Center the text itself in upload area #24029
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
As suggested in the issue, it may be fixed some other way down the road, like expanding the container instead of wrapping the text. |
Gargron
approved these changes
Mar 8, 2023
ClearlyClaire
pushed a commit
that referenced
this pull request
Mar 14, 2023
ClearlyClaire
pushed a commit
to ClearlyClaire/mastodon
that referenced
this pull request
Mar 14, 2023
ClearlyClaire
pushed a commit
that referenced
this pull request
Mar 16, 2023
noellabo
pushed a commit
to fedibird/mastodon
that referenced
this pull request
Mar 17, 2023
rhelmer
added a commit
to MozillaSocial/mastodon
that referenced
this pull request
Mar 20, 2023
* Skip double building on Dependabot branches (mastodon#24025) * Bump pg from 1.4.5 to 1.4.6 (mastodon#24001) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump yargs from 17.7.0 to 17.7.1 (mastodon#24002) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sidekiq-scheduler from 5.0.1 to 5.0.2 (mastodon#24004) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump rack from 2.2.6.2 to 2.2.6.3 (mastodon#23997) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump axios from 1.3.3 to 1.3.4 (mastodon#23996) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump utf-8-validate from 6.0.2 to 6.0.3 (mastodon#23992) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump omniauth_openid_connect from 0.6.0 to 0.6.1 (mastodon#23991) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump doorkeeper from 5.6.4 to 5.6.5 (mastodon#24009) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jest from 29.4.3 to 29.5.0 (mastodon#24003) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jest-environment-jsdom from 29.4.3 to 29.5.0 (mastodon#23998) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump rubocop from 1.45.1 to 1.48.0 (mastodon#23999) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump mkdirp from 2.1.3 to 2.1.5 (mastodon#23994) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump babel-jest from 29.4.3 to 29.5.0 (mastodon#24007) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add refreshing many accounts at once with "tootctl accounts refresh" (mastodon#23304) * Skip rebase-needed job for i10n branch (mastodon#24026) * Unescape HTML entities (mastodon#24019) * Explicitly set github repo in instance presenter spec (mastodon#24036) * Center the text itself in upload area (mastodon#24029) * Sync CI and Docker Compose image versions (mastodon#24053) * Bump puma from 6.1.0 to 6.1.1 (mastodon#24045) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Serializers spec coverage (mastodon#24017) * Coverage improvement round-out following up previous work (mastodon#23987) * Bump pghero from 3.1.0 to 3.2.0 (mastodon#24044) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump eslint from 8.33.0 to 8.35.0 (mastodon#24049) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Enable RSpec/FilePath (mastodon#23965) * Add basic search specs for chewy indexes (mastodon#24065) * Fix sidekiq jobs not triggering Elasticsearch index updates (mastodon#24046) * Enable Rubocop Performance/DeleteSuffix (mastodon#24077) * Prefer the stored location as after_sign_in_path in Omniauth Callback Controller (mastodon#24073) * Bump jsdom from 21.1.0 to 21.1.1 (mastodon#24090) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pghero from 3.2.0 to 3.3.0 (mastodon#24085) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Support the PROXY protocol through the PROXY_PROTO_V1 env variable (mastodon#24064) * Bump rack from 2.2.6.3 to 2.2.6.4 (mastodon#24097) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump rails from 6.1.7.2 to 6.1.7.3 (mastodon#24096) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump rubocop from 1.48.0 to 1.48.1 (mastodon#24095) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Push Docker images to Github Container Registry as well (mastodon#24101) * Skip Docker CI Login/Push on forks (mastodon#23564) * Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call (mastodon#24034) * Redirect users to SLO at the IdP after logging them out of Mastodon. (mastodon#24020) * Add spec for the CLI `version` task (mastodon#23978) * Update PostCSS dependencies (mastodon#23835) * Fix dashboard crash on ElasticSearch server error (mastodon#23751) * Fix incorrect post links in strikes when the account is remote (mastodon#23611) * Fix misleading error code when receiving invalid WebAuthn credentials (mastodon#23568) * Setup haml-lint CI with todo config (mastodon#23524) * Use Github Container Registry as the official container image source (mastodon#24113) * Skip pushing containers on forks (mastodon#24106) * Fix more haml-lint Rubocop (mastodon#24107) * Autofix Rubocop Style/PreferredHashMethods (mastodon#23851) * Bump rack-test from 2.0.2 to 2.1.0 (mastodon#24112) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Autofix Rubocop Style/RedundantArgument (mastodon#23798) * Bump immutable from 4.2.4 to 4.3.0 (mastodon#24088) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @babel/eslint-parser from 7.19.1 to 7.21.3 (mastodon#24109) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump eslint from 8.35.0 to 8.36.0 (mastodon#24089) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove `bullet` and `active_record_query_trace` gems (mastodon#24121) * Add `SENDFILE_HEADER` environment variable (mastodon#24123) * Bump @babel/core from 7.21.0 to 7.21.3 (mastodon#24111) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add cache headers to static files served through Rails (mastodon#24120) * Bump autoprefixer from 10.4.13 to 10.4.14 (mastodon#24108) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump sass from 1.58.3 to 1.59.3 (mastodon#24105) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Regen rubocop-todo without Max shadowing (mastodon#24076) * Refactor monkey-patching of `PrivateAddressCheck` (mastodon#24122) * Replace `Status#translatable?` with language matrix in separate endpoint (mastodon#24037) * New Crowdin updates (mastodon#23904) Co-authored-by: Yamagishi Kazutoshi <[email protected]> * Roll back unintentionally activated rubocop rules (mastodon#24132) Co-authored-by: Eugen Rochko <[email protected]> Co-authored-by: Nick Schonning <[email protected]> * Change user backups to use expiring URLs for download when possible (mastodon#24136) * Add warning for object storage misconfiguration (mastodon#24137) * Ignore additional Style/OptionalBooleanParameter (mastodon#24138) * Bump glob from 8.1.0 to 9.3.0 (mastodon#24110) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump rimraf from 4.1.2 to 4.4.0 (mastodon#24048) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Link to the Identity provider's account settings from the account settings (mastodon#24100) Co-authored-by: Claire <[email protected]> * Include config/ and update all rubcop deps (mastodon#23963) * Workaround the ActiveRecord / Marshal serialization bug on Ruby 3.2 (mastodon#24142) Co-authored-by: Jean Boussier <[email protected]> * Dedupe yarn.lock with yarn-deduplicate (mastodon#24119) * Revert "Dedupe yarn.lock with yarn-deduplicate" (mastodon#24155) * Upgrade redis-node to latest (mastodon#24154) * Webhooks for local status.create, status.update, account.update (mastodon#24133) --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Nick Schonning <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: 9p4 <[email protected]> Co-authored-by: Christian Schmidt <[email protected]> Co-authored-by: Matt Jankowski <[email protected]> Co-authored-by: Rodion Borisov <[email protected]> Co-authored-by: Claire <[email protected]> Co-authored-by: CSDUMMI <[email protected]> Co-authored-by: Renaud Chaput <[email protected]> Co-authored-by: Eugen Rochko <[email protected]> Co-authored-by: Yamagishi Kazutoshi <[email protected]> Co-authored-by: Jean byroot Boussier <[email protected]> Co-authored-by: Jean Boussier <[email protected]> Co-authored-by: Vyr Cossont <[email protected]>
rutvijmehta-harness
pushed a commit
to rutvijmehta-harness/mastodon
that referenced
this pull request
Mar 20, 2023
rutvijmehta-harness
added a commit
to rutvijmehta-harness/mastodon
that referenced
this pull request
Mar 20, 2023
Co-authored-by: Rodion Borisov <[email protected]>
arachnist
pushed a commit
to arachnist/mastodon
that referenced
this pull request
Apr 4, 2023
Roboron3042
pushed a commit
to Roboron3042/mastodon
that referenced
this pull request
Apr 16, 2023
noellabo
pushed a commit
to fedibird/mastodon
that referenced
this pull request
Apr 22, 2023
skerit
pushed a commit
to 11ways/mastodon
that referenced
this pull request
Jul 7, 2023
chasedream1129
added a commit
to monado-ren/mastodon
that referenced
this pull request
Aug 12, 2024
commit e9123ad691727ffec3672ff3912ef56e67c930ef Author: Claire <[email protected]> Date: Thu Feb 15 12:02:24 2024 +0100 Bump version to v3.5.19 commit c397c1a9e3090a0e879c15cafd48d5f1414b6836 Author: Claire <[email protected]> Date: Fri Feb 16 11:56:12 2024 +0100 Merge pull request from GHSA-jhrq-qvrm-qr36 * Fix insufficient Content-Type checking of fetched ActivityStreams objects * Allow JSON-LD documents with multiple profiles commit d509b6b3420d303728b13832d79b05d602dba4e2 Author: Claire <[email protected]> Date: Wed Feb 14 22:49:45 2024 +0100 Fix user creation failure handling in OmniAuth paths (#29207) Co-authored-by: Matt Jankowski <[email protected]> commit 44c265e4c7983e17bf7713db91938d95efd33046 Author: Claire <[email protected]> Date: Wed Feb 14 13:35:56 2024 +0100 Bump version to v3.5.18 commit 4a57e44809e33a8050c0062a244c351ab0871c71 Author: Claire <[email protected]> Date: Wed Feb 14 15:16:07 2024 +0100 Merge pull request from GHSA-vm39-j3vx-pch3 * Prevent different identities from a same SSO provider from accessing a same account * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true` * Rename methods to avoid confusion between OAuth and OmniAuth commit 47c6079d8da3810889f70166950a29af2c2f1333 Author: Claire <[email protected]> Date: Wed Feb 14 15:15:34 2024 +0100 Merge pull request from GHSA-7w3c-p9j8-mq3x * Ensure destruction of OAuth Applications notifies streaming Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens. * Ensure password resets revoke access to Streaming API * Improve performance of deleting OAuth tokens --------- Co-authored-by: Emelia Smith <[email protected]> commit 69205dff9a252f42f9a75bf5a247b1376f312895 Author: Claire <[email protected]> Date: Wed Feb 14 13:12:13 2024 +0100 Add `sidekiq_unique_jobs:delete_all_locks` task and disable `sidekiq-unique-jobs` UI by default (#29199) commit d187195f2ccaeab8786e62cf2ef3a499c1b54b7f Author: Emelia Smith <[email protected]> Date: Tue Feb 13 19:11:47 2024 +0100 Disable administrative doorkeeper routes (#29187) commit 3387868dd9841cfffdae875d3296cf0aae36dc2b Author: blah <blah@blah> Date: Wed Feb 14 10:58:36 2024 +0000 Update dependency sidekiq-unique-jobs to 7.1.33 commit 3ba6ed76ea07d2856f988689e62a76882e5c9d4d Author: blah <blah@blah> Date: Wed Feb 14 10:51:59 2024 +0000 Update dependency nokogiri to 1.16.2 commit b1ed009c65802b70c9b780f3c7c3a866cba72478 Author: Claire <[email protected]> Date: Thu Feb 1 15:56:46 2024 +0100 Merge pull request from GHSA-3fjr-858r-92rw * Fix insufficient origin validation * Bump version to v3.5.17 commit 35f21191ee9fa3a99af6c207d2fb42484d58f196 Author: Claire <[email protected]> Date: Mon Nov 27 15:00:52 2023 +0100 Bump version to v3.5.16 commit 2ffce0d5f7e43138fd19a1c1b7a31b0177ae00a3 Author: Claire <[email protected]> Date: Fri Oct 20 10:45:46 2023 +0200 Fix processing LDSigned activities from actors with unknown public keys (#27474) commit 688defd60d9a31d7a4f9052985119a88d810e436 Author: Claire <[email protected]> Date: Fri Nov 24 10:31:28 2023 +0100 Change GIF max matrix size error to explicitly mention GIF files (#27927) commit d9b05f6860a574d81d1fd9fc47ca3adabf0d70cc Author: Jonathan de Jong <[email protected]> Date: Fri Oct 27 16:55:00 2023 +0200 Have `Follow` activities bypass availability (#27586) Co-authored-by: Claire <[email protected]> commit f3fd8d869596da809448d5d0105e122e8ba3db22 Author: Claire <[email protected]> Date: Mon Nov 27 14:25:54 2023 +0100 Clamp dates when serializing to Elasticsearch API (#28081) commit 49693fe42f4528db4b41a2c346391016e9fe954a Author: Claire <[email protected]> Date: Mon Nov 6 10:28:14 2023 +0100 Fix incoming status creation date not being restricted to standard ISO8601 (#27655) commit 16262f815d7d120bd73ffb71740ffaea3771683b Author: Claire <[email protected]> Date: Mon Oct 30 23:32:25 2023 +0100 Fix posts from force-sensitized accounts being able to trend (#27620) commit d4e0a12b27aa01012c50ac7f0d4ba26085258990 Author: Claire <[email protected]> Date: Mon Oct 23 14:27:07 2023 +0200 Change Content-Security-Policy to be tighter on media paths (#26889) commit db59d8486bd12f7d32dd9785cbf2daf9115d0e16 Author: Claire <[email protected]> Date: Mon Oct 9 14:03:10 2023 +0200 Bump version to v3.5.15 commit 7fb3ee0bc67cd7078fa7558483121dbe08202d8a Author: Matt Jankowski <[email protected]> Date: Tue Oct 3 11:01:45 2023 -0400 Dont match mention in url query string (#25656) Co-authored-by: Claire <[email protected]> commit 9bd027823d91fe8cc9d3c63b19c649296e626e0d Author: David Aaron <[email protected]> Date: Tue Oct 3 02:48:57 2023 -0700 Change min age of backup policy from 1 week to 6 days (#27200) commit 57d4d460503fa9ad01670533296a84c7c3f49ff3 Author: Jakob Gillich <[email protected]> Date: Tue Oct 3 10:47:50 2023 +0200 Fix importer returning negative row estimates (#27258) commit c91116f7800fe622750c93ea7d51d5d72e143ed3 Author: Claire <[email protected]> Date: Thu Sep 28 13:41:24 2023 +0200 Fix filtering audit log for entries