Commit graph

138 commits

Author SHA1 Message Date
Matt Jankowski
40b4f73c18
Pre-import Rails 7.2 generated config minor changes (#30579) 2024-10-21 08:07:07 +00:00
David Roetzel
388d5473e1
Refactor (ruby) redis configuration (#31694) 2024-09-02 14:19:55 +00:00
Matt Jankowski
222ab80557
Fix Style/GlobalStdStream cop in environments/* files (#30694) 2024-06-14 09:50:33 +00:00
Matt Jankowski
0e1110c947
Use SECRET_KEY_BASE_DUMMY feature as placeholder during asset compilation (#30505) 2024-06-10 20:08:04 +00:00
Matt Jankowski
a5e3b814a2
Remove Status/ivar/shapes regression check from test env (#30580) 2024-06-07 10:00:51 +00:00
Matt Jankowski
3dfc7267e2
Rename deprecated config option to enable_reloading in dev env (#30577) 2024-06-07 10:00:27 +00:00
Nick Schonning
13fb54920b
Enable Style/IfUnlessModifier RuboCop (#30260) 2024-05-13 09:54:15 +00:00
Matt Jankowski
1e7d5d2957
Update devise-two-factor to version 5.0.0 (#28325)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-02 09:31:41 +00:00
Matt Jankowski
369b2ef0ed
Fix Style/TrailingCommaInHashLiteral cop (#30004) 2024-04-19 20:52:01 +00:00
Matt Jankowski
933189887b
Fix Style/StringLiterals cop (#30005) 2024-04-19 20:33:00 +00:00
Matt Jankowski
c8f59d2ca4
Fix Style/TernaryParentheses cop (#28387) 2024-01-25 13:28:49 +00:00
Matt Jankowski
42afd30324
Replace Sprockets with Propshaft (#28239) 2023-12-06 10:19:24 +00:00
Matt Jankowski
33cc3ae8fa
Fix Style/StabbyLambdaParentheses cop (#27771) 2023-11-08 12:01:18 +00:00
Matt Jankowski
9a3d047f3e
Run bin/rails app:update with Rails 7.1 (#27522) 2023-10-25 13:56:09 +00:00
Nick Schonning
85db392464
Autofix Rubocop cops for config/ (#24145) 2023-10-03 15:24:12 +02:00
Claire
cab4cbfa5c
Fix “Scoped order is ignored, it's forced to be batch order.” warnings (#26793) 2023-09-05 15:37:23 +02:00
Christian Schmidt
075cc8e8a6
Improve Codespaces port forwarding (#26400) 2023-08-29 10:20:36 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Nick Schonning
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Eugen Rochko
ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski
50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Nick Schonning
1fe04f740a
Enable Rubocop Rails/FilePath (#23854) 2023-05-04 05:50:40 +02:00
mogaminsk
e0d075713f
Change i18n-fallbacks to English (#24727) 2023-04-30 02:22:20 +02:00
Eugen Rochko
0ca54a4105
Remove Permissions-Policy header from all responses (#24124) 2023-03-20 20:02:09 +01:00
Jean byroot Boussier
160f38f03d
Workaround the ActiveRecord / Marshal serialization bug on Ruby 3.2 (#24142)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-17 14:37:30 +01:00
Eugen Rochko
630436ab2d
Refactor monkey-patching of PrivateAddressCheck (#24122) 2023-03-16 04:33:38 +01:00
Eugen Rochko
f0e727f958
Add cache headers to static files served through Rails (#24120) 2023-03-16 02:55:54 +01:00
Eugen Rochko
8cb2543ee5
Add SENDFILE_HEADER environment variable (#24123) 2023-03-16 02:55:13 +01:00
Eugen Rochko
6fa81ca17e
Remove bullet and active_record_query_trace gems (#24121) 2023-03-16 02:53:55 +01:00
Jean byroot Boussier
922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Claire
02c6bad3ca
Change unintended SMTP read timeout from 5 seconds to 20 seconds (#23750) 2023-03-03 20:37:22 +01:00
Claire
cff7d967f9
Fix CSRF protection (#23037)
Fix regression from #23014
2023-01-10 14:33:40 +01:00
Claire
aefefc74c4
Change referrer-policy to no-referrer application-wide (#23014) 2023-01-10 05:18:43 +01:00
Rose
4f15fd0ba1
Fix style for hashes (#20518)
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
2022-11-17 11:05:39 +01:00
Yamagishi Kazutoshi
19a8563905
Fix ENV (#20377) 2022-11-11 01:33:32 +01:00
F
9feba112a7
Make enable_starttls configurable by envvars (#20321)
ENABLE_STARTTLS is designed to replace ENABLE_STARTTLS_AUTO by accepting
three values: 'auto' (the default), 'always', and 'never'. If
ENABLE_STARTTLS isn't provided, we fall back to ENABLE_STARTTLS_AUTO. In
this way, this change should be fully backwards compatible.

Resolves #20311
2022-11-10 21:06:21 +01:00
Arya K
af9c9936dd
Fix I2P HTTPS redirect (#18929) 2022-08-25 04:37:09 +02:00
Yamagishi Kazutoshi
5781d1db84
Fix parsing TRUSTED_PROXY_IP (#18051) 2022-04-19 08:11:58 +01:00
Eugen Rochko
8c03b45fff
Fix unset SMTP_RETURN_PATH environment variable causing e-mail not to send (#17982) 2022-04-07 13:32:12 +02:00
Eugen Rochko
56edc6552f
Add SMTP_RETURN_PATH environment variable to set bounce domain (#17886) 2022-03-28 09:39:31 +02:00
Claire
03d59340da
Fix Sidekiq warnings about JSON serialization (#17381)
* Fix Sidekiq warnings about JSON serialization

This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.

See https://github.com/mperham/sidekiq/pull/5071

We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.

* Set Sidekiq to raise on unsafe arguments in test mode

In order to more easily catch issues that would produce warnings in production
code.
2022-01-28 00:43:56 +01:00
Wonderfall
244726e2e8
disable legacy XSS filtering (#17289)
Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.
2022-01-24 13:14:26 +01:00
tkr
b52fdb4c6f
Fix SMTP_ENABLE_STARTTLS_AUTO/SMTP_TLS/SMTP_SSL environment variables don't work (#17216)
#17215
2022-01-13 12:05:22 +01:00
Eugen Rochko
fe71548844
Fix warnings on Rails boot (#16946) 2021-12-27 00:47:20 +01:00
Sandro
085da13933
Default to system ca-certificates.crt if none is specified (#10857)
Co-Authored-By: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-10-14 21:05:50 +02:00
Claire
1efcbb9cfe
Add Message-ID header to outgoing emails (#16076)
* Add Message-ID header to outgoing emails

* Use email domain name from SMTP_FROM_ADDRESS, fallback on WEB_DOMAIN on failure

* Use notifications@localhost as fallback for SMTP_FROM_ADDRESS, do not catch parse errors
2021-04-19 18:41:29 +02:00
Claire
71f335c2fc
Add HTTP header to explicitly opt out of FLoC by default (#16036)
Fixes #16034
2021-04-13 23:43:41 +02:00
Claire
cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire
43eff898a0
Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-17 10:09:55 +01:00
Tdxdxoz
376b44853f
add ssl option in smtp setting (#14309) 2020-07-15 14:43:49 +02:00