Commit graph

9013 commits

Author SHA1 Message Date
dependabot-preview[bot]
2b956c1218
Bump rack-attack from 6.2.2 to 6.3.0 (#13657)
Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 6.2.2 to 6.3.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.2.2...v6.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:44:24 +02:00
dependabot-preview[bot]
174eed7bec
Bump strong_migrations from 0.6.2 to 0.6.5 (#13649)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.6.2 to 0.6.5.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.6.2...v0.6.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:44:00 +02:00
dependabot-preview[bot]
9cabc9c5d2
Bump brakeman from 4.8.0 to 4.8.1 (#13652)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.8.0...v4.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:42:54 +02:00
dependabot-preview[bot]
b964fd3df6
Bump premailer-rails from 1.10.3 to 1.11.1 (#13620)
Bumps [premailer-rails](https://github.com/fphilipe/premailer-rails) from 1.10.3 to 1.11.1.
- [Release notes](https://github.com/fphilipe/premailer-rails/releases)
- [Changelog](https://github.com/fphilipe/premailer-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fphilipe/premailer-rails/compare/v1.10.3...v1.11.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-08 17:42:05 +02:00
dependabot-preview[bot]
1bef85ffc9
Bump doorkeeper from 5.3.2 to 5.3.3 (#13673)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.2 to 5.3.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 22:30:56 +02:00
dependabot-preview[bot]
2902138336
Bump pghero from 2.4.1 to 2.4.2 (#13603)
Bumps [pghero](https://github.com/ankane/pghero) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.4.1...v2.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 20:29:15 +02:00
dependabot-preview[bot]
51dad928c6
[Security] Bump doorkeeper from 5.3.1 to 5.3.2 (#13613)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.1 to 5.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v.5.3.1...v5.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-07 20:16:15 +02:00
dependabot-preview[bot]
f51c547407
Bump kaminari from 1.1.1 to 1.2.0 (#13596)
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-04 13:53:42 +02:00
ThibG
dea5db0e25
Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595) 2020-05-04 13:52:41 +02:00
Hanage999
ff72c0472f
Fix tootctl upgrade storage-schema failing to delete empty directories (#13593) 2020-05-04 13:51:34 +02:00
Eugen Rochko
5cff7910c2
Add more ActivityPub controller tests (#13590) 2020-05-03 22:19:24 +02:00
ThibG
c0b849bdfd
Fix use of inline CSS in public pages (#13576)
Change `account_link_to` to use an image tag rather than some
inline CSS. Dropped the `size` parameter in the process, but it wasn't
used for anything except the default value of 36px.

Dropped CSS rules that were always overriden, and defaulted to 36px width
and height instead.
2020-05-03 22:04:18 +02:00
Yamagishi Kazutoshi
e223fd8c61
Revert "improve status title (#8596)" (#13591)
This reverts commit 05756c9a14.
2020-05-03 18:48:13 +02:00
Eugen Rochko
988b0493fe
Add more tests for ActivityPub controllers (#13585) 2020-05-03 16:30:36 +02:00
Shlee
a1062df1e1
Fix the circleci packages for Buster. (#13583)
* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

* Update .circleci/config.yml

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>

* Update config.yml

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-05-01 23:45:40 +02:00
Eugen Rochko
60408fa3ef
Change CircleCI test output (#13587) 2020-05-01 20:19:01 +02:00
kaiyou
3511528e50
Only check locally when deduplicating usernames (#13581)
When deduplicating account usernames for OAuthable users, the routine did check if any account was known with that username, including remote accounts. This caused some unnecessary deduplication, and usernames ending with unexpected trailing _1.
This fixes #13580
2020-04-30 14:39:05 +02:00
ThibG
b8ba977497
Fix admin-facing uses of inline CSS (#13575)
* Move .back-button inline styles to CSS file

All occurrences of the back-button CSS class used the same inline
CSS rules, so moved them over to the CSS file

* Fix “Add new domain block” button using inline CSS

* Replace common pattern of inline-styled button boxes by a CSS class

In particular, switching from `float: left/right` to a flexbox with
`justify-content: space-between`. This implied changing the order of
a few HTML tags and adding an empty `div` in one case.

Also removed a `margin-bottom` rule that wasn't needed due to the
margins of surrounding elements.

