about summary refs log tree commit diff
path: root/Gemfile
AgeCommit message (Collapse)Author
2023-04-09Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `package.json`: Upstream removed a dependency that was textually close to a glitch-soc-only dependency. Removed the dependency as upstream did, while keeping the glitch-soc-only dependency.
2023-04-05Bump puma from 6.1.1 to 6.2.1 (#24402)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-05Bump capybara from 3.38.0 to 3.39.0 (#24395)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-05Bump aws-sdk-s3 from 1.119.2 to 1.120.0 (#24401)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-31Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream added a link to the roadmap, but we have a completely different README. Kept ours. - `app/models/media_attachment.rb`: Upstream upped media attachment limits. Updated the default according to upstream's. - `db/migrate/20180831171112_create_bookmarks.rb`: Upstream changed the migration compatibility level. Did so too. - `config/initializers/content_security_policy.rb`: Upstream refactored this file but we have a different version. Kept our version. - `app/controllers/settings/preferences_controller.rb`: Upstream completely refactored user settings storage, and glitch-soc has a different set of settings. The file does not directly references individual settings anymore. Applied upstream changes. - `app/lib/user_settings_decorator.rb`: Upstream completely refactored user settings storage, and glitch-soc has a different set of settings. The file got removed entirely. Removed it as well. - `app/models/user.rb`: Upstream completely refactored user settings storage, and glitch-soc has a different set of settings. References to individual settings have been removed from the file. Removed them as well. - `app/views/settings/preferences/appearance/show.html.haml`: Upstream completely refactored user settings storage, and glitch-soc has a different set of settings. Applied upstream's changes and ported ours back. - `app/views/settings/preferences/notifications/show.html.haml`: Upstream completely refactored user settings storage, and glitch-soc has a different set of settings. Applied upstream's changes and ported ours back. - `app/views/settings/preferences/other/show.html.haml`: Upstream completely refactored user settings storage, and glitch-soc has a different set of settings. Applied upstream's changes and ported ours back. - `config/settings.yml`: Upstream completely refactored user settings storage, and glitch-soc has a different set of settings. In particular, upstream removed user-specific and unused settings. Did the same in glitch-soc. - `spec/controllers/application_controller_spec.rb`: Conflicts due to glitch-soc's theming system. Mostly kept our version, as upstream messed up the tests.
2023-03-29Bump tzinfo-data from 1.2022.7 to 1.2023.2 (#24300)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27Update strong_migrations to version 0.8.0 (#24270)Matt Jankowski
2023-03-22Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/status.rb`: Upstream added lines close to a glitch-soc only line, not a real conflict. Applied upstream's changes (added hooks) while keeping glitch-soc's changes (`local_only` scope). - `config/environments/production.rb`: Upstream removed a header, while we have glitch-soc specific ones. Removed the header removed upstream.
2023-03-21Bump rack-cors from 1.1.1 to 2.0.1 (#24189)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-18Merge branch 'main' into glitch-soc/merge-upstreamClaire
2023-03-17Include config/ and update all rubcop deps (#23963)Nick Schonning
2023-03-16Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream changed their README, we have our own. Kept ours. - `app/helpers/application_helper.rb`: Minor code style fix upstream, on a line that is different in glitch-soc due to the different theming system. Applied the code style fix to our own code. - `app/views/settings/preferences/appearance/show.html.haml`: Code style fix on a line next to lines exclusive to glitch-soc. Applied upstream changes. - `yarn.lock`: Upstream updated a dependency textually close to a glitch-soc-only dependency. Updated the dependency like upstream did.
