about summary refs log tree commit diff
path: root/Gemfile.lock
AgeCommit message (Collapse)Author
2018-09-14Upgrade Babel to version 7.0.0 (#5925)Yamagishi Kazutoshi
2018-09-14update devise_pam_authenticatable2, new feature: pam gets ip address of ↵Alexander
client (#8623)
2018-08-26Add thor to Gemfile directly (#8467)Eugen Rochko
It's a common dependency, but just in case
2018-08-25fix pam authentication for certain hostnames (#8412)Alexander
2018-08-24Upgrade Doorkeeper to 5.0.0 (#8409)Eugen Rochko
See doorkeeper-gem/doorkeeper#1137
2018-08-21Revert to using Paperclip's filesystem storage, and fix dangling records in ↵ThibG
remove_remote (#8339) * Fix uncaching worker * Revert to using Paperclip's filesystem backend instead of fog-local fog-local has lots of concurrency issues, causing failure to delete files, dangling file records, and spurious errors UncacheMediaWorker
2018-08-20Upgrade doorkeeper to 4.4.2 (#8321)ThibG
2018-08-19Revert "Upgrade Doorkeeper to 4.4.1 (#8197)" (#8231)AkiraFukushima
* Revert "Upgrade Doorkeeper to 4.4.1 (#8197)" This reverts commit 464daffdf9a37e9a773d224a162fad022890d463. * Except migration files from revert commit
2018-08-18Add Makara dependency to support read-replicas (#8216)Eugen Rochko
Not active by default unless config/database.yml is edited
2018-08-14Upgrade Doorkeeper to 4.4.1 (#8197)Eugen Rochko
2018-08-12Update Rails (#8141)S.H
* Update Rails * fix Update Rails
2018-06-20Update sprockets gem (#7858)Daigo 3 Dango
https://blog.heroku.com/rails-asset-pipeline-vulnerability
2018-06-19Update bcrypt to 3.1.12 fix issue with Fedora (#7845)Eugen Rochko
2018-06-15Remove rack-timeout (#7809)Eugen Rochko
Timeout considered harmful due to leaving the app in a broken state, including unreaped database connections
2018-05-19Upgrade posix-spawn to master (#7542)MIYAGI Hikaru
2018-05-16Fix posix-spawn to version 0.3.12 (#7517)MIYAGI Hikaru
Because 0.3.13 causes build error in x86 or other ILP32 environments. closes #7453
2018-05-13Update http_parser.rb to head version (#7467)Yamagishi Kazutoshi
2018-05-12Downgrade doorkeeper to version 4.2.6 (#7456)Yamagishi Kazutoshi
ref https://github.com/doorkeeper-gem/doorkeeper/pull/1060
2018-05-06Port travis_retry for CI (#7379)Yamagishi Kazutoshi
* Port travis_retry for CI * Add license
2018-05-04Marginally improve convert/ffmpeg calls performance with posix-spawn (#7346)Eugen Rochko
2018-05-03Add pry-byebug (#7307)Shuhei Kitagawa
2018-05-02Slightly reduce RAM usage (#7301)Eugen Rochko
* No need to re-require sidekiq plugins, they are required via Gemfile * Add derailed_benchmarks tool, no need to require TTY gems in Gemfile * Replace ruby-oembed with FetchOEmbedService Reduce startup by 45382 allocated objects * Remove preloaded JSON-LD in favour of caching HTTP responses Reduce boot RAM by about 6 MiB * Fix tests * Fix test suite by stubbing out JSON-LD contexts
2018-04-23Update dependencies for Ruby (2018-04-23) (#7237)Yamagishi Kazutoshi
* Update annotate to version 2.7.3 * Update aws-sdk-s3 to version 1.9.2 * Update browser to version 2.5.3 * Update capistrano to version 3.10.2 * Update domain_name to version 0.5.20180417 * Update http to version 3.2.0 * Update lograge to version 0.10.0 * Update oj to version 3.5.1 * Update parallel_tests to version 2.21.3 * Update puma to version 3.11.4 * Update rubocop to version 0.55.0 * Update scss_lint to version 0.57.0 * Update simplecov to version 0.16.1 * Update tty-command to version 0.8.0 * Update tty-prompt to version 0.16.0 * Update pkg-config to version 1.3.0 * Update fog-local to version 0.5.0 * Update fog-openstack to version 0.1.25 * Update devise-two-factor to version 3.0.3 * bundle update
2018-04-20Introduce rspec-retry (#7206)Yamagishi Kazutoshi
2018-04-12Upgrade Rails to version 5.2.0 (#5898)Yamagishi Kazutoshi
2018-04-11update gem, test pam authentication (#7028)Alexander
* update gem, test pam authentication * add description for test parameters * fix inclusion of optional group
2018-04-07Add a circuit breaker for ActivityPub deliveries (#7053)Eugen Rochko
2018-03-30Upgrade charlock_holmes to version 0.7.6 (#6966)Pierre-Morgan Gate
This version fixes compilation errors when trying to build its native extension with ICU 61.
