cat aescling's git repositories

]> cat aescling's git repositories - mastodon.git/log

cat aescling's git repositories / mastodon.git / log

commit | commitdiff | tree

Eugen Rochko [Sat, 12 Feb 2022 00:08:23 +0000 (01:08 +0100)]

Fix layout of the report page on smaller screens in admin UI (#17523)

Fix #17491

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 22:16:52 +0000 (23:16 +0100)]

Bump puma from 5.6.1 to 5.6.2 (#17526)

Bumps [puma](https://github.com/puma/puma) from 5.6.1 to 5.6.2.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.6.1...v5.6.2)

---
updated-dependencies:
- dependency-name: puma
dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

Jeong Arm [Fri, 11 Feb 2022 21:23:19 +0000 (06:23 +0900)]

Enable domain purge button on suspended domains too (#17209)

* Enable domain purge button on suspended domains too

* Change unless to if

commit | commitdiff | tree

Eugen Rochko [Fri, 11 Feb 2022 21:20:19 +0000 (22:20 +0100)]

Add notifications when a reblogged status has been updated (#17404)

* Add notifications when a reblogged status has been updated

* Change wording to say "edit" instead of "update" and add missing controls

* Replace previous update notifications with the most up-to-date one

commit | commitdiff | tree

Eugen Rochko [Fri, 11 Feb 2022 20:51:57 +0000 (21:51 +0100)]

Change actions in reports to require only one click (#17487)

commit | commitdiff | tree

Eugen Rochko [Fri, 11 Feb 2022 20:16:23 +0000 (21:16 +0100)]

Change reblogs to not count towards hashtag trends anymore (#17501)

commit | commitdiff | tree

bobbyd0g [Fri, 11 Feb 2022 14:01:40 +0000 (09:01 -0500)]

Helm chart SSO support (#17205)

* Add SAML support

* move extAuth below essential components

* Add CAS, PAM, LDAP support

* Add WEB_DOMAIN and S3_ALIAS_HOST support

* SAML defaults aligned

* Bump chart version

* SSO & WEB_DOMAIN support added

* Add OIDC support

* Correct typo

* Notice for OIDC support

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

commit | commitdiff | tree

Eugen Rochko [Fri, 11 Feb 2022 13:52:45 +0000 (14:52 +0100)]

Fix deletes not being signed in authorized fetch mode (#17484)

Fix #17483

commit | commitdiff | tree

Claire [Fri, 11 Feb 2022 13:52:07 +0000 (14:52 +0100)]

Fix Undo Announce sometimes inlining the originally Announced status (#17516)

* Change tests to have more specific expectations on sent ActivityPub payloads

* Check that payload doesn't actually contain the contents of the boosted toot

* Fix Undo Announce sometimes inlining the originally Announced status

commit | commitdiff | tree

Eugen Rochko [Fri, 11 Feb 2022 03:50:27 +0000 (04:50 +0100)]

New Crowdin updates (#16858)

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations simple_form.en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations simple_form.en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations devise.en.yml (French)
[ci skip]

* New translations devise.en.yml (French)
[ci skip]

* New translations activerecord.en.yml (French)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Scottish Gaelic)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Hebrew)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations activerecord.en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations doorkeeper.en.yml (Slovenian)
[ci skip]

* New translations activerecord.en.yml (Slovenian)
[ci skip]

* New translations simple_form.en.yml (Slovenian)
[ci skip]

* New translations devise.en.yml (Slovenian)
[ci skip]

* New translations simple_form.en.yml (Slovenian)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations devise.en.yml (Slovenian)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations doorkeeper.en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations simple_form.en.yml (Slovenian)
[ci skip]

* New translations devise.en.yml (Slovenian)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Catalan)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations simple_form.en.yml (Catalan)
[ci skip]

* New translations simple_form.en.yml (Catalan)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.json (Catalan)
[ci skip]

* New translations simple_form.en.yml (Catalan)
[ci skip]

* New translations doorkeeper.en.yml (Catalan)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.json (Catalan)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Vietnamese)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.json (Occitan)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations en.json (Norwegian Nynorsk)
[ci skip]

* New translations en.json (Norwegian Nynorsk)
[ci skip]

* New translations en.json (Norwegian)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Armenian)
[ci skip]

* New translations en.yml (Georgian)
[ci skip]

