about summary refs log tree commit diff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/generators/post_deployment_migration/USAGE10
-rw-r--r--lib/generators/post_deployment_migration/post_deployment_migration_generator.rb17
-rw-r--r--lib/generators/post_deployment_migration/templates/migration.erb8
-rw-r--r--lib/generators/post_deployment_migration_generator.rb17
-rw-r--r--lib/mastodon/accounts_cli.rb10
-rw-r--r--lib/mastodon/version.rb8
-rw-r--r--lib/paperclip/media_type_spoof_detector_extensions.rb22
-rw-r--r--lib/paperclip/transcoder.rb5
-rw-r--r--lib/sanitize_ext/sanitize_config.rb25
-rw-r--r--lib/templates/rails/post_deployment_migration/migration.rb8
10 files changed, 85 insertions, 45 deletions
diff --git a/lib/generators/post_deployment_migration/USAGE b/lib/generators/post_deployment_migration/USAGE
new file mode 100644
index 000000000..57f3c6aa1
--- /dev/null
+++ b/lib/generators/post_deployment_migration/USAGE
@@ -0,0 +1,10 @@
+Description:
+    Generate a Rails migration in the db/post_migrate/ dir.
+
+    Interacts with the post_deployment_migrations initializer.
+
+Example:
+    bin/rails generate post_deployment_migration IsolateChanges
+
+    Creates a migration in db/post_migrate/<timestamp>_isolate_changes.rb
+    which will have `disable_ddl_transaction!` and a `change` method included.
diff --git a/lib/generators/post_deployment_migration/post_deployment_migration_generator.rb b/lib/generators/post_deployment_migration/post_deployment_migration_generator.rb
new file mode 100644
index 000000000..adb34a289
--- /dev/null
+++ b/lib/generators/post_deployment_migration/post_deployment_migration_generator.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'rails/generators/active_record'
+
+class PostDeploymentMigrationGenerator < Rails::Generators::NamedBase
+  source_root File.expand_path('templates', __dir__)
+
+  include Rails::Generators::Migration
+
+  def create_post_deployment_migration
+    migration_template 'migration.erb', "db/post_migrate/#{file_name}.rb"
+  end
+
+  def self.next_migration_number(path)
+    ActiveRecord::Generators::Base.next_migration_number(path)
+  end
+end
diff --git a/lib/generators/post_deployment_migration/templates/migration.erb b/lib/generators/post_deployment_migration/templates/migration.erb
new file mode 100644
index 000000000..fd6a02a0f
--- /dev/null
+++ b/lib/generators/post_deployment_migration/templates/migration.erb
@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  disable_ddl_transaction!
+
+  def change
+  end
+end
diff --git a/lib/generators/post_deployment_migration_generator.rb b/lib/generators/post_deployment_migration_generator.rb
deleted file mode 100644
index 798c01b88..000000000
--- a/lib/generators/post_deployment_migration_generator.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails/generators'
-
-module Rails
-  class PostDeploymentMigrationGenerator < Rails::Generators::NamedBase
-    def create_migration_file
-      timestamp = Time.zone.now.strftime('%Y%m%d%H%M%S')
-
-      template 'migration.rb', "db/post_migrate/#{timestamp}_#{file_name}.rb"
-    end
-
-    def migration_class_name
-      file_name.camelize
-    end
-  end
-end
diff --git a/lib/mastodon/accounts_cli.rb b/lib/mastodon/accounts_cli.rb
index a6532541e..5194cd80a 100644
--- a/lib/mastodon/accounts_cli.rb
+++ b/lib/mastodon/accounts_cli.rb
@@ -57,6 +57,7 @@ module Mastodon
     option :role
     option :reattach, type: :boolean
     option :force, type: :boolean
+    option :approve, type: :boolean
     desc 'create USERNAME', 'Create a new user account'
     long_desc <<-LONG_DESC
       Create a new user account with a given USERNAME and an
@@ -72,6 +73,8 @@ module Mastodon
       account is still in use by someone else, you can supply
       the --force option to delete the old record and reattach the
       username to the new account anyway.
+
+      With the --approve option, the account will be approved.
     LONG_DESC
     def create(username)
       role_id  = nil
@@ -89,7 +92,7 @@ module Mastodon
 
       account  = Account.new(username: username)
       password = SecureRandom.hex
-      user     = User.new(email: options[:email], password: password, agreement: true, approved: true, role_id: role_id, confirmed_at: options[:confirmed] ? Time.now.utc : nil, bypass_invite_request_check: true)
+      user     = User.new(email: options[:email], password: password, agreement: true, role_id: role_id, confirmed_at: options[:confirmed] ? Time.now.utc : nil, bypass_invite_request_check: true)
 
       if options[:reattach]
         account = Account.find_local(username) || Account.new(username: username)
@@ -112,6 +115,8 @@ module Mastodon
           user.confirm!
         end
 
+        user.approve! if options[:approve]
+
         say('OK', :green)
         say("New password: #{password}")
       else
@@ -184,9 +189,10 @@ module Mastodon
       user.disabled = true if options[:disable]
       user.approved = true if options[:approve]
       user.otp_required_for_login = false if options[:disable_2fa]
-      user.confirm if options[:confirm]
 
       if user.save
+        user.confirm if options[:confirm]
+
         say('OK', :green)
         say("New password: #{password}") if options[:reset_password]
       else
diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb
index 408f60185..603e2b88d 100644
--- a/lib/mastodon/version.rb
+++ b/lib/mastodon/version.rb
@@ -21,7 +21,11 @@ module Mastodon
     end
 
     def suffix
-      '+glitch'
+      if source_tag
+        "+cafe.#{source_tag}"
+      else
+        "+cafe"
+      end
     end
 
     def to_a
@@ -33,7 +37,7 @@ module Mastodon
     end
 
     def repository
-      ENV.fetch('GITHUB_REPOSITORY', 'glitch-soc/mastodon')
+      ENV.fetch('GITHUB_REPOSITORY', 'pluralcafe/mastodon')
     end
 
     def source_base_url
diff --git a/lib/paperclip/media_type_spoof_detector_extensions.rb b/lib/paperclip/media_type_spoof_detector_extensions.rb
new file mode 100644
index 000000000..a406ef312
--- /dev/null
+++ b/lib/paperclip/media_type_spoof_detector_extensions.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Paperclip
+  module MediaTypeSpoofDetectorExtensions
+    def calculated_content_type
+      return @calculated_content_type if defined?(@calculated_content_type)
+
+      @calculated_content_type = type_from_file_command.chomp
+
+      # The `file` command fails to recognize some MP3 files as such
+      @calculated_content_type = type_from_marcel if @calculated_content_type == 'application/octet-stream' && type_from_marcel == 'audio/mpeg'
+      @calculated_content_type
+    end
+
+    def type_from_marcel
+      @type_from_marcel ||= Marcel::MimeType.for Pathname.new(@file.path),
+                                                 name: @file.path
+    end
+  end
+end
+
+Paperclip::MediaTypeSpoofDetector.prepend(Paperclip::MediaTypeSpoofDetectorExtensions)
diff --git a/lib/paperclip/transcoder.rb b/lib/paperclip/transcoder.rb
index b3b55f82f..f4768aa60 100644
--- a/lib/paperclip/transcoder.rb
+++ b/lib/paperclip/transcoder.rb
@@ -19,10 +19,7 @@ module Paperclip
     def make
       metadata = VideoMetadataExtractor.new(@file.path)
 
-      unless metadata.valid?
-        Paperclip.log("Unsupported file #{@file.path}")
-        return File.open(@file.path)
-      end
+      raise Paperclip::Error, "Error while transcoding #{@file.path}: unsupported file" unless metadata.valid?
 
       update_attachment_type(metadata)
       update_options_from_metadata(metadata)
diff --git a/lib/sanitize_ext/sanitize_config.rb b/lib/sanitize_ext/sanitize_config.rb
index 4c0e9b858..85a6edcfe 100644
--- a/lib/sanitize_ext/sanitize_config.rb
+++ b/lib/sanitize_ext/sanitize_config.rb
@@ -15,6 +15,7 @@ class Sanitize
       ipfs
       ipns
       ssb
+      gemini
       gopher
       xmpp
       magnet
@@ -70,7 +71,7 @@ class Sanitize
     end
 
     MASTODON_STRICT ||= freeze_config(
-      elements: %w(p br span a abbr del pre blockquote code b strong u sub sup i em h1 h2 h3 h4 h5 ul ol li),
+      elements: %w(p br span a abbr del pre blockquote code b strong u sub sup i em h1 h2 h3 h4 h5 ul ol li details summary),
 
       attributes: {
         'a' => %w(href rel class title),
@@ -99,26 +100,26 @@ class Sanitize
       ]
     )
 
-    MASTODON_OEMBED ||= freeze_config merge(
-      RELAXED,
-      elements: RELAXED[:elements] + %w(audio embed iframe source video),
+    MASTODON_OEMBED ||= freeze_config(
+      elements: %w(audio embed iframe source video),
 
-      attributes: merge(
-        RELAXED[:attributes],
+      attributes: {
         'audio' => %w(controls),
         'embed' => %w(height src type width),
         'iframe' => %w(allowfullscreen frameborder height scrolling src width),
         'source' => %w(src type),
         'video' => %w(controls height loop width),
-        'div' => [:data]
-      ),
+      },
 
-      protocols: merge(
-        RELAXED[:protocols],
+      protocols: {
         'embed' => { 'src' => HTTP_PROTOCOLS },
         'iframe' => { 'src' => HTTP_PROTOCOLS },
-        'source' => { 'src' => HTTP_PROTOCOLS }
-      )
+        'source' => { 'src' => HTTP_PROTOCOLS },
+      },
+
+      add_attributes: {
+        'iframe' => { 'sandbox' => 'allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-forms' },
+      }
     )
 
     LINK_REL_TRANSFORMER = lambda do |env|
diff --git a/lib/templates/rails/post_deployment_migration/migration.rb b/lib/templates/rails/post_deployment_migration/migration.rb
deleted file mode 100644
index 503205b84..000000000
--- a/lib/templates/rails/post_deployment_migration/migration.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-class <%= migration_class_name %> < ActiveRecord::Migration[5.2]
-  disable_ddl_transaction!
-
-  def change
-  end
-end
generated by cgit-pink (git 2.37.1) at 2025-07-03 13:23:35 +0000