2018-03-24Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)Yamagishi Kazutoshi
This reverts commit 40871caa4b06c7ee1c3b07f439ed984ead295ced.
2018-03-21Update sanitize and loofah (#6855)Patrick Figel
Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS vulnerabilities present in these gems when built against libxml2 >= 2.9.2.
2018-03-19bugfixes and gem update (#6831)Alexander
* update to new version of devise_pam_authenticatable2 * fix behaviour if suffix is nil, fix environment loading, fix user email creation * code cleanup/fix linter warning
2018-03-17Revert "Upgrade Paperclip to version 6.0.0" (#6807)Eugen Rochko
* Revert "Bump version to 2.3.2rc1" This reverts commit cdf8b92fea269209cedf38c50bca276cdf47b1fe. * Revert "Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)" This reverts commit 0074cad44ffcbbdbc798f57a21829359741e60d9. * Revert "Handle Mastodon::HostValidationError when pulling remoteable assets (#6782)" This reverts commit 4a0a19fe54f1d2d433ad3d72c35f2bbb915279f6. * Revert "Correct the reference to user's password in mastodon:add_user task (#6800)" This reverts commit 338bff8b93fa939c2968818e53386fd0c013d9a9. * Revert "Upgrade Paperclip to version 6.0.0 (#6754)" This reverts commit b88fcd53f711673b21e5ff4a547dbf929866a2ee.
2018-03-17Upgrade Paperclip to version 6.0.0 (#6754)Yamagishi Kazutoshi
2018-03-06Upgrade chewy to version 5.0.0 (#6649)Yamagishi Kazutoshi
2018-03-02Update omniauth-saml to 1.10 (#6587)Patrick Figel
Fixes CVE-2017-11428
2018-02-28Fix #942: Seamless LDAP login (#6556)Eugen Rochko
2018-02-26remove-uglifier (#6561)masarakki
2018-02-24Raise Mastodon::HostValidationError when host for HTTP request is private ↵Akihiko Odaki
(#6410)
2018-02-21Account archive download (#6460)Eugen Rochko
* Fix #201: Account archive download * Export actor and private key in the archive * Optimize BackupService - Add conversation to cached associations of status, because somehow it was forgotten and is source of N+1 queries - Explicitly call GC between batches of records being fetched (Model class allocations are the worst offender) - Stream media files into the tar in 1MB chunks (Do not allocate media file (up to 8MB) as string into memory) - Use #bytesize instead of #size to calculate file size for JSON (Fix FileOverflow error) - Segment media into subfolders by status ID because apparently GIF-to-MP4 media are all named "media.mp4" for some reason * Keep uniquely generated filename in Paperclip::GifTranscoder * Ensure dumped files do not overwrite each other by maintaing directory partitions * Give tar archives a good name * Add scheduler to remove week-old backups * Fix code style issue
2018-02-21Fix avatar and header issues by using custom geometry detector (#6515)Eugen Rochko
* Fix avatar and header issues by using custom geometry detector Revert a part of #6508. The file passed to dynamic styles method was not actually a file, but an instance of Paperclip::Attachment, which broke all styles by always returning {} from the method. One problem with GIF avatars was that Paperclip::GeometryDetector reported wrong dimensions for them, e.g. 120x120 GIF avatar would for some reason be detected as 120x53. By writing our own geometry parser, we can use FastImage, which also happens to be faster than ImageMagick, to detect image dimensions, which are also correct. Unfortunately, this PR does not implement skipping a `convert` entirely if the dimensions are already correct, as I found no easy way to write that behaviour into Paperclip without rewriting the Paperclip::Thumbnail class. * Only invoke convert if dimension or format needs to be changed
