mirrors/mastodon
mirrors/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-05-19 02:18:09 +00:00
Code Issues Projects Releases Wiki Activity
14525 commits 83 branches 252 tags 972 MiB
Commit graph

14525 commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Claire a8dd32102f Update dependency nokogiri to 1.16.5 2024-05-17 12:30:00 +02:00
Claire 6fc07ff31f Update dependency fastimage to 2.3.1 2024-05-17 12:30:00 +02:00
Claire 997b021b69 Update dependency rotp to 6.3.0 2024-05-17 12:30:00 +02:00
Claire 2865bfadaf Update dependency json-jwt to 1.15.3.1 2024-05-17 12:30:00 +02:00
Claire 8c72e80019 Update dependency rack-cors to 2.0.2 2024-05-17 12:30:00 +02:00
Claire 8cf78825a2 Fix off-by-one in tootctl media commands (#30306) 2024-05-17 12:30:00 +02:00
Emelia Smith 67b2e62331 Fix missing destory audit logs for Domain Allows (#30125) 2024-05-17 12:30:00 +02:00
Claire 56b7d1a7b6 Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) 2024-05-17 12:30:00 +02:00
Claire 51ef619140 Fix Idempotency-Key ignored when scheduling a post (#30084) 2024-05-17 12:30:00 +02:00
Tim Rogers e69780ec59 Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-05-17 12:30:00 +02:00
Claire c3be5a3d2e Remove caching in cache_collection (#29862) 2024-05-17 12:30:00 +02:00
Claire 86807e4799 Improve email address validation (#29838) 2024-05-17 12:30:00 +02:00
Matt Jankowski 0143c9d3e1 Fix results/query in api/v1/featured_tags/suggestions (#29597) 2024-05-17 12:30:00 +02:00
Jeong Arm ab3f9852f2 Normalize idna domain before account unblock domain (#29530) 2024-05-17 12:30:00 +02:00
Claire 7af69f5cf5 Fix admin account created by mastodon:setup not being auto-approved (#29379) 2024-05-17 12:30:00 +02:00
Emelia Smith f784213c64 Return domain block digests from admin domain blocks API (#29092) 2024-05-17 12:30:00 +02:00
Claire 6536d96d1b Add fallback redirection when getting a webfinger query WEB_DOMAIN@WEB_DOMAIN (#28592) 2024-05-17 12:30:00 +02:00
Matt Jankowski ed8e4bab4c Fix reference to non-existent var in CLI maintenance command (#28363) 2024-05-17 12:30:00 +02:00
Claire bdb6650ebc
Bump version to v4.2.8 (#29370) 2024-02-23 14:09:41 +01:00
Claire f3ad918950
Fix processing of Link objects in Image objects (#29363) 2024-02-23 09:53:04 +01:00
Claire 9a7802655f
Fix link verifications when page size exceeds 1MB (#29361) 2024-02-22 19:12:53 +01:00
Claire 328a9b8157
Change registrations to be disabled by default for new servers (#29353) 2024-02-22 18:15:59 +01:00
Claire 4fd22acb4a
Fix auto-close email being sent to users with devops permissions instead of settings permissions (#29356) 2024-02-22 18:15:38 +01:00
Claire 28b666b0d5
Automatically switch from open to approved registrations in absence of moderators (#29337) 2024-02-22 14:39:42 +01:00
Claire fbb07893b8
Update dependencies (#29346) 2024-02-22 13:25:53 +01:00
Claire c5d56de98d Fix linting failure 2024-02-16 13:57:04 +01:00
Claire 0e4e98fad1 Bump version to v4.2.7 2024-02-16 11:57:02 +01:00
Claire 15de520201
Merge pull request from GHSA-jhrq-qvrm-qr36 
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
 2024-02-16 11:56:12 +01:00
Claire 684f99908f Update dependency pg to 1.5.5 2024-02-16 09:19:35 +01:00
Claire e4ec4ce217
Update nsa gem to version 0.3.0 (#29065) (#29206) 
Co-authored-by: Matt Jankowski <matt@jankowski.online>
 2024-02-14 23:27:02 +01:00
Claire 870ee80fd3 Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 22:55:31 +01:00
Claire 76a37bd040 Fix OmniAuth tests (#29201) 2024-02-14 16:06:38 +01:00
Claire 7c8ca0c6d6 Bump version to v4.2.6 2024-02-14 15:16:34 +01:00
Claire f1700523f1
Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-14 15:16:07 +01:00
Claire 0b0c7af2c1
Merge pull request from GHSA-7w3c-p9j8-mq3x 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
 2024-02-14 15:15:34 +01:00
Claire 1a33d348d0 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:17:45 +01:00
Emelia Smith 6d43b63275 Disable administrative doorkeeper routes (#29187) 2024-02-14 11:03:21 +01:00
Claire ae2dce813a Update dependency sidekiq-unique-jobs to 7.1.33 2024-02-14 11:02:55 +01:00
Claire b7230cd759 Update dependency nokogiri to 1.16.2 2024-02-14 11:02:11 +01:00
Claire a6641f828b
Merge pull request from GHSA-3fjr-858r-92rw 
* Fix insufficient origin validation

* Bump version to v4.2.5
 2024-02-01 15:56:46 +01:00
Claire 4633bb8ce0 Bump version to v4.2.4 2024-01-24 15:31:13 +01:00
Claire 1ab050eb52 Change PostgreSQL version check to check for PostgreSQL 10+ 2024-01-24 15:31:13 +01:00
Claire 4eb98ef755 Ignore the devise-two-factor advisory as we have rate limits in place (#28733) 2024-01-24 15:31:13 +01:00
Claire 7a22999f92 Bump ruby version to 3.2.3 2024-01-24 15:31:13 +01:00
Claire c5c464804d Update dependency puma to v6.4.2 2024-01-24 15:31:13 +01:00
Claire 779237f054 Fix error when processing remote files with unusually long names (#28823) 2024-01-24 15:31:13 +01:00
Claire b377f82b1d Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-24 15:31:13 +01:00
Claire 6fe2a47357 Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-24 15:31:13 +01:00
Jonathan de Jong 2dbf176d23 Retry 401 errors on replies fetching (#28788) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-24 15:31:13 +01:00
Jeong Arm 499bc716a5 Ignore RecordNotUnique errors in LinkCrawlWorker (#28748) 2024-01-24 15:31:13 +01:00