From 6aa83b13ba541b948d7d6927728bbdcf63a23950 Mon Sep 17 00:00:00 2001
From: Jeong Arm <kjwonmail@gmail.com>
Date: Tue, 16 Aug 2022 03:32:21 +0900
Subject: [PATCH 01/18] Properly delete remote account's avatar/header when
fetch/update (#18973)
---
app/services/activitypub/process_account_service.rb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb
index 4449a54270..34750dba6b 100644
--- a/app/services/activitypub/process_account_service.rb
+++ b/app/services/activitypub/process_account_service.rb
@@ -105,11 +105,13 @@ class ActivityPub::ProcessAccountService < BaseService
def set_fetchable_attributes!
begin
@account.avatar_remote_url = image_url('icon') || '' unless skip_download?
+ @account.avatar = nil if @account.avatar_remote_url.blank?
rescue Mastodon::UnexpectedResponseError, HTTP::TimeoutError, HTTP::ConnectionError, OpenSSL::SSL::SSLError
RedownloadAvatarWorker.perform_in(rand(30..600).seconds, @account.id)
end
begin
@account.header_remote_url = image_url('image') || '' unless skip_download?
+ @account.header = nil if @account.header_remote_url.blank?
rescue Mastodon::UnexpectedResponseError, HTTP::TimeoutError, HTTP::ConnectionError, OpenSSL::SSL::SSLError
RedownloadHeaderWorker.perform_in(rand(30..600).seconds, @account.id)
end
From d92ce31c92903c3ce24c3fcadb99af3c1ba1d585 Mon Sep 17 00:00:00 2001
From: Shlee <github@shl.ee>
Date: Tue, 16 Aug 2022 04:03:05 +0930
Subject: [PATCH 02/18] Update notifications.js (#18977)
---
app/javascript/mastodon/reducers/notifications.js | 2 --
1 file changed, 2 deletions(-)
diff --git a/app/javascript/mastodon/reducers/notifications.js b/app/javascript/mastodon/reducers/notifications.js
index 4b460bc10c..4563118eaa 100644
--- a/app/javascript/mastodon/reducers/notifications.js
+++ b/app/javascript/mastodon/reducers/notifications.js
@@ -234,8 +234,6 @@ export default function notifications(state = initialState, action) {
case FOLLOW_REQUEST_AUTHORIZE_SUCCESS:
case FOLLOW_REQUEST_REJECT_SUCCESS:
return filterNotifications(state, [action.id], 'follow_request');
- case ACCOUNT_MUTE_SUCCESS:
- return action.relationship.muting_notifications ? filterNotifications(state, [action.relationship.id]) : state;
case NOTIFICATIONS_CLEAR:
return state.set('items', ImmutableList()).set('pendingItems', ImmutableList()).set('hasMore', false);
case TIMELINE_DELETE:
From 461239db5d87ac584b07b394f894384853e875af Mon Sep 17 00:00:00 2001
From: Claire <claire.github-309c@sitedethib.com>
Date: Wed, 17 Aug 2022 23:06:48 +0200
Subject: [PATCH 03/18] Fix backend compatibility with OpenSSL 3.0 (#18449)
* Update webpush to fork with OpenSSL 3 compatibility
* Fix tests with OpenSSL 3.0
* Update webauthn gem to latest release and update dependencies
---
Gemfile | 4 +-
Gemfile.lock | 44 +++++++++++--------
.../webauthn_credential_fabricator.rb | 2 +-
3 files changed, 28 insertions(+), 22 deletions(-)
diff --git a/Gemfile b/Gemfile
index d21459fccc..cd519111fb 100644
--- a/Gemfile
+++ b/Gemfile
@@ -91,8 +91,8 @@ gem 'tty-prompt', '~> 0.23', require: false
