Compare commits

...

778 commits

Author SHA1 Message Date
Sirius
25e28f4f05
chore: update URL to git
All checks were successful
Build Image for Deployment / build (push) Successful in 5m57s
2024-08-26 21:34:24 +02:00
Sirius
2002c824dd
Merge tag 'v4.2.12' of https://github.com/mastodon/mastodon into paravielfalt-4.2
Some checks failed
Build Image for Deployment / build (push) Failing after 59s
2024-08-25 21:57:28 +02:00
Claire
f9a929ed5c
Bump version to v4.2.12 (#31491)
Some checks failed
Build container release images / build-image (push) Failing after 4m6s
2024-08-19 11:13:45 +02:00
Claire
d675803f07
Fix broken notifications for mentions from local moderators in 4.2.11 (#31484) 2024-08-19 09:52:32 +02:00
Claire
a02ff33f0e Bump version to v4.2.11
Some checks failed
Build container release images / build-image (push) Failing after 4m16s
2024-08-16 12:30:59 +02:00
Claire
a652293842 Update dependenxy rexml 2024-08-16 12:30:59 +02:00
Matt Jankowski
63ad8254ff Fix mastodon:stats decoration of stats rake task (#31104) 2024-08-16 12:30:59 +02:00
Jeong Arm
8fe1cefe4c Handle featured collections without items (#27581) 2024-08-16 12:30:59 +02:00
Claire
86f15cef66 Change search popout to not list unusable search options when logged out (#27918) 2024-08-16 12:30:59 +02:00
June
49820ecefa Fix not all legal images showing in file picker when uploading custom emoji (#28076) 2024-08-16 12:30:59 +02:00
Jonathan de Jong
9d2e59bb45 Fix error when encountering malformed Tag objects from Kbin (#28235) 2024-08-16 12:30:59 +02:00
Michael Stanclift
6fcb1f5799 Fix OCR when using S3/CDN for assets (#28551) 2024-08-16 12:30:59 +02:00
Claire
297ad9aeb8 Fix already-invalid reports failing to resolve (#29027) 2024-08-16 12:30:59 +02:00
Claire
e1be281e3d Fix report reason selector in moderation interface not unselecting rules when changing category (#29026) 2024-08-16 12:30:59 +02:00
Claire
c06436eb91 Fix development environment admin account not being auto-approved (#29958) 2024-08-16 12:30:59 +02:00
Râu Cao
d1854798c9 Fix local account search on LDAP login being case-sensitive (#30113)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-08-16 12:30:59 +02:00
Claire
a2c7f7f690 Fix division by zero on some video/GIF files (#30600) 2024-08-16 12:30:59 +02:00
Matt Jankowski
6f2a3fa5d1 Restore verbose option to media remove cli (#30536) 2024-08-16 12:30:59 +02:00
Adam Niedzielski
7b7d404efe Fix ß bug in regexp for mentions and tags (#31122) 2024-08-16 12:30:59 +02:00
Claire
0fc738a323 Fix hashtag matching pattern matching some link anchors (#30190) 2024-08-16 12:30:59 +02:00
Claire
5cb36daa0f Fix Web UI trying to save user settings when logged out (#30324) 2024-08-16 12:30:59 +02:00
Claire
a8039dda13 Fix click event handling when clicking outside of an open dropdown menu (#31251) 2024-08-16 12:30:59 +02:00
Claire
0a345ad5e1 Fix logic of block/mute bypass for mentions from moderators (#31271) 2024-08-16 12:30:59 +02:00
Django
29c35ef4f9 Add support for incoming <s> tag (#31375) 2024-08-16 12:30:59 +02:00
Claire
13bab94265 Fix duplicate orderedItems in user archive's outbox.json (#31099) 2024-08-16 12:30:59 +02:00
Adam Niedzielski
161aa0f8f6 Select correct self link when parsing Webfinger response (#31110) 2024-08-16 12:30:59 +02:00
Claire
fe92b241b2 Fix status processing failing halfway when a remote post has a malformed replies attribute (#31246) 2024-08-16 12:30:59 +02:00
Claire
a5641a9244 Fix incorrect rate limit on PUT requests (#31356) 2024-08-16 12:30:59 +02:00
Sirius
ec1f61e4b4
Merge tag 'v4.2.10' of https://github.com/mastodon/mastodon into paravielfalt-4.2
All checks were successful
Build Image for Deployment / build (push) Successful in 6m12s
2024-07-04 19:03:13 +02:00
Claire
a5b4a2b7e7
Bump version to v4.2.10 (#30910)
Some checks failed
Build container release images / build-image (push) Failing after 4m0s
2024-07-04 16:46:35 +02:00
Claire
d4bf22b632
Merge pull request from GHSA-xjvf-fm67-4qc3 2024-07-04 16:45:52 +02:00
Claire
4fb4721072
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
Claire
df974a912b
Merge pull request from GHSA-vp5r-5pgw-jwqx
* Fix streaming sessions not being closed when revoking access to an app

* Add tests for GHSA-7w3c-p9j8-mq3x
2024-07-04 16:11:28 +02:00
Claire
6cd9bd6ae1 fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) 2024-07-03 10:57:46 +02:00
David Roetzel
9b6219c48f Improve encoding detection for link cards (#30780) 2024-07-03 10:57:46 +02:00
Eugen Rochko
88b2d6eca5 Change search modifiers to be case-insensitive (#30865) 2024-07-03 10:57:46 +02:00
David Roetzel
846f59c6e9 Add size limit for link preview URLs (#30854) 2024-07-03 10:57:46 +02:00
Tim Rogers
17f69c0002 Added check for STATSD_ADDR setting to emit a warning and proceed rather than crashing if the address is unreachable (#30691) 2024-07-02 15:08:24 +02:00
Claire
1e87634a43 Update dependency charlock_holmes 2024-07-02 15:08:24 +02:00
Claire
5fd7cd79e0 Specify yarn version to avoid confusion with main which uses Yarn 4 2024-07-02 15:08:24 +02:00
Claire
fcae9435ec Fix /admin/accounts/:account_id/statuses/:id for edited posts with media attachments (#30819) 2024-07-02 15:08:24 +02:00
Claire
55408f8085 Update dependency cbor 2024-07-02 15:08:24 +02:00
Claire
3f75c6f048 Update dependency rails 2024-07-02 15:08:24 +02:00
Claire
bfc287fd6b Remove dependency on posix-spawn (#18559) 2024-07-02 15:08:24 +02:00
Claire
19ed22dc58 Fix duplicate @context attribute in user export (#30653) 2024-06-18 15:37:41 +02:00
Claire
520b2086af Change PWA start URL from /home to / (#27377) 2024-06-18 15:37:41 +02:00
Sirius
1ca85c6ea0
fix: use previous git context in build and push action
All checks were successful
Build Image for Deployment / build (push) Successful in 5m7s
2024-06-16 23:04:35 +02:00
Sirius
20b58e52bc
debug build workflow ref issue
Some checks failed
Build Image for Deployment / build (push) Failing after 53s
2024-06-16 22:57:20 +02:00
Sirius
b76bb18664
Merge tag 'v4.2.9' of ssh://git.rabbithole.cyou:2222/paravielfalt/mastodon into paravielfalt-4.2
Some checks failed
Build Image for Deployment / build (push) Failing after 1m14s
2024-06-16 15:17:14 +02:00
Claire
c93aacafde
Bump version to v4.2.9 (#30470)
Some checks failed
Build container release images / build-image (push) Failing after 3m32s
2024-05-30 15:34:50 +02:00
Claire
9740c7eaea Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) 2024-05-30 15:14:03 +02:00
Claire
8ab0ca7d64
Merge pull request from GHSA-c2r5-cfqr-c553
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
2024-05-30 14:24:29 +02:00
Claire
7920aa59e8
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Claire
943792c187
Merge pull request from GHSA-5fq7-3p3j-9vrf 2024-05-30 14:03:13 +02:00
Emelia Smith
186f916192 Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-29 16:39:26 +02:00
Claire
f9c41ae43b Normalize language code of incoming posts (#30403) 2024-05-29 15:31:26 +02:00
Claire
b8edc95e8a Fix leaking Elasticsearch connections in Sidekiq processes (#30450) 2024-05-29 15:31:26 +02:00
Claire
16213a678d Update dependency rexml to 3.2.8 2024-05-29 15:31:26 +02:00
Claire
a8dd32102f Update dependency nokogiri to 1.16.5 2024-05-17 12:30:00 +02:00
Claire
6fc07ff31f Update dependency fastimage to 2.3.1 2024-05-17 12:30:00 +02:00
Claire
997b021b69 Update dependency rotp to 6.3.0 2024-05-17 12:30:00 +02:00
Claire
2865bfadaf Update dependency json-jwt to 1.15.3.1 2024-05-17 12:30:00 +02:00
Claire
8c72e80019 Update dependency rack-cors to 2.0.2 2024-05-17 12:30:00 +02:00
Claire
8cf78825a2 Fix off-by-one in tootctl media commands (#30306) 2024-05-17 12:30:00 +02:00
Emelia Smith
67b2e62331 Fix missing destory audit logs for Domain Allows (#30125) 2024-05-17 12:30:00 +02:00
Claire
56b7d1a7b6 Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-17 12:30:00 +02:00
Claire
51ef619140 Fix Idempotency-Key ignored when scheduling a post (#30084) 2024-05-17 12:30:00 +02:00
Tim Rogers
e69780ec59 Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-05-17 12:30:00 +02:00
Claire
c3be5a3d2e Remove caching in cache_collection (#29862) 2024-05-17 12:30:00 +02:00
Claire
86807e4799 Improve email address validation (#29838) 2024-05-17 12:30:00 +02:00
Matt Jankowski
0143c9d3e1 Fix results/query in api/v1/featured_tags/suggestions (#29597) 2024-05-17 12:30:00 +02:00
Jeong Arm
ab3f9852f2 Normalize idna domain before account unblock domain (#29530) 2024-05-17 12:30:00 +02:00
Claire
7af69f5cf5 Fix admin account created by mastodon:setup not being auto-approved (#29379) 2024-05-17 12:30:00 +02:00
Emelia Smith
f784213c64 Return domain block digests from admin domain blocks API (#29092) 2024-05-17 12:30:00 +02:00
Claire
6536d96d1b Add fallback redirection when getting a webfinger query WEB_DOMAIN@WEB_DOMAIN (#28592) 2024-05-17 12:30:00 +02:00
Matt Jankowski
ed8e4bab4c Fix reference to non-existent var in CLI maintenance command (#28363) 2024-05-17 12:30:00 +02:00
Sirius
aa63b75146
Merge tag 'v4.2.8' of https://github.com/mastodon/mastodon into paravielfalt-4.2
Some checks failed
Build Image for Deployment / build (push) Failing after 40s
2024-02-26 10:44:54 +01:00
Claire
bdb6650ebc
Bump version to v4.2.8 (#29370)
Some checks failed
Build container release images / build-image (push) Failing after 1m15s
2024-02-23 14:09:41 +01:00
Claire
f3ad918950
Fix processing of Link objects in Image objects (#29363) 2024-02-23 09:53:04 +01:00
Claire
9a7802655f
Fix link verifications when page size exceeds 1MB (#29361) 2024-02-22 19:12:53 +01:00
Claire
328a9b8157
Change registrations to be disabled by default for new servers (#29353) 2024-02-22 18:15:59 +01:00
Claire
4fd22acb4a
Fix auto-close email being sent to users with devops permissions instead of settings permissions (#29356) 2024-02-22 18:15:38 +01:00
Claire
28b666b0d5
Automatically switch from open to approved registrations in absence of moderators (#29337) 2024-02-22 14:39:42 +01:00
Claire
fbb07893b8
Update dependencies (#29346) 2024-02-22 13:25:53 +01:00
Sirius
451b8565c3
Merge tag 'v4.2.7' of https://github.com/mastodon/mastodon into paravielfalt-4.2
All checks were successful
Build Image for Deployment / build (push) Successful in 7m34s
2024-02-18 23:06:59 +01:00
Claire
c5d56de98d Fix linting failure 2024-02-16 13:57:04 +01:00
Claire
0e4e98fad1 Bump version to v4.2.7
Some checks failed
Build container release images / build-image (push) Failing after 4m0s
2024-02-16 11:57:02 +01:00
Claire
15de520201
Merge pull request from GHSA-jhrq-qvrm-qr36
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
2024-02-16 11:56:12 +01:00
Claire
684f99908f Update dependency pg to 1.5.5 2024-02-16 09:19:35 +01:00
Claire
e4ec4ce217
Update nsa gem to version 0.3.0 (#29065) (#29206)
Co-authored-by: Matt Jankowski <matt@jankowski.online>
2024-02-14 23:27:02 +01:00
Claire
870ee80fd3 Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 22:55:31 +01:00
Sirius
7ae66d0ef5
Fix workflow versions to major versions
All checks were successful
Build Image for Deployment / build (push) Successful in 7m21s
2024-02-14 21:19:30 +01:00
Sirius
0b25960aa9
Merge tag 'v4.2.6' of https://github.com/mastodon/mastodon into paravielfalt-4.2
Some checks failed
Build Image for Deployment / build (push) Has been cancelled
2024-02-14 17:41:03 +01:00
Claire
76a37bd040 Fix OmniAuth tests (#29201) 2024-02-14 16:06:38 +01:00
Claire
7c8ca0c6d6 Bump version to v4.2.6
Some checks failed
Build container release images / build-image (push) Failing after 3m48s
2024-02-14 15:16:34 +01:00
Claire
f1700523f1
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Claire
0b0c7af2c1
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
2024-02-14 15:15:34 +01:00
Claire
1a33d348d0 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:17:45 +01:00
Emelia Smith
6d43b63275 Disable administrative doorkeeper routes (#29187) 2024-02-14 11:03:21 +01:00
Claire
ae2dce813a Update dependency sidekiq-unique-jobs to 7.1.33 2024-02-14 11:02:55 +01:00
Claire
b7230cd759 Update dependency nokogiri to 1.16.2 2024-02-14 11:02:11 +01:00
Sirius
8f87084a12
Merge tag 'v4.2.5' of https://github.com/mastodon/mastodon into paravielfalt-4.2
All checks were successful
Build Image for Deployment / build (push) Successful in 8m15s
2024-02-01 19:20:48 +01:00
Claire
a6641f828b
Merge pull request from GHSA-3fjr-858r-92rw
Some checks failed
Build container release images / build-image (push) Failing after 3m22s
* Fix insufficient origin validation

* Bump version to v4.2.5
2024-02-01 15:56:46 +01:00
Claire
4633bb8ce0 Bump version to v4.2.4
Some checks failed
Build container release images / build-image (push) Failing after 3m23s
2024-01-24 15:31:13 +01:00
Claire
1ab050eb52 Change PostgreSQL version check to check for PostgreSQL 10+ 2024-01-24 15:31:13 +01:00
Claire
4eb98ef755 Ignore the devise-two-factor advisory as we have rate limits in place (#28733) 2024-01-24 15:31:13 +01:00
Claire
7a22999f92 Bump ruby version to 3.2.3 2024-01-24 15:31:13 +01:00
Claire
c5c464804d Update dependency puma to v6.4.2 2024-01-24 15:31:13 +01:00
Claire
779237f054 Fix error when processing remote files with unusually long names (#28823) 2024-01-24 15:31:13 +01:00
Claire
b377f82b1d Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-24 15:31:13 +01:00
Claire
6fe2a47357 Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-24 15:31:13 +01:00
Jonathan de Jong
2dbf176d23 Retry 401 errors on replies fetching (#28788)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 15:31:13 +01:00
Jeong Arm
499bc716a5 Ignore RecordNotUnique errors in LinkCrawlWorker (#28748) 2024-01-24 15:31:13 +01:00
Claire
3837ec2227 Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-24 15:31:13 +01:00
Claire
1998c561b2 Convert signature verification specs to request specs (#28443) 2024-01-24 15:31:13 +01:00
Claire
c0a9db3611 Fix potential redirection loop of streaming endpoint (#28665) 2024-01-24 15:31:13 +01:00
Claire
01caa18e5b Fix streaming API redirection ignoring the port of streaming_api_base_url (#28558) 2024-01-24 15:31:13 +01:00
Claire
c609b726cb Fix error when processing link preview with an array as inLanguage (#28252) 2024-01-24 15:31:13 +01:00
Eugen Rochko
4d96d716c4 Fix unsupported time zone or locale preventing sign-up (#28035)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 15:31:13 +01:00
Brian Holley
3ecc991f63 Fix "Hide these posts from home" list setting not refreshing when switching lists (#27763) 2024-01-24 15:31:13 +01:00
Eugen Rochko
8f2dac0567 Fix missing background behind dismissable banner in web UI (#27479) 2024-01-24 15:31:13 +01:00
Claire
dfc8fcc6f0 Fix width of large text icon buttons (#27127) 2024-01-24 15:31:13 +01:00
gunchleoc
e8c5754142 Fix line wrapping of language selection button with long locale codes (#27100) 2024-01-24 15:31:13 +01:00
MitarashiDango
0a01bc01d2 Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 15:31:13 +01:00
Claire
a12b7551cf Fix N+1s because of association preloaders not actually getting called (#28339) 2024-01-24 15:31:13 +01:00
Claire
7abc61887f Fix empty column explainer getting cropped under certain conditions (#28337) 2024-01-24 15:31:13 +01:00
Claire
279be07679 Fix LinkCrawlWorker error when encountering empty OEmbed response (#28268) 2024-01-24 15:31:13 +01:00
Sirius
705b6f560f
Increase character limit to 1500
All checks were successful
Build Image for Deployment / build (push) Successful in 6m4s
2023-12-25 22:28:47 +01:00
Claire
d7875adad2
Fix call to inefficient delete_matched cache method in domain blocks (#28367) 2023-12-19 11:27:37 +01:00
Sirius
6b67455d7d
Merge tag 'v4.2.3' of https://github.com/mastodon/mastodon into paravielfalt-4.2
All checks were successful
Build Image for Deployment / build (push) Successful in 6m27s
2023-12-17 16:03:50 +01:00
Claire
90371a4fc4 Bump version to v4.2.3
Some checks failed
Build container release images / build-image (push) Failing after 3m26s
2023-12-05 15:35:05 +01:00
Claire
71b60b09f4 Update dependency json-ld to v3.3.1 2023-12-05 15:35:05 +01:00
Claire
4b8fe9df73 Bump version to v4.2.2
Some checks failed
Build container release images / build-image (push) Failing after 3m24s
2023-12-04 15:28:15 +01:00
Claire
7b9496322f Change dismissed banners to be stored server-side (#27055) 2023-12-04 15:28:15 +01:00
Claire
09115731d6 Change GIF max matrix size error to explicitly mention GIF files (#27927) 2023-12-04 15:28:15 +01:00
Claire
e11100d782 Clamp dates when serializing to Elasticsearch API (#28081) 2023-12-04 15:28:15 +01:00
Jonathan de Jong
252ea2fc67 Have Follow activities bypass availability (#27586)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-12-04 15:28:15 +01:00
Claire
8d02e58ff4 Fix upper border radius of onboarding columns (#27890) 2023-12-04 15:28:15 +01:00
Claire
1076a6cd62 Fix incoming status creation date not being restricted to standard ISO8601 (#27655) 2023-12-04 15:28:15 +01:00
Claire
54a07731d1 Fix posts from threads received out-of-order sometimes not being inserted into timelines (#27653) 2023-12-04 15:28:15 +01:00
Claire
81d7cfd544 Fix posts from force-sensitized accounts being able to trend (#27620) 2023-12-04 15:28:15 +01:00
Claire
e6f4c91c5c Fix hashtag matching pattern matching some URLs (#27584) 2023-12-04 15:28:15 +01:00
Claire
de86e822f4 Fix error when trying to delete already-deleted file with OpenStack Swift (#27569) 2023-12-04 15:28:15 +01:00
Claire
4c38706474 Fix batch attachment deletion when using OpenStack Swift (#27554) 2023-12-04 15:28:15 +01:00
Renaud Chaput
4fc2523546 Do not display the navigation banner in the logo container (#27476) 2023-12-04 15:28:15 +01:00
Renaud Chaput
d5bc10b711 The class props should be className (#27462) 2023-12-04 15:28:15 +01:00
Claire
c66ade7de8 Fix processing LDSigned activities from actors with unknown public keys (#27474) 2023-12-04 15:28:15 +01:00
Claire
bece853e3c Fix error and incorrect URLs in /api/v1/accounts/:id/featured_tags for remote accounts (#27459) 2023-12-04 15:28:15 +01:00
Claire
700ae1f918 Fix report processing notice not mentioning the report number when performing a custom action (#27442) 2023-12-04 15:28:15 +01:00
Claire
13205b54fd Fix handling of inLanguage attribute in preview card processing (#27423) 2023-12-04 15:28:15 +01:00
KMY(雪あすか)
8be33d4316 Fix when unfollow a tag, my post also disappears from the home timeline (#27391) 2023-12-04 15:28:15 +01:00
Claire
cdedae6d63 Fix some link anchors being recognized as hashtags (#27271) 2023-12-04 15:28:15 +01:00
Claire
aa69ca74ed Fix incorrect serialization of regional languages in contentMap (#27207) 2023-12-04 15:28:15 +01:00
gunchleoc
156d32689b Only strip country code when language not listed in SUPPORTED_LOCALES (#27099) 2023-12-04 15:28:15 +01:00
Claire
ef149674f0 Change Content-Security-Policy to be tighter on media paths (#26889) 2023-12-04 15:28:15 +01:00
Claire
eea2654236
Fix format-dependent redirects being cached regardless of requested format (#27634) 2023-11-13 17:58:00 +01:00
Sirius
e15e359f12 Run build workflow only on pvz tags 2023-10-15 12:42:41 +02:00
Sirius
0aae015c3c Merge tag 'v4.2.1' of https://github.com/mastodon/mastodon into paravielfalt-4.2
All checks were successful
Build Image for Deployment / build (push) Successful in 6m25s
2023-10-15 12:39:08 +02:00
Claire
74dd325112
Fix duplicate reports being sent when reporting some remote posts (port to v4.2.1) (#27356)
Some checks reported warnings
Build container release images / build-image (push) Has been cancelled
2023-10-10 18:23:31 +02:00
Claire
790fd1374f Bump version to v4.2.1 2023-10-10 13:52:41 +02:00
Claire
a1f7d2d19a Fix scroll position in thread view reseting when closing a modal (#27350) 2023-10-10 13:52:41 +02:00
github-actions[bot]
4262cfbe41 New Crowdin Translations (automated) (#27347)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Claire
bcfc3b3f65 Fix clicking on already-loaded thread scrolling to the top of the thread (#27338) 2023-10-10 13:52:41 +02:00
Claire
6dcccd325f Fix clicking on already-opened thread post scrolling to the top of the thread (#27331) 2023-10-10 13:52:41 +02:00
github-actions[bot]
5a33b81479 New Crowdin Translations (automated) (#27321)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Andy Piper
8f55224307 Add 4.2.x to supported versions in SECURITY.md (#27317) 2023-10-10 13:52:41 +02:00
Claire
f71b7943f9 Fix some remote posts getting truncated (#27307) 2023-10-10 13:52:41 +02:00
github-actions[bot]
2e2936eb64 New Crowdin Translations (automated) (#27304)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
renovate[bot]
f4b0a10490 Update dependency sidekiq to v6.5.10 (#27287)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-10 13:52:41 +02:00
Claire
b9b8eafc98 Fix auto-loading-more when not scrolled (#27286) 2023-10-10 13:52:41 +02:00
github-actions[bot]
88fc73dbbc New Crowdin Translations (automated) (#27277)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
github-actions[bot]
aba0c5abd9 New Crowdin Translations (automated) (#27270)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Claire
ffcf2c691e Fix Vary headers not being set on some redirects (#27272) 2023-10-10 13:52:41 +02:00
Matt Jankowski
a9588065b2 Dont match mention in url query string (#25656)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-10 13:52:41 +02:00
Claire
3e21780cf1 Fix double scroll bars in some columns in advanced interface (#27187) 2023-10-10 13:52:41 +02:00
Claire
0619ec1592 Fix boosts of local users being filtered in account timelines (#27204) 2023-10-10 13:52:41 +02:00
Claire
451884a36b Add a short-lived lock to trend refresh scheduler (#27253) 2023-10-10 13:52:41 +02:00
Michael Stanclift
aa4c4f5737 Keep version string displayed without breakpoints in UI (#26986) 2023-10-10 13:52:41 +02:00
David Aaron
82502f54ac Change min age of backup policy from 1 week to 6 days (#27200) 2023-10-10 13:52:41 +02:00
Jakob Gillich
16dcdfcb4e Fix importer returning negative row estimates (#27258) 2023-10-10 13:52:41 +02:00
github-actions[bot]
7c6f41039d New Crowdin Translations (automated) (#27260)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Claire
6ba4b208b8 Change some worker lock TTLs (#27246) 2023-10-10 13:52:41 +02:00
Claire
8a6fa34040 Fix incorrectly keeping outdated update notices absent from the API endpoint (#27021) 2023-10-10 13:52:41 +02:00
Claire
cfd2c6e28d Fix import progress not updating on certain failures (#27247) 2023-10-10 13:52:41 +02:00
github-actions[bot]
7b86708980 New Crowdin Translations (automated) (#27220)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Emelia Smith
ccb980beac Fix websocket connections being incorrectly decremented twice on errors (#27238) 2023-10-10 13:52:41 +02:00
Claire
ac32f4b3c3 Fix explore prompt appearing because of posts being received out of order (#27211) 2023-10-10 13:52:41 +02:00
github-actions[bot]
2cd969cca7 New Crowdin Translations (automated) (#27202)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Claire
4e420d8459 Fix link handling of mentions in user profiles when logged out (#27185) 2023-10-10 13:52:41 +02:00
Claire
8bc5fe204e Fix filtering audit log for entries about disabling 2FA (#27186) 2023-10-10 13:52:41 +02:00
github-actions[bot]
4e5791bba1 New Crowdin Translations (automated) (#27168)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Christian Schmidt
11f0b6bc7e Make notification respect reduce-motion (#27178) 2023-10-10 13:52:41 +02:00
Michael Stanclift
91047c36b5 Fix retention dashboard not displaying correct month (#27180) 2023-10-10 13:52:41 +02:00
Claire
6a3d09dde2 Update tootctl maintenance fix-duplicates to Mastodon v4.2.0 (#27147) 2023-10-10 13:52:41 +02:00
github-actions[bot]
aed930b629 New Crowdin Translations (automated) (#27144)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Essem
2191858cff Properly remove tIME chunk from PNG uploads (#27111) 2023-10-10 13:52:41 +02:00
Claire
916b5bd4ad Fix division by zero in video in bitrate computation code (#27129) 2023-10-10 13:52:41 +02:00
Claire
12bbccbe82 Fix explore prompt sometimes showing up when the home TL is loading (#27062) 2023-10-10 13:52:41 +02:00
Claire
6c25730024 Add redirection on /deck URLs for logged-out users (#27128) 2023-10-10 13:52:41 +02:00
Claire
fa98c9b077 Fix crash when filtering for “dormant” relationships (#27306) 2023-10-10 13:52:41 +02:00
Claire
58477a6163 Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116) 2023-10-10 13:52:41 +02:00
github-actions[bot]
9cb7fa57f6 New Crowdin Translations (automated) (#27080)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Claire
8b382b8df7 Fix ActiveRecord using two connection pools when no replica is defined (#27061) 2023-10-10 13:52:41 +02:00
github-actions[bot]
40702a81fa New Crowdin Translations (automated) (#27052)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-10-10 13:52:41 +02:00
Renaud Chaput
238a17b145 Fix the search documentation URL in system checks (#27036) 2023-10-10 13:52:41 +02:00
Sirius
7ebc13b19a Fix ref -> ref_name
All checks were successful
Build Image for Deployment / build (push) Successful in 6m14s
2023-10-08 16:52:15 +02:00
Sirius
0daffa4847 Build on tag
Some checks failed
Build Image for Deployment / build (push) Failing after 22s
2023-10-08 16:11:33 +02:00
Sirius
32d5e2ed62 Add gitea actions build workflow 2023-10-08 15:55:01 +02:00
Sirius
88b5d26f44 Fix frontend length validator
All checks were successful
continuous-integration/drone/tag Build is passing
2023-09-25 13:06:19 +02:00
Sirius
1716cab62a Add drone workflow
All checks were successful
continuous-integration/drone/tag Build is passing
2023-09-25 01:02:57 +02:00
Sirius
ce072ff4cc Increase max character count to 700 2023-09-25 00:56:51 +02:00
Sirius
cff44d9fb2 Modify README.md 2023-09-25 00:54:25 +02:00
Claire
4fcc026f0f
Bump version to v4.2.0 (#27017) 2023-09-21 16:51:32 +02:00
Eugen Rochko
0fbefb6f67
Update AUTHORS.md (#27018) 2023-09-21 14:42:15 +02:00
Claire
8acc75435b
Change S3 checksum mode to be disabled by default (#27007) 2023-09-21 14:00:51 +02:00
aaaaalbert
bb6c59a399
Fix #27010: update the copyright year in README (#27016) 2023-09-21 13:57:24 +02:00
Claire
5356ddbcca
Fix search results temporarily disappearing while scrolling and loading more results (#27014) 2023-09-21 13:51:21 +02:00
Claire
890e334703
Add migration tests for negative settings (#27012) 2023-09-21 12:33:30 +02:00
renovate[bot]
c74670b4d3
Update dependency glob to v10.3.5 (#27002)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-21 11:06:16 +02:00
github-actions[bot]
effe4728cf
New Crowdin Translations (automated) (#27005)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-21 11:06:04 +02:00
renovate[bot]
4ed9d9ca6f
Update dependency autoprefixer to v10.4.16 (#27000)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-21 11:00:15 +02:00
Claire
828eebad48
Add hide_collections, discoverable and indexable attributes to credentials API (#26998) 2023-09-20 18:25:16 +02:00
github-actions[bot]
61fe25fe74
New Crowdin Translations (automated) (#26988)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-20 13:05:56 +02:00
Claire
889c4d4bbb
Update changelog (#26992) 2023-09-20 12:12:19 +02:00
Claire
abcc0b38fa
Fix incorrect PostgreSQL version check (#26979) 2023-09-19 17:31:58 +02:00
Claire
f4b780ba22
Bump version to v4.2.0-rc2 (#26974) 2023-09-19 17:04:23 +02:00
Claire
eeab3560fc
Merge pull request from GHSA-v3xf-c9qf-j667 2023-09-19 16:53:58 +02:00
Claire
ff32475f5f
Merge pull request from GHSA-2693-xr3m-jhqr 2023-09-19 16:53:21 +02:00
Claire
94893cf24f
Merge pull request from GHSA-hcqf-fw2r-52g4
* Revert "Fix request URL normalisation for bare domain and 8-bit characters (#26285)"

This reverts commit 8891d8945d.

* Revert "Do not normalize URL before fetching it (#26219)"