* Move account admin view inline CSS to CSS file
2020-04-28 19:39:16 +02:00
dependabot-preview[bot]
432c40c516
Bump parslet from 1.8.2 to 2.0.0 (#13564)
Bumps [parslet](https://github.com/kschiess/parslet) from 1.8.2 to 2.0.0.
- [Release notes](https://github.com/kschiess/parslet/releases)
- [Changelog](https://github.com/kschiess/parslet/blob/master/HISTORY.txt)
- [Commits](https://github.com/kschiess/parslet/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 01:39:21 +09:00
dependabot-preview[bot]
8357d6b027
Bump json-ld from 3.1.2 to 3.1.3 (#13566)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.2...3.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:30:53 +09:00
dependabot-preview[bot]
f08ba21f6f
Bump ruby-saml from 1.9.0 to 1.11.0 (#13559)
Bumps [ruby-saml](https://github.com/onelogin/ruby-saml) from 1.9.0 to 1.11.0.
- [Release notes](https://github.com/onelogin/ruby-saml/releases)
- [Changelog](https://github.com/onelogin/ruby-saml/blob/master/changelog.md)
- [Commits](https://github.com/onelogin/ruby-saml/compare/v1.9.0...v1.11.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:26:15 +09:00
dependabot-preview[bot]
4532593245
Bump mime-types-data from 3.2019.1009 to 3.2020.0425 (#13554)
Bumps [mime-types-data](https://github.com/mime-types/mime-types-data) from 3.2019.1009 to 3.2020.0425.
- [Release notes](https://github.com/mime-types/mime-types-data/releases)
- [Changelog](https://github.com/mime-types/mime-types-data/blob/master/History.md)
- [Commits](https://github.com/mime-types/mime-types-data/compare/v3.2019.1009...v3.2020.0425)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:24:52 +09:00
dependabot-preview[bot]
f094b46f3a
Bump http-form_data from 2.2.0 to 2.3.0 (#13560)
Bumps [http-form_data](https://github.com/httprb/form_data.rb) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/httprb/form_data.rb/releases)
- [Changelog](https://github.com/httprb/form_data/blob/master/CHANGES.md)
- [Commits](https://github.com/httprb/form_data.rb/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:21:53 +09:00
dependabot-preview[bot]
5ed739adb1
Bump aws-sdk-s3 from 1.61.2 to 1.63.0 (#13562)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.61.2 to 1.63.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits/v1.63.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:21:33 +09:00
dependabot-preview[bot]
1145a38015
Bump aws-partitions from 1.296.0 to 1.303.0 (#13552)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.296.0 to 1.303.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-29 00:15:52 +09:00
ThibG
77ec0875ea
Fix page incorrectly scrolling when bringing up dropdown menus (#13574)
Fixes #13573

For some reason (I suspect this may be related to focusing the item before it
got drown by the browser), Firefox scrolls to top when bringing up dropdown
menus with pre-selected items.

