ThibG
f84239ecab
Fix suspension/unsuspension not working because of FeedManager change ( #15099 )
4 years ago
Eugen Rochko
acc1c03861
Fix cookies not having a SameSite attribute ( #15098 )
4 years ago
Eugen Rochko
9b1f2a4b61
Add subresource integrity for JS and CSS assets ( #15096 )
...
Fix #2744
4 years ago
Mélanie Chauvel
68d4b2b83e
Display “Show newer” and “Show older” instead of “Show more” in public pages ( #15052 )
4 years ago
ThibG
b29defb851
Change order of announcements in admin page to sort them newest-first ( #15091 )
...
* Change order of announcements in admin page to sort show newly-created first
Fixes #15090
* Use reverse-chronological rather than creation date only
4 years ago
Takeshi Umeda
d6fe0c94ca
Add account sensitized ( #14361 )
...
* Add account sensitized
* Fix i18n normalize
* Fix description and spec
* Fix spec
* Fix wording
4 years ago
dependabot[bot]
f90620b2f3
Bump puma from 5.0.2 to 5.0.4 ( #15085 )
...
Bumps [puma](https://github.com/puma/puma ) from 5.0.2 to 5.0.4.
- [Release notes](https://github.com/puma/puma/releases )
- [Changelog](https://github.com/puma/puma/blob/master/History.md )
- [Commits](https://github.com/puma/puma/compare/v5.0.2...v5.0.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Mashiro
f720af6b72
Add limitation of image's max zoom rate (max to the original size of image) ( #15094 )
...
* limit image max scale rate to fit the actual image size
* replace with MIN_SCALE
* fix behavior on touch screen
4 years ago
dependabot[bot]
ab00998503
Bump webpack-merge from 4.2.2 to 5.0.9 ( #14424 )
...
* Bump webpack-merge from 4.2.2 to 5.0.9
Bumps [webpack-merge](https://github.com/survivejs/webpack-merge ) from 4.2.2 to 5.0.9.
- [Release notes](https://github.com/survivejs/webpack-merge/releases )
- [Changelog](https://github.com/survivejs/webpack-merge/blob/master/CHANGELOG.md )
- [Commits](https://github.com/survivejs/webpack-merge/compare/v4.2.2...v5.0.9 )
Signed-off-by: dependabot[bot] <support@github.com>
* Fix import path
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
4 years ago
dependabot[bot]
e16b0fb15a
Bump detect-passive-events from 1.0.5 to 2.0.1 ( #15003 )
...
* Bump detect-passive-events from 1.0.5 to 2.0.1
Bumps [detect-passive-events](https://github.com/rafgraph/detect-passive-events ) from 1.0.5 to 2.0.1.
- [Release notes](https://github.com/rafgraph/detect-passive-events/releases )
- [Commits](https://github.com/rafgraph/detect-passive-events/compare/v1.0.5...v2.0.1 )
Signed-off-by: dependabot[bot] <support@github.com>
* Migrate to detect-passive-events v2
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
4 years ago
dependabot[bot]
352c4907b2
Bump sass from 1.27.0 to 1.28.0 ( #15082 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.27.0 to 1.28.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.27.0...1.28.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
4a4f23744f
Bump mini-css-extract-plugin from 1.2.0 to 1.2.1 ( #15077 )
...
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v1.2.0...v1.2.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
5b28298160
Bump eslint-plugin-jsx-a11y from 6.3.1 to 6.4.1 ( #15078 )
...
Bumps [eslint-plugin-jsx-a11y](https://github.com/evcohen/eslint-plugin-jsx-a11y ) from 6.3.1 to 6.4.1.
- [Release notes](https://github.com/evcohen/eslint-plugin-jsx-a11y/releases )
- [Changelog](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/master/CHANGELOG.md )
- [Commits](https://github.com/evcohen/eslint-plugin-jsx-a11y/compare/v6.3.1...v6.4.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
f298e78a37
Bump react-redux from 7.2.1 to 7.2.2 ( #15079 )
...
Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 7.2.1 to 7.2.2.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.1...v7.2.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
868a13b20d
Bump eslint from 7.12.0 to 7.12.1 ( #15080 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 7.12.0 to 7.12.1.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.12.0...v7.12.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
ff93ec5590
Bump compression-webpack-plugin from 6.0.3 to 6.0.4 ( #15076 )
...
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin ) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v6.0.3...v6.0.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
84cffe89fd
Bump file-loader from 6.1.1 to 6.2.0 ( #15075 )
...
Bumps [file-loader](https://github.com/webpack-contrib/file-loader ) from 6.1.1 to 6.2.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases )
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v6.1.1...v6.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
5b6676382d
Bump wicg-inert from 3.0.3 to 3.1.0 ( #15081 )
...
Bumps [wicg-inert](https://github.com/WICG/inert ) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/WICG/inert/releases )
- [Commits](https://github.com/WICG/inert/compare/v3.0.3...v3.1.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
d60485cb72
Bump sidekiq-unique-jobs from 6.0.24 to 6.0.25 ( #15083 )
...
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs ) from 6.0.24 to 6.0.25.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases )
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/commits/v6.0.25 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
f43000d32c
Bump bootsnap from 1.4.8 to 1.4.9 ( #15086 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.4.8 to 1.4.9.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.8...v1.4.9 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
Mashiro
f645dad661
add mouse scroll lock in image expand view ( #15088 )
...
* add mouse scroll lock in image expand view
* enhancement
4 years ago
Mashiro
6a2db10f76
Add expand/compress image button on image view box ( #15068 )
...
* add zoom image button
* enhance zoom algorithm & add translation
* code structure
* code structure
* code structure
* enhance grab performance
* rm useless state
* fix behavior on Firefox & scroll lock & horizontal scroll with mousewheel
* remove scroll lock on MouseWheelEvent
* code structure
* enhance algorithm and code structure
* rm Gemfile.lock from tree
* codeclimate
* fix a stupid mistake
4 years ago
Patrice Ferlet
4b2ec4a2dc
Fix postrgres secret name for cronjob ( #15072 )
...
The cronjob tries to get key from `mastodon` secret instead of
`mastodon-postgresql` - so the cronjob fails with this error:
Error: couldn't find key postgresql-password in Secret [NS]/mastodon
Another solution is to save the postgres password in mastodon secret,
but that means that the password is placed in two places.
Postgresql use <fullname>-postgresql name as secret name.
4 years ago
ThibG
fa929d8b81
Tweak signature verification ( #15069 )
...
* Add more specific error message when request body digest is invalid
This may help other implementors debug their implementation.
* Relax Host parameter requirement to GET requests
The only POST requests processed by Mastodon need objects/actors (including
their host) to be explicitly mentioned in the request's body, so replaying
a legitimate request to another host should not be a security issue.
* Support Digest headers using multiple algorithms or lowercase alogirthm names
4 years ago
ThibG
9d023ed4f6
Fix some account media gallery items having empty labels ( #15073 )
...
Remove the labels entirely for images instead of putting an empty label.
4 years ago
ThibG
c49805efb1
Fix poll ending notifications being created for each vote ( #15071 )
...
On a poll ending, notifications were created for each vote instead
of for each voter.
4 years ago
Darius Kazemi
f1f0400adc
Show announcements in reverse chronological order ( #15065 )
4 years ago
fuyu
8d7fbe7dd9
Fix wrong seek bar width on media player ( #15060 )
4 years ago
dependabot[bot]
d56e14a9cb
Bump mini-css-extract-plugin from 0.11.3 to 1.2.0 ( #15034 )
...
Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin ) from 0.11.3 to 1.2.0.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v0.11.3...v1.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
c79626493a
Bump css-loader from 4.3.0 to 5.0.0 ( #15011 )
...
Bumps [css-loader](https://github.com/webpack-contrib/css-loader ) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases )
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v4.3.0...v5.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
mayaeh
2ae751f19d
Fix width of content text fluctuating over time ( #15055 )
4 years ago
Mélanie Chauvel
c5704e75ae
Make “Mark media as sensitive” properly translatable ( #15051 )
4 years ago
Mélanie Chauvel
1d07f51039
Make visibility icon clickable as part of the time of a toot ( #15053 )
...