This reverts commit fd284311e7.
2023-09-19 16:52:52 +02:00
github-actions[bot]
73ecc4de6e
New Crowdin Translations (automated) (#26978)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-19 16:26:51 +02:00
renovate[bot]
a83615edc9
Update eslint (non-major) (#26954)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-19 12:51:13 +02:00
Eugen Rochko
0f3f9b611f
Change video bitrate to always fit within size limit (#26970) 2023-09-19 12:25:58 +02:00
Claire
70cae19b6b
Fix hashtag bar being sometimes incorrectly hidden (#26960) 2023-09-19 12:25:39 +02:00
Emelia Smith
fbfceb9c77
Add additional metrics for streaming (#26945) 2023-09-19 12:25:30 +02:00
renovate[bot]
6eb6209d02
Update DefinitelyTyped types (non-major) (#26953)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-19 12:24:26 +02:00
renovate[bot]
c6a535a197
Update dependency node to 20.7 (#26963)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-19 11:16:45 +02:00
renovate[bot]
6f9f901153
Update dependency postcss to v8.4.30 (#26964)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-19 11:03:42 +02:00
github-actions[bot]
67eaaa4b90
New Crowdin Translations (automated) (#26966)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-19 10:41:48 +02:00
Rob Thomas
200312e8be
Fix crash when viewing a moderation appeal and the moderator account has been deleted (#25900)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-09-18 17:41:32 +02:00
github-actions[bot]
1b4902fabf
New Crowdin Translations (automated) (#26913)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-18 13:46:07 +02:00
Claire
4c1518a6f3
Fix Web UI making duplicate search queries when scrolling (#26959) 2023-09-18 11:20:09 +02:00
Claire
893755f4cb
Fix error in Web UI when server rules cannot be fetched (#26957) 2023-09-18 09:51:52 +02:00
Claire
392c07f2bf
Fix Setting.authorized_fetch not being properly taken into consideration (#26958) 2023-09-18 09:37:29 +02:00
renovate[bot]
8b5c61ae3a
Update formatjs monorepo (#26955)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-18 08:52:49 +02:00
renovate[bot]
04623e2f34
Update babel monorepo to v7.22.20 (#26946)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-18 08:34:04 +02:00
Claire
6273416292
Fix post edits not being forwarded as expected (#26936) 2023-09-15 19:54:32 +02:00
Claire
2a4fcc51fd
Fix dismiss button overlapping with text in dismissable banners (#26935) 2023-09-15 19:53:28 +02:00
Claire
e4f5114aaf
Fix obsolete cache key in status cache invalidation logic (#26934) 2023-09-15 19:52:28 +02:00
Renaud Chaput
5d93e98da4
Fix container build when cache is disabled (#26932) 2023-09-15 10:44:01 +02:00
Claire
9693c271f1
Fix processing of min_id and max_id parameters in /api/v2/search (#26927) 2023-09-15 10:23:24 +02:00
renovate[bot]
82015dbab6
Update dependency sass to v1.67.0 (#26914)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-15 10:03:55 +02:00
renovate[bot]
3103415364
Update dependency @babel/core to v7.22.19 (#26920)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-15 09:09:22 +02:00
Renaud Chaput
ef8ca2fd72
Change Dockerfile to upgrade packages when building (#26922) 2023-09-14 23:11:36 +02:00
Claire
b90383d073
Bump version to v4.2.0-rc1 (#26916) 2023-09-14 18:46:00 +02:00
Eugen Rochko
fc6825055b
Change score half-life for trending posts from 2 hours to 1 hour (#26915) 2023-09-14 09:20:14 +02:00
Claire
a04ae16201
Fix CSP when using ONE_CLICK_SSO_LOGIN (#26901) 2023-09-13 19:54:04 +02:00
github-actions[bot]
921c6fe654
New Crowdin Translations (automated) (#26498)
Co-authored-by: GitHub Actions <noreply@github.com>
2023-09-13 15:10:41 +02:00
Robert R George
20666482ef
Added admin api for managing tags (#26872) 2023-09-13 11:22:53 +02:00
renovate[bot]
97e4011c3c
Update dependency rails to v7.0.8 (#26907)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-13 10:01:31 +02:00
Claire
520b570474
Fix notification permissions being requested immediately after login (#26472) 2023-09-12 18:27:01 +02:00
Claire
287520453c
Fix front-end bug when processing relationship-related account actions (#26902) 2023-09-12 16:30:03 +02:00
CSDUMMI
9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857) 2023-09-12 13:04:51 +02:00
renovate[bot]
93223633fc
Update dependency uuid to v9.0.1 (#26900)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-12 12:38:52 +02:00
Renaud Chaput
0712cc2b99
Fix Redux types (#26899) 2023-09-12 12:18:19 +02:00
renovate[bot]
9ac9aca142
Update dependency test-prof to v1.2.3 (#26894)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-12 10:45:54 +02:00
Jeong Arm
59af3c1310
Add PublicStatuses to tootctl search deploy --only option (#26896) 2023-09-12 09:59:59 +02:00
Santiago Kozak
d2cfcdd09e
Fix recent search items not handling overflows correctly (#26893) 2023-09-12 04:20:57 +02:00
Claire
20ac5be1c1
Fix error on status type notification (bell icon) (#26884) 2023-09-11 20:23:13 +02:00
Renaud Chaput
bd06c13204
Convert actions/account_notes into Typescript (#26601) 2023-09-11 16:09:22 +02:00
renovate[bot]
7730083611
Update dependency kt-paperclip to v7.2.1 (#26869)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 11:51:42 +02:00
renovate[bot]
f3be4eb0dc
Update dependency @rails/ujs to v7.0.8 (#26871)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 11:32:30 +02:00
renovate[bot]
3679e67fad
Update dependency @babel/core to v7.22.17 (#26855)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 11:12:22 +02:00
renovate[bot]
c10142ac3c
Update formatjs monorepo (#26874)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:54:59 +02:00
renovate[bot]
3d0331fc7a
Update actions/checkout action to v4 (#26882)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:41:26 +02:00
renovate[bot]
b1d8907138
Update dependency @types/lodash to v4.14.198 (#26878)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:26:23 +02:00
renovate[bot]
f333d1822b
Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v7.17.13 (#26879)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:26:06 +02:00
renovate[bot]
959ccf5682
Update eslint (non-major) (#26881)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:25:54 +02:00
renovate[bot]
b98edfa4ba
Update dependency rubocop to v1.56.3 (#26883)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 10:11:59 +02:00
renovate[bot]
d5155cbc21
Update dependency ws to v8.14.1 (#26862)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-11 09:59:18 +02:00
Claire
91040da871
Fix confusing behavior of mute button and volume slider in web UI (#26860) 2023-09-08 20:39:29 +02:00
Claire
33c8708a1a
Change GET /api/v1/directory to use database replica rather than primary (#26856) 2023-09-08 17:01:02 +02:00
jsgoldstein
4d9186a48c
Add search tests (#26703) 2023-09-08 16:17:55 +02:00
Eugen Rochko
3a679844e4
Fix account_id, max_id and min_id params not working in search (#26847) 2023-09-08 14:25:00 +02:00
Renaud Chaput
e9b528eaee
Use NodeJS v20 by default (#26830) 2023-09-08 13:45:34 +02:00
renovate[bot]
712d96b207
Update dependency ws to v8.14.0 (#26821)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-08 12:43:21 +02:00
renovate[bot]
d0f7d879a6
Update formatjs monorepo (#26844)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-08 12:42:55 +02:00
Claire
81caafbe84
Fix performances of profile directory (#26842) 2023-09-07 18:55:25 +02:00
renovate[bot]
858ad1f363
Update dependency core-js to v3.32.2 (#26841)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-07 16:49:31 +02:00
Claire
355e3fb529
Simplify Account.by_recent_status and Account.by_recent_sign_in scopes (#26840) 2023-09-07 15:38:11 +02:00
renovate[bot]
b9e2eb5184
Update dependency @material-design-icons/svg to v0.14.12 (#26832)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-07 14:59:42 +02:00
Eugen Rochko
9b2bc3d1de
Add recent searches in web UI (#26834) 2023-09-07 14:56:19 +02:00
Eugen Rochko
a90b0056cc
Fix #hashtag matching on individual components in search (#26835) 2023-09-07 12:53:41 +02:00
Colette Kerr
8a9d7aeb1e
Change DCT method used for JPEG encoding to float (#26675) 2023-09-07 05:26:25 +02:00
Eugen Rochko
f3a2e15f8e
Fix mute button and volume slider feeling disconnected in web UI (#26827) 2023-09-07 04:24:24 +02:00
Eugen Rochko
1f141f656d
Change onboarding prompt to use full width of banner in web UI (#26829) 2023-09-07 04:24:11 +02:00
Eugen Rochko
398635c0c4
Fix paragraph margins resulting in irregular read-more cut-off in web UI (#26828) 2023-09-07 04:24:01 +02:00
renovate[bot]
9e3567bfbe
Update dependency webpack to v4.47.0 (#26825)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-06 22:25:03 +02:00
Claire
1f99d86287
Fix blocked domain appears from account feed (#26823)
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-09-06 21:04:48 +02:00
gunchleoc
14f6798836
Link to hashtag timelines from the Trending hashtags moderation interface (#26724)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-09-06 17:49:52 +02:00
Claire
475783d567
Add timezone to datetimes in e-mails (#26822) 2023-09-06 17:25:39 +02:00
Claire
9c1ef8302a
Add some information about Full-text search being disabled in search popout (#26756) 2023-09-06 17:23:58 +02:00
Claire
b83e487502
Fix moderator rights inconsistencies (#26729) 2023-09-06 16:40:19 +02:00
Claire
93d051e47d
Update FEDERATION.md (#26819) 2023-09-06 16:28:31 +02:00
Claire
223f9ca665
Fix crash when encountering invalid URL (#26814) 2023-09-06 12:17:51 +02:00
Claire
09ec9c6aa5
Downgrade signature verification debug logging from warn to debug (#26812) 2023-09-06 12:17:22 +02:00
Claire
d881988372
Update supported versions in SECURITY.md (#26811) 2023-09-06 10:00:25 +02:00
renovate[bot]
8c321b8c3a
Update dependency pghero to v3.3.4 (#26808)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-06 09:19:43 +02:00
Claire
ec48bc3610
Do not truncate backtrace when the BACKTRACE env variable is set (#26794) 2023-09-06 09:18:10 +02:00
Eugen Rochko
d8bdba2f9f
Add in: to search popout in web UI (#26807) 2023-09-06 06:46:26 +02:00
Eugen Rochko
9d290c23d2
Remove obfuscation of reply count in web UI (#26768) 2023-09-05 23:57:03 +02:00
Eugen Rochko
5d20733d8d
Add infinite scrolling for search results in web UI (#26784) 2023-09-05 23:54:24 +02:00
Claire
548c032dbb
Improve interaction modal error handling (#26795) 2023-09-05 23:49:48 +02:00
Claire
ea7de25de0
Fix video player not being displayed in reports interface (#26801) 2023-09-05 20:05:58 +02:00
Michael Stanclift
b749de766f
Migrate Dockerfile to Bookworm (#26802) 2023-09-05 18:19:59 +02:00
Claire
cab4cbfa5c
Fix “Scoped order is ignored, it's forced to be batch order.” warnings (#26793) 2023-09-05 15:37:23 +02:00
Claire
f80f426c57
Bump version to v4.2.0-beta3 (#26753) 2023-09-04 21:20:20 +02:00
renovate[bot]
ddeca3b37b
Update babel monorepo to v7.22.15 (#26790)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 17:56:47 +02:00
Claire
cddef4c485
Fix language settings for users having selected the kmr language (#26787) 2023-09-04 17:56:31 +02:00
Eugen Rochko
ece1ff77d6
Add in:library syntax to search (#26760)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-09-04 17:20:35 +02:00
gunchleoc
ac3f310f4b
Remove kmr from language selection (#26014) 2023-09-04 13:21:43 +02:00
renovate[bot]
3e6a6439b5
Update dependency stylelint-config-standard-scss to v11 (#26780)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 11:02:36 +02:00
renovate[bot]
59361dfde2
Update dependency rubocop to v1.56.2 (#26568)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 11:00:55 +02:00
Eugen Rochko
68b4e36c82
Fix #hashtag matching non-hashtagged posts in search (#26781) 2023-09-04 10:18:45 +02:00
Stanislas Signoud
a106c46478
Fix light mode colors for advanced interface banner (#26759) 2023-09-04 10:14:01 +02:00
Christian Schmidt
ea31929776
Fix invalid Content-Type header for WebP images (#26773) 2023-09-04 09:46:33 +02:00
renovate[bot]
1f92436745
Update DefinitelyTyped types (non-major) (#26785)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 09:26:33 +02:00
Eugen Rochko
e52d0494ee
Fix before:, after: and during: failing when time zone not set (#26782) 2023-09-04 09:09:25 +02:00
renovate[bot]
173041f02c
Update dependency typescript to v5.2.2 (#26786)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 09:08:53 +02:00
Eugen Rochko
728eb6a153
Fix wrong color on active icons with counters in web UI (#26767) 2023-09-02 14:46:26 +02:00
Eugen Rochko
05093266e6
Fix some video encoding failing due to uneven dimensions (#26766) 2023-09-02 09:02:44 +02:00
Claire
16681e0f20
Add admin notifications for new Mastodon versions (#26582) 2023-09-01 17:47:07 +02:00
Gabriel Simmer
be991f1d18
Move to ioredis for streaming (#26581)
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
2023-09-01 17:44:28 +02:00
Claire
9e26cd5503
Add authorized_fetch server setting in addition to env var (#25798) 2023-09-01 15:41:10 +02:00
Claire
6c4c72497a
Fix search popout including full-text search instructions when full-text search is disabled (#26755) 2023-09-01 15:13:27 +02:00
Claire
5c0a9aac3b
Revert to using primary database in IndexingScheduler (#26754) 2023-09-01 15:09:44 +02:00
renovate[bot]
bb0edb178f
Update dependency pg to v1.5.4 (#26750)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-01 10:48:49 +02:00
renovate[bot]
630e558677
Update dependency oj to v3.16.1 (#26749)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-01 10:17:08 +02:00
Eugen Rochko
e754083e8a
Fix unmatched quotes and prefixes causing search to fail (#26701) 2023-09-01 09:43:12 +02:00
Eugen Rochko
872145d1c2
Fix not being able to invoke phrase search using unicode quotation marks (#26687) 2023-09-01 09:27:03 +02:00
Eugen Rochko
0008458128
Fix search queries with slash causing or-condition (#26699) 2023-08-31 19:04:44 +02:00
Claire
9bb2fb6b14
Change importers to avoid a few inefficiencies (#26721) 2023-08-31 19:04:27 +02:00
Eugen Rochko
ecd76fa413
Fix videos not playing in some browsers due to unsupported color space (#26745) 2023-08-31 17:21:06 +02:00
Claire
1471be8225
Fix AddUniqueIndexOnPreviewCardsStatuses migration requiring PostgreSQL 12+ in some cases (#26737) 2023-08-31 15:47:30 +02:00
Claire
6b58cfd8dd
Fix searching by username by reverting account verbatim tokenizer to standard (#26739) 2023-08-31 15:35:58 +02:00
Renaud Chaput
cffc5d2b01
Fix comment in build image workflow (#26740) 2023-08-31 14:59:50 +02:00
Santiago Kozak
f1d250135c
Allow filter form in profiles directory to wrap (#26682) 2023-08-31 14:15:58 +02:00
Daniel M Brasil
ccca542db1
Fix /api/v1/timelines/tag/:hashtag allowing for unauthenticated access when public preview is disabled (#26237) 2023-08-31 13:53:24 +02:00
Tyler Deitz
336ec503c2
Add avatar image to webfinger responses (#26558) 2023-08-31 13:46:27 +02:00
Stanislas Signoud
40b69cc1cd
Add an explanation banner on switching to single column mode (#26019) 2023-08-31 12:18:46 +02:00
gunchleoc
cb9f96036c
Add suggestion for secure cyphers to nginx.conf (#26349) 2023-08-31 12:17:10 +02:00
renovate[bot]
430eac3eb1
Update dependency @babel/preset-env to v7.22.14 (#26732)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-31 10:23:24 +02:00
renovate[bot]
ef9a85a2d8
Update dependency webpack-bundle-analyzer to v4.9.1 (#26733)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-31 09:52:23 +02:00
renovate[bot]
15949e42c2
Update dependency glob to v10.3.4 (#26734)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-31 09:49:34 +02:00
Claire
5c38c3a9a1
Change text extraction in PlainTextFormatter to be faster (#26727) 2023-08-30 17:36:16 +02:00
Claire
21ec596dab
Fix sign up steps progress layout in right-to-left locales (#26728) 2023-08-30 16:29:52 +02:00
Eugen Rochko
bba76e7267
Change language: to attempt to match to a known value in search (#26663) 2023-08-30 16:07:26 +02:00
renovate[bot]
0e1bff178e
Update dependency chewy to v7.3.4 (#26717)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-30 09:45:13 +02:00
renovate[bot]
24deaf2e4a
Update dependency postcss to v8.4.29 (#26720)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-30 09:44:14 +02:00
renovate[bot]
168688ef1c
Update dependency webmock to v3.19.1 (#26722)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-30 09:34:07 +02:00
Claire
9e77ab7db2
Change private statuses index to index without crutches (#26713) 2023-08-29 17:51:13 +02:00
Tim Rogers
74eb7dbf2d
Fix bug with reblogged view on Toots only showing latest reblogging accounts (#26574) 2023-08-29 14:42:20 +02:00
Claire
c0605747ad
Fix N+1 in tootctl search deploy (#26710) 2023-08-29 14:06:22 +02:00
Tim Rogers
ae6cf33321
Fix bug with favourited view on Toots only showing latest favouriting accounts (#26577) 2023-08-29 10:56:19 +02:00
renovate[bot]
4ad1c5aa71
Update dependency aws-sdk-s3 to v1.133.0 (#26616)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-29 10:53:01 +02:00
renovate[bot]
a67cf439ee
Update dependency axios to v1.5.0 (#26680)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-29 10:50:27 +02:00
Claire
25bf640629
Add debug logging on signature verification failure (#26637) 2023-08-29 10:29:07 +02:00
Christian Schmidt
075cc8e8a6
Improve Codespaces port forwarding (#26400) 2023-08-29 10:20:36 +02:00
Christian Schmidt
286a21afdc
Support webpacker live-reloading on Docker (#26419) 2023-08-29 10:17:57 +02:00
Christian Schmidt
0719216368
Remove dead code from public.jsx (#26547) 2023-08-29 10:16:18 +02:00
Lukas Martini
a7d96e6aff
Improve error messages when DeepL quota is exceeded (#26704) 2023-08-29 09:14:44 +02:00
Eugen Rochko
10b06436d1
Fix colors and typography on hashtag bar in web UI (#26666) 2023-08-28 19:49:38 +02:00
Eugen Rochko
01b87a1632
Change video compression parameters (#26631) 2023-08-28 19:40:08 +02:00
renovate[bot]
dd72a8d28b
Update dependency stoplight to v3.0.2 (#26698)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-28 17:10:58 +02:00
Eugen Rochko
2304cc6456
Fix bad search type heuristic (#26673) 2023-08-28 17:08:37 +02:00
Claire
0cce7fb617
Fix incorrect call to PublicStatusesIndex.import (#26697) 2023-08-28 15:04:57 +02:00
Eugen Rochko
bceb893159
Add search options to search popout in web UI (#26662) 2023-08-28 13:18:39 +02:00
Eugen Rochko
67166de865
Add from:me syntax to search (#26660) 2023-08-28 12:43:00 +02:00
renovate[bot]
9d9de8d219
Update dependency @testing-library/jest-dom to v6 (#26479)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-08-28 12:19:42 +02:00
Eugen Rochko
7bd5ebb0c5
Fix multiple issues with status index mappings (#26686) 2023-08-28 11:36:17 +02:00
renovate[bot]
4ea5db90da
Update DefinitelyTyped types (non-major) (#26693)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-28 11:04:06 +02:00
renovate[bot]
b42fe5e338
Update dependency haml_lint to v0.50.0 (#26665)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-28 10:32:13 +02:00
Eugen Rochko
822a35b9d5
Fix not being able to negate prefix clauses in search (#26672) 2023-08-28 10:31:51 +02:00
renovate[bot]
fc14d1f3b0
Update eslint (non-major) (#26694)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-28 10:20:02 +02:00
Eugen Rochko
e263db276f
Change indexing jobs to use database replica (#26692) 2023-08-27 22:38:01 +02:00
Eugen Rochko
5694e24bbf
Fix unnecessary condition causing seqscan when indexing (#26689) 2023-08-27 22:37:35 +02:00
Eugen Rochko
f8d2fea2e6
Change queue of job when opting into search from default to pull (#26688) 2023-08-27 18:58:20 +02:00
Claire
925c16adea
Fix nightly build version (#26676) 2023-08-26 17:34:36 +02:00
Eugen Rochko
71641766f2
Fix toast saying "published" instead of "saved" after editing post in web UI (#26664) 2023-08-25 22:03:04 +02:00
Claire
f39847476c
Change the pre-release versioning scheme and associated environment variables (#26653) 2023-08-25 18:26:44 +02:00
Claire
072112867b
Fix dashboard check for Elasticsearch suggested command including incorrect names (#26658) 2023-08-25 18:17:22 +02:00
jsgoldstein
8e8747c564
Update ordering to use id from body of document instead of deprecated _id (#26659) 2023-08-25 18:16:08 +02:00
renovate[bot]
e4c0ce18a3
Update dependency immutable to v4.3.4 (#26655)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-25 17:02:33 +02:00
Claire
82ec6f162b
Fix statuses search Elasticsearch query (#26657) 2023-08-25 17:01:56 +02:00
Claire
f2ec2876a4
Add Elasticsearch/OpenSearch version to “Software” in admin dashboard (#26652) 2023-08-25 12:02:09 +02:00
Claire
e3825a13c1
Add PublicStatusesCheck to Elasticsearch index check on admin dashboard (#26650) 2023-08-25 12:01:55 +02:00
Claire
c3a42e1280
Add data-nosnippet attribute to remote posts and local posts with noindex (#26648) 2023-08-25 11:31:20 +02:00
renovate[bot]
c66f756522
Update babel monorepo to v7.22.11 (#26640)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-25 10:08:44 +02:00
Claire
389b7d23db
Fix changelog wording and missing items (#26638) 2023-08-24 21:07:39 +02:00
jsgoldstein
30c191aaa0
Add new public status index (#26344)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 16:40:04 +02:00
Claire
96bcee66fb
Change nightlies versioning from v4.2.0+2023-08-23 to v4.2.0-nightly.2023-08-23 (#26626) 2023-08-24 14:43:44 +02:00
Claire
163b004bb1
Change admin e-mail notification settins to be their own settings group (#26596) 2023-08-24 14:43:00 +02:00
Claire
e90649b064
Fix clicking “Explore” or “Live feeds” column headers to scroll in advanced mode (#26633)
Co-authored-by: Plastikmensch <Plastikmensch@users.noreply.github.com>
2023-08-24 14:10:48 +02:00
Claire
b2ac93dd73
Fix selecting domains to forward reports to not passing the information correctly (#26636) 2023-08-24 14:06:27 +02:00
Jaehong Kang
2dbbeedc94
Fix: Workaround to load MASTODON_VERSION_* in Docker. (#26591)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 13:07:27 +02:00
renovate[bot]
24ea6f851f
Update dependency redis to v4.6.8 (#26630)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-24 09:59:13 +02:00
Matt Jankowski
9974163776
Consolidate inclusion of admin js pack link (#26628) 2023-08-24 09:56:23 +02:00
renovate[bot]
e3fd071973
Update dependency rspec-sidekiq to v4 (#26627)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-24 09:03:40 +02:00
Antonin Del Fabbro
9a8190da4a
Change opacity of the delete icon in the search field to be more visible (#26449) 2023-08-23 15:51:07 +02:00
Daniel M Brasil
f337008819
Fix timeout on invalid set of exclusionary parameters in /api/v1/timelines/public (#26239) 2023-08-23 15:50:23 +02:00
jsgoldstein
b91724fb9d
Add elastic search installation into Vagrantfile (#26512) 2023-08-23 15:46:14 +02:00
renovate[bot]
34f5b90dc7
Update dependency sass to v1.66.1 (#26534)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-23 15:45:56 +02:00
renovate[bot]
060b554a9d
Update dependency oj to v3.16.0 (#26520)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-23 15:45:38 +02:00
renovate[bot]
de8c2427a5
Update dependency immutable to v4.3.3 (#26622)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-23 15:45:21 +02:00
Claire
613cfd625c
Change hashtag bar tags to be de-emphasized (#26606) 2023-08-23 15:44:52 +02:00
Christian Schmidt
152b10b624
Fix some React warnings (#26609) 2023-08-23 15:43:41 +02:00
Renaud Chaput
44ba785242
Change the hashtag bar to be hidden when there is a CW and the post is not expanded (#26615) 2023-08-23 15:40:31 +02:00
jsgoldstein
85057865b4
Update Account Search to prioritize username over display name (#26623) 2023-08-23 15:40:09 +02:00
yufushiro
3aac12981c
Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (#26608)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-23 08:44:56 +02:00
Robert R George
cf6f70799b
Add support for federating memorial attribute (#26583) 2023-08-23 08:27:24 +02:00
renovate[bot]
ea1a221e2d
Update dependency react-textarea-autosize to v8.5.3 (#26607)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-23 08:26:30 +02:00
renovate[bot]
74b8b8ea14
Update dependency rails to v7.0.7.2 (#26612)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-23 08:22:48 +02:00
Renaud Chaput
58acaa9ae6
Better hashtag normalization when processing a post (#26614) 2023-08-23 08:18:07 +02:00
Claire
bd023a2637
Fix admin dashboard check when using Elasticsearch with ES_PREFIX (#26605) 2023-08-22 18:51:32 +02:00
gunchleoc
25dc01660d
Add Kalmyk to languages dropdown (#26013) 2023-08-22 17:50:04 +02:00
gunchleoc
c01ecd0879
Add cherokee to languages dropdown (#26012) 2023-08-22 16:53:27 +02:00
renovate[bot]
dc09c10fa8
Update dependency mime-types to v3.5.1 (#26595)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-22 16:47:40 +02:00
Renaud Chaput
3249c06c73
Update SECURITY.md to indicate issues can be reported on Github (#26599) 2023-08-22 16:47:19 +02:00
Renaud Chaput
bb2db2aec0
Add circular-dependency-plugin to detect any circular deps issues (#26600) 2023-08-22 13:24:16 +02:00
Nick Schonning
b970ed6098
Update rubocop and rubocop-rspec (#26329) 2023-08-22 09:31:40 +02:00
Claire
fe31571965
Fix layout of the closed registrations modal (#26593) 2023-08-22 09:11:59 +02:00
Claire
facfec1ba3
Bump version to v4.2.0-beta2 (#26579) 2023-08-21 20:18:49 +02:00
Renaud Chaput
061fd66ee6
Remove hashtags from the last line of a status if it only contains hashtags (#26499) 2023-08-21 19:39:01 +02:00
Claire
ac0eb0533e
Add Elasticsearch cluster health check and indexes mismatch check to dashboard (#26448) 2023-08-21 16:50:22 +02:00
Claire
9ed0c91a37
Add auto-refresh of accounts we get new messages/edits of (#26510) 2023-08-21 16:09:26 +02:00
Claire
191d302b7f
Refactor Api::V1::ProfilesController into two separate controllers (#26573) 2023-08-21 15:47:09 +02:00
renovate[bot]
1cdcd9dc08
Update eslint (non-major) (#26567)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-21 10:13:21 +02:00
renovate[bot]
d3b4422b94
Update dependency core-js to v3.32.1 (#26548)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-21 09:06:33 +02:00
Christian Schmidt
872fe2d62d
Do not start LibreTranslate and Elasticsearch on GitHub Codespaces (#26382) 2023-08-21 08:51:37 +02:00
Daniel M Brasil
d24a87ce4f
Add ability to delete avatar or header picture via the API (#25124)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-21 08:44:35 +02:00
Christian Schmidt
bb23116e8d
Fix profile picture preview (#26538) 2023-08-18 18:24:32 +02:00
Claire
ee702e36e5
Change follow recommendation materialized view to be faster in most cases (#26545)
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-08-18 18:20:55 +02:00
Claire
e7bea8f004
Fix already initialized constant warning (#26542) 2023-08-18 16:06:46 +02:00
Emelia Smith
6375e390af
Fix: support both DATABASE_URL and DB_PASS (#26295) 2023-08-18 15:05:35 +02:00
Christian Schmidt
bb51c0676d
Remove redundant ready() wrapper (#26533) 2023-08-18 12:06:08 +02:00
renovate[bot]
1cb978bcc3
Update dependency @material-design-icons/svg to v0.14.11 (#26536)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-18 11:10:05 +02:00
renovate[bot]
581ebf2bb5
Update dependency puma to v6.3.1 (#26537)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-18 08:33:33 +02:00
Nicolai Søborg
13ffe91c81
Fix frame_rate for videos where ffprobe reports 0/0 (#26500) 2023-08-18 08:32:47 +02:00
Renaud Chaput
b95867ad1f
Allow setting a custom HTTP method in CacheBuster (#26528)
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
renovate[bot]
b5acf13886
Update dependency pg to v8.11.3 (#26519)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-17 16:43:37 +02:00
Claire
60b9fa641d
Fix cached posts including stale stats (#26409) 2023-08-17 16:11:48 +02:00
Claire
3ed2bf92d0
Fix case-insensitive comparison of hashtags to do case-folding (#26525) 2023-08-17 12:49:52 +02:00
Claire
cc4560d95b
Change “privacy and reach” settings so that unchecking boxes always increase privacy and checking them always increase reach (#26508) 2023-08-17 09:13:26 +02:00
Claire
0446394465
Fix “legal” report category not showing up in moderation interface (#26509) 2023-08-16 16:38:33 +02:00
Claire
f0862bcf98
Fix hashtag bar sometimes including tags that appear in the post's body (#26506) 2023-08-16 11:47:59 +02:00
renovate[bot]
26eaf058e2
Update dependency postcss to v8.4.28 (#26502)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-16 09:08:57 +02:00
Santiago Kozak
85ecadb630
Fix hashtag bar display when status is in a thread (#26497) 2023-08-16 09:06:04 +02:00
Claire
df6e719898
Add display of out-of-band hashtags in the web interface (#26492)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 23:42:30 +02:00
Claire
d9c21293aa
Fix unfollow icon styling in advanced column (#26482) 2023-08-14 19:02:47 +02:00
Claire
dd049fc37a
Fix ES_PRESET not being applied to Chewy's internal index (#26489) 2023-08-14 19:00:56 +02:00
Claire
90ec88d58b
Add support for indexable attribute on remote actors (#26485)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 18:54:51 +02:00
Claire
fc5ab2dc83
Add privacy tab in profile settings (#26484)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 18:52:45 +02:00
Claire
3a8370e1f4
Fix repo:changelog task matching strings that are not Pull Request identifiers (#26280) 2023-08-14 18:47:43 +02:00
Claire
f5778caa3a
Add ES_PRESET option to customize numbers of shards and replicas (#26483)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 17:46:16 +02:00
github-actions[bot]
c452ccd913
New Crowdin Translations (automated) (#26444)
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-14 14:54:31 +02:00
Renaud Chaput
9262cfc57f
Fix lint:json not processing json5 extension (#26481) 2023-08-14 14:53:13 +02:00
renovate[bot]
07f43daadc
Update dependency nokogiri to v1.15.4 (#26476)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-14 14:10:46 +02:00
renovate[bot]
c65032fb11
Update dependency autoprefixer to v10.4.15 (#26473)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-14 13:39:28 +02:00
renovate[bot]
273730c4e8
Update dependency faker to v3.2.1 (#26474)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-14 13:38:41 +02:00
HonkingGoose
c48506d8d4
Improve Renovate configuration (#26306) 2023-08-14 12:08:43 +02:00
mogaminsk
a664e15702
Fix "Create Account" button in interaction modal (#26459) 2023-08-14 12:04:04 +02:00
Renaud Chaput
1eac3a60de
Upgrade @types/react (#26457) 2023-08-14 09:40:07 +02:00
Claire
8c7f3c5332
Remove old non-unique index on preview_cards statuses join table (#26447) 2023-08-14 09:38:08 +02:00
Jeong Arm
496eb6f7a4
Add missing instances option to tootctl search deploy (#26461) 2023-08-13 02:06:04 +02:00
Claire
34f3001278
Fix reply not preserving the language from the replied-to post (#26452) 2023-08-12 00:06:37 +02:00
Renaud Chaput
121443c0fc
Upgrade JS dev dependencies (#26442) 2023-08-11 09:59:57 +02:00
Nick Schonning
9dff838edc
Merge duplicate Gemfile groups (#26441) 2023-08-10 21:51:48 +02:00
Claire
4bc0dd751c
Add S3_DISABLE_CHECKSUM_MODE environment variable for compatibility with some S3-compatible providers (#26435) 2023-08-10 14:15:18 +02:00
renovate[bot]
3dd3c50811
Update dependency pg-connection-string to v2.6.2 (#26427)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 11:07:33 +02:00
renovate[bot]
27d8e9be4a
Update dependency eslint-import-resolver-typescript to v3.6.0 (#26429)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 11:07:15 +02:00
renovate[bot]
7572fa21a3
Update babel monorepo to v7.22.10 (#26421)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 11:01:40 +02:00
renovate[bot]
05022c9218
Update dependency pg to v8.11.2 (#26426)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 10:59:42 +02:00
renovate[bot]
700f948fc9
Update dependency @rails/ujs to v7.0.7 (#26422)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 10:44:14 +02:00
renovate[bot]
1a308d1a22
Update dependency rails to v7.0.7 (#26428)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 10:44:00 +02:00
renovate[bot]
54dfacafcb
Update dependency regenerator-runtime to ^0.14.0 (#26432)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 10:39:47 +02:00
renovate[bot]
43741ba2b9
Update dependency mime-types to '~> 3.5.0' (#26431)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 10:24:34 +02:00
renovate[bot]
ba318a42fe
Update dependency sass to v1.65.1 (#26433)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 10:23:37 +02:00
renovate[bot]
c645308c6e
Update dependency eslint-config-prettier to v9 (#26434)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 10:23:00 +02:00
renovate[bot]
65f56bd849
Update dependency haml_lint to v0.49.3 (#26424)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 09:50:22 +02:00
renovate[bot]
74c422ad0a
Update dependency immutable to v4.3.2 (#26425)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 09:48:41 +02:00
renovate[bot]
426ca4f76c
Update dependency aws-sdk-s3 to v1.132.1 (#26423)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-10 09:47:55 +02:00
github-actions[bot]
8cbf4a5296
New Crowdin Translations (automated) (#26373)
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-10 09:47:42 +02:00
renovate[bot]
26fa4a6e82
Update eslint (non-major) (#26323)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-09 22:21:41 +02:00
renovate[bot]
59678c6d5d
Update dependency sass to v1.64.2 (#26315)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-09 22:19:12 +02:00
Claire
4caa9f0e69
Change the hashtag column to not display the hashtag header on pinned columns (#26416) 2023-08-09 16:32:40 +02:00
Matt Jankowski
d9a9323968
Avoid connecting to a running ES instance in ES search check spec (#26413) 2023-08-09 13:15:04 +02:00
Foritus
405f141fe0
Change: Block GPTBot (#26396) 2023-08-09 11:58:46 +02:00
Matt Jankowski
2c88364222
Restore console behavior in test env (#26401) 2023-08-09 11:26:56 +02:00
Matt Jankowski
271d384fd0
Use migration classes in migrations where current definition conflicts with older (#26390) 2023-08-09 11:26:42 +02:00
Claire
b12d75ef4f
Fix blocking subdomains of an already-blocked domain (#26392) 2023-08-09 09:39:36 +02:00
Claire
dab54ccbba
Prepare v4.2.0-beta1 (#26339) 2023-08-08 16:12:12 +02:00
Claire
8b37dd2c86
Fix Content Security Policy sometimes unnecessarily allowing hCaptcha scripts (#26388) 2023-08-08 15:41:38 +02:00
Claire
2c204d904b
Change DB_REPLICA_* environment variables to REPLICA_DB_* (#26386) 2023-08-08 13:59:40 +02:00
Claire
4773d7b9aa
Fix preview_cards_statuses_pkey not being reindexed concurrently (#26384) 2023-08-08 11:41:53 +02:00
Eugen Rochko
0e2a4d3897
Fix adding column with default value taking longer on Postgres >= 11 (#26375) 2023-08-08 09:09:58 +02:00
Eugen Rochko
72423bc8f6
Change account search tokenizer and queries (#26378) 2023-08-08 09:09:14 +02:00
Matt Jankowski
60fbb0fe91
Omniauth 2.0 version bump (#24209) 2023-08-08 08:57:18 +02:00
Claire
30c64bf616
Fix list import concurrently creating lists of the same name (#26372) 2023-08-07 17:59:20 +02:00
Claire
cd6f2b3cbc
Fix interaction modal layout (#26368) 2023-08-07 17:58:29 +02:00
Matt Jankowski
c363978782
Spec media attachment speedups (#25416) 2023-08-07 17:58:12 +02:00
Eashwar Ranganathan
11f5a8e54b
Make mastodon-streaming systemd unit templated (#24751)
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
2023-08-07 15:41:34 +02:00
github-actions[bot]
d2dbaba407
New Crowdin Translations (automated) (#26209)
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-07 13:37:54 +02:00
Eugen Rochko
e325443b02
Change header of hashtag timelines in web UI (#26362) 2023-08-07 09:46:11 +02:00
Claire
79936c584f
Fix report modal secondary buttons style (#26341) 2023-08-04 16:25:44 +02:00
Claire
d5bee37c57
Fix missing cached preview cards attributes (#26343) 2023-08-04 16:13:47 +02:00
Emelia Smith
65096c1ccd
Change streaming /metrics to include additional metrics (#26299) 2023-08-04 16:11:30 +02:00
Claire
b59053ff8c
Fix confirmation when closing media edition modal with unsaved changes (#26342) 2023-08-04 15:48:29 +02:00
Trevor Wolf
93372fee1e
Fix light theme select option for hashtags (#26311) 2023-08-04 09:41:17 +02:00
Claire
9405e9af58
Fix incorrect model annotation for List#exclusive (#26313) 2023-08-04 09:00:31 +02:00
Eugen Rochko
04e7efac3f
Change design of hidden media overlay (again) in web UI (#26330) 2023-08-03 20:39:45 +02:00
Eugen Rochko
9d719bcd85
Change reblogs to be excluded from "Posts and replies" tab in web UI (#26302) 2023-08-03 20:39:33 +02:00
Claire
12c43e4ab5
Re-add StatsD support through the nsa gem (#26310) 2023-08-03 20:28:14 +02:00
CSDUMMI
120f5802c0
Add direct link to the Single-Sign On provider if there is only one sign up method available (#26083) 2023-08-03 16:43:15 +02:00
renovate[bot]
a5768d3ea6
Update dependency rack-attack to v6.7.0 (#26319)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 16:29:18 +02:00
renovate[bot]
912bc4655c
Update dependency selenium-webdriver to v4.10.0 (#26322)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 16:17:22 +02:00
Claire
3105fef21a
Rename “read” database to “replica” for consistency (#26326) 2023-08-03 16:17:09 +02:00
renovate[bot]
51cee42117
Update dependency lograge to v0.13.0 (#26318)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 16:11:37 +02:00
renovate[bot]
f6e4137d7c
Update dependency core-js to v3.32.0 (#26317)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 16:10:55 +02:00
renovate[bot]
a615c0cfc2
Update dependency test-prof to v1.2.2 (#26316)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 16:10:41 +02:00
renovate[bot]
670dae371a
Update dependency react-redux to v8.1.2 (#26314)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 16:10:23 +02:00
renovate[bot]
091c2f2e44
Update dependency rack to v2.2.8 (#26312)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 16:10:10 +02:00
Christian Schmidt
8da99ffb0d
Add alt text for preview card thumbnails (#26184) 2023-08-03 15:41:51 +02:00
renovate[bot]
ca19ea30d4
Update dependency aws-sdk-s3 to v1.132.0 (#26227)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-03 13:53:25 +02:00
Daniel M Brasil
3a4d3e9d4b
Add GET /api/v1/instance/languages to REST API (#24443)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-03 11:25:47 +02:00
Claire
6b896b20cc
Add primary key to preview_cards_statuses join table (includes deduplication migration) (#25243) 2023-08-03 11:12:52 +02:00
Eugen Rochko
a0fad5c8bb
Change indexing frequency from 5 minutes to 1 minute, add locks to schedulers (#26304) 2023-08-03 11:04:05 +02:00
Val Lorentz
f55f0ab0c3
Allow spaces around commas in ALLOWED_PRIVATE_ADDRESSES (#26297) 2023-08-03 10:05:35 +02:00
Eugen Rochko
2f932cb2bb
Add client-side timeout on resend confirmation button (#26300) 2023-08-03 01:51:10 +02:00
Claire
425d77f812
Fix crash in tootctl status remove and some old migrations (#26210) 2023-08-02 20:54:56 +02:00
Trevor Wolf
6308dca76a
change column link to add a better keyboard focus indicator (#26278) 2023-08-02 19:33:41 +02:00
Emelia Smith
e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
Christian Schmidt
8891d8945d
Fix request URL normalisation for bare domain and 8-bit characters (#26285) 2023-08-02 19:32:29 +02:00
Eugen Rochko
2cbdff97ce
Change design of role badges in web UI (#26281)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-02 17:24:32 +02:00
Eugen Rochko
01f0cffc2c
Fix line clamp for link previews in web UI (#26286) 2023-08-02 04:17:23 +02:00
Eugen Rochko
4c999a736c
Fix wrong border radius on link cards in web UI (#26287) 2023-08-02 01:57:31 +02:00
Christian Schmidt
ca342d4838
Add List-Unsubscribe email header (#26085) 2023-08-01 19:34:40 +02:00
Christian Schmidt
f2257069b2
Fix AVIF attachments (#26264) 2023-08-01 19:34:11 +02:00
Claire
71fd70335a
Change interaction modal input to disable browser spell-checking, capitalization and autocomplete (#26267) 2023-08-01 17:11:30 +02:00
Claire
6c39125761
Change /api/v1/peers/search to be case-insensitive when using Elasticsearch (#26268) 2023-08-01 14:52:32 +02:00
Christian Schmidt
fd284311e7
Do not normalize URL before fetching it (#26219) 2023-07-31 23:17:37 +02:00
Claire
51768de16e
Bump version to v4.1.6 (#26272) 2023-07-31 21:11:25 +02:00
Claire
d82abc877a
Fix Importer::BaseImporter#clean_up! not using proper primary key (#26269) 2023-07-31 11:17:41 +02:00
Eugen Rochko
d4807a5e64
Change aspect ratios on link previews in web UI (#26250) 2023-07-30 03:35:17 +02:00
Christian Schmidt
d76f79f647
Remove obsolete backport from Rails 7 (#26254) 2023-07-29 22:28:05 +02:00
Plastikmensch
4d3a129212
Fix public TL not indicating new toots when onlyRemote is enabled (#26247)
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
2023-07-29 20:18:38 +02:00
Matt Jankowski
74903af7ce
Ignore the brakeman PermitAttributes check (#25915) 2023-07-28 23:17:53 +02:00
Matt Jankowski
8ac9e446df
Load rspec-rails gem in test + development (#25768) 2023-07-28 23:17:35 +02:00
Matt Jankowski
7581b1ff96
Profiling tools configuration improvement (#25383) 2023-07-28 23:16:23 +02:00
Matt Jankowski
6f1fa1364f
Fix RSpec/EmptyExampleGroup cop (#24735) 2023-07-28 23:15:33 +02:00
Matt Jankowski
660993b415
Add coverage for URLValidator (#25591) 2023-07-28 23:12:25 +02:00
Matt Jankowski
6602edf064
Add coverage for LanguageValidator (#25593) 2023-07-28 23:12:09 +02:00
Matt Jankowski
ad81be6c8e
Update rubocop rules for linelength (#26190) 2023-07-28 23:11:45 +02:00
Matt Jankowski
30f5ec7303
Rubocop fix: Perfomance/UnfreezeString (#26217) 2023-07-28 23:11:05 +02:00
Renaud Chaput
4d1b67f664
Add end-to-end (system) tests (#25461) 2023-07-28 23:09:49 +02:00
Jay Prakash Kalia
8d5d707cc1
Update README.md (#25435) 2023-07-28 23:09:19 +02:00
gunchleoc
b0134db6ff
Allow filtering for Chinese languages (#26066) 2023-07-28 23:07:22 +02:00
Christian Schmidt
f96e4b3047
Use original URL in preview if it redirects to 4xx page (#26200) 2023-07-28 23:02:08 +02:00
Renaud Chaput
3554c52795
Fix missing return values in streaming (#26233) 2023-07-28 19:11:58 +02:00
Claire
446821a0dc
Swap debug statements in streaming server (#26231) 2023-07-28 17:59:31 +02:00
Emelia Smith
81cdc0f972
Fix: Streaming server memory leak in HTTP EventSource cleanup (#26228) 2023-07-28 12:06:29 +02:00
renovate[bot]
255606d2da
Update dependency haml_lint to v0.49.2 (#26222)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-28 10:45:52 +02:00
Claire
a4ec187a20
Change the wording of the dismissable explore prompt (#25917) 2023-07-27 16:51:02 +02:00
Claire
bbea052935
Fix emoji picker button scrolling with textarea content in single-column view (#25304) 2023-07-27 16:20:33 +02:00
Emelia Smith
317cd26fba
Remove queued_at value from pubsub payloads (#26173) 2023-07-27 16:19:33 +02:00
Misty De Méo
12a6cf569e
Storage: add :azure to remaining callers (#26080) 2023-07-27 16:13:45 +02:00
Claire
6c3c5bbbc3
Fix crash when processing Flag activity with no status (#26189) 2023-07-27 16:11:56 +02:00
Claire
b4e739ff0f
Change interaction modal in web UI (#26075)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-27 16:11:17 +02:00
Claire
1e4ccc655a
Add role badges to the WebUI (#25649) 2023-07-27 16:05:24 +02:00
Emelia Smith
ddaf200c78
Refactor streaming's filtering logic & improve documentation (#26213) 2023-07-27 15:38:18 +02:00
Claire
1814990a3d
Fix wrong filters sometimes applying in streaming (#26159) 2023-07-27 15:12:10 +02:00
Daniel M Brasil
812a84ff5f
Migrate to request specs in /api/v2/filters (#25721) 2023-07-27 14:58:20 +02:00
Matt Jankowski
f48d345de1
Use correct naming on controller concern specs (#26197) 2023-07-27 14:27:21 +02:00
Matt Jankowski
b06763dc11
Remove the sr locale override .rb files (#25927) 2023-07-26 15:39:53 +02:00
github-actions[bot]
b9adea9695
New Crowdin Translations (automated) (#26072)
Co-authored-by: GitHub Actions <noreply@github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-26 13:46:16 +02:00
Matt Jankowski
84d520ee80
Extract private methods in StatusCacheHydrator (#26177) 2023-07-26 09:50:48 +02:00
Matt Jankowski
a2dca50ef3
Use heredoc SQL blocks in AddFromAccountIdToNotifications migration (#26178) 2023-07-26 09:49:15 +02:00
Matt Jankowski
8ac5a93a7d
Reformat large hash in ContextHelper module (#26180) 2023-07-26 09:46:11 +02:00
Matt Jankowski
2d9808f648
Reformat large key values in service specs (#26181) 2023-07-26 09:45:50 +02:00
Matt Jankowski
bada7a65aa
Ignore long line in regex initializer (#26182) 2023-07-26 09:45:27 +02:00
Matt Jankowski
7d62e3b198
Reformat large text arg in FetchLinkCardService spec (#26183) 2023-07-26 09:44:51 +02:00
Christian Schmidt
a4b69bec2e
Fix missing GIF badge in account gallery (#26166) 2023-07-26 03:33:31 +02:00
Christian Schmidt
6781dc6462
Preserve translation on status re-import (#26168) 2023-07-25 20:29:31 +02:00
Claire
ce1f35d7e2
Revert poll colors to green outside of compose form (#26164) 2023-07-25 15:32:59 +02:00
renovate[bot]
edc104c9ef
Update dependency sass to v1.64.1 (#26146)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-25 14:45:35 +02:00
Eugen Rochko
7bd8ef355c
Add published_at attribute to preview cards (#26153) 2023-07-25 13:40:35 +02:00
Trevor Wolf
49d2e8979f
fix poll input active style (#26162) 2023-07-25 13:39:15 +02:00
Matt Jankowski
50ff3d3342
Coverage for Auth::OmniauthCallbacks controller (#26147) 2023-07-25 09:46:57 +02:00
Eugen Rochko
f826a95f6e
Add published date and author to news on the explore screen in web UI (#26155) 2023-07-25 00:57:15 +02:00
Christian Schmidt
4299208487
Fix lang for UI texts in link preview (#26149) 2023-07-24 23:01:31 +02:00
Eugen Rochko
714a20697f
Fix missing action label on sensitive videos and embeds in web UI (#26135) 2023-07-24 22:04:38 +02:00
Eugen Rochko
d1a9f601c7
Fix missing border on error screen in light theme in web UI (#26152) 2023-07-24 19:53:33 +02:00
gol-cha
9a567ec1d1
Fix UI Overlap with the loupe icon in the Explore Tab (#26113) 2023-07-24 17:56:20 +02:00
Claire
2dfa8f797a
Fix LinkCrawlWorker crashing on null created_at (#26151) 2023-07-24 17:55:36 +02:00
Vyr Cossont
394d1f19b1
Add report.updated webhook (#24211) 2023-07-24 17:37:38 +02:00
renovate[bot]
173a268025
Update dependency aws-sdk-s3 to v1.131.0 (#26145)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-24 16:18:19 +02:00
Claire
b629e21515
Fix unexpected redirection to /explore after sign-in (#26143) 2023-07-24 16:06:32 +02:00
renovate[bot]
3cbc69f13d
Update dependency postcss to v8.4.27 (#26144)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-24 16:03:49 +02:00
renovate[bot]
e56dc936e3
Update dependency brakeman to v6.0.1 (#26141)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-24 15:43:08 +02:00
renovate[bot]
d31b31afee
Update dependency rdf-normalize to v0.6.1 (#26130)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-24 14:05:12 +02:00
Christian Schmidt
76fce34ebb
Add lang attribute to trending links (#26111) 2023-07-24 13:48:23 +02:00
Trevor Wolf
80809ef33e
change poll form element colors to fit with the rest of the ui (#26139) 2023-07-24 13:48:09 +02:00
Eugen Rochko
6b2952d1dd
Change design of link previews in web UI (#26136) 2023-07-24 13:47:28 +02:00
Eugen Rochko
4d01d1a1ee
Remove 16:9 cropping from web UI (#26132) 2023-07-24 13:46:55 +02:00
Eugen Rochko
5e8cbb5f82
Remove back button from bookmarks, favourites and lists screens in web UI (#26126) 2023-07-23 17:55:20 +02:00
Eugen Rochko
cfd50f30bb
Fix focus and hover styles in web UI (#26125) 2023-07-23 17:55:13 +02:00
Nick Schonning
67016dd29d
Update haml-lint 0.49.1 (#26118) 2023-07-23 17:48:16 +02:00
Christian Schmidt
3abe0fc5c8
Use valid email address for first account (#26114) 2023-07-23 15:58:19 +02:00
mogaminsk
db310f383d
Fix missing translation strings for importing lists (#26120) 2023-07-23 15:57:57 +02:00
Claire
0078e7e760
Fix incorrect connect timeout in outgoing requests (#26116) 2023-07-22 20:42:31 +02:00
Claire
f2c683336b
Bump version to v4.1.5 (#26108) 2023-07-21 21:23:14 +02:00
наб
1b4cf0eba0
Favourits -> Favorites (#26109) 2023-07-21 21:13:20 +02:00
Christian Schmidt
296ec6cf57
Override default Action Mailer preview_path (#26110) 2023-07-21 21:12:57 +02:00
gunchleoc
217ef7f2af
Replace 'favourite' by 'favorite' for American English (#26009) 2023-07-21 19:09:13 +02:00
Claire
5b457961fc
Fix linting issue (#26106) 2023-07-21 14:21:10 +02:00
Claire
e5f1000ad1
Fix CSP headers being unintendedly wide (#26105) 2023-07-21 13:34:15 +02:00
Claire
14fad60384
Use username as display name for suspended users or users with blank display names (#25276) 2023-07-21 13:20:53 +02:00
Trevor Wolf
59478a1b46
change focus ui for keyboard only input (#25935) 2023-07-21 13:20:14 +02:00
Claire
934c7b33d1
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades (#26023) 2023-07-21 13:17:43 +02:00
Claire
e4ea80d808
Change thread view to scroll to the selected post rather than the post being replied to (#24685) 2023-07-21 13:14:30 +02:00
Claire
144a406d33
Clean up unused application records (#24871) 2023-07-21 13:13:16 +02:00
Claire
5cbc402687
Fix replica being used even if not explicitly defined (#26074) 2023-07-21 11:30:53 +02:00
Renaud Chaput
42698b4c5c
Fix the crossorigin attribute (#26096) 2023-07-21 11:14:26 +02:00
Renaud Chaput
4ea041fe67
Improve the bug report templates (#25621) 2023-07-21 10:46:12 +02:00
Claire
1e3b19230a
Add stricter protocol fields validation for accounts (#25937) 2023-07-20 18:23:48 +02:00
Matt Jankowski
1cceb62afd
Fix Lint/Void cop (#25922) 2023-07-20 17:31:34 +02:00
Matt Jankowski
a5842df123
Fix haml-lint Rubocop Lint/UnusedBlockArguments cop (#26039) 2023-07-20 17:03:39 +02:00
Matt Jankowski
285a3df56c
Move localized subject mailer shared example to separate file (#25889) 2023-07-20 15:50:50 +02:00
gunchleoc
cabe1ea560
Change casing for 'Server Settings' string (#26011) 2023-07-20 15:17:40 +02:00
Matt Jankowski
df05ece265
Fix haml-lint Rubocop Style/NumericPredicate cop (#26040) 2023-07-20 15:13:06 +02:00
Stanislas Signoud
586b1c9dca
Fix a missing redirection on getting-started in multi column mode (#26070) 2023-07-20 14:46:02 +02:00
Misty De Méo
b848ba3867
Paperclip: add support for Azure blob storage (#23607) 2023-07-19 09:02:49 +02:00
Christian Schmidt
4c18928a93
Wrong count in response when removing favourite/reblog (#24365)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-19 09:02:30 +02:00
Matt Jankowski
6edd404482
Cleanup unused portions of statuses/status partial (#26045) 2023-07-19 08:44:16 +02:00
github-actions[bot]
47832a1ac0
New Crowdin Translations (automated) (#26054)
Co-authored-by: renchap <renchap@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-18 21:13:25 +02:00
Claire
ff41e5426a
Change request timeout handling to use a longer deadline (#26055) 2023-07-18 20:51:20 +02:00
Matt Jankowski
6657695ec6
Fix haml-lint InstanceVariables rule for auth/registrations/edit (#26061) 2023-07-18 18:10:52 +02:00
Matt Jankowski
f6dda59e5d
Fix haml-lint Rubocop Style/SymbolProc cop (#26059) 2023-07-18 17:43:04 +02:00
Matt Jankowski
39d9804119
Fix haml-lint Rubocop Style/WordArray cop (#26058) 2023-07-18 17:25:41 +02:00
Matt Jankowski
b3f48089e6
Fix haml-lint rubocop style negation cops (#26057) 2023-07-18 17:02:02 +02:00
Renaud Chaput
b8931311a0
Fixes to the new Image build actions (#26056) 2023-07-18 16:56:42 +02:00
Renaud Chaput
626a7b6a77
Add a Github Action to send translations to Crowdin for each merge in main (#25869) 2023-07-18 16:56:01 +02:00
Renaud Chaput
d184524233
Rework the container image build actions (#26007) 2023-07-18 13:36:12 +02:00
Daniel M Brasil
59b38f9ee4
Migrate to request specs in /api/v1/mutes (#25622) 2023-07-18 13:05:19 +02:00
Matt Jankowski
e663e6d2c2
Fix haml-lint ConsecutiveSilentScripts rule (#26043) 2023-07-18 09:25:37 +02:00
renovate[bot]
6245cec185
Update dependency ox to v2.14.17 (#26044)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-18 09:24:48 +02:00
Daniel M Brasil
58bfe8c43a
Migrate to request specs in /api/v1/bookmarks (#25520) 2023-07-18 09:15:50 +02:00
Daniel M Brasil
5a7c6c6597
Migrate to request specs in /api/v1/timelines/public (#25746)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-18 09:15:18 +02:00
forsamori
55cf18b689
Add MacOS M1/2 setup steps to README (#25682)
Co-authored-by: Sam BC <samuel.balbirnie-cumming@xdesign.com>
2023-07-18 09:02:45 +02:00
Matt Jankowski
4207c95d4f
Fix haml-lint Rubocop Style/SlicingWithRange cop (#25947) 2023-07-17 18:18:13 +02:00
Claire
a442a1d1c6
Fix “Back” button sometimes redirecting out of Mastodon (#25281) 2023-07-17 17:32:46 +02:00
Matt Jankowski
d0f00206dc
Fix haml-lint Rubocop Style/StringLiterals cop (#25948) 2023-07-17 16:57:18 +02:00
Daniel M Brasil
19208aa422
Migrate to request specs in /api/v1/statuses/:status_id/favourite (#25626) 2023-07-17 16:53:57 +02:00
Daniel M Brasil
6fb4a756ff
Migrate to request specs in /api/v1/statuses/:status_id/bookmark (#25624) 2023-07-17 16:51:49 +02:00
Daniel M Brasil
4859958a0c
Migrate to request specs in /api/v1/polls (#25596) 2023-07-17 16:50:00 +02:00
Daniel M Brasil
1aea938d3d
Migrate to request specs in /api/v1/statuses/:status_id/pin (#25635) 2023-07-17 16:24:05 +02:00
Daniel M Brasil
6cdc8408a9
Migrate to request specs in /api/v1/emails/confirmations (#25686) 2023-07-17 16:22:33 +02:00
Daniel M Brasil
8a1aabaac1
Migrate to request specs in /api/v1/timelines/home (#25743) 2023-07-17 16:20:11 +02:00
Nick Schonning
c80ecf2ff7
Increase PR Rebase job retries (#25926) 2023-07-17 16:10:43 +02:00
Jeong Arm
664b0ca8cb
Check if json body is null on Activitipub::ProcessingWorker (#26021) 2023-07-17 15:51:30 +02:00
Matt Jankowski
bd33efdf16
Fix haml-lint Rubocop Style/MinMaxComparison cop (#25974) 2023-07-17 15:38:04 +02:00
Matt Jankowski
361dd43235
Fix haml-lint Rubocop lambda cop (#25946) 2023-07-17 15:07:29 +02:00
Matt Jankowski
5096deb818
Fix haml lint Rubocop Style/RedundantStringCoercion cop (#25975) 2023-07-17 14:08:56 +02:00
renovate[bot]
2a9063e36a
Update dependency react-select to v5.7.4 (#26033)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 14:07:36 +02:00
Claire
943f27f437
Remove unfollowed hashtag posts from home feed (#26028) 2023-07-17 13:56:28 +02:00
Claire
f18618d7f9
Fix some incorrect tests (#26035) 2023-07-17 13:13:43 +02:00
renovate[bot]
626f9cf831
Update dependency public_suffix to v5.0.3 (#26032)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 12:40:54 +02:00
Nick Schonning
bf9c1a65fa
Update rubocop 1.54.2 (#26002) 2023-07-17 12:40:27 +02:00
renovate[bot]
cf18bfa090
Update dependency aws-sdk-s3 to v1.130.0 (#25967)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 12:39:50 +02:00
fusagiko / takayamaki
ee8c8dbc6f
remove some file paths from rubocop_tobo.yml (#26022) 2023-07-17 12:15:32 +02:00
renovate[bot]
7b7a26c895
Update dependency postcss to v8.4.26 (#26030)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 12:13:01 +02:00
Claire
c667fc5a4a
Fix ArgumentError in mailers when a user's timezone is blank (#26025) 2023-07-17 12:10:50 +02:00
Michael Stanclift
97ce47e451
Fix for "follows you" indicator in light web UI not readable (#25993) 2023-07-17 11:51:00 +02:00
renovate[bot]
f17acbca33
Update dependency immutable to v4.3.1 (#26029)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 11:39:35 +02:00
renovate[bot]
cdaca7a08b
Update babel monorepo to v7.22.9 (#26017)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-17 09:38:11 +02:00
Renaud Chaput
84ce94b100
Try to improve Renovatebot config (#26005) 2023-07-17 09:33:22 +02:00
Eugen Rochko
26e522ac55
Fix not actually connecting to the configured replica (#25977) 2023-07-17 08:26:52 +02:00
Terence Eden
b923a4c755
Prevent split line between icon and number on reposts & favourites (#26004) 2023-07-16 10:06:33 +02:00
Claire
71db616fed
Change “About” and “Privacy policy” links to open in a new tab in advanced interface (#25973) 2023-07-13 17:59:15 +02:00
Stanislas Signoud
5fad7bd58a
Change links in multi-column mode so tabs are open in single-column mode (#25893) 2023-07-13 17:18:09 +02:00
Claire
41f65edb21
Fix embed dropdown menu item for unauthenticated users (#25964) 2023-07-13 15:53:03 +02:00
Matt Jankowski
644c5fddd8
Refactor Status.tagged_with_all for brakeman SQL injection warning (#25941) 2023-07-13 15:52:37 +02:00
Renaud Chaput
70cc7bdbba
Remove some recently-updated packages from Renovabot ignore config (#25960) 2023-07-13 13:34:38 +02:00
Claire
5a3f174d56
Fix follow link style in embeds (#25965) 2023-07-13 12:58:56 +02:00
renovate[bot]
ba0649f042
Update dependency postcss to v8.4.25 (#25961)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-13 12:20:03 +02:00
renovate[bot]
a4e6ff0d53
Update dependency react-textarea-autosize to v8.5.2 (#25962)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-13 12:19:54 +02:00
Renaud Chaput
a7253075d1
Upgrade to typescript-eslint v6 (#25904) 2023-07-13 11:49:16 +02:00
renovate[bot]
3ed9b55cb3
Update dependency rubocop-rails to v2.20.1 (#25493)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-07-13 11:44:02 +02:00
Renaud Chaput
a75138d073
Convert Home timeline components to Typescript (#25583) 2023-07-13 11:28:55 +02:00
Renaud Chaput
73b64b8917
Upgrade to Prettier 3 (#25902) 2023-07-13 11:26:45 +02:00
renovate[bot]
0d7340380c
Update dependency glob to v10.3.3 (#25959)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-13 11:20:20 +02:00
renovate[bot]
6be9f95a22
Update dependency core-js to v3.31.1 (#25958)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-13 11:17:46 +02:00
Michael Stanclift
063482a63f
Fix trending publishers table not rendering correctly on narrow screens (#25945) 2023-07-13 11:12:51 +02:00
Nick Schonning
1a6c2e450a
Update rubocop to v1.54.1 (#25627) 2023-07-13 11:11:55 +02:00
renovate[bot]
e7b0d1e23c
Update dependency chewy to v7.3.3 (#25940)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-13 11:07:26 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Eugen Rochko
8d0c69529a
Change markers API to use a replica (#25851) 2023-07-12 18:57:40 +02:00
Eugen Rochko
fdc3ff7c2d
Change notifications API to use a replica (#25874) 2023-07-12 17:06:00 +02:00
renovate[bot]
82e477b184
Update dependency capistrano-rails to v1.6.3 (#25934)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-12 14:19:51 +02:00
Matt Jankowski
1ef014802b
Refactor Trends::Query to avoid brakeman sql injection warnings (#25881) 2023-07-12 14:19:20 +02:00
Renaud Chaput
ecd8e0d612
Update Stylelint (#25819) 2023-07-12 12:31:23 +02:00
Renaud Chaput
be34b437ed
Update haml-lint (#25929) 2023-07-12 12:31:10 +02:00
Matt Jankowski
f831452037
Refactor Snowflake to avoid brakeman sql injection warnings (#25879) 2023-07-12 10:44:58 +02:00
Matt Jankowski
6c5a2233a8
Fix RSpec/StubbedMock cop (#25552)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-12 10:20:10 +02:00
Matt Jankowski
2e1391fdd2
Fix Naming/MemoizedInstanceVariableName cop (#25928) 2023-07-12 10:08:51 +02:00
Matt Jankowski
5134fc65e2
Fix Naming/AccessorMethodName cop (#25924) 2023-07-12 10:03:19 +02:00
Matt Jankowski
b8b2470cf8
Fix Style/SlicingWithRange cop (#25923) 2023-07-12 10:03:06 +02:00
Matt Jankowski
658742b3cd
Fix Lint/AmbiguousBlockAssociation cop (#25921) 2023-07-12 10:02:41 +02:00
Matt Jankowski
b786911c55
Fix Lint/SendWithMixinArgument cop (#25920) 2023-07-12 10:02:32 +02:00
Matt Jankowski
74806deb2c
Fix RSpec/SubjectStub cop (#25550)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-12 10:02:19 +02:00
Matt Jankowski
7824df0eca
Exclude lib/linter from simplecov report (#25916) 2023-07-12 09:51:59 +02:00
Matt Jankowski
c75df62ccc
Fix RSpec/SubjectDeclaration cop (#25312) 2023-07-12 09:49:33 +02:00
Nick Schonning
f134a5f9d8
Run Rubocop on Rakefile (#23871) 2023-07-12 09:47:54 +02:00
Nick Schonning
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Nick Schonning
9e8bc56d5a
Enable Rubocop Style/Semicolon with config (#23652) 2023-07-12 09:44:15 +02:00
renovate[bot]
8e0fd2d619
Update babel monorepo (#25930)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-12 09:05:17 +02:00
Stanislas Signoud
1392f31ed8
Fix sounds not being loaded from assets host (#25931) 2023-07-12 03:02:32 +02:00
Stanislas Signoud
ca955ada0b
Use invariant colors on notification toasts (#25919) 2023-07-11 23:30:21 +02:00
Claire
3b92499cbc
Fix incorrect syntax in Github action configuration (#25918) 2023-07-11 19:52:37 +02:00
Matt Jankowski
a02ae37766
Run the rebase conflict checker once an hour (#25914) 2023-07-11 19:40:51 +02:00
Claire
9411fa4d36
Update brakeman ignores (#25912) 2023-07-11 17:08:37 +02:00
Nick Schonning
e11032585b
Run brakeman in GitHub Actions (#23713) 2023-07-11 15:23:57 +02:00
trwnh
3aa153694e
Fix changelog referencing wrong API version (#25857) 2023-07-11 14:53:58 +02:00
Renaud Chaput
518890a9f1
Fixes latest Docker tag (#25812) 2023-07-11 14:52:00 +02:00
Trevor Wolf
ea10febd25
fix buttons showing inconsistent styles (#25903) 2023-07-11 12:26:09 +02:00
jsgoldstein
99be47f8b9
Change searching with # to include account index (#25638) 2023-07-10 20:58:13 +02:00
Claire
af54bf52c8
Fix filters not applying to explore tab (#25887) 2023-07-10 19:33:07 +02:00
Claire
999c343946
Fix remote accounts being possibly persisted to database with incomplete protocol values (#25886) 2023-07-10 18:42:19 +02:00
Claire
4b5851974c
Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-10 18:42:10 +02:00
Claire
c27b82a437
Add forward_to_domains parameter to POST /api/v1/reports (#25866) 2023-07-10 18:26:56 +02:00
Matt Jankowski
f3fca78756
Refactor NotificationMailer to use parameterization (#25718) 2023-07-10 03:06:22 +02:00
Eugen Rochko
a1f5188c8c
Change feed merge, unmerge and regeneration workers to use a replica (#25849) 2023-07-10 03:06:09 +02:00
Eugen Rochko
610cf6c371
Fix trend calculation working on too many items at a time (#25835) 2023-07-08 20:16:48 +02:00
Eugen Rochko
338a0e70cc
Change label and design of sensitive and unavailable media in web UI (#25712) 2023-07-08 20:05:33 +02:00
Matt Jankowski
d6b387a0c4
Remove unused NotificationMailer#digest preview (#25719) 2023-07-08 20:04:21 +02:00
Matt Jankowski
cf33028f35
Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Renaud Chaput
41a505513f
Remove unused missed_update state (#25832) 2023-07-08 20:02:14 +02:00
Eugen Rochko
a7ca33ad96
Add toast with option to open post after publishing in web UI (#25564) 2023-07-08 20:01:08 +02:00
Eugen Rochko
a8edbcf963
Fix dropdowns being disabled for logged out users in web UI (#25714) 2023-07-08 20:00:52 +02:00
Eugen Rochko
ceeb2b8c41
Fix explore page being inaccessible when opted-out of trends in web UI (#25716) 2023-07-08 20:00:12 +02:00
Eugen Rochko
93e8a15415
Add forwarding of reported replies to servers being replied to (#25341) 2023-07-08 20:00:02 +02:00
Kurtis Rainbolt-Greene
e4cfe4b3db
First pass at multi-database for read replica using Rails native adapter (#25693)
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Renaud Chaput
4534498a8e
Convert <DismissableBanner> to Typescript (#25582) 2023-07-08 11:12:20 +02:00
alfe
20e85c0e83
Rewrite <ShortNumber /> as FC and TS (#25492) 2023-07-08 11:11:58 +02:00
fusagiko / takayamaki
e0d230fb37
simplify counters (#25541) 2023-07-08 11:11:22 +02:00
Matt Jankowski
0f9b803eb3
Regenerate brakeman ignore, pruning warnings (#25749) 2023-07-08 11:07:19 +02:00
Renaud Chaput
9f078e238d
Fix translate button position (#25807) 2023-07-08 00:12:31 +02:00
Claire
0051128387
Bump version to v4.1.4 (#25805) 2023-07-07 19:42:03 +02:00
Renaud Chaput
d481e72e85
Tag images with the latest tag only when running against the latest stable branch (#25803) 2023-07-07 19:31:55 +02:00
Claire
b6d173b459
Fix crash in admin interface when viewing a remote user with verified links (#25796) 2023-07-07 18:10:17 +02:00
Claire
71d44949bf
Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794) 2023-07-07 18:10:00 +02:00
nemobis
dfedf0ec64
Fix typo in CHANGELOG.md (#25764) 2023-07-07 14:15:54 +02:00
renovate[bot]
8b624553ef
Update dependency sanitize to v6.0.2 [SECURITY] (#25777)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-07 13:35:54 +02:00
Claire
94fbac77e7
Fix processing of media files with unusual names (#25788) 2023-07-07 13:35:22 +02:00
Claire
5e1752ce3f
Bump version to v4.1.3 (#25757) 2023-07-06 15:14:42 +02:00
Claire
610731b03d
Merge pull request from GHSA-55j9-c3mp-6fcq 2023-07-06 15:06:49 +02:00
Claire
c5929798bf
Merge pull request from GHSA-9pxv-6qvf-pjwc
* Fix timeout handling of outbound HTTP requests

