Commit Graph

340 Commits

Author SHA1 Message Date
dependabot[bot]
793fb7499d Bump annotate from 2.7.3 to 2.7.4 (#8840)
Bumps [annotate](https://github.com/ctran/annotate_models) from 2.7.3 to 2.7.4.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.rdoc)
- [Commits](https://github.com/ctran/annotate_models/compare/v2.7.3...v2.7.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 14:10:07 +02:00
dependabot[bot]
746da5ccda Bump ox from 2.9.2 to 2.10.0 (#8837)
Bumps [ox](https://github.com/ohler55/ox) from 2.9.2 to 2.10.0.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.9.2...v2.10.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 14:08:33 +02:00
Thibaut Girka
c91d9b7389 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/lib/user_settings_decorator.rb
	app/models/user.rb
	app/serializers/initial_state_serializer.rb
	app/views/stream_entries/_simple_status.html.haml
	config/locales/simple_form.en.yml
	config/locales/simple_form.ja.yml
	config/locales/simple_form.pl.yml
	config/routes.rb
2018-10-01 12:43:20 +02:00
dependabot[bot]
e02c45941d Bump strong_migrations from 0.2.2 to 0.2.3 (#8818)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.2.2 to 0.2.3.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.2.2...v0.2.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:35:44 +02:00
dependabot[bot]
5da51771cd Bump oj from 3.5.1 to 3.6.11 (#8815)
Bumps [oj](https://github.com/ohler55/oj) from 3.5.1 to 3.6.11.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.5.1...v3.6.11)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:34:31 +02:00
dependabot[bot]
b6985482f7 Bump bootsnap from 1.3.0 to 1.3.2 (#8816)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.3.0 to 1.3.2.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.3.0...v1.3.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:33:10 +02:00
dependabot[bot]
ec745b32de Bump simple_form from 4.0.0 to 4.0.1 (#8814)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/plataformatec/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v4.0.0...v4.0.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:32:40 +02:00
dependabot[bot]
e046a987f6 Bump capistrano from 3.10.2 to 3.11.0 (#8801)
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.10.2 to 3.11.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Changelog](https://github.com/capistrano/capistrano/blob/master/CHANGELOG.md)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.10.2...v3.11.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 18:24:06 +02:00
dependabot[bot]
20a87b2c7f Bump stackprof from 0.2.11 to 0.2.12 (#8803)
Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.11 to 0.2.12.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 17:11:54 +02:00
dependabot[bot]
1cb8600a45 Bump tty-command from 0.8.0 to 0.8.2 (#8802)
Bumps [tty-command](https://github.com/piotrmurach/tty-command) from 0.8.0 to 0.8.2.
- [Release notes](https://github.com/piotrmurach/tty-command/releases)
- [Changelog](https://github.com/piotrmurach/tty-command/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-command/compare/v0.8.0...v0.8.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 17:11:29 +02:00
dependabot[bot]
42ab93c8b2 Bump tzinfo-data from 1.2018.4 to 1.2018.5 (#8800)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2018.4 to 1.2018.5.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2018.4...v1.2018.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 14:59:15 +09:00
dependabot[bot]
7efa3d02c7 Bump sidekiq-scheduler from 2.2.1 to 3.0.0 (#8789)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 2.2.1 to 3.0.0.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v2.2.1...v3.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:11:21 +09:00
dependabot[bot]
65e7c6d9b5 Bump tty-prompt from 0.16.0 to 0.17.0 (#8791)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.16.0...v0.17.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:02:38 +09:00
dependabot[bot]
30342c865a Bump memory_profiler from 0.9.10 to 0.9.11 (#8790)
Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler) from 0.9.10 to 0.9.11.
- [Release notes](https://github.com/SamSaffron/memory_profiler/releases)
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v0.9.10...v0.9.11)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 15:06:05 +09:00
dependabot[bot]
3064917881 Bump pkg-config from 1.3.0 to 1.3.1 (#8788)
Bumps [pkg-config](https://github.com/ruby-gnome2/pkg-config) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/ruby-gnome2/pkg-config/releases)
- [Changelog](https://github.com/ruby-gnome2/pkg-config/blob/master/NEWS)
- [Commits](https://github.com/ruby-gnome2/pkg-config/compare/1.3.0...1.3.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 14:50:02 +09:00
Grey Baker
6e075b9cc4 Bump devise from 4.4.3 to 4.5.0 (#8778)
Bumps [devise](https://github.com/plataformatec/devise) from 4.4.3 to 4.5.0.
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/plataformatec/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v4.4.3...v4.5.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 04:27:53 +09:00
dependabot[bot]
8096df1055 Bump sidekiq from 5.1.3 to 5.2.2 (#8779)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.1.3 to 5.2.2.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.1.3...v5.2.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:33:00 +02:00
dependabot[bot]
29e2d9e1b7 Bump mime-types from 3.1 to 3.2.2 (#8781)
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types) from 3.1 to 3.2.2.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases)
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/master/History.md)
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.1...v3.2.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:32:37 +02:00
dependabot[bot]
d7f8e2ea41 Bump sanitize from 4.6.4 to 4.6.6 (#8783)
Bumps [sanitize](https://github.com/rgrove/sanitize) from 4.6.4 to 4.6.6.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v4.6.4...v4.6.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 03:31:46 +09:00
dependabot[bot]
a7f75485d1 Bump pghero from 2.1.0 to 2.2.0 (#8782)
Bumps [pghero](https://github.com/ankane/pghero) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.1.0...v2.2.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:31:40 +02:00
Eugen Rochko
56efc28189
Update ruby dependencies (#8743)
* Update ffi to 1.9.25