- Makes permalink to a toot more easily clickable
- Fix clicking between icon and time in fact clicking the display name
- Fix clicking slightly under time in fact clicking the display name
4 years ago
Mélanie Chauvel
0a8ab822e2
Sort filters by “keyword or phrase” in Settings ( #15050 )
4 years ago
Mélanie Chauvel
a5afbb62d2
Make click area of video/audio player buttons bigger in WebUI ( #15049 )
4 years ago
dependabot[bot]
4a509d5722
Bump jest from 26.5.3 to 26.6.1 ( #15037 )
...
Bumps [jest](https://github.com/facebook/jest ) from 26.5.3 to 26.6.1.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/compare/v26.5.3...v26.6.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
d388e5ce2f
Bump babel-jest from 26.5.2 to 26.6.1 ( #15036 )
...
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest ) from 26.5.2 to 26.6.1.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/commits/v26.6.1/packages/babel-jest )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
2089290849
Bump axios from 0.20.0 to 0.21.0 ( #15033 )
...
Bumps [axios](https://github.com/axios/axios ) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v0.20.0...v0.21.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
444ed97099
Bump react-test-renderer from 16.13.1 to 16.14.0 ( #15038 )
...
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer ) from 16.13.1 to 16.14.0.
- [Release notes](https://github.com/facebook/react/releases )
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/react/commits/v16.14.0/packages/react-test-renderer )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
e63c1f12c4
Bump eslint from 7.11.0 to 7.12.0 ( #15040 )
...
Bumps [eslint](https://github.com/eslint/eslint ) from 7.11.0 to 7.12.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v7.11.0...v7.12.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
56939e1037
Bump @testing-library/jest-dom from 5.11.4 to 5.11.5 ( #15039 )
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 5.11.4 to 5.11.5.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/master/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v5.11.4...v5.11.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
336b6a3c3f
Bump tzinfo-data from 1.2020.3 to 1.2020.4 ( #15041 )
...
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2020.3 to 1.2020.4.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2020.3...v1.2020.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
0a30a138b2
Bump sass-loader from 10.0.3 to 10.0.4 ( #15035 )
...
Bumps [sass-loader](https://github.com/webpack-contrib/sass-loader ) from 10.0.3 to 10.0.4.
- [Release notes](https://github.com/webpack-contrib/sass-loader/releases )
- [Changelog](https://github.com/webpack-contrib/sass-loader/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/sass-loader/compare/v10.0.3...v10.0.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
0e04878e23
Bump eslint-plugin-react from 7.21.4 to 7.21.5 ( #15043 )
...
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.21.4 to 7.21.5.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.21.4...v7.21.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
1eda0a9a25
Bump strong_migrations from 0.7.1 to 0.7.2 ( #15044 )
...
Bumps [strong_migrations](https://github.com/ankane/strong_migrations ) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases )
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.1...v0.7.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
8b4654fd85
Bump simplecov from 0.19.0 to 0.19.1 ( #15042 )
...
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov ) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases )
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md )
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.19.0...v0.19.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
652f6269f9
Bump aws-sdk-s3 from 1.83.0 to 1.83.1 ( #15045 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.83.0 to 1.83.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
dependabot[bot]
853d2761e4
Bump stackprof from 0.2.15 to 0.2.16 ( #15046 )
...
Bumps [stackprof](https://github.com/tmm1/stackprof ) from 0.2.15 to 0.2.16.
- [Release notes](https://github.com/tmm1/stackprof/releases )
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md )
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.15...v0.2.16 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 years ago
ThibG
3678b10823
Fix follow request notifications ( #15048 )
4 years ago
ThibG
1f945e7390
Fix followers synchronization mechanism not being triggered on mentions ( #15026 )
...
e.g. if someone on an instance that previously had followers gets mentioned
in a private toot, before this PR, they would not receive a
Collection-Synchronization header and may show the toot to the former followers
in addition to the mentioned person.
4 years ago