chinwag/chinwagsocial
chinwag/chinwagsocial
2
0
Fork 0
Code Issues Pull requests Releases 4 Wiki Activity
11859 commits 7 branches 329 tags 879 MiB
Commit graph

11859 commits

This branch
This branch
All branches
Author SHA1 Message Date
Levi Bard
0fe57a9140 Fix muting users with duration via the REST api (#15516) 2022-01-28 22:39:48 +01:00
Claire
3a4d9f1f2d Fix not being able to change world filter expiration back to “Never” (#15858) 
Fixes #15849
 2022-01-28 22:39:48 +01:00
ThibG
78d5bda973 Fix race conditions on account migration creation (#15597) 
* Atomically check for processing lock in Move handler

* Prevent race condition when creating account migrations

Fixes #15595

* Add tests

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-28 22:39:48 +01:00
ThibG
4b025cf7e6 Fix sign-up restrictions based on IP addresses not being enforced (#15607) 
Fixes #15606

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-28 22:39:48 +01:00
Eugen Rochko
4bd8dc09d8 Fix reports of already suspended accounts being recorded (#16047) 2022-01-28 22:39:48 +01:00
Claire
3799fd17ba Fix edge case where accepted follow cannot be processed because of follow limit (#16098) 2022-01-28 22:39:48 +01:00
Claire
53814b2b31 Fix blocking someone not clearing up list feeds (#16205) 2022-01-28 22:39:48 +01:00
ThibG
2012c5ae50 Fix maintenance script not re-indexing some indexes on textual values (#15515) 
* Fix maintenance script not re-indexing some indexes on textual values

Fixes #15475

* Refresh instance view at the end of the maintenance script run

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-28 22:39:48 +01:00
Claire
9aa7286c8f Change deduplication order of tootctl maintenance fix-duplicates (#15923) 
Hopefully fixes #15922

Also update support up to latest database schema version
 2022-01-28 22:39:48 +01:00
Eugen Rochko
4b9a0cfe5e Fix media processing getting stuck on too much stdin/stderr (#16136) 
* Fix media processing getting stuck on too much stdin/stderr

See thoughtbot/terrapin#5

* Remove dependency on paperclip-av-transcoder gem

* Remove dependency on streamio-ffmpeg gem

* Disable stdin on ffmpeg process
 2022-01-28 22:39:48 +01:00
Eugen Rochko
b593a7da8c Fix database serialization failure returning HTTP 500 (#16101) 
Database serialization failure occurs when a read-replica is used
and a query takes long enough that rows on the primary database
become unavailable. It should return HTTP 503 as it is temporary.

Re-order rescue definitions according to their status codes
 2022-01-28 22:39:48 +01:00
ThibG
48b25e457d Fix /activity endpoint not require signature in authorized fetch mode (#15592) 
Fixes #15589

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-28 22:39:48 +01:00
Claire
da14725a96 Fix crash on receiving requests with missing Digest header (#15782) 
* Fix crash on receiving requests with missing Digest header

Return an error pointing out that Digest is missing, instead of crashing.

Fixes #15743

* Fix from review feedback
 2022-01-28 22:39:48 +01:00
Claire
cc21670b3c Fix URI of repeat follow requests not being recorded (#15662) 
* Fix URI of repeat follow requests not being recorded

In case we receive a “repeat” or “duplicate” follow request, we automatically
fast-forward the accept with the latest received Activity `id`, but we don't
record it.

In general, a “repeat” or “duplicate” follow request may happen if for some
reason (e.g. inconsistent handling of Block or Undo Accept activities, an
instance being brought back up from the dead, etc.) the local instance thought
the remote actor were following them while the remote actor thought otherwise.

In those cases, the remote instance does not know about the older Follow
activity `id`, so keeping that record serves no purpose, but knowing the most
recent one is useful if the remote implementation at some point refers to it
by `id` without inlining it.

* Add tests
 2022-01-28 22:39:47 +01:00
ThibG
685cde55cb Skip processing Update activities on unknown accounts (#15514) 
This also skips fetching the actor completely.

This will be useful if we end up distributing Update activities linked to
account suspensions more widely (they are currently only delivered to
the suspended account's followers), as currently, instances not knowing
about the suspended account would fetch it to then process the suspension.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-28 22:39:47 +01:00
ThibG
a2dc4e583b Fix processing of incoming Block activities (#15546) 
Unlike locally-issued blocks, they weren't clearing follow
relationships in both directions, follow requests or notifications.

