Commit graph

5191 commits

Author SHA1 Message Date
Yamagishi Kazutoshi
f464f98fd3 Update Ruby to version 2.4.4 (#6964)
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems
2018-04-01 23:43:08 +02:00
Emelia Smith
6a895e1ab3 Fix: Prevent submission using same logic as submit button disabling. (#6993)
This prevents submission through ctrl/cmd+enter when the submit button is disabled.
2018-04-01 22:19:43 +02:00
luzi82
993ce0e5a7 improve zh-HK localization by referring zh-TW and zh-CN (#6988) 2018-04-01 21:57:26 +09:00
Marcin Mikołajczak
929f58f180 i18n: Update Polish translation (#6985)
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-04-01 10:31:38 +02:00
mayaeh
b7d633c1bb i18n: Add Japanese translations for domain blocks (#6979)
* run yarn manage:translations

* Update Japanese translations for domain blocks.
2018-03-31 21:09:39 +09:00
Daniel Hunsaker
3886bfb5eb [Nanobox] Enable ElasticSearch support by default (#6977)
Admins can still disable the feature by adding `ES_ENABLED=false` to their environment, if they prefer not to use it. Be sure to set the variable before you deploy!
2018-03-31 13:17:25 +02:00
unarist
fb3dc00dda Ignore AbortError when cancelled sharing (#6978)
`navigator.share()` rejects Promise if user cancelled sharing, and it may
print it as an error on JavaScript console.

This patch ignores it and prints other errors on the console.
2018-03-31 13:16:38 +02:00
ThibG
e573bb0990 Fix compatibility with PeerTube (#6968)
* Support fetching objects of convertible types by URL (fixes #6924)

* Ignore invalid hashtags
2018-03-30 15:44:54 +02:00
ThibG
a6c129ddbd Add some UI for user-defined domain blocks (#6628)
* Keep list of blocked domains

Might be overkill, but I'm trying to follow the same logic as for blocked users

* Add basic domain block UI

* Add the domain blocks UI to Getting Started

* Fix undefined URL in `fetchDomainBlocks`

* Update all known users' domain_blocking relationship instead of just one's
2018-03-30 12:38:00 +02:00
Pierre-Morgan Gate
47cee7cc8e Upgrade charlock_holmes to version 0.7.6 (#6966)
This version fixes compilation errors when trying to build its native extension with ICU 61.
2018-03-30 09:52:44 +02:00
takayamaki
947eedcab2 update ja locale (#6965)
related https://github.com/tootsuite/mastodon/pull/6956
2018-03-30 10:04:04 +09:00
Emelia Smith
d1f34151ae Feature: Direct message from menu (#6956)
* Implement ability to send direct messages from the user menu

* Implement message warning users that direct messages are visible to all mentioned users

* Update locales
2018-03-29 19:08:34 +02:00
unarist
f1f846045f Fix ReferenceError when Cache API is missing (#6953)
Cache API is not supported on Safari 11.0 / iOS 11.

Since those caching is optional, this patch simply ignores it.
2018-03-29 14:57:02 +02:00
unarist
41452e8302 Fix TypeError on follow notification (#6950)
`notification.status` may not be present, e.g. follow notification.
2018-03-29 12:59:12 +02:00
ThibG
9ed5eebd7c Do not ignore unknown media attachments, only skip them (#6948)
That way, they are displayed in a list below the corresponding toot.
2018-03-29 00:52:24 +02:00
Yuto Tokunaga
5021c4e9ca Add double-tap zoom functionary to ZoomableImage (#6944)
add <div.zoomable-image__margin/> to keep margin of the image on zooming
move setting `scrollLeft` and `scrollTop` of container from callback of
`setState` to `componentDidUpdate`
add 'hammerjs' package for touch gesture detection
rewrite `ZoomableImage` using 'hammerjs'
2018-03-28 20:40:51 +02:00
Akihiko Odaki
4f9136d2d5 Document CORS requirement for asset host (#6941) 2018-03-28 20:40:18 +02:00
unarist
3523aa440b Fix LoadMore on account media gallery (#6933)
max_id in the fetch request should be a status id, but media attachment id was used.
2018-03-27 16:53:52 +02:00
unarist
f5ed5f3860 Clone response before put it to the cache (#6932)
`Response.prototype.clone()` must be called before the response used.

