Commit graph

13049 commits

Author SHA1 Message Date
ThibG
ee8cf246cf
Fix crashes in SuspendAccountService/UnsuspendAccountService (#15100)
* Fix crashes in SuspendAccountService/UnsuspendAccountService

* Catch filesystem errors
2020-11-07 13:16:54 +01:00
ThibG
f84239ecab
Fix suspension/unsuspension not working because of FeedManager change (#15099) 2020-11-07 13:16:00 +01:00
Eugen Rochko
acc1c03861
Fix cookies not having a SameSite attribute (#15098) 2020-11-06 11:57:14 +01:00
Eugen Rochko
9b1f2a4b61
Add subresource integrity for JS and CSS assets (#15096)
Fix #2744
2020-11-06 11:56:31 +01:00
Mélanie Chauvel
68d4b2b83e
Display “Show newer” and “Show older” instead of “Show more” in public pages (#15052) 2020-11-04 21:15:45 +01:00
ThibG
b29defb851
Change order of announcements in admin page to sort them newest-first (#15091)
* Change order of announcements in admin page to sort show newly-created first

Fixes #15090

* Use reverse-chronological rather than creation date only
2020-11-04 21:15:22 +01:00
Takeshi Umeda
d6fe0c94ca
Add account sensitized (#14361)
* Add account sensitized

* Fix i18n normalize

* Fix description and spec

* Fix spec

* Fix wording
2020-11-04 20:45:01 +01:00
dependabot[bot]
f90620b2f3
Bump puma from 5.0.2 to 5.0.4 (#15085)
Bumps [puma](https://github.com/puma/puma) from 5.0.2 to 5.0.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.2...v5.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 20:44:10 +01:00
Mashiro
f720af6b72
Add limitation of image's max zoom rate (max to the original size of image) (#15094)
* limit image max scale rate to fit the actual image size

* replace with MIN_SCALE

* fix behavior on touch screen
2020-11-04 20:43:31 +01:00
Thibaut Girka
5a9fc749c3 Fix unsightly re-layout delay for media previews 2020-11-04 18:53:52 +01:00
Thibaut Girka
a48dbc78f8 Fix hiding video breaking playback
Also make the video player code closer to upstream
2020-11-04 18:53:39 +01:00
dependabot[bot]
ab00998503
Bump webpack-merge from 4.2.2 to 5.0.9 (#14424)
* Bump webpack-merge from 4.2.2 to 5.0.9

Bumps [webpack-merge](https://github.com/survivejs/webpack-merge) from 4.2.2 to 5.0.9.
- [Release notes](https://github.com/survivejs/webpack-merge/releases)
- [Changelog](https://github.com/survivejs/webpack-merge/blob/master/CHANGELOG.md)
- [Commits](https://github.com/survivejs/webpack-merge/compare/v4.2.2...v5.0.9)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix import path

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-11-05 02:21:28 +09:00
dependabot[bot]
e16b0fb15a
Bump detect-passive-events from 1.0.5 to 2.0.1 (#15003)
* Bump detect-passive-events from 1.0.5 to 2.0.1

Bumps [detect-passive-events](https://github.com/rafgraph/detect-passive-events) from 1.0.5 to 2.0.1.
- [Release notes](https://github.com/rafgraph/detect-passive-events/releases)
- [Commits](https://github.com/rafgraph/detect-passive-events/compare/v1.0.5...v2.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Migrate to detect-passive-events v2

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-11-05 02:21:05 +09:00
dependabot[bot]
352c4907b2
Bump sass from 1.27.0 to 1.28.0 (#15082)
Bumps [sass](https://github.com/sass/dart-sass) from 1.27.0 to 1.28.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.27.0...1.28.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:23:05 +09:00
dependabot[bot]
4a4f23744f
Bump mini-css-extract-plugin from 1.2.0 to 1.2.1 (#15077)
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.2.0...v1.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:13:15 +09:00
dependabot[bot]
5b28298160
Bump eslint-plugin-jsx-a11y from 6.3.1 to 6.4.1 (#15078)
Bumps [eslint-plugin-jsx-a11y](https://github.com/evcohen/eslint-plugin-jsx-a11y) from 6.3.1 to 6.4.1.
- [Release notes](https://github.com/evcohen/eslint-plugin-jsx-a11y/releases)
- [Changelog](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md)
- [Commits](https://github.com/evcohen/eslint-plugin-jsx-a11y/compare/v6.3.1...v6.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:07:58 +09:00
dependabot[bot]
f298e78a37
Bump react-redux from 7.2.1 to 7.2.2 (#15079)
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.2.1 to 7.2.2.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.1...v7.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:07:03 +09:00
dependabot[bot]
868a13b20d
Bump eslint from 7.12.0 to 7.12.1 (#15080)
Bumps [eslint](https://github.com/eslint/eslint) from 7.12.0 to 7.12.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.12.0...v7.12.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-05 00:06:37 +09:00
dependabot[bot]
ff93ec5590
Bump compression-webpack-plugin from 6.0.3 to 6.0.4 (#15076)
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v6.0.3...v6.0.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:48:28 +09:00
dependabot[bot]
84cffe89fd
Bump file-loader from 6.1.1 to 6.2.0 (#15075)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 6.1.1 to 6.2.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v6.1.1...v6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:43:15 +09:00
dependabot[bot]
5b6676382d
Bump wicg-inert from 3.0.3 to 3.1.0 (#15081)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.3...v3.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:41:45 +09:00
dependabot[bot]
d60485cb72
Bump sidekiq-unique-jobs from 6.0.24 to 6.0.25 (#15083)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.24 to 6.0.25.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/commits/v6.0.25)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:39:02 +09:00
dependabot[bot]
f43000d32c
Bump bootsnap from 1.4.8 to 1.4.9 (#15086)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.8 to 1.4.9.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.8...v1.4.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-04 23:38:06 +09:00
ThibG
1f69ad798d
Merge pull request #1450 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2020-11-04 14:52:19 +01:00
Mashiro
dc86d814d9 [Glitch] add mouse scroll lock in image expand view
Port f645dad661 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-04 12:24:40 +01:00
Mashiro
40af1cf65b [Glitch] Add expand/compress image button on image view box
Port 6a2db10f76 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-04 12:24:40 +01:00
mayaeh
f5df3d1ae2 [Glitch] Fix width of content text fluctuating over time
Port 2ae751f19d to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-04 12:24:40 +01:00
Mélanie Chauvel
078744f210 [Glitch] Make visibility icon clickable as part of the time of a toot
Port 1d07f51039 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-04 12:24:40 +01:00
Mélanie Chauvel
578e757d09 [Glitch] Make click area of video/audio player buttons bigger in WebUI
Port a5afbb62d2 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-03 17:42:40 +01:00
ThibG
adfaf9551c [Glitch] Fix some account media gallery items having empty labels
Port 9d023ed4f6 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-03 17:38:50 +01:00
fuyu
37dfb9dddc [Glitch] Fix wrong seek bar width on media player
Port 8d7fbe7dd9 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-03 17:37:53 +01:00
Mélanie Chauvel
3b96141633 [Glitch] Make “Mark media as sensitive” properly translatable
Port c5704e75ae to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-11-03 17:36:54 +01:00
Thibaut Girka
cd675fbe18 Merge branch 'master' into glitch-soc/merge-upstream 2020-11-03 17:28:54 +01:00
Mashiro
f645dad661
add mouse scroll lock in image expand view (#15088)
* add mouse scroll lock in image expand view

