| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Use Rails smart boolean cast to account for values such as "f",
"0", "false", etc. Previously, if a param was present in the request,
it would count as true.
|
|
|
|
* Fix #2176: Federated reports
* UI for federated reports
* Add spec for ActivityPub Flag handler
* Add spec for ReportService
|
|
- Add follow/unfollow/remote follow buttons
- Format the bio properly
- Always show username@domain, even for local accounts
|
|
* Fix prev/next links on public profile page
* Don't make pagination urls if no available statuses
* Fix empty check method
* Put left chevron before prev page link
* Add scope for pagination "starting at" a given id
* Status pagination try 2:
s/prev/older and s/next/newer
"older" on left, "newer" on right
Use new scope for "newer" link
Extract magic 20 page size to constant
Remove max_id from feed pagination as it's not respected
* Reinstate max_id for accounts atom stream
* normalize
|
|
strategies) (#6540)
|
|
* Redesign landing page (again)
* Move login form in small version to the right column
* Display closed registrations message
* Add site setting for the hero image
* Fix test
* Increase spacing, maximum width, change call to action section
|
|
|
|
* Add focus param to media API, center thumbnails on focus point
* Add UI for setting a focal point
* Improve focal point icon on upload item
* Use focal point in upload preview
* Add focalPoint property to ActivityPub
* Don't show focal point button for non-image attachments
|
|
It was merge when it needed to be deep_merge. And added some tests
|
|
* Fix #201: Account archive download
* Export actor and private key in the archive
* Optimize BackupService
- Add conversation to cached associations of status, because
somehow it was forgotten and is source of N+1 queries
- Explicitly call GC between batches of records being fetched
(Model class allocations are the worst offender)
- Stream media files into the tar in 1MB chunks
(Do not allocate media file (up to 8MB) as string into memory)
- Use #bytesize instead of #size to calculate file size for JSON
(Fix FileOverflow error)
- Segment media into subfolders by status ID because apparently
GIF-to-MP4 media are all named "media.mp4" for some reason
* Keep uniquely generated filename in Paperclip::GifTranscoder
* Ensure dumped files do not overwrite each other by maintaing directory partitions
* Give tar archives a good name
* Add scheduler to remove week-old backups
* Fix code style issue
|
|
|
|
* Save metadata from video attachments, put correct dimensions into OG tags
* Add twitter:player for videos
* Fix code style and test
|
|
|
|
|
|
|
|
* Add option to show only local toots in timeline preview
Right know, toots from all the known fediverse are shown in the main
page of an instance. That however doesn't reflect the instance itself.
With this option the admin may choose to display only local toots so
that users checking the instance get a better idea of internal
conversations.
* Fix issues pointed by codeclimate and eslint
* Add default message for community timeline
* Update pl.yml
|
|
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
|
|
|
|
signatures (#6225)
|
|
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
|
|
UserTrackingConcern is circumvented by SessionsController#create
because it calls warden, which calls the User#update_tracked_fields!
method directly. Move returning user logic to that method.
|
|
The service used to be named ResolveRemoteAccountService resolves local
accounts as well.
|
|
|
|
* Fix regeneration key not getting expired
* Add rake task to remove old regeneration markers
|
|
* Fix regeneration marker not being removed after completion
* Return HTTP 206 from /api/v1/timelines/home if regeneration in progress
Prioritize RegenerationWorker by putting it into default queue
* Display loading indicator and poll home timeline while it regenerates
* Add graphic to regeneration message
* Make "not found" indicator consistent with home regeneration
|
|
* web share target
* fix
* fix
|
|
CSRF token checking was enabled for API controllers in #6223,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.
This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
|
|
Also adds the ability to decouple the centralized axios logic from the
state dispatcher
|
|
|
|
|
|
|
|
Fixes #6197.
|
|
|
|
|
|
* Allow to dereference Follow object for ActivityPub
* Accept IRI as object representation for Accept activity
|
|
* Allow HTTP caching of json view of public statuses
HTML views are not cached as they can contain private statuses as well
* Disable session cookies for ActivityPub json rendering of public toots
|
|
* Add confirmation step for email changes
This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.
Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.
Fixes #3871
* Add review fixes
|
|
|
|
(#6114)
|
|
* Add GET /api/v1/instance/peers API to reveal known domains
* Add GET /api/v1/instance/activity API
* Make new APIs disableable, exclude private statuses from activity stats
* Fix code style issue
* Fix week timestamps
|
|
* Make host_meta/webfinger replies cacheable (fixes #6100)
Drop common code for handling users and sessions as webfinger queries
are very basic, public APIs.
Also explicitly mark results as cacheable with “expires_in”.
* Add “Vary: Accept” header for caching since content-negociation is used
|
|
|
|
|
|
* Add staff filter to admin UI for accounts, remove obsolete columns
* Only display OStatus section in admin UI for accounts when OStatus data
|
|
|
|
|
|
|
|
* Fix #668 - Rate limit by user instead of IP when API user is authenticated
* Fix code style issue
* Use request decorator provided by Doorkeeper
|
