Age | Commit message (Collapse) | Author |
|
Port dac3e362fd5c3d1be9e5d89149049a7eb2c6bbc4 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port 63770d3aac1611155213e4c903424849cc254519 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port bec8b12bb52a57b54b66899b2650a5611d9bd561 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
locked accounts
Port 82951920f7321fefbdf0628cbb70f2f490f7b716 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Conflicts:
- `.github/dependabot.yml`:
Updated upstream, we deleted it to not be flooded by Depandabot.
Kept deleted.
- `Gemfile.lock`:
Puma updated on both sides, went for the most recent version.
- `app/controllers/api/v1/mutes_controller.rb`:
Upstream updated the serializer to support timed mutes, while
glitch-soc added a custom API ages ago to get information that
is already available elsewhere.
Dropped the glitch-soc-specific API, went with upstream changes.
- `app/javascript/core/admin.js`:
Conflict due to changing how assets are loaded. Went with upstream.
- `app/javascript/packs/public.js`:
Conflict due to changing how assets are loaded. Went with upstream.
- `app/models/mute.rb`:
🤷
- `app/models/user.rb`:
New user setting added upstream while we have glitch-soc-specific
user settings. Added upstream's user setting.
- `config/settings.yml`:
Upstream added a new user setting close to a user setting we had
changed the defaults for. Added the new upstream setting.
- `package.json`:
Upstream dependency updated “too close” to a glitch-soc-specific
dependency. No real conflict. Updated the dependency.
|
|
* Add support for followers synchronization on the receiving end
Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.
* Add tests for followers synchronization on the receiving end
* Add support for follower synchronization on the sender's end
* Add tests for the sending end
* Switch from AS attributes to HTTP header
Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
receiving instance (where “receiving instance” is determined by accounts
sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor
Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.
* Add environment variable to disable followers synchronization
Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.
The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
netloc as a managed account must be managed by the same Mastodon instance
as well.
As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.
Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.
* Only set follower synchronization header on non-public statuses
This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)
* Change how ActivityPub::SynchronizeFollowersService handles follow requests
If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.
* Integrate review feeback
- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes
* Only select required fields when computing followers_hash
* Use actor URI rather than webfinger domain in synchronization endpoint
* Change hash computation to be a XOR of individual hashes
Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.
* Marginally improve followers_hash computation speed
* Further improve hash computation performances by using pluck_each
|
|
* Removed disabling comments for Style/MethodMissingSuper
* Update rubocop for codeclimate
|
|
glitch-soc-specific translation to 'es' language
|
|
This PR updates the `valid_url` regex and sanitizer allowlist to provide
support for Gemini urls.
Closes #14991
|
|
|
|
|
|
Add missing controls for new notification type
|
|
|
|
|
|
* Change how CDN_HOST is passed down to make assets build reproducible
* Change webpacker/webpack configuration to dynamically load publicPath based on meta header
* Fix embedded layout missing the cdn-host meta header
|
|
* Adding duration to muting.
* Remove useless checks
|
|
* Add notification permission handling code
* Request notification permission when enabling any notification setting
* Add badge to notification settings when permissions insufficient
* Disable alerts by default, requesting permission and enable them on onboarding
|
|
|
|
|
|
|
|
|
|
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.
Fix #14091
|
|
Fixes #14862
This used to be the case until #13987, which introduced a hotkey to toggle
the Content Warning field.
Unfortunately, MacOS relies on the “alt” key for many things, including
composing text (see #14862), therefore, even if that makes the CW toggle
hotkey significantly less useful, it makes sense to not interfere with
composing toots.
|
|
|
|
|
|
* Fix mark as read in notifications to be saved immediately
* fix code style
|
|
Fixes #14900
|
|
Fixes #13882
|
|
|
|
|
|
accounts (#14896)
|
|
|
|
|
|
UI (#14803)
Port bbcbf12215a5ec69362a769c1bae9c630eda0ed4 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
|
|
Port b67caf9be48294bef290eea69e90d98223fcf3eb to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port 974b1b79ce58e6799e5e5bb576e630ca783150de to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port front-end changes from 6d59dfa15d873da75c731b79367ab6b3d1b2f5a5 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port fcb9350ff8cdc83388f75de6b031410df8aa8a56 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port eaea2311aaaf030e4a2f5d03be6131d0716fdaf7 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port aab867b0e8119ecee78dabe8007f3c033e734b6d to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Port 91eecd1b3c95807be00535b58ebfd85e549d77e0 to glitch-soc
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
|
|
Conflicts:
- `Gemfile.lock`:
Not a real conflict, upstream updated dependencies that were too close to
glitch-soc-only ones in the file.
- `app/controllers/oauth/authorized_applications_controller.rb`:
Upstream changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's theming system.
Ported upstream changes.
- `app/controllers/settings/base_controller.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's theming system.
Ported upstream changes.
- `app/controllers/settings/sessions_controller.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's theming system.
Ported upstream changes.
- `app/models/user.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc not preventing moved accounts from logging
in.
Ported upstream changes while keeping the ability for moved accounts to log
in.
- `app/policies/status_policy.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's local-only toots.
Ported upstream changes.
- `app/serializers/rest/account_serializer.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's ability to hide followers count.
Ported upstream changes.
- `app/services/process_mentions_service.rb`:
Upstream refactored and changed the logic surrounding suspended accounts.
Minor conflict due to glitch-soc's local-only toots.
Ported upstream changes.
- `package.json`:
Not a real conflict, upstream updated dependencies that were too close to
glitch-soc-only ones in the file.
|
|
Fix #11160
|
|
|
|
* Add unread notification markers
Fixes #14804
* Allow IntersectionObserverArticle's children to be updated
|
|
|
|
* Fix a slow query for TagFeed
* rename tags to tag_ids
|
|
|
|
|