Mike Barnes
3cafaf4630
Chinwag version tag
2022-11-16 14:49:22 +11:00
Mike Barnes
b2448fbe1b
Merge tag 'v3.5.5'
2022-11-16 14:36:21 +11:00
696f7b3608
Bump version to 3.5.5
2022-11-14 22:26:24 +01:00
b22e1476ca
Fix nodes order being sometimes mangled when rewriting emoji ( #20677 )
...
* Fix front-end emoji tests
* Fix nodes order being sometimes mangled when rewriting emoji
2022-11-14 22:20:29 +01:00
105ab82425
Bump version to 3.5.4
2022-11-14 20:09:16 +01:00
2dd8f977e8
Fix emoji substitution not applying only to text nodes in backend code
...
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-11-14 11:20:41 +01:00
2db06e1d08
Fix emoji substitution not applying only to text nodes in Web UI
...
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-11-14 11:20:41 +01:00
063579373e
Fix rate limiting for paths with formats
2022-11-14 11:20:41 +01:00
1659788de4
blurhash_transcoder: prevent out-of-bound reads with <8bpp images ( #20388 )
...
The Blurhash library used by Mastodon requires an input encoded as 24
bits raw RGB data. The conversion to raw RGB using Imagemagick did not
previously specify the desired bit depth. In some situations, this leads
Imagemagick to output in a pixel format using less bpp than expected.
This then manifested as segfaults of the Sidekiq process due to
out-of-bounds read, or potentially a (highly noisy) memory infoleak.
Fixes #19235 .
2022-11-14 11:20:41 +01:00
47eaf85f02
Fix crash when a remote Flag activity mentions a private post ( #18760 )
...
* Add tests
* Fix crash when a remote Flag activity mentions a private post
2022-11-14 11:20:41 +01:00
Mike Barnes
836322a3af
Revision CW3
2022-06-03 18:42:19 +10:00
Mike Barnes
83445ffbee
Missed upstream change
2022-06-03 18:29:41 +10:00
Mike Barnes
326b643cf3
Removed code not in upstream
2022-06-03 18:18:17 +10:00
Mike Barnes
e6417ff479
Bump to CW2 revision
2022-06-01 13:51:07 +10:00
Mike Barnes
0d448dfc7b
Removed several versions ago
2022-06-01 13:46:55 +10:00
Mike Barnes
7be42b0312
Some files out of sync with upstream
2022-06-01 13:31:30 +10:00
Mike Barnes
ed34f4b9a4
Merge tag 'v3.5.3'
2022-05-27 18:31:42 +10:00
fbcbf7898f
Bump version to 3.5.3 ( #18530 )
2022-05-26 23:26:15 +02:00
0a1992430d
Fix errors when rendering RSS feeds ( #18531 )
2022-05-26 23:02:42 +02:00
52f4e834f2
Fix concurrent unfollowing decrementing follower count more than once ( #18527 )
2022-05-26 22:14:47 +02:00
8a9acbe604
Fix being able to appeal a strike unlimited times ( #18529 )
...
Peculiarity of the `has_one` association is that the convenience
creation method deletes the previous association even if the new
one is invalid
2022-05-26 22:08:12 +02:00
c4d2c39a75
Fix being able to report otherwise inaccessible statuses ( #18528 )
2022-05-26 22:08:02 +02:00
1ff4877945
Fix empty votes arbitrarily increasing voters count in polls ( #18526 )
2022-05-26 22:06:10 +02:00
976cd6413e
Fix moderator leak in undo_mark_statuses_as_sensitive ( #18525 )
...
Signed-off-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: 40826d <74816220+40826d@users.noreply.github.com>
2022-05-26 22:04:16 +02:00
9f81b9f29a
Fix suspended users being able to access APIs that don't require a user ( #18524 )
2022-05-26 22:04:05 +02:00
96129c2f10
Fix confirmation redirect to app without `Location` header ( #18523 )
2022-05-26 22:03:54 +02:00
3e0e7a1cfb
Fix follower and other counters being able to go negative ( #18517 )
2022-05-26 20:32:48 +02:00
702b709d9a
Add ES6 compatibility to browserslist ( #18519 )
2022-05-26 20:29:28 +02:00
d8abc0018f
Remove 3.3.x from supported versions in security policy ( #18516 )
2022-05-26 18:43:14 +02:00
088dc0ec5a
Fix regression in `tootctl search deploy` caused by unloaded attribute ( #18514 )
2022-05-26 18:05:47 +02:00
a4fa9e23fc
Change "dangerous" to "sensitive" in privacy policy and web UI ( #18515 )
...
Fix #18470
2022-05-26 17:55:05 +02:00
440eb71310
Change unapproved and unconfirmed account to not be accessible in the REST API ( #17530 )
...
