about summary refs log tree commit diff
path: root/lib
AgeCommit message (Collapse)Author
2022-12-07Fix deprecation warning in `tootctl accounts rotate` (#22120)Claire
2022-12-06Fix pre-4.0 admin action logs (#22091)Claire
* Fix BackfillAdminActionLogs post-deployment migration * Improve migration tests * Backfill admin action logs again
2022-11-27Remove support for Ruby 2.6 (#21477)Claire
As pointed out by https://github.com/mastodon/mastodon/pull/21297#discussion_r1028372193 at least one of our dependencies already dropped support for Ruby 2.6, and we had removed Ruby 2.6 tests from the CI over a year ago (#16861). So stop advertising Ruby 2.6 support, bump targeted version, and drop some compatibility code.
2022-11-27Add logging for Rails cache timeouts (#21667)Claire
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds * Log cache store errors
2022-11-15Bump version to 4.0.2 (#20725)Eugen Rochko
2022-11-14Bump version to 4.0.1 (#20696)Eugen Rochko
2022-11-14Bump version to 4.0.0 (#20636)Eugen Rochko
2022-11-14Bump version to 4.0.0rc4 (#20634)Eugen Rochko
2022-11-14Fix index name in fix-duplicates task (#20632)Claire
2022-11-14Fix error when passing unknown filter param in REST API (#20626)Eugen Rochko
Fix #19156
2022-11-13Update fix-duplicates (#20502)Claire
Fixes #19133
2022-11-13Copied Spaces support from packer .rake (#20573)Arthur Isac
2022-11-11Bump version to 4.0.0rc3 (#20378)Eugen Rochko
2022-11-11blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388)Pierre Bourdon
The Blurhash library used by Mastodon requires an input encoded as 24 bits raw RGB data. The conversion to raw RGB using Imagemagick did not previously specify the desired bit depth. In some situations, this leads Imagemagick to output in a pixel format using less bpp than expected. This then manifested as segfaults of the Sidekiq process due to out-of-bounds read, or potentially a (highly noisy) memory infoleak. Fixes #19235.
2022-11-11Fix `ENV` (#20377)Yamagishi Kazutoshi
2022-11-10Make enable_starttls configurable by envvars (#20321)F
ENABLE_STARTTLS is designed to replace ENABLE_STARTTLS_AUTO by accepting three values: 'auto' (the default), 'always', and 'never'. If ENABLE_STARTTLS isn't provided, we fall back to ENABLE_STARTTLS_AUTO. In this way, this change should be fully backwards compatible. Resolves #20311
2022-11-06Bump version to 4.0.0rc2 (#19831)Eugen Rochko
2022-11-04Add assets from Twemoji 14.0 (#19733)Eugen Rochko
2022-11-03Fix admin action logs page (#19649)Claire
* Add tests * Fix crash when trying to display orphaned action logs * Add migration for older admin action logs
2022-11-02Fix mastodon:setup not setting the admin's role properly (#19670)Claire
* Fix mastodon:setup not setting the admin's role properly * Set contact username when creating admin account in mastodon:setup
2022-11-01png optimization(loss less) (#19630)pea-sys
2022-10-28Bump version to 4.0.0rc1 (#19473)Eugen Rochko
2022-10-27Add `--remove-role` option to `tootctl accounts modify` (#19477)Eugen Rochko
Fix #19152
2022-09-20Fix Ambiguous SQL error on tootctl media refresh (#19206)Jeong Arm
2022-09-20Improve error reporting and logging when processing remote accounts (#15605)Claire
* Add a more descriptive PrivateNetworkAddressError exception class * Remove unnecessary exception class to rescue clause * Remove unnecessary include to JsonLdHelper * Give more neutral error message when too many webfinger redirects * Remove unnecessary guard condition * Rework how “ActivityPub::FetchRemoteAccountService” handles errors Add “suppress_errors” keyword argument to avoid raising errors in ActivityPub::FetchRemoteAccountService#call (default/previous behavior). * Rework how “ActivityPub::FetchRemoteKeyService” handles errors Add “suppress_errors” keyword argument to avoid raising errors in ActivityPub::FetchRemoteKeyService#call (default/previous behavior). * Fix Webfinger::RedirectError not being a subclass of Webfinger::Error * Add suppress_errors option to ResolveAccountService Defaults to true (to preserve previous behavior). If set to false, errors will be raised instead of caught, allowing the caller to be informed of what went wrong. * Return more precise error when failing to fetch account signing AP payloads * Add tests * Fixes * Refactor error handling a bit * Fix various issues * Add specific error when provided Digest is not 256 bits of base64-encoded data * Please CodeClimate * Improve webfinger error reporting
