Commit Graph

7839 Commits

Author SHA1 Message Date
4615512285 Reduce connect timeout limit and limit signature failures by source IP (#9236)
* Reduce connect timeout from 10s to 1s

* Limit failing signature verifications per source IP
2018-11-08 21:35:58 +01:00
dd00cd19d2 Use local instead of global loading indicator for timelines, account timelines (#9224)
So that opening a profile feels faster. Also, pinned toots are not
shown before other toots have loaded. Also, if no toots are loaded,
added empty message
2018-11-08 21:35:06 +01:00
f055907857 Bump bullet from 5.7.6 to 5.8.1 (#9156)
Bumps [bullet](https://github.com/flyerhzm/bullet) from 5.7.6 to 5.8.1.
- [Release notes](https://github.com/flyerhzm/bullet/releases)
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flyerhzm/bullet/compare/5.7.6...5.8.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-08 21:15:33 +01:00
6e44e27e09 Bump parallel_tests from 2.26.0 to 2.26.2 (#9154)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.26.0 to 2.26.2.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.26.0...v2.26.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-08 21:15:08 +01:00
9d0e61167f Bump aws-sdk-s3 from 1.23.0 to 1.23.1 (#9174)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.23.0 to 1.23.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-08 21:14:25 +01:00
e50a7cbc69 Bump capybara from 3.10.0 to 3.10.1 (#9216)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.10.0 to 3.10.1.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.10.0...3.10.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-08 21:13:44 +01:00
a28441144e Bump pkg-config from 1.3.1 to 1.3.2 (#9215)
Bumps [pkg-config](https://github.com/ruby-gnome2/pkg-config) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/ruby-gnome2/pkg-config/releases)
- [Changelog](https://github.com/ruby-gnome2/pkg-config/blob/master/NEWS)
- [Commits](https://github.com/ruby-gnome2/pkg-config/compare/1.3.1...1.3.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-08 21:13:27 +01:00
5cbf6cf3ec Add "Show thread" link to self-replies (#9228)
Fix #4716
2018-11-08 21:08:57 +01:00
3ddb460449 Display amount of freed disk space in tootctl media remove (#9229)
* Display amount of freed disk space in tootctl media remove

Fix #9213

* Fix code style issue
2018-11-08 21:06:26 +01:00
ccbdf689e8 Fix form validation flash message color and input borders (#9235)
* Fix form validation flash message color and input borders

* Fix typo
2018-11-08 21:06:14 +01:00
7f4adfaf77 Fix follow limit validator reporting lower number past threshold (#9230)
* Fix follow limit validator reporting lower number past threshold

* Avoid floating point follow limit
2018-11-08 21:06:01 +01:00
6d59dfa15d Optimize the process of following someone (#9220)
* Eliminate extra accounts select query from FollowService

* Optimistically update follow state in web UI and hide loading bar

Fix #6205

* Asynchronize NotifyService in FollowService

And fix failing test

* Skip Webfinger resolve routine when called from FollowService if possible

If an account is ActivityPub, then webfinger re-resolving is not necessary
when called from FollowService. Improve options of ResolveAccountService
2018-11-08 21:05:42 +01:00
9cfd610484 Cancel list scroll reset after mouse move on wheel scroll (#9233)
- Use object properties rather than component state for
  mouseMovedRecently and scrollToTopOnMouseIdle flags

- Remove redundant scrollToTop prop call, also fixing an attempt to call
  an undefined prop.

