Commit Graph

9321 Commits

Author SHA1 Message Date
0465d2a3ce [Security] Bump puma from 4.2.0 to 4.3.1 (#12559)
Bumps [puma](https://github.com/puma/puma) from 4.2.0 to 4.3.1. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.2.0...v4.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-06 19:44:09 +01:00
eb551c480d Highlight border when focusing poll-form footer (#12544) 2019-12-05 00:51:07 +01:00
76adde4fe2 Fix media open hotkey (#12546) 2019-12-05 00:50:51 +01:00
04582e3c3e Remove some duplicate methods from StatusHelper and reflect changes to AccountHelper (#12545) 2019-12-05 00:50:40 +01:00
f43f1e0184 Add basic support for group actors (#12071)
* Show badge on group actor in WebUI

* Do not notify in case of  by following group actor

* If you mention group actor, also mention group actor followers

* Relax characters that can be used in username (same as Application)

* Revert "Relax characters that can be used in username (same as Application)"

This reverts commit 7e10a137b878d0db1b5252c52106faef5e09ca4b.

* Delete display_name method
2019-12-04 20:36:33 +01:00
f92ed32df4 upgrade/replace websocket.js to @gamestdio/websocket v2 (#12543)
* Update stream.js

* Update package.json

* Update yarn.lock

Co-authored-by: hina <hina@hinaloe.net>
2019-12-04 20:45:49 +09:00
f682387aae Fix old migration failing with new status default scope (#12493) 2019-12-04 04:34:31 +01:00
bbf926b1c0 Fix error when using search API with no query (#12541)
Fix #12462
2019-12-04 04:34:08 +01:00
4354936a39 Return discoverable via REST API (fix #12507) (#12508) 2019-12-03 19:56:34 +01:00
c05ed8a625 Fix poll options not being selectable via keyboard (#12538)
* Fix poll options not being selectable via keyboard

Fixes #12384

* Improve styling of poll option checkboxes/radio buttons

* Use more appropriate ARIA roles for poll options

* Allow switching between single and multiple choice from keyboard

* Coding style

* Avoid using .bind()
2019-12-03 19:53:16 +01:00
f1ef777d40 add S3_OPEN_TIMEOUT environment variable (#12459) 2019-12-02 21:05:27 +01:00
e598ce0bd9 Move rspec examples to tmp dir (#12539) 2019-12-02 19:55:08 +01:00
5097a8d12c Bump faker from 2.7.0 to 2.8.0 (#12531)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.7.0...v2.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-03 02:38:17 +09:00
ce642d636b Bump brakeman from 4.7.1 to 4.7.2 (#12530)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.1 to 4.7.2.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.1...v4.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-03 02:37:54 +09:00
307f123808 Bump autoprefixer from 9.6.1 to 9.7.3 (#12519)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.6.1 to 9.7.3.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.6.1...9.7.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-03 02:37:22 +09:00
6be16d02cb Update ESLint and RuboCop in Code Climate (#12534) 2019-12-02 18:25:43 +01:00
27d5d02925 Fix blocking/unblocking users from status dropdown menu (#12535)
Fixes #12511
2019-12-02 18:25:24 +01:00
c7da6db28d Bump eslint-plugin-react from 7.16.0 to 7.17.0 (#12524)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.16.0 to 7.17.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.16.0...v7.17.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-03 00:55:32 +09:00
f61d8da9f4 Bump blurhash from 1.0.0 to 1.1.3 (#12411)
Bumps [blurhash](https://github.com/woltapp/blurhash) from 1.0.0 to 1.1.3.
- [Release notes](https://github.com/woltapp/blurhash/releases)
- [Commits](https://github.com/woltapp/blurhash/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 23:18:59 +09:00
f64a132396 Bump aws-sdk-s3 from 1.55.0 to 1.57.0 (#12528)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.55.0 to 1.57.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.55.0...v1.57.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 23:03:46 +09:00
c54e04d1b2 Bump arrow-key-navigation from 1.0.2 to 1.1.0 (#12523)
Bumps [arrow-key-navigation](https://github.com/nolanlawson/arrow-key-navigation) from 1.0.2 to 1.1.0.
- [Release notes](https://github.com/nolanlawson/arrow-key-navigation/releases)
- [Commits](https://github.com/nolanlawson/arrow-key-navigation/compare/v1.0.2...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 22:59:12 +09:00
c9249fbb15 Bump tty-prompt from 0.19.0 to 0.20.0 (#12529)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.19.0 to 0.20.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.19.0...v0.20.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 22:58:07 +09:00
99f9579a04 Bump rubocop-rails from 2.3.2 to 2.4.0 (#12532)
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.3.2 to 2.4.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.3.2...v2.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 22:56:53 +09:00
0a1824d0f0 Bump fabrication from 2.20.2 to 2.21.0 (#12527)
Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.20.2 to 2.21.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/compare/2.20.2...2.21.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 22:55:43 +09:00
4eb54e5e76 Bump rails-ujs from 5.2.3 to 5.2.4 (#12526)
Bumps [rails-ujs](https://github.com/rails/rails) from 5.2.3 to 5.2.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.3...v5.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 22:55:08 +09:00
ab1b6cf8b0 Bump eslint from 6.5.1 to 6.7.2 (#12522)
Bumps [eslint](https://github.com/eslint/eslint) from 6.5.1 to 6.7.2.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v6.5.1...v6.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-02 22:53:03 +09:00
f9b82fa660 Fix notifications label (#12517)
* Fix translations not being displayed

