Eugen Rochko
b3e9094e14
Bump devise-two-factor from git to 4.0.0 ( #15987 )
4 years ago
Daigo 3 Dango
3f8d0de82e
Upgrade Ruby to 2.7.3 ( #16004 )
...
* Upgrade Ruby to 2.7.3
https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows
* Update rexml to 3.2.5
https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
4 years ago
Eugen Rochko
3f2533ca8e
Fix autoloading deprecation warnings from Rails 6 ( #16010 )
4 years ago
Eugen Rochko
ed7d459d7f
Fix deprecation warning for Sidekiq web session secret ( #16009 )
4 years ago
Sean
bf74a7e06d
Update copyright year ( #16003 )
4 years ago
Claire
c5fe0864d1
Fix SidekiqProcessCheck checking for a queue name that isn't used in Mastodon ( #16002 )
4 years ago
dependabot[bot]
2fe84f194b
Bump redis from 3.0.2 to 3.1.0 ( #15998 )
...
Bumps [redis](https://github.com/NodeRedis/node-redis ) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/NodeRedis/node-redis/releases )
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md )
- [Commits](https://github.com/NodeRedis/node-redis/compare/v3.0.2...v3.1.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
c55bd01cf9
Bump classnames from 2.2.6 to 2.3.1 ( #16000 )
...
Bumps [classnames](https://github.com/JedWatson/classnames ) from 2.2.6 to 2.3.1.
- [Release notes](https://github.com/JedWatson/classnames/releases )
- [Changelog](https://github.com/JedWatson/classnames/blob/master/HISTORY.md )
- [Commits](https://github.com/JedWatson/classnames/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Claire
117f6638d0
Fix SVG files not being correctly included in templates ( #16001 )
...
In Rails 6.1, raw file inclusion in templates have to be explicitly marked as
HTML-safe, otherwise it's rendered as text.
4 years ago
dependabot[bot]
3511797e3f
Bump rubocop from 1.12.0 to 1.12.1 ( #15996 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.12.0...v1.12.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
c847f83772
Bump webpack-assets-manifest from 4.0.1 to 4.0.2 ( #15999 )
...
Bumps [webpack-assets-manifest](https://github.com/webdeveric/webpack-assets-manifest ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/webdeveric/webpack-assets-manifest/releases )
- [Commits](https://github.com/webdeveric/webpack-assets-manifest/compare/v4.0.1...v4.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
47d093f058
Bump @testing-library/react from 11.2.5 to 11.2.6 ( #15997 )
...
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library ) from 11.2.5 to 11.2.6.
- [Release notes](https://github.com/testing-library/react-testing-library/releases )
- [Changelog](https://github.com/testing-library/react-testing-library/blob/master/CHANGELOG.md )
- [Commits](https://github.com/testing-library/react-testing-library/compare/v11.2.5...v11.2.6 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Eugen Rochko
487e37d6d4
Add system checks to dashboard in admin UI ( #15989 )
4 years ago
Eugen Rochko
82cce18227
Change health check ( #15988 )
4 years ago
Claire
abad99fa10
Fix crash in old browsers ( #15985 )
...
Fixes #15984
4 years ago
abcang
ddabbbf5a6
Fix DB connection pool settings in CLI ( #15983 )
4 years ago
dependabot[bot]
f5bcc6bc65
Bump react-select from 4.0.2 to 4.3.0 ( #15969 )
...
Bumps [react-select](https://github.com/JedWatson/react-select ) from 4.0.2 to 4.3.0.
- [Release notes](https://github.com/JedWatson/react-select/releases )
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md )
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@4.0.2...react-select@4.3.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
8391ac55a8
Bump eslint from 7.22.0 to 7.23.0 ( #15971 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 7.22.0 to 7.23.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.22.0...v7.23.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
2d43f6b8d0
Bump @babel/preset-react from 7.12.13 to 7.13.13 ( #15965 )
...
Bumps [@babel/preset-react](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-react ) from 7.12.13 to 7.13.13.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.13.13/packages/babel-preset-react )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
4a062d1c14
Bump react-redux from 7.2.2 to 7.2.3 ( #15963 )
...
Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 7.2.2 to 7.2.3.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.2...v7.2.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
bc0eb29446
Bump @babel/core from 7.13.10 to 7.13.14 ( #15979 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.13.10 to 7.13.14.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.13.14/packages/babel-core )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
a394b08fd7
Bump aws-sdk-s3 from 1.92.0 to 1.93.0 ( #15973 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.92.0 to 1.93.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
6fca11f0b8
Bump eslint-plugin-react from 7.22.0 to 7.23.1 ( #15967 )
...
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.22.0 to 7.23.1.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.22.0...v7.23.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
6b2eacbeeb
Bump rubocop from 1.11.0 to 1.12.0 ( #15970 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.11.0...v1.12.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
6fe6412bcc
Bump parallel_tests from 3.5.2 to 3.6.0 ( #15968 )
...
Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.5.2 to 3.6.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.5.2...v3.6.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
1d61af9a9a
Bump fabrication from 2.21.1 to 2.22.0 ( #15966 )
...
Bumps [fabrication](https://github.com/paulelliott/fabrication ) from 2.21.1 to 2.22.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases )
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown )
- [Commits](https://github.com/paulelliott/fabrication/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
b800cdc26a
Bump webmock from 3.12.1 to 3.12.2 ( #15964 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.12.1...v3.12.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
383be67a3a
Bump @testing-library/jest-dom from 5.11.9 to 5.11.10 ( #15972 )
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 5.11.9 to 5.11.10.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.11.9...v5.11.10 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
860f0ed06f
Bump mini-css-extract-plugin from 1.3.9 to 1.4.0 ( #15976 )
...
