| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* Support "http_hidden_proxy" ENV var for hidden service only proxy
* Fallback to http_proxy if http_hidden_proxy is not set
|
|
- `.env.production.sample`:
Our sample config file is very different from upstream since it is much more
complete. Upstream added documentation for a few env variables.
Copied the new variables/documentation from upstream.
- `app/lib/feed_manager.rb`:
Upstream added a timeline type (hashtags), while glitch-soc already had an
extra one (direct messages). Not really a conflict but textually close
changes.
Ported upstream's changes.
- `app/models/custom_emoji.rb`:
Upstream upped the custom emoji size limit, while glitch-soc had configurable
limits.
Upped the default limits accordingly.
- `streaming/index.js`:
Upstream reworked how hastags were normalized. Minor conflict due to
glitch-soc's handling of instance-local posts.
Ported upstream's changes.
|
|
* Change how hashtags are normalized
* Fix tests
|
|
Conflicts:
- `app/javascript/styles/fonts/montserrat.scss`:
Code style changes upstream, path changes in glitch-soc.
Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto-mono.scss`:
Code style changes upstream, path changes in glitch-soc.
Applied upstream's code style changes.
- `app/javascript/styles/fonts/roboto.scss`:
Code style changes upstream, path changes in glitch-soc.
Applied upstream's code style changes.
- `app/models/account.rb`:
Textual conflict only caused by glitch-soc using a different value
for character limits in a nearby line.
Applied upstream's changes.
- `app/views/statuses/_simple_status.html.haml`:
Attribute added to a tag modified by glitch-soc.
Added upstream's attributes.
- `yarn.lock`:
Upstream added/updated dependencies close to glitch-soc-only ones.
Updated/added upstream dependencies.
|
|
(#18568)
|
|
|
|
|
|
|
|
|
|
Conflicts:
- `app/javascript/packs/admin.js`:
Conflicts due to glitch-soc's theming system.
Upstream changes have been ported to `app/javascript/core/admin.js`
- `app/models/trends/statuses.rb`:
Minor conflict due to glitch-soc's option to allow CWed toots in trends.
Ported upstream changes.
|
|
* Fix opening and closing Redis connections instead of using a pool
* Fix Redis connections not being returned to the pool in CLI commands
|
|
|
|
|
|
* Fix single Redis connection being used across all Sidekiq threads
* Fix tests
|
|
Conflicts:
- `Gemfile.lock`:
Not a real conflict, just an upstream dependency udpated
textually too close to a glitch-soc-only dependency.
Updated dependencies like upstream.
- `app/controllers/settings/preferences_controller.rb`:
Upstream added settings where we had extra glitch-soc-specific settings.
Added upstream's new settings.
- `app/models/user.rb`:
Upstream added settings where we had extra glitch-soc-specific settings.
Added upstream's new settings.
- `config/i18n-tasks.yml`:
Not a real conflict, just a new upstream line too textually close to
a glitch-soc-only line.
Ported upstream's change.
|
|
|
|
|
|
|
|
Conflicts:
- `app/lib/formatter.rb`:
Upstream completely refactored the formatting code and removed that file,
while glitch-soc had code for Markdown and HTML toots.
Took upstream code, glitch-soc changes will be re-implemented on top of the
refactored classes in a later commit.
- `app/models/status.rb`:
Upstream refactored status edit handling and moved code to
`app/models/concerns/status_snapshot_concern.rb`.
Applied glitch-soc's changes to that file.
- `app/serializers/activitypub/note_serializer.rb`:
Not really a conflict, just a line added too close to one modified by
glitch-soc.
Applied upstream changes while keeping the glitch-soc-modified one.
- `app/services/update_status_service.rb`:
Not really a conflict, upstream modified a line adjacent to one added by
glitch-soc.
Applied upstream changes while keeping the glitch-soc line.
- `app/views/statuses/_simple_status.html.haml`:
Upstream refactored formatting, glitch-soc changed the markup slightly.
Applied upstream changes.
- `spec/lib/formatter_spec.rb`:
Upstream completely refactored the formatting code and removed that file,
while glitch-soc had code for Markdown and HTML toots.
Took upstream code, glitch-soc changes will be re-implemented on top of the
refactored classes in a later commit.
|
|
* Refactor formatter
* Move custom emoji pre-rendering logic to view helpers
* Move more methods out of Formatter
* Fix code style issues
* Remove Formatter
* Add inline poll options to RSS feeds
* Remove unused helper method
* Fix code style issues
* Various fixes and improvements
* Fix test
|
|
Conflicts:
- `README.md`:
Upstream changed their README, we have a completely different one.
Kept our README.
|
|
* Fix PgHero suggesting migrations
Fixes #17768
* Keep migration suggestions in development env
|
|
|
|
|
|
* Bump rack-attack from 6.5.0 to 6.6.0
Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/rack/rack-attack/releases)
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0)
---
updated-dependencies:
- dependency-name: rack-attack
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fix usage of deprecated API
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
|
|
Conflicts:
- `app/models/status.rb`:
Upstream updated media and edit-related code textually close to glitch-soc
additions (local-only and content-type).
Ported upstream changes.
- `app/models/status_edit.rb`:
Upstream changes textually close to glitch-soc additions (content-type).
Ported upstream changes.
- `app/serializers/activitypub/note_serializer.rb`:
Upstream changed how media attachments are handled. Not really a conflict,
but textually close to glitch-soc additions (directMessage attribute).
Ported upstream changes.
- `app/services/remove_status_service.rb`:
Upstream changed how media attachments are handled. Not really a conflict,
but textually close to glitch-soc additions (DM timeline).
Ported upstream changes.
- `app/services/update_status_service.rb`:
Upstream fixed an issue with language selection. Not really a conflict,
but textually close to glitch-soc additions (content-type).
Ported upstream changes.
- `db/schema.rb`:
Upstream added columns to the `status_edits` table, the conflict is because
of an additional column (`content-type`) in glitch-soc.
Ported upstream changes.
- `package.json`:
Upstream dependency (express) textually adjacent to a glitch-soc-specific one
(favico.js) got updated.
Updated it as well.
|
|
* added OpenID Connect as an SSO option
* minor fixes
* added comments, removed an option that shouldn't be set
* fixed Gemfile.lock
* added newline to end of Gemfile.lock
* removed tab from Gemfile.lock
* remove chomp
* codeclimate changes and small name change to make function's purpose clearer
* codeclimate fix
* added SSO buttons to /about page
* minor refactor
* minor style change
* removed spurious change
* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth
* minor changes
|
|
Conflicts:
- `app/controllers/settings/preferences_controller.rb`:
Conflicts due to us having more user settings and upstream dropping
`hide_network` (to replace it with an account attribute, properly migrated).
Dropped `hide_network` like upstream.
- `app/lib/user_settings_decorator.rb`:
Conflicts due to us having more user settings and upstream dropping
`hide_network` (to replace it with an account attribute, properly migrated).
Dropped `hide_network` like upstream.
- `app/models/status.rb`:
Conflict because of slight change in how glitch-soc handles the scope to
filter out local-only posts for anonymous viewers.
Took upstream's changes and re-applied glitch-soc's change.
- `app/models/user.rb`:
Conflicts due to us having more user settings and upstream dropping
`hide_network` (to replace it with an account attribute, properly migrated).
Dropped `hide_network` like upstream.
- `app/views/directories/index.html.haml`:
Conflict because upstream redesigned that page while glitch-soc had a minor
change to support hiding the number of followers.
Ported glitch-soc's change on top of upstream's redesign.
Additional changes:
- `app/models/account_statuses_filter.rb`:
See change to `app/models/status.rb`.
|
|
* spelling: account
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: affiliated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: appearance
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: autosuggest
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: cacheable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: component
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: conversations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: domain.example
Clarify what's distinct and use RFC friendly domain space.
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: environment
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: exceeds
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: functional
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: inefficiency
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: not
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: notifications
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: occurring
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: position
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: progress
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: promotable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: reblogging
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: repetitive
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: resolve
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: saturated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: similar
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: strategies
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: success
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: targeting
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: thumbnails
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unauthorized
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unsensitizes
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: validations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: various
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
|
|
Conflicts:
- `.github/workflows/build-image.yml`:
Upstream changed the workflow a bit.
Conflict comes from us pushing to ghcr while upstream pushes to dockerhub.
Ported the upstream changes while still pushing to ghcr.
|
|
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
|
|
|
|
|
|
|
|
This prevents the error: LocalJumpError (unexpected return)
|
|
|
|
Conflicts:
- `spec/models/status_spec.rb`:
Upstream added tests too close to glitch-soc-specific tests.
Kept both tests.
|
|
Fixes #15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
|
|
Conflicts:
- `README.md`:
Upstream added some text, but our README is completely different.
Kept our README unchanged.
|
|
|
|
|
|
Conflicts:
- `README.md`:
We have completely different contents. Kept our version.
- `package.json`:
Not a real conflict, just an upstream dependency udpated
textually too close to a glitch-soc-only dependency.
Updated dependencies like upstream.
- `streaming/index.js`:
Conflict due to code style changes on parts that were
modified in glitch-soc to handle local-only toots.
Changed style according to upstream.
|
|
|
|
Conflicts:
- `.env.production.sample`:
Copied upstream changes.
- `app/controllers/settings/identity_proofs_controller.rb`:
Minor conflict due to glitch-soc's extra “enable_keybase” setting.
Upstream removed keybase support altogether, so did the same.
- `app/controllers/well_known/keybase_proof_config_controller.rb`:
Minor conflict due to glitch-soc's extra “enable_keybase” setting.
Upstream removed keybase support altogether, so did the same.
- `lib/mastodon/statuses_cli.rb`:
Minor conflict due to an optimization that wasn't shared between
the two versions. Copied upstream's version.
|
|
|
|
|
|
* Bump chewy from 5.2.0 to 7.2.2
* fix style (codeclimate)
* fix style
* fix style
* Bump chewy from 7.2.2 to 7.2.3
|
|
|
|
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
|
