Commit Graph

9159 Commits

Author SHA1 Message Date
131c16f0bc Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:49:40 +09:00
66b014ca50 Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:48:02 +09:00
95155ecbe7 Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:46:56 +09:00
74c2490cdd Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-03-02 21:44:44 +09:00
7d575c669e Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
2020-03-01 22:25:13 +01:00
5393b187c4 Fix elasticsearch-api and faraday incompatibilities (#13166) 2020-02-29 03:05:02 +01:00
ce17cea221 Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords

Fixes #13154

* Refactor
2020-02-29 03:00:43 +01:00
047fde18c3 [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-29 02:57:14 +01:00
7b63c5469e Fix announcements with fully-qualified mention to local user crashing WebUI (#13164) 2020-02-28 13:49:45 +01:00
aa8568b7f2 Bump version to 3.1.2 (#13162) 2020-02-27 12:34:07 +01:00
0c28a505dd Fix leak of arbitrary statuses through unfavourite action in REST API (#13161) 2020-02-27 12:32:54 +01:00
7face973fa Fix dismissing an announcement twice raising an obscure error (#13124) 2020-02-24 22:21:40 +01:00
cf4fe6caef Fix misleading error when attempting to re-send a pending follow request (#13133)
Fixes #13131
2020-02-24 21:19:19 +01:00
d91946ae13 Fix backups failing when files are missing from media attachments (#13146)
Fixes #13123
2020-02-24 21:18:26 +01:00
3704402dcc Fix duplicate accounts being created when fetching an account for its key only (#13147)
Fixes #13136

When a user's canonical acct domain is different from its id's domain
(WEB_DOMAIN ≠ LOCAL_DOMAIN), two webfinger queries are required to find the
canonical domain from the URI. However, we skip webfinger queries when
updating only the key of a remote user, which led to the creation of a
duplicate account, using the URI's domain instead of the canonical acct: one.
2020-02-24 21:15:53 +01:00
5158dbeb25 Bump react-redux from 7.1.3 to 7.2.0 (#13141)
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.1.3 to 7.2.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.1.3...v7.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 21:54:19 +09:00
1452d85dd2 Bump webpack-cli from 3.3.10 to 3.3.11 (#13139)
Bumps [webpack-cli](https://github.com/webpack/webpack-cli) from 3.3.10 to 3.3.11.
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/next/CHANGELOG_v3.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.10...v3.3.11)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:50:25 +09:00
6518ee6c43 Bump rellax from 1.10.0 to 1.12.1 (#13140)
Bumps [rellax](https://github.com/dixonandmoe/rellax) from 1.10.0 to 1.12.1.
- [Release notes](https://github.com/dixonandmoe/rellax/releases)
- [Commits](https://github.com/dixonandmoe/rellax/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:50:18 +09:00
3d9e9ca375 Bump @babel/core from 7.8.3 to 7.8.4 (#13137)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.8.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-24 17:36:32 +09:00
ca7ee9f1cf Add --reset-password option to tootctl accounts modify (#13126) 2020-02-22 01:29:14 +01:00
0f07218e53 Fix /web redirecting to /web/web in web UI (#13128)
Fixes #13127
2020-02-22 01:27:34 +01:00
983ab40086 Fix previously OStatus-based accounts not being detected as ActivityPub (#13129) 2020-02-22 01:26:41 +01:00
89a9eeb675 Bump rack from 2.1.2 to 2.2.2 (#13108)
Bumps [rack](https://github.com/rack/rack) from 2.1.2 to 2.2.2.
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/2.1.2...v2.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-20 09:24:16 +09:00
ff3a11d01d Add source-mapped stacktrace to error message in web UI (#13082)
* Add source-mapped stack trace to copyable text in error boundary

