Commit graph

13107 commits

Author SHA1 Message Date
dependabot-preview[bot] 51dad928c6
[Security] Bump doorkeeper from 5.3.1 to 5.3.2 (#13613)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.1 to 5.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v.5.3.1...v5.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 20:16:15 +02:00
dependabot-preview[bot] f51c547407
Bump kaminari from 1.1.1 to 1.2.0 (#13596)
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 13:53:42 +02:00
ThibG dea5db0e25
Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595) 2020-05-04 13:52:41 +02:00
Hanage999 ff72c0472f
Fix tootctl upgrade storage-schema failing to delete empty directories (#13593) 2020-05-04 13:51:34 +02:00
Eugen Rochko 5cff7910c2
Add more ActivityPub controller tests (#13590) 2020-05-03 22:19:24 +02:00
ThibG c0b849bdfd
Fix use of inline CSS in public pages (#13576)
Change `account_link_to` to use an image tag rather than some
inline CSS. Dropped the `size` parameter in the process, but it wasn't
used for anything except the default value of 36px.

Dropped CSS rules that were always overriden, and defaulted to 36px width
and height instead.
2020-05-03 22:04:18 +02:00
Yamagishi Kazutoshi e223fd8c61
Revert "improve status title (#8596)" (#13591)
This reverts commit 05756c9a14.
2020-05-03 18:48:13 +02:00
Eugen Rochko 988b0493fe
Add more tests for ActivityPub controllers (#13585) 2020-05-03 16:30:36 +02:00
Shlee a1062df1e1
Fix the circleci packages for Buster. (#13583)
* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update .circleci/config.yml

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>

* Update config.yml

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-05-01 23:45:40 +02:00
Eugen Rochko 60408fa3ef
Change CircleCI test output (#13587) 2020-05-01 20:19:01 +02:00
kaiyou 3511528e50
Only check locally when deduplicating usernames (#13581)
When deduplicating account usernames for OAuthable users, the routine did check if any account was known with that username, including remote accounts. This caused some unnecessary deduplication, and usernames ending with unexpected trailing _1.
This fixes #13580
2020-04-30 14:39:05 +02:00
ThibG b8ba977497
Fix admin-facing uses of inline CSS (#13575)
* Move .back-button inline styles to CSS file

All occurrences of the back-button CSS class used the same inline
CSS rules, so moved them over to the CSS file

* Fix “Add new domain block” button using inline CSS

* Replace common pattern of inline-styled button boxes by a CSS class

In particular, switching from `float: left/right` to a flexbox with
`justify-content: space-between`. This implied changing the order of
a few HTML tags and adding an empty `div` in one case.

Also removed a `margin-bottom` rule that wasn't needed due to the
margins of surrounding elements.

* Move account admin view inline CSS to CSS file
2020-04-28 19:39:16 +02:00
dependabot-preview[bot] 432c40c516
Bump parslet from 1.8.2 to 2.0.0 (#13564)
Bumps [parslet](https://github.com/kschiess/parslet) from 1.8.2 to 2.0.0.
- [Release notes](https://github.com/kschiess/parslet/releases)
- [Changelog](https://github.com/kschiess/parslet/blob/master/HISTORY.txt)
- [Commits](https://github.com/kschiess/parslet/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 01:39:21 +09:00
dependabot-preview[bot] 8357d6b027
Bump json-ld from 3.1.2 to 3.1.3 (#13566)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.2...3.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:30:53 +09:00
dependabot-preview[bot] f08ba21f6f
Bump ruby-saml from 1.9.0 to 1.11.0 (#13559)
Bumps [ruby-saml](https://github.com/onelogin/ruby-saml) from 1.9.0 to 1.11.0.
- [Release notes](https://github.com/onelogin/ruby-saml/releases)
- [Changelog](https://github.com/onelogin/ruby-saml/blob/master/changelog.md)
- [Commits](https://github.com/onelogin/ruby-saml/compare/v1.9.0...v1.11.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:26:15 +09:00
dependabot-preview[bot] 4532593245
Bump mime-types-data from 3.2019.1009 to 3.2020.0425 (#13554)
Bumps [mime-types-data](https://github.com/mime-types/mime-types-data) from 3.2019.1009 to 3.2020.0425.
- [Release notes](https://github.com/mime-types/mime-types-data/releases)
- [Changelog](https://github.com/mime-types/mime-types-data/blob/master/History.md)
- [Commits](https://github.com/mime-types/mime-types-data/compare/v3.2019.1009...v3.2020.0425)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:24:52 +09:00
dependabot-preview[bot] f094b46f3a
Bump http-form_data from 2.2.0 to 2.3.0 (#13560)
Bumps [http-form_data](https://github.com/httprb/form_data.rb) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/httprb/form_data.rb/releases)
- [Changelog](https://github.com/httprb/form_data/blob/master/CHANGES.md)
- [Commits](https://github.com/httprb/form_data.rb/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:21:53 +09:00
dependabot-preview[bot] 5ed739adb1
Bump aws-sdk-s3 from 1.61.2 to 1.63.0 (#13562)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.61.2 to 1.63.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits/v1.63.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:21:33 +09:00
dependabot-preview[bot] 1145a38015
Bump aws-partitions from 1.296.0 to 1.303.0 (#13552)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.296.0 to 1.303.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:15:52 +09:00
ThibG 77ec0875ea
Fix page incorrectly scrolling when bringing up dropdown menus (#13574)
Fixes #13573