gem 'twitter-text', '~> 3.1.0'
gem 'tzinfo-data', '~> 1.2022'
gem 'webpacker', '~> 5.4'
-gem 'webpush', '~> 0.3'
-gem 'webauthn', '~> 3.0.0.alpha1'
+gem 'webpush', git: 'https://github.com/ClearlyClaire/webpush.git', ref: 'f14a4d52e201128b1b00245d11b6de80d6cfdcd9'
+gem 'webauthn', '~> 2.5'
gem 'json-ld'
gem 'json-ld-preloaded', '~> 3.2'
diff --git a/Gemfile.lock b/Gemfile.lock
index b08a7ce2e4..72c58848e1 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,3 +1,12 @@
+GIT
+ remote: https://github.com/ClearlyClaire/webpush.git
+ revision: f14a4d52e201128b1b00245d11b6de80d6cfdcd9
+ ref: f14a4d52e201128b1b00245d11b6de80d6cfdcd9
+ specs:
+ webpush (0.3.8)
+ hkdf (~> 0.2)
+ jwt (~> 2.0)
+
GEM
remote: https://rubygems.org/
specs:
@@ -79,7 +88,7 @@ GEM
attr_encrypted (3.1.0)
encryptor (~> 3.0.0)
attr_required (1.0.1)
- awrence (1.1.1)
+ awrence (1.2.1)
aws-eventstream (1.2.0)
aws-partitions (1.587.0)
aws-sdk-core (3.130.2)
@@ -168,9 +177,9 @@ GEM
color_diff (0.1)
concurrent-ruby (1.1.10)
connection_pool (2.2.5)
- cose (1.0.0)
+ cose (1.2.1)
cbor (~> 0.5.9)
- openssl-signature_algorithm (~> 0.4.0)
+ openssl-signature_algorithm (~> 1.0)
crack (0.4.5)
rexml
crass (1.0.6)
@@ -338,7 +347,7 @@ GEM
json-ld (~> 3.2)
rdf (~> 3.2)
jsonapi-renderer (0.2.2)
- jwt (2.2.2)
+ jwt (2.4.1)
kaminari (1.2.2)
activesupport (>= 4.1.0)
kaminari-actionview (= 1.2.2)
@@ -437,8 +446,9 @@ GEM
validate_email
validate_url
webfinger (>= 1.0.1)
- openssl (2.2.0)
- openssl-signature_algorithm (0.4.0)
+ openssl (3.0.0)
+ openssl-signature_algorithm (1.2.1)
+ openssl (> 2.0, < 3.1)
orm_adapter (0.5.0)
ox (2.14.11)
parallel (1.22.1)
@@ -599,7 +609,6 @@ GEM
scenic (1.6.0)
activerecord (>= 4.0.0)
railties (>= 4.0.0)
- securecompare (1.0.0)
semantic_range (3.0.0)
sidekiq (6.5.3)
connection_pool (>= 2.2.2)
@@ -655,9 +664,10 @@ GEM
climate_control (>= 0.0.3, < 1.0)
thor (1.2.1)
tilt (2.0.10)
- tpm-key_attestation (0.9.0)
+ tpm-key_attestation (0.11.0)
bindata (~> 2.4)
- openssl-signature_algorithm (~> 0.4.0)
+ openssl (> 2.0, < 3.1)
+ openssl-signature_algorithm (~> 1.0)
tty-color (0.6.0)
tty-cursor (0.7.1)
tty-prompt (0.23.1)
@@ -688,16 +698,15 @@ GEM
public_suffix
warden (1.2.9)
rack (>= 2.0.9)
- webauthn (3.0.0.alpha1)
+ webauthn (2.5.2)
android_key_attestation (~> 0.3.0)
awrence (~> 1.1)
bindata (~> 2.4)
cbor (~> 0.5.9)
- cose (~> 1.0)
- openssl (~> 2.0)
+ cose (~> 1.1)
+ openssl (>= 2.2, < 3.1)
safety_net_attestation (~> 0.4.0)
- securecompare (~> 1.0)
- tpm-key_attestation (~> 0.9.0)
+ tpm-key_attestation (~> 0.11.0)
webfinger (1.2.0)
activesupport
httpclient (>= 2.4)
@@ -710,9 +719,6 @@ GEM
rack-proxy (>= 0.6.1)
railties (>= 5.2)
semantic_range (>= 2.3.0)
- webpush (0.3.8)
- hkdf (~> 0.2)
- jwt (~> 2.0)
websocket-driver (0.7.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
@@ -843,8 +849,8 @@ DEPENDENCIES
tty-prompt (~> 0.23)
twitter-text (~> 3.1.0)
tzinfo-data (~> 1.2022)
- webauthn (~> 3.0.0.alpha1)
+ webauthn (~> 2.5)
webmock (~> 3.17)
webpacker (~> 5.4)
- webpush (~> 0.3)
+ webpush!
