrate to request specs in /api/v1/statuses/:status_id/pin (#25635) 2023-07-17 16:24:05 +02:00
Daniel M Brasil
6cdc8408a9
Migrate to request specs in /api/v1/emails/confirmations (#25686) 2023-07-17 16:22:33 +02:00
Daniel M Brasil
8a1aabaac1
Migrate to request specs in /api/v1/timelines/home (#25743) 2023-07-17 16:20:11 +02:00
Claire
943f27f437
Remove unfollowed hashtag posts from home feed (#26028) 2023-07-17 13:56:28 +02:00
Claire
f18618d7f9
Fix some incorrect tests (#26035) 2023-07-17 13:13:43 +02:00
Claire
d9adda1a99 Merge commit '71db616fed817893d0efa363f0e7dbfcf23866a0' into glitch-soc/merge-upstream 2023-07-13 22:40:15 +02:00
Claire
41f65edb21
Fix embed dropdown menu item for unauthenticated users (#25964) 2023-07-13 15:53:03 +02:00
Claire
9ae60f8738 Merge commit '82e477b184b5666fff7fb55933dce22ca2925db8' into glitch-soc/merge-upstream
Conflicts:
- `db/migrate/20180831171112_create_bookmarks.rb`:
  Upstream ran a lint fix on this file, but this file is different in
  glitch-soc because the feature was added much earlier.
  Ran the lint fix on our own version of the file.
2023-07-12 16:03:05 +02:00
Claire
075887e1d6 Merge commit 'ea10febd257b5b729a50aeb3218389763f5f4b97' into glitch-soc/merge-upstream 2023-07-12 15:44:33 +02:00
Claire
dd0002e1fe Merge commit '610cf6c3713e414995ea1a57110db400ccb88dd2' into glitch-soc/merge-upstream
Conflicts:
- `app/models/trends.rb`:
  Conflict due to glitch-soc's code splitting trends mailing depending on type.
  Ported upstream's changes.
2023-07-12 15:38:35 +02:00
Claire
82eebd0482 Merge commit '41a505513fb36f7c28c8d8a4270d5ee192169462' into glitch-soc/merge-upstream
Conflicts:
- `app/serializers/initial_state_serializer.rb`:
  Upstream renamed an initial state parameter, where we had extra ones.
  Renamed as upstream did.
- `app/workers/feed_insert_worker.rb`:
  Upstream wrapped database query in a block, we had extra database
  queries because of the DM timeline.
  Moved everything in the block.
2023-07-12 15:27:32 +02:00
Matt Jankowski
6c5a2233a8
Fix RSpec/StubbedMock cop (#25552)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-12 10:20:10 +02:00
Matt Jankowski
658742b3cd
Fix Lint/AmbiguousBlockAssociation cop (#25921) 2023-07-12 10:02:41 +02:00
Matt Jankowski
74806deb2c
Fix RSpec/SubjectStub cop (#25550)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-12 10:02:19 +02:00
Matt Jankowski
7824df0eca
Exclude lib/linter from simplecov report (#25916) 2023-07-12 09:51:59 +02:00
Matt Jankowski
c75df62ccc
Fix RSpec/SubjectDeclaration cop (#25312) 2023-07-12 09:49:33 +02:00
Nick Schonning
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
jsgoldstein
99be47f8b9
Change searching with # to include account index (#25638) 2023-07-10 20:58:13 +02:00
Claire
c27b82a437
Add forward_to_domains parameter to POST /api/v1/reports (#25866) 2023-07-10 18:26:56 +02:00
Matt Jankowski
f3fca78756
Refactor NotificationMailer to use parameterization (#25718) 2023-07-10 03:06:22 +02:00
Matt Jankowski
d6b387a0c4
Remove unused NotificationMailer#digest preview (#25719) 2023-07-08 20:04:21 +02:00
Matt Jankowski
cf33028f35
Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Eugen Rochko
93e8a15415
Add forwarding of reported replies to servers being replied to (#25341) 2023-07-08 20:00:02 +02:00
Jeremy Kescher
037fcd9d31
Merge branch 'glitch-soc' into develop 2023-07-07 22:05:28 +02:00
Claire
b9aa228c54 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream attempted something with tags.
  Kept our version.
2023-07-07 19:59:43 +02:00
Claire
94fbac77e7
Fix processing of media files with unusual names (#25788) 2023-07-07 13:35:22 +02:00
Local User
0527458f38 Merge branch 'upstream/main' into develop 2023-07-07 01:25:26 +02:00
Claire
ff7aae3037 Merge branch 'main' into glitch-soc/merge-upstream 2023-07-06 15:16:34 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
5de49e74d4 Merge branch 'main' into glitch-soc/merge-upstream 2023-07-05 12:01:26 +02:00
Daniel M Brasil
383c00819c
Fix /api/v2/search not working with following query param (#25681) 2023-07-03 18:06:57 +02:00
Claire
44e98a2740 Merge branch 'main' into glitch-soc/merge-upstream 2023-07-02 11:49:08 +02:00
Daniel M Brasil
4fe2d7cb59
Fix HTTP 500 in /api/v1/emails/check_confirmation (#25595) 2023-07-02 00:05:44 +02:00
Matt Jankowski
683ba5ecb1
Fix rails rewhere deprecation warning in directories api controller (#25625) 2023-07-01 21:48:16 +02:00
Claire
a209d1e683
Fix ResolveURLService not resolving local URLs for remote content (#25637) 2023-06-29 14:48:54 +02:00
jsgoldstein
4581a528f7
Change account search to match by text when opted-in (#25599)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-06-29 13:05:21 +02:00
Claire
80a5c16ae1 Merge branch 'main' into glitch-soc/merge-upstream 2023-06-27 13:15:41 +02:00
Claire
c7c6f02ae6
Fix suspending an already-limited domain (#25603) 2023-06-27 12:32:51 +02:00
Claire
178e151019 Merge commit '55e7c08a83547424024bac311d5459cb82cf6dae' into glitch-soc/merge-upstream
Conflicts:
- `app/models/user_settings.rb`:
  Upstream added a constraint on a setting textually close
  to glitch-soc-only settings.
  Applied upstream's change.
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream added support for the `translate` attribute on a few elements,
  where glitch-soc had a different set of allowed elements and attributes.
  Extended glitch-soc's allowed attributes with `translate` as upstream did.
- `spec/validators/status_length_validator_spec.rb`:
  Upstream refactored to use RSpec's `instance_double` instead of `double`,
  but glitch-soc had changes to tests due to configurable max toot chars.
  Applied upstream's changes while keeping tests against configurable max
  toot chars.
2023-06-25 14:27:38 +02:00
Claire
a5b6f6da80
Change /api/v1/statuses/:id/history to always return at least one item (#25510) 2023-06-22 14:56:14 +02:00
Matt Jankowski
05f9e39b32
Fix RSpec/VerifiedDoubles cop (#25469) 2023-06-22 14:55:22 +02:00
Matt Jankowski
38433ccd0b
Reduce Admin::Reports::Actions spec db activity (#25465) 2023-06-22 14:53:13 +02:00
Claire
602c458ab6
Add finer permission requirements for managing webhooks (#25463) 2023-06-22 14:52:25 +02:00
Matt Jankowski
63d15d5330
Speed-up on StatusesController spec (#25549) 2023-06-22 14:51:53 +02:00
Matt Jankowski
0b39b9abee
Speed-up on BackupService spec (#25527) 2023-06-22 11:53:28 +02:00
Daniel M Brasil
6ac271c2a0
Migrate to request specs in /api/v1/suggestions (#25540) 2023-06-22 11:49:35 +02:00
Claire
37a9c2258a
Add per-test timeouts to AutoStatusesCleanupScheduler tests (#24841) 2023-06-20 18:54:05 +02:00
Claire
ebfeaebedb
Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-06-20 18:32:26 +02:00
Daniel M Brasil
e53eb38a8d
Migrate to request specs in /api/v1/admin/account_actions (#25514) 2023-06-20 18:16:48 +02:00
Claire
fd23f50243
Fix wrong view being displayed when a webhook fails validation (#25464) 2023-06-20 18:15:35 +02:00
Claire
c78280a8ce
Add translate="no" to outgoing mentions and links (#25524) 2023-06-20 18:10:19 +02:00
Plastikmensch
eba3411bfa
Re-allow title attribute in <abbr> (#2254)
* Re-allow title attribute in <abbr>

This was accidentally removed in 7623e18124

Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>

* Add test

Add a new test to check that title attribute on <abbr> is kept.

Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>

---------

Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
2023-06-19 18:01:35 +02:00
Claire
dd07393e75
Fix user settings not getting validated (#25508) 2023-06-19 14:06:06 +01:00
Matt Jankowski
e1c9d52e91
Reduce sleep time in request pool spec (#25470) 2023-06-19 13:48:25 +02:00
Matt Jankowski
3a65fb044f
Add coverage for UserMailer methods (#25484) 2023-06-19 09:50:35 +02:00
Matt Jankowski
e835198b26
Combine assertions in api/v1/notifications spec (#25486) 2023-06-19 09:05:42 +02:00
Daniel M Brasil
b9bc9d0bda
Fix incorrect pagination headers in /api/v2/admin/accounts (#25477) 2023-06-19 08:53:05 +02:00
Daniel M Brasil
0a0a1f1495
Migrate to request specs in /api/v1/tags (#25439) 2023-06-19 08:51:40 +02:00
Claire
e5978184a6 Fix glitch-soc-only test being broken by refactor of the surrounding tests 2023-06-18 13:59:47 +02:00
Claire
6c99479ef4 Merge commit '9e245d147bcb2c72cc552ff8c276a1c34e2f686d' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/profiles/show.html.haml`:
  Upstream redesigned the settings page, where glitch-soc had changes because of
  the ability to set some custom limits.
  Went with upstream's design while keeping our custom limits.
- `yarn.lock`:
  Upstream updated dependencies textually close to a glitch-soc-only dependency.
  Updated the dependnencies as well.
2023-06-18 13:41:33 +02:00
Claire
65cbcce997 Merge commit '39110d1d0af5e3d9cf452ae47496a52797249fd0' into glitch-soc/merge-upstream 2023-06-18 10:36:14 +02:00
Matt Jankowski
b276b3bb83
Remove Ruby GC config from spec helper (#25455) 2023-06-15 22:14:46 +01:00
Daniel M Brasil
b10c05e702
Migrate to request specs in /api/v1/lists (#25443) 2023-06-15 10:19:51 +02:00
Matt Jankowski
4c5aa0e470
Update rubocop-rspec to version 2.22.0, fix RSpec/IndexedLet cop (#24698) 2023-06-14 16:44:37 +02:00
Daniel M Brasil
24015ef0cc
Migrate to request specs in /api/v1/domain_blocks (#25414) 2023-06-14 16:08:53 +02:00
Daniel M Brasil
87aff5aad8
Migrate to request specs in /api/v1/follow_requests (#25411) 2023-06-14 15:43:50 +02:00
Daniel M Brasil
d9c6f70cc6
Fix ArgumentError in /api/v1/admin/accounts/:id/action (#25386) 2023-06-14 15:21:36 +02:00
Matt Jankowski
ae9f5379d1
Reduce factory data created in spec/models/trends/statuses spec (#25410) 2023-06-14 09:57:06 +02:00
Matt Jankowski
31d5bc89d1
Speed improvement for AccountsStatusesCleanupScheduler spec (#25406) 2023-06-14 09:56:11 +02:00
Daniel M Brasil
a5b62e56d0
Migrate to request specs in /api/v1/apps/verify_credentials (#25404) 2023-06-14 09:48:57 +02:00
Daniel M Brasil
a6407aa662
Migrate to request specs in /api/v1/apps (#25401) 2023-06-14 09:48:48 +02:00
Matt Jankowski
4c5f62de99
Extract shared examples from api specs (#25387) 2023-06-14 09:34:01 +02:00
Claire
ec59166844
Fix ArgumentError when loading newer Private Mentions (#25399) 2023-06-14 08:54:52 +02:00
Matt Jankowski
10746af82f
Remove unused shared examples for scoped settings (#25389) 2023-06-13 14:59:04 +02:00
Matt Jankowski
25c66fa640
Enable paperclip for account attachment examples (#25381) 2023-06-12 17:37:43 +02:00
Claire
42a0898f16 Merge commit '3a2a15c6ea4d4603469861ed9be09da12a122e45' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/preferences/appearance/show.html.haml`:
  Conflict because glitch-soc does not have a theme selector here.
2023-06-10 18:42:29 +02:00
Matt Jankowski
62c996b52d
Reduce RSpec/MultipleExpectations cop max to 8 (#25313) 2023-06-10 18:38:22 +02:00
Matt Jankowski
b5675e265e
Add coverage for CLI::Feeds command (#25319) 2023-06-10 18:37:36 +02:00
Matt Jankowski
07933db788
Add coverage for CLI::Cache command (#25238) 2023-06-10 18:36:09 +02:00
fusagiko / takayamaki
b19a695608
migrate test for GET /api/v1/accounts/{account_id} to request spec (#25322) 2023-06-10 18:33:24 +02:00
Daniel M Brasil
99216e34e5
Migrate to request specs in /api/v1/admin/canonical_email_blocks (#25330) 2023-06-10 18:33:02 +02:00
Daniel M Brasil
b4e19f9610
Migrate to request specs in /api/v1/admin/ip_blocks (#25331) 2023-06-10 18:32:46 +02:00
Daniel M Brasil
4301d8cbb3
Migrate to request specs in /api/v1/admin/domain_allows (#25333) 2023-06-10 18:32:26 +02:00
Daniel M Brasil
841c220c40
Migrate to request specs in /api/v1/admin/domain_blocks (#25335) 2023-06-10 18:32:07 +02:00
Daniel M Brasil
0e200d4e2f
Migrate to request specs in /api/v1/admin/reports (#25355) 2023-06-10 18:30:43 +02:00
Matt Jankowski
3a2a15c6ea
Use build where possible in fabricators (#25360) 2023-06-10 18:29:01 +02:00
Matt Jankowski
c94bb9ba9a
Disable paperclip processing in specs (#25359) 2023-06-10 18:27:35 +02:00
Claire
8c26d49cbd Merge commit '16dd3f08c1e5396d5f9ff3f13417901bc4e4b8b9' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/preferences/appearance/show.html.haml`:
  Upstream fixed a translation bug in the theme selector that is absent from
  glitch-soc due to our different theming system.
  Discarded upstream changes.
- `streaming/index.js`:
  Upstream changed the signature of a function to change its return type.
  This is not a real conflict, the conflict being caused by an extra
  argument in glitch-soc's code.
  Applied upstream's change while keeping our extra argument.
2023-06-10 17:18:36 +02:00
Claire
c48ec9cb8c Merge commit 'b85c387c5c0527b0ad31c27031a09d361826c5fc' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Kept our version, it was not affected by upstream's bug.
2023-06-10 16:48:01 +02:00
Claire
d8b0a732aa Merge commit '1483a3ddfe74e4fb81d87447a1781943eab86c60' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/simple_form.rb`:
  Upstream added a new simple_form component, where we had an extra one.
  Kept both components.
2023-06-10 16:22:14 +02:00
Claire
734e186717 Merge commit 'b0780cfeeda641645ea65da257a72ec507e71647' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/load_locale.js`:
  The file moved to `app/javascript/mastodon/locales/load_locale.ts`.
  Ported the changes there and deleted `app/javascript/mastodon/load_locale.js`.
- `app/javascript/mastodon/locales/index.js`:
  The file moved to `app/javascript/mastodon/locales/index.ts`.
  Did *not* port the changes as I want to try something a bit different.
2023-06-10 15:32:29 +02:00
Claire
aa57f7e3e2 Merge commit '5fae2de454806730742b7be7435ae1c4fb97cf3c' into glitch-soc/merge-upstream 2023-06-10 15:17:08 +02:00
Claire
b27a9a5903 Merge commit 'e9385e93e9b4601c87d1f5d6b8ddfd815f7aedcb' into glitch-soc/merge-upstream 2023-06-10 15:09:19 +02:00
Claire
93c714417f Merge commit 'b922ad7a1b4bc8d968d0df2c7f307d4fec53435d' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Upstream changed various script definitions in lines surrounding the one for
  `i18n:extract`, which had glitch-soc-specific changes.
  Updated the scripts as upstream did, while keeping our changes to
  `i18n:extract`.
2023-06-10 14:38:04 +02:00
Daniel M Brasil
4aff1d2974
Migrate to request specs in /api/v1/admin/email_domain_blocks (#25337) 2023-06-09 14:00:14 +02:00
Matt Jankowski
6c0e3f490a
Fix RSpec/MissingExampleGroupArgument cop (#25310) 2023-06-06 15:51:42 +02:00
Matt Jankowski
b74c3cd708
Fix RSpec/DescribedClass cop missed items (#25309) 2023-06-06 14:51:03 +02:00
Matt Jankowski
c42591356d
Fix RSpec/DescribedClass cop (#25104) 2023-06-06 13:58:33 +02:00
Matt Jankowski
1e243e2df7
Misc spec coverage for Admin:: area controllers (#25282) 2023-06-06 13:57:00 +02:00
Daniel M Brasil
eb6f8181e1
Add test coverage for Mastodon::CLI::Accounts#reset_relationships (#25194) 2023-06-06 13:37:09 +02:00
Matt Jankowski
b22bfae4f9
Add coverage for DomainBlock#public_domain method (#25283) 2023-06-06 13:34:04 +02:00
Eugen Rochko
4eda233e09
Add webhook templating (#23289)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 10:42:47 +02:00
Matt Jankowski
af135bddd0
Update Admin::Metrics::Measure classes for Rails 7 (#25236) 2023-06-05 20:46:04 +02:00
Matt Jankowski
3b21c13dcc
Rails 7 compatibility fix for Admin::Metrics::Dimension classes (#25277) 2023-06-05 16:52:33 +02:00
Daniel M Brasil
70cd2d6000
Add test coverage for Mastodon::CLI::Accounts#cull (#25250) 2023-06-05 14:51:25 +02:00
Claire
c22fc2fa80 Merge commit '00c222377db0e305ac3f4a15bf1c18eb89c1f45f' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Took upstream's changes.
2023-06-05 13:25:22 +02:00
Darius Kazemi
bacb674921
Add exclusive lists (#22048)
Co-authored-by: Liam Cooke <liam@liamcooke.com>
Co-authored-by: John Holdun <john@johnholdun.com>
Co-authored-by: Effy Elden <effy@effy.space>
Co-authored-by: Lina Reyne <git@lina.pizza>
Co-authored-by: Lina <20880695+necropolina@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-05 09:37:02 +02:00
Matt Jankowski
5c87c66504
Add coverage for CLI::CanonicalEmailBlocks command (#25239) 2023-06-05 08:20:18 +02:00
Daniel M Brasil
03a707f6a6
Add test coverage for Mastodon::CLI::Accounts#merge (#25199) 2023-06-05 08:16:12 +02:00
Renaud Chaput
b0780cfeed
Fix /share and cleanup and reorganize frontend locale loading (#25240) 2023-06-02 15:00:27 +02:00
Claire
8884d1ece0
Add support for importing lists (#25203) 2023-06-01 14:47:31 +02:00
Daniel M Brasil
2a353200ad
Add test coverage for Mastodon::CLI::Accounts#rotate (#25212) 2023-06-01 14:29:29 +02:00
Renaud Chaput
942d850b0a
Allow carets in URL search params (#25216) 2023-06-01 12:14:49 +02:00
Daniel M Brasil
f906e21a4f
Add test coverage for Mastodon::CLI::Accounts#refresh (#25196) 2023-06-01 10:01:09 +02:00
Matt Jankowski
f84037ae2b
Remove unused #hash_to_object method in SettingsHelper (#25213) 2023-06-01 09:47:05 +02:00
Claire
e9385e93e9
Add a confirmation screen when suspending a domain (#25144) 2023-06-01 09:37:38 +02:00
Claire
b922ad7a1b
Fix crash when S3_ALIAS_HOST or S3_CLOUDFRONT_HOST have a path component (#25018) 2023-06-01 09:23:28 +02:00
Christian Schmidt
69057467cb
Translate CW, poll options and media descriptions (#24175)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-01 00:10:21 +02:00
Matt Jankowski
b0104e4c33
Silence output to stdout during cli specs (#25211) 2023-05-31 20:01:11 +02:00
Daniel M Brasil
3c41547f49
Add test coverage for Mastodon::CLI::Accounts#backup (#25163) 2023-05-31 15:32:37 +02:00
Matt Jankowski
8b1bfaed3e
Add specs for admin/webhooks CRUD actions (#25133) 2023-05-31 15:23:49 +02:00
Matt Jankowski
665bb237a8
Increase spec coverage for controllers - admin/ip_blocks, admin/relays, admin/rules (#25192) 2023-05-31 10:23:32 +02:00
Daniel M Brasil
bf9a7ce8e8
Add test coverage for Mastodon::CLI::Accounts#unfollow (#25162) 2023-05-31 09:33:57 +02:00
Daniel M Brasil
dbc44be0ca
Add test coverage for Mastodon::CLI::Accounts#follow (#25161) 2023-05-30 16:13:29 +02:00
Daniel M Brasil
3d253b9830
Add test coverage for Mastodon::CLI::Accounts#approve (#25160) 2023-05-30 15:00:21 +02:00
Daniel M Brasil
bbbcdc083f
Add test coverage for Mastodon::CLI::Accounts#delete (#25146) 2023-05-30 11:59:17 +02:00
Daniel M Brasil
bdc7548652
Add test coverage for Mastodon::CLI::Accounts#modify (#25145) 2023-05-29 15:31:59 +02:00
Daniel M Brasil
11b8336418
Add test coverage for Mastodon::CLI::Accounts#create (#25143) 2023-05-29 11:43:19 +02:00
Claire
0669783da8 Merge branch 'main' into glitch-soc/merge-upstream 2023-05-28 17:01:25 +02:00
Claire
0e7466717f Merge commit '391c089d0db58d731765dba730a5e1f2fe8570a6' into glitch-soc/merge-upstream
Conflicts:
- `.github/dependabot.yml`:
  We removed it from glitch-soc.
  Keep it deleted.
2023-05-28 16:41:14 +02:00
Claire
6dbd44faea Merge commit 'b896b16cb3c8626fbee12a7eda7f882114b1a040' into glitch-soc/merge-upstream 2023-05-28 15:01:53 +02:00
Jeremy Kescher
2370d45a1e
Fix some RubyCop offenses 2023-05-27 12:58:46 +02:00
Jeremy Kescher
4920ccb302
Merge remote-tracking branch 'upstream/main' into develop 2023-05-27 12:23:36 +02:00
Matt Jankowski
0f2c16ac4b
Fix RSpec/NoExpectationExample cop (#25103) 2023-05-26 09:41:12 +02:00
Claire
61f6cd45e3 Fix glitch-soc-only tests being broken because of test refactor 2023-05-26 00:10:57 +02:00
Claire
e2ab9d4dad Merge commit 'e387175fc9a3ebfd72ab45ebfe43ecfabef7b0c3' into glitch-soc/merge-upstream 2023-05-25 23:47:28 +02:00
Claire
2e02d03524 Merge commit '4a22e72b9b1b8f14792efcc649b0db8bc27f0df2' into glitch-soc/merge-upstream 2023-05-25 22:59:30 +02:00
Claire
f959f6cdbb Merge commit 'e60414792d86a99c0f401f3c1bab92ee37835d39' into glitch-soc/merge-upstream 2023-05-25 22:18:55 +02:00
Claire
b735954971 Merge commit '2ce0b666a139726dc406e6c1887728553b947e59' into glitch-soc/merge-upstream
Conflicts:
- `config/webpack/generateLocalePacks.js`:
  A dependency update changed how functions are imported.
  Also, some linting fixes not applicable to glitch-soc.
2023-05-25 20:43:25 +02:00
Matt Jankowski
384345b0de
Add CLI Base class for command line code (#25106) 2023-05-24 11:55:40 +02:00
Matt Jankowski
d2e5430d4a
Fix RSpec/ExpectChange cop (#25101) 2023-05-24 11:23:40 +02:00
Matt Jankowski
b896b16cb3
Fix RSpec/PredicateMatcher cop (#25102) 2023-05-23 16:49:11 +02:00
Matt Jankowski
778e4a7bf7
Fix RSpec/ExpectInHook cop (#25100) 2023-05-23 16:40:21 +02:00
Matt Jankowski
b6b4ea4ca5
Move the mastodon/*_cli files to mastodon/cli/* (#24139) 2023-05-23 16:08:26 +02:00
Matt Jankowski
c9f980b268
Add request spec for backups download (#25099) 2023-05-23 15:44:11 +02:00
Matt Jankowski
e387175fc9
Fix RSpec/RepeatedExample cop (#24849) 2023-05-23 10:49:23 +02:00
Matt Jankowski
9f5deb310b
Fix Performance/MapCompact cop (#24797)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-23 10:49:12 +02:00
Matt Jankowski
2877c80dbc
Add specs for admin/announcements CRUD actions (#25077) 2023-05-23 10:03:51 +02:00
Daniel M Brasil
b473df9a14
Improve test coverage for /api/v1/featured_tags (#25076) 2023-05-23 09:01:11 +02:00
Claire
2a61f14753
Fix account confirmation flow not returning to app after captcha validation (#25057) 2023-05-22 17:38:05 +02:00
Daniel M Brasil
4a22e72b9b
Improve test coverage for /api/v1/admin/canonical_email_blocks (#24985) 2023-05-22 15:27:35 +02:00
Daniel M Brasil
ce8b5899ae
Fix POST /api/v1/admin/domain_allows returning 200 when no domain is specified (#24958) 2023-05-22 13:44:49 +02:00
Matt Jankowski
e328ab7e5a
Implement pending specs for StatusesController (#23969) 2023-05-22 13:43:05 +02:00
Daniel M Brasil
f3feb4c891
Improve test coverage for /api/v1/admin/email_domain_blocks (#25017) 2023-05-22 13:28:11 +02:00
Emelia Smith
19f9098551
Allow reports with long comments from remote instances, but truncate (#25028) 2023-05-22 13:15:21 +02:00
Daniel M Brasil
d51464283c
Improve test coverage for /api/v1/admin/ip_blocks_controller (#25031) 2023-05-22 12:50:44 +02:00
Nick Schonning
99e2e9b81f
Fix minor typos in comments and spec names (#21831) 2023-05-19 17:13:29 +02:00
Claire
b805b7f021
Add tests for avatar/header in backup service (#25037) 2023-05-19 12:04:18 +02:00
Matt Jankowski
d34d94d08f
Add spec for migration warning module (#25033) 2023-05-19 10:53:50 +02:00
Claire
e60414792d
Add polling and automatic redirection to /start on email confirmation (#25013) 2023-05-16 18:03:52 +02:00
Claire
3ed3d54bf3
Fix reports not being closed when performing batch suspensions (#24988) 2023-05-16 14:56:49 +02:00
Matt Jankowski
604e1c2b11
Remove usage of random sample values in specs (#24869) 2023-05-15 20:20:13 +02:00
Matt Jankowski
b84bc2de5d
Replace i18n view spec with helper spec (#24966) 2023-05-15 17:25:04 +02:00
Matt Jankowski
679aca46da
I18n pluralization errors (#24963) 2023-05-12 18:53:30 +02:00
Daniel M Brasil
433ab0c9a3
Fix uncaught NoMethodError error in /api/v1/admin/canonical_email_blocks/test (#24947)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-12 13:46:16 +02:00
Claire
9015c2d646
Change profile updates to be sent to recently-mentioned servers (#24852) 2023-05-12 13:13:04 +02:00
Matt Jankowski
2c2d924942
Fix RSpec/RepeatedExampleGroupDescription cop (#24850)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-12 12:25:32 +02:00
Matt Jankowski
bf3ebeb42f
Fix RSpec/SharedContext cop (#24847) 2023-05-12 09:25:43 +02:00
Matt Jankowski
a610a02d4f
Fix RSpec/ScatteredSetup cop (#24848) 2023-05-11 10:32:09 +02:00
Daniel M Brasil
9cbda99941
Add test coverage for Mastodon::IpBlocksCLI (#24935) 2023-05-11 10:19:24 +02:00
Claire
6b0942d107
Change AccessTokensVacuum to also delete expired tokens (#24868) 2023-05-11 04:40:03 +02:00
Jeremy Kescher
aac4edf0c5
status_reaction_fabricator: Use a unicode emoji instead of "MyString"
Co-authored-by: Plastikmensch <plastikmensch@users.noreply.github.com>
2023-05-10 21:10:31 +02:00
Jeremy Kescher
9fe04326ea
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	config/routes.rb
#	db/schema.rb
#	lib/mastodon/version.rb
2023-05-09 23:26:00 +02:00
Jeremy Kescher
0cf94443bd
Rubocop fixes 2023-05-08 19:37:56 +02:00
Claire
8b31030fe4 Fix rubocop issues in glitch-soc-specific code 2023-05-08 19:28:43 +02:00
Claire
d77fbbed73 Merge commit 'f877aa9d70d0d600961989b8e97c0e0ce3ac1db6' into glitch-soc/merge-upstream
Conflicts:
- `.github/dependabot.yml`:
  Upstream made changes, but we had removed it.
  Discarded upstream changes.
- `.rubocop_todo.yml`:
  Upstream regenerated the file, we had some glitch-soc-specific ignores.
- `app/models/account_statuses_filter.rb`:
  Minor upstream code style change where glitch-soc had slightly different code
  due to handling of local-only posts.
  Updated to match upstream's code style.
- `app/models/status.rb`:
  Upstream moved ActiveRecord callback definitions, glitch-soc had an extra one.
  Moved the definitions as upstream did.
- `app/services/backup_service.rb`:
  Upstream rewrote a lot of the backup service, glitch-soc had changes because
  of exporting local-only posts.
  Took upstream changes and added back code to deal with local-only posts.
- `config/routes.rb`:
  Upstream split the file into different files, while glitch-soc had a few
  extra routes.
  Extra routes added to `config/routes/settings.rb`, `config/routes/api.rb`
  and `config/routes/admin.rb`
- `db/schema.rb`:
  Upstream has new migrations, while glitch-soc had an extra migration.
  Updated the expected serial number to match upstream's.
- `lib/mastodon/version.rb`:
  Upstream added support to set version tags from environment variables, while
  glitch-soc has an extra `+glitch` tag.
  Changed the code to support upstream's feature but prepending a `+glitch`.
- `spec/lib/activitypub/activity/create_spec.rb`:
  Minor code style change upstream, while glitch-soc has extra tests due to
  `directMessage` handling.
  Applied upstream's changes while keeping glitch-soc's extra tests.
- `spec/models/concerns/account_interactions_spec.rb`:
  Minor code style change upstream, while glitch-soc has extra tests.
  Applied upstream's changes while keeping glitch-soc's extra tests.
2023-05-08 19:28:21 +02:00
Jeremy Kescher
f1a71785b9
Merge remote-tracking branch 'upstream/main' into develop 2023-05-08 18:40:08 +02:00
Claire
2d029dedd9 Merge commit '0ad2413b35287958f59073a5b63aecc659a64d98' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/styles/mastodon/forms.scss`:
  Conflict because we ran eslint autofix on upstream files.
- `config/initializers/content_security_policy.rb`:
  Code style changes but we have a different version.
  Kept our version.
- `streaming/index.js`:
  Upstream fixed a typo close to glitch-soc-only code.
  Applied upstream's changes.
2023-05-08 15:28:36 +02:00
Jeremy Kescher
9eb149477a
Merge remote-tracking branch 'upstream/main' into develop 2023-05-06 00:39:56 +02:00
Daniel M Brasil
c9210af3ee
Add test coverage for Mastodon::SettingsCLI (#24856) 2023-05-04 20:37:42 +02:00
Claire
c3c7d59072
Fix infinite loop in AccountsStatusesCleanupScheduler (#24840) 2023-05-04 10:13:00 +02:00
Nick Schonning
da3bd913ae
Autofix Rubocop Style/HashSyntax (#23754) 2023-05-04 05:54:26 +02:00
Nick Schonning
1fe04f740a
Enable Rubocop Rails/FilePath (#23854) 2023-05-04 05:50:40 +02:00
Matt Jankowski
c97b611b6b
Fix RSpec/InferredSpecType cop (#24736) 2023-05-04 05:49:53 +02:00
Matt Jankowski
710745e16b
Fix RSpec/ContextWording cop (#24739) 2023-05-04 05:49:08 +02:00
Matt Jankowski
cf18cc2891
Fix RSpec/MultipleSubjects cop (#24738) 2023-05-04 05:48:35 +02:00
Matt Jankowski
bdcd8a9e88
Misc spec cleanup (#24822) 2023-05-04 05:47:52 +02:00
Matt Jankowski
08fb9d300a
Spec coverage for settings/preferences/* controllers (#24825) 2023-05-04 05:44:27 +02:00
Claire
a2a22bad23
Fix various edge cases with local moves (#24812) 2023-05-03 19:19:25 +02:00
Claire
1e75eb690d
Fix own posts not getting delivered to own lists (#24810) 2023-05-03 19:17:40 +02:00
Claire
c98b012583
Change Move handler to also move list memberships (#24808) 2023-05-03 14:03:38 +02:00
Matt Jankowski
3df665fd23
Fix Lint/ConstantDefinitionInBlock cop (#24763) 2023-05-03 10:32:30 +02:00
Claire
8b636a29c6
Improve automatic post cleanup worker performances (#24785) 2023-05-03 10:31:40 +02:00
Matt Jankowski
a0c9f2447e
Fix Performance/MethodObjectAsBlock cop (#24798) 2023-05-03 10:30:54 +02:00
Matt Jankowski
97385f27bd
Fix Performance/RedundantEqualityComparisonBlock cop (#24799) 2023-05-03 10:30:10 +02:00
Matt Jankowski
05e3abe9d9
Fix Lint/EmptyClass cop (#24795) 2023-05-02 21:06:51 +02:00
Matt Jankowski
a7df578f97
ApplicationHelper spec coverage, unused removal, tiny refactor (#24762) 2023-05-02 18:10:39 +02:00
Matt Jankowski
570079f8ce
Fix Performance/TimesMap cop (#24789) 2023-05-02 18:07:16 +02:00
Claire
9189e90ff2
Add fallback redirection when getting a webfinger query LOCAL_DOMAIN@LOCAL_DOMAIN (#23600)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-05-02 17:42:42 +02:00
Claire
b233da5996
Optimize archive export service and export zip files instead of gzipped tar files (#23360) 2023-05-02 15:09:43 +02:00
Claire
6693a4fe7c
Change lists to be able to include accounts with pending follow requests (#19727) 2023-05-02 14:40:36 +02:00
Claire
1eb51bd749
Add request specs for caching behavior (#24592) 2023-05-02 13:58:29 +02:00
Claire
32a030dd74
Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski
d00e45a7d3
Fix Rails/I18nLocaleAssignment cop (#24693) 2023-04-30 14:07:03 +02:00
Mark Roszko
c23d285b16
Remove the u in Favorite for non-gb english (#24667)
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2023-04-30 16:33:37 +09:00
João Pedro Marques
8f6e290c7a
Adds new follower/following routes (#24601) 2023-04-30 09:01:42 +02:00
Matt Jankowski
bdc74086e6
Fix Rails/ContentTag cop (#24691) 2023-04-30 06:47:15 +02:00
Matt Jankowski
8dcfb6e0ea
Fix Rails/HttpPositionalArguments cop (#24699) 2023-04-30 06:43:28 +02:00
Matt Jankowski
274d561430
Enable local account key generation spec (#24728) 2023-04-30 02:28:52 +02:00
Matt Jankowski
4cfe52635c
Add pending spec for User.those_who_can (#24724) 2023-04-29 22:03:36 +02:00
Claire
612a1ee697 Fix body_classes test for glitch-soc 2023-04-29 11:08:38 +02:00
Claire
12b935fadf Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/dependabot.yml`:
  Updated upstream, removed in glitch-soc to disable noise.
  Kept removed.
- `CODE_OF_CONDUCT.md`:
  Upstream updated to a new version of the covenant, but I have not read it
  yet, so kept unchanged.
- `Gemfile.lock`:
  Not a real conflict, one upstream dependency updated textually too close to
  the glitch-soc only `hcaptcha` dependency.
  Applied upstream changes.
- `app/controllers/admin/base_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
  Applied upstream changes.
- `app/controllers/application_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
  Applied upstream changes.
- `app/controllers/disputes/base_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
  Applied upstream changes.
- `app/controllers/relationships_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
  Applied upstream changes.
- `app/controllers/statuses_cleanup_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
  Applied upstream changes.
- `app/helpers/application_helper.rb`:
  Minor conflict due to glitch-soc's theming system.
  Applied upstream changes.
- `app/javascript/mastodon/features/compose/components/compose_form.jsx`:
  Upstream added a highlight animation for onboarding, while we changed the
  max character limit.
  Applied our local changes on top of upstream's new version.
- `app/views/layouts/application.html.haml`:
  Minor conflict due to glitch-soc's theming system.
  Applied upstream changes.
- `stylelint.config.js`:
  Upstream added ignore paths, glitch-soc had extra ignore paths.
  Added the same paths as upstream.
2023-04-29 10:44:56 +02:00
Nick Schonning
5841f1af8c
Autofix Rubocop RSpec/MatchArray (#24675) 2023-04-26 21:29:36 +02:00
Nick Schonning
a3393d0d07
Autofix Rubocop RSpec/MatchArray (#24050) 2023-04-26 20:21:54 +02:00
Matt Jankowski
91a8cd21d8
React component helper specs (#24072) 2023-04-26 18:21:32 +02:00
Nick Schonning
90beba57d8
Autofix Rubocop Rails/ResponseParsedBody (#24051) 2023-04-26 17:25:07 +02:00
Claire
276c39361b
Fix anonymous visitors getting a session cookie on first visit (#24584) 2023-04-25 16:51:38 +02:00
Claire
f45961aa98
Add feature test for OAuth access grant (#24624) 2023-04-24 19:06:58 +02:00
Matt Jankowski
0a5f0a8b20
Remove instance variables from helper usage (#24203) 2023-04-23 22:35:54 +02:00
Claire
58a1b2e330
Fix caching logic with regards to Accept-Language, Cookie, and Signature (#24604) 2023-04-23 22:27:24 +02:00
Claire
5dc3173ef8
Fix AccountsStatusesCleanupScheduler not spreading deletes across accounts correctly (#24607) 2023-04-23 22:25:40 +02:00
Jeremy Kescher
f3953eee78
Merge remote-tracking branch 'upstream/main' into develop 2023-04-23 20:49:47 +02:00
Claire
abfdafef1e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/auth/setup_controller.rb`:
  Upstream removed a method close to a glitch-soc theming-related method.
  Removed the method like upstream did.
2023-04-22 10:06:11 +02:00
Jeremy Kescher
3866d53b95
Merge remote-tracking branch 'upstream/main' into develop 2023-04-21 15:05:02 +02:00
Eugen Rochko
e98c86050a
Refactor Cache-Control and Vary definitions (#24347) 2023-04-19 16:07:29 +02:00
Robert R George
4db8230194
Add trend management to admin API (#24257) 2023-04-18 11:33:30 +02:00
Heitor de Melo Cardozo
bc75e62ca6
Change moderation search an account using the username with @ (#24242) 2023-04-17 14:16:36 +02:00
Heitor de Melo Cardozo
4601e0dcbb
Add user handle to notification mail recipient address (#24240)
Co-authored-by: luccamps <luccamps@users.noreply.github.com>
Co-authored-by: Leonardo Negreiros de Oliveira <negreirosleo12@gmail.com>
Co-authored-by: Marcio Flavio <mflaviof1995@gmail.com>
Co-authored-by: Gabriel Quaresma <j.quaresmasantos_98@hotmail.com>
2023-04-17 11:06:06 +02:00
Claire
f9a9f9344b Merge branch 'main' into glitch-soc/merge-upstream 2023-04-16 17:52:44 +02:00
Matt Jankowski
10f0de4212
Refactor race condition reblog service spec (#24526) 2023-04-14 14:42:10 +02:00
Claire
f53d009778
Refactor Status._insert_record slightly and tighten the test around reblogs of discarded statuses (#24516) 2023-04-12 12:47:05 +02:00
Matt Jankowski
36eeb70d53
Spec coverage on Settings/ controllers specs (#24221) 2023-04-11 11:35:39 +02:00
Matt Jankowski
a2a66300d9
Clean up the post deployment migration generator (#24233) 2023-04-11 11:25:29 +02:00
Jeremy Kescher
1e866e57ac
Merge remote-tracking branch 'upstream/main' into develop 2023-04-10 08:14:20 +02:00
Claire
ce12934f5b Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Upstream removed a dependency that was textually close to a glitch-soc-only
  dependency.
  Removed the dependency as upstream did, while keeping the glitch-soc-only
  dependency.
2023-04-09 11:45:08 +02:00
Claire
ff168ef202
Fix most rubocop issues (#2165)
* Run rubocop --autocorrect on app/, config/ and lib/, also manually fix some remaining style issues

