Commit graph

637 commits

Author SHA1 Message Date
Claire
b867d4581e Merge commit 'c91c0175db1cc8b954a977d29472886234ce9586' into glitch-soc/merge-upstream
Conflicts:
- `spec/controllers/api/v1/timelines/tag_controller_spec.rb`:
  Glitch-soc had a few extra lines in this file to account for a different
  default setting. This file got replaced by
  `spec/requests/api/v1/timelines/tag_spec.rb`, into which the glitch-soc
  additions were moved too.

Additional changes:
- `spec/requests/api/v1/statuses/sources_spec.rb`:
  Add glitch-soc-only attribute `content_type`.
2023-10-17 21:35:07 +02:00
Wladimir Palant
23f8e93c64
Fixes #23135 - Allow cross origin request for /nodeinfo/2.0 API (#27413) 2023-10-16 13:39:25 +02:00
Renaud Chaput
e0da64bb4e
Fix empty ENV variables not using default nil value (#27400) 2023-10-13 19:00:53 +02:00
Claire
ac2370778a Merge commit 'c676bc91e9c3aa81eb7cfbce3c5c5e80b84d3d02' into glitch-soc/merge-upstream
Conflicts:
- `config/environments/production.rb`:
  Upstream enforced a code style change and glitch-soc had a few different lines.
  Applied upstream's code style to glitch-soc's changes.
2023-10-08 17:21:12 +02:00
Claire
d7fcd70023 Merge commit '2016c5d912f400ae98ee03ce269112de2f9ec62d' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/cors.rb`:
  Upstream refactored this file, and glitch-soc had local changes.
  I could not find the rationale for the glitch-soc changes, so I
  used upstream's version.
2023-10-08 16:41:56 +02:00
Nick Schonning
85db392464
Autofix Rubocop cops for config/ (#24145) 2023-10-03 15:24:12 +02:00
Matt Jankowski
56c0babc0b
Fix rubocop Layout/ArgumentAlignment cop (#26060) 2023-09-28 15:48:47 +02:00
Georg Gadinger
ebd2017524
fix Content-Security-Policy when using Azure storage (#2427) 2023-09-26 20:09:56 +02:00
Claire
f05985f8ec Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Upstream changed their README, we have a completely different one.
  Kept our version.
2023-09-21 15:12:00 +02:00
Claire
8acc75435b
Change S3 checksum mode to be disabled by default (#27007) 2023-09-21 14:00:51 +02:00
Claire
5ed72f668f Merge commit 'b90383d07388fe8513e59a6deb1a2391146c6561' into glitch-soc/merge-upstream 2023-09-15 21:39:21 +02:00
Claire
e193c848fe Merge commit '97e4011c3ce31c6d492d5f103e95a35b6ebdc9bd' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream added some code to add the Identity Provider's sign-in endpoint to
  the `form-action` Content Security Policy directive but our version of the
  file is pretty different.
  Ported the change.
2023-09-15 21:25:05 +02:00
Claire
a04ae16201
Fix CSP when using ONE_CLICK_SSO_LOGIN (#26901) 2023-09-13 19:54:04 +02:00
CSDUMMI
9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857) 2023-09-12 13:04:51 +02:00
Claire
e66f961e05 Merge branch 'main' into glitch-soc/merge-upstream 2023-09-04 18:27:46 +02:00
Christian Schmidt
ea31929776
Fix invalid Content-Type header for WebP images (#26773) 2023-09-04 09:46:33 +02:00
Claire
4ed629cd7e Merge commit 'be991f1d18006a4820c1e9ca6625bf2bd2bfedac' into glitch-soc/merge-upstream
Conflicts:
- `app/models/form/admin_settings.rb`:
  Upstream added the notion of overriden settings, while we had extra code for
  pseudo-settings (only used to combine flavour and skin in a single select
  field).
  Ported upstream changes.
- `config/i18n-tasks.yml`:
  Upstream added `simple_form.overridden` to `ignore_unused`,
  we had `simple_form.glitch_only`.
  Added `simple_form.glitch_only` as well.
2023-09-02 14:44:47 +02:00
Claire
9e26cd5503
Add authorized_fetch server setting in addition to env var (#25798) 2023-09-01 15:41:10 +02:00
Christian Schmidt
286a21afdc
Support webpacker live-reloading on Docker (#26419) 2023-08-29 10:17:57 +02:00
Claire
10404aece8 Merge commit '1cb978bcc3d291a045f367e072ca0af1a1c4dbbc' into glitch-soc/merge-upstream 2023-08-22 18:50:14 +02:00
Claire
2126812f65 Merge commit 'd9c21293aa6e105cedeff6b5e469af40a20909d9' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/preferences/other/show.html.haml`:
  Upstream moved some settings, where glitch-soc has an extra setting.
  Ported upstream changes, moving the same settings as them.
2023-08-22 18:31:28 +02:00
Claire
7e25e311d5 Merge commit '3a8370e1f459f5cf9695a610102ae6e53df36714' into glitch-soc/merge-upstream 2023-08-21 21:07:39 +02:00
Renaud Chaput
b95867ad1f
Allow setting a custom HTTP method in CacheBuster (#26528)
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
Claire
dd049fc37a