* Update private_address_check to 0.5.0
2018-09-21 00:42:59 +02:00
Thibaut Girka
91bef4759f Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	Vagrantfile
	app/javascript/packs/public.js
	app/views/admin/settings/edit.html.haml
	app/views/settings/preferences/show.html.haml
	app/views/settings/profiles/show.html.haml
	config/locales/es.yml
	config/locales/simple_form.en.yml
	config/webpack/configuration.js
	config/webpack/loaders/babel.js
	package.json
	yarn.lock

Split new additions to app/javascript/packs/public.js to
app/javascript/core/settings.js
2018-09-19 21:46:01 +02:00
Yamagishi Kazutoshi
0ddbccf7e6 Upgrade Babel to version 7.0.0 (#5925) 2018-09-14 17:59:48 +02:00
Alexander
64a5561b5a update devise_pam_authenticatable2, new feature: pam gets ip address of client (#8623) 2018-09-14 17:42:45 +02:00
Thibaut Girka
53b7bb9d04 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/controllers/api/v1/mutes_controller.rb
	config/locales/simple_form.pl.yml
2018-08-27 18:09:28 +02:00
Eugen Rochko
c597249124
Add thor to Gemfile directly (#8467)
It's a common dependency, but just in case
2018-08-26 20:02:32 +02:00
Thibaut Girka
36393e1d2b Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/views/layouts/application.html.haml

Edited:
        app/helpers/application_helper.rb
        app/views/admin/domain_blocks/new.html.haml

Conflict wasn't really one, just two changes too close to one another.
Edition was to adapt the class names for themes to class names for
skins and flavours.

Also edited app/views/admin/domain_blocks/new.html.haml to strip the
duplicate admin pack inclusion thing.
2018-08-26 14:23:24 +02:00
Alexander
cfe3cd58d6 fix pam authentication for certain hostnames (#8412) 2018-08-25 22:35:29 +02:00
Eugen Rochko
b37ae64578
Upgrade Doorkeeper to 5.0.0 (#8409)
See doorkeeper-gem/doorkeeper#1137
2018-08-24 18:17:11 +02:00
Thibaut Girka
8b4abaa90d Merge branch 'master' into glitch-soc/master
Conflicts:
	config/routes.rb

Added the “endorsements” route from upstream.
2018-08-21 18:24:48 +02:00
ThibG
f06fa09962 Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote (#8339)
* Fix uncaching worker

* Revert to using Paperclip's filesystem backend instead of fog-local

fog-local has lots of concurrency issues, causing failure to delete files,
dangling file records, and spurious errors UncacheMediaWorker
2018-08-21 17:53:01 +02:00
ThibG
8ac5e651e1 Upgrade doorkeeper to 4.4.2 (#8321) 2018-08-20 22:42:02 +02:00
Thibaut Girka
88a0395a58 Merge branch 'master' into glitch-soc/merge-upstream 2018-08-19 09:27:18 +02:00
AkiraFukushima
58ffe3f7c3 Revert "Upgrade Doorkeeper to 4.4.1 (#8197)" (#8231)
* Revert "Upgrade Doorkeeper to 4.4.1 (#8197)"

This reverts commit 464daffdf9.