about disabling 2FA (#27186) commit f45b5f5006f59d895da158e65cecead37d9a5b38 Author: Essem <[email protected]> Date: Mon Sep 25 12:21:07 2023 -0500 Properly remove tIME chunk from PNG uploads (#27111) commit 47441e51f3749894ac5699abffdd1cc190c0256e Author: Claire <[email protected]> Date: Fri Oct 6 12:58:16 2023 +0200 Fix crash when filtering for “dormant” relationships (#27306) commit af02650322aad7468bfa7363f8232b0ae7151e6f Author: Claire <[email protected]> Date: Mon Sep 25 15:06:43 2023 +0200 Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116) commit 75346a71f7f4f0a3deb2841c19e6105a06f98f1e Author: Claire <[email protected]> Date: Tue Sep 19 12:49:15 2023 +0200 Bump version to v3.5.14 commit 49af3e26dc3a433922d78ae01be50549f29d1949 Author: Claire <[email protected]> Date: Wed Sep 6 16:40:19 2023 +0200 Fix moderator rights inconsistencies (#26729) commit 412c3e13ecae1bc9a6fd204b6e4018c5c4c2e6ba Author: Claire <[email protected]> Date: Wed Sep 6 12:17:51 2023 +0200 Fix crash when encountering invalid URL (#26814) commit 31c5e63a58923b9d227d90b48994ed48491dd52e Author: Claire <[email protected]> Date: Thu Aug 17 16:11:48 2023 +0200 Fix cached posts including stale stats (#26409) commit e8eeb746ac2d2ec635d46c9c07b73a56b4f2c77c Author: Nicolai Søborg <[email protected]> Date: Fri Aug 18 08:32:47 2023 +0200 Fix `frame_rate` for videos where `ffprobe` reports 0/0 (#26500) commit 0158c31c02b62f39add6f41f1584bf23a8dda047 Author: yufushiro <[email protected]> Date: Wed Aug 23 15:44:56 2023 +0900 Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (#26608) Co-authored-by: Claire <[email protected]> commit 9deb1781269fd817c930d38f916672bec3d566a8 Author: Claire <[email protected]> Date: Tue Sep 19 16:53:58 2023 +0200 Merge pull request from GHSA-v3xf-c9qf-j667 commit 8e6fe192258fab9df50cfa7c4c0f6c22a756868e Author: Claire <[email protected]> Date: Mon Sep 18 08:31:53 2023 +0200 Change Dockerfile to upgrade packages when building (#26931) Co-authored-by: Renaud Chaput <[email protected]> commit 4eb709ea7ea6b5bc1fcdbe1762dd3b7efcc07f6e Author: Claire <[email protected]> Date: Wed Sep 6 09:18:28 2023 +0200 Update actions for stable-3.5 (#26804) Co-authored-by: Renaud Chaput <[email protected]> commit 86a31fc0196f876f6671a883198fcc460bcd60c5 Author: Claire <[email protected]> Date: Tue Sep 5 17:46:39 2023 +0200 Fix Dockerfile installing incompatible npm version (#26803) commit 16e47e1aae55c0ead7207030ad8a554c18ff1250 Author: Claire <[email protected]> Date: Tue Sep 5 15:30:24 2023 +0200 Bump version to v3.5.13 commit dcffd6b3d76a5e9d420119d0730724d56f7fe968 Author: Emelia Smith <[email protected]> Date: Mon May 22 13:15:21 2023 +0200 Allow reports with long comments from remote instances, but truncate (#25028) commit 8de0f7e198b25741cd6cb849095520b88fab088d Author: Daniel M Brasil <[email protected]> Date: Thu Aug 31 08:53:24 2023 -0300 Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237) commit e37551421ee30ccd9e6a36e2ad4c88ddf5a1b3d8 Author: Claire <[email protected]> Date: Wed Aug 9 09:39:36 2023 +0200 Fix blocking subdomains of an already-blocked domain (#26392) commit 2e0eab9d18f1473654542f96ff9172cab0e8661e Author: Claire <[email protected]> Date: Wed Aug 30 17:36:16 2023 +0200 Change text extraction in `PlainTextFormatter` to be faster (#26727) commit ce75c175cdf12bdfdf8b84271b52989abe54cb50 Author: Claire <[email protected]> Date: Thu Aug 31 19:54:17 2023 +0200 Backport container build changes to the stable-3.5 branch (#26742) Co-authored-by: Renaud Chaput <[email protected]> commit a3d31ffc1ead2abe98a8b722b406a7574a14a915 Author: Claire <[email protected]> Date: Fri Jul 28 10:07:57 2023 +0200 Bump version to v3.5.12 commit 50f4af28b0f1fde03e1a57583bccc1387d6f08bf Author: Emelia Smith <[email protected]> Date: Fri Jul 28 12:06:29 2023 +0200 Fix: Streaming server memory leak in HTTP EventSource cleanup (#26228) commit e655b35d7e4ebf9c5a2ab6cb4bf4e950785cfee0 Author: Claire <[email protected]> Date: Sat Jul 22 20:42:31 2023 +0200 Fix incorrect connect timeout in outgoing requests (#26116) commit 80c00f4aa57fd21679fade777310422e55274c65 Author: Claire <[email protected]> Date: Fri Jul 21 14:33:34 2023 +0200 Bump version to v3.5.11 commit 1a0192537d11fb8932735c33f904e8fc4263356b Author: Claire <[email protected]> Date: Fri Jul 21 14:18:04 2023 +0200 Add check preventing Sidekiq workers from running with Makara configured (#25850) Co-authored-by: Eugen Rochko <[email protected]> commit 668cd00e130c152ed05b19f7d7f663d33790d9ac Author: Claire <[email protected]> Date: Fri Jul 21 14:14:10 2023 +0200 Fix testsuite failure introduced in last release commit 0bd52de49263af22d2fed02e9cec84fbeb3d6f9b Author: Claire <[email protected]> Date: Fri Jul 21 13:34:15 2023 +0200 Fix CSP headers being unintendedly wide (#26105) commit ced65ffbb48a37ca46c278156bc0987378bf0a8a Author: Claire <[email protected]> Date: Tue Jul 18 20:51:20 2023 +0200 Change request timeout handling to use a longer deadline (#26055) commit 6398fc0b66fad30112de9b4ea026436c4ebc9b32 Author: Claire <[email protected]> Date: Mon Jul 10 18:42:10 2023 +0200 Fix moderation interface for remote instances with a .zip TLD (#25885) commit 7709bbba65cb07158a74292542a2a6bf0b8452bb Author: Claire <[email protected]> Date: Mon Jul 10 18:42:19 2023 +0200 Fix remote accounts being possibly persisted to database with incomplete protocol values (#25886) commit 4f6d121b248dcc6b80a9d2597fb7b6ac73a50cf4 Author: Michael Stanclift <[email protected]> Date: Thu Jul 13 04:12:51 2023 -0500 Fix trending publishers table not rendering correctly on narrow screens (#25945) commit 687421ebbe3a8245c2fd2b7fe9bf8c325e9f3bb2 Author: Claire <[email protected]> Date: Fri Jul 7 18:56:11 2023 +0200 Bump version to v3.5.10 commit 517c4a8a7a96bd2f16e369fa794575c30be370c8 Author: Claire <[email protected]> Date: Fri Jul 7 13:35:22 2023 +0200 Fix processing of media files with unusual names (#25788) commit dca0d8427e42e9a498b2c88b85660fef19d8fd1a Author: Claire <[email protected]> Date: Fri Jul 7 18:10:17 2023 +0200 Fix crash in admin interface when viewing a remote user with verified links (#25796) commit b10c974ba1952c545acff505bfd36feb0c60b000 Author: Claire <[email protected]> Date: Wed Jun 21 10:38:16 2023 +0200 Bump version to v3.5.9 commit ca4b23bf0d936f09f0bf60ab1055f6c2f0373dd9 Author: Claire <[email protected]> Date: Thu Jul 6 15:06:49 2023 +0200 Merge pull request from GHSA-55j9-c3mp-6fcq commit 32e5a9f053d4d59cd7cd782a889055295554a697 Author: Claire <[email protected]> Date: Thu Jul 6 15:06:24 2023 +0200 Merge pull request from GHSA-9pxv-6qvf-pjwc * Fix timeout handling of outbound HTTP requests * Use CLOCK_MONOTONIC instead of Time.now commit 987f9099947fdcd71e79d4908cdc4373eca92a85 Author: Claire <[email protected]> Date: Thu Jul 6 15:05:05 2023 +0200 Merge pull request from GHSA-9928-3cp5-93fm * Fix attachments getting processed despite failing content-type validation * Add a restrictive ImageMagick security policy tailored for Mastodon * Fix misdetection of MP3 files with large cover art * Reject unprocessable audio/video files instead of keeping them unchanged commit c02fa93c578d6578f39de689752c02dd92f3b079 Author: Claire <[email protected]> Date: Thu Jul 6 15:03:33 2023 +0200 Merge pull request from GHSA-ccm4-vgcc-73hp * Tighten allowed HTML in oEmbed-based preview cards * Sanitize preview cards at render time * Add `sandbox` attribute to preview card iframes commit c30901134654b759d06b8e5b16bf7f9608f199fc Author: Claire <[email protected]> Date: Wed Jun 21 14:18:04 2023 +0200 Add hardened headers to user-uploaded files commit 6b538225af099276a6113b40f3763b8cde6284fd Author: Claire <[email protected]> Date: Wed Jun 28 14:27:12 2023 +0200 Update rack, rails, nokogiri, omniauth, sanitize and doorkeeper gems commit 3c72c7b34e7cd5904bf0070d95201a2bd0fe7e54 Author: Renaud Chaput <[email protected]> Date: Thu Jun 1 12:14:49 2023 +0200 Allow carets in URL search params (#25216) commit 07f60ffcbbbaf661347cd3cd7098f20d3a3730f7 Author: Vyr Cossont <[email protected]> Date: Fri Mar 31 23:28:35 2023 -0700 Fix Redis client and type errors introduced in #24285 (#24342) commit c1467453f6e67e108308b4cba531eb013caed319 Author: Vyr Cossont <[email protected]> Date: Fri Mar 31 05:38:47 2023 -0700 IndexingScheduler: fetch and import in batches (#24285) Co-authored-by: Claire <[email protected]> commit 00e65a77df600330c4ae694616fb185e15b8835f Author: Emelia Smith <[email protected]> Date: Tue Jun 20 18:04:35 2023 +0200 Prevent UserCleanupScheduler from overwhelming streaming (#25519) commit f9521bc2b54dff1c616ef271024426776e9434e2 Author: Daniel M Brasil <[email protected]> Date: Mon Jun 19 03:53:05 2023 -0300 Fix incorrect pagination headers in `/api/v2/admin/accounts` (#25477) commit e4bff6cd76d8e615bd2d2ed0ba8250d5d2438c0f Author: Emelia Smith <[email protected]> Date: Sat Jun 10 18:24:37 2023 +0200 Fix logging of messages that are binary before closing their connection (#25361) commit 6f819c7071ed5fc810e4e5f0063f76185a41f4a0 Author: Emelia Smith <[email protected]> Date: Fri Jun 9 19:29:16 2023 +0200 Fix performance of streaming by parsing message JSON once (#25278) commit 4aa1c4e2ad1969376cb95336a7a86cacbe547c18 Author: Claire <[email protected]> Date: Mon Jun 5 17:35:05 2023 +0200 Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) commit 176ae71fd42fb4990c3a8660c3e710cd31b3686e Author: Daniel M Brasil <[email protected]> Date: Sun Apr 30 01:50:58 2023 -0300 Fix `tootctl accounts approve --number N` not aproving N earliest registrations (#24605) commit feac95333fbfc8ef54bd96a273f9454bc25a3ca8 Author: Claire <[email protected]> Date: Fri May 12 13:13:04 2023 +0200 Change profile updates to be sent to recently-mentioned servers (#24852) commit bb1e7e112e5e929388417e22828d3eb235151d20 Author: Claire <[email protected]> Date: Wed May 17 00:08:42 2023 +0200 Fix being able to vote on your own polls (#25015) commit e233060ea5d0cf7e5baf247e34a38119bc4bf903 Author: Claire <[email protected]> Date: Wed May 17 00:09:21 2023 +0200 Fix race condition when reblogging a status (#25016) commit 3faebae2d1a5f72bf93167b1fbb279406bb738de Author: Claire <[email protected]> Date: Mon May 22 12:25:56 2023 +0200 Change OpenGraph-based embeds to allow fullscreen (#25058) commit 95f59da1578272efee84f06375d6e77944a4d5b0 Author: Claire <[email protected]> Date: Mon May 22 14:03:38 2023 +0200 Fix “Authorized applications” inefficiently and incorrectly getting last use date (#25060) commit 6f94b4ae19144e6fbf625e47b821c1aacf391722 Author: Claire <[email protected]> Date: Tue May 23 14:27:17 2023 +0200 Remove invalid X-Frame-Options: ALLOWALL (#25070) commit 283184b390bdd9b8200fd2dac0c1abd2def25fca Author: Claire <[email protected]> Date: Tue May 23 15:00:36 2023 +0200 Change Identity to not destroy associated User on destroy (#25098) commit d54980ef2df2704c0a1698ce3de19eb4e3916be1 Author: Claire <[email protected]> Date: Tue Jun 20 18:32:26 2023 +0200 Fix /api/v1/conversations sometimes returning empty accounts (#25499) commit 08579976e02c582f4465e63b03e38e4b8886705f Author: Claire <[email protected]> Date: Wed Jun 14 08:54:52 2023 +0200 Fix ArgumentError when loading newer Private Mentions (#25399) commit ff3f40a675c1dcbf17e121b0d09ce65ea441d8a5 Author: Claire <[email protected]> Date: Thu Jun 1 02:41:51 2023 +0200 Fix multiple N+1s in ConversationsController (#25134) commit 0dce749192b1d7a1513bdf45b7eafa6181bac3b9 Author: Claire <[email protected]> Date: Wed Apr 5 19:31:49 2023 +0200 Fix user archive takeouts when using OpenStack Swift (#24431) commit 1bd831b9a9d288566ca38045f6410c771946634b Author: Claire <[email protected]> Date: Mon Mar 27 17:50:34 2023 +0200 Bump version to v3.5.8 commit 55144262d054a52b76baa9d077e235e5c61fac37 Author: Claire <[email protected]> Date: Mon Apr 3 15:47:04 2023 +0200 Fix unescaped user input in LDAP query (#24379) Fix CVE-2023-28853 commit 40438675f8ddf0a6e30af4edef63286f8026f2b5 Author: Claire <[email protected]> Date: Mon Apr 3 15:05:39 2023 +0200 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) commit 0f4c908b64c34d94936dad1cfa4b2e2d225285cc Author: Claire <[email protected]> Date: Fri Mar 31 21:42:28 2023 +0200 Fix invalid/expired invites being processed on sign-up (#24337) commit 3eb5b47768ec8387d3a0ec9ffd27ff777be18407 Author: Sai <[email protected]> Date: Fri Mar 31 15:42:59 2023 +0100 Upgrade Ruby to 3.0.6 (#24332) commit 520e9cc765b9b8263270f9e311b8beefd6b322f9 Author: Robert R George <[email protected]> Date: Wed Mar 29 00:58:27 2023 -0700 Wrap db:setup with Chewy.strategy(:mastodon) (#24302) commit d25493e26295d27af34441a5f120226f2c17eda9 Author: Claire <[email protected]> Date: Mon Mar 27 17:07:37 2023 +0200 Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) commit 3d67a9329ef9859559d8c9143227c493088a620a Author: Claire <[email protected]> Date: Mon Mar 20 20:02:58 2023 +0100 Fix crash in `tootctl` commands making use of parallelization when Elasticsearch is enabled (#24182) commit 547634dfa64a59012f37b60a6dd830bc4be76be4 Author: Claire <[email protected]> Date: Thu Mar 16 22:39:45 2023 +0100 Bump version to v3.5.7 commit f90daf58dbc09a492b65a281d2cf5b5c4f5055b6 Author: Claire <[email protected]> Date: Thu Mar 16 22:47:01 2023 +0100 Add warning for object storage misconfiguration (#24137) commit a42b48ea4e66f3081dc6c21c06ed98db94116c02 Author: Eugen Rochko <[email protected]> Date: Thu Mar 16 22:46:52 2023 +0100 Change user backups to use expiring URLs for download when possible (#24136) commit 251dd0b72b2ca6aafe6676c6dbcc81260b2c1355 Author: Claire <[email protected]> Date: Thu Mar 16 13:41:55 2023 +0100 Update changelog commit 18840cbc6ef4fd8e9c48b0053a9f9b68978f4ffc Author: Nick Schonning <[email protected]> Date: Wed