Commit graph

1419 commits

Author SHA1 Message Date
Emelia Smith
68eaa804c9
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-02-14 15:15:34 +01:00
Claire
eff447a455
Rewrite signature verification using regexps and StringScanner (#29133) 2024-02-07 17:24:42 +00:00
Claire
7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 2024-02-07 13:35:37 +00:00
Claire
ff58ec0103 Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:57:08 +01:00
Claire
1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Claire
5fa2821853 Merge commit '3205a654caf903002c2db872f802a3332201678b' into glitch-soc/merge-upstream 2024-01-26 20:47:20 +01:00
Claire
70de52c297 Merge commit '7a1f087659204e9d0cbba2de37e45b1921cefe20' into glitch-soc/merge-upstream 2024-01-25 19:51:19 +01:00
KMY(雪あすか)
9a8293f58d
Fix process of receiving posts with bearcaps is not working (#26527) 2024-01-25 10:37:09 +00:00
Matt Jankowski
1290fede65
Fix Rails/WhereExists cop in app/lib (#28862) 2024-01-24 11:51:09 +00:00
Eugen Rochko
b19ae521b7
Add confirmation when redirecting logged-out requests to permalink (#27792)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 10:49:19 +00:00
Matt Jankowski
7a1f087659
Add created_before and updated_before scopes to MediaAttachment (#28869) 2024-01-24 10:32:54 +00:00
Eugen Rochko
5b1eb09d54
Add annual reports for accounts (#28693) 2024-01-24 09:38:10 +00:00
Claire
0700eb58bc Merge commit '163db814c2b3cf544b78e427e7f7bbd99b94a025' into glitch-soc/merge-upstream 2024-01-22 19:12:05 +01:00
Matt Jankowski
fd64817fbe
Fix Rails/WhereExists cop in app/lib/status_cache_hydrator (#28808) 2024-01-19 09:19:48 +00:00
Claire
2f521bc84a Merge commit 'a2f02a07758c32f0dcc6388b4f30ca5a84e762f3' into glitch-soc/merge-upstream 2024-01-15 20:27:41 +01:00
Claire
464051c2d2 Merge commit '1070804a1a6121170f7bba923789d73b978e6fe7' into glitch-soc/merge-upstream 2024-01-15 20:06:31 +01:00
Matt Jankowski
a2f02a0775
Disable Rails/SkipsModelValidations cop (#28712) 2024-01-15 13:46:47 +00:00
Claire
1070804a1a
Fix RedownloadMediaWorker not being called on transient S3 failure (#28714) 2024-01-12 17:00:17 +00:00
MitarashiDango
2c05b8a60d
Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-12 15:58:28 +00:00
Claire
630b245bb4 Merge commit '9a73a7dcaf2e383b2ec105d71bfcea2c48cbea10' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/settings/scoped_settings.rb`:
  Removed upstream, while glitch-soc had a change related to its theming system.
  Removed as well, as it's unused.
2024-01-11 12:59:27 +01:00
Claire
47d213e701 Merge commit '5dc634796aba951f6a085e1ed0e1b807e25d7d41' into glitch-soc/merge-upstream 2024-01-10 18:41:04 +01:00
Claire
0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire
10203bd57a
Clean up Setting model and remove dead code (#28661) 2024-01-09 14:01:53 +00:00
Matt Jankowski
3e7a9266ea
Remove unused EmojiFormatter#count_tag_nesting method (#28643) 2024-01-08 13:36:47 +00:00
Claire
5f4643b895
Add PAPERCLIP_ROOT_URL to Content-Security-Policy when used (#28561) 2024-01-05 10:45:36 +00:00
Claire
9d9008666b Merge commit '092bb8a27af9ee87ff9ebabaf354477470ea3a94' into glitch-soc/merge-upstream 2024-01-03 12:38:49 +01:00
Claire
092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-03 11:29:26 +00:00
Claire
c5b0e6d5a0 Merge branch 'main' into glitch-soc/merge-upstream 2023-12-28 16:57:10 +01:00
Claire
19e14654cc
Reduce CSP configuration changes with upstream (#2536) 2023-12-27 09:54:05 +01:00
Claire
ea6c187fca Fix media attachment order of remote posts (#28469) 2023-12-22 18:45:36 +01:00
Claire
2bf84b93d4
Fix media attachment order of remote posts (#28469) 2023-12-22 15:10:39 +00:00
Claire
30ee7339d3 Merge commit '7d9b209fe84b00eff348ea9d54905cbfffa79788' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream changed code style change, including on a line modified by glitch-soc.
