Commit graph

12867 commits

Author SHA1 Message Date
dependabot[bot]
9e489adb26
Bump dot-prop from 5.2.0 to 5.3.0 (#14842)
Bumps [dot-prop](https://github.com/sindresorhus/dot-prop) from 5.2.0 to 5.3.0.
- [Release notes](https://github.com/sindresorhus/dot-prop/releases)
- [Commits](https://github.com/sindresorhus/dot-prop/compare/v5.2.0...v5.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 21:27:39 +09:00
dependabot[bot]
c36e94f65b
Bump caniuse-lite from 1.0.30001129 to 1.0.30001133 (#14831)
Bumps [caniuse-lite](https://github.com/ben-eb/caniuse-lite) from 1.0.30001129 to 1.0.30001133.
- [Release notes](https://github.com/ben-eb/caniuse-lite/releases)
- [Changelog](https://github.com/ben-eb/caniuse-lite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ben-eb/caniuse-lite/compare/v1.0.30001129...v1.0.30001133)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 21:26:48 +09:00
dependabot[bot]
dd7c70a615
Bump aws-sdk-s3 from 1.80.0 to 1.81.0 (#14826)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.80.0 to 1.81.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 21:25:53 +09:00
dependabot[bot]
3e027a5dd3
Bump spdx-license-ids from 3.0.5 to 3.0.6 (#14852)
Bumps [spdx-license-ids](https://github.com/jslicense/spdx-license-ids) from 3.0.5 to 3.0.6.
- [Release notes](https://github.com/jslicense/spdx-license-ids/releases)
- [Commits](https://github.com/jslicense/spdx-license-ids/compare/v3.0.5...v3.0.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 20:18:34 +09:00
dependabot[bot]
76adfb7173
Bump object.assign from 4.1.0 to 4.1.1 (#14828)
Bumps [object.assign](https://github.com/ljharb/object.assign) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/ljharb/object.assign/releases)
- [Changelog](https://github.com/ljharb/object.assign/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ljharb/object.assign/compare/v4.1.0...v4.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 16:12:59 +09:00
dependabot[bot]
41bf9384ae
Bump better_errors from 2.7.1 to 2.8.1 (#14825)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.7.1 to 2.8.1.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.7.1...v2.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 16:12:11 +09:00
dependabot[bot]
b7d7485fe3
Bump faker from 2.13.0 to 2.14.0 (#14824)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.13.0...v2.14.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 16:11:55 +09:00
dependabot[bot]
aeeb0252a4
Bump @github/webauthn-json from 0.4.2 to 0.5.4 (#14823)
Bumps [@github/webauthn-json](https://github.com/github/webauthn-json) from 0.4.2 to 0.5.4.
- [Release notes](https://github.com/github/webauthn-json/releases)
- [Commits](https://github.com/github/webauthn-json/compare/v0.4.2...v0.5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-21 16:10:15 +09:00
Thibaut Girka
787d5d7289 Fix minor bugs 2020-09-19 15:01:46 +02:00
Thibaut Girka
312c936d51 Minor refactoring and fixups 2020-09-19 14:15:28 +02:00
Thibaut Girka
85b9086e6b Filter out mounted lists from “getting started” column 2020-09-18 20:07:25 +02:00
Eugen Rochko
974b1b79ce
Add option to be notified when a followed user posts (#13546)
* Add bell button

