6ff67be0f6 
					 
					
						
						
							
							Add a spam check ( #11217 )  
						
						... 
						
						
						
						* Add a spam check
* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance
* Add more tests
* Add exemption when the message is a reply to something that mentions the sender
* Use Nilsimsa Compare Value instead of Levenshtein distance
* Use MD5 for messages shorter than 10 characters
* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account
* Expire spam check data after 3 months
* Add support for local statuses, reduce expiration to 1 week, always create a report
* Add content warnings to the spam check and exempt empty statuses
* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check
* Add all matched statuses into automatic report 
						
						
					 
					
						2019-07-13 16:45:50 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						402302776c 
					 
					
						
						
							
							Change the retry limit in error of web push notification ( #11292 )  
						
						... 
						
						
						
						- Change the maximum count of retry for web push notification (Default -> 5).
   - In case of high load of subscribe server, the retries will be repeated many times.
   - Because the retries occupy the default queue, maximum retry count should be reduced. 
						
						
					 
					
						2019-07-12 18:46:21 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5bf67ca913 
					 
					
						
						
							
							Add ActivityPub secure mode ( #11269 )  
						
						... 
						
						
						
						* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method 
						
						
					 
					
						2019-07-11 20:11:09 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4e1260feaa 
					 
					
						
						
							
							Fix BlockService trying to reject incorrect follow request ( #11288 )  
						
						... 
						
						
						
						Fixes  #11148  
					
						2019-07-11 14:50:27 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4e8dcc5dbb 
					 
					
						
						
							
							Add HTTP signatures to all outgoing ActivityPub GET requests ( #11284 )  
						
						
						
						
					 
					
						2019-07-11 14:49:55 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a6dc6a242f 
					 
					
						
						
							
							[Security] Bump lodash from 4.17.11 to 4.17.13 ( #11287 )  
						
						... 
						
						
						
						Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.11 to 4.17.13. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-11 06:33:07 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5d3feed191 
					 
					
						
						
							
							Refactor fetching of remote resources ( #11251 )  
						
						
						
						
					 
					
						2019-07-10 18:59:28 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d04c584159 
					 
					
						
						
							
							Drop magic-public-key from webfinger replies as it's only used for OStatus ( #11280 )  
						
						
						
						
					 
					
						2019-07-10 17:10:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						85eb418e1f 
					 
					
						
						
							
							Fix handling of webfinger redirects in ResolveAccountService ( #11279 )  
						
						
						
						
					 
					
						2019-07-10 17:10:12 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						27ad4c1501 
					 
					
						
						
							
							Fix old migration script depending on the StreamEntry model ( #11278 )  
						
						
						
						
					 
					
						2019-07-10 17:09:10 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6172263a63 
					 
					
						
						
							
							Fix activity being rendered within activity due to caching ( #11271 )  
						
						... 
						
						
						
						Fix  #11270  
					
						2019-07-10 00:43:30 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4e92183227 
					 
					
						
						
							
							Refactor domain block checks ( #11268 )  
						
						
						
						
					 
					
						2019-07-09 03:27:35 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1e7187f2a8 
					 
					
						
						
							
							Fix Status.remote scope matching *all* statuses ( #11265 )  
						
						
						
						
					 
					
						2019-07-08 18:17:22 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ef15246397 
					 
					
						
						
							
							Remove unused remote unfollow controller ( #11250 )  
						
						
						
						
					 
					
						2019-07-08 12:04:06 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						63c7fe8e48 
					 
					
						
						
							
							Refactor controllers for statuses, accounts, and more ( #11249 )  
						
						
						
						
					 
					
						2019-07-08 12:03:45 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f14776475d 
					 
					
						
						
							
							Bump faker from 1.9.3 to 1.9.6 ( #11259 )  
						
						... 
						
						
						
						Bumps [faker](https://github.com/stympy/faker ) from 1.9.3 to 1.9.6.
- [Release notes](https://github.com/stympy/faker/releases )
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/stympy/faker/compare/v1.9.3...1.9.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 18:29:00 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d76ca8964c 
					 
					
						
						
							
							Bump simplecov from 0.16.1 to 0.17.0 ( #11260 )  
						
						... 
						
						
						
						Bumps [simplecov](https://github.com/colszowka/simplecov ) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/colszowka/simplecov/releases )
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md )
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 18:28:33 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						01ee35f14a 
					 
					
						
						
							
							Bump aws-sdk-s3 from 1.43.0 to 1.45.0 ( #11262 )  
						
						... 
						
						
						
						Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.43.0 to 1.45.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.43.0...v1.45.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 18:26:41 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f935004a74 
					 
					
						
						
							
							Bump tzinfo-data from 1.2019.1 to 1.2019.2 ( #11258 )  
						
						... 
						
						
						
						Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2019.1 to 1.2019.2.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.1...v1.2019.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 18:26:12 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d0b40ae7dd 
					 
					
						
						
							
							Bump eslint-plugin-react from 7.12.1 to 7.14.2 ( #11253 )  
						
						... 
						
