mastodon/app
Claire 4fb4721072
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
..
chewy Clamp dates when serializing to Elasticsearch API (#28081) 2023-12-04 15:28:15 +01:00
controllers Merge pull request from GHSA-58x8-3qxw-6hm7 2024-07-04 16:26:49 +02:00
helpers Merge pull request from GHSA-jhrq-qvrm-qr36 2024-02-16 11:56:12 +01:00
javascript Change registrations to be disabled by default for new servers (#29353) 2024-02-22 18:15:59 +01:00
lib Merge pull request from GHSA-vp5r-5pgw-jwqx 2024-07-04 16:11:28 +02:00
mailers Automatically switch from open to approved registrations in absence of moderators (#29337) 2024-02-22 14:39:42 +01:00
models Fix /admin/accounts/:account_id/statuses/:id for edited posts with media attachments (#30819) 2024-07-02 15:08:24 +02:00
policies Change min age of backup policy from 1 week to 6 days (#27200) 2023-10-10 13:52:41 +02:00
presenters Fix call to inefficient delete_matched cache method in domain blocks (#28367) 2023-12-19 11:27:37 +01:00
serializers Change PWA start URL from /home to / (#27377) 2024-06-18 15:37:41 +02:00
services fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) 2024-07-03 10:57:46 +02:00
validators Improve email address validation (#29838) 2024-05-17 12:30:00 +02:00
views Change registrations to be disabled by default for new servers (#29353) 2024-02-22 18:15:59 +01:00
workers Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316) 2024-05-29 16:39:26 +02:00