From 269a445c0b24de37972cf35b26f9362c2b62122c Mon Sep 17 00:00:00 2001
From: abcang <abcang1015@gmail.com>
Date: Sat, 25 Nov 2017 02:41:07 +0900
Subject: Fix unnecessary order (#5807)

---
 app/models/status.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/models/status.rb')

diff --git a/app/models/status.rb b/app/models/status.rb
index 26095070f..d6810941a 100644
--- a/app/models/status.rb
+++ b/app/models/status.rb
@@ -175,7 +175,7 @@ class Status < ApplicationRecord
     end
 
     def reblogs_map(status_ids, account_id)
-      select('reblog_of_id').where(reblog_of_id: status_ids).where(account_id: account_id).map { |s| [s.reblog_of_id, true] }.to_h
+      select('reblog_of_id').where(reblog_of_id: status_ids).where(account_id: account_id).reorder(nil).map { |s| [s.reblog_of_id, true] }.to_h
     end
 
     def mutes_map(conversation_ids, account_id)
-- 
cgit 


From 32987004c95aebfc390b7cd9e93d9a386095c0a0 Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Fri, 24 Nov 2017 18:36:08 -0600
Subject: status: preserve visibility attribute when reblogging (infoleak fix)
 (#5789)

this should fix *all* remaining visibility-related mastodon ostatus infoleaks.
thanks to @csaurus@gnusocial.de for pointing out the infoleak.
---
 app/models/status.rb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'app/models/status.rb')

diff --git a/app/models/status.rb b/app/models/status.rb
index d6810941a..8579ff9e4 100644
--- a/app/models/status.rb
+++ b/app/models/status.rb
@@ -278,6 +278,7 @@ class Status < ApplicationRecord
 
   def set_visibility
     self.visibility = (account.locked? ? :private : :public) if visibility.nil?
+    self.visibility = reblog.visibility if reblog?
     self.sensitive  = false if sensitive.nil?
   end
 
-- 
cgit