Commit graph

2470 commits

Author SHA1 Message Date
Claire e5f1000ad1
Fix CSP headers being unintendedly wide (#26105) 2023-07-21 13:34:15 +02:00
Claire 934c7b33d1
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades (#26023) 2023-07-21 13:17:43 +02:00
Renaud Chaput 42698b4c5c
Fix the crossorigin attribute (#26096) 2023-07-21 11:14:26 +02:00
gunchleoc cabe1ea560
Change casing for 'Server Settings' string (#26011) 2023-07-20 15:17:40 +02:00
Misty De Méo b848ba3867
Paperclip: add support for Azure blob storage (#23607) 2023-07-19 09:02:49 +02:00
Matt Jankowski 6edd404482
Cleanup unused portions of statuses/status partial (#26045) 2023-07-19 08:44:16 +02:00
github-actions[bot] 47832a1ac0
New Crowdin Translations (automated) (#26054)
Co-authored-by: renchap <renchap@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-18 21:13:25 +02:00
Eugen Rochko 26e522ac55
Fix not actually connecting to the configured replica (#25977) 2023-07-17 08:26:52 +02:00
Stanislas Signoud 5fad7bd58a
Change links in multi-column mode so tabs are open in single-column mode (#25893) 2023-07-13 17:18:09 +02:00
Claire 41f65edb21
Fix embed dropdown menu item for unauthenticated users (#25964) 2023-07-13 15:53:03 +02:00
Matt Jankowski 644c5fddd8
Refactor Status.tagged_with_all for brakeman SQL injection warning (#25941) 2023-07-13 15:52:37 +02:00
Matt Jankowski ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Matt Jankowski 1ef014802b
Refactor Trends::Query to avoid brakeman sql injection warnings (#25881) 2023-07-12 14:19:20 +02:00
Matt Jankowski f831452037
Refactor Snowflake to avoid brakeman sql injection warnings (#25879) 2023-07-12 10:44:58 +02:00
Matt Jankowski 2e1391fdd2
Fix Naming/MemoizedInstanceVariableName cop (#25928) 2023-07-12 10:08:51 +02:00
Matt Jankowski b786911c55
Fix Lint/SendWithMixinArgument cop (#25920) 2023-07-12 10:02:32 +02:00
Nick Schonning 1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Claire 9411fa4d36
Update brakeman ignores (#25912) 2023-07-11 17:08:37 +02:00
Nick Schonning e11032585b
Run brakeman in GitHub Actions (#23713) 2023-07-11 15:23:57 +02:00
Claire 4b5851974c
Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-10 18:42:10 +02:00
Matt Jankowski cf33028f35
Admin mailer parameterization (#25759) 2023-07-08 20:03:38 +02:00
Kurtis Rainbolt-Greene e4cfe4b3db
First pass at multi-database for read replica using Rails native adapter (#25693)
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Matt Jankowski 0f9b803eb3
Regenerate brakeman ignore, pruning warnings (#25749) 2023-07-08 11:07:19 +02:00
Claire dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko 54a10523e2
Change labels of live feeds tabs in web UI (#25683) 2023-07-03 22:57:18 +02:00
Eugen Rochko ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski 50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Matt Jankowski f8bd581126
Remove unused routes (#25578) 2023-07-01 21:48:53 +02:00
Claire 1d622c8033
Add POST /api/v1/conversations/:id/unread (#25509) 2023-06-22 18:46:43 +02:00
Matt Jankowski c9cd634184
Use default bootsnap/setup in boot.rb (#25502) 2023-06-22 18:46:32 +02:00
Claire 602c458ab6
Add finer permission requirements for managing webhooks (#25463) 2023-06-22 14:52:25 +02:00
Eugen Rochko bca649ba79
Change edit profile page (#25413) 2023-06-14 04:38:07 +02:00
Eugen Rochko 39110d1d0a
Fix CAPTCHA page not following design pattern of sign-up flow (#25395) 2023-06-13 22:30:40 +02:00
Eugen Rochko 6637ef7852
Add unsubscribe link to e-mails (#25378) 2023-06-12 14:22:46 +02:00
Eugen Rochko 432a5d2d4b
Change "bot" label to "automated" (#25356) 2023-06-11 04:47:07 +02:00
Eugen Rochko 4c9406bdb0
Add time zone preference (#25342) 2023-06-10 03:29:37 +02:00
Claire f378f10404
Fix compatibility of recent migration with PostgreSQL 10 (#25324) 2023-06-07 01:53:50 +02:00
Nick Schonning c66250abf1
Autofix Rubocop Regex Style rules (#23690)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
Eugen Rochko 4eda233e09
Add webhook templating (#23289)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 10:42:47 +02:00
Claire e428670e61
Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-06-05 17:35:05 +02:00
Matt Jankowski e49819142f
Remove unmaintained nsa gem (#25265) 2023-06-05 01:57:05 +02:00
Nick Schonning aea67d448b
Cleanup old translationRunner (#25241) 2023-06-02 20:01:36 +02:00
Claire 0766c9a631
Add card with who invited you to join when displaying rules on sign-up (#23475) 2023-06-02 18:35:37 +02:00
Claire 94329f28e1
Change wording of “Content cache retention period” setting to highlight destructive implications (#23261) 2023-06-02 18:09:08 +02:00
Renaud Chaput 942d850b0a
Allow carets in URL search params (#25216) 2023-06-01 12:14:49 +02:00
Claire e9385e93e9
Add a confirmation screen when suspending a domain (#25144) 2023-06-01 09:37:38 +02:00
Renaud Chaput 44cd88adc4
Upgrade react-intl (#24906) 2023-05-31 23:43:39 +02:00
Renaud Chaput d27216dc46
Enforce import order with ESLint (#25096) 2023-05-23 17:15:17 +02:00
Nick Schonning c0b9664a31
Autofix Rubocop spacing in config (#25022) 2023-05-22 13:17:56 +02:00
Claire 5cd55d8aaf
Fix being able to vote on your own polls (#25015) 2023-05-17 00:08:42 +02:00