* New translations en.yml (Lithuanian)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Norwegian)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Albanian)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations en.yml (Serbian (Cyrillic))
[ci skip]

* New translations en.yml (Turkish)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Icelandic)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Finnish)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Vietnamese)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Scottish Gaelic)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Romanian)
[ci skip]

* New translations en.yml (Czech)
[ci skip]

* New translations en.yml (Danish)
[ci skip]

* New translations en.yml (Spanish, Mexico)
[ci skip]

* New translations en.yml (Kabyle)
[ci skip]

* New translations en.yml (Sardinian)
[ci skip]

* New translations en.yml (Corsican)
[ci skip]

* New translations en.yml (Sorani (Kurdish))
[ci skip]

* New translations en.yml (Kurmanji (Kurdish))
[ci skip]

* New translations en.yml (Asturian)
[ci skip]

* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.yml (Esperanto)
[ci skip]

* New translations en.yml (Welsh)
[ci skip]

* New translations en.yml (Latvian)
[ci skip]

* New translations en.yml (Estonian)
[ci skip]

* New translations en.yml (Kazakh)
[ci skip]

* New translations en.yml (Norwegian Nynorsk)
[ci skip]

* New translations en.yml (Kurmanji (Kurdish))
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (Hebrew)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Albanian)
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Icelandic)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Turkish)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Danish)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Latvian)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations devise.en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations devise.en.yml (Thai)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations devise.en.yml (Thai)
[ci skip]

* New translations devise.en.yml (Thai)
[ci skip]

* New translations en.yml (Spanish, Mexico)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Latvian)
[ci skip]

* New translations en.yml (Kurmanji (Kurdish))
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Danish)
[ci skip]

* New translations en.yml (Vietnamese)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Turkish)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.json (Greek)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.json (Greek)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Kabyle)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations simple_form.en.yml (Slovenian)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Icelandic)
[ci skip]

* New translations simple_form.en.yml (Polish)
[ci skip]

* New translations en.yml (Esperanto)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* Ran `i18n-tasks normalize`

* Ran `yarn manage:translations`

* Add space

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 02:59:31 +0000 (11:59 +0900)]

Bump @babel/plugin-transform-runtime from 7.16.10 to 7.17.0 (#17474)

Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.16.10 to 7.17.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.0/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 02:59:26 +0000 (11:59 +0900)]

Bump @babel/core from 7.16.12 to 7.17.2 (#17510)

Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.16.12 to 7.17.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.2/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 02:59:12 +0000 (11:59 +0900)]

Bump jest from 27.4.7 to 27.5.1 (#17512)

Bumps [jest](https://github.com/facebook/jest) from 27.4.7 to 27.5.1.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/compare/v27.4.7...v27.5.1)

---
updated-dependencies:
- dependency-name: jest
dependency-type: direct:development
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 01:54:19 +0000 (10:54 +0900)]

Bump @testing-library/jest-dom from 5.16.1 to 5.16.2 (#17469)

Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 5.16.1 to 5.16.2.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.16.1...v5.16.2)

---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 01:53:51 +0000 (10:53 +0900)]

Bump sass from 1.49.0 to 1.49.7 (#17470)

Bumps [sass](https://github.com/sass/dart-sass) from 1.49.0 to 1.49.7.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.49.0...1.49.7)

---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 01:53:06 +0000 (10:53 +0900)]

Bump babel-jest from 27.4.6 to 27.5.0 (#17477)

Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 27.4.6 to 27.5.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v27.5.0/packages/babel-jest)

---
updated-dependencies:
- dependency-name: babel-jest
dependency-type: direct:development
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 01:50:45 +0000 (10:50 +0900)]

Bump @babel/runtime from 7.16.7 to 7.17.0 (#17473)

Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.16.7 to 7.17.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.0/packages/babel-runtime)

---
updated-dependencies:
- dependency-name: "@babel/runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 01:50:09 +0000 (10:50 +0900)]

Bump @babel/plugin-proposal-decorators from 7.16.7 to 7.17.0 (#17468)

Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.16.7 to 7.17.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.0/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Fri, 11 Feb 2022 01:49:31 +0000 (10:49 +0900)]

Bump sidekiq-unique-jobs from 7.1.12 to 7.1.15 (#17505)

Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 7.1.12 to 7.1.15.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.1.12...v7.1.15)

---
updated-dependencies:
- dependency-name: sidekiq-unique-jobs
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

Claire [Thu, 10 Feb 2022 21:00:10 +0000 (22:00 +0100)]

Fix some flaky tests that randomly failed because of item ordering (#17509)

commit | commitdiff | tree

Claire [Thu, 10 Feb 2022 18:42:45 +0000 (19:42 +0100)]

Improve tests involving push_bulk (#17508)

sidekiq-bulk's push_bulk can either accept arguments directly or run them
through a block.

