1
0
Commit Graph

2146 Commits

Author SHA1 Message Date
Claire
4d7e7cc562 Merge commit '6dfe318f34d69066dc0f453a228fdfc6af84b62e' into glitch-soc/merge-upstream 2024-02-29 18:24:47 +01:00
Matt Jankowski
eb1b8f69de
Allow pagination Link headers on API accounts/statuses when pinned true (#29442) 2024-02-29 14:21:56 +00:00
Claire
a482932649 Merge commit '6f7615ba86afda56e1d661442286a1d68467a525' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/application_controller.rb`:
  Not a real conflict, upstream fixed a bug in a line adjacent to code
  modified by glitch-soc.
  Ported upstream's change.
2024-02-27 19:20:57 +01:00
zunda
a30cdfd4d4
Specify 410 for code when responding as json while self-destruction (#29420) 2024-02-26 22:43:07 +00:00
Claire
d2cfc6e5e2 Merge commit '08342ad40c1b92caf873282190efe8533a7d6e2e' into glitch-soc/merge-upstream 2024-02-24 15:02:28 +01:00
Claire
ef3d15554b Merge commit 'c645490d553124d800d30488595f7d2d9d61584d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept glitch-soc's README.
- `app/models/account.rb`:
  Not a real conflict, upstream updated some lines textually adjacent
  to glitch-soc-specific lines.
  Ported upstream's changes.
2024-02-24 14:46:14 +01:00
Claire
ab2f0daa10 Merge commit 'aaa58d4807377e04649499ebee91757b16b9a007' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-security.yml`:
  Changes were already cherry-picked and adapted in glitch-soc.
  Kept glitch-soc's version.
- `Gemfile.lock`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
  Changes were already cherry-picked and updated further in glitch-soc.
  Kept glitch-soc's version.
2024-02-24 14:27:43 +01:00
Matt Jankowski
785e2f9399
Add scope providing_styles to UserRole (#29286) 2024-02-20 09:18:05 +00:00
Claire
e7ca82762d Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:12:59 +01:00
Claire
d4d0565b0f
Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 21:49:45 +00:00
Claire
53b73ed6a2 Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:25:15 +01:00
Claire
b31af34c97
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Claire
7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 2024-02-07 13:35:37 +00:00
Claire
eeabf9af72
Fix compatibility with Redis <6.2 (#29123) 2024-02-07 11:52:38 +00:00
Matt Jankowski
2f19ddd1fa
Move status serializer error handling to private method (#29031) 2024-02-06 14:54:26 +00:00
Matt Jankowski
93a5b3f9df
Move status serializer chooser to private method (#29030) 2024-02-06 13:33:42 +00:00
Matt Jankowski
0877f6fda4
Remove redundant return in IntentsController (#29099) 2024-02-06 12:56:22 +00:00
Matt Jankowski
4cf07ed78c
Add missing action logging to api/v1/admin/reports#update (#29044) 2024-02-06 11:34:11 +00:00
Claire
ff58ec0103 Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:57:08 +01:00
Claire
1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Claire
bf153b384b Merge commit '42ab855b2339c5cea3229c856ab539f883736b12' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/auth/passwords_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
- `app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb`:
  Upstream refactored, changing lines textually close of glitch-soc-only lines
  pertaining to the theming system.
  Resolved the conflict.
2024-01-27 19:06:41 +01:00
Claire
dd7a66949a Fix CSS loading in redirect controller 2024-01-26 21:04:02 +01:00
Claire
5fa2821853 Merge commit '3205a654caf903002c2db872f802a3332201678b' into glitch-soc/merge-upstream 2024-01-26 20:47:20 +01:00
Claire
70de52c297 Merge commit '7a1f087659204e9d0cbba2de37e45b1921cefe20' into glitch-soc/merge-upstream 2024-01-25 19:51:19 +01:00
Matt Jankowski
42ab855b23
Add specs for Instance model scopes and add with_domain_follows scope (#28767) 2024-01-25 15:28:27 +00:00
Matt Jankowski
17ea22671d
Fix Style/GuardClause cop in app/controllers (#28420) 2024-01-25 15:13:41 +00:00
Matt Jankowski
7c9c6c7f80
Fix remaining Rails/WhereExists cop violations, regenerate todo (#28892) 2024-01-25 12:37:07 +00:00
Claire
c50274a0ac
Fix redirect confirmation for accounts (#28902) 2024-01-25 10:44:25 +00:00
Claire
22cfab0ebf Merge commit '01ce9df88008cee705b7e02a4581802afa07c3df' into glitch-soc/merge-upstream
Conflicts:
- `tsconfig.json`:
  Upstream made style fixes, while glitch-soc had extra options.
