about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2021-08-20Merge pull request #1588 from ClearlyClaire/glitch-soc/merge-upstreamClaire
Merge upstream changes
2021-08-20[Glitch] Fix crash if a notification contains an unprocessed media attachmentClaire
Port 0c24c865b785a557f43125c976090e271247a2b1 to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-08-20[Glitch] Fix download button color in audio playerClaire
Port aaf24d3093d565461b0051d2238d8b74db63a041 to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-08-20Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-08-20Make sure nginx always send HSTS header (#16633)Peter Dave Hello
By default, it'll only send those headers when the response code is one of the following: - 200, 201, 204, 206, 301, 302, 303, 304, 307 & 308 As all the traffics should be https, the http protocol only exists to do 301 redirect, and always send the HSTS header is almost one of the best practices, we should set nginx to do so. Reference: - https://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header - https://ssl-config.mozilla.org/
2021-08-20Add tests for SuspendAccountService and UnsuspendAccountService (#16627)Claire
* Add tests for SuspendAccountService * Add tests for UnsuspendAccountService
2021-08-20Bump rspec-rails from 5.0.1 to 5.0.2 (#16622)dependabot[bot]
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 5.0.1 to 5.0.2. - [Release notes](https://github.com/rspec/rspec-rails/releases) - [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md) - [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.1...v5.0.2) --- updated-dependencies: - dependency-name: rspec-rails dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-20Bump sass from 1.37.0 to 1.38.0 (#16623)dependabot[bot]
Bumps [sass](https://github.com/sass/dart-sass) from 1.37.0 to 1.38.0. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.37.0...1.38.0) --- updated-dependencies: - dependency-name: sass dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-20Bump fast_blank from 1.0.0 to 1.0.1 (#16621)dependabot[bot]
Bumps [fast_blank](https://github.com/SamSaffron/fast_blank) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/SamSaffron/fast_blank/releases) - [Commits](https://github.com/SamSaffron/fast_blank/compare/1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: fast_blank dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-20Disable nginx ssl_session_tickets for better security (#16632)Peter Dave Hello
It's default turned on, but it's better to turn it off for security reason. Reference: - https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets - https://github.com/mozilla/server-side-tls/issues/135
2021-08-20Fix remotely-suspended accounts' toots being merged back into timelines (#16628)Claire
* Fix remotely-suspended accounts' toots being merged back into timelines * Mark remotely-deleted accounts as remotely suspended
2021-08-20Fix #16603 (#16605)Holger
Fix issue #16603 undefined method `serialize_payload' for Unsuspend Account Service error. It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service.
2021-08-17Bump oj from 3.12.2 to 3.13.2 (#16620)dependabot[bot]
Bumps [oj](https://github.com/ohler55/oj) from 3.12.2 to 3.13.2. - [Release notes](https://github.com/ohler55/oj/releases) - [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md) - [Commits](https://github.com/ohler55/oj/compare/v3.12.2...v3.13.2) --- updated-dependencies: - dependency-name: oj dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump eslint-plugin-import from 2.23.4 to 2.24.0 (#16592)dependabot[bot]
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import) from 2.23.4 to 2.24.0. - [Release notes](https://github.com/import-js/eslint-plugin-import/releases) - [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md) - [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.23.4...v2.24.0) --- updated-dependencies: - dependency-name: eslint-plugin-import dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump yargs from 17.0.1 to 17.1.1 (#16614)dependabot[bot]
Bumps [yargs](https://github.com/yargs/yargs) from 17.0.1 to 17.1.1. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs/compare/v17.0.1...v17.1.1) --- updated-dependencies: - dependency-name: yargs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump ws from 8.0.0 to 8.1.0 (#16616)dependabot[bot]
Bumps [ws](https://github.com/websockets/ws) from 8.0.0 to 8.1.0. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/8.0.0...8.1.0) --- updated-dependencies: - dependency-name: ws dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump bullet from 6.1.4 to 6.1.5 (#16617)dependabot[bot]
