zelo72
/
mastodon
mirror of https://github.com/mastodon/mastodon
2
2
Fork 1
Code Issues 9 Releases Wiki Activity
11,718 Commits 82 Branches 252 Tags 937 MiB
Commit Graph

11718 Commits

Author SHA1 Message Date
Claire a3d31ffc1e Bump version to v3.5.12 2023-07-31 14:33:27 +02:00
Emelia Smith 50f4af28b0 Fix: Streaming server memory leak in HTTP EventSource cleanup (#26228) 2023-07-31 14:33:27 +02:00
Claire e655b35d7e Fix incorrect connect timeout in outgoing requests (#26116) 2023-07-31 14:33:27 +02:00
Claire 80c00f4aa5 Bump version to v3.5.11 2023-07-21 16:07:24 +02:00
Claire 1a0192537d Add check preventing Sidekiq workers from running with Makara configured (#25850) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-07-21 16:07:24 +02:00
Claire 668cd00e13 Fix testsuite failure introduced in last release 2023-07-21 16:07:24 +02:00
Claire 0bd52de492 Fix CSP headers being unintendedly wide (#26105) 2023-07-21 16:07:24 +02:00
Claire ced65ffbb4 Change request timeout handling to use a longer deadline (#26055) 2023-07-21 16:07:24 +02:00
Claire 6398fc0b66 Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-21 16:07:24 +02:00
Claire 7709bbba65 Fix remote accounts being possibly persisted to database with incomplete protocol values (#25886) 2023-07-21 16:07:24 +02:00
Michael Stanclift 4f6d121b24 Fix trending publishers table not rendering correctly on narrow screens (#25945) 2023-07-21 16:07:24 +02:00
Claire 687421ebbe Bump version to v3.5.10 2023-07-07 19:35:24 +02:00
Claire 517c4a8a7a Fix processing of media files with unusual names (#25788) 2023-07-07 19:35:24 +02:00
Claire dca0d8427e Fix crash in admin interface when viewing a remote user with verified links (#25796) 2023-07-07 19:35:24 +02:00
Claire b10c974ba1 Bump version to v3.5.9 2023-07-06 15:08:10 +02:00
Claire ca4b23bf0d
Merge pull request from GHSA-55j9-c3mp-6fcq 2023-07-06 15:06:49 +02:00
Claire 32e5a9f053
Merge pull request from GHSA-9pxv-6qvf-pjwc 
* Fix timeout handling of outbound HTTP requests

* Use CLOCK_MONOTONIC instead of Time.now
 2023-07-06 15:06:24 +02:00
Claire 987f909994
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Claire c02fa93c57
Merge pull request from GHSA-ccm4-vgcc-73hp 
* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
 2023-07-06 15:03:33 +02:00
Claire c309011346 Add hardened headers to user-uploaded files 2023-07-06 14:34:59 +02:00
Claire 6b538225af Update rack, rails, nokogiri, omniauth, sanitize and doorkeeper gems 2023-07-06 13:46:21 +02:00
Renaud Chaput 3c72c7b34e Allow carets in URL search params (#25216) 2023-07-06 13:46:21 +02:00
Vyr Cossont 07f60ffcbb Fix Redis client and type errors introduced in #24285 (#24342) 2023-07-06 13:46:21 +02:00
Vyr Cossont c1467453f6 IndexingScheduler: fetch and import in batches (#24285) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-07-06 13:46:21 +02:00
Emelia Smith 00e65a77df Prevent UserCleanupScheduler from overwhelming streaming (#25519) 2023-07-06 13:46:21 +02:00
Daniel M Brasil f9521bc2b5 Fix incorrect pagination headers in `/api/v2/admin/accounts` (#25477) 2023-07-06 13:46:21 +02:00
Emelia Smith e4bff6cd76 Fix logging of messages that are binary before closing their connection (#25361) 2023-07-06 13:46:21 +02:00
Emelia Smith 6f819c7071 Fix performance of streaming by parsing message JSON once (#25278) 2023-07-06 13:46:21 +02:00
Claire 4aa1c4e2ad Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-07-06 13:46:21 +02:00
Daniel M Brasil 176ae71fd4 Fix `tootctl accounts approve --number N` not aproving N earliest registrations (#24605) 2023-07-06 13:46:21 +02:00
Claire feac95333f Change profile updates to be sent to recently-mentioned servers (#24852) 2023-07-06 13:46:21 +02:00
Claire bb1e7e112e Fix being able to vote on your own polls (#25015) 2023-07-06 13:46:21 +02:00
Claire e233060ea5 Fix race condition when reblogging a status (#25016) 2023-07-06 13:46:21 +02:00
Claire 3faebae2d1 Change OpenGraph-based embeds to allow fullscreen (#25058) 2023-07-06 13:46:21 +02:00
Claire 95f59da157 Fix “Authorized applications” inefficiently and incorrectly getting last use date (#25060) 2023-07-06 13:46:21 +02:00
Claire 6f94b4ae19 Remove invalid X-Frame-Options: ALLOWALL (#25070) 2023-07-06 13:46:21 +02:00
Claire 283184b390 Change Identity to not destroy associated User on destroy (#25098) 2023-07-06 13:46:21 +02:00
Claire d54980ef2d Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-07-06 13:46:21 +02:00
Claire 08579976e0 Fix ArgumentError when loading newer Private Mentions (#25399) 2023-07-06 13:46:21 +02:00
Claire ff3f40a675 Fix multiple N+1s in ConversationsController (#25134) 2023-07-06 13:46:21 +02:00
Claire 0dce749192 Fix user archive takeouts when using OpenStack Swift (#24431) 2023-07-06 13:46:21 +02:00
Claire 1bd831b9a9 Bump version to v3.5.8 2023-04-04 12:38:58 +02:00
Claire 55144262d0 Fix unescaped user input in LDAP query (#24379) 
Fix CVE-2023-28853
 2023-04-04 12:38:58 +02:00
Claire 40438675f8 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-04 12:38:58 +02:00
Claire 0f4c908b64 Fix invalid/expired invites being processed on sign-up (#24337) 2023-04-04 12:38:58 +02:00
Sai 3eb5b47768 Upgrade Ruby to 3.0.6 (#24332) 2023-04-04 12:38:58 +02:00
Robert R George 520e9cc765 Wrap db:setup with Chewy.strategy(:mastodon) (#24302) 2023-04-04 12:38:58 +02:00
Claire d25493e262 Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:38:58 +02:00
Claire 3d67a9329e Fix crash in `tootctl` commands making use of parallelization when Elasticsearch is enabled (#24182) 2023-04-04 12:38:58 +02:00
Claire 547634dfa6 Bump version to v3.5.7 2023-03-16 22:50:15 +01:00