about summary refs log tree commit diff
path: root/config/initializers
AgeCommit message (Collapse)Author
2022-05-24Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-05-18Change search indexing to use batches to minimize resource usage (#18451)Eugen Rochko
2022-05-01Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/javascript/packs/admin.js`: Conflicts due to glitch-soc's theming system. Upstream changes have been ported to `app/javascript/core/admin.js` - `app/models/trends/statuses.rb`: Minor conflict due to glitch-soc's option to allow CWed toots in trends. Ported upstream changes.
2022-04-29Fix opening and closing Redis connections instead of using a pool (#18171)Eugen Rochko
* Fix opening and closing Redis connections instead of using a pool * Fix Redis connections not being returned to the pool in CLI commands
2022-04-28Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-04-28Fix stoplight not using REDIS_NAMESPACE (#18160)Claire
2022-04-28Fix single Redis connection being used across all threads (#18135)Eugen Rochko
* Fix single Redis connection being used across all Sidekiq threads * Fix tests
2022-04-08Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `Gemfile.lock`: Not a real conflict, just an upstream dependency udpated textually too close to a glitch-soc-only dependency. Updated dependencies like upstream. - `app/controllers/settings/preferences_controller.rb`: Upstream added settings where we had extra glitch-soc-specific settings. Added upstream's new settings. - `app/models/user.rb`: Upstream added settings where we had extra glitch-soc-specific settings. Added upstream's new settings. - `config/i18n-tasks.yml`: Not a real conflict, just a new upstream line too textually close to a glitch-soc-only line. Ported upstream's change.
2022-04-08Fix cookies secure flag being set when served over Tor (#17992)Eugen Rochko
2022-04-04Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-04-01fix: `s3_force_single_request` not parsed (#17922)Holger
2022-03-26Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/lib/formatter.rb`: Upstream completely refactored the formatting code and removed that file, while glitch-soc had code for Markdown and HTML toots. Took upstream code, glitch-soc changes will be re-implemented on top of the refactored classes in a later commit. - `app/models/status.rb`: Upstream refactored status edit handling and moved code to `app/models/concerns/status_snapshot_concern.rb`. Applied glitch-soc's changes to that file. - `app/serializers/activitypub/note_serializer.rb`: Not really a conflict, just a line added too close to one modified by glitch-soc. Applied upstream changes while keeping the glitch-soc-modified one. - `app/services/update_status_service.rb`: Not really a conflict, upstream modified a line adjacent to one added by glitch-soc. Applied upstream changes while keeping the glitch-soc line. - `app/views/statuses/_simple_status.html.haml`: Upstream refactored formatting, glitch-soc changed the markup slightly. Applied upstream changes. - `spec/lib/formatter_spec.rb`: Upstream completely refactored the formatting code and removed that file, while glitch-soc had code for Markdown and HTML toots. Took upstream code, glitch-soc changes will be re-implemented on top of the refactored classes in a later commit.
2022-03-26Refactor formatter (#17828)Eugen Rochko
* Refactor formatter * Move custom emoji pre-rendering logic to view helpers * Move more methods out of Formatter * Fix code style issues * Remove Formatter * Add inline poll options to RSS feeds * Remove unused helper method * Fix code style issues * Various fixes and improvements * Fix test
2022-03-15Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream changed their README, we have a completely different one. Kept our README.