Setting expectations on the result of evaluating the blocks allows testing
more code (the block itself) and the test is moved closer to the *interface*
of the tested code than its precise implementation.

commit | commitdiff | tree

Eugen Rochko [Thu, 10 Feb 2022 14:28:53 +0000 (15:28 +0100)]

Chore: Disable menu items for editing statuses in web UI (#17497)

Feature must be unlocked in a separate release for max. compatibility

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:25:42 +0000 (15:25 +0100)]

Bump fabrication from 2.24.0 to 2.27.0 (#17447)

Bumps [fabrication](https://gitlab.com/fabrication-gem/fabrication) from 2.24.0 to 2.27.0.
- [Release notes](https://gitlab.com/fabrication-gem/fabrication/tags)
- [Changelog](https://gitlab.com/fabrication-gem/fabrication/blob/master/Changelog.markdown)
- [Commits](https://gitlab.com/fabrication-gem/fabrication/compare/2.24.0...2.27.0)

---
updated-dependencies:
- dependency-name: fabrication
dependency-type: direct:development
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:12:33 +0000 (15:12 +0100)]

Bump rubocop from 1.25.0 to 1.25.1 (#17446)

Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.25.0 to 1.25.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.25.0...v1.25.1)

---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:12:09 +0000 (15:12 +0100)]

Bump aws-sdk-s3 from 1.111.3 to 1.112.0 (#17452)

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.111.3 to 1.112.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:11:41 +0000 (15:11 +0100)]

Bump bootsnap from 1.10.2 to 1.10.3 (#17466)

Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.10.2...v1.10.3)

---
updated-dependencies:
- dependency-name: bootsnap
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:11:16 +0000 (15:11 +0100)]

Bump ox from 2.14.6 to 2.14.7 (#17453)

Bumps [ox](https://github.com/ohler55/ox) from 2.14.6 to 2.14.7.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.14.6...v2.14.7)

---
updated-dependencies:
- dependency-name: ox
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:10:47 +0000 (15:10 +0100)]

Bump pg from 1.3.0 to 1.3.1 (#17450)

Bumps [pg](https://github.com/ged/ruby-pg) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: pg
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:09:06 +0000 (15:09 +0100)]

Bump puma from 5.5.2 to 5.6.1 (#17411)

Bumps [puma](https://github.com/puma/puma) from 5.5.2 to 5.6.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.5.2...v5.6.1)

---
updated-dependencies:
- dependency-name: puma
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 10 Feb 2022 14:07:06 +0000 (15:07 +0100)]

Bump sidekiq from 6.4.0 to 6.4.1 (#17480)

Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.4.0...v6.4.1)

---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

Claire [Thu, 10 Feb 2022 13:57:10 +0000 (14:57 +0100)]

Fix NoMethodError in StatusUpdateDistributionWorker (#17499)

* Add tests

* Fix NoMethodError in StatusUpdateDistributionWorker

* Fix tests

commit | commitdiff | tree

Claire [Thu, 10 Feb 2022 13:26:54 +0000 (14:26 +0100)]

Fix poll votes not being properly reset on poll change (#17498)

* Fix poll votes not being properly reset on poll change

* Fix and add tests

* Fix poll update handling when the number of options changes

commit | commitdiff | tree

Eugen Rochko [Thu, 10 Feb 2022 02:09:44 +0000 (03:09 +0100)]

Fix outdated iso-639 reference in update status service (#17496)

commit | commitdiff | tree

Eugen Rochko [Wed, 9 Feb 2022 23:15:30 +0000 (00:15 +0100)]

Add editing for published statuses (#17320)

* Add editing for published statuses

* Fix change of multiple-choice boolean in poll not resetting votes

* Remove the ability to update existing media attachments for now

commit | commitdiff | tree

Eugen Rochko [Wed, 9 Feb 2022 23:10:27 +0000 (00:10 +0100)]

Chore: Update browserslist (#17493)

commit | commitdiff | tree

Eugen Rochko [Wed, 9 Feb 2022 23:10:16 +0000 (00:10 +0100)]