* Add the error message to the copied report, not only the stack trace
2020-02-19 22:36:52 +01:00
d8e9bae482 Fix account JSON/RSS not being cacheable due to wrong mime type comparison (#13116)
`request.format` is not a symbol but a `Mime::Type`, so the condition actually
never matched, and a session was created even for those requests, preventing
caching.
2020-02-19 22:31:53 +01:00
1314bba68a Fix old browsers crashing because of missing finally polyfill in web UI (#13115)
Fix #13015
2020-02-18 17:22:44 +01:00
7584342d83 Bump simplecov from 0.18.1 to 0.18.2 (#13106)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.1 to 0.18.2.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.1...v0.18.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:27:19 +09:00
fe388e5fe9 Bump pkg-config from 1.4.0 to 1.4.1 (#13105)
Bumps [pkg-config](https://github.com/ruby-gnome/pkg-config) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/ruby-gnome/pkg-config/releases)
- [Changelog](https://github.com/ruby-gnome/pkg-config/blob/master/NEWS)
- [Commits](https://github.com/ruby-gnome/pkg-config/compare/1.4.0...1.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:24:20 +09:00
28dec37101 Bump nokogiri from 1.10.7 to 1.10.8 (#13110)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.7 to 1.10.8.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.7...v1.10.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 02:22:43 +09:00
eadd26f3aa Bump rimraf from 3.0.0 to 3.0.2 (#13104)
Bumps [rimraf](https://github.com/isaacs/rimraf) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/isaacs/rimraf/releases)
- [Changelog](https://github.com/isaacs/rimraf/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/rimraf/compare/v3.0.0...v3.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:58:14 +09:00
9547417353 Bump react-swipeable-views from 0.13.4 to 0.13.9 (#13103)
Bumps [react-swipeable-views](https://github.com/oliviertassinari/react-swipeable-views) from 0.13.4 to 0.13.9.
- [Release notes](https://github.com/oliviertassinari/react-swipeable-views/releases)
- [Changelog](https://github.com/oliviertassinari/react-swipeable-views/blob/master/CHANGELOG.md)
- [Commits](https://github.com/oliviertassinari/react-swipeable-views/commits/v0.13.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:57:29 +09:00
e724541661 Bump eslint-plugin-import from 2.20.0 to 2.20.1 (#13101)
Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import) from 2.20.0 to 2.20.1.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases)
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md)
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.20.0...v2.20.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:53:02 +09:00
6c66985302 Bump terser-webpack-plugin from 2.3.2 to 2.3.5 (#13100)
Bumps [terser-webpack-plugin](https://github.com/webpack-contrib/terser-webpack-plugin) from 2.3.2 to 2.3.5.
- [Release notes](https://github.com/webpack-contrib/terser-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/terser-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/terser-webpack-plugin/compare/v2.3.2...v2.3.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-18 01:49:21 +09:00
4dec392ea8 Fix account's bio not being shown if there are no proofs/fields in admin UI (#13075) 2020-02-17 16:38:59 +01:00
c48d895ea7 Fix sign-ups without checked user agreement being accepted through the web form (#13088)
* Fix user agreement not being verified

* Fix tests

* Fix up agreement field being dismissed
2020-02-16 12:56:53 +01:00
250ca99cb5 Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
cb28f61a6c Fix invite request input not being shown on sign-up error if left empty (#13089)
If the “Why do you want to join?” textarea is left empty and the entered params
do not validate, the textarea isn't shown again, unlike other fields.

This commit fixes that by populating an empty `UserInviteRequest` when needed.
2020-02-16 12:38:22 +01:00
bd4bbba98a Do not suggest to login into the GitLab database (#13084)
As pointed out on Discourse:

https://discourse.joinmastodon.org/t/obscure-wtf-error-message-running-migrations-for-3-1/2524

The message the administrators were getting was telling them
to log in to the "GitLab database" and also mentions MySQL
2020-02-15 12:52:57 +01:00
346773829a Bump @babel/plugin-transform-runtime from 7.7.6 to 7.8.3 (#12980)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.7.6 to 7.8.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.6...v7.8.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 21:34:03 +09:00
879b71eacb Bump json-ld-preloaded from 3.0.6 to 3.1.0 (#12982)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.0.6 to 3.1.0.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.0.6...3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 21:26:53 +09:00
b189b93c25 Bump rubocop-rails from 2.4.1 to 2.4.2 (#12984)
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.4.1...v2.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 21:18:07 +09:00
432e00af7c Bump capybara from 3.30.0 to 3.31.0 (#12983)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.30.0 to 3.31.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.30.0...3.31.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:51:14 +09:00
925159abf0 Bump simplecov from 0.17.1 to 0.18.1 (#13027)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.17.1 to 0.18.1.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.17.1...v0.18.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:46:25 +09:00
dc8d57d092 Bump pry-byebug from 3.7.0 to 3.8.0 (#12985)
Bumps [pry-byebug](https://github.com/deivid-rodriguez/pry-byebug) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/deivid-rodriguez/pry-byebug/releases)
- [Changelog](https://github.com/deivid-rodriguez/pry-byebug/blob/master/CHANGELOG.md)
- [Commits](https://github.com/deivid-rodriguez/pry-byebug/compare/v3.7.0...v3.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:46:05 +09:00
cc28f7d12c Bump uuid from 3.3.3 to 3.4.0 (#12981)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.3.3 to 3.4.0.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.3.3...v3.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:41:58 +09:00
6d2dc2a8cf Bump sass from 1.24.2 to 1.25.0 (#12978)
Bumps [sass](https://github.com/sass/dart-sass) from 1.24.2 to 1.25.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.24.2...1.25.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:40:32 +09:00
1bd69a256a Bump axios from 0.19.1 to 0.19.2 (#12976)
Bumps [axios](https://github.com/axios/axios) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/0.19.1...v0.19.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:30:40 +09:00
acb233b243 Bump @babel/plugin-transform-react-inline-elements from 7.8.0 to 7.8.3 (#12974)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.0 to 7.8.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.0...v7.8.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:29:15 +09:00
170e8e0725 Bump letter_opener_web from 1.3.4 to 1.4.0 (#13028)
Bumps [letter_opener_web](https://github.com/fgrehm/letter_opener_web) from 1.3.4 to 1.4.0.
- [Release notes](https://github.com/fgrehm/letter_opener_web/releases)
- [Changelog](https://github.com/fgrehm/letter_opener_web/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fgrehm/letter_opener_web/compare/v1.3.4...v1.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-10 20:28:22 +09:00
b752666e3f Bump version to 3.1.1 (#13069) 2020-02-10 02:55:40 +01:00