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-28 22:39:47 +01:00
Claire
13d1111a92 Fix processing of remote Delete activities (#16084) 
* Add tests

* Ensure deleted statuses are marked as such

* Save some redis memory by not storing URIs in delete_upon_arrival values

* Avoid possible race condition when processing incoming Deletes

* Avoid potential duplicate Delete forwards

* Lower lock durations to reduce issues in case of hard crash of the Rails process

* Check for `lock.aquired?` and improve comment

* Refactor RedisLock usage in app/lib/activitypub

* Fix using incorrect or non-existent sender for relaying Deletes
 2022-01-28 22:39:47 +01:00
ThibG
6386421d1a Fix profile update not being sent on profile/header picture deletion (#15461) 
Fixes #15460

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-28 22:39:47 +01:00
Claire
4063bbe04e Fix Mastodon not understanding as:Public and Public (#15948) 
Fixes #5551
 2022-01-28 22:39:47 +01:00
Eugen Rochko
4ea2c1da95 Fix remote reporters not receiving suspend/unsuspend activities (#16050) 2022-01-28 22:39:47 +01:00
abcang
47cab05003 Fix N+1 query when rendering with StatusSerializer (#15641) 2022-01-28 22:39:47 +01:00
Eugen Rochko
02d195809b Fix thread resolve worker retrying when status no longer exists (#16109) 2022-01-28 22:39:47 +01:00
Eugen Rochko
64d9b84f1d Fix media redownload worker retrying on unexpected response codes (#16111) 2022-01-28 22:39:47 +01:00
Claire
a6e9c41ed4 Bump dependencies so that 3.3.x can be installed on current systems 
New system requirement: shared-mime-info
 2022-01-28 22:39:47 +01:00
Claire
f5639e1cbe
Change public profile pages to be disabled for unconfirmed users (#17385) 
Fixes #17382

Note that unconfirmed and unapproved accounts can still be searched for
and their (empty) account retrieved using the REST API.
 2022-01-28 14:24:37 +01:00
Claire
e38fc319dc
Refactor and improve tests (#17386) 
* Change account and user fabricators to simplify and improve tests

- `Fabricate(:account)` implicitly fabricates an associated `user` if
  no `domain` attribute is given (an account with `domain: nil` is
  considered a local account, but no user record was created), unless
  `user: nil` is passed
- `Fabricate(:account, user: Fabricate(:user))` should still be possible
  but is discouraged.

* Fix and refactor tests

- avoid passing unneeded attributes to `Fabricate(:user)` or
  `Fabricate(:account)`
- avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other
  way around
- prefer `Fabricate(:user, account_attributes: …)` to
  `Fabricate(:user, account: Fabricate(:account, …)`
- also, some tests were using remote accounts with local user records, which is
  not representative of production code.
 2022-01-28 00:46:42 +01:00
Claire
03d59340da
Fix Sidekiq warnings about JSON serialization (#17381) 
* Fix Sidekiq warnings about JSON serialization

This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.

See https://github.com/mperham/sidekiq/pull/5071

We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.

* Set Sidekiq to raise on unsafe arguments in test mode

In order to more easily catch issues that would produce warnings in production
code.
 2022-01-28 00:43:56 +01:00
Claire
14c69a535b
Fix some old database migrations (#17379) 2022-01-27 18:13:41 +01:00
dependabot[bot]
4942a7ce86
Bump pg from 1.2.3 to 1.3.0 (#17349) 
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.3 to 1.3.0.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.3...v1.3.0)

---
updated-dependencies:
- dependency-name: pg
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-27 20:26:40 +09:00
dependabot[bot]
497b8eedda
Bump axios from 0.24.0 to 0.25.0 (#17354) 
Bumps [axios](https://github.com/axios/axios) from 0.24.0 to 0.25.0.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-27 20:26:18 +09:00
dependabot[bot]
df78d83e95
Bump rdf-normalize from 0.4.0 to 0.5.0 (#17226) 
Bumps [rdf-normalize](https://github.com/ruby-rdf/rdf-normalize) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/ruby-rdf/rdf-normalize/releases)
- [Commits](https://github.com/ruby-rdf/rdf-normalize/compare/0.4.0...0.5.0)