Add `category` and `rule_ids` params to `POST /api/v1/reports` (#17492)

commit | commitdiff | tree

Takuya Yoshida [Wed, 9 Feb 2022 11:30:00 +0000 (20:30 +0900)]

Add support >= 1.22 (#17490)

commit | commitdiff | tree

Eugen Rochko [Wed, 9 Feb 2022 03:15:38 +0000 (04:15 +0100)]

Change languages to be listed under standard instead of native name in admin UI (#17485)

commit | commitdiff | tree

Eugen Rochko [Wed, 9 Feb 2022 00:17:07 +0000 (01:17 +0100)]

Add edit history to web UI (#17390)

* Add edit history to web UI

* Change history reducer to store items per status

* Fix missing loading prop

commit | commitdiff | tree

Eugen Rochko [Tue, 8 Feb 2022 21:23:04 +0000 (22:23 +0100)]

Fix error in suggestions API due to typo (#17486)

Regression from #17479

commit | commitdiff | tree

Eugen Rochko [Tue, 8 Feb 2022 01:41:17 +0000 (02:41 +0100)]

Remove language detection through cld3 (#17478)

* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

commit | commitdiff | tree

Eugen Rochko [Tue, 8 Feb 2022 01:34:56 +0000 (02:34 +0100)]

Add global `locale` param (#17464)

- Remove the session-based locale stickyness

commit | commitdiff | tree

Eugen Rochko [Tue, 8 Feb 2022 00:53:49 +0000 (01:53 +0100)]

Fix localization of cold-start follow recommendations (#17479)

commit | commitdiff | tree

Claire [Mon, 7 Feb 2022 18:57:06 +0000 (19:57 +0100)]

Fix Ruby 2.5 incompatibility (#17465)

commit | commitdiff | tree

Eugen Rochko [Mon, 7 Feb 2022 17:16:31 +0000 (18:16 +0100)]

Fix structured data parsing from links choking on bad data (#17403)

* Fix structured data parsing from links choking on bad data

- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag

* Remove unnecessary slash escapes from CDATA regex pattern

commit | commitdiff | tree

Claire [Mon, 7 Feb 2022 16:06:43 +0000 (17:06 +0100)]

Fix replies collection incorrectly looping (#17462)

* Refactor tests

* Add tests

* Fix replies collection incorrectly looping

commit | commitdiff | tree

Claire [Mon, 7 Feb 2022 12:14:48 +0000 (13:14 +0100)]

Fix errors when multiple Delete are received for a given actor (#17460)

commit | commitdiff | tree

Claire [Sun, 6 Feb 2022 14:31:03 +0000 (15:31 +0100)]

Fix instance actor not being dereferenceable (#17457)

* Add tests

* Fix instance actor not being dereferenceable

* Fix tests

* Fix tests for real

commit | commitdiff | tree

potpro [Sat, 5 Feb 2022 16:29:54 +0000 (01:29 +0900)]

Update build-image.yml (#17454)

commit | commitdiff | tree

Eugen Rochko [Sat, 5 Feb 2022 04:06:34 +0000 (05:06 +0100)]

Fix error on account relationships page in admin UI (#17444)

commit | commitdiff | tree

dependabot[bot] [Sat, 5 Feb 2022 04:03:12 +0000 (13:03 +0900)]

Bump brakeman from 5.2.0 to 5.2.1 (#17410)

Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v5.2.0...v5.2.1)

---
updated-dependencies:
- dependency-name: brakeman
dependency-type: direct:development
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Sat, 5 Feb 2022 04:03:06 +0000 (13:03 +0900)]

Bump redis from 4.0.2 to 4.0.3 (#17412)

Bumps [redis](https://github.com/redis/node-redis) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/redis/node-redis/releases)
- [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/node-redis/compare/redis@4.0.2...redis@4.0.3)

---
updated-dependencies:
- dependency-name: redis
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Sat, 5 Feb 2022 04:02:57 +0000 (13:02 +0900)]

Bump sidekiq-scheduler from 3.1.0 to 3.1.1 (#17407)

Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: sidekiq-scheduler
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Sat, 5 Feb 2022 04:02:42 +0000 (13:02 +0900)]

Bump http-link-header from 1.0.3 to 1.0.4 (#17414)