  Kept glitch-soc's line but with the code style change applied.
2023-12-21 19:31:12 +01:00
Claire
a60b9acf3c Merge commit 'b2f915b31ae884e3893e93a99da4e2b8d7e9ef7b' into glitch-soc/merge-upstream 2023-12-21 19:04:20 +01:00
Claire
6e56f95285 Merge commit '4a7395d989e40c3bd4ef18173aa5ea850c8ddcdd' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream modified its README, we have a completely different one.
  Kept our README file.
2023-12-21 18:17:17 +01:00
Claire
077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
2023-12-20 22:16:50 +01:00
Claire
75580360cd Merge commit '272592d16d40e804ec325ef3b5e6de9bbad5f2dd' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
  `Metrics/AbcSize` cop.
  Glitch-soc has different code and slightly higher `AbcSize` complexity,
  modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
  Upstream changed `account.suspended?` to `account.unavailable?` to prepare
  for delete flags. Glitch-soc has additional local-only conditions.
  Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
  Upstream refactored a bunch of stuff while glitch-soc has more settings.
  Refactored as upstream did while keeping glitch-soc's settings.
2023-12-20 22:05:31 +01:00
Claire
b8209c3b96 Merge commit '85662a5a57531af5402a6777d0b1089e78c56815' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
  Upstream reworked the CSP, we kept our version for now.
2023-12-20 20:10:45 +01:00
Eugen Rochko
b5ac61b2c5
Change algorithm of follow recommendations (#28314)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-19 10:59:43 +00:00
Claire
d6ad9d351e Merge commit 'a36b59be8ad7656b7ceab9751c9ec5b3563e3a30' into glitch-soc/merge-upstream 2023-12-18 19:10:43 +01:00
Claire
46ddaffd40 Merge commit 'b87bfb8c96c8491f1228e0258d05119f3420db05' into glitch-soc/merge-upstream 2023-12-18 18:34:25 +01:00
Matt Jankowski
0e5b8fc46b
Fix Style/RedundantReturn cop (#28391) 2023-12-18 09:50:51 +00:00
Claire
4113fbf6e8 Merge commit 'f476d9dab2f5cca6ae44b95961df6b6557d66dab' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream enforced new code style rules, where we had different code.
  Applied the new code style rules.
2023-12-17 23:04:16 +01:00
Claire
ddf3ad9541 Merge commit '3bf896c973404261f4f7b25c25ea22adb1a85e7d' into glitch-soc/main
Conflicts:
- `package.json`:
  Upstream removed a dependency textually close to a glitch-only dependency.
  Updated as upstream while keeping our dependency.
2023-12-17 17:43:30 +01:00
Claire
1474318691 Merge commit 'a916251d8a8fffcaeb6be80eacf50138a53650dc' into glitch-soc/main
Conflicts:
- `app/models/trends/statuses.rb`:
  Upstream fixed a bug in the trending post condition.
  Glitch-soc's condition is different because we potentially allow CWed content
  to trend.
  Ported upstream's fix while keeping glitch-soc's change.
- `config/initializers/content_security_policy.rb`:
  Kept our version for now, we will switch to upstream later down the road.
2023-12-17 15:32:29 +01:00
Claire
dcc24db793
Fix N+1s because of association preloaders not actually getting called (#28339) 2023-12-13 07:47:32 +00:00
Michael Stanclift
afc8550b63
Change preview card deletes to be done using batch method (#28183) 2023-12-11 07:49:10 +00:00
Claire
9f92b05bd2 Merge commit '2e6bf60f1549e5c1f1cfea2d614f978bea17b8a2' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated their README but we have a completely different one.