Bumps [bullet](https://github.com/flyerhzm/bullet) from 6.1.4 to 6.1.5. - [Release notes](https://github.com/flyerhzm/bullet/releases) - [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md) - [Commits](https://github.com/flyerhzm/bullet/compare/6.1.4...6.1.5) --- updated-dependencies: - dependency-name: bullet dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump fastimage from 2.2.4 to 2.2.5 (#16609)dependabot[bot]
Bumps [fastimage](https://github.com/sdsykes/fastimage) from 2.2.4 to 2.2.5. - [Release notes](https://github.com/sdsykes/fastimage/releases) - [Changelog](https://github.com/sdsykes/fastimage/blob/master/CHANGELOG) - [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.4...v2.2.5) --- updated-dependencies: - dependency-name: fastimage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump nokogiri from 1.12.2 to 1.12.3 (#16610)dependabot[bot]
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.2 to 1.12.3. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.2...v1.12.3) --- updated-dependencies: - dependency-name: nokogiri dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump blurhash from 1.1.3 to 1.1.4 (#16613)dependabot[bot]
Bumps [blurhash](https://github.com/woltapp/blurhash) from 1.1.3 to 1.1.4. - [Release notes](https://github.com/woltapp/blurhash/releases) - [Commits](https://github.com/woltapp/blurhash/commits) --- updated-dependencies: - dependency-name: blurhash dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump pundit from 2.1.0 to 2.1.1 (#16615)dependabot[bot]
Bumps [pundit](https://github.com/varvet/pundit) from 2.1.0 to 2.1.1. - [Release notes](https://github.com/varvet/pundit/releases) - [Changelog](https://github.com/varvet/pundit/blob/master/CHANGELOG.md) - [Commits](https://github.com/varvet/pundit/compare/v2.1.0...v2.1.1) --- updated-dependencies: - dependency-name: pundit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump path-parse from 1.0.6 to 1.0.7 (#16597)dependabot[bot]
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. - [Release notes](https://github.com/jbgutierrez/path-parse/releases) - [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7) --- updated-dependencies: - dependency-name: path-parse dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump parallel_tests from 3.7.0 to 3.7.1 (#16612)dependabot[bot]
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.7.0 to 3.7.1. - [Release notes](https://github.com/grosser/parallel_tests/releases) - [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md) - [Commits](https://github.com/grosser/parallel_tests/compare/v3.7.0...v3.7.1) --- updated-dependencies: - dependency-name: parallel_tests dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump aws-sdk-s3 from 1.98.0 to 1.99.0 (#16611)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.98.0 to 1.99.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump webmock from 3.13.0 to 3.14.0 (#16587)dependabot[bot]
Bumps [webmock](https://github.com/bblimke/webmock) from 3.13.0 to 3.14.0. - [Release notes](https://github.com/bblimke/webmock/releases) - [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md) - [Commits](https://github.com/bblimke/webmock/compare/v3.13.0...v3.14.0) --- updated-dependencies: - dependency-name: webmock dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump redux from 4.1.0 to 4.1.1 (#16586)dependabot[bot]
Bumps [redux](https://github.com/reduxjs/redux) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/reduxjs/redux/releases) - [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/redux/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: redux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump rubocop from 1.18.4 to 1.19.0 (#16618)dependabot[bot]
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.18.4 to 1.19.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.18.4...v1.19.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump strong_migrations from 0.7.7 to 0.7.8 (#16584)dependabot[bot]
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.7.7 to 0.7.8. - [Release notes](https://github.com/ankane/strong_migrations/releases) - [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md) - [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.7...v0.7.8) --- updated-dependencies: - dependency-name: strong_migrations dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump @babel/runtime from 7.14.8 to 7.15.3 (#16619)dependabot[bot]
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.14.8 to 7.15.3. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.15.3/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump @babel/core from 7.14.8 to 7.15.0 (#16588)dependabot[bot]
