Age | Commit message (Collapse) | Author |
|
|
|
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.
This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
|
|
|
|
|
|
The exports page showed a different "CSV" capitalisation in the
"Bookmarks" row ("Csv") compared to the other rows ("CSV").
This was due to a referece to a translation string that does not exist,
`bookmarks.csv`, defaulting to the key's last segment in title case.
This issue was introduced in commit dcd86204 (PR #14956).
(h/t @meqif for helping with figuring out the bug)
|
|
(#15858)
Fixes #15849
|
|
Conflicts:
- `app/validators/status_length_validator.rb`:
Conflict due to glitch-soc's configurable maximum toot chars.
Ported upstream changes.
|
|
|
|
Conflicts:
- `app/validators/status_length_validator.rb`:
Upstream changes too close to glitch-soc MAX_CHARS changes, but not a real
conflict.
Applied upstream changes.
- `package.json`:
glitch-soc-only dependency textually too close to a dependency updated
upstream, not a real conflict.
Applied upstream changes.
|
|
|
|
set (#15778)
|
|
|
|
|
|
Conflicts:
- `app/javascript/styles/mastodon/modal.scss`:
For some reason we changed the file loading path in glitch-soc,
but now upstream has completely changed how the logo is loaded.
Applied upstream changes.
|
|
* Use custom mascot on static share page
* Use full_asset_url
|
|
|
|
- marks the page as a whole as untranslatable
- still marks user text as translatable
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
Conflicts:
- `config/webpack/configuration.js`:
Upstream updated the `js-yaml` dependency, which changed how to call it.
Those changes conflicted because that code is pretty different in glitch-soc
which has to deal with its more complex theming system.
Proceeded to the same compatibility changes in glitch-soc's code.
- `package.json` and `yarn.lock`:
Not really a conflict, just glitch-soc-specific dependencies textually too
close to some dependencies updated upstream.
|
|
|
|
Conflicts:
- `app/services/resolve_url_service.rb`:
The private toot search by URL hack has been revamped upstream.
Took upstream's version.
|
|
admin UI (#15367)
|
|
- Replace the middle of the domain with * characters (except for periods)
- Add SHA-256 digest of the domain name in tooltip
|
|
* Fix admin being able to suspend their own instance account
* Add text about the instance's own actor in admin view
* Change instance actor notice from flash message to template
* Do not list local instance actor in account moderation list
|
|
Conflicts:
- `app/models/form/admin_settings.rb`:
New setting added upstream. Ported it.
- `app/views/statuses/_simple_status.html.haml`:
Upstream removed RTL classes. Did the same.
- `config/settings.yml`:
New setting added upstream. Ported it.
|
|
|
|
* feat: display `invite_request_text` in admin's user account page
* fix: move invite_request to the bottom of accounts page
* fix: remove time display, remove formate, change code terminology
* fix: remove escape
|
|
* Add indication to admin UI of whether a report has been forwarded
* Rework how forwarded status is displayed
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
Fixes #15273
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
- Reduce duplicate queries
- Remove n+1 queries
- Add accounts count to detailed view
- Add separate action log entry for updating existing domain blocks
|
|
|
|
Conflicts:
- `app/controllers/about_controller.rb`:
Minor conflict caused by glitch-soc's theming system.
Ported upstream changes.
|
|
* Add honeypot fields to limit non-specialized spam
Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.
This should cut down on some non-Mastodon-specific spambots.
* Require a 3 seconds delay before submitting the registration form
* Fix tests
* Move registration form time check to model validation
* Give people a chance to clear the honeypot fields
* Refactor honeypot translation strings
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
Conflicts:
- `app/services/remove_status_service.rb`:
Conflict caused by us having a distinc Direct timeline.
Ported upstream changes.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
Conflict between glitch-soc's variable character limit and upstream
refactoring that part of the code.
Ported upstream changes.
|
|
Fixes #15262
|
|
|
|
Conflicts:
- `.github/ISSUE_TEMPLATE/bug_report.md`:
Upstream added the `bug` label to bug reports.
Did the same.
- `app/services/fan_out_on_write_service.rb`:
Upstream put DMs back into timelines, glitch-soc was already doing it.
Ignored upstream changes.
|
|
* Add ability to export bookmarks
* Add support for importing bookmarks
* Add bookmark import tests
* Add bookmarks export test
|
|
Conflicts:
- `app/controllers/relationships_controller.rb`:
Upstream changed a line too close to a glitch-soc only line related to
glitch-soc's theming system.
Applied upstream changes accordingly.
|
|
* Add interrelationship icon
* Fix arrow for rtl
* Fix to predefined color
|
|
* Add follow selected followers button
* Fix unused variable
* Fix i18n normalize
|
|
|
|
Fix #2744
|
|
public pages (#15052)
|
|
* Add account sensitized
* Fix i18n normalize
* Fix description and spec
* Fix spec
* Fix wording
|
|
|
|
It was broken due to discrepancies between upstream and glitch-soc's
theming system.
|
|
- Makes permalink to a toot more easily clickable
- Fix clicking between icon and time in fact clicking the display name
- Fix clicking slightly under time in fact clicking the display name
|
|
Conflicts:
- `.github/dependabot.yml`:
Updated upstream, we deleted it to not be flooded by Depandabot.
Kept deleted.
- `Gemfile.lock`:
Puma updated on both sides, went for the most recent version.
- `app/controllers/api/v1/mutes_controller.rb`:
Upstream updated the serializer to support timed mutes, while
glitch-soc added a custom API ages ago to get information that
is already available elsewhere.
Dropped the glitch-soc-specific API, went with upstream changes.
- `app/javascript/core/admin.js`:
Conflict due to changing how assets are loaded. Went with upstream.
- `app/javascript/packs/public.js`:
Conflict due to changing how assets are loaded. Went with upstream.
- `app/models/mute.rb`:
🤷
- `app/models/user.rb`:
New user setting added upstream while we have glitch-soc-specific
user settings. Added upstream's user setting.
- `config/settings.yml`:
Upstream added a new user setting close to a user setting we had
changed the defaults for. Added the new upstream setting.
- `package.json`:
Upstream dependency updated “too close” to a glitch-soc-specific
dependency. No real conflict. Updated the dependency.
|
|
* Change how CDN_HOST is passed down to make assets build reproducible
* Change webpacker/webpack configuration to dynamically load publicPath based on meta header
* Fix embedded layout missing the cdn-host meta header
|
|
|