---
updated-dependencies:
- dependency-name: rdf-normalize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-27 20:25:18 +09:00
Claire
166cc5b89d
Fix local distribution of edited statuses (#17380) 
Because `FanOutOnWriteService#update?` was broken, edits were considered as new
toots and a regular `update` payload was sent.
 2022-01-26 20:53:50 +01:00
Su Yang
10188c7db7
Add healthcheck for sidekiq (#17365) 2022-01-26 18:08:49 +01:00
Eugen Rochko
6505b39e5d
Fix poll updates being saved as status edits (#17373) 
Fix #17344
 2022-01-26 18:05:39 +01:00
dependabot[bot]
bebf9bf33f
Bump sass from 1.48.0 to 1.49.0 (#17352) 
Bumps [sass](https://github.com/sass/dart-sass) from 1.48.0 to 1.49.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.48.0...1.49.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 21:25:26 +09:00
dependabot[bot]
f0d73d82f8
Bump json-ld-preloaded from 3.1.6 to 3.2.0 (#17353) 
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.6 to 3.2.0.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.6...3.2.0)

---
updated-dependencies:
- dependency-name: json-ld-preloaded
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 21:23:42 +09:00
dependabot[bot]
7b2c733dfc
Bump fabrication from 2.23.1 to 2.24.0 (#17356) 
Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.23.1 to 2.24.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/commits)

---
updated-dependencies:
- dependency-name: fabrication
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 21:22:51 +09:00
dependabot[bot]
cea00f593e
Bump sidekiq from 6.3.1 to 6.4.0 (#17350) 
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.3.1 to 6.4.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.3.1...v6.4.0)

---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 21:22:10 +09:00
dependabot[bot]
69cb20bca4
Bump @babel/plugin-transform-runtime from 7.16.8 to 7.16.10 (#17361) 
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.16.8 to 7.16.10.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.10/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:52:40 +09:00
dependabot[bot]
daf2d8952d
Bump cld3 from 3.4.3 to 3.4.4 (#17357) 
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.4.3 to 3.4.4.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.4.3...v3.4.4)

---
updated-dependencies:
- dependency-name: cld3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:48:05 +09:00
dependabot[bot]
2dfb67f0c9
Bump aws-sdk-s3 from 1.111.1 to 1.111.3 (#17368) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.111.1 to 1.111.3.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:46:52 +09:00
dependabot[bot]
029d89bfea
Bump bootsnap from 1.10.1 to 1.10.2 (#17367) 
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.10.1...v1.10.2)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:45:45 +09:00
dependabot[bot]
ee7fafe1c8
Bump node-fetch from 2.6.1 to 2.6.7 (#17366) 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:44:01 +09:00
dependabot[bot]
2033ca6b31
Bump nanoid from 3.1.23 to 3.2.0 (#17342) 
Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.23 to 3.2.0.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.1.23...3.2.0)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:41:22 +09:00
dependabot[bot]
4b5629cc3d
Bump @babel/preset-env from 7.16.8 to 7.16.11 (#17358) 
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.16.8 to 7.16.11.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.11/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:39:43 +09:00
dependabot[bot]
0d82c0359d
Bump rubocop from 1.24.1 to 1.25.0 (#17322) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.24.1 to 1.25.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.24.1...v1.25.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:39:08 +09:00
dependabot[bot]
d528db801f
Bump @babel/core from 7.16.7 to 7.16.12 (#17360) 
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.16.7 to 7.16.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.12/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-25 20:34:55 +09:00
dependabot[bot]
808e7cd906
Bump rails from 6.1.4.1 to 6.1.4.4 (#17159) 
* Bump rails from 6.1.4.1 to 6.1.4.4

Bumps [rails](https://github.com/rails/rails) from 6.1.4.1 to 6.1.4.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.4.1...v6.1.4.4)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Revert marcel to 1.0.1

Avoid some regression that need to be investigated

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-25 20:34:37 +09:00
Wonderfall
244726e2e8
disable legacy XSS filtering (#17289) 
Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.
 2022-01-24 13:14:26 +01:00
Claire
dd63923c0a
Fix link_to_login argument handling when a block is passed (#17345) 2022-01-24 03:29:03 +01:00