* Run rubocop --autocorrect-all on db/

* Run rubocop --autocorrect-all on `spec/` and fix remaining issues
2023-04-09 11:25:30 +02:00
Matt Jankowski
9d39b111f1
Expand coverage for "system checks" (#24216) 2023-04-07 14:39:34 +02:00
Jeremy Kescher
68101baae1
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	app/controllers/settings/preferences_controller.rb
#	app/javascript/mastodon/utils/resize_image.js
#	app/lib/user_settings_decorator.rb
#	app/models/media_attachment.rb
#	app/models/user.rb
#	app/views/settings/preferences/appearance/show.html.haml
#	app/workers/scheduler/indexing_scheduler.rb
#	config/settings.yml
#	db/schema.rb
2023-04-03 21:50:15 +02:00
Claire
01d6f7529f Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream added a link to the roadmap, but we have a completely different README.
  Kept ours.
- `app/models/media_attachment.rb`:
  Upstream upped media attachment limits.
  Updated the default according to upstream's.
- `db/migrate/20180831171112_create_bookmarks.rb`:
  Upstream changed the migration compatibility level.
  Did so too.
- `config/initializers/content_security_policy.rb`:
  Upstream refactored this file but we have a different version.
  Kept our version.
- `app/controllers/settings/preferences_controller.rb`:
  Upstream completely refactored user settings storage, and glitch-soc has a
  different set of settings.
  The file does not directly references individual settings anymore.
  Applied upstream changes.
- `app/lib/user_settings_decorator.rb`:
  Upstream completely refactored user settings storage, and glitch-soc has a
  different set of settings.
  The file got removed entirely.
  Removed it as well.
- `app/models/user.rb`:
  Upstream completely refactored user settings storage, and glitch-soc has a
  different set of settings.
  References to individual settings have been removed from the file.
  Removed them as well.
- `app/views/settings/preferences/appearance/show.html.haml`:
  Upstream completely refactored user settings storage, and glitch-soc has a
  different set of settings.
  Applied upstream's changes and ported ours back.
- `app/views/settings/preferences/notifications/show.html.haml`:
  Upstream completely refactored user settings storage, and glitch-soc has a
  different set of settings.
  Applied upstream's changes and ported ours back.
- `app/views/settings/preferences/other/show.html.haml`:
  Upstream completely refactored user settings storage, and glitch-soc has a
  different set of settings.
  Applied upstream's changes and ported ours back.
- `config/settings.yml`:
  Upstream completely refactored user settings storage, and glitch-soc has a
  different set of settings.
  In particular, upstream removed user-specific and unused settings.
  Did the same in glitch-soc.
- `spec/controllers/application_controller_spec.rb`:
  Conflicts due to glitch-soc's theming system.
  Mostly kept our version, as upstream messed up the tests.
2023-03-31 21:30:27 +02:00
Christian Schmidt
b4f38edf74
Wrong type for user setting when default is defined by lambda (#24321) 2023-03-31 07:33:17 +02:00
Eugen Rochko
a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Christian Schmidt
eb38e9df31
Requeue expiration notification (#24311) 2023-03-29 10:52:40 +02:00
Eugen Rochko
9bda933740
Change media upload limits and remove client-side resizing (#23726) 2023-03-25 10:00:03 +01:00
Jeremy Kescher
4ec0bd126b
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
2023-03-23 11:18:01 +01:00
Claire
5ac380c122 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/status.rb`:
  Upstream added lines close to a glitch-soc only line, not a real conflict.
  Applied upstream's changes (added hooks) while keeping glitch-soc's changes
  (`local_only` scope).
- `config/environments/production.rb`:
  Upstream removed a header, while we have glitch-soc specific ones.
  Removed the header removed upstream.
2023-03-22 19:50:11 +01:00
Matt Jankowski
b179ff84c7
Add specs for Chewy importers (#24204) 2023-03-22 14:06:26 +01:00
Jeremy Kescher
2cb88f5baa
Merge remote-tracking branch 'upstream/main' into develop
Conflicts:
- .github/workflows/build-image.yml
  We don't use GitHub Actions for building Docker images.
- Gemfile.lock
  Versions were upgraded upstream that conflicted with our changes, simply applied upstream changes.
2023-03-19 01:57:28 +01:00
Jeremy Kescher
24e9a23fe6
Merge remote-tracking branch 'upstream/main' into develop, bump version
Conflicts:
- .github/workflows/build-image.yml
  We're not building an image with GitHub Actions.
2023-03-17 07:27:28 +01:00
Claire
193250556c Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream changed their README, we have our own.
  Kept ours.
- `app/helpers/application_helper.rb`:
  Minor code style fix upstream, on a line that is different in glitch-soc
  due to the different theming system.
  Applied the code style fix to our own code.
- `app/views/settings/preferences/appearance/show.html.haml`:
  Code style fix on a line next to lines exclusive to glitch-soc.
  Applied upstream changes.
- `yarn.lock`:
  Upstream updated a dependency textually close to a glitch-soc-only
  dependency.
  Updated the dependency like upstream did.
2023-03-16 23:12:59 +01:00
Christian Schmidt
bd047acc35
Replace Status#translatable? with language matrix in separate endpoint (#24037) 2023-03-16 11:07:24 +01:00
Nick Schonning
a38f67c1c3
Autofix Rubocop Style/PreferredHashMethods (#23851) 2023-03-16 01:36:37 +01:00
Jeremy Kescher
ddc4022845
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile.lock
#	app/javascript/flavours/glitch/initial_state.js
#	app/javascript/mastodon/initial_state.js
#	app/lib/feed_manager.rb
#	app/services/batched_remove_status_service.rb
#	lib/mastodon/feeds_cli.rb
2023-03-15 14:13:29 +01:00
Claire
3ef5f62abf Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream switched to pushing to both DockerHub and GitHub Container
  Repository, while glitch-soc was already pushing to the latter only.
  Updated our configuration to be slightly more consistent with upstream's
  naming and styling, but kept our behavior.
- `Gemfile.lock`:
  Updated dependencies textually too close to glitch-soc only hcaptcha
  dependency.
  Updated dependencies as upstream did.
- `README.md`:
  Upstream updated its README, but we have a completely different one.
  Kept our README, though it probably should be reworked at some point.
- `app/views/auth/sessions/two_factor.html.haml`:
  Minor style fix upstream that's on a line glitch-soc removed because
  of its different theming system.
  Kept our file as is.
- `spec/controllers/health_controller_spec.rb`:
  This file apparently did not exist upstream, upstream created it with
  different contents but it is functionally the same.
  Switched to upstream's version of the file.
- `spec/presenters/instance_presenter_spec.rb`:
  Upstream changed the specs around `GITHUB_REPOSITORY`, while glitch-soc
  had its own code because it's a fork and does not have the same default
  source URL.
  Took upstream's change, but with glitch-soc's repo as the default case.
- `yarn.lock`:
  Upstream dependencies textually too close to a glitch-soc only one.
  Updated dependencies as upstream did.
2023-03-15 09:16:10 +01:00
Claire
a232a1feb8
Fix misleading error code when receiving invalid WebAuthn credentials (#23568) 2023-03-15 04:15:20 +01:00
Matt Jankowski
a471e1c48f
Add spec for the CLI version task (#23978) 2023-03-15 03:56:09 +01:00
Matt Jankowski
1ed12d5e2f
Add basic search specs for chewy indexes (#24065) 2023-03-10 19:31:10 +01:00
Matt Jankowski
688287c59d
Coverage improvement round-out following up previous work (#23987) 2023-03-10 13:33:30 +01:00
Matt Jankowski
56bddfbfa3
Serializers spec coverage (#24017) 2023-03-10 12:12:51 +01:00
Matt Jankowski
2f7a663b0b
Explicitly set github repo in instance presenter spec (#24036) 2023-03-09 14:27:48 +01:00
Christian Schmidt
684a970b3c
Unescape HTML entities (#24019) 2023-03-08 19:56:41 +01:00
Jeremy Kescher
047286d54e
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile.lock
2023-03-06 16:33:21 +01:00
Claire
7623e18124 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream README has been changed, but we have a completely different one.
  Kept our `README.md`.
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream added support for more incoming HTML tags (a large subset of what
  glitch-soc accepts).
  Change the code style to match upstream's but otherwise do not change our
  code.
- `spec/lib/sanitize_config_spec.rb`:
  Upstream added support for more incoming HTML tags (a large subset of what
  glitch-soc accepts).
  Kept our version, since the tests are mostly glitch-soc's, except for cases
  which are purposefuly different.
2023-03-05 20:46:56 +01:00
Jeremy Kescher
7318b74ebf
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile.lock
#	app/models/notification.rb
#	config/locales/simple_form.de.yml
2023-03-05 12:34:16 +01:00
Matt Jankowski
c599e289d8
Fix spec for api/v1/statuses/translations (#23956) 2023-03-04 23:17:46 +01:00
Matt Jankowski
2d1ccb3d8b
Restore missing fabricators (#23951) 2023-03-04 18:31:13 +01:00
Matt Jankowski
506b16cf59
Pending example models minimal coverage (#23912) 2023-03-04 17:16:45 +01:00
Matt Jankowski
7f4412eeeb
User mailer spec coverage improvements (#23905) 2023-03-04 17:16:11 +01:00
Matt Jankowski
42ddc45133
Admin controllers specs (#23917) 2023-03-04 17:13:28 +01:00
Matt Jankowski
ad585fb195
Specs api v1 controllers (#23930) 2023-03-04 17:12:54 +01:00
Matt Jankowski
cd99fa8ceb
Fabricator specs (#23925) 2023-03-04 17:12:09 +01:00
Matt Jankowski
c40d5e5a8f
Misc coverage improvements for validators (#23928) 2023-03-04 17:00:00 +01:00
Matt Jankowski
2f606ba122
Helpers specs coverage improvement (#23937) 2023-03-04 16:58:11 +01:00
Matt Jankowski
00eb2269b6
Policies specs (#23924) 2023-03-04 16:57:22 +01:00
Matt Jankowski
6a57c42316
Settings controllers specs (#23915) 2023-03-04 16:56:43 +01:00
Matt Jankowski
39e7525c96
Add basic coverage for some worker jobs (#23943) 2023-03-04 16:56:09 +01:00
Matt Jankowski
f9c2213ae5
Models specs coverage (#23940) 2023-03-04 16:43:47 +01:00
Christian Schmidt
5a8c651e8f
Only offer translation for supported languages (#23879) 2023-03-03 21:06:31 +01:00
Claire
3f52e717fa
Add tests for moderation actions without custom text (#23184) 2023-03-03 20:50:46 +01:00
Claire
c2a046ded1
Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-03 20:25:15 +01:00
Claire
3a6451c867
Add support for incoming rich text (#23913) 2023-03-03 20:19:29 +01:00
Claire
276c1d32d6 Merge branch 'main' into glitch-soc/merge-upstream 2023-03-02 17:32:38 +01:00
Matt Jankowski
af578e8ce0
Fix deprecation warning about merging conditions (#23618) 2023-03-02 16:21:04 +01:00
Matt Jankowski
9da52ac044
Update rspec-rails to version 6.0.1 (#23908) 2023-03-02 15:55:37 +01:00
Matt Jankowski
35dff48edf
Add spec coverage for Admin::Trends::StatusesHelper (#23898) 2023-03-02 15:30:40 +01:00
Stanislav Dobrovolschii
d9271126ce
Add rspecs for FollowRecommendationsScheduler (#23890) 2023-03-02 10:05:05 +01:00
Matt Jankowski
b6602f68eb
Spec coverage for HomeHelper (#23907) 2023-03-02 10:04:14 +01:00
Matt Jankowski
6185efbc3c
Admin mailer spec coverage improvement (#23863) 2023-02-28 22:33:34 +09:00
Matt Jankowski
9ee83a9f3b
Add policies and serializers groups to simplecov output (#23897) 2023-02-27 16:35:47 +01:00
Matt Jankowski
4bb39ac3c3
Fix single-record invalid condition on PollVote (#23810) 2023-02-27 09:31:15 +01:00
Claire
4ed09276d5 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end of the file, while glitch-soc had its own
  extra lines.
  Took upstream's change.
- `CONTRIBUTING.md`:
  We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes.
  Ported upstream changes.
- `app/controllers/application_controller.rb`:
  Upstream made code style changes in a method that is entirely replaced
  in glitch-soc.
  Ignored the change.
- `app/models/account.rb`:
  Code style changes textually close to glitch-soc-specific changes.
  Ported upstream changes.
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream code style changes.
  Ignored them.
2023-02-25 14:00:40 +01:00
Nick Schonning
19614ba247
Rename ActivityPub Serializer Specs (#23844) 2023-02-23 23:17:48 +01:00
Claire
20b80c62ff
Change auto-deletion throttling constants to better scale with server size (#23320) 2023-02-23 16:52:40 +01:00
Nick Schonning
6bd7003799
Fix mispelled spec filenames (#23834) 2023-02-23 11:28:56 +01:00
Claire
3ed1b9ebb6
Fix rack:attack flaky tests and test end of throttle period (#23799) 2023-02-22 10:28:52 +01:00
Nick Schonning
8fd3fc404d
Autofix Rubocop Rails/RootPathnameMethods (#23760) 2023-02-22 09:57:15 +09:00
Nick Schonning
84cc805cae
Enable Style/FrozenStringLiteralComment for specs (#23790) 2023-02-22 09:55:31 +09:00
Nick Schonning
0cfdd1a401
Enable Rubocop Style/StringConcatenation defaults (#23792) 2023-02-22 09:54:36 +09:00
Jeremy Kescher
0e634397c3
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	Gemfile.lock
2023-02-21 00:40:08 +01:00
Nick Schonning
35d032500b
Autofix Rubocop Security/IoMethods (#23757) 2023-02-21 03:21:19 +09:00
Nick Schonning
2c3c734bcc
Autofix Rubocop Style/SymbolProc (#23742) 2023-02-20 07:58:46 +01:00
Nick Schonning
717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning
5116347eb7
Autofix Rubocop RSpec/BeEq (#23740) 2023-02-20 06:14:50 +01:00
Nick Schonning
bf785df9fe
Audofix Rubocop Style/WordArray (#23739) 2023-02-20 06:14:10 +01:00
Nick Schonning
4552685f6b
Autofix Rubocop RSpec/LeadingSubject (#23670) 2023-02-20 13:24:14 +09:00
Nick Schonning
4ea1e0fceb
Enable Rubocop RSpec/ExpectActual (#23720) 2023-02-20 05:00:59 +01:00
Nick Schonning
38a1d8bb85
Autofix Rubocop RSpec/ImplicitSubject (#23721) 2023-02-20 05:00:48 +01:00
Nick Schonning
5179c47087
Autofix Rubocops RSpec/ScatteredLet (#23725) 2023-02-20 11:17:41 +09:00
Nick Schonning
aef0051fd0
Enable Rubocop HTTP status rules (#23717) 2023-02-20 11:16:40 +09:00
Nick Schonning
bd1d57c230
Autofix Rubocop RSpec/EmptyLineAfterSubject (#23719) 2023-02-20 02:46:00 +01:00
Nick Schonning
dbc6d7b276
Autofix Rubocop Lint/UnusedBlockArgument (#23712) 2023-02-20 02:45:50 +01:00
Nick Schonning
65ba0d92ef
Enable Rubocop RSpec/NotToNot (#23723) 2023-02-20 02:33:27 +01:00
Nick Schonning
a2fdb388eb
Autofix Rubocop RSpec/ReturnFromStub (#23724) 2023-02-20 02:32:10 +01:00
Nick Schonning
21bf326356
Autofix Rubocop Rails/Pluck (#23730) 2023-02-20 02:28:40 +01:00
Claire
7452a95998 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/dependabot.yml`:
  Upstream made changes while we have dropped this file.
  Keep the file deleted.
- `.prettierignore`:
  Upstream made changes at the end of the file, where we
  had our extra lines.
  Just moved our extra lines back at the end.
- `app/serializers/initial_state_serializer.rb`:
  Upstream code style changes.
  Applied them.
- `app/services/backup_service.rb`:
  Upstream code style changes.
  Applied them.
2023-02-19 10:42:55 +01:00
Nick Schonning
e0e63b73ee
Autofix Rubocop RSpec/EmptyLineAfterHook (#23718) 2023-02-19 14:54:34 +09:00
Nick Schonning
81ad6c2e39
Autofix Rubocop Style/StringLiterals (#23695) 2023-02-19 07:38:14 +09:00
Nick Schonning
ac3561098e
Autofix Rubocop RSpec/LetBeforeExamples (#23671) 2023-02-19 07:17:59 +09:00
Nick Schonning
1a02101100
Autofix Rubocop Style/EmptyLambdaParameter (#23705) 2023-02-19 07:12:06 +09:00
Nick Schonning
3680e032b4
Autofix Rubocop RSpec/EmptyLineAfterFinalLet (#23707) 2023-02-19 07:10:19 +09:00
Nick Schonning
167709f6b0
Autofix Rubocop Style/BlockDelimiters (#23706) 2023-02-19 07:00:17 +09:00
Nick Schonning
c0d7c855b3
Autofix Rubocop RSpec/Capybara/FeatureMethods (#23708) 2023-02-19 06:59:00 +09:00
Nick Schonning
08289a38fa
Autofix Rubocop Style/TrailingCommaInArrayLiteral (#23692) 2023-02-19 06:54:30 +09:00
Jeremy Kescher
4a6cc45f9d
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile
#	Gemfile.lock
#	config/sidekiq.yml
2023-02-18 22:38:53 +01:00
Nick Schonning
5069769cbe
Autofix Rubocop Style/TrailingCommaInHashLiteral (#23693) 2023-02-18 23:33:41 +09:00
Nick Schonning
b4cbfff3eb
Autofix Rubocop RSpec/ExcessiveDocstringSpacing (#23666) 2023-02-18 12:47:37 +01:00
Nick Schonning
c38bd17657
Autofix Rubocop Style/TrailingCommaInArguments (#23694) 2023-02-18 12:39:58 +01:00
Nick Schonning
e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning
d65b2c1924
Apply Rubocop Style/RedundantConstantBase (#23463) 2023-02-18 04:30:03 +01:00
Nick Schonning
a7db0b41cd
Autofix Rubocop Lint/ParenthesesAsGroupedExpression (#23682) 2023-02-18 04:00:05 +01:00
Nick Schonning
e5cf23cf3a
Enable Rubocop RSpec/HooksBeforeExamples (#23668) 2023-02-18 03:59:57 +01:00
Nick Schonning
efd424506a
Autofix Rubocop Style/RedundantPercentQ (#23651) 2023-02-18 03:32:57 +01:00
Nick Schonning
c0a645f647
Autofix Rubocop RSpec/ExampleWording (#23667) 2023-02-18 03:26:20 +01:00
Nick Schonning
7a3d4c3d4b
Enable Rubocop RSpec/MultipleDescribes (#23672) 2023-02-18 03:25:47 +01:00
Nick Schonning
54318dcd6d
Autofix Rubocop RSpec/ClassCheck (#23685) 2023-02-18 03:24:16 +01:00
Nick Schonning
634368c491
Autofix Rubocop Lint/SymbolConversion (#23683) 2023-02-18 03:23:49 +01:00
Nick Schonning
6d42820e5d
Autofix Rubocop Lint/AmbiguousOperator (#23680) 2023-02-18 03:22:01 +01:00
Nick Schonning
ac59d6f19f
Enable Rubocop Style/NumericLiterals (#23647) 2023-02-18 11:05:57 +09:00
Nick Schonning
669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Nick Schonning
6ed6c41724
Autofix Rubocop RSpec/EmptyLineAfterExample (#23661) 2023-02-17 21:46:00 +09:00
Nick Schonning
68b1071f86
Autofix Rubocop RSpec/BeNil (#23653) 2023-02-17 21:45:27 +09:00
Nick Schonning
936204b9ea
Autofix Rubocop Style/NestedParenthesizedCalls (#23646) 2023-02-17 21:43:10 +09:00
Nick Schonning
37914c8757
Autofix Rubocop Style/MethodCallWithoutArgsParentheses (#23645) 2023-02-17 21:36:14 +09:00
Jeremy Kescher
8de39432a9
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	Gemfile.lock
#	app/javascript/flavours/glitch/actions/interactions.js
#	config/initializers/rack_attack.rb
#	config/locales/en_GB.yml
2023-02-17 00:26:21 +01:00
Claire
66f715550e
Add memorial attribute to REST API (#23591) 2023-02-14 13:50:55 +01:00
Claire
ce84d163cc Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end, glitch-soc had extra entries at the end.
  Added upstream's new line before glitch-soc's.
- `Gemfile.lock`:
  Upstream updated dependencies while glitch-soc has an extra one (hcaptcha).
  Updated dependencies like upstream did.
- `app/controllers/api/v1/statuses_controller.rb`:
  Not a real conflict, upstream added a parameter (`allowed_mentions`) where
  glitch-soc already had an extra one (`content_type`).
  Added upstream's new parameter.
- `app/javascript/styles/fonts/roboto-mono.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
- `app/javascript/styles/fonts/roboto.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
2023-02-13 19:35:35 +01:00
Claire
d6930b3847
Add API parameter to safeguard unexpect mentions in new posts (#18350) 2023-02-13 16:36:29 +01:00
Varun Sharma
45e2936c89
Add tests to indicate inclusion of self replies in statuses endpoint (#23266) 2023-02-13 16:04:26 +01:00
Claire
c55568c75a
Add tests for REST::AccountSerializer (#23319) 2023-02-13 13:23:59 +01:00
Claire
87419f9307 Merge branch 'main' into glitch-soc/merge-upstream 2023-02-10 22:49:59 +01:00
Claire
0c9eac80d8
Fix unbounded recursion in post discovery (#23506)
* Add a limit to how many posts can get fetched as a result of a single request

* Add tests

* Always pass `request_id` when processing `Announce` activities

---------

Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2023-02-10 22:16:37 +01:00
Claire
85558a5e18 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Minor upstream change, our README is completely different.
  Kept ours.
- `lib/tasks/assets.rake`:
  glitch-soc has extra code to deal with its theming system,
  upstream changed a line that exists in glitch-soc.
  Applied upstream changes.
2023-02-09 12:46:12 +01:00
Nick Schonning
0592937264
Apply Rubocop Rails/WhereNot (#23448)
* Apply Rubocop Rails/WhereNot

* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning
1487fcde93
Apply Rubocop Style/ExpandPathArguments (#23450) 2023-02-08 07:06:20 +01:00
Nick Schonning
ed570050c6
Autofix Rails/EagerEvaluationLogMessage (#23429)
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Claire
9edefc779f
Fix UserCleanupScheduler crash when an unconfirmed account has a moderation note (#23318)
* Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note

* Add tests
2023-02-07 01:14:44 +01:00
Claire
aeacebb3d7 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream updated `docker/build-push-action`, and we a different config
  for `docker/metadata-action` so the lines directly above were different,
  but it's not a real conflict.
  Upgraded `docker/build-push-action` as upstream did.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
  Upstream changed the codestyle near a line we had modified to accommodate
  configurable character count.
  Kept our change.
2023-02-03 19:23:27 +01:00
Claire
20a479ff7c
Change POST /settings/applications/:id to regenerate token on scopes change (#23359)
Fixes #23096
2023-02-02 12:03:49 +01:00
Jeremy Kescher
27fdb81b65
Merge remote-tracking branch 'upstream/main' into develop 2023-01-27 00:36:49 +01:00
Claire
fad6633156 Merge branch 'main' into glitch-soc/merge-upstream 2023-01-26 19:31:39 +01:00
Jeremy Kescher
855b0d4dbb
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	lib/mastodon/version.rb
2023-01-26 17:27:01 +01:00
Claire
13a2abacc8
Add roles attribute to Account entities in REST API (#23255) 2023-01-25 19:55:40 +01:00
Claire
3074338d79 Merge branch 'main' into glitch-soc/merge-upstream 2023-01-24 20:32:31 +01:00
Claire
a5a00d7f7a
Fix email with empty domain name labels passing validation (#23246)
* Fix email with empty domain name labels passing validation

`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.