Fixes #9217
2018-11-08 18:45:20 +01:00
b22db8162a Increase default column width from 330px to 350px (#9227) 2018-11-08 07:42:17 +01:00
7775225d17 [Security] Bump rack from 2.0.5 to 2.0.6 (#9214)
Bumps [rack](https://github.com/rack/rack) from 2.0.5 to 2.0.6. **This update includes security fixes.**
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/2.0.5...2.0.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-06 05:36:56 +01:00
535ce84896 Bump active_model_serializers from 0.10.7 to 0.10.8 (#9209)
Bumps [active_model_serializers](https://github.com/rails-api/active_model_serializers) from 0.10.7 to 0.10.8.
- [Release notes](https://github.com/rails-api/active_model_serializers/releases)
- [Changelog](https://github.com/rails-api/active_model_serializers/blob/master/CHANGELOG-0-10.md)
- [Commits](https://github.com/rails-api/active_model_serializers/compare/v0.10.7...v0.10.8)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-05 19:01:17 +01:00
6a1216d2cd Temporarily hold timeline if mouse moved recently (fixes #8630) (#9200)
- On recent mouse movement, hold timeline position so statuses remain in
  place for interactions in progress.

- If the timeline had been scrolled to the top before mouse movement,
  restore scroll on mouse idle.
2018-11-05 18:59:41 +01:00
m.b
cd41c2c6ad Update resolve_url_service.rb (#9188) 2018-11-05 18:54:07 +01:00
4c03e05a4e Allow joining several hashtags in a single column (#8904)
* Nascent tag menu on frontend

* Hook up frontend to search

* Tag intersection backend first pass

* Update yarnlock

* WIP

* Fix for tags not searching correctly

* Make radio buttons function

* Simplify radio buttons with modeOption

* Better naming

* Rearrange options

* Add all/any/none functionality on backend

* Small PR cleanup

* Move to service from scope

* Small cleanup, add proper service tests

* Don't use send with user input :D

* Set appropriate column header

* Handle auto updating timeline

* Fix up toggle function

* Use tag value correctly

* A bit more correct to use 'self' rather than 'all' in status scope

* Fix some style issues

* Fix more code style issues

* Style select dropdown more better

* Only use to_id'ed value to ensure no SQL injection

* Revamp frontend to allow for multiple selects

* Update backend / col header to account for more flexible tagging

* Update brakeman ignore

* Codeclimate suggestions

* Fix presenter tag_url

* Implement initial PR feedback

* Handle additional tag streaming

* CodeClimate tweak
2018-11-05 18:53:25 +01:00
bb5558de62 Implement adding a user to a list from their profile (#9062)
* Add add user to list from thier profile

* Fix listAdderCss
2018-11-05 18:52:38 +01:00
a7e3bd0300 Check for empty "last_status" before sorting DM column (#9207)
* Check for empty "last_status" before sorting

* Small touchups for codeclimate
2018-11-05 18:51:43 +01:00
d6c7b01d08 fix(reset): Property name for styled scrollbars (#9210)
https://webplatform.news/issues/2018-10-26
2018-11-05 18:51:26 +01:00
f5ebb739ec Bump rack-attack from 5.4.1 to 5.4.2 (#9186)
Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 5.4.1 to 5.4.2.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v5.4.1...v5.4.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-05 18:50:53 +01:00
87ca51878d Bump redis from 4.0.2 to 4.0.3 (#9187)
Bumps [redis](https://github.com/redis/redis-rb) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.0.2...v4.0.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-11-03 09:34:43 +09:00
ba06a5f485 Bump version to 2.6.1 (#9172) 2018-10-31 01:04:45 +01:00
b9d0d209cd Fix reducer error when conversation has no last status in web UI (#9173)
Fix #9170
2018-10-31 00:55:20 +01:00
ce2ee68b64 Revert "Fix FetchAtomService content type handling (#9132)" (#9171)
This reverts commit c36a4a1617.
2018-10-31 00:43:34 +01:00
50ce347ef9 Bump version to 2.6.0 (#9149)
* Bump version to 2.6.0

* Update CHANGELOG.md
2018-10-30 22:06:59 +01:00
804586172e [i18n] Update for Occitan (#9169)
* Update oc.json