This commit uses the “preventScroll” option as, due to the placement behavior,
the menu should be visible anyway and not trigger scrolling.
2020-04-28 13:19:39 +02:00
dependabot-preview[bot]
f70a54b34c
Bump normalize-package-data from 2.4.0 to 2.5.0 (#13561)
Bumps [normalize-package-data](https://github.com/npm/normalize-package-data) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/npm/normalize-package-data/releases)
- [Commits](https://github.com/npm/normalize-package-data/compare/v2.4.0...v2.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 19:23:13 +09:00
dependabot-preview[bot]
85be934fac
Bump flatted from 2.0.0 to 2.0.2 (#13558)
Bumps [flatted](https://github.com/WebReflection/flatted) from 2.0.0 to 2.0.2.
- [Release notes](https://github.com/WebReflection/flatted/releases)
- [Commits](https://github.com/WebReflection/flatted/compare/v2.0.0...v2.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 19:02:30 +09:00
dependabot-preview[bot]
9aeae7a194
Bump nearley from 2.16.0 to 2.19.2 (#13556)
Bumps [nearley](https://github.com/hardmath123/nearley) from 2.16.0 to 2.19.2.
- [Release notes](https://github.com/hardmath123/nearley/releases)
- [Commits](https://github.com/hardmath123/nearley/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:47:03 +09:00
dependabot-preview[bot]
8f4dff2c52
Bump core-js-pure from 3.6.4 to 3.6.5 (#13553)
Bumps [core-js-pure](https://github.com/zloirock/core-js) from 3.6.4 to 3.6.5.
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/compare/v3.6.4...v3.6.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:30:51 +09:00
dependabot-preview[bot]
6c685cb55a
Bump request from 2.88.0 to 2.88.2 (#13565)
Bumps [request](https://github.com/request/request) from 2.88.0 to 2.88.2.
- [Release notes](https://github.com/request/request/releases)
- [Changelog](https://github.com/request/request/blob/master/CHANGELOG.md)
- [Commits](https://github.com/request/request/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:26:30 +09:00
dependabot-preview[bot]
7abf1433c2
Bump cacache from 12.0.3 to 12.0.4 (#13567)
Bumps [cacache](https://github.com/npm/cacache) from 12.0.3 to 12.0.4.
- [Release notes](https://github.com/npm/cacache/releases)
- [Changelog](https://github.com/npm/cacache/blob/v12.0.4/CHANGELOG.md)
- [Commits](https://github.com/npm/cacache/compare/v12.0.3...v12.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:15:18 +09:00
dependabot-preview[bot]
3e13223043
Bump functions-have-names from 1.2.0 to 1.2.1 (#13568)
Bumps [functions-have-names](https://github.com/ljharb/functions-have-names) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/ljharb/functions-have-names/releases)
- [Changelog](https://github.com/inspect-js/functions-have-names/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ljharb/functions-have-names/compare/v1.2.0...v1.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 18:12:55 +09:00
dependabot-preview[bot]
07bfb853c0
Bump loglevel from 1.6.6 to 1.6.8 (#13569)
Bumps [loglevel](https://github.com/pimterry/loglevel) from 1.6.6 to 1.6.8.
- [Release notes](https://github.com/pimterry/loglevel/releases)
- [Commits](https://github.com/pimterry/loglevel/compare/v1.6.6...v1.6.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:59:00 +09:00
dependabot-preview[bot]
d7d8191d58
Bump svgo from 1.1.1 to 1.3.2 (#13570)
Bumps [svgo](https://github.com/svg/svgo) from 1.1.1 to 1.3.2.
- [Release notes](https://github.com/svg/svgo/releases)
- [Changelog](https://github.com/svg/svgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/svg/svgo/compare/v1.1.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-28 17:46:20 +09:00
ThibG
0e362b7678
Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG
ad9c7aefe6
Refactor/cleanup TIMELINE_DELETE-related code (#13175) 2020-04-28 09:53:42 +02:00
ThibG
04eb599864
Fix messed up z-index when NoScript blocks media/previews (#13449)
Fixes #13444
2020-04-28 09:44:17 +02:00
ThibG
b3d0de8b40
Fix /public showing public instead of community timeline for logged-in users (#13499) 2020-04-28 09:43:45 +02:00
ThibG
b40d68cc31
Add invites_enabled to API (#13501) 2020-04-28 09:43:34 +02:00
Lerk
157850577f
Add tootctl emoji export (#13534)
* add emoji export command to cli

* fix codeclimate issues

* add error when no matching category was found

* add other suggestions

* exit 1 when no matching category is found

* changes according to suggestions

* 👀

* RubyNein

Y u always autoformat :c
2020-04-27 22:17:49 +02:00
dependabot-preview[bot]
8456676206
Bump oj from 3.10.5 to 3.10.6 (#13557)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.5 to 3.10.6.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.5...v3.10.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-27 17:20:34 +02:00
Даниил Пронин
ee017ca533
Add JS IDE helper (#13012)
* add IDE helper for Webpack

* fix ESLint error in IDE helper

* fix IDE helper code style
2020-04-27 17:19:53 +02:00
mayaeh
acc367fd14
Fix naming issue (#13551) 2020-04-27 10:32:05 +02:00
Eugen Rochko
c3ca3801f2
Add separate cache directory for non-local uploads (#12821) 2020-04-26 23:29:08 +02:00
Eugen Rochko
2744f61696
Fix not being able to resolve public resources in development environment (#13505) 2020-04-25 22:01:08 +02:00
ThibG
be637146f3
Fix uninformative error message when uploading unsupported image files (#13540)
Attempting to upload image files that the browser is unable to load results
in “Oops! An unexpected error occurred.”

This commit changes the error handling so that an unprocessable image results
in the file being sent anyway, which might cover a few corner cases, and
provide a slightly better error message.
2020-04-25 12:27:29 +02:00
ThibG
c955f98d36
Fix expanded video player issues (#13541)
Fixes #13536

- Expanding a paused video doesn't autoplay anymore
- Default volume level for the expanded video inherited from the original video

Position/playing state/volume are carried over from the original video player
to the modal, but they're not reported back to the modal as it would require
deeper changes.
2020-04-25 12:16:05 +02:00
Takeshi Umeda
46b2cc184f
Fix enable/disable relay failures (#13535) 2020-04-23 22:04:18 +02:00
Irie Aoi
c5c8f68031
Set max-width and max-height to gif video (#13533) 2020-04-23 15:49:33 +02:00