Commit graph

8692 commits

Author SHA1 Message Date
Claire f60c99a8fb Merge branch 'main' into glitch-soc/merge-upstream 2021-03-24 10:53:50 +01:00
Claire cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
Claire 1c4dee4554
Fix Mastodon not understanding as:Public and Public (#15948)
Fixes #5551
2021-03-24 10:19:40 +01:00
Claire 034f37b85a
Fix compose form behavior in mobile view (#15555)
* Fix ComposeForm being mounted twice in mobile view

Fixes #13094

* Fix compose form focus and pre-selection behavior in mobile view

* Split _updateFocusAndSelection out of componentDidUpdate
2021-03-24 10:19:07 +01:00
dependabot[bot] c3aef491d6
Bump react-select from 3.2.0 to 4.0.2 (#15624)
* Bump react-select from 3.2.0 to 4.0.2

Bumps [react-select](https://github.com/JedWatson/react-select) from 3.2.0 to 4.0.2.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.2.0...react-select@4.0.2)

Signed-off-by: dependabot[bot] <support@github.com>

* Add cacheKey to NonceProvider for react-select

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-03-22 15:41:47 +09:00
Claire 876840e9ef
Fix brakeman warning (#15870)
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.

This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
Claire 051efed5ed
Bypass MX validation for explicitly allowed domains (#15930)
* Bypass MX validation for explicitly allowed domains

This spares some lookups and prevent issues in some edge cases with
local domains.

* Add tests

* Fix test
2021-03-19 23:48:47 +01:00
Claire 5d48402be1
Fixing the hero widget (#15926)
* Removing last-child padding conflicts with light theme in hero widget

* Add missing background color to widget

* Reset widget.scss to default

* Hope this works

Co-authored-by: koyu <me@koyu.space>
2021-03-19 20:23:32 +01:00
Claire 39a490c70e
Fix custom CSS when CDN_HOST is set (#15927) 2021-03-19 20:23:08 +01:00
Eugen Rochko af8fe6e1e9
WIP (#15222) 2021-03-19 17:15:36 +01:00
Claire 2bb573d021 Messing around with box-shadow
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-03-19 14:47:57 +01:00
Claire e71f4d468b Add more button states?
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-03-19 14:47:54 +01:00
Claire 200d7a1708 Change notification settings UI to be more compact
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-03-19 14:47:06 +01:00
Claire 3b7b607300 Migrate glitch-soc local notification settings to upstream system 2021-03-19 13:57:36 +01:00
Claire db6551ec09 Add option to opt out of unread notification markers
Port 55ac2b9c60 to glitch-soc
2021-03-19 13:57:32 +01:00
Claire 3ad6ef72cb Merge branch 'main' into glitch-soc/merge-upstream 2021-03-19 13:57:15 +01:00
Claire 741d0952b1
Improve account counters handling (#15913)
* Improve account counters handling

* Use ActiveRecord::Base::sanitize_sql to pass values instead of interpolating them

Keep using string interpolation for `key` as it is safe and using
“ActiveRecord::Base::sanitize_sql_hash_for_assignment” would require stitching
bits of SQL in a way that is not more easily checked for safety.

* Add migration hook to catch PostgreSQL versions earlier than 9.5
2021-03-19 13:14:57 +01:00
Claire b358229834
Further preparation for Rails 6 (#15916)
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash

They do the same thing, and to_hash has been removed from Rails 6.1

* Explicitly name polymorphic indexes to workaround a bug in Rails 6.1

cf. https://github.com/rails/rails/issues/41693

* Fix incorrect usage of “foreign_key” in migration script

* Use `ActiveModel::Errors#delete` instead of deprecated clear method

* Fix link headers tests on Rails 6.1

Rails 6.1 adds values to the Link header by default, thus it is not a
LinkHeader object anymore. Fix the test to parse the Link header instead
of assuming it is a LinkHeader.
2021-03-19 02:45:34 +01:00
Claire 55ac2b9c60
Add option to opt out of unread notification markers (#15842)
Fixes #15133
2021-03-19 02:44:57 +01:00
Claire a4dcaef53b
Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Claire 5027abecd1
Fix cache_collection crashing when given an empty collection (#15921)
* Fix cache_collection crashing when given an empty collection

* Add tests
2021-03-18 00:41:32 +01:00
Claire 43eff898a0
Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-17 10:09:55 +01:00
Claire eac4a3e9c8 Merge branch 'main' into glitch-soc/merge-upstream 2021-03-15 11:26:59 +01:00
Eugen Rochko e89e976e92
Fix configuration for sidekiq-unique-jobs after 7.x upgrade (#15908)
Remove locks from scheduled jobs
2021-03-15 11:17:43 +01:00
Filipe Rodrigues 3dc94d9f91
Fix reference to non-existing translation in the exports page. (#15894)
The exports page showed a different "CSV" capitalisation in the
"Bookmarks" row ("Csv") compared to the other rows ("CSV").
This was due to a referece to a translation string that does not exist,
`bookmarks.csv`, defaulting to the key's last segment in title case.

