about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2021-04-09Upgrade Ruby to 2.7.3 (#16004)Daigo 3 Dango
* Upgrade Ruby to 2.7.3 https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/ includes security fixes to - CVE-2021-28965: XML round-trip vulnerability in REXML - CVE-2021-28966: Path traversal in Tempfile on Windows * Update rexml to 3.2.5 https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09Fix autoloading deprecation warnings from Rails 6 (#16010)Eugen Rochko
2021-04-09Fix deprecation warning for Sidekiq web session secret (#16009)Eugen Rochko
2021-04-06Update copyright year (#16003)Sean
2021-04-05Fix SidekiqProcessCheck checking for a queue name that isn't used in ↵Claire
Mastodon (#16002)
2021-04-05Bump redis from 3.0.2 to 3.1.0 (#15998)dependabot[bot]
Bumps [redis](https://github.com/NodeRedis/node-redis) from 3.0.2 to 3.1.0. - [Release notes](https://github.com/NodeRedis/node-redis/releases) - [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md) - [Commits](https://github.com/NodeRedis/node-redis/compare/v3.0.2...v3.1.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05Bump classnames from 2.2.6 to 2.3.1 (#16000)dependabot[bot]
Bumps [classnames](https://github.com/JedWatson/classnames) from 2.2.6 to 2.3.1. - [Release notes](https://github.com/JedWatson/classnames/releases) - [Changelog](https://github.com/JedWatson/classnames/blob/master/HISTORY.md) - [Commits](https://github.com/JedWatson/classnames/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05Fix SVG files not being correctly included in templates (#16001)Claire
In Rails 6.1, raw file inclusion in templates have to be explicitly marked as HTML-safe, otherwise it's rendered as text.
2021-04-05Bump rubocop from 1.12.0 to 1.12.1 (#15996)dependabot[bot]
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.12.0 to 1.12.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.12.0...v1.12.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05Bump webpack-assets-manifest from 4.0.1 to 4.0.2 (#15999)dependabot[bot]
Bumps [webpack-assets-manifest](https://github.com/webdeveric/webpack-assets-manifest) from 4.0.1 to 4.0.2. - [Release notes](https://github.com/webdeveric/webpack-assets-manifest/releases) - [Commits](https://github.com/webdeveric/webpack-assets-manifest/compare/v4.0.1...v4.0.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-05Bump @testing-library/react from 11.2.5 to 11.2.6 (#15997)dependabot[bot]
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 11.2.5 to 11.2.6. - [Release notes](https://github.com/testing-library/react-testing-library/releases) - [Changelog](https://github.com/testing-library/react-testing-library/blob/master/CHANGELOG.md) - [Commits](https://github.com/testing-library/react-testing-library/compare/v11.2.5...v11.2.6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-03Add system checks to dashboard in admin UI (#15989)Eugen Rochko
2021-04-03Change health check (#15988)Eugen Rochko
2021-04-01Fix crash in old browsers (#15985)Claire
Fixes #15984
2021-03-31Fix DB connection pool settings in CLI (#15983)abcang
2021-03-31Bump react-select from 4.0.2 to 4.3.0 (#15969)dependabot[bot]
Bumps [react-select](https://github.com/JedWatson/react-select) from 4.0.2 to 4.3.0. - [Release notes](https://github.com/JedWatson/react-select/releases) - [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/JedWatson/react-select/compare/react-select@4.0.2...react-select@4.3.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31Bump eslint from 7.22.0 to 7.23.0 (#15971)dependabot[bot]
Bumps [eslint](https://github.com/eslint/eslint) from 7.22.0 to 7.23.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v7.22.0...v7.23.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31Bump @babel/preset-react from 7.12.13 to 7.13.13 (#15965)dependabot[bot]
Bumps [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react) from 7.12.13 to 7.13.13. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.13.13/packages/babel-preset-react) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31Bump react-redux from 7.2.2 to 7.2.3 (#15963)dependabot[bot]
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.2.2 to 7.2.3. - [Release notes](https://github.com/reduxjs/react-redux/releases) - [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.2...v7.2.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-31Bump @babel/core from 7.13.10 to 7.13.14 (#15979)dependabot[bot]
