b2448fbe1b
Merge tag 'v3.5.5'
2022-11-16 14:36:21 +11:00
Claire
696f7b3608
Bump version to 3.5.5
2022-11-14 22:26:24 +01:00
Claire
b22e1476ca
Fix nodes order being sometimes mangled when rewriting emoji ( #20677 )
...
* Fix front-end emoji tests
* Fix nodes order being sometimes mangled when rewriting emoji
2022-11-14 22:20:29 +01:00
Claire
105ab82425
Bump version to 3.5.4
2022-11-14 20:09:16 +01:00
Claire
2dd8f977e8
Fix emoji substitution not applying only to text nodes in backend code
...
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-11-14 11:20:41 +01:00
Claire
2db06e1d08
Fix emoji substitution not applying only to text nodes in Web UI
...
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
2022-11-14 11:20:41 +01:00
Eugen Rochko
063579373e
Fix rate limiting for paths with formats
2022-11-14 11:20:41 +01:00
Pierre Bourdon
1659788de4
blurhash_transcoder: prevent out-of-bound reads with <8bpp images ( #20388 )
...
The Blurhash library used by Mastodon requires an input encoded as 24
bits raw RGB data. The conversion to raw RGB using Imagemagick did not
previously specify the desired bit depth. In some situations, this leads
Imagemagick to output in a pixel format using less bpp than expected.
This then manifested as segfaults of the Sidekiq process due to
out-of-bounds read, or potentially a (highly noisy) memory infoleak.
Fixes #19235 .
2022-11-14 11:20:41 +01:00
Claire
47eaf85f02
Fix crash when a remote Flag activity mentions a private post ( #18760 )
...
* Add tests
* Fix crash when a remote Flag activity mentions a private post
2022-11-14 11:20:41 +01:00
836322a3af
Revision CW3
2022-06-03 18:42:19 +10:00
83445ffbee
Missed upstream change
2022-06-03 18:29:41 +10:00
326b643cf3
Removed code not in upstream
2022-06-03 18:18:17 +10:00
e6417ff479
Bump to CW2 revision
2022-06-01 13:51:07 +10:00
0d448dfc7b
Removed several versions ago
2022-06-01 13:46:55 +10:00
7be42b0312
Some files out of sync with upstream
2022-06-01 13:31:30 +10:00
ed34f4b9a4
Merge tag 'v3.5.3'
2022-05-27 18:31:42 +10:00
Eugen Rochko
fbcbf7898f
Bump version to 3.5.3 ( #18530 )
2022-05-26 23:26:15 +02:00
Eugen Rochko
0a1992430d
Fix errors when rendering RSS feeds ( #18531 )
2022-05-26 23:02:42 +02:00
Eugen Rochko
52f4e834f2
Fix concurrent unfollowing decrementing follower count more than once ( #18527 )
2022-05-26 22:14:47 +02:00
Eugen Rochko
8a9acbe604
Fix being able to appeal a strike unlimited times ( #18529 )
...
Peculiarity of the `has_one` association is that the convenience
creation method deletes the previous association even if the new
one is invalid
2022-05-26 22:08:12 +02:00
Eugen Rochko
c4d2c39a75
Fix being able to report otherwise inaccessible statuses ( #18528 )
2022-05-26 22:08:02 +02:00
Eugen Rochko
1ff4877945
Fix empty votes arbitrarily increasing voters count in polls ( #18526 )
2022-05-26 22:06:10 +02:00
Eugen Rochko
976cd6413e
Fix moderator leak in undo_mark_statuses_as_sensitive ( #18525 )
...
Signed-off-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: 40826d <74816220+40826d@users.noreply.github.com>
2022-05-26 22:04:16 +02:00
Eugen Rochko
9f81b9f29a
Fix suspended users being able to access APIs that don't require a user ( #18524 )
2022-05-26 22:04:05 +02:00
Eugen Rochko
96129c2f10
Fix confirmation redirect to app without Location
header ( #18523 )
2022-05-26 22:03:54 +02:00
Eugen Rochko
3e0e7a1cfb
Fix follower and other counters being able to go negative ( #18517 )
2022-05-26 20:32:48 +02:00
Yamagishi Kazutoshi
702b709d9a
Add ES6 compatibility to browserslist ( #18519 )
2022-05-26 20:29:28 +02:00
Eugen Rochko
d8abc0018f
Remove 3.3.x from supported versions in security policy ( #18516 )
2022-05-26 18:43:14 +02:00
Eugen Rochko
088dc0ec5a
Fix regression in tootctl search deploy
caused by unloaded attribute ( #18514 )
2022-05-26 18:05:47 +02:00
Eugen Rochko
a4fa9e23fc
Change "dangerous" to "sensitive" in privacy policy and web UI ( #18515 )
...
Fix #18470
2022-05-26 17:55:05 +02:00
Claire
440eb71310
Change unapproved and unconfirmed account to not be accessible in the REST API ( #17530 )
...
