Commit graph

2350 commits

Author SHA1 Message Date
David Roetzel
016c1e4e78
Improve handling of encoding problems when creating link previews (#30929) 2024-07-05 11:54:38 +00:00
Claire
502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire
395f17ca17
Merge pull request from GHSA-vp5r-5pgw-jwqx
* Fix streaming sessions not being closed when revoking access to an app

* Add tests for GHSA-7w3c-p9j8-mq3x
2024-07-04 16:11:28 +02:00
Emelia Smith
47f0faebc9
Implement HTML ruby tags for east-asian languages (#30897) 2024-07-03 20:05:59 +00:00
David Roetzel
9be77fc0db
Revert "Add system check for missing database indexes" (#30909) 2024-07-03 13:36:42 +00:00
David Roetzel
ebd8e1bbb6
Add system check for missing database indexes (#30888) 2024-07-03 07:19:54 +00:00
Matt Jankowski
836c0477ac
Use vips setting instead of env var in media processing spec (#30859) 2024-06-27 16:03:26 +00:00
David Roetzel
ff08d99d4d
Catch encoding errors when creating link previews. (#30853) 2024-06-27 14:41:03 +00:00
David Roetzel
42adb6eaee
Add size limit for link preview URLs (#30854) 2024-06-27 14:40:19 +00:00
Matt Jankowski
f6390c3326
Use flatware to parallelize CI specs (#30284) 2024-06-27 07:42:57 +00:00
Claire
7a84b76bb1
Drop favicon.ico generation (#30375) 2024-06-26 13:44:08 +00:00
Matt Jankowski
8ef59729a1
Ignore intermittent chrome/manifest/icon interaction failure (#30793) 2024-06-25 13:57:40 +00:00
Emelia Smith
30ae5952d2
Fix: Ensure "With Media" is highlighted from Admin Accounts page (#30812) 2024-06-25 07:46:53 +00:00
Claire
8827cd597e
Fix /admin/accounts/:account_id/statuses/:id for edited posts with media attachments (#30819) 2024-06-24 13:11:10 +00:00
Matt Jankowski
72484a194f
Remove CacheBuster default options (#30718) 2024-06-21 15:32:49 +00:00
David Roetzel
2cab1c7b09
Improve encoding detection for link cards (#30780) 2024-06-21 12:51:10 +00:00
Matt Jankowski
84a31319e9
Add match_json_values and use in AP worker specs (#30720) 2024-06-19 13:46:52 +00:00
Claire
8098d27f84
Stop calling Webpacker in full-stack tests (#30763) 2024-06-19 09:31:30 +00:00
Claire
58ace2e45e
Fix SQL error in admin measures API (#30753) 2024-06-18 16:04:58 +00:00
Matt Jankowski
38c6825eda
Remove unused Extractor#extract_cashtags_with_indices method (#30742) 2024-06-18 12:16:16 +00:00
Matt Jankowski
d7b7617321
Use class_names in admin/account_moderation_notes helper (#30719) 2024-06-17 12:20:57 +00:00
Matt Jankowski
f287462f76
Fix repeated Delete/Undo assertion in remove status service spec (#30715) 2024-06-17 10:21:29 +00:00
Claire
45abddb302
Fix pagination attributes not being returned in ungroupable-only pages (#30688) 2024-06-13 14:10:34 +00:00
Claire
bf56e982a9
Fix notifications from limited users being outright dropped (#30559) 2024-06-12 13:50:38 +00:00
Claire
1dfd516284
Fix duplicate @context attribute in user export (#30653) 2024-06-12 07:28:28 +00:00
Matt Jankowski
d818ddd687
Extract SIGN_COUNT_LIMIT constant in WebauthnCredential class (#30636) 2024-06-11 15:36:21 +00:00
Matt Jankowski
62d070c438
Check both before/after state in AccountDomainBlock spec (#30640) 2024-06-11 13:59:56 +00:00
Matt Jankowski
1622f7aeb9
Remove duplicate fabricator validity checks (#29667) 2024-06-11 07:48:42 +00:00
Matt Jankowski
edf6d64eeb
Use correct params in settings/preferences/appearance spec (#30379) 2024-06-11 07:36:46 +00:00
Matt Jankowski
b2496177e0
Use correct params in v1/admin/domain_allows spec (#30378) 2024-06-11 07:35:30 +00:00
Matt Jankowski
cfd4823b65
Use fabricator in follow_spec (#30642) 2024-06-11 06:57:09 +00:00
Matt Jankowski
9cc4040308
Extract COMMENT_SIZE_LIMIT constant in AP::Activity::Flag class (#30637) 2024-06-10 15:23:55 +00:00
Matt Jankowski
9bf2e2eda0
Extract TEXT_LENGTH_LIMIT constant in Appeal class (#30638) 2024-06-10 15:23:17 +00:00
Matt Jankowski
