Age | Commit message (Collapse) | Author |
|
(#19257)
|
|
|
|
|
|
* Add customizable user roles
* Various fixes and improvements
* Add migration for old settings and fix tootctl role management
|
|
Works around https://bugs.chromium.org/p/chromium/issues/detail?id=258029
|
|
- Add rake task for generating Apple/Android icons and favicons from SVG
- Add rake task for generating PNG icons and logos for e-mails from SVG
- Remove obsolete Microsoft icons and configuration
- Remove PWA shortcut icons
|
|
* Add administrative webhooks
* Fix error when webhook is deleted before delivery worker runs
|
|
* Change authorized applications page
* Hide revoke button for superapps and suspended accounts
* Clean up db/schema.rb
|
|
Fix #17482
|
|
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes #15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
|
|
|
|
In Rails 6.1, raw file inclusion in templates have to be explicitly marked as
HTML-safe, otherwise it's rendered as text.
|
|
|
|
* Use custom mascot on static share page
* Use full_asset_url
|
|
Fix #2744
|
|
* Change how CDN_HOST is passed down to make assets build reproducible
* Change webpacker/webpack configuration to dynamically load publicPath based on meta header
* Fix embedded layout missing the cdn-host meta header
|
|
* Enable nonces for stylesheets
* Pass nonce to react-select
|
|
* Make sure wicg-inert doesn't rely on inline CSS
* Remove unsafe-inline from style-src
|
|
* Move some inline styles to CSS files
* Move default_account_display_name span to fix useless tags with duplicate id
* Change handling of public pages spoiler text from inline CSS to dataset attribute
* Use the `dir` HTML attribute instead of inline CSS
* Move status action bar inline CSS to CSS file
* Hide logo resources from CSS file, not inline CSS
Fixes #11601
* Move translation prompt styling from inline CSS to CSS file
* Move “invited by” styling on registration form from inline to CSS file
* Use the progress tag to display poll results in JS fallback
* Fix poll results JS-less fallback when the user has voted for an option
* Change account public page “moved” notice to use img tags instead of inline CSS
* Move OTP hint inline CSS to SCSS file
* Hide JS-less fallback vote progressbars from accessibility tools
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
|
|
Co-authored-by: koyu <me@koyu.spac>
|
|
Also:
- Fix Mastodon logo not showing up in status embeds
- Fix blurhash not being used in status embeds
- Fix blurhash not being used in admin UI
- Fix autoplay param not working correctly on status embeds
|
|
Current name - page_heading_actions is long and hard to remember,
this commit shortens it to just heading_actions, which is way more
easier to remember and write, it's logical too.
|
|
* Move resolved button to the heading
This is one of the commits on improving overall reports page structure.
It changes where resolved button is located, moving it to the heading,
right next to the "Report #n" header, so-called "hot-place" to look at.
To accomplish this we have to declare one more content variable, change
admin dashboard template to respect it and CSS files for minor styling,
so buttons are inlined and centrally aligned according to the heading.
* Move actions buttons below the report table
I believe that actions to react on report should not be located at the
top of the page, instead they should be either after the table or
reporter's comment. This is just a logical sign that you should not
react to the report without reading all the details first.
|
|
Hide navigation behind hamburger icon on small screens in admin layout
|
|
|
|
|
|
* Change full logo to use primary text color of the given theme
* Fix colors of public layout header in light theme
|
|
|
|
|
|
Bumps [webpacker](https://github.com/rails/webpacker) from 3.5.5 to 4.0.2.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v3.5.5...v4.0.2)
Signed-off-by: dependabot[bot] <support@dependabot.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
|
|
Fix #6856
Fix #6951
|
|
|
|
Fix #6060
|
|
* Remove "most popular" tab from profile directory, add responsive design
* Remove unused translations
|
|
* Add instance-wide setting to disable profile directory
Fixes #9496
When the profile directory is disabled:
- The “discoverable” setting is hidden from users
- The “profile directory” link is not shown on public pages
- /explore returns 404
* Move Setting.profile_directory check to a before_action filter
|
|
Fix #5578
|
|
|
|
Regression from #8942
|
|
|
|
* Change documentation URL
* Fix hardcoded documentation URL in locales
|
|
* Revert "Fix some icon names changed by the Font Awesome 5. (#8796)"
This reverts commit 3f9ec3de82c1a3879a2b092672f51c1caca76f5c.
* Revert "Migrate to font-awesome 5.0. (#8799)"
This reverts commit 8bae14591bfb4fc9dd9d89d8082ac0123b03edaa.
* Revert "Fix some icons names, unavailable in fontawesome5 (free license). (#8792)"
This reverts commit b9c727a945fea5afffb3e3a53279164adfc6e88f.
* Revert "Update the icon name changed by the Font Awesome 5. (#8776)"
This reverts commit 17af4d27da484fc35ecd4b4dce2443d24aa35d23.
* Revert "Add bot icon to bot avatars and migrate to newer version of Font Awesome (#8484)"
This reverts commit 4b794e134d427dbc716606324adb9a885a74abec.
|
|
|
|
* Add force_login option to OAuth authorize page
For when a user needs to sign into an app from multiple accounts
on the same server
* When logging out from modal header, redirect back after re-login
|
|
Add forgotten custom CSS admin setting strings
|
|
Fix #3894
|
|
Fix #8393
|
|
Fix #8269
|
|
* Add remote interaction dialog for toots
* Change AuthorizeFollow into AuthorizeInteraction, support statuses
* Update brakeman.ignore
* Adjust how interaction buttons are display on public pages
* Fix tests
|
|
|
|
|