* ran `yarn manage:translations en`
2019-12-02 13:39:53 +01:00
9e34cf9a86 Remove unnecessary dependencies (#12533) 2019-12-02 13:38:53 +01:00
4195039420 Link to reports targetting instance in admin view (#12513) 2019-12-01 19:03:43 +01:00
bd8dc9bd0c Add an LDAP Mail attribute config (#12053)
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2019-12-01 18:52:21 +01:00
911cc14481 Add follow_request notification type (#12198)
* Add follow_request notification type

The notification type already existed in the backend but was never pushed
to the front-end. This also means translation strings were also available
for the backend, from the notification mailer.

Unlike other notification types, these are off by default, to match what
I remember of Gargron's view on the topic: that follow requests should not
clutter notifications and should instead be reviewed at the user's own
leisure in the dedicated column.

Since follow requests have their own column, I've deemed it unnecessary to
add a specific tab for them in the notification quick filter.

* Show follow request link in single-column if there are pending requests, even if account isn't locked

* Push follow requests from notifications to the follow_requests list

* Offer to accept or reject follow request from the notification

* Redesign follow request notification
2019-12-01 17:25:29 +01:00
f60cd97638 Only normalize local polls (#12515)
Before this patch, if remote poll options have leading or trailing spaces,
the information stored locally won't match them, causing federated voting to
fail.
2019-12-01 17:24:33 +01:00
d70268f099 Convert LDAP username (#12461)
*  Convert LDAP username #12021

Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>

* 🐛 Fix conversion var use

Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>

* 🐛 Fix LDAP uid conversion test

Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>

* 👌 Remove comments with ref to PR

Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>

* 👌 Remove unnecessary paranthesis

Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>

* 🔧 Move space in conversion string

Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2019-12-01 07:21:28 +01:00
c8d82ef3c3 Split relationships page strings (#12502)
Before this moment relationships managing page was using strings from
other context - from counters, but in order for translators to be able
to translate it relatively to the page, it must use separate strings.

I've split the strings for "Following" and "Followers" and put them to
"relationships" keyset in localization file. This should solve this
issue.