2018-02-16Save video metadata and improve video OpenGraph tags (#6481)Eugen Rochko
* Save metadata from video attachments, put correct dimensions into OG tags * Add twitter:player for videos * Fix code style and test
2018-02-11Interactive `rake mastodon:setup` task (#6451)Eugen Rochko
* Add better CLI prompt * Add rake mastodon:setup interactive wizard * Test db/redis/smtp configurations and add admin user at the end * Test database connection even when database does not exist yet
2018-02-09Full-text search for authorized statuses (#6423)Eugen Rochko
* Add full-text search for authorized statuses - Search API will return statuses that match the query - Only for logged in users - Only if you are author of the status, - Or you were mentioned in it - Or you favourited or reblogged it - Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX` - Run `rails chewy:deploy` to create & populate index Fix #5880 Fix #4293 Fix #1152 * Add commented out docker-compose configuration for ES container * Optimize index import, filter search results * Add basic normalization to the index * Add better stemming and normalization to the index * Skip webfinger request if search query includes both @ and a space * Fix code style * Visually separate search result sections * Fix code style issues
2018-02-04CAS + SAML authentication feature (#6425)Eugen Rochko
* Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales
2018-02-02pam authentication (#5303)Alexander
* add pam support, without extra column * bugfixes for pam login * document options * fix code style * fix codestyle * fix tests * don't call remember_me without password * fix codestyle * improve checks for pam usage (should fix tests) * fix remember_me part 1 * add remember_token column because :rememberable requires either a password or this column. * migrate db for remember_token * move pam_authentication to the right place, fix logic bug in edit.html.haml * fix tests * fix pam authentication, improve username lookup, add comment * valid? is sometimes not honored, return nil instead trying to authenticate with pam * update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests * update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user * codeconvention fixes * code convention fixes * fix idention * update dependency, explicit conflict check * fix disabled password updates if in pam mode * fix check password if password is present, fix templates * block registration if account is maintained by pam * Revert "block registration if account is maintained by pam" This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20. * fix identation error introduced by rebase * block usernames maintained by pam * document pam settings better * fix code style
2018-02-01Upgrade Paperclip > 5.2.1 (#6404)Rob Watson
Mitigation for CVE-2017-0889. https://www.cvedetails.com/cve/CVE-2017-0889/ https://medium.com/in-the-weeds/all-about-paperclips-cve-2017-0889-server-side-request-forgery-ssrf-vulnerability-8cb2b1c96fe8
2018-01-23Update goldfinger, ostatus2 and http.rb versions (#6337)Eugen Rochko
2018-01-21Redirect to 2FA creation page when otp_secret is not available (#6314)Aboobacker MK
2018-01-19Add support Ruby v2.5.0 (#6097)Yamagishi Kazutoshi
2018-01-16HTML e-mails for UserMailer (#6256)Eugen Rochko
- premailer gem to turn CSS into inline styles automatically - rework UserMailer templates - reword UserMailer templates