From fba96c808d25d2fc35ec63ee6745a1e55a95d707 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 27 Apr 2019 03:24:09 +0200 Subject: Add blurhash (#10630) * Add blurhash * Use fallback color for spoiler when blurhash missing * Federate the blurhash and accept it as long as it's at most 5x5 * Display unknown media attachments as blurhash placeholders * Improve style of embed actions and spoiler button * Change blurhash resolution from 3x3 to 4x4 * Improve dependency definitions * Fix code style issues --- Gemfile | 1 + 1 file changed, 1 insertion(+) (limited to 'Gemfile') diff --git a/Gemfile b/Gemfile index 6fe97412b..fa8478d89 100644 --- a/Gemfile +++ b/Gemfile @@ -21,6 +21,7 @@ gem 'fog-openstack', '~> 0.3', require: false gem 'paperclip', '~> 6.0' gem 'paperclip-av-transcoder', '~> 0.6' gem 'streamio-ffmpeg', '~> 3.0' +gem 'blurhash', '~> 0.1' gem 'active_model_serializers', '~> 0.10' gem 'addressable', '~> 2.6' -- cgit From feff0fc9b2cf0a37175da23c38484759971b8db8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Tue, 30 Apr 2019 18:05:22 +0200 Subject: Bump rubocop from 0.67.2 to 0.68.0 (#10654) Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.67.2 to 0.68.0. - [Release notes](https://github.com/rubocop-hq/rubocop/releases) - [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.67.2...v0.68.0) Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) (limited to 'Gemfile') diff --git a/Gemfile b/Gemfile index fa8478d89..b908dc494 100644 --- a/Gemfile +++ b/Gemfile @@ -128,7 +128,7 @@ group :development do gem 'letter_opener', '~> 1.7' gem 'letter_opener_web', '~> 1.3' gem 'memory_profiler' - gem 'rubocop', '~> 0.67', require: false + gem 'rubocop', '~> 0.68', require: false gem 'brakeman', '~> 4.5', require: false gem 'bundler-audit', '~> 0.6', require: false gem 'scss_lint', '~> 0.57', require: false diff --git a/Gemfile.lock b/Gemfile.lock index 0148cb5ea..d03ed2e60 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -395,7 +395,7 @@ GEM parallel (1.17.0) parallel_tests (2.28.0) parallel - parser (2.6.2.1) + parser (2.6.3.0) ast (~> 2.4.0) pastel (0.7.2) equatable (~> 0.5.0) @@ -420,7 +420,6 @@ GEM pry (~> 0.10) pry-rails (0.3.9) pry (>= 0.10.4) - psych (3.1.0) public_suffix (3.0.3) puma (3.12.1) pundit (2.0.1) @@ -528,11 +527,10 @@ GEM rspec-core (~> 3.0, >= 3.0.0) sidekiq (>= 2.4.0) rspec-support (3.8.0) - rubocop (0.67.2) + rubocop (0.68.0) jaro_winkler (~> 1.5.1) parallel (~> 1.10) parser (>= 2.5, != 2.5.1.1) - psych (>= 3.1.0) rainbow (>= 2.2.2, < 4.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 1.6) @@ -750,7 +748,7 @@ DEPENDENCIES rqrcode (~> 0.10) rspec-rails (~> 3.8) rspec-sidekiq (~> 3.0) - rubocop (~> 0.67) + rubocop (~> 0.68) sanitize (~> 5.0) scss_lint (~> 0.57) sidekiq (~> 5.2) -- cgit From 7c94b190c8b65da46bb394499240c4c8569d29ca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Tue, 30 Apr 2019 18:05:49 +0200 Subject: Bump bullet from 5.9.0 to 6.0.0 (#10635) Bumps [bullet](https://github.com/flyerhzm/bullet) from 5.9.0 to 6.0.0. - [Release notes](https://github.com/flyerhzm/bullet/releases) - [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md) - [Commits](https://github.com/flyerhzm/bullet/compare/5.9.0...6.0.0) Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'Gemfile') diff --git a/Gemfile b/Gemfile index b908dc494..8078e46a0 100644 --- a/Gemfile +++ b/Gemfile @@ -124,7 +124,7 @@ group :development do gem 'annotate', '~> 2.7' gem 'better_errors', '~> 2.5' gem 'binding_of_caller', '~> 0.7' - gem 'bullet', '~> 5.9' + gem 'bullet', '~> 6.0' gem 'letter_opener', '~> 1.7' gem 'letter_opener_web', '~> 1.3' gem 'memory_profiler' diff --git a/Gemfile.lock b/Gemfile.lock index d03ed2e60..188e99b13 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -106,7 +106,7 @@ GEM brakeman (4.5.0) browser (2.5.3) builder (3.2.3) - bullet (5.9.0) + bullet (6.0.0) activesupport (>= 3.0.0) uniform_notifier (~> 1.11) bundler-audit (0.6.1) @@ -665,7 +665,7 @@ DEPENDENCIES bootsnap (~> 1.4) brakeman (~> 4.5) browser - bullet (~> 5.9) + bullet (~> 6.0) bundler-audit (~> 0.6) capistrano (~> 3.11) capistrano-rails (~> 1.4) -- cgit From 61e28b0ccc04f7a0c72cb663962eb152ab63a998 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Fri, 3 May 2019 17:29:53 +0900 Subject: Bump scss_lint from 0.57.1 to 0.58.0 (#10678) Bumps [scss_lint](https://github.com/sds/scss-lint) from 0.57.1 to 0.58.0. - [Release notes](https://github.com/sds/scss-lint/releases) - [Changelog](https://github.com/sds/scss-lint/blob/master/CHANGELOG.md) - [Commits](https://github.com/sds/scss-lint/compare/v0.57.1...v0.58.0) Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'Gemfile') diff --git a/Gemfile b/Gemfile index 8078e46a0..67df76be6 100644 --- a/Gemfile +++ b/Gemfile @@ -131,7 +131,7 @@ group :development do gem 'rubocop', '~> 0.68', require: false gem 'brakeman', '~> 4.5', require: false gem 'bundler-audit', '~> 0.6', require: false - gem 'scss_lint', '~> 0.57', require: false + gem 'scss_lint', '~> 0.58', require: false gem 'capistrano', '~> 3.11' gem 'capistrano-rails', '~> 1.4' diff --git a/Gemfile.lock b/Gemfile.lock index 61dd53c5e..09b0de614 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -471,8 +471,8 @@ GEM rainbow (3.0.0) rake (12.3.2) rb-fsevent (0.10.3) - rb-inotify (0.9.10) - ffi (>= 0.5.0, < 2) + rb-inotify (0.10.0) + ffi (~> 1.0) rdf (3.0.9) hamster (~> 3.0) link_header (~> 0.0, >= 0.0.8) @@ -544,12 +544,12 @@ GEM crass (~> 1.0.2) nokogiri (>= 1.8.0) nokogumbo (~> 2.0) - sass (3.6.0) + sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - scss_lint (0.57.1) + scss_lint (0.58.0) rake (>= 0.9, < 13) sass (~> 3.5, >= 3.5.5) sidekiq (5.2.7) @@ -750,7 +750,7 @@ DEPENDENCIES rspec-sidekiq (~> 3.0) rubocop (~> 0.68) sanitize (~> 5.0) - scss_lint (~> 0.57) + scss_lint (~> 0.58) sidekiq (~> 5.2) sidekiq-bulk (~> 0.2.0) sidekiq-scheduler (~> 3.0) -- cgit From ecbea2e3c6e49387b1eaefbbebd2013867414ca2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Fri, 3 May 2019 16:16:11 +0200 Subject: Bump rack-attack from 5.4.2 to 6.0.0 (#10599) * Bump rack-attack from 5.4.2 to 6.0.0 Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 5.4.2 to 6.0.0. - [Release notes](https://github.com/kickstarter/rack-attack/releases) - [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md) - [Commits](https://github.com/kickstarter/rack-attack/compare/v5.4.2...v6.0.0) Signed-off-by: dependabot[bot] * fix payload[:request] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- config/initializers/rack_attack_logging.rb | 4 +++- 3 files changed, 6 insertions(+), 4 deletions(-) (limited to 'Gemfile') diff --git a/Gemfile b/Gemfile index 67df76be6..db00c24fb 100644 --- a/Gemfile +++ b/Gemfile @@ -66,7 +66,7 @@ gem 'ox', '~> 2.10' gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c' gem 'pundit', '~> 2.0' gem 'premailer-rails' -gem 'rack-attack', '~> 5.4' +gem 'rack-attack', '~> 6.0' gem 'rack-cors', '~> 1.0', require: 'rack/cors' gem 'rails-i18n', '~> 5.1' gem 'rails-settings-cached', '~> 0.6' diff --git a/Gemfile.lock b/Gemfile.lock index 09b0de614..7ab907f6d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -426,7 +426,7 @@ GEM activesupport (>= 3.0.0) raabro (1.1.6) rack (2.0.7) - rack-attack (5.4.2) + rack-attack (6.0.0) rack (>= 1.0, < 3) rack-cors (1.0.3) rack-protection (2.0.5) @@ -735,7 +735,7 @@ DEPENDENCIES pry-rails (~> 0.3) puma (~> 3.12) pundit (~> 2.0) - rack-attack (~> 5.4) + rack-attack (~> 6.0) rack-cors (~> 1.0) rails (~> 5.2.3) rails-controller-testing (~> 1.0) diff --git a/config/initializers/rack_attack_logging.rb b/config/initializers/rack_attack_logging.rb index 2ddbfb99c..c30bd8a64 100644 --- a/config/initializers/rack_attack_logging.rb +++ b/config/initializers/rack_attack_logging.rb @@ -1,4 +1,6 @@ -ActiveSupport::Notifications.subscribe('rack.attack') do |_name, _start, _finish, _request_id, req| +ActiveSupport::Notifications.subscribe(/rack_attack/) do |_name, _start, _finish, _request_id, payload| + req = payload[:request] + next unless [:throttle, :blacklist].include? req.env['rack.attack.match_type'] Rails.logger.info("Rate limit hit (#{req.env['rack.attack.match_type']}): #{req.ip} #{req.request_method} #{req.fullpath}") end -- cgit