about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2022-12-15Change CSP directives on API to be tight and concise (#20960)Claire
2022-12-15linting: RuboCop update, config fixes (#20574)Kaspar V
* fix(rubocop): update gems and add performance and rspec fix(rubocop): update gems and add performance and rspec - update present rubocop gems - add rubocop-rspec and rubocop-performance gems - move rubocop gems to gem group :development, :test in order to make linting in a github action that runs with RAILS_ENV=test possible * feat(rubocop): disable some annoyance RSpec cops To mee these prooved to be more annoying than helpful. If not agreed, they can be enabled any time. * fix(rubocop): do not ignore spec/**/* Because rubocop-rspec should lint the specs as well, and they deserve to be readable in general. It is relevant code, after all. * fix(rubocop): change ignore db/**/* to db/schema.rb because rails cops do some lints for migrations. E.g. reversable migrations linting and more. * fix(rubocop): tune rules configs Bunch of commits squashed: fix(rubocop): enable Layout/LineLength cop Because this project has code with line lenghts > 500 chars. This is not good practice at all, so I strongly suggest to change the practice in the future. But allow heredoc, URI and comments to still be long lines and make the default Max: 120 explicit, by repeating it in the config. To me this max length seems reasonable. Perhaps a bit more could be ok for some. But > 500 chars in one line Seems to be way too long IMHO. fix(rubocop): Metrics/CyclomaticComplexity Max to 12 The default is 7, perhaps quite strict. But 25 is too loose, the rule becomes pointless like that. fix(rubocop): AllCops ruby version, cacheing and more info - fix the target ruby version from 2.5 to 3.0 - have the cop error messages to be more informative and helpful - enable cacheing in /tmp fix(rubocop): Metrics/AbcSize to 34 from 115 Rubocops default is 17. If the rule is at 115 is becomes pointless. fix(rubocop): Metrics/BlockLength improvements - instead of ignoring tasks completely, ignore only the long blocks that are specific to tasks (task, namespace) - ignore also concern specific block methods (included, class_methods) fix(rubocop): Metrics/ClassLength count heredoc array as one line fix(rubocop): Metrics/MethodLength Max to 25 - the default is 10, but 65 is too loose, so perhaps 25? fix(rubocop): Metrics/ModuleLength array and heredoc count as one fix(rubocop): Metrics/PerceivedComplexity to 16 from 25 Rubocops default is 8, so how about only doubling that, instead of > than tripple it? fix(rubocop): enable Style/RedundantAssignment Because I think that this rule would never really hurt, but improve code quality and readability. fix(rubocop): enable Style/RescueStandardError I think everyone that ever had to debug what this can bring will hopefully agree that this rule totally makes sense. In the super rare exeptions where this is totally needed, it can be excluded by disabling comment in that place. fix(rubocop): Metrics/ParameterLists add explicit defaults and some excludes
2022-12-15Use Rails tag API to build RSS feed for spoilers and polls (#20163)Neil Matatall
* Use Rails tag API to build RSS feed for spoilers and polls While the previous method did not contain a bug or a potential issue, the tag API can be very resilient against future problems and reduces the amount of manual management of the escape status of the content. I've added tests to ensure that the formatting is broken and still escapes control characters correctly. * this seems cleaner and passes * Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself * whoops, tag helper doesn't use a self-closing tag
2022-12-15Fix default S3_HOSTNAME used in mastodon:setup (#19932)Dan Peterson
s3-us-east-1.amazonaws.com does not exist. Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15Add environment variable to configure sidekiq concurrency (#19589)Colin Mitchell
Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15Fix typo in handler function call name (#21829)Nick Schonning
2022-12-15Increase the width of the unread notification border. (#21692)Connor Shea
The smaller border is difficult to see for some users, especially when the browser window was thinner, and so the unread border is at the very left edge of the window.
2022-12-15Render current day formats in the client timezone (#21878)Francis Murillo
* Fix remaining plain %time to %time.formatted * Add %time.relative-formatted to client format dates on the current day * Add missing comma dangle to formats * Use client side message format instead of the server * Add fallback message to relatve_format.today * Remove unused translation key and fix js lint issue Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15Add localization for new admin scopes (#20979)trwnh
* Add localization for new admin scopes * run bundle exec i18n-tasks normalize
2022-12-15Fix typo in application_helper_spec.rb (#20981)Ikko Ashimine
enviroment -> environment
2022-12-15`FormattedMessage` must be used directly (#20982)Yamagishi Kazutoshi
* `FormattedMessage` must be used directly * rollback
2022-12-15Adding 12 hours option for polls (#21131)Pleclown
* Adding 12 hours option for polls Adding 12 hours option for polls * Adding 12 hours option for polls Missing > on a line
2022-12-15Fix hidden label causing accessibility issue for search inputs (#21275)Alex Stine
* Try unhiding search label. * Use aria-label. Remove label as empty labels are useless. * Remove addition of package-lock.json.
