Commit graph

638 commits

Author SHA1 Message Date
Claire 9da2711173 Bump version to v4.1.20 2024-09-30 13:27:55 +02:00
Claire 33e07454f2 Bump version to v4.1.19 2024-08-16 12:37:08 +02:00
Claire ff90ebffaa
Bump version to v4.1.18 (#30911) 2024-07-04 16:46:39 +02:00
Claire 1cad857f14
Bump version to v4.1.17 (#30472) 2024-05-30 15:49:14 +02:00
Claire d770b61a74
Merge pull request from GHSA-c2r5-cfqr-c553
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
2024-05-30 14:24:29 +02:00
Claire 257f9abd56 Fix leaking Elasticsearch connections in Sidekiq processes (#30450) 2024-05-29 15:31:34 +02:00
Claire 3aec33f5a2 Fix off-by-one in tootctl media commands (#30306) 2024-05-17 12:30:07 +02:00
Tim Rogers a6089cdfca Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-05-17 12:30:07 +02:00
Claire affbb10566 Fix admin account created by mastodon:setup not being auto-approved (#29379) 2024-05-17 12:30:07 +02:00
Matt Jankowski 57b72cccc4 Fix reference to non-existent var in CLI maintenance command (#28363) 2024-05-17 12:30:07 +02:00
Claire c2d8666bbf
Bump version to v4.1.16 (#29371) 2024-02-23 14:09:38 +01:00
Claire b7b03e8d26 Bump version to v4.1.15 2024-02-16 11:57:15 +01:00
Claire 6499850ac4 Bump version to v4.1.14 2024-02-14 15:16:55 +01:00
Claire 2f6518cae2 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:17:55 +01:00
Claire 5799bc4af7
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to v4.1.13
2024-02-01 15:56:46 +01:00
Claire fc4e2eca9f Bump version to v4.1.12 2024-01-24 15:31:06 +01:00
Claire e6072a8d13 Fix error when processing remote files with unusually long names (#28823) 2024-01-24 15:31:06 +01:00
Claire 363bedd050 Bump version to v4.1.11 2023-12-04 15:28:02 +01:00
Claire df60d04dc1 Bump version to v4.1.10 2023-10-10 13:51:56 +02:00
Claire e4c0aaf626
Bump version to v4.1.9 (#26997) 2023-09-20 17:25:05 +02:00
Claire 46bd58f74d Bump version to v4.1.8 2023-09-19 17:01:44 +02:00
yufushiro 7802837885 Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (#26608)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-09-19 17:01:44 +02:00
Claire 5f88a2d70b Bump version to v4.1.7 2023-09-05 19:16:09 +02:00
Claire ac7d40b561 Bump version to v4.1.6 2023-07-31 14:33:06 +02:00
Claire ebf4f034c2 Bump version to v4.1.5 2023-07-21 16:07:43 +02:00
Claire 3f5af768c8 Bump version to v4.1.4 2023-07-07 19:37:21 +02:00
Claire 015ed99612 Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794) 2023-07-07 19:37:21 +02:00
Claire 0d5781ca76 Bump version to v4.1.3 2023-07-06 15:07:20 +02:00
Claire 0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire c4f2609f7a
Merge pull request from GHSA-ccm4-vgcc-73hp
* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
2023-07-06 15:03:33 +02:00
Claire 9b6c0cac7d Add hardened headers to user-uploaded files (#25756) 2023-07-06 14:32:26 +02:00
Daniel M Brasil bd7cbeeadf Fix tootctl accounts approve --number N not aproving N earliest registrations (#24605) 2023-07-06 13:45:40 +02:00
Claire 4b9e4f6398 Bump version to v4.1.2 2023-04-04 12:41:27 +02:00
Claire 4eaa6d58b2 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-04 12:41:27 +02:00
Claire 3c82c4e780 Fix crash in tootctl commands making use of parallelization when Elasticsearch is enabled (#24182) 2023-04-04 12:41:27 +02:00
Claire ab85f59c30 Bump version to v4.1.1 2023-03-16 22:48:42 +01:00
Eugen Rochko 59a2fe32ff Add cache headers to static files served through Rails (#24120) 2023-03-16 11:43:18 +01:00
9p4 78c7c79d78 Add refreshing many accounts at once with "tootctl accounts refresh" (#23304) 2023-03-13 18:47:52 +01:00
Claire 479b66637b Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-13 18:44:09 +01:00
Claire f5f17e897b Fix tootctl accounts migrate error due to typo (#23567) 2023-03-13 18:40:18 +01:00
Claire 70c0d754a6
Bump version to 4.1.0 (#23471)
* Bump version to 4.1.0

* Editorialize changelog some more and highlight API changes

* Update changelog
2023-02-10 22:21:23 +01:00
Nick Schonning 11557d1c5a
Apply Rubocop Rails/RootPublicPath (#23447) 2023-02-08 10:38:07 +01:00
Nick Schonning f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00
Nick Schonning 203739dd3a
Apply Rubocop Performance/StringIdentifierArgument (#23444) 2023-02-08 02:36:20 +01:00
Nick Schonning c92e033cdd
Apply Rubocop Performance/BindCall (#23437) 2023-02-08 09:10:25 +09:00
Claire 79ca19e9b2
Bump version to 4.1.0rc3 (#23384) 2023-02-03 16:39:38 +01:00
Claire 2f112432e6
Bump version to 4.1.0rc2 (#23220) 2023-01-25 16:20:54 +01:00
Claire 8180f7ba19
Bump version to 4.1.0rc1 (#23112) 2023-01-20 14:19:12 +01:00
JT Olio a5fd2fe1cb
Add Storj DCS to cloud object storage options (#21929)
* Add Storj DCS to cloud object storage options

More explanation here: https://forum.storj.io/t/object-storage-provider-for-mastodon-instance/11464/37

* more help for which command to use
2023-01-18 17:47:49 +01:00
Claire cb4e28f405
Add tootctl domains purge options to select subdomains and keep domain blocks (#22063)
* Add --include-subdomains option to tootctl domains purge

* Add support for '*.' subdomain wildcard patterns in `tootctl domains purge`

* Fix custom emojis deletion not following subdomain and URI options

* Change `tootctl domains purge` to not purge domain blocks unless --purge-domain-blocks is passed

* Refactor `tootctl domains purge`

* Add feedback on deleted domain blocks
2023-01-18 16:50:50 +01:00