Commit graph

12077 commits

Author SHA1 Message Date
dependabot[bot]
7efe0cb024
Bump brakeman from 5.0.4 to 5.1.1 (#16538)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.0.4 to 5.1.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v5.0.4...v5.1.1)

---
updated-dependencies:
- dependency-name: brakeman
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:13:41 +09:00
dependabot[bot]
278fdf81f2
Bump sass from 1.35.2 to 1.36.0 (#16540)
Bumps [sass](https://github.com/sass/dart-sass) from 1.35.2 to 1.36.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.35.2...1.36.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:13:08 +09:00
dependabot[bot]
a0ec371399
Bump @babel/preset-env from 7.14.7 to 7.14.8 (#16544)
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.14.7 to 7.14.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.8/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:12:01 +09:00
dependabot[bot]
be11bc4720
Bump npmlog from 4.1.2 to 5.0.0 (#16539)
Bumps [npmlog](https://github.com/npm/npmlog) from 4.1.2 to 5.0.0.
- [Release notes](https://github.com/npm/npmlog/releases)
- [Changelog](https://github.com/npm/npmlog/blob/main/CHANGELOG.md)
- [Commits](https://github.com/npm/npmlog/compare/v4.1.2...v5.0.0)

---
updated-dependencies:
- dependency-name: npmlog
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:11:37 +09:00
dependabot[bot]
05ee6b4d87
Bump @babel/runtime from 7.14.6 to 7.14.8 (#16541)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.14.6 to 7.14.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.8/packages/babel-runtime)

---
updated-dependencies:
- dependency-name: "@babel/runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:10:09 +09:00
dependabot[bot]
9576ef92c6
Bump regenerator-runtime from 0.13.7 to 0.13.9 (#16543)
Bumps [regenerator-runtime](https://github.com/facebook/regenerator) from 0.13.7 to 0.13.9.
- [Release notes](https://github.com/facebook/regenerator/releases)
- [Commits](https://github.com/facebook/regenerator/compare/regenerator-runtime@0.13.7...regenerator-runtime@0.13.9)

---
updated-dependencies:
- dependency-name: regenerator-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:09:50 +09:00
dependabot[bot]
e6e8696a5e
Bump @babel/core from 7.14.6 to 7.14.8 (#16542)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.14.6 to 7.14.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.8/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:09:33 +09:00
Claire
a8a7066e97
Add confirmation modal when closing media edit modal with unsaved changes (#16518)
* Add confirmation modal when closing media edit modal with unsaved changes

* Move focal point media state to redux so it does not get erased by confirmation dialog

* Change upload modal behavior to keep it open while saving changes

Instead of closing it immediately and losing changes if they fail to save…

* Make it work with react-intl 2.9
2021-07-25 01:14:43 +02:00
Claire
af08229ff4
Fix “open” link of media modal not closing modal (#16524) 2021-07-25 01:13:46 +02:00
Claire
1d67acb72f
Fix scoped order warning in RemoveStatusService (#16531)
Fixes “Scoped order is ignored, it's forced to be batch order.”
2021-07-24 14:41:46 +02:00
Claire
e9659ae031
Fix crashes with Microsoft Translate on Microsoft Edge (#16525)
Fixes #16509

Microsoft Edge with translation enabled rewrites the DOM in ways that confuse
react and prevent it from working properly. Wrapping the offending parts in
a span avoids this issue.
2021-07-23 02:53:17 +02:00
Claire
d8629e7b86
Add logging of S3-related errors (#16381) 2021-07-21 18:34:39 +02:00
dependabot[bot]
c1d62c4c01
Bump ws from 7.5.2 to 7.5.3 (#16486)
Bumps [ws](https://github.com/websockets/ws) from 7.5.2 to 7.5.3.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.5.2...7.5.3)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 22:25:19 +09:00
dependabot[bot]
b16d220ec9
Bump oj from 3.11.8 to 3.12.1 (#16493)
Bumps [oj](https://github.com/ohler55/oj) from 3.11.8 to 3.12.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.11.8...v3.12.1)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 22:25:09 +09:00
dependabot[bot]
6994c57fed
Bump rubocop-rails from 2.11.2 to 2.11.3 (#16494)
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.11.2 to 2.11.3.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.11.2...v2.11.3)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 22:24:57 +09:00
dependabot[bot]
b89591453d
Bump css-loader from 5.2.6 to 5.2.7 (#16500)
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 5.2.6 to 5.2.7.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.2.6...v5.2.7)

---
updated-dependencies:
- dependency-name: css-loader
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 22:24:41 +09:00
dependabot[bot]
6f569c7bbd
Bump json-ld-preloaded from 3.1.5 to 3.1.6 (#16522)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.5...3.1.6)

---
updated-dependencies:
- dependency-name: json-ld-preloaded
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 22:24:16 +09:00
dependabot[bot]
2c5abee2b0
Bump eslint from 7.30.0 to 7.31.0 (#16523)
Bumps [eslint](https://github.com/eslint/eslint) from 7.30.0 to 7.31.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.30.0...v7.31.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 22:24:02 +09:00
Claire
e54a65013d
Fix replying from modal (#16516)
Fixes #16515

Not using a router object somehow made `this.history` lag behind the real
browser history whenever pushing a new history item in `replyCompose`.

Not using the context-provided router in this case was an oversight made
when porting glitch-soc changes in #16499.
2021-07-17 17:06:52 +02:00
Claire
211d5c3c30
Fix inefficiencies in auto-linking code (#16506)
The auto-linking code basically rewrote the whole string escaping non-ascii
characters in an inefficient way, and building a full character offset map
between the unescaped and escaped texts before sending the contents to
TwitterText's extractor.

Instead of doing that, this commit changes the TwitterText regexps to include
valid IRI characters in addition to valid URI characters.
2021-07-15 15:56:58 +02:00
Claire
3dcf3f2a3a
Fix minor code quality issues (#16502) 2021-07-14 05:36:23 +02:00
Claire
30ce6e395c
Fix user email address being banned on self-deletion (#16503)
* Add tests

* Fix user email address being banned on self-deletion

Fixes #16498
2021-07-14 05:35:49 +02:00
Eugen Rochko
31593d1426
Update CodeClimate badge in README (#16501) 2021-07-13 16:02:15 +02:00
Claire
5a1e072517
Change references to tootsuite/mastodon to mastodon/mastodon (#16491)
* Change references to tootsuite/mastodon to mastodon/mastodon

* Remove obsolete test fixture

* Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG

And a few other places
2021-07-13 15:46:20 +02:00
Claire
d3791cca0c
Improve modal flow and back button handling (#16499)
* Refactor shouldUpdateScroll passing

So far, shouldUpdateScroll has been manually passed down from the very top of
the React component hierarchy even though it is a static function common to
all ScrollContainer instances, so replaced that with a custom class extending
ScrollContainer.

* Generalize “press back to close modal” to any modal and to public pages

* Fix boost confirmation modal closing media modal
2021-07-13 15:45:17 +02:00
Shlee
a2ce7508c9
Update docker-compose.yml (#16489) 2021-07-11 12:57:31 +02:00
Eugen Rochko
7095c80373
Add ability to filter reports by origin of target account (#16487) 2021-07-11 11:01:38 +02:00
dependabot[bot]
ca8ac1a639
Bump rubocop from 1.18.2 to 1.18.3 (#16477)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.18.2 to 1.18.3.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.18.2...v1.18.3)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-11 01:08:54 +09:00
dependabot[bot]
5c112959aa
Bump sass from 1.35.1 to 1.35.2 (#16478)
Bumps [sass](https://github.com/sass/dart-sass) from 1.35.1 to 1.35.2.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.35.1...1.35.2)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-11 01:08:40 +09:00
Eugen Rochko
275fa4746b
Add configuration attribute to GET /api/v1/instance (#16485)
List various values like file size limits and supported mime types
2021-07-10 17:58:41 +02:00
Daigo 3 Dango
3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
dependabot[bot]
c4568e3b60
Bump rubocop from 1.18.1 to 1.18.2 (#16470)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.18.1 to 1.18.2.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.18.1...v1.18.2)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-08 14:37:18 +09:00
dependabot[bot]
ca662c13f0
Bump rubocop-rails from 2.11.1 to 2.11.2 (#16471)
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.11.1 to 2.11.2.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.11.1...v2.11.2)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-08 14:37:06 +09:00
dependabot[bot]
6eaa39c387
Bump sidekiq-unique-jobs from 7.1.1 to 7.1.2 (#16472)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 7.1.1 to 7.1.2.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.1.1...v7.1.2)

---
updated-dependencies:
- dependency-name: sidekiq-unique-jobs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-08 14:35:45 +09:00
dependabot[bot]
e5b4b672f0
Bump oj from 3.11.7 to 3.11.8 (#16473)
Bumps [oj](https://github.com/ohler55/oj) from 3.11.7 to 3.11.8.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.11.7...v3.11.8)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-08 14:35:34 +09:00
dependabot[bot]
d36cfb99da
Bump addressable from 2.7.0 to 2.8.0 (#16474)
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/sporkmonger/addressable/releases)
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sporkmonger/addressable/compare/addressable-2.7.0...addressable-2.8.0)