* Except migration files from revert commit
2018-08-19 03:20:37 +02:00
Eugen Rochko
c6eab9e0aa
Add Makara dependency to support read-replicas (#8216)
Not active by default unless config/database.yml is edited
2018-08-18 21:06:12 +02:00
Eugen Rochko
464daffdf9
Upgrade Doorkeeper to 4.4.1 (#8197) 2018-08-14 20:24:47 +02:00
S.H
5f41bbd274 Update Rails (#8141)
* Update Rails

* fix Update Rails
2018-08-13 18:17:20 +02:00
S.H
2aeeffc3ec Update Rails (#8141)
* Update Rails

* fix Update Rails
2018-08-12 12:25:23 +02:00
Thibaut Girka
ab5f450700 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/models/user.rb

Resolved by adding :default_language to user settings fields
2018-06-21 20:49:57 +02:00
Daigo 3 Dango
cd1b90d223 Update sprockets gem (#7858)
https://blog.heroku.com/rails-asset-pipeline-vulnerability
2018-06-20 15:22:37 +02:00
Eugen Rochko
1a9124f50b
Update bcrypt to 3.1.12 fix issue with Fedora (#7845) 2018-06-19 00:19:17 +02:00
Thibaut Girka
db200226b8 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	app/javascript/mastodon/initial_state.js
	db/schema.rb

Upstream added a new field to initial_state.
Not too sure about what happened with db/schema.rb though…
2018-06-15 20:51:39 +02:00
Eugen Rochko
53f0452b70
Remove rack-timeout (#7809)
Timeout considered harmful due to leaving the app in a broken
state, including unreaped database connections
2018-06-15 19:46:25 +02:00
Thibaut Girka
b481e4fac1 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	config/locales/simple_form.ja.yml
2018-05-19 22:41:10 +02:00
MIYAGI Hikaru
0b1f88cfd5 Upgrade posix-spawn to master (#7542) 2018-05-19 02:20:43 +02:00
Thibaut Girka
78ac246b87 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
	Gemfile

Solved conflicts by using upstream's line for posix-spawn
2018-05-16 21:52:38 +02:00
MIYAGI Hikaru
6bed372ad2 Fix posix-spawn to version 0.3.12 (#7517)
Because 0.3.13 causes build error in x86 or other ILP32 environments.
closes #7453
2018-05-16 16:52:19 +02:00
Thibaut Girka
ba7ee67498 Merge branch 'master' into glitch-soc/merge 2018-05-14 20:51:50 +02:00
Yamagishi Kazutoshi
f77b11cd10 Update http_parser.rb to head version (#7467) 2018-05-13 11:32:46 +02:00
Yamagishi Kazutoshi
4d706f9976 Downgrade doorkeeper to version 4.2.6 (#7456)
ref https://github.com/doorkeeper-gem/doorkeeper/pull/1060
2018-05-12 12:08:12 +02:00
Thibaut Girka
1c9c0167b7 Merge branch 'master' into glitch-soc/master
Conflicts:
	app/models/account.rb
	app/views/accounts/_header.html.haml
2018-05-10 00:03:28 +02:00
Yamagishi Kazutoshi
8c35d163a5 Port travis_retry for CI (#7379)
* Port travis_retry for CI

* Add license
2018-05-06 10:55:50 +02:00
David Yip
77a92d3260
Merge remote-tracking branch 'origin/master' into merge-upstream
Conflicts:
 	Gemfile.lock
2018-05-04 09:42:31 -05:00
Eugen Rochko
a78b27c7cc
Marginally improve convert/ffmpeg calls performance with posix-spawn (#7346) 2018-05-04 13:22:23 +02:00
David Yip
c816701550
Merge remote-tracking branch 'origin/master' into gs-master
Conflicts:
 	.travis.yml
 	Gemfile.lock
 	README.md
 	app/controllers/settings/follower_domains_controller.rb
 	app/controllers/statuses_controller.rb
 	app/javascript/mastodon/locales/ja.json
 	app/lib/feed_manager.rb
 	app/models/media_attachment.rb
 	app/models/mute.rb
 	app/models/status.rb
 	app/services/mute_service.rb
 	app/views/home/index.html.haml
 	app/views/stream_entries/_simple_status.html.haml
 	config/locales/ca.yml
 	config/locales/en.yml
 	config/locales/es.yml
 	config/locales/fr.yml
 	config/locales/nl.yml
 	config/locales/pl.yml
 	config/locales/pt-BR.yml
 	config/themes.yml
2018-05-03 17:23:44 -05:00
Shuhei Kitagawa
ab773e4d5f Add pry-byebug (#7307) 2018-05-03 12:08:54 +02:00
Eugen Rochko
cb5b5cb5f7
Slightly reduce RAM usage (#7301)
* No need to re-require sidekiq plugins, they are required via Gemfile

