Age | Commit message (Collapse) | Author |
|
|
|
(#16607)
* Add tests
* Add security-related tests
My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.
* Fix authentication failures after going halfway through a sign-in attempt
* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
|
|
|
|
The addition of authentication history broke the omniauth login with
the following error:
method=GET path=/auth/auth/cas/callback format=html
controller=Auth::OmniauthCallbacksController action=cas status=500
error='NameError: undefined local variable or method `user' for
#<Auth::OmniauthCallbacksController:0x00000000036290>
Did you mean? @user' duration=435.93 view=0.00 db=36.19
* app/controllers/auth/omniauth_callbacks_controller.rb: fix variable
name to `@user`
|
|
|
|
|
|
Port 0c24c865b785a557f43125c976090e271247a2b1 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port aaf24d3093d565461b0051d2238d8b74db63a041 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
* Fix remotely-suspended accounts' toots being merged back into timelines
* Mark remotely-deleted accounts as remotely suspended
|
|
Fix issue #16603 undefined method `serialize_payload' for Unsuspend Account Service error.
It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service.
|
|
* Refactor AttachmentList
* Do not crash if a notification contains an unprocessed media attachment
Fixes #16530
* Fix spacing in compact form
|
|
Fixes #16571
|
|
(#16510)
* Fix followers synchronization mechanism not working when URI has empty path
To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org instead of
something like https://example.org/actor) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.
Also adds tests and rename them to reflect the proper method names.
* Move url prefix regexp to its own constant
|
|
|
|
* Add test
* Fix crash when encountering invalid account fields
|
|
Port b2875b1864d5bd72e6902ffc842d1be6818c210e to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port 6e0ab6814f4d3906c035e10a9cedbc41ae5967e9 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
Conflicts:
- `Gemfile.lock`:
Not a real conflict, upstream-updated dependency (redis) textually too
close to glitch-soc-only dependecy.
Updated redis gem like upstream did.
|
|
* Add account statuses cleanup policy model
* Record last inspected toot to delete to speed up successive calls to statuses_to_delete
* Add service to cleanup a given account's statuses within a budget
* Add worker to go through account policies and delete old toots
* Fix last inspected status id logic
All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.
* Add tests
* Refactor scheduler and add tests
* Add user interface
* Add support for discriminating based on boosts/favs
* Add UI support for min_reblogs and min_favs, rework UI
* Address first round of review comments
* Replace Snowflake#id_at_start with with_random parameter
* Add tests
* Add tests for StatusesCleanupController
* Rework settings page
* Adjust load-avoiding mechanisms
* Please CodeClimate
|
|
|
|
|
|
* Add account_notes relationship
* Add tests
* Fix owned account notes not being deleted when an account is deleted
* Add post-migration to clean up orphaned account notes
|
|
|
|
|
|
|
|
|
|
Port e9659ae0312d0bf0acf2b55eed5dc688929cae04 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
changes
Port a8a7066e977cb0aa1988d340ef8b7c542f179b14 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port af08229ff43cf61b6b3eb386ca9d6205d05dc295 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
(#16518)
* Add confirmation modal when closing media edit modal with unsaved changes
* Move focal point media state to redux so it does not get erased by confirmation dialog
* Change upload modal behavior to keep it open while saving changes
Instead of closing it immediately and losing changes if they fail to save…
* Make it work with react-intl 2.9
|
|
|
|
Fixes “Scoped order is ignored, it's forced to be batch order.”
|
|
Fixes #16509
Microsoft Edge with translation enabled rewrites the DOM in ways that confuse
react and prevent it from working properly. Wrapping the offending parts in
a span avoids this issue.
|
|
|
|
|
|
Fixes #16515
Not using a router object somehow made `this.history` lag behind the real
browser history whenever pushing a new history item in `replyCompose`.
Not using the context-provided router in this case was an oversight made
when porting glitch-soc changes in #16499.
|
|
The auto-linking code basically rewrote the whole string escaping non-ascii
characters in an inefficient way, and building a full character offset map
between the unescaped and escaped texts before sending the contents to
TwitterText's extractor.
Instead of doing that, this commit changes the TwitterText regexps to include
valid IRI characters in addition to valid URI characters.
|
|
|
|
* Add tests
* Fix user email address being banned on self-deletion
Fixes #16498
|
|
Conflicts:
- `CONTRIBUTING.md`:
Upstream file has changed and we're quoting it.
Ported the changes.
- `README.md`:
Upstream file has changed but we have a completely different one.
Kept our version.
- `lib/mastodon/version.rb`:
Upstream has changed from `tootsuite/mastodon` to `mastodon/mastodon`,
but we're still `glitch-soc/mastodon`.
Kept our version.
- `spec/presenters/instance_presenter_spec.rb`:
Upstream has changed from `tootsuite/mastodon` to `mastodon/mastodon`,
but we're still `glitch-soc/mastodon`.
Kept our version.
|
|
* Change references to tootsuite/mastodon to mastodon/mastodon
* Remove obsolete test fixture
* Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG
And a few other places
|
|
* Refactor shouldUpdateScroll passing
So far, shouldUpdateScroll has been manually passed down from the very top of
the React component hierarchy even though it is a static function common to
all ScrollContainer instances, so replaced that with a custom class extending
ScrollContainer.
* Generalize “press back to close modal” to any modal and to public pages
* Fix boost confirmation modal closing media modal
|
|
|
|
|
|
|
|
|
|
This simplifies the logic to:
- when the last modal gets closed and we're in our history buffer state, go back
- whenever a modal is open, ensure we're in a history buffer state by
potentially pushing one
|