| Age | Commit message (Collapse) | Author |
|---|
|
Conflicts:
- `spec/models/status_spec.rb`:
Upstream added tests too close to glitch-soc-specific tests.
Kept both tests.
|
|
* Fix error-prone SQL queries in Account search
While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.
This PR parameterises the `to_tsquery` input to make the query more robust.
* Harden code for Status#tagged_with_all and Status#tagged_with_none
Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.
* Remove unneeded spaces surrounding tsquery term
* Please CodeClimate
* Move advanced_search_for SQL template to its own function
This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.
* Add tests covering tagged_with, tagged_with_all and tagged_with_none
* Rewrite tagged_with_none to avoid multiple joins and make it more robust
* Remove obsolete brakeman warnings
* Revert "Remove unneeded spaces surrounding tsquery term"
The two queries are not strictly equivalent.
This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
|
|
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes #15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
|
|
Fixes #15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
|
|
* Add edited toot flag on public pages
* Add toot edit flag to admin pages
|
|
Conflicts:
- `app/lib/activitypub/activity/create.rb`:
Upstream refactored how `Create` activities are handled and how values are
extracted from `Create`d objects. This conflicted with how glitch-soc
supported the `directMessage` flag to explicitly distinguish between
limited and direct messages.
Ported glitch-soc's changes to latest upstream changes.
- `app/services/fan_out_on_write_service.rb`:
Upstream largely refactored that file and changed some of the logic.
This conflicted with glitch-soc's handling of the direct timeline and
the options to allow replies and boosts in public feeds.
Ported those glitch-soc changes on top of latest upstream changes.
- `app/services/process_mentions_service.rb`:
Upstream refactored to move mention-related ActivityPub deliveries to
`ActivityPub::DeliveryWorker`, while glitch-soc contained an extra check
to not send local-only toots to remote mentioned users.
Took upstream's version, as the check is not needed anymore, since it is
performed at the `ActivityPub::DeliveryWorker` call site already.
- `app/workers/feed_insert_worker.rb`:
Upstream added support for `update` toot events, while glitch-soc had
support for an extra timeline support, `direct`.
Ported upstream changes and extended them to the `direct` timeline.
Additional changes:
- `app/lib/activitypub/parser/status_parser.rb`:
Added code to handle the `directMessage` flag and take it into account
to compute visibility.
- `app/lib/feed_manager.rb`:
Extended upstream's support of `update` toot events to glitch-soc's
`direct` timeline.
|
|
* Add support for editing for published statuses
* Fix references to stripped-out code
* Various fixes and improvements
* Further fixes and improvements
* Fix updates being potentially sent to unauthorized recipients
* Various fixes and improvements
* Fix wrong words in test
* Fix notifying accounts that were tagged but were not in the audience
* Fix mistake
|
|
Conflicts:
- `app/views/admin/reports/show.html.haml`:
Conflicts due to glitch-soc's theming system.
|
|
|
|
Conflicts:
- `app/controllers/accounts_controller.rb`:
Upstream introduced support for private pinned toots, but glitch-soc's query
was a bit different as it filtered out local-only toots.
Used upstream's query, while adding local-only filtering back.
- `app/controllers/activitypub/collections_controller.rb`:
Same thing with regards to local-only posts.
- `app/validators/status_pin_validator.rb`:
Not a real conflict, but the line below was different in glitch-soc due to
the configurable pinned toots limit.
|
|
* Add support for private pinned toots
* Allow local user to pin private toots
* Change wording to avoid "direct message"
|
|
Conflicts:
- `README.md`:
Upstream added some text, but our README is completely different.
Kept our README unchanged.
|
|
|
|
work (#17216)
#17215
|
|
|
|
Conflicts:
- `README.md`:
We have completely different contents. Kept our version.
- `package.json`:
Not a real conflict, just an upstream dependency udpated
textually too close to a glitch-soc-only dependency.
Updated dependencies like upstream.
- `streaming/index.js`:
Conflict due to code style changes on parts that were
modified in glitch-soc to handle local-only toots.
Changed style according to upstream.
|
|
|
|
|
|
* Add admin option to remove canonical email blocks from a deleted account
* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
|
|
* Add ability to purge undeliverable domains from admin interface
* Add tests
|
|
Conflicts:
- `app/views/admin/pending_accounts/index.html.haml`:
Removed upstream, while it had glitch-soc-specific changes to accomodate
for glitch-soc's theming system.
Removed the file.
Additional changes:
- `app/views/admin/accounts/index.html.haml':
Accomodate for glitch-soc's theming system.
|
|
Fixes #17120
Co-authored-by: Mélanie Chauvel <perso@hack-libre.org>
Co-authored-by: Mélanie Chauvel <perso@hack-libre.org>
|
|
|
|
Conflicts:
- `.env.production.sample`:
Copied upstream changes.
- `app/controllers/settings/identity_proofs_controller.rb`:
Minor conflict due to glitch-soc's extra “enable_keybase” setting.
Upstream removed keybase support altogether, so did the same.
- `app/controllers/well_known/keybase_proof_config_controller.rb`:
Minor conflict due to glitch-soc's extra “enable_keybase” setting.
Upstream removed keybase support altogether, so did the same.
- `lib/mastodon/statuses_cli.rb`:
Minor conflict due to an optimization that wasn't shared between
the two versions. Copied upstream's version.
|
|
|
|
|
|
Conflicts:
- `app/views/admin/tags/index.html.haml`:
Removed upstream while it had changes in glitch-soc to accomodate for the
theming system.
Additional changes to accomodate for the theming system:
- `app/views/admin/trends/links/preview_card_providers/index.html.haml`
- `app/views/admin/trends/links/index.html.haml`
- `app/views/admin/trends/tags/index.html.haml`
- `app/views/admin/tags/show.html.haml`
|
|
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
|
|
|
|
* Bump chewy from 5.2.0 to 7.2.2
* fix style (codeclimate)
* fix style
* fix style
* Bump chewy from 7.2.2 to 7.2.3
|
|
|
|
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
|
|
Conflicts:
- `.env.production.sample`:
Upstream added new configuration options, uncommented by default.
Commented them.
- `Gemfile.lock`:
Upstream updated dependencies textually close to glitch-soc-specific
dependencies.
Updated those upstream dependencies.
|
|
* Support authentication for ElasticSearch
* Fix chewy auth settings
|
|
|
|
(#16866)
Fixes #16822
|
|
* Add followed_by? to account_interactions
* Add RemoveFromFollowersService
* Fix AccountBatch to use RemoveFromFollowersService
* Add remove from followers API
|
|
* New translations en.json (Latvian)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations devise.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations devise.en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations activerecord.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations doorkeeper.en.yml (Latvian)
[ci skip]
* New translations devise.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations simple_form.en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Armenian)
[ci skip]
* New translations en.json (Danish)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Sinhala)
[ci skip]
* New translations en.yml (Sardinian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Georgian)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Spanish, Mexico)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.json (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Bengali)
[ci skip]
* New translations en.yml (Asturian)
[ci skip]
* New translations en.yml (Scottish Gaelic)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.json (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.json (Sorani (Kurdish))
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Malay)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Tatar)
[ci skip]
* New translations en.yml (Malayalam)
[ci skip]
* New translations en.yml (Sorani (Kurdish))
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Kurmanji (Kurdish))
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Latvian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* Run `i18n-tasks normalize`
* Run `yarn manage:translations`
* Trim unnecessary line breaks
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
|
|
Conflicts:
- `README.md`:
Upstream added some documentation in the README, but our README is pretty
different and barebone.
Kept our README.
|
|
Conflicts:
- `app/controllers/admin/dashboard_controller.rb`:
Upstream completely redesigned the admin dashboard.
glitch-soc tracked extra features, but that list is
gone.
Followed upstram.
- `app/views/admin/dashboard/index.html.haml`
Upstream completely redesigned the admin dashboard.
glitch-soc tracked extra features, but that list is
gone.
Followed upstram.
|
|
* Allow keeping 1 boosts/favs on auto deleting posts
* Fix tests
|
|
Co-Authored-By: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
|
|
Reduce constant memory usage by ~100kB and further reduce boot-up memory
allocations and temporary memory use by a further ~200kB.
|
|
project started on Crowdin. (#16548)
|
|
|
|
|
|
Conflicts:
- `app/models/custom_emoji.rb`:
Slight refactor upstream, next to a line that was different in glitch-soc
because of our local configurable limits on custom emoji size.
Ported upstream changes.
- `yarn.lock`:
Not really a conflict, upstream dependency textually too close to a
glitch-soc-only dependency.
Updated upstream dependency as upstream.
|
|
* Switch from unmaintained paperclip to kt-paperclip
* Drop some compatibility monkey-patches not required by kt-paperclip
* Drop media spoof check monkey-patching
It's broken with kt-paperclip and hopefully it won't be needed anymore
* Fix regression introduced by paperclip 6.1.0
* Do not rely on pathname to call FastImage
* Add test for ogg vorbis file with cover art
* Add audio/vorbis to the accepted content-types
This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…
* Restore missing for_as_default method
* Refactor Attachmentable concern and delay Paperclip's content-type spoof check
Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.
* Please CodeClimate
* Add audio/vorbis to the unreliable set
It doesn't correspond to a file format and thus has no extension associated.
|
|
|
|
* Bump bootsnap from 1.6.0 to 1.8.1
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.6.0 to 1.8.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.6.0...v1.8.1)
---
updated-dependencies:
- dependency-name: bootsnap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Remove deprecated bootsnap config options
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