* Add derailed_benchmarks tool, no need to require TTY gems in Gemfile

* Replace ruby-oembed with FetchOEmbedService

Reduce startup by 45382 allocated objects

* Remove preloaded JSON-LD in favour of caching HTTP responses

Reduce boot RAM by about 6 MiB

* Fix tests

* Fix test suite by stubbing out JSON-LD contexts
2018-05-02 18:58:48 +02:00
Yamagishi Kazutoshi
9613a53cb3 Update dependencies for Ruby (2018-04-23) (#7237)
* Update annotate to version 2.7.3

* Update aws-sdk-s3 to version 1.9.2

* Update browser to version 2.5.3

* Update capistrano to version 3.10.2

* Update domain_name to version 0.5.20180417

* Update http to version 3.2.0

* Update lograge to version 0.10.0

* Update oj to version 3.5.1

* Update parallel_tests to version 2.21.3

* Update puma to version 3.11.4

* Update rubocop to version 0.55.0

* Update scss_lint to version 0.57.0

* Update simplecov to version 0.16.1

* Update tty-command to version 0.8.0

* Update tty-prompt to version 0.16.0

* Update pkg-config to version 1.3.0

* Update fog-local to version 0.5.0

* Update fog-openstack to version 0.1.25

* Update devise-two-factor to version 3.0.3

* bundle update
2018-04-23 11:29:17 +02:00
Yamagishi Kazutoshi
b438224751 Introduce rspec-retry (#7206) 2018-04-20 19:31:30 +02:00
David Yip
ed490b781f
Merge remote-tracking branch 'origin/master' into gs-master
Conflicts:
 	Gemfile.lock
 	config/application.rb
2018-04-13 16:36:46 -05:00
Yamagishi Kazutoshi
50529cbceb Upgrade Rails to version 5.2.0 (#5898) 2018-04-12 14:45:17 +02:00
David Yip
a817f084ea
Merge remote-tracking branch 'tootsuite/master'
Conflicts:
 	app/controllers/statuses_controller.rb
2018-04-12 03:30:57 -05:00
Alexander
8e88a18316 update gem, test pam authentication (#7028)
* update gem, test pam authentication

* add description for test parameters

* fix inclusion of optional group
2018-04-11 21:40:38 +02:00
David Yip
67e77f230e
Merge remote-tracking branch 'origin/master' into gs-master
Conflicts:
 	app/serializers/initial_state_serializer.rb

The glitch flavour isn't yet pulling custom emoji data on its own (see
https://github.com/tootsuite/mastodon/pull/7047).  Once that gets into
the glitch flavour, we can eliminate the custom_emojis load.
2018-04-08 19:05:02 -05:00
Eugen Rochko
d4de2239b0
Add a circuit breaker for ActivityPub deliveries (#7053) 2018-04-07 21:36:58 +02:00
Jenkins
f0bb3ff533 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-03-30 19:17:17 +00:00
Pierre-Morgan Gate
47cee7cc8e Upgrade charlock_holmes to version 0.7.6 (#6966)
This version fixes compilation errors when trying to build its native extension with ICU 61.
2018-03-30 09:52:44 +02:00
Jenkins
837b3804bf Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-03-25 15:17:21 +00:00
Yamagishi Kazutoshi
28384c1771 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
This reverts commit 40871caa4b.
2018-03-24 12:52:45 +01:00
Jenkins
6290cd7969 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-03-21 17:17:20 +00:00
Patrick Figel
d97903a358 Update sanitize and loofah (#6855)
Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS
vulnerabilities present in these gems when built against
libxml2 >= 2.9.2.
2018-03-21 17:43:28 +01:00
Jenkins
df70571bfe Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-03-19 20:17:18 +00:00
Alexander
0306e3e9be bugfixes and gem update (#6831)
* update to new version of devise_pam_authenticatable2

* fix behaviour if suffix is nil, fix environment loading, fix user email creation

* code cleanup/fix linter warning
2018-03-19 20:08:56 +01:00
Eugen Rochko
40871caa4b
Revert "Upgrade Paperclip to version 6.0.0" (#6807)
* Revert "Bump version to 2.3.2rc1"

This reverts commit cdf8b92fea.

* Revert "Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)"

This reverts commit 0074cad44f.

* Revert "Handle Mastodon::HostValidationError when pulling remoteable assets (#6782)"

This reverts commit 4a0a19fe54.