xorcist (~> 1.1)
diff --git a/spec/fabricators/webauthn_credential_fabricator.rb b/spec/fabricators/webauthn_credential_fabricator.rb
index 496a7a7351..ba59ce9677 100644
--- a/spec/fabricators/webauthn_credential_fabricator.rb
+++ b/spec/fabricators/webauthn_credential_fabricator.rb
@@ -1,7 +1,7 @@
Fabricator(:webauthn_credential) do
user_id { Fabricate(:user).id }
external_id { Base64.urlsafe_encode64(SecureRandom.random_bytes(16)) }
- public_key { OpenSSL::PKey::EC.new("prime256v1").generate_key.public_key }
+ public_key { OpenSSL::PKey::EC.generate('prime256v1').public_key }
nickname 'USB key'
sign_count 0
end
From 656ac99ef04464b37d152b09f25facb8fd76c190 Mon Sep 17 00:00:00 2001
From: Mashiro <moezhx@outlook.com>
Date: Thu, 18 Aug 2022 05:07:12 +0800
Subject: [PATCH 04/18] Fix ambiguous column names in `tootctl search deploy`
(#18993)
---
app/lib/importer/statuses_index_importer.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/lib/importer/statuses_index_importer.rb b/app/lib/importer/statuses_index_importer.rb
index 7c65325600..5b5153d5c8 100644
--- a/app/lib/importer/statuses_index_importer.rb
+++ b/app/lib/importer/statuses_index_importer.rb
@@ -84,6 +84,6 @@ class Importer::StatusesIndexImporter < Importer::BaseImporter
end
def local_statuses_scope
- Status.local.select('id, coalesce(reblog_of_id, id) as status_id')
+ Status.local.select('"statuses"."id", COALESCE("statuses"."reblog_of_id", "statuses"."id") AS status_id')
end
end
From d415f1116b4d992b7f33b6f0d2dcbf00934f61b1 Mon Sep 17 00:00:00 2001
From: Jeong Arm <kjwonmail@gmail.com>
Date: Thu, 18 Aug 2022 06:07:30 +0900
Subject: [PATCH 05/18] Fix /admin/accounts/ order parameter (#18996)
---
app/views/admin/accounts/index.html.haml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/views/admin/accounts/index.html.haml b/app/views/admin/accounts/index.html.haml
index 7560fac7af..cb378f0edb 100644
--- a/app/views/admin/accounts/index.html.haml
+++ b/app/views/admin/accounts/index.html.haml
@@ -21,7 +21,7 @@
.filter-subset.filter-subset--with-select
%strong= t 'generic.order_by'
.input.select
- = select_tag :order, options_for_select([[t('relationships.most_recent'), nil], [t('relationships.last_active'), 'active']], params[:order])
+ = select_tag :order, options_for_select([[t('relationships.most_recent'), 'recent'], [t('relationships.last_active'), 'active']], params[:order])
.fields-group
- %i(username by_domain display_name email ip).each do |key|
From 86b364920491de74128d0fa538f31b225a750154 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:52:05 +0900
Subject: [PATCH 06/18] Bump tzinfo-data from 1.2022.1 to 1.2022.3 (#19003)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2022.1 to 1.2022.3.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2022.1...v1.2022.3)
---
updated-dependencies:
- dependency-name: tzinfo-data
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile.lock | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index 72c58848e1..5f76ae58d7 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -683,7 +683,7 @@ GEM
unf (~> 0.1.0)
tzinfo (2.0.5)
concurrent-ruby (~> 1.0)
- tzinfo-data (1.2022.1)
+ tzinfo-data (1.2022.3)
tzinfo (>= 1.0.0)
unf (0.1.4)
unf_ext
From 1cadebfcc7d74a2d4ec23e4a2380bfec174395d8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:52:57 +0900
Subject: [PATCH 07/18] Bump stylelint from 14.9.1 to 14.10.0 (#18983)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 14.9.1 to 14.10.0.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/14.9.1...14.10.0)
---
updated-dependencies:
- dependency-name: stylelint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package.json | 2 +-
yarn.lock | 58 +++++++++++++++-------------------------------------
2 files changed, 17 insertions(+), 43 deletions(-)
diff --git a/package.json b/package.json
index 564b8b3f55..3557537cdd 100644
--- a/package.json
+++ b/package.json