* Add tests
2023-01-24 20:18:41 +01:00
Claire
6883fddb19
Fix account activation being triggered before email confirmation (#23245)
* Add tests

* Fix account activation being triggered before email confirmation

Fixes #23098
2023-01-24 19:40:21 +01:00
Markus Unterwaditzer
f2a6e71bb6
Suppress AddressFamilyError in link verification (#23204)
* Suppress AddressFamilyError

* clarify comment
2023-01-23 13:05:54 +01:00
Claire
448be26b34
Add missing policy attribute to WebPushSubscriptionSerializer (#23210)
* Add missing `policy` attribute to `WebPushSubscriptionSerializer`

Fixes #23145

* Add tests
2023-01-23 13:05:30 +01:00
Jeremy Kescher
0d829dadea
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile.lock
#	app/javascript/flavours/glitch/features/ui/index.js
#	app/javascript/mastodon/features/ui/index.js
2023-01-18 22:29:27 +01:00
Claire
60abcb3c4c Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `config/i18n-tasks.yml`:
  Upstream added new ignored strings, glitch-soc has extra ignored strings
  because of the theming system.
  Added upstream's changes.
2023-01-18 17:38:11 +01:00
Claire
68dcbcb7bf
Add more specific error messages to HTTP signature verification (#21617)
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
2023-01-18 16:47:56 +01:00
Claire
343e1fe8e9
Add confirmation screen when handling reports (#22375)
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
2023-01-18 16:40:09 +01:00
Claire
4b92e59f4f
Add support for editing media description and focus point of already-posted statuses (#20878)
* Add backend support for editing media attachments of existing posts

* Allow editing media attachments of already-posted toots

* Add tests
2023-01-18 16:33:55 +01:00
Claire
fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists (#21470)
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
Jeremy Kescher
004b2fc290
Merge remote-tracking branch 'upstream/main' into develop 2023-01-15 20:38:42 +01:00
Claire
ab59743c13 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/layouts/mailer.html.haml`:
  Upstream removed a line close to one modified by glitch-soc.
  Removed the line as upstream did.
2023-01-14 22:34:09 +01:00
Claire
21a1a8ee88
Fix crash when marking statuses as sensitive while some statuses are deleted (#22134)
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments

* Fix crash when marking statuses as sensitive while some statuses are deleted

Fixes #21910

* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”

* Add tests
2023-01-13 10:46:52 +01:00
Claire
3e63fcd4f0 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/status.rb`:
  Minor upstream refactor moved hook definitions around,
  and glitch-soc has an extra `before_create`.
  Moved the `before_create` accordingly.
- `app/services/batched_remove_status_service.rb`:
  Minor upstream refactor changed a block in which glitch-soc
  had one extra call to handle direct timelines.
  Adapted changes to keep glitch-soc's extra call.
2023-01-12 10:15:46 +01:00
Claire
15b88a83ab
Fix sanitizer parsing link text as HTML when stripping unsupported links (#22558) 2023-01-11 22:21:10 +01:00
Markus Unterwaditzer
0c689b9d01
fix: allow verification when page size exceeds 1MB (using HTML5 parser) (#22879)
* fix: allow verification when page size exceeds 1MB
Truncates the page after 1MB instead

Closes #15316

* switch to HTML5 parser, fix rubocop errors

* undo rubocop fixes

Co-authored-by: Chris Zubak-Skees <chriszs@gmail.com>
2023-01-11 21:59:13 +01:00
Jeremy Kescher
48373a71e3
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile.lock
#	app/javascript/flavours/glitch/components/status_action_bar.js
#	app/javascript/flavours/glitch/containers/status_container.js
#	app/javascript/flavours/glitch/features/status/components/action_bar.js
#	app/javascript/flavours/glitch/locales/de.json
#	app/javascript/flavours/glitch/locales/fr.json
#	app/javascript/mastodon/components/status_action_bar.js
#	app/javascript/mastodon/features/status/components/action_bar.js
#	config/locales-glitch/de.yml
#	config/locales-glitch/fr.yml
#	config/locales-glitch/simple_form.de.yml
#	config/locales-glitch/simple_form.fr.yml
2023-01-05 23:29:53 +01:00
Claire
6c20dad201 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated its README, while we have a completely different one.
  Kept our README.
- `app/controllers/concerns/web_app_controller_concern.rb`:
  Conflict because of glitch-soc's theming system.
  Additionally, glitch-soc has different behavior regarding moved accounts.
  Ported some of the changes, but kept our overall behavior.
- `app/javascript/packs/admin.js`:
  Code changes actually applied to `app/javascript/core/admin.js`
2023-01-05 14:16:25 +01:00
Claire
18fb01ef7c
Fix possible race conditions when suspending/unsuspending accounts (#22363)
* Fix possible race conditions when suspending/unsuspending accounts

* Fix tests

Tests were assuming SuspensionWorker and UnsuspensionWorker would do the
suspending/unsuspending themselves, but this has changed.
2023-01-05 13:47:21 +01:00
Jeong Arm
fdd1facba1
Fix home TL could contain post from who blocked me (#22849)
* Fix home tl contains post from who blocked me

* Add test

* Fix feed_manager's build_crutches

blocked_by was not includes status' owner

* Add test for status from I blocked

* Fix typo
2023-01-05 13:30:38 +01:00
Partho Ghosh
115ab2869b
Fix ・ detection in hashtag regex to construct hashtag correctly (#22888)
* Fix ・ detection in hashtag regex to construct hashtag correctly

* Fixed rubocop liniting issues

* More rubocop linting fix
2023-01-04 02:12:48 +01:00
Jeremy Kescher
0406f173cf
Merge remote-tracking branch 'reactions/main' into develop
# Conflicts:
#	app/javascript/flavours/glitch/locales/de.js
2022-12-17 11:09:32 +01:00
Jeremy Kescher
a1a1d08890
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	Gemfile.lock
2022-12-16 17:53:33 +01:00
Claire
f3a4d57be1 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Discarded upstream changes: we have our own README
- `app/controllers/follower_accounts_controller.rb`:
  Port upstream's minor refactoring
2022-12-15 20:25:25 +01:00
Claire
70415714f1
Add follow request banner on account header (#20785)
* Add requested_by to relationship maps

* Display whether an account has requested to follow you on their profile
2022-12-15 18:50:11 +01:00
Claire
8556a649d5
Fix changing domain block severity not undoing individual account effects (#22135)
* Fix changing domain block severity not undoing individual account effects

Fixes #22133

* Add tests
2022-12-15 17:45:02 +01:00
Jeong Arm
d412147d02
Save avatar or header correctly even if other one fails (#18465)
* Save avatar or header correctly if other one fails

* Fix test
2022-12-15 17:11:14 +01:00
Neil Matatall
1f5740e65c
Use Rails tag API to build RSS feed for spoilers and polls (#20163)
* Use Rails tag API to build RSS feed for spoilers and polls

While the previous method did not contain a bug or a potential issue,
the tag API can be very resilient against future problems and reduces the
amount of manual management of the escape status of the content.

I've added tests to ensure that the formatting is broken and still
escapes control characters correctly.

* this seems cleaner and passes

* Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself

* whoops, tag helper doesn't use a self-closing tag
2022-12-15 16:39:41 +01:00
Ikko Ashimine
baecdf2882
Fix typo in application_helper_spec.rb (#20981)
enviroment -> environment
2022-12-15 16:20:55 +01:00
Francis Murillo
5fb1c3e934
Revoke all authorized applications on password reset (#21325)
* Clear sessions on password change

* Rename User::clear_sessions to revoke_access for a clearer meaning

* Add reset paassword controller test

* Use User.find instead of User.find_for_authentication for reset password test

* Use redirect and render for better test meaning in reset password

Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 15:47:06 +01:00
Meisam
6cdbc345f4
Validate nodeinfo response by schema (#21395)
* add json-schema to :test in Gemfile

* Create node_info_2.0_schema.json

* test match_response_schema

* Create match_response_schema.rb

* Update nodeinfo_controller_spec.rb

* Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json

* Update match_response_schema.rb

* cleanup

* additionally validate the json schema itself

disable throwing errors

test the schema matcher

* rename nodeinfo schema to nodeinfo_2.0

* use Rails.root.join to construct the path

* prettify json

* sync Gemfile.lock
2022-12-15 15:43:05 +01:00
fef
c3d4a644cf
add backend support for status emoji reactions
turns out we can just reuse the code for
announcement reactions.
2022-12-09 23:04:10 +01:00
Jeremy Kescher
7e19321520
Merge remote-tracking branch 'upstream/main' into develop 2022-12-07 17:49:14 +01:00
Claire
9a3d91f629 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/concerns/domain_materializable.rb`:
  Fixed a code style issue upstream in a PR that got merged in glitch-soc
  earlier.
  Changed the code to match upstream's.
2022-12-07 09:03:42 +01:00
Claire
b59fb28e90
Fix 500 error when trying to migrate to an invalid address (#21462)
* Fix 500 error when trying to migrate to an invalid address

* Add tests
2022-12-07 02:35:39 +01:00
Francis Murillo
f6492a7c4d
Log admin approve and reject account (#22088)
* Log admin approve and reject account

* Add unit tests for approve and reject logging
2022-12-07 00:25:18 +01:00
Claire
c8849d6cee
Fix unbounded recursion in account discovery (#22025)
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2022-12-07 00:15:24 +01:00
Claire
69137f4a90
Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988)
Fixes #21965
2022-12-07 00:10:53 +01:00
Jeremy Kescher
8a24bef2e3
Fix Redis warnings regarding version 5.0.0 2022-12-04 22:35:48 +01:00
Claire
fe523a3045
Fix unbounded recursion in account discovery (#1994)
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2022-12-04 21:23:19 +01:00
kibigo!
2cabc5d188
Use a tree‐based approach for advanced text formatting (#1907)
* Use a tree‐based approach for adv. text formatting

Sanitizing HTML/Markdown means parsing the content into an HTML tree
under‐the‐hood anyway, and it is more accurate to do mention/hashtag
replacement on the text nodes in that tree than it is to try to hack it
in with regexes et cetera.

This undoes the overrides of `#entities` and `#rewrite` on
`AdvancedTextFormatter` but also stops using them, instead keeping
track of the parsed Nokogiri tree itself and using that in the `#to_s`
method.

Internally, this tree uses `<mastodon-entity>` nodes to keep track of
hashtags, links, and mentions. Sanitization is moved to the beginning,
so it should be known that these do not appear in the input.

* Also disallow entities inside of `<code>`

I think this is generally expected behaviour, and people are annoyed
when their code gets turned into links/hashtags/mentions.

* Minor cleanup to AdvancedTextFormatter

* Change AdvancedTextFormatter to rewrite entities in one pass and sanitize at the end

Also, minor refactoring to better match how other formatters are organized.

* Add some tests

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-02 10:29:42 +01:00
Claire
a2e7997592 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Our README is completely different.
  Discarded upstream changes.
2022-11-28 11:33:34 +01:00
Claire
625216d8e1
Fix attachments of edited statuses not being fetched (#21565)
* Fix attachments of edited statuses not being fetched

* Fix tests
2022-11-27 20:39:05 +01:00
Claire
ff42233aae Merge branch 'main' into glitch-soc/merge-upstream 2022-11-22 10:28:43 +01:00
Claire
51a33ce77a
Fix not being able to follow more than one hashtag (#21285)
Fixes regression from #20860
2022-11-21 10:35:09 +01:00
David Leadbeater
69378eac99
Don't allow URLs that contain non-normalized paths to be verified (#20999)
* Don't allow URLs that contain non-normalized paths to be verified

This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".

Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.

* missing do
2022-11-20 19:28:13 +01:00
Claire
aec61a703f Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream changed how docker images were built, including how
  they were cached.
  I don't know much about it, so applied upstream's changes.
- `app/controllers/admin/domain_blocks_controller.rb`:
  The feature, that was in glitch-soc, got backported upstream.
  It also had a few fixes upstream, so those have been ported!
- `app/javascript/packs/admin.js`:
  Glitch-soc changes have been backported upstream. As a result,
  some code from `app/javascript/core/admin.js` got added upstream.
  Kept our version since our shared Javascript already has that feature.
- `app/models/user.rb`:
  Upstream added something to distinguish unusable and unusable-because-moved
  accounts, while glitch-soc considers moved accounts usable.
  Took upstream's code for `functional_or_moved?` and made `functional?`
  call it.
- `app/views/statuses/_simple_status.html.haml`:
  Upstream cleaned up code style a bit, on a line that we had custom changes
  for.
  Applied upstream's change while keeping our change.
- `config/initializers/content_security_policy.rb`:
  Upstream adopted one CSP directive we already had.
  The conflict is because of our files being structurally different, but the
  change itself was already part of glitch-soc.
  Kept our version.
2022-11-17 12:01:37 +01:00
Rose
4f15fd0ba1
Fix style for hashes (#20518)
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
2022-11-17 11:05:39 +01:00
lenore gilbert
c373148b3d
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597)
* Allow import/export of instance-level domain blocks/allows (#1754)

* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround

(cherry picked from commit 94e98864e3)

* Add confirmation page when importing blocked domains (#1773)

* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains

(cherry picked from commit b91196f4b7)

* Fix authorization check in domain blocks controller

(cherry picked from commit 7527937758)

* Fix error strings for domain blocks and email-domain blocks

Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"

* Ran i18n-tasks normalize to address test failure

* Removed unused admin.export_domain_blocks.not_permitted string

Removing unused string as indicated by Check i18n

* Fix tests

(cherry picked from commit 9094c2f52c)

* Fix domain block export not exporting blocks with only media rejection

(cherry picked from commit 26ff48ee48)

* Fix various issues with domain block import

- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded

(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)

Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
Joshua Wood
daf6f3453e
Handle links with no href in VerifyLinkService (#20741)
Before this change, the following error would cause VerifyAccountLinksWorker to fail:

NoMethodError: undefined method `downcase' for nil:NilClass
  [PROJECT_ROOT]/app/services/verify_link_service.rb:31 :in `block in link_back_present?`
2022-11-17 10:59:35 +01:00
Claire
767630be24 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile`:
  Upstream removed blank lines.
2022-11-14 20:27:31 +01:00
Eugen Rochko
21fd25a269
Fix rate limiting for paths with formats (#20675) 2022-11-14 20:26:31 +01:00
Claire
32c70d2f09 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/announcements/edit.html.haml`:
  Upstream change too close to theming-related glitch-soc change.
  Ported upstream changes.
- `app/views/admin/announcements/new.html.haml`
  Upstream change too close to theming-related glitch-soc change.
  Ported upstream changes.
2022-11-14 08:35:55 +01:00
trwnh
b59ce0a60f
Move V2 Filter methods under /api/v2 prefix (#20622)
* Move V2 Filter methods under /api/v2 prefix

* move over the tests too
2022-11-14 08:34:07 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted (#19474)
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API (#20626)
Fix #19156
2022-11-14 08:06:06 +01:00
Hampton Lintorn-Catlin
147d8bd8fc
Support UTF-8 Characters in Domains During CSV Import (#20592)
* Support UTF-8 Characters in Domains During Import

* Update Changelong
2022-11-14 05:52:13 +01:00
Emily Strickland
c2231539c7
Test blank account field verifiability (#20458)
* Test blank account field verifiability

This change tests the need for #20428, which ensures that we guard against a situation in which `at_xpath` returns `nil`.

* Test verifiability of blank fields for remote account profiles

This adds a counterpart test for remote account profiles' fields' verifiability when those fields are blank. I previously added the same test for local accounts.
2022-11-13 21:02:09 +01:00
Claire
93912f0498 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Conflict because we (glitch-soc) have disabled trending of posts without
  review.
  Discarded that upstream change.
- `app/views/admin/settings/discovery/show.html.haml`:
  Just an extra setting in glitch-soc.
  Kept that extra setting.
2022-11-12 13:28:03 +01:00
F
d4f973227c
Test the native_locale_name of a non-standard locale (#20284)
`:en` is English for both `standard_locale_name` and
`native_locale_name`, and so makes for a poor test candidate for
differentiating between them.
2022-11-11 00:06:18 +01:00
Claire
c118918520 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/custom_emoji.rb`:
  Not a real conflict, just upstream changing a line too close to
  a glitch-soc-specific validation.
  Applied upstream changes.
- `app/models/public_feed.rb`:
  Not a real conflict, just upstream changing a line too close to
  a glitch-soc-specific parameter documentation.
  Applied upstream changes.
2022-11-10 09:36:47 +01:00
Eugen Rochko
9965a23b04
Change link verification to ignore IDN domains (#20295)
Fix #3833
2022-11-10 06:27:45 +01:00
Eugen Rochko
e98833748e
Fix being able to spoof link verification (#20217)
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2022-11-09 08:24:21 +01:00
luzpaz
6ba52306f9
Fix typos (#19849)
Found via `codespell -q 3 -S ./yarn.lock,./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,followings,keypair,medias,pattens,pixelx,rememberable,ro,te`
2022-11-08 17:32:03 +01:00
Roni Laukkarinen
36b0ff57b7
Fix grammar (#20106) 2022-11-08 16:35:42 +01:00
Claire
a8c854b3ea Merge branch 'main' into glitch-soc/merge-upstream 2022-11-08 15:44:57 +01:00
Claire
bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018)
* Fix followers count not being updated when migrating follows

Fixes #19900

* Fix validation error in SynchronizeFeaturedTagsCollectionWorker

Also saves remote user's chosen case for hashtags

* Limit remote featured tags before validation
2022-11-07 22:35:53 +01:00
Claire
be7032b9cf Merge branch 'main' into glitch-soc/merge-upstream 2022-11-07 19:53:30 +01:00
Claire
3114c826a7
Fix filter handling in status cache hydration (#19963) 2022-11-07 19:47:48 +01:00
Claire
5925a31b78
Fix followers count not being updated when migrating follows (#19998)
Fixes #19900
2022-11-07 15:38:55 +01:00
Claire
0ad919b192 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/features/compose/components/poll_form.js`:
  glitch-soc change because of having changed the default number of
  available poll options.
  Applied upstream's changes while keeping glitch-soc's default number of
  poll options.
- `public/oops.png`:
  We had a minor graphics change, probably not worth diverging from upstream.
  Took upstream version.
2022-11-06 09:50:41 +01:00
Claire
bb89f83cc0
Fix additional issues with status cache hydration (#19747)
* Spare one SQL query when hydrating polls

* Improve tests

* Fix more discrepancies

* Fix possible crash when the status has no application set
2022-11-04 20:01:33 +01:00
Claire
03b991de6c
Fix various issues with store hydration (#19746)
- Improve tests
- Fix possible crash when application of a reblogged post isn't set
- Fix discrepancies around favourited and reblogged attributes
- Fix discrepancies around pinned attribute
- Fix polls not being hydrated
2022-11-04 19:33:16 +01:00
Eugen Rochko
5f9e47be34
Add caching for payload serialization during fan-out (#19642) 2022-11-04 13:21:06 +01:00
Claire
4fb0aae636
Change mentions of blocked users to not be processed (#19725)
Fixes #19698
2022-11-04 13:19:12 +01:00
Claire
9387beb3b3
Change flaky AccountSearchService test (#19650) 2022-11-03 23:12:08 +01:00
Claire
1dca08b76f
Fix admin action logs page (#19649)
* Add tests

* Fix crash when trying to display orphaned action logs

* Add migration for older admin action logs
2022-11-03 16:06:42 +01:00
pea-sys
c68e6b52d9
png optimization(loss less) (#19630) 2022-11-01 15:06:52 +01:00
Eugen Rochko
d0ba77047e
Change max. thumbnail dimensions to 640x360px (360p) (#19619) 2022-11-01 13:01:39 +01:00
Claire
eee36267d6 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/locales/ja.json`:
  Upstream change too close to a glitch-soc-specific string.
  The glitch-soc-specific string should not have been in this file, so it
  has been moved to `app/javascript/flavours/glitch/locales/ja.js`.
- `app/javascript/packs/public.js`:
  Upstream refactored a part, that as usual is split and duplicated in various
  pack files. Updated those pack files accordingly.
- `app/views/layouts/application.html.haml`:
  Upstream fixed custom.css path in a different way than we did, went with
  upstream's change.
2022-10-30 18:15:28 +01:00
Eugen Rochko
40c7f3e830
Fix account action type validation (#19476)
* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
2022-10-30 02:44:32 +02:00
Claire
bbdf61c9e4 Revert Home controller test to upstream 2022-10-28 20:12:04 +02:00
Claire
cb19be67d1 Merge branch 'main' into glitch-soc/merge-upstream 2022-10-28 19:23:58 +02:00
Eugen Rochko
f8ca3bb2a1
Add ability to view previous edits of a status in admin UI (#19462)
* Add ability to view previous edits of a status in admin UI

* Change moderator access to posts to be controlled by a separate policy
2022-10-26 13:42:29 +02:00
Eugen Rochko
bf0ab3e0fa
Fix vacuum scheduler missing lock, locks never expiring (#19458)
Remove vacuuming of orphaned preview cards
2022-10-26 12:10:48 +02:00
Eugen Rochko
1ae508bf2f
Change unauthenticated search to not support pagination in REST API (#19326)
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-26 12:10:02 +02:00
Eugen Rochko
7c152acb2c
Change settings area to be separated into categories in admin UI (#19407)
And update all descriptions
2022-10-22 11:44:41 +02:00
Yamagishi Kazutoshi
94feb2b93f
Fix FetchFeaturedCollectionService spec (#19401)
Regression from #19380
2022-10-21 11:48:22 +02:00
Eugen Rochko
839f893168
Change public accounts pages to mount the web UI (#19319)
* Change public accounts pages to mount the web UI

* Fix handling of remote usernames in routes

- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict

* Fix missing `multiColumn` prop

* Fix failing test

* Use `discoverable` attribute to control indexing directives

* Fix `<ColumnLoading />` not using `multiColumn`

* Add `noindex` to accounts in REST API

* Change noindex directive to not be rendered by default before a route is mounted

* Add loading indicator for detailed status in web UI

* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Eugen Rochko
1bd00036c2
Change about page to be mounted in the web UI (#19345) 2022-10-13 14:42:37 +02:00
Eugen Rochko
b04633a961
Add image processing and generate blurhash for server thumbnail (#19348)
Remove separate server hero setting
2022-10-13 11:29:19 +02:00
Yamagishi Kazutoshi
7afc6a630c
Redirect non-logged-in user to owner statuses on single user mode (#19333) 2022-10-12 21:07:30 +02:00
Eugen Rochko
bf3cb42da7 Add server banner to web app, add GET /api/v2/instance to REST API (#19294)
Cherry-picked d2528b26b6

Conflicts:
- `app/serializers/initial_state_serializer.rb`:
  Upstream changed stuff, we had extra attributes.
  Applied upstream changes while keeping our extra attributes.
- `app/serializers/rest/instance_serializer.rb`:
  Upstream actually moved that to `app/serializers/rest/v1/instance_serializer.rb`,
  so updated that file by keeping our extra attributes, and took upstream's
  version of `app/serializers/rest/instance_serializer.rb`.
- `spec/views/about/show.html.haml_spec.rb`:
  Took upstream's version.
2022-10-09 19:51:39 +02:00
Eugen Rochko
d86cb4cab8 [Glitch] Allow non-logged users to access /web
Port 43b5d5e38d to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-10-09 18:23:15 +02:00
Eugen Rochko
45ebdb72ca
Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
Eugen Rochko
93f340a4bf
Remove setting that disables account deletes (#17683) 2022-10-06 10:16:47 +02:00
Eugen Rochko
62782babd0
Change public statuses pages to mount the web UI (#19301) 2022-10-06 02:26:34 +02:00
Eugen Rochko
58d5b28cb0
Remove previous landing page (#19300) 2022-10-06 02:19:45 +02:00
Eugen Rochko
9f65909f42
Change public timelines to be filtered by current locale by default (#19291)
In the absence of an opt-in to multiple specific languages in the
preferences, it makes more sense to filter by the user's presumed
language only (interface language or `lang` override)
2022-10-05 03:48:06 +02:00
Eugen Rochko
d2528b26b6
Add server banner to web app, add GET /api/v2/instance to REST API (#19294) 2022-10-05 03:47:56 +02:00
Eugen Rochko
02ba9cfa35
Remove code for rendering public and hashtag timelines outside the web UI (#19257) 2022-10-04 20:13:46 +02:00
Claire
e7ab476db2 Revert server-side part of "Add logged-out access to the web UI" 2022-10-02 19:36:28 +02:00
Claire
221580a3af Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/home_controller.rb`:
  Upstream made it so `/web` is available to non-logged-in users
  and `/` redirects to `/web` instead of `/about`.
  Kept our version since glitch-soc's WebUI doesn't have what's
  needed yet and I think /about is still a much better landing
  page anyway.
- `app/models/form/admin_settings.rb`:
  Upstream added new settings, and glitch-soc had an extra setting.
  Not really a conflict.
  Added upstream's new settings.
- `app/serializers/initial_state_serializer.rb`:
  Upstream added a new `server` initial state object.
  Not really a conflict.
  Merged upstream's changes.
- `app/views/admin/settings/edit.html.haml`:
  Upstream added new settings.
  Not really a conflict.
  Merged upstream's changes.
- `app/workers/scheduler/feed_cleanup_scheduler.rb`:
  Upstream refactored that part and removed the file.
  Ported our relevant changes into `app/lib/vacuum/feeds_vacuum.rb`
- `config/settings.yml`:
  Upstream added new settings.
  Not a real conflict.
  Added upstream's new settings.
2022-10-02 18:46:22 +02:00
Eugen Rochko
36f4c32a38
Change path of privacy policy page (#19249) 2022-09-29 06:22:12 +02:00
Eugen Rochko
43b5d5e38d
Add logged-out access to the web UI (#18961) 2022-09-29 04:39:33 +02:00
Eugen Rochko
5c9abdeff1
Add retention policy for cached content and media (#19232) 2022-09-27 03:08:19 +02:00
Claire
7165e89362
Add tests to ActivityPub::FetchRemoteKeyService (#19226) 2022-09-24 08:33:27 +02:00
Claire
26c51cfa07
Fix various rspec warnings in ReportService tests (#19189)
* Fix various rspec warnings in ReportService tests

* Add tests to ReportService
2022-09-21 22:46:35 +02:00
Claire
8cf7006d4e
Refactor ActivityPub handling to prepare for non-Account actors (#19212)
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-21 22:45:57 +02:00
Eugen Rochko
50948b46aa
Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
Claire
1145dbd327
Improve error reporting and logging when processing remote accounts (#15605)
* Add a more descriptive PrivateNetworkAddressError exception class

* Remove unnecessary exception class to rescue clause

* Remove unnecessary include to JsonLdHelper

* Give more neutral error message when too many webfinger redirects

* Remove unnecessary guard condition

* Rework how “ActivityPub::FetchRemoteAccountService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteAccountService#call (default/previous behavior).

