about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2021-11-25Fix filtering DMs from non-followed users (#17042)Claire
2021-11-25Add trending links (#16917)Eugen Rochko
* Add trending links * Add overriding specific links trendability * Add link type to preview cards and only trend articles Change trends review notifications from being sent every 5 minutes to being sent every 2 hours Change threshold from 5 unique accounts to 15 unique accounts * Fix tests
2021-11-24Upgrade Ruby to 3.0.3 (#17038)zunda
https://www.ruby-lang.org/en/news/2021/11/24/ruby-3-0-3-released/
2021-11-24Better ordering for bug report issue template (#17019)trwnh
Logically, it makes more sense to provide the steps leading up to the bug before asking what the bug is. This change moves "steps to reproduce" above "expected behavior" and "actual behavior" to enforce the above progression and logical flow.
2021-11-24Fix error when suspending user with an already-existing canonical email ↵Claire
block (#17036) * Fix error when suspending user with an already-existing canonical email block Fixes #17033 While attempting to create a `CanonicalEmailBlock` with an existing hash would raise an `ActiveRecord::RecordNotUnique` error, this being done within a transaction would cancel the whole transaction. For this reason, checking for uniqueness in Rails would query the database within the transaction and avoid invalidating the whole transaction for this reason. A race condition is still possible, where multiple accounts sharing a canonical email would be blocked in concurrent transactions, in which only one would succeed, but that is way less likely to happen that the current issue, and can always be retried after the first failure, unlike the current situation. * Add tests
2021-11-23Add FEDERATION.md (#17029)Claire
Some ActivityPub projects have a FEDERATION.md which is used to describe the various extensions they use. Everything here is also documented elsewhere, but it's a concise starting point with links to that documentation.
2021-11-19Fix overflow of long profile fields in admin view (#17010)Claire
2021-11-19Fix background-color of emoji-mart selector (#17011)Claire
Reverts part of #16907 to fix hardcoded color
2021-11-18Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)Takeshi Umeda
* Bump chewy from 5.2.0 to 7.2.2 * fix style (codeclimate) * fix style * fix style * Bump chewy from 7.2.2 to 7.2.3
2021-11-18Add lazy load to emoji-mart (#16907)Mashiro
* perf: lazyload emoji-mart! * Bump lazyload
2021-11-18Update Dockerfile (#16939)Shlee
2021-11-18[Docker-Compose] [Breaking] Postgres 9.6 is EOL (11th Nov 2021) - Migrate to ↵Shlee
14 Stable (#16947) * Update docker-compose.yml * Update docker-compose.yml * Update docker-compose.yml * Update docker-compose.yml
2021-11-18Ruby 3.0.2 Upgrade (#16982)Shlee
* Update .ruby-version * Update Gemfile * Update Gemfile.lock * Update Dockerfile * Update check-i18n.yml * Update config.yml * Update config.yml
2021-11-18[Dockerfile] Upgrade ElasticSearch-OSS 6.8.10 to 7.10.2 (#16956)Shlee
* Update docker-compose.yml * Update docker-compose.yml * Update docker-compose.yml
2021-11-18Bump aws-sdk-s3 from 1.105.1 to 1.106.0 (#17001)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.105.1 to 1.106.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump mime-types from 3.4.0 to 3.4.1 (#17002)dependabot[bot]
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/mime-types/ruby-mime-types/releases) - [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/History.md) - [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.4.0...v3.4.1) --- updated-dependencies: - dependency-name: mime-types dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump eslint-plugin-jsx-a11y from 6.4.1 to 6.5.1 (#16993)dependabot[bot]
Bumps [eslint-plugin-jsx-a11y](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y) from 6.4.1 to 6.5.1. - [Release notes](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/releases) - [Changelog](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md) - [Commits](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/compare/v6.4.1...v6.5.1) --- updated-dependencies: - dependency-name: eslint-plugin-jsx-a11y dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump letter_opener_web from 1.4.1 to 2.0.0 (#16960)dependabot[bot]
Bumps [letter_opener_web](https://github.com/fgrehm/letter_opener_web) from 1.4.1 to 2.0.0. - [Release notes](https://github.com/fgrehm/letter_opener_web/releases) - [Changelog](https://github.com/fgrehm/letter_opener_web/blob/master/CHANGELOG.md) - [Commits](https://github.com/fgrehm/letter_opener_web/compare/v1.4.1...v2.0.0) --- updated-dependencies: - dependency-name: letter_opener_web dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump eslint-plugin-import from 2.25.2 to 2.25.3 (#16995)dependabot[bot]
