PatOnTheBack
2ea4dbb035
Bump handlebars from 4.1.0 to 4.1.2 ( #11293 )
...
Bumps [handlebars](https://github.com/wycats/handlebars.js ) from 4.1.0 to 4.1.2.
- [Release notes](https://github.com/wycats/handlebars.js/releases )
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md )
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.1.0...v4.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
5 years ago
dependabot-preview[bot]
6af0c955e1
Bump rubocop-rails from 2.0.1 to 2.2.0 ( #11257 )
...
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails ) from 2.0.1 to 2.2.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.0.1...v2.2.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
Eugen Rochko
6ff67be0f6
Add a spam check ( #11217 )
...
* Add a spam check
* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance
* Add more tests
* Add exemption when the message is a reply to something that mentions the sender
* Use Nilsimsa Compare Value instead of Levenshtein distance
* Use MD5 for messages shorter than 10 characters
* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account
* Expire spam check data after 3 months
* Add support for local statuses, reduce expiration to 1 week, always create a report
* Add content warnings to the spam check and exempt empty statuses
* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check
* Add all matched statuses into automatic report
5 years ago
han@highemelry
402302776c
Change the retry limit in error of web push notification ( #11292 )
...
- Change the maximum count of retry for web push notification (Default -> 5).
- In case of high load of subscribe server, the retries will be repeated many times.
- Because the retries occupy the default queue, maximum retry count should be reduced.
5 years ago
Eugen Rochko
5bf67ca913
Add ActivityPub secure mode ( #11269 )
...
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
5 years ago
ThibG
4e1260feaa
Fix BlockService trying to reject incorrect follow request ( #11288 )
...
Fixes #11148
5 years ago
Eugen Rochko
4e8dcc5dbb
Add HTTP signatures to all outgoing ActivityPub GET requests ( #11284 )
5 years ago
dependabot-preview[bot]
a6dc6a242f
[Security] Bump lodash from 4.17.11 to 4.17.13 ( #11287 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.11 to 4.17.13. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
Thibaut Girka
0baaee495f
Fix report dialog crashing when a toot gets deleted
...
Fixes #1155
5 years ago
Eugen Rochko
5d3feed191
Refactor fetching of remote resources ( #11251 )
5 years ago
ThibG
d04c584159
Drop magic-public-key from webfinger replies as it's only used for OStatus ( #11280 )
5 years ago
ThibG
85eb418e1f
Fix handling of webfinger redirects in ResolveAccountService ( #11279 )
5 years ago
ThibG
27ad4c1501
Fix old migration script depending on the StreamEntry model ( #11278 )
5 years ago
Eugen Rochko
6172263a63
Fix activity being rendered within activity due to caching ( #11271 )
...
Fix #11270
5 years ago
Eugen Rochko
4e92183227
Refactor domain block checks ( #11268 )
5 years ago
ThibG
1e7187f2a8
Fix Status.remote scope matching *all* statuses ( #11265 )
5 years ago
Eugen Rochko
ef15246397
Remove unused remote unfollow controller ( #11250 )
5 years ago
Eugen Rochko
63c7fe8e48
Refactor controllers for statuses, accounts, and more ( #11249 )
5 years ago
dependabot-preview[bot]
f14776475d
Bump faker from 1.9.3 to 1.9.6 ( #11259 )
...
Bumps [faker](https://github.com/stympy/faker ) from 1.9.3 to 1.9.6.
- [Release notes](https://github.com/stympy/faker/releases )
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/stympy/faker/compare/v1.9.3...1.9.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
d76ca8964c
Bump simplecov from 0.16.1 to 0.17.0 ( #11260 )
...
Bumps [simplecov](https://github.com/colszowka/simplecov ) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/colszowka/simplecov/releases )
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md )
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
01ee35f14a
Bump aws-sdk-s3 from 1.43.0 to 1.45.0 ( #11262 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.43.0 to 1.45.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.43.0...v1.45.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
f935004a74
Bump tzinfo-data from 1.2019.1 to 1.2019.2 ( #11258 )
...
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2019.1 to 1.2019.2.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.1...v1.2019.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
d0b40ae7dd
Bump eslint-plugin-react from 7.12.1 to 7.14.2 ( #11253 )
...
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.12.1 to 7.14.2.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.12.1...v7.14.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
76d5fd1c5c
Bump @babel/plugin-proposal-class-properties from 7.4.4 to 7.5.0 ( #11254 )
...
Bumps [@babel/plugin-proposal-class-properties](https://github.com/babel/babel ) from 7.4.4 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.4.4...v7.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
1a8bbcdca4
Bump compression-webpack-plugin from 2.0.0 to 3.0.0 ( #11224 )
...
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin ) from 2.0.0 to 3.0.0.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v2.0.0...v3.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
6a313f872a
Bump intl-relativeformat from 2.2.0 to 6.4.2 ( #11255 )
...