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.14.8 to 7.15.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-core) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17Bump @testing-library/react from 11.2.7 to 12.0.0 (#16440)dependabot[bot]
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 11.2.7 to 12.0.0. - [Release notes](https://github.com/testing-library/react-testing-library/releases) - [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md) - [Commits](https://github.com/testing-library/react-testing-library/compare/v11.2.7...v12.0.0) --- updated-dependencies: - dependency-name: "@testing-library/react" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-11Fix crash if a notification contains an unprocessed media attachment (#16573)Claire
* Refactor AttachmentList * Do not crash if a notification contains an unprocessed media attachment Fixes #16530 * Fix spacing in compact form
2021-08-11Fix download button color in audio player (#16572)Claire
Fixes #16571
2021-08-11Fix followers synchronization mechanism not working when URI has empty path ↵Claire
(#16510) * Fix followers synchronization mechanism not working when URI has empty path To my knowledge, there is no current implementation on the fediverse that can use bare domains (e.g., actor is at https://example.org instead of something like https://example.org/actor) that also plans to support the followers synchronization mechanism. However, Mastodon's current implementation would exclude such accounts from followers list. Also adds tests and rename them to reflect the proper method names. * Move url prefix regexp to its own constant
2021-08-11Merge pull request #1585 from ClearlyClaire/glitch-soc/merge-upstreamClaire
Merge upstream changes
2021-08-11Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-08-11Fix crash when encountering invalid account fields (#16598)Claire
* Add test * Fix crash when encountering invalid account fields
2021-08-10NodeJS 14 support - circleci/docker/.nvmrc (#16163)Shlee
* Update config.yml * Update Dockerfile * Update .nvmrc * Update Dockerfile * NodeJS 10 is EOL. * Update package.json * Update README.md * Update Vagrantfile * Update Dockerfile * Update Dockerfile
2021-08-10Merge pull request #1583 from ClearlyClaire/glitch-soc/merge-upstreamClaire
Merge upstream changes
2021-08-09[Glitch] Fix logout link not working in safariTakeshi Umeda
Port b2875b1864d5bd72e6902ffc842d1be6818c210e to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-08-09[Glitch] Fix trends layoutJeong Arm
Port 6e0ab6814f4d3906c035e10a9cedbc41ae5967e9 to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-08-09Fix account statuses cleanup settings controller for glitch-soc's theming systemClaire
2021-08-09Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `Gemfile.lock`: Not a real conflict, upstream-updated dependency (redis) textually too close to glitch-soc-only dependecy. Updated redis gem like upstream did.
2021-08-09Add feature to automatically delete old toots (#16529)Claire
* Add account statuses cleanup policy model * Record last inspected toot to delete to speed up successive calls to statuses_to_delete * Add service to cleanup a given account's statuses within a budget * Add worker to go through account policies and delete old toots * Fix last inspected status id logic All existing statuses older or equal to last inspected status id must be kept by the current policy. This is an invariant that must be kept so that resuming deletion from the last inspected status remains sound. * Add tests * Refactor scheduler and add tests * Add user interface * Add support for discriminating based on boosts/favs * Add UI support for min_reblogs and min_favs, rework UI * Address first round of review comments * Replace Snowflake#id_at_start with with_random parameter * Add tests * Add tests for StatusesCleanupController * Rework settings page * Adjust load-avoiding mechanisms * Please CodeClimate
2021-08-09Bump sanitize from 5.2.3 to 6.0.0 (#16580)Claire
Fixes nokogumbo/nokogiri conflicts by dropping the nokogumbo gem, as it has been merged in the nokogiri gem.
2021-08-09Fix invalid blurhash handling in Create activity (#16583)Takeshi Umeda
2021-08-08Fix when MoveWorker cannot get locale from remote account (#16576)Takeshi Umeda
2021-08-08Fix owned account notes not being deleted when an account is deleted (#16579)Claire
* Add account_notes relationship * Add tests * Fix owned account notes not being deleted when an account is deleted * Add post-migration to clean up orphaned account notes
2021-08-08Fix unsupported video error message handling (#16581)Takeshi Umeda
2021-08-07Bump @babel/preset-env from 7.14.8 to 7.15.0 (#16577)dependabot[bot]
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.8 to 7.15.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>