* Revert "Correct the reference to user's password in mastodon:add_user task (#6800)"

This reverts commit 338bff8b93.

* Revert "Upgrade Paperclip to version 6.0.0 (#6754)"

This reverts commit b88fcd53f7.
2018-03-17 14:20:35 +01:00
Yamagishi Kazutoshi
b88fcd53f7 Upgrade Paperclip to version 6.0.0 (#6754) 2018-03-17 12:37:58 +01:00
Jenkins
447d7e6127 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-03-09 00:17:17 +00:00
Yamagishi Kazutoshi
e9e475a29d Upgrade chewy to version 5.0.0 (#6649) 2018-03-06 06:14:26 +01:00
David Yip
1b8fcd4df5
Merge remote-tracking branch 'origin/master' into merge-upstream
Conflicts:
 	README.md
 	app/controllers/follower_accounts_controller.rb
 	app/controllers/following_accounts_controller.rb
 	app/serializers/rest/instance_serializer.rb
 	app/views/stream_entries/_simple_status.html.haml
 	config/locales/simple_form.ja.yml
2018-03-02 21:46:44 -06:00
Patrick Figel
e4db0f28d2 Update omniauth-saml to 1.10 (#6587)
Fixes CVE-2017-11428
2018-03-02 02:32:08 +01:00
Eugen Rochko
47bdb9b33b
Fix #942: Seamless LDAP login (#6556) 2018-02-28 19:04:53 +01:00
masarakki
22a441e374 remove-uglifier (#6561) 2018-02-26 16:19:48 +01:00
Akihiko Odaki
2e8a492e88 Raise Mastodon::HostValidationError when host for HTTP request is private (#6410) 2018-02-24 19:16:11 +01:00
imncls
bb6988a7ac
Merge branch 'master' of https://github.com/tootsuite/mastodon
# Conflicts:
#	app/controllers/settings/exports_controller.rb
#	app/models/media_attachment.rb
#	app/models/status.rb
#	app/views/about/show.html.haml
#	docker_entrypoint.sh
#	spec/views/about/show.html.haml_spec.rb
2018-02-23 23:28:31 +09:00
Eugen Rochko
61ed133fea
Account archive download (#6460)
* Fix #201: Account archive download

* Export actor and private key in the archive

* Optimize BackupService

- Add conversation to cached associations of status, because
  somehow it was forgotten and is source of N+1 queries
- Explicitly call GC between batches of records being fetched
  (Model class allocations are the worst offender)
- Stream media files into the tar in 1MB chunks
  (Do not allocate media file (up to 8MB) as string into memory)
- Use #bytesize instead of #size to calculate file size for JSON
  (Fix FileOverflow error)
- Segment media into subfolders by status ID because apparently
  GIF-to-MP4 media are all named "media.mp4" for some reason

* Keep uniquely generated filename in Paperclip::GifTranscoder

* Ensure dumped files do not overwrite each other by maintaing directory partitions

* Give tar archives a good name

* Add scheduler to remove week-old backups

* Fix code style issue
2018-02-21 23:21:32 +01:00
Eugen Rochko
a7171af0a3
Fix avatar and header issues by using custom geometry detector (#6515)
* Fix avatar and header issues by using custom geometry detector

Revert a part of #6508. The file passed to dynamic styles method
was not actually a file, but an instance of Paperclip::Attachment,
which broke all styles by always returning {} from the method.

One problem with GIF avatars was that Paperclip::GeometryDetector
reported wrong dimensions for them, e.g. 120x120 GIF avatar would
for some reason be detected as 120x53. By writing our own geometry
parser, we can use FastImage, which also happens to be faster than
ImageMagick, to detect image dimensions, which are also correct.

Unfortunately, this PR does not implement skipping a `convert`
entirely if the dimensions are already correct, as I found no easy
way to write that behaviour into Paperclip without rewriting the
Paperclip::Thumbnail class.