@@ -155,7 +155,7 @@
"raf": "^3.4.1",
"react-intl-translations-manager": "^5.0.3",
"react-test-renderer": "^16.14.0",
- "stylelint": "^14.9.1",
+ "stylelint": "^14.10.0",
"stylelint-config-standard-scss": "^4.0.0",
"webpack-dev-server": "^3.11.3",
"yargs": "^17.5.1"
diff --git a/yarn.lock b/yarn.lock
index d2c61b1122..6399f802ff 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1115,10 +1115,10 @@
resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
-"@csstools/selector-specificity@^2.0.1":
- version "2.0.1"
- resolved "https://registry.yarnpkg.com/@csstools/selector-specificity/-/selector-specificity-2.0.1.tgz#b6b8d81780b9a9f6459f4bfe9226ac6aefaefe87"
- integrity sha512-aG20vknL4/YjQF9BSV7ts4EWm/yrjagAN7OWBNmlbEOUiu0llj4OGrFoOKK3g2vey4/p2omKCoHrWtPxSwV3HA==
+"@csstools/selector-specificity@^2.0.2":
+ version "2.0.2"
+ resolved "https://registry.yarnpkg.com/@csstools/selector-specificity/-/selector-specificity-2.0.2.tgz#1bfafe4b7ed0f3e4105837e056e0a89b108ebe36"
+ integrity sha512-IkpVW/ehM1hWKln4fCA3NzJU8KwD+kIOvPZA4cqxoJHtE21CCzjyp+Kxbu0i5I4tBNOlXPL9mjwnWlL0VEG4Fg==
"@emotion/babel-plugin@^11.7.1":
version "11.9.2"
@@ -3279,13 +3279,6 @@ clone-deep@^4.0.1:
kind-of "^6.0.2"
shallow-clone "^3.0.0"
-clone-regexp@^2.1.0:
- version "2.2.0"
- resolved "https://registry.yarnpkg.com/clone-regexp/-/clone-regexp-2.2.0.tgz#7d65e00885cd8796405c35a737e7a86b7429e36f"
- integrity sha512-beMpP7BOtTipFuW8hrJvREQ2DrRu3BE7by0ZpibtfBA+qfHYvMGTc2Yb1JMYPKg/JUw0CHYvpg796aNTSW9z7Q==
- dependencies:
- is-regexp "^2.0.0"
-
cluster-key-slot@1.1.0:
version "1.1.0"
resolved "https://registry.yarnpkg.com/cluster-key-slot/-/cluster-key-slot-1.1.0.tgz#30474b2a981fb12172695833052bc0d01336d10d"
@@ -4762,13 +4755,6 @@ execa@^5.0.0:
signal-exit "^3.0.3"
strip-final-newline "^2.0.0"
-execall@^2.0.0:
- version "2.0.0"
- resolved "https://registry.yarnpkg.com/execall/-/execall-2.0.0.tgz#16a06b5fe5099df7d00be5d9c06eecded1663b45"
- integrity sha512-0FU2hZ5Hh6iQnarpRtQurM/aAvp3RIbfvgLHrcqJYzhXyV2KFruhuChf9NC6waAhiUR7FFtlugkI4p7f2Fqlow==
- dependencies:
- clone-regexp "^2.1.0"
-
exif-js@^2.3.0:
version "2.3.0"
resolved "https://registry.yarnpkg.com/exif-js/-/exif-js-2.3.0.tgz#9d10819bf571f873813e7640241255ab9ce1a814"
@@ -4909,10 +4895,10 @@ fast-levenshtein@^2.0.6, fast-levenshtein@~2.0.6:
resolved "https://registry.yarnpkg.com/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz#3d8a5c66883a16a30ca8643e851f19baa7797917"
integrity sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=
-fastest-levenshtein@^1.0.12:
- version "1.0.12"
- resolved "https://registry.yarnpkg.com/fastest-levenshtein/-/fastest-levenshtein-1.0.12.tgz#9990f7d3a88cc5a9ffd1f1745745251700d497e2"
- integrity sha512-On2N+BpYJ15xIC974QNVuYGMOlEVt4s0EOI3wwMqOmK1fdDY+FN/zltPV8vosq4ad4c/gJ1KHScUn/6AWIgiow==
+fastest-levenshtein@^1.0.16:
+ version "1.0.16"
+ resolved "https://registry.yarnpkg.com/fastest-levenshtein/-/fastest-levenshtein-1.0.16.tgz#210e61b6ff181de91ea9b3d1b84fdedd47e034e5"
+ integrity sha512-eRnCtTTtGZFpQCwhJiUOuxPQWRXVKYDn0b2PeHfXL6/Zi53SLAzAHfVhVWK2AryC/WH05kGfxhFIPvTF0SXQzg==
fastq@^1.6.0:
version "1.13.0"
@@ -5237,11 +5223,6 @@ get-package-type@^0.1.0:
resolved "https://registry.yarnpkg.com/get-package-type/-/get-package-type-0.1.0.tgz#8de2d803cff44df3bc6c456e6668b36c3926e11a"
integrity sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==
-get-stdin@^8.0.0:
- version "8.0.0"
- resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-8.0.0.tgz#cbad6a73feb75f6eeb22ba9e01f89aa28aa97a53"
- integrity sha512-sY22aA6xchAzprjyqmSEQv4UbAAzRN0L2dQB0NlN5acTTK9Don6nhoc3eAbUnpZiCANAMfd/+40kVdKfFygohg==
-
get-stream@^4.0.0:
version "4.1.0"
resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-4.1.0.tgz#c1b255575f3dc21d59bfc79cd3d2b46b1c3a54b5"
@@ -6257,11 +6238,6 @@ is-regex@^1.1.4:
call-bind "^1.0.2"
has-tostringtag "^1.0.0"
-is-regexp@^2.0.0:
- version "2.1.0"