2022-08-28Fix typos (#18604)luzpaz
* Fix typos Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,pixelx,ro` * Follow-up typo fix
2022-08-28Add admin API for managing canonical e-mail blocks (#19067)Eugen Rochko
2022-08-25Add '--days' option to tootctl media refresh (#18425)Jeong Arm
* Add '--days' option to tootctl media refresh * Fix undefined scope
2022-08-13Minimal adjustments to the short description (#18001)Brayd
Minimal adjustments have been made to the short description so that it logically follows the long description
2022-07-05Add customizable user roles (#18641)Eugen Rochko
* Add customizable user roles * Various fixes and improvements * Add migration for old settings and fix tootctl role management
2022-06-28Revamp post filtering system (#18058)Claire
* Add model for custom filter keywords * Use CustomFilterKeyword internally Does not change the API * Fix /filters/edit and /filters/new * Add migration tests * Remove whole_word column from custom_filters (covered by custom_filter_keywords) * Redesign /filters Instead of a list, present a card that displays more information and handles multiple keywords per filter. * Redesign /filters/new and /filters/edit to add and remove keywords This adds a new gem dependency: cocoon, as well as a npm dependency: cocoon-js-vanilla. Those are used to easily populate and remove form fields from the user interface when manipulating multiple keyword filters at once. * Add /api/v2/filters to edit filter with multiple keywords Entities: - `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context` `keywords` - `FilterKeyword`: `id`, `keyword`, `whole_word` API endpoits: - `GET /api/v2/filters` to list filters (including keywords) - `POST /api/v2/filters` to create a new filter `keywords_attributes` can also be passed to create keywords in one request - `GET /api/v2/filters/:id` to read a particular filter - `PUT /api/v2/filters/:id` to update a new filter `keywords_attributes` can also be passed to edit, delete or add keywords in one request - `DELETE /api/v2/filters/:id` to delete a particular filter - `GET /api/v2/filters/:id/keywords` to list keywords for a filter - `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a filter - `GET /api/v2/filter_keywords/:id` to read a particular keyword - `PUT /api/v2/filter_keywords/:id` to edit a particular keyword - `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword * Change from `irreversible` boolean to `action` enum * Remove irrelevent `irreversible_must_be_within_context` check * Fix /filters/new and /filters/edit with update for filter_action * Fix Rubocop/Codeclimate complaining about task names * Refactor FeedManager#phrase_filtered? This moves regexp building and filter caching to the `CustomFilter` class. This does not change the functional behavior yet, but this changes how the cache is built, doing per-custom_filter regexps so that filters can be matched independently, while still offering caching. * Perform server-side filtering and output result in REST API * Fix numerous filters_changed events being sent when editing multiple keywords at once * Add some tests * Use the new API in the WebUI - use client-side logic for filters we have fetched rules for. This is so that filter changes can be retroactively applied without reloading the UI. - use server-side logic for filters we haven't fetched rules for yet (e.g. network error, or initial timeline loading) * Minor optimizations and refactoring * Perform server-side filtering on the streaming server * Change the wording of filter action labels * Fix issues pointed out by linter * Change design of “Show anyway” link in accordence to review comments * Drop “irreversible” filtering behavior * Move /api/v2/filter_keywords to /api/v1/filters/keywords * Rename `filter_results` attribute to `filtered` * Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer * Fix systemChannelId value in streaming server * Simplify code by removing client-side filtering code The simplifcation comes at a cost though: filters aren't retroactively applied anymore.