This fixes an error from ServiceWorker and failing to load image when the
image is not cached.
2018-03-27 15:18:35 +02:00
unarist
2f3ac14a43 Add missing null handling in notification reducer (#6930)
This patch adds null item (i.e. gap) handling on below functions to avoid TypeError.

* `filterNotifications` called on user mute/block
* `deleteByStatus` called on status deletion
2018-03-27 13:05:59 +02:00
Akihiko Odaki
ca42f9b0eb Cache media (#6902) 2018-03-27 12:32:30 +02:00
Yuto Tokunaga
31e7b73084 fix #6846 (#6914) 2018-03-27 12:30:28 +02:00
unarist
a1d0915585 Add a spec for UniqueUsernameValidator (#6927)
Note that this spec has a pending test about dots in the username,
because allowing it has been reverted for now.
2018-03-27 05:22:58 +02:00
Eugen Rochko
2a90da1837
Fix UniqueUsernameValidator comparison (#6926)
Comparison was downcasing only one side, therefore if previously
existing account had a non-lowercase spelling, it would be ignored
when checking for duplicates.

New rake task `mastodon:maintenance:find_duplicate_usernames` will
help find constraint violations that might have occured from the
presence of this bug.

Bump version to 2.3.3
2018-03-27 04:33:57 +02:00
Akihiko Odaki
40e5d2303b Validate HTTP response length while receiving (#6891)
to_s method of HTTP::Response keeps blocking while it receives the whole
content, no matter how it is big. This means it may waste time to receive
unacceptably large files. It may also consume memory and disk in the
process. This solves the inefficency by checking response length while
receiving.
2018-03-26 14:02:10 +02:00
Stephen Burgess
18965cb0e6 feat(ShowMore): Add classname to show more/show less button (#6904) 2018-03-26 13:59:44 +02:00
Yuto Tokunaga
f691afaae9 Refactor scss (#6913)
* Refactoring scss

introduce scss variables for the media modal
fix css block structure corresponding to react components
fix flex layouts
remove background image of the loaded image on the media modal

* Fix typo
2018-03-26 13:59:21 +02:00
unarist
605a92b460 Fix moved account handling in IndexedDB feature (#6915)
* Fix stack overflow on importFetchedAccounts

  When the account has moved property, it should process destination
  account instead of source account itself.

* Set account id instead of account object for moved property

  This restores "foo has moved to" indication on account view, and
  fixes `reblog` index on `accounts` object store.
2018-03-26 12:48:01 +02:00
Yann Klis
3b2c7a33a9 Missing OTP_SECRET in scalingo.json (#6917) 2018-03-26 12:47:34 +02:00
Marcin Mikołajczak
85a395fab6 i18n: Update Polish translation (#6903)
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-03-25 23:33:07 +09:00
Akihiko Odaki
cbf97c03bb Allow clients to fetch notifications made while they were offline (#6886) 2018-03-24 22:07:23 +01:00
Akihiko Odaki
9a1a55ce52 Allow clients to fetch statuses made while they were offline (#6876) 2018-03-24 15:25:15 +01:00
Akihiko Odaki
59657e24b9 Rename variables to have semantic meanings in notifications reducer (#6890) 2018-03-24 13:36:44 +01:00
Akihiko Odaki
fe398a098e Store objects to IndexedDB (#6826) 2018-03-24 13:06:27 +01:00
Yamagishi Kazutoshi
28384c1771 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
This reverts commit 40871caa4b.
2018-03-24 12:52:45 +01:00
Akihiko Odaki
ff7941e652 Show media modal on public pages (#6801) 2018-03-24 12:52:26 +01:00
Marcin Mikołajczak
1c15329cce Change “Toots with replies” to “Toots and replies” (#6875)
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-03-24 12:51:51 +01:00
Akihiko Odaki
b2a4ffd3a9 Change columns in notifications nonnullable (#6764) 2018-03-24 12:51:28 +01:00
Akihiko Odaki
fa310695fa Note if the user is already following the target when authorizing follow (#6325) 2018-03-24 12:50:41 +01:00
Jeroen
580835ab69 Invites: Add '1 week' as expire option (#6872)
* Invites: Add '1 week' as expire option

