Age | Commit message (Collapse) | Author |
|
* Fix reverse-proxy caching in public fetch mode
* Fix caching in ActivityPub-specific controllers
|
|
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
|
|
|
|
Conflicts:
- app/controllers/settings/preferences_controller.rb
- app/lib/user_settings_decorator.rb
- app/models/user.rb
- config/locales/simple_form.en.yml
|
|
|
|
Conflicts:
- app/controllers/statuses_controller.rb
- app/controllers/stream_entries_controller.rb
|
|
* Remove skip_session! as it is not supported in Rails 5
* Minor cleanup in StreamEntriesController
* Remove redundant mark_cacheable! calls
|
|
Conflicts:
- app/controllers/accounts_controller.rb
- app/controllers/follower_accounts_controller.rb
- app/controllers/statuses_controller.rb
All conflicts caused by the additional `use_pack` used for glitch-soc's theming
system.
|
|
Do not start a session if the current user is not logged in for public-facing pages.
Mark pages that don't care about sessions as publicly cacheable.
Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow.
Fixes #9035.
|
|
Conflicts:
- app/models/status.rb
Resolved by taking both changes (not a real conflict, just changes too close
to each other).
|
|
|
|
|
|
* Include preview cards in status entity in REST API
* Display preview card in-stream
* Improve in-stream display of preview cards
|
|
Conflicts:
app/controllers/oauth/authorizations_controller.rb
Just two changes being too close to one another.
Took both.
|
|
* Add force_login option to OAuth authorize page
For when a user needs to sign into an app from multiple accounts
on the same server
* When logging out from modal header, redirect back after re-login
|
|
Conflicts:
app/controllers/application_controller.rb
Changed instance theme selection by instance flavour selection.
|
|
* Allow moderators to disable/enable login
* Instead of rejecting login, show forbidden error when login disabled
Avoid confusion because when login is rejected, the message is that
the account is not activated, which is wrong.
* Fix tests
|
|
panel (#7092) (#8381)
* Add default_settings class method to ScopedSettings
ScopedSettings was extended to use value of unscoped setting instead of
only using defaults set in config/settings.yml for selected settings.
This adds possibility for admins to set default values of users' settings,
for example default theme (as requested in #7092).
* Add ability to change an instance default theme
Closes #7092
|
|
Conflicts:
config/routes.rb
Added the “endorsements” route from upstream.
|
|
* Unuse ActiveRecord::Base#cache_key
* Enable cache_versioning
* Call cache_collection
|
|
Conflicts:
config/locales/ca.yml
config/locales/nl.yml
config/locales/oc.yml
config/locales/pt-BR.yml
Resolved conflicts by removing upstream-specific changes
|
|
An error like that should not appear in production error log.
|
|
Conflicts:
app/controllers/invites_controller.rb
app/serializers/initial_state_serializer.rb
config/locales/ko.yml
|
|
|
|
|
|
Previously these returns 302 redirects instead of 403s, which meant posting links to admin pages in slack caused them to unfurl, rather than stay as a link. Additionally, require_admin! doesn't appear to be actively used, on require_staff!
|
|
Conflicts:
README.md
app/controllers/follower_accounts_controller.rb
app/controllers/following_accounts_controller.rb
app/serializers/rest/instance_serializer.rb
app/views/stream_entries/_simple_status.html.haml
config/locales/simple_form.ja.yml
|
|
|
|
# Conflicts:
# app/controllers/settings/exports_controller.rb
# app/models/media_attachment.rb
# app/models/status.rb
# app/views/about/show.html.haml
# docker_entrypoint.sh
# spec/views/about/show.html.haml_spec.rb
|
|
|
|
Conflicts:
app/javascript/styles/mastodon/components.scss
|
|
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Conflicts:
app/controllers/auth/confirmations_controller.rb
|
|
* Add GET /api/v1/instance/peers API to reveal known domains
* Add GET /api/v1/instance/activity API
* Make new APIs disableable, exclude private statuses from activity stats
* Fix code style issue
* Fix week timestamps
|
|
|
|
|
|
|
|
|
|
|
|
|