* Use CLOCK_MONOTONIC instead of Time.now
2023-07-06 15:06:23 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
6d8e0fae3e
Merge pull request from GHSA-ccm4-vgcc-73hp
* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
2023-07-06 15:03:33 +02:00
Claire
fed9cbfd2b
Add hardened headers to user-uploaded files (#25756) 2023-07-06 14:31:37 +02:00
Eugen Rochko
000b835803
Add canonical link tags in web UI (#25715) 2023-07-05 11:25:27 +02:00
Eugen Rochko
b7910bc751
Add button to see results for polls in web UI (#25726) 2023-07-05 10:32:04 +02:00
Claire
eb2417ce99
Fix OAuth apps page crashing when listing apps with certain admin API scopes (#25713) 2023-07-04 18:58:23 +02:00
Claire
4658263b4a
Fix re-activated accounts being deleted by AccountDeletionWorker (#25711) 2023-07-04 18:36:24 +02:00
Trevor Wolf
182fd93a07
fix read more button overlapping thread line bug (#25706) 2023-07-04 14:57:46 +02:00
Claire
12fa24a885
Fix forgotten unconfirmed_email migration file (#25702) 2023-07-04 11:25:29 +02:00
mogaminsk
6268188543
Fix local live feeds does not expand (#25694) 2023-07-04 00:37:57 +02:00
forsamori
d9a5c1acfa
Add at-symbol prepended to mention span title (#25684)
Co-authored-by: Sam BC <samuel.balbirnie-cumming@xdesign.com>
2023-07-03 22:58:10 +02:00
Eugen Rochko
54a10523e2
Change labels of live feeds tabs in web UI (#25683) 2023-07-03 22:57:18 +02:00
Daniel M Brasil
383c00819c
Fix /api/v2/search not working with following query param (#25681) 2023-07-03 18:06:57 +02:00
1732 changed files with 40077 additions and 32276 deletions

View file

@ -1,3 +1,6 @@
---
ignore:
- CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications
# devise-two-factor advisory about brute-forcing TOTP
# We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0
- CVE-2024-0227

View file

@ -4,10 +4,6 @@ FROM mcr.microsoft.com/devcontainers/ruby:1-3.2-bullseye
# Install Rails
# RUN gem install rails webdrivers
# Default value to allow debug server to serve content over GitHub Codespace's port forwarding service
# The value is a comma-separated list of allowed domains
ENV RAILS_DEVELOPMENT_HOSTS=".githubpreview.dev,.preview.app.github.dev,.app.github.dev"
ARG NODE_VERSION="16"
RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"

View file

@ -0,0 +1,49 @@
{
"name": "Mastodon on GitHub Codespaces",
"dockerComposeFile": "../docker-compose.yml",
"service": "app",
"workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
"features": {
"ghcr.io/devcontainers/features/sshd:1": {}
},
"runServices": ["app", "db", "redis"],
"forwardPorts": [3000, 4000],
"portsAttributes": {
"3000": {
"label": "web",
"onAutoForward": "notify"
},
"4000": {
"label": "stream",
"onAutoForward": "silent"
}
},
"otherPortsAttributes": {
"onAutoForward": "silent"
},
"remoteEnv": {
"LOCAL_DOMAIN": "${localEnv:CODESPACE_NAME}-3000.app.github.dev",
"LOCAL_HTTPS": "true",
"STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
"DISABLE_FORGERY_REQUEST_PROTECTION": "true",
"ES_ENABLED": "",
"LIBRE_TRANSLATE_ENDPOINT": ""
},
"onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
"postCreateCommand": ".devcontainer/post-create.sh",
"waitFor": "postCreateCommand",
"customizations": {
"vscode": {
"settings": {},
"extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
}
}
}

View file

@ -1,31 +1,39 @@
// For more details, see https://aka.ms/devcontainer.json.
{
"name": "Mastodon",
"name": "Mastodon on local machine",
"dockerComposeFile": "docker-compose.yml",
"service": "app",
"workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
// Features to add to the dev container. More info: https://containers.dev/features.
"features": {
"ghcr.io/devcontainers/features/sshd:1": {}
},
// Use 'forwardPorts' to make a list of ports inside the container available locally.
// This can be used to network with other containers or the host.
"forwardPorts": [3000, 4000],
// Use 'postCreateCommand' to run commands after the container is created.
"portsAttributes": {
"3000": {
"label": "web",
"onAutoForward": "notify",
"requireLocalPort": true
},
"4000": {
"label": "stream",
"onAutoForward": "silent",
"requireLocalPort": true
}
},
"otherPortsAttributes": {
"onAutoForward": "silent"
},
"onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
"postCreateCommand": ".devcontainer/post-create.sh",
"waitFor": "postCreateCommand",
// Configure tool-specific properties.
"customizations": {
// Configure properties specific to VS Code.
"vscode": {
// Set *default* container specific settings.json values on container create.
"settings": {},
// Add the IDs of extensions you want installed when the container is created.
"extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
}
}

View file

@ -25,6 +25,7 @@ services:
command: sleep infinity
ports:
- '127.0.0.1:3000:3000'
- '127.0.0.1:3035:3035'
- '127.0.0.1:4000:4000'
networks:
- external_network

View file

@ -2,3 +2,7 @@ VAGRANT=true
LOCAL_DOMAIN=mastodon.local
BIND=0.0.0.0
DB_HOST=/var/run/postgresql/
ES_ENABLED=true
ES_HOST=localhost
ES_PORT=9200

View file

@ -325,8 +325,8 @@ module.exports = {
extends: [
'eslint:recommended',
'plugin:@typescript-eslint/recommended',
'plugin:@typescript-eslint/recommended-requiring-type-checking',
'plugin:@typescript-eslint/strict-type-checked',
'plugin:@typescript-eslint/stylistic-type-checked',
'plugin:react/recommended',
'plugin:react-hooks/recommended',
'plugin:jsx-a11y/recommended',
@ -338,7 +338,7 @@ module.exports = {
],
parserOptions: {
project: './tsconfig.json',
project: true,
tsconfigRootDir: __dirname,
},
@ -348,6 +348,7 @@ module.exports = {
'@typescript-eslint/consistent-type-definitions': ['warn', 'interface'],
'@typescript-eslint/consistent-type-exports': 'error',
'@typescript-eslint/consistent-type-imports': 'error',
"@typescript-eslint/prefer-nullish-coalescing": ['error', {ignorePrimitives: {boolean: true}}],
'jsdoc/require-jsdoc': 'off',

View file

@ -0,0 +1,29 @@
---
name: Build Image for Deployment
on:
push:
tags:
- '**pvz**'
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
container: ghcr.io/catthehacker/ubuntu:act-22.04
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- name: Login to gitea container registry
uses: docker/login-action@v3
with:
registry: git.wir-sind-auch-menschen.de
username: alice-bot
password: ${{ secrets.GT_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: git.wir-sind-auch-menschen.de/paravielfalt/mastodon:${{ gitea.ref_name }}

3
.github/FUNDING.yml vendored
View file

@ -1,3 +0,0 @@
patreon: mastodon
open_collective: mastodon
custom: https://sponsor.joinmastodon.org

View file

@ -1,56 +0,0 @@
name: Bug Report
description: If something isn't working as expected
labels: [bug]
body:
- type: markdown
attributes:
value: |
Make sure that you are submitting a new bug that was not previously reported or already fixed.
Please use a concise and distinct title for the issue.
- type: textarea
attributes:
label: Steps to reproduce the problem
description: What were you trying to do?
value: |
1.
2.
3.
...
validations:
required: true
- type: input
attributes:
label: Expected behaviour
description: What should have happened?
validations:
required: true
- type: input
attributes:
label: Actual behaviour
description: What happened?
validations:
required: true
- type: textarea
attributes:
label: Detailed description
validations:
required: false
- type: textarea
attributes:
label: Specifications
description: |
What version or commit hash of Mastodon did you find this bug in?
If a front-end issue, what browser and operating systems were you using?
placeholder: |
Mastodon 3.5.3 (or Edge)
Ruby 2.7.6 (or v3.1.2)
Node.js 16.18.0
Google Chrome 106.0.5249.119
Firefox 105.0.3
etc...
validations:
required: true

View file

@ -1,22 +0,0 @@
name: Feature Request
description: I have a suggestion
labels: [suggestion]
body:
- type: markdown
attributes:
value: |
Please use a concise and distinct title for the issue.
Consider: Could it be implemented as a 3rd party app using the REST API instead?
- type: textarea
attributes:
label: Pitch
description: Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before.
validations:
required: true
- type: textarea
attributes:
label: Motivation
description: Why do you think this feature is needed? Who would benefit from it?
validations:
required: true

View file

@ -1,5 +0,0 @@
blank_issues_enabled: false
contact_links:
- name: GitHub Discussions
url: https://github.com/mastodon/mastodon/discussions
about: Please ask and answer questions here.