  Ported upstream's style fixes.
2024-01-24 20:42:53 +01:00
Eugen Rochko
b19ae521b7
Add confirmation when redirecting logged-out requests to permalink (#27792)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 10:49:19 +00:00
Eugen Rochko
5b1eb09d54
Add annual reports for accounts (#28693) 2024-01-24 09:38:10 +00:00
Matt Jankowski
c0e8e457ab
Eager loading fixes for api/ controllers (#28848) 2024-01-23 11:41:54 +00:00
Claire
102eff7c05 Merge commit 'e2d9635074ad33cc8144adc434bcd90faae9c424' into glitch-soc/merge-upstream 2024-01-22 19:19:40 +01:00
Claire
0700eb58bc Merge commit '163db814c2b3cf544b78e427e7f7bbd99b94a025' into glitch-soc/merge-upstream 2024-01-22 19:12:05 +01:00
Claire
e2d9635074
Add notification email on invalid second authenticator (#28822) 2024-01-22 13:55:43 +00:00
Matt Jankowski
18004bf227
Add Account.matches_uri_prefix scope and use in activitypub/followers_synchronizations controller (#28820) 2024-01-22 13:55:37 +00:00
Matt Jankowski
7ecf7f5403
Move controller->request specs for api/v1/statuses/* (#28818) 2024-01-22 11:58:54 +00:00
Claire
3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00
Matt Jankowski
329911b0a3
Migrate controller->request spec for api/v1/follow* (#28811) 2024-01-19 09:32:41 +00:00
Matt Jankowski
1480573c83
Add Account.auditable scope, fix N+1 in admin/action_logs#index (#28812) 2024-01-19 01:39:30 +00:00
Claire
528a8fa495 Merge commit 'f866413e724c2e7f8329fbc6e96f56f0b186c62a' into glitch-soc/merge-upstream 2024-01-18 22:16:16 +01:00
Matt Jankowski
0b853678a4
Add coverage for api/v1/peers/search endpoint and extract controller query to Instance scope (#28796) 2024-01-18 15:57:10 +00:00
Claire
278597c161 Merge commit '98b5f85f10a3af50a54fcd79e09fc9fd88f774fa' into glitch-soc/merge-upstream 2024-01-15 20:53:16 +01:00
Claire
2f521bc84a Merge commit 'a2f02a07758c32f0dcc6388b4f30ca5a84e762f3' into glitch-soc/merge-upstream 2024-01-15 20:27:41 +01:00
Claire
1323dfac80 Merge commit 'a90696011e563e62100cba56e2d52f6babbaff00' into glitch-soc/merge-upstream 2024-01-15 19:19:04 +01:00
Claire
98b5f85f10
Rename and refactor User#confirm! to User#mark_email_as_confirmed! (#28735) 2024-01-15 18:04:58 +00:00
Matt Jankowski
e72676e83a
Improve api/v1/markers#create performance against simultaneous requests (#28718) 2024-01-15 09:47:25 +00:00
Claire
a3b6a85521 Merge commit 'cd37048439f9b324f48e6af1f426a7894c54b4da' into glitch-soc/merge-upstream
Conflicts:
- `.prettierignore`:
  Conflict due to glitch-soc-only files.
  Kept those at the end of the file.
2024-01-13 12:11:29 +01:00
Matt Jankowski
7801db7ba4
Spec coverage for custom css endpoint (#28706) 2024-01-12 09:19:25 +00:00
Matt Jankowski
575ab085be
Disable Rails/ApplicationController for HealthController (#28705) 2024-01-12 09:08:17 +00:00
Claire
23d8bd8ce1 Merge commit '0a7cff53c2577b3e79599e069eeb344f2613ad8d' into glitch-soc/merge-upstream 2024-01-11 13:24:20 +01:00
Claire
0b2c7cdb02 Merge commit 'fe2667bb0d3487a32b9da5250402a90482a85fe2' into glitch-soc/merge-upstream
Conflicts:
- `app/lib/content_security_policy.rb`:
  Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
  environment variable.
  Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
2024-01-10 17:51:12 +01:00
Claire
d7e13e2483
Fix potential redirection loop of streaming endpoint (#28665) 2024-01-10 15:05:46 +00:00
Jean Boussier
5a6d533c53
Enable Rails 7.1 Marshalling format (#28609) 2024-01-05 21:57:47 +00:00
Claire
419c659bc4
Add fallback redirection when getting a webfinger query WEB_DOMAIN@WEB_DOMAIN (#28592) 2024-01-04 14:14:46 +00:00
Claire
dfdadb92e8
Add ability to require approval when users sign up using specific email domains (#28468) 2024-01-04 09:07:05 +00:00
Claire
0b5783f3f1 Merge commit 'f92d8c654df654538096efff05e9b1a989d01490' into glitch-soc/merge-upstream 2024-01-03 20:52:19 +01:00
Matt Jankowski
e12d8893f4
Fix intermittent failure from unspecified order in export_domain_blocks controller spec (#28562) 2024-01-03 13:06:15 +00:00
Claire
9d9008666b Merge commit '092bb8a27af9ee87ff9ebabaf354477470ea3a94' into glitch-soc/merge-upstream 2024-01-03 12:38:49 +01:00
Claire
092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-03 11:29:26 +00:00
Claire
b3542ac57b Merge commit '1184887b012e863fbf44f65ef5c65e0049123c27' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream updated its README, we have a completely different one.
  Kept our README.
2024-01-02 13:35:11 +01:00
Claire
1184887b01
Fix streaming API redirection ignoring the port of streaming_api_base_url (#28558) 2024-01-02 12:27:51 +00:00
Claire
c5b0e6d5a0 Merge branch 'main' into glitch-soc/merge-upstream 2023-12-28 16:57:10 +01:00
Claire
92aa6e2ec9 Merge commit 'b7bdcd4f395aaa1e85930940975439d10b570f40' into glitch-soc/merge-upstream 2023-12-21 19:42:13 +01:00
Claire
30ee7339d3 Merge commit '7d9b209fe84b00eff348ea9d54905cbfffa79788' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream changed code style change, including on a line modified by glitch-soc.
  Kept glitch-soc's line but with the code style change applied.
2023-12-21 19:31:12 +01:00
Claire
077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
2023-12-20 22:16:50 +01:00
Claire
75580360cd Merge commit '272592d16d40e804ec325ef3b5e6de9bbad5f2dd' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
  `Metrics/AbcSize` cop.
  Glitch-soc has different code and slightly higher `AbcSize` complexity,
  modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
  Upstream changed `account.suspended?` to `account.unavailable?` to prepare
  for delete flags. Glitch-soc has additional local-only conditions.
  Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
  Upstream refactored a bunch of stuff while glitch-soc has more settings.
  Refactored as upstream did while keeping glitch-soc's settings.
2023-12-20 22:05:31 +01:00
Claire
8a5f2442cc Merge commit '0530ce5e9575c09464847412f43852f438b0494e' into glitch-soc/merge-upstream 2023-12-20 21:58:18 +01:00
Claire
b8209c3b96 Merge commit '85662a5a57531af5402a6777d0b1089e78c56815' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
  Upstream reworked the CSP, we kept our version for now.
2023-12-20 20:10:45 +01:00
Claire
b135b6ba8f Merge commit '8ebc94dd22a18c28c4c9763b909e92e6ba64e242' into glitch-soc/merge-upstream
Conflicts:
- `app/views/admin/custom_emojis/new.html.haml`:
  Conflict caused by glitch-soc having a different file size limit constant
  name.
  Updated like upstream did while keeping glitch-soc's constant name.
2023-12-19 21:24:01 +01:00
Claire
2e786e13cb Merge commit '973597c6f1e25b16c592e5573304319aeaa375e1' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_pin_validator.rb`:
  Upstream refactored that file, while glitch-soc had configurable limits for
  pinned statuses.
  Updated the code with upstream's refactor, while keeping glitch-soc's
  configurability.
2023-12-19 20:51:37 +01:00
Claire
3ad92e8d0d Merge commit 'bd575a1dd69d87ca0f69873f7badf28d38e8b9ed' into glitch-soc/merge-upstream 2023-12-19 20:17:23 +01:00
Claire
cd1e3ac2c7 Merge commit '7e1a77ea51e6dc4aecbf678f8928aa96698fa072' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/timelines/public_controller.rb`:
  Upstream refactored this code, the conflict was because of an extra supported
  parameter, `allow_local_only`.
  Updated the controller to follow upstream's refactor, and moved the extra
  parameter definition accordingly.
