Commit Graph

8632 Commits

Author SHA1 Message Date
dependabot-preview[bot] 3d7264a94e
Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-25 22:48:52 +01:00
dependabot-preview[bot] cf39f4c4a5
Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-25 22:48:21 +01:00
dependabot-preview[bot] 4b811ab4d3
Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-25 22:47:35 +01:00
dependabot-preview[bot] 09162411fc
Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-25 22:46:39 +01:00
dependabot-preview[bot] eeb4aa5f74
Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-25 22:46:23 +01:00
ThibG f08f880f58
Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
2020-03-25 22:40:58 +01:00
ThibG 858d0dd168
Fix frontend crash when deleting announcements (#13312)
Refactor and fix #13283, which only worked in some cases.
2020-03-25 22:39:55 +01:00
ThibG beb80adb51
Change poll option hover/active styling to be less confusing (#13313) 2020-03-25 22:39:18 +01:00
Yamagishi Kazutoshi cd6d851d83
Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294) 2020-03-22 15:25:23 +01:00
Takeshi Umeda 5a1fb6efc2
Fix bookmarks also searchable (#13293) 2020-03-22 02:40:03 +01:00
dependabot-preview[bot] 56531d646e
Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0

Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Sidekiq::Logger.logger -> Sidekiq.logger

* Drop support Ruby 2.4

* update

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-03-21 12:04:54 +09:00
dependabot-preview[bot] 85ff31b904
[Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-21 03:23:25 +01:00
Shlee 221eda646b
Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock

* Update package.json

* Update public.js

* Update admin.js

* Update log_out.js

* Update common.js
2020-03-21 03:14:50 +01:00
mayaeh 44292a6952
Add link to bookmarks in web UI dropdown (#13273) 2020-03-21 03:14:28 +01:00
Jeong Arm 8c42e0b53c
Make bookmarks also searchable (#13271) 2020-03-21 03:14:10 +01:00
Daniel Sockwell 8758221e73
Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
 *  A server had more than one announcement,
 *  A user was displaying the announcements, and
 *  An announcement was deleted (or unpublished, which amounts to
    the same thing.)

As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements.  Specifically, in two places.  First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index.  This is what caused the front end crash.  Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one.  This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.

This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
2020-03-21 03:10:42 +01:00
Shlee b5dace62b0
Decommission support for Ruby 2.4 (#13287)
* Update Gemfile

* Update README.md
2020-03-21 03:10:24 +01:00
ThibG 61f35c1a8a
Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289) 2020-03-21 03:08:09 +01:00
dependabot-preview[bot] c39ad4ab2f
Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1

Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Bump capistrano from 3.11.2 to 3.12.1

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2020-03-18 21:48:03 +09:00
dependabot-preview[bot] 0b33d2b0f7
Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 20:16:46 +09:00
dependabot-preview[bot] e2b816b4da
Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 20:02:34 +09:00
dependabot-preview[bot] 1780f00948
Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 20:01:35 +09:00
dependabot-preview[bot] 897ff630e7
Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 20:00:20 +09:00
dependabot-preview[bot] e65996f92b
Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 19:55:31 +09:00
dependabot-preview[bot] ce228a440e
Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 19:45:37 +09:00
dependabot-preview[bot] 6c1e452d20
Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 19:44:21 +09:00
dependabot-preview[bot] 44cdc330ab
Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 19:43:22 +09:00
dependabot-preview[bot] 83f193361f
Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 19:42:04 +09:00
dependabot-preview[bot] a4387aceab
Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 19:41:38 +09:00
dependabot-preview[bot] 6dfc161ada
Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-18 19:40:49 +09:00
ThibG b998ec7c72
Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes #13266
2020-03-17 20:43:55 +01:00
ThibG cb12a2cdd3
Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
2020-03-12 23:06:43 +01:00
Eugen Rochko bea0bb39d6
Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI

* Add option to blacklist resolved MX and IP records for e-mail domains
2020-03-12 22:35:20 +01:00
Eugen Rochko f556f79b77
Add titles to warning presets in admin UI (#13252) 2020-03-12 17:57:59 +01:00
ThibG aeebbe90dc
Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
2020-03-10 18:39:47 +01:00
Shlee 51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile

* Update Dockerfile
2020-03-10 12:00:55 +01:00
ThibG 90f3a00062
Fix regression in “Edit media” modal in web UI (#13243) 2020-03-10 11:59:44 +01:00
ThibG 2c6099125d
Fix videos with unsupported colorspace not being transcoded (#13242) 2020-03-10 11:58:40 +01:00
ThibG abd8394880
Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239) 2020-03-09 23:15:59 +01:00
dependabot-preview[bot] 57d98b20f2
Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-09 22:33:58 +09:00
dependabot-preview[bot] 116938fc17
Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-09 22:28:25 +09:00
dependabot-preview[bot] 2c18debcd5
Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-09 22:27:25 +09:00
dependabot-preview[bot] 8c3ac755f0
Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-09 22:25:22 +09:00
mayaeh 310d729745
Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.

* update
2020-03-09 09:13:21 +01:00
Eugen Rochko 8a2b8e0321
Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
2020-03-09 02:20:18 +01:00
Eugen Rochko dc15c81e67
Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
2020-03-09 02:19:07 +01:00
dependabot-preview[bot] 7088633ae1
Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0

Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix compatibility with cld3 3.3.0

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-03-09 00:12:52 +01:00
ThibG b154428e14
Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page

* Add support for hiding followers and following of remote users

* Switch to using a single `hide_collections` column

* Address code style remarks
2020-03-09 00:10:29 +01:00
Eugen Rochko 9660aa4543
Change local media attachments to perform heavy processing asynchronously (#13210)
Fix #9106
2020-03-08 23:56:18 +01:00
dependabot-preview[bot] 764b89939f
Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-08 16:22:12 +01:00