Bumps [http-link-header](https://github.com/jhermsmeier/node-http-link-header) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/jhermsmeier/node-http-link-header/releases)
- [Changelog](https://github.com/jhermsmeier/node-http-link-header/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhermsmeier/node-http-link-header/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: http-link-header
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

Alexandra Catalina [Thu, 3 Feb 2022 20:29:20 +0000 (12:29 -0800)]

Update tootsuite/mastodon Docker tag to v3.4.6 (#17436)

Co-authored-by: Renovate Bot <bot@renovateapp.com>

commit | commitdiff | tree

Eugen Rochko [Thu, 3 Feb 2022 13:21:38 +0000 (14:21 +0100)]

Forward-port version bump to 3.4.6 (#17434)

commit | commitdiff | tree

Claire [Thu, 3 Feb 2022 13:09:04 +0000 (14:09 +0100)]

Fix compacted JSON-LD possibly causing compatibility issues on forwarding (#17428)

commit | commitdiff | tree

Claire [Thu, 3 Feb 2022 13:07:43 +0000 (14:07 +0100)]

Fix response_to_recipient? CTE (#17427)

commit | commitdiff | tree

Claire [Thu, 3 Feb 2022 13:07:29 +0000 (14:07 +0100)]

Compact JSON-LD signed incoming activities (#17426)

Co-authored-by: Puck Meerburg <puck@puck.moe>

commit | commitdiff | tree

Alexandra Catalina [Tue, 1 Feb 2022 19:57:50 +0000 (11:57 -0800)]

Update tootsuite/mastodon Docker tag to v3.4.5 (#17417)

Co-authored-by: Renovate Bot <bot@renovateapp.com>

commit | commitdiff | tree

Claire [Tue, 1 Feb 2022 19:57:39 +0000 (20:57 +0100)]

Fix requiring an extra restart after recent post-deployment migrations (#17422)

Follow-up to #16409

commit | commitdiff | tree

Rohan Sharma [Tue, 1 Feb 2022 16:34:48 +0000 (22:04 +0530)]

Fixed prototype pollution bug and only allow trusted origin (#17420)

commit | commitdiff | tree

Claire [Mon, 31 Jan 2022 20:27:40 +0000 (21:27 +0100)]

Bump version to 3.4.5 (#17402)

commit | commitdiff | tree

Daniel Jakots [Sun, 30 Jan 2022 23:32:03 +0000 (18:32 -0500)]

Bump NODE_VER to 16.13.2, to solve security issues (#17399)

Fixes CVE-2021-44532, CVE-2021-44533, and CVE-2022-21824.
See: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/

commit | commitdiff | tree

Claire [Sun, 30 Jan 2022 22:50:08 +0000 (23:50 +0100)]

Add more advanced migration tests (#17393)

- populate the database with some data when testing migrations
- try both one-step and two-step migrations (`SKIP_POST_DEPLOYMENT_MIGRATIONS`)

commit | commitdiff | tree

Claire [Sun, 30 Jan 2022 22:49:52 +0000 (23:49 +0100)]

Change index corruption warning to be a little less scary (#17395)

commit | commitdiff | tree

Claire [Sun, 30 Jan 2022 21:34:54 +0000 (22:34 +0100)]

Fix edge case in migration helpers that caused crash because of PostgreSQL quirks (#17398)

commit | commitdiff | tree

Claire [Sun, 30 Jan 2022 20:38:54 +0000 (21:38 +0100)]

Fix some old migration scripts (#17394)

* Fix some old migration scripts

* Fix edge case in two-step migration from older releases

commit | commitdiff | tree

Claire [Fri, 28 Jan 2022 13:24:37 +0000 (14:24 +0100)]

Change public profile pages to be disabled for unconfirmed users (#17385)

Fixes #17382

Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.

commit | commitdiff | tree

Claire [Thu, 27 Jan 2022 23:46:42 +0000 (00:46 +0100)]

Refactor and improve tests (#17386)

* Change account and user fabricators to simplify and improve tests

- `Fabricate(:account)` implicitly fabricates an associated `user` if
  no `domain` attribute is given (an account with `domain: nil` is
  considered a local account, but no user record was created), unless
  `user: nil` is passed
- `Fabricate(:account, user: Fabricate(:user))` should still be possible
  but is discouraged.