2023-12-19 19:51:40 +01:00
Eugen Rochko
b5ac61b2c5
Change algorithm of follow recommendations (#28314)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-19 10:59:43 +00:00
Matt Jankowski
c28976d89e
Handle negative offset param in api/v2/search (#28282) 2023-12-19 10:55:39 +00:00
Claire
a111fd7a0b Merge commit 'b2c5b20ef27edd948eca8d6bd2014b7a5efaec11' into glitch-soc/merge-upstream 2023-12-18 20:47:27 +01:00
Claire
d6ad9d351e Merge commit 'a36b59be8ad7656b7ceab9751c9ec5b3563e3a30' into glitch-soc/merge-upstream 2023-12-18 19:10:43 +01:00
Claire
b474cbbd28 Merge commit '7840c6b75b61e64d89d7fd9f291277fb177e513f' into glitch-soc/merge-upstream
Conflicts:
- `app/controllers/api/v1/accounts/relationships_controller.rb`:
  We differed by listing suspended users when requesting relationships.
  Updated to upstream's code.
2023-12-18 18:40:58 +01:00
Claire
46ddaffd40 Merge commit 'b87bfb8c96c8491f1228e0258d05119f3420db05' into glitch-soc/merge-upstream 2023-12-18 18:34:25 +01:00
Claire
7d9b209fe8
Fix call to inefficient delete_matched cache method in domain blocks (#28374) 2023-12-18 16:14:43 +00:00
Matt Jankowski
0e5b8fc46b
Fix Style/RedundantReturn cop (#28391) 2023-12-18 09:50:51 +00:00
Claire
4113fbf6e8 Merge commit 'f476d9dab2f5cca6ae44b95961df6b6557d66dab' into glitch-soc/merge-upstream
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream enforced new code style rules, where we had different code.
  Applied the new code style rules.
2023-12-17 23:04:16 +01:00
Claire
1474318691 Merge commit 'a916251d8a8fffcaeb6be80eacf50138a53650dc' into glitch-soc/main
Conflicts:
- `app/models/trends/statuses.rb`:
  Upstream fixed a bug in the trending post condition.
  Glitch-soc's condition is different because we potentially allow CWed content
  to trend.
  Ported upstream's fix while keeping glitch-soc's change.
- `config/initializers/content_security_policy.rb`:
  Kept our version for now, we will switch to upstream later down the road.
2023-12-17 15:32:29 +01:00
Claire
9f92b05bd2 Merge commit '2e6bf60f1549e5c1f1cfea2d614f978bea17b8a2' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream has updated their README but we have a completely different one.
  Kept our version of `README.md`
2023-12-10 18:05:02 +01:00
Claire
73a94c3b3f
Fix self-destruct page not using theme styles (#2490) 2023-12-02 14:54:35 +01:00
Matt Jankowski
3bc437b99a
Fix Style/RedundantParentheses cop (#28176) 2023-12-01 16:00:44 +00:00
Matt Jankowski
d83d01eb1e
Fix Lint/RedundantSafeNavigation cop (#28172) 2023-12-01 15:52:56 +00:00
Claire
963354978a
Add Account#unavailable? and Account#permanently_unavailable? aliases (#28053) 2023-11-30 15:43:26 +00:00
Matt Jankowski
1f1c75bba5
File cleanup/organization in controllers/concerns (#27846) 2023-11-30 14:39:41 +00:00
Matt Jankowski
e7c340a634
Spec coverage for missing q param and error conditions in api/v2/search controller (#27842) 2023-11-30 13:59:46 +00:00
Matt Jankowski
bb0efe16e6
Remove default_scope from MediaAttachment class (#28043) 2023-11-30 13:30:35 +00:00
Matt Jankowski
e48ecd2929
Remove default_scope from Admin::ActionLog (#28026) 2023-11-29 10:39:59 +00:00
Matt Jankowski
291dc04e67
Remove un-needed action and template options to render in controllers (#28022) 2023-11-29 10:38:05 +00:00
Matt Jankowski
baf3b71e3b
Extract path_without_format private methd in accounts controller (#28091) 2023-11-28 09:17:26 +00:00
Matt Jankowski
9072896ae5
Avoid unnecessary i-var for account rss page url generation (#28092) 2023-11-28 08:19:08 +00:00
Matt Jankowski
dfc7154767
Remove unused cached_filtered_status_page method from accounts controller (#28090) 2023-11-28 07:43:16 +00:00
Kevin Bongart
7877fcd83c
Deduplicate IDs in relationships and familiar_followers APIs (#27982) 2023-11-23 10:00:09 +00:00
Matt Jankowski
4be12791e6
Remove default_scope from StatusEdit class (#28042) 2023-11-23 09:26:11 +00:00
Matt Jankowski
9742bccbe7
Add coverage for api/v2/media endpoint (#28027) 2023-11-22 15:39:34 +00:00
Matt Jankowski
876f5b1d12
Convert /instances/* controller specs to request specs (#27988)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-11-20 11:05:28 +00:00