* Rework how “ActivityPub::FetchRemoteKeyService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteKeyService#call (default/previous behavior).

* Fix Webfinger::RedirectError not being a subclass of Webfinger::Error

* Add suppress_errors option to ResolveAccountService

Defaults to true (to preserve previous behavior). If set to false,
errors will be raised instead of caught, allowing the caller to be
informed of what went wrong.

* Return more precise error when failing to fetch account signing AP payloads

* Add tests

* Fixes

* Refactor error handling a bit

* Fix various issues

* Add specific error when provided Digest is not 256 bits of base64-encoded data

* Please CodeClimate

* Improve webfinger error reporting
2022-09-20 23:30:26 +02:00
luzpaz
4aa3b9bd01
Fix typos (#18604)
* Fix typos

Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,pixelx,ro`

* Follow-up typo fix
2022-08-28 17:44:34 +02:00
Claire
077183a121 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/settings/preferences_controller.rb`:
  Upstream dropping `digest` from notifications emails while we have more
  notification emails settings.
  Removed `digest` from our list while keeping our extra settings.
- `app/javascript/packs/admin.js`:
  Conflicts caused by glitch-soc's theming system.
  Applied the changes to `app/javascript/core/admin.js`.
- `app/views/settings/preferences/other/show.html.haml`:
  Upstream removed a setting close to a glitch-soc-only setting.
  Applied upstream's change.
2022-08-28 11:31:00 +02:00
Eugen Rochko
0b3e4fd5de
Remove digest e-mails (#17985)
* Remove digest e-mails

* Remove digest-related code
2022-08-25 23:38:22 +02:00
Eugen Rochko
0396acf39e
Add audit log entries for user roles (#19040)
* Refactor audit log schema

* Add audit log entries for user roles
2022-08-25 20:39:40 +02:00
Claire
2d1d4210f9 Merge branch 'main' into glitch-soc/merge-upstream 2022-08-25 05:07:39 +02:00
Claire
50487db122
Add ability to filter individual posts (#18945)
* Add database table for status-specific filters

* Add REST endpoints, entities and attributes

* Show status filters in /filters interface

* Perform server-side filtering for individual posts filters

* Fix filtering on context mismatch

* Refactor `toServerSideType` by moving it to its own module

* Move loupe and delete icons to their own module

* Add ability to filter individual posts from WebUI

* Replace keyword list by warnings (expired, context mismatch)

* Refactor server-side filtering code

* Add tests
2022-08-25 04:27:47 +02:00
Eugen Rochko
0412a4d03e
Change e-mail domain blocks to match subdomains of blocked domains (#18979) 2022-08-24 19:00:55 +02:00
Eugen Rochko
d83faa1a89
Add ability to block sign-ups from IP (#19037) 2022-08-24 19:00:37 +02:00
Claire
0b37299775 Merge branch 'main' into glitch-soc/merge-upstream 2022-08-21 14:39:25 +02:00
Claire
461239db5d
Fix backend compatibility with OpenSSL 3.0 (#18449)
* Update webpush to fork with OpenSSL 3 compatibility

* Fix tests with OpenSSL 3.0

* Update webauthn gem to latest release and update dependencies
2022-08-17 22:06:48 +01:00
Claire
cd87d7dcef Merge branch 'main' into glitch-soc/merge-upstream
- `.env.production.sample`:
  Our sample config file is very different from upstream since it is much more
  complete. Upstream added documentation for a few env variables.
  Copied the new variables/documentation from upstream.
- `app/lib/feed_manager.rb`:
  Upstream added a timeline type (hashtags), while glitch-soc already had an
  extra one (direct messages). Not really a conflict but textually close
  changes.
  Ported upstream's changes.
- `app/models/custom_emoji.rb`:
  Upstream upped the custom emoji size limit, while glitch-soc had configurable
  limits.
  Upped the default limits accordingly.
- `streaming/index.js`:
  Upstream reworked how hastags were normalized. Minor conflict due to
  glitch-soc's handling of instance-local posts.
  Ported upstream's changes.
2022-07-17 22:07:20 +02:00
Eugen Rochko
c3f0621a59
Add ability to follow hashtags (#18809) 2022-07-17 13:49:29 +02:00
Eugen Rochko
e7aa2be828
Change how hashtags are normalized (#18795)
* Change how hashtags are normalized

* Fix tests
2022-07-13 15:03:28 +02:00
Claire
9094c2f52c Fix tests 2022-07-05 13:17:57 +02:00
Claire
92c06a1113 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/admin/base_controller.rb`:
  Minor conflict caused by glitch-soc's theming system.
- `app/javascript/mastodon/initial_state.js`:
  Minor conflict caused by glitch-soc making use of max_toot_chars.
- `app/models/form/admin_settings.rb`:
  Minor conflict caused by glitch-soc's theming system.
- `app/models/trends.rb`:
  Minor conflict caused by glitch-soc having more granular
  notification settings for trends.
- `app/views/admin/accounts/index.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/admin/instances/show.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/layouts/application.html.haml`:
  Minor conflict caused by glitch-soc's theming system.
- `app/views/settings/preferences/notifications/show.html.haml`:
  Minor conflict caused by glitch-soc having more granular
  notification settings for trends.
- `config/navigation.rb`:
  Minor conflict caused by glitch-soc having additional
  navigation items for the theming system while upstream
  slightly changed every line.
2022-07-05 09:33:44 +02:00
Claire
7cc76b823a Merge branch 'main' into glitch-soc/merge-upstream 2022-07-05 08:49:22 +02:00
Eugen Rochko
44b2ee3485
Add customizable user roles (#18641)
* Add customizable user roles

* Various fixes and improvements

* Add migration for old settings and fix tootctl role management
2022-07-05 02:41:40 +02:00
Claire
1b4054256f
Fix crash when a remote Flag activity mentions a private post (#18760)
* Add tests

* Fix crash when a remote Flag activity mentions a private post
2022-07-04 11:08:30 +02:00
Claire
fe5f6bc7ed Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Fix erroneous deletion in a previous merge.
- `Gemfile`:
  Conflict caused by glitch-soc-only hCaptcha dependency
- `app/controllers/auth/sessions_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
- `app/controllers/filters_controller.rb`:
  Minor conflict due to glitch-soc's theming system.
- `app/serializers/rest/status_serializer.rb`:
  Minor conflict due to glitch-soc having an extra `local_only` property
2022-06-28 11:11:18 +02:00
Claire
02851848e9
Revamp post filtering system (#18058)
* Add model for custom filter keywords

* Use CustomFilterKeyword internally

Does not change the API

* Fix /filters/edit and /filters/new

* Add migration tests

* Remove whole_word column from custom_filters (covered by custom_filter_keywords)

* Redesign /filters

Instead of a list, present a card that displays more information and handles
multiple keywords per filter.

* Redesign /filters/new and /filters/edit to add and remove keywords

This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.

* Add /api/v2/filters to edit filter with multiple keywords

Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
  `keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`

API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
  `keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
  `keywords_attributes` can also be passed to edit, delete or add keywords in
   one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
   filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword

* Change from `irreversible` boolean to `action` enum

* Remove irrelevent `irreversible_must_be_within_context` check

* Fix /filters/new and /filters/edit with update for filter_action

* Fix Rubocop/Codeclimate complaining about task names

* Refactor FeedManager#phrase_filtered?

This moves regexp building and filter caching to the `CustomFilter` class.

This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.

* Perform server-side filtering and output result in REST API

* Fix numerous filters_changed events being sent when editing multiple keywords at once

* Add some tests

* Use the new API in the WebUI

- use client-side logic for filters we have fetched rules for.
  This is so that filter changes can be retroactively applied without
  reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
  (e.g. network error, or initial timeline loading)

* Minor optimizations and refactoring

* Perform server-side filtering on the streaming server

* Change the wording of filter action labels

* Fix issues pointed out by linter

* Change design of “Show anyway” link in accordence to review comments

* Drop “irreversible” filtering behavior

* Move /api/v2/filter_keywords to /api/v1/filters/keywords

* Rename `filter_results` attribute to `filtered`

* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer

* Fix systemChannelId value in streaming server

* Simplify code by removing client-side filtering code

The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
2022-06-28 09:42:13 +02:00
Claire
35588d09e2
Add /api/v1/admin/domain_allows (#18668)
- `GET /api/v1/admin/domain_allows` lists allowed domains
- `GET /api/v1/admin/domain_allows/:id` shows one by ID
- `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list
  of allowed domains
- `POST /api/v1/admin/domain_allows` to allow a new domain:
  if that domain is already allowed, the existing DomainAllow will be returned
2022-06-23 23:12:01 +02:00
Claire
327eed0076
Fix suspicious sign-in mails never being sent (#18599)
* Add tests

* Fix suspicious sign-in mails never being sent
2022-06-21 15:16:22 +02:00
Claire
15929a3d59 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Our README is completely different. Discarded upstream changes.
- `app/javascript/packs/mailer.js`:
  We had removed the file. Move the changes to `app/javascript/core/mailer.js`.
2022-06-11 00:08:41 +02:00
Claire
edaaf6a5e9 Merge branch 'main' into glitch-soc/merge-upstream 2022-06-10 11:51:43 +02:00
Eugen Rochko
45aa5781ce
Change brand color and logotypes (#18592)
- Add rake task for generating Apple/Android icons and favicons from SVG
- Add rake task for generating PNG icons and logos for e-mails from SVG
- Remove obsolete Microsoft icons and configuration
- Remove PWA shortcut icons
2022-06-09 22:25:23 +02:00
Eugen Rochko
a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
2022-06-09 21:57:36 +02:00
Claire
25a46d9e59 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/styles/fonts/montserrat.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto-mono.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto.scss`:
  Code style changes upstream, path changes in glitch-soc.
  Applied upstream's code style changes.
- `app/models/account.rb`:
  Textual conflict only caused by glitch-soc using a different value
  for character limits in a nearby line.
  Applied upstream's changes.
- `app/views/statuses/_simple_status.html.haml`:
  Attribute added to a tag modified by glitch-soc.
  Added upstream's attributes.
- `yarn.lock`:
  Upstream added/updated dependencies close to glitch-soc-only ones.
  Updated/added upstream dependencies.
2022-06-02 09:49:38 +02:00
Claire
3f14260574
Add StatusRelationshipsPresenter specs (#18588) 2022-06-01 19:09:37 +02:00
Claire
28329ba62f
Add /api/v1/admin/domain_blocks (#18247)
* Add /api/v1/admin/domain_blocks

Fixes #18140

- `GET /api/v1/admin/domain_blocks` lists domain blocks
- `GET /api/v1/admin/domain_blocks/:id` shows one by ID
- `DELETE /api/v1/admin/domain_blocks/:id` deletes a given domain block
- `POST /api/v1/admin/domain_blocks` to create a new domain block:
  if it conflicts with an existing one, returns an error with
  an attribute `existing_domain_block` with the rendered domain block

* Simplify conflict handling as suggested in review
2022-06-01 17:31:36 +02:00
Claire
e34dd3644c
Remove unused filtered_languages column (#18533)
* Remove unused `filtered_languages` column

Fixes #18522

* Fix tests
2022-05-27 20:05:22 +02:00
Claire
f13d910f3e Merge branch 'main' into glitch-soc/merge-upstream 2022-05-26 18:34:27 +02:00
Claire
440eb71310
Change unapproved and unconfirmed account to not be accessible in the REST API (#17530)
* Change unapproved and unconfirmed account to not be accessible in the REST API

* Change Account#searchable? to reject unconfirmed and unapproved users

* Disable search for unapproved and unconfirmed users in Account.search_for

* Disable search for unapproved and unconfirmed users in Account.advanced_search_for

* Remove unconfirmed and unapproved accounts from Account.searchable scope

* Prevent mentions to unapproved/unconfirmed accounts

* Fix some old tests for Account.advanced_search_for

* Add some Account.advanced_search_for tests for existing behaviors

* Add some tests for Account.search_for

* Add Account.advanced_search_for tests unconfirmed and unapproved accounts

* Add Account.searchable tests

* Fix Account.without_unapproved scope potentially messing with previously-applied scopes

* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup

This is so that the API can still be used to check whether an username is free
to use.
2022-05-26 15:50:33 +02:00
Claire
3fd2aadb23
Various code cleanup (#1782)
* Remove duplicate in_chosen_languages definition

* Use `DEFAULT_FIELDS_SIZE` instead of `MAX_FIELDS` to reduce code differences with upstream

* Remove duplicate annotation

* Fix incorrect cross-flavor imports

* Remove deprecated `hide_network` setting (replaced by account column)

* Remove unused KeywordMutesHelper

* Remove trailing spaces

* Remove commit_hash from InstancePresenter, as it has been unused since mid-2017
2022-05-25 12:27:11 +02:00
Claire
22111914bf Merge branch 'main' into glitch-soc/merge-upstream 2022-05-24 13:59:21 +02:00
Claire
55ba907108 Add test 2022-05-24 10:26:04 +02:00
Claire
e0bdaeab65
Fix NoMethodError when resolving a link that redirects to a local post (#18314)
* Fix NoMethodError when resolving a link that redirects to a local post

* Fix tests
2022-05-17 14:52:26 +02:00
Claire
b91196f4b7
Add confirmation page when importing blocked domains (#1773)
* Move glitch-soc-specific strings to glitch-soc-specific locale files

* Add confirmation page when importing blocked domains
2022-05-16 18:26:49 +02:00
Levi Bard
94e98864e3
Allow import/export of instance-level domain blocks/allows (#1754)
* Allow import/export of instance-level domain blocks/allows.
Fixes #15095

* Pacify circleci

* Address simple code review feedback

* Add headers to exported CSV

* Extract common import/export functionality to
AdminExportControllerConcern

* Add additional fields to instance-blocked domain export

* Address review feedback

* Split instance domain block/allow import/export into separate pages/controllers

* Address code review feedback

* Pacify DeepSource

* Work around Paperclip::HasAttachmentFile for Rails 6

* Fix deprecated API warning in export tests

* Remove after_commit workaround
2022-05-16 09:29:01 +02:00
Claire
5fd8780b14 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Not really a conflict, upstream updated a dependency textually adjacent to a
  glitch-soc-only one.
  Updated the dependency as upstream did.
2022-05-11 09:37:48 +02:00
luzpaz
898fe2fa8e
Fix typo in source setted->set (#18385)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-05-10 04:58:04 +02:00
Eugen Rochko
2b8dc58b7f
Change RSS feeds (#18356)
* Change RSS feeds

- Use date and time for titles instead of ellipsized text
- Use full content in body, even when there is a content warning
- Use media extensions

* Change feed icons and add width and height attributes to custom emojis

* Fix custom emoji animate on hover breaking

* Fix tests
2022-05-09 07:43:08 +02:00
Claire
3869daef09 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Not really a conflict, upstream updated a dependency textually adjacent to a
  glitch-soc-only one.
  Updated the dependency as upstream did.
2022-05-03 10:16:49 +02:00
Claire
71d02ffcf3
Fix compatibility with Friendica regarding pinned posts (#18254)
* Fix multiple database queries when fetching pinned posts for remote account

* Fix compatibility with Friendica regarding pinned posts

Fixes #18066

* Add tests
2022-05-02 17:41:01 +02:00
Claire
392ca0472a Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/packs/admin.js`:
  Conflicts due to glitch-soc's theming system.
  Upstream changes have been ported to `app/javascript/core/admin.js`
- `app/models/trends/statuses.rb`:
  Minor conflict due to glitch-soc's option to allow CWed toots in trends.
  Ported upstream changes.
2022-05-01 16:52:27 +02:00
Eugen Rochko
f6d35ed57d
Remove IP matching from e-mail domain blocks (#18190)
Clear out e-mail domain blocks created from automatically resolved DNS records
2022-04-29 23:27:03 +02:00
Eugen Rochko
7b0fe4aef9
Fix opening and closing Redis connections instead of using a pool (#18171)
* Fix opening and closing Redis connections instead of using a pool

* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
Claire
01266e4d7f Merge branch 'main' into glitch-soc/merge-upstream 2022-04-28 23:41:53 +02:00
Claire
84d991988e
Fix temporary network/remote server error prevent from interactions with remote accounts (#18161)
* Fix temporary network/remote server error prevent from interactions with remote accounts

* Fix and add tests
2022-04-28 20:19:10 +02:00
Claire
f23f784f18 Merge branch 'main' into glitch-soc/merge-upstream 2022-04-28 18:16:42 +02:00
Eugen Rochko
3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Claire
fc1dd81ea5 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Not a real conflict, upstream dependency updated textually too close to a
  glitch-soc-only dependency.
  Updated the upstream dependency.
2022-04-27 08:48:21 +02:00
Claire
0360135d4d
Fix PeerTube videos appearing with an erroneous “Edited at” marker (#18100)
* Fix PeerTube videos appearing with an erroneous “Edited at” marker

PeerTube videos have an `updated` field equal to `published`.
When processing an incoming activity that has the same value for `updated` and
`published`, assume this doesn't represent an actual edit.

* Please CodeClimate
2022-04-26 21:25:26 +02:00
Claire
5c808ee0de Revert support from loading Home timeline from database
Unfortunately, the database query could turn out very inefficient and I did not
manage to find a way to improve that. Furthermore, there were still behavior
inconsistencies between fetching the timeline from Redis and fetching it from
Postgres.
2022-04-19 15:06:38 +02:00
Claire
ec4a8d81b1 Revert DM support in HomeFeed#from_database
Fixes #1746

Queries could get prohibitively expensive.
2022-04-16 21:28:46 +02:00
Claire
5db3a14388
Fix loading Home TL from database not respecting min_id and not including DMs (#1744)
* Rework tests

* Add tests

* Fix HomeFeed#get with min_id fetching from database

* Minor code cleanup and optimizations

* Add tests

* Take DMs into account when fetching home TL from database

* Fix not listing own DMs in Home timeline

* Add tests

* Please CodeClimate
2022-04-14 17:44:21 +02:00
Jeong Arm
d353bb5ee3
Implement infinity home timeline (#1610)
* Implement infinity home timeline

* Fix test for infinite home timeline

* Fix infinity home timeline with min_id

* Fix infinite home timeline duplicated statuses

* Codeclimate for infinite home timeline

* Refactor code as reviewed

* Fix redis sufficient check

* Fix typo on variable name
2022-04-12 17:52:14 +02:00
Claire
f2b2614d0a Fix link sanitization for outgoing text/html and text/markdown toots
Fixes #1739
2022-04-11 09:06:25 +02:00
Claire
489f250877 Merge branch 'main' into glitch-soc/merge-upstream 2022-04-07 15:03:54 +02:00
Claire
ce9dcbea32
Fix failure when sending warning emails with custom text (#17983)
* Add tests

* Fix failure when sending warning emails with custom text
2022-04-07 14:47:30 +02:00
Claire
b368c75029 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/concerns/sign_in_token_authentication_concern.rb`:
  Upstream removed this file, while glitch-soc had changes to deal with
  its theming system.
  Removed the file like upstream did.
2022-04-06 21:10:23 +02:00
Claire
8f91e304a5
Fix spurious edits and require incoming edits to be explicitly marked as such (#17918)
* Change post text edit to not be considered significant if it's identical after reformatting

* We don't need to clear previous change information anymore

* Require status edits to be explicit, except for poll tallies

* Fix tests

* Add some tests

* Add poll-related tests

* Add HTML-formatting related tests
2022-04-06 21:01:02 +02:00
Eugen Rochko
6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 2022-04-06 20:58:12 +02:00
Claire
fc5dd0c538 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-30 15:02:56 +02:00
Eugen Rochko
bbc7afa2a2
Fix being able to post URLs longer than 4096 characters (#17908) 2022-03-30 14:46:03 +02:00
Claire
51a297e128 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-30 13:40:10 +02:00
Claire
894956e20c
Fix /api/v1/admin/accounts (#17887)
* Fix /api/v1/admin/accounts

Compatibility was broken since #17009 which changed the underlying filter class
without changing the controller.

