Sebastian Jambor
a3c81fc929
Merge tag 'v4.1.4' into merge-security-fix
2023-07-11 13:11:33 +02:00
Sebastian Jambor
b45e686a89
Merge tag 'v4.1.3' into merge-security-fix
2023-07-11 13:07:56 +02:00
Claire
3f5af768c8
Bump version to v4.1.4
2023-07-07 19:37:21 +02:00
Claire
015ed99612
Fix branding:generate_app_icons failing because of disallowed ICO coder ( #25794 )
2023-07-07 19:37:21 +02:00
Claire
0d5781ca76
Bump version to v4.1.3
2023-07-06 15:07:20 +02:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
c4f2609f7a
Merge pull request from GHSA-ccm4-vgcc-73hp
...
* Tighten allowed HTML in oEmbed-based preview cards
* Sanitize preview cards at render time
* Add `sandbox` attribute to preview card iframes
2023-07-06 15:03:33 +02:00
Claire
9b6c0cac7d
Add hardened headers to user-uploaded files ( #25756 )
2023-07-06 14:32:26 +02:00
Daniel M Brasil
bd7cbeeadf
Fix tootctl accounts approve --number N
not aproving N earliest registrations ( #24605 )
2023-07-06 13:45:40 +02:00
Sebastian Jambor
7ee124508e
catch exceptions in activity subscriber
2023-07-03 19:56:10 +02:00
Sebastian Jambor
57f7eb4cd8
add sender to activity log json
2023-04-17 17:54:35 +02:00
Sebastian Jambor
66dd1c0326
use resdis configuration for activity log
2023-04-17 17:53:13 +02:00
Sebastian Jambor
e13a05cb83
integrate audience helper
2023-04-17 17:50:35 +02:00
Sebastian Jambor
7222173cc6
starting a test for audience helper
2023-04-17 17:50:35 +02:00
Sebastian Jambor
d81f497970
log outbound events as well
2023-04-17 17:50:35 +02:00
Sebastian Jambor
ddcfbc4745
showing inbound activities in frontend via redis pub/sub
2023-04-17 17:50:35 +02:00
Claire
4b9e4f6398
Bump version to v4.1.2
2023-04-04 12:41:27 +02:00
Claire
4eaa6d58b2
Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )
2023-04-04 12:41:27 +02:00
Claire
3c82c4e780
Fix crash in tootctl
commands making use of parallelization when Elasticsearch is enabled ( #24182 )
2023-04-04 12:41:27 +02:00
Claire
ab85f59c30
Bump version to v4.1.1
2023-03-16 22:48:42 +01:00
Eugen Rochko
59a2fe32ff
Add cache headers to static files served through Rails ( #24120 )
2023-03-16 11:43:18 +01:00
9p4
78c7c79d78
Add refreshing many accounts at once with "tootctl accounts refresh" ( #23304 )
2023-03-13 18:47:52 +01:00
Claire
479b66637b
Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )
2023-03-13 18:44:09 +01:00
Claire
f5f17e897b
Fix tootctl accounts migrate error due to typo ( #23567 )
2023-03-13 18:40:18 +01:00
Claire
70c0d754a6
Bump version to 4.1.0 ( #23471 )
...
* Bump version to 4.1.0
* Editorialize changelog some more and highlight API changes
* Update changelog
2023-02-10 22:21:23 +01:00
Nick Schonning
11557d1c5a
Apply Rubocop Rails/RootPublicPath ( #23447 )
2023-02-08 10:38:07 +01:00
Nick Schonning
f68bb52556
Apply Rubocop Style/NegatedIfElseCondition ( #23451 )
2023-02-08 07:07:36 +01:00
Nick Schonning
203739dd3a
Apply Rubocop Performance/StringIdentifierArgument ( #23444 )
2023-02-08 02:36:20 +01:00
Nick Schonning
c92e033cdd
Apply Rubocop Performance/BindCall ( #23437 )
2023-02-08 09:10:25 +09:00
Claire
79ca19e9b2
Bump version to 4.1.0rc3 ( #23384 )
2023-02-03 16:39:38 +01:00
Claire
2f112432e6
Bump version to 4.1.0rc2 ( #23220 )
2023-01-25 16:20:54 +01:00
Claire
8180f7ba19
Bump version to 4.1.0rc1 ( #23112 )
2023-01-20 14:19:12 +01:00
JT Olio
a5fd2fe1cb
Add Storj DCS to cloud object storage options ( #21929 )
...