Fix ES_PRESET not being applied to Chewy's internal index (#26489) 2023-08-14 19:00:56 +02:00
Claire
f5778caa3a
Add ES_PRESET option to customize numbers of shards and replicas (#26483)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 17:46:16 +02:00
Claire
6530f9709c Merge commit '121443c0fca383268b8022c048dd137994785aff' into glitch-soc/main
Conflicts:
- `.rubocop_todo.yml`:
  Upstream regenerated this file, glitch-soc had a specific ignore.
2023-08-13 18:47:15 +02:00
Claire
44a5f1b64a Merge commit '425d77f8124a50fc033e8fb3bdf7b89a6a25f4fa' into glitch-soc/merge-upstream
Conflicts:
- `.rubocop_todo.yml`:
  Upstream regenerated this file, glitch-soc had a specific ignore.
- `README.md`:
  Upstream updated its README, but glitch-soc has a completely different one.
  Kept glitch-soc's README
2023-08-11 22:15:41 +02:00
Claire
4bc0dd751c
Add S3_DISABLE_CHECKSUM_MODE environment variable for compatibility with some S3-compatible providers (#26435) 2023-08-10 14:15:18 +02:00
Claire
12c43e4ab5
Re-add StatsD support through the nsa gem (#26310) 2023-08-03 20:28:14 +02:00
Emelia Smith
e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
Claire
73a3228e0f Fix CSP tests in glitch-soc 2023-07-30 17:30:13 +02:00
Claire
454d8567d4 Merge commit '1814990a3d117555153321216fa593e4d9e84de3' into glitch-soc/merge-upstream 2023-07-30 15:54:34 +02:00
Claire
42f36aa55a Merge commit '5b457961fc1189a71599dc6c06b3f159b195a455' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream fixed an issue that was not present in glitch-soc.
  Kept our version.
2023-07-30 13:49:35 +02:00
Claire
993d0a9950 Merge commit '1e3b19230a48174acf524cf1a9f5a498e220ea7d' into glitch-soc/merge-upstream
Conflicts:
- `app/models/account.rb`:
  Upstream added new validations close to lines on which glitch-soc had
  modified validations to handle custom limits set through environment
  variables.
  Ported upstream changes.
- `config/initializers/content_security_policy.rb`:
  Upstream added `AZURE_ALIAS_HOST`. Glitch-soc's version of the file is
  completely different.
  Added `AZURE_ALIAS_HOST` to our version of the file.
2023-07-30 13:15:01 +02:00
Matt Jankowski
ad81be6c8e
Update rubocop rules for linelength (#26190) 2023-07-28 23:11:45 +02:00
Matt Jankowski
bada7a65aa
Ignore long line in regex initializer (#26182) 2023-07-26 09:45:27 +02:00
Claire
e5f1000ad1
Fix CSP headers being unintendedly wide (#26105) 2023-07-21 13:34:15 +02:00
Claire
934c7b33d1
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades (#26023) 2023-07-21 13:17:43 +02:00
Misty De Méo
b848ba3867
Paperclip: add support for Azure blob storage (#23607) 2023-07-19 09:02:49 +02:00
Claire
2d09653d50 Merge commit '0d7340380cf3094335d8bc67f7c465e2b154566a' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/application_controller.rb:
  Upstream added an `include` where we had an extra `include` due to
  glitch-soc's theming system.
  Added upstream's new `include`.
2023-07-13 13:35:15 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Claire
9ae60f8738 Merge commit '82e477b184b5666fff7fb55933dce22ca2925db8' into glitch-soc/merge-upstream
Conflicts:
- `db/migrate/20180831171112_create_bookmarks.rb`:
  Upstream ran a lint fix on this file, but this file is different in
  glitch-soc because the feature was added much earlier.
  Ran the lint fix on our own version of the file.
2023-07-12 16:03:05 +02:00
Claire
82eebd0482 Merge commit '41a505513fb36f7c28c8d8a4270d5ee192169462' into glitch-soc/merge-upstream
Conflicts:
- `app/serializers/initial_state_serializer.rb`:
  Upstream renamed an initial state parameter, where we had extra ones.
  Renamed as upstream did.
- `app/workers/feed_insert_worker.rb`:
  Upstream wrapped database query in a block, we had extra database
  queries because of the DM timeline.
  Moved everything in the block.
2023-07-12 15:27:32 +02:00
Matt Jankowski
2e1391fdd2
Fix Naming/MemoizedInstanceVariableName cop (#25928) 2023-07-12 10:08:51 +02:00
Nick Schonning
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Kurtis Rainbolt-Greene
e4cfe4b3db
First pass at multi-database for read replica using Rails native adapter (#25693)
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Claire
ff7aae3037 Merge branch 'main' into glitch-soc/merge-upstream 2023-07-06 15:16:34 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko
ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski
50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00