* Fix and refactor tests

- avoid passing unneeded attributes to `Fabricate(:user)` or
  `Fabricate(:account)`
- avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other
  way around
- prefer `Fabricate(:user, account_attributes: …)` to
  `Fabricate(:user, account: Fabricate(:account, …)`
- also, some tests were using remote accounts with local user records, which is
  not representative of production code.

commit | commitdiff | tree

Claire [Thu, 27 Jan 2022 23:43:56 +0000 (00:43 +0100)]

Fix Sidekiq warnings about JSON serialization (#17381)

* Fix Sidekiq warnings about JSON serialization

This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.

See https://github.com/mperham/sidekiq/pull/5071

We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.

* Set Sidekiq to raise on unsafe arguments in test mode

In order to more easily catch issues that would produce warnings in production
code.

commit | commitdiff | tree

Claire [Thu, 27 Jan 2022 17:13:41 +0000 (18:13 +0100)]

Fix some old database migrations (#17379)

commit | commitdiff | tree

dependabot[bot] [Thu, 27 Jan 2022 11:26:40 +0000 (20:26 +0900)]

Bump pg from 1.2.3 to 1.3.0 (#17349)

Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.3 to 1.3.0.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.3...v1.3.0)

---
updated-dependencies:
- dependency-name: pg
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 27 Jan 2022 11:26:18 +0000 (20:26 +0900)]

Bump axios from 0.24.0 to 0.25.0 (#17354)

Bumps [axios](https://github.com/axios/axios) from 0.24.0 to 0.25.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Thu, 27 Jan 2022 11:25:18 +0000 (20:25 +0900)]

Bump rdf-normalize from 0.4.0 to 0.5.0 (#17226)

Bumps [rdf-normalize](https://github.com/ruby-rdf/rdf-normalize) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/ruby-rdf/rdf-normalize/releases)
- [Commits](https://github.com/ruby-rdf/rdf-normalize/compare/0.4.0...0.5.0)

---
updated-dependencies:
- dependency-name: rdf-normalize
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

Claire [Wed, 26 Jan 2022 19:53:50 +0000 (20:53 +0100)]

Fix local distribution of edited statuses (#17380)

Because `FanOutOnWriteService#update?` was broken, edits were considered as new
toots and a regular `update` payload was sent.

commit | commitdiff | tree

Su Yang [Wed, 26 Jan 2022 17:08:49 +0000 (01:08 +0800)]

Add healthcheck for sidekiq (#17365)

commit | commitdiff | tree

Eugen Rochko [Wed, 26 Jan 2022 17:05:39 +0000 (18:05 +0100)]

Fix poll updates being saved as status edits (#17373)

Fix #17344

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 12:25:26 +0000 (21:25 +0900)]

Bump sass from 1.48.0 to 1.49.0 (#17352)

Bumps [sass](https://github.com/sass/dart-sass) from 1.48.0 to 1.49.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.48.0...1.49.0)

---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 12:23:42 +0000 (21:23 +0900)]

Bump json-ld-preloaded from 3.1.6 to 3.2.0 (#17353)

Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.6 to 3.2.0.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.6...3.2.0)

---
updated-dependencies:
- dependency-name: json-ld-preloaded
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 12:22:51 +0000 (21:22 +0900)]

Bump fabrication from 2.23.1 to 2.24.0 (#17356)

Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.23.1 to 2.24.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/commits)

---
updated-dependencies:
- dependency-name: fabrication
dependency-type: direct:development
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 12:22:10 +0000 (21:22 +0900)]

Bump sidekiq from 6.3.1 to 6.4.0 (#17350)

Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.3.1 to 6.4.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.3.1...v6.4.0)

---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:52:40 +0000 (20:52 +0900)]

Bump @babel/plugin-transform-runtime from 7.16.8 to 7.16.10 (#17361)

Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.16.8 to 7.16.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.10/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:48:05 +0000 (20:48 +0900)]

Bump cld3 from 3.4.3 to 3.4.4 (#17357)

Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.4.3 to 3.4.4.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.4.3...v3.4.4)

---
updated-dependencies:
- dependency-name: cld3
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:46:52 +0000 (20:46 +0900)]

Bump aws-sdk-s3 from 1.111.1 to 1.111.3 (#17368)

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.111.1 to 1.111.3.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:45:45 +0000 (20:45 +0900)]

Bump bootsnap from 1.10.1 to 1.10.2 (#17367)

Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.10.1...v1.10.2)

---
updated-dependencies:
- dependency-name: bootsnap
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:44:01 +0000 (20:44 +0900)]