Fix #4890

* Remove duplicate type from post-deployment migration

* Fix legacy class type mappings

* Improve query performance with better index

* Fix validation

* Remove redundant index from notifications
2020-09-18 17:26:45 +02:00
Thibaut Girka
a681980307 Submit timeline markers closer to the moment they change 2020-09-17 15:22:56 +02:00
Thibaut Girka
60eebc6cc4 Fix crashes when connection drops 2020-09-17 15:22:56 +02:00
Thibaut Girka
f1c0cf9806 Add button to manually mark all notifications as read 2020-09-17 15:22:56 +02:00
Thibaut Girka
94c290d7d2 Only update read marker when giving focus/mounting column 2020-09-17 15:22:56 +02:00
Thibaut Girka
145ed37978 Refactor and change logic to only update marker if we reached the last
read notification.
2020-09-17 15:22:56 +02:00
Thibaut Girka
66e9a77e36 Display unread marker for notifications 2020-09-17 15:22:56 +02:00
Thibaut Girka
ae698469d0 Clean up leftover from DM conversation view redesign 2020-09-17 15:22:56 +02:00
dependabot[bot]
75e4bd9413
Bump thor from 0.20.3 to 1.0.1 (#14783)
Bumps [thor](https://github.com/erikhuda/thor) from 0.20.3 to 1.0.1.
- [Release notes](https://github.com/erikhuda/thor/releases)
- [Changelog](https://github.com/erikhuda/thor/blob/master/CHANGELOG.md)
- [Commits](https://github.com/erikhuda/thor/compare/v0.20.3...v1.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 20:40:12 +02:00
dependabot[bot]
4de893113b
Bump rubocop-ast from 0.3.0 to 0.4.0 (#14785)
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v0.3.0...v0.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 20:39:05 +02:00
dependabot[bot]
5d8660fc3c
Bump axios from 0.19.2 to 0.20.0 (#14791)
Bumps [axios](https://github.com/axios/axios) from 0.19.2 to 0.20.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v0.19.2...v0.20.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 20:34:10 +02:00
mayaeh
18c03c18f1
Bump selfsigned from 1.10.7 to 1.10.8 and bump node-forge from 0.9.0 to 0.10.0. (#14807)
https://github.com/jfromaniello/selfsigned/compare/v1.10.7...v1.10.8
https://github.com/digitalbazaar/forge/compare/0.9.0...0.10.0
2020-09-16 20:33:18 +02:00
ThibG
eaea2311aa
Fix home TL marker code mishandling gaps (#14809) 2020-09-16 20:17:40 +02:00
ThibG
aab867b0e8
Fix notification filter bar incorrectly filtering gaps (#14808) 2020-09-16 20:17:16 +02:00
kawaguchi
5d3c8baa9a
Fix validates :sign_count of WebauthnCredential (#14806) 2020-09-16 20:16:46 +02:00
dependabot[bot]
9b74f6aca6
Bump yargs from 15.4.1 to 16.0.3 (#14797)
Bumps [yargs](https://github.com/yargs/yargs) from 15.4.1 to 16.0.3.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.4.1...v16.0.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 12:48:12 +09:00
dependabot[bot]
a3bafccccd
Bump css-loader from 4.2.2 to 4.3.0 (#14793)
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 4.2.2 to 4.3.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v4.2.2...v4.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 12:47:02 +09:00
dependabot[bot]
2cfbde41bc
Bump webmock from 3.8.3 to 3.9.1 (#14780)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.3 to 3.9.1.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.3...v3.9.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-16 12:45:52 +09:00
dependabot[bot]
4351228338
Bump detect-passive-events from 1.0.4 to 1.0.5 (#14796)
Bumps [detect-passive-events](https://github.com/rafgraph/detect-passive-events) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/rafgraph/detect-passive-events/releases)
- [Commits](https://github.com/rafgraph/detect-passive-events/compare/v1.0.4...v1.0.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:20:05 +09:00
dependabot[bot]
c08daac304
Bump electron-to-chromium from 1.3.562 to 1.3.567 (#14798)
Bumps [electron-to-chromium](https://github.com/kilian/electron-to-chromium) from 1.3.562 to 1.3.567.
- [Release notes](https://github.com/kilian/electron-to-chromium/releases)
- [Changelog](https://github.com/Kilian/electron-to-chromium/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kilian/electron-to-chromium/compare/v1.3.562...v1.3.567)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:17:32 +09:00
dependabot[bot]
8c8cb7f1f8
Bump sprockets-rails from 3.2.1 to 3.2.2 (#14788)
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/rails/sprockets-rails/releases)
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.1...v3.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:16:57 +09:00
dependabot[bot]
f4ed6e36a4
Bump node-releases from 1.1.60 to 1.1.61 (#14799)
Bumps [node-releases](https://github.com/chicoxyzzy/node-releases) from 1.1.60 to 1.1.61.
- [Release notes](https://github.com/chicoxyzzy/node-releases/releases)
- [Commits](https://github.com/chicoxyzzy/node-releases/compare/v1.1.60...v1.1.61)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:15:10 +09:00
dependabot[bot]
cbc45378ea
Bump ox from 2.13.3 to 2.13.4 (#14787)
Bumps [ox](https://github.com/ohler55/ox) from 2.13.3 to 2.13.4.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.13.3...v2.13.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:14:39 +09:00
dependabot[bot]
acdae79f33
Bump pghero from 2.7.0 to 2.7.2 (#14786)
Bumps [pghero](https://github.com/ankane/pghero) from 2.7.0 to 2.7.2.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.7.0...v2.7.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:14:15 +09:00
dependabot[bot]
7a54779c72
Bump redis from 4.2.1 to 4.2.2 (#14784)
Bumps [redis](https://github.com/redis/redis-rb) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.2.1...v4.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:13:31 +09:00
dependabot[bot]
b677ae9e6f
Bump sidekiq from 6.1.1 to 6.1.2 (#14782)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.1.1 to 6.1.2.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.1...v6.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 23:13:12 +09:00
Eugen Rochko
ed099d8bdc
Change account suspensions to be reversible by default (#14726) 2020-09-15 14:37:58 +02:00
Eugen Rochko
bbcbf12215
Fix unreadable placeholder text color in high contrast theme in web UI (#14803)
Fix #14717
2020-09-15 09:24:24 +02:00
dependabot[bot]
b6985fdb6c
Bump rails from 5.2.4.3 to 5.2.4.4 (#14792)
Bumps [rails](https://github.com/rails/rails) from 5.2.4.3 to 5.2.4.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.4.3...v5.2.4.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 22:08:13 +09:00
ThibG
b67caf9be4
Add paragraph about browser add-ons when encountering some errors (#14801)
* Add paragraph about browser add-ons when encountering some errors

