djsundog/tootlab-mastodon
1
0
Fork 0
mirror of https://github.com/glitch-soc/mastodon.git synced 2024-11-23 08:34:13 -05:00
Code Issues Packages Projects Releases Wiki Activity
20,100 Commits 69 Branches 20 Tags 372 MiB
glitch-soc/security/f96e71352244b1fb43fe1cdf6ec7608f7486d29d
Commit Graph

20100 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
renovate[bot]
a3c9a48fdf Update dependency pg to v1.5.5 (#29230) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-02-16 10:47:22 +01:00
Claire
1dc849be84 Allow JSON-LD documents with multiple profiles 2024-02-15 16:30:08 +01:00
Claire
2c92a35ac2 Fix insufficient Content-Type checking of fetched ActivityStreams objects 2024-02-15 16:30:08 +01:00
Claire
5ce53dcacd Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:13:36 +01:00
Claire
2868da92d3 Fix OmniAuth tests (#29201) 2024-02-14 16:08:09 +01:00
Claire
30b532d52c Rename methods to avoid confusion between OAuth and OmniAuth 2024-02-14 14:46:19 +01:00
Claire
c0c6082213 Lock auth provider changes behind ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true 2024-02-14 14:46:19 +01:00
Claire
c459107df4 Prevent different identities from a same SSO provider from accessing a same account 2024-02-14 14:46:19 +01:00
Claire
e0ca3c200b Improve performance of deleting OAuth tokens 2024-02-14 14:46:19 +01:00
Emelia Smith
ef3804a494 Ensure password resets revoke access to Streaming API 2024-02-14 14:46:19 +01:00
Emelia Smith
46d24cdfaa Ensure destruction of OAuth Applications notifies streaming 
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
 2024-02-14 14:46:19 +01:00
Claire
dc17af46d4 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:47:32 +01:00
Emelia Smith
a23de4b41f Disable administrative doorkeeper routes (#29187) 2024-02-14 13:47:32 +01:00
renovate[bot]
c159e2c075 Update dependency sidekiq-unique-jobs to v7.1.33 (#29175) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-02-14 13:47:32 +01:00
renovate[bot]
bd224ac214 Update dependency nokogiri to v1.16.2 [SECURITY] (#29106) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-02-14 13:47:32 +01:00
Claire
0c69d61960 Fix insufficient origin validation 2024-02-01 15:06:22 +01:00
Claire
f96e713522
Fix trying to push mastodon-streaming docker images to upstream's ghcr repo (#2541) 2023-12-22 13:01:08 +01:00
Claire
5bd61a3fc5
Don't try to push images to Mastodon's dockerhub (#2540) 2023-12-22 12:13:53 +01:00
Claire
d4c87ff5b8
Disable use of missing native arm64 docker builder for the streaming image (#2539) 2023-12-22 08:45:37 +01:00
Claire
dac2b56932
Merge pull request #2535 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes up to 4a7395d989
 2023-12-21 19:03:29 +01:00
Claire
6e56f95285 Merge commit '4a7395d989e40c3bd4ef18173aa5ea850c8ddcdd' into glitch-soc/merge-upstream 
Conflicts:
- `README.md`:
  Upstream modified its README, we have a completely different one.
  Kept our README file.
 2023-12-21 18:17:17 +01:00
Claire
d668b85dcd
Merge pull request #2532 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes up to 0b4a3a0437
 2023-12-21 18:13:49 +01:00
Claire
9ac13bbc9c Fix glitch-only HAML linting issue 2023-12-20 22:27:29 +01:00
Claire
b2961dad2b Fix lint issue in glitch-soc-only file 2023-12-20 22:25:23 +01:00
Matt Jankowski
01e77a0f34 [Glitch] Enable the eslint react/no-unknown-property rule 
Port ee83d5c760 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 22:24:40 +01:00
Claire
077e0c6812 Merge commit '0b4a3a04378ce43f2f314b9446b5053f6b374c6d' into glitch-soc/merge-upstream 
Conflicts:
- `Gemfile.lock`:
  Conflict caused by the `json` gem thing once again.
  Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
  Upstream refactored a bunch of specs, including one place that differs
  because of glitch-soc's theming system.
  Refactored as upstream did, adapting it for glitch-soc's theming system.
 2023-12-20 22:16:50 +01:00
Claire
75580360cd Merge commit '272592d16d40e804ec325ef3b5e6de9bbad5f2dd' into glitch-soc/merge-upstream 
Conflicts:
- `.rubocop_todo.yml`:
  Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
  `Metrics/AbcSize` cop.