Mar 15 11:43:44 2023 -0400 Skip pushing containers on forks (#24106) commit 727126255a043aec46d20cc07962771376b6d82b Author: Renaud Chaput <[email protected]> Date: Wed Mar 15 16:41:13 2023 +0100 Use Github Container Registry as the official container image source (#24113) commit 98d654b8bb59de4d412007b1864d1376394652c7 Author: Nick Schonning <[email protected]> Date: Tue Mar 14 22:43:49 2023 -0400 Skip Docker CI Login/Push on forks (#23564) commit 25c517144c294b4d3a3b85c6358aff15f8d4ed6e Author: Renaud Chaput <[email protected]> Date: Tue Mar 14 20:27:43 2023 +0100 Push Docker images to Github Container Registry as well (#24101) commit f036546c220fef1fccfdf816cfce1533262fb3af Author: Claire <[email protected]> Date: Wed Mar 15 04:15:20 2023 +0100 Fix misleading error code when receiving invalid WebAuthn credentials (#23568) commit 9256d653a5677fa726f0a93d0d5428d79c6020a7 Author: Claire <[email protected]> Date: Wed Mar 15 04:14:47 2023 +0100 Fix incorrect post links in strikes when the account is remote (#23611) commit d0c0808ad4ede98873e753df1543f33b0349f4be Author: Jeremy Kescher <[email protected]> Date: Mon Nov 7 02:40:17 2022 +0000 Add null check on application in dispute viewer (#19851) commit cb622b23b1465dfde7731a1f9bc82dd3fe51a561 Author: Claire <[email protected]> Date: Wed Mar 15 04:01:49 2023 +0100 Fix dashboard crash on ElasticSearch server error (#23751) commit fe866f8afb89e07e2fa72aaddccd6388f9ed4183 Author: Claire <[email protected]> Date: Tue Mar 14 10:34:16 2023 +0100 Update changelog commit a1e765991e416cdd5fb1ededa1ab0245c5062882 Author: Claire <[email protected]> Date: Fri Mar 3 20:44:46 2023 +0100 Add mail headers to avoid auto-replies (#23597) commit 76b9f4271291e0700680f182e94326f27f95390f Author: Claire <[email protected]> Date: Tue Feb 21 09:23:39 2023 +0100 Add `lang` tag to native language names in language picker (#23749) commit 708e590117c68c3c851c4eb7287cfa03c68a0ac0 Author: Claire <[email protected]> Date: Sun Mar 12 23:47:55 2023 +0100 Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) commit a717aa929cf6c60239266f45671862802e9f29ed Author: Rodion Borisov <[email protected]> Date: Thu Mar 9 16:35:44 2023 +0300 Center the text itself in upload area (#24029) commit bbb7c54367b8a284f5fcef8e910b50005e8ad197 Author: Claire <[email protected]> Date: Mon Mar 6 17:44:55 2023 +0100 Fix `/api/v1/streaming` sub-paths not being redirected (#23988) commit 282596a66e68e2ca5d7bef90c39fc50fe770d63a Author: Eugen Rochko <[email protected]> Date: Sun Mar 5 01:52:42 2023 +0100 Fix pgBouncer resetting application name on every transaction (#23958) commit e6f6fe6106709b2efd342e7ce7339f08c5fa0682 Author: Claire <[email protected]> Date: Fri Mar 3 21:13:55 2023 +0100 Fix original account being unfollowed on migration before the follow request could be sent (#21957) commit 86b1adf7d74b07b0fd99e923de59b8d7b44485df Author: Claire <[email protected]> Date: Mon Mar 6 16:00:08 2023 +0100 Fix unconfirmed accounts being registered as active users (#23803) commit 4beeec4e50169ef8c370e0a9793a2d303c5eb403 Author: Claire <[email protected]> Date: Fri Mar 3 20:36:18 2023 +0100 Fix server error when failing to follow back followers from `/relationships` (#23787) commit 3c44ba04112a5136ad56385868f30347fce392b4 Author: Claire <[email protected]> Date: Wed Feb 22 11:53:13 2023 +0100 Fix inefficiency when searching accounts per username in admin interface (#23801) commit 339d4fa61cf6a8e04a4b40b17dfb036adb9e5f86 Author: Dean Bassett <[email protected]> Date: Mon Feb 13 05:54:08 2023 -0800 Fix case-sensitive check for previously used hashtags (#23526) commit 62f0eab635da5ae94c9add6eb62b8f251409e77f Author: Claire <[email protected]> Date: Fri Mar 3 20:25:15 2023 +0100 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) commit 8c8d578e3884214dd4c8252f8f6fddb2e785aab8 Author: Claire <[email protected]> Date: Fri Feb 10 22:18:15 2023 +0100 Bump version to 3.5.6 (#23493) commit a8a3e86216a569cf8c0c48ff1b0c48069bc9a1e2 Author: Claire <[email protected]> Date: Fri Feb 10 22:16:47 2023 +0100 Fix unbounded recursion in post discovery (#23507) * Add a limit to how many posts can get fetched as a result of a single request * Add tests * Always pass `request_id` when processing `Announce` activities --------- Co-authored-by: nametoolong <[email protected]> commit be1caad9338157773ca91f7aee89d440347cf49b Author: Claire <[email protected]> Date: Thu Feb 9 21:02:09 2023 +0100 Fix REST API serializer for Account not including `moved` when the moved account has itself moved (#22483) (#23492) Instead of cutting immediately, cut after one recursion. commit 84a40824adb477f4956f49c64a0746f4f7048a3a Author: Claire <[email protected]> Date: Thu Feb 9 21:02:01 2023 +0100 Fix sanitizer parsing link text as HTML when stripping unsupported links (#22558) (#23491) commit 533bf92d21b9ca2dfe64dff597980bb4fb6578c4 Author: Claire <[email protected]> Date: Thu Feb 9 21:01:53 2023 +0100 Don't delivery a reply to domains which are blocked by author (#22117) (#23490) Co-authored-by: Jeong Arm <[email protected]> commit 6a2b48190c62ddf2d4f1278972f6897ed9da83e8 Author: Claire <[email protected]> Date: Thu Feb 9 21:01:45 2023 +0100 Log admin approve and reject account (#22088) (#23488) * Log admin approve and reject account * Add unit tests for approve and reject logging Co-authored-by: Francis Murillo <[email protected]> commit 6cbc5899905b47af82833f19882c4b57b0b4c34b Author: Claire <[email protected]> Date: Thu Feb 9 21:01:38 2023 +0100 Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note (#23318) (#23487) * Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note * Add tests commit a2bfb16cb82ad0549f4e7431cc0228dc5189108e Author: Claire <[email protected]> Date: Thu Feb 9 21:01:21 2023 +0100 Fix crash when marking statuses as sensitive while some statuses are deleted (#22134) (#23486) * Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments * Fix crash when marking statuses as sensitive while some statuses are deleted Fixes #21910 * Fix multiple strikes being created for a single report when selecting “Mark as sensitive” * Add tests commit cfc0507010108a2e862a07ab7e9707beb972b2db Author: Claire <[email protected]> Date: Thu Feb 9 20:57:31 2023 +0100 Fix attachments of edited statuses not being fetched (#21565) (#23485) * Fix attachments of edited statuses not being fetched * Fix tests commit eade64097c48eb24d78d42ddd47c6cabb6df7d5f Author: Claire <[email protected]> Date: Thu Feb 9 20:57:24 2023 +0100 Clear voter count when poll is reset (#21700) (#23484) When a poll is edited, we reset the poll and remove all previous votes. However, prior to this commit, the voter count on the poll was not reset. This leads to incorrect percentages being shown in poll results. Fixes #21696 Co-authored-by: afontenot <[email protected]> commit 1f0be21317295e1f3a47ace6454d5afcc502d077 Author: Claire <[email protected]> Date: Thu Feb 9 20:57:14 2023 +0100 Fix some performance issues with /admin/instances (#21907) (#23483) /admin/instances?availability=failing remains wholly unefficient commit 0ca877f08478c0acb6958a893fb7384c64b4c57c Author: Claire <[email protected]> Date: Thu Feb 9 20:57:06 2023 +0100 Fix possible race conditions when suspending/unsuspending accounts (#22363) (#23482) * Fix possible race conditions when suspending/unsuspending accounts * Fix tests Tests were assuming SuspensionWorker and UnsuspensionWorker would do the suspending/unsuspending themselves, but this has changed. commit cc233af129a8f183487dbd4a9562c0533b4e5513 Author: Claire <[email protected]> Date: Thu Feb 9 20:56:58 2023 +0100 Fix suspension worker crashing on S3-compatible setups without ACL support (#22487) (#23481) commit 83f1c6460aaa7ca6f8dc11fc03a6befa71c374c3 Author: Claire <[email protected]> Date: Thu Feb 9 20:56:49 2023 +0100 Fix changing domain block severity not undoing individual account effects (#22135) (#23480) * Fix changing domain block severity not undoing individual account effects Fixes #22133 * Add tests commit e26dd2ea8f2e911448578f5bc7a00ea877e3b668 Author: Claire <[email protected]> Date: Thu Feb 9 20:56:37 2023 +0100 Add `form-action` CSP directive (#23478) * Add form-action CSP directive (#20781) * Fix OAuth flow being broken by recent CSP change (#20958) * Fix form-action CSP directive for external login (#20962) commit da5d81c90dd6199d9f615ee48b579178284cf8f2 Author: Claire <[email protected]> Date: Thu Feb 9 18:34:19 2023 +0100 Fix CircleCI issues caused by Node and OpenSSL versions (#23489) Co-authored-by: mhkhung <[email protected]> commit ee66f5790f6bee17ba5d6876021ba8ffd1ef222b Author: Claire <[email protected]> Date: Thu Dec 15 19:21:17 2022 +0100 Fix unbounded recursion in account discovery (v3.5 backport) (#22026) * Fix trying to fetch posts from other users when fetching featured posts * Rate-limit discovery of new subdomains * Put a limit on recursively discovering new accounts commit 696f7b360882e71ff45b6ddafc8eea17184a0f31 Author: Claire <[email protected]> Date: Mon Nov 14 22:26:24 2022 +0100 Bump version to 3.5.5 commit b22e1476ca667e1ab83ab26a93203c3f253540af Author: Claire <[email protected]> Date: Mon Nov 14 22:14:55 2022 +0100 Fix nodes order being sometimes mangled when rewriting emoji (#20677) * Fix front-end emoji tests * Fix nodes order being sometimes mangled when rewriting emoji commit 105ab8242582c6df02e3693f4620793add5c84f6 Author: Claire <[email protected]> Date: Mon Nov 14 11:23:10 2022 +0100 Bump version to 3.5.4 commit 2dd8f977e84b67ed073a932accd2fbf4d2f38f3a Author: Claire <[email protected]> Date: Wed Nov 9 14:21:57 2022 +0100 Fix emoji substitution not applying only to text nodes in backend code Signed-off-by: Claire <[email protected]> commit 2db06e1d089404844b632b3a2164c4bd3af24424 Author: Claire <[email protected]> Date: Wed Nov 9 14:16:02 2022 +0100 Fix emoji substitution not applying only to text nodes in Web UI Signed-off-by: Claire <[email protected]> commit 063579373e401fdac72b856971ecc01b06065365 Author: Eugen Rochko <[email protected]> Date: Wed Oct 26 14:58:52 2022 +0200 Fix rate limiting for paths with formats commit 1659788de4aa12f78108defb7294a1a23fa363bf Author: Pierre Bourdon <[email protected]> Date: Fri Nov 11 07:45:16 2022 +0100 blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388) The Blurhash library used by Mastodon requires an input encoded as 24 bits raw RGB data. The conversion to raw RGB using Imagemagick did not previously specify the desired bit depth. In some situations, this leads Imagemagick to output in a pixel format using less bpp than expected. This then manifested as segfaults of the Sidekiq process due to out-of-bounds read, or potentially a (highly noisy) memory infoleak. Fixes #19235. commit 47eaf85f02e280db8c24cfc4f9bc5a34e99da49e Author: Claire <[email protected]> Date: Mon Jul 4 11:08:30 2022 +0200 Fix crash when a remote Flag activity mentions a private post (#18760) * Add tests * Fix crash when a remote Flag activity mentions a private post commit fbcbf7898f000d9d1a21d52e8a8d3ed4602aa7db Author: Eugen Rochko <[email protected]> Date: Thu May 26 23:26:15 2022 +0200 Bump version to 3.5.3 (#18530) commit 0a1992430db7a859b3b7faa3d9ce4f07734b5fd8 Author: Eugen Rochko <[email protected]> Date: Thu May 26 23:02:42 2022 +0200 Fix errors when rendering RSS feeds (#18531) commit 52f4e834f293c9fdbf5805639d022ac4e3856b75 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:14:47 2022 +0200 Fix concurrent unfollowing decrementing follower count more than once (#18527) commit 8a9acbe604667215c9589154d72b3f313755c210 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:08:12 2022 +0200 Fix being able to appeal a strike unlimited times (#18529) Peculiarity of the `has_one` association is that the convenience creation method deletes the previous association even if the new one is invalid commit c4d2c39a75eccdbc60c3540c259e1e7ea5881ac6 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:08:02 2022 +0200 Fix being able to report otherwise inaccessible statuses (#18528) commit 1ff4877945e18820f3e518a1cfbac243da65e1a5 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:06:10 2022 +0200 Fix empty votes arbitrarily increasing voters count in polls (#18526) commit 976cd6413e9b2a1531a2ad17945342deaeec538c Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:04:16 2022 +0200 Fix moderator leak in undo_mark_statuses_as_sensitive (#18525) Signed-off-by: Eugen Rochko <[email protected]> Co-authored-by: 40826d <[email protected]> commit 9f81b9f29a14093cefcdbf09058ace089cd8e06b Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:04:05 2022 +0200 Fix suspended users being able to access APIs that don't require a user (#18524) commit 96129c2f10a82520648f6ae04e585cf797403617 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:03:54 2022 +0200 Fix confirmation redirect to app without `Location` header (#18523) commit 3e0e7a1cfb617837ccada330afc13ed804c3c47b Author: Eugen Rochko <[email protected]> Date: Thu May 26 20:32:48 2022 +0200 Fix follower and other counters being able to go negative (#18517) commit 702b709d9a8df2ed65c54d32d585a4cf5fe13de1 Author: Yamagishi Kazutoshi <[email protected]> Date: Fri May 27 03:29:28 2022 +0900 Add ES6 compatibility to browserslist (#18519) commit d8abc0018f59ed63fb6c5fae2f6081c141a4b978 Author: Eugen Rochko <[email protected]> Date: Thu May 26 18:43:14 2022 +0200 Remove 3.3.x from supported versions in security policy (#18516) commit 088dc0ec5a383006952c0b15508af882a4c1109c Author: Eugen Rochko <[email protected]> Date: Thu May 26 18:05:47 2022 +0200 Fix regression in `tootctl search deploy` caused by unloaded attribute (#18514) commit a4fa9e23fc1ddb42452bb8f051a31894796c8002 Author: Eugen Rochko <[email protected]> Date: Thu May 26 17:55:05 2022 +0200 Change "dangerous" to "sensitive" in privacy policy and web UI (#18515) Fix #18470 commit 440eb71310e41d668f00980b73358edd5f8df043 Author: Claire <[email protected]> Date: Thu May 26 15:50:33 2022 +0200 Change unapproved and unconfirmed account to not be accessible in the REST API (#17530) * Change unapproved and unconfirmed account to not be accessible in the REST API * Change Account#searchable? to reject unconfirmed and unapproved users * Disable search for unapproved and unconfirmed users in Account.search_for * Disable search for unapproved and unconfirmed users in Account.advanced_search_for * Remove unconfirmed and unapproved accounts from Account.searchable scope * Prevent mentions to unapproved/unconfirmed accounts * Fix some old tests for Account.advanced_search_for * Add some Account.advanced_search_for tests for existing behaviors * Add some tests for Account.search_for * Add Account.advanced_search_for tests unconfirmed and unapproved accounts * Add Account.searchable tests * Fix Account.without_unapproved scope potentially messing with previously-applied scopes * Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup This is so that the API can still be used to check whether an username is free to use. commit 86f4dba47ef26aa8690354948c49009c3fd49960 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 09:16:19 2022 +0900 Bump @babel/preset-env from 7.17.12 to 7.18.2 (#18512) Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.17.12 to 7.18.