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.10 to 7.13.14. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.13.14/packages/babel-core) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump aws-sdk-s3 from 1.92.0 to 1.93.0 (#15973)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.92.0 to 1.93.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump eslint-plugin-react from 7.22.0 to 7.23.1 (#15967)dependabot[bot]
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.22.0 to 7.23.1. - [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases) - [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md) - [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.22.0...v7.23.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump rubocop from 1.11.0 to 1.12.0 (#15970)dependabot[bot]
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.11.0 to 1.12.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.11.0...v1.12.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump parallel_tests from 3.5.2 to 3.6.0 (#15968)dependabot[bot]
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.5.2 to 3.6.0. - [Release notes](https://github.com/grosser/parallel_tests/releases) - [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md) - [Commits](https://github.com/grosser/parallel_tests/compare/v3.5.2...v3.6.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump fabrication from 2.21.1 to 2.22.0 (#15966)dependabot[bot]
Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.21.1 to 2.22.0. - [Release notes](https://github.com/paulelliott/fabrication/releases) - [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown) - [Commits](https://github.com/paulelliott/fabrication/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump webmock from 3.12.1 to 3.12.2 (#15964)dependabot[bot]
Bumps [webmock](https://github.com/bblimke/webmock) from 3.12.1 to 3.12.2. - [Release notes](https://github.com/bblimke/webmock/releases) - [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md) - [Commits](https://github.com/bblimke/webmock/compare/v3.12.1...v3.12.2) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump @testing-library/jest-dom from 5.11.9 to 5.11.10 (#15972)dependabot[bot]
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.11.9 to 5.11.10. - [Release notes](https://github.com/testing-library/jest-dom/releases) - [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md) - [Commits](https://github.com/testing-library/jest-dom/compare/v5.11.9...v5.11.10) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump mini-css-extract-plugin from 1.3.9 to 1.4.0 (#15976)dependabot[bot]
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 1.3.9 to 1.4.0. - [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases) - [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.3.9...v1.4.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump @babel/preset-env from 7.13.10 to 7.13.12 (#15975)dependabot[bot]
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.13.10 to 7.13.12. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.13.12/packages/babel-preset-env) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30Bump css-loader from 5.1.3 to 5.2.0 (#15961)dependabot[bot]
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 5.1.3 to 5.2.0. - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.3...v5.2.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30build: install shared-mime-info in Dockerfile (#15978)Mashiro
2021-03-29Bump pghero from 2.8.0 to 2.8.1 (#15962)dependabot[bot]
Bumps [pghero](https://github.com/ankane/pghero) from 2.8.0 to 2.8.1. - [Release notes](https://github.com/ankane/pghero/releases) - [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md) - [Commits](https://github.com/ankane/pghero/compare/v2.8.0...v2.8.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-29Bump rails from 6.1.3 to 6.1.3.1 (#15960)dependabot[bot]
Bumps [rails](https://github.com/rails/rails) from 6.1.3 to 6.1.3.1. - [Release notes](https://github.com/rails/rails/releases) - [Commits](https://github.com/rails/rails/compare/v6.1.3...v6.1.3.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-26Fix /admin/tags/:id crashing since Rails 6.1 update (#15953)Claire
Raw SQL passed to `pluck` now has to be explicitly marked as SQL via Arel.sql, see https://github.com/rails/rails/pull/27947
2021-03-26Add warning in admin dashboard if some required queues are not handled (#15954)Claire
2021-03-25Add `email` param to `POST /api/v1/emails/confirmations` (#15949)Eugen Rochko
Allow changing e-mail as long as the account is unconfirmed