This issue was introduced in commit dcd86204 (PR #14956).

(h/t @meqif for helping with figuring out the bug)
2021-03-15 02:17:29 +01:00
Claire 995ad2af30 Fix DM timeline failing to load from database 2021-03-12 23:17:34 +01:00
Claire 1b02d29be5
Fix not being able to change world filter expiration back to “Never” (#15858)
Fixes #15849
2021-03-12 05:25:50 +01:00
Claire 5cc45d22d3
Remove subscription_expires_at leftover from OStatus (#15857) 2021-03-12 05:25:24 +01:00
Claire 1b6a21e6bc Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_length_validator.rb`:
  Conflict due to glitch-soc's configurable maximum toot chars.
  Ported upstream changes.
2021-03-11 16:08:15 +01:00
Claire 67c5cdea40
Fix some ignored brakeman warnings (#15829) 2021-03-07 07:06:56 +01:00
Claire 318efa49de Fix various CodeClimate warnings 2021-03-06 14:51:53 +01:00
Claire 5614e6724e
Fix URL scanning in note length validator and preview card fetching (#15827)
* Add tests

* Fix URL scanning in note length validator and preview card fetching
2021-03-04 00:12:26 +01:00
Claire 7336276252 [Glitch] Update twitter-text from 1.14 to 3.1.0 and fix toot character counting
Port 65db262550 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-03-02 12:37:23 +01:00
Claire 7cffe8dca7 [Glitch] Add borders to 📱 and 📲 emojis
Port a8139ab016 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-03-02 12:27:29 +01:00
Claire 974ddc28a3 [Glitch] Fix WebUI crashing when SVG support is disabled
Port 0635c8760d to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-03-02 12:26:12 +01:00
Claire d8fdbb054e Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `app/validators/status_length_validator.rb`:
  Upstream changes too close to glitch-soc MAX_CHARS changes, but not a real
  conflict.
  Applied upstream changes.
- `package.json`:
  glitch-soc-only dependency textually too close to a dependency updated
  upstream, not a real conflict.
  Applied upstream changes.
2021-03-02 12:06:58 +01:00
Claire 65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
2021-03-02 12:02:56 +01:00
Claire a8139ab016
Add borders to 📱 and 📲 emojis (#15794) 2021-03-01 21:22:54 +01:00
Eugen Rochko ee1119208c
Add POST /api/v1/emails/confirmations to REST API (#15816)
Only available to the application the user originally signed-up with
2021-03-01 18:39:47 +01:00
Eugen Rochko 9aa37b32c3
Add details to error response for POST /api/v1/accounts in REST API (#15803) 2021-03-01 04:59:13 +01:00
Claire 0635c8760d
Fix WebUI crashing when SVG support is disabled (#15809)
Fixes #14910
2021-02-28 01:01:34 +01:00
Claire 75189af528
Fix crash on receiving requests with missing Digest header (#15782)
* Fix crash on receiving requests with missing Digest header

Return an error pointing out that Digest is missing, instead of crashing.

Fixes #15743

* Fix from review feedback
2021-02-26 17:40:27 +01:00
Claire 4f19504986
Add inline description of moderation actions in moderation interface (#15792) 2021-02-24 16:53:16 +01:00
Claire 5f4c0b79c2
Change ResolveAccountService's handling of skip_webfinger (#15750)
* Change ResolveAccountService's handling of skip_webfinger

Change it so it never makes any webfinger query, as the name would imply.

* Add tests

* Change FollowService to not take an URI for target_account

* Restore domain-block check in FollowService

* Fix tests
2021-02-24 06:32:13 +01:00
Claire 1b50ac08c1
Fix server rules not being displayed if extended server discription isn't set (#15778) 2021-02-22 18:26:24 +01:00
abcang 6ae04d990c [Glitch] Fix default searchTokens
Port 2127f40e6b to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-02-22 15:47:17 +01:00
Eugen Rochko 24fb5d7572 [Glitch] Add server rules
Port SCSS changes from 8331fdf7e0 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2021-02-22 15:45:28 +01:00
Claire 679642e26c Merge branch 'main' into glitch-soc/merge-upstream 2021-02-22 15:23:46 +01:00
abcang 2127f40e6b
Fix default searchTokens (#15775) 2021-02-22 11:26:08 +01:00
Eugen Rochko 8331fdf7e0
Add server rules (#15769) 2021-02-21 19:50:12 +01:00