3e3f3d7580
Match report validation spec to extracted constant (#30633) 2024-06-10 15:04:01 +00:00
Matt Jankowski
92b3004bf3
Reference constants from account validation specs (#30634) 2024-06-10 15:03:41 +00:00
Daniel M Brasil
28f9a8f2ec
Add Specs for Scheduled Status Model Validations (#30585) 2024-06-10 14:52:33 +00:00
Daniel M Brasil
77c2216e47
fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) 2024-06-10 13:33:48 +00:00
Matt Jankowski
827e36ff9e
Fix Capybara/NegationMatcher cop in spec/system (#30616) 2024-06-08 17:10:06 +00:00
Claire
1408733386
Fix Mastodon relying on ImageMagick even with MASTODON_USE_LIBVIPS (#30590) 2024-06-07 09:27:59 +00:00
Matt Jankowski
04ebbe3077
Add sidekiq_inline to appeal service spec (#30562) 2024-06-06 14:19:37 +00:00
Matt Jankowski
07cc94e05f
Use sidekiq_inline in requests/api/v1/admin/account_actions spec (#30563) 2024-06-06 14:19:22 +00:00
Matt Jankowski
9b9b0e25b6
Use sidekiq_inline in requests/api/v1/reports spec (#30564) 2024-06-06 14:14:33 +00:00
Matt Jankowski
a662c6d1d8
Use sidekiq_inline in admin/account_action model spec (#30565) 2024-06-06 14:12:58 +00:00
Eugen Rochko
a2505e8611
Add timeline of public posts about a trending link to REST API (#30381) 2024-06-06 08:43:04 +00:00
Emelia Smith
e02d23b549
Change read:me scope to profile scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Emelia Smith
4655be0da6
Fix add validation to webpush subscription keys (#30542) 2024-06-05 19:16:47 +00:00
Eugen Rochko
5f15a892fa
Add support for libvips in addition to ImageMagick (#30090)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-05 19:15:39 +00:00
Emelia Smith
eef2cc054f
Add url validation to Web::PushSubscription endpoints (#30540) 2024-06-05 08:06:06 +00:00
Matt Jankowski
249cbc449c
Use existing config access to local_domain value (#30509) 2024-06-03 09:15:58 +00:00
Claire
974335e414
Add experimental server-side notification grouping (#29889) 2024-06-03 08:35:59 +00:00
Matt Jankowski
4d047b95ae
Use more direct attribute handling in User fabricator (#30495) 2024-05-31 09:54:11 +00:00
Claire
16249946ae
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Claire
3ea4275ae3
Merge pull request from GHSA-5fq7-3p3j-9vrf 2024-05-30 14:03:13 +02:00
Emelia Smith
d20a5c3ec9
Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-29 14:00:05 +00:00
Claire
36fe8f8566
Change ids param to id in /api/v1/statuses and /api/v1/accounts for consistency (#30465) 2024-05-29 09:19:17 +00:00
Matt Jankowski
c61e356475
Add Status::MEDIA_ATTACHMENTS_LIMIT configuration constant (#30433) 2024-05-27 09:49:44 +00:00
Matt Jankowski
564ebfefcf
Remove hard reference from status pin validator spec (#30432) 2024-05-27 09:20:28 +00:00
Claire
133d98fb25
Normalize language code of incoming posts (#30403) 2024-05-23 17:28:18 +00:00
Matt Jankowski
3a862439df
Remove unused account record in api/v2/admin/accounts spec (#30397) 2024-05-23 08:26:58 +00:00
Claire
32223863a5
Add coverage to /admin/accounts/:id (#30386) 2024-05-21 13:17:34 +00:00
Claire
89f89d738f
Revert "Allow unblocking email addresses from any matching account (#29305)" (#30385) 2024-05-21 08:56:08 +00:00
Matt Jankowski
0a2110b9af
Add coverage for custom filters (#30347) 2024-05-20 15:00:09 +00:00
Claire
de4815afda
Add more tests for self-destruct mode (#30374) 2024-05-20 10:06:51 +00:00
Matt Jankowski
def6b686ff
Fix Rails/WhereRange cop (#30343) 2024-05-20 09:37:36 +00:00
Matt Jankowski
70608f824e
Add coverage for AdminMailer#auto_close_registrations (#30349) 2024-05-20 08:03:39 +00:00
Emelia Smith
2da2a1dae9
Support multiple redirect_uris when creating OAuth 2.0 Applications (#29192) 2024-05-17 13:46:12 +00:00
Matt Jankowski
65e82211cd
Rename cache_* methods to preload_* in controller concern (#30209) 2024-05-16 08:03:46 +00:00
Emelia Smith
5fd56512de
