Age | Commit message (Collapse) | Author |
|
(#16819)
* Fix media attachment size validation not correctly accounting for file type
Fixes a regression introduced in #16724 caused by the fact that kt-paperclip
now correctly runs validations before processing, meaning that file size
verification could not rely on our before_post_processing hook.
Moved the `before_post_processing` hooks to `before_validate` to make sure
the media attachment type is set correctly before the file gets validated.
* Add tests
|
|
* Make focus visible on switches and text buttons in columns settings
* Make hover/focus visible on left/right arrows in columns settings
Use same style as for station action bar (reply/boost/fav/etc.)
* Tab first to “Pin/Unpin” before left/right arrows in columns settings
|
|
|
|
|
|
* Add tests
* Fix webauthn secure key authentication
Fixes #16769
|
|
|
|
Conflicts:
- `app/models/custom_emoji.rb`:
Slight refactor upstream, next to a line that was different in glitch-soc
because of our local configurable limits on custom emoji size.
Ported upstream changes.
- `yarn.lock`:
Not really a conflict, upstream dependency textually too close to a
glitch-soc-only dependency.
Updated upstream dependency as upstream.
|
|
* Switch from unmaintained paperclip to kt-paperclip
* Drop some compatibility monkey-patches not required by kt-paperclip
* Drop media spoof check monkey-patching
It's broken with kt-paperclip and hopefully it won't be needed anymore
* Fix regression introduced by paperclip 6.1.0
* Do not rely on pathname to call FastImage
* Add test for ogg vorbis file with cover art
* Add audio/vorbis to the accepted content-types
This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…
* Restore missing for_as_default method
* Refactor Attachmentable concern and delay Paperclip's content-type spoof check
Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.
* Please CodeClimate
* Add audio/vorbis to the unreliable set
It doesn't correspond to a file format and thus has no extension associated.
|
|
|
|
Port 6b19e1e632491117bb1d3458fff31cd353b761b7 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port 11502ae46e4813bc23aeb5d03093a01d53991ab8 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
* Fix incorrect use of old WebUI paths
PR #16171 renamed some routes but missed some occurrences.
Without #16772, this leads to unreachable routes in those cases.
* Fix floating action button being displayed on statuses and compose screen
|
|
* Add aliases for some WebUI routes that were renamed in #16171
Accounts and statuses routes need more work as they use different parameters.
* Add aliases for /statuses/* routes
* Add aliases for /accounts/* WebUI routes
Does not correctly set the “active” state on the navigation tabs but this is
a minor issue.
* Fix some routes
* Fix /accounts/:id/{media,followers,following} not loading on legacy routes
|
|
Port 52e5c07948c4c91b73062846e1f19ea278ec0e24 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Conflicts:
- `streaming/index.js`:
Filtering code for streaming notifications has been refactored upstream, but
glitch-soc had similar code for local-only toots in the same places.
Ported upstream changes, but did not refactor local-only filtering.
|
|
Eliminate need to have custom notifications filtering logic in the
streaming API code by publishing notifications into a separate stream
and then simply using the multi-stream capability to subscribe to that
stream when necessary
|
|
|
|
|
|
(#16744)
Follow-up to #16510, forgot the controller exposing the actual followers…
|
|
|
|
* Stop setting a shortcode to newly-created media attachments
The WebUI has stopped using the “short media URL” in ages. This isn't used
anywhere except for mail notifications.
Deprecating it would allow us to eventually get rid of at least a database
column and corruption-prone index, as well as a controller.
* Fix tests
|
|
|
|
Use relative path for `scope` in web manifest to allow users use PWA correctly via alternate domains.
|
|
Fixes #16699
|
|
|
|
Fixes #1595
|
|
|
|
Fixes #16602
|
|
Port 79341d0f5f3eb2d90f5ea954f4037120f7189cec to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
|
|
(#16607)
* Add tests
* Add security-related tests
My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.
* Fix authentication failures after going halfway through a sign-in attempt
* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
|
|
|
|
The addition of authentication history broke the omniauth login with
the following error:
method=GET path=/auth/auth/cas/callback format=html
controller=Auth::OmniauthCallbacksController action=cas status=500
error='NameError: undefined local variable or method `user' for
#<Auth::OmniauthCallbacksController:0x00000000036290>
Did you mean? @user' duration=435.93 view=0.00 db=36.19
* app/controllers/auth/omniauth_callbacks_controller.rb: fix variable
name to `@user`
|
|
|
|
|
|
Port 0c24c865b785a557f43125c976090e271247a2b1 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port aaf24d3093d565461b0051d2238d8b74db63a041 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
* Fix remotely-suspended accounts' toots being merged back into timelines
* Mark remotely-deleted accounts as remotely suspended
|
|
Fix issue #16603 undefined method `serialize_payload' for Unsuspend Account Service error.
It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service.
|
|
* Refactor AttachmentList
* Do not crash if a notification contains an unprocessed media attachment
Fixes #16530
* Fix spacing in compact form
|
|
Fixes #16571
|
|
(#16510)
* Fix followers synchronization mechanism not working when URI has empty path
To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org instead of
something like https://example.org/actor) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.
Also adds tests and rename them to reflect the proper method names.
* Move url prefix regexp to its own constant
|
|
|
|
* Add test
* Fix crash when encountering invalid account fields
|
|
Port b2875b1864d5bd72e6902ffc842d1be6818c210e to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port 6e0ab6814f4d3906c035e10a9cedbc41ae5967e9 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|