						
						
						Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.12.1 to 7.14.2.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.12.1...v7.14.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 18:25:20 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						76d5fd1c5c 
					 
					
						
						
							
							Bump @babel/plugin-proposal-class-properties from 7.4.4 to 7.5.0 ( #11254 )  
						
						... 
						
						
						
						Bumps [@babel/plugin-proposal-class-properties](https://github.com/babel/babel ) from 7.4.4 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.4.4...v7.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 18:24:38 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1a8bbcdca4 
					 
					
						
						
							
							Bump compression-webpack-plugin from 2.0.0 to 3.0.0 ( #11224 )  
						
						... 
						
						
						
						Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin ) from 2.0.0 to 3.0.0.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v2.0.0...v3.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 16:49:47 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6a313f872a 
					 
					
						
						
							
							Bump intl-relativeformat from 2.2.0 to 6.4.2 ( #11255 )  
						
						... 
						
						
						
						Bumps [intl-relativeformat](https://github.com/formatjs/formatjs ) from 2.2.0 to 6.4.2.
- [Release notes](https://github.com/formatjs/formatjs/releases )
- [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@2.2.0...intl-relativeformat@6.4.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 16:49:26 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						239befc6e8 
					 
					
						
						
							
							Bump react-redux from 6.0.1 to 7.1.0 ( #11256 )  
						
						... 
						
						
						
						Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 6.0.1 to 7.1.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v6.0.1...v7.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-08 16:48:44 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						87c1ad4ea3 
					 
					
						
						
							
							Fix BackupService crashing when an attachment is missing ( #11241 )  
						
						... 
						
						
						
						* Fix BackupService crashing when an attachment is missing
For various reasons such as admin error or out-of-sync media and
database backups, it might be possible for local attachments to be lost.
This commit allows the BackupService to continue its work even if some media
file is missing.
* Change error message 
						
						
					 
					
						2019-07-08 02:24:25 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3ece6e25e6 
					 
					
						
						
							
							Update fuubar dependency to 2.4.1 ( #11248 )  
						
						... 
						
						
						
						See also: thekompanee/fuubar#111  
						
						
					 
					
						2019-07-07 18:13:19 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b851456139 
					 
					
						
						
							
							Remove Atom feeds and old URLs in the form of GET /:username/updates/:id ( #11247 )  
						
						
						
						
					 
					
						2019-07-07 16:16:51 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						406b46395d 
					 
					
						
						
							
							Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker ( #11231 )  
						
						
						
						
					 
					
						2019-07-07 03:37:01 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						58276715be 
					 
					
						
						
							
							Fix support for HTTP proxies ( #11245 )  
						
						... 
						
						
						
						* Disable incorrect check for hidden services in Socket
Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.
Hidden services are already filtered in `Request#initialize`.
* Use our Socket class to connect to HTTP proxies
Avoid the timeout logic being bypassed
* Add support for IP addresses in Request::Socket
* Refactor a bit, no need to keep the DNS resolver around 
						
						
					 
					
						2019-07-07 02:05:38 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						23aeef52cc 
					 
					
						
						
							
							Remove Salmon and PubSubHubbub ( #11205 )  
						
						... 
						
						
						
						* Remove Salmon and PubSubHubbub endpoints
* Add error when trying to follow OStatus accounts
* Fix new accounts not being created in ResolveAccountService 
						
						
					 
					
						2019-07-06 23:26:16 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c07cca4727 
					 
					
						
						
							
							Only scroll to the compose form if it's not horizontally in the viewport ( #11246 )  
						
						... 
						
						
						
						Avoids jumping the scroll around vertically when giving it focus and
editing long toots. 
						
						
					 
					
						2019-07-06 18:18:08 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ae003d54f9 
					 
					
						
						
							
							Fix option to send e-mail notification about account action always being true ( #11242 )  
						
						
						
						
					 
					
						2019-07-06 13:54:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ed544f3166 
					 
					
						
						
							
							Fix HTTP requests to IPv6 hosts ( #11240 )  
						
						
						
						
					 
					
						2019-07-05 22:03:00 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						0c1b1069c9 
					 
					
						
						
							
							Remove deprecated REST API GET /api/v1/statuses/:id/card ( #11213 )  
						
						
						
						
					 
					
						2019-07-05 02:15:24 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						30f5bcf3e7 
					 
					
						
						
							
							Remove deprecated REST API POST /api/v1/notifications/dismiss?id=:id ( #11214 )  
						
						
						
						
					 
					
						2019-07-05 02:15:13 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3fd6ab99e6 
					 
					
						
						
							
							Remove deprecated REST API GET /api/v1/timelines/direct ( #11212 )  
						
						
						
						
					 
					
						2019-07-05 02:14:56 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						99924f282f 
					 
					
						
						
							
							Memoize ancestorIds and descendantIds in detailed status view ( #11234 )  
						
						
						
						
					 
					
						2019-07-02 16:03:54 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3bc0c4a884 
					 
					
						
						
							
							Remove unused StatsD code and expose StatsD as a global variable ( #11232 )  
						
						... 
						
