Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
(#13116)
`request.format` is not a symbol but a `Mime::Type`, so the condition actually
never matched, and a session was created even for those requests, preventing
caching.
|
|
form (#13088)
* Fix user agreement not being verified
* Fix tests
* Fix up agreement field being dismissed
|
|
Conflicts:
- `Gemfile`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `Gemfile.lock`:
We updated httplog in a separate commit.
Took upstream's change which updated it further.
- `app/lib/sanitize_config.rb`:
Upstream added better unsupported link stripping,
while we had different sanitizing configs.
Took only upstream's link stripping code.
- `config/locales/simple_form.pl.yml`:
Strings unused in glitch-soc had been removed from
glitch-soc, reintroduced them even if they are not
useful, to reduce the risk of later merge conflicts.
|
|
|
|
Fix OEmbed preview API leaking existence of private statuses (see #12930)
|
|
|
|
Instead of returning a signature verification error, pretend there
was no signature (i.e., this does not allow access to resources that
need a valid signature), so public resources can still be fetched
Fix #13011
|
|
|
|
* Change meaning of /api/v1/announcements/:id/dismiss to mark an announcement as read
* Change how unread announcements are counted in UI
* Add unread marker to announcements and mark announcements as unread as they are displayed
* Fixups
|
|
Conflicts:
- `app/serializers/rest/account_serializer.rb`:
Upstream added code too close to glitch-soc-specific followers-hiding code.
Ported upstream changes.
|
|
|
|
Change `all_day` to be a visual client-side cue only
Publish immediately if `scheduled_at` is in the past
Add `published_at` and `updated_at` to announcements JSON
|
|
Conflicts:
- `app/controllers/statuses_controller.rb`:
Minor conflict due to theming system
|
|
|
|
While making browser requests in the other sessions after a password
change or reset does not allow you to be logged in and correctly
invalidates the session making the request, sessions have API tokens
associated with them, which can still be used until that session
is invalidated.
This is a security issue for accounts that were already compromised
some other way because it makes it harder to throw out the hijacker.
|
|
Follow-up to #12927
|
|
* Add announcements
Fix #11006
* Add reactions to announcements
* Add admin UI for announcements
* Add unit tests
* Fix issues
- Add `with_dismissed` param to announcements API
- Fix end date not being formatted when time range is given
- Fix announcement delete causing reactions to send streaming updates
- Fix announcements container growing too wide and mascot too small
- Fix `all_day` being settable when no time range is given
- Change text "Update" to "Announcement"
* Fix scheduler unpublishing announcements before they are due
* Fix filter params not being passed to announcements filter
|
|
Allow browsing and filtering all relationships instead of just
followers, unify the codebase with the user-facing relationship
manager, add ability to see who the user invited
|
|
Conflicts:
- `app/javascript/packs/public.js`:
Upstream removed an unused function in code that has
been refactored a bit. Removed that function in the corresponding
places.
|
|
* Fix unused role routes being generated
* Remove unused JavaScript code
* Refactor filters code to be DRYer
* Fix `.count == 0` comparisons to `.empty?` in views
* Fix filters in views
|
|
Conflicts:
- `README.md`:
We have different README files. Discarded upstream changes.
- `app/views/layouts/admin.html.haml`:
Conflict due to glitch-soc theming system.
Adapted upstream changes.
- `app/views/layouts/embedded.html.haml`:
Conflict due to glitch-soc theming system.
Adapted upstream changes.
- `yarn.lock`:
No real conflict, glitch-specific dependency too close to
an updated one. Adapted upstream change.
|
|
|
|
Conflicts:
- `app/controllers/application_controller.rb`:
Conflict due to theming system.
- `app/controllers/oauth/authorizations_controller.rb`:
Conflict due to theming system.
|
|
Fix #3804, Fix #5776
|
|
|
|
|
|
* Hide blocked, muted, and blocked-by users from toot favourite lists
* Hide blocked, muted, and blocked-by users from toot reblog lists
* Hide blocked, muted, and blocked-by users from followers/following (API)
* Fix tests
* Hide blocked, muted, and blocked-by users from followers/following on public pages
|
|
network hidden (#12716)
Fix #12510
|
|
Those were used to show a “follow” or “unfollow” button on account grid on
public pages, but that got removed a while ago.
|
|
Fix #12255
|
|
Fix #12509
See also #12214
|
|
Conflicts:
- app/controllers/application_controller.rb
Minor conflict due to glitch-soc's theming system
|
|
|
|
Conflicts:
- package.json
Not really a conflict, caused by an additional dependency in glitch-soc.
- yarn.lock
Not really a conflict, caused by an additional dependency in glitch-soc.
|
|
Fix #12551
Fix #12547
|
|
* Add follow_request notification type
The notification type already existed in the backend but was never pushed
to the front-end. This also means translation strings were also available
for the backend, from the notification mailer.
Unlike other notification types, these are off by default, to match what
I remember of Gargron's view on the topic: that follow requests should not
clutter notifications and should instead be reviewed at the user's own
leisure in the dedicated column.
Since follow requests have their own column, I've deemed it unnecessary to
add a specific tab for them in the notification quick filter.
* Show follow request link in single-column if there are pending requests, even if account isn't locked
* Push follow requests from notifications to the follow_requests list
* Offer to accept or reject follow request from the notification
* Redesign follow request notification
|
|
|
|
* Add ability to filter reports by target account domain
* Reword by_target_domain label
|
|
|
|
|
|
Conflicts:
- README.md
discarded upstream changes
- app/controllers/api/v1/bookmarks_controller.rb
finally merged upstream, some code style fixes
and slightly changed pagination code
- app/controllers/application_controller.rb
changed upstream to always return HTML error pages
slight conflict caused by theming code
- app/models/bookmark.rb
finally merged upstream, no real conflict
- spec/controllers/api/v1/bookmarks_controller_spec.rb
finally merged upstream, slightly changed pagination code
|
|
* Support min_id-based pagination for bookmarks
* Fix spec
|
|
* make it not return http 400 when passing and empty source argument
* create a spec for the empty source hash bug
* compact checks for nil, empty? parameters
* use nil.blank? instead checking for nil
|
|
* Add backend support for bookmarks
Bookmarks behave like favourites, except they aren't shared with other
users and do not have an associated counter.
* Add spec for bookmark endpoints
* Add front-end support for bookmarks
* Introduce OAuth scopes for bookmarks
* Add bookmarks to archive takeout
* Fix migration
* Coding style fixes
* Fix rebase issue
* Update bookmarked_statuses to latest UI changes
* Update bookmark actions to properly reflect status changes in state
* Add bookmarks item to single-column layout
* Make active bookmarks red
|
|
|