Claire
e5726d211f
Bump version to v4.0.15
2024-02-16 11:57:29 +01:00
Claire
c78c003272
Merge pull request from GHSA-jhrq-qvrm-qr36
...
* Fix insufficient Content-Type checking of fetched ActivityStreams objects
* Allow JSON-LD documents with multiple profiles
2024-02-16 11:56:12 +01:00
Claire
a745854557
Fix user creation failure handling in OmniAuth paths ( #29207 )
...
Co-authored-by: Matt Jankowski <matt@jankowski.online>
2024-02-14 23:21:52 +01:00
Claire
9f83a0aad2
Bump version to v4.0.14
2024-02-14 15:17:10 +01:00
Claire
1f0e040cb8
Merge pull request from GHSA-vm39-j3vx-pch3
...
* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Claire
c107375035
Merge pull request from GHSA-7w3c-p9j8-mq3x
...
* Ensure destruction of OAuth Applications notifies streaming
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
* Ensure password resets revoke access to Streaming API
* Improve performance of deleting OAuth tokens
---------
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
2024-02-14 15:15:34 +01:00
Claire
6b111f2a18
Add sidekiq_unique_jobs:delete_all_locks
task and disable sidekiq-unique-jobs
UI by default ( #29199 )
2024-02-14 13:18:01 +01:00
Emelia Smith
865a775456
Disable administrative doorkeeper routes ( #29187 )
2024-02-14 11:44:25 +01:00
blah
95975b9db7
Update dependency sidekiq-unique-jobs to 7.1.33
2024-02-14 11:44:25 +01:00
blah
4590ca1852
Update dependency nokogiri to 1.16.2
2024-02-14 11:44:25 +01:00
Claire
befd534eb8
Merge pull request from GHSA-3fjr-858r-92rw
...
* Fix insufficient origin validation
* Bump version to v4.0.13
2024-02-01 15:56:46 +01:00
Claire
60a78595b0
Update dependencies ( #27352 )
2023-10-10 14:54:02 +02:00
Claire
16bd6edaa8
Bump version to v4.0.12
2023-10-10 13:51:14 +02:00
Matt Jankowski
905baaaff2
Dont match mention in url query string ( #25656 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-10 13:51:14 +02:00
Claire
26f24f4de0
Add a short-lived lock to trend refresh scheduler ( #27253 )
2023-10-10 13:51:14 +02:00
David Aaron
0b10485a87
Change min age of backup policy from 1 week to 6 days ( #27200 )
2023-10-10 13:51:14 +02:00
Jakob Gillich
93bb9ae676
Fix importer returning negative row estimates ( #27258 )
2023-10-10 13:51:14 +02:00
Claire
d25cbac8a2
Change some worker lock TTLs ( #27246 )
2023-10-10 13:51:14 +02:00
Claire
f95015827d
Fix filtering audit log for entries about disabling 2FA ( #27186 )
2023-10-10 13:51:14 +02:00
Essem
44d12a8580
Properly remove tIME chunk from PNG uploads ( #27111 )
2023-10-10 13:51:14 +02:00
Claire
19af772dbd
Fix crash when filtering for “dormant” relationships ( #27306 )
2023-10-10 13:51:14 +02:00
Claire
e5772c9e55
Fix inefficient queries in “Follows and followers” as well as several admin pages ( #27116 )
2023-10-10 13:51:14 +02:00
Claire
89f98f4b63
Bump version to v4.0.11 ( #26996 )
2023-09-20 17:25:00 +02:00
Claire
481e1d4e0e
Fix post translation erroring out (v4.0.x) ( #26991 )
2023-09-20 15:59:53 +02:00
Claire
3d8ae6ab73
Bump version to v4.0.10
2023-09-19 17:01:32 +02:00
Claire
5c64f01b19
Fix moderator rights inconsistencies ( #26729 )
2023-09-19 17:01:32 +02:00
Claire
57acad0e9f
Fix crash when encountering invalid URL ( #26814 )
2023-09-19 17:01:32 +02:00
Claire
3ab722a79c
Fix cached posts including stale stats ( #26409 )
2023-09-19 17:01:32 +02:00
Nicolai Søborg
871e63edff
Fix frame_rate
for videos where ffprobe
reports 0/0 ( #26500 )
2023-09-19 17:01:32 +02:00
yufushiro
bc4408db08
Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough ( #26608 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-09-19 17:01:32 +02:00
Claire
9ae857c035
Merge pull request from GHSA-v3xf-c9qf-j667
2023-09-19 16:53:58 +02:00
Claire
9fa89dbdcb
Merge pull request from GHSA-2693-xr3m-jhqr
2023-09-19 16:53:21 +02:00
Claire
75400abe0b
Change Dockerfile to upgrade packages when building ( #26930 )
...
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-09-18 08:32:00 +02:00
Claire
7df732e9a9
Update actions for stable-4.0 ( #26813 )
...
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-09-06 12:18:28 +02:00
Claire
a9915c596b
Bump version to v4.0.9
2023-09-05 18:51:01 +02:00
Claire
48fbb9d53d
Fix Dockerfile installing incompatible npm version ( #26803 )
2023-09-05 18:51:01 +02:00
Emelia Smith
d3e97e8c23
Allow reports with long comments from remote instances, but truncate ( #25028 )
2023-09-05 18:51:01 +02:00
Daniel M Brasil
db8db60244
Fix /api/v1/timelines/tag/:hashtag
allowing for unauthenticated access when public preview is disabled ( #26237 )
2023-09-05 18:51:01 +02:00
Claire
d30fbc0900
Fix blocking subdomains of an already-blocked domain ( #26392 )
2023-09-05 18:51:01 +02:00
Claire
a62d9a9a78
Change text extraction in PlainTextFormatter
to be faster ( #26727 )
2023-09-05 18:51:01 +02:00
Claire
2b0cabe0d7
Backport container build changes to the stable-4.0 branch ( #26741 )
...
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-08-31 19:54:13 +02:00
Claire
e3c57f1add
Bump version to v4.0.8
2023-07-31 14:33:14 +02:00
Renaud Chaput
879b8b69d3
Fix missing return values in streaming ( #26233 )
2023-07-31 14:33:14 +02:00
Emelia Smith
8018d478ab
Fix: Streaming server memory leak in HTTP EventSource cleanup ( #26228 )
2023-07-31 14:33:14 +02:00
Claire
fea5640374
Fix incorrect connect timeout in outgoing requests ( #26116 )
2023-07-31 14:33:14 +02:00
Emelia Smith
663f801337
Refactor streaming's filtering logic & improve documentation ( #26213 )
2023-07-31 14:33:14 +02:00
Claire
f52763d926
Fix wrong filters sometimes applying in streaming ( #26159 )
2023-07-31 14:33:14 +02:00
Claire
10fcccedf2
Bump version to v4.0.7
2023-07-21 16:07:35 +02:00
Claire
c46aa2348e
Add check preventing Sidekiq workers from running with Makara configured ( #25850 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-21 16:07:35 +02:00
Claire
fc4a93b937
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:35 +02:00