For some reason (I suspect this may be related to focusing the item before it
got drown by the browser), Firefox scrolls to top when bringing up dropdown
menus with pre-selected items.

This commit uses the “preventScroll” option as, due to the placement behavior,
the menu should be visible anyway and not trigger scrolling.
2020-04-28 13:19:39 +02:00
dependabot-preview[bot] f70a54b34c
Bump normalize-package-data from 2.4.0 to 2.5.0 (#13561)
Bumps [normalize-package-data](https://github.com/npm/normalize-package-data) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/npm/normalize-package-data/releases)
- [Commits](https://github.com/npm/normalize-package-data/compare/v2.4.0...v2.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 19:23:13 +09:00
dependabot-preview[bot] 85be934fac
Bump flatted from 2.0.0 to 2.0.2 (#13558)
Bumps [flatted](https://github.com/WebReflection/flatted) from 2.0.0 to 2.0.2.
- [Release notes](https://github.com/WebReflection/flatted/releases)
- [Commits](https://github.com/WebReflection/flatted/compare/v2.0.0...v2.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 19:02:30 +09:00
dependabot-preview[bot] 9aeae7a194
Bump nearley from 2.16.0 to 2.19.2 (#13556)
Bumps [nearley](https://github.com/hardmath123/nearley) from 2.16.0 to 2.19.2.
- [Release notes](https://github.com/hardmath123/nearley/releases)
- [Commits](https://github.com/hardmath123/nearley/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:47:03 +09:00
dependabot-preview[bot] 8f4dff2c52
Bump core-js-pure from 3.6.4 to 3.6.5 (#13553)
Bumps [core-js-pure](https://github.com/zloirock/core-js) from 3.6.4 to 3.6.5.
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/compare/v3.6.4...v3.6.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:30:51 +09:00
dependabot-preview[bot] 6c685cb55a
Bump request from 2.88.0 to 2.88.2 (#13565)
Bumps [request](https://github.com/request/request) from 2.88.0 to 2.88.2.
- [Release notes](https://github.com/request/request/releases)
- [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md)
- [Commits](https://github.com/request/request/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:26:30 +09:00
dependabot-preview[bot] 7abf1433c2
Bump cacache from 12.0.3 to 12.0.4 (#13567)
Bumps [cacache](https://github.com/npm/cacache) from 12.0.3 to 12.0.4.
- [Release notes](https://github.com/npm/cacache/releases)
- [Changelog](https://github.com/npm/cacache/blob/v12.0.4/CHANGELOG.md)
- [Commits](https://github.com/npm/cacache/compare/v12.0.3...v12.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:15:18 +09:00
dependabot-preview[bot] 3e13223043
Bump functions-have-names from 1.2.0 to 1.2.1 (#13568)
Bumps [functions-have-names](https://github.com/ljharb/functions-have-names) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/ljharb/functions-have-names/releases)
- [Changelog](https://github.com/inspect-js/functions-have-names/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ljharb/functions-have-names/compare/v1.2.0...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:12:55 +09:00
dependabot-preview[bot] 07bfb853c0
Bump loglevel from 1.6.6 to 1.6.8 (#13569)
Bumps [loglevel](https://github.com/pimterry/loglevel) from 1.6.6 to 1.6.8.
- [Release notes](https://github.com/pimterry/loglevel/releases)
- [Commits](https://github.com/pimterry/loglevel/compare/v1.6.6...v1.6.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:59:00 +09:00
dependabot-preview[bot] d7d8191d58
Bump svgo from 1.1.1 to 1.3.2 (#13570)
Bumps [svgo](https://github.com/svg/svgo) from 1.1.1 to 1.3.2.
- [Release notes](https://github.com/svg/svgo/releases)
- [Changelog](https://github.com/svg/svgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/svg/svgo/compare/v1.1.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:46:20 +09:00
ThibG 0e362b7678
Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG ad9c7aefe6
Refactor/cleanup TIMELINE_DELETE-related code (#13175) 2020-04-28 09:53:42 +02:00
ThibG 04eb599864
Fix messed up z-index when NoScript blocks media/previews (#13449)
Fixes #13444
2020-04-28 09:44:17 +02:00
ThibG b3d0de8b40
Fix /public showing public instead of community timeline for logged-in users (#13499) 2020-04-28 09:43:45 +02:00
ThibG b40d68cc31
Add invites_enabled to API (#13501) 2020-04-28 09:43:34 +02:00
Lerk 157850577f
Add tootctl emoji export (#13534)
* add emoji export command to cli