* Add Storj DCS to cloud object storage options
More explanation here: https://forum.storj.io/t/object-storage-provider-for-mastodon-instance/11464/37
* more help for which command to use
2023-01-18 17:47:49 +01:00
Claire
cb4e28f405
Add tootctl domains purge
options to select subdomains and keep domain blocks ( #22063 )
...
* Add --include-subdomains option to tootctl domains purge
* Add support for '*.' subdomain wildcard patterns in `tootctl domains purge`
* Fix custom emojis deletion not following subdomain and URI options
* Change `tootctl domains purge` to not purge domain blocks unless --purge-domain-blocks is passed
* Refactor `tootctl domains purge`
* Add feedback on deleted domain blocks
2023-01-18 16:50:50 +01:00
Jeong Arm
0e8f8a1a1c
Implement tootctl accounts prune ( #18397 )
...
* Implement tootctl accounts prune
* Optimise query
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-01-13 22:34:16 +01:00
Claire
745bdb11a0
Add tootctl accounts migrate
( #22330 )
...
* Add tootctl accounts replay-migration
Fixes #22281
* Change `tootctl accounts replay-migration` to `tootctl accounts migrate`
2023-01-13 17:00:23 +01:00
Claire
a3a5aa1597
Fix incorrect env file generation in mastodon:setup ( #23072 )
...
Regression from #23012
2023-01-13 10:17:07 +01:00
Claire
15b88a83ab
Fix sanitizer parsing link text as HTML when stripping unsupported links ( #22558 )
2023-01-11 22:21:10 +01:00
Claire
a65f86ae55
Fix $
not being escaped in .env.production
file generated by mastodon:setup
( #23012 )
...
* Fix `$` not being escaped in `.env.production` file generated by `mastodon:setup`
* Improve robustness of dotenv escaping
2023-01-11 21:53:11 +01:00
Nick Schonning
558ac411c4
Expand Stylelint glob to include CSS files ( #22469 )
2023-01-05 13:42:13 +01:00
Dan Peterson
3d3429243f
Fix default S3_HOSTNAME used in mastodon:setup ( #19932 )
...
s3-us-east-1.amazonaws.com does not exist.
Co-authored-by: Effy Elden <effy@effy.space>
2022-12-15 16:38:51 +01:00
Claire
f239d31f23
Add --email and --dry-run options to tootctl accounts delete
( #22328 )
2022-12-15 14:52:50 +01:00
Evan
78ef635980
Add command to remove avatar and header images of inactive remote accounts from the local database ( #22149 )
...
* Add tootctl subcommand media remove-profile-media
* Trigger workflows
* Correcting external linting
* External linting error
* External linting fix
* Merging with remove command
* Linting
* Correct long option names
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Correct long option names
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Correct long option names
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Remove saving a list of purged accounts
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-12-14 19:50:07 +01:00
Claire
55b210b3e5
Fix crash and incorrect behavior in tootctl domains crawl ( #19004 )
2022-12-13 20:02:32 +01:00
Claire
c52263f6f8
Fix deprecation warning in tootctl accounts rotate
( #22120 )
2022-12-07 14:13:10 +01:00
Claire
66a70ebb6e
Fix pre-4.0 admin action logs ( #22091 )
...
* Fix BackfillAdminActionLogs post-deployment migration
* Improve migration tests
* Backfill admin action logs again
2022-12-06 23:38:03 +01:00
Claire
098ced7420
Remove support for Ruby 2.6 ( #21477 )
...
As pointed out by https://github.com/mastodon/mastodon/pull/21297#discussion_r1028372193
at least one of our dependencies already dropped support for Ruby 2.6, and we
had removed Ruby 2.6 tests from the CI over a year ago (#16861 ).
So stop advertising Ruby 2.6 support, bump targeted version, and drop some
compatibility code.
2022-11-27 20:41:39 +01:00
Claire
d587a268fd
Add logging for Rails cache timeouts ( #21667 )
...
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds
* Log cache store errors
2022-11-27 20:37:37 +01:00
Eugen Rochko
03b0f3ac83
Bump version to 4.0.2 ( #20725 )
2022-11-15 03:57:18 +01:00
Eugen Rochko
4415dd6036
Bump version to 4.0.1 ( #20696 )
2022-11-14 22:21:14 +01:00