* Update oc.yml

* Update simple_form.oc.yml

* Update simple_form.oc.yml

* Update oc.json
2018-10-30 22:06:31 +01:00
f2290e311b Remove progress estimate from MigrateAccountConversations (#9168) 2018-10-30 21:09:33 +01:00
7800e1af7e Specify node version to not use node11 (#9166)
uWS has no support node11 yet.
2018-10-30 19:46:20 +01:00
66019b0ec4 Bump version to 2.6.0rc4 (#9164)
* Bump version to 2.6.0rc4

* Update CHANGELOG.md
2018-10-30 17:37:49 +01:00
f59b840549 Fix empty display name precedence over username in web UI (#9163)
Fix #9131
2018-10-30 17:06:12 +01:00
cc45a8f9f7 Fix td instead of th in sessions table header (#9162)
Fix #9130
2018-10-30 17:00:34 +01:00
5c8e7f0e1d Revert "feat(auth/session_controller): Send Clear-Site-Data when logging out (8627)" (#9161)
This reverts commit 10680f93e7.
2018-10-30 16:25:54 +01:00
c36a4a1617 Fix FetchAtomService content type handling (#9132)
* Add profile to json+ld in Accept

It's required by the ActivityPub spec

* Use headers['Content-type'] instead of mime_type

mime_type strips the profile from the content type, but it's still available raw in the headers hash

* Add test for ld+json with profile
2018-10-30 15:07:57 +01:00
a3d40ba53b [i18n] Update for Occitan (#9157)
* Update oc.json

* Update devise.oc.yml

* Update oc.yml

* Update oc.json
2018-10-30 15:05:01 +01:00
be202f9377 Accept the same payload in multiple inboxes and deliver (#9150) 2018-10-30 15:03:55 +01:00
47b8d195e6 Always let through notifications from staff (#9152)
* Always let through notifications from staff

Follow-up to #8993

* Let messages from staff through, but no other notifications
2018-10-30 15:02:55 +01:00
a03d506626 Fix Pleroma mentions being fetched as preview cards (#9158) 2018-10-30 15:02:24 +01:00
c1eec9869e [Security] Bump loofah from 2.2.2 to 2.2.3 (#9160)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.2.2 to 2.2.3. **This update includes security fixes.**
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.2.2...v2.2.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-30 22:59:11 +09:00
6771e8c88c Bump oj from 3.6.12 to 3.7.0 (#9155)
Bumps [oj](https://github.com/ohler55/oj) from 3.6.12 to 3.7.0.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.6.12...v3.7.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-30 06:39:52 +01:00
2cc099c70f Make detailed-status__wrapper actually wrap detailed status (#8547)
* Remove class from scrollable div

.detailed-status__wrapper does not actually wrap the detailed status here

* Re-add class to focusable div

.detailed-status__wrapper now wraps the detailed status instead of the entire scrollable area
2018-10-30 06:33:02 +01:00
d4415cc316 Bump i18n-tasks from master to 0.9.28 (#9148) 2018-10-30 01:06:47 +01:00
e961a763a2 RTL: fix toot privacy preferences radio buttonss (#9146) 2018-10-30 00:49:29 +01:00
5ee0b51ac8 RTL: fix preferences page checkbox margins (#9145)
* RTL: fix preferences page checkbox margins

* Update rtl.scss
2018-10-30 00:47:43 +01:00
33a71e8f7c Do not hide boost notifications from followed people with hidden boosts (#9147)
* Do not hide boost notifications from followed people with hidden boosts

Not displaying boosts from a followed user in the Home timeline and not
having notifications when they reblog your own content are two very
separate concerns, tying them together seem counter-intuitive and unwanted.

* Update specs accordingly
2018-10-30 00:47:31 +01:00
e84da282f6 Bump version to 2.6.0rc3 (#9142)
* Bump version to 2.6.0rc3

* Update CHANGELOG.md
2018-10-29 14:15:54 +01:00
3fd808ab26 Update AUTHORS.md (#9141) 2018-10-29 14:05:53 +01:00
b40ea6d1d4 Bump sanitize from 4.6.6 to 5.0.0 (#9140) 2018-10-29 14:05:25 +01:00