When a crash is caused by a NotFoundError exception, add a paragraph
to the error page mentioning browser add-ons.

Indeed, crashes with NotFoundError are often caused by browser extensions
messing with the DOM in ways React.JS can't recover from (e.g. issues #13325
and #14731).

* Reword error messages
2020-09-14 15:05:22 +02:00
dependabot[bot]
e975877d9c
Bump caniuse-lite from 1.0.30001124 to 1.0.30001129 (#14781)
Bumps [caniuse-lite](https://github.com/ben-eb/caniuse-lite) from 1.0.30001124 to 1.0.30001129.
- [Release notes](https://github.com/ben-eb/caniuse-lite/releases)
- [Changelog](https://github.com/ben-eb/caniuse-lite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ben-eb/caniuse-lite/compare/v1.0.30001124...v1.0.30001129)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 22:04:00 +09:00
dependabot[bot]
7d390ef4d0
Bump @babel/preset-env from 7.11.0 to 7.11.5 (#14794)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.11.0 to 7.11.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.11.5/packages/babel-preset-env)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 22:03:11 +09:00
dependabot[bot]
3df3e63363
Bump aws-sdk-s3 from 1.79.1 to 1.80.0 (#14789)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.79.1 to 1.80.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-14 22:02:42 +09:00
ThibG
cd4ec7cd74
Do not serve account actors at all in limited federation mode (#14800)
* Do not serve account actors at all in limited federation mode

When an account is fetched without a signature from an allowed instance,
return an error.

This isn't really an improvement in security, as the only information that was
previously returned was required protocol-level info, and the only personal bit
was the existence of the account. The existence of the account can still be
checked by issuing a webfinger query, as those are accepted without signatures.

However, this change makes it so that unallowed instances won't create account
records on their end when they find a reference to an unknown account.

The previous behavior of rendering a limited list of fields, instead of not
rendering the actor at all, was in order to prevent situations in which two
instances in Authorized Fetch mode or Limited Federation mode would fail to
reach each other because resolving an account would require a signed query…
from an account which can only be fetched with a signed query itself. However,
this should now be fine as fetching accounts is done by signing on behalf of
the special instance actor, which does not require any kind of valid signature
to be fetched.

* Fix tests
2020-09-14 13:04:29 +02:00
Eugen Rochko
42c4322ce7
Fix reported statuses not being included in warning e-mail (#14778) 2020-09-13 12:52:17 +02:00
tateisu
fa0c71f0d9
allow pagination by min_id and max_id (#14776)
* allow pagination by min_id and max_id

* also AccountConversation allows min_id,max_id pair

* also home,list TL allows min_id,max_id pair
2020-09-12 17:09:49 +02:00
Eugen Rochko
4e4b3a0c8e
Refactor settings controllers (#14767)
- Disallow suspended accounts from revoking sessions and apps
- Allow suspended accounts to access exports
2020-09-11 20:56:35 +02:00
Eugen Rochko
e6b272e5c9
Change REST API to return empty data for suspended accounts (#14765) 2020-09-11 15:16:29 +02:00
dependabot[bot]
e6d67f85e2
Bump node-fetch from 2.6.0 to 2.6.1 (#14772)
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/bitinn/node-fetch/releases)
- [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-11 21:06:53 +09:00