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 77823333bb38a12705af486fa9b69cbd646dbd79 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 09:06:44 2022 +0900 Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.2 (#18511) Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.17.12 to 7.18.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-plugin-transform-runtime) --- updated-dependencies: - dependency-name: "@babel/plugin-transform-runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit ddddd4c043bd722b7e01a0595cd5f7a606fde281 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:41:07 2022 +0900 Bump immutable from 4.0.0 to 4.1.0 (#18502) Bumps [immutable](https://github.com/immutable-js/immutable-js) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/immutable-js/immutable-js/releases) - [Changelog](https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md) - [Commits](https://github.com/immutable-js/immutable-js/compare/v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: immutable dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 01db33165757042f3d95a6e372a9652b0223c5c2 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:06:55 2022 +0900 Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.0 (#18489) Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.17.12 to 7.18.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-plugin-transform-runtime) --- updated-dependencies: - dependency-name: "@babel/plugin-transform-runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 2bc5e41b8384b1c62832be2abead47670d169dfa Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:06:29 2022 +0900 Bump @babel/runtime from 7.17.9 to 7.18.0 (#18494) Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.17.9 to 7.18.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 4d48d83b0088f9e039691435407bd3d6e92e6f63 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:05:53 2022 +0900 Bump @babel/core from 7.17.12 to 7.18.0 (#18490) Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.12 to 7.18.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-core) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 25dda3061e4308a5005d3a2fef373acffc510a66 Author: Claire <[email protected]> Date: Thu May 26 00:20:30 2022 +0200 Fix unnecessary query on status creation (#17901) commit 96f29ce91ad622a0127bc3c3bf2dc503062ed0dc Author: Eugen Rochko <[email protected]> Date: Tue May 24 16:33:18 2022 +0200 New Crowdin updates (#18458) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations devise.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations doorkeeper.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.json (Esperanto) * New translations en.yml (Esperanto) * New translations en.json (Esperanto) * New translations doorkeeper.en.yml (Esperanto) * New translations en.json (Esperanto) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations simple_form.en.yml (Ido) * New translations en.json (Armenian) * New translations en.json (Armenian) * New translations en.json (Armenian) * New translations en.json (Scottish Gaelic) * New translations en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Russian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.yml (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.yml (Estonian) * New translations en.json (Estonian) * New translations en.yml (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.yml (Russian) * New translations en.yml (Russian) * New translations simple_form.en.yml (Russian) * New translations en.yml (Russian) * New translations simple_form.en.yml (Russian) * New translations en.json (Sorani (Kurdish)) * New translations en.json (Sorani (Kurdish)) * New translations en.json (Sorani (Kurdish)) * New translations activerecord.en.yml (Sorani (Kurdish)) * New translations doorkeeper.en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations doorkeeper.en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * Run `yarn manage:translations` * Run `bundle exec i18n-tasks normalize` Co-authored-by: Yamagishi Kazutoshi <[email protected]> commit e5997a195602624efdb366e9f09ffa377e859580 Author: Claire <[email protected]> Date: Mon May 23 20:38:29 2022 +0200 Fix warning an account outside of a report closing all reports for that account (#18387) * Fix warning an account outside of a report closing all reports for that account * Make it clear what actions solve other reports * Revert "Make it clear what actions solve other reports" This reverts commit ad006de821f72e75480701298d13f0945b509059. commit a9b64b24d6c076cb96a66307c07d4f0158dc07da Author: Eugen Rochko <[email protected]> Date: Sun May 22 22:16:43 2022 +0200 Change algorithm of `tootctl search deploy` to improve performance (#18463) commit 54bb659ad14fda8d3427752d2c99716420997d6e Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat May 21 15:43:36 2022 +0900 Bump sidekiq from 6.4.1 to 6.4.2 (#18091) Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.4.1 to 6.4.2. - [Release notes](https://github.com/mperham/sidekiq/releases) - [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md) - [Commits](https://github.com/mperham/sidekiq/compare/v6.4.1...v6.4.2) --- updated-dependencies: - dependency-name: sidekiq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit dfb9e6dab1b119c907dece5555408c9b98ec8f2c Author: Yamagishi Kazutoshi <[email protected]> Date: Fri May 20 11:39:05 2022 +0900 Disable transpile to older iOS versions (#18462) commit e925b06721057f83f2e3e8e7bdb21f39318b90a2 Author: Yamagishi Kazutoshi <[email protected]> Date: Fri May 20 02:26:19 2022 +0900 Fix languages dropdown on light theme (#18460) commit 9a0fa28993568cb3f106f0ea6457b0ff0f9a132e Author: Eugen Rochko <[email protected]> Date: Thu May 19 12:58:16 2022 +0200 New Crowdin updates (#18419) * New translations en.json (German) * New translations en.json (Welsh) * New translations en.json (Japanese) * New translations en.json (Korean) * New translations en.json (Turkish) * New translations en.json (Chinese Simplified) * New translations en.json (Vietnamese) * New translations en.json (Portuguese, Brazilian) * New translations en.json (Asturian) * New translations en.json (Irish) * New translations en.json (Arabic) * New translations en.json (Scottish Gaelic) * New translations en.json (Galician) * New translations en.json (Czech) * New translations en.json (Slovak) * New translations en.json (Icelandic) * New translations en.json (Sorani (Kurdish)) * New translations en.json (English, United Kingdom) * New translations en.json (Norwegian) * New translations en.json (Romanian) * New translations en.json (French) * New translations en.json (Spanish) * New translations en.json (Afrikaans) * New translations en.json (Bulgarian) * New translations en.json (Persian) * New translations en.json (Tamil) * New translations en.json (Malayalam) * New translations en.json (Silesian) * New translations en.json (Taigi) * New translations en.json (Ido) * New translations en.json (Kabyle) * New translations en.json (Sanskrit) * New translations en.json (Sardinian) * New translations en.json (Corsican) * New translations en.json (Kurmanji (Kurdish)) * New translations en.json (Serbian (Latin)) * New translations en.json (Occitan) * New translations en.json (Kannada) * New translations en.json (Cornish) * New translations en.json (Sinhala) * New translations en.json (Breton) * New translations en.json (Tatar) * New translations en.json (Spanish, Argentina) * New translations en.json (Kazakh) * New translations en.json (Spanish, Mexico) * New translations en.json (Bengali) * New translations en.json (Marathi) * New translations en.json (Thai) * New translations en.json (Croatian) * New translations en.json (Norwegian Nynorsk) * New translations en.json (Estonian) * New translations en.json (Chinese Traditional, Hong Kong) * New translations en.json (Latvian) * New translations en.json (Hindi) * New translations en.json (Malay) * New translations en.json (Telugu) * New translations en.json (Esperanto) * New translations en.json (Uyghur) * New translations en.json (Standard Moroccan Tamazight) * New translations en.yml (Icelandic) * New translations en.json (German) * New translations en.json (Turkish) * New translations en.json (Icelandic) * New translations en.json (Greek) * New translations en.json (Chinese Traditional) * New translations en.json (Catalan) * New translations en.json (Latvian) * New translations en.json (Czech) * New translations en.json (Indonesian) * New translations en.json (Korean) * New translations en.json (Russian) * New translations en.json (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (German) * New translations en.json (Spanish, Argentina) * New translations en.json (Spanish, Argentina) * New translations en.json (Danish) * New translations en.json (Chinese Simplified) * New translations en.json (Afrikaans) * New translations en.json (Ukrainian) * New translations en.json (Portuguese) * New translations en.yml (Italian) * New translations en.json (Italian) * New translations en.yml (Italian) * New translations en.json (Catalan) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (French) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Arabic) * New translations en.yml (Arabic) * New translations en.yml (Hungarian) * New translations en.json (Hungarian) * New translations en.yml (Galician) * New translations en.json (Galician) * New translations en.yml (Scottish Gaelic) * New translations en.yml (Ido) * New translations en.json (Scottish Gaelic) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Catalan) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Korean) * New translations en.json (Polish) * New translations en.yml (Ido) * New translations en.json (Czech) * New translations en.json (Hungarian) * New translations en.json (Spanish, Argentina) * New translations en.json (Ido) * New translations en.json (Russian) * New translations en.json (Latvian) * New translations en.yml (Russian) * New translations en.json (Russian) * New translations devise.en.yml (Russian) * New translations en.yml (Ido) * New translations en.json (Icelandic) * New translations en.json (Portuguese) * New translations en.yml (Ido) * New translations en.json (Catalan) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * Run `yarn manage:translations` * New translations en.json (Chinese Simplified) * New translations en.yml (Slovenian) * New translations en.json (Slovenian) * New translations en.json (Vietnamese) * New translations en.json (Chinese Traditional) * New translations en.json (Chinese Simplified) * New translations en.json (Spanish) * New translations en.json (Greek) * New translations en.json (Thai) * New translations en.json (Turkish) * New translations en.json (Turkish) * New translations en.json (Italian) * New translations en.json (Kurmanji (Kurdish)) * New translations en.yml (Japanese) * New translations en.json (Japanese) * New translations en.json (Afrikaans) * New translations en.yml (Basque) * New translations en.yml (German) * New translations en.json (German) * New translations en.yml (Esperanto) * New translations en.json (German) * New translations en.yml (Esperanto) * New translations en.yml (Esperanto) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Chinese Simplified) * New translations en.json (German) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Korean) * New translations en.yml (Galician) * New translations en.json (Galician) * New translations devise.en.yml (Galician) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Russian) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Chinese Simplified) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Kurmanji (Kurdish)) * New translations en.yml (Ido) * New translations en.json (Kurmanji (Kurdish)) * New translations en.yml (German) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Korean) * New translations en.json (Korean) * New translations simple_form.en.yml (Korean) * New translations en.yml (Korean) * New translations en.json (Ukrainian) * New translations en.yml (Arabic) * New translations en.json (Arabic) * New translations en.json (Arabic) * New translations en.json (Arabic) * New translations en.json (Arabic) * New translations en.json (Thai) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Russian) * New translations en.json (Portuguese, Brazilian) * New translations en.yml (Chinese Simplified) * New translations en.json (Chinese Simplified) * New translations simple_form.en.yml (Chinese Simplified) * New translations devise.en.yml (Chinese Simplified) * New translations en.yml (Ido) * New translations en.json (French) * New translations en.json (Indonesian) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Vietnamese) * New translations en.json (Esperanto) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations doorkeeper.en.yml (Portuguese, Brazilian) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * Run `yarn manage:translations` * Run `bundle exec i18n-tasks normalize` Co-authored-by: Yamagishi Kazutoshi <[email protected]> commit 679b7158e3cd3881e8cbaf2d2c0c97725b3b5fd9 Author: Eugen Rochko <[email protected]> Date: Wed May 18 23:29:14 2022 +0200 Change search indexing to use batches to minimize resource usage (#18451) commit ded5a0254a4d29a7384ef766a1e92467fe4ebd2b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:33:13 2022 +0900 Bump yargs from 17.4.1 to 17.5.1 (#18437) Bumps [yargs](https://github.com/yargs/yargs) from 17.4.1 to 17.5.1. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs/compare/v17.4.1...v17.5.1) --- updated-dependencies: - dependency-name: yargs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit ffc2971466417aafe778eddcb1510ea934cef973 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:30:31 2022 +0900 Bump dotenv from 16.0.0 to 16.0.1 (#18438) Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.0.0 to 16.0.1. - [Release notes](https://github.com/motdotla/dotenv/releases) - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](https://github.com/motdotla/dotenv/compare/v16.0.0...v16.0.1) --- updated-dependencies: - dependency-name: dotenv dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit a918a76bfbdd300e3ef549307706bdfa630f824b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:29:53 2022 +0900 Bump glob from 8.0.1 to 8.0.3 (#18440) Bumps [glob](https://github.com/isaacs/node-glob) from 8.0.1 to 8.0.3. - [Release notes](https://github.com/isaacs/node-glob/releases) - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](https://github.com/isaacs/node-glob/compare/v8.0.1...v8.0.3) --- updated-dependencies: - dependency-name: glob dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 6b4e2d5ce686140797dd207b1ba932a86665262f Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:27:55 2022 +0900 Bump rubocop from 1.28.2 to 1.29.1 (#18433) Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.28.2 to 1.29.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.28.2...v1.29.1) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 6048eeed045693be63ad34dc97e98f7b2e519a70 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:27:02 2022 +0900 Bump faker from 2.20.0 to 2.21.0 (#18434) Bumps [faker](https://github.com/faker-ruby/faker) from 2.20.0 to 2.21.0. - [Release notes](https://github.com/faker-ruby/faker/releases) - [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md) - [Commits](https://github.com/faker-ruby/faker/compare/v2.20.0...v2.21.0) --- updated-dependencies: - dependency-name: faker dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 1a880533acb1a8b6ee11db357d8cb8864f0e05e3 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed May 18 21:25:23 2022 +0900 Bump @babel/preset-env from 7.17.10 to 7.17.12 (#18443) Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.17.10 to 7.17.12. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.17.12/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yamagishi Kazutoshi <[email protected]> commit d842f645d11e99521d1c27a13ce53f97de357d52 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed May 18 21:16:16 2022 +0900 Bump @babel/plugin-proposal-decorators from 7.17.9 to 7.17.12 (#18442) Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.17.9 to 7.…
chasedream1129
added a commit
to monado-ren/mastodon
that referenced
this pull request
Aug 12, 2024
commit e9123ad691727ffec3672ff3912ef56e67c930ef Author: Claire <[email protected]> Date: Thu Feb 15 12:02:24 2024 +0100 Bump version to v3.5.19 commit c397c1a9e3090a0e879c15cafd48d5f1414b6836 Author: Claire <[email protected]> Date: Fri Feb 16 11:56:12 2024 +0100 Merge pull request from GHSA-jhrq-qvrm-qr36 * Fix insufficient Content-Type checking of fetched ActivityStreams objects * Allow JSON-LD documents with multiple profiles commit d509b6b3420d303728b13832d79b05d602dba4e2 Author: Claire <[email protected]> Date: Wed Feb 14 22:49:45 2024 +0100 Fix user creation failure handling in OmniAuth paths (#29207) Co-authored-by: Matt Jankowski <[email protected]> commit 44c265e4c7983e17bf7713db91938d95efd33046 Author: Claire <[email protected]> Date: Wed Feb 14 13:35:56 2024 +0100 Bump version to v3.5.18 commit 4a57e44809e33a8050c0062a244c351ab0871c71 Author: Claire <[email protected]> Date: Wed Feb 14 15:16:07 2024 +0100 Merge pull request from GHSA-vm39-j3vx-pch3 * Prevent different identities from a same SSO provider from accessing a same account * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true` * Rename methods to avoid confusion between OAuth and OmniAuth commit 47c6079d8da3810889f70166950a29af2c2f1333 Author: Claire <[email protected]> Date: Wed Feb 14 15:15:34 2024 +0100 Merge pull request from GHSA-7w3c-p9j8-mq3x * Ensure destruction of OAuth Applications notifies streaming Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens. * Ensure password resets revoke access to Streaming API * Improve performance of deleting OAuth tokens --------- Co-authored-by: Emelia Smith <[email protected]> commit 69205dff9a252f42f9a75bf5a247b1376f312895 Author: Claire <[email protected]> Date: Wed Feb 14 13:12:13 2024 +0100 Add `sidekiq_unique_jobs:delete_all_locks` task and disable `sidekiq-unique-jobs` UI by default (#29199) commit d187195f2ccaeab8786e62cf2ef3a499c1b54b7f Author: Emelia Smith <[email protected]> Date: Tue Feb 13 19:11:47 2024 +0100 Disable administrative doorkeeper routes (#29187) commit 3387868dd9841cfffdae875d3296cf0aae36dc2b Author: blah <blah@blah> Date: Wed Feb 14 10:58:36 2024 +0000 Update dependency sidekiq-unique-jobs to 7.1.33 commit 3ba6ed76ea07d2856f988689e62a76882e5c9d4d Author: blah <blah@blah> Date: Wed Feb 14 10:51:59 2024 +0000 Update dependency nokogiri to 1.16.2 commit b1ed009c65802b70c9b780f3c7c3a866cba72478 Author: Claire <[email protected]> Date: Thu Feb 1 15:56:46 2024 +0100 Merge pull request from GHSA-3fjr-858r-92rw * Fix insufficient origin validation * Bump version to v3.5.17 commit 35f21191ee9fa3a99af6c207d2fb42484d58f196 Author: Claire <[email protected]> Date: Mon Nov 27 15:00:52 2023 +0100 Bump version to v3.5.16 commit 2ffce0d5f7e43138fd19a1c1b7a31b0177ae00a3 Author: Claire <[email protected]> Date: Fri Oct 20 10:45:46 2023 +0200 Fix processing LDSigned activities from actors with unknown public keys (#27474) commit 688defd60d9a31d7a4f9052985119a88d810e436 Author: Claire <[email protected]> Date: Fri Nov 24 10:31:28 2023 +0100 Change GIF max matrix size error to explicitly mention GIF files (#27927) commit d9b05f6860a574d81d1fd9fc47ca3adabf0d70cc Author: Jonathan de Jong <[email protected]> Date: Fri Oct 27 16:55:00 2023 +0200 Have `Follow` activities bypass availability (#27586) Co-authored-by: Claire <[email protected]> commit f3fd8d869596da809448d5d0105e122e8ba3db22 Author: Claire <[email protected]> Date: Mon Nov 27 14:25:54 2023 +0100 Clamp dates when serializing to Elasticsearch API (#28081) commit 49693fe42f4528db4b41a2c346391016e9fe954a Author: Claire <[email protected]> Date: Mon Nov 6 10:28:14 2023 +0100 Fix incoming status creation date not being restricted to standard ISO8601 (#27655) commit 16262f815d7d120bd73ffb71740ffaea3771683b Author: Claire <[email protected]> Date: Mon Oct 30 23:32:25 2023 +0100 Fix posts from force-sensitized accounts being able to trend (#27620) commit d4e0a12b27aa01012c50ac7f0d4ba26085258990 Author: Claire <[email protected]> Date: Mon Oct 23 14:27:07 2023 +0200 Change Content-Security-Policy to be tighter on media paths (#26889) commit db59d8486bd12f7d32dd9785cbf2daf9115d0e16 Author: Claire <[email protected]> Date: Mon Oct 9 14:03:10 2023 +0200 Bump version to v3.5.15 commit 7fb3ee0bc67cd7078fa7558483121dbe08202d8a Author: Matt Jankowski <[email protected]> Date: Tue Oct 3 11:01:45 2023 -0400 Dont match mention in url query string (#25656) Co-authored-by: Claire <[email protected]> commit 9bd027823d91fe8cc9d3c63b19c649296e626e0d Author: David Aaron <[email protected]> Date: Tue Oct 3 02:48:57 2023 -0700 Change min age of backup policy from 1 week to 6 days (#27200) commit 57d4d460503fa9ad01670533296a84c7c3f49ff3 Author: Jakob Gillich <[email protected]> Date: Tue Oct 3 10:47:50 2023 +0200 Fix importer returning negative row estimates (#27258) commit c91116f7800fe622750c93ea7d51d5d72e143ed3 Author: Claire <[email protected]> Date: Thu Sep 28 13:41:24 2023 +0200 Fix filtering audit log for entries about disabling 2FA (#27186) commit f45b5f5006f59d895da158e65cecead37d9a5b38 Author: Essem <[email protected]> Date: Mon Sep 25 12:21:07 2023 -0500 Properly remove tIME chunk from PNG uploads (#27111) commit 47441e51f3749894ac5699abffdd1cc190c0256e Author: Claire <[email protected]> Date: Fri Oct 6 12:58:16 2023 +0200 Fix crash when filtering for “dormant” relationships (#27306) commit af02650322aad7468bfa7363f8232b0ae7151e6f Author: Claire <[email protected]> Date: Mon Sep 25 15:06:43 2023 +0200 Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116) commit 75346a71f7f4f0a3deb2841c19e6105a06f98f1e Author: Claire <[email protected]> Date: Tue Sep 19 12:49:15 2023 +0200 Bump version to v3.5.14 commit 49af3e26dc3a433922d78ae01be50549f29d1949 Author: Claire <[email protected]> Date: Wed Sep 6 16:40:19 2023 +0200 Fix moderator rights inconsistencies (#26729) commit 412c3e13ecae1bc9a6fd204b6e4018c5c4c2e6ba Author: Claire <[email protected]> Date: Wed Sep 6 12:17:51 2023 +0200 Fix crash when encountering invalid URL (#26814) commit 31c5e63a58923b9d227d90b48994ed48491dd52e Author: Claire <[email protected]> Date: Thu Aug 17 16:11:48 2023 +0200 Fix cached posts including stale stats (#26409) commit e8eeb746ac2d2ec635d46c9c07b73a56b4f2c77c Author: Nicolai Søborg <[email protected]> Date: Fri Aug 18 08:32:47 2023 +0200 Fix `frame_rate` for videos where `ffprobe` reports 0/0 (#26500) commit 0158c31c02b62f39add6f41f1584bf23a8dda047 Author: yufushiro <[email protected]> Date: Wed Aug 23 15:44:56 2023 +0900 Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (#26608) Co-authored-by: Claire <[email protected]> commit 9deb1781269fd817c930d38f916672bec3d566a8 Author: Claire <[email protected]> Date: Tue Sep 19 16:53:58 2023 +0200 Merge pull request from GHSA-v3xf-c9qf-j667 commit 8e6fe192258fab9df50cfa7c4c0f6c22a756868e Author: Claire <[email protected]> Date: Mon Sep 18 08:31:53 2023 +0200 Change Dockerfile to upgrade packages when building (#26931) Co-authored-by: Renaud Chaput <[email protected]> commit 4eb709ea7ea6b5bc1fcdbe1762dd3b7efcc07f6e Author: Claire <[email protected]> Date: Wed Sep 6 09:18:28 2023 +0200 Update actions for stable-3.5 (#26804) Co-authored-by: Renaud Chaput <[email protected]> commit 86a31fc0196f876f6671a883198fcc460bcd60c5 Author: Claire <[email protected]> Date: Tue Sep 5 17:46:39 2023 +0200 Fix Dockerfile installing incompatible npm version (#26803) commit 16e47e1aae55c0ead7207030ad8a554c18ff1250 Author: Claire <[email protected]> Date: Tue Sep 5 15:30:24 2023 +0200 Bump version to v3.5.13 commit dcffd6b3d76a5e9d420119d0730724d56f7fe968 Author: Emelia Smith <[email protected]> Date: Mon May 22 13:15:21 2023 +0200 Allow reports with long comments from remote instances, but truncate (#25028) commit 8de0f7e198b25741cd6cb849095520b88fab088d Author: Daniel M Brasil <[email protected]> Date: Thu Aug 31 08:53:24 2023 -0300 Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237) commit e37551421ee30ccd9e6a36e2ad4c88ddf5a1b3d8 Author: Claire <[email protected]> Date: Wed Aug 9 09:39:36 2023 +0200 Fix blocking subdomains of an already-blocked domain (#26392) commit 2e0eab9d18f1473654542f96ff9172cab0e8661e Author: Claire <[email protected]> Date: Wed Aug 30 17:36:16 2023 +0200 Change text extraction in `PlainTextFormatter` to be faster (#26727) commit ce75c175cdf12bdfdf8b84271b52989abe54cb50 Author: Claire <[email protected]> Date: Thu Aug 31 19:54:17 2023 +0200 Backport container build changes to the stable-3.5 branch (#26742) Co-authored-by: Renaud Chaput <[email protected]> commit a3d31ffc1ead2abe98a8b722b406a7574a14a915 Author: Claire <[email protected]> Date: Fri Jul 28 10:07:57 2023 +0200 Bump version to v3.5.12 commit 50f4af28b0f1fde03e1a57583bccc1387d6f08bf Author: Emelia Smith <[email protected]> Date: Fri Jul 28 12:06:29 2023 +0200 Fix: Streaming server memory leak in HTTP EventSource cleanup (#26228) commit e655b35d7e4ebf9c5a2ab6cb4bf4e950785cfee0 Author: Claire <[email protected]> Date: Sat Jul 22 20:42:31 2023 +0200 Fix incorrect connect timeout in outgoing requests (#26116) commit 80c00f4aa57fd21679fade777310422e55274c65 Author: Claire <[email protected]> Date: Fri Jul 21 14:33:34 2023 +0200 Bump version to v3.5.11 commit 1a0192537d11fb8932735c33f904e8fc4263356b Author: Claire <[email protected]> Date: Fri Jul 21 14:18:04 2023 +0200 Add check preventing Sidekiq workers from running with Makara configured (#25850) Co-authored-by: Eugen Rochko <[email protected]> commit 668cd00e130c152ed05b19f7d7f663d33790d9ac Author: Claire <[email protected]> Date: Fri Jul 21 14:14:10 2023 +0200 Fix testsuite failure introduced in last release