114
.github/renovate.json5 vendored
View file

@ -1,114 +0,0 @@
{
$schema: 'https://docs.renovatebot.com/renovate-schema.json',
extends: [
'config:base',
':dependencyDashboard',
':labels(dependencies)',
':maintainLockFilesMonthly', // update non-direct dependencies monthly
':prConcurrentLimit10', // only 10 open PRs at the same time
],
stabilityDays: 3, // Wait 3 days after the package has been published before upgrading it
// packageRules order is important, they are applied from top to bottom and are merged,
// so for example grouping rules needs to be at the bottom
packageRules: [
{
// Ignore major version bumps for these node packages
matchManagers: ['npm'],
matchPackageNames: [
'@rails/ujs', // Needs to match the major Rails version
'tesseract.js', // Requires code changes
'react-hotkeys', // Requires code changes
// Requires Webpacker upgrade or replacement
'@types/webpack',
'babel-loader',
'compression-webpack-plugin',
'css-loader',
'imports-loader',
'mini-css-extract-plugin',
'postcss-loader',
'sass-loader',
'terser-webpack-plugin',
'webpack',
'webpack-assets-manifest',
'webpack-bundle-analyzer',
'webpack-dev-server',
'webpack-cli',
// react-router: Requires manual upgrade
'history',
'react-router-dom',
],
matchUpdateTypes: ['major'],
enabled: false,
},
{
// Ignore major version bumps for these Ruby packages
matchManagers: ['bundler'],
matchPackageNames: [
'sprockets', // Requires manual upgrade https://github.com/rails/sprockets/blob/master/UPGRADING.md#guide-to-upgrading-from-sprockets-3x-to-4x
'strong_migrations', // Requires manual upgrade
'sidekiq', // Requires manual upgrade
'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version
'redis', // Requires manual upgrade and sync with Sidekiq version
'fog-openstack', // TODO: was ignored in https://github.com/mastodon/mastodon/pull/13964
// Needs major Rails version bump
'rack',
'rails',
'rails-i18n',
],
matchUpdateTypes: ['major'],
enabled: false,
},
{
// Update Github Actions and Docker images weekly
matchManagers: ['github-actions', 'dockerfile', 'docker-compose'],
extends: ['schedule:weekly'],
},
{
// Ignore major & minor bumps for the ruby image, this needs to be synced with .ruby-version
matchManagers: ['dockerfile'],
matchPackageNames: ['moritzheiber/ruby-jemalloc'],
matchUpdateTypes: ['minor', 'major'],
enabled: false,
},
{
// Ignore major bump for the node image, this needs to be synced with .nvmrc
matchManagers: ['dockerfile'],
matchPackageNames: ['node'],
matchUpdateTypes: ['major'],
enabled: false,
},
{
// Ignore major postgres bumps in the docker-compose file, as those break dev environments
matchManagers: ['docker-compose'],
matchPackageNames: ['postgres'],
matchUpdateTypes: ['major'],
enabled: false,
},
{
// Update devDependencies every week, with one grouped PR
matchDepTypes: 'devDependencies',
matchUpdateTypes: ['patch', 'minor'],
excludePackageNames: [
'typescript', // Typescript has many changes in minor versions, needs to be checked every time
],
groupName: 'devDependencies (non-major)',
extends: ['schedule:weekly'],
},
{
// Update @types/* packages every week, with one grouped PR
matchPackagePrefixes: '@types/',
matchUpdateTypes: ['patch', 'minor'],
groupName: 'DefinitelyTyped types (non-major)',
extends: ['schedule:weekly'],
addLabels: ['typescript'],
},
// Add labels depending on package manager
{ matchManagers: ['npm', 'nvm'], addLabels: ['javascript'] },
{ matchManagers: ['bundler', 'ruby-version'], addLabels: ['ruby'] },
{ matchManagers: ['docker-compose', 'dockerfile'], addLabels: ['docker'] },
{ matchManagers: ['github-actions'], addLabels: ['github_actions'] },
],
}

10
.github/stale.yml vendored
View file

@ -1,10 +0,0 @@
daysUntilStale: 120
daysUntilClose: 7
exemptLabels:
- security
staleLabel: wontfix
markComment: >
This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs. Thank you
for your contributions.
only: pulls

View file

@ -1,21 +0,0 @@
{
"problemMatcher": [
{
"owner": "stylelint",
"pattern": [
{
"regexp": "^([^\\s].*)$",
"file": 1
},
{
"regexp": "^\\s+((\\d+):(\\d+))?\\s+(✖|×)\\s+(.*)\\s{2,}(.*)$",
"line": 2,
"column": 3,
"message": 5,
"code": 6,
"loop": true
}
]
}
]
}

View file

@ -1,77 +0,0 @@
name: Build container image
on:
workflow_dispatch:
push:
branches:
- 'main'
tags:
- '*'
pull_request:
paths:
- .github/workflows/build-image.yml
- Dockerfile
permissions:
contents: read
packages: write
jobs:
build-image:
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
- uses: hadolint/hadolint-action@v3.1.0
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- name: Log in to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
if: github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request'
- name: Log in to the Github Container registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
if: github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request'
- uses: docker/metadata-action@v4
id: meta
with:
images: |
tootsuite/mastodon
ghcr.io/mastodon/mastodon
flavor: |
latest=auto
tags: |
type=edge,branch=main
type=pep440,pattern={{raw}}
type=pep440,pattern=v{{major}}.{{minor}}
type=ref,event=pr
- name: Generate version suffix
id: version_vars
if: github.repository == 'mastodon/mastodon' && github.event_name == 'push' && github.ref_name == 'main'
run: |
echo mastodon_version_suffix=+edge-$(git rev-parse --short HEAD) >> $GITHUB_OUTPUT
- uses: docker/build-push-action@v4
with:
context: .
build-args: MASTODON_VERSION_SUFFIX=${{ steps.version_vars.outputs.mastodon_version_suffix }}
platforms: linux/amd64,linux/arm64
provenance: false
builder: ${{ steps.buildx.outputs.name }}
push: ${{ github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max

View file

@ -1,60 +0,0 @@
name: Build nightly container image
on:
workflow_dispatch:
schedule:
- cron: '0 2 * * *' # run at 2 AM UTC
permissions:
contents: read
packages: write
jobs:
build-nightly-image:
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
- uses: hadolint/hadolint-action@v3.1.0
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- name: Log in to the Github Container registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/metadata-action@v4
id: meta
with:
images: |
ghcr.io/mastodon/mastodon
flavor: |
latest=auto
tags: |
type=raw,value=nightly
type=schedule,pattern=nightly-{{date 'YYYY-MM-DD' tz='Etc/UTC'}}
labels: |
org.opencontainers.image.description=Nightly build image used for testing purposes
- name: Generate version suffix
id: version_vars
run: |
echo mastodon_version_suffix=+nightly-$(date +'%Y%m%d') >> $GITHUB_OUTPUT
- uses: docker/build-push-action@v4
with:
context: .
build-args: MASTODON_VERSION_SUFFIX=${{ steps.version_vars.outputs.mastodon_version_suffix }}
platforms: linux/amd64,linux/arm64
provenance: false
builder: ${{ steps.buildx.outputs.name }}
push: ${{ github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max

View file

@ -1,62 +0,0 @@
name: Check i18n
on:
push:
branches: [main]
pull_request:
branches: [main]
env:
RAILS_ENV: test
permissions:
contents: read
jobs:
check-i18n:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: Check for missing strings in English JSON
run: |
yarn i18n:extract --throws
git diff --exit-code
- name: Check locale file normalization
run: bundle exec i18n-tasks check-normalized
- name: Check for unused strings
run: bundle exec i18n-tasks unused
- name: Check for missing strings in English YML
run: |
bundle exec i18n-tasks add-missing -l en
git diff --exit-code
- name: Check for wrong string interpolations
run: bundle exec i18n-tasks check-consistent-interpolations
- name: Check that all required locale files exist
run: bundle exec rake repo:check_locales_files

View file

@ -1,62 +0,0 @@
name: 'CodeQL'
on:
push:
branches: ['main']
pull_request:
# The branches below must be a subset of the branches above
branches: ['main']
schedule:
- cron: '22 6 * * 1'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: ['javascript', 'ruby']
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
# Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: '/language:${{matrix.language}}'

View file

@ -1,17 +0,0 @@
{
"problemMatcher": [
{
"owner": "haml-lint",
"severity": "warning",
"pattern": [
{
"regexp": "^(.*):(\\d+)\\s\\[W]\\s(.*):\\s(.*)$",
"file": 1,
"line": 2,
"code": 3,
"message": 4
}
]
}
]
}

View file

@ -1,52 +0,0 @@
name: CSS Linting
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '.prettier*'
- 'stylelint.config.js'
- '**/*.css'
- '**/*.scss'
- '.github/workflows/lint-css.yml'
- '.github/stylelint-matcher.json'
pull_request:
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '.prettier*'
- 'stylelint.config.js'
- '**/*.css'
- '**/*.scss'
- '.github/workflows/lint-css.yml'
- '.github/stylelint-matcher.json'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- uses: xt0rted/stylelint-problem-matcher@v1
- run: echo "::add-matcher::.github/stylelint-matcher.json"
- name: Stylelint
run: yarn lint:sass

View file

@ -1,47 +0,0 @@
name: Haml Linting
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- '.github/workflows/haml-lint-problem-matcher.json'
- '.github/workflows/lint-haml.yml'
- '.haml-lint*.yml'
- '.rubocop*.yml'
- '.ruby-version'
- '**/*.haml'
- 'Gemfile*'
pull_request:
paths:
- '.github/workflows/haml-lint-problem-matcher.json'
- '.github/workflows/lint-haml.yml'
- '.haml-lint*.yml'
- '.rubocop*.yml'
- '.ruby-version'
- '**/*.haml'
- 'Gemfile*'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Install native Ruby dependencies
run: |
sudo apt-get update
sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Run haml-lint
run: |
echo "::add-matcher::.github/workflows/haml-lint-problem-matcher.json"
bundle exec haml-lint

View file

@ -1,55 +0,0 @@
name: JavaScript Linting
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- 'package.json'
- 'yarn.lock'
- 'tsconfig.json'
- '.nvmrc'
- '.prettier*'
- '.eslint*'
- '**/*.js'
- '**/*.jsx'
- '**/*.ts'
- '**/*.tsx'
- '.github/workflows/lint-js.yml'
pull_request:
paths:
- 'package.json'
- 'yarn.lock'
- 'tsconfig.json'
- '.nvmrc'
- '.prettier*'
- '.eslint*'
- '**/*.js'
- '**/*.jsx'
- '**/*.ts'
- '**/*.tsx'
- '.github/workflows/lint-js.yml'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: ESLint
run: yarn lint:js --max-warnings 0
- name: Typecheck
run: yarn typecheck

View file

@ -1,44 +0,0 @@
name: JSON Linting
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '.prettier*'
- '**/*.json'
- '.github/workflows/lint-json.yml'
- '!app/javascript/mastodon/locales/*.json'
pull_request:
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '.prettier*'
- '**/*.json'
- '.github/workflows/lint-json.yml'
- '!app/javascript/mastodon/locales/*.json'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: Prettier
run: yarn lint:json

View file

@ -1,44 +0,0 @@
name: Markdown Linting
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- '.github/workflows/lint-md.yml'
- '.nvmrc'
- '.prettier*'
- '**/*.md'
- '!AUTHORS.md'
- 'package.json'
- 'yarn.lock'
pull_request:
paths:
- '.github/workflows/lint-md.yml'
- '.nvmrc'
- '.prettier*'
- '**/*.md'
- '!AUTHORS.md'
- 'package.json'
- 'yarn.lock'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: Prettier
run: yarn lint:md

View file

@ -1,50 +0,0 @@
name: Ruby Linting
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- 'Gemfile*'
- '.rubocop*.yml'
- '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb'
- '**/*.rake'
- '.github/workflows/lint-ruby.yml'
pull_request:
paths:
- 'Gemfile*'
- '.rubocop*.yml'
- '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb'
- '**/*.rake'
- '.github/workflows/lint-ruby.yml'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Install native Ruby dependencies
run: sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Set-up RuboCop Problem Matcher
uses: r7kamura/rubocop-problem-matchers-action@v1
- name: Run rubocop
run: bundle exec rubocop
- name: Run bundler-audit
run: bundle exec bundler-audit

View file

@ -1,46 +0,0 @@
name: YML Linting
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '.prettier*'
- '**/*.yaml'
- '**/*.yml'
- '.github/workflows/lint-yml.yml'
- '!config/locales/*.yml'
pull_request:
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '.prettier*'
- '**/*.yaml'
- '**/*.yml'
- '.github/workflows/lint-yml.yml'
- '!config/locales/*.yml'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: Prettier
run: yarn lint:yml

View file

@ -1,36 +0,0 @@
name: PR Needs Rebase
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
- 'l10n_main'
pull_request_target:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
- 'l10n_main'
types: [synchronize]
permissions:
pull-requests: write
jobs:
label-rebase-needed:
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- name: Check for merge conflicts
uses: eps1lon/actions-label-merge-conflict@releases/2.x
with:
dirtyLabel: 'rebase needed :construction:'
repoToken: '${{ secrets.GITHUB_TOKEN }}'
commentOnClean: This pull request has resolved merge conflicts and is ready for review.
commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
retryMax: 10
continueOnMissingPermissions: false

View file

@ -1,48 +0,0 @@
name: JavaScript Testing
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '**/*.js'
- '**/*.jsx'
- '**/*.ts'
- '**/*.tsx'
- '**/*.snap'
- '.github/workflows/test-js.yml'
pull_request:
paths:
- 'package.json'
- 'yarn.lock'
- '.nvmrc'
- '**/*.js'
- '**/*.jsx'
- '**/*.ts'
- '**/*.tsx'
- '**/*.snap'
- '.github/workflows/test-js.yml'
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install all yarn packages
run: yarn --frozen-lockfile
- name: Jest testing
run: yarn jest --reporters github-actions summary

View file

@ -1,111 +0,0 @@
name: Test one step migrations
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
pull_request:
jobs:
pre_job:
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@v5
with:
paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-one-step.yml", "lib/tasks/tests.rake"]'
test:
runs-on: ubuntu-latest
needs: pre_job
if: needs.pre_job.outputs.should_skip != 'true'
strategy:
fail-fast: false
matrix:
postgres:
- 14-alpine
- 15-alpine
services:
postgres:
image: postgres:${{ matrix.postgres}}
env:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
redis:
image: redis:7-alpine
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
env:
CONTINUOUS_INTEGRATION: true
DB_HOST: localhost
DB_USER: postgres
DB_PASS: postgres
DISABLE_SIMPLECOV: true
RAILS_ENV: test
BUNDLE_CLEAN: true
BUNDLE_FROZEN: true
BUNDLE_WITHOUT: 'development production'
BUNDLE_JOBS: 3
BUNDLE_RETRY: 3
steps:
- uses: actions/checkout@v3
- name: Install native Ruby dependencies
run: |
sudo apt-get update
sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up bundler cache
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Create database
run: './bin/rails db:create'
- name: Run migrations up to v2.0.0
run: './bin/rails db:migrate VERSION=20171010025614'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2'
- name: Run migrations up to v2.4.0
run: './bin/rails db:migrate VERSION=20180514140000'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4'
- name: Run migrations up to v2.4.3
run: './bin/rails db:migrate VERSION=20180707154237'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4_3'
- name: Run all remaining migrations
run: './bin/rails db:migrate'
- name: Check migration result
run: './bin/rails tests:migrations:check_database'

View file

@ -1,119 +0,0 @@
name: Test two step migrations
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
pull_request:
jobs:
pre_job:
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@v5
with:
paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-two-step.yml", "lib/tasks/tests.rake"]'
test:
runs-on: ubuntu-latest
needs: pre_job
if: needs.pre_job.outputs.should_skip != 'true'
strategy:
fail-fast: false
matrix:
postgres:
- 14-alpine
- 15-alpine
services:
postgres:
image: postgres:${{ matrix.postgres}}
env:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
redis:
image: redis:7-alpine
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
env:
CONTINUOUS_INTEGRATION: true
DB_HOST: localhost
DB_USER: postgres
DB_PASS: postgres
DISABLE_SIMPLECOV: true
RAILS_ENV: test
BUNDLE_CLEAN: true
BUNDLE_FROZEN: true
BUNDLE_WITHOUT: 'development production'
BUNDLE_JOBS: 3
BUNDLE_RETRY: 3
steps:
- uses: actions/checkout@v3
- name: Install native Ruby dependencies
run: |
sudo apt-get update
sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up bundler cache
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- name: Create database
run: './bin/rails db:create'
- name: Run migrations up to v2.0.0
run: './bin/rails db:migrate VERSION=20171010025614'
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2'
- name: Run pre-deployment migrations up to v2.4.0
run: './bin/rails db:migrate VERSION=20180514140000'
env:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4'
- name: Run migrations up to v2.4.3
run: './bin/rails db:migrate VERSION=20180707154237'
env:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- name: Populate database with test data
run: './bin/rails tests:migrations:populate_v2_4_3'
- name: Run all remaining pre-deployment migrations
run: './bin/rails db:migrate'
env:
SKIP_POST_DEPLOYMENT_MIGRATIONS: true
- name: Run all post-deployment migrations
run: './bin/rails db:migrate'
- name: Check migration result
run: './bin/rails tests:migrations:check_database'

View file

@ -1,151 +0,0 @@
name: Ruby Testing
on:
push:
branches-ignore:
- 'dependabot/**'
- 'renovate/**'
pull_request:
env:
BUNDLE_CLEAN: true
BUNDLE_FROZEN: true
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
mode:
- production
- test
env:
RAILS_ENV: ${{ matrix.mode }}
BUNDLE_WITH: ${{ matrix.mode }}
OTP_SECRET: precompile_placeholder
SECRET_KEY_BASE: precompile_placeholder
steps:
- uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
cache: yarn
node-version-file: '.nvmrc'
- name: Install native Ruby dependencies
run: |
sudo apt-get update
sudo apt-get install -y libicu-dev libidn11-dev
- name: Set up bundler cache
uses: ruby/setup-ruby@v1
with:
ruby-version: .ruby-version
bundler-cache: true
- run: yarn --frozen-lockfile --production
- name: Precompile assets
# Previously had set this, but it's not supported
# export NODE_OPTIONS=--openssl-legacy-provider
run: |-
./bin/rails assets:precompile
- uses: actions/upload-artifact@v3
if: matrix.mode == 'test'
with:
path: |-
./public/assets
./public/packs-test
name: ${{ github.sha }}
retention-days: 0
test:
runs-on: ubuntu-latest
needs:
- build
services:
postgres:
image: postgres:14-alpine
env:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
redis:
image: redis:7-alpine
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 6379:6379
env:
DB_HOST: localhost
DB_USER: postgres
DB_PASS: postgres
DISABLE_SIMPLECOV: true
RAILS_ENV: test
ALLOW_NOPAM: true
PAM_ENABLED: true
PAM_DEFAULT_SERVICE: pam_test
PAM_CONTROLLED_SERVICE: pam_test_controlled
BUNDLE_WITH: 'pam_authentication test'
CI_JOBS: ${{ matrix.ci_job }}/4
strategy:
fail-fast: false
matrix:
ruby-version:
- '3.0'
- '3.1'
- '.ruby-version'
ci_job:
- 1
- 2
- 3
- 4
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
path: './public'
name: ${{ github.sha }}
- name: Update package index
run: sudo apt-get update
- name: Install native Ruby dependencies
run: sudo apt-get install -y libicu-dev libidn11-dev
- name: Install additional system dependencies
run: sudo apt-get install -y ffmpeg imagemagick libpam-dev
- name: Set up bundler cache
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby-version}}
bundler-cache: true
- name: Load database schema
run: './bin/rails db:create db:schema:load db:seed'
- run: bundle exec rake rspec_chunked

View file

@ -1,73 +1,23 @@
# This configuration was generated by
# `haml-lint --auto-gen-config`
# on 2023-03-15 00:55:01 -0400 using Haml-Lint version 0.45.0.
# on 2023-07-20 09:47:50 -0400 using Haml-Lint version 0.48.0.
# The point is for the user to remove these configuration records
# one by one as the lints are removed from the code base.
# Note that changes in the inspected code, or installation of new
# versions of Haml-Lint, may require this file to be generated again.
linters:
# Offense count: 63
RuboCop:
exclude:
- 'app/views/accounts/_og.html.haml'
- 'app/views/admin/account_warnings/_account_warning.html.haml'
- 'app/views/admin/accounts/index.html.haml'
- 'app/views/admin/accounts/show.html.haml'
- 'app/views/admin/announcements/edit.html.haml'
- 'app/views/admin/announcements/new.html.haml'
- 'app/views/admin/disputes/appeals/_appeal.html.haml'
- 'app/views/admin/domain_blocks/edit.html.haml'
- 'app/views/admin/domain_blocks/new.html.haml'
- 'app/views/admin/ip_blocks/new.html.haml'
- 'app/views/admin/reports/actions/preview.html.haml'
- 'app/views/admin/reports/index.html.haml'
- 'app/views/admin/reports/show.html.haml'
- 'app/views/admin/roles/_form.html.haml'
- 'app/views/admin/settings/about/show.html.haml'
- 'app/views/admin/settings/appearance/show.html.haml'
- 'app/views/admin/settings/registrations/show.html.haml'
- 'app/views/admin/statuses/show.html.haml'
- 'app/views/auth/registrations/new.html.haml'
- 'app/views/disputes/strikes/show.html.haml'
- 'app/views/filters/_filter_fields.html.haml'
- 'app/views/invites/_form.html.haml'
- 'app/views/layouts/application.html.haml'
- 'app/views/layouts/error.html.haml'
- 'app/views/notification_mailer/_status.html.haml'
- 'app/views/settings/applications/_fields.html.haml'
- 'app/views/settings/imports/show.html.haml'
- 'app/views/settings/preferences/appearance/show.html.haml'
- 'app/views/settings/preferences/other/show.html.haml'
- 'app/views/statuses/_detailed_status.html.haml'
- 'app/views/statuses/_poll.html.haml'
- 'app/views/statuses/show.html.haml'
- 'app/views/statuses_cleanup/show.html.haml'
- 'app/views/user_mailer/warning.html.haml'
# Offense count: 913
# Offense count: 951
LineLength:
enabled: false
# Offense count: 22
UnnecessaryStringOutput:
exclude:
- 'app/views/accounts/show.html.haml'
- 'app/views/admin/custom_emojis/_custom_emoji.html.haml'
- 'app/views/admin/relays/_relay.html.haml'
- 'app/views/admin/rules/_rule.html.haml'
- 'app/views/admin/statuses/index.html.haml'
- 'app/views/auth/registrations/_sessions.html.haml'
- 'app/views/disputes/strikes/show.html.haml'
- 'app/views/notification_mailer/_status.html.haml'
- 'app/views/settings/two_factor_authentication_methods/index.html.haml'
- 'app/views/statuses/_detailed_status.html.haml'
- 'app/views/statuses/_poll.html.haml'
- 'app/views/statuses/_simple_status.html.haml'
- 'app/views/user_mailer/suspicious_sign_in.html.haml'
- 'app/views/user_mailer/webauthn_credential_added.html.haml'
- 'app/views/user_mailer/webauthn_credential_deleted.html.haml'
- 'app/views/user_mailer/welcome.html.haml'
enabled: false
# Offense count: 57
RuboCop:
enabled: false
# Offense count: 3
ViewLength:
@ -76,27 +26,18 @@ linters:
- 'app/views/admin/reports/show.html.haml'
- 'app/views/disputes/strikes/show.html.haml'
# Offense count: 41
# Offense count: 32
InstanceVariables:
exclude:
- 'app/views/admin/reports/_actions.html.haml'
- 'app/views/admin/roles/_form.html.haml'
- 'app/views/admin/webhooks/_form.html.haml'
- 'app/views/auth/registrations/_sessions.html.haml'
- 'app/views/auth/registrations/_status.html.haml'
- 'app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml'
- 'app/views/authorize_interactions/_post_follow_actions.html.haml'
- 'app/views/invites/_form.html.haml'
- 'app/views/relationships/_account.html.haml'
- 'app/views/shared/_og.html.haml'
- 'app/views/statuses/_status.html.haml'
# Offense count: 6
ConsecutiveSilentScripts:
exclude:
- 'app/views/admin/settings/shared/_links.html.haml'
- 'app/views/settings/login_activities/_login_activity.html.haml'
- 'app/views/statuses/_poll.html.haml'
# Offense count: 3
IdNames:

2
.nvmrc
View file

@ -1 +1 @@
16.20
20.7

View file

@ -24,7 +24,6 @@ AllCops:
Exclude:
- db/schema.rb
- 'bin/*'
- 'Rakefile'
- 'node_modules/**/*'
- 'Vagrantfile'
- 'vendor/**/*'
@ -39,14 +38,7 @@ Layout/FirstHashElementIndentation:
# Reason: Currently disabled in .rubocop_todo.yml
# https://docs.rubocop.org/rubocop/cops_layout.html#layoutlinelength
Layout/LineLength:
AllowedPatterns:
# Allow comments to be long lines
- !ruby/regexp / \# .*$/
- !ruby/regexp /^\# .*$/
Exclude:
- 'lib/mastodon/cli/*.rb'
- db/*migrate/**/*
- db/seeds/**/*
Max: 320 # Default of 120 causes a duplicate entry in generated todo file
# Reason:
# https://docs.rubocop.org/rubocop/cops_lint.html#lintuselessaccessmodifier
@ -132,12 +124,6 @@ RSpec/FilePath:
Exclude:
- 'spec/config/initializers/rack_attack_spec.rb' # namespaces usually have separate folder
- 'spec/lib/sanitize_config_spec.rb' # namespaces usually have separate folder
- 'spec/controllers/concerns/account_controller_concern_spec.rb' # Concerns describe ApplicationController and don't fit naming
- 'spec/controllers/concerns/export_controller_concern_spec.rb'
- 'spec/controllers/concerns/localized_spec.rb'
- 'spec/controllers/concerns/rate_limit_headers_spec.rb'
- 'spec/controllers/concerns/signature_verification_spec.rb'
- 'spec/controllers/concerns/user_tracking_concern_spec.rb'
# Reason:
# https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecnamedsubject
@ -192,6 +178,11 @@ Style/RedundantBegin:
Style/RescueStandardError:
EnforcedStyle: implicit
# Reason: Simplify some spec layouts
# https://docs.rubocop.org/rubocop/cops_style.html#stylesemicolon
Style/Semicolon:
AllowAsExpressionSeparator: true
# Reason: Originally disabled for CodeClimate, and no config consensus has been found
# https://docs.rubocop.org/rubocop/cops_style.html#stylesymbolarray
Style/SymbolArray:

View file

@ -1,6 +1,6 @@
# This configuration was generated by
# `rubocop --auto-gen-config --auto-gen-only-exclude --no-exclude-limit --no-offense-counts --no-auto-gen-timestamp`
# using RuboCop version 1.52.1.
# using RuboCop version 1.56.1.
# The point is for the user to remove these configuration records
# one by one as the offenses are removed from the code base.
# Note that changes in the inspected code, or installation of new
@ -28,7 +28,6 @@ Layout/ArgumentAlignment:
# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
Layout/HashAlignment:
Exclude:
- 'config/boot.rb'
- 'config/environments/production.rb'
- 'config/initializers/rack_attack.rb'
- 'config/routes.rb'
@ -38,7 +37,14 @@ Layout/HashAlignment:
Layout/LeadingCommentSpace:
Exclude:
- 'config/application.rb'
- 'config/initializers/omniauth.rb'
- 'config/initializers/3_omniauth.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
# URISchemes: http, https
Layout/LineLength:
Exclude:
- 'app/models/account.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: EnforcedStyle.
@ -48,15 +54,6 @@ Layout/SpaceInLambdaLiteral:
- 'config/environments/production.rb'
- 'config/initializers/content_security_policy.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: AllowedMethods, AllowedPatterns.
Lint/AmbiguousBlockAssociation:
Exclude:
- 'spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb'
- 'spec/controllers/settings/two_factor_authentication/otp_authentication_controller_spec.rb'
- 'spec/services/activitypub/process_status_update_service_spec.rb'
- 'spec/services/post_status_service_spec.rb'
# Configuration parameters: AllowComments, AllowEmptyLambdas.
Lint/EmptyBlock:
Exclude:
@ -64,38 +61,8 @@ Lint/EmptyBlock:
- 'spec/fabricators/access_token_fabricator.rb'
- 'spec/fabricators/conversation_fabricator.rb'
- 'spec/fabricators/system_key_fabricator.rb'
- 'spec/helpers/admin/action_logs_helper_spec.rb'
- 'spec/lib/activitypub/adapter_spec.rb'
- 'spec/models/account_alias_spec.rb'
- 'spec/models/account_deletion_request_spec.rb'
- 'spec/models/account_moderation_note_spec.rb'
- 'spec/models/announcement_mute_spec.rb'
- 'spec/models/announcement_reaction_spec.rb'
- 'spec/models/announcement_spec.rb'
- 'spec/models/backup_spec.rb'
- 'spec/models/conversation_mute_spec.rb'
- 'spec/models/custom_filter_keyword_spec.rb'
- 'spec/models/custom_filter_spec.rb'
- 'spec/models/device_spec.rb'
- 'spec/models/encrypted_message_spec.rb'
- 'spec/models/featured_tag_spec.rb'
- 'spec/models/follow_recommendation_suppression_spec.rb'
- 'spec/models/list_account_spec.rb'
- 'spec/models/list_spec.rb'
- 'spec/models/login_activity_spec.rb'
- 'spec/models/mute_spec.rb'
- 'spec/models/preview_card_spec.rb'
- 'spec/models/preview_card_trend_spec.rb'
- 'spec/models/relay_spec.rb'
- 'spec/models/scheduled_status_spec.rb'
- 'spec/models/status_stat_spec.rb'
- 'spec/models/status_trend_spec.rb'
- 'spec/models/system_key_spec.rb'
- 'spec/models/tag_follow_spec.rb'
- 'spec/models/unavailable_domain_spec.rb'
- 'spec/models/user_invite_request_spec.rb'
- 'spec/models/user_role_spec.rb'
- 'spec/models/web/setting_spec.rb'
Lint/NonLocalExitFromIterator:
Exclude:
@ -106,11 +73,6 @@ Lint/OrAssignmentToConstant:
Exclude:
- 'lib/sanitize_ext/sanitize_config.rb'
# This cop supports safe autocorrection (--autocorrect).
Lint/SendWithMixinArgument:
Exclude:
- 'config/application.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
Lint/UnusedBlockArgument:
@ -124,10 +86,9 @@ Lint/UnusedBlockArgument:
Lint/UselessAssignment:
Exclude:
- 'app/services/activitypub/process_status_update_service.rb'
- 'config/initializers/omniauth.rb'
- 'config/initializers/3_omniauth.rb'
- 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
- 'db/post_migrate/20190511152737_remove_suspended_silenced_account_fields.rb'
- 'spec/controllers/api/v1/bookmarks_controller_spec.rb'
- 'spec/controllers/api/v1/favourites_controller_spec.rb'
- 'spec/controllers/concerns/account_controller_concern_spec.rb'
- 'spec/helpers/jsonld_helper_spec.rb'
@ -142,15 +103,9 @@ Lint/UselessAssignment:
- 'spec/services/resolve_url_service_spec.rb'
- 'spec/views/statuses/show.html.haml_spec.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: CheckForMethodsWithNoSideEffects.
Lint/Void:
Exclude:
- 'spec/services/resolve_account_service_spec.rb'
# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
Metrics/AbcSize:
Max: 150
Max: 144
# Configuration parameters: CountBlocks, Max.
Metrics/BlockNesting:
@ -165,30 +120,6 @@ Metrics/CyclomaticComplexity:
Metrics/PerceivedComplexity:
Max: 27
Naming/AccessorMethodName:
Exclude:
- 'app/controllers/auth/sessions_controller.rb'
# Configuration parameters: ExpectMatchingDefinition, CheckDefinitionPathHierarchy, CheckDefinitionPathHierarchyRoots, Regex, IgnoreExecutableScripts, AllowedAcronyms.
# CheckDefinitionPathHierarchyRoots: lib, spec, test, src
# AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS
Naming/FileName:
Exclude:
- 'config/locales/sr-Latn.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
# Configuration parameters: EnforcedStyleForLeadingUnderscores.
# SupportedStylesForLeadingUnderscores: disallowed, required, optional
Naming/MemoizedInstanceVariableName:
Exclude:
- 'app/controllers/api/v1/bookmarks_controller.rb'
- 'app/controllers/api/v1/favourites_controller.rb'
- 'app/controllers/concerns/rate_limit_headers.rb'
- 'app/lib/activitypub/activity.rb'
- 'app/services/resolve_url_service.rb'
- 'app/services/search_service.rb'
- 'config/initializers/rack_attack.rb'
# Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
# SupportedStyles: snake_case, normalcase, non_integer
# AllowedIdentifiers: capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
@ -204,12 +135,17 @@ Naming/VariableNumber:
- 'spec/models/user_spec.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
Performance/UnfreezeString:
# Configuration parameters: SafeMultiline.
Performance/DeletePrefix:
Exclude:
- 'app/lib/rss/builder.rb'
- 'app/lib/text_formatter.rb'
- 'app/validators/status_length_validator.rb'
- 'lib/tasks/mastodon.rake'
- 'app/models/featured_tag.rb'
Performance/MapMethodChain:
Exclude:
- 'app/models/feed.rb'
- 'lib/mastodon/cli/maintenance.rb'
- 'spec/services/bulk_import_service_spec.rb'
- 'spec/services/import_service_spec.rb'
RSpec/AnyInstance:
Exclude:
@ -226,46 +162,10 @@ RSpec/AnyInstance:
- 'spec/models/account_spec.rb'
- 'spec/models/setting_spec.rb'
- 'spec/services/activitypub/process_collection_service_spec.rb'
- 'spec/validators/blacklisted_email_validator_spec.rb'
- 'spec/validators/follow_limit_validator_spec.rb'
- 'spec/workers/activitypub/delivery_worker_spec.rb'
- 'spec/workers/web/push_notification_worker_spec.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
RSpec/EmptyExampleGroup:
Exclude:
- 'spec/helpers/admin/action_logs_helper_spec.rb'
- 'spec/models/account_alias_spec.rb'
- 'spec/models/account_deletion_request_spec.rb'
- 'spec/models/account_moderation_note_spec.rb'
- 'spec/models/announcement_mute_spec.rb'
- 'spec/models/announcement_reaction_spec.rb'
- 'spec/models/announcement_spec.rb'
- 'spec/models/backup_spec.rb'
- 'spec/models/conversation_mute_spec.rb'
- 'spec/models/custom_filter_keyword_spec.rb'
- 'spec/models/custom_filter_spec.rb'
- 'spec/models/device_spec.rb'
- 'spec/models/encrypted_message_spec.rb'
- 'spec/models/featured_tag_spec.rb'
- 'spec/models/follow_recommendation_suppression_spec.rb'
- 'spec/models/list_account_spec.rb'
- 'spec/models/list_spec.rb'
- 'spec/models/login_activity_spec.rb'
- 'spec/models/mute_spec.rb'
- 'spec/models/preview_card_spec.rb'
- 'spec/models/preview_card_trend_spec.rb'
- 'spec/models/relay_spec.rb'
- 'spec/models/scheduled_status_spec.rb'
- 'spec/models/status_stat_spec.rb'
- 'spec/models/status_trend_spec.rb'
- 'spec/models/system_key_spec.rb'
- 'spec/models/tag_follow_spec.rb'
- 'spec/models/unavailable_domain_spec.rb'
- 'spec/models/user_invite_request_spec.rb'
- 'spec/models/web/setting_spec.rb'
- 'spec/services/unmute_service_spec.rb'
# Configuration parameters: CountAsOne.
RSpec/ExampleLength:
Max: 22
@ -283,7 +183,6 @@ RSpec/HookArgument:
- 'spec/serializers/activitypub/note_serializer_spec.rb'
- 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
- 'spec/services/import_service_spec.rb'
- 'spec/spec_helper.rb'
# Configuration parameters: AssignmentOnly.
RSpec/InstanceVariable:
@ -319,7 +218,6 @@ RSpec/LetSetup:
- 'spec/controllers/api/v2/admin/accounts_controller_spec.rb'
- 'spec/controllers/api/v2/filters/keywords_controller_spec.rb'
- 'spec/controllers/api/v2/filters/statuses_controller_spec.rb'
- 'spec/controllers/api/v2/filters_controller_spec.rb'
- 'spec/controllers/auth/confirmations_controller_spec.rb'
- 'spec/controllers/auth/passwords_controller_spec.rb'
- 'spec/controllers/auth/sessions_controller_spec.rb'
@ -329,6 +227,7 @@ RSpec/LetSetup:
- 'spec/controllers/oauth/tokens_controller_spec.rb'
- 'spec/controllers/settings/imports_controller_spec.rb'
- 'spec/lib/activitypub/activity/delete_spec.rb'
- 'spec/lib/vacuum/applications_vacuum_spec.rb'
- 'spec/lib/vacuum/preview_cards_vacuum_spec.rb'
- 'spec/models/account_spec.rb'
- 'spec/models/account_statuses_cleanup_policy_spec.rb'
@ -366,11 +265,7 @@ RSpec/MessageChain:
RSpec/MessageSpies:
Exclude:
- 'spec/controllers/admin/accounts_controller_spec.rb'
- 'spec/controllers/api/base_controller_spec.rb'
- 'spec/controllers/auth/registrations_controller_spec.rb'
- 'spec/helpers/admin/account_moderation_notes_helper_spec.rb'
- 'spec/helpers/application_helper_spec.rb'
- 'spec/lib/status_finder_spec.rb'
- 'spec/lib/webfinger_resource_spec.rb'
- 'spec/models/admin/account_action_spec.rb'
- 'spec/models/concerns/remotable_spec.rb'
@ -394,93 +289,13 @@ RSpec/MultipleMemoizedHelpers:
RSpec/NestedGroups:
Max: 6
RSpec/PendingWithoutReason:
Exclude:
- 'spec/models/account_spec.rb'
RSpec/StubbedMock:
Exclude:
- 'spec/controllers/api/base_controller_spec.rb'
- 'spec/controllers/api/v1/media_controller_spec.rb'
- 'spec/controllers/auth/registrations_controller_spec.rb'
- 'spec/helpers/application_helper_spec.rb'
- 'spec/lib/status_filter_spec.rb'
- 'spec/lib/status_finder_spec.rb'
- 'spec/lib/webfinger_resource_spec.rb'
- 'spec/services/activitypub/process_collection_service_spec.rb'
RSpec/SubjectDeclaration:
Exclude:
- 'spec/controllers/admin/domain_blocks_controller_spec.rb'
- 'spec/models/account_migration_spec.rb'
- 'spec/models/account_spec.rb'
- 'spec/models/relationship_filter_spec.rb'
- 'spec/models/user_role_spec.rb'
- 'spec/policies/account_moderation_note_policy_spec.rb'
- 'spec/policies/account_policy_spec.rb'
- 'spec/policies/backup_policy_spec.rb'
- 'spec/policies/custom_emoji_policy_spec.rb'
- 'spec/policies/domain_block_policy_spec.rb'
- 'spec/policies/email_domain_block_policy_spec.rb'
- 'spec/policies/instance_policy_spec.rb'
- 'spec/policies/invite_policy_spec.rb'
- 'spec/policies/relay_policy_spec.rb'
- 'spec/policies/report_note_policy_spec.rb'
- 'spec/policies/report_policy_spec.rb'
- 'spec/policies/settings_policy_spec.rb'
- 'spec/policies/tag_policy_spec.rb'
- 'spec/policies/user_policy_spec.rb'
- 'spec/services/activitypub/process_account_service_spec.rb'
RSpec/SubjectStub:
Exclude:
- 'spec/services/unallow_domain_service_spec.rb'
- 'spec/validators/blacklisted_email_validator_spec.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
Rails/ApplicationController:
Exclude:
- 'app/controllers/health_controller.rb'
# Configuration parameters: Database, Include.
# SupportedDatabases: mysql, postgresql
# Include: db/migrate/*.rb
Rails/BulkChangeTable:
Exclude:
- 'db/migrate/20160222143943_add_profile_fields_to_accounts.rb'
- 'db/migrate/20160223162837_add_metadata_to_statuses.rb'
- 'db/migrate/20160305115639_add_devise_to_users.rb'
- 'db/migrate/20160314164231_add_owner_to_application.rb'
- 'db/migrate/20160926213048_remove_owner_from_application.rb'
- 'db/migrate/20161003142332_add_confirmable_to_users.rb'
- 'db/migrate/20170112154826_migrate_settings.rb'
- 'db/migrate/20170127165745_add_devise_two_factor_to_users.rb'
- 'db/migrate/20170322143850_change_primary_key_to_bigint_on_statuses.rb'
- 'db/migrate/20170330021336_add_counter_caches.rb'
- 'db/migrate/20170425202925_add_oembed_to_preview_cards.rb'
- 'db/migrate/20170427011934_re_add_owner_to_application.rb'
- 'db/migrate/20170520145338_change_language_filter_to_opt_out.rb'
- 'db/migrate/20170624134742_add_description_to_session_activations.rb'
- 'db/migrate/20170718211102_add_activitypub_to_accounts.rb'
- 'db/migrate/20171006142024_add_uri_to_custom_emojis.rb'
- 'db/migrate/20180812123222_change_relays_enabled.rb'
- 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
- 'db/migrate/20190805123746_add_capabilities_to_tags.rb'
- 'db/migrate/20190807135426_add_comments_to_domain_blocks.rb'
- 'db/migrate/20190815225426_add_last_status_at_to_tags.rb'
- 'db/migrate/20190901035623_add_max_score_to_tags.rb'
- 'db/migrate/20200417125749_add_storage_schema_version.rb'
- 'db/migrate/20200608113046_add_sign_in_token_to_users.rb'
- 'db/migrate/20211112011713_add_language_to_preview_cards.rb'
- 'db/migrate/20211231080958_add_category_to_reports.rb'
- 'db/migrate/20220202200743_add_trendable_to_accounts.rb'
- 'db/migrate/20220224010024_add_ips_to_email_domain_blocks.rb'
- 'db/migrate/20220227041951_add_last_used_at_to_oauth_access_tokens.rb'
- 'db/migrate/20220303000827_add_ordered_media_attachment_ids_to_status_edits.rb'
- 'db/migrate/20220824164433_add_human_identifier_to_admin_action_logs.rb'
# Configuration parameters: Include.
# Include: db/migrate/*.rb
# Include: db/**/*.rb
Rails/CreateTableWithTimestamps:
Exclude:
- 'db/migrate/20170508230434_create_conversation_mutes.rb'
@ -753,12 +568,12 @@ Style/FetchEnvVar:
- 'app/lib/translation_service.rb'
- 'config/environments/development.rb'
- 'config/environments/production.rb'
- 'config/initializers/2_whitelist_mode.rb'
- 'config/initializers/2_limited_federation_mode.rb'
- 'config/initializers/3_omniauth.rb'
- 'config/initializers/blacklists.rb'
- 'config/initializers/cache_buster.rb'
- 'config/initializers/content_security_policy.rb'
- 'config/initializers/devise.rb'
- 'config/initializers/omniauth.rb'
- 'config/initializers/paperclip.rb'
- 'config/initializers/vapid.rb'
- 'lib/mastodon/premailer_webpack_strategy.rb'
@ -776,406 +591,6 @@ Style/FormatStringToken:
- 'config/initializers/devise.rb'
- 'lib/paperclip/color_extractor.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
# Configuration parameters: EnforcedStyle.
# SupportedStyles: always, always_true, never
Style/FrozenStringLiteralComment:
Exclude:
- 'app/views/accounts/show.rss.ruby'
- 'app/views/tags/show.rss.ruby'
- 'app/views/well_known/host_meta/show.xml.ruby'
- 'config/application.rb'
- 'config/boot.rb'
- 'config/environment.rb'
- 'config/environments/development.rb'
- 'config/environments/production.rb'
- 'config/environments/test.rb'
- 'config/initializers/0_post_deployment_migrations.rb'
- 'config/initializers/active_model_serializers.rb'
- 'config/initializers/application_controller_renderer.rb'
- 'config/initializers/assets.rb'
- 'config/initializers/backtrace_silencers.rb'
- 'config/initializers/cache_logging.rb'
- 'config/initializers/chewy.rb'
- 'config/initializers/content_security_policy.rb'
- 'config/initializers/cookies_serializer.rb'
- 'config/initializers/cors.rb'
- 'config/initializers/devise.rb'
- 'config/initializers/doorkeeper.rb'
- 'config/initializers/fast_blank.rb'
- 'config/initializers/ffmpeg.rb'
- 'config/initializers/filter_parameter_logging.rb'
- 'config/initializers/http_client_proxy.rb'
- 'config/initializers/httplog.rb'
- 'config/initializers/inflections.rb'
- 'config/initializers/mail_delivery_job.rb'
- 'config/initializers/makara.rb'
- 'config/initializers/mime_types.rb'
- 'config/initializers/oj.rb'
- 'config/initializers/omniauth.rb'
- 'config/initializers/open_uri_redirection.rb'
- 'config/initializers/permissions_policy.rb'
- 'config/initializers/pghero.rb'
- 'config/initializers/preload_link_headers.rb'
- 'config/initializers/premailer_rails.rb'
- 'config/initializers/rack_attack_logging.rb'
- 'config/initializers/redis.rb'
- 'config/initializers/session_store.rb'
- 'config/initializers/simple_form.rb'
- 'config/initializers/stoplight.rb'
- 'config/initializers/trusted_proxies.rb'
- 'config/initializers/twitter_regex.rb'
- 'config/initializers/webauthn.rb'
- 'config/initializers/wrap_parameters.rb'
- 'config/locales/sr-Latn.rb'
- 'config/locales/sr.rb'
- 'config/puma.rb'
- 'db/migrate/20160220174730_create_accounts.rb'
- 'db/migrate/20160220211917_create_statuses.rb'
- 'db/migrate/20160221003140_create_users.rb'
- 'db/migrate/20160221003621_create_follows.rb'
- 'db/migrate/20160222122600_create_stream_entries.rb'
- 'db/migrate/20160222143943_add_profile_fields_to_accounts.rb'
- 'db/migrate/20160223162837_add_metadata_to_statuses.rb'
- 'db/migrate/20160223164502_make_uris_nullable_in_statuses.rb'
- 'db/migrate/20160223165723_add_url_to_statuses.rb'
- 'db/migrate/20160223165855_add_url_to_accounts.rb'
- 'db/migrate/20160223171800_create_favourites.rb'
- 'db/migrate/20160224223247_create_mentions.rb'
- 'db/migrate/20160227230233_add_attachment_avatar_to_accounts.rb'
- 'db/migrate/20160305115639_add_devise_to_users.rb'
- 'db/migrate/20160306172223_create_doorkeeper_tables.rb'
- 'db/migrate/20160312193225_add_attachment_header_to_accounts.rb'
- 'db/migrate/20160314164231_add_owner_to_application.rb'
- 'db/migrate/20160316103650_add_missing_indices.rb'
- 'db/migrate/20160322193748_add_avatar_remote_url_to_accounts.rb'
- 'db/migrate/20160325130944_add_admin_to_users.rb'
- 'db/migrate/20160826155805_add_superapp_to_oauth_applications.rb'
- 'db/migrate/20160905150353_create_media_attachments.rb'
- 'db/migrate/20160919221059_add_subscription_expires_at_to_accounts.rb'
- 'db/migrate/20160920003904_remove_verify_token_from_accounts.rb'
- 'db/migrate/20160926213048_remove_owner_from_application.rb'
- 'db/migrate/20161003142332_add_confirmable_to_users.rb'
- 'db/migrate/20161003145426_create_blocks.rb'
- 'db/migrate/20161006213403_rails_settings_migration.rb'
- 'db/migrate/20161009120834_create_domain_blocks.rb'
- 'db/migrate/20161027172456_add_silenced_to_accounts.rb'
- 'db/migrate/20161104173623_create_tags.rb'
- 'db/migrate/20161105130633_create_statuses_tags_join_table.rb'
- 'db/migrate/20161116162355_add_locale_to_users.rb'
- 'db/migrate/20161119211120_create_notifications.rb'
- 'db/migrate/20161122163057_remove_unneeded_indexes.rb'
- 'db/migrate/20161123093447_add_sensitive_to_statuses.rb'
- 'db/migrate/20161128103007_create_subscriptions.rb'
- 'db/migrate/20161130142058_add_last_successful_delivery_at_to_subscriptions.rb'
- 'db/migrate/20161130185319_add_visibility_to_statuses.rb'
- 'db/migrate/20161202132159_add_in_reply_to_account_id_to_statuses.rb'
- 'db/migrate/20161203164520_add_from_account_id_to_notifications.rb'
- 'db/migrate/20161205214545_add_suspended_to_accounts.rb'
- 'db/migrate/20161221152630_add_hidden_to_stream_entries.rb'
- 'db/migrate/20161222201034_add_locked_to_accounts.rb'
- 'db/migrate/20161222204147_create_follow_requests.rb'
- 'db/migrate/20170105224407_add_shortcode_to_media_attachments.rb'
- 'db/migrate/20170109120109_create_web_settings.rb'
- 'db/migrate/20170112154826_migrate_settings.rb'
- 'db/migrate/20170114194937_add_application_to_statuses.rb'
- 'db/migrate/20170114203041_add_website_to_oauth_application.rb'
- 'db/migrate/20170119214911_create_preview_cards.rb'
- 'db/migrate/20170123162658_add_severity_to_domain_blocks.rb'
- 'db/migrate/20170123203248_add_reject_media_to_domain_blocks.rb'
- 'db/migrate/20170125145934_add_spoiler_text_to_statuses.rb'
- 'db/migrate/20170127165745_add_devise_two_factor_to_users.rb'
- 'db/migrate/20170205175257_remove_devices.rb'
- 'db/migrate/20170209184350_add_reply_to_statuses.rb'
- 'db/migrate/20170214110202_create_reports.rb'
- 'db/migrate/20170217012631_add_reblog_of_id_foreign_key_to_statuses.rb'
- 'db/migrate/20170301222600_create_mutes.rb'
- 'db/migrate/20170303212857_add_last_emailed_at_to_users.rb'
- 'db/migrate/20170304202101_add_type_to_media_attachments.rb'
- 'db/migrate/20170317193015_add_search_index_to_accounts.rb'
- 'db/migrate/20170318214217_add_header_remote_url_to_accounts.rb'
- 'db/migrate/20170322021028_add_lowercase_index_to_accounts.rb'
- 'db/migrate/20170322143850_change_primary_key_to_bigint_on_statuses.rb'
- 'db/migrate/20170322162804_add_search_index_to_tags.rb'
- 'db/migrate/20170330021336_add_counter_caches.rb'
- 'db/migrate/20170330163835_create_imports.rb'
- 'db/migrate/20170330164118_add_attachment_data_to_imports.rb'
- 'db/migrate/20170403172249_add_action_taken_by_account_id_to_reports.rb'
- 'db/migrate/20170405112956_add_index_on_mentions_status_id.rb'
- 'db/migrate/20170406215816_add_notifications_and_favourites_indices.rb'
- 'db/migrate/20170409170753_add_last_webfingered_at_to_accounts.rb'
- 'db/migrate/20170414080609_add_devise_two_factor_backupable_to_users.rb'
- 'db/migrate/20170414132105_add_language_to_statuses.rb'
- 'db/migrate/20170418160728_add_indexes_to_reports_for_accounts.rb'
- 'db/migrate/20170423005413_add_allowed_languages_to_user.rb'
- 'db/migrate/20170424003227_create_account_domain_blocks.rb'
- 'db/migrate/20170424112722_add_status_id_index_to_statuses_tags.rb'
- 'db/migrate/20170425131920_add_media_attachment_meta.rb'
- 'db/migrate/20170425202925_add_oembed_to_preview_cards.rb'
- 'db/migrate/20170427011934_re_add_owner_to_application.rb'
- 'db/migrate/20170506235850_create_conversations.rb'
- 'db/migrate/20170507000211_add_conversation_id_to_statuses.rb'
- 'db/migrate/20170507141759_optimize_index_subscriptions.rb'
- 'db/migrate/20170508230434_create_conversation_mutes.rb'
- 'db/migrate/20170516072309_add_index_accounts_on_uri.rb'
- 'db/migrate/20170520145338_change_language_filter_to_opt_out.rb'
- 'db/migrate/20170601210557_add_index_on_media_attachments_account_id.rb'
- 'db/migrate/20170604144747_add_foreign_keys_for_accounts.rb'
- 'db/migrate/20170606113804_change_tag_search_index_to_btree.rb'
- 'db/migrate/20170609145826_remove_default_language_from_statuses.rb'
- 'db/migrate/20170610000000_add_statuses_index_on_account_id_id.rb'
- 'db/migrate/20170623152212_create_session_activations.rb'
- 'db/migrate/20170624134742_add_description_to_session_activations.rb'
- 'db/migrate/20170625140443_add_access_token_id_to_session_activations.rb'
- 'db/migrate/20170711225116_fix_null_booleans.rb'
- 'db/migrate/20170713112503_make_tag_search_case_insensitive.rb'
- 'db/migrate/20170713175513_create_web_push_subscriptions.rb'
- 'db/migrate/20170713190709_add_web_push_subscription_to_session_activations.rb'
- 'db/migrate/20170714184731_add_domain_to_subscriptions.rb'
- 'db/migrate/20170716191202_add_hide_notifications_to_mute.rb'
- 'db/migrate/20170718211102_add_activitypub_to_accounts.rb'
- 'db/migrate/20170720000000_add_index_favourites_on_account_id_and_id.rb'
- 'db/migrate/20170823162448_create_status_pins.rb'
- 'db/migrate/20170824103029_add_timestamps_to_status_pins.rb'
- 'db/migrate/20170829215220_remove_status_pins_account_index.rb'
- 'db/migrate/20170901141119_truncate_preview_cards.rb'
- 'db/migrate/20170901142658_create_join_table_preview_cards_statuses.rb'
- 'db/migrate/20170905044538_add_index_id_account_id_activity_type_on_notifications.rb'
- 'db/migrate/20170905165803_add_local_to_statuses.rb'
- 'db/migrate/20170913000752_create_site_uploads.rb'
- 'db/migrate/20170917153509_create_custom_emojis.rb'
- 'db/migrate/20170918125918_ids_to_bigints.rb'
- 'db/migrate/20170920024819_status_ids_to_timestamp_ids.rb'
- 'db/migrate/20170920032311_fix_reblogs_in_feeds.rb'
- 'db/migrate/20170924022025_ids_to_bigints2.rb'
- 'db/migrate/20170927215609_add_description_to_media_attachments.rb'
- 'db/migrate/20170928082043_create_email_domain_blocks.rb'
- 'db/migrate/20171005102658_create_account_moderation_notes.rb'
- 'db/migrate/20171005171936_add_disabled_to_custom_emojis.rb'
- 'db/migrate/20171006142024_add_uri_to_custom_emojis.rb'
- 'db/migrate/20171010023049_add_foreign_key_to_account_moderation_notes.rb'
- 'db/migrate/20171010025614_change_accounts_nonnullable_in_account_moderation_notes.rb'
- 'db/migrate/20171020084748_add_visible_in_picker_to_custom_emoji.rb'
- 'db/migrate/20171028221157_add_reblogs_to_follows.rb'
- 'db/migrate/20171107143332_add_memorial_to_accounts.rb'
- 'db/migrate/20171107143624_add_disabled_to_users.rb'
- 'db/migrate/20171109012327_add_moderator_to_accounts.rb'
- 'db/migrate/20171114080328_add_index_domain_to_email_domain_blocks.rb'
- 'db/migrate/20171114231651_create_lists.rb'
- 'db/migrate/20171116161857_create_list_accounts.rb'
- 'db/migrate/20171118012443_add_moved_to_account_id_to_accounts.rb'
- 'db/migrate/20171119172437_create_admin_action_logs.rb'
- 'db/migrate/20171122120436_add_index_account_and_reblog_of_id_to_statuses.rb'
- 'db/migrate/20171125024930_create_invites.rb'
- 'db/migrate/20171125031751_add_invite_id_to_users.rb'
- 'db/migrate/20171125185353_add_index_reblog_of_id_and_account_to_statuses.rb'
- 'db/migrate/20171125190735_remove_old_reblog_index_on_statuses.rb'
- 'db/migrate/20171129172043_add_index_on_stream_entries.rb'
- 'db/migrate/20171130000000_add_embed_url_to_preview_cards.rb'
- 'db/migrate/20171201000000_change_account_id_nonnullable_in_lists.rb'
- 'db/migrate/20171212195226_remove_duplicate_indexes_in_lists.rb'
- 'db/migrate/20171226094803_more_faster_index_on_notifications.rb'
- 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
- 'db/migrate/20180109143959_add_remember_token_to_users.rb'
- 'db/migrate/20180204034416_create_identities.rb'
- 'db/migrate/20180206000000_change_user_id_nonnullable.rb'
- 'db/migrate/20180211015820_create_backups.rb'
- 'db/migrate/20180304013859_add_featured_collection_url_to_accounts.rb'
- 'db/migrate/20180310000000_change_columns_in_notifications_nonnullable.rb'
- 'db/migrate/20180402031200_add_assigned_account_id_to_reports.rb'
- 'db/migrate/20180402040909_create_report_notes.rb'
- 'db/migrate/20180410204633_add_fields_to_accounts.rb'
- 'db/migrate/20180416210259_add_uri_to_relationships.rb'
- 'db/migrate/20180506221944_add_actor_type_to_accounts.rb'
- 'db/migrate/20180510214435_add_access_token_id_to_web_push_subscriptions.rb'
- 'db/migrate/20180510230049_migrate_web_push_subscriptions.rb'
- 'db/migrate/20180528141303_fix_accounts_unique_index.rb'
- 'db/migrate/20180608213548_reject_following_blocked_users.rb'
- 'db/migrate/20180609104432_migrate_web_push_subscriptions2.rb'
- 'db/migrate/20180615122121_add_autofollow_to_invites.rb'
- 'db/migrate/20180616192031_add_chosen_languages_to_users.rb'
- 'db/migrate/20180617162849_remove_unused_indexes.rb'
- 'db/migrate/20180628181026_create_custom_filters.rb'
- 'db/migrate/20180707154237_add_whole_word_to_custom_filter.rb'
- 'db/migrate/20180711152640_create_relays.rb'
- 'db/migrate/20180808175627_create_account_pins.rb'
- 'db/migrate/20180812123222_change_relays_enabled.rb'
- 'db/migrate/20180812162710_create_status_stats.rb'
- 'db/migrate/20180812173710_copy_status_stats.rb'
- 'db/migrate/20180814171349_add_confidential_to_doorkeeper_application.rb'
- 'db/migrate/20180831171112_create_bookmarks.rb'
- 'db/migrate/20180929222014_create_account_conversations.rb'
- 'db/migrate/20181007025445_create_pghero_space_stats.rb'
- 'db/migrate/20181010141500_add_silent_to_mentions.rb'
- 'db/migrate/20181017170937_add_reject_reports_to_domain_blocks.rb'
- 'db/migrate/20181018205649_add_unread_to_account_conversations.rb'
- 'db/migrate/20181024224956_migrate_account_conversations.rb'
- 'db/migrate/20181026034033_remove_faux_remote_account_duplicates.rb'
- 'db/migrate/20181116165755_create_account_stats.rb'
- 'db/migrate/20181116173541_copy_account_stats.rb'
- 'db/migrate/20181127130500_identity_id_to_bigint.rb'
- 'db/migrate/20181127165847_add_show_replies_to_lists.rb'
- 'db/migrate/20181203003808_create_accounts_tags_join_table.rb'
- 'db/migrate/20181203021853_add_discoverable_to_accounts.rb'
- 'db/migrate/20181204193439_add_last_status_at_to_account_stats.rb'
- 'db/migrate/20181204215309_create_account_tag_stats.rb'
- 'db/migrate/20181207011115_downcase_custom_emoji_domains.rb'
- 'db/migrate/20181213184704_create_account_warnings.rb'
- 'db/migrate/20181213185533_create_account_warning_presets.rb'
- 'db/migrate/20181219235220_add_created_by_application_id_to_users.rb'
- 'db/migrate/20181226021420_add_also_known_as_to_accounts.rb'
- 'db/migrate/20190103124649_create_scheduled_statuses.rb'
- 'db/migrate/20190103124754_add_scheduled_status_id_to_media_attachments.rb'
- 'db/migrate/20190117114553_create_tombstones.rb'
- 'db/migrate/20190201012802_add_overwrite_to_imports.rb'
- 'db/migrate/20190203180359_create_featured_tags.rb'
- 'db/migrate/20190225031541_create_polls.rb'
- 'db/migrate/20190225031625_create_poll_votes.rb'
- 'db/migrate/20190226003449_add_poll_id_to_statuses.rb'
- 'db/migrate/20190304152020_add_uri_to_poll_votes.rb'
- 'db/migrate/20190306145741_add_lock_version_to_polls.rb'
- 'db/migrate/20190307234537_add_approved_to_users.rb'
- 'db/migrate/20190314181829_migrate_open_registrations_setting.rb'
- 'db/migrate/20190316190352_create_account_identity_proofs.rb'
- 'db/migrate/20190317135723_add_uri_to_reports.rb'
- 'db/migrate/20190403141604_add_comment_to_invites.rb'
- 'db/migrate/20190409054914_create_user_invite_requests.rb'
- 'db/migrate/20190420025523_add_blurhash_to_media_attachments.rb'
- 'db/migrate/20190509164208_add_by_moderator_to_tombstone.rb'
- 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
- 'db/migrate/20190529143559_preserve_old_layout_for_existing_users.rb'
- 'db/migrate/20190627222225_create_custom_emoji_categories.rb'
- 'db/migrate/20190627222826_add_category_id_to_custom_emojis.rb'
- 'db/migrate/20190701022101_add_trust_level_to_accounts.rb'
- 'db/migrate/20190705002136_create_domain_allows.rb'
- 'db/migrate/20190715164535_add_instance_actor.rb'
- 'db/migrate/20190726175042_add_case_insensitive_index_to_tags.rb'
- 'db/migrate/20190729185330_add_score_to_tags.rb'
- 'db/migrate/20190805123746_add_capabilities_to_tags.rb'
- 'db/migrate/20190807135426_add_comments_to_domain_blocks.rb'
- 'db/migrate/20190815225426_add_last_status_at_to_tags.rb'
- 'db/migrate/20190819134503_add_deleted_at_to_statuses.rb'
- 'db/migrate/20190820003045_update_statuses_index.rb'
- 'db/migrate/20190823221802_add_local_index_to_statuses.rb'
- 'db/migrate/20190901035623_add_max_score_to_tags.rb'
- 'db/migrate/20190904222339_create_markers.rb'
- 'db/migrate/20190914202517_create_account_migrations.rb'
- 'db/migrate/20190915194355_create_account_aliases.rb'
- 'db/migrate/20190927232842_add_voters_count_to_polls.rb'
- 'db/migrate/20191001213028_add_lock_version_to_account_stats.rb'
- 'db/migrate/20191007013357_update_pt_locales.rb'
- 'db/migrate/20191031163205_change_list_account_follow_nullable.rb'
- 'db/migrate/20191212003415_increase_backup_size.rb'
- 'db/migrate/20191212163405_add_hide_collections_to_accounts.rb'
- 'db/migrate/20191218153258_create_announcements.rb'
- 'db/migrate/20200113125135_create_announcement_mutes.rb'
- 'db/migrate/20200114113335_create_announcement_reactions.rb'
- 'db/migrate/20200119112504_add_public_index_to_statuses.rb'
- 'db/migrate/20200126203551_add_published_at_to_announcements.rb'
- 'db/migrate/20200306035625_add_processing_to_media_attachments.rb'
- 'db/migrate/20200309150742_add_forwarded_to_reports.rb'
- 'db/migrate/20200312144258_add_title_to_account_warning_presets.rb'
- 'db/migrate/20200312162302_add_status_ids_to_announcements.rb'
- 'db/migrate/20200312185443_add_parent_id_to_email_domain_blocks.rb'
- 'db/migrate/20200317021758_add_expires_at_to_mutes.rb'
- 'db/migrate/20200407201300_create_unavailable_domains.rb'
- 'db/migrate/20200407202420_migrate_unavailable_inboxes.rb'
- 'db/migrate/20200417125749_add_storage_schema_version.rb'
- 'db/migrate/20200508212852_reset_unique_jobs_locks.rb'
- 'db/migrate/20200510110808_reset_web_app_secret.rb'
- 'db/migrate/20200510181721_remove_duplicated_indexes_pghero.rb'
- 'db/migrate/20200516180352_create_devices.rb'
- 'db/migrate/20200516183822_create_one_time_keys.rb'
- 'db/migrate/20200518083523_create_encrypted_messages.rb'
- 'db/migrate/20200521180606_encrypted_message_ids_to_timestamp_ids.rb'
- 'db/migrate/20200529214050_add_devices_url_to_accounts.rb'
- 'db/migrate/20200601222558_create_system_keys.rb'
- 'db/migrate/20200605155027_add_blurhash_to_preview_cards.rb'
- 'db/migrate/20200608113046_add_sign_in_token_to_users.rb'
- 'db/migrate/20200614002136_add_sensitized_to_accounts.rb'
- 'db/migrate/20200620164023_add_fixed_lowercase_index_to_accounts.rb'
- 'db/migrate/20200622213645_media_attachment_ids_to_timestamp_ids.rb'
- 'db/migrate/20200627125810_add_thumbnail_columns_to_media_attachments.rb'
- 'db/migrate/20200628133322_create_account_notes.rb'
- 'db/migrate/20200630190240_create_webauthn_credentials.rb'
- 'db/migrate/20200630190544_add_webauthn_id_to_users.rb'
- 'db/migrate/20200908193330_create_account_deletion_requests.rb'
- 'db/migrate/20200917192924_add_notify_to_follows.rb'
- 'db/migrate/20200917193034_add_type_to_notifications.rb'
- 'db/migrate/20200917222316_add_index_notifications_on_type.rb'
- 'db/migrate/20201008202037_create_ip_blocks.rb'
- 'db/migrate/20201008220312_add_sign_up_ip_to_users.rb'
- 'db/migrate/20201017233919_add_suspension_origin_to_accounts.rb'
- 'db/migrate/20201206004238_create_instances.rb'
- 'db/migrate/20201218054746_add_obfuscate_to_domain_blocks.rb'
- 'db/migrate/20210221045109_create_rules.rb'
- 'db/migrate/20210306164523_account_ids_to_timestamp_ids.rb'
- 'db/migrate/20210322164601_create_account_summaries.rb'
- 'db/migrate/20210323114347_create_follow_recommendations.rb'
- 'db/migrate/20210324171613_create_follow_recommendation_suppressions.rb'
- 'db/migrate/20210416200740_create_canonical_email_blocks.rb'
- 'db/migrate/20210421121431_add_case_insensitive_btree_index_to_tags.rb'
- 'db/migrate/20210425135952_add_index_on_media_attachments_account_id_status_id.rb'
- 'db/migrate/20210505174616_update_follow_recommendations_to_version_2.rb'
- 'db/migrate/20210609202149_create_login_activities.rb'
- 'db/migrate/20210616214526_create_user_ips.rb'
- 'db/migrate/20210621221010_add_skip_sign_in_token_to_users.rb'
- 'db/migrate/20210630000137_fix_canonical_email_blocks_foreign_key.rb'
- 'db/migrate/20210722120340_create_account_statuses_cleanup_policies.rb'
- 'db/migrate/20210904215403_add_edited_at_to_statuses.rb'
- 'db/migrate/20210908220918_create_status_edits.rb'
- 'db/migrate/20211031031021_create_preview_card_providers.rb'
- 'db/migrate/20211112011713_add_language_to_preview_cards.rb'
- 'db/migrate/20211115032527_add_trendable_to_preview_cards.rb'
- 'db/migrate/20211123212714_add_link_type_to_preview_cards.rb'
- 'db/migrate/20211213040746_update_account_summaries_to_version_2.rb'
- 'db/migrate/20211231080958_add_category_to_reports.rb'
- 'db/migrate/20220105163928_remove_mentions_status_id_index.rb'
- 'db/migrate/20220115125126_add_report_id_to_account_warnings.rb'
- 'db/migrate/20220115125341_fix_account_warning_actions.rb'
- 'db/migrate/20220116202951_add_deleted_at_index_on_statuses.rb'
- 'db/migrate/20220124141035_create_appeals.rb'
- 'db/migrate/20220202200743_add_trendable_to_accounts.rb'
- 'db/migrate/20220202200926_add_trendable_to_statuses.rb'
- 'db/migrate/20220210153119_add_overruled_at_to_account_warnings.rb'
- 'db/migrate/20220224010024_add_ips_to_email_domain_blocks.rb'
- 'db/migrate/20220227041951_add_last_used_at_to_oauth_access_tokens.rb'
- 'db/migrate/20220302232632_add_ordered_media_attachment_ids_to_statuses.rb'
- 'db/migrate/20220303000827_add_ordered_media_attachment_ids_to_status_edits.rb'
- 'db/migrate/20220304195405_migrate_hide_network_preference.rb'
- 'db/migrate/20220307094650_fix_featured_tags_constraints.rb'
- 'db/migrate/20220309213005_fix_reblog_deleted_at.rb'
- 'db/migrate/20220316233212_update_kurdish_locales.rb'
- 'db/migrate/20220428112511_add_index_statuses_on_account_id.rb'
- 'db/migrate/20220428112727_add_index_statuses_pins_on_status_id.rb'
- 'db/migrate/20220428114454_add_index_reports_on_assigned_account_id.rb'
- 'db/migrate/20220428114902_add_index_reports_on_action_taken_by_account_id.rb'
- 'db/migrate/20220606044941_create_webhooks.rb'
- 'db/migrate/20220611210335_create_user_roles.rb'
- 'db/migrate/20220611212541_add_role_id_to_users.rb'
- 'db/migrate/20220710102457_add_display_name_to_tags.rb'
- 'db/migrate/20220714171049_create_tag_follows.rb'
- 'db/migrate/20220824164433_add_human_identifier_to_admin_action_logs.rb'
- 'db/migrate/20220824233535_create_status_trends.rb'
- 'db/migrate/20220827195229_change_canonical_email_blocks_nullable.rb'
- 'db/migrate/20220829192633_add_languages_to_follows.rb'
- 'db/migrate/20220829192658_add_languages_to_follow_requests.rb'
- 'db/migrate/20221006061337_create_preview_card_trends.rb'
- 'db/migrate/20221012181003_add_blurhash_to_site_uploads.rb'
- 'db/migrate/20221021055441_add_index_featured_tags_on_account_id_and_tag_id.rb'
- 'db/migrate/20221025171544_add_index_ip_blocks_on_ip.rb'
- 'db/migrate/20221104133904_add_name_to_featured_tags.rb'
- 'db/post_migrate/20190519130537_remove_boosts_widening_audience.rb'
- 'db/post_migrate/20210308133107_remove_subscription_expires_at_from_accounts.rb'
- 'db/post_migrate/20220118183123_remove_rememberable_from_users.rb'
- 'db/seeds/01_web_app.rb'
- 'db/seeds/02_instance_actor.rb'
- 'db/seeds/03_roles.rb'
- 'db/seeds/04_admin.rb'
- 'lib/rails/engine_extensions.rb'
- 'lib/tasks/branding.rake'
- 'spec/fabricators_spec.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
Style/GlobalStdStream:
Exclude:
@ -1274,7 +689,6 @@ Style/MutableConstant:
Exclude:
- 'app/models/tag.rb'
- 'app/services/delete_account_service.rb'
- 'config/initializers/twitter_regex.rb'
- 'lib/mastodon/migration_warning.rb'
# This cop supports safe autocorrection (--autocorrect).
@ -1316,8 +730,6 @@ Style/RedundantConstantBase:
Exclude:
- 'config/environments/production.rb'
- 'config/initializers/sidekiq.rb'
- 'config/locales/sr-Latn.rb'
- 'config/locales/sr.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
# Configuration parameters: SafeForConstants.
@ -1329,6 +741,15 @@ Style/RedundantFetchBlock:
- 'config/initializers/paperclip.rb'
- 'config/puma.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: AllowMultipleReturnValues.
Style/RedundantReturn:
Exclude:
- 'app/controllers/api/v1/directories_controller.rb'
- 'app/controllers/auth/confirmations_controller.rb'
- 'app/lib/ostatus/tag_manager.rb'
- 'app/models/form/import.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
# Configuration parameters: ConvertCodeThatCanStartToReturnNil, AllowedMethods, MaxChainLength.
# AllowedMethods: present?, blank?, presence, try, try!
@ -1337,13 +758,6 @@ Style/SafeNavigation:
- 'app/models/concerns/account_finder_concern.rb'
- 'app/models/status.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: AllowAsExpressionSeparator.
Style/Semicolon:
Exclude:
- 'spec/services/activitypub/process_status_update_service_spec.rb'
- 'spec/validators/blacklisted_email_validator_spec.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: EnforcedStyle.
# SupportedStyles: only_raise, only_fail, semantic
@ -1357,21 +771,6 @@ Style/SingleArgumentDig:
Exclude:
- 'lib/webpacker/manifest_extensions.rb'
# This cop supports unsafe autocorrection (--autocorrect-all).
Style/SlicingWithRange:
Exclude:
- 'app/lib/emoji_formatter.rb'
- 'app/lib/text_formatter.rb'
- 'app/models/account_alias.rb'
- 'app/models/domain_block.rb'
- 'app/models/email_domain_block.rb'
- 'app/models/preview_card_provider.rb'
- 'app/validators/status_length_validator.rb'
- 'db/migrate/20190726175042_add_case_insensitive_index_to_tags.rb'
- 'lib/active_record/batches.rb'
- 'lib/mastodon/premailer_webpack_strategy.rb'
- 'lib/tasks/repo.rake'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: EnforcedStyle.
# SupportedStyles: require_parentheses, require_no_parentheses
@ -1408,7 +807,7 @@ Style/StringLiterals:
# AllowedMethods: define_method, mail, respond_to
Style/SymbolProc:
Exclude:
- 'config/initializers/omniauth.rb'
- 'config/initializers/3_omniauth.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: EnforcedStyle, AllowSafeAssignment.
@ -1441,9 +840,3 @@ Style/WordArray:
- 'config/initializers/cors.rb'
- 'spec/controllers/settings/imports_controller_spec.rb'
- 'spec/models/form/import_spec.rb'
# This cop supports safe autocorrection (--autocorrect).
# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
# URISchemes: http, https
Layout/LineLength:
Max: 701