2022-12-15Embed js height fix (#22141)Matt Hodges
* only begin iframe reheight once document state is complete * format * lint fixes * Update public/embed.js to use readystatechange event listener Co-authored-by: Claire <claire.github-309c@sitedethib.com> * Call loaded() if ready, otherwise add listenter * lint fix Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-15Fix being unable to react with the keycap number sign emoji (#22231)Jeremy Kescher
#⃣ This bug is caused by the emoji consisting of: U+23 # U+FE0F U+20E3 ⃣ Because it starts with a #, it's interpreted as an anchor link, which is not passed to the API. Therefore, the API sees no emoji to react with and answers correctly with a 404.
2022-12-15Fix N+1 queries from in NotificationsController (#21202)nametoolong
Co-authored-by: Nonexistent <nx@example.org>
2022-12-15Fix typos in source documentation (#21046)luzpaz
Fixed 2 source comment/documentation typos
2022-12-15Add hadolint as Dockerfile linter (#20993)Moritz Heiber
* Added hadolint as Dockerfile linter in pipeline and resolved remaining hadolint issues in Dockerfile * Use more specific version of hadolint Action * Bumpt hadolint Action version to latest version to avoid deprecation notice * Being _really_ specific now
2022-12-15Fix profile avatar being slightly offset into left border (fixes #20822) ↵Riedler
(#20994) * hotfix for #20822 I don't know why it was shifted in the first place or why the width is specified twice, but this fixes the problem, so it looks fine to me. * realigned pfp with content below * fixed formatting my bad * added comment to explain the negative margin before I forget - comments are *important* ! Co-authored-by: Riedler <riedler@gelse.eu>
2022-12-15Fix crash in elasticsearch_check.rb (#21006)s0
Nil unwrap causes the admin dashboard to crash/500 when the Chewy client info version number value is nil. This occurs when running another ES-compatible backend such as MeiliSearch. Obviously it would be good for chewy to recognise upstream but at least avoiding the crash would be fine.
2022-12-15Allow adding relays while secure mode & limited federation mode are enabled ↵Effy Elden
(#22324)
2022-12-15Fix invalid CSS for links in warning and strike cards (#22302)Claire
2022-12-15Don't delivery a reply to domains which are blocked by author (#22117)Jeong Arm
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-15Add CodeQL workflow (#21894)Justin Hutchings
2022-12-15Fix missing Javascript in domain block import confirmation page (#21471)Claire
Follow-up to #20597
2022-12-15Revoke all authorized applications on password reset (#21325)Francis Murillo
* Clear sessions on password change * Rename User::clear_sessions to revoke_access for a clearer meaning * Add reset paassword controller test * Use User.find instead of User.find_for_authentication for reset password test * Use redirect and render for better test meaning in reset password Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15Change dropdown menu to contain “Copy link to post” even for non-public ↵Claire
posts (#21316) Fixes #21244
2022-12-15Validate nodeinfo response by schema (#21395)Meisam
* add json-schema to :test in Gemfile * Create node_info_2.0_schema.json * test match_response_schema * Create match_response_schema.rb * Update nodeinfo_controller_spec.rb * Rename spec/support/node_info_2.0_schema.json to spec/support/schema/node_info_2.0_schema.json * Update match_response_schema.rb * cleanup * additionally validate the json schema itself disable throwing errors test the schema matcher * rename nodeinfo schema to nodeinfo_2.0 * use Rails.root.join to construct the path * prettify json * sync Gemfile.lock
2022-12-15Add --email and --dry-run options to `tootctl accounts delete` (#22328)Claire
2022-12-15Allow admins to refresh remotely-suspended accounts (#22327)Claire
* Change suspension text to mention that a remotely suspended account is not locally-suspended * Add ability to refresh profile of remotely suspended accounts
2022-12-15Fix wasteful request to /api/v1/custom_emojis when not logged in (#22326)Claire
2022-12-14Add command to remove avatar and header images of inactive remote accounts ↵Evan
from the local database (#22149) * Add tootctl subcommand media remove-profile-media * Trigger workflows * Correcting external linting * External linting error * External linting fix * Merging with remove command * Linting * Correct long option names Co-authored-by: Claire <claire.github-309c@sitedethib.com> * Correct long option names Co-authored-by: Claire <claire.github-309c@sitedethib.com> * Correct long option names Co-authored-by: Claire <claire.github-309c@sitedethib.com> * Remove saving a list of purged accounts Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14Merge pull request #2007 from ClearlyClaire/glitch-soc/merge-upstreamClaire