commit 0bd52de49263af22d2fed02e9cec84fbeb3d6f9b Author: Claire <[email protected]> Date: Fri Jul 21 13:34:15 2023 +0200 Fix CSP headers being unintendedly wide (#26105) commit ced65ffbb48a37ca46c278156bc0987378bf0a8a Author: Claire <[email protected]> Date: Tue Jul 18 20:51:20 2023 +0200 Change request timeout handling to use a longer deadline (#26055) commit 6398fc0b66fad30112de9b4ea026436c4ebc9b32 Author: Claire <[email protected]> Date: Mon Jul 10 18:42:10 2023 +0200 Fix moderation interface for remote instances with a .zip TLD (#25885) commit 7709bbba65cb07158a74292542a2a6bf0b8452bb Author: Claire <[email protected]> Date: Mon Jul 10 18:42:19 2023 +0200 Fix remote accounts being possibly persisted to database with incomplete protocol values (#25886) commit 4f6d121b248dcc6b80a9d2597fb7b6ac73a50cf4 Author: Michael Stanclift <[email protected]> Date: Thu Jul 13 04:12:51 2023 -0500 Fix trending publishers table not rendering correctly on narrow screens (#25945) commit 687421ebbe3a8245c2fd2b7fe9bf8c325e9f3bb2 Author: Claire <[email protected]> Date: Fri Jul 7 18:56:11 2023 +0200 Bump version to v3.5.10 commit 517c4a8a7a96bd2f16e369fa794575c30be370c8 Author: Claire <[email protected]> Date: Fri Jul 7 13:35:22 2023 +0200 Fix processing of media files with unusual names (#25788) commit dca0d8427e42e9a498b2c88b85660fef19d8fd1a Author: Claire <[email protected]> Date: Fri Jul 7 18:10:17 2023 +0200 Fix crash in admin interface when viewing a remote user with verified links (#25796) commit b10c974ba1952c545acff505bfd36feb0c60b000 Author: Claire <[email protected]> Date: Wed Jun 21 10:38:16 2023 +0200 Bump version to v3.5.9 commit ca4b23bf0d936f09f0bf60ab1055f6c2f0373dd9 Author: Claire <[email protected]> Date: Thu Jul 6 15:06:49 2023 +0200 Merge pull request from GHSA-55j9-c3mp-6fcq commit 32e5a9f053d4d59cd7cd782a889055295554a697 Author: Claire <[email protected]> Date: Thu Jul 6 15:06:24 2023 +0200 Merge pull request from GHSA-9pxv-6qvf-pjwc * Fix timeout handling of outbound HTTP requests * Use CLOCK_MONOTONIC instead of Time.now commit 987f9099947fdcd71e79d4908cdc4373eca92a85 Author: Claire <[email protected]> Date: Thu Jul 6 15:05:05 2023 +0200 Merge pull request from GHSA-9928-3cp5-93fm * Fix attachments getting processed despite failing content-type validation * Add a restrictive ImageMagick security policy tailored for Mastodon * Fix misdetection of MP3 files with large cover art * Reject unprocessable audio/video files instead of keeping them unchanged commit c02fa93c578d6578f39de689752c02dd92f3b079 Author: Claire <[email protected]> Date: Thu Jul 6 15:03:33 2023 +0200 Merge pull request from GHSA-ccm4-vgcc-73hp * Tighten allowed HTML in oEmbed-based preview cards * Sanitize preview cards at render time * Add `sandbox` attribute to preview card iframes commit c30901134654b759d06b8e5b16bf7f9608f199fc Author: Claire <[email protected]> Date: Wed Jun 21 14:18:04 2023 +0200 Add hardened headers to user-uploaded files commit 6b538225af099276a6113b40f3763b8cde6284fd Author: Claire <[email protected]> Date: Wed Jun 28 14:27:12 2023 +0200 Update rack, rails, nokogiri, omniauth, sanitize and doorkeeper gems commit 3c72c7b34e7cd5904bf0070d95201a2bd0fe7e54 Author: Renaud Chaput <[email protected]> Date: Thu Jun 1 12:14:49 2023 +0200 Allow carets in URL search params (#25216) commit 07f60ffcbbbaf661347cd3cd7098f20d3a3730f7 Author: Vyr Cossont <[email protected]> Date: Fri Mar 31 23:28:35 2023 -0700 Fix Redis client and type errors introduced in #24285 (#24342) commit c1467453f6e67e108308b4cba531eb013caed319 Author: Vyr Cossont <[email protected]> Date: Fri Mar 31 05:38:47 2023 -0700 IndexingScheduler: fetch and import in batches (#24285) Co-authored-by: Claire <[email protected]> commit 00e65a77df600330c4ae694616fb185e15b8835f Author: Emelia Smith <[email protected]> Date: Tue Jun 20 18:04:35 2023 +0200 Prevent UserCleanupScheduler from overwhelming streaming (#25519) commit f9521bc2b54dff1c616ef271024426776e9434e2 Author: Daniel M Brasil <[email protected]> Date: Mon Jun 19 03:53:05 2023 -0300 Fix incorrect pagination headers in `/api/v2/admin/accounts` (#25477) commit e4bff6cd76d8e615bd2d2ed0ba8250d5d2438c0f Author: Emelia Smith <[email protected]> Date: Sat Jun 10 18:24:37 2023 +0200 Fix logging of messages that are binary before closing their connection (#25361) commit 6f819c7071ed5fc810e4e5f0063f76185a41f4a0 Author: Emelia Smith <[email protected]> Date: Fri Jun 9 19:29:16 2023 +0200 Fix performance of streaming by parsing message JSON once (#25278) commit 4aa1c4e2ad1969376cb95336a7a86cacbe547c18 Author: Claire <[email protected]> Date: Mon Jun 5 17:35:05 2023 +0200 Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) commit 176ae71fd42fb4990c3a8660c3e710cd31b3686e Author: Daniel M Brasil <[email protected]> Date: Sun Apr 30 01:50:58 2023 -0300 Fix `tootctl accounts approve --number N` not aproving N earliest registrations (#24605) commit feac95333fbfc8ef54bd96a273f9454bc25a3ca8 Author: Claire <[email protected]> Date: Fri May 12 13:13:04 2023 +0200 Change profile updates to be sent to recently-mentioned servers (#24852) commit bb1e7e112e5e929388417e22828d3eb235151d20 Author: Claire <[email protected]> Date: Wed May 17 00:08:42 2023 +0200 Fix being able to vote on your own polls (#25015) commit e233060ea5d0cf7e5baf247e34a38119bc4bf903 Author: Claire <[email protected]> Date: Wed May 17 00:09:21 2023 +0200 Fix race condition when reblogging a status (#25016) commit 3faebae2d1a5f72bf93167b1fbb279406bb738de Author: Claire <[email protected]> Date: Mon May 22 12:25:56 2023 +0200 Change OpenGraph-based embeds to allow fullscreen (#25058) commit 95f59da1578272efee84f06375d6e77944a4d5b0 Author: Claire <[email protected]> Date: Mon May 22 14:03:38 2023 +0200 Fix “Authorized applications” inefficiently and incorrectly getting last use date (#25060) commit 6f94b4ae19144e6fbf625e47b821c1aacf391722 Author: Claire <[email protected]> Date: Tue May 23 14:27:17 2023 +0200 Remove invalid X-Frame-Options: ALLOWALL (#25070) commit 283184b390bdd9b8200fd2dac0c1abd2def25fca Author: Claire <[email protected]> Date: Tue May 23 15:00:36 2023 +0200 Change Identity to not destroy associated User on destroy (#25098) commit d54980ef2df2704c0a1698ce3de19eb4e3916be1 Author: Claire <[email protected]> Date: Tue Jun 20 18:32:26 2023 +0200 Fix /api/v1/conversations sometimes returning empty accounts (#25499) commit 08579976e02c582f4465e63b03e38e4b8886705f Author: Claire <[email protected]> Date: Wed Jun 14 08:54:52 2023 +0200 Fix ArgumentError when loading newer Private Mentions (#25399) commit ff3f40a675c1dcbf17e121b0d09ce65ea441d8a5 Author: Claire <[email protected]> Date: Thu Jun 1 02:41:51 2023 +0200 Fix multiple N+1s in ConversationsController (#25134) commit 0dce749192b1d7a1513bdf45b7eafa6181bac3b9 Author: Claire <[email protected]> Date: Wed Apr 5 19:31:49 2023 +0200 Fix user archive takeouts when using OpenStack Swift (#24431) commit 1bd831b9a9d288566ca38045f6410c771946634b Author: Claire <[email protected]> Date: Mon Mar 27 17:50:34 2023 +0200 Bump version to v3.5.8 commit 55144262d054a52b76baa9d077e235e5c61fac37 Author: Claire <[email protected]> Date: Mon Apr 3 15:47:04 2023 +0200 Fix unescaped user input in LDAP query (#24379) Fix CVE-2023-28853 commit 40438675f8ddf0a6e30af4edef63286f8026f2b5 Author: Claire <[email protected]> Date: Mon Apr 3 15:05:39 2023 +0200 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) commit 0f4c908b64c34d94936dad1cfa4b2e2d225285cc Author: Claire <[email protected]> Date: Fri Mar 31 21:42:28 2023 +0200 Fix invalid/expired invites being processed on sign-up (#24337) commit 3eb5b47768ec8387d3a0ec9ffd27ff777be18407 Author: Sai <[email protected]> Date: Fri Mar 31 15:42:59 2023 +0100 Upgrade Ruby to 3.0.6 (#24332) commit 520e9cc765b9b8263270f9e311b8beefd6b322f9 Author: Robert R George <[email protected]> Date: Wed Mar 29 00:58:27 2023 -0700 Wrap db:setup with Chewy.strategy(:mastodon) (#24302) commit d25493e26295d27af34441a5f120226f2c17eda9 Author: Claire <[email protected]> Date: Mon Mar 27 17:07:37 2023 +0200 Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) commit 3d67a9329ef9859559d8c9143227c493088a620a Author: Claire <[email protected]> Date: Mon Mar 20 20:02:58 2023 +0100 Fix crash in `tootctl` commands making use of parallelization when Elasticsearch is enabled (#24182) commit 547634dfa64a59012f37b60a6dd830bc4be76be4 Author: Claire <[email protected]> Date: Thu Mar 16 22:39:45 2023 +0100 Bump version to v3.5.7 commit f90daf58dbc09a492b65a281d2cf5b5c4f5055b6 Author: Claire <[email protected]> Date: Thu Mar 16 22:47:01 2023 +0100 Add warning for object storage misconfiguration (#24137) commit a42b48ea4e66f3081dc6c21c06ed98db94116c02 Author: Eugen Rochko <[email protected]> Date: Thu Mar 16 22:46:52 2023 +0100 Change user backups to use expiring URLs for download when possible (#24136) commit 251dd0b72b2ca6aafe6676c6dbcc81260b2c1355 Author: Claire <[email protected]> Date: Thu Mar 16 13:41:55 2023 +0100 Update changelog commit 18840cbc6ef4fd8e9c48b0053a9f9b68978f4ffc Author: Nick Schonning <[email protected]> Date: Wed Mar 15 11:43:44 2023 -0400 Skip pushing containers on forks (#24106) commit 727126255a043aec46d20cc07962771376b6d82b Author: Renaud Chaput <[email protected]> Date: Wed Mar 15 16:41:13 2023 +0100 Use Github Container Registry as the official container image source (#24113) commit 98d654b8bb59de4d412007b1864d1376394652c7 Author: Nick Schonning <[email protected]> Date: Tue Mar 14 22:43:49 2023 -0400 Skip Docker CI Login/Push on forks (#23564) commit 25c517144c294b4d3a3b85c6358aff15f8d4ed6e Author: Renaud Chaput <[email protected]> Date: Tue Mar 14 20:27:43 2023 +0100 Push Docker images to Github Container Registry as well (#24101) commit f036546c220fef1fccfdf816cfce1533262fb3af Author: Claire <[email protected]> Date: Wed Mar 15 04:15:20 2023 +0100 Fix misleading error code when receiving invalid WebAuthn credentials (#23568) commit 9256d653a5677fa726f0a93d0d5428d79c6020a7 Author: Claire <[email protected]> Date: Wed Mar 15 04:14:47 2023 +0100 Fix incorrect post links in strikes when the account is remote (#23611) commit d0c0808ad4ede98873e753df1543f33b0349f4be Author: Jeremy Kescher <[email protected]> Date: Mon Nov 7 02:40:17 2022 +0000 Add null check on application in dispute viewer (#19851) commit cb622b23b1465dfde7731a1f9bc82dd3fe51a561 Author: Claire <[email protected]> Date: Wed Mar 15 04:01:49 2023 +0100 Fix dashboard crash on ElasticSearch server error (#23751) commit fe866f8afb89e07e2fa72aaddccd6388f9ed4183 Author: Claire <[email protected]> Date: Tue Mar 14 10:34:16 2023 +0100 Update changelog commit a1e765991e416cdd5fb1ededa1ab0245c5062882 Author: Claire <[email protected]> Date: Fri Mar 3 20:44:46 2023 +0100 Add mail headers to avoid auto-replies (#23597) commit 76b9f4271291e0700680f182e94326f27f95390f Author: Claire <[email protected]> Date: Tue Feb 21 09:23:39 2023 +0100 Add `lang` tag to native language names in language picker (#23749) commit 708e590117c68c3c851c4eb7287cfa03c68a0ac0 Author: Claire <[email protected]> Date: Sun Mar 12 23:47:55 2023 +0100 Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) commit a717aa929cf6c60239266f45671862802e9f29ed Author: Rodion Borisov <[email protected]> Date: Thu Mar 9 16:35:44 2023 +0300 Center the text itself in upload area (#24029) commit bbb7c54367b8a284f5fcef8e910b50005e8ad197 Author: Claire <[email protected]> Date: Mon Mar 6 17:44:55 2023 +0100 Fix `/api/v1/streaming` sub-paths not being redirected (#23988) commit 282596a66e68e2ca5d7bef90c39fc50fe770d63a Author: Eugen Rochko <[email protected]> Date: Sun Mar 5 01:52:42 2023 +0100 Fix pgBouncer resetting application name on every transaction (#23958) commit e6f6fe6106709b2efd342e7ce7339f08c5fa0682 Author: Claire <[email protected]> Date: Fri Mar 3 21:13:55 2023 +0100 Fix original account being unfollowed on migration before the follow request could be sent (#21957) commit 86b1adf7d74b07b0fd99e923de59b8d7b44485df Author: Claire <[email protected]> Date: Mon Mar 6 16:00:08 2023 +0100 Fix unconfirmed accounts being registered as active users (#23803) commit 4beeec4e50169ef8c370e0a9793a2d303c5eb403 Author: Claire <[email protected]> Date: Fri Mar 3 20:36:18 2023 +0100 Fix server error when failing to follow back followers from `/relationships` (#23787) commit 3c44ba04112a5136ad56385868f30347fce392b4 Author: Claire <[email protected]> Date: Wed Feb 22 11:53:13 2023 +0100 Fix inefficiency when searching accounts per username in admin interface (#23801) commit 339d4fa61cf6a8e04a4b40b17dfb036adb9e5f86 Author: Dean Bassett <[email protected]> Date: Mon Feb 13 05:54:08 2023 -0800 Fix case-sensitive check for previously used hashtags (#23526) commit 62f0eab635da5ae94c9add6eb62b8f251409e77f Author: Claire <[email protected]> Date: Fri Mar 3 20:25:15 2023 +0100 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) commit 8c8d578e3884214dd4c8252f8f6fddb2e785aab8 Author: Claire <[email protected]> Date: Fri Feb 10 22:18:15 2023 +0100 Bump version to 3.5.6 (#23493) commit a8a3e86216a569cf8c0c48ff1b0c48069bc9a1e2 Author: Claire <[email protected]> Date: Fri Feb 10 22:16:47 2023 +0100 Fix unbounded recursion in post discovery (#23507) * Add a limit to how many posts can get fetched as a result of a single request * Add tests * Always pass `request_id` when processing `Announce` activities --------- Co-authored-by: nametoolong <[email protected]> commit be1caad9338157773ca91f7aee89d440347cf49b Author: Claire <[email protected]> Date: Thu Feb 9 21:02:09 2023 +0100 Fix REST API serializer for Account not including `moved` when the moved account has itself moved (#22483) (#23492) Instead of cutting immediately, cut after one recursion. commit 