chinwag/chinwagsocial
chinwag/chinwagsocial
2
0
Fork 0
Code Issues Pull requests Releases 7 Wiki Activity
13427 commits 7 branches 332 tags 886 MiB
Commit graph

2451 commits

Author SHA1 Message Date
Mike
bd7ce0d5f9 Merge tag 'v4.1.12' 2024-01-30 21:39:45 +11:00
Claire
2e8943aecd Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-24 15:31:06 +01:00
Mike
fc58fc207f Merge tag 'v4.1.11' into chinwag-4.1 2023-12-18 19:21:59 +11:00
Claire
ff3a9dad0d Fix error and incorrect URLs in /api/v1/accounts/:id/featured_tags for remote accounts (#27459) 2023-12-04 15:28:02 +01:00
Claire
78e457614c Change Content-Security-Policy to be tighter on media paths (#26889) 2023-12-04 15:28:02 +01:00
Mike Barnes
d9dfd09ac8 Merge tag 'v4.1.8' into chinwag-4.1 2023-09-20 13:37:47 +10:00
Mike
6f3094cfbd Merge tag 'v4.0.9' 2023-09-19 13:42:45 +10:00
Claire
889102013f Fix CSP headers being unintendedly wide (#26105) 2023-07-21 16:07:43 +02:00
Claire
efd066670d Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-21 16:07:43 +02:00
Claire
c46aa2348e Add check preventing Sidekiq workers from running with Makara configured (#25850) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-07-21 16:07:35 +02:00
Claire
fc4a93b937 Fix CSP headers being unintendedly wide (#26105) 2023-07-21 16:07:35 +02:00
Claire
73b16b674d Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-21 16:07:35 +02:00
Claire
69c8f26946
Add check preventing Sidekiq workers from running with Makara configured (#25850) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-07-21 14:18:04 +02:00
Mike
b45ba2d672 Merge tag 'v4.0.5' 2023-07-07 01:51:21 +10:00
Claire
2119aadf0a
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Claire
f626e0d228 Add hardened headers to user-uploaded files (#25756) 2023-07-06 14:33:32 +02:00
Renaud Chaput
94c67e8bfd Allow carets in URL search params (#25216) 2023-07-06 13:45:58 +02:00
Claire
04f76675d1 Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:58 +02:00
Claire
41a0a3c87f Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-07-06 13:45:58 +02:00
Claire
0b627dcf9e Fix being able to vote on your own polls (#25015) 2023-07-06 13:45:58 +02:00
Renaud Chaput
8eb1bb8ba6 Allow carets in URL search params (#25216) 2023-07-06 13:45:40 +02:00
Claire
e65e3a6d14 Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:40 +02:00
Claire
a197fc094f Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-07-06 13:45:40 +02:00
Claire
cca464bce3 Fix being able to vote on your own polls (#25015) 2023-07-06 13:45:40 +02:00
Mike
d3d4497f09 Merge tag 'v4.0.4' 2023-07-05 21:13:10 +10:00
Claire
4eaa6d58b2 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-04 12:41:27 +02:00
Claire
ae64c5b7ec Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:41:27 +02:00
Claire
448986438e Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-04 12:39:56 +02:00
Claire
aa37eeadf3 Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:39:56 +02:00
Claire
9715a211c7 Add warning for object storage misconfiguration (#24137) 2023-03-16 22:49:35 +01:00
Eugen Rochko
a6217bd035 Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:49:35 +01:00
Claire
6a7b91a038 Add warning for object storage misconfiguration (#24137) 2023-03-16 22:48:42 +01:00
Eugen Rochko
6db76875fd Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:48:42 +01:00
Eugen Rochko
59a2fe32ff Add cache headers to static files served through Rails (#24120) 2023-03-16 11:43:18 +01:00
Eugen Rochko
5cc39a3810 Add SENDFILE_HEADER environment variable (#24123) 2023-03-16 11:42:41 +01:00
CSDUMMI
4e02c7dc2c Support the PROXY protocol through the PROXY_PROTO_V1 env variable (#24064) 2023-03-16 11:42:27 +01:00
Thijs Kinkhorst
c44ddbdb3e Fix paths with url-encoded @ to redirect to the correct path (#23593) 2023-03-14 10:00:19 +01:00
Claire
d6f1bd2e08 Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-14 09:59:56 +01:00
Claire
ad77e8a2fb Fix /api/v1/streaming sub-paths not being redirected (#23988) 2023-03-14 09:59:38 +01:00
Eugen Rochko
0f2e8476e0 Fix pgBouncer resetting application name on every transaction (#23958) 2023-03-14 09:59:30 +01:00
Claire
c22c4247d9 Fix server error when failing to follow back followers from /relationships (#23787) 2023-03-14 09:58:26 +01:00
Claire
2a37dc7967 Change unintended SMTP read timeout from 5 seconds to 20 seconds (#23750) 2023-03-13 18:49:38 +01:00
Thijs Kinkhorst
40ae8d5e03 Fix paths with url-encoded @ to redirect to the correct path (#23593) 2023-03-13 18:46:57 +01:00
Claire
479b66637b Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-13 18:44:09 +01:00
Claire
4bfbeb8139 Fix /api/v1/streaming sub-paths not being redirected (#23988) 2023-03-13 18:43:04 +01:00
Eugen Rochko
2fed61a477 Fix pgBouncer resetting application name on every transaction (#23958) 2023-03-13 18:42:45 +01:00
Claire
aff3f850de Fix server error when failing to follow back followers from /relationships (#23787) 2023-03-13 18:39:35 +01:00
Eugen Rochko
71ae17e8f5
New Crowdin updates (#23413) 
* New translations en.json (Esperanto)

* New translations en.yml (Slovak)

* New translations en.json (Burmese)

* New translations en.yml (Korean)

* New translations en.json (Burmese)

* New translations en.json (Burmese)

* New translations en.yml (Finnish)

* New translations simple_form.en.yml (Finnish)

* New translations en.json (Burmese)

* New translations en.yml (Burmese)

* New translations en.yml (Burmese)

* New translations en.json (Burmese)

* New translations activerecord.en.yml (Burmese)

* New translations en.yml (Burmese)

* New translations activerecord.en.yml (Burmese)

* New translations en.json (German)

* New translations simple_form.en.yml (German)

* New translations en.json (Catalan)

* New translations en.yml (Burmese)

* New translations en.yml (Burmese)

* New translations en.yml (Russian)

* New translations doorkeeper.en.yml (Russian)

* New translations simple_form.en.yml (Russian)

* New translations en.json (Russian)

* New translations en.json (Belarusian)

* New translations en.json (Belarusian)

* New translations en.json (Esperanto)

* New translations en.yml (Esperanto)

* New translations doorkeeper.en.yml (Korean)

* New translations en.json (Burmese)

* New translations en.yml (Slovak)

* New translations en.yml (Belarusian)

* New translations simple_form.en.yml (Belarusian)

* New translations simple_form.en.yml (Esperanto)

* New translations doorkeeper.en.yml (Esperanto)

* New translations activerecord.en.yml (Esperanto)

* New translations devise.en.yml (Esperanto)

* New translations en.yml (English, United Kingdom)

* New translations en.yml (Asturian)

* New translations simple_form.en.yml (Asturian)

* New translations en.yml (Asturian)

* New translations doorkeeper.en.yml (Asturian)

* New translations en.json (Asturian)

* New translations en.yml (Asturian)

* New translations en.json (Asturian)

* New translations en.json (Korean)

* New translations en.yml (Korean)

* New translations en.json (Korean)

* New translations en.yml (Korean)

* New translations devise.en.yml (Korean)

* New translations simple_form.en.yml (Korean)

* New translations en.json (Welsh)

* New translations en.yml (Welsh)

* New translations simple_form.en.yml (Welsh)

* New translations activerecord.en.yml (Welsh)

* New translations devise.en.yml (Welsh)

* New translations doorkeeper.en.yml (Welsh)

* New translations en.yml (Burmese)

* New translations en.yml (Burmese)

* New translations en.yml (Burmese)

* New translations en.json (Silesian)

* New translations en.yml (Occitan)

* New translations en.yml (Turkish)

* New translations simple_form.en.yml (Turkish)

* New translations en.json (Occitan)

* New translations activerecord.en.yml (Turkish)

* New translations doorkeeper.en.yml (Turkish)

* Normalize

* Remove unused locales

---------

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
 2023-02-11 05:42:08 +09:00
Nick Schonning
f23d30100a
Cleanup unused i18n strings (#23426) 
* Remove partial 422/500 error translations

* Add missing siblings for i18n unused warnings

* Enable i18n unused string checking for all locales
 2023-02-09 22:46:42 +09:00