Fixes #10863
2019-12-01 07:08:40 +01:00
ed73376f1c Fix conversations not having an unread indicator in web UI (#12506) 2019-12-01 07:06:20 +01:00
f05b0463db Fallback to Create audience when object has no defined audience (#12249)
Fixes #11137
2019-11-30 19:58:00 +01:00
d8f96028c5 Add ability to filter reports by target account domain (#12154)
* Add ability to filter reports by target account domain

* Reword by_target_domain label
2019-11-30 19:53:58 +01:00
f3a93987b6 LDAP & PAM added to OAuth password grant strategy (#7999) (#12390)
When authenticating via OAuth, the resource owner password grant
strategy is allowed by Mastodon, but (without this PR), it does not
attempt to authenticate against LDAP or PAM. As a result, LDAP or PAM
authenticated users cannot sign in to Mastodon with their
email/password credentials via OAuth (for instance, for native/mobile
app users).

This PR fleshes out the authentication strategy supplied to doorkeeper
in its initializer by looking up the user with LDAP and/or PAM when
devise is configured to use LDAP/PAM backends. It attempts to follow the
same logic as the Auth::SessionsController for handling email/password
credentials.

Note #1: Since this pull request affects an initializer, it's unclear
how to add test automation.

Note #2: The PAM authentication path has not been manually tested. It
was added for completeness sake, and it is hoped that it can be manually
tested before merging.
2019-11-30 19:44:59 +01:00
35b142a7ad Fix lost focus when modals open/close (#12437)
* Fix lost focus after modal closes

Regression caused by the use of the wicg-inert polyfill

* Fix regression introduced by wicg-inert

* Catch errors to please CodeClimate
2019-11-30 18:19:47 +01:00
b532ead798 Fix counter sizing (#12446)
Counter size is currently set to strict 33.3% width, but with it
counter may break in other languages than English. For example it is
already broken on Gargron's profile on mastodon.social using Russian
locale.

This commit changes "width" to "min-width", so counters still displayed
correctly, but if they need more width to fit text, they are now allowed
to take as many width as they need.
2019-11-29 17:03:38 +01:00
6c2c2eee46 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
fd45f5bbaa Improve notifications page (#12497)
Currently notifications page seems a bit cluttered with no clear
separation between e-mail and filtering settings. This commit tries to
address them by adding clear separation with headers, hints and removing
continuously reused texts for events checkboxes.
2019-11-29 17:03:06 +01:00
a690b3e470 Add hotkey for opening media files (#12498)
* [WiP] Add hotkey to open media

* Give focus to play/pause button when opening video modal
2019-11-29 17:02:35 +01:00
667708f5b0 Fix pending upload count not being decremented on error (#12499)
The arguments were passed to the wrong function… also, there is no
need to have a conditional decrementation: failure to upload means
we marked an upload as pending, in all cases.
2019-11-29 17:02:18 +01:00
07da35c17c Fix n+1 query for bookmarks on statuses (#12494) 2019-11-28 04:08:00 +01:00
d9793b2367 Fix proofs API being inaccessible in secure mode (#12495) 2019-11-28 04:07:49 +01:00
8040923501 Bump net-ldap from 0.16.1 to 0.16.2 (#12479)
Bumps [net-ldap](https://github.com/ruby-ldap/ruby-net-ldap) from 0.16.1 to 0.16.2.
- [Release notes](https://github.com/ruby-ldap/ruby-net-ldap/releases)
- [Changelog](https://github.com/ruby-ldap/ruby-net-ldap/blob/master/History.rdoc)
- [Commits](https://github.com/ruby-ldap/ruby-net-ldap/compare/v0.16.1...v0.16.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 21:33:20 +09:00
c455a314fd Bump parallel from 1.18.0 to 1.19.1 (#12475)
Bumps [parallel](https://github.com/grosser/parallel) from 1.18.0 to 1.19.1.
- [Release notes](https://github.com/grosser/parallel/releases)
- [Commits](https://github.com/grosser/parallel/compare/v1.18.0...v1.19.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 20:49:19 +09:00
ffc33c1ae6 Use override_csp options on pghero (#12489) 2019-11-27 05:28:11 +01:00
0931faff97 Bump browser from 2.6.1 to 2.7.1 (#12490)
Bumps [browser](https://github.com/fnando/browser) from 2.6.1 to 2.7.1.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v2.6.1...v2.7.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-11-27 13:19:27 +09:00