2023-03-16Remove `bullet` and `active_record_query_trace` gems (#24121)Eugen Rochko
2023-03-16Bump rack-test from 2.0.2 to 2.1.0 (#24112)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-15Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Upstream switched to pushing to both DockerHub and GitHub Container Repository, while glitch-soc was already pushing to the latter only. Updated our configuration to be slightly more consistent with upstream's naming and styling, but kept our behavior. - `Gemfile.lock`: Updated dependencies textually too close to glitch-soc only hcaptcha dependency. Updated dependencies as upstream did. - `README.md`: Upstream updated its README, but we have a completely different one. Kept our README, though it probably should be reworked at some point. - `app/views/auth/sessions/two_factor.html.haml`: Minor style fix upstream that's on a line glitch-soc removed because of its different theming system. Kept our file as is. - `spec/controllers/health_controller_spec.rb`: This file apparently did not exist upstream, upstream created it with different contents but it is functionally the same. Switched to upstream's version of the file. - `spec/presenters/instance_presenter_spec.rb`: Upstream changed the specs around `GITHUB_REPOSITORY`, while glitch-soc had its own code because it's a fork and does not have the same default source URL. Took upstream's change, but with glitch-soc's repo as the default case. - `yarn.lock`: Upstream dependencies textually too close to a glitch-soc only one. Updated dependencies as upstream did.
2023-03-15Setup haml-lint CI with todo config (#23524)Nick Schonning
2023-03-09Explicitly set github repo in instance presenter spec (#24036)Matt Jankowski
2023-03-08Bump omniauth_openid_connect from 0.6.0 to 0.6.1 (#23991)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-07Convert CircleCI to GitHub Actions (#23608)Nick Schonning
2023-03-06Remove pinned rexml (#23964)Nick Schonning
2023-03-05Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream README has been changed, but we have a completely different one. Kept our `README.md`. - `lib/sanitize_ext/sanitize_config.rb`: Upstream added support for more incoming HTML tags (a large subset of what glitch-soc accepts). Change the code style to match upstream's but otherwise do not change our code. - `spec/lib/sanitize_config_spec.rb`: Upstream added support for more incoming HTML tags (a large subset of what glitch-soc accepts). Kept our version, since the tests are mostly glitch-soc's, except for cases which are purposefuly different.
2023-03-03Remove pry gems (#23884)Nick Schonning
2023-03-03Remove climate_control gem (#23886)Nick Schonning
2023-03-02Merge branch 'main' into glitch-soc/merge-upstreamClaire
2023-03-02Update rspec-rails to version 6.0.1 (#23908)Matt Jankowski
2023-02-28[Dependashlee] Update to Puma 6.1.0 (#23795)Shlee
2023-02-25Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.prettierignore`: Upstream added a line at the end of the file, while glitch-soc had its own extra lines. Took upstream's change. - `CONTRIBUTING.md`: We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes. Ported upstream changes. - `app/controllers/application_controller.rb`: Upstream made code style changes in a method that is entirely replaced in glitch-soc. Ignored the change. - `app/models/account.rb`: Code style changes textually close to glitch-soc-specific changes. Ported upstream changes. - `lib/sanitize_ext/sanitize_config.rb`: Upstream code style changes. Ignored them.
2023-02-21Bump devise from 4.8.1 to 4.9.0 (#23691)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/dependabot.yml`: Upstream made changes while we have dropped this file. Keep the file deleted. - `.prettierignore`: Upstream made changes at the end of the file, where we had our extra lines. Just moved our extra lines back at the end. - `app/serializers/initial_state_serializer.rb`: Upstream code style changes. Applied them. - `app/services/backup_service.rb`: Upstream code style changes. Applied them.
2023-02-18Bump oj from 3.13.23 to 3.14.2 (#23560)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-17Bump webauthn from 2.5.2 to 3.0.0 (#23659)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-15Upgrade to Ruby 3.2 (#22928)Aaron Patterson
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-13Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.prettierignore`: Upstream added a line at the end, glitch-soc had extra entries at the end. Added upstream's new line before glitch-soc's. - `Gemfile.lock`: Upstream updated dependencies while glitch-soc has an extra one (hcaptcha). Updated dependencies like upstream did. - `app/controllers/api/v1/statuses_controller.rb`: Not a real conflict, upstream added a parameter (`allowed_mentions`) where glitch-soc already had an extra one (`content_type`). Added upstream's new parameter. - `app/javascript/styles/fonts/roboto-mono.scss`: A lot of lines were changed upstream due to code style changes, and a lot of those lines had path changes to accomodate glitch-soc's theming system. Applied upstream's style changes. - `app/javascript/styles/fonts/roboto.scss`: A lot of lines were changed upstream due to code style changes, and a lot of those lines had path changes to accomodate glitch-soc's theming system. Applied upstream's style changes.
