Age | Commit message (Collapse) | Author |
|
|
|
* Redesign /about when already logged in
* Fix sign up form still showing when OMNIAUTH_ONLY is set
* Fix tests
* Change wording based on suggestions
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
|
|
Conflicts:
- `app/views/admin/trends/links/index.html.haml`:
Not really a conflict, upstream change textually too close to a glitch-soc
change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
system).
Ported upstream changes.
- `app/views/admin/trends/links/preview_card_providers/index.html.haml`:
Not really a conflict, upstream change textually too close to a glitch-soc
change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
system).
Ported upstream changes.
- `app/views/admin/trends/statuses/index.html.haml`:
Not really a conflict, upstream change textually too close to a glitch-soc
change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
system).
Ported upstream changes.
- `app/views/admin/trends/tags/index.html.haml`:
Not really a conflict, upstream change textually too close to a glitch-soc
change (removed `javascript_pack_tag` to accomodate for glitch-soc's theming
system).
Ported upstream changes.
|
|
|
|
|
|
* Change authorized applications page
* Hide revoke button for superapps and suspended accounts
* Clean up db/schema.rb
|
|
Conflicts:
- `app/models/account.rb`:
Not a real conflict, just upstream getting rid of unused constants too close
to glitch-soc-specific contents.
Removed unused constants like upstream did.
- `app/models/trends.rb`:
Conflict because glitch-soc disabled email notifications for trending links.
Upstream has refactored this quite a bit and added trending posts.
Took upstream code, but disabling the extra trending stuff will come in
another commit.
- `app/views/admin/trends/links/index.html.haml`:
Conflict due to glitch-soc's theming system.
Ported upstream changes accordingly.
|
|
* Add trending statuses
* Fix dangling items with stale scores in localized sets
* Various fixes and improvements
- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction
* Add tests for trending statuses filtering behaviour
* Fix not applying filtering scope in controller
|
|
* Change e-mail domain blocks to block IPs dynamically
* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
|
|
|
|
Conflicts:
- `.github/workflows/build-image.yml`:
Upstream changed the workflow a bit.
Conflict comes from us pushing to ghcr while upstream pushes to dockerhub.
Ported the upstream changes while still pushing to ghcr.
|
|
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
|
|
Conflicts:
- `db/schema.rb`:
Conflict due to glitch-soc adding the `content_type` column on status edits
and thus having a different schema version number.
Solved by taking upstream's schema version number, as it is higher than
glitch-soc's.
|
|
* Change relays handling to not record boosts
* Update tests
|
|
|
|
* Add appeals
* Add ability to reject appeals and ability to browse pending appeals in admin UI
* Add strikes to account page in settings
* Various fixes and improvements
- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes
* Change appealed_at to overruled_at
* Fix missing method error
|
|
|
|
* Change tests to have more specific expectations on sent ActivityPub payloads
* Check that payload doesn't actually contain the contents of the boosted toot
* Fix Undo Announce sometimes inlining the originally Announced status
|
|
|
|
sidekiq-bulk's push_bulk can either accept arguments directly or run them
through a block.
Setting expectations on the result of evaluating the blocks allows testing
more code (the block itself) and the test is moved closer to the *interface*
of the tested code than its precise implementation.
|
|
Conflicts:
- `app/controllers/api/v1/statuses_controller.rb`:
Upstream moved things around in a place where glitch-soc had support for
an extra parameter (`content_type`).
Follow upstream but reintroduce `content_type`.
|
|
* Add tests
* Fix NoMethodError in StatusUpdateDistributionWorker
* Fix tests
|
|
* Fix poll votes not being properly reset on poll change
* Fix and add tests
* Fix poll update handling when the number of options changes
|
|
* Add editing for published statuses
* Fix change of multiple-choice boolean in poll not resetting votes
* Remove the ability to update existing media attachments for now
|
|
Conflicts:
- `app/views/settings/preferences/appearance/show.html.haml`:
Upstream renamed some helper functions that were used in a part of the
settings page which glitch-soc slightly changed the layout of.
Ported the change.
|
|
UI (#17485)
|
|
|
|
* Remove language detection through cld3
* Update app/helpers/languages_helper.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
|
|
* Fix structured data parsing from links choking on bad data
- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag
* Remove unnecessary slash escapes from CDATA regex pattern
|
|
* Refactor tests
* Add tests
* Fix replies collection incorrectly looping
|
|
Conflicts:
- `CHANGELOG.md`:
Upstream added newlines.
Conflicts are because the CHANGELOG was independently merged from 3.4.6 on
last security update.
Took upstream's version.
- `app/helpers/context_helper.rb`:
Conflicts because of extra vocabulary in glitch-soc. The conflicts were
actually handled in last security merge.