2022-03-15Fix PgHero suggesting migrations (#17807)Claire
* Fix PgHero suggesting migrations Fixes #17768 * Keep migration suggestions in development env
2022-03-14Fix LetterOpennerWeb CSP (#17770)Yamagishi Kazutoshi
2022-03-12Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-03-12Bump rack-attack from 6.5.0 to 6.6.0 (#17405)dependabot[bot]
* Bump rack-attack from 6.5.0 to 6.6.0 Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.5.0 to 6.6.0. - [Release notes](https://github.com/rack/rack-attack/releases) - [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md) - [Commits](https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0) --- updated-dependencies: - dependency-name: rack-attack dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fix usage of deprecated API Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-10Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/models/status.rb`: Upstream updated media and edit-related code textually close to glitch-soc additions (local-only and content-type). Ported upstream changes. - `app/models/status_edit.rb`: Upstream changes textually close to glitch-soc additions (content-type). Ported upstream changes. - `app/serializers/activitypub/note_serializer.rb`: Upstream changed how media attachments are handled. Not really a conflict, but textually close to glitch-soc additions (directMessage attribute). Ported upstream changes. - `app/services/remove_status_service.rb`: Upstream changed how media attachments are handled. Not really a conflict, but textually close to glitch-soc additions (DM timeline). Ported upstream changes. - `app/services/update_status_service.rb`: Upstream fixed an issue with language selection. Not really a conflict, but textually close to glitch-soc additions (content-type). Ported upstream changes. - `db/schema.rb`: Upstream added columns to the `status_edits` table, the conflict is because of an additional column (`content-type`) in glitch-soc. Ported upstream changes. - `package.json`: Upstream dependency (express) textually adjacent to a glitch-soc-specific one (favico.js) got updated. Updated it as well.
2022-03-09Allow login through OpenID Connect (#16221)chandrn7
* added OpenID Connect as an SSO option * minor fixes * added comments, removed an option that shouldn't be set * fixed Gemfile.lock * added newline to end of Gemfile.lock * removed tab from Gemfile.lock * remove chomp * codeclimate changes and small name change to make function's purpose clearer * codeclimate fix * added SSO buttons to /about page * minor refactor * minor style change * removed spurious change * removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth * minor changes
2022-03-08Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `app/controllers/settings/preferences_controller.rb`: Conflicts due to us having more user settings and upstream dropping `hide_network` (to replace it with an account attribute, properly migrated). Dropped `hide_network` like upstream. - `app/lib/user_settings_decorator.rb`: Conflicts due to us having more user settings and upstream dropping `hide_network` (to replace it with an account attribute, properly migrated). Dropped `hide_network` like upstream. - `app/models/status.rb`: Conflict because of slight change in how glitch-soc handles the scope to filter out local-only posts for anonymous viewers. Took upstream's changes and re-applied glitch-soc's change. - `app/models/user.rb`: Conflicts due to us having more user settings and upstream dropping `hide_network` (to replace it with an account attribute, properly migrated). Dropped `hide_network` like upstream. - `app/views/directories/index.html.haml`: Conflict because upstream redesigned that page while glitch-soc had a minor change to support hiding the number of followers. Ported glitch-soc's change on top of upstream's redesign. Additional changes: - `app/models/account_statuses_filter.rb`: See change to `app/models/status.rb`.
2022-03-06Spelling (#17705)Josh Soref
* spelling: account Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: affiliated Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: appearance Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: autosuggest Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: cacheable Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: component Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: conversations Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: domain.example Clarify what's distinct and use RFC friendly domain space. Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: environment Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: exceeds Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: functional Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: inefficiency Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: not Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: notifications Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: occurring Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: position Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: progress Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: promotable Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: reblogging Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: repetitive Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: resolve Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: saturated Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: similar Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: strategies Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: success Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: targeting Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: thumbnails Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: unauthorized Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: unsensitizes Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: validations Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> * spelling: various Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2022-02-23Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.github/workflows/build-image.yml`: Upstream changed the workflow a bit. Conflict comes from us pushing to ghcr while upstream pushes to dockerhub. Ported the upstream changes while still pushing to ghcr.
2022-02-22Fix various typos (#17621)luzpaz
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-02-21Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-02-21Fix error when trying to register (#17600)Claire
2022-02-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
2022-02-18Avoid return within block (#17590)zunda
This prevents the error: LocalJumpError (unexpected return)
2022-02-18Throttle IPv6 signup for subnet (#17588)Jeong Arm
2022-01-23Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `spec/models/status_spec.rb`: Upstream added tests too close to glitch-soc-specific tests. Kept both tests.
2022-01-23Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)Claire
Fixes #15959 Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form to instead redirect to the external OmniAuth login provider. However, it did not prevent the log-in form on /about introduced by #10232 from appearing, and completely broke with the introduction of #15228. As I restoring that previous log-in flow without introducing a security vulnerability may require extensive care and knowledge of how OmniAuth works, this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time being.