View file

@ -1 +1 @@
3.2.2
3.2.3

1680
AUTHORS.md

File diff suppressed because it is too large Load diff

View file

@ -2,6 +2,670 @@
All notable changes to this project will be documented in this file.
## [4.2.12] - 2024-08-19
### Fixed
- Fix broken notifications for mentions from local moderators ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31484))
## [4.2.11] - 2024-08-16
### Added
- Add support for incoming `<s>` tag ([mediaformat](https://github.com/mastodon/mastodon/pull/31375))
### Changed
- Change logic of block/mute bypass for mentions from moderators to only apply to visible roles with moderation powers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31271))
### Fixed
- Fix incorrect rate limit on PUT requests ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31356))
- Fix presence of `ß` in adjacent word preventing mention and hashtag matching ([adamniedzielski](https://github.com/mastodon/mastodon/pull/31122))
- Fix processing of webfinger responses with multiple `self` links ([adamniedzielski](https://github.com/mastodon/mastodon/pull/31110))
- Fix duplicate `orderedItems` in user archive's `outbox.json` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31099))
- Fix click event handling when clicking outside of an open dropdown menu ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31251))
- Fix status processing failing halfway when a remote post has a malformed `replies` attribute ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31246))
- Fix `--verbose` option of `tootctl media remove`, which was previously erroneously removed ([mjankowski](https://github.com/mastodon/mastodon/pull/30536))
- Fix division by zero on some video/GIF files ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30600))
- Fix Web UI trying to save user settings despite being logged out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30324))
- Fix hashtag regexp matching some link anchors ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30190))
- Fix local account search on LDAP login being case-sensitive ([raucao](https://github.com/mastodon/mastodon/pull/30113))
- Fix development environment admin account not being auto-approved ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29958))
- Fix report reason selector in moderation interface not unselecting rules when changing category ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29026))
- Fix already-invalid reports failing to resolve ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29027))
- Fix OCR when using S3/CDN for assets ([vmstan](https://github.com/mastodon/mastodon/pull/28551))
- Fix error when encountering malformed `Tag` objects from Kbin ([ShadowJonathan](https://github.com/mastodon/mastodon/pull/28235))
- Fix not all allowed image formats showing in file picker when uploading custom emoji ([june128](https://github.com/mastodon/mastodon/pull/28076))
- Fix search popout listing unusable search options when logged out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27918))
- Fix processing of featured collections lacking an `items` attribute ([tribela](https://github.com/mastodon/mastodon/pull/27581))
- Fix `mastodon:stats` decoration of stats rake task ([mjankowski](https://github.com/mastodon/mastodon/pull/31104))
## [4.2.10] - 2024-07-04
### Security
- Fix incorrect permission checking on multiple API endpoints ([GHSA-58x8-3qxw-6hm7](https://github.com/mastodon/mastodon/security/advisories/GHSA-58x8-3qxw-6hm7))
- Fix incorrect authorship checking when processing some activities (CVE-2024-37903, [GHSA-xjvf-fm67-4qc3](https://github.com/mastodon/mastodon/security/advisories/GHSA-xjvf-fm67-4qc3))
- Fix ongoing streaming sessions not being invalidated when application tokens get revoked ([GHSA-vp5r-5pgw-jwqx](https://github.com/mastodon/mastodon/security/advisories/GHSA-vp5r-5pgw-jwqx))
- Update dependencies
### Added
- Add yarn version specification to avoid confusion with Yarn 3 and Yarn 4
### Changed
- Change preview cards generation to skip unusually long URLs ([oneiros](https://github.com/mastodon/mastodon/pull/30854))
- Change search modifiers to be case-insensitive ([Gargron](https://github.com/mastodon/mastodon/pull/30865))
- Change `STATSD_ADDR` handling to emit a warning rather than crashing if the address is unreachable ([timothyjrogers](https://github.com/mastodon/mastodon/pull/30691))
- Change PWA start URL from `/home` to `/` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27377))
### Removed
- Removed dependency on `posix-spawn` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18559))
### Fixed
- Fix scheduled statuses scheduled in less than 5 minutes being immediately published ([danielmbrasil](https://github.com/mastodon/mastodon/pull/30584))
- Fix encoding detection for link cards ([oneiros](https://github.com/mastodon/mastodon/pull/30780))
- Fix `/admin/accounts/:account_id/statuses/:id` for edited posts with media attachments ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30819))
- Fix duplicate `@context` attribute in user archive export ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30653))
## [4.2.9] - 2024-05-30
### Security
- Update dependencies
- Fix private mention filtering ([GHSA-5fq7-3p3j-9vrf](https://github.com/mastodon/mastodon/security/advisories/GHSA-5fq7-3p3j-9vrf))
- Fix password change endpoint not being rate-limited ([GHSA-q3rg-xx5v-4mxh](https://github.com/mastodon/mastodon/security/advisories/GHSA-q3rg-xx5v-4mxh))
- Add hardening around rate-limit bypass ([GHSA-c2r5-cfqr-c553](https://github.com/mastodon/mastodon/security/advisories/GHSA-c2r5-cfqr-c553))
### Added
- Add rate-limit on OAuth application registration ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/30316))
- Add fallback redirection when getting a webfinger query `WEB_DOMAIN@WEB_DOMAIN` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28592))
- Add `digest` attribute to `Admin::DomainBlock` entity in REST API ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/29092))
### Removed
- Remove superfluous application-level caching in some controllers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29862))
- Remove aggressive OAuth application vacuuming ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/30316))
### Fixed
- Fix leaking Elasticsearch connections in Sidekiq processes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30450))
- Fix language of remote posts not being recognized when using unusual casing ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30403))
- Fix off-by-one in `tootctl media` commands ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30306))
- Fix removal of allowed domains (in `LIMITED_FEDERATION_MODE`) not being recorded in the audit log ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/30125))
- Fix not being able to block a subdomain of an already-blocked domain through the API ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30119))
- Fix `Idempotency-Key` being ignored when scheduling a post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30084))
- Fix crash when supplying the `FFMPEG_BINARY` environment variable ([timothyjrogers](https://github.com/mastodon/mastodon/pull/30022))
- Fix improper email address validation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29838))
- Fix results/query in `api/v1/featured_tags/suggestions` ([mjankowski](https://github.com/mastodon/mastodon/pull/29597))
- Fix unblocking internationalized domain names under certain conditions ([tribela](https://github.com/mastodon/mastodon/pull/29530))
- Fix admin account created by `mastodon:setup` not being auto-approved ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29379))
- Fix reference to non-existent var in CLI maintenance command ([mjankowski](https://github.com/mastodon/mastodon/pull/28363))
## [4.2.8] - 2024-02-23
### Added
- Add hourly task to automatically require approval for new registrations in the absence of moderators ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29318), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/29355))
In order to prevent future abandoned Mastodon servers from being used for spam, harassment and other malicious activity, Mastodon will now automatically switch new user registrations to require moderator approval whenever they are left open and no activity (including non-moderation actions from apps) from any logged-in user with permission to access moderation reports has been detected in a full week.
When this happens, users with the permission to change server settings will receive an email notification.
This feature is disabled when `EMAIL_DOMAIN_ALLOWLIST` is used, and can also be disabled with `DISABLE_AUTOMATIC_SWITCHING_TO_APPROVED_REGISTRATIONS=true`.
### Changed
- Change registrations to be closed by default on new installations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29280))
If you are running a server and never changed your registrations mode from the default, updating will automatically close your registrations.
Simply re-enable them through the administration interface or using `tootctl settings registrations open` if you want to enable them again.
### Fixed
- Fix processing of remote ActivityPub actors making use of `Link` objects as `Image` `url` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29335))
- Fix link verifications when page size exceeds 1MB ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29358))
## [4.2.7] - 2024-02-16
### Fixed
- Fix OmniAuth tests and edge cases in error handling ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29201), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/29207))
- Fix new installs by upgrading to the latest release of the `nsa` gem, instead of a no longer existing commit ([mjankowski](https://github.com/mastodon/mastodon/pull/29065))
### Security
- Fix insufficient checking of remote posts ([GHSA-jhrq-qvrm-qr36](https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36))
## [4.2.6] - 2024-02-14
### Security
- Update the `sidekiq-unique-jobs` dependency (see [GHSA-cmh9-rx85-xj38](https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38))
In addition, we have disabled the web interface for `sidekiq-unique-jobs` out of caution.
If you need it, you can re-enable it by setting `ENABLE_SIDEKIQ_UNIQUE_JOBS_UI=true`.
If you only need to clear all locks, you can now use `bundle exec rake sidekiq_unique_jobs:delete_all_locks`.
- Update the `nokogiri` dependency (see [GHSA-xc9x-jj77-9p9j](https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xc9x-jj77-9p9j))
- Disable administrative Doorkeeper routes ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/29187))
- Fix ongoing streaming sessions not being invalidated when applications get deleted in some cases ([GHSA-7w3c-p9j8-mq3x](https://github.com/mastodon/mastodon/security/advisories/GHSA-7w3c-p9j8-mq3x))
In some rare cases, the streaming server was not notified of access tokens revocation on application deletion.
- Change external authentication behavior to never reattach a new identity to an existing user by default ([GHSA-vm39-j3vx-pch3](https://github.com/mastodon/mastodon/security/advisories/GHSA-vm39-j3vx-pch3))
Up until now, Mastodon has allowed new identities from external authentication providers to attach to an existing local user based on their verified e-mail address.
This allowed upgrading users from a database-stored password to an external authentication provider, or move from one authentication provider to another.
However, this behavior may be unexpected, and means that when multiple authentication providers are configured, the overall security would be that of the least secure authentication provider.
For these reasons, this behavior is now locked under the `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH` environment variable.
In addition, regardless of this environment variable, Mastodon will refuse to attach two identities from the same authentication provider to the same account.
## [4.2.5] - 2024-02-01
### Security
- Fix insufficient origin validation (CVE-2024-23832, [GHSA-3fjr-858r-92rw](https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw))
## [4.2.4] - 2024-01-24
### Fixed
- Fix error when processing remote files with unusually long names ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28823))
- Fix processing of compacted single-item JSON-LD collections ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28816))
- Retry 401 errors on replies fetching ([ShadowJonathan](https://github.com/mastodon/mastodon/pull/28788))
- Fix `RecordNotUnique` errors in LinkCrawlWorker ([tribela](https://github.com/mastodon/mastodon/pull/28748))
- Fix Mastodon not correctly processing HTTP Signatures with query strings ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28443), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/28476))
- Fix potential redirection loop of streaming endpoint ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28665))
- Fix streaming API redirection ignoring the port of `streaming_api_base_url` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28558))
- Fix error when processing link preview with an array as `inLanguage` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28252))
- Fix unsupported time zone or locale preventing sign-up ([Gargron](https://github.com/mastodon/mastodon/pull/28035))
- Fix "Hide these posts from home" list setting not refreshing when switching lists ([brianholley](https://github.com/mastodon/mastodon/pull/27763))
- Fix missing background behind dismissable banner in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/27479))
- Fix line wrapping of language selection button with long locale codes ([gunchleoc](https://github.com/mastodon/mastodon/pull/27100), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27127))
- Fix `Undo Announce` activity not being sent to non-follower authors ([MitarashiDango](https://github.com/mastodon/mastodon/pull/18482))
- Fix N+1s because of association preloaders not actually getting called ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28339))
- Fix empty column explainer getting cropped under certain conditions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28337))
- Fix `LinkCrawlWorker` error when encountering empty OEmbed response ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28268))
- Fix call to inefficient `delete_matched` cache method in domain blocks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28367))
### Security
- Add rate-limit of TOTP authentication attempts at controller level ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28801))
## [4.2.3] - 2023-12-05
### Fixed
- Fix dependency on `json-canonicalization` version that has been made unavailable since last release
## [4.2.2] - 2023-12-04
### Changed
- Change dismissed banners to be stored server-side ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27055))
- Change GIF max matrix size error to explicitly mention GIF files ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27927))
- Change `Follow` activities delivery to bypass availability check ([ShadowJonathan](https://github.com/mastodon/mastodon/pull/27586))
- Change single-column navigation notice to be displayed outside of the logo container ([renchap](https://github.com/mastodon/mastodon/pull/27462), [renchap](https://github.com/mastodon/mastodon/pull/27476))
- Change Content-Security-Policy to be tighter on media paths ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26889))
- Change post language code to include country code when relevant ([gunchleoc](https://github.com/mastodon/mastodon/pull/27099), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27207))
### Fixed
- Fix upper border radius of onboarding columns ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27890))
- Fix incoming status creation date not being restricted to standard ISO8601 ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27655), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/28081))
- Fix some posts from threads received out-of-order sometimes not being inserted into timelines ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27653))
- Fix posts from force-sensitized accounts being able to trend ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27620))
- Fix error when trying to delete already-deleted file with OpenStack Swift ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27569))
- Fix batch attachment deletion when using OpenStack Swift ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27554))
- Fix processing LDSigned activities from actors with unknown public keys ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27474))
- Fix error and incorrect URLs in `/api/v1/accounts/:id/featured_tags` for remote accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27459))
- Fix report processing notice not mentioning the report number when performing a custom action ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27442))
- Fix handling of `inLanguage` attribute in preview card processing ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27423))
- Fix own posts being removed from home timeline when unfollowing a used hashtag ([kmycode](https://github.com/mastodon/mastodon/pull/27391))
- Fix some link anchors being recognized as hashtags ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27271), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27584))
- Fix format-dependent redirects being cached regardless of requested format ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27634))
## [4.2.1] - 2023-10-10
### Added
- Add redirection on `/deck` URLs for logged-out users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27128))
- Add support for v4.2.0 migrations to `tootctl maintenance fix-duplicates` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27147))
### Changed
- Change some worker lock TTLs to be shorter-lived ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27246))
- Change user archive export allowed period from 7 days to 6 days ([suddjian](https://github.com/mastodon/mastodon/pull/27200))
### Fixed
- Fix duplicate reports being sent when reporting some remote posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27355))
- Fix clicking on already-opened thread post scrolling to the top of the thread ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27331), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27338), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27350))
- Fix some remote posts getting truncated ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27307))
- Fix some cases of infinite scroll code trying to fetch inaccessible posts in a loop ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27286))
- Fix `Vary` headers not being set on some redirects ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27272))
- Fix mentions being matched in some URL query strings ([mjankowski](https://github.com/mastodon/mastodon/pull/25656))
- Fix unexpected linebreak in version string in the Web UI ([vmstan](https://github.com/mastodon/mastodon/pull/26986))
- Fix double scroll bars in some columns in advanced interface ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27187))
- Fix boosts of local users being filtered in account timelines ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27204))
- Fix multiple instances of the trend refresh scheduler sometimes running at once ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27253))
- Fix importer returning negative row estimates ([jgillich](https://github.com/mastodon/mastodon/pull/27258))
- Fix incorrectly keeping outdated update notices absent from the API endpoint ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27021))
- Fix import progress not updating on certain failures ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27247))
- Fix websocket connections being incorrectly decremented twice on errors ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/27238))
- Fix explore prompt appearing because of posts being received out of order ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27211))
- Fix explore prompt sometimes showing up when the home TL is loading ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27062))
- Fix link handling of mentions in user profiles when logged out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27185))
- Fix filtering audit log for entries about disabling 2FA ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27186))
- Fix notification toasts not respecting reduce-motion ([c960657](https://github.com/mastodon/mastodon/pull/27178))
- Fix retention dashboard not displaying correct month ([vmstan](https://github.com/mastodon/mastodon/pull/27180))
- Fix tIME chunk not being properly removed from PNG uploads ([TheEssem](https://github.com/mastodon/mastodon/pull/27111))
- Fix division by zero in video in bitrate computation code ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27129))
- Fix inefficient queries in “Follows and followers” as well as several admin pages ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27116), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27306))
- Fix ActiveRecord using two connection pools when no replica is defined ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27061))
- Fix the search documentation URL in system checks ([renchap](https://github.com/mastodon/mastodon/pull/27036))
## [4.2.0] - 2023-09-21
The following changelog entries focus on changes visible to users, administrators, client developers or federated software developers, but there has also been a lot of code modernization, refactoring, and tooling work, in particular by [@danielmbrasil](https://github.com/danielmbrasil), [@mjankowski](https://github.com/mjankowski), [@nschonni](https://github.com/nschonni), [@renchap](https://github.com/renchap), and [@takayamaki](https://github.com/takayamaki).
### Added
- **Add full-text search of opted-in public posts and rework search operators** ([Gargron](https://github.com/mastodon/mastodon/pull/26485), [jsgoldstein](https://github.com/mastodon/mastodon/pull/26344), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26657), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26650), [jsgoldstein](https://github.com/mastodon/mastodon/pull/26659), [Gargron](https://github.com/mastodon/mastodon/pull/26660), [Gargron](https://github.com/mastodon/mastodon/pull/26663), [Gargron](https://github.com/mastodon/mastodon/pull/26688), [Gargron](https://github.com/mastodon/mastodon/pull/26689), [Gargron](https://github.com/mastodon/mastodon/pull/26686), [Gargron](https://github.com/mastodon/mastodon/pull/26687), [Gargron](https://github.com/mastodon/mastodon/pull/26692), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26697), [Gargron](https://github.com/mastodon/mastodon/pull/26699), [Gargron](https://github.com/mastodon/mastodon/pull/26701), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26710), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26739), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26754), [Gargron](https://github.com/mastodon/mastodon/pull/26662), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26755), [Gargron](https://github.com/mastodon/mastodon/pull/26781), [Gargron](https://github.com/mastodon/mastodon/pull/26782), [Gargron](https://github.com/mastodon/mastodon/pull/26760), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26756), [Gargron](https://github.com/mastodon/mastodon/pull/26784), [Gargron](https://github.com/mastodon/mastodon/pull/26807), [Gargron](https://github.com/mastodon/mastodon/pull/26835), [Gargron](https://github.com/mastodon/mastodon/pull/26847), [Gargron](https://github.com/mastodon/mastodon/pull/26834), [arbolitoloco1](https://github.com/mastodon/mastodon/pull/26893), [tribela](https://github.com/mastodon/mastodon/pull/26896), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26927), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26959), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27014))
This introduces a new `public_statuses` Elasticsearch index for public posts by users who have opted in to their posts being searchable (`toot#indexable` flag).
This also revisits the other indexes to provide more useful indexing, and adds new search operators such as `from:me`, `before:2022-11-01`, `after:2022-11-01`, `during:2022-11-01`, `language:fr`, `has:poll`, or `in:library` (for searching only in posts you have written or interacted with).
Results are now ordered chronologically.
- **Add admin notifications for new Mastodon versions** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26582))
This is done by querying `https://api.joinmastodon.org/update-check` every 30 minutes in a background job.
That URL can be changed using the `UPDATE_CHECK_URL` environment variable, and the feature outright disabled by setting that variable to an empty string (`UPDATE_CHECK_URL=`).
- **Add “Privacy and reach” tab in profile settings** ([Gargron](https://github.com/mastodon/mastodon/pull/26484), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26508))
This reorganized scattered privacy and reach settings to a single place, as well as improve their wording.
- **Add display of out-of-band hashtags in the web interface** ([Gargron](https://github.com/mastodon/mastodon/pull/26492), [arbolitoloco1](https://github.com/mastodon/mastodon/pull/26497), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26506), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26525), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26606), [Gargron](https://github.com/mastodon/mastodon/pull/26666), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26960))
- **Add role badges to the web interface** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25649), [Gargron](https://github.com/mastodon/mastodon/pull/26281))
- **Add ability to pick domains to forward reports to using the `forward_to_domains` parameter in `POST /api/v1/reports`** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25866), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26636))
The `forward_to_domains` REST API parameter is a list of strings. If it is empty or omitted, the previous behavior is maintained.
The `forward` parameter still needs to be set for `forward_to_domains` to be taken into account.
The forwarded-to domains can only include that of the original author and people being replied to.
- **Add forwarding of reported replies to servers being replied to** ([Gargron](https://github.com/mastodon/mastodon/pull/25341), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26189))
- Add `ONE_CLICK_SSO_LOGIN` environment variable to directly link to the Single-Sign On provider if there is only one sign up method available ([CSDUMMI](https://github.com/mastodon/mastodon/pull/26083), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26368), [CSDUMMI](https://github.com/mastodon/mastodon/pull/26857), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26901))
- **Add webhook templating** ([Gargron](https://github.com/mastodon/mastodon/pull/23289))
- **Add webhooks for local `status.created`, `status.updated`, `account.updated` and `report.updated`** ([VyrCossont](https://github.com/mastodon/mastodon/pull/24133), [VyrCossont](https://github.com/mastodon/mastodon/pull/24243), [VyrCossont](https://github.com/mastodon/mastodon/pull/24211))
- **Add exclusive lists** ([dariusk, necropolina](https://github.com/mastodon/mastodon/pull/22048), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25324))
- **Add a confirmation screen when suspending a domain** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25144), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25603))
- **Add support for importing lists** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25203), [mgmn](https://github.com/mastodon/mastodon/pull/26120), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26372))
- **Add optional hCaptcha support** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25019), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25057), [Gargron](https://github.com/mastodon/mastodon/pull/25395), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26388))
- **Add lines to threads in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/24549), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24677), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24696), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24711), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24714), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24713), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24715), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24800), [teeerevor](https://github.com/mastodon/mastodon/pull/25706), [renchap](https://github.com/mastodon/mastodon/pull/25807))
- **Add new onboarding flow to web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/24619), [Gargron](https://github.com/mastodon/mastodon/pull/24646), [Gargron](https://github.com/mastodon/mastodon/pull/24705), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24872), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/24883), [Gargron](https://github.com/mastodon/mastodon/pull/24954), [stevenjlm](https://github.com/mastodon/mastodon/pull/24959), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25010), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25275), [Gargron](https://github.com/mastodon/mastodon/pull/25559), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25561))
- **Add auto-refresh of accounts we get new messages/edits of** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26510))
- **Add Elasticsearch cluster health check and indexes mismatch check to dashboard** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26448), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26605), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26658))
- Add `hide_collections`, `discoverable` and `indexable` attributes to credentials API ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26998))
- Add `S3_ENABLE_CHECKSUM_MODE` environment variable to enable checksum verification on compatible S3-providers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26435))
- Add admin API for managing tags ([rrgeorge](https://github.com/mastodon/mastodon/pull/26872))
- Add a link to hashtag timelines from the Trending hashtags moderation interface ([gunchleoc](https://github.com/mastodon/mastodon/pull/26724))
- Add timezone to datetimes in e-mails ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26822))
- Add `authorized_fetch` server setting in addition to env var ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25798), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26958))
- Add avatar image to webfinger responses ([tvler](https://github.com/mastodon/mastodon/pull/26558))
- Add debug logging on signature verification failure ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26637), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26812))
- Add explicit error messages when DeepL quota is exceeded ([lutoma](https://github.com/mastodon/mastodon/pull/26704))
- Add Elasticsearch/OpenSearch version to “Software” in admin dashboard ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26652))
- Add `data-nosnippet` attribute to remote posts and local posts with `noindex` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26648))
- Add support for federating `memorial` attribute ([rrgeorge](https://github.com/mastodon/mastodon/pull/26583))
- Add Cherokee and Kalmyk to languages dropdown ([gunchleoc](https://github.com/mastodon/mastodon/pull/26012), [gunchleoc](https://github.com/mastodon/mastodon/pull/26013))
- Add `DELETE /api/v1/profile/avatar` and `DELETE /api/v1/profile/header` to the REST API ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25124), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26573))
- Add `ES_PRESET` option to customize numbers of shards and replicas ([Gargron](https://github.com/mastodon/mastodon/pull/26483), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26489))
This can have a value of `single_node_cluster` (default), `small_cluster` (uses one replica) or `large_cluster` (uses one replica and a higher number of shards).
- Add `CACHE_BUSTER_HTTP_METHOD` environment variable ([renchap](https://github.com/mastodon/mastodon/pull/26528), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26542))
- Add support for `DB_PASS` when using `DATABASE_URL` ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26295))
- Add `GET /api/v1/instance/languages` to REST API ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24443))
- Add primary key to `preview_cards_statuses` join table ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25243), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26384), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26447), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26737), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26979))
- Add client-side timeout on resend confirmation button ([Gargron](https://github.com/mastodon/mastodon/pull/26300))
- Add published date and author to news on the explore screen in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26155))
- Add `lang` attribute to various UI components ([c960657](https://github.com/mastodon/mastodon/pull/23869), [c960657](https://github.com/mastodon/mastodon/pull/23891), [c960657](https://github.com/mastodon/mastodon/pull/26111), [c960657](https://github.com/mastodon/mastodon/pull/26149))
- Add stricter protocol fields validation for accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25937))
- Add support for Azure blob storage ([mistydemeo](https://github.com/mastodon/mastodon/pull/23607), [mistydemeo](https://github.com/mastodon/mastodon/pull/26080))
- Add toast with option to open post after publishing in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25564), [Signez](https://github.com/mastodon/mastodon/pull/25919), [Gargron](https://github.com/mastodon/mastodon/pull/26664))
- Add canonical link tags in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25715))
- Add button to see results for polls in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25726))
- Add at-symbol prepended to mention span title ([forsamori](https://github.com/mastodon/mastodon/pull/25684))
- Add users index on `unconfirmed_email` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25672), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25702))
- Add superapp index on `oauth_applications` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25670))
- Add index to backups on `user_id` column ([mjankowski](https://github.com/mastodon/mastodon/pull/25647))
- Add onboarding prompt when home feed too slow in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25267), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25556), [Gargron](https://github.com/mastodon/mastodon/pull/25579), [renchap](https://github.com/mastodon/mastodon/pull/25580), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25581), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25617), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25917), [Gargron](https://github.com/mastodon/mastodon/pull/26829), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26935))
- Add `POST /api/v1/conversations/:id/unread` API endpoint to mark a conversation as unread ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25509))
- Add `translate="no"` to outgoing mentions and links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25524))
- Add unsubscribe link and headers to e-mails ([Gargron](https://github.com/mastodon/mastodon/pull/25378), [c960657](https://github.com/mastodon/mastodon/pull/26085))
- Add logging of websocket send errors ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25280))
- Add time zone preference ([Gargron](https://github.com/mastodon/mastodon/pull/25342), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26025))
- Add `legal` as report category ([Gargron](https://github.com/mastodon/mastodon/pull/23941), [renchap](https://github.com/mastodon/mastodon/pull/25400), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26509))
- Add `data-nosnippet` so Google doesn't use trending posts in snippets for `/` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25279))
- Add card with who invited you to join when displaying rules on sign-up ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23475))
- Add missing primary keys to `accounts_tags` and `statuses_tags` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25210))
- Add support for custom sign-up URLs ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25014), [renchap](https://github.com/mastodon/mastodon/pull/25108), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25190), [mgmn](https://github.com/mastodon/mastodon/pull/25531))
This is set using `SSO_ACCOUNT_SIGN_UP` and reflected in the REST API by adding `registrations.sign_up_url` to the `/api/v2/instance` endpoint.
- Add polling and automatic redirection to `/start` on email confirmation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25013))
- Add ability to block sign-ups from IP using the CLI ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24870))
- Add ALT badges to media that has alternative text in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24782), [c960657](https://github.com/mastodon/mastodon/pull/26166)
- Add ability to include accounts with pending follow requests in lists ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/19727), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24810))
- Add trend management to admin API ([rrgeorge](https://github.com/mastodon/mastodon/pull/24257))
- `POST /api/v1/admin/trends/statuses/:id/approve`
- `POST /api/v1/admin/trends/statuses/:id/reject`
- `POST /api/v1/admin/trends/links/:id/approve`
- `POST /api/v1/admin/trends/links/:id/reject`
- `POST /api/v1/admin/trends/tags/:id/approve`
- `POST /api/v1/admin/trends/tags/:id/reject`
- `GET /api/v1/admin/trends/links/publishers`
- `POST /api/v1/admin/trends/links/publishers/:id/approve`
- `POST /api/v1/admin/trends/links/publishers/:id/reject`
- Add user handle to notification mail recipient address ([HeitorMC](https://github.com/mastodon/mastodon/pull/24240))
- Add progress indicator to sign-up flow ([Gargron](https://github.com/mastodon/mastodon/pull/24545))
- Add client-side validation for taken username in sign-up form ([Gargron](https://github.com/mastodon/mastodon/pull/24546))
- Add `--approve` option to `tootctl accounts create` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24533))
- Add “In Memoriam” banner back to profiles ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23591), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23614))
This adds the `memorial` attribute to the `Account` REST API entity.
- Add colour to follow button when hashtag is being followed ([c960657](https://github.com/mastodon/mastodon/pull/24361))
- Add further explanations to the profile link verification instructions ([drzax](https://github.com/mastodon/mastodon/pull/19723))
- Add a link to Identity provider's account settings from the account settings ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24100), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24628))
- Add support for streaming server to connect to postgres with self-signed certs through the `sslmode` URL parameter ([ramuuns](https://github.com/mastodon/mastodon/pull/21431))
- Add support for specifying S3 storage classes through the `S3_STORAGE_CLASS` environment variable ([hyl](https://github.com/mastodon/mastodon/pull/22480))
- Add support for incoming rich text ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23913))
- Add support for Ruby 3.2 ([tenderlove](https://github.com/mastodon/mastodon/pull/22928), [casperisfine](https://github.com/mastodon/mastodon/pull/24142), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24202), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26934))
- Add API parameter to safeguard unexpected mentions in new posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18350))
### Changed
- **Change hashtags to be displayed separately when they are the last line of a post** ([renchap](https://github.com/mastodon/mastodon/pull/26499), [renchap](https://github.com/mastodon/mastodon/pull/26614), [renchap](https://github.com/mastodon/mastodon/pull/26615))
- **Change reblogs to be excluded from "Posts and replies" tab in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/26302))
- **Change interaction modal in web interface** ([Gargron, ClearlyClaire](https://github.com/mastodon/mastodon/pull/26075), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26269), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26268), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26267), [mgmn](https://github.com/mastodon/mastodon/pull/26459), [tribela](https://github.com/mastodon/mastodon/pull/26461), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26593), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26795))
- **Change design of link previews in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/26136), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26151), [Gargron](https://github.com/mastodon/mastodon/pull/26153), [Gargron](https://github.com/mastodon/mastodon/pull/26250), [Gargron](https://github.com/mastodon/mastodon/pull/26287), [Gargron](https://github.com/mastodon/mastodon/pull/26286), [c960657](https://github.com/mastodon/mastodon/pull/26184))
- **Change "direct message" nomenclature to "private mention" in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/24248))
- **Change translation feature to cover Content Warnings, poll options and media descriptions** ([c960657](https://github.com/mastodon/mastodon/pull/24175), [S-H-GAMELINKS](https://github.com/mastodon/mastodon/pull/25251), [c960657](https://github.com/mastodon/mastodon/pull/26168), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26452))
- **Change account search to match by text when opted-in** ([jsgoldstein](https://github.com/mastodon/mastodon/pull/25599), [Gargron](https://github.com/mastodon/mastodon/pull/26378))
- **Change import feature to be clearer, less error-prone and more reliable** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21054), [mgmn](https://github.com/mastodon/mastodon/pull/24874))
- **Change local and federated timelines to be tabs of a single “Live feeds” column** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25641), [Gargron](https://github.com/mastodon/mastodon/pull/25683), [mgmn](https://github.com/mastodon/mastodon/pull/25694), [Plastikmensch](https://github.com/mastodon/mastodon/pull/26247), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26633))
- **Change user archive export to be faster and more reliable, and export `.zip` archives instead of `.tar.gz` ones** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23360), [TheEssem](https://github.com/mastodon/mastodon/pull/25034))
- **Change `mastodon-streaming` systemd unit files to be templated** ([e-nomem](https://github.com/mastodon/mastodon/pull/24751))
- **Change `statsd` integration to disable sidekiq metrics by default** ([mjankowski](https://github.com/mastodon/mastodon/pull/25265), [mjankowski](https://github.com/mastodon/mastodon/pull/25336), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26310))
This deprecates `statsd` support and disables the sidekiq integration unless `STATSD_SIDEKIQ` is set to `true`.
This is because the `nsa` gem is unmaintained, and its sidekiq integration is known to add very significant overhead.
Later versions of Mastodon will have other ways to get the same metrics.
- **Change replica support to native Rails adapter** ([krainboltgreene](https://github.com/mastodon/mastodon/pull/25693), [Gargron](https://github.com/mastodon/mastodon/pull/25849), [Gargron](https://github.com/mastodon/mastodon/pull/25874), [Gargron](https://github.com/mastodon/mastodon/pull/25851), [Gargron](https://github.com/mastodon/mastodon/pull/25977), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26074), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26326), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26386), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26856))
This is a breaking change, dropping `makara` support, and requiring you to update your database configuration if you are using replicas.
To tell Mastodon to use a read replica, you can either set the `REPLICA_DB_NAME` environment variable (along with `REPLICA_DB_USER`, `REPLICA_DB_PASS`, `REPLICA_DB_HOST`, and `REPLICA_DB_PORT`, if they differ from the primary database), or the `REPLICA_DATABASE_URL` environment variable if your configuration is based on `DATABASE_URL`.
- Change DCT method used for JPEG encoding to float ([electroCutie](https://github.com/mastodon/mastodon/pull/26675))
- Change from `node-redis` to `ioredis` for streaming ([gmemstr](https://github.com/mastodon/mastodon/pull/26581))
- Change private statuses index to index without crutches ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26713))
- Change video compression parameters ([Gargron](https://github.com/mastodon/mastodon/pull/26631), [Gargron](https://github.com/mastodon/mastodon/pull/26745), [Gargron](https://github.com/mastodon/mastodon/pull/26766), [Gargron](https://github.com/mastodon/mastodon/pull/26970))
- Change admin e-mail notification settings to be their own settings group ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26596))
- Change opacity of the delete icon in the search field to be more visible ([AntoninDelFabbro](https://github.com/mastodon/mastodon/pull/26449))
- Change Account Search to prioritize username over display name ([jsgoldstein](https://github.com/mastodon/mastodon/pull/26623))
- Change follow recommendation materialized view to be faster in most cases ([renchap, ClearlyClaire](https://github.com/mastodon/mastodon/pull/26545))
- Change `robots.txt` to block GPTBot ([Foritus](https://github.com/mastodon/mastodon/pull/26396))
- Change header of hashtag timelines in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26362), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26416))
- Change streaming `/metrics` to include additional metrics ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26299), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26945))
- Change indexing frequency from 5 minutes to 1 minute, add locks to schedulers ([Gargron](https://github.com/mastodon/mastodon/pull/26304))
- Change column link to add a better keyboard focus indicator ([teeerevor](https://github.com/mastodon/mastodon/pull/26278))
- Change poll form element colors to fit with the rest of the ui ([teeerevor](https://github.com/mastodon/mastodon/pull/26139), [teeerevor](https://github.com/mastodon/mastodon/pull/26162), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26164))
- Change 'favourite' to 'favorite' for American English ([marekr](https://github.com/mastodon/mastodon/pull/24667), [gunchleoc](https://github.com/mastodon/mastodon/pull/26009), [nabijaczleweli](https://github.com/mastodon/mastodon/pull/26109))
- Change ActivityStreams representation of suspended accounts to not use a blank `name` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25276))
- Change focus UI for keyboard only input ([teeerevor](https://github.com/mastodon/mastodon/pull/25935), [Gargron](https://github.com/mastodon/mastodon/pull/26125), [Gargron](https://github.com/mastodon/mastodon/pull/26767))
- Change thread view to scroll to the selected post rather than the post being replied to ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24685))
- Change links in multi-column mode so tabs are open in single-column mode ([Signez](https://github.com/mastodon/mastodon/pull/25893), [Signez](https://github.com/mastodon/mastodon/pull/26070), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25973), [Signez](https://github.com/mastodon/mastodon/pull/26019), [Signez](https://github.com/mastodon/mastodon/pull/26759))
- Change searching with `#` to include account index ([jsgoldstein](https://github.com/mastodon/mastodon/pull/25638))
- Change label and design of sensitive and unavailable media in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25712), [Gargron](https://github.com/mastodon/mastodon/pull/26135), [Gargron](https://github.com/mastodon/mastodon/pull/26330))
- Change button colors to increase hover/focus contrast and consistency ([teeerevor](https://github.com/mastodon/mastodon/pull/25677), [Gargron](https://github.com/mastodon/mastodon/pull/25679))
- Change dropdown icon above compose form from ellipsis to bars in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25661))
- Change header backgrounds to use fewer different colors in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25577))
- Change files to be deleted in batches instead of one-by-one ([Gargron](https://github.com/mastodon/mastodon/pull/23302), [S-H-GAMELINKS](https://github.com/mastodon/mastodon/pull/25586), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25587))
- Change emoji picker icon ([iparr](https://github.com/mastodon/mastodon/pull/25479))
- Change edit profile page ([Gargron](https://github.com/mastodon/mastodon/pull/25413), [c960657](https://github.com/mastodon/mastodon/pull/26538))
- Change "bot" label to "automated" ([Gargron](https://github.com/mastodon/mastodon/pull/25356))
- Change design of dropdowns in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25107))
- Change wording of “Content cache retention period” setting to highlight destructive implications ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23261))
- Change autolinking to allow carets in URL search params ([renchap](https://github.com/mastodon/mastodon/pull/25216))
- Change share action from being in action bar to being in dropdown in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25105))
- Change sessions to be ordered from most-recent to least-recently updated ([frankieroberto](https://github.com/mastodon/mastodon/pull/25005))
- Change vacuum scheduler to also delete expired tokens and unused application records ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24868), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24871))
- Change "Sign in" to "Login" ([Gargron](https://github.com/mastodon/mastodon/pull/24942))
- Change domain suspensions to also be checked before trying to fetch unknown remote resources ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24535))
- Change media components to use aspect-ratio rather than compute height themselves ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24686), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24943), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26801))
- Change logo version in header based on screen size in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24707))
- Change label from "For you" to "People" on explore screen in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24706))
- Change logged-out WebUI HTML pages to be cached for a few seconds ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24708))
- Change unauthenticated responses to be cached in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/24348), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24662), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24665))
- Change HTTP caching logic ([Gargron](https://github.com/mastodon/mastodon/pull/24347), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24604))
- Change hashtags and mentions in bios to open in-app in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24643))
- Change styling of the recommended accounts to allow bio to be more visible ([chike00](https://github.com/mastodon/mastodon/pull/24480))
- Change account search in moderation interface to allow searching by username including the leading `@` ([HeitorMC](https://github.com/mastodon/mastodon/pull/24242))
- Change all components to use the same error page in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24512))
- Change search pop-out in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24305))
- Change user settings to be stored in a more optimal way ([Gargron](https://github.com/mastodon/mastodon/pull/23630), [c960657](https://github.com/mastodon/mastodon/pull/24321), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24453), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24460), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24558), [Gargron](https://github.com/mastodon/mastodon/pull/24761), [Gargron](https://github.com/mastodon/mastodon/pull/24783), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25508), [jsgoldstein](https://github.com/mastodon/mastodon/pull/25340), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26884), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27012))
- Change media upload limits and remove client-side resizing ([Gargron](https://github.com/mastodon/mastodon/pull/23726))
- Change design of account rows in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24247), [Gargron](https://github.com/mastodon/mastodon/pull/24343), [Gargron](https://github.com/mastodon/mastodon/pull/24956), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25131))
- Change log-out to use Single Logout when using external log-in through OIDC ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24020))
- Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24034))
- Change translation to only be offered for supported languages ([c960657](https://github.com/mastodon/mastodon/pull/23879), [c960657](https://github.com/mastodon/mastodon/pull/24037))
This adds the `/api/v1/instance/translation_languages` REST API endpoint that returns an object with the supported translation language pairs in the form:
```json
{
"fr": ["en", "de"]
}
```
(where `fr` is a supported source language and `en` and `de` or supported output language when translating a `fr` string)
- Change compose form checkbox to native input with `appearance: none` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22949))
- Change posts' clickable area to be larger ([c960657](https://github.com/mastodon/mastodon/pull/23621))
- Change `followed_by` link to `location=all` if account is local on /admin/accounts/:id page ([tribela](https://github.com/mastodon/mastodon/pull/23467))
### Removed
- **Remove support for Node.js 14** ([renchap](https://github.com/mastodon/mastodon/pull/25198))
- **Remove support for Ruby 2.7** ([nschonni](https://github.com/mastodon/mastodon/pull/24237))
- **Remove clustering from streaming API** ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/24655))
- **Remove anonymous access to the streaming API** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23989))
- Remove obfuscation of reply count in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26768))
- Remove `kmr` from language selection, as it was a duplicate for `ku` ([gunchleoc](https://github.com/mastodon/mastodon/pull/26014), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26787))
- Remove 16:9 cropping from web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26132))
- Remove back button from bookmarks, favourites and lists screens in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26126))
- Remove display name input from sign-up form ([Gargron](https://github.com/mastodon/mastodon/pull/24704))
- Remove `tai` locale ([c960657](https://github.com/mastodon/mastodon/pull/23880))
- Remove empty Kushubian (csb) local files ([nschonni](https://github.com/mastodon/mastodon/pull/24151))
- Remove `Permissions-Policy` header from all responses ([Gargron](https://github.com/mastodon/mastodon/pull/24124))
### Fixed
- **Fix filters not being applying in the explore page** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25887))
- **Fix being unable to load past a full page of filtered posts in Home timeline** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24930))
- **Fix log-in flow when involving both OAuth and external authentication** ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24073))
- **Fix broken links in account gallery** ([c960657](https://github.com/mastodon/mastodon/pull/24218))
- **Fix migration handler not updating lists** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24808))
- Fix crash when viewing a moderation appeal and the moderator account has been deleted ([xrobau](https://github.com/mastodon/mastodon/pull/25900))
- Fix error in Web UI when server rules cannot be fetched ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26957))
- Fix paragraph margins resulting in irregular read-more cut-off in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26828))
- Fix notification permissions being requested immediately after login ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26472))
- Fix performances of profile directory ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26840), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26842))
- Fix mute button and volume slider feeling disconnected in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26827), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26860))
- Fix “Scoped order is ignored, it's forced to be batch order.” warnings ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26793))
- Fix blocked domain appearing in account feeds ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26823))
- Fix invalid `Content-Type` header for WebP images ([c960657](https://github.com/mastodon/mastodon/pull/26773))
- Fix minor inefficiencies in `tootctl search deploy` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26721))
- Fix filter form in profiles directory overflowing instead of wrapping ([arbolitoloco1](https://github.com/mastodon/mastodon/pull/26682))
- Fix sign up steps progress layout in right-to-left locales ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26728))
- Fix bug with “favorited by” and “reblogged by“ view on posts only showing up to 40 items ([timothyjrogers](https://github.com/mastodon/mastodon/pull/26577), [timothyjrogers](https://github.com/mastodon/mastodon/pull/26574))
- Fix bad search type heuristic ([Gargron](https://github.com/mastodon/mastodon/pull/26673))
- Fix not being able to negate prefix clauses in search ([Gargron](https://github.com/mastodon/mastodon/pull/26672))
- Fix timeout on invalid set of exclusionary parameters in `/api/v1/timelines/public` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/26239))
- Fix adding column with default value taking longer on Postgres >= 11 ([Gargron](https://github.com/mastodon/mastodon/pull/26375))
- Fix light theme select option for hashtags ([teeerevor](https://github.com/mastodon/mastodon/pull/26311))
- Fix AVIF attachments ([c960657](https://github.com/mastodon/mastodon/pull/26264))
- Fix incorrect URL normalization when fetching remote resources ([c960657](https://github.com/mastodon/mastodon/pull/26219), [c960657](https://github.com/mastodon/mastodon/pull/26285))
- Fix being unable to filter posts for individual Chinese languages ([gunchleoc](https://github.com/mastodon/mastodon/pull/26066))
- Fix preview card sometimes linking to 4xx error pages ([c960657](https://github.com/mastodon/mastodon/pull/26200))
- Fix emoji picker button scrolling with textarea content in single-column view ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25304))
- Fix missing border on error screen in light theme in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26152))
- Fix UI overlap with the loupe icon in the Explore Tab ([gol-cha](https://github.com/mastodon/mastodon/pull/26113))
- Fix unexpected redirection to `/explore` after sign-in ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26143))
- Fix `/api/v1/statuses/:id/unfavourite` and `/api/v1/statuses/:id/unreblog` returning non-updated counts ([c960657](https://github.com/mastodon/mastodon/pull/24365))
- Fix clicking the “Back” button sometimes leading out of Mastodon ([c960657](https://github.com/mastodon/mastodon/pull/23953), [CSFlorin](https://github.com/mastodon/mastodon/pull/24835), [S-H-GAMELINKS](https://github.com/mastodon/mastodon/pull/24867), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25281))
- Fix processing of `null` ActivityPub activities ([tribela](https://github.com/mastodon/mastodon/pull/26021))
- Fix hashtag posts not being removed from home feed on hashtag unfollow ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26028))
- Fix for "follows you" indicator in light web UI not readable ([vmstan](https://github.com/mastodon/mastodon/pull/25993))
- Fix incorrect line break between icon and number of reposts & favourites ([edent](https://github.com/mastodon/mastodon/pull/26004))
- Fix sounds not being loaded from assets host ([Signez](https://github.com/mastodon/mastodon/pull/25931))
- Fix buttons showing inconsistent styles ([teeerevor](https://github.com/mastodon/mastodon/pull/25903), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25965), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26341), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26482))
- Fix trend calculation working on too many items at a time ([Gargron](https://github.com/mastodon/mastodon/pull/25835))
- Fix dropdowns being disabled for logged out users in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25714), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25964))
- Fix explore page being inaccessible when opted-out of trends in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25716))
- Fix re-activated accounts possibly getting deleted by `AccountDeletionWorker` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25711))
- Fix `/api/v2/search` not working with following query param ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25681))
- Fix inefficient query when requesting a new confirmation email from a logged-in account ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25669))
- Fix unnecessary concurrent calls to `/api/*/instance` in web UI ([mgmn](https://github.com/mastodon/mastodon/pull/25663))
- Fix resolving local URL for remote content ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25637))
- Fix search not being easily findable on smaller screens in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25576), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25631))
- Fix j/k keyboard shortcuts on some status lists ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25554))
- Fix missing validation on `default_privacy` setting ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25513))
- Fix incorrect pagination headers in `/api/v2/admin/accounts` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25477))
- Fix non-interactive upload container being given a `button` role and tabIndex ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25462))
- Fix always redirecting to onboarding in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25396))
- Fix inconsistent use of middle dot (·) instead of bullet (•) to separate items ([j-f1](https://github.com/mastodon/mastodon/pull/25248))
- Fix spacing of middle dots in the detailed status meta section ([j-f1](https://github.com/mastodon/mastodon/pull/25247))
- Fix prev/next buttons color in media viewer ([renchap](https://github.com/mastodon/mastodon/pull/25231))
- Fix email addresses not being properly updated in `tootctl maintenance fix-duplicates` ([mjankowski](https://github.com/mastodon/mastodon/pull/25118))
- Fix unicode surrogate pairs sometimes being broken in page title ([eai04191](https://github.com/mastodon/mastodon/pull/25148))
- Fix various inefficient queries against account domains ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25126))
- Fix video player offering to expand in a lightbox when it's in an `iframe` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25067))
- Fix post embed previews ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25071))
- Fix inadequate error handling in several API controllers when given invalid parameters ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24947), [danielmbrasil](https://github.com/mastodon/mastodon/pull/24958), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25063), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25072), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25386), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25595))
- Fix uncaught `ActiveRecord::StatementInvalid` in Mastodon::IpBlocksCLI ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24861))
- Fix various edge cases with local moves ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24812))
- Fix `tootctl accounts cull` crashing when encountering a domain resolving to a private address ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23378))
- Fix `tootctl accounts approve --number N` not aproving the N earliest registrations ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24605))
- Fix being unable to clear media description when editing posts ([c960657](https://github.com/mastodon/mastodon/pull/24720))
- Fix unavailable translations not falling back to English ([mgmn](https://github.com/mastodon/mastodon/pull/24727))
- Fix anonymous visitors getting a session cookie on first visit ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24584), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24650), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24664))
- Fix cutting off first letter of hashtag links sometimes in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24623))
- Fix crash in `tootctl accounts create --reattach --force` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24557), [danielmbrasil](https://github.com/mastodon/mastodon/pull/24680))
- Fix characters being emojified even when using Variation Selector 15 (text) ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20949), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24615))
- Fix uncaught ActiveRecord::StatementInvalid exception in `Mastodon::AccountsCLI#approve` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24590))
- Fix email confirmation skip option in `tootctl accounts modify USERNAME --email EMAIL --confirm` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24578))
- Fix tooltip for dates without time ([c960657](https://github.com/mastodon/mastodon/pull/24244))
- Fix missing loading spinner and loading more on scroll in Private Mentions column ([c960657](https://github.com/mastodon/mastodon/pull/24446))
- Fix account header image missing from `/settings/profile` on narrow screens ([c960657](https://github.com/mastodon/mastodon/pull/24433))
- Fix height of announcements not being updated when using reduced animations ([c960657](https://github.com/mastodon/mastodon/pull/24354))
- Fix inconsistent radius in advanced interface drawer ([thislight](https://github.com/mastodon/mastodon/pull/24407))
- Fix loading more trending posts on scroll in the advanced interface ([OmmyZhang](https://github.com/mastodon/mastodon/pull/24314))
- Fix poll ending notification for edited polls ([c960657](https://github.com/mastodon/mastodon/pull/24311))
- Fix max width of media in `/about` and `/privacy-policy` ([mgmn](https://github.com/mastodon/mastodon/pull/24180))
- Fix streaming API not being usable without `DATABASE_URL` ([Gargron](https://github.com/mastodon/mastodon/pull/23960))
- Fix external authentication not running onboarding code for new users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23458))
## [4.1.8] - 2023-09-19
### Fixed
- Fix post edits not being forwarded as expected ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26936))
- Fix moderator rights inconsistencies ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26729))
- Fix crash when encountering invalid URL ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26814))
- Fix cached posts including stale stats ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26409))
- Fix uploading of video files for which `ffprobe` reports `0/0` average framerate ([NicolaiSoeborg](https://github.com/mastodon/mastodon/pull/26500))
- Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough ([yufushiro](https://github.com/mastodon/mastodon/pull/26608))
### Security
- Fix missing HTML sanitization in translation API (CVE-2023-42452, [GHSA-2693-xr3m-jhqr](https://github.com/mastodon/mastodon/security/advisories/GHSA-2693-xr3m-jhqr))
- Fix incorrect domain name normalization (CVE-2023-42451, [GHSA-v3xf-c9qf-j667](https://github.com/mastodon/mastodon/security/advisories/GHSA-v3xf-c9qf-j667))
## [4.1.7] - 2023-09-05
### Changed
- Change remote report processing to accept reports with long comments, but truncate them ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25028))
### Fixed
- **Fix blocking subdomains of an already-blocked domain** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26392))
- Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled ([danielmbrasil](https://github.com/mastodon/mastodon/pull/26237))
- Fix inefficiencies in `PlainTextFormatter` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26727))
## [4.1.6] - 2023-07-31
### Fixed
- Fix memory leak in streaming server ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26228))
- Fix wrong filters sometimes applying in streaming ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26159), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26213), [renchap](https://github.com/mastodon/mastodon/pull/26233))
- Fix incorrect connect timeout in outgoing requests ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26116))
## [4.1.5] - 2023-07-21
### Added
- Add check preventing Sidekiq workers from running with Makara configured ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25850))
### Changed
- Change request timeout handling to use a longer deadline ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26055))
### Fixed
- Fix moderation interface for remote instances with a .zip TLD ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25885))
- Fix remote accounts being possibly persisted to database with incomplete protocol values ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25886))
- Fix trending publishers table not rendering correctly on narrow screens ([vmstan](https://github.com/mastodon/mastodon/pull/25945))
### Security
- Fix CSP headers being unintentionally wide ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26105))
## [4.1.4] - 2023-07-07
### Fixed
- Fix branding:generate_app_icons failing because of disallowed ICO coder ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25794))
- Fix crash in admin interface when viewing a remote user with verified links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25796))
- Fix processing of media files with unusual names ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25788))
## [4.1.3] - 2023-07-06
### Added
- Add fallback redirection when getting a webfinger query `LOCAL_DOMAIN@LOCAL_DOMAIN` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23600))
### Changed
- Change OpenGraph-based embeds to allow fullscreen ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25058))
- Change AccessTokensVacuum to also delete expired tokens ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24868))
- Change profile updates to be sent to recently-mentioned servers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24852))
- Change automatic post deletion thresholds and load detection ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24614))
- Change `/api/v1/statuses/:id/history` to always return at least one item ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25510))
- Change auto-linking to allow carets in URL query params ([renchap](https://github.com/mastodon/mastodon/pull/25216))
### Removed
- Remove invalid `X-Frame-Options: ALLOWALL` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25070))
### Fixed
- Fix wrong view being displayed when a webhook fails validation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25464))
- Fix soft-deleted post cleanup scheduler overwhelming the streaming server ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25519))
- Fix incorrect pagination headers in `/api/v2/admin/accounts` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25477))
- Fix multiple inefficiencies in automatic post cleanup worker ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24607), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24785), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24840))
- Fix performance of streaming by parsing message JSON once ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25278), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25361))
- Fix CSP headers when `S3_ALIAS_HOST` includes a path component ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25273))
- Fix `tootctl accounts approve --number N` not approving N earliest registrations ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24605))
- Fix reports not being closed when performing batch suspensions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24988))
- Fix being able to vote on your own polls ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25015))
- Fix race condition when reblogging a status ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25016))
- Fix “Authorized applications” inefficiently and incorrectly getting last use date ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25060))
- Fix “Authorized applications” crashing when listing apps with certain admin API scopes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25713))
- Fix multiple N+1s in ConversationsController ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25134), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25399), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25499))
- Fix user archive takeouts when using OpenStack Swift ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24431))
- Fix searching for remote content by URL not working under certain conditions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25637))
- Fix inefficiencies in indexing content for search ([VyrCossont](https://github.com/mastodon/mastodon/pull/24285), [VyrCossont](https://github.com/mastodon/mastodon/pull/24342))
### Security
- Add finer permission requirements for managing webhooks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25463))
- Update dependencies
- Add hardening headers for user-uploaded files ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25756))
- Fix verified links possibly hiding important parts of the URL (CVE-2023-36462)
- Fix timeout handling of outbound HTTP requests (CVE-2023-36461)
- Fix arbitrary file creation through media processing (CVE-2023-36460)
- Fix possible XSS in preview cards (CVE-2023-36459)
## [4.1.2] - 2023-04-04
### Fixed
@ -87,7 +751,7 @@ All notable changes to this project will be documented in this file.
- Add instance activity API endpoint toggle back to the admin interface ([dariusk](https://github.com/mastodon/mastodon/pull/22833))
- Add setting for status page URL ([Gargron](https://github.com/mastodon/mastodon/pull/23390), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23499))
- REST API changes:
- Add `configuration.urls.status` attribute to the object returned by `GET /api/v1/instance`
- Add `configuration.urls.status` attribute to the object returned by `GET /api/v2/instance`
- Add `account.approved` webhook ([Saiv46](https://github.com/mastodon/mastodon/pull/22938))
- Add 12 hours option to polls ([Pleclown](https://github.com/mastodon/mastodon/pull/21131))
- Add dropdown menu item to open admin interface for remote domains ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21895))