2023-02-13Switch OpenID Connect gems (#23223)Stan Hu
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13Add dependency on net-http (#23571)Claire
2023-02-13Bump sidekiq-scheduler from 4.0.3 to 5.0.0 (#23212)dependabot[bot]
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13Replace hamlit-rails with haml-rails (#23542)Nick Schonning
2023-02-09Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Minor upstream change, our README is completely different. Kept ours. - `lib/tasks/assets.rake`: glitch-soc has extra code to deal with its theming system, upstream changed a line that exists in glitch-soc. Applied upstream changes.
2023-02-04Bump bootsnap from 1.15.0 to 1.16.0 (#23340)dependabot[bot]
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.15.0 to 1.16.0. - [Release notes](https://github.com/Shopify/bootsnap/releases) - [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md) - [Commits](https://github.com/Shopify/bootsnap/compare/v1.15.0...v1.16.0) --- updated-dependencies: - dependency-name: bootsnap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-03Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Upstream updated `docker/build-push-action`, and we a different config for `docker/metadata-action` so the lines directly above were different, but it's not a real conflict. Upgraded `docker/build-push-action` as upstream did. - `app/javascript/mastodon/features/compose/components/compose_form.js`: Upstream changed the codestyle near a line we had modified to accommodate configurable character count. Kept our change.
2023-02-01Bump redcarpet from 3.5.1 to 3.6.0 (#23339)dependabot[bot]
Bumps [redcarpet](https://github.com/vmg/redcarpet) from 3.5.1 to 3.6.0. - [Release notes](https://github.com/vmg/redcarpet/releases) - [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md) - [Commits](https://github.com/vmg/redcarpet/compare/v3.5.1...v3.6.0) --- updated-dependencies: - dependency-name: redcarpet dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01Bump aws-sdk-s3 from 1.118.0 to 1.119.0 (#23341)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.118.0 to 1.119.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01Bump simple_form from 5.1.0 to 5.2.0 (#23328)dependabot[bot]
Bumps [simple_form](https://github.com/heartcombo/simple_form) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/heartcombo/simple_form/releases) - [Changelog](https://github.com/heartcombo/simple_form/blob/main/CHANGELOG.md) - [Commits](https://github.com/heartcombo/simple_form/compare/v5.1.0...v5.2.0) --- updated-dependencies: - dependency-name: simple_form dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-31Bump gitlab-omniauth-openid-connect from 0.10.0 to 0.10.1 (#23241)dependabot[bot]
Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect) from 0.10.0 to 0.10.1. - [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags) - [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.10.0...v0.10.1) --- updated-dependencies: - dependency-name: gitlab-omniauth-openid-connect dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30Bump aws-sdk-s3 from 1.117.2 to 1.118.0 (#23202)dependabot[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.117.2 to 1.118.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-24Merge branch 'main' into glitch-soc/merge-upstreamClaire
2023-01-22fix(pghero): update because CVE-2023-22626 (#23190)Kaspar V
There is a vulnerability [CVE-2023-22626](https://github.com/advisories/GHSA-vf99-xw26-86g5) ``` Name: pghero Version: 2.8.3 CVE: CVE-2023-22626 GHSA: GHSA-vf99-xw26-86g5 Criticality: High URL: https://github.com/ankane/pghero/issues/439 Title: Information Disclosure Through EXPLAIN Feature Solution: upgrade to '>= 3.1.0' ```
2023-01-18Merge branch 'main' into glitch-soc/mergeClaire
2023-01-18Bump rack from 2.2.5 to 2.2.6.2 (#23142)dependabot[bot]
Bumps [rack](https://github.com/rack/rack) from 2.2.5 to 2.2.6.2. - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v2.2.5...v2.2.6.2) --- updated-dependencies: - dependency-name: rack dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-18Bump nokogiri from 1.13.10 to 1.14.0 (#23128)dependabot[bot]
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.10 to 1.14.0. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.10...v1.14.0) --- updated-dependencies: - dependency-name: nokogiri dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>