Improve Report Notes and Account Moderation Notes (#30288) 2024-05-15 13:38:36 +00:00
Jason Punyon
85c625d319
Fix repetitive database queries from #30040 (#30259) 2024-05-15 09:38:16 +00:00
Matt Jankowski
6beead3867
Move simplecov config into rails_helper (#30302) 2024-05-15 09:33:36 +00:00
Renaud Chaput
40639510f8
Retain unconfirmed users longer (1 week) (#30285) 2024-05-15 08:27:34 +00:00
Matt Jankowski
0d397db5dd
Consolidate system specs into single directory, use rspec tags for configuration (#30206) 2024-05-10 12:36:09 +00:00
Matt Jankowski
fa43a6c835
Use more accurate redirect_uri in oauth spec (#30212) 2024-05-10 09:43:59 +00:00
Claire
2fe1b8d169
Add API to get multiple accounts and statuses (#27871)
Co-authored-by: noellabo <noel.yoshiba@gmail.com>
2024-05-06 15:19:15 +00:00
Fawaz Farid
bc24c4792d
Allow admins to configure instance favicon and logo (#30040) 2024-05-06 15:06:52 +00:00
Emelia Smith
116f01ec7d
Implement RFC 8414 for OAuth 2.0 server metadata (#29191) 2024-05-06 13:17:56 +00:00
Claire
30ef9fccf0
Fix hashtag matching pattern matching some link anchors (#30190) 2024-05-06 12:47:19 +00:00
Matt Jankowski
dbaa4ed891
Use chewy which relaxes ES version reqs (#30157) 2024-05-06 11:50:45 +00:00
Claire
e5062b7135
Fix post deletion not being deferred when those are part of an account warning (#30163) 2024-05-06 09:52:34 +00:00
Claire
253ead3aa7
Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-02 20:56:21 +00:00
Matt Jankowski
1e7d5d2957
Update devise-two-factor to version 5.0.0 (#28325)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-02 09:31:41 +00:00
Matt Jankowski
2447497a4c
Status length validation spec updates (#30132) 2024-05-02 08:31:06 +00:00
Claire
91ca90e25b
Fix Idempotency-Key ignored when scheduling a post (#30084) 2024-04-26 13:19:02 +00:00
Claire
e845594878
Fix moderator account being exposed in account moderation notification (#30082) 2024-04-26 12:42:06 +00:00
Claire
4ef0b48b95
Add in-app notifications for moderation actions/warnings (#30065) 2024-04-25 17:26:05 +00:00
Emelia Smith
049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
Matt Jankowski
a15139bc02
Fix intermittent order based failure in UpdateStatusService spec (#30008) 2024-04-22 08:30:38 +00:00
Matt Jankowski
f5d341382e
Add any_args to have_enqueued_sidekiq_job call (quiets deprecation) (#29999) 2024-04-19 19:44:59 +00:00
Matt Jankowski
11e0049b08
Use enum-generated scopes/queries for BulkImport (#29975) 2024-04-18 10:13:35 +00:00
Claire
8bece467f8
Change have_enqueued_sidekiq_job usage to always make argument expectations explicit (#29974) 2024-04-17 11:13:52 +00:00
Matt Jankowski
650c548c31
Add not_featured_by scope to Tag (#28815) 2024-04-17 10:05:38 +00:00
Matt Jankowski
9ce2db4136
Combine double subject runs and DRY up change check in bulk import service spec (#29402) 2024-04-17 08:23:25 +00:00
Matt Jankowski
6fed108703
Use Rails upsert to generate update_count! query in Counters concern (#28738)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-04-17 08:16:51 +00:00
Matt Jankowski
7fed4a9740
Pull out repeated setup to shared setup in statusus/show view spec (#29927) 2024-04-15 15:24:31 +00:00
Matt Jankowski
61d108f415
Extract header_tags method in statuses/show view spec (#29907) 2024-04-12 09:50:46 +00:00
Matt Jankowski
da6b9238f5
Expand coverage for admin/metrics/measure/* classes (#29914) 2024-04-12 09:38:24 +00:00
Matt Jankowski
ec5a0e0f5e
Expand coverage for admin/metrics/dimension/* classes (#29913) 2024-04-12 09:18:35 +00:00
Matt Jankowski
449f99e168
Fix repeated concat output buffer duplicating layout markup (#29918) 2024-04-11 23:37:07 +00:00
Matt Jankowski
576554b19b
Use fabrication sequence in domain values (#29895) 2024-04-11 08:59:01 +00:00
Matt Jankowski
285f63c02e
Use composable query in User.active scope (#29775) 2024-04-08 13:53:49 +00:00