* fix codeclimate issues

* add error when no matching category was found

* add other suggestions

* exit 1 when no matching category is found

* changes according to suggestions

* 👀

* RubyNein

Y u always autoformat :c
2020-04-27 22:17:49 +02:00
dependabot-preview[bot] 8456676206
Bump oj from 3.10.5 to 3.10.6 (#13557)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.5 to 3.10.6.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.5...v3.10.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-27 17:20:34 +02:00
Даниил Пронин ee017ca533
Add JS IDE helper (#13012)
* add IDE helper for Webpack

* fix ESLint error in IDE helper

* fix IDE helper code style
2020-04-27 17:19:53 +02:00
mayaeh acc367fd14
Fix naming issue (#13551) 2020-04-27 10:32:05 +02:00
Eugen Rochko c3ca3801f2
Add separate cache directory for non-local uploads (#12821) 2020-04-26 23:29:08 +02:00
Eugen Rochko 2744f61696
Fix not being able to resolve public resources in development environment (#13505) 2020-04-25 22:01:08 +02:00
ThibG be637146f3
Fix uninformative error message when uploading unsupported image files (#13540)
Attempting to upload image files that the browser is unable to load results
in “Oops! An unexpected error occurred.”

This commit changes the error handling so that an unprocessable image results
in the file being sent anyway, which might cover a few corner cases, and
provide a slightly better error message.
2020-04-25 12:27:29 +02:00
ThibG c955f98d36
Fix expanded video player issues (#13541)
Fixes #13536

- Expanding a paused video doesn't autoplay anymore
- Default volume level for the expanded video inherited from the original video

Position/playing state/volume are carried over from the original video player
to the modal, but they're not reported back to the modal as it would require
deeper changes.
2020-04-25 12:16:05 +02:00
Takeshi Umeda 46b2cc184f
Fix enable/disable relay failures (#13535) 2020-04-23 22:04:18 +02:00
Irie Aoi c5c8f68031
Set max-width and max-height to gif video (#13533) 2020-04-23 15:49:33 +02:00
ThibG 80182eda62
Fix and refactor keyboard navigation in dropdown menus (#13528)
Fixes #13527

- Fixes caught keyboard events being needlessly propagated
- Let up/down arrows wrap around like the tab key does
- Refactor common code
2020-04-21 15:13:26 +02:00
dependabot-preview[bot] ff32a25ee3
Bump parser from 2.7.1.0 to 2.7.1.1 (#13508)
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.0 to 2.7.1.1.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.0...v2.7.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-21 00:05:08 +09:00
dependabot-preview[bot] ebd35eedb0
Bump globule from 1.2.1 to 1.3.1 (#13521)
Bumps [globule](https://github.com/cowboy/node-globule) from 1.2.1 to 1.3.1.
- [Release notes](https://github.com/cowboy/node-globule/releases)
- [Commits](https://github.com/cowboy/node-globule/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-21 00:00:34 +09:00
dependabot-preview[bot] 673784eb71
Bump stream-shift from 1.0.0 to 1.0.1 (#13522)
Bumps [stream-shift](https://github.com/mafintosh/stream-shift) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/mafintosh/stream-shift/releases)
- [Commits](https://github.com/mafintosh/stream-shift/compare/v1.0.0...v1.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:58:35 +09:00
dependabot-preview[bot] b0f86b6d15
Bump redis-actionpack from 5.0.2 to 5.2.0 (#13510)
Bumps [redis-actionpack](http://redis-store.org/redis-actionpack) from 5.0.2 to 5.2.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:57:04 +09:00
dependabot-preview[bot] 2f7b3b44be
Bump uuid from 7.0.2 to 7.0.3 (#13520)
Bumps [uuid](https://github.com/uuidjs/uuid) from 7.0.2 to 7.0.3.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v7.0.2...v7.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-20 23:55:32 +09:00