* Change unapproved and unconfirmed account to not be accessible in the REST API
* Change Account#searchable? to reject unconfirmed and unapproved users
* Disable search for unapproved and unconfirmed users in Account.search_for
* Disable search for unapproved and unconfirmed users in Account.advanced_search_for
* Remove unconfirmed and unapproved accounts from Account.searchable scope
* Prevent mentions to unapproved/unconfirmed accounts
* Fix some old tests for Account.advanced_search_for
* Add some Account.advanced_search_for tests for existing behaviors
* Add some tests for Account.search_for
* Add Account.advanced_search_for tests unconfirmed and unapproved accounts
* Add Account.searchable tests
* Fix Account.without_unapproved scope potentially messing with previously-applied scopes
* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup
This is so that the API can still be used to check whether an username is free
to use.
2022-05-26 15:50:33 +02:00
86f4dba47e
Bump @babel/preset-env from 7.17.12 to 7.18.2 ( #18512 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.17.12 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:16:19 +09:00
77823333bb
Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.2 ( #18511 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.17.12 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:06:44 +09:00
ddddd4c043
Bump immutable from 4.0.0 to 4.1.0 ( #18502 )
...
Bumps [immutable](https://github.com/immutable-js/immutable-js ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/immutable-js/immutable-js/releases )
- [Changelog](https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md )
- [Commits](https://github.com/immutable-js/immutable-js/compare/v4.0.0...v4.1.0 )
---
updated-dependencies:
- dependency-name: immutable
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:41:07 +09:00
01db331657
Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.0 ( #18489 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.17.12 to 7.18.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:06:55 +09:00
2bc5e41b83
Bump @babel/runtime from 7.17.9 to 7.18.0 ( #18494 )
...
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.17.9 to 7.18.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-runtime )
---
updated-dependencies:
- dependency-name: "@babel/runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:06:29 +09:00
4d48d83b00
Bump @babel/core from 7.17.12 to 7.18.0 ( #18490 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.17.12 to 7.18.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:05:53 +09:00
25dda3061e
Fix unnecessary query on status creation ( #17901 )
2022-05-26 00:20:30 +02:00
96f29ce91a
New Crowdin updates ( #18458 )
...
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations devise.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.json (Esperanto)
* New translations en.yml (Esperanto)
* New translations en.json (Esperanto)
* New translations doorkeeper.en.yml (Esperanto)
* New translations en.json (Esperanto)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.json (Armenian)
* New translations en.json (Armenian)
* New translations en.json (Armenian)
* New translations en.json (Scottish Gaelic)
* New translations en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Russian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Russian)
* New translations en.yml (Russian)
* New translations simple_form.en.yml (Russian)
* New translations en.yml (Russian)
* New translations simple_form.en.yml (Russian)
* New translations en.json (Sorani (Kurdish))
* New translations en.json (Sorani (Kurdish))
* New translations en.json (Sorani (Kurdish))
* New translations activerecord.en.yml (Sorani (Kurdish))
* New translations doorkeeper.en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations doorkeeper.en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* Run `yarn manage:translations`
* Run `bundle exec i18n-tasks normalize`
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-05-24 23:33:18 +09:00
e5997a1956
Fix warning an account outside of a report closing all reports for that account ( #18387 )
...
* Fix warning an account outside of a report closing all reports for that account
* Make it clear what actions solve other reports
* Revert "Make it clear what actions solve other reports"
This reverts commit ad006de821f72e75480701298d13f0945b509059.
2022-05-23 20:38:29 +02:00
Mike Barnes
28ed4adff9
Extra assets for later
2022-05-23 20:39:44 +10:00
Mike Barnes
9a3caef1d8
Nah that gradient sucks
2022-05-23 20:35:00 +10:00
Mike Barnes
d75e89d902
Replace default avatar
2022-05-23 20:30:28 +10:00
Mike Barnes
720bdf143e
Add more Chinwag images
2022-05-23 20:13:24 +10:00
Mike Barnes
428bbbd27c
De-Tootening
2022-05-23 20:00:49 +10:00
Mike Barnes
d161ca885c
Merge upstream tag 'v3.5.2'
2022-05-23 19:28:18 +10:00
a9b64b24d6
Change algorithm of `tootctl search deploy` to improve performance ( #18463 )
2022-05-22 22:16:43 +02:00
54bb659ad1
Bump sidekiq from 6.4.1 to 6.4.2 ( #18091 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.4.1...v6.4.2 )
---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-21 15:43:36 +09:00
dfb9e6dab1
Disable transpile to older iOS versions ( #18462 )
2022-05-20 04:39:05 +02:00
Mike Barnes
Claire
Eugen Rochko
Pierre Bourdon
Yamagishi Kazutoshi
dependabot[bot]