Age | Commit message (Collapse) | Author |
|
* Use Regex#match?
* Replace =~ too
* Avoid to call match? from Nil
* Keep value of Regexp.last_match
|
|
* Optimize map { ... }.compact
using Enumerable#filter_map, supported since Ruby 2.7
* Add poyfill for Enumerable#filter_map
|
|
|
|
* Add honeypot fields to limit non-specialized spam
Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.
This should cut down on some non-Mastodon-specific spambots.
* Require a 3 seconds delay before submitting the registration form
* Fix tests
* Move registration form time check to model validation
* Give people a chance to clear the honeypot fields
* Refactor honeypot translation strings
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
* Increase DNS timeout from 1 second to 5 seconds for MX check
1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.
* Add more precise error messages for invalid e-mail addresses
|
|
|
|
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
|
|
* Search account domain in lowercase
* fix rubocop error
* fix spec/models/account_spec.rb
|
|
|
|
|
|
* Add announcements
Fix #11006
* Add reactions to announcements
* Add admin UI for announcements
* Add unit tests
* Fix issues
- Add `with_dismissed` param to announcements API
- Fix end date not being formatted when time range is given
- Fix announcement delete causing reactions to send streaming updates
- Fix announcements container growing too wide and mascot too small
- Fix `all_day` being settable when no time range is given
- Change text "Update" to "Announcement"
* Fix scheduler unpublishing announcements before they are due
* Fix filter params not being passed to announcements filter
|
|
* Fix invalid votes from the API being accepted
Fixes #12556
- Ensure `choice` is an integer instead of silently converting to 0
- Ensure `choice` corresponds to an actual choice of the poll
* Please CodeClimate
|
|
|
|
|
|
Fix #7629
|
|
Fix #271
Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.
When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.
The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.
The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`
|
|
* Check to make sure usernames with '.' cannot be created
* Add test for instance actor account name conflicts
This makes sure that migration 20190715164535_add_instance_actor
won't fail if there's already an account that is named the same
as the domain (minus the .)
* Put the test into the correct context...
* Add another test to split this into two validations
* Don't delete periods when validating username uniqueness (#11392)
The 20190715164535_add_instance_actor migration fails if there's
already a username similar to the domain name, e.g. if you are
'vulpine.club' and have a user named 'vulpineclub', validation
fails.
Upon further review, usernames with periods are dropped by the
regular expression in the Account class, so we don't need to
worry about it here.
Fixes #11392
|
|
(#10791)
|
|
* Change e-mail whitelist/blacklist to not be checked when invited
And only when creating an account, not when updating it later
Fix #10648
* Fix test
|
|
|
|
* Add spec of PollValidator for #10190
* Raise fraction less than 1 second
* format
* simplify time initialize
|
|
* Fix admin validation being too strict about usernames
Fix #10446
* Strip Setting.site_contact_username consistently throughout the codebase
|
|
* Fix HTML validation
* Report first HTML error instead on validation error
|
|
* Add validations to admin settings
- Validate correct HTML markup
- Validate presence of contact username & e-mail
- Validate that all usernames are valid
- Validate that enums have expected values
* Fix code style issue
* Fix tests
|
|
- Fix missing interpolation argument in PollValidator
- Fix PollValidator rejecting exact allowed min/max durations
|
|
|
|
|
|
* Add polls
Fix #1629
* Add tests
* Fixes
* Change API for creating polls
* Use name instead of content for votes
* Remove poll validation for remote polls
* Add polls to public pages
* When updating the poll, update options just in case they were changed
* Fix public pages showing both poll and other media
|
|
* Add support for IPv6 only MXes
* Fixed email validator tests
|
|
Fix #4419
|
|
* Add specs for UnreservedUsernameValidator
* Use instance variable
|
|
* Add specs for BlackListedEmailValidator
* Use instance variable
|
|
In order to implement tests easier, `#select_tags` created.
|
|
* Add pending specs of StatusLengthValidator
* Use instance variable
|
|
|
|
* Fix follow limit validator reporting lower number past threshold
* Avoid floating point follow limit
|
|
Configurable soft limit of 7,500, and above that, configurable
ratio of 1.1 * followers, controlled by:
- MAX_FOLLOWS_THRESHOLD
- MAX_FOLLOWS_RATIO
Fix #2311
|
|
|
|
Fix #7831
|
|
|
|
Original patch by @j-a4
|
|
(#7176)
The goal here isn't to prevent these hashtags from existing, but just to strongly curtail their usage; The hashtags may still exist in the database via federated status, or from being created prior to this feature.
|
|
Sidekiq sometimes throws errors for users that have more pinned items
than the allowed by the local instance. It should only validate the
number of pins for local accounts.
|
|
Comparison was downcasing only one side, therefore if previously
existing account had a non-lowercase spelling, it would be ignored
when checking for duplicates.
New rake task `mastodon:maintenance:find_duplicate_usernames` will
help find constraint violations that might have occured from the
presence of this bug.
Bump version to 2.3.3
|
|
* Permit dots in usernames with conditions
- Dot cannot be the start or end of username
- a.lice and al.ice are considered the same during sign-up
* Fix regex mixin flags
|
|
|
|
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
|
|
|
|
* Implement BlacklistedEmailDomain
* Use Faker::Internet.domain_name
* Remove note column
* Add frozen_string_literal comment
* Delete unnecessary codes
* Sort alphabetically
* Change of wording
* Rename BlacklistedEmailDomain to EmailDomainBlock
|
|
|