zelo72
/
mastodon
mirror of https://github.com/mastodon/mastodon
2
2
Fork 1
Code Issues 9 Releases Wiki Activity
12,451 Commits 87 Branches 252 Tags 935 MiB
Commit Graph

12451 Commits

Author SHA1 Message Date
Claire e5726d211f Bump version to v4.0.15 2024-02-16 11:57:29 +01:00
Claire c78c003272
Merge pull request from GHSA-jhrq-qvrm-qr36 
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
 2024-02-16 11:56:12 +01:00
Claire a745854557 Fix user creation failure handling in OmniAuth paths (#29207) 
Co-authored-by: Matt Jankowski <matt@jankowski.online>
 2024-02-14 23:21:52 +01:00
Claire 9f83a0aad2 Bump version to v4.0.14 2024-02-14 15:17:10 +01:00
Claire 1f0e040cb8
Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-14 15:16:07 +01:00
Claire c107375035
Merge pull request from GHSA-7w3c-p9j8-mq3x 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
 2024-02-14 15:15:34 +01:00
Claire 6b111f2a18 Add `sidekiq_unique_jobs:delete_all_locks` task and disable `sidekiq-unique-jobs` UI by default (#29199) 2024-02-14 13:18:01 +01:00
Emelia Smith 865a775456 Disable administrative doorkeeper routes (#29187) 2024-02-14 11:44:25 +01:00
blah 95975b9db7 Update dependency sidekiq-unique-jobs to 7.1.33 2024-02-14 11:44:25 +01:00
blah 4590ca1852 Update dependency nokogiri to 1.16.2 2024-02-14 11:44:25 +01:00
Claire befd534eb8
Merge pull request from GHSA-3fjr-858r-92rw 
* Fix insufficient origin validation

* Bump version to v4.0.13
 2024-02-01 15:56:46 +01:00
Claire 60a78595b0
Update dependencies (#27352) 2023-10-10 14:54:02 +02:00
Claire 16bd6edaa8 Bump version to v4.0.12 2023-10-10 13:51:14 +02:00
Matt Jankowski 905baaaff2 Dont match mention in url query string (#25656) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-10-10 13:51:14 +02:00
Claire 26f24f4de0 Add a short-lived lock to trend refresh scheduler (#27253) 2023-10-10 13:51:14 +02:00
David Aaron 0b10485a87 Change min age of backup policy from 1 week to 6 days (#27200) 2023-10-10 13:51:14 +02:00
Jakob Gillich 93bb9ae676 Fix importer returning negative row estimates (#27258) 2023-10-10 13:51:14 +02:00
Claire d25cbac8a2 Change some worker lock TTLs (#27246) 2023-10-10 13:51:14 +02:00
Claire f95015827d Fix filtering audit log for entries about disabling 2FA (#27186) 2023-10-10 13:51:14 +02:00
Essem 44d12a8580 Properly remove tIME chunk from PNG uploads (#27111) 2023-10-10 13:51:14 +02:00
Claire 19af772dbd Fix crash when filtering for “dormant” relationships (#27306) 2023-10-10 13:51:14 +02:00
Claire e5772c9e55 Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116) 2023-10-10 13:51:14 +02:00
Claire 89f98f4b63
Bump version to v4.0.11 (#26996) 2023-09-20 17:25:00 +02:00
Claire 481e1d4e0e
Fix post translation erroring out (v4.0.x) (#26991) 2023-09-20 15:59:53 +02:00
Claire 3d8ae6ab73 Bump version to v4.0.10 2023-09-19 17:01:32 +02:00
Claire 5c64f01b19 Fix moderator rights inconsistencies (#26729) 2023-09-19 17:01:32 +02:00
Claire 57acad0e9f Fix crash when encountering invalid URL (#26814) 2023-09-19 17:01:32 +02:00
Claire 3ab722a79c Fix cached posts including stale stats (#26409) 2023-09-19 17:01:32 +02:00
Nicolai Søborg 871e63edff Fix `frame_rate` for videos where `ffprobe` reports 0/0 (#26500) 2023-09-19 17:01:32 +02:00
yufushiro bc4408db08 Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (#26608) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-09-19 17:01:32 +02:00
Claire 9ae857c035
Merge pull request from GHSA-v3xf-c9qf-j667 2023-09-19 16:53:58 +02:00
Claire 9fa89dbdcb
Merge pull request from GHSA-2693-xr3m-jhqr 2023-09-19 16:53:21 +02:00
Claire 75400abe0b
Change Dockerfile to upgrade packages when building (#26930) 
Co-authored-by: Renaud Chaput <renchap@gmail.com>
 2023-09-18 08:32:00 +02:00
Claire 7df732e9a9
Update actions for stable-4.0 (#26813) 
Co-authored-by: Renaud Chaput <renchap@gmail.com>
 2023-09-06 12:18:28 +02:00
Claire a9915c596b Bump version to v4.0.9 2023-09-05 18:51:01 +02:00
Claire 48fbb9d53d Fix Dockerfile installing incompatible npm version (#26803) 2023-09-05 18:51:01 +02:00
Emelia Smith d3e97e8c23 Allow reports with long comments from remote instances, but truncate (#25028) 2023-09-05 18:51:01 +02:00
Daniel M Brasil db8db60244 Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237) 2023-09-05 18:51:01 +02:00
Claire d30fbc0900 Fix blocking subdomains of an already-blocked domain (#26392) 2023-09-05 18:51:01 +02:00
Claire a62d9a9a78 Change text extraction in `PlainTextFormatter` to be faster (#26727) 2023-09-05 18:51:01 +02:00
Claire 2b0cabe0d7
Backport container build changes to the stable-4.0 branch (#26741) 
Co-authored-by: Renaud Chaput <renchap@gmail.com>
 2023-08-31 19:54:13 +02:00
Claire e3c57f1add Bump version to v4.0.8 2023-07-31 14:33:14 +02:00
Renaud Chaput 879b8b69d3 Fix missing return values in streaming (#26233) 2023-07-31 14:33:14 +02:00
Emelia Smith 8018d478ab Fix: Streaming server memory leak in HTTP EventSource cleanup (#26228) 2023-07-31 14:33:14 +02:00
Claire fea5640374 Fix incorrect connect timeout in outgoing requests (#26116) 2023-07-31 14:33:14 +02:00
Emelia Smith 663f801337 Refactor streaming's filtering logic & improve documentation (#26213) 2023-07-31 14:33:14 +02:00
Claire f52763d926 Fix wrong filters sometimes applying in streaming (#26159) 2023-07-31 14:33:14 +02:00
Claire 10fcccedf2 Bump version to v4.0.7 2023-07-21 16:07:35 +02:00
Claire c46aa2348e Add check preventing Sidekiq workers from running with Makara configured (#25850) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-07-21 16:07:35 +02:00
Claire fc4a93b937 Fix CSP headers being unintendedly wide (#26105) 2023-07-21 16:07:35 +02:00