Commit graph

493 commits

Author SHA1 Message Date
Claire
73a78cc19d
Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) 2024-05-30 12:56:18 +00:00
Claire
3fa0dd0b88
Merge pull request from GHSA-c2r5-cfqr-c553
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
2024-05-30 14:24:29 +02:00
Claire
16249946ae
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Emelia Smith
d20a5c3ec9
Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-29 14:00:05 +00:00
Nick Schonning
87156f57b5
Enable Style/StringConcatenation (#30428) 2024-05-27 09:41:45 +00:00
Renaud Chaput
acc77c3836
Add instrumentation to the search services (#30350) 2024-05-24 13:13:23 +00:00
Renaud Chaput
9658d3e580
Use the job class as span name for Sidekiq root spans (#30353) 2024-05-20 08:01:04 +00:00
Claire
12472e7f40
Add emphasis on ActiveRecord Encryption configuration values being secret (#30340) 2024-05-17 09:28:40 +00:00
Matt Jankowski
1b6eb2c7f0
Enable YJIT when available (#30310) 2024-05-16 09:56:48 +00:00
Renaud Chaput
283a891e92
Allow to customise the OTEL service name prefix (#30322) 2024-05-16 09:28:10 +00:00
Matt Jankowski
6beead3867
Move simplecov config into rails_helper (#30302) 2024-05-15 09:33:36 +00:00
Nick Schonning
13fb54920b
Enable Style/IfUnlessModifier RuboCop (#30260) 2024-05-13 09:54:15 +00:00
Renaud Chaput
68b9fe824d
Add OpenTelemetry instrumentation (#30130)
Co-authored-by: Juliano Costa <juliano.costa@datadoghq.com>
Co-authored-by: Robb Kidd <robbkidd@honeycomb.io>
2024-05-10 12:40:20 +00:00
Matt Jankowski
040aaf3a48
Use default: ... assignment for Devise config, fixes Style/ClassVars cop (#30214) 2024-05-10 09:42:01 +00:00
Claire
33368e3e79
Change ActiveRecordEncryption variable to be more explicit (#30151) 2024-05-03 09:26:24 +00:00
Matt Jankowski
32ead51e5a
Add material design icons to admin/settings views (#27780)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-04-23 16:43:49 +00:00
Emelia Smith
049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
Tim Rogers
1ca6ff8ca5
Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-04-22 09:00:24 +00:00
Matt Jankowski
c7384adc00
Fix Style/TrailingCommaInArguments cop (#30003) 2024-04-19 20:37:18 +00:00
Matt Jankowski
933189887b
Fix Style/StringLiterals cop (#30005) 2024-04-19 20:33:00 +00:00
Matt Jankowski
8d47ba893a
Fix Style/PercentLiteralDelimiters cop (#30006) 2024-04-19 20:32:26 +00:00
Matt Jankowski
828299e71c
Enable AR Encryption (#29831) 2024-04-17 09:19:02 +00:00
Matt Jankowski
0d9ad96d3f
Rename PremailerWebpackStrategy -> PremailerBundledAssetStrategy (#29934) 2024-04-15 09:16:59 +00:00
Matt Jankowski
edde54e991
Update stoplight to version 4.1.0 (#28366) 2024-04-02 15:47:40 +00:00
Matt Jankowski
a59f5694fe
Add empty line after magic frozen string comment (#29696) 2024-03-21 14:12:50 +00:00
Matt Jankowski
6c68c3c0ce
Introduce inline_svg gem, minimal usage, prep for material design icons (#29612) 2024-03-19 09:03:15 +00:00
Matt Jankowski
a38e424185
Use unchanging github links in docs/comments (#29545) 2024-03-11 15:14:55 +00:00
Dave MacLeod
b6b94c971f
Add Interlingue to available_locales (#28630) 2024-03-01 17:51:22 +00:00
Emelia Smith
46142cdbdd
Disable administrative doorkeeper routes (#29187) 2024-02-13 18:11:47 +00:00
Claire
8125dae5a8
Rename ES_CA_CERT to ES_CA_FILE for consistency (#29147) 2024-02-12 09:54:06 +00:00
Claire
2912829411
Add support for specifying custom CA cert for Elasticsearch (#29122) 2024-02-07 12:09:43 +00:00
Claire
64300e0fe3
Fix self-destruct schedule not actually replacing initial schedule (#29049) 2024-02-06 15:32:09 +00:00
Matt Jankowski
c523a9601b
Rename local webpack* var in development env CSP config (#28766) 2024-01-17 09:22:16 +00:00
Matt Jankowski
0ce081fe49
Remove monkey patch in favor of supported Devise config value (#28760) 2024-01-17 09:08:17 +00:00
HTeuMeuLeu
7f471e70c0
Update new email templates (#28416)
Co-authored-by: Matt Jankowski <matt@jankowski.online>
2024-01-15 18:18:59 +00:00
Matt Jankowski
4e02838832
Enable "low risk" Rails 7.1 setting defaults (#28626) 2024-01-09 12:50:57 +00:00
gunchleoc
173953c23e
Fix ISO code for Canadian French (#26015)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-09 10:56:13 +00:00
Matt Jankowski
e09419f22a
Move old framework defaults file to regular config value (#28623) 2024-01-08 10:17:38 +00:00
Matt Jankowski
a27a82939d
Remove the 7.1 marshalling format "todo" from new_framework_defaults (#28625) 2024-01-08 10:16:33 +00:00
Claire
bd415af9a1
Change streaming API host to not be overridden to localhost in development mode (#28557) 2024-01-03 10:23:58 +00:00
Matt Jankowski
e56fb9e489
Fix Style/SymbolProc cop (#28386) 2023-12-18 09:32:02 +00:00
Matt Jankowski
e5717c9bc6
Fix Style/Lambda cop (#28378) 2023-12-15 14:34:24 +00:00
Matt Jankowski
1ee8d1e50e
Assign a proc to Rack::Request.ip_filter instead of patching method (#28380) 2023-12-15 14:33:56 +00:00
Claire
f37c93f3d7
Change cookie rotator to use SHA1 digest for new cookies (#27392) 2023-12-12 12:01:08 +00:00
Matt Jankowski
42afd30324
Replace Sprockets with Propshaft (#28239) 2023-12-06 10:19:24 +00:00
Matt Jankowski
a8473f582d
Add zeitwerk inflector for cli->CLI (#27635) 2023-11-30 13:55:20 +00:00
Claire
85662a5a57
Change img-src and media-src CSP directives to not include https: (#28025) 2023-11-30 13:47:01 +00:00
Matt Jankowski
31bef99b9e
Move lib/mastodon/premailer_webpack_strategy to lib/ (#27636) 2023-11-29 10:08:55 +00:00
Matt Jankowski
9429e30d75
Disable sidekiq unique jobs in test env (#27737) 2023-11-09 16:19:04 +00:00
Matt Jankowski
c875dfc90b
Fix Lint/UnusedBlockArgument cop (#27777) 2023-11-09 09:43:26 +00:00