  Kept our version of `README.md`
2023-12-10 18:05:02 +01:00
Michael Stanclift
da3d8aff79
Error handling for attachment batch delete process (#28184)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-07 14:40:44 +00:00
Claire
7593465c23
Fix error when processing link preview with an array as inLanguage (#28252) 2023-12-07 09:05:08 +00:00
Matt Jankowski
3bc437b99a
Fix Style/RedundantParentheses cop (#28176) 2023-12-01 16:00:44 +00:00
Claire
963354978a
Add Account#unavailable? and Account#permanently_unavailable? aliases (#28053) 2023-11-30 15:43:26 +00:00
Claire
85662a5a57
Change img-src and media-src CSP directives to not include https: (#28025) 2023-11-30 13:47:01 +00:00
Matt Jankowski
bb0efe16e6
Remove default_scope from MediaAttachment class (#28043) 2023-11-30 13:30:35 +00:00
Matt Jankowski
43e2f763b2
Extract crutches_active_mentions from FeedManager (#27785) 2023-11-10 12:47:38 +00:00
Matt Jankowski
ce1bd81c85
Reduce complexity in StatusCacheHydrator (#27783) 2023-11-09 09:53:44 +00:00
Matt Jankowski
d6f50839e1
Fix RSpec/SpecFilePathFormat cops (#27730) 2023-11-06 16:25:40 +00:00
Matt Jankowski
0c4e7c06dc
Fix Rails/FindEach cop (#26886) 2023-11-06 15:53:29 +00:00
Matt Jankowski
fe26f33e0a
Fix Rails/RedundantActiveRecordAllMethod cop (#26885) 2023-11-06 15:51:52 +00:00
Claire
c0989b78f8
Fix incoming status creation date not being restricted to standard ISO8601 (#27655) 2023-11-06 09:28:14 +00:00
Matt Jankowski
eae5c7334a
Extract class from CSP configuration/initialization (#26905) 2023-10-27 16:20:40 +00:00
Claire
75255c01fc
Fix error when trying to delete already-deleted file with OpenStack Swift (#27569) 2023-10-26 13:09:48 +00:00
Claire
62620956d5 Merge commit '9a3d047f3e604e581e18346424569e28fc9c5b96' into glitch-soc/merge-upstream 2023-10-25 19:59:17 +02:00
Claire
235a4cfdc8
Fix batch attachment deletion when using OpenStack Swift (#27554) 2023-10-25 13:55:57 +00:00
Claire
4b0fb764c3 Merge commit 'e93a75f1a11d6dfdcbd39dbdc22526c5508ad881' into glitch-soc/merge-upstream
Conflicts and ported changes:
- updated `@rails/ujs` imports
2023-10-24 19:59:19 +02:00
Claire
b0c76eaadd Merge commit '0ad66175bf59a34b03d9ab2347181548d07089ea' into glitch-soc/merge-upstream
Conflicts:
- `app/javascript/mastodon/features/compose/components/compose_form.jsx`:
  Upstream changed one import, close to a glitch-soc-only import to handle
  different max character counts.
  Ported upstream's change.
2023-10-24 18:41:20 +02:00
Matt Jankowski
e93a75f1a1
Rails 7.1 update (#25963) 2023-10-23 17:58:29 +00:00
Claire
13688539bc
Fix processing LDSigned activities from actors with unknown public keys (#27474) 2023-10-20 10:45:46 +02:00
Claire
63179f0bf4 Merge commit '5ef26d8fd50081c642b858a82bf0c5431b1c7e83' into glitch-soc/merge-upstream 2023-10-17 21:59:58 +02:00
Claire
b867d4581e Merge commit 'c91c0175db1cc8b954a977d29472886234ce9586' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/timelines/tag_controller_spec.rb`:
  Glitch-soc had a few extra lines in this file to account for a different
  default setting. This file got replaced by
  `spec/requests/api/v1/timelines/tag_spec.rb`, into which the glitch-soc
  additions were moved too.

Additional changes:
- `spec/requests/api/v1/statuses/sources_spec.rb`:
  Add glitch-soc-only attribute `content_type`.
2023-10-17 21:35:07 +02:00
Claire
656a41db2a Merge commit '77098c6f1c25958960df98a1510b28352a39704f' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated its README, we have a completely different one.
  Kept ours.
- `app/views/auth/sessions/two_factor.html.haml`:
  Upstream refactored stuff and the conflict is because of glitch-soc's theming
  system.
  Ported upstream changes while accounting for the different theming system.
2023-10-17 20:59:18 +02:00
Jeong Arm
ad44d832b8
Support "in:public" search filter (#26976) 2023-10-17 16:12:03 +02:00
Claire
299aa71c8f
Fix handling of inLanguage attribute in preview card processing (#27423) 2023-10-16 15:24:14 +02:00
KMY(雪あすか)
45bdd60f3c
Fix when unfollow a tag, my post also disappears from the home timeline (#27391) 2023-10-13 11:15:47 +02:00
Claire
53f5b27bd1 Merge commit '640421f661ee4d7e76a2aab607e7b15687940b6f' into glitch-soc/merge-upstream 2023-10-08 17:30:48 +02:00
Claire
ac2370778a Merge commit 'c676bc91e9c3aa81eb7cfbce3c5c5e80b84d3d02' into glitch-soc/merge-upstream
Conflicts:
- `config/environments/production.rb`:
  Upstream enforced a code style change and glitch-soc had a few different lines.