This commits restore support for the old parameters.

* Add /api/v2/admin/accounts with the new parameters

* Add tests

* Add missing filter for `silenced` status

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-28 23:57:38 +02:00
Claire
8d6f3f8a37 Fix code blocks processing 2022-03-28 23:40:45 +02:00
Claire
61cefbebf7 Add advanced text formatting back into glitch-soc 2022-03-28 22:21:37 +02:00
Claire
f313bf3e97 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-28 16:22:28 +02:00
Claire
30658924a8
Fix test-related issues (#17888)
* Remove obsolete RSS::Serializer test

Since #17828, RSS::Serializer no longer has specific code for deleted statuses,
but it is never called on deleted statuses anyway.

* Rename erroneously-named test files

* Fix failing test

* Fix test deprecation warnings

* Update CircleCI Ruby orb

1.4.0 has a bug that does not match all the test files due to incorrect
globbing
2022-03-28 12:43:58 +02:00
Claire
aaa9ec340b Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/formatter.rb`:
  Upstream completely refactored the formatting code and removed that file,
  while glitch-soc had code for Markdown and HTML toots.
  Took upstream code, glitch-soc changes will be re-implemented on top of the
  refactored classes in a later commit.
- `app/models/status.rb`:
  Upstream refactored status edit handling and moved code to
  `app/models/concerns/status_snapshot_concern.rb`.
  Applied glitch-soc's changes to that file.
- `app/serializers/activitypub/note_serializer.rb`:
  Not really a conflict, just a line added too close to one modified by
  glitch-soc.
  Applied upstream changes while keeping the glitch-soc-modified one.
- `app/services/update_status_service.rb`:
  Not really a conflict, upstream modified a line adjacent to one added by
  glitch-soc.
  Applied upstream changes while keeping the glitch-soc line.
- `app/views/statuses/_simple_status.html.haml`:
  Upstream refactored formatting, glitch-soc changed the markup slightly.
  Applied upstream changes.
- `spec/lib/formatter_spec.rb`:
  Upstream completely refactored the formatting code and removed that file,
  while glitch-soc had code for Markdown and HTML toots.
  Took upstream code, glitch-soc changes will be re-implemented on top of the
  refactored classes in a later commit.
2022-03-26 19:18:55 +01:00
Eugen Rochko
cefa526c6d
Refactor formatter (#17828)
* Refactor formatter

* Move custom emoji pre-rendering logic to view helpers

* Move more methods out of Formatter

* Fix code style issues

* Remove Formatter

* Add inline poll options to RSS feeds

* Remove unused helper method

* Fix code style issues

* Various fixes and improvements

* Fix test
2022-03-26 02:53:34 +01:00
Eugen Rochko
71f2b95106
Fix edits with no actual changes being allowed (#17843)
* Fix edits with no actual changes being allowed locally

* Fix edits with no actual changes being allowed through ActivityPub

* Fix false positive changes caused by description processing in model

* Fix not recording poll expiration update

* Fix test

* Revert changes to ProcessStatusUpdateService

* Various fixes and improvements

* Fix code style issues

* Various changes and improvements

* Add guard clause
2022-03-26 00:38:44 +01:00
Eugen Rochko
b58db8f12e
Add workaround for YouTube Shorts links (#17869)
* Add workaround for YouTube Shorts links

* Update link_details_extractor_spec.rb
2022-03-25 19:31:35 +01:00
Claire
c79a03b319 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream changed their README, we have a completely different one.
  Kept our README.
2022-03-15 20:45:27 +01:00
Eugen Rochko
e6ffbfb5e7
Add types param to GET /api/v1/notifications in REST API (#17767)
* Add `types` param to `GET /api/v1/notifications` in REST API

* Improve tests
2022-03-15 04:11:29 +01:00
Claire
8d4b5ee3ef Merge branch 'main' into glitch-soc/merge-upstream 2022-03-12 20:20:58 +01:00
Claire
92a86b958e
Fix issues with processing toot edits (#17748)
* Fix searching for an already-known status by URL not working

* Fix Update processing from statuses prior to 20220302232632

`ordered_media_attachment_ids_changed?` would return `true` when going from
`nil` to anything (including `[]`).

* Add tests
2022-03-12 19:33:10 +01:00
Claire
bb9a6fb5c2 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-12 11:51:25 +01:00
Eugen Rochko
ddbe906c25
Fix not updating a status when newer version is fetched manually (#17745) 2022-03-12 09:11:36 +01:00
Eugen Rochko
bc320d6cec
Fix POST /api/v1/emails/confirmations not being available after sign-up (#17743) 2022-03-12 04:14:25 +01:00
Claire
24e83246f9 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/status.rb`:
  Upstream updated media and edit-related code textually close to glitch-soc
  additions (local-only and content-type).
  Ported upstream changes.
- `app/models/status_edit.rb`:
  Upstream changes textually close to glitch-soc additions (content-type).
  Ported upstream changes.
- `app/serializers/activitypub/note_serializer.rb`:
  Upstream changed how media attachments are handled. Not really a conflict,
  but textually close to glitch-soc additions (directMessage attribute).
  Ported upstream changes.
- `app/services/remove_status_service.rb`:
  Upstream changed how media attachments are handled. Not really a conflict,
  but textually close to glitch-soc additions (DM timeline).
  Ported upstream changes.
- `app/services/update_status_service.rb`:
  Upstream fixed an issue with language selection. Not really a conflict,
  but textually close to glitch-soc additions (content-type).
  Ported upstream changes.
- `db/schema.rb`:
  Upstream added columns to the `status_edits` table, the conflict is because
  of an additional column (`content-type`) in glitch-soc.
  Ported upstream changes.
- `package.json`:
  Upstream dependency (express) textually adjacent to a glitch-soc-specific one
  (favico.js) got updated.
  Updated it as well.
2022-03-10 09:52:45 +01:00
Claire
5ccd6cbfda
Add test for reblog race condition fix (#17732)
Follow-up to #17693
2022-03-10 00:11:49 +01:00
Claire
63c9d2bc28
Add tests for CVE-2022-24307 (#17733)
Follow-up to #17426
2022-03-10 00:11:40 +01:00
Eugen Rochko
d17fb70131
Change how changes to media attachments are stored for edits (#17696)
* Change how changes to media attachments are stored for edits

Fix not being able to re-order media attachments

* Fix not broadcasting updates when polls/media is changed through ActivityPub

* Various fixes and improvements

* Update app/models/report.rb

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Add tracking of media attachment description changes

* Change poll in status edit to have a structure closer to the real one

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-09 09:06:17 +01:00
Eugen Rochko
bd53dd5210
Change design of federation pages in admin UI (#17704)
* Change design of federation pages in admin UI

* Fix query performance in instance media attachments measure

* Fix reblogs being included in instance languages dimension
2022-03-09 08:52:32 +01:00
Claire
1fbd1fa5c4 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/settings/preferences_controller.rb`:
  Conflicts due to us having more user settings and upstream dropping
  `hide_network` (to replace it with an account attribute, properly migrated).
  Dropped `hide_network` like upstream.
- `app/lib/user_settings_decorator.rb`:
  Conflicts due to us having more user settings and upstream dropping
  `hide_network` (to replace it with an account attribute, properly migrated).
  Dropped `hide_network` like upstream.
- `app/models/status.rb`:
  Conflict because of slight change in how glitch-soc handles the scope to
  filter out local-only posts for anonymous viewers.
  Took upstream's changes and re-applied glitch-soc's change.
- `app/models/user.rb`:
  Conflicts due to us having more user settings and upstream dropping
  `hide_network` (to replace it with an account attribute, properly migrated).
  Dropped `hide_network` like upstream.
- `app/views/directories/index.html.haml`:
  Conflict because upstream redesigned that page while glitch-soc had a minor
  change to support hiding the number of followers.
  Ported glitch-soc's change on top of upstream's redesign.

Additional changes:
- `app/models/account_statuses_filter.rb`:
  See change to `app/models/status.rb`.
2022-03-08 20:22:54 +01:00
Eugen Rochko
8f6c67bfde
Fix performance of account timelines (#17709)
* Fix performance of account timelines

* Various fixes and improvements

* Fix duplicate results being returned

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

* Fix grouping for pinned statuses scope

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-08 09:14:39 +01:00
Eugen Rochko
edf09ec747
Add /api/v1/accounts/familiar_followers to REST API (#17700)
* Add `/api/v1/accounts/familiar_followers` to REST API

* Change hide network preference to be stored consistently for local and remote accounts

* Add dummy classes to migration

* Apply suggestions from code review

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-03-07 09:36:47 +01:00
Josh Soref
b5329e0035
Spelling (#17705)
* spelling: account

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: affiliated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: appearance

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: autosuggest

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: cacheable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: component

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: conversations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: domain.example

Clarify what's distinct and use RFC friendly domain space.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: environment

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: exceeds

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: functional

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: inefficiency

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: not

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: notifications

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: occurring

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: position

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: progress

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: promotable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: reblogging

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: repetitive

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: resolve

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: saturated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: similar

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: strategies

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: success

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: targeting

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: thumbnails

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unauthorized

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unsensitizes

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: validations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: various

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2022-03-06 22:51:40 +01:00
Claire
d9c3109bb6 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-04 01:07:49 +01:00
Claire
6d3fa7828e
Redesign /about when already logged in (#17348)
* Redesign /about when already logged in

* Fix sign up form still showing when OMNIAUTH_ONLY is set

* Fix tests

* Change wording based on suggestions

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-03 16:14:44 +01:00
Claire
8743b1ea40 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/trends/links/index.html.haml`:
  Not really a conflict, upstream change textually too close to a glitch-soc
  change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
  system).
  Ported upstream changes.
- `app/views/admin/trends/links/preview_card_providers/index.html.haml`:
  Not really a conflict, upstream change textually too close to a glitch-soc
  change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
  system).
  Ported upstream changes.
- `app/views/admin/trends/statuses/index.html.haml`:
  Not really a conflict, upstream change textually too close to a glitch-soc
  change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
  system).
  Ported upstream changes.
- `app/views/admin/trends/tags/index.html.haml`:
  Not really a conflict, upstream change textually too close to a glitch-soc
  change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
  system).
  Ported upstream changes.
2022-03-02 20:48:27 +01:00
Eugen Rochko
02b8d63fce
Fix report category not being saved in REST API (#17682) 2022-03-02 18:57:08 +01:00
Claire
425a6c90c4 Merge branch 'main' into glitch-soc/merge-upstream 2022-03-02 18:02:48 +01:00
Eugen Rochko
50ea54b3ed
Change authorized applications page (#17656)
* Change authorized applications page

* Hide revoke button for superapps and suspended accounts

* Clean up db/schema.rb
2022-03-01 16:48:58 +01:00
Claire
be493b6c0d Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Not a real conflict, just upstream getting rid of unused constants too close
  to glitch-soc-specific contents.
  Removed unused constants like upstream did.
- `app/models/trends.rb`:
  Conflict because glitch-soc disabled email notifications for trending links.
  Upstream has refactored this quite a bit and added trending posts.
  Took upstream code, but disabling the extra trending stuff will come in
  another commit.
- `app/views/admin/trends/links/index.html.haml`:
  Conflict due to glitch-soc's theming system.
  Ported upstream changes accordingly.
2022-02-26 09:29:23 +01:00
Eugen Rochko
27965ce5ed
Add trending statuses (#17431)
* Add trending statuses

* Fix dangling items with stale scores in localized sets

* Various fixes and improvements

- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction

* Add tests for trending statuses filtering behaviour

* Fix not applying filtering scope in controller
2022-02-25 00:34:14 +01:00
Eugen Rochko
a29a982eaa
Change e-mail domain blocks to block IPs dynamically (#17635)
* Change e-mail domain blocks to block IPs dynamically

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-24 17:28:23 +01:00
Sumak
91cc8d1e63
fix #17601 change :keys to :attribute_names (#17637) 2022-02-24 14:46:21 +01:00
Claire
3d25fe0426 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream changed the workflow a bit.
  Conflict comes from us pushing to ghcr while upstream pushes to dockerhub.
  Ported the upstream changes while still pushing to ghcr.
2022-02-23 18:13:12 +01:00
luzpaz
73f5e4a1d9
Fix various typos (#17621)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-02-22 20:14:17 +01:00
Claire
f224237862 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `db/schema.rb`:
  Conflict due to glitch-soc adding the `content_type` column on status edits
  and thus having a different schema version number.
  Solved by taking upstream's schema version number, as it is higher than
  glitch-soc's.
2022-02-17 10:58:44 +01:00
Claire
8f537a1168
Change relays handling to not record boosts (#17571)
* Change relays handling to not record boosts

* Update tests
2022-02-16 14:36:44 +01:00
Jeong Arm
2fd2666eea
Add test for user matching ip (#17572) 2022-02-16 13:14:53 +01:00
Eugen Rochko
564efd0651
Add appeals (#17364)
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
2022-02-14 21:27:53 +01:00
Claire
51cad4f7fb Merge branch 'main' into glitch-soc/merge-upstream 2022-02-11 21:53:20 +01:00
Claire
d4e6774a0c
Fix Undo Announce sometimes inlining the originally Announced status (#17516)
* Change tests to have more specific expectations on sent ActivityPub payloads

* Check that payload doesn't actually contain the contents of the boosted toot

* Fix Undo Announce sometimes inlining the originally Announced status
2022-02-11 14:52:07 +01:00
Claire
472bc89611
Fix some flaky tests that randomly failed because of item ordering (#17509) 2022-02-10 22:00:10 +01:00
Claire
2af03164cb
Improve tests involving push_bulk (#17508)
sidekiq-bulk's push_bulk can either accept arguments directly or run them
through a block.

Setting expectations on the result of evaluating the blocks allows testing
more code (the block itself) and the test is moved closer to the *interface*
of the tested code than its precise implementation.
2022-02-10 19:42:45 +01:00
Claire
f1a6f9062e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/statuses_controller.rb`:
  Upstream moved things around in a place where glitch-soc had support for
  an extra parameter (`content_type`).
  Follow upstream but reintroduce `content_type`.
2022-02-10 19:09:27 +01:00
Claire
da91b18a8b
Fix NoMethodError in StatusUpdateDistributionWorker (#17499)
* Add tests

* Fix NoMethodError in StatusUpdateDistributionWorker

* Fix tests
2022-02-10 14:57:10 +01:00
Claire
63854bee6c
Fix poll votes not being properly reset on poll change (#17498)
* Fix poll votes not being properly reset on poll change

* Fix and add tests

* Fix poll update handling when the number of options changes
2022-02-10 14:26:54 +01:00
Eugen Rochko
63002cde03
Add editing for published statuses (#17320)
* Add editing for published statuses

* Fix change of multiple-choice boolean in poll not resetting votes

* Remove the ability to update existing media attachments for now
2022-02-10 00:15:30 +01:00
Claire
322e907e04 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/preferences/appearance/show.html.haml`:
  Upstream renamed some helper functions that were used in a part of the
  settings page which glitch-soc slightly changed the layout of.
  Ported the change.
2022-02-09 17:28:33 +01:00
Eugen Rochko
3aebe711fd
Change languages to be listed under standard instead of native name in admin UI (#17485) 2022-02-09 04:15:38 +01:00
Claire
692963d43b Merge branch 'main' into glitch-soc/merge-upstream 2022-02-08 18:23:53 +01:00
Eugen Rochko
b6d7726ecb
Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Eugen Rochko
f1f6ddd536
Fix structured data parsing from links choking on bad data (#17403)
* Fix structured data parsing from links choking on bad data

- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag

* Remove unnecessary slash escapes from CDATA regex pattern
2022-02-07 18:16:31 +01:00
Claire
73a782391c
Fix replies collection incorrectly looping (#17462)
* Refactor tests

* Add tests

* Fix replies collection incorrectly looping
2022-02-07 17:06:43 +01:00
Claire
aa832d623a Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `CHANGELOG.md`:
  Upstream added newlines.
  Conflicts are because the CHANGELOG was independently merged from 3.4.6 on
  last security update.
  Took upstream's version.
- `app/helpers/context_helper.rb`:
  Conflicts because of extra vocabulary in glitch-soc. The conflicts were
  actually handled in last security merge.
  Kept our version.
2022-02-06 15:34:42 +01:00
Claire
92658f0fb0
Fix instance actor not being dereferenceable (#17457)
* Add tests

* Fix instance actor not being dereferenceable

* Fix tests

* Fix tests for real
2022-02-06 15:31:03 +01:00
Claire
c8b1e72a4f
Fix compacted JSON-LD possibly causing compatibility issues on forwarding (#17428) 2022-02-03 14:09:04 +01:00
Claire
7b969436a0 Fix compacted JSON-LD possibly causing compatibility issues on forwarding 2022-02-02 19:55:57 +01:00
Claire
7679ddcd5e Merge branch 'main' into glitch-soc/merge-upstream 2022-01-30 22:33:30 +01:00
Claire
f5639e1cbe
Change public profile pages to be disabled for unconfirmed users (#17385)
Fixes #17382

Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.
2022-01-28 14:24:37 +01:00
Claire
b2915613fb Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Upstream-updated lib textually too close to glitch-soc-only dep.
  Updated like upstream.
2022-01-28 08:58:32 +01:00
Claire
e38fc319dc
Refactor and improve tests (#17386)
* Change account and user fabricators to simplify and improve tests

- `Fabricate(:account)` implicitly fabricates an associated `user` if
  no `domain` attribute is given (an account with `domain: nil` is
  considered a local account, but no user record was created), unless
  `user: nil` is passed
- `Fabricate(:account, user: Fabricate(:user))` should still be possible
  but is discouraged.

* Fix and refactor tests

- avoid passing unneeded attributes to `Fabricate(:user)` or
  `Fabricate(:account)`
- avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other
  way around
- prefer `Fabricate(:user, account_attributes: …)` to
  `Fabricate(:user, account: Fabricate(:account, …)`
- also, some tests were using remote accounts with local user records, which is
  not representative of production code.
2022-01-28 00:46:42 +01:00
Claire
ad6ddb9bdd Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `config/environments/production.rb`:
  Upstream changed a header but we had different default headers.
  Applied the same change, and also dropped HSTS headers redundant with
  Rails'.
2022-01-26 22:32:21 +01:00
Eugen Rochko
6505b39e5d
Fix poll updates being saved as status edits (#17373)
Fix #17344
2022-01-26 18:05:39 +01:00
Claire
61ef81c548 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `spec/models/status_spec.rb`:
  Upstream added tests too close to glitch-soc-specific tests.
  Kept both tests.
2022-01-23 18:24:01 +01:00
Claire
0a120d86d2
Fix error-prone SQL queries (#15828)
* Fix error-prone SQL queries in Account search

While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.

This PR parameterises the `to_tsquery` input to make the query more robust.

* Harden code for Status#tagged_with_all and Status#tagged_with_none

Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.

* Remove unneeded spaces surrounding tsquery term

* Please CodeClimate

* Move advanced_search_for SQL template to its own function

This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.

* Add tests covering tagged_with, tagged_with_all and tagged_with_none

* Rewrite tagged_with_none to avoid multiple joins and make it more robust

* Remove obsolete brakeman warnings

* Revert "Remove unneeded spaces surrounding tsquery term"

The two queries are not strictly equivalent.

This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
2022-01-23 18:10:10 +01:00
Claire
fe89554a54 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/activitypub/activity/create.rb`:
  Upstream refactored how `Create` activities are handled and how values are
  extracted from `Create`d objects. This conflicted with how glitch-soc
  supported the `directMessage` flag to explicitly distinguish between
  limited and direct messages.
  Ported glitch-soc's changes to latest upstream changes.
- `app/services/fan_out_on_write_service.rb`:
  Upstream largely refactored that file and changed some of the logic.
  This conflicted with glitch-soc's handling of the direct timeline and
  the options to allow replies and boosts in public feeds.
  Ported those glitch-soc changes on top of latest upstream changes.
- `app/services/process_mentions_service.rb`:
  Upstream refactored to move mention-related ActivityPub deliveries to
  `ActivityPub::DeliveryWorker`, while glitch-soc contained an extra check
  to not send local-only toots to remote mentioned users.
  Took upstream's version, as the check is not needed anymore, since it is
  performed at the `ActivityPub::DeliveryWorker` call site already.
- `app/workers/feed_insert_worker.rb`:
  Upstream added support for `update` toot events, while glitch-soc had
  support for an extra timeline support, `direct`.
  Ported upstream changes and extended them to the `direct` timeline.

Additional changes:
- `app/lib/activitypub/parser/status_parser.rb`:
  Added code to handle the `directMessage` flag and take it into account
  to compute visibility.
- `app/lib/feed_manager.rb`:
  Extended upstream's support of `update` toot events to glitch-soc's
  `direct` timeline.
2022-01-19 23:52:48 +01:00
Eugen Rochko
1060666c58
Add support for editing for published statuses (#16697)
* Add support for editing for published statuses

* Fix references to stripped-out code

* Various fixes and improvements

* Further fixes and improvements

* Fix updates being potentially sent to unauthorized recipients

* Various fixes and improvements

* Fix wrong words in test

* Fix notifying accounts that were tagged but were not in the audience

* Fix mistake
2022-01-19 22:37:27 +01:00
Claire
b3bf32a21e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/reports/show.html.haml`:
  Conflicts due to glitch-soc's theming system.
2022-01-17 10:45:25 +01:00
Eugen Rochko
14f436c457
Add notifications for statuses deleted by moderators (#17204) 2022-01-17 09:41:33 +01:00
Claire
2d4b4b0b45 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/accounts_controller.rb`:
  Upstream introduced support for private pinned toots, but glitch-soc's query
  was a bit different as it filtered out local-only toots.
  Used upstream's query, while adding local-only filtering back.
- `app/controllers/activitypub/collections_controller.rb`:
  Same thing with regards to local-only posts.
- `app/validators/status_pin_validator.rb`:
  Not a real conflict, but the line below was different in glitch-soc due to
  the configurable pinned toots limit.
2022-01-17 08:28:52 +01:00
Claire
d5c9feb7b7
Add support for private pinned posts (#16954)
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
2022-01-17 00:49:55 +01:00
Claire
b61c3ddff8 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream added some text, but our README is completely different.
  Kept our README unchanged.
2022-01-16 18:11:20 +01:00
Eugen Rochko
8e84ebf0cb
Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
Claire
d4f315f304 Merge branch 'main' into glitch-soc/merge-upstream 2021-12-18 11:44:54 +01:00
Claire
76761d5fc0
Add ability for admins to delete canonical email blocks (#16644)
* Add admin option to remove canonical email blocks from a deleted account

* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
2021-12-17 23:02:14 +01:00
Claire
7f803c41e2
Add ability to purge undeliverable domains from admin interface (#16686)
* Add ability to purge undeliverable domains from admin interface

* Add tests
2021-12-17 23:01:21 +01:00
Claire
b2526316f5 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/pending_accounts/index.html.haml`:
  Removed upstream, while it had glitch-soc-specific changes to accomodate
  for glitch-soc's theming system.
  Removed the file.

