djsundog/tootlab-mastodon
1
0
Fork 0
mirror of https://github.com/glitch-soc/mastodon.git synced 2024-11-23 08:34:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
19,213 Commits 69 Branches 20 Tags 372 MiB
glitch-soc/security/d0d06c99dcd6280797807fc846910ef4ed1d6ef8
Commit Graph

19213 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
renovate[bot]
d111c8ccbf Update dependency pg to v1.5.5 (#29230) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-02-16 11:20:33 +01:00
Claire
4aaede8617 Allow JSON-LD documents with multiple profiles 2024-02-15 17:16:18 +01:00
Claire
e6e43b642a Fix insufficient Content-Type checking of fetched ActivityStreams objects 2024-02-15 17:16:18 +01:00
Claire
4216779759 Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:13:32 +01:00
Claire
7acc4a95b4 Fix OmniAuth tests (#29201) 2024-02-14 16:08:05 +01:00
Claire
bfba788358 Rename methods to avoid confusion between OAuth and OmniAuth 2024-02-14 14:49:39 +01:00
Claire
71120631d8 Lock auth provider changes behind ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true 2024-02-14 14:49:39 +01:00
Claire
dd2834e850 Prevent different identities from a same SSO provider from accessing a same account 2024-02-14 14:49:39 +01:00
Claire
4e640b2eae Improve performance of deleting OAuth tokens 2024-02-14 14:49:39 +01:00
Emelia Smith
a499c589fe Ensure password resets revoke access to Streaming API 2024-02-14 14:49:39 +01:00
Emelia Smith
ef3825c9d5 Ensure destruction of OAuth Applications notifies streaming 
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
 2024-02-14 14:49:39 +01:00
Claire
c9d5d27fe3 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:50:40 +01:00
Emelia Smith
d289c94162 Disable administrative doorkeeper routes (#29187) 2024-02-14 13:50:40 +01:00
renovate[bot]
d438bf7141 Update dependency sidekiq-unique-jobs to v7.1.33 (#29175) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-02-14 13:50:40 +01:00
renovate[bot]
32e4803479 Update dependency nokogiri to v1.16.2 [SECURITY] (#29106) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-02-14 13:50:40 +01:00
Claire
7f951cf871 Fix insufficient origin validation 2024-02-01 15:06:59 +01:00
Claire
d0d06c99dc
Merge pull request #2422 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes
 2023-09-21 19:07:38 +02:00
Claire
86ec1e833e Merge branch 'main' into glitch-soc/merge-upstream 2023-09-21 16:56:09 +02:00
Claire
4fcc026f0f
Bump version to v4.2.0 (#27017) 2023-09-21 16:51:32 +02:00
Claire
c04b08a34d
Merge pull request #2419 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes
 2023-09-21 15:52:48 +02:00
Claire
b57ec6ad6b Fix some settings not being properly migrated when set to false 2023-09-21 15:17:44 +02:00
Claire
6760e67c64 [Glitch] Fix search results temporarily disappearing while scrolling and loading more results 
Port 5356ddbcca to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-09-21 15:14:38 +02:00
Claire
f05985f8ec Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `README.md`:
  Upstream changed their README, we have a completely different one.
  Kept our version.
 2023-09-21 15:12:00 +02:00
Eugen Rochko
0fbefb6f67
Update AUTHORS.md (#27018) 2023-09-21 14:42:15 +02:00
Claire
8acc75435b
Change S3 checksum mode to be disabled by default (#27007) 2023-09-21 14:00:51 +02:00
aaaaalbert
bb6c59a399
Fix #27010: update the copyright year in README (#27016) 2023-09-21 13:57:24 +02:00
Claire
5356ddbcca
Fix search results temporarily disappearing while scrolling and loading more results (#27014) 2023-09-21 13:51:21 +02:00
Claire
890e334703
Add migration tests for negative settings (#27012) 2023-09-21 12:33:30 +02:00
renovate[bot]
c74670b4d3
Update dependency glob to v10.3.5 (#27002) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-09-21 11:06:16 +02:00
github-actions[bot]
effe4728cf
New Crowdin Translations (automated) (#27005) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2023-09-21 11:06:04 +02:00
renovate[bot]
4ed9d9ca6f
Update dependency autoprefixer to v10.4.16 (#27000) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-09-21 11:00:15 +02:00
Claire
828eebad48
Add hide_collections, discoverable and indexable attributes to credentials API (#26998) 2023-09-20 18:25:16 +02:00
github-actions[bot]
61fe25fe74
New Crowdin Translations (automated) (#26988) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2023-09-20 13:05:56 +02:00
Claire
889c4d4bbb
Update changelog (#26992) 2023-09-20 12:12:19 +02:00
Claire
5efa6ac771
Merge pull request #2417 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes
 2023-09-19 17:38:05 +02:00
Claire
6a9e93ae19 Merge branch 'main' into glitch-soc/merge-upstream 2023-09-19 17:32:48 +02:00
Claire
abcc0b38fa
Fix incorrect PostgreSQL version check (#26979) 2023-09-19 17:31:58 +02:00
Claire
57f47e50f0
Merge pull request #2416 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes
 2023-09-19 17:14:35 +02:00
Claire
f546b0c999 Merge branch 'main' into glitch-soc/merge-upstream 2023-09-19 17:07:29 +02:00
Claire
f4b780ba22
Bump version to v4.2.0-rc2 (#26974) 2023-09-19 17:04:23 +02:00
Claire
eeab3560fc
Merge pull request from GHSA-v3xf-c9qf-j667 2023-09-19 16:53:58 +02:00
Claire
ff32475f5f
Merge pull request from GHSA-2693-xr3m-jhqr 2023-09-19 16:53:21 +02:00
Claire
94893cf24f
Merge pull request from GHSA-hcqf-fw2r-52g4 
* Revert "Fix request URL normalisation for bare domain and 8-bit characters (#26285)"

This reverts commit 8891d8945d.

* Revert "Do not normalize URL before fetching it (#26219)"

This reverts commit fd284311e7.
 2023-09-19 16:52:52 +02:00
github-actions[bot]
73ecc4de6e
New Crowdin Translations (automated) (#26978) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2023-09-19 16:26:51 +02:00
Claire
0cb343eec2
Tag nightly images as latest in glitch-soc, as it has no proper releases (#2414) 2023-09-19 16:16:35 +02:00
Claire
6f6586808e
Merge pull request #2413 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes up to a83615edc9
 2023-09-19 14:02:04 +02:00
Claire
22ee4e057d Merge commit 'a83615edc9fc1ce3363ddcf1fc676806421a5f65' into glitch-soc/merge-upstream 
Conflicts:
- `streaming/index.js`:
  Upstream has added a parameter to `streamFrom`, while glitch-soc had an
  extra parameter.
  Ported upstream changes.
 2023-09-19 12:59:23 +02:00
Claire
1e87575b70 Merge commit '6eb6209d02514c5271238a23601be643c7b9f52d' into glitch-soc/merge-upstream 2023-09-19 12:53:32 +02:00
Claire
7ea5a2c82c
Merge pull request #2411 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes up to 9688c5fcc4
 2023-09-19 12:52:17 +02:00
renovate[bot]
a83615edc9
Update eslint (non-major) (#26954) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-09-19 12:51:13 +02:00