2021-03-24Add transition to media modal background (#15843)Marcin Mikołajczak
* Add transition to media modal background * use reduceMotion * Move background color transition into css Signed-off-by: marcin mikołajczak <me@mkljczk.pl>
2021-03-24tootctl emoji import: case insensitive duplicate check (#15738)Stanislas
2021-03-24Bump brakeman from 4.10.1 to 5.0.0 (#15656)dependabot[bot]
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.10.1 to 5.0.0. - [Release notes](https://github.com/presidentbeef/brakeman/releases) - [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md) - [Commits](https://github.com/presidentbeef/brakeman/compare/v4.10.1...v5.0.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-24templates/systemd/mastodon: enable sandbox mode (#15937)Yurii Izorkin
2021-03-24Update Mastodon to Rails 6.1 (#15910)Claire
* Update devise-two-factor to unreleased fork for Rails 6 support Update tests to match new `rotp` version. * Update nsa gem to unreleased fork for Rails 6 support * Update rails to 6.1.3 and rails-i18n to 6.0 * Update to unreleased fork of pluck_each for Ruby 6 support * Run "rails app:update" * Add missing ActiveStorage config file * Use config.ssl_options instead of removed ApplicationController#force_ssl Disabled force_ssl-related tests as they do not seem to be easily testable anymore. * Fix nonce directives by removing Rails 5 specific monkey-patching * Fix fixture_file_upload deprecation warning * Fix yield-based test failing with Rails 6 * Use Rails 6's index_with when possible * Use ActiveRecord::Cache::Store#delete_multi from Rails 6 This will yield better performances when deleting an account * Disable Rails 6.1's automatic preload link headers Since Rails 6.1, ActionView adds preload links for javascript files in the Links header per default. In our case, that will bloat headers too much and potentially cause issues with reverse proxies. Furhermore, we don't need those links, as we already output them as HTML link tags. * Switch to Rails 6.0 default config * Switch to Rails 6.1 default config * Do not include autoload paths in the load path
2021-03-24Change mastodon:setup to not call assets:precompile in docker (#13942)Claire
It appears assets are built during image build, and they shouldn't need to be rebuilt, since we now have reproducible builds.
2021-03-24Fix Mastodon not understanding as:Public and Public (#15948)Claire
Fixes #5551
2021-03-24Fix compose form behavior in mobile view (#15555)Claire
* Fix ComposeForm being mounted twice in mobile view Fixes #13094 * Fix compose form focus and pre-selection behavior in mobile view * Split _updateFocusAndSelection out of componentDidUpdate
2021-03-24Switch from deprecated ClusterWS/cws to ws package (#15932)Claire
* Switch from deprecated ClusterWS/cws to ws package Fixes #15184 Co-authored-by: Edho Arief <me@nanaya.pro> * Make bufferutil and utf-8-validate optional dependencies Co-authored-by: Edho Arief <me@nanaya.pro>
2021-03-22Bump react-select from 3.2.0 to 4.0.2 (#15624)dependabot[bot]
* Bump react-select from 3.2.0 to 4.0.2 Bumps [react-select](https://github.com/JedWatson/react-select) from 3.2.0 to 4.0.2. - [Release notes](https://github.com/JedWatson/react-select/releases) - [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.2.0...react-select@4.0.2) Signed-off-by: dependabot[bot] <support@github.com> * Add cacheKey to NonceProvider for react-select Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-03-22Bump aws-sdk-s3 from 1.91.0 to 1.92.0 (#15938)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.91.0 to 1.92.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22Bump css-loader from 5.1.2 to 5.1.3 (#15940)dependabot[bot]
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 5.1.2 to 5.1.3. - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.2...v5.1.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22Bump rspec-rails from 5.0.0 to 5.0.1 (#15939)dependabot[bot]
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/rspec/rspec-rails/releases) - [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md) - [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22Bump ox from 2.14.3 to 2.14.4 (#15941)dependabot[bot]
Bumps [ox](https://github.com/ohler55/ox) from 2.14.3 to 2.14.4. - [Release notes](https://github.com/ohler55/ox/releases) - [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md) - [Commits](https://github.com/ohler55/ox/compare/v2.14.3...v2.14.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>