Kept our version.
|
|
* Add tests
* Fix instance actor not being dereferenceable
* Fix tests
* Fix tests for real
|
|
(#17428)
|
|
|
|
|
|
Fixes #17382
Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.
|
|
Conflicts:
- `Gemfile.lock`:
Upstream-updated lib textually too close to glitch-soc-only dep.
Updated like upstream.
|
|
* Change account and user fabricators to simplify and improve tests
- `Fabricate(:account)` implicitly fabricates an associated `user` if
no `domain` attribute is given (an account with `domain: nil` is
considered a local account, but no user record was created), unless
`user: nil` is passed
- `Fabricate(:account, user: Fabricate(:user))` should still be possible
but is discouraged.
* Fix and refactor tests
- avoid passing unneeded attributes to `Fabricate(:user)` or
`Fabricate(:account)`
- avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other
way around
- prefer `Fabricate(:user, account_attributes: …)` to
`Fabricate(:user, account: Fabricate(:account, …)`
- also, some tests were using remote accounts with local user records, which is
not representative of production code.
|
|
Conflicts:
- `config/environments/production.rb`:
Upstream changed a header but we had different default headers.
Applied the same change, and also dropped HSTS headers redundant with
Rails'.
|
|
Fix #17344
|
|
Conflicts:
- `spec/models/status_spec.rb`:
Upstream added tests too close to glitch-soc-specific tests.
Kept both tests.
|
|
* Fix error-prone SQL queries in Account search
While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.
This PR parameterises the `to_tsquery` input to make the query more robust.
* Harden code for Status#tagged_with_all and Status#tagged_with_none
Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.
* Remove unneeded spaces surrounding tsquery term
* Please CodeClimate
* Move advanced_search_for SQL template to its own function
This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.
* Add tests covering tagged_with, tagged_with_all and tagged_with_none
* Rewrite tagged_with_none to avoid multiple joins and make it more robust
* Remove obsolete brakeman warnings
* Revert "Remove unneeded spaces surrounding tsquery term"
The two queries are not strictly equivalent.
This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
|
|
Conflicts:
- `app/lib/activitypub/activity/create.rb`:
Upstream refactored how `Create` activities are handled and how values are
extracted from `Create`d objects. This conflicted with how glitch-soc
supported the `directMessage` flag to explicitly distinguish between
limited and direct messages.
Ported glitch-soc's changes to latest upstream changes.
- `app/services/fan_out_on_write_service.rb`:
Upstream largely refactored that file and changed some of the logic.
This conflicted with glitch-soc's handling of the direct timeline and
the options to allow replies and boosts in public feeds.
Ported those glitch-soc changes on top of latest upstream changes.
- `app/services/process_mentions_service.rb`:
Upstream refactored to move mention-related ActivityPub deliveries to
`ActivityPub::DeliveryWorker`, while glitch-soc contained an extra check
to not send local-only toots to remote mentioned users.
Took upstream's version, as the check is not needed anymore, since it is
performed at the `ActivityPub::DeliveryWorker` call site already.
- `app/workers/feed_insert_worker.rb`:
Upstream added support for `update` toot events, while glitch-soc had
support for an extra timeline support, `direct`.
Ported upstream changes and extended them to the `direct` timeline.
Additional changes:
- `app/lib/activitypub/parser/status_parser.rb`:
Added code to handle the `directMessage` flag and take it into account
to compute visibility.
- `app/lib/feed_manager.rb`:
Extended upstream's support of `update` toot events to glitch-soc's
`direct` timeline.
|
|
* Add support for editing for published statuses
* Fix references to stripped-out code
* Various fixes and improvements
* Further fixes and improvements
* Fix updates being potentially sent to unauthorized recipients
* Various fixes and improvements
* Fix wrong words in test
* Fix notifying accounts that were tagged but were not in the audience
* Fix mistake
|
|
Conflicts:
- `app/views/admin/reports/show.html.haml`:
Conflicts due to glitch-soc's theming system.
|
|
|
|
Conflicts:
- `app/controllers/accounts_controller.rb`:
Upstream introduced support for private pinned toots, but glitch-soc's query
was a bit different as it filtered out local-only toots.
Used upstream's query, while adding local-only filtering back.
- `app/controllers/activitypub/collections_controller.rb`:
Same thing with regards to local-only posts.
- `app/validators/status_pin_validator.rb`:
Not a real conflict, but the line below was different in glitch-soc due to
the configurable pinned toots limit.
|
|
* Add support for private pinned toots
* Allow local user to pin private toots
* Change wording to avoid "direct message"
|
|
Conflicts:
- `README.md`:
Upstream added some text, but our README is completely different.
Kept our README unchanged.
|
|
|