2022-01-16Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream added some text, but our README is completely different. Kept our README unchanged.
2022-01-16Remove IP tracking columns from users table (#16409)Eugen Rochko
2022-01-10Fix media API limit (#17272)Jeong Arm
2021-12-27Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: We have completely different contents. Kept our version. - `package.json`: Not a real conflict, just an upstream dependency udpated textually too close to a glitch-soc-only dependency. Updated dependencies like upstream. - `streaming/index.js`: Conflict due to code style changes on parts that were modified in glitch-soc to handle local-only toots. Changed style according to upstream.
2021-12-27Fix warnings on Rails boot (#16946)Eugen Rochko
2021-11-26Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.env.production.sample`: Copied upstream changes. - `app/controllers/settings/identity_proofs_controller.rb`: Minor conflict due to glitch-soc's extra “enable_keybase” setting. Upstream removed keybase support altogether, so did the same. - `app/controllers/well_known/keybase_proof_config_controller.rb`: Minor conflict due to glitch-soc's extra “enable_keybase” setting. Upstream removed keybase support altogether, so did the same. - `lib/mastodon/statuses_cli.rb`: Minor conflict due to an optimization that wasn't shared between the two versions. Copied upstream's version.
2021-11-26Fix ElasticSearch to Elasticsearch (#17050)Takeshi Umeda
2021-11-19Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-11-18Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)Takeshi Umeda
* Bump chewy from 5.2.0 to 7.2.2 * fix style (codeclimate) * fix style * fix style * Bump chewy from 7.2.2 to 7.2.3
2021-11-06Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-11-06Fix reviving revoked sessions and invalidating login (#16943)Claire
Up until now, we have used Devise's Rememberable mechanism to re-log users after the end of their browser sessions. This mechanism relies on a signed cookie containing a token. That token was stored on the user's record, meaning it was shared across all logged in browsers, meaning truly revoking a browser's ability to auto-log-in involves revoking the token itself, and revoking access from *all* logged-in browsers. We had a session mechanism that dynamically checks whether a user's session has been disabled, and would log out the user if so. However, this would only clear a session being actively used, and a new one could be respawned with the `remember_user_token` cookie. In practice, this caused two issues: - sessions could be revived after being closed from /auth/edit (security issue) - auto-log-in would be disabled for *all* browsers after logging out from one of them This PR removes the `remember_token` mechanism and treats the `_session_id` cookie/token as a browser-specific `remember_token`, fixing both issues.
2021-10-25Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `.env.production.sample`: Upstream added new configuration options, uncommented by default. Commented them. - `Gemfile.lock`: Upstream updated dependencies textually close to glitch-soc-specific dependencies. Updated those upstream dependencies.
2021-10-24Support authentication for ElasticSearch (#16890)Jeong Arm
* Support authentication for ElasticSearch * Fix chewy auth settings
2021-10-14Merge branch 'main' into glitch-soc/merge-upstreamClaire
Conflicts: - `README.md`: Upstream added some documentation in the README, but our README is pretty different and barebone. Kept our README.
2021-10-14Minor memory optimizations (#16507)Claire
Reduce constant memory usage by ~100kB and further reduce boot-up memory allocations and temporary memory use by a further ~200kB.
2021-08-27Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-08-25New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED (#16655)Daniel
When using a CAS server, the users only have a temporary email `change@me-foo-cas.com` which can't be changed but by an administrator. We need a new environment variable like for SAML to assume the email from CAS is verified. * config/initializers/omniauth.rb: define CAS option for assuming email are always verified. * .env.nanobox: add new variable as an example.
2021-07-17Merge branch 'main' into glitch-soc/merge-upstreamClaire
2021-07-15Fix inefficiencies in auto-linking code (#16506)Claire
The auto-linking code basically rewrote the whole string escaping non-ascii characters in an inefficient way, and building a full character offset map between the unescaped and escaped texts before sending the contents to TwitterText's extractor. Instead of doing that, this commit changes the TwitterText regexps to include valid IRI characters in addition to valid URI characters.