Age | Commit message (Collapse) | Author |
|
* Check that an invite link is valid before bypassing approval mode
Fixes #10656
* Add tests
* Only consider valid invite links in registration controller
* fixup
|
|
|
|
* compare usernames case-insensitively on new proof creation flow
* Fix code style issue
|
|
Fix sorting of the pending accounts page
|
|
|
|
* Add "why do you want to join" field to invite requests
Fix #10512
* Remove unused translations
* Fix broken registrations when no invite request text is submitted
|
|
|
|
|
|
* Revert "Fix filtering of favourited_by, reblogged_by, followers and following (#10447)"
This reverts commit 120544067fcca4bf6e71ba1ffb276c451c17c656.
* Revert "Hide blocking accounts from blocked users (#10442)"
This reverts commit 62bafa20a112ccdddaedb25723fc819dbbcd8e9a.
* Improve blocked view of profiles
- Change "You are blocked" to "Profile unavailable"
- Hide following/followers in API when blocked
- Disable follow button and show "Profile unavailable" on public profile as well
|
|
|
|
* Fix admin validation being too strict about usernames
Fix #10446
* Strip Setting.site_contact_username consistently throughout the codebase
|
|
|
|
* Revert "Add indication that you have been blocked in web UI (#10420)"
This reverts commit bd02ec6daa974dcd3231e73826a56e08dbeedadc.
* Revert "Add `blocked_by` relationship to the REST API (#10373)"
This reverts commit 9745de883b198375ba23f7fde879f6d75ce2df0f.
* Hide blocking accounts from search results
* Filter blocking accouts from account followers
* Filter blocking accouts from account's following accounts
* Filter blocking accounts from “reblogged by” and “favourited by” lists
* Remove blocking account from URL search
* Return 410 on trying to fetch user data from a user who blocked us
* Return 410 in /api/v1/account/statuses for suspended or blocking accounts
* Fix status filtering when performing URL search
* Restore some React improvements
Restore some cleanup from bd02ec6daa974dcd3231e73826a56e08dbeedadc
* Refactor by adding `without_blocking` scope
|
|
Fixes #10429
|
|
|
|
|
|
Red crosses implied that it was bad/unexpected that certain features
were not enabled. In reality, they are options, so showing a green
or grey power-off icon is more appropriate.
Add status of timeline preview as well
Fix sample accounts changing too frequently due to wrong query
Sample accounts are intended to be sorted by popularity
|
|
* Add validations to admin settings
- Validate correct HTML markup
- Validate presence of contact username & e-mail
- Validate that all usernames are valid
- Validate that enums have expected values
* Fix code style issue
* Fix tests
|
|
This will help a great deal with #9377 when a caching reverse proxy is
configured.
|
|
|
|
|
|
* create account_identity_proofs table
* add endpoint for keybase to check local proofs
* add async task to update validity and liveness of proofs from keybase
* first pass keybase proof CRUD
* second pass keybase proof creation
* clean up proof list and add badges
* add avatar url to keybase api
* Always highlight the “Identity Proofs” navigation item when interacting with proofs.
* Update translations.
* Add profile URL.
* Reorder proofs.
* Add proofs to bio.
* Update settings/identity_proofs front-end.
* Use `link_to`.
* Only encode query params if they exist.
URLs without params had a trailing `?`.
* Only show live proofs.
* change valid to active in proof list and update liveness before displaying
* minor fixes
* add keybase config at well-known path
* extremely naive feature flagging off the identity proof UI
* fixes for rubocop
* make identity proofs page resilient to potential keybase issues
* normalize i18n
* tweaks for brakeman
* remove two unused translations
* cleanup and add more localizations
* make keybase_contacts an admin setting
* fix ExternalProofService my_domain
* use Addressable::URI in identity proofs
* use active model serializer for keybase proof config
* more cleanup of keybase proof config
* rename proof is_valid and is_live to proof_valid and proof_live
* cleanup
* assorted tweaks for more robust communication with keybase
* Clean up
* Small fixes
* Display verified identity identically to verified links
* Clean up unused CSS
* Add caching for Keybase avatar URLs
* Remove keybase_contacts setting
|
|
Rename "abandoned" to "moved", and "active" to "primary"
|
|
Do not start a session if the current user is not logged in for public-facing pages.
Mark pages that don't care about sessions as publicly cacheable.
Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow.
Fixes #9035.
|
|
|
|
Use async worker for creating reblog notification to improve performance
|
|
|
|
Fix #6856
Fix #6951
|
|
|
|
|
|
Under load, multiple backups for a single user could be planned, which
is very expensive.
|
|
* Add polls
Fix #1629
* Add tests
* Fixes
* Change API for creating polls
* Use name instead of content for votes
* Remove poll validation for remote polls
* Add polls to public pages
* When updating the poll, update options just in case they were changed
* Fix public pages showing both poll and other media
|
|
|
|
|
|
* Add type, limit, offset, min_id, max_id, account_id to search API
Fix #8939
* Make the offset work on accounts and hashtags search as well
* Assure brakeman we are not doing mass assignment here
* Do not allow paginating unless a type is chosen
* Fix search query and index id field on statuses instead of created_at
|
|
|
|
Same as #8220 but for reports
|
|
|
|
Fix #8785
|
|
Fixes #9995
|
|
|
|
|
|
|
|
* Add hashtag filter to profiles
GET /@:username/tagged/:hashtag
GET /api/v1/accounts/:id/statuses?tagged=:hashtag
* Display featured hashtags on public profile
* Use separate model for featured tags
* Update featured hashtag counters on-write
* Limit featured tags to 10
|
|
* Make storing and displaying application used to toot opt-in
* Revert to storing application info, and display it to the author via API
|
|
|
|
|
|
|
|
|
|
* Refactor signature verification a bit
* Rescue signature verification if recorded public key is invalid
Fixes #8822
* Always re-fetch AP signing key when HTTP Signature verification fails
But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.
* Apply stoplight to key/account update as well as initial key retrieval
|