Merge upstream changes
2022-12-14Fix invalid CSS for links in warning and strike cardsClaire
2022-12-14[Glitch] fix missing style in warning and strike cardsRin
Port 42e16ea52dcafef7737368b05537670cc49d3f91 to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14[Glitch] Make handle more easily selectable on profile pagecadars
Port 52a50c5e43a78f21a1054869352db31b4fa3aba0 to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14[Glitch] Change default reply language to be default language when replying ↵Claire
to a translated reply Port f70bdba9264bd7c572cee3c45421733919b7d03c to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-12-14Bump postcss from 8.4.19 to 8.4.20 (#22256)dependabot[bot]
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.19 to 8.4.20. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.4.19...8.4.20) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14Bump rails-html-sanitizer from 1.4.3 to 1.4.4 (#22279)dependabot[bot]
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.4.3 to 1.4.4. - [Release notes](https://github.com/rails/rails-html-sanitizer/releases) - [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md) - [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.4.3...v1.4.4) --- updated-dependencies: - dependency-name: rails-html-sanitizer dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14Bump loofah from 2.19.0 to 2.19.1 (#22278)dependabot[bot]
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.19.0 to 2.19.1. - [Release notes](https://github.com/flavorjones/loofah/releases) - [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md) - [Commits](https://github.com/flavorjones/loofah/compare/v2.19.0...v2.19.1) --- updated-dependencies: - dependency-name: loofah dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14Bump public_suffix from 5.0.0 to 5.0.1 (#22259)dependabot[bot]
Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/weppos/publicsuffix-ruby/releases) - [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/main/CHANGELOG.md) - [Commits](https://github.com/weppos/publicsuffix-ruby/compare/v5.0.0...v5.0.1) --- updated-dependencies: - dependency-name: public_suffix dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14Bump sass from 1.56.1 to 1.56.2 (#22257)dependabot[bot]
Bumps [sass](https://github.com/sass/dart-sass) from 1.56.1 to 1.56.2. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.56.1...1.56.2) --- updated-dependencies: - dependency-name: sass dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14Bump prettier from 2.8.0 to 2.8.1 (#22255)dependabot[bot]
Bumps [prettier](https://github.com/prettier/prettier) from 2.8.0 to 2.8.1. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/prettier/compare/2.8.0...2.8.1) --- updated-dependencies: - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-13Add single splat to callback method definitions to avoid ArgumentError (#22246)zunda
It looks like a [bug](https://bugs.ruby-lang.org/issues/18633) around autosplat is [fixed](https://bugs.ruby-lang.org/projects/ruby-master/repository/git/revisions/fbaadd1cfe7fbfd1b904f193f99d7c845a6ed804) on ruby-3.2.0-rc1 and breaks a test (but not on ruby <= 3.1.3): ``` $ bundle exec rspec ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:41 : 1) Api::V1::Emails::ConfirmationsController#create with an oauth token from an app that created the account when the account is already confirmed but user changed e-mail and has not confirmed it returns http success Failure/Error: def email_changed(user, **) @resource = user @instance = Rails.configuration.x.local_domain return unless @resource.active_for_authentication? I18n.with_locale(locale) do mail to: @resource.email, subject: I18n.t('devise.mailer.email_changed.subject') end end ArgumentError: wrong number of arguments (given 2, expected 1) # ./app/mailers/user_mailer.rb:51:in `email_changed' # ./app/models/user.rb:444:in `render_and_send_devise_message' # ./app/models/user.rb:430:in `block in send_pending_devise_notifications' # ./app/models/user.rb:429:in `each' # ./app/models/user.rb:429:in `send_pending_devise_notifications' # ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:38:in `block (7 levels) in <top (required)>' ```
2022-12-13fix missing style in warning and strike cards (#22177)Rin
2022-12-13Fix crash and incorrect behavior in tootctl domains crawl (#19004)Claire
2022-12-13Make handle more easily selectable on profile page (#21479)cadars
* Make handle more easily selectable on profile page * Wrap handle in a span * Add `user-select: all` to span * remove whitespace
2022-12-13Change default reply language to be default language when replying to a ↵Claire
translated reply (#22272) Fixes #22250
2022-12-11Merge pull request #2005 from ClearlyClaire/glitch-soc/merge-upstreamClaire
Merge upstream changes