						
						
						The instrumentation code was used for StatsD metrics collection
prior to the switch to the nsa gem and should have been removed
at that point as it no longer does anything at all 
						
						
					 
					
						2019-07-02 11:34:39 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1a747f7020 
					 
					
						
						
							
							Fix statsd UDP sockets not being cleaned up in Sidekiq ( #11230 )  
						
						
						
						
					 
					
						2019-07-02 01:01:17 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bc60d794f8 
					 
					
						
						
							
							Change ActivityPub::DeliveryWorker to not retry HTTP 501 errors ( #11233 )  
						
						
						
						
					 
					
						2019-07-02 00:59:53 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						dc88d226e1 
					 
					
						
						
							
							When deleting & redrafting a poll, fill in closest expires_in ( #11203 )  
						
						... 
						
						
						
						Use the smallest preset expires_in such that the new poll would
not expire before the old one.
In the typical case of a quick delete & redraft, this results in
using the same poll duration.
Fixes  #10567  
						
						
					 
					
						2019-07-02 00:36:16 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						0d9ffe56fb 
					 
					
						
						
							
							Add request pool to improve delivery performance ( #10353 )  
						
						... 
						
						
						
						* Add request pool to improve delivery performance
Fix  #7909 
* Ensure connection is closed when exception interrupts execution
* Remove Timeout#timeout from socket connection
* Fix infinite retrial loop on HTTP::ConnectionError
* Close sockets on failure, reduce idle time to 90 seconds
* Add MAX_REQUEST_POOL_SIZE option to limit concurrent connections to the same server
* Use a shared pool size, 512 by default, to stay below open file limit
* Add some tests
* Add more tests
* Reduce MAX_IDLE_TIME from 90 to 30 seconds, reap every 30 seconds
* Use a shared pool that returns preferred connection but re-purposes other ones when needed
* Fix wrong connection being returned on subsequent calls within the same thread
* Reduce mutex calls on flushes from 2 to 1 and add test for reaping 
						
						
					 
					
						2019-07-02 00:34:38 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2cfa427ea7 
					 
					
						
						
							
							Change domain block behaviour to prevent creation of accounts from suspended domains ( #11219 )  
						
						
						
						
					 
					
						2019-07-01 19:13:30 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						13f54f41ad 
					 
					
						
						
							
							Bump rubocop from 0.71.0 to 0.72.0 ( #11229 )  
						
						... 
						
						
						
						Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.71.0 to 0.72.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.71.0...v0.72.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-01 22:36:45 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ffb6da8b78 
					 
					
						
						
							
							Bump capybara from 3.24.0 to 3.25.0 ( #11225 )  
						
						... 
						
						
						
						Bumps [capybara](https://github.com/teamcapybara/capybara ) from 3.24.0 to 3.25.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/3.24.0...3.25.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-01 22:34:51 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						8c4287c239 
					 
					
						
						
							
							Bump memory_profiler from 0.9.13 to 0.9.14 ( #11227 )  
						
						... 
						
						
						
						Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler ) from 0.9.13 to 0.9.14.
- [Release notes](https://github.com/SamSaffron/memory_profiler/releases )
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md )
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v0.9.13...v0.9.14 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-01 22:34:25 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						47b4cd0fff 
					 
					
						
						
							
							Bump bullet from 6.0.0 to 6.0.1 ( #11228 )  
						
						... 
						
						
						
						Bumps [bullet](https://github.com/flyerhzm/bullet ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/flyerhzm/bullet/releases )
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md )
- [Commits](https://github.com/flyerhzm/bullet/compare/6.0.0...6.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-01 22:33:54 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3936404911 
					 
					
						
						
							
							Bump eslint-plugin-promise from 4.1.1 to 4.2.1 ( #11223 )  
						
						... 
						
						
						
						Bumps [eslint-plugin-promise](https://github.com/xjamundx/eslint-plugin-promise ) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/xjamundx/eslint-plugin-promise/releases )
- [Changelog](https://github.com/xjamundx/eslint-plugin-promise/blob/master/CHANGELOG.md )
- [Commits](https://github.com/xjamundx/eslint-plugin-promise/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-01 21:29:56 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d33a30377c 
					 
					
						
						
							
							Bump webpack-cli from 3.3.4 to 3.3.5 ( #11221 )  
						
						... 
						
						
						
						Bumps [webpack-cli](https://github.com/webpack/webpack-cli ) from 3.3.4 to 3.3.5.
- [Release notes](https://github.com/webpack/webpack-cli/releases )
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.4...v3.3.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com > 
						
						
					 
					
						2019-07-01 21:23:40 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						082b3b282f 
					 
					
						
						
							
							Fix expiration date of filters being set to “Never” when editing them ( #11204 )  
						
						... 
						
						
						
						When editing a custom filter, select the shortest preset duration that
still covers the remaining time of that filter.
Fixes  #9506  
						
						
					 
					
						2019-06-30 16:11:21 +02:00