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import) from 2.25.2 to 2.25.3. - [Release notes](https://github.com/import-js/eslint-plugin-import/releases) - [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md) - [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.25.2...v2.25.3) --- updated-dependencies: - dependency-name: eslint-plugin-import dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump @babel/runtime from 7.16.0 to 7.16.3 (#16994)dependabot[bot]
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.16.0 to 7.16.3. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.3/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump eslint-plugin-react from 7.26.1 to 7.27.0 (#16992)dependabot[bot]
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.26.1 to 7.27.0. - [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases) - [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md) - [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.26.1...v7.27.0) --- updated-dependencies: - dependency-name: eslint-plugin-react dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump mime-types from 3.3.1 to 3.4.0 (#16991)dependabot[bot]
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.3.1 to 3.4.0. - [Release notes](https://github.com/mime-types/ruby-mime-types/releases) - [Changelog](https://github.com/mime-types/ruby-mime-types/blob/main/History.md) - [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.3.1...v3.4.0) --- updated-dependencies: - dependency-name: mime-types dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump sprockets-rails from 3.2.2 to 3.4.0 (#16990)dependabot[bot]
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails) from 3.2.2 to 3.4.0. - [Release notes](https://github.com/rails/sprockets-rails/releases) - [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.2...v3.4.0) --- updated-dependencies: - dependency-name: sprockets-rails dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18Bump rubocop from 1.22.3 to 1.23.0 (#16989)dependabot[bot]
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.22.3 to 1.23.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.22.3...v1.23.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-17[Dockerfile] [Security] Update NodeJS to V16 (LTS) on docker. (#16856)Shlee
* [Security] Update NodeJS on docker. https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/ * Update Dockerfile * Upgrade npm package * Update Dockerfile
2021-11-16Add manual GitHub Actions runs (#17000)Eugen Rochko
2021-11-16Fix upload of remote media with OpenStack Swift sometimes failing (#16998)Claire
Under certain conditions, files fetched from remotes trigger an error when being uploaded using OpenStack Swift. This is because in some cases, the remote server will not return a content-length, so our ResponseWithLimitAdapter will hold a `nil` value for `#size`, which will lead to an invalid value for the Content-Length header of the Swift API call. This commit fixes that by taking the size from the actually-downloaded file size rather than the upstream-provided Content-Length header value.
2021-11-14Fix confusing error when webfinger request returns empty document (#16986)Claire
For some reason, some misconfigured servers return an empty document when queried over webfinger. Since an empty document does not lead to a parse error, the error is not caught properly and triggers uncaught exceptions later on. This PR fixes that by immediately erroring out with `Webfinger::Error` on getting an empty response.
2021-11-14Change workflow to push to Docker Hub (#16980)Eugen Rochko
2021-11-13Fix no link previews being generated for pages with invalid structured data ↵Eugen Rochko
(#16979) Fix #16955
2021-11-13Bump react-select from 5.1.0 to 5.2.1 (#16967)dependabot[bot]
Bumps [react-select](https://github.com/JedWatson/react-select) from 5.1.0 to 5.2.1. - [Release notes](https://github.com/JedWatson/react-select/releases) - [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/JedWatson/react-select/compare/react-select@5.1.0...react-select@5.2.1) --- updated-dependencies: - dependency-name: react-select dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump @testing-library/jest-dom from 5.14.1 to 5.15.0 (#16966)dependabot[bot]
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.14.1 to 5.15.0. - [Release notes](https://github.com/testing-library/jest-dom/releases) - [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md) - [Commits](https://github.com/testing-library/jest-dom/compare/v5.14.1...v5.15.0) --- updated-dependencies: - dependency-name: "@testing-library/jest-dom" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump reselect from 4.1.1 to 4.1.2 (#16963)dependabot[bot]
Bumps [reselect](https://github.com/reduxjs/reselect) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/reduxjs/reselect/releases) - [Changelog](https://github.com/reduxjs/reselect/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/reselect/compare/v4.1.1...v4.1.2) --- updated-dependencies: - dependency-name: reselect dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump sidekiq from 6.2.2 to 6.3.1 (#16965)dependabot[bot]