84a40824adb477f4956f49c64a0746f4f7048a3a Author: Claire <[email protected]> Date: Thu Feb 9 21:02:01 2023 +0100 Fix sanitizer parsing link text as HTML when stripping unsupported links (#22558) (#23491) commit 533bf92d21b9ca2dfe64dff597980bb4fb6578c4 Author: Claire <[email protected]> Date: Thu Feb 9 21:01:53 2023 +0100 Don't delivery a reply to domains which are blocked by author (#22117) (#23490) Co-authored-by: Jeong Arm <[email protected]> commit 6a2b48190c62ddf2d4f1278972f6897ed9da83e8 Author: Claire <[email protected]> Date: Thu Feb 9 21:01:45 2023 +0100 Log admin approve and reject account (#22088) (#23488) * Log admin approve and reject account * Add unit tests for approve and reject logging Co-authored-by: Francis Murillo <[email protected]> commit 6cbc5899905b47af82833f19882c4b57b0b4c34b Author: Claire <[email protected]> Date: Thu Feb 9 21:01:38 2023 +0100 Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note (#23318) (#23487) * Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note * Add tests commit a2bfb16cb82ad0549f4e7431cc0228dc5189108e Author: Claire <[email protected]> Date: Thu Feb 9 21:01:21 2023 +0100 Fix crash when marking statuses as sensitive while some statuses are deleted (#22134) (#23486) * Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments * Fix crash when marking statuses as sensitive while some statuses are deleted Fixes #21910 * Fix multiple strikes being created for a single report when selecting “Mark as sensitive” * Add tests commit cfc0507010108a2e862a07ab7e9707beb972b2db Author: Claire <[email protected]> Date: Thu Feb 9 20:57:31 2023 +0100 Fix attachments of edited statuses not being fetched (#21565) (#23485) * Fix attachments of edited statuses not being fetched * Fix tests commit eade64097c48eb24d78d42ddd47c6cabb6df7d5f Author: Claire <[email protected]> Date: Thu Feb 9 20:57:24 2023 +0100 Clear voter count when poll is reset (#21700) (#23484) When a poll is edited, we reset the poll and remove all previous votes. However, prior to this commit, the voter count on the poll was not reset. This leads to incorrect percentages being shown in poll results. Fixes #21696 Co-authored-by: afontenot <[email protected]> commit 1f0be21317295e1f3a47ace6454d5afcc502d077 Author: Claire <[email protected]> Date: Thu Feb 9 20:57:14 2023 +0100 Fix some performance issues with /admin/instances (#21907) (#23483) /admin/instances?availability=failing remains wholly unefficient commit 0ca877f08478c0acb6958a893fb7384c64b4c57c Author: Claire <[email protected]> Date: Thu Feb 9 20:57:06 2023 +0100 Fix possible race conditions when suspending/unsuspending accounts (#22363) (#23482) * Fix possible race conditions when suspending/unsuspending accounts * Fix tests Tests were assuming SuspensionWorker and UnsuspensionWorker would do the suspending/unsuspending themselves, but this has changed. commit cc233af129a8f183487dbd4a9562c0533b4e5513 Author: Claire <[email protected]> Date: Thu Feb 9 20:56:58 2023 +0100 Fix suspension worker crashing on S3-compatible setups without ACL support (#22487) (#23481) commit 83f1c6460aaa7ca6f8dc11fc03a6befa71c374c3 Author: Claire <[email protected]> Date: Thu Feb 9 20:56:49 2023 +0100 Fix changing domain block severity not undoing individual account effects (#22135) (#23480) * Fix changing domain block severity not undoing individual account effects Fixes #22133 * Add tests commit e26dd2ea8f2e911448578f5bc7a00ea877e3b668 Author: Claire <[email protected]> Date: Thu Feb 9 20:56:37 2023 +0100 Add `form-action` CSP directive (#23478) * Add form-action CSP directive (#20781) * Fix OAuth flow being broken by recent CSP change (#20958) * Fix form-action CSP directive for external login (#20962) commit da5d81c90dd6199d9f615ee48b579178284cf8f2 Author: Claire <[email protected]> Date: Thu Feb 9 18:34:19 2023 +0100 Fix CircleCI issues caused by Node and OpenSSL versions (#23489) Co-authored-by: mhkhung <[email protected]> commit ee66f5790f6bee17ba5d6876021ba8ffd1ef222b Author: Claire <[email protected]> Date: Thu Dec 15 19:21:17 2022 +0100 Fix unbounded recursion in account discovery (v3.5 backport) (#22026) * Fix trying to fetch posts from other users when fetching featured posts * Rate-limit discovery of new subdomains * Put a limit on recursively discovering new accounts commit 696f7b360882e71ff45b6ddafc8eea17184a0f31 Author: Claire <[email protected]> Date: Mon Nov 14 22:26:24 2022 +0100 Bump version to 3.5.5 commit b22e1476ca667e1ab83ab26a93203c3f253540af Author: Claire <[email protected]> Date: Mon Nov 14 22:14:55 2022 +0100 Fix nodes order being sometimes mangled when rewriting emoji (#20677) * Fix front-end emoji tests * Fix nodes order being sometimes mangled when rewriting emoji commit 105ab8242582c6df02e3693f4620793add5c84f6 Author: Claire <[email protected]> Date: Mon Nov 14 11:23:10 2022 +0100 Bump version to 3.5.4 commit 2dd8f977e84b67ed073a932accd2fbf4d2f38f3a Author: Claire <[email protected]> Date: Wed Nov 9 14:21:57 2022 +0100 Fix emoji substitution not applying only to text nodes in backend code Signed-off-by: Claire <[email protected]> commit 2db06e1d089404844b632b3a2164c4bd3af24424 Author: Claire <[email protected]> Date: Wed Nov 9 14:16:02 2022 +0100 Fix emoji substitution not applying only to text nodes in Web UI Signed-off-by: Claire <[email protected]> commit 063579373e401fdac72b856971ecc01b06065365 Author: Eugen Rochko <[email protected]> Date: Wed Oct 26 14:58:52 2022 +0200 Fix rate limiting for paths with formats commit 1659788de4aa12f78108defb7294a1a23fa363bf Author: Pierre Bourdon <[email protected]> Date: Fri Nov 11 07:45:16 2022 +0100 blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388) The Blurhash library used by Mastodon requires an input encoded as 24 bits raw RGB data. The conversion to raw RGB using Imagemagick did not previously specify the desired bit depth. In some situations, this leads Imagemagick to output in a pixel format using less bpp than expected. This then manifested as segfaults of the Sidekiq process due to out-of-bounds read, or potentially a (highly noisy) memory infoleak. Fixes #19235. commit 47eaf85f02e280db8c24cfc4f9bc5a34e99da49e Author: Claire <[email protected]> Date: Mon Jul 4 11:08:30 2022 +0200 Fix crash when a remote Flag activity mentions a private post (#18760) * Add tests * Fix crash when a remote Flag activity mentions a private post commit fbcbf7898f000d9d1a21d52e8a8d3ed4602aa7db Author: Eugen Rochko <[email protected]> Date: Thu May 26 23:26:15 2022 +0200 Bump version to 3.5.3 (#18530) commit 0a1992430db7a859b3b7faa3d9ce4f07734b5fd8 Author: Eugen Rochko <[email protected]> Date: Thu May 26 23:02:42 2022 +0200 Fix errors when rendering RSS feeds (#18531) commit 52f4e834f293c9fdbf5805639d022ac4e3856b75 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:14:47 2022 +0200 Fix concurrent unfollowing decrementing follower count more than once (#18527) commit 8a9acbe604667215c9589154d72b3f313755c210 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:08:12 2022 +0200 Fix being able to appeal a strike unlimited times (#18529) Peculiarity of the `has_one` association is that the convenience creation method deletes the previous association even if the new one is invalid commit c4d2c39a75eccdbc60c3540c259e1e7ea5881ac6 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:08:02 2022 +0200 Fix being able to report otherwise inaccessible statuses (#18528) commit 1ff4877945e18820f3e518a1cfbac243da65e1a5 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:06:10 2022 +0200 Fix empty votes arbitrarily increasing voters count in polls (#18526) commit 976cd6413e9b2a1531a2ad17945342deaeec538c Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:04:16 2022 +0200 Fix moderator leak in undo_mark_statuses_as_sensitive (#18525) Signed-off-by: Eugen Rochko <[email protected]> Co-authored-by: 40826d <[email protected]> commit 9f81b9f29a14093cefcdbf09058ace089cd8e06b Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:04:05 2022 +0200 Fix suspended users being able to access APIs that don't require a user (#18524) commit 96129c2f10a82520648f6ae04e585cf797403617 Author: Eugen Rochko <[email protected]> Date: Thu May 26 22:03:54 2022 +0200 Fix confirmation redirect to app without `Location` header (#18523) commit 3e0e7a1cfb617837ccada330afc13ed804c3c47b Author: Eugen Rochko <[email protected]> Date: Thu May 26 20:32:48 2022 +0200 Fix follower and other counters being able to go negative (#18517) commit 702b709d9a8df2ed65c54d32d585a4cf5fe13de1 Author: Yamagishi Kazutoshi <[email protected]> Date: Fri May 27 03:29:28 2022 +0900 Add ES6 compatibility to browserslist (#18519) commit d8abc0018f59ed63fb6c5fae2f6081c141a4b978 Author: Eugen Rochko <[email protected]> Date: Thu May 26 18:43:14 2022 +0200 Remove 3.3.x from supported versions in security policy (#18516) commit 088dc0ec5a383006952c0b15508af882a4c1109c Author: Eugen Rochko <[email protected]> Date: Thu May 26 18:05:47 2022 +0200 Fix regression in `tootctl search deploy` caused by unloaded attribute (#18514) commit a4fa9e23fc1ddb42452bb8f051a31894796c8002 Author: Eugen Rochko <[email protected]> Date: Thu May 26 17:55:05 2022 +0200 Change "dangerous" to "sensitive" in privacy policy and web UI (#18515) Fix #18470 commit 440eb71310e41d668f00980b73358edd5f8df043 Author: Claire <[email protected]> Date: Thu May 26 15:50:33 2022 +0200 Change unapproved and unconfirmed account to not be accessible in the REST API (#17530) * Change unapproved and unconfirmed account to not be accessible in the REST API * Change Account#searchable? to reject unconfirmed and unapproved users * Disable search for unapproved and unconfirmed users in Account.search_for * Disable search for unapproved and unconfirmed users in Account.advanced_search_for * Remove unconfirmed and unapproved accounts from Account.searchable scope * Prevent mentions to unapproved/unconfirmed accounts * Fix some old tests for Account.advanced_search_for * Add some Account.advanced_search_for tests for existing behaviors * Add some tests for Account.search_for * Add Account.advanced_search_for tests unconfirmed and unapproved accounts * Add Account.searchable tests * Fix Account.without_unapproved scope potentially messing with previously-applied scopes * Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup This is so that the API can still be used to check whether an username is free to use. commit 86f4dba47ef26aa8690354948c49009c3fd49960 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 09:16:19 2022 +0900 Bump @babel/preset-env from 7.17.12 to 7.18.2 (#18512) Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.17.12 to 7.18.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 77823333bb38a12705af486fa9b69cbd646dbd79 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 09:06:44 2022 +0900 Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.2 (#18511) Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.17.12 to 7.18.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-plugin-transform-runtime) --- updated-dependencies: - dependency-name: "@babel/plugin-transform-runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit ddddd4c043bd722b7e01a0595cd5f7a606fde281 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:41:07 2022 +0900 Bump immutable from 4.0.0 to 4.1.0 (#18502) Bumps [immutable](https://github.com/immutable-js/immutable-js) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/immutable-js/immutable-js/releases) - [Changelog](https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md) - [Commits](https://github.com/immutable-js/immutable-js/compare/v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: immutable dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 01db33165757042f3d95a6e372a9652b0223c5c2 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:06:55 2022 +0900 Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.0 (#18489) Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.17.12 to 7.18.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-plugin-transform-runtime) --- updated-dependencies: - dependency-name: "@babel/plugin-transform-runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 2bc5e41b8384b1c62832be2abead47670d169dfa Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:06:29 2022 +0900 Bump @babel/runtime from 7.17.9 to 7.18.0 (#18494) Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.17.9 to 7.18.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 4d48d83b0088f9e039691435407bd3d6e92e6f63 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 26 08:05:53 2022 +0900 Bump @babel/core from 7.17.12 to 7.18.0 (#18490) Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.12 to 7.18.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-core) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 25dda3061e4308a5005d3a2fef373acffc510a66 Author: Claire <[email protected]> Date: Thu May 26 00:20:30 2022 +0200 Fix unnecessary query on status creation (#17901) commit 96f29ce91ad622a0127bc3c3bf2dc503062ed0dc Author: Eugen Rochko <[email protected]> Date: Tue May 24 16:33:18 2022 +0200 New Crowdin updates (#18458) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations devise.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations doorkeeper.