Additional changes:
- `app/views/admin/accounts/index.html.haml':
  Accomodate for glitch-soc's theming system.
2021-12-16 16:20:44 +01:00
Eugen Rochko
0fb9536d38
Add batch suspend for accounts in admin UI (#17009) 2021-12-05 21:48:39 +01:00
Claire
9b861d56a9 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.env.production.sample`:
  Copied upstream changes.
- `app/controllers/settings/identity_proofs_controller.rb`:
  Minor conflict due to glitch-soc's extra “enable_keybase” setting.
  Upstream removed keybase support altogether, so did the same.
- `app/controllers/well_known/keybase_proof_config_controller.rb`:
  Minor conflict due to glitch-soc's extra “enable_keybase” setting.
  Upstream removed keybase support altogether, so did the same.
- `lib/mastodon/statuses_cli.rb`:
  Minor conflict due to an optimization that wasn't shared between
  the two versions. Copied upstream's version.
2021-11-26 22:53:55 +01:00
Jeong Arm
1c826471e7
Fix admin statuses order(#16937) (#16969)
* Fix #16937

* Add test for statuses order
2021-11-26 22:12:27 +01:00
Eugen Rochko
7de0ee7aba
Remove Keybase integration (#17045) 2021-11-26 05:58:18 +01:00
Claire
afd71867ba Revert "Fix trends admin page crashing"
This reverts commit 5f10e64330.
2021-11-26 01:15:29 +01:00
Claire
5f10e64330 Fix trends admin page crashing 2021-11-26 00:50:13 +01:00
Claire
443ec4f8ba Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/tags/index.html.haml`:
  Removed upstream while it had changes in glitch-soc to accomodate for the
  theming system.

Additional changes to accomodate for the theming system:
- `app/views/admin/trends/links/preview_card_providers/index.html.haml`
- `app/views/admin/trends/links/index.html.haml`
- `app/views/admin/trends/tags/index.html.haml`
- `app/views/admin/tags/show.html.haml`
2021-11-25 23:50:35 +01:00
Claire
013bee6afb
Fix filtering DMs from non-followed users (#17042) 2021-11-25 23:46:30 +01:00
Claire
534b0a2704 Merge branch 'main' into glitch-soc/merge-upstream 2021-11-25 18:42:18 +01:00
Eugen Rochko
6e50134a42
Add trending links (#16917)
* Add trending links

* Add overriding specific links trendability

* Add link type to preview cards and only trend articles

Change trends review notifications from being sent every 5 minutes to being sent every 2 hours

Change threshold from 5 unique accounts to 15 unique accounts

* Fix tests
2021-11-25 13:07:38 +01:00
Claire
02a87431cf
Fix error when suspending user with an already-existing canonical email block (#17036)
* Fix error when suspending user with an already-existing canonical email block

Fixes #17033

While attempting to create a `CanonicalEmailBlock` with an existing hash would
raise an `ActiveRecord::RecordNotUnique` error, this being done within a
transaction would cancel the whole transaction. For this reason, checking for
uniqueness in Rails would query the database within the transaction and avoid
invalidating the whole transaction for this reason.

A race condition is still possible, where multiple accounts sharing a canonical
email would be blocked in concurrent transactions, in which only one would
succeed, but that is way less likely to happen that the current issue, and can
always be retried after the first failure, unlike the current situation.

* Add tests
2021-11-24 17:41:03 +01:00
Claire
4bb6b1a1e7 Merge branch 'main' into glitch-soc/merge-upstream 2021-11-06 00:15:38 +01:00
Claire
87085a5152
Fix AccountNote not having a maximum length (#16942) 2021-11-06 00:12:25 +01:00
Eugen Rochko
39cdf61ab7
Add support for structured data and more OpenGraph tags to link cards (#16938)
Save preview cards under their canonical URL

Increase max redirects to follow from 2 to 3
2021-11-05 23:23:05 +01:00
Claire
989c67d29d
Fix handling announcements with links (#16941)
Broken since #15827
2021-11-05 21:14:35 +01:00
Claire
e855df149b Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.env.production.sample`:
  Upstream added new configuration options, uncommented by default.
  Commented them.
- `Gemfile.lock`:
  Upstream updated dependencies textually close to glitch-soc-specific
  dependencies.
  Updated those upstream dependencies.
2021-10-25 20:28:51 +02:00
Claire
ec059317fa
Fix some link previews being incorrectly generated from other prior links (#16885)
* Add tests

* Fix some link previews being incorrectly generated from different prior links

PR #12403 added a cache to avoid redundant queries when the OEmbed endpoint can
be guessed from the URL. This caching mechanism is not perfectly correct as
there is no guarantee that all pages from a given domain share the same
OEmbed provider endpoint.

This PR prevents the FetchOEmbedService from caching OEmbed endpoint that
cannot be generalized by replacing a fully-qualified URL from the endpoint's
parameters, greatly reducing the number of incorrect cached generalizations.
2021-10-21 20:39:35 +02:00
Claire
3f9b28ce26
Add support for fetching Create and Announce activities by URI (#16383)
* Add support for fetching Create and Announce activities by URI

This should improve compatibility with ZAP and offer a way to fetch boosts,
which is currently not possible.

* Add tests
2021-10-21 01:14:04 +02:00
Takeshi Umeda
17f4e457b3
Add remove from followers api (#16864)
* Add followed_by? to account_interactions

* Add RemoveFromFollowersService

* Fix AccountBatch to use RemoveFromFollowersService

* Add remove from followers API
2021-10-18 12:02:35 +02:00
Claire
b2eaf5562d Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream added some documentation in the README, but our README is pretty
  different and barebone.
  Kept our README.
2021-10-14 22:14:26 +02:00
Claire
694c073d1f Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/admin/dashboard_controller.rb`:
  Upstream completely redesigned the admin dashboard.
  glitch-soc tracked extra features, but that list is
  gone.
  Followed upstram.
- `app/views/admin/dashboard/index.html.haml`
  Upstream completely redesigned the admin dashboard.
  glitch-soc tracked extra features, but that list is
  gone.
  Followed upstram.
2021-10-14 21:44:57 +02:00
Jeong Arm
f4081d1564
Allow keeping only 1 boosts/favs on auto deleting posts (#16653)
* Allow keeping 1 boosts/favs on auto deleting posts

* Fix tests
2021-10-14 21:11:14 +02:00
Claire
216570ad98
Fix scheduled statuses decreasing statuses counts (#16791)
* Add tests

* Fix scheduled statuses decreasing statuses counts

Fixes #16774
2021-10-14 19:59:21 +02:00
Claire
1665b84285 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `package.json`:
  Not really a conflict, just a glitch-soc-only dependency textually too close
  to an updated upstream one.
- `yarn.lock`:
  Not really a conflict, just a glitch-soc-only dependency textually too close
  to an updated upstream one.
2021-10-13 15:50:24 +02:00
Claire
5159ba26e4
Fix error when rendering public pages with media attachments (#16763)
* Add tests

* Fix error when rendering public pages with media attachments

* Add tests

* Fix tests

* Please CodeClimate
2021-10-13 15:27:19 +02:00
Claire
079ed6c26d Merge branch 'main' into glitch-soc/merge-upstream 2021-10-06 16:46:32 +02:00
Claire
84ceebe1c4
Fix media attachment size validation not correctly accounting for file type (#16819)
* Fix media attachment size validation not correctly accounting for file type

Fixes a regression introduced in #16724 caused by the fact that kt-paperclip
now correctly runs validations before processing, meaning that file size
verification could not rely on our before_post_processing hook.

Moved the `before_post_processing` hooks to `before_validate` to make sure
the media attachment type is set correctly before the file gets validated.

* Add tests
2021-10-06 14:49:32 +01:00
Claire
56f9c44f33 Merge branch 'main' into glitch-soc/merge-upstream 2021-09-30 11:45:13 +02:00
Claire
24f9ea7818
Fix webauthn secure key authentication (#16792)
* Add tests

* Fix webauthn secure key authentication

Fixes #16769
2021-09-30 05:26:29 +02:00
Claire
29b5c5f483 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/models/custom_emoji.rb`:
  Slight refactor upstream, next to a line that was different in glitch-soc
  because of our local configurable limits on custom emoji size.
  Ported upstream changes.
- `yarn.lock`:
  Not really a conflict, upstream dependency textually too close to a
  glitch-soc-only dependency.
  Updated upstream dependency as upstream.
2021-09-30 00:01:20 +02:00
Claire
fc3ae1343d
Switch from unmaintained paperclip to kt-paperclip (#16724)
* Switch from unmaintained paperclip to kt-paperclip

* Drop some compatibility monkey-patches not required by kt-paperclip

* Drop media spoof check monkey-patching

It's broken with kt-paperclip and hopefully it won't be needed anymore

* Fix regression introduced by paperclip 6.1.0

* Do not rely on pathname to call FastImage

* Add test for ogg vorbis file with cover art

* Add audio/vorbis to the accepted content-types

This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…

* Restore missing for_as_default method

* Refactor Attachmentable concern and delay Paperclip's content-type spoof check

Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.

* Please CodeClimate

* Add audio/vorbis to the unreliable set

It doesn't correspond to a file format and thus has no extension associated.
2021-09-29 23:52:36 +02:00
Claire
3622110778 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `streaming/index.js`:
  Filtering code for streaming notifications has been refactored upstream, but
  glitch-soc had similar code for local-only toots in the same places.
  Ported upstream changes, but did not refactor local-only filtering.
2021-09-26 18:28:59 +02:00
Eugen Rochko
52e5c07948
Change routing paths to use usernames in web UI (#16171) 2021-09-26 05:46:13 +02:00
Claire
bf827b17e1 Merge branch 'main' into glitch-soc/merge-upstream 2021-09-19 13:07:27 +02:00
Claire
e0af97164a
Fix followers synchronization mechanism not working when URI has empty path (#16744)
Follow-up to #16510, forgot the controller exposing the actual followers…
2021-09-15 18:51:16 +02:00
Claire
f1e6884d6b Merge branch 'main' into glitch-soc/merge-upstream 2021-09-14 13:50:30 +02:00
Claire
db57bff11d
Stop setting a shortcode to newly-created media attachments (#16730)
* Stop setting a shortcode to newly-created media attachments

The WebUI has stopped using the “short media URL” in ages. This isn't used
anywhere except for mail notifications.

Deprecating it would allow us to eventually get rid of at least a database
column and corruption-prone index, as well as a controller.

* Fix tests
2021-09-13 18:59:37 +02:00
Claire
12cd097e7c
Fix addressing of remote groups' followers (#16700)
Fixes #16699
2021-09-08 23:33:23 +02:00
Claire
f9185c72a9 Merge branch 'main' into glitch-soc/merge-upstream 2021-09-02 10:52:09 +02:00
Claire
2b18f7a943
Fix processing mentions to domains with non-ascii TLDs (#16689)
Fixes #16602
2021-09-01 22:06:40 +02:00
Claire
463d23dfd5 Merge branch 'main' into glitch-soc/merge-upstream 2021-08-27 11:29:03 +02:00
Claire
94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
Claire
4e2a8c9b38 Merge branch 'main' into glitch-soc/merge-upstream 2021-08-20 13:01:50 +02:00
Claire
6702148472
Add tests for SuspendAccountService and UnsuspendAccountService (#16627)
* Add tests for SuspendAccountService

* Add tests for UnsuspendAccountService
2021-08-20 10:53:33 +01:00
Claire
5efb1ff337
Fix followers synchronization mechanism not working when URI has empty path (#16510)
* Fix followers synchronization mechanism not working when URI has empty path

To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org instead of
something like https://example.org/actor) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.

Also adds tests and rename them to reflect the proper method names.

* Move url prefix regexp to its own constant
2021-08-11 17:48:42 +02:00
Claire
47ea9b2d67 Merge branch 'main' into glitch-soc/merge-upstream 2021-08-11 16:41:59 +02:00
Claire
13b08610a0
Fix crash when encountering invalid account fields (#16598)
* Add test

* Fix crash when encountering invalid account fields
2021-08-11 16:40:55 +02:00
Claire
8ec4be4233 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Not a real conflict, upstream-updated dependency (redis) textually too
  close to glitch-soc-only dependecy.
  Updated redis gem like upstream did.
2021-08-09 23:25:49 +02:00
Claire
4ac78e2a06
Add feature to automatically delete old toots (#16529)
* Add account statuses cleanup policy model

* Record last inspected toot to delete to speed up successive calls to statuses_to_delete

* Add service to cleanup a given account's statuses within a budget

* Add worker to go through account policies and delete old toots

* Fix last inspected status id logic

All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.

* Add tests

* Refactor scheduler and add tests

* Add user interface

* Add support for discriminating based on boosts/favs

* Add UI support for min_reblogs and min_favs, rework UI

* Address first round of review comments

* Replace Snowflake#id_at_start with with_random parameter

* Add tests

* Add tests for StatusesCleanupController

* Rework settings page

* Adjust load-avoiding mechanisms

* Please CodeClimate
2021-08-09 23:11:50 +02:00
Claire
763ab0c7eb
Fix owned account notes not being deleted when an account is deleted (#16579)
* Add account_notes relationship

* Add tests

* Fix owned account notes not being deleted when an account is deleted

* Add post-migration to clean up orphaned account notes
2021-08-08 15:29:57 +02:00
Claire
d1c87be8cf Merge branch 'main' into glitch-soc/merge-upstream 2021-07-17 17:45:35 +02:00
Claire
30ce6e395c
Fix user email address being banned on self-deletion (#16503)
* Add tests

* Fix user email address being banned on self-deletion

Fixes #16498
2021-07-14 05:35:49 +02:00
Claire
fc500a6062 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `CONTRIBUTING.md`:
  Upstream file has changed and we're quoting it.
  Ported the changes.
- `README.md`:
  Upstream file has changed but we have a completely different one.
  Kept our version.
- `lib/mastodon/version.rb`:
  Upstream has changed from `tootsuite/mastodon` to `mastodon/mastodon`,
  but we're still `glitch-soc/mastodon`.
  Kept our version.
- `spec/presenters/instance_presenter_spec.rb`:
  Upstream has changed from `tootsuite/mastodon` to `mastodon/mastodon`,
  but we're still `glitch-soc/mastodon`.
  Kept our version.
2021-07-13 17:57:15 +02:00
Claire
5a1e072517
Change references to tootsuite/mastodon to mastodon/mastodon (#16491)
* Change references to tootsuite/mastodon to mastodon/mastodon

* Remove obsolete test fixture

* Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG

And a few other places
2021-07-13 15:46:20 +02:00
Claire
3160e050a9 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/helpers/accounts_helper.rb`:
  Conflict due to upstream changing how followers count is displayed while we
  have an option to hide followers count.
  Ported upstream change.
- `app/views/accounts/_header.html.haml`:
  Conflict due to upstream changing how followers count is displayed while we
  have an option to hide followers count.
  Ported upstream change.
- `app/views/directories/index.html.haml`:
  Conflict due to upstream changing how followers count is displayed while we
  have an option to hide followers count.
  Ported upstream change.
2021-07-08 16:17:19 +02:00
Eugen Rochko
771c9d4ba8
Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00
Claire
225c6582d1
Add tests for BootstrapTimelineService (#16476) 2021-07-07 21:12:43 +02:00
Ikko Ashimine
67226acf7e
Fix typo in tag_feed_spec.rb (#16466)
existant -> existent
2021-07-05 19:16:21 +02:00
Claire
49219508bc
Fix anonymous access to outbox not being cached by the reverse proxy (#16458)
* Fix anonymous access to outbox not being cached by the reverse proxy

Up until now, anonymous access to outbox was marked as public, but with a
0 duration for caching, which means remote proxies would only serve from cache
when the server was completely overwhelmed.

Changed that cache duration to one minute, so that repeated anonymous access
to one account's outbox can be appropriately cached.

Also added `Signature` to the `Vary` header in case a page is requested, so
that authenticated fetches are never served from cache (which only contains
public toots).

* Remove Vary: Accept header from webfinger controller

Indeed, we have stopped returning xrd, and only ever return jrd, so the
Accept request header does not matter anymore.

* Cache negative webfinger hits for 3 minutes
2021-07-03 21:13:47 +02:00
Claire
37fd9670a5 Merge branch 'main' into glitch-soc/merge-upstream 2021-06-23 10:46:24 +02:00
Claire
63b807cffc
Fix serialization of followers/following counts when user hides their network (#16418)
* Add tests

* Fix serialization of followers/following counts when user hides their network

Fixes #16382

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-06-21 20:14:47 +02:00
Eugen Rochko
d174d12c83
Add authentication history (#16408) 2021-06-21 17:07:30 +02:00
Claire
7ac8bcf209 Merge branch 'main' into glitch-soc/merge-upstream 2021-05-10 21:45:32 +02:00
Claire
afb7882189
Fix blocking someone not clearing up list feeds (#16205) 2021-05-10 17:31:55 +02:00
Claire
fbf097f7e1 Merge branch 'main' into glitch-soc/merge-upstream 2021-05-08 00:01:47 +02:00
Eugen Rochko
1294f9ee4f
Remove PubSubHubbub-related columns from accounts table (#16170) 2021-05-07 19:32:58 +02:00
Claire
50b430d9a2 Merge branch 'main' into glitch-soc/merge-upstream
- `app/views/statuses/_simple_status.html.haml`:
  Small markup change in glitch-soc, on a line that has been modified by
  upstream. Ported upstream changes.
2021-05-07 18:21:59 +02:00
Eugen Rochko
74081433d0
Change trending hashtags to be affected be reblogs (#16164)
If a status with a hashtag becomes very popular, it stands to
reason that the hashtag should have a chance at trending

Fix no stats being recorded for hashtags that are not allowed
to trend, and stop ignoring bots

Remove references to hashtags in profile directory from the code
and the admin UI
2021-05-07 14:33:43 +02:00
Eugen Rochko
2c77d97e0d
Add joined date to profiles in web UI (#16169) 2021-05-07 14:33:19 +02:00
Claire
566fc90913
Add Ruby 3.0 support (#16046)
* Fix issues with POSIX::Spawn, Terrapin and Ruby 3.0

Also improve the Terrapin monkey-patch for the stderr/stdout issue.

* Fix keyword argument handling throughout the codebase

* Monkey-patch Paperclip to fix keyword arguments handling in validators

* Change validation_extensions to please CodeClimate

* Bump microformats from 4.2.1 to 4.3.1

* Allow Ruby 3.0

* Add Ruby 3.0 test target to CircleCI

* Add test for admin dashboard warnings

* Fix admin dashboard warnings on Ruby 3.0
2021-05-06 14:22:54 +02:00
Claire
8c44b723bb
Change confirmations controller to redirect to / for approved users (#16151)
Clicking the confirmation link multiple times currently leads to entering
account settings, which can be confusing. This commit changes that so that
it redirects to the root path, so it behaves the same way as clicking only
once in most cases.
2021-05-03 15:45:19 +02:00
abcang
7f0c49c58a
Improve tag search query (#16104) 2021-04-25 06:33:28 +02:00
Eugen Rochko
daccc07dc1
Change auto-following admin-selected accounts, show in recommendations (#16078) 2021-04-24 17:01:43 +02:00
Claire
a6564d56d6
Fix edge case where accepted follow cannot be processed because of follow limit (#16098) 2021-04-23 22:51:21 +02:00
Eugen Rochko
9cc283f0b4
Change the nouns "toot" and "status" to "post" (#16080) 2021-04-21 18:31:24 +02:00
Claire
536892b8ae Merge branch 'main' into glitch-soc/merge-upstream 2021-04-21 13:52:03 +02:00
Claire
0b36e3419d
Fix processing of remote Delete activities (#16084)
* Add tests

* Ensure deleted statuses are marked as such

* Save some redis memory by not storing URIs in delete_upon_arrival values

* Avoid possible race condition when processing incoming Deletes

* Avoid potential duplicate Delete forwards

* Lower lock durations to reduce issues in case of hard crash of the Rails process

* Check for `lock.aquired?` and improve comment

* Refactor RedisLock usage in app/lib/activitypub

* Fix using incorrect or non-existent sender for relaying Deletes
2021-04-21 04:46:09 +02:00
Claire
e2a2bc9021 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated copyright year, we don't mention it so kept our version.
- `app/controllers/admin/dashboard_controller.rb`:
  Not really a conflict, upstream change (removing the spam checker) too close
  to glitch-soc changes. Ported upstream changes.
- `app/models/form/admin_settings.rb`:
  Same.
- `app/services/remove_status_service.rb`:
  Same.
- `app/views/admin/settings/edit.html.haml`:
  Same.
- `config/settings.yml`:
  Same.
- `config/environments/production.rb`:
  Not a real conflict, upstream added a default HTTP header, but we have
  extra headers in glitch-soc.
  Added the header.
2021-04-20 12:17:14 +02:00
Eugen Rochko
b3ceb3dcc4
Add canonical e-mail blocks for suspended accounts (#16049)
Prevent new accounts from being created using the same underlying
e-mail as a suspended account using extensions and period
permutations. Stores e-mails as a SHA256 hash
2021-04-17 03:14:25 +02:00
Eugen Rochko
3b8d085436
Fix app name, website and redirect URIs not having a maximum length (#16042)
Fix app scopes not being validated
2021-04-15 16:28:43 +02:00
Eugen Rochko
ce2148c571
Add policy param to POST /api/v1/push/subscriptions (#16040)
With possible values `all`, `followed`, `follower`, and `none`,
control from whom notifications will generate a Web Push alert
2021-04-15 05:00:25 +02:00
Eugen Rochko
120965eb0b
Change Web Push API deliveries to use request pooling (#16014) 2021-04-12 14:25:34 +02:00
Eugen Rochko
f7117646af
Add cold-start follow recommendations (#15945) 2021-04-12 12:37:14 +02:00
Eugen Rochko
619fad6cf8
Remove spam check and dependency on nilsimsa gem (#16011) 2021-04-11 11:22:50 +02:00
Eugen Rochko
7183d9a113
Change multiple mentions with same username to render with domain (#15718)
Fix #15506
2021-04-10 11:51:02 +02:00
Claire
5c225b03db Fix glitch-soc-specific health check spec 2021-04-05 15:21:38 +02:00
Claire
15efa32cca Merge branch 'main' into glitch-soc/merge-upstream 2021-03-31 10:34:29 +02:00
Claire
a650a1157d
Fix /admin/tags/:id crashing since Rails 6.1 update (#15953)
Raw SQL passed to `pluck` now has to be explicitly marked as SQL via
Arel.sql, see https://github.com/rails/rails/pull/27947
2021-03-26 18:36:16 +01:00
Claire
f60c99a8fb Merge branch 'main' into glitch-soc/merge-upstream 2021-03-24 10:53:50 +01:00
Claire
cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire
1c4dee4554
Fix Mastodon not understanding as:Public and Public (#15948)
Fixes #5551
2021-03-24 10:19:40 +01:00
Claire
051efed5ed
Bypass MX validation for explicitly allowed domains (#15930)
* Bypass MX validation for explicitly allowed domains

This spares some lookups and prevent issues in some edge cases with
local domains.

