Age | Commit message (Collapse) | Author |
|
|
|
* Add correct error message for exceeding max length on password confirmation field
* Code style fixes
|
|
|
|
|
|
|
|
|
|
|
|
Port 3f382e337d5c40db18995a88c0bf6b1b34f031b7 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port 1630807ee2517e7a9dbb66cbd532a0c46e01abcf to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Conflicts:
- `.env.production.sample`:
Copied upstream changes.
- `app/controllers/settings/identity_proofs_controller.rb`:
Minor conflict due to glitch-soc's extra “enable_keybase” setting.
Upstream removed keybase support altogether, so did the same.
- `app/controllers/well_known/keybase_proof_config_controller.rb`:
Minor conflict due to glitch-soc's extra “enable_keybase” setting.
Upstream removed keybase support altogether, so did the same.
- `lib/mastodon/statuses_cli.rb`:
Minor conflict due to an optimization that wasn't shared between
the two versions. Copied upstream's version.
|
|
* Fix #16937
* Add test for statuses order
|
|
|
|
Fixes #17057
|
|
WebUI (#17060)
Fixes #16799
|
|
|
|
|
|
|
|
This reverts commit 5f10e64330635bfd609ba5acdd78fa505c12f5b1.
|
|
constant (#17044)
|
|
|
|
|
|
Port b1fd6d44901a13450d22884b02eb6e9ae4fc1248 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Conflicts:
- `app/views/admin/tags/index.html.haml`:
Removed upstream while it had changes in glitch-soc to accomodate for the
theming system.
Additional changes to accomodate for the theming system:
- `app/views/admin/trends/links/preview_card_providers/index.html.haml`
- `app/views/admin/trends/links/index.html.haml`
- `app/views/admin/trends/tags/index.html.haml`
- `app/views/admin/tags/show.html.haml`
|
|
|
|
|
|
|
|
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
|
|
block (#17036)
* Fix error when suspending user with an already-existing canonical email block
Fixes #17033
While attempting to create a `CanonicalEmailBlock` with an existing hash would
raise an `ActiveRecord::RecordNotUnique` error, this being done within a
transaction would cancel the whole transaction. For this reason, checking for
uniqueness in Rails would query the database within the transaction and avoid
invalidating the whole transaction for this reason.
A race condition is still possible, where multiple accounts sharing a canonical
email would be blocked in concurrent transactions, in which only one would
succeed, but that is way less likely to happen that the current issue, and can
always be retried after the first failure, unlike the current situation.
* Add tests
|
|
Port db32835338e113f23a474d323e398916a999619f to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
|
|
Reverts part of #16907 to fix hardcoded color
|
|
* Bump chewy from 5.2.0 to 7.2.2
* fix style (codeclimate)
* fix style
* fix style
* Bump chewy from 7.2.2 to 7.2.3
|
|
* perf: lazyload emoji-mart!
* Bump lazyload
|
|
For some reason, some misconfigured servers return an empty document when
queried over webfinger. Since an empty document does not lead to a parse
error, the error is not caught properly and triggers uncaught exceptions
later on.
This PR fixes that by immediately erroring out with `Webfinger::Error` on
getting an empty response.
|
|
(#16979)
Fix #16955
|
|
|
|
|
|
|
|
|
|
Partial fix to #1629
|
|
|
|
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
|
|
|
|
Save preview cards under their canonical URL
Increase max redirects to follow from 2 to 3
|
|
Broken since #15827
|
|
|
|
|
|
Port 11d4f9eefc7b40df84baceff9b2e0747887b23ec to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|
|
Port b58d32cfe259d95ef28a61cbd863336350f2a3d9 to glitch-soc
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
|