mirrors/mastodon
mirrors/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-05-18 18:08:09 +00:00
Code Issues Projects Releases Wiki Activity
12992 commits 83 branches 252 tags 972 MiB
Commit graph

12992 commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Claire b39fbe7c83 Update dependency nokogiri to 1.16.5 2024-05-17 12:30:07 +02:00
Claire c717b7da99 Update dependency puma to 5.6.8 2024-05-17 12:30:07 +02:00
Claire 13bbcdf4d4 Update dependency json-jwt to 1.15.3.1 2024-05-17 12:30:07 +02:00
Claire 3aec33f5a2 Fix off-by-one in tootctl media commands (#30306) 2024-05-17 12:30:07 +02:00
Emelia Smith 984d7d3dc8 Fix missing destory audit logs for Domain Allows (#30125) 2024-05-17 12:30:07 +02:00
Claire 33a50884e5 Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-17 12:30:07 +02:00
Claire 70c4d70dbe Fix Idempotency-Key ignored when scheduling a post (#30084) 2024-05-17 12:30:07 +02:00
Tim Rogers a6089cdfca Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-05-17 12:30:07 +02:00
Claire 5973d7a4b6 Remove caching in cache_collection (#29862) 2024-05-17 12:30:07 +02:00
Claire ba5551fd1d Improve email address validation (#29838) 2024-05-17 12:30:07 +02:00
Matt Jankowski 8ce403a85b Fix results/query in api/v1/featured_tags/suggestions (#29597) 2024-05-17 12:30:07 +02:00
Jeong Arm 3ff575f54c Normalize idna domain before account unblock domain (#29530) 2024-05-17 12:30:07 +02:00
Claire affbb10566 Fix admin account created by mastodon:setup not being auto-approved (#29379) 2024-05-17 12:30:07 +02:00
Emelia Smith 209632a0fd Return domain block digests from admin domain blocks API (#29092) 2024-05-17 12:30:07 +02:00
Claire 079d3e5189 Add fallback redirection when getting a webfinger query WEB_DOMAIN@WEB_DOMAIN (#28592) 2024-05-17 12:30:07 +02:00
Matt Jankowski 57b72cccc4 Fix reference to non-existent var in CLI maintenance command (#28363) 2024-05-17 12:30:07 +02:00
Claire 37adb144db
Fix auto close registration mail (#30323) 2024-05-16 11:52:02 +02:00
Claire 142dd34b68
Fix CI not actually running ruby tests in 4.1 branch (#30321) 2024-05-16 11:28:04 +02:00
Claire c2d8666bbf
Bump version to v4.1.16 (#29371) 2024-02-23 14:09:38 +01:00
Claire d3c4441af8
Fix processing of Link objects in Image objects (#29364) 2024-02-23 09:53:09 +01:00
Claire f0541adbd4
Fix link verifications when page size exceeds 1MB (#29362) 2024-02-22 19:12:57 +01:00
Claire 3fecb36739
Change registrations to be disabled by default for new servers (#29354) 2024-02-22 18:28:41 +01:00
Claire c7312411b8 Fix auto-close email being sent to users with devops permissions instead of settings permissions (#29356) 2024-02-22 18:28:28 +01:00
Claire 2fc87611be Automatically switch from open to approved registrations in absence of moderators (#29337) 2024-02-22 18:28:28 +01:00
Claire 1629ac4c81
Update dependencies (#29350) 2024-02-22 14:52:07 +01:00
Claire 54ae3d5ca5
Add basic CI to 4.1 branch (#29351) 2024-02-22 14:38:11 +01:00
Claire b7b03e8d26 Bump version to v4.1.15 2024-02-16 11:57:15 +01:00
Claire a07fff079b
Merge pull request from GHSA-jhrq-qvrm-qr36 
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
 2024-02-16 11:56:12 +01:00
Claire 6f29d50aa5 Update dependency pg to 1.5.5 2024-02-16 09:42:31 +01:00
Claire 9e5af6bb58 Fix user creation failure handling in OAuth paths (#29207) 
Co-authored-by: Matt Jankowski <matt@jankowski.online>
 2024-02-14 23:16:39 +01:00
Claire 6499850ac4 Bump version to v4.1.14 2024-02-14 15:16:55 +01:00
Claire 6f36b633a7
Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-14 15:16:07 +01:00
Claire d807b3960e
Merge pull request from GHSA-7w3c-p9j8-mq3x 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
 2024-02-14 15:15:34 +01:00
Claire 2f6518cae2 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:17:55 +01:00
Emelia Smith cdbe2855f3 Disable administrative doorkeeper routes (#29187) 2024-02-14 11:34:46 +01:00
blah fdde3cdb4e Update dependency sidekiq-unique-jobs to 7.1.33 2024-02-14 11:34:46 +01:00
blah ce9c641d9a Update dependency nokogiri to 1.16.2 2024-02-14 11:26:27 +01:00
Claire 5799bc4af7
Merge pull request from GHSA-3fjr-858r-92rw 
* Fix insufficient origin validation

* Bump version to v4.1.13
 2024-02-01 15:56:46 +01:00
Claire fc4e2eca9f Bump version to v4.1.12 2024-01-24 15:31:06 +01:00
Claire 2e8943aecd Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-24 15:31:06 +01:00
Claire e6072a8d13 Fix error when processing remote files with unusually long names (#28823) 2024-01-24 15:31:06 +01:00
Claire 460e4fbdd6 Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-24 15:31:06 +01:00
Jonathan de Jong de60322711 Retry 401 errors on replies fetching (#28788) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-24 15:31:06 +01:00
Jeong Arm 90bb870680 Ignore RecordNotUnique errors in LinkCrawlWorker (#28748) 2024-01-24 15:31:06 +01:00
Claire 9292d998fe Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-24 15:31:06 +01:00
Claire 92643f48de Convert signature verification specs to request specs (#28443) 2024-01-24 15:31:06 +01:00
Claire 458620bdd4 Fix potential redirection loop of streaming endpoint (#28665) 2024-01-24 15:31:06 +01:00
Claire a1a71263e0 Fix streaming API redirection ignoring the port of streaming_api_base_url (#28558) 2024-01-24 15:31:06 +01:00
MitarashiDango 4c5575e8e0 Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-24 15:31:06 +01:00
Claire a2ddd849e2 Fix LinkCrawlWorker error when encountering empty OEmbed response (#28268) 2024-01-24 15:31:06 +01:00