IMO a max. of 1 day is too short. Not everyone has the time and motivation to use an invite in a 24 hour period. 1 week as a max. is I think a good compromise between convenience and security.

* Invites: Add '1 week' as expire option

IMO a max. of 1 day is too short. Not everyone has the time and motivation to use an invite in a 24 hour period. 1 week as a max. is I think a good compromise between convenience and security.

* Update en.yml
2018-03-24 12:50:14 +01:00
Akihiko Odaki
54b273bf99 Close http connection in perform method of Request class (#6889)
HTTP connections must be explicitly closed in many cases, and letting
perform method close connections makes its callers less redundant and
prevent them from forgetting to close connections.
2018-03-24 12:49:54 +01:00
Akihiko Odaki
4e71b104e6 Internationalize unexpected error message (#6887) 2018-03-24 10:54:19 +01:00
Yamagishi Kazutoshi
65c10c0bc8 Weblate translations (2018-03-23) (#6874)
* Translated using Weblate (Galician)

Currently translated at 100.0% (587 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/gl/

* Translated using Weblate (Dutch)

Currently translated at 100.0% (587 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/nl/

* Translated using Weblate (Catalan)

Currently translated at 100.0% (587 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ca/

* Translated using Weblate (Arabic)

Currently translated at 76.4% (449 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/

* Translated using Weblate (Japanese)

Currently translated at 99.8% (586 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ja/

* Translated using Weblate (Slovak)

Currently translated at 92.3% (542 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/

* Translated using Weblate (Slovak)

Currently translated at 92.3% (542 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/sk/

* Translated using Weblate (Slovak)

Currently translated at 100.0% (58 of 58 strings)

Translation: Mastodon/Preferences
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/sk/

* Translated using Weblate (Polish)

Currently translated at 98.9% (581 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/pl/

* Translated using Weblate (French)

Currently translated at 99.6% (585 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/fr/

* Translated using Weblate (Portuguese (Brazil))

Currently translated at 99.8% (586 of 587 strings)

Translation: Mastodon/Backend
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/pt_BR/

* Translated using Weblate (Catalan)

Currently translated at 100.0% (280 of 280 strings)

Translation: Mastodon/React
Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ca/

* bundle exec i18n-tasks normalize && yarn manage:translations
2018-03-24 01:04:02 +01:00
Quentí
ecdc5957a3 [i18n] Occitan update (#6869)
* Update oc.yml

* Update simple_form.oc.yml

* Update oc.json

* Update oc.yml

* bundle exec i18n-tasks normalize
2018-03-23 18:52:25 +09:00
Eugen Rochko
6cc432bbc4
Bump version to 2.3.2 2018-03-22 14:13:46 +01:00
Eugen Rochko
dafae9818d
Bump version to 2.3.2rc5 2018-03-22 11:31:52 +01:00
Eugen Rochko
9fe1619db9
Do not re-query mentions from serializers (#6858)
Fix performance regression from #6836
2018-03-22 11:31:17 +01:00
Eugen Rochko
da70aca28e
Restore username validation to disallow dots, for now (#6863)
Usernames with dots in them do not work with routes, because the dot usually separates the desired page format (e.g. json). I don't want to mess with changing route constraints for this patch release.
2018-03-22 11:30:22 +01:00
ThibG
6f531d140b Fix MENTION_RE to not match nil usernames (#6862) 2018-03-22 10:45:48 +01:00
Eugen Rochko
f66a786029
Hide floating action button on thread views (#6859) 2018-03-22 09:33:14 +01:00