mastodon

History

Claire 0aa0b71f2c Merge pull request from GHSA-9928-3cp5-93fm * Fix attachments getting processed despite failing content-type validation * Add a restrictive ImageMagick security policy tailored for Mastodon * Fix misdetection of MP3 files with large cover art * Reject unprocessable audio/video files instead of keeping them unchanged		2023-07-06 15:05:05 +02:00
..
0_post_deployment_migrations.rb
1_hosts.rb
2_whitelist_mode.rb
active_model_serializers.rb
application_controller_renderer.rb
assets.rb
backtrace_silencers.rb
blacklists.rb
cache_buster.rb
cache_logging.rb	Add logging for Rails cache timeouts (#21667 )	2022-11-27 20:37:37 +01:00
chewy.rb	Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327 )	2023-04-04 12:41:27 +02:00
content_security_policy.rb	Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273 )	2023-07-06 13:45:40 +02:00
cookies_serializer.rb
cors.rb
devise.rb	Fix typos in source documentation (#21046 )	2022-12-15 15:57:26 +01:00
doorkeeper.rb	Add missing admin scopes (fix #20892 ) (#20918 )	2022-11-17 10:50:21 +01:00
fast_blank.rb
ffmpeg.rb
filter_parameter_logging.rb
http_client_proxy.rb	Support "http_hidden_proxy" ENV var for hidden service only proxy (#18427 )	2022-08-25 04:41:14 +02:00
httplog.rb
inflections.rb	Add user content translations with configurable backends (#19218 )	2022-09-23 23:00:12 +02:00
json_ld.rb
kaminari_config.rb
mail_delivery_job.rb
makara.rb
mime_types.rb
oj.rb
omniauth.rb	Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored (#18568 )	2022-06-01 19:22:55 +02:00
open_uri_redirection.rb
paperclip.rb	Merge pull request from GHSA-9928-3cp5-93fm	2023-07-06 15:05:05 +02:00
permissions_policy.rb
pghero.rb
preload_link_headers.rb
premailer_rails.rb
rack_attack.rb	Change rate limits to 1,500/5m per user, 300/5m per app (#23347 )	2023-02-02 00:07:49 +01:00
rack_attack_logging.rb
session_activations.rb
session_store.rb
sidekiq.rb	Fix vacuum scheduler missing lock, locks never expiring (#19458 )	2022-10-26 12:10:48 +02:00
simple_form.rb	Change "Allow trends without prior review" setting to include statuses (#17977 )	2022-08-28 04:00:39 +02:00
single_user_mode.rb
statsd.rb
stoplight.rb	Fix opening and closing Redis connections instead of using a pool (#18171 )	2022-04-29 22:43:07 +02:00
strong_migrations.rb
suppress_csrf_warnings.rb
trusted_proxies.rb
twitter_regex.rb	Allow carets in URL search params (#25216 )	2023-07-06 13:45:40 +02:00
vapid.rb
webauthn.rb
wrap_parameters.rb