View file

@ -1,8 +1,8 @@
# syntax=docker/dockerfile:1.4
# This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
ARG NODE_VERSION="16.20-bullseye-slim"
# This needs to be bookworm-slim because the Ruby image is built on bookworm-slim
ARG NODE_VERSION="20.6-bookworm-slim"
FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.2-slim as ruby
FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.3-slim as ruby
FROM node:${NODE_VERSION} as build
COPY --link --from=ruby /opt/ruby /opt/ruby
@ -17,10 +17,11 @@ COPY Gemfile* package.json yarn.lock /opt/mastodon/
# hadolint ignore=DL3008
RUN apt-get update && \
apt-get -yq dist-upgrade && \
apt-get install -y --no-install-recommends build-essential \
git \
libicu-dev \
libidn11-dev \
libidn-dev \
libpq-dev \
libjemalloc-dev \
zlib1g-dev \
@ -42,8 +43,8 @@ RUN apt-get update && \
FROM node:${NODE_VERSION}
# Use those args to specify your own version flags & suffixes
ARG MASTODON_VERSION_FLAGS=""
ARG MASTODON_VERSION_SUFFIX=""
ARG MASTODON_VERSION_PRERELEASE=""
ARG MASTODON_VERSION_METADATA=""
ARG UID="991"
ARG GID="991"
@ -64,13 +65,13 @@ RUN apt-get update && \
apt-get -y --no-install-recommends install whois \
wget \
procps \
libssl1.1 \
libssl3 \
libpq5 \
imagemagick \
ffmpeg \
libjemalloc2 \
libicu67 \
libidn11 \
libicu72 \
libidn12 \
libyaml-0-2 \
file \
ca-certificates \
@ -89,8 +90,8 @@ ENV RAILS_ENV="production" \
NODE_ENV="production" \
RAILS_SERVE_STATIC_FILES="true" \
BIND="0.0.0.0" \
MASTODON_VERSION_FLAGS="${MASTODON_VERSION_FLAGS}" \
MASTODON_VERSION_SUFFIX="${MASTODON_VERSION_SUFFIX}"
MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}"
# Set the run user
USER mastodon

View file

@ -27,4 +27,5 @@ More information on HTTP Signatures, as well as examples, can be found here: htt
- Linked-Data Signatures: https://docs.joinmastodon.org/spec/security/#ld
- Bearcaps: https://docs.joinmastodon.org/spec/bearcaps/
- Followers collection synchronization: https://git.activitypub.dev/ActivityPubDev/Fediverse-Enhancement-Proposals/src/branch/main/feps/fep-8fcf.md
- Followers collection synchronization: https://codeberg.org/fediverse/fep/src/branch/main/fep/8fcf/fep-8fcf.md
- Search indexing consent for actors: https://codeberg.org/fediverse/fep/src/branch/main/fep/5feb/fep-5feb.md

41
Gemfile
View file

@ -4,14 +4,13 @@ source 'https://rubygems.org'
ruby '>= 3.0.0'
gem 'puma', '~> 6.3'
gem 'rails', '~> 6.1.7'
gem 'rails', '~> 7.0'
gem 'sprockets', '~> 3.7.2'
gem 'thor', '~> 1.2'
gem 'rack', '~> 2.2.7'
gem 'haml-rails', '~>2.0'
gem 'pg', '~> 1.5'
gem 'makara', '~> 0.5'
gem 'pghero'
gem 'dotenv-rails', '~> 2.8'
@ -19,6 +18,7 @@ gem 'aws-sdk-s3', '~> 1.123', require: false
gem 'fog-core', '<= 2.4.0'
gem 'fog-openstack', '~> 0.3', require: false
gem 'kt-paperclip', '~> 7.2'
gem 'md-paperclip-azure', '~> 2.2', require: false
gem 'blurhash', '~> 0.1'
gem 'active_model_serializers', '~> 0.10'
@ -35,11 +35,14 @@ group :pam_authentication, optional: true do
end
gem 'net-ldap', '~> 0.18'
gem 'omniauth-cas', '~> 2.0'
gem 'omniauth-saml', '~> 1.10'
# TODO: Point back at released omniauth-cas gem when PR merged
# https://github.com/dlindahl/omniauth-cas/pull/68
gem 'omniauth-cas', github: 'stanhu/omniauth-cas', ref: '4211e6d05941b4a981f9a36b49ec166cecd0e271'
gem 'omniauth-saml', '~> 2.0'
gem 'omniauth_openid_connect', '~> 0.6.1'
gem 'omniauth', '~> 1.9'
gem 'omniauth-rails_csrf_protection', '~> 0.1'
gem 'omniauth', '~> 2.0'
gem 'omniauth-rails_csrf_protection', '~> 1.0'
gem 'color_diff', '~> 0.1'
gem 'discard', '~> 1.2'
@ -56,18 +59,18 @@ gem 'httplog', '~> 1.6.2'
gem 'idn-ruby', require: 'idn'
gem 'kaminari', '~> 1.2'
gem 'link_header', '~> 0.0'
gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar'
gem 'mime-types', '~> 3.5.0', require: 'mime/types/columnar'
gem 'nokogiri', '~> 1.15'
gem 'nsa'
gem 'oj', '~> 3.14'
gem 'ox', '~> 2.14'
gem 'parslet'
gem 'posix-spawn'
gem 'public_suffix', '~> 5.0'
gem 'pundit', '~> 2.3'
gem 'premailer-rails'
gem 'rack-attack', '~> 6.6'
gem 'rack-cors', '~> 2.0', require: 'rack/cors'
gem 'rails-i18n', '~> 6.0'
gem 'rails-i18n', '~> 7.0'
gem 'rails-settings-cached', '~> 0.6', git: 'https://github.com/mastodon/rails-settings-cached.git', branch: 'v0.6.6-aliases-true'
gem 'redcarpet', '~> 3.6'
gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
@ -99,9 +102,6 @@ gem 'rdf-normalize', '~> 0.5'
gem 'private_address_check', '~> 0.5'
group :test do
# RSpec runner for rails
gem 'rspec-rails', '~> 6.0'
# Used to split testing into chunks in CI
gem 'rspec_chunked', '~> 0.6'
@ -109,10 +109,14 @@ group :test do
gem 'fuubar', '~> 2.5'
# Extra RSpec extenion methods and helpers for sidekiq
gem 'rspec-sidekiq', '~> 3.1'
gem 'rspec-sidekiq', '~> 4.0'
# Browser integration testing
gem 'capybara', '~> 3.39'
gem 'selenium-webdriver'
# Used to reset the database between system tests
gem 'database_cleaner-active_record'
# Used to mock environment variables
gem 'climate_control', '~> 0.2'
@ -159,7 +163,7 @@ group :development do
gem 'letter_opener_web', '~> 2.0'
# Security analysis CLI tools
gem 'brakeman', '~> 5.4', require: false
gem 'brakeman', '~> 6.0', require: false
gem 'bundler-audit', '~> 0.9', require: false
# Linter CLI for HAML files
@ -173,10 +177,17 @@ group :development do
# Validate missing i18n keys
gem 'i18n-tasks', '~> 1.0', require: false
end
group :development, :test do
# Profiling tools
gem 'memory_profiler', require: false
gem 'ruby-prof', require: false
gem 'stackprof', require: false
gem 'test-prof'
# RSpec runner for rails
gem 'rspec-rails', '~> 6.0'
end
group :production do
@ -192,3 +203,5 @@ gem 'net-http', '~> 0.3.2'
gem 'rubyzip', '~> 2.3'
gem 'hcaptcha', '~> 7.1'
gem 'mail', '~> 2.8'

View file

@ -15,43 +15,60 @@ GIT
rails-settings-cached (0.6.6)
rails (>= 4.2.0)
GIT
remote: https://github.com/stanhu/omniauth-cas.git
revision: 4211e6d05941b4a981f9a36b49ec166cecd0e271
ref: 4211e6d05941b4a981f9a36b49ec166cecd0e271
specs:
omniauth-cas (2.0.0)
addressable (~> 2.3)
nokogiri (~> 1.5)
omniauth (>= 1.2, < 3)
GEM
remote: https://rubygems.org/
specs:
actioncable (6.1.7.4)
actionpack (= 6.1.7.4)
activesupport (= 6.1.7.4)
actioncable (7.0.8.4)
actionpack (= 7.0.8.4)
activesupport (= 7.0.8.4)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.1.7.4)
actionpack (= 6.1.7.4)
activejob (= 6.1.7.4)
activerecord (= 6.1.7.4)
activestorage (= 6.1.7.4)
activesupport (= 6.1.7.4)
actionmailbox (7.0.8.4)
actionpack (= 7.0.8.4)
activejob (= 7.0.8.4)
activerecord (= 7.0.8.4)
activestorage (= 7.0.8.4)
activesupport (= 7.0.8.4)
mail (>= 2.7.1)
actionmailer (6.1.7.4)
actionpack (= 6.1.7.4)
actionview (= 6.1.7.4)
activejob (= 6.1.7.4)
activesupport (= 6.1.7.4)
net-imap
net-pop
net-smtp
actionmailer (7.0.8.4)
actionpack (= 7.0.8.4)
actionview (= 7.0.8.4)
activejob (= 7.0.8.4)
activesupport (= 7.0.8.4)
mail (~> 2.5, >= 2.5.4)
net-imap
net-pop
net-smtp
rails-dom-testing (~> 2.0)
actionpack (6.1.7.4)
actionview (= 6.1.7.4)
activesupport (= 6.1.7.4)
rack (~> 2.0, >= 2.0.9)
actionpack (7.0.8.4)
actionview (= 7.0.8.4)
activesupport (= 7.0.8.4)
rack (~> 2.0, >= 2.2.4)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.1.7.4)
actionpack (= 6.1.7.4)
activerecord (= 6.1.7.4)
activestorage (= 6.1.7.4)
activesupport (= 6.1.7.4)
actiontext (7.0.8.4)
actionpack (= 7.0.8.4)
activerecord (= 7.0.8.4)
activestorage (= 7.0.8.4)
activesupport (= 7.0.8.4)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
actionview (6.1.7.4)
activesupport (= 6.1.7.4)
actionview (7.0.8.4)
activesupport (= 7.0.8.4)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
@ -61,28 +78,27 @@ GEM
activemodel (>= 4.1, < 7.1)
case_transform (>= 0.2)
jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
activejob (6.1.7.4)
activesupport (= 6.1.7.4)
activejob (7.0.8.4)
activesupport (= 7.0.8.4)
globalid (>= 0.3.6)
activemodel (6.1.7.4)
activesupport (= 6.1.7.4)
activerecord (6.1.7.4)
activemodel (= 6.1.7.4)
activesupport (= 6.1.7.4)
activestorage (6.1.7.4)
actionpack (= 6.1.7.4)
activejob (= 6.1.7.4)
activerecord (= 6.1.7.4)
activesupport (= 6.1.7.4)
activemodel (7.0.8.4)
activesupport (= 7.0.8.4)
activerecord (7.0.8.4)
activemodel (= 7.0.8.4)
activesupport (= 7.0.8.4)
activestorage (7.0.8.4)
actionpack (= 7.0.8.4)
activejob (= 7.0.8.4)
activerecord (= 7.0.8.4)
activesupport (= 7.0.8.4)
marcel (~> 1.0)
mini_mime (>= 1.1.0)
activesupport (6.1.7.4)
activesupport (7.0.8.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
zeitwerk (~> 2.3)
addressable (2.8.4)
addressable (2.8.5)
public_suffix (>= 2.0.2, < 6.0)
aes_key_wrap (1.1.0)
airbrussh (1.4.1)
@ -97,21 +113,31 @@ GEM
attr_required (1.0.1)
awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.780.0)
aws-sdk-core (3.175.0)
aws-partitions (1.809.0)
aws-sdk-core (3.181.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.5)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.67.0)
aws-sdk-core (~> 3, >= 3.174.0)
aws-sdk-kms (1.71.0)
aws-sdk-core (~> 3, >= 3.177.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.126.0)
aws-sdk-core (~> 3, >= 3.174.0)
aws-sdk-s3 (1.133.0)
aws-sdk-core (~> 3, >= 3.181.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sigv4 (1.5.2)
aws-sigv4 (~> 1.6)
aws-sigv4 (1.6.0)
aws-eventstream (~> 1, >= 1.0.2)
azure-storage-blob (2.0.3)
azure-storage-common (~> 2.0)
nokogiri (~> 1, >= 1.10.8)
azure-storage-common (2.0.4)
faraday (~> 1.0)
faraday_middleware (~> 1.0, >= 1.0.0.rc1)
net-http-persistent (~> 4.0)
nokogiri (~> 1, >= 1.10.8)
base64 (0.1.1)
bcp47_spec (0.2.1)
bcrypt (3.1.18)
better_errors (2.10.1)
erubi (>= 1.0.0)
@ -130,7 +156,7 @@ GEM
blurhash (0.1.7)
bootsnap (1.16.0)
msgpack (~> 1.2)
brakeman (5.4.1)
brakeman (6.0.1)
browser (5.3.1)
brpoplpush-redis_script (0.1.3)
concurrent-ruby (~> 1.0, >= 1.0.5)
@ -146,7 +172,7 @@ GEM
sshkit (>= 1.9.0)
capistrano-bundler (2.1.0)
capistrano (~> 3.1)
capistrano-rails (1.6.2)
capistrano-rails (1.6.3)
capistrano (~> 3.1)
capistrano-bundler (>= 1.1, < 3)
capistrano-rbenv (2.2.0)
@ -165,9 +191,9 @@ GEM
xpath (~> 3.2)
case_transform (0.2)
activesupport
cbor (0.5.9.6)
charlock_holmes (0.7.7)
chewy (7.3.2)
cbor (0.5.9.8)
charlock_holmes (0.7.8)
chewy (7.3.4)
activesupport (>= 5.2)
elasticsearch (>= 7.12.0, < 7.14.0)
elasticsearch-dsl
@ -175,7 +201,7 @@ GEM
climate_control (0.2.0)
cocoon (1.2.15)
color_diff (0.1)
concurrent-ruby (1.2.2)
concurrent-ruby (1.2.3)
connection_pool (2.4.1)
cose (1.3.0)
cbor (~> 0.5.9)
@ -185,7 +211,11 @@ GEM
crass (1.0.6)
css_parser (1.14.0)
addressable
date (3.3.3)
database_cleaner-active_record (2.1.0)
activerecord (>= 5.a)
database_cleaner-core (~> 2.0.0)
database_cleaner-core (2.0.1)
date (3.3.4)
debug_inspector (1.1.0)
devise (4.9.2)
bcrypt (~> 3.0)
@ -230,7 +260,7 @@ GEM
tzinfo
excon (0.100.0)
fabrication (2.30.0)
faker (3.2.0)
faker (3.2.1)
i18n (>= 1.8.11, < 2)
faraday (1.10.3)
faraday-em_http (~> 1.0)
@ -255,8 +285,10 @@ GEM
faraday-patron (1.0.0)
faraday-rack (1.0.0)
faraday-retry (1.0.3)
faraday_middleware (1.2.0)
faraday (~> 1.0)
fast_blank (1.0.1)
fastimage (2.2.7)
fastimage (2.3.1)
ffi (1.15.5)
ffi-compiler (1.0.1)
ffi (>= 1.0.0)
@ -282,7 +314,7 @@ GEM
ruby-progressbar (~> 1.4)
globalid (1.1.0)
activesupport (>= 5.0)
haml (6.1.1)
haml (6.1.2)
temple (>= 0.8.2)
thor
tilt
@ -291,11 +323,11 @@ GEM
activesupport (>= 5.1)
haml (>= 4.0.6)
railties (>= 5.1)
haml_lint (0.45.0)
haml_lint (0.50.0)
haml (>= 4.0, < 6.2)
parallel (~> 1.10)
rainbow
rubocop (>= 0.50.0)
rubocop (>= 1.0)
sysexits (~> 1.1)
hashdiff (1.0.1)
hashie (5.0.0)
@ -318,7 +350,7 @@ GEM
httplog (1.6.2)
rack (>= 2.0)
rainbow (>= 2.0.0)
i18n (1.14.1)
i18n (1.14.5)
concurrent-ruby (~> 1.0)
i18n-tasks (1.0.12)
activesupport (>= 4.0.2)
@ -335,19 +367,19 @@ GEM
ipaddress (0.8.3)
jmespath (1.6.2)
json (2.6.3)
json-canonicalization (0.3.2)
json-jwt (1.15.3)
json-canonicalization (1.0.0)
json-jwt (1.15.3.1)
activesupport (>= 4.2)
aes_key_wrap
bindata
httpclient
json-ld (3.2.5)
json-ld (3.3.1)
htmlentities (~> 4.3)
json-canonicalization (~> 0.3, >= 0.3.2)
json-canonicalization (~> 1.0)
link_header (~> 0.0, >= 0.0.8)
multi_json (~> 1.15)
rack (>= 2.2, < 4)
rdf (~> 3.2, >= 3.2.10)
rdf (~> 3.3)
json-ld-preloaded (3.2.2)
json-ld (~> 3.2)
rdf (~> 3.2)
@ -367,12 +399,13 @@ GEM
activerecord
kaminari-core (= 1.2.2)
kaminari-core (1.2.2)
kt-paperclip (7.2.0)
kt-paperclip (7.2.1)
activemodel (>= 4.2.0)
activesupport (>= 4.2.0)
marcel (~> 1.0.1)
mime-types
terrapin (~> 0.6.0)
language_server-protocol (3.17.0.3)
launchy (2.5.2)
addressable (~> 2.8)
letter_opener (1.8.1)
@ -386,12 +419,12 @@ GEM
llhttp-ffi (0.4.0)
ffi-compiler (~> 1.0)
rake (~> 13.0)
lograge (0.12.0)
lograge (0.13.0)
actionpack (>= 4)
activesupport (>= 4)
railties (>= 4)
request_store (~> 1.0)
loofah (2.21.3)
loofah (2.21.4)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
mail (2.8.1)
@ -399,56 +432,62 @@ GEM
net-imap
net-pop
net-smtp
makara (0.5.1)
activerecord (>= 5.2.0)
marcel (1.0.2)
marcel (1.0.4)
mario-redis-lock (1.2.1)
redis (>= 3.0.5)
matrix (0.4.2)
md-paperclip-azure (2.2.0)
addressable (~> 2.5)
azure-storage-blob (~> 2.0.1)
hashie (~> 5.0)
memory_profiler (1.0.1)
method_source (1.0.0)
mime-types (3.4.1)
mime-types (3.5.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2023.0218.1)
mini_mime (1.1.2)
mini_portile2 (2.8.2)
minitest (5.18.1)
mime-types-data (3.2023.0808)
mini_mime (1.1.5)
mini_portile2 (2.8.7)
minitest (5.19.0)
msgpack (1.7.1)
multi_json (1.15.0)
multipart-post (2.3.0)
net-http (0.3.2)
uri
net-imap (0.3.6)
net-http-persistent (4.0.2)
connection_pool (~> 2.2)
net-imap (0.3.7)
date
net-protocol
net-ldap (0.18.0)
net-pop (0.1.2)
net-protocol
net-protocol (0.2.1)
net-protocol (0.2.2)
timeout
net-scp (4.0.0)
net-ssh (>= 2.6.5, < 8.0.0)
net-smtp (0.3.3)
net-smtp (0.3.4)
net-protocol
net-ssh (7.1.0)
nio4r (2.5.9)
nokogiri (1.15.2)
nio4r (2.7.3)
nokogiri (1.16.6)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
oj (3.15.0)
omniauth (1.9.2)
nsa (0.3.0)
activesupport (>= 4.2, < 7.2)
concurrent-ruby (~> 1.0, >= 1.0.2)
sidekiq (>= 3.5)
statsd-ruby (~> 1.4, >= 1.4.0)
oj (3.16.1)
omniauth (2.1.1)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-cas (2.0.0)
addressable (~> 2.3)
nokogiri (~> 1.5)
omniauth (~> 1.2)
omniauth-rails_csrf_protection (0.1.2)
rack (>= 2.2.3)
rack-protection
omniauth-rails_csrf_protection (1.0.1)
actionpack (>= 4.2)
omniauth (>= 1.3.1)
omniauth-saml (1.10.3)
omniauth (~> 1.3, >= 1.3.2)
ruby-saml (~> 1.9)
omniauth (~> 2.0)
omniauth-saml (2.1.0)
omniauth (~> 2.0)
ruby-saml (~> 1.12)
omniauth_openid_connect (0.6.1)
omniauth (>= 1.9, < 3)
openid_connect (~> 1.1)
@ -467,7 +506,7 @@ GEM
openssl-signature_algorithm (1.3.0)
openssl (> 2.0)
orm_adapter (0.5.0)
ox (2.14.16)
ox (2.14.17)
parallel (1.23.0)
parser (3.2.2.3)
ast (~> 2.4.1)
@ -475,10 +514,9 @@ GEM
parslet (2.0.0)
pastel (0.8.0)
tty-color (~> 0.5)
pg (1.5.3)
pghero (3.3.3)
pg (1.5.5)
pghero (3.3.4)
activerecord (>= 6)
posix-spawn (0.3.15)
premailer (1.21.0)
addressable
css_parser (>= 1.12.0)
@ -488,17 +526,17 @@ GEM
net-smtp
premailer (~> 1.7, >= 1.7.9)
private_address_check (0.5.0)
public_suffix (5.0.1)
puma (6.3.0)
public_suffix (5.0.3)
puma (6.4.2)
nio4r (~> 2.0)
pundit (2.3.0)
activesupport (>= 3.0.0)
raabro (1.4.0)
racc (1.7.1)
rack (2.2.7)
rack-attack (6.6.1)
rack (>= 1.0, < 3)
rack-cors (2.0.1)
racc (1.7.3)
rack (2.2.9)
rack-attack (6.7.0)
rack (>= 1.0, < 4)
rack-cors (2.0.2)
rack (>= 2.0.0)
rack-oauth2 (1.21.3)
activesupport
@ -506,49 +544,53 @@ GEM
httpclient
json-jwt (>= 1.11.0)
rack (>= 2.1.0)
rack-protection (3.0.5)
rack
rack-proxy (0.7.6)
rack
rack-test (2.1.0)
rack (>= 1.3)
rails (6.1.7.4)
actioncable (= 6.1.7.4)
actionmailbox (= 6.1.7.4)
actionmailer (= 6.1.7.4)
actionpack (= 6.1.7.4)
actiontext (= 6.1.7.4)
actionview (= 6.1.7.4)
activejob (= 6.1.7.4)
activemodel (= 6.1.7.4)
activerecord (= 6.1.7.4)
activestorage (= 6.1.7.4)
activesupport (= 6.1.7.4)
rails (7.0.8.4)
actioncable (= 7.0.8.4)
actionmailbox (= 7.0.8.4)
actionmailer (= 7.0.8.4)
actionpack (= 7.0.8.4)
actiontext (= 7.0.8.4)
actionview (= 7.0.8.4)
activejob (= 7.0.8.4)
activemodel (= 7.0.8.4)
activerecord (= 7.0.8.4)
activestorage (= 7.0.8.4)
activesupport (= 7.0.8.4)
bundler (>= 1.15.0)
railties (= 6.1.7.4)
sprockets-rails (>= 2.0.0)
railties (= 7.0.8.4)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1)
activesupport (>= 5.0.1.rc1)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
rails-dom-testing (2.1.1)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.0)
loofah (~> 2.21)
nokogiri (~> 1.14)
rails-i18n (6.0.0)
rails-i18n (7.0.7)
i18n (>= 0.7, < 2)
railties (>= 6.0.0, < 7)
railties (6.1.7.4)
actionpack (= 6.1.7.4)
activesupport (= 6.1.7.4)
railties (>= 6.0.0, < 8)
railties (7.0.8.4)
actionpack (= 7.0.8.4)
activesupport (= 7.0.8.4)
method_source
rake (>= 12.2)
thor (~> 1.0)
zeitwerk (~> 2.5)
rainbow (3.1.1)
rake (13.0.6)
rdf (3.2.11)
rdf (3.3.1)
bcp47_spec (~> 0.2)
link_header (~> 0.0, >= 0.0.8)
rdf-normalize (0.6.0)
rdf-normalize (0.6.1)
rdf (~> 3.2)
redcarpet (3.6.0)
redis (4.8.1)
@ -562,8 +604,9 @@ GEM
responders (3.1.0)
actionpack (>= 5.2)
railties (>= 5.2)
rexml (3.2.5)
rotp (6.2.2)
rexml (3.3.5)
strscan
rotp (6.3.0)
rouge (4.1.2)
rpam2 (4.0.2)
rqrcode (2.2.0)
@ -586,19 +629,23 @@ GEM
rspec-expectations (~> 3.12)
rspec-mocks (~> 3.12)
rspec-support (~> 3.12)
rspec-sidekiq (3.1.0)
rspec-core (~> 3.0, >= 3.0.0)
sidekiq (>= 2.4.0)
rspec-support (3.12.0)
rspec-sidekiq (4.0.1)
rspec-core (~> 3.0)
rspec-expectations (~> 3.0)
rspec-mocks (~> 3.0)
sidekiq (>= 5, < 8)
rspec-support (3.12.1)
rspec_chunked (0.6)
rubocop (1.52.1)
rubocop (1.56.3)
base64 (~> 0.1.1)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.2.2.3)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
rexml (>= 3.2.5, < 4.0)
rubocop-ast (>= 1.28.0, < 2.0)
rubocop-ast (>= 1.28.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.29.0)
@ -607,17 +654,18 @@ GEM
rubocop (~> 1.41)
rubocop-factory_bot (2.23.1)
rubocop (~> 1.33)
rubocop-performance (1.18.0)
rubocop-performance (1.19.0)
rubocop (>= 1.7.0, < 2.0)
rubocop-ast (>= 0.4.0)
rubocop-rails (2.19.1)
rubocop-rails (2.20.2)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 1.33.0, < 2.0)
rubocop-rspec (2.22.0)
rubocop-rspec (2.23.2)
rubocop (~> 1.33)
rubocop-capybara (~> 2.17)
rubocop-factory_bot (~> 2.22)
ruby-prof (1.6.3)
ruby-progressbar (1.13.0)
ruby-saml (1.15.0)
nokogiri (>= 1.13.10)
@ -628,14 +676,18 @@ GEM
fugit (~> 1.1, >= 1.1.6)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sanitize (6.0.1)
sanitize (6.0.2)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
scenic (1.7.0)
activerecord (>= 4.0.0)
railties (>= 4.0.0)
selenium-webdriver (4.11.0)
rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2, < 3.0)
websocket (~> 1.0)
semantic_range (3.0.0)
sidekiq (6.5.9)
sidekiq (6.5.12)
connection_pool (>= 2.2.5, < 3)
rack (~> 2.0)
redis (>= 4.5.0, < 5)
@ -645,7 +697,7 @@ GEM
rufus-scheduler (~> 3.2)
sidekiq (>= 6, < 8)
tilt (>= 1.4.0)
sidekiq-unique-jobs (7.1.29)
sidekiq-unique-jobs (7.1.33)
brpoplpush-redis_script (> 0.1.1, <= 2.0.0)
concurrent-ruby (~> 1.0, >= 1.0.5)
redis (< 5.0)
@ -670,14 +722,16 @@ GEM
actionpack (>= 5.2)
activesupport (>= 5.2)
sprockets (>= 3.0.0)
sshkit (1.21.4)
sshkit (1.21.5)
net-scp (>= 1.1.2)
net-ssh (>= 2.8.0)
stackprof (0.2.25)
stoplight (3.0.1)
statsd-ruby (1.5.0)
stoplight (3.0.2)
redlock (~> 1.0)
strong_migrations (0.8.0)
activerecord (>= 5.2)
strscan (3.1.0)
swd (1.3.0)
activesupport (>= 3)
attr_required (>= 0.0.5)
@ -688,9 +742,10 @@ GEM
unicode-display_width (>= 1.1.1, < 3)
terrapin (0.6.0)
climate_control (>= 0.0.3, < 1.0)
thor (1.2.2)
test-prof (1.2.3)
thor (1.3.1)
tilt (2.2.0)
timeout (0.3.2)
timeout (0.4.1)
tpm-key_attestation (0.12.0)
bindata (~> 2.4)
openssl (> 2.0)
@ -737,7 +792,7 @@ GEM
webfinger (1.2.0)
activesupport
httpclient (>= 2.4)
webmock (3.18.1)
webmock (3.19.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
@ -746,14 +801,15 @@ GEM
rack-proxy (>= 0.6.1)
railties (>= 5.2)
semantic_range (>= 2.3.0)
websocket-driver (0.7.5)
websocket (1.2.9)
websocket-driver (0.7.6)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
wisper (2.0.1)
xorcist (1.1.3)
xpath (3.2.0)
nokogiri (~> 1.8)
zeitwerk (2.6.8)
zeitwerk (2.6.16)
PLATFORMS
ruby
@ -767,7 +823,7 @@ DEPENDENCIES
binding_of_caller (~> 1.0)
blurhash (~> 0.1)
bootsnap (~> 1.16.0)
brakeman (~> 5.4)
brakeman (~> 6.0)
browser
bundler-audit (~> 0.9)
capistrano (~> 3.17)
@ -782,6 +838,7 @@ DEPENDENCIES
color_diff (~> 0.1)
concurrent-ruby
connection_pool
database_cleaner-active_record
devise (~> 4.9)
devise-two-factor (~> 4.1)
devise_pam_authenticatable2 (~> 9.2)
@ -815,24 +872,25 @@ DEPENDENCIES
letter_opener_web (~> 2.0)
link_header (~> 0.0)
lograge (~> 0.12)
makara (~> 0.5)
mail (~> 2.8)
mario-redis-lock (~> 1.2)
md-paperclip-azure (~> 2.2)
memory_profiler
mime-types (~> 3.4.1)
mime-types (~> 3.5.0)
net-http (~> 0.3.2)
net-ldap (~> 0.18)
nokogiri (~> 1.15)
nsa
oj (~> 3.14)
omniauth (~> 1.9)
omniauth-cas (~> 2.0)
omniauth-rails_csrf_protection (~> 0.1)
omniauth-saml (~> 1.10)
omniauth (~> 2.0)
omniauth-cas!
omniauth-rails_csrf_protection (~> 1.0)
omniauth-saml (~> 2.0)
omniauth_openid_connect (~> 0.6.1)
ox (~> 2.14)
parslet
pg (~> 1.5)
pghero
posix-spawn
premailer-rails
private_address_check (~> 0.5)
public_suffix (~> 5.0)
@ -842,9 +900,9 @@ DEPENDENCIES
rack-attack (~> 6.6)
rack-cors (~> 2.0)
rack-test (~> 2.1)
rails (~> 6.1.7)
rails (~> 7.0)
rails-controller-testing (~> 1.0)
rails-i18n (~> 6.0)
rails-i18n (~> 7.0)
rails-settings-cached (~> 0.6)!
rdf-normalize (~> 0.5)
redcarpet (~> 3.6)
@ -852,17 +910,19 @@ DEPENDENCIES
redis-namespace (~> 1.10)
rqrcode (~> 2.2)
rspec-rails (~> 6.0)
rspec-sidekiq (~> 3.1)
rspec-sidekiq (~> 4.0)
rspec_chunked (~> 0.6)
rubocop
rubocop-capybara
rubocop-performance
rubocop-rails
rubocop-rspec
ruby-prof
ruby-progressbar (~> 1.13)
rubyzip (~> 2.3)
sanitize (~> 6.0)
scenic (~> 1.7)
selenium-webdriver
sidekiq (~> 6.5)
sidekiq-bulk (~> 0.2.0)
sidekiq-scheduler (~> 5.0)
@ -875,6 +935,7 @@ DEPENDENCIES
stackprof
stoplight (~> 3.0.1)
strong_migrations (~> 0.8)
test-prof
thor (~> 1.2)
tty-prompt (~> 0.23)
twitter-text (~> 3.1.0)