---
updated-dependencies:
- dependency-name: addressable
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-08 14:35:20 +09:00
dependabot[bot]
895f1a531d
Bump ws from 7.5.1 to 7.5.2 (#16475)
Bumps [ws](https://github.com/websockets/ws) from 7.5.1 to 7.5.2.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.5.1...7.5.2)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-08 14:34:32 +09:00
Eugen Rochko
771c9d4ba8
Add ability to skip sign-in token authentication for specific users (#16427)
Remove "active within last two weeks" exception for sign in token requirement

Change admin reset password to lock access until the password is reset
2021-07-08 05:31:28 +02:00
Claire
2e0eac71dd
Add --by-uri option to tootctl domains purge (#16434)
Fixes #16410
2021-07-07 21:17:00 +02:00
Claire
8569126c2e
Fix upgrade path from 3.4.0 (#16465)
3.4.1 dropped account_stats.lock_version, but in a way breaking the usual
upgrade path by requiring services to be reloaded after the post-migrations.

Indeed, `self.locking_column = nil` was not enough for Rails to ignore the
`lock_version` column when preparing statements on application load, resulting
in some ActiveRecord queries (typically those involving
`includes(:account_stat)`) erroring out with:

  ActiveRecord::StatementInvalid (PG::UndefinedColumn: ERROR:  column account_stats.lock_version does not exist
2021-07-07 21:13:30 +02:00
Claire
e2844b7e58
Change number_to_human calls to always use 3-digits precision (#16469)
Fixes #16435
2021-07-07 21:13:08 +02:00
Claire
225c6582d1
Add tests for BootstrapTimelineService (#16476) 2021-07-07 21:12:43 +02:00
Akihiko Odaki
8af7f3b063
Preload libjemalloc.so for long-running Ruby (#16462)
Always mark jemalloc needed if jemalloc is enabled by akihikodaki · Pull Request #4627 · ruby/ruby
https://github.com/ruby/ruby/pull/4627
> Symbols exported by jemalloc is referred by the shared library but not
> by the executables when building Ruby as a shared library with
> jemalloc. It causes shared libraries such as the GNU C++ library
> occasionally rely on the memory allocator provided by the standard C
> library. Worse, the resolved symbols can later be replaced with
> jemalloc, and jemalloc may see pointers from the standard C library,
> which results in various failures.
> e.g. https://github.com/tootsuite/mastodon/issues/15751

As a workaround, do not rely on jemalloc enablement of Ruby, and
preload libjemalloc.so instead.
2021-07-05 19:16:35 +02:00
Ikko Ashimine
67226acf7e
Fix typo in tag_feed_spec.rb (#16466)
existant -> existent
2021-07-05 19:16:21 +02:00
Claire
1381e0e1d9
Fix pop-in player display when poster has long username or handle (#16468) 2021-07-05 19:16:06 +02:00
dependabot[bot]
9f76be5e7d
Bump eslint from 7.29.0 to 7.30.0 (#16461)
Bumps [eslint](https://github.com/eslint/eslint) from 7.29.0 to 7.30.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v7.29.0...v7.30.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-04 11:59:37 +09:00
dependabot[bot]
23c180b02b
Bump @rails/ujs from 6.1.3 to 6.1.4 (#16442)
Bumps [@rails/ujs](https://github.com/rails/rails) from 6.1.3 to 6.1.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.3...v6.1.4)

---
updated-dependencies:
- dependency-name: "@rails/ujs"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-04 05:07:46 +09:00
dependabot[bot]
7b14b8074d
Bump rails from 6.1.3.2 to 6.1.4 (#16436)
Bumps [rails](https://github.com/rails/rails) from 6.1.3.2 to 6.1.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.3.2...v6.1.4)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-04 05:07:32 +09:00
Claire
49219508bc
Fix anonymous access to outbox not being cached by the reverse proxy (#16458)
* Fix anonymous access to outbox not being cached by the reverse proxy

Up until now, anonymous access to outbox was marked as public, but with a
0 duration for caching, which means remote proxies would only serve from cache
when the server was completely overwhelmed.

Changed that cache duration to one minute, so that repeated anonymous access
to one account's outbox can be appropriately cached.

Also added `Signature` to the `Vary` header in case a page is requested, so
that authenticated fetches are never served from cache (which only contains
public toots).

* Remove Vary: Accept header from webfinger controller

Indeed, we have stopped returning xrd, and only ever return jrd, so the
Accept request header does not matter anymore.

* Cache negative webfinger hits for 3 minutes
2021-07-03 21:13:47 +02:00
Eugen Rochko
38b3419950
Fix not being able to suspend accounts that already have a canonical e-mail block (#16455) 2021-07-02 12:03:15 +02:00