* Add tests

* Fix test
2021-03-19 23:48:47 +01:00
Claire
3ad6ef72cb Merge branch 'main' into glitch-soc/merge-upstream 2021-03-19 13:57:15 +01:00
Claire
741d0952b1
Improve account counters handling (#15913)
* Improve account counters handling

* Use ActiveRecord::Base::sanitize_sql to pass values instead of interpolating them

Keep using string interpolation for `key` as it is safe and using
“ActiveRecord::Base::sanitize_sql_hash_for_assignment” would require stitching
bits of SQL in a way that is not more easily checked for safety.

* Add migration hook to catch PostgreSQL versions earlier than 9.5
2021-03-19 13:14:57 +01:00
Claire
b358229834
Further preparation for Rails 6 (#15916)
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash

They do the same thing, and to_hash has been removed from Rails 6.1

* Explicitly name polymorphic indexes to workaround a bug in Rails 6.1

cf. https://github.com/rails/rails/issues/41693

* Fix incorrect usage of “foreign_key” in migration script

* Use `ActiveModel::Errors#delete` instead of deprecated clear method

* Fix link headers tests on Rails 6.1

Rails 6.1 adds values to the Link header by default, thus it is not a
LinkHeader object anymore. Fix the test to parse the Link header instead
of assuming it is a LinkHeader.
2021-03-19 02:45:34 +01:00
Claire
a4dcaef53b
Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Claire
5027abecd1
Fix cache_collection crashing when given an empty collection (#15921)
* Fix cache_collection crashing when given an empty collection

* Add tests
2021-03-18 00:41:32 +01:00
Claire
43eff898a0
Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-17 10:09:55 +01:00
Claire
eac4a3e9c8 Merge branch 'main' into glitch-soc/merge-upstream 2021-03-15 11:26:59 +01:00
Claire
5cc45d22d3
Remove subscription_expires_at leftover from OStatus (#15857) 2021-03-12 05:25:24 +01:00
Claire
1b6a21e6bc Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_length_validator.rb`:
  Conflict due to glitch-soc's configurable maximum toot chars.
  Ported upstream changes.
2021-03-11 16:08:15 +01:00
Claire
5614e6724e
Fix URL scanning in note length validator and preview card fetching (#15827)
* Add tests

* Fix URL scanning in note length validator and preview card fetching
2021-03-04 00:12:26 +01:00
Claire
d8fdbb054e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_length_validator.rb`:
  Upstream changes too close to glitch-soc MAX_CHARS changes, but not a real
  conflict.
  Applied upstream changes.
- `package.json`:
  glitch-soc-only dependency textually too close to a dependency updated
  upstream, not a real conflict.
  Applied upstream changes.
2021-03-02 12:06:58 +01:00
Claire
65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
2021-03-02 12:02:56 +01:00
Eugen Rochko
9aa37b32c3
Add details to error response for POST /api/v1/accounts in REST API (#15803) 2021-03-01 04:59:13 +01:00
Claire
5f4c0b79c2
Change ResolveAccountService's handling of skip_webfinger (#15750)
* Change ResolveAccountService's handling of skip_webfinger

Change it so it never makes any webfinger query, as the name would imply.

* Add tests

* Change FollowService to not take an URI for target_account

* Restore domain-block check in FollowService

* Fix tests
2021-02-24 06:32:13 +01:00
Claire
679642e26c Merge branch 'main' into glitch-soc/merge-upstream 2021-02-22 15:23:46 +01:00
Eugen Rochko
8331fdf7e0
Add server rules (#15769) 2021-02-21 19:50:12 +01:00
Claire
5e11f3a6e1 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/styles/mastodon/modal.scss`:
  For some reason we changed the file loading path in glitch-soc,
  but now upstream has completely changed how the logo is loaded.
  Applied upstream changes.
2021-02-12 10:28:32 +01:00
Claire
be3b9f8151
Fix URI of repeat follow requests not being recorded (#15662)
* Fix URI of repeat follow requests not being recorded

In case we receive a “repeat” or “duplicate” follow request, we automatically
fast-forward the accept with the latest received Activity `id`, but we don't
record it.

In general, a “repeat” or “duplicate” follow request may happen if for some
reason (e.g. inconsistent handling of Block or Undo Accept activities, an
instance being brought back up from the dead, etc.) the local instance thought
the remote actor were following them while the remote actor thought otherwise.

In those cases, the remote instance does not know about the older Follow
activity `id`, so keeping that record serves no purpose, but knowing the most
recent one is useful if the remote implementation at some point refers to it
by `id` without inlining it.

* Add tests
2021-02-11 01:53:44 +01:00
Claire
4d40685850 Merge branch 'main' into glitch-soc/merge-upstream 2021-02-03 17:02:48 +01:00
ThibG
a044ddac5b
Fix race conditions on account migration creation (#15597)
* Atomically check for processing lock in Move handler

* Prevent race condition when creating account migrations

Fixes #15595

* Add tests

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-02-02 14:49:57 +01:00
Shubhendra Singh Chauhan
c8d11b8bdb
Fixed code quality issues (#15541)
* Added .deepsource.toml

* Removed bad use of `alias`

* Fixed operand order in the binary expression

* Prefixed unused method arguments with an underscore

* Replaced the old OpenSSL algorithmic constants with the newer strings initializers.

* Removed unnecessary UTF-8 encoding comment
2021-01-31 21:26:09 +01:00
abcang
7ab53f221a
Improved performance of notification preloading (#15640)
* Improved performance of notification preloading

* Remove Cacheable from Notification

* Fix test
2021-01-31 21:24:57 +01:00
Claire
e202314a75 Merge branch 'master' into glitch-soc/merge-upstream 2021-01-18 13:57:12 +01:00
ThibG
54d4e5252b
Use Rails' index_by where it makes sense (#15542)
* Use Rails' index_by where it makes sense

* Fix tests

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-01-12 09:27:38 +01:00
Claire
33d30632fb Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/models/public_feed.rb`:
  Upstream refactored a bit, glitch-soc had specific code for local-only
  statuses.
  Updated glitch-soc's specific code accordingly.
2021-01-11 11:55:42 +01:00
Levi Bard
11d603101a
Fix muting users with duration via the REST api (#15516) 2021-01-10 12:47:21 +01:00
Claire
90528f43bc Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `config/webpack/configuration.js`:
  Upstream updated the `js-yaml` dependency, which changed how to call it.
  Those changes conflicted because that code is pretty different in glitch-soc
  which has to deal with its more complex theming system.
  Proceeded to the same compatibility changes in glitch-soc's code.
- `package.json` and `yarn.lock`:
  Not really a conflict, just glitch-soc-specific dependencies textually too
  close to some dependencies updated upstream.
2021-01-06 18:08:06 +01:00
ThibG
f1f96ebf02
Fix being able to import more than allowed number of follows (#15384)
* Fix being able to import more than allowed number of follows

Without this commit, if someone tries importing a second list of accounts to
follow before the first one has been processed, this will queue imports for
the two whole lists, even if they exceed the account's allowed number of
outgoing follows.

This commit changes it so the individual queued imports aren't exempt from
the follow limit check (they remain exempt from the rate-limiting check
though).

* Catch validation errors to not re-queue failed follows

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-26 23:52:46 +01:00
Claire
537afa00f3 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/feed_manager.rb`:
  Not a real conflict, glitch-soc-only DM-related method
  too close to changed upstream stuff.
  Ported upstream changes.
- `app/services/batched_remove_status_service.rb`:
  Additional logic in glitch-soc to clear DMs from timelines.
  Ported upstream changes and fixed the DM TL clearing logic.
- `app/workers/scheduler/feed_cleanup_scheduler.rb`:
  Additional code in glitch-soc to clear DM timelines.
  Ported upstream changes.
2020-12-23 01:47:45 +01:00
ThibG
3249d35bdc
Improve account deletion performances further (#15407)
* Delete status records by batches of 50

* Do not precompute values that are only used once

* Do not generate redis events for removal of public toots older than two weeks

* Filter reported toots a priori for polls and status deletion

* Do not process reblogs when cleaning up public timelines

As in Mastodon proper, reblogs don't appear in public TLs

* Clean the deleted account's own feed in one go

* Refactor Account#clean_feed_manager and List#clean_feed_manager

* Delete instead of destroy a few more associations

* Fix preloading

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-22 23:57:46 +01:00
ThibG
1cf2c3a810
Fix external user creation failing when invite request text is required (#15405)
* Fix external user creation failing when invite request text is required

Also fixes tootctl-based user creation.

* Add test about invites when invite request text is otherwise required

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-22 17:14:32 +01:00
Eugen Rochko
9915d11c0d
Fix unnecessary queries when batch-removing statuses, 100x faster (#15387) 2020-12-22 17:13:55 +01:00
Claire
38bfaf8855 Merge branch 'master' into glitch-soc/merge-upstream 2020-12-21 18:28:23 +01:00
ThibG
43961035a9
Fix some notifications not being deleted on poll/status deletion (#15402)
* Fix deleting polls not deleting notifications

* Fix fav notification deletion when deleting a toot

* Refactor DeleteAccountService spec

* Add DeleteAccountService tests for other associations and notifications

* Add favourite handling spec in status removal

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-21 18:22:17 +01:00
Claire
f9d000ebae Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/services/resolve_url_service.rb`:
  The private toot search by URL hack has been revamped upstream.
  Took upstream's version.
2020-12-19 00:55:12 +01:00
ThibG
a60d9335d8
Fix resolving accounts sometimes creating duplicate records for a given AP id (#15364)
* Fix ResolveAccountService accepting mismatching acct: URI

* Set attributes that should be updated regardless of suspension

* Fix key fetching

* Automatically merge remote accounts with duplicate `uri`

* Add tests

* Add "tootctl accounts fix-duplicates"

Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and
merge them under the canonical `acct:` URI.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-18 23:26:26 +01:00
Eugen Rochko
eb35be0431
Fix follow limit preventing re-following of a moved account (#14207) 2020-12-18 09:18:31 +01:00
ThibG
b1feb47055
Improve searching for private toots from URL (#14856)
* Improve searching for private toots from URL

Most of the time, when sharing toots, people use the toot URL rather than
the toot URI, which makes sense since it is the user-facing URL.

In Mastodon's case, the URL and URI are different, and Mastodon does not
have an index on URL, which means searching a private toot by URL is done
with a slow query that will only succeed for very recent toots.

This change gets rid of the slow query, and attempts to guess the URI from
URL instead, as Mastodon's are predictable.

* Add tests

* Only return status with guessed uri if url matches

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-17 06:51:49 +01:00
ThibG
8357969559
Fix admins being able to suspend their instance actor (#14567)
* Fix admin being able to suspend their own instance account

* Add text about the instance's own actor in admin view

* Change instance actor notice from flash message to template

* Do not list local instance actor in account moderation list
2020-12-15 17:23:58 +01:00
Claire
e4f8679eae Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  New setting added upstream. Ported it.
- `app/views/statuses/_simple_status.html.haml`:
  Upstream removed RTL classes. Did the same.
- `config/settings.yml`:
  New setting added upstream. Ported it.
2020-12-15 14:27:06 +01:00
Eugen Rochko
1f564051b6
Change RTL detection to rely on unicode-bidi paragraph by paragraph (#14573) 2020-12-15 12:56:43 +01:00
Eugen Rochko
216b85b053
Fix performance on instances list in admin UI (#15282)
- Reduce duplicate queries
- Remove n+1 queries
- Add accounts count to detailed view
- Add separate action log entry for updating existing domain blocks
2020-12-14 09:06:34 +01:00
Claire
7782e4dc0d Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/about_controller.rb`:
  Minor conflict caused by glitch-soc's theming system.
  Ported upstream changes.
2020-12-10 09:41:49 +01:00
ThibG
49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10 06:27:26 +01:00
Claire
a16175645d Merge branch 'master' into glitch-soc/merge-upstream 2020-12-09 14:42:33 +01:00
trwnh
127c543a6e
rename replies_policy enumerables (#15304) 2020-12-09 04:34:17 +01:00
Thibaut Girka
e71b16ae2b Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  glitch-soc-only dependency textually too close to updated upstream
  dependencies. Updated to upsteam dependencies.
2020-11-25 15:31:45 +01:00
ThibG
c43f4cd3bb
Fix not being able to unfavorite toots one has lost access to (#15192)
Fixes #15191
2020-11-21 06:18:09 +01:00
Thibaut Girka
48f0f3ffee Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `.github/ISSUE_TEMPLATE/bug_report.md`:
  Upstream added the `bug` label to bug reports.
  Did the same.
- `app/services/fan_out_on_write_service.rb`:
  Upstream put DMs back into timelines, glitch-soc was already doing it.
  Ignored upstream changes.
2020-11-20 13:27:48 +01:00
ThibG
8b8004a962
Fix webfinger redirect handling in ResolveAccountService (#15187)
* Fix webfinger redirect handling in ResolveAccountService

ResolveAccountService#process_webfinger! handled a one-step webfinger
redirection, but only accepting the result if it matched the exact URI passed
as input, defeating the point of a redirection check.

Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`,
updating the resulting `acct:` URI with the result of the first webfinger
query.

* Add tests
2020-11-19 19:52:06 +01:00
ThibG
96c1e71329
Add import/export feature for bookmarks (#14956)
* Add ability to export bookmarks

* Add support for importing bookmarks

* Add bookmark import tests

* Add bookmarks export test
2020-11-19 17:48:13 +01:00
Thibaut Girka
de5cc20dd8 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/concerns/sign_in_token_authentication_concern.rb`:
  Conflict caused because of glitch-soc's theming system.
  Took upstream's new code and applied the theming system changes on top
  of it.
- `app/controllers/concerns/two_factor_authentication_concern.rb`:
  Conflict caused because of glitch-soc's theming system.
  Took upstream's new code and applied the theming system changes on top
  of it.
2020-11-14 00:30:36 +01:00
Thibaut Girka
6c05db70fa Add tests 2020-11-12 23:44:30 +01:00
Eugen Rochko
8532429af7
Fix 2FA/sign-in token sessions being valid after password change (#14802)
If someone tries logging in to an account and is prompted for a 2FA
code or sign-in token, even if the account's password or e-mail is
updated in the meantime, the session will show the prompt and allow
the login process to complete with a valid 2FA code or sign-in token
2020-11-12 23:05:01 +01:00
Thibaut Girka
c077cdaba7 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/relationships_controller.rb`:
  Upstream changed a line too close to a glitch-soc only line related to
  glitch-soc's theming system.
  Applied upstream changes accordingly.
2020-11-12 22:13:57 +01:00
Eugen Rochko
337dc6e0ad
Fix updating account counters when account_stat is not yet created (#15108) 2020-11-09 16:00:23 +01:00
Thibaut Girka
0437d70628 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/follower_accounts_controller.rb`:
  Conflict due to upstream changing suspension logic while
  glitch-soc has an extra option to hide followers count.
  Ported upstream changes.
2020-11-08 14:20:35 +01:00
Eugen Rochko
3134691948
Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
Thibaut Girka
412218af2e Merge branch 'master' into glitch-soc/merge-upstream 2020-11-07 18:23:02 +01:00
Takeshi Umeda
d6fe0c94ca
Add account sensitized (#14361)
* Add account sensitized

* Fix i18n normalize

* Fix description and spec

* Fix spec

* Fix wording
2020-11-04 20:45:01 +01:00
Thibaut Girka
2eb054c07f Remove glitch-soc specific and obsolete /api/v1/mutes/details 2020-10-21 21:28:47 +02:00
Thibaut Girka
ec49aa8175 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `.github/dependabot.yml`:
  Updated upstream, we deleted it to not be flooded by Depandabot.
  Kept deleted.
- `Gemfile.lock`:
  Puma updated on both sides, went for the most recent version.
- `app/controllers/api/v1/mutes_controller.rb`:
  Upstream updated the serializer to support timed mutes, while
  glitch-soc added a custom API ages ago to get information that
  is already available elsewhere.
  Dropped the glitch-soc-specific API, went with upstream changes.
- `app/javascript/core/admin.js`:
  Conflict due to changing how assets are loaded. Went with upstream.
- `app/javascript/packs/public.js`:
  Conflict due to changing how assets are loaded. Went with upstream.
- `app/models/mute.rb`:
  🤷
- `app/models/user.rb`:
  New user setting added upstream while we have glitch-soc-specific
  user settings. Added upstream's user setting.
- `config/settings.yml`:
  Upstream added a new user setting close to a user setting we had
  changed the defaults for. Added the new upstream setting.
- `package.json`:
  Upstream dependency updated “too close” to a glitch-soc-specific
  dependency. No real conflict. Updated the dependency.
2020-10-21 19:10:50 +02:00
ThibG
ca56527140
Add follower synchronization mechanism (#14510)
* Add support for followers synchronization on the receiving end

Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.

* Add tests for followers synchronization on the receiving end

* Add support for follower synchronization on the sender's end

* Add tests for the sending end

* Switch from AS attributes to HTTP header

Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
   receiving instance (where “receiving instance” is determined by accounts
   sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor

Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.

* Add environment variable to disable followers synchronization

Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.

The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
   netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
   netloc as a managed account must be managed by the same Mastodon instance
   as well.

As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.

Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.

* Only set follower synchronization header on non-public statuses

This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)

* Change how ActivityPub::SynchronizeFollowersService handles follow requests

If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.

* Integrate review feeback

- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes

* Only select required fields when computing followers_hash

* Use actor URI rather than webfinger domain in synchronization endpoint

* Change hash computation to be a XOR of individual hashes

Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.

* Marginally improve followers_hash computation speed

* Further improve hash computation performances by using pluck_each
2020-10-21 18:04:09 +02:00
Thibaut Girka
311f457430 Fix crash when autolinking an invalid URI in Markdown 2020-10-13 14:35:07 +02:00
Eugen Rochko
5e1364c448
Add IP-based rules (#14963) 2020-10-12 16:33:49 +02:00
Eugen Rochko
7d985f2aac
Remove dependency on goldfinger gem (#14919)
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.

Fix #14091
2020-10-08 00:34:57 +02:00
Thibaut Girka
785852eb15 Fix glitch-soc specific test 2020-09-28 17:56:16 +02:00
Thibaut Girka
a7aedebc31 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Not a real conflict, upstream updated dependencies that were too close to
  glitch-soc-only ones in the file.
- `app/controllers/oauth/authorized_applications_controller.rb`:
  Upstream changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's theming system.
  Ported upstream changes.
- `app/controllers/settings/base_controller.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's theming system.
  Ported upstream changes.
- `app/controllers/settings/sessions_controller.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's theming system.
  Ported upstream changes.
- `app/models/user.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc not preventing moved accounts from logging
  in.
  Ported upstream changes while keeping the ability for moved accounts to log
  in.
- `app/policies/status_policy.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's local-only toots.
  Ported upstream changes.
- `app/serializers/rest/account_serializer.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's ability  to hide followers count.
  Ported upstream changes.
- `app/services/process_mentions_service.rb`:
  Upstream refactored and changed the logic surrounding suspended accounts.
  Minor conflict due to glitch-soc's local-only toots.
  Ported upstream changes.
- `package.json`:
  Not a real conflict, upstream updated dependencies that were too close to
  glitch-soc-only ones in the file.
2020-09-28 14:13:30 +02:00
Eugen Rochko
974b1b79ce
Add option to be notified when a followed user posts (#13546)
* Add bell button

Fix #4890

* Remove duplicate type from post-deployment migration

* Fix legacy class type mappings

* Improve query performance with better index

* Fix validation

* Remove redundant index from notifications
2020-09-18 17:26:45 +02:00
kawaguchi
5d3c8baa9a
Fix validates :sign_count of WebauthnCredential (#14806) 2020-09-16 20:16:46 +02:00
Eugen Rochko
ed099d8bdc
Change account suspensions to be reversible by default (#14726) 2020-09-15 14:37:58 +02:00
ThibG
cd4ec7cd74
Do not serve account actors at all in limited federation mode (#14800)
* Do not serve account actors at all in limited federation mode

When an account is fetched without a signature from an allowed instance,
return an error.

This isn't really an improvement in security, as the only information that was
previously returned was required protocol-level info, and the only personal bit
was the existence of the account. The existence of the account can still be
checked by issuing a webfinger query, as those are accepted without signatures.

However, this change makes it so that unallowed instances won't create account
records on their end when they find a reference to an unknown account.

The previous behavior of rendering a limited list of fields, instead of not
rendering the actor at all, was in order to prevent situations in which two
instances in Authorized Fetch mode or Limited Federation mode would fail to
reach each other because resolving an account would require a signed query…
from an account which can only be fetched with a signed query itself. However,
this should now be fine as fetching accounts is done by signing on behalf of
the special instance actor, which does not require any kind of valid signature
to be fetched.

* Fix tests
2020-09-14 13:04:29 +02:00
Eugen Rochko
4e4b3a0c8e
Refactor settings controllers (#14767)
- Disallow suspended accounts from revoking sessions and apps
- Allow suspended accounts to access exports
2020-09-11 20:56:35 +02:00