* enhancement
2020-11-03 06:06:45 +01:00
Mashiro
6a2db10f76
Add expand/compress image button on image view box (#15068)
* add zoom image button

* enhance zoom algorithm & add translation

* code structure

* code structure

* code structure

* enhance grab performance

* rm useless state

* fix behavior on Firefox & scroll lock & horizontal scroll with mousewheel

* remove scroll lock on MouseWheelEvent

* code structure

* enhance algorithm and code structure

* rm Gemfile.lock from tree

* codeclimate

* fix a stupid mistake
2020-11-02 21:16:38 +01:00
Patrice Ferlet
4b2ec4a2dc
Fix postrgres secret name for cronjob (#15072)
The cronjob tries to get key from `mastodon` secret instead of
`mastodon-postgresql` - so the cronjob fails with this error:

Error: couldn't find key postgresql-password in Secret [NS]/mastodon

Another solution is to save the postgres password in mastodon secret,
but that means that the password is placed in two places.

Postgresql use <fullname>-postgresql name as secret name.
2020-11-02 06:16:51 +01:00
ThibG
fa929d8b81
Tweak signature verification (#15069)
* Add more specific error message when request body digest is invalid

This may help other implementors debug their implementation.

* Relax Host parameter requirement to GET requests

The only POST requests processed by Mastodon need objects/actors (including
their host) to be explicitly mentioned in the request's body, so replaying
a legitimate request to another host should not be a security issue.

* Support Digest headers using multiple algorithms or lowercase alogirthm names
2020-11-01 23:38:31 +01:00
ThibG
9d023ed4f6
Fix some account media gallery items having empty labels (#15073)
Remove the labels entirely for images instead of putting an empty label.
2020-11-01 18:31:39 +01:00
Thibaut Girka
b8e790c3c2 Fix crash when viewing a profile with a filtered out pinned toot 2020-11-01 16:53:03 +01:00
ThibG
c49805efb1
Fix poll ending notifications being created for each vote (#15071)
On a poll ending, notifications were created for each vote instead
of for each voter.
2020-11-01 06:34:43 +01:00
Darius Kazemi
f1f0400adc
Show announcements in reverse chronological order (#15065) 2020-10-30 13:09:51 +01:00
fuyu
8d7fbe7dd9
Fix wrong seek bar width on media player (#15060) 2020-10-30 13:09:20 +01:00
dependabot[bot]
d56e14a9cb
Bump mini-css-extract-plugin from 0.11.3 to 1.2.0 (#15034)
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 0.11.3 to 1.2.0.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v0.11.3...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 17:02:55 +09:00
dependabot[bot]
c79626493a
Bump css-loader from 4.3.0 to 5.0.0 (#15011)
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v4.3.0...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-30 16:55:59 +09:00
Thibaut Girka
5a41704f89 Fix IP blocks in admin panel
It was broken due to discrepancies between upstream and glitch-soc's
theming system.
2020-10-28 23:55:41 +01:00
mayaeh
2ae751f19d
Fix width of content text fluctuating over time (#15055) 2020-10-27 13:34:02 +01:00
Thibaut Girka
a81bb14abe Add option to hide notification markers 2020-10-27 11:20:11 +01:00
Mélanie Chauvel
c5704e75ae
Make “Mark media as sensitive” properly translatable (#15051) 2020-10-27 03:05:50 +01:00
Mélanie Chauvel
1d07f51039
Make visibility icon clickable as part of the time of a toot (#15053)
- Makes permalink to a toot more easily clickable
- Fix clicking between icon and time in fact clicking the display name
- Fix clicking slightly under time in fact clicking the display name
2020-10-27 03:00:47 +01:00
Mélanie Chauvel
0a8ab822e2
Sort filters by “keyword or phrase” in Settings (#15050) 2020-10-27 03:00:06 +01:00