paravielfalt/mastodon
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity Actions
14552 commits 79 branches 301 tags 756 MiB
Commit graph

14552 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sirius
20b58e52bc
debug build workflow ref issue
Some checks failed
Build Image for Deployment / build (push) Failing after 53s
Details
2024-06-16 22:57:20 +02:00
Sirius
b76bb18664
Merge tag 'v4.2.9' of ssh://git.rabbithole.cyou:2222/paravielfalt/mastodon into paravielfalt-4.2
Some checks failed
Build Image for Deployment / build (push) Failing after 1m14s
Details
2024-06-16 15:17:14 +02:00
Claire
c93aacafde
Bump version to v4.2.9 (#30470)
Some checks failed
Build container release images / build-image (push) Failing after 3m32s
Details
2024-05-30 15:34:50 +02:00
Claire
9740c7eaea Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) 2024-05-30 15:14:03 +02:00
Claire
8ab0ca7d64
Merge pull request from GHSA-c2r5-cfqr-c553 
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
 2024-05-30 14:24:29 +02:00
Claire
7920aa59e8
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Claire
943792c187
Merge pull request from GHSA-5fq7-3p3j-9vrf 2024-05-30 14:03:13 +02:00
Emelia Smith
186f916192 Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-05-29 16:39:26 +02:00
Claire
f9c41ae43b Normalize language code of incoming posts (#30403) 2024-05-29 15:31:26 +02:00
Claire
b8edc95e8a Fix leaking Elasticsearch connections in Sidekiq processes (#30450) 2024-05-29 15:31:26 +02:00
Claire
16213a678d Update dependency rexml to 3.2.8 2024-05-29 15:31:26 +02:00
Claire
a8dd32102f Update dependency nokogiri to 1.16.5 2024-05-17 12:30:00 +02:00
Claire
6fc07ff31f Update dependency fastimage to 2.3.1 2024-05-17 12:30:00 +02:00
Claire
997b021b69 Update dependency rotp to 6.3.0 2024-05-17 12:30:00 +02:00
Claire
2865bfadaf Update dependency json-jwt to 1.15.3.1 2024-05-17 12:30:00 +02:00
Claire
8c72e80019 Update dependency rack-cors to 2.0.2 2024-05-17 12:30:00 +02:00
Claire
8cf78825a2 Fix off-by-one in tootctl media commands (#30306) 2024-05-17 12:30:00 +02:00
Emelia Smith
67b2e62331 Fix missing destory audit logs for Domain Allows (#30125) 2024-05-17 12:30:00 +02:00
Claire
56b7d1a7b6 Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-17 12:30:00 +02:00
Claire
51ef619140 Fix Idempotency-Key ignored when scheduling a post (#30084) 2024-05-17 12:30:00 +02:00
Tim Rogers
e69780ec59 Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-05-17 12:30:00 +02:00
Claire
c3be5a3d2e Remove caching in cache_collection (#29862) 2024-05-17 12:30:00 +02:00
Claire
86807e4799 Improve email address validation (#29838) 2024-05-17 12:30:00 +02:00
Matt Jankowski
0143c9d3e1 Fix results/query in api/v1/featured_tags/suggestions (#29597) 2024-05-17 12:30:00 +02:00
Jeong Arm
ab3f9852f2 Normalize idna domain before account unblock domain (#29530) 2024-05-17 12:30:00 +02:00
Claire
7af69f5cf5 Fix admin account created by mastodon:setup not being auto-approved (#29379) 2024-05-17 12:30:00 +02:00
Emelia Smith
f784213c64 Return domain block digests from admin domain blocks API (#29092) 2024-05-17 12:30:00 +02:00
Claire
6536d96d1b Add fallback redirection when getting a webfinger query WEB_DOMAIN@WEB_DOMAIN (#28592) 2024-05-17 12:30:00 +02:00
Matt Jankowski
ed8e4bab4c Fix reference to non-existent var in CLI maintenance command (#28363) 2024-05-17 12:30:00 +02:00
Sirius
aa63b75146
Merge tag 'v4.2.8' of https://github.com/mastodon/mastodon into paravielfalt-4.2
Some checks failed
Build Image for Deployment / build (push) Failing after 40s
Details
2024-02-26 10:44:54 +01:00
Claire
bdb6650ebc
Bump version to v4.2.8 (#29370)
Some checks failed
Build container release images / build-image (push) Failing after 1m15s
Details
2024-02-23 14:09:41 +01:00
Claire
f3ad918950
Fix processing of Link objects in Image objects (#29363) 2024-02-23 09:53:04 +01:00
Claire
9a7802655f
Fix link verifications when page size exceeds 1MB (#29361) 2024-02-22 19:12:53 +01:00
Claire
328a9b8157
Change registrations to be disabled by default for new servers (#29353) 2024-02-22 18:15:59 +01:00
Claire
4fd22acb4a
Fix auto-close email being sent to users with devops permissions instead of settings permissions (#29356) 2024-02-22 18:15:38 +01:00
Claire
28b666b0d5
Automatically switch from open to approved registrations in absence of moderators (#29337) 2024-02-22 14:39:42 +01:00
Claire
fbb07893b8
Update dependencies (#29346) 2024-02-22 13:25:53 +01:00
Sirius
451b8565c3
Merge tag 'v4.2.7' of https://github.com/mastodon/mastodon into paravielfalt-4.2
All checks were successful
Build Image for Deployment / build (push) Successful in 7m34s
Details
2024-02-18 23:06:59 +01:00
Claire
c5d56de98d Fix linting failure 2024-02-16 13:57:04 +01:00
Claire
0e4e98fad1 Bump version to v4.2.7
Some checks failed
Build container release images / build-image (push) Failing after 4m0s
Details
2024-02-16 11:57:02 +01:00
Claire
15de520201
Merge pull request from GHSA-jhrq-qvrm-qr36 
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
 2024-02-16 11:56:12 +01:00
Claire
684f99908f Update dependency pg to 1.5.5 2024-02-16 09:19:35 +01:00
Claire
e4ec4ce217
Update nsa gem to version 0.3.0 (#29065) (#29206) 
Co-authored-by: Matt Jankowski <matt@jankowski.online>
 2024-02-14 23:27:02 +01:00
Claire
870ee80fd3 Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 22:55:31 +01:00
Sirius
7ae66d0ef5
Fix workflow versions to major versions
All checks were successful
Build Image for Deployment / build (push) Successful in 7m21s
Details
2024-02-14 21:19:30 +01:00
Sirius
0b25960aa9
Merge tag 'v4.2.6' of https://github.com/mastodon/mastodon into paravielfalt-4.2
Some checks failed
Build Image for Deployment / build (push) Has been cancelled
Details
2024-02-14 17:41:03 +01:00
Claire
76a37bd040 Fix OmniAuth tests (#29201) 2024-02-14 16:06:38 +01:00
Claire
7c8ca0c6d6 Bump version to v4.2.6
Some checks failed
Build container release images / build-image (push) Failing after 3m48s
Details
2024-02-14 15:16:34 +01:00
Claire
f1700523f1
Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-14 15:16:07 +01:00
Claire
0b0c7af2c1
Merge pull request from GHSA-7w3c-p9j8-mq3x 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
 2024-02-14 15:15:34 +01:00