* Only invoke convert if dimension or format needs to be changed
2018-02-21 03:40:12 +01:00
David Yip
3d033a4687
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
Conflicts:
	Gemfile
	config/locales/simple_form.pl.yml
2018-02-17 00:02:37 -06:00
Eugen Rochko
9dbae6e8a1
Save video metadata and improve video OpenGraph tags (#6481)
* Save metadata from video attachments, put correct dimensions into OG tags

* Add twitter:player for videos

* Fix code style and test
2018-02-16 07:22:20 +01:00
Jenkins
5ffa6f0fa1 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-02-11 18:17:11 +00:00
Eugen Rochko
cf36d184f4
Interactive rake mastodon:setup task (#6451)
* Add better CLI prompt

* Add rake mastodon:setup interactive wizard

* Test db/redis/smtp configurations and add admin user at the end

* Test database connection even when database does not exist yet
2018-02-11 18:40:57 +01:00
Jenkins
efc9ffcb80 Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-02-11 04:10:16 +00:00
David Yip
9105b0c954
Introduce html2text for extracting plaintext from statuses. #236.
Unlike strip_tags, html2text will preserve text present in other nodes,
e.g. anchor tags:

    [1] pry(main)> str = '<a href="http://www.example.com">A link</a>'
    => "<a href=\"http://www.example.com\">A link</a>"
    [2] pry(main)> Html2Text.convert(str)
    => "[A link](http://www.example.com)"
    [3] pry(main)> include ActionView::Helpers::SanitizeHelper
    => Object
    [4] pry(main)> strip_tags(str)
    => "A link"

Preserving the href of an anchor allows keyword mutes to also match on
URLs, which is something that the frontend regex filter can currently
do.
2018-02-10 10:36:16 -06:00
Eugen Rochko
3ebc0ad4d3
Full-text search for authorized statuses (#6423)
* Add full-text search for authorized statuses

- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index

Fix #5880
Fix #4293
Fix #1152

* Add commented out docker-compose configuration for ES container

* Optimize index import, filter search results

* Add basic normalization to the index

* Add better stemming and normalization to the index

* Skip webfinger request if search query includes both @ and a space

* Fix code style

* Visually separate search result sections

* Fix code style issues
2018-02-09 23:04:47 +01:00
David Yip
a6fb1c58ee
Merge remote-tracking branch 'origin/master' into merge-upstream
Conflicts:
	.env.production.sample
	app/controllers/auth/confirmations_controller.rb
	db/schema.rb
2018-02-04 16:36:19 -06:00
Eugen Rochko
26f21fd5a0
CAS + SAML authentication feature (#6425)
* Cas authentication feature

* Config

* Remove class_eval + Omniauth initializer

* Codeclimate review

* Codeclimate review 2

* Codeclimate review 3

* Remove uid/email reconciliation

* SAML authentication

* Clean up code

* Improve login form

* Fix code style issues

* Add locales
2018-02-04 05:42:13 +01:00
David Yip
4c1fd9a19c
Merge remote-tracking branch 'tootsuite/master' into merge-upstream
Conflicts:
      app/javascript/styles/mastodon/components.scss
2018-02-02 08:39:52 -06:00
Alexander
04fef7b888 pam authentication (#5303)
* add pam support, without extra column

* bugfixes for pam login

* document options

* fix code style

* fix codestyle

* fix tests

* don't call remember_me without password

* fix codestyle

* improve checks for pam usage (should fix tests)

* fix remember_me part 1

* add remember_token column because :rememberable requires either a password or this column.

* migrate db for remember_token

* move pam_authentication to the right place, fix logic bug in edit.html.haml

* fix tests

* fix pam authentication, improve username lookup, add comment

* valid? is sometimes not honored, return nil instead trying to authenticate with pam

* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests

* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user

* codeconvention fixes

* code convention fixes

* fix idention

* update dependency, explicit conflict check

* fix disabled password updates if in pam mode

* fix check password if password is present, fix templates

* block registration if account is maintained by pam

* Revert "block registration if account is maintained by pam"

This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.

* fix identation error introduced by rebase

* block usernames maintained by pam

* document pam settings better

* fix code style
2018-02-02 10:18:55 +01:00
Rob Watson
f4bd51da1e Upgrade Paperclip > 5.2.1 (#6404)
Mitigation for CVE-2017-0889.

https://www.cvedetails.com/cve/CVE-2017-0889/
https://medium.com/in-the-weeds/all-about-paperclips-cve-2017-0889-server-side-request-forgery-ssrf-vulnerability-8cb2b1c96fe8
2018-02-01 17:54:22 +01:00
Jenkins
0e10667fbe Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master 2018-01-24 19:17:11 +00:00
Eugen Rochko
d966878e87
Update goldfinger, ostatus2 and http.rb versions (#6337) 2018-01-23 14:30:42 +01:00
David Yip
1253279feb
Merge remote-tracking branch 'origin/master' into merge-upstream
Conflicts:
	app/controllers/settings/two_factor_authentication/confirmations_controller.rb
2018-01-21 13:36:10 -06:00