View file

@ -1,4 +1,4 @@
web: env PORT=3000 RAILS_ENV=development bundle exec puma -C config/puma.rb
sidekiq: env PORT=3000 RAILS_ENV=development bundle exec sidekiq
stream: env PORT=4000 yarn run start
webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0
webpack: bin/webpack-dev-server

116
README.md
View file

@ -1,111 +1,23 @@
<h1><picture>
<source media="(prefers-color-scheme: dark)" srcset="./lib/assets/wordmark.dark.png?raw=true">
<source media="(prefers-color-scheme: light)" srcset="./lib/assets/wordmark.light.png?raw=true">
<img alt="Mastodon" src="./lib/assets/wordmark.light.png?raw=true" height="34">
</picture></h1>
# Mastodon - Paravielfalt Edition
[![GitHub release](https://img.shields.io/github/release/mastodon/mastodon.svg)][releases]
[![Ruby Testing](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml/badge.svg)](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml)
[![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)][crowdin]
Dieses Repository enthält den Quellcode für [paravielfalt.zone](https://paravielfalt.zone).
[releases]: https://github.com/mastodon/mastodon/releases
[crowdin]: https://crowdin.com/project/mastodon
Die Instanz basiert auf Mastodon und ist vom offiziellen Quellcode-Repository geforkt: <https://github.com/mastodon/mastodon>.
Mastodon is a **free, open-source social network server** based on ActivityPub where users can follow friends and discover new ones. On Mastodon, users can publish anything they want: links, pictures, text, video. All Mastodon servers are interoperable as a federated network (users on one server can seamlessly communicate with users from another one, including non-Mastodon software that implements ActivityPub!)
## Änderungsübersicht
Click below to **learn more** in a video:
Gegenüber der Mastodon-Standardinstallation gibt es folgende Änderungen.
[![Screenshot](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/ezgif-2-60f1b00403.gif)][youtube_demo]
- Zeichenlimit von 500 auf 1500 Zeichen erhöht
[youtube_demo]: https://www.youtube.com/watch?v=IPSbNdBmWKE
[Vollständige Liste aller Änderungen](https://git.wir-sind-auch-menschen.de/paravielfalt/mastodon/compare/stable-4.1...paravielfalt-4.1).
## Navigation
## Neue Version bauen
- [Project homepage 🐘](https://joinmastodon.org)
- [Support the development via Patreon][patreon]
- [View sponsors](https://joinmastodon.org/sponsors)
- [Blog](https://blog.joinmastodon.org)
- [Documentation](https://docs.joinmastodon.org)
- [Roadmap](https://joinmastodon.org/roadmap)
- [Official Docker image](https://github.com/mastodon/mastodon/pkgs/container/mastodon)
- [Browse Mastodon servers](https://joinmastodon.org/communities)
- [Browse Mastodon apps](https://joinmastodon.org/apps)
```sh
git tag v4.2.0-pvz$(date '+%y%m%d%H%M')
```
[patreon]: https://www.patreon.com/mastodon
## Features
<img src="/app/javascript/images/elephant_ui_working.svg?raw=true" align="right" width="30%" />
### No vendor lock-in: Fully interoperable with any conforming platform
It doesn't have to be Mastodon; whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
### Real-time, chronological timeline updates
Updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
### Media attachments like images and short videos
Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos loop continuously!
### Safety and moderation tools
Mastodon includes private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
### OAuth2 and a straightforward REST API
Mastodon acts as an OAuth2 provider, so 3rd party apps can use the REST and Streaming APIs. This results in a rich app ecosystem with a lot of choices!
## Deployment
### Tech stack:
- **Ruby on Rails** powers the REST API and other web pages
- **React.js** and Redux are used for the dynamic parts of the interface
- **Node.js** powers the streaming API
### Requirements:
- **PostgreSQL** 9.5+
- **Redis** 4+
- **Ruby** 2.7+
- **Node.js** 14+
The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. For Helm charts, reference the [mastodon/chart repository](https://github.com/mastodon/chart). The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
A **Vagrant** configuration is included for development purposes. To use it, complete following steps:
- Install Vagrant and Virtualbox
- Install the `vagrant-hostsupdater` plugin: `vagrant plugin install vagrant-hostsupdater`
- Run `vagrant up`
- Run `vagrant ssh -c "cd /vagrant && foreman start"`
- Open `http://mastodon.local` in your browser
### Getting Started with GitHub Codespaces
To get started, create a codespace for this repository by clicking this 👇
[![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://github.com/codespaces/new?hide_repo_select=true&ref=main&repo=52281283)
A codespace will open in a web-based version of Visual Studio Code. The [dev container](.devcontainer/devcontainer.json) is fully configured with software needed for this project.
**Note**: Dev containers is an open spec which is supported by [GitHub Codespaces](https://github.com/codespaces) and [other tools](https://containers.dev/supporting).
## Contributing
Mastodon is **free, open-source software** licensed under **AGPLv3**.
You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository or submit translations using Crowdin. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
**IRC channel**: #mastodon on irc.libera.chat
## License
Copyright (C) 2016-2022 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
```sh
git push --tag
```

View file

@ -1,6 +1,8 @@
# frozen_string_literal: true
# Add your own tasks in files placed in lib/tasks ending in .rake,
# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
require File.expand_path('../config/application', __FILE__)
require File.expand_path('config/application', __dir__)
Rails.application.load_tasks

View file

@ -1,8 +1,11 @@
# Security Policy
If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can reach us at <security@joinmastodon.org>.
If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can either:
You should _not_ report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
- open a [Github security issue on the Mastodon project](https://github.com/mastodon/mastodon/security/advisories/new)
- reach us at <security@joinmastodon.org>
You should _not_ report such issues on public GitHub issues or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
## Scope
@ -12,7 +15,6 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through
| Version | Supported |
| ------- | --------- |
| 4.2.x | Yes |
| 4.1.x | Yes |
| 4.0.x | Yes |
| 3.5.x | Yes |
| < 3.5 | No |
| < 4.1 | No |

44
Vagrantfile vendored
View file

@ -60,6 +60,38 @@ sudo usermod -a -G rvm $USER
SCRIPT
$provisionElasticsearch = <<SCRIPT
# Install Elastic Search
sudo apt install openjdk-17-jre-headless -y
sudo wget -O /usr/share/keyrings/elasticsearch.asc https://artifacts.elastic.co/GPG-KEY-elasticsearch
sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
sudo apt update
sudo apt install elasticsearch -y
sudo systemctl daemon-reload
sudo systemctl enable --now elasticsearch
echo 'path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.seed_hosts: ["localhost"]
cluster.initial_master_nodes: ["node-1"]
xpack.security.enabled: false' > /etc/elasticsearch/elasticsearch.yml
sudo systemctl restart elasticsearch
# Install Kibana
sudo apt install kibana -y
sudo systemctl enable --now kibana
echo 'server.host: "0.0.0.0"
elasticsearch.hosts: ["http://localhost:9200"]' > /etc/kibana/kibana.yml
sudo systemctl restart kibana
SCRIPT
$provisionB = <<SCRIPT
source "/etc/profile.d/rvm.sh"
@ -102,10 +134,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.provider :virtualbox do |vb|
vb.name = "mastodon"
vb.customize ["modifyvm", :id, "--memory", "2048"]
# Increase the number of CPUs. Uncomment and adjust to
# increase performance
# vb.customize ["modifyvm", :id, "--cpus", "3"]
vb.customize ["modifyvm", :id, "--memory", "8192"]
vb.customize ["modifyvm", :id, "--cpus", "3"]
# Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
# https://github.com/mitchellh/vagrant/issues/1172
@ -141,9 +171,15 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.network :forwarded_port, guest: 3000, host: 3000
config.vm.network :forwarded_port, guest: 4000, host: 4000
config.vm.network :forwarded_port, guest: 8080, host: 8080
config.vm.network :forwarded_port, guest: 9200, host: 9200
config.vm.network :forwarded_port, guest: 9300, host: 9300
config.vm.network :forwarded_port, guest: 9243, host: 9243
config.vm.network :forwarded_port, guest: 5601, host: 5601
# Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
# Run with elevated privileges for Elasticsearch installation
config.vm.provision :shell, inline: $provisionElasticsearch, privileged: true
config.vm.provision :shell, inline: $provisionB, privileged: false
config.vm.post_up_message = <<MESSAGE

View file

@ -1,7 +1,9 @@
# frozen_string_literal: true
class AccountsIndex < Chewy::Index
settings index: { refresh_interval: '30s' }, analysis: {
include DatetimeClampingConcern
settings index: index_preset(refresh_interval: '30s'), analysis: {
filter: {
english_stop: {
type: 'stop',
@ -21,19 +23,20 @@ class AccountsIndex < Chewy::Index
analyzer: {
natural: {
tokenizer: 'uax_url_email',
tokenizer: 'standard',
filter: %w(
english_possessive_stemmer
lowercase
asciifolding
cjk_width
elision
english_possessive_stemmer
english_stop
english_stemmer
),
},
verbatim: {
tokenizer: 'whitespace',
tokenizer: 'standard',
filter: %w(lowercase asciifolding cjk_width),
},
@ -59,9 +62,9 @@ class AccountsIndex < Chewy::Index
field(:following_count, type: 'long')
field(:followers_count, type: 'long')
field(:properties, type: 'keyword', value: ->(account) { account.searchable_properties })
field(:last_status_at, type: 'date', value: ->(account) { account.last_status_at || account.created_at })
field(:last_status_at, type: 'date', value: ->(account) { clamp_date(account.last_status_at || account.created_at) })
field(:display_name, type: 'text', analyzer: 'verbatim') { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
field(:username, type: 'text', analyzer: 'verbatim', value: ->(account) { [account.username, account.domain].compact.join('@') }) { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
field(:text, type: 'text', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
field(:text, type: 'text', analyzer: 'verbatim', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
end
end

View file

@ -0,0 +1,14 @@
# frozen_string_literal: true
module DatetimeClampingConcern
extend ActiveSupport::Concern
MIN_ISO8601_DATETIME = '0000-01-01T00:00:00Z'.to_datetime.freeze
MAX_ISO8601_DATETIME = '9999-12-31T23:59:59Z'.to_datetime.freeze
class_methods do
def clamp_date(datetime)
datetime.clamp(MIN_ISO8601_DATETIME, MAX_ISO8601_DATETIME)
end
end
end

View file

@ -0,0 +1,12 @@
# frozen_string_literal: true
class InstancesIndex < Chewy::Index
settings index: index_preset(refresh_interval: '30s')
index_scope ::Instance.searchable
root date_detection: false do
field :domain, type: 'text', index_prefixes: { min_chars: 1, max_chars: 5 }
field :accounts_count, type: 'long'
end
end

View file

@ -0,0 +1,69 @@
# frozen_string_literal: true
class PublicStatusesIndex < Chewy::Index
include DatetimeClampingConcern
settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
filter: {
english_stop: {
type: 'stop',
stopwords: '_english_',
},
english_stemmer: {
type: 'stemmer',
language: 'english',
},
english_possessive_stemmer: {
type: 'stemmer',
language: 'possessive_english',
},
},
analyzer: {
verbatim: {
tokenizer: 'uax_url_email',
filter: %w(lowercase),
},
content: {
tokenizer: 'standard',
filter: %w(
lowercase
asciifolding
cjk_width
elision
english_possessive_stemmer
english_stop
english_stemmer
),
},
hashtag: {
tokenizer: 'keyword',
filter: %w(
word_delimiter_graph
lowercase
asciifolding
cjk_width
),
},
},
}
index_scope ::Status.unscoped
.kept
.indexable
.includes(:media_attachments, :preloadable_poll, :preview_cards, :tags)
root date_detection: false do
field(:id, type: 'long')
field(:account_id, type: 'long')
field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
field(:tags, type: 'text', analyzer: 'hashtag', value: ->(status) { status.tags.map(&:display_name) })
field(:language, type: 'keyword')
field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
end
end

View file

@ -1,75 +1,67 @@
# frozen_string_literal: true
class StatusesIndex < Chewy::Index
include FormattingHelper
include DatetimeClampingConcern
settings index: { refresh_interval: '30s' }, analysis: {
settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
filter: {
english_stop: {
type: 'stop',
stopwords: '_english_',
},
english_stemmer: {
type: 'stemmer',
language: 'english',
},
english_possessive_stemmer: {
type: 'stemmer',
language: 'possessive_english',
},
},
analyzer: {
content: {
verbatim: {
tokenizer: 'uax_url_email',
filter: %w(lowercase),
},
content: {
tokenizer: 'standard',
filter: %w(
english_possessive_stemmer
lowercase
asciifolding
cjk_width
elision
english_possessive_stemmer
english_stop
english_stemmer
),
},
hashtag: {
tokenizer: 'keyword',
filter: %w(
word_delimiter_graph
lowercase
asciifolding
cjk_width
),
},
},
}
# We do not use delete_if option here because it would call a method that we
# expect to be called with crutches without crutches, causing n+1 queries
index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preloadable_poll)
crutch :mentions do |collection|
data = ::Mention.where(status_id: collection.map(&:id)).where(account: Account.local, silent: false).pluck(:status_id, :account_id)
data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
end
crutch :favourites do |collection|
data = ::Favourite.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
end
crutch :reblogs do |collection|
data = ::Status.where(reblog_of_id: collection.map(&:id)).where(account: Account.local).pluck(:reblog_of_id, :account_id)
data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
end
crutch :bookmarks do |collection|
data = ::Bookmark.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
end
crutch :votes do |collection|
data = ::PollVote.joins(:poll).where(poll: { status_id: collection.map(&:id) }).where(account: Account.local).pluck(:status_id, :account_id)
data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
end
index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preview_cards, :local_mentioned, :local_favorited, :local_reblogged, :local_bookmarked, :tags, preloadable_poll: :local_voters), delete_if: ->(status) { status.searchable_by.empty? }
root date_detection: false do
field :id, type: 'long'
field :account_id, type: 'long'
field :text, type: 'text', value: ->(status) { status.searchable_text } do
field :stemmed, type: 'text', analyzer: 'content'
end
field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
field(:id, type: 'long')
field(:account_id, type: 'long')
field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
field(:tags, type: 'text', analyzer: 'hashtag', value: ->(status) { status.tags.map(&:display_name) })
field(:searchable_by, type: 'long', value: ->(status) { status.searchable_by })
field(:language, type: 'keyword')
field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
end
end

View file

@ -1,16 +1,27 @@
# frozen_string_literal: true
class TagsIndex < Chewy::Index
settings index: { refresh_interval: '30s' }, analysis: {
include DatetimeClampingConcern
settings index: index_preset(refresh_interval: '30s'), analysis: {
analyzer: {
content: {
tokenizer: 'keyword',
filter: %w(lowercase asciifolding cjk_width),
filter: %w(
word_delimiter_graph
lowercase
asciifolding
cjk_width
),
},
edge_ngram: {
tokenizer: 'edge_ngram',
filter: %w(lowercase asciifolding cjk_width),
filter: %w(
lowercase
asciifolding
cjk_width
),
},
},
@ -30,12 +41,9 @@ class TagsIndex < Chewy::Index
end
root date_detection: false do
field :name, type: 'text', analyzer: 'content' do
field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
end
field :reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? }
field :usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts }
field :last_status_at, type: 'date', value: ->(tag) { tag.last_status_at || tag.created_at }
field(:name, type: 'text', analyzer: 'content', value: :display_name) { field(:edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content') }
field(:reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? })
field(:usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts })
field(:last_status_at, type: 'date', value: ->(tag) { clamp_date(tag.last_status_at || tag.created_at) })
end
end

View file

@ -12,7 +12,7 @@ class AccountsController < ApplicationController
before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
skip_before_action :require_functional!, unless: :whitelist_mode?
skip_before_action :require_functional!, unless: :limited_federation_mode?
def show
respond_to do |format|

View file

@ -21,7 +21,7 @@ module Admin
account_action.save!
if account_action.with_report?
redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: params[:report_id])
redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: resource_params[:report_id])
else
redirect_to admin_account_path(@account.id)
end

View file

@ -25,6 +25,8 @@ class Admin::DomainAllowsController < Admin::BaseController
def destroy
authorize @domain_allow, :destroy?
UnallowDomainService.new.call(@domain_allow)
log_action :destroy, @domain_allow
redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.destroyed_msg')
end

View file

@ -40,7 +40,7 @@ module Admin
end
# Allow transparently upgrading a domain block
if existing_domain_block.present?
if existing_domain_block.present? && existing_domain_block.domain == TagManager.instance.normalize_domain(@domain_block.domain.strip)
@domain_block = existing_domain_block
@domain_block.assign_attributes(resource_params)
end

View file

@ -65,7 +65,7 @@ module Admin
end
def filtered_instances
InstanceFilter.new(whitelist_mode? ? { allowed: true } : filter_params).results
InstanceFilter.new(limited_federation_mode? ? { allowed: true } : filter_params).results
end
def filter_params

View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
module Admin
class SoftwareUpdatesController < BaseController
before_action :check_enabled!
def index
authorize :software_update, :index?
@software_updates = SoftwareUpdate.all.sort_by(&:gem_version)
end
private
def check_enabled!
not_found unless SoftwareUpdate.check_enabled?
end
end
end

View file

@ -8,7 +8,7 @@ class Api::BaseController < ApplicationController
include AccessTokenTrackingConcern
include ApiCachingConcern
skip_before_action :require_functional!, unless: :whitelist_mode?
skip_before_action :require_functional!, unless: :limited_federation_mode?
before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
before_action :require_not_suspended!
@ -150,7 +150,7 @@ class Api::BaseController < ApplicationController
end
def disallow_unauthenticated_api_access?
ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.whitelist_mode
ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.limited_federation_mode
end
private

View file

@ -30,6 +30,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
:bot,
:discoverable,
:hide_collections,
:indexable,
fields_attributes: [:name, :value]
)
end

View file

@ -25,6 +25,6 @@ class Api::V1::Accounts::NotesController < Api::BaseController
end
def relationships_presenter
AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
AccountRelationshipsPresenter.new([@account], current_user.account_id)
end
end

View file

@ -25,6 +25,6 @@ class Api::V1::Accounts::PinsController < Api::BaseController
end
def relationships_presenter
AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
AccountRelationshipsPresenter.new([@account], current_user.account_id)
end
end

View file

@ -5,11 +5,10 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
before_action :require_user!
def index
accounts = Account.without_suspended.where(id: account_ids).select('id')
@accounts = Account.without_suspended.where(id: account_ids).select(:id, :domain).to_a
# .where doesn't guarantee that our results are in the same order
# we requested them, so return the "right" order to the requestor.
@accounts = accounts.index_by(&:id).values_at(*account_ids).compact
render json: @accounts, each_serializer: REST::RelationshipSerializer, relationships: relationships
render json: @accounts.index_by(&:id).values_at(*account_ids).compact, each_serializer: REST::RelationshipSerializer, relationships: relationships
end
private

View file

@ -86,7 +86,7 @@ class Api::V1::AccountsController < Api::BaseController
end
def relationships(**options)
AccountRelationshipsPresenter.new([@account.id], current_user.account_id, **options)
AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
end
def account_params

View file

@ -29,10 +29,11 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
def create
authorize :domain_block, :create?
@domain_block = DomainBlock.new(resource_params)
existing_domain_block = resource_params[:domain].present? ? DomainBlock.rule_for(resource_params[:domain]) : nil
return render json: existing_domain_block, serializer: REST::Admin::ExistingDomainBlockErrorSerializer, status: 422 if existing_domain_block.present?
return render json: existing_domain_block, serializer: REST::Admin::ExistingDomainBlockErrorSerializer, status: 422 if conflicts_with_existing_block?(@domain_block, existing_domain_block)
@domain_block = DomainBlock.create!(resource_params)
@domain_block.save!
DomainBlockWorker.perform_async(@domain_block.id)
log_action :create, @domain_block
render json: @domain_block, serializer: REST::Admin::DomainBlockSerializer
@ -55,6 +56,10 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
private
def conflicts_with_existing_block?(domain_block, existing_domain_block)
existing_domain_block.present? && (existing_domain_block.domain == TagManager.instance.normalize_domain(domain_block.domain) || !domain_block.stricter_than?(existing_domain_block))
end
def set_domain_blocks
@domain_blocks = filtered_domain_blocks.order(id: :desc).to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
end

View file

@ -0,0 +1,74 @@
# frozen_string_literal: true
class Api::V1::Admin::TagsController < Api::BaseController
include Authorization
before_action -> { authorize_if_got_token! :'admin:read' }, only: [:index, :show]
before_action -> { authorize_if_got_token! :'admin:write' }, only: :update
before_action :set_tags, only: :index
before_action :set_tag, except: :index
after_action :insert_pagination_headers, only: :index
after_action :verify_authorized
LIMIT = 100
PAGINATION_PARAMS = %i(limit).freeze
def index
authorize :tag, :index?
render json: @tags, each_serializer: REST::Admin::TagSerializer
end
def show
authorize @tag, :show?
render json: @tag, serializer: REST::Admin::TagSerializer
end
def update
authorize @tag, :update?
@tag.update!(tag_params.merge(reviewed_at: Time.now.utc))
render json: @tag, serializer: REST::Admin::TagSerializer
end
private
def set_tag
@tag = Tag.find(params[:id])
end
def set_tags
@tags = Tag.all.to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
end
def tag_params
params.permit(:display_name, :trendable, :usable, :listable)
end
def insert_pagination_headers
set_pagination_headers(next_path, prev_path)
end
def next_path
api_v1_admin_tags_url(pagination_params(max_id: pagination_max_id)) if records_continue?
end
def prev_path
api_v1_admin_tags_url(pagination_params(min_id: pagination_since_id)) unless @tags.empty?
end
def pagination_max_id
@tags.last.id
end
def pagination_since_id
@tags.first.id
end
def records_continue?
@tags.size == limit_param(LIMIT)
end
def pagination_params(core_params)
params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
end
end

View file

@ -21,7 +21,7 @@ class Api::V1::BookmarksController < Api::BaseController
end
def results
@_results ||= account_bookmarks.joins(:status).eager_load(:status).to_a_paginated_by_id(
@results ||= account_bookmarks.joins(:status).eager_load(:status).to_a_paginated_by_id(
limit_param(DEFAULT_STATUSES_LIMIT),
params_slice(:max_id, :since_id, :min_id)
)

View file

@ -16,7 +16,9 @@ class Api::V1::DirectoriesController < Api::BaseController
end
def set_accounts
@accounts = accounts_scope.offset(params[:offset]).limit(limit_param(DEFAULT_ACCOUNTS_LIMIT))
with_read_replica do
@accounts = accounts_scope.offset(params[:offset]).limit(limit_param(DEFAULT_ACCOUNTS_LIMIT))
end
end
def accounts_scope

View file

@ -21,7 +21,7 @@ class Api::V1::FavouritesController < Api::BaseController
end
def results
@_results ||= account_favourites.joins(:status).eager_load(:status).to_a_paginated_by_id(
@results ||= account_favourites.joins(:status).eager_load(:status).to_a_paginated_by_id(
limit_param(DEFAULT_STATUSES_LIMIT),
params_slice(:max_id, :since_id, :min_id)
)

View file

@ -12,6 +12,10 @@ class Api::V1::FeaturedTags::SuggestionsController < Api::BaseController
private
def set_recently_used_tags
@recently_used_tags = Tag.recently_used(current_account).where.not(id: current_account.featured_tags).limit(10)
@recently_used_tags = Tag.recently_used(current_account).where.not(id: featured_tag_ids).limit(10)
end
def featured_tag_ids
current_account.featured_tags.pluck(:tag_id)
end
end

View file

@ -25,11 +25,11 @@ class Api::V1::FollowRequestsController < Api::BaseController
private
def account
Account.find(params[:id])
@account ||= Account.find(params[:id])
end
def relationships(**options)
AccountRelationshipsPresenter.new([params[:id]], current_user.account_id, **options)
AccountRelationshipsPresenter.new([account], current_user.account_id, **options)
end
def load_accounts

View file

@ -3,7 +3,7 @@
class Api::V1::Instances::ActivityController < Api::BaseController
before_action :require_enabled_api!
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
vary_by ''
@ -33,6 +33,6 @@ class Api::V1::Instances::ActivityController < Api::BaseController
end
def require_enabled_api!
head 404 unless Setting.activity_api_enabled && !whitelist_mode?
head 404 unless Setting.activity_api_enabled && !limited_federation_mode?
end
end

View file

@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Instances::DomainBlocksController < Api::BaseController
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
before_action :require_enabled_api!
before_action :set_domain_blocks

View file

@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
skip_around_action :set_locale
before_action :set_extended_description
@ -10,7 +10,7 @@ class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController
# Override `current_user` to avoid reading session cookies unless in whitelist mode
def current_user
super if whitelist_mode?
super if limited_federation_mode?
end
def show

View file

@ -0,0 +1,21 @@
# frozen_string_literal: true
class Api::V1::Instances::LanguagesController < Api::BaseController
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
skip_around_action :set_locale
before_action :set_languages
vary_by ''
def show
cache_even_if_authenticated!
render json: @languages, each_serializer: REST::LanguageSerializer
end
private
def set_languages
@languages = LanguagesHelper::SUPPORTED_LOCALES.keys.map { |code| LanguagePresenter.new(code) }
end
end

View file

@ -3,24 +3,24 @@
class Api::V1::Instances::PeersController < Api::BaseController
before_action :require_enabled_api!
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
skip_around_action :set_locale
vary_by ''
# Override `current_user` to avoid reading session cookies unless in whitelist mode
def current_user
super if whitelist_mode?
super if limited_federation_mode?
end
def index
cache_even_if_authenticated!
render_with_cache(expires_in: 1.day) { Instance.where.not(domain: DomainBlock.select(:domain)).pluck(:domain) }
render_with_cache(expires_in: 1.day) { Instance.searchable.pluck(:domain) }
end
private
def require_enabled_api!
head 404 unless Setting.peers_api_enabled && !whitelist_mode?
head 404 unless Setting.peers_api_enabled && !limited_federation_mode?
end
end

View file

@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Instances::PrivacyPoliciesController < Api::BaseController
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
before_action :set_privacy_policy

View file

@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Instances::RulesController < Api::BaseController
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
skip_around_action :set_locale
before_action :set_rules
@ -10,7 +10,7 @@ class Api::V1::Instances::RulesController < Api::BaseController
# Override `current_user` to avoid reading session cookies unless in whitelist mode
def current_user
super if whitelist_mode?
super if limited_federation_mode?
end
def index

View file

@ -1,7 +1,7 @@
# frozen_string_literal: true
class Api::V1::Instances::TranslationLanguagesController < Api::BaseController
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
before_action :set_languages

View file

@ -1,14 +1,14 @@
# frozen_string_literal: true
class Api::V1::InstancesController < Api::BaseController
skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
skip_around_action :set_locale
vary_by ''
# Override `current_user` to avoid reading session cookies unless in whitelist mode
def current_user
super if whitelist_mode?
super if limited_federation_mode?
end
def show

View file

@ -7,7 +7,10 @@ class Api::V1::MarkersController < Api::BaseController
before_action :require_user!
def index
@markers = current_user.markers.where(timeline: Array(params[:timeline])).index_by(&:timeline)
with_read_replica do
@markers = current_user.markers.where(timeline: Array(params[:timeline])).index_by(&:timeline)
end
render json: serialize_map(@markers)
end

View file

@ -9,8 +9,12 @@ class Api::V1::NotificationsController < Api::BaseController
DEFAULT_NOTIFICATIONS_LIMIT = 40
def index
@notifications = load_notifications
render json: @notifications, each_serializer: REST::NotificationSerializer, relationships: StatusRelationshipsPresenter.new(target_statuses_from_notifications, current_user&.account_id)
with_read_replica do
@notifications = load_notifications
@relationships = StatusRelationshipsPresenter.new(target_statuses_from_notifications, current_user&.account_id)
end
render json: @notifications, each_serializer: REST::NotificationSerializer, relationships: @relationships
end
def show

View file

@ -0,0 +1,47 @@
# frozen_string_literal: true
class Api::V1::Peers::SearchController < Api::BaseController
before_action :require_enabled_api!
before_action :set_domains
skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
skip_around_action :set_locale
vary_by ''
def index
cache_even_if_authenticated!
render json: @domains
end
private
def require_enabled_api!
head 404 unless Setting.peers_api_enabled && !limited_federation_mode?
end
def set_domains
return if params[:q].blank?
if Chewy.enabled?
@domains = InstancesIndex.query(function_score: {
query: {
prefix: {
domain: TagManager.instance.normalize_domain(params[:q].strip),
},
},
field_value_factor: {
field: 'accounts_count',
modifier: 'log2p',
},
}).limit(10).pluck(:domain)
else
domain = params[:q].strip
domain = TagManager.instance.normalize_domain(domain)
@domains = Instance.searchable.where(Instance.arel_table[:domain].matches("#{Instance.sanitize_sql_like(domain)}%", false, true)).limit(10).pluck(:domain)
end
rescue Addressable::URI::InvalidURIError
@domains = []
end
end

View file

@ -0,0 +1,13 @@
# frozen_string_literal: true
class Api::V1::Profile::AvatarsController < Api::BaseController
before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
before_action :require_user!
def destroy
@account = current_account
UpdateAccountService.new.call(@account, { avatar: nil }, raise_error: true)
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
render json: @account, serializer: REST::CredentialAccountSerializer
end
end

View file

@ -0,0 +1,13 @@
# frozen_string_literal: true
class Api::V1::Profile::HeadersController < Api::BaseController
before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
before_action :require_user!
def destroy
@account = current_account
UpdateAccountService.new.call(@account, { header: nil }, raise_error: true)
ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
render json: @account, serializer: REST::CredentialAccountSerializer
end
end

View file

@ -23,6 +23,6 @@ class Api::V1::ReportsController < Api::BaseController
end
def report_params
params.permit(:account_id, :comment, :category, :forward, status_ids: [], rule_ids: [])
params.permit(:account_id, :comment, :category, :forward, forward_to_domains: [], status_ids: [], rule_ids: [])
end
end

View file

@ -6,6 +6,7 @@ class Api::V1::ScheduledStatusesController < Api::BaseController
before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, except: [:update, :destroy]
before_action -> { doorkeeper_authorize! :write, :'write:statuses' }, only: [:update, :destroy]
before_action :require_user!
before_action :set_statuses, only: :index
before_action :set_status, except: :index

View file

@ -17,13 +17,16 @@ class Api::V1::Statuses::FavouritesController < Api::BaseController
if fav
@status = fav.status
count = [@status.favourites_count - 1, 0].max
UnfavouriteWorker.perform_async(current_account.id, @status.id)
else
@status = Status.find(params[:status_id])
count = @status.favourites_count
authorize @status, :show?
end
render json: @status, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, favourites_map: { @status.id => false })
relationships = StatusRelationshipsPresenter.new([@status], current_account.id, favourites_map: { @status.id => false }, attributes_map: { @status.id => { favourites_count: count } })
render json: @status, serializer: REST::StatusSerializer, relationships: relationships
rescue Mastodon::NotPermittedError
not_found
end

View file

@ -24,15 +24,18 @@ class Api::V1::Statuses::ReblogsController < Api::BaseController
if @status
authorize @status, :unreblog?
@reblog = @status.reblog
count = [@reblog.reblogs_count - 1, 0].max
@status.discard
RemovalWorker.perform_async(@status.id)
@reblog = @status.reblog
else
@reblog = Status.find(params[:status_id])
count = @reblog.reblogs_count
authorize @reblog, :show?
end
render json: @reblog, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, reblogs_map: { @reblog.id => false })
relationships = StatusRelationshipsPresenter.new([@status], current_account.id, reblogs_map: { @reblog.id => false }, attributes_map: { @reblog.id => { reblogs_count: count } })
render json: @reblog, serializer: REST::StatusSerializer, relationships: relationships
rescue Mastodon::NotPermittedError
not_found
end

View file

@ -4,11 +4,20 @@ class Api::V1::Statuses::TranslationsController < Api::BaseController
include Authorization
before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
before_action :require_user!
before_action :set_status
before_action :set_translation
rescue_from TranslationService::NotConfiguredError, with: :not_found
rescue_from TranslationService::UnexpectedResponseError, TranslationService::QuotaExceededError, TranslationService::TooManyRequestsError, with: :service_unavailable
rescue_from TranslationService::UnexpectedResponseError, with: :service_unavailable
rescue_from TranslationService::QuotaExceededError do
render json: { error: I18n.t('translation.errors.quota_exceeded') }, status: 503
end
rescue_from TranslationService::TooManyRequestsError do
render json: { error: I18n.t('translation.errors.too_many_requests') }, status: 503
end
def create
render json: @translation, serializer: REST::TranslationSerializer

View file

@ -2,7 +2,7 @@
class Api::V1::StreamingController < Api::BaseController
def index
if Rails.configuration.x.streaming_api_base_url == request.host
if same_host?
not_found
else
redirect_to streaming_api_url, status: 301, allow_other_host: true
@ -11,9 +11,16 @@ class Api::V1::StreamingController < Api::BaseController
private
def same_host?
base_url = Addressable::URI.parse(Rails.configuration.x.streaming_api_base_url)
request.host == base_url.host && request.port == (base_url.port || 80)
end
def streaming_api_url
Addressable::URI.parse(request.url).tap do |uri|
uri.host = Addressable::URI.parse(Rails.configuration.x.streaming_api_base_url).host
base_url = Addressable::URI.parse(Rails.configuration.x.streaming_api_base_url)
uri.host = base_url.host
uri.port = base_url.port
end.to_s
end
end

View file

@ -19,6 +19,7 @@ class Api::V1::TagsController < Api::BaseController
def unfollow
TagFollow.find_by(account: current_account, tag: @tag)&.destroy!
TagUnmergeWorker.perform_async(@tag.id, current_account.id)
render json: @tag, serializer: REST::TagSerializer
end

View file

@ -6,11 +6,14 @@ class Api::V1::Timelines::HomeController < Api::BaseController
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
def show
@statuses = load_statuses
with_read_replica do
@statuses = load_statuses
@relationships = StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
end
render json: @statuses,
each_serializer: REST::StatusSerializer,
relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id),
relationships: @relationships,
status: account_home_feed.regenerating? ? 206 : 200
end

View file

@ -1,6 +1,7 @@
# frozen_string_literal: true
class Api::V1::Timelines::PublicController < Api::BaseController
before_action -> { authorize_if_got_token! :read, :'read:statuses' }
before_action :require_user!, only: [:show], if: :require_auth?
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }

View file

@ -1,6 +1,8 @@
# frozen_string_literal: true
class Api::V1::Timelines::TagController < Api::BaseController
before_action -> { authorize_if_got_token! :read, :'read:statuses' }
before_action :require_user!, if: :require_auth?
before_action :load_tag
after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
@ -12,6 +14,10 @@ class Api::V1::Timelines::TagController < Api::BaseController
private
def require_auth?
!Setting.timeline_preview
end
def load_tag
@tag = Tag.find_normalized(params[:id])
end

View file

@ -34,11 +34,11 @@ class Api::V2::SearchController < Api::BaseController
params[:q],
current_account,
limit_param(RESULTS_LIMIT),
search_params.merge(resolve: truthy_param?(:resolve), exclude_unreviewed: truthy_param?(:exclude_unreviewed))
search_params.merge(resolve: truthy_param?(:resolve), exclude_unreviewed: truthy_param?(:exclude_unreviewed), following: truthy_param?(:following))
)
end
def search_params
params.permit(:type, :offset, :min_id, :max_id, :account_id)
params.permit(:type, :offset, :min_id, :max_id, :account_id, :following)
end
end

View file

@ -1,25 +1,36 @@
# frozen_string_literal: true
class Api::Web::EmbedsController < Api::Web::BaseController
before_action :require_user!
include Authorization
def create
status = StatusFinder.new(params[:url]).status
before_action :set_status
return not_found if status.hidden?
def show
return not_found if @status.hidden?
render json: status, serializer: OEmbedSerializer, width: 400
rescue ActiveRecord::RecordNotFound
oembed = FetchOEmbedService.new.call(params[:url])
if @status.local?
render json: @status, serializer: OEmbedSerializer, width: 400
else
return not_found unless user_signed_in?
return not_found if oembed.nil?
url = ActivityPub::TagManager.instance.url_for(@status)
oembed = FetchOEmbedService.new.call(url)
return not_found if oembed.nil?
begin
oembed[:html] = Sanitize.fragment(oembed[:html], Sanitize::Config::MASTODON_OEMBED)
rescue ArgumentError
return not_found
begin
oembed[:html] = Sanitize.fragment(oembed[:html], Sanitize::Config::MASTODON_OEMBED)
rescue ArgumentError
return not_found
end
render json: oembed
end
end
render json: oembed
def set_status
@status = Status.find(params[:id])
authorize @status, :show?
rescue Mastodon::NotPermittedError
not_found
end
end

View file

@ -10,6 +10,8 @@ class ApplicationController < ActionController::Base
include SessionTrackingConcern
include CacheConcern
include DomainControlHelper
include DatabaseHelper
include AuthorizedFetchHelper
helper_method :current_account
helper_method :current_session
@ -18,7 +20,7 @@ class ApplicationController < ActionController::Base
helper_method :use_seamless_external_login?
helper_method :omniauth_only?
helper_method :sso_account_settings
helper_method :whitelist_mode?
helper_method :limited_federation_mode?
helper_method :body_class_string
helper_method :skip_csrf_meta_tags?
@ -50,10 +52,6 @@ class ApplicationController < ActionController::Base
private
def authorized_fetch_mode?
ENV['AUTHORIZED_FETCH'] == 'true' || Rails.configuration.x.whitelist_mode
end
def public_fetch_mode?
!authorized_fetch_mode?
end

Some files were not shown because too many files have changed in this diff Show more