- resolved "https://registry.yarnpkg.com/is-regexp/-/is-regexp-2.1.0.tgz#cd734a56864e23b956bf4e7c66c396a4c0b22c2d"
- integrity sha512-OZ4IlER3zmRIoB9AqNhEggVxqIH4ofDns5nRrPS6yQxXE1TPCUpFznBfRQmQa8uC+pXqjMnukiJBxCisIxiLGA==
-
is-resolvable@^1.0.0:
version "1.1.0"
resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.1.0.tgz#fb18f87ce1feb925169c9a407c19318a3206ed88"
@@ -8792,7 +8768,7 @@ postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.27, postcss@^7.0.32:
source-map "^0.6.1"
supports-color "^6.1.0"
-postcss@^8.2.15, postcss@^8.4.14, postcss@^8.4.16:
+postcss@^8.2.15, postcss@^8.4.16:
version "8.4.16"
resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.4.16.tgz#33a1d675fac39941f5f445db0de4db2b6e01d43c"
integrity sha512-ipHE1XBvKzm5xI7hiHCZJCSugxvsdq2mPnsq5+UF+VHCjiBvtDrlxJfMBToWaP9D5XlgNmcFGqoHmUn0EYEaRQ==
@@ -10538,22 +10514,20 @@ stylelint-scss@^4.0.0:
postcss-selector-parser "^6.0.6"
postcss-value-parser "^4.1.0"
-stylelint@^14.9.1:
- version "14.9.1"
- resolved "https://registry.yarnpkg.com/stylelint/-/stylelint-14.9.1.tgz#6494ed38f148b1e75b402d678a3b6a8aae86dfda"
- integrity sha512-RdAkJdPiLqHawCSnu21nE27MjNXaVd4WcOHA4vK5GtIGjScfhNnaOuWR2wWdfKFAvcWQPOYe311iveiVKSmwsA==
+stylelint@^14.10.0:
+ version "14.10.0"
+ resolved "https://registry.yarnpkg.com/stylelint/-/stylelint-14.10.0.tgz#c588f5cd47cd214cf1acee5bc165961b6a3ad836"
+ integrity sha512-VAmyKrEK+wNFh9R8mNqoxEFzaa4gsHGhcT4xgkQDuOA5cjF6CaNS8loYV7gpi4tIZBPUyXesotPXzJAMN8VLOQ==
dependencies:
- "@csstools/selector-specificity" "^2.0.1"
+ "@csstools/selector-specificity" "^2.0.2"
balanced-match "^2.0.0"
colord "^2.9.2"
cosmiconfig "^7.0.1"
css-functions-list "^3.1.0"
debug "^4.3.4"
- execall "^2.0.0"
fast-glob "^3.2.11"
- fastest-levenshtein "^1.0.12"
+ fastest-levenshtein "^1.0.16"
file-entry-cache "^6.0.1"
- get-stdin "^8.0.0"
global-modules "^2.0.0"
globby "^11.1.0"
globjoin "^0.1.4"
@@ -10568,7 +10542,7 @@ stylelint@^14.9.1:
micromatch "^4.0.5"
normalize-path "^3.0.0"
picocolors "^1.0.0"
- postcss "^8.4.14"
+ postcss "^8.4.16"
postcss-media-query-parser "^0.2.3"
postcss-resolve-nested-selector "^0.1.1"
postcss-safe-parser "^6.0.0"
From da2a5233bea340d3ff17fc3a156d99bd52b4494b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:53:14 +0900
Subject: [PATCH 08/18] Bump sass from 1.54.3 to 1.54.4 (#18989)
Bumps [sass](https://github.com/sass/dart-sass) from 1.54.3 to 1.54.4.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.54.3...1.54.4)
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package.json | 2 +-
yarn.lock | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/package.json b/package.json
index 3557537cdd..5054c818cf 100644
--- a/package.json
+++ b/package.json
@@ -119,7 +119,7 @@
"requestidlecallback": "^0.3.0",
"reselect": "^4.1.6",
"rimraf": "^3.0.2",
- "sass": "^1.54.3",
+ "sass": "^1.54.4",
"sass-loader": "^10.2.0",
"stacktrace-js": "^2.0.2",
"stringz": "^2.1.0",
diff --git a/yarn.lock b/yarn.lock
index 6399f802ff..e916197dc8 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -9745,10 +9745,10 @@ sass-loader@^10.2.0:
schema-utils "^3.0.0"
semver "^7.3.2"
-sass@^1.54.3:
- version "1.54.3"
- resolved "https://registry.yarnpkg.com/sass/-/sass-1.54.3.tgz#37baa2652f7f1fdadb73240ee9a2b9b81fabb5c4"
- integrity sha512-fLodey5Qd41Pxp/Tk7Al97sViYwF/TazRc5t6E65O7JOk4XF8pzwIW7CvCxYVOfJFFI/1x5+elDyBIixrp+zrw==
+sass@^1.54.4:
+ version "1.54.4"
+ resolved "https://registry.yarnpkg.com/sass/-/sass-1.54.4.tgz#803ff2fef5525f1dd01670c3915b4b68b6cba72d"
+ integrity sha512-3tmF16yvnBwtlPrNBHw/H907j8MlOX8aTBnlNX1yrKx24RKcJGPyLhFUwkoKBKesR3unP93/2z14Ll8NicwQUA==
dependencies:
chokidar ">=3.0.0 <4.0.0"
immutable "^4.0.0"
From 0a3c0cbff7968ed539ae50a3d803ae760c46f633 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:53:28 +0900
Subject: [PATCH 09/18] Bump bullet from 7.0.2 to 7.0.3 (#18984)
Bumps [bullet](https://github.com/flyerhzm/bullet) from 7.0.2 to 7.0.3.
- [Release notes](https://github.com/flyerhzm/bullet/releases)
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flyerhzm/bullet/compare/7.0.2...7.0.3)
---
updated-dependencies:
- dependency-name: bullet
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile.lock | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index 5f76ae58d7..e715725043 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -131,7 +131,7 @@ GEM
concurrent-ruby (~> 1.0, >= 1.0.5)
redis (>= 1.0, <= 5.0)
builder (3.2.4)
- bullet (7.0.2)
+ bullet (7.0.3)
activesupport (>= 3.0.0)
uniform_notifier (~> 1.11)
bundler-audit (0.9.1)
From 96fdbdb0ad8d8b1e61ec0611b333395cf6855834 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:53:37 +0900
Subject: [PATCH 10/18] Bump webmock from 3.17.0 to 3.17.1 (#18988)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.17.0 to 3.17.1.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.17.0...v3.17.1)
---
updated-dependencies:
- dependency-name: webmock
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile.lock | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index e715725043..4ac7009288 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -710,7 +710,7 @@ GEM
webfinger (1.2.0)
activesupport
httpclient (>= 2.4)
- webmock (3.17.0)
+ webmock (3.17.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
From a220c84181f45b6104e711a931b6a2b72799aace Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:54:31 +0900
Subject: [PATCH 11/18] Bump sidekiq from 6.5.3 to 6.5.4 (#18982)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.5.3...v6.5.4)
---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile.lock | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index 4ac7009288..81a36ccd25 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -610,7 +610,7 @@ GEM
activerecord (>= 4.0.0)
railties (>= 4.0.0)
semantic_range (3.0.0)
- sidekiq (6.5.3)
+ sidekiq (6.5.4)
connection_pool (>= 2.2.2)
rack (~> 2.0)
redis (>= 4.5.0)
From 71d403230e8cd9978bdd80092f155426ef4614a0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:55:18 +0900
Subject: [PATCH 12/18] Bump brakeman from 5.2.3 to 5.3.1 (#18985)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/commits)
---
updated-dependencies:
- dependency-name: brakeman
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile | 2 +-
Gemfile.lock | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/Gemfile b/Gemfile
index cd519111fb..addf923b40 100644
--- a/Gemfile
+++ b/Gemfile
@@ -134,7 +134,7 @@ group :development do
gem 'memory_profiler'
gem 'rubocop', '~> 1.30', require: false
gem 'rubocop-rails', '~> 2.15', require: false
- gem 'brakeman', '~> 5.2', require: false
+ gem 'brakeman', '~> 5.3', require: false
gem 'bundler-audit', '~> 0.9', require: false
gem 'capistrano', '~> 3.17'
diff --git a/Gemfile.lock b/Gemfile.lock
index 81a36ccd25..c7ff3b65e7 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -125,7 +125,7 @@ GEM
ffi (~> 1.14)
bootsnap (1.13.0)
msgpack (~> 1.2)
- brakeman (5.2.3)
+ brakeman (5.3.1)
browser (4.2.0)
brpoplpush-redis_script (0.1.2)
concurrent-ruby (~> 1.0, >= 1.0.5)
@@ -741,7 +741,7 @@ DEPENDENCIES
binding_of_caller (~> 1.0)
blurhash (~> 0.1)
bootsnap (~> 1.13.0)
- brakeman (~> 5.2)
+ brakeman (~> 5.3)
browser
bullet (~> 7.0)
bundler-audit (~> 0.9)
From 5935e61306d546d621ca6a4dd02100659ef4428d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 08:58:16 +0900
Subject: [PATCH 13/18] Bump pry-byebug from 3.9.0 to 3.10.1 (#19002)
Bumps [pry-byebug](https://github.com/deivid-rodriguez/pry-byebug) from 3.9.0 to 3.10.1.
- [Release notes](https://github.com/deivid-rodriguez/pry-byebug/releases)
- [Changelog](https://github.com/deivid-rodriguez/pry-byebug/blob/master/CHANGELOG.md)
- [Commits](https://github.com/deivid-rodriguez/pry-byebug/compare/v3.9.0...v3.10.1)
---
updated-dependencies:
- dependency-name: pry-byebug
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile | 2 +-
Gemfile.lock | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/Gemfile b/Gemfile
index addf923b40..38a4e63142 100644
--- a/Gemfile
+++ b/Gemfile
@@ -102,7 +102,7 @@ group :development, :test do
gem 'fabrication', '~> 2.30'
gem 'fuubar', '~> 2.5'
gem 'i18n-tasks', '~> 1.0', require: false
- gem 'pry-byebug', '~> 3.9'
+ gem 'pry-byebug', '~> 3.10'
gem 'pry-rails', '~> 0.3'
gem 'rspec-rails', '~> 5.1'
end
diff --git a/Gemfile.lock b/Gemfile.lock
index c7ff3b65e7..bd6150e53e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -470,12 +470,12 @@ GEM
actionmailer (>= 3)
premailer (~> 1.7, >= 1.7.9)
private_address_check (0.5.0)
- pry (0.13.1)
+ pry (0.14.1)
coderay (~> 1.1)
method_source (~> 1.0)
- pry-byebug (3.9.0)
+ pry-byebug (3.10.1)
byebug (~> 11.0)
- pry (~> 0.13.0)
+ pry (>= 0.13, < 0.15)
pry-rails (0.3.9)
pry (>= 0.10.4)
public_suffix (4.0.7)
@@ -809,7 +809,7 @@ DEPENDENCIES
posix-spawn
premailer-rails
private_address_check (~> 0.5)
- pry-byebug (~> 3.9)
+ pry-byebug (~> 3.10)
pry-rails (~> 0.3)
puma (~> 5.6)
pundit (~> 2.2)
From a7c280f93a22c1a711ca93b14282efece7fb16d9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 09:06:07 +0900
Subject: [PATCH 14/18] Bump redis-namespace from 1.8.2 to 1.9.0 (#18987)
Bumps [redis-namespace](https://github.com/resque/redis-namespace) from 1.8.2 to 1.9.0.
- [Release notes](https://github.com/resque/redis-namespace/releases)
- [Changelog](https://github.com/resque/redis-namespace/blob/master/CHANGELOG.md)
- [Commits](https://github.com/resque/redis-namespace/compare/v1.8.2...v1.9)
---
updated-dependencies:
- dependency-name: redis-namespace
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile | 2 +-
Gemfile.lock | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/Gemfile b/Gemfile
index 38a4e63142..5dfaf756be 100644
--- a/Gemfile
+++ b/Gemfile
@@ -51,7 +51,7 @@ gem 'ed25519', '~> 1.3'
gem 'fast_blank', '~> 1.0'
gem 'fastimage'
gem 'hiredis', '~> 0.6'
-gem 'redis-namespace', '~> 1.8'
+gem 'redis-namespace', '~> 1.9'
gem 'htmlentities', '~> 4.3'
gem 'http', '~> 5.1'
gem 'http_accept_language', '~> 2.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index bd6150e53e..1ed77ed124 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -542,8 +542,8 @@ GEM
rdf-normalize (0.5.0)
rdf (~> 3.2)
redis (4.5.1)
- redis-namespace (1.8.2)
- redis (>= 3.0.4)
+ redis-namespace (1.9.0)
+ redis (>= 4)
regexp_parser (2.5.0)
request_store (1.5.1)
rack (>= 1.4)
@@ -822,7 +822,7 @@ DEPENDENCIES
rails-settings-cached (~> 0.6)
rdf-normalize (~> 0.5)
redis (~> 4.5)
- redis-namespace (~> 1.8)
+ redis-namespace (~> 1.9)
rexml (~> 3.2)
rqrcode (~> 2.1)
rspec-rails (~> 5.1)
From 99f6be3b601d643ec31e679d20f0d065f788455e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 09:06:15 +0900
Subject: [PATCH 15/18] Bump pg from 1.4.2 to 1.4.3 (#18986)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.4.2...v1.4.3)
---
updated-dependencies:
- dependency-name: pg
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile.lock | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index 1ed77ed124..21d3b81caf 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -457,7 +457,7 @@ GEM
parslet (2.0.0)
pastel (0.8.0)
tty-color (~> 0.5)
- pg (1.4.2)
+ pg (1.4.3)
pghero (2.8.3)
activerecord (>= 5)
pkg-config (1.4.9)
From 1254fa122fd04e5e3f2fce01649ce6c78a560209 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 09:24:46 +0900
Subject: [PATCH 16/18] Bump cocoon-js-vanilla from 1.2.0 to 1.3.0 (#18991)
Bumps cocoon-js-vanilla from 1.2.0 to 1.3.0.
---
updated-dependencies:
- dependency-name: cocoon-js-vanilla
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package.json | 2 +-
yarn.lock | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/package.json b/package.json
index 5054c818cf..6c7f9f53af 100644
--- a/package.json
+++ b/package.json
@@ -45,7 +45,7 @@
"babel-plugin-transform-react-remove-prop-types": "^0.4.24",
"blurhash": "^1.1.5",
"classnames": "^2.3.1",
- "cocoon-js-vanilla": "^1.2.0",
+ "cocoon-js-vanilla": "^1.3.0",
"color-blend": "^3.0.1",
"compression-webpack-plugin": "^6.1.1",
"cross-env": "^7.0.3",
diff --git a/yarn.lock b/yarn.lock
index e916197dc8..d98905b074 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3298,10 +3298,10 @@ coa@^2.0.2:
chalk "^2.4.1"
q "^1.1.2"
-cocoon-js-vanilla@^1.2.0:
- version "1.2.0"
- resolved "https://registry.yarnpkg.com/cocoon-js-vanilla/-/cocoon-js-vanilla-1.2.0.tgz#595348499d315d3b5828dd77a20974756cf59321"
- integrity sha512-qLomIVL0Krfc983WLgaYPPktMjMtBN+F/CV15NPVDc9U9BCe2OL5WyAIYkPrVhDRphoYBmHCdIlZkq+vSBI4xg==
+cocoon-js-vanilla@^1.3.0:
+ version "1.3.0"
+ resolved "https://registry.yarnpkg.com/cocoon-js-vanilla/-/cocoon-js-vanilla-1.3.0.tgz#1e53663f5d314e5e9b315b63eaf8ae701df113c0"
+ integrity sha512-rMnbfW6oFhvELUg141vfqZKzsowfLJRxs5FksfmDr1ZBs6LTNVYE63NQyvgRqyYUOK54cKKbI+V83dQKeeRuPg==
collect-v8-coverage@^1.0.0:
version "1.0.1"
From a6dc606d5209c5f61f8c19f5fbe5e33cb74d662a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 09:27:53 +0900
Subject: [PATCH 17/18] Bump webmock from 3.17.0 to 3.18.1 (#19007)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.17.0 to 3.18.1.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.17.0...v3.18.1)
---
updated-dependencies:
- dependency-name: webmock
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile | 2 +-
Gemfile.lock | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/Gemfile b/Gemfile
index 5dfaf756be..75525b0ac5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -119,7 +119,7 @@ group :test do
gem 'rails-controller-testing', '~> 1.0'
gem 'rspec-sidekiq', '~> 3.1'
gem 'simplecov', '~> 0.21', require: false
- gem 'webmock', '~> 3.17'
+ gem 'webmock', '~> 3.18'
gem 'rspec_junit_formatter', '~> 0.5'
end
diff --git a/Gemfile.lock b/Gemfile.lock
index 21d3b81caf..35c2d51143 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -710,7 +710,7 @@ GEM
webfinger (1.2.0)
activesupport
httpclient (>= 2.4)
- webmock (3.17.1)
+ webmock (3.18.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
@@ -850,7 +850,7 @@ DEPENDENCIES
twitter-text (~> 3.1.0)
tzinfo-data (~> 1.2022)
webauthn (~> 2.5)
- webmock (~> 3.17)
+ webmock (~> 3.18)
webpacker (~> 5.4)
webpush!
xorcist (~> 1.1)
From 5920d8fe33d5ecb0c7ca20c3b255216bb8de4aa9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 18:53:42 +0900
Subject: [PATCH 18/18] Bump omniauth from 1.9.1 to 1.9.2 (#19006)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.1 to 1.9.2.
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.1...v1.9.2)
---
updated-dependencies:
- dependency-name: omniauth
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
Gemfile.lock | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Gemfile.lock b/Gemfile.lock
index 35c2d51143..840fe0a78c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -423,7 +423,7 @@ GEM
sidekiq (>= 3.5)
statsd-ruby (~> 1.4, >= 1.4.0)
oj (3.13.20)
- omniauth (1.9.1)
+ omniauth (1.9.2)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-cas (2.0.0)