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.json (Esperanto) * New translations en.yml (Esperanto) * New translations en.json (Esperanto) * New translations doorkeeper.en.yml (Esperanto) * New translations en.json (Esperanto) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations en.json (Ido) * New translations doorkeeper.en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Ido) * New translations simple_form.en.yml (Ido) * New translations en.json (Armenian) * New translations en.json (Armenian) * New translations en.json (Armenian) * New translations en.json (Scottish Gaelic) * New translations en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Ido) * New translations simple_form.en.yml (Ido) * New translations en.yml (Russian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.yml (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.yml (Estonian) * New translations en.json (Estonian) * New translations en.yml (Estonian) * New translations en.json (Estonian) * New translations en.json (Estonian) * New translations en.yml (Russian) * New translations en.yml (Russian) * New translations simple_form.en.yml (Russian) * New translations en.yml (Russian) * New translations simple_form.en.yml (Russian) * New translations en.json (Sorani (Kurdish)) * New translations en.json (Sorani (Kurdish)) * New translations en.json (Sorani (Kurdish)) * New translations activerecord.en.yml (Sorani (Kurdish)) * New translations doorkeeper.en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations doorkeeper.en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * New translations en.yml (Sorani (Kurdish)) * Run `yarn manage:translations` * Run `bundle exec i18n-tasks normalize` Co-authored-by: Yamagishi Kazutoshi <[email protected]> commit e5997a195602624efdb366e9f09ffa377e859580 Author: Claire <[email protected]> Date: Mon May 23 20:38:29 2022 +0200 Fix warning an account outside of a report closing all reports for that account (#18387) * Fix warning an account outside of a report closing all reports for that account * Make it clear what actions solve other reports * Revert "Make it clear what actions solve other reports" This reverts commit ad006de821f72e75480701298d13f0945b509059. commit a9b64b24d6c076cb96a66307c07d4f0158dc07da Author: Eugen Rochko <[email protected]> Date: Sun May 22 22:16:43 2022 +0200 Change algorithm of `tootctl search deploy` to improve performance (#18463) commit 54bb659ad14fda8d3427752d2c99716420997d6e Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat May 21 15:43:36 2022 +0900 Bump sidekiq from 6.4.1 to 6.4.2 (#18091) Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.4.1 to 6.4.2. - [Release notes](https://github.com/mperham/sidekiq/releases) - [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md) - [Commits](https://github.com/mperham/sidekiq/compare/v6.4.1...v6.4.2) --- updated-dependencies: - dependency-name: sidekiq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit dfb9e6dab1b119c907dece5555408c9b98ec8f2c Author: Yamagishi Kazutoshi <[email protected]> Date: Fri May 20 11:39:05 2022 +0900 Disable transpile to older iOS versions (#18462) commit e925b06721057f83f2e3e8e7bdb21f39318b90a2 Author: Yamagishi Kazutoshi <[email protected]> Date: Fri May 20 02:26:19 2022 +0900 Fix languages dropdown on light theme (#18460) commit 9a0fa28993568cb3f106f0ea6457b0ff0f9a132e Author: Eugen Rochko <[email protected]> Date: Thu May 19 12:58:16 2022 +0200 New Crowdin updates (#18419) * New translations en.json (German) * New translations en.json (Welsh) * New translations en.json (Japanese) * New translations en.json (Korean) * New translations en.json (Turkish) * New translations en.json (Chinese Simplified) * New translations en.json (Vietnamese) * New translations en.json (Portuguese, Brazilian) * New translations en.json (Asturian) * New translations en.json (Irish) * New translations en.json (Arabic) * New translations en.json (Scottish Gaelic) * New translations en.json (Galician) * New translations en.json (Czech) * New translations en.json (Slovak) * New translations en.json (Icelandic) * New translations en.json (Sorani (Kurdish)) * New translations en.json (English, United Kingdom) * New translations en.json (Norwegian) * New translations en.json (Romanian) * New translations en.json (French) * New translations en.json (Spanish) * New translations en.json (Afrikaans) * New translations en.json (Bulgarian) * New translations en.json (Persian) * New translations en.json (Tamil) * New translations en.json (Malayalam) * New translations en.json (Silesian) * New translations en.json (Taigi) * New translations en.json (Ido) * New translations en.json (Kabyle) * New translations en.json (Sanskrit) * New translations en.json (Sardinian) * New translations en.json (Corsican) * New translations en.json (Kurmanji (Kurdish)) * New translations en.json (Serbian (Latin)) * New translations en.json (Occitan) * New translations en.json (Kannada) * New translations en.json (Cornish) * New translations en.json (Sinhala) * New translations en.json (Breton) * New translations en.json (Tatar) * New translations en.json (Spanish, Argentina) * New translations en.json (Kazakh) * New translations en.json (Spanish, Mexico) * New translations en.json (Bengali) * New translations en.json (Marathi) * New translations en.json (Thai) * New translations en.json (Croatian) * New translations en.json (Norwegian Nynorsk) * New translations en.json (Estonian) * New translations en.json (Chinese Traditional, Hong Kong) * New translations en.json (Latvian) * New translations en.json (Hindi) * New translations en.json (Malay) * New translations en.json (Telugu) * New translations en.json (Esperanto) * New translations en.json (Uyghur) * New translations en.json (Standard Moroccan Tamazight) * New translations en.yml (Icelandic) * New translations en.json (German) * New translations en.json (Turkish) * New translations en.json (Icelandic) * New translations en.json (Greek) * New translations en.json (Chinese Traditional) * New translations en.json (Catalan) * New translations en.json (Latvian) * New translations en.json (Czech) * New translations en.json (Indonesian) * New translations en.json (Korean) * New translations en.json (Russian) * New translations en.json (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (German) * New translations en.json (Spanish, Argentina) * New translations en.json (Spanish, Argentina) * New translations en.json (Danish) * New translations en.json (Chinese Simplified) * New translations en.json (Afrikaans) * New translations en.json (Ukrainian) * New translations en.json (Portuguese) * New translations en.yml (Italian) * New translations en.json (Italian) * New translations en.yml (Italian) * New translations en.json (Catalan) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (French) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Arabic) * New translations en.yml (Arabic) * New translations en.yml (Hungarian) * New translations en.json (Hungarian) * New translations en.yml (Galician) * New translations en.json (Galician) * New translations en.yml (Scottish Gaelic) * New translations en.yml (Ido) * New translations en.json (Scottish Gaelic) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Catalan) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Korean) * New translations en.json (Polish) * New translations en.yml (Ido) * New translations en.json (Czech) * New translations en.json (Hungarian) * New translations en.json (Spanish, Argentina) * New translations en.json (Ido) * New translations en.json (Russian) * New translations en.json (Latvian) * New translations en.yml (Russian) * New translations en.json (Russian) * New translations devise.en.yml (Russian) * New translations en.yml (Ido) * New translations en.json (Icelandic) * New translations en.json (Portuguese) * New translations en.yml (Ido) * New translations en.json (Catalan) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * Run `yarn manage:translations` * New translations en.json (Chinese Simplified) * New translations en.yml (Slovenian) * New translations en.json (Slovenian) * New translations en.json (Vietnamese) * New translations en.json (Chinese Traditional) * New translations en.json (Chinese Simplified) * New translations en.json (Spanish) * New translations en.json (Greek) * New translations en.json (Thai) * New translations en.json (Turkish) * New translations en.json (Turkish) * New translations en.json (Italian) * New translations en.json (Kurmanji (Kurdish)) * New translations en.yml (Japanese) * New translations en.json (Japanese) * New translations en.json (Afrikaans) * New translations en.yml (Basque) * New translations en.yml (German) * New translations en.json (German) * New translations en.yml (Esperanto) * New translations en.json (German) * New translations en.yml (Esperanto) * New translations en.yml (Esperanto) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Chinese Simplified) * New translations en.json (German) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Korean) * New translations en.yml (Galician) * New translations en.json (Galician) * New translations devise.en.yml (Galician) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Russian) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Chinese Simplified) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.json (Kurmanji (Kurdish)) * New translations en.yml (Ido) * New translations en.json (Kurmanji (Kurdish)) * New translations en.yml (German) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Korean) * New translations en.json (Korean) * New translations simple_form.en.yml (Korean) * New translations en.yml (Korean) * New translations en.json (Ukrainian) * New translations en.yml (Arabic) * New translations en.json (Arabic) * New translations en.json (Arabic) * New translations en.json (Arabic) * New translations en.json (Arabic) * New translations en.json (Thai) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Russian) * New translations en.json (Portuguese, Brazilian) * New translations en.yml (Chinese Simplified) * New translations en.json (Chinese Simplified) * New translations simple_form.en.yml (Chinese Simplified) * New translations devise.en.yml (Chinese Simplified) * New translations en.yml (Ido) * New translations en.json (French) * New translations en.json (Indonesian) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Vietnamese) * New translations en.json (Esperanto) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations doorkeeper.en.yml (Portuguese, Brazilian) * New translations en.yml (Ido) * New translations en.yml (Ido) * New translations en.yml (Ido) * Run `yarn manage:translations` * Run `bundle exec i18n-tasks normalize` Co-authored-by: Yamagishi Kazutoshi <[email protected]> commit 679b7158e3cd3881e8cbaf2d2c0c97725b3b5fd9 Author: Eugen Rochko <[email protected]> Date: Wed May 18 23:29:14 2022 +0200 Change search indexing to use batches to minimize resource usage (#18451) commit ded5a0254a4d29a7384ef766a1e92467fe4ebd2b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:33:13 2022 +0900 Bump yargs from 17.4.1 to 17.5.1 (#18437) Bumps [yargs](https://github.com/yargs/yargs) from 17.4.1 to 17.5.1. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs/compare/v17.4.1...v17.5.1) --- updated-dependencies: - dependency-name: yargs dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit ffc2971466417aafe778eddcb1510ea934cef973 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:30:31 2022 +0900 Bump dotenv from 16.0.0 to 16.0.1 (#18438) Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.0.0 to 16.0.1. - [Release notes](https://github.com/motdotla/dotenv/releases) - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](https://github.com/motdotla/dotenv/compare/v16.0.0...v16.0.1) --- updated-dependencies: - dependency-name: dotenv dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit a918a76bfbdd300e3ef549307706bdfa630f824b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:29:53 2022 +0900 Bump glob from 8.0.1 to 8.0.3 (#18440) Bumps [glob](https://github.com/isaacs/node-glob) from 8.0.1 to 8.0.3. - [Release notes](https://github.com/isaacs/node-glob/releases) - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](https://github.com/isaacs/node-glob/compare/v8.0.1...v8.0.3) --- updated-dependencies: - dependency-name: glob dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 6b4e2d5ce686140797dd207b1ba932a86665262f Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:27:55 2022 +0900 Bump rubocop from 1.28.2 to 1.29.1 (#18433) Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.28.2 to 1.29.1. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.28.2...v1.29.1) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 6048eeed045693be63ad34dc97e98f7b2e519a70 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu May 19 03:27:02 2022 +0900 Bump faker from 2.20.0 to 2.21.0 (#18434) Bumps [faker](https://github.com/faker-ruby/faker) from 2.20.0 to 2.21.0. - [Release notes](https://github.com/faker-ruby/faker/releases) - [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md) - [Commits](https://github.com/faker-ruby/faker/compare/v2.20.0...v2.21.0) --- updated-dependencies: - dependency-name: faker dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> commit 1a880533acb1a8b6ee11db357d8cb8864f0e05e3 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed May 18 21:25:23 2022 +0900 Bump @babel/preset-env from 7.17.10 to 7.17.12 (#18443) Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.17.10 to 7.17.12. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.17.12/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yamagishi Kazutoshi <[email protected]> commit d842f645d11e99521d1c27a13ce53f97de357d52 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed May 18 21:16:16 2022 +0900 Bump @babel/plugin-proposal-decorators from 7.17.9 to 7.17.12 (#18442) Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.17.9 to 7.…
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Trivial CSS fix for "Drag & drop to upload" area, where text may wrap and cause it to align to the left without explicitly aligning text to center.
Fixes #24028.