  Applied upstream's code style to glitch-soc's changes.
2023-10-08 17:21:12 +02:00
Claire
74c27e33e3 Merge commit '37bbd3c1064380a756b4e821655d7697105f99f5' into glitch-soc/merge-upstream 2023-10-08 17:10:39 +02:00
Claire
a5dbb1ee5a Merge commit '5a437edc7f22d5797e5af29d9b450a03eccec304' into glitch-soc/merge-upstream 2023-10-08 17:05:40 +02:00
Claire
3262d1f1b6
Fix incorrect serialization of regional languages in contentMap (#27207) 2023-10-06 17:46:04 +02:00
Michael Stanclift
3171afc36a
Add Elasticsearch index size to Admin dashboard (#27301)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-06 17:02:55 +02:00
Claire
3c13d70600
Add mention of YJIT in admin dashboard if enabled (#27283) 2023-10-05 13:10:17 +02:00
Matt Jankowski
2f8f92df48
Fix Elastic check deprecation warning about gem version (#27262) 2023-10-03 15:52:47 +02:00
Claire
ceb365c419
Fix boosts of local users being filtered in account timelines (#27204) 2023-10-03 12:21:42 +02:00
Jakob Gillich
770fd993ec
Fix importer returning negative row estimates (#27258) 2023-10-03 10:47:50 +02:00
Claire
abdb58840a Merge commit '57f592fed50747f3c97718a2761e17bafe6c8698' into glitch-soc/merge-upstream 2023-09-26 13:13:27 +02:00
Claire
3de6dcf634
Add redirection on /deck URLs for logged-out users (#27128) 2023-09-25 15:07:10 +02:00
Renaud Chaput
4aaaf0dde3
Fix the search documentation URL in system checks (#27036) 2023-09-22 10:13:53 +02:00
Claire
f546b0c999 Merge branch 'main' into glitch-soc/merge-upstream 2023-09-19 17:07:29 +02:00
Claire
eeab3560fc
Merge pull request from GHSA-v3xf-c9qf-j667 2023-09-19 16:53:58 +02:00
Claire
94893cf24f
Merge pull request from GHSA-hcqf-fw2r-52g4
* Revert "Fix request URL normalisation for bare domain and 8-bit characters (#26285)"

This reverts commit 8891d8945d.

* Revert "Do not normalize URL before fetching it (#26219)"

This reverts commit fd284311e7.
2023-09-19 16:52:52 +02:00
Claire
dfc05ec8df Merge commit '6273416292090b2f6bfda33f070cea325a1759df' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-nightly.yml`:
  Upstream modified this file close to a line modified by glitch-soc to
  disable the ARMv64 builder (as glitch-soc doesn't have one).
  Ported upstream's changes.
- `.github/workflows/build-releases.yml`:
  Upstream modified this file close to lines changed by glitch-soc to
  change the Docker image repositories used (only ghcr, and based on the
  organization's name).
  Ported upstream's changes.
2023-09-15 21:43:49 +02:00
Claire
08b495d95c Merge commit 'b1d89071384ef028c97a3d28cf8cf6bc0ca6c4ce' into glitch-soc/merge-upstream 2023-09-15 21:06:45 +02:00
Claire
5d8c65f2a7 Merge commit '398635c0c4987ec44d937e98431ff5dee331ea94' into glitch-soc/merge-upstream 2023-09-15 20:57:40 +02:00
Claire
3ca94f6d4a Merge commit '93d051e47d27b5bd10be922a81d4d4eb6c306330' into glitch-soc/merge-upstream 2023-09-15 20:21:40 +02:00
Claire
6273416292
Fix post edits not being forwarded as expected (#26936) 2023-09-15 19:54:32 +02:00
Eugen Rochko
3a679844e4
Fix account_id, max_id and min_id params not working in search (#26847) 2023-09-08 14:25:00 +02:00
Eugen Rochko
a90b0056cc
Fix #hashtag matching on individual components in search (#26835) 2023-09-07 12:53:41 +02:00
Claire
1f99d86287
Fix blocked domain appears from account feed (#26823)
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-09-06 21:04:48 +02:00
Claire
b83e487502
Fix moderator rights inconsistencies (#26729) 2023-09-06 16:40:19 +02:00
Claire
223f9ca665
Fix crash when encountering invalid URL (#26814) 2023-09-06 12:17:51 +02:00
Claire
77caba3789 Merge branch 'main' into glitch-soc/merge-upstream 2023-09-05 20:34:17 +02:00