Bump node-fetch from 2.6.1 to 2.6.7 (#17366)

Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:41:22 +0000 (20:41 +0900)]

Bump nanoid from 3.1.23 to 3.2.0 (#17342)

Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.23 to 3.2.0.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.1.23...3.2.0)

---
updated-dependencies:
- dependency-name: nanoid
dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:39:43 +0000 (20:39 +0900)]

Bump @babel/preset-env from 7.16.8 to 7.16.11 (#17358)

Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.16.8 to 7.16.11.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.11/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:39:08 +0000 (20:39 +0900)]

Bump rubocop from 1.24.1 to 1.25.0 (#17322)

Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.24.1 to 1.25.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.24.1...v1.25.0)

---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:34:55 +0000 (20:34 +0900)]

Bump @babel/core from 7.16.7 to 7.16.12 (#17360)

Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.16.7 to 7.16.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.12/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit | commitdiff | tree

dependabot[bot] [Tue, 25 Jan 2022 11:34:37 +0000 (20:34 +0900)]

Bump rails from 6.1.4.1 to 6.1.4.4 (#17159)

* Bump rails from 6.1.4.1 to 6.1.4.4

Bumps [rails](https://github.com/rails/rails) from 6.1.4.1 to 6.1.4.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.4.1...v6.1.4.4)

---
updated-dependencies:
- dependency-name: rails
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
* Revert marcel to 1.0.1

Avoid some regression that need to be investigated

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>

commit | commitdiff | tree

Wonderfall [Mon, 24 Jan 2022 12:14:26 +0000 (13:14 +0100)]

disable legacy XSS filtering (#17289)

Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.

commit | commitdiff | tree

Claire [Mon, 24 Jan 2022 02:29:03 +0000 (03:29 +0100)]

Fix link_to_login argument handling when a block is passed (#17345)

commit | commitdiff | tree

Claire [Sun, 23 Jan 2022 17:10:10 +0000 (18:10 +0100)]

Fix error-prone SQL queries (#15828)

* Fix error-prone SQL queries in Account search

While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.

This PR parameterises the `to_tsquery` input to make the query more robust.

* Harden code for Status#tagged_with_all and Status#tagged_with_none

Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.

* Remove unneeded spaces surrounding tsquery term

* Please CodeClimate

* Move advanced_search_for SQL template to its own function

This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.

* Add tests covering tagged_with, tagged_with_all and tagged_with_none

* Rewrite tagged_with_none to avoid multiple joins and make it more robust

* Remove obsolete brakeman warnings

* Revert "Remove unneeded spaces surrounding tsquery term"

The two queries are not strictly equivalent.

This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.

commit | commitdiff | tree

Claire [Sun, 23 Jan 2022 15:01:25 +0000 (16:01 +0100)]

Change `percent` to `rate` in retention metrics API (#16910)

commit | commitdiff | tree

Claire [Sun, 23 Jan 2022 14:52:58 +0000 (15:52 +0100)]

Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288)

* Remove support for OAUTH_REDIRECT_AT_SIGN_IN

Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.

* Add OMNIAUTH_ONLY environment variable to enforce external log-in only

* Disable user registration when OMNIAUTH_ONLY is set to true

* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider

commit | commitdiff | tree

Claire [Sun, 23 Jan 2022 14:50:41 +0000 (15:50 +0100)]

Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)

Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.

commit | commitdiff | tree

Claire [Sun, 23 Jan 2022 14:46:30 +0000 (15:46 +0100)]

Remove leftover database columns from Devise::Models::Rememberable (#17191)

* Remove leftover database columns from Devise::Models::Rememberable

* Update fix-duplication maintenance script

* Improve errors/warnings in the fix-duplicates maintenance script

commit | commitdiff | tree

Claire [Sun, 23 Jan 2022 12:53:58 +0000 (13:53 +0100)]

Remove old duplicate index (#17245)

Some Mastodon versions (v1.1 and v1.2) had a duplicate index in `db/schema.rb`
without any migration script creating it. #2224 (included in v1.3) removed the
duplicate index from the file but did not provide a migration script to remove
it.

This means that any instance that was installed from v1.1 or v1.2's source code
has a duplicate index and a corresponding warning in PgHero. Instances set up
using an earlier or later Mastodon version do not have this issue.

This PR removes the duplicate index if it is present.

source code fur Kibicat Mastodon

RSS Atom