2022-06-11Fix wrong aspect ratio of logo in icons (#18639)Eugen Rochko
2022-06-09Change brand color and logotypes (#18592)Eugen Rochko
- Add rake task for generating Apple/Android icons and favicons from SVG - Add rake task for generating PNG icons and logos for e-mails from SVG - Remove obsolete Microsoft icons and configuration - Remove PWA shortcut icons
2022-06-01Remove dependency on running Redis server for db:setup (#18560)Claire
2022-05-26Bump version to 3.5.3 (#18530)Eugen Rochko
2022-05-22Change algorithm of `tootctl search deploy` to improve performance (#18463)Eugen Rochko
2022-05-18Change search indexing to use batches to minimize resource usage (#18451)Eugen Rochko
2022-05-09Fix redis configuration not being changed by mastodon:setup (#18383)Claire
Fixes #18342
2022-05-04Bump version to 3.5.2 (#18295)Claire
* Bump version to 3.5.2 * Change some entries to be more clear * Add some extra notes * Fix line wrap Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-05-02Add ability to set approval-based registration through tootctl (#18248)Claire
Fixes #18235 Add `tootctl settings registrations approved` with optional `--require-reason` switch.
2022-04-29Fix opening and closing Redis connections instead of using a pool (#18171)Eugen Rochko
* Fix opening and closing Redis connections instead of using a pool * Fix Redis connections not being returned to the pool in CLI commands
2022-04-29Fix light-mode emoji borders. (#18131)Gaelan Steele
2022-04-28Fix single Redis connection being used across all threads (#18135)Eugen Rochko
* Fix single Redis connection being used across all Sidekiq threads * Fix tests
2022-04-26Fix instance actor being incorrectly created when running migrations (#18109)Claire
* Add migration test about instance actor key * Fix old migration * Work around incorrect database state
2022-04-08Bump version to 3.5.1 (#18000)Eugen Rochko
2022-04-08Fix error resposes for `from` search prefix (#17963)0x2019
* Fix error responses in `from` search prefix (addresses mastodon/mastodon#17941) Using unsupported prefixes now reports a 422; searching for posts from an account the instance is not aware of reports a 404. TODO: The UI for this on the front end is abysmal. Searching `from:username@domain` now succeeds when `domain` is the local domain; searching `from:@username(@domain)?` now works as expected. * Remove unused methods on new Error classes as they are not being used Currently when `raise`d there are error messages being supplied, but this is not actually being used. The associated `raise`s have been edited accordingly. * Remove needless comments * Satisfy rubocop * Try fixing tests being unable to find AccountFindingConcern methods * Satisfy rubocop * Simplify `from` prefix logic This incorporates @ClearlyClaire's suggestion (see https://github.com/mastodon/mastodon/pull/17963#pullrequestreview-933986737). Accepctable account strings in `from:` clauses are more lenient than before this commit; for example, `from:@user@example.org@asnteo +cat` will not error, and return posts by @user@example.org containing the word "cat". This is more consistent with how Mastodon matches mentions in statuses. In addition, `from` clauses will not be checked for syntatically invalid usernames or domain names, simply 404ing when `Account.find_remote!` raises ActiveRecord::NotFound. New code for this PR that is no longer used has been removed.
2022-04-08Fix cookies secure flag being set when served over Tor (#17992)Eugen Rochko
2022-04-07Fix migration error handling (#17991)Claire
2022-04-07Fix error re-running some migrations if they get interrupted at the wrong ↵Claire
moment (#17989)
2022-04-06Remove sign-in token authentication, instead send e-mail about new sign-in ↵Eugen Rochko
(#17970)