  Glitch-soc has different code and slightly higher `AbcSize` complexity,
  modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
  Upstream changed `account.suspended?` to `account.unavailable?` to prepare
  for delete flags. Glitch-soc has additional local-only conditions.
  Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
  Upstream refactored a bunch of stuff while glitch-soc has more settings.
  Refactored as upstream did while keeping glitch-soc's settings.
 2023-12-20 22:05:31 +01:00
Claire
5de551002d [Glitch] Fix onboarding step descriptions being truncated on narrow screens 
Port b20af17a2c to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 21:59:58 +01:00
Claire
8a5f2442cc Merge commit '0530ce5e9575c09464847412f43852f438b0494e' into glitch-soc/merge-upstream 2023-12-20 21:58:18 +01:00
Claire
b41af99673 [Glitch] Change dismissed banners to be stored server-side 
Port 7faa27e17d to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 20:40:47 +01:00
Claire
b8209c3b96 Merge commit '85662a5a57531af5402a6777d0b1089e78c56815' into glitch-soc/merge-upstream 
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
  Upstream reworked the CSP, we kept our version for now.
 2023-12-20 20:10:45 +01:00
Claire
f425a1e637
Merge pull request #2519 from ClearlyClaire/glitch-soc/immutable-record-redux 
Use Immutable `Record` for accounts in Redux state
 2023-12-20 20:06:49 +01:00
Renaud Chaput
a4a728b01d [Glitch] Fix the loading bar with the new Redux actions 
Port 8b1eeb2f90 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 19:49:44 +01:00
Claire
93c71e2c7c [Glitch] Fix notification sounds 
Port f3864db409 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 19:49:44 +01:00
Claire
70652e49eb [Glitch] Fix error when muting users from Web UI 
Port 32319187ee to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 19:49:44 +01:00
Renaud Chaput
e94fecdcc8 [Glitch] Fix the notificationsUpdate call 
Port f476d9dab2 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 19:49:44 +01:00
Renaud Chaput
79678cf841 [Glitch] Fixes website not loading for unlogged users 
Port 6712bf86cd to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 19:49:44 +01:00
Renaud Chaput
7fe5623a27 [Glitch] Use Immutable Record for accounts in Redux state 
Port 3bf2a7296e to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 19:49:44 +01:00
Renaud Chaput
3b7caa00e2 [Glitch] Add Typescript types for some API objects 
Port 57f592fed5 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-20 19:49:44 +01:00
Claire
a3a58c041e
Merge pull request #2527 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes up to 8ebc94dd22
 2023-12-20 19:48:45 +01:00
Essem
b7cb17fecf
Fix the poll option add button attempting to submit a form (#2530) 2023-12-20 08:24:28 +01:00
Claire
9bfb699c4c [Glitch] Change search popout to not list unusable search options when logged out 
Port 6e70819840 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-19 21:25:55 +01:00
Claire
b135b6ba8f Merge commit '8ebc94dd22a18c28c4c9763b909e92e6ba64e242' into glitch-soc/merge-upstream 
Conflicts:
- `app/views/admin/custom_emojis/new.html.haml`:
  Conflict caused by glitch-soc having a different file size limit constant
  name.
  Updated like upstream did while keeping glitch-soc's constant name.
 2023-12-19 21:24:01 +01:00
Claire
6c00d5b0c4 Fix test failure caused by glitch-soc changes 2023-12-19 21:14:39 +01:00
Claire
2e786e13cb Merge commit '973597c6f1e25b16c592e5573304319aeaa375e1' into glitch-soc/merge-upstream 
Conflicts:
- `app/validators/status_pin_validator.rb`:
  Upstream refactored that file, while glitch-soc had configurable limits for
  pinned statuses.
  Updated the code with upstream's refactor, while keeping glitch-soc's
  configurability.
 2023-12-19 20:51:37 +01:00
Claire
d288a6162a Merge commit '12c22ee5e71ae0220ea10199e4d10deb4140ec44' into glitch-soc/merge-upstream 2023-12-19 20:40:05 +01:00
Claire
7db68e2dca [Glitch] Fix upper border radius of onboarding columns 
Port 0a6ec048a8 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-19 20:26:22 +01:00
Claire
b24f676cf1 Merge commit '1526e54ac6f08431c8c833f20b4be8882355967c' into glitch-soc/merge-upstream 2023-12-19 20:24:57 +01:00
Jeong Arm
94c4c7f330 [Glitch] Fix open status on media modal 
Port 922f086253 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2023-12-19 20:17:45 +01:00
Claire
3ad92e8d0d Merge commit 'bd575a1dd69d87ca0f69873f7badf28d38e8b9ed' into glitch-soc/merge-upstream 2023-12-19 20:17:23 +01:00