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.2.2 to 6.3.1. - [Release notes](https://github.com/mperham/sidekiq/releases) - [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md) - [Commits](https://github.com/mperham/sidekiq/compare/v6.2.2...v6.3.1) --- updated-dependencies: - dependency-name: sidekiq dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump webpack-dev-server from 3.11.2 to 3.11.3 (#16964)dependabot[bot]
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.11.2 to 3.11.3. - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/v3.11.3/CHANGELOG.md) - [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.11.2...v3.11.3) --- updated-dependencies: - dependency-name: webpack-dev-server dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump aws-sdk-s3 from 1.104.0 to 1.105.1 (#16962)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.104.0 to 1.105.1. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump ox from 2.14.5 to 2.14.6 (#16961)dependabot[bot]
Bumps [ox](https://github.com/ohler55/ox) from 2.14.5 to 2.14.6. - [Release notes](https://github.com/ohler55/ox/releases) - [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md) - [Commits](https://github.com/ohler55/ox/compare/v2.14.5...v2.14.6) --- updated-dependencies: - dependency-name: ox dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump i18n-tasks from 0.9.34 to 0.9.35 (#16959)dependabot[bot]
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.34 to 0.9.35. - [Release notes](https://github.com/glebm/i18n-tasks/releases) - [Changelog](https://github.com/glebm/i18n-tasks/blob/main/CHANGES.md) - [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.34...v0.9.35) --- updated-dependencies: - dependency-name: i18n-tasks dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Bump idn-ruby from 0.1.2 to 0.1.4 (#16958)dependabot[bot]
Bumps [idn-ruby](https://github.com/deepfryed/idn-ruby) from 0.1.2 to 0.1.4. - [Release notes](https://github.com/deepfryed/idn-ruby/releases) - [Changelog](https://github.com/deepfryed/idn-ruby/blob/master/CHANGES) - [Commits](https://github.com/deepfryed/idn-ruby/compare/v0.1.2...v0.1.4) --- updated-dependencies: - dependency-name: idn-ruby dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13Fix OpenGraph/LinkedData embeds having incorrectly-generated iframes (#16978)Claire
2021-11-12Build container image by GitHub Actions (#16973)Yusuke Nakamura
* Build container image by GitHub Actions * Trigger docker build only pushed to main branch * Tweak tagging imgae - "edge" is the main branch - "latest" is the tagged latest release
2021-11-11Fix "bundle exec rails mastodon:setup" crashing in some circumstances (#16976)Claire
Fix regression from #16896
2021-11-06[CircleCI] Test using Postgres 14 (#16948)Shlee
* Update config.yml * Update config.yml
2021-11-06Forward port version bumps to 3.4.2 and 3.4.3 (#16945)Eugen Rochko
* Bump version to 3.4.2 * Bump version to 3.4.3
2021-11-06Fix reviving revoked sessions and invalidating login (#16943)Claire
Up until now, we have used Devise's Rememberable mechanism to re-log users after the end of their browser sessions. This mechanism relies on a signed cookie containing a token. That token was stored on the user's record, meaning it was shared across all logged in browsers, meaning truly revoking a browser's ability to auto-log-in involves revoking the token itself, and revoking access from *all* logged-in browsers. We had a session mechanism that dynamically checks whether a user's session has been disabled, and would log out the user if so. However, this would only clear a session being actively used, and a new one could be respawned with the `remember_user_token` cookie. In practice, this caused two issues: - sessions could be revived after being closed from /auth/edit (security issue) - auto-log-in would be disabled for *all* browsers after logging out from one of them This PR removes the `remember_token` mechanism and treats the `_session_id` cookie/token as a browser-specific `remember_token`, fixing both issues.
2021-11-06Fix AccountNote not having a maximum length (#16942)Claire
2021-11-05Add support for structured data and more OpenGraph tags to link cards (#16938)Eugen Rochko
Save preview cards under their canonical URL Increase max redirects to follow from 2 to 3
2021-11-05Fix handling announcements with links (#16941)Claire
Broken since #15827
2021-11-04Fix statuses order in account's statuses admin page (#16937)Jeong Arm
2021-11-02Bump @babel/preset-env from 7.15.8 to 7.16.0 (#16923)dependabot[bot]
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.15.8 to 7.16.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.16.0/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>