Age | Commit message (Collapse) | Author |
|
* Add notifications when a reblogged status has been updated
* Change wording to say "edit" instead of "update" and add missing controls
* Replace previous update notifications with the most up-to-date one
|
|
|
|
|
|
* Remove language detection through cld3
* Update app/helpers/languages_helper.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
|
|
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes #15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
|
|
* Add edited toot flag on public pages
* Add toot edit flag to admin pages
|
|
|
|
* Add support for private pinned toots
* Allow local user to pin private toots
* Change wording to avoid "direct message"
|
|
* Add admin option to remove canonical email blocks from a deleted account
* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
|
|
* Add ability to purge undeliverable domains from admin interface
* Add tests
|
|
Fixes #17120
Co-authored-by: Mélanie Chauvel <perso@hack-libre.org>
Co-authored-by: Mélanie Chauvel <perso@hack-libre.org>
|
|
|
|
|
|
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
|
|
* Allow keeping 1 boosts/favs on auto deleting posts
* Fix tests
|
|
|
|
Fixes #16687
|
|
* Add account statuses cleanup policy model
* Record last inspected toot to delete to speed up successive calls to statuses_to_delete
* Add service to cleanup a given account's statuses within a budget
* Add worker to go through account policies and delete old toots
* Fix last inspected status id logic
All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.
* Add tests
* Refactor scheduler and add tests
* Add user interface
* Add support for discriminating based on boosts/favs
* Add UI support for min_reblogs and min_favs, rework UI
* Address first round of review comments
* Replace Snowflake#id_at_start with with_random parameter
* Add tests
* Add tests for StatusesCleanupController
* Rework settings page
* Adjust load-avoiding mechanisms
* Please CodeClimate
|
|
|
|
Remove "active within last two weeks" exception for sign in token requirement
Change admin reset password to lock access until the password is reset
|
|
|
|
* Fix typo: similiar → similar
Suggestion of unextro: https://crowdin.com/profile/unextro
* Fix typo: ChromeOS → Chrome OS
Suggestion of unextro: https://crowdin.com/profile/unextro
* Fix typo: Successfully remove → Successfully removed
Suggestion of GunChleoc: https://crowdin.com/profile/gunchleoc
* Fix typo: will now be processed in due time → will be processed
Suggestion of NCAA: https://crowdin.com/profile/ncaa
* Improve UI text: use “waiting period” instead of “cooldown period”
Suggestion of NCAA: https://crowdin.com/profile/ncaa
* Improve UI text: use “for today” instead of “for that day”
Suggestion of NCAA: https://crowdin.com/profile/ncaa
|
|
|
|
If a status with a hashtag becomes very popular, it stands to
reason that the hashtag should have a chance at trending
Fix no stats being recorded for hashtags that are not allowed
to trend, and stop ignoring bots
Remove references to hashtags in profile directory from the code
and the admin UI
|
|
* Add management of delivery availavility in Federation settings
* fix translate
* Remove useless object creation
* Fix DeepSource issue
* Add shortcut for all
* Fix DeepSource(skipcq)
* Change 'remove' to 'clear'
* Fix style
* Change class method name (exhausted_deliveries_key_by)
|
|
|
|
|
|
Fix regression from #16052
|
|
|
|
|
|
|
|
|
|
|
|
|
|
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.
This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
|
|
|
|
|
|
* Add missing `en.notification_mailer.status.subject`
* Update en.yml
|
|
|
|
|
|
admin UI (#15367)
|
|
For consistency with #15265
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
|
|
- Replace the middle of the domain with * characters (except for periods)
- Add SHA-256 digest of the domain name in tooltip
|
|
* Fix admin being able to suspend their own instance account
* Add text about the instance's own actor in admin view
* Change instance actor notice from flash message to template
* Do not list local instance actor in account moderation list
|
|
* feat: display `invite_request_text` in admin's user account page
* fix: move invite_request to the bottom of accounts page
* fix: remove time display, remove formate, change code terminology
* fix: remove escape
|
|
* Add indication to admin UI of whether a report has been forwarded
* Rework how forwarded status is displayed
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
Fixes #15273
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
- Reduce duplicate queries
- Remove n+1 queries
- Add accounts count to detailed view
- Add separate action log entry for updating existing domain blocks
|
|
* Add honeypot fields to limit non-specialized spam
Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.
This should cut down on some non-Mastodon-specific spambots.
* Require a 3 seconds delay before submitting the registration form
* Fix tests
* Move registration form time check to model validation
* Give people a chance to clear the honeypot fields
* Refactor honeypot translation strings
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|