* Change unapproved and unconfirmed account to not be accessible in the REST API
* Change Account#searchable? to reject unconfirmed and unapproved users
* Disable search for unapproved and unconfirmed users in Account.search_for
* Disable search for unapproved and unconfirmed users in Account.advanced_search_for
* Remove unconfirmed and unapproved accounts from Account.searchable scope
* Prevent mentions to unapproved/unconfirmed accounts
* Fix some old tests for Account.advanced_search_for
* Add some Account.advanced_search_for tests for existing behaviors
* Add some tests for Account.search_for
* Add Account.advanced_search_for tests unconfirmed and unapproved accounts
* Add Account.searchable tests
* Fix Account.without_unapproved scope potentially messing with previously-applied scopes
* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup
This is so that the API can still be used to check whether an username is free
to use.
2022-05-26 15:50:33 +02:00
dependabot[bot]
86f4dba47e
Bump @babel/preset-env from 7.17.12 to 7.18.2 ( #18512 )
...
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.17.12 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:16:19 +09:00
dependabot[bot]
77823333bb
Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.2 ( #18511 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.17.12 to 7.18.2.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.2/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 09:06:44 +09:00
dependabot[bot]
ddddd4c043
Bump immutable from 4.0.0 to 4.1.0 ( #18502 )
...
Bumps [immutable](https://github.com/immutable-js/immutable-js ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/immutable-js/immutable-js/releases )
- [Changelog](https://github.com/immutable-js/immutable-js/blob/main/CHANGELOG.md )
- [Commits](https://github.com/immutable-js/immutable-js/compare/v4.0.0...v4.1.0 )
---
updated-dependencies:
- dependency-name: immutable
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:41:07 +09:00
dependabot[bot]
01db331657
Bump @babel/plugin-transform-runtime from 7.17.12 to 7.18.0 ( #18489 )
...
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.17.12 to 7.18.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:06:55 +09:00
dependabot[bot]
2bc5e41b83
Bump @babel/runtime from 7.17.9 to 7.18.0 ( #18494 )
...
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.17.9 to 7.18.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-runtime )
---
updated-dependencies:
- dependency-name: "@babel/runtime"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:06:29 +09:00
dependabot[bot]
4d48d83b00
Bump @babel/core from 7.17.12 to 7.18.0 ( #18490 )
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.17.12 to 7.18.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.18.0/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-26 08:05:53 +09:00
Claire
25dda3061e
Fix unnecessary query on status creation ( #17901 )
2022-05-26 00:20:30 +02:00
Eugen Rochko
96f29ce91a
New Crowdin updates ( #18458 )
...
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations devise.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.json (Esperanto)
* New translations en.yml (Esperanto)
* New translations en.json (Esperanto)
* New translations doorkeeper.en.yml (Esperanto)
* New translations en.json (Esperanto)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations en.json (Ido)
* New translations doorkeeper.en.yml (Ido)
* New translations en.yml (Ido)
* New translations en.json (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.json (Armenian)
* New translations en.json (Armenian)
* New translations en.json (Armenian)
* New translations en.json (Scottish Gaelic)
* New translations en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Ido)
* New translations simple_form.en.yml (Ido)
* New translations en.yml (Russian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Estonian)
* New translations en.json (Estonian)
* New translations en.json (Estonian)
* New translations en.yml (Russian)
* New translations en.yml (Russian)
* New translations simple_form.en.yml (Russian)
* New translations en.yml (Russian)
* New translations simple_form.en.yml (Russian)
* New translations en.json (Sorani (Kurdish))
* New translations en.json (Sorani (Kurdish))
* New translations en.json (Sorani (Kurdish))
* New translations activerecord.en.yml (Sorani (Kurdish))
* New translations doorkeeper.en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations doorkeeper.en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* New translations en.yml (Sorani (Kurdish))
* Run `yarn manage:translations`
* Run `bundle exec i18n-tasks normalize`
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-05-24 23:33:18 +09:00
Claire
e5997a1956
Fix warning an account outside of a report closing all reports for that account ( #18387 )
...
* Fix warning an account outside of a report closing all reports for that account
* Make it clear what actions solve other reports
* Revert "Make it clear what actions solve other reports"
This reverts commit ad006de821f72e75480701298d13f0945b509059.
2022-05-23 20:38:29 +02:00
28ed4adff9
Extra assets for later
2022-05-23 20:39:44 +10:00
9a3caef1d8
Nah that gradient sucks
2022-05-23 20:35:00 +10:00
d75e89d902
Replace default avatar
2022-05-23 20:30:28 +10:00
720bdf143e
Add more Chinwag images
2022-05-23 20:13:24 +10:00
428bbbd27c
De-Tootening
2022-05-23 20:00:49 +10:00
d161ca885c
Merge upstream tag 'v3.5.2'
2022-05-23 19:28:18 +10:00
Eugen Rochko
a9b64b24d6
Change algorithm of tootctl search deploy
to improve performance ( #18463 )
2022-05-22 22:16:43 +02:00
dependabot[bot]
54bb659ad1
Bump sidekiq from 6.4.1 to 6.4.2 ( #18091 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.4.1...v6.4.2 )
---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-21 15:43:36 +09:00
Yamagishi Kazutoshi
dfb9e6dab1
Disable transpile to older iOS versions ( #18462 )
2022-05-20 04:39:05 +02:00
Yamagishi Kazutoshi
e925b06721
Fix languages dropdown on light theme ( #18460 )
2022-05-19 19:26:19 +02:00