Bumps [intl-relativeformat](https://github.com/formatjs/formatjs ) from 2.2.0 to 6.4.2.
- [Release notes](https://github.com/formatjs/formatjs/releases )
- [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@2.2.0...intl-relativeformat@6.4.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
dependabot-preview[bot]
239befc6e8
Bump react-redux from 6.0.1 to 7.1.0 ( #11256 )
...
Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 6.0.1 to 7.1.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v6.0.1...v7.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
5 years ago
ThibG
87c1ad4ea3
Fix BackupService crashing when an attachment is missing ( #11241 )
...
* Fix BackupService crashing when an attachment is missing
For various reasons such as admin error or out-of-sync media and
database backups, it might be possible for local attachments to be lost.
This commit allows the BackupService to continue its work even if some media
file is missing.
* Change error message
5 years ago
ThibG
fce885f271
Merge pull request #1152 from ThibG/glitch-soc/merge-upstream
...
Merge upstream changes
5 years ago
Georg Gadinger
3ece6e25e6
Update fuubar dependency to 2.4.1 ( #11248 )
...
See also: thekompanee/fuubar#111
5 years ago
Eugen Rochko
b851456139
Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ( #11247 )
5 years ago
Thibaut Girka
5ff9970c8d
Re-add route for direct timeline
5 years ago
ThibG
64f3bc77ac
[Glitch] Only scroll to the compose form if it's not horizontally in the viewport
...
Port c07cca4727
to glitch-soc
5 years ago
ThibG
a0b614f10a
Fix support for HTTP proxies ( #11245 )
...
* Disable incorrect check for hidden services in Socket
Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.
Hidden services are already filtered in `Request#initialize`.
* Use our Socket class to connect to HTTP proxies
Avoid the timeout logic being bypassed
* Add support for IP addresses in Request::Socket
* Refactor a bit, no need to keep the DNS resolver around
5 years ago
Thibaut Girka
7039dca12c
Merge commit 'c07cca4727041ea5a5721acbc603d4bfb45a15a6' into glitch-soc/merge-upstream
...
Unlike upstream, kept the direct timeline endpoint, as it is still of use in
glitch-soc.
5 years ago
Eugen Rochko
406b46395d
Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker ( #11231 )
5 years ago
ThibG
58276715be
Fix support for HTTP proxies ( #11245 )
...
* Disable incorrect check for hidden services in Socket
Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.
Hidden services are already filtered in `Request#initialize`.
* Use our Socket class to connect to HTTP proxies
Avoid the timeout logic being bypassed
* Add support for IP addresses in Request::Socket
* Refactor a bit, no need to keep the DNS resolver around
5 years ago
Eugen Rochko
23aeef52cc
Remove Salmon and PubSubHubbub ( #11205 )
...
* Remove Salmon and PubSubHubbub endpoints
* Add error when trying to follow OStatus accounts
* Fix new accounts not being created in ResolveAccountService
5 years ago
ThibG
c07cca4727
Only scroll to the compose form if it's not horizontally in the viewport ( #11246 )
...
Avoids jumping the scroll around vertically when giving it focus and
editing long toots.
5 years ago
Eugen Rochko
ae003d54f9
Fix option to send e-mail notification about account action always being true ( #11242 )
5 years ago
ThibG
ed544f3166
Fix HTTP requests to IPv6 hosts ( #11240 )
5 years ago
Thibaut Girka
e5f4d83e60
Allow serializing local-only toots in backup service
...
Fixes #1153
5 years ago
Eugen Rochko
0c1b1069c9
Remove deprecated REST API `GET /api/v1/statuses/:id/card` ( #11213 )
5 years ago
Eugen Rochko
30f5bcf3e7
Remove deprecated REST API `POST /api/v1/notifications/dismiss?id=:id` ( #11214 )
5 years ago
Eugen Rochko
3fd6ab99e6
Remove deprecated REST API `GET /api/v1/timelines/direct` ( #11212 )
5 years ago
ThibG
47c30be8d8
[Glitch] Memoize ancestorIds and descendantIds in detailed status view
...
Port 99924f282f
to glitch-soc
5 years ago
ThibG
894d82a325
[Glitch] When deleting & redrafting a poll, fill in closest expires_in
...
Port dc88d226e1
to glitch-soc
5 years ago
Thibaut Girka
6ab84c12a7
Merge branch 'master' into glitch-soc/merge-upstream
5 years ago
ThibG
99924f282f
Memoize ancestorIds and descendantIds in detailed status view ( #11234 )
5 years ago
Eugen Rochko
3bc0c4a884
Remove unused StatsD code and expose StatsD as a global variable ( #11232 )
...
The instrumentation code was used for StatsD metrics collection
prior to the switch to the nsa gem and should have been removed
at that point as it no longer does anything at all
5 years ago