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin ) from 1.3.9 to 1.4.0.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.3.9...v1.4.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
a24baa7c15
Bump @babel/preset-env from 7.13.10 to 7.13.12 ( #15975 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.13.10 to 7.13.12.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.13.12/packages/babel-preset-env )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
af6da8e0b3
Bump css-loader from 5.1.3 to 5.2.0 ( #15961 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 5.1.3 to 5.2.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.3...v5.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Mashiro
e3f1107975
build: install shared-mime-info in Dockerfile ( #15978 )
4 years ago
dependabot[bot]
84eedff19a
Bump pghero from 2.8.0 to 2.8.1 ( #15962 )
...
Bumps [pghero](https://github.com/ankane/pghero ) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/ankane/pghero/releases )
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/pghero/compare/v2.8.0...v2.8.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
479d58242b
Bump rails from 6.1.3 to 6.1.3.1 ( #15960 )
...
Bumps [rails](https://github.com/rails/rails ) from 6.1.3 to 6.1.3.1.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v6.1.3...v6.1.3.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Claire
a650a1157d
Fix /admin/tags/:id crashing since Rails 6.1 update ( #15953 )
...
Raw SQL passed to `pluck` now has to be explicitly marked as SQL via
Arel.sql, see https://github.com/rails/rails/pull/27947
4 years ago
Claire
59f94593d0
Add warning in admin dashboard if some required queues are not handled ( #15954 )
4 years ago
Eugen Rochko
dd1eb9918a
Add `email` param to `POST /api/v1/emails/confirmations` ( #15949 )
...
Allow changing e-mail as long as the account is unconfirmed
4 years ago
Marcin Mikołajczak
f8e50eaea3
Add transition to media modal background ( #15843 )
...
* Add transition to media modal background
* use reduceMotion
* Move background color transition into css
Signed-off-by: marcin mikołajczak <me@mkljczk.pl>
4 years ago
Stanislas
d33351af3c
tootctl emoji import: case insensitive duplicate check ( #15738 )
4 years ago
dependabot[bot]
88d69d3261
Bump brakeman from 4.10.1 to 5.0.0 ( #15656 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.10.1...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Yurii Izorkin
297a3cf904
templates/systemd/mastodon: enable sandbox mode ( #15937 )
4 years ago
Claire
cbd0ee1d07
Update Mastodon to Rails 6.1 ( #15910 )
...
* Update devise-two-factor to unreleased fork for Rails 6 support
Update tests to match new `rotp` version.
* Update nsa gem to unreleased fork for Rails 6 support
* Update rails to 6.1.3 and rails-i18n to 6.0
* Update to unreleased fork of pluck_each for Ruby 6 support
* Run "rails app:update"
* Add missing ActiveStorage config file
* Use config.ssl_options instead of removed ApplicationController#force_ssl
Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.
* Fix nonce directives by removing Rails 5 specific monkey-patching
* Fix fixture_file_upload deprecation warning
* Fix yield-based test failing with Rails 6
* Use Rails 6's index_with when possible
* Use ActiveRecord::Cache::Store#delete_multi from Rails 6
This will yield better performances when deleting an account
* Disable Rails 6.1's automatic preload link headers
Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.
In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.
* Switch to Rails 6.0 default config
* Switch to Rails 6.1 default config
* Do not include autoload paths in the load path
4 years ago
Claire
82556834cf
Change mastodon:setup to not call assets:precompile in docker ( #13942 )
...
It appears assets are built during image build, and they shouldn't need
to be rebuilt, since we now have reproducible builds.
4 years ago
Claire
1c4dee4554
Fix Mastodon not understanding as:Public and Public ( #15948 )
...
Fixes #5551
4 years ago
Claire
034f37b85a
Fix compose form behavior in mobile view ( #15555 )
...
* Fix ComposeForm being mounted twice in mobile view
Fixes #13094
* Fix compose form focus and pre-selection behavior in mobile view
* Split _updateFocusAndSelection out of componentDidUpdate
4 years ago
Claire
49814d5799
Switch from deprecated ClusterWS/cws to ws package ( #15932 )
...
* Switch from deprecated ClusterWS/cws to ws package
Fixes #15184
Co-authored-by: Edho Arief <me@nanaya.pro>
* Make bufferutil and utf-8-validate optional dependencies
Co-authored-by: Edho Arief <me@nanaya.pro>
4 years ago
dependabot[bot]
c3aef491d6
Bump react-select from 3.2.0 to 4.0.2 ( #15624 )
...
* Bump react-select from 3.2.0 to 4.0.2
Bumps [react-select](https://github.com/JedWatson/react-select ) from 3.2.0 to 4.0.2.
- [Release notes](https://github.com/JedWatson/react-select/releases )
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md )
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.2.0...react-select@4.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
* Add cacheKey to NonceProvider for react-select
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
4 years ago
dependabot[bot]
1b3ebcfe53
Bump aws-sdk-s3 from 1.91.0 to 1.92.0 ( #15938 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.91.0 to 1.92.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
6b5cda6ec3
Bump css-loader from 5.1.2 to 5.1.3 ( #15940 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 5.1.2 to 5.1.3.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v5.1.2...v5.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
229968bdff
Bump rspec-rails from 5.0.0 to 5.0.1 ( #15939 )
...
Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago