bida/bastodon
7
0
Fork 0
Code Issues 7 Pull requests Releases Wiki Activity
12507 commits 8 branches 6 tags 263 MiB
Commit graph

1317 commits

Author SHA1 Message Date
giosueanastasi
a2bac98d81 upgrade last 4.0 2024-02-24 16:34:59 +01:00
Emelia Smith
d3e97e8c23 Allow reports with long comments from remote instances, but truncate (#25028) 2023-09-05 18:51:01 +02:00
Claire
93a87b96c7 Fix processing of media files with unusual names (#25788) 2023-07-07 19:36:12 +02:00
Claire
2119aadf0a
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Claire
04f76675d1 Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:58 +02:00
Claire
eceb960744 Change Identity to not destroy associated User on destroy (#25098) 2023-07-06 13:45:58 +02:00
Claire
ebe009ff09 Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-07-06 13:45:58 +02:00
Claire
2617c33fc3 Fix ArgumentError when loading newer Private Mentions (#25399) 2023-07-06 13:45:58 +02:00
Claire
d81b891fa8 Fix multiple N+1s in ConversationsController (#25134) 2023-07-06 13:45:58 +02:00
Claire
05c45e9eeb Fix unescaped user input in LDAP query (#24379) 
Fix CVE-2023-28853
 2023-04-04 12:39:56 +02:00
Claire
aa37eeadf3 Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:39:56 +02:00
Eugen Rochko
a6217bd035 Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:49:35 +01:00
Claire
11f04e3b97 Fix unconfirmed accounts being registered as active users (#23803) 2023-03-14 09:58:47 +01:00
Claire
c22c4247d9 Fix server error when failing to follow back followers from /relationships (#23787) 2023-03-14 09:58:26 +01:00
Claire
348599a543 Fix inefficiency when searching accounts per username in admin interface (#23801) 2023-03-14 09:58:13 +01:00
Claire
e2103c9175 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-14 09:50:57 +01:00
jops
a113ebc399 Merge tag 'v4.0.0' into bida 2022-11-14 22:52:53 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted (#19474) 
Fix #19175
 2022-11-14 08:07:14 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API (#20626) 
Fix #19156
 2022-11-14 08:06:06 +01:00
Eugen Rochko
5c826c408d
Fix image type not being set after conversion for convertible image types (#20624) 2022-11-14 07:13:14 +01:00
Eugen Rochko
2e2ba39abf
Fix rules with same priority being sorted non-deterministically (#20623) 2022-11-14 06:28:19 +01:00
jops
e32b6517ee Merge tag 'v3.5.3' into bida 2022-11-13 17:29:53 +01:00
Jeong Arm
c4c1bee880
Fix trendable status without review (#20214) 2022-11-11 21:24:10 +01:00
Emily Strickland
96f51e593f
Guard against error extracting body from URL (#20428) 
If `Nokogiri::HTML(value).at_xpath('//body')` fails to find the `body` element, it will return `nil`. We can guard against that with an early return. Avoids calling `children` on `Nilclass` in those cases.
 2022-11-11 21:22:28 +01:00
Eugen Rochko
9bc0a6c861
Fix metadata scrubbing removing color profile from images (#20389) 2022-11-11 09:20:10 +01:00
jops
322ce50b9d Merge tag 'v3.5.2' into bida 2022-11-11 02:11:09 +01:00
Claire
86f6631d28
Remove dead code and refactor status threading code (#20357) 
* Remove dead code

* Remove unneeded/broken parameters and refactor descendant computation
 2022-11-10 22:30:00 +01:00
Eugen Rochko
c6c7c6223d
Change verification to only work for https links (#20304) 
Fix #20242
 2022-11-10 21:09:03 +01:00
Eugen Rochko
9965a23b04
Change link verification to ignore IDN domains (#20295) 
Fix #3833
 2022-11-10 06:27:45 +01:00
James Tucker
78a6b871fe
Improve performance by avoiding regex construction (#20215) 
```ruby
10.times { p /#{FOO}/.object_id }
10.times { p FOO_RE.object_id }
```
 2022-11-10 05:49:30 +01:00
Eugen Rochko
0cd0786aef
Revert filtering public timelines by locale by default (#20294) 2022-11-10 05:34:42 +01:00
Eugen Rochko
e98833748e
Fix being able to spoof link verification (#20217) 
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
 2022-11-09 08:24:21 +01:00
Postmodern
ca80beb653
Micro-optimization: use if/else instead of Array#compact and Array#min (#19906) 
* Technically `if`/`else` is faster than using `[value1, value2].compact.min` to find the lesser of two values, one of which may be `nil`.
 2022-11-08 03:50:47 +01:00
Claire
bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018) 
* Fix followers count not being updated when migrating follows

Fixes #19900

* Fix validation error in SynchronizeFeaturedTagsCollectionWorker

Also saves remote user's chosen case for hashtags

* Limit remote featured tags before validation
 2022-11-07 22:35:53 +01:00
Postmodern
106648b456
Micro-optimization: only split acct into two Strings (#19901) 
* Since `acct` is split by `@` and assigned to `username` and `domain`, we only need to split `acct` into two Strings.
 2022-11-07 16:17:55 +01:00
nightpool
54f0f1b9ef
Skip Webfinger cache during migrations as well (#19883) 2022-11-07 03:31:38 +01:00
Eugen Rochko
3151b260e2
Fix not using GIN index for account search queries (#19830) 2022-11-06 06:16:34 +01:00
Claire
c2170991c7
Fix reblogs being discarded after the reblogged status (#19731) 2022-11-04 16:31:44 +01:00
Eugen Rochko
b1a219552e
Fix featured tags not saving preferred casing (#19732) 2022-11-04 16:08:29 +01:00
Claire
125322718b
Fix inaccurate admin log entry for re-sending confirmation e-mails (#19674) 
Fixes #19593
 2022-11-02 18:50:21 +01:00
txt-file
0f5e6dd02b
Add support for AVIF uploads (#19647) 2022-11-01 22:08:41 +01:00
Eugen Rochko
ae07cfb868
Add support for HEIC uploads (#19618) 2022-11-01 16:26:25 +01:00
Eugen Rochko
15bae3e0e4
Change post-processing to be deferred only for large media types (#19617) 2022-11-01 15:27:58 +01:00
Eugen Rochko
d0ba77047e
Change max. thumbnail dimensions to 640x360px (360p) (#19619) 2022-11-01 13:01:39 +01:00
Eugen Rochko
26478f461c
Remove language filtering from hashtag timelines (#19563) 2022-10-30 21:29:23 +01:00
Eugen Rochko
ac9fb0d654
Add reputation and followers score boost to SQL-only account search (#19251) 2022-10-30 13:23:05 +01:00
Eugen Rochko
40c7f3e830
Fix account action type validation (#19476) 
* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
 2022-10-30 02:44:32 +02:00
Eugen Rochko
3b024c563c
Fix not being able to input featured tag with # (#19535) 2022-10-30 02:43:20 +02:00
Eugen Rochko
dc5c86add7
Fix account migration form ever using outdated account data (#18429) 2022-10-29 01:31:45 +02:00
Claire
d9d722d74b
Change admin announcement edition interface to use datetime-local (#18321) 
* Change admin announcement edition interface to use datetime-local

* Dynamically set announcement stop date as required if start date is set, set minimum date for stop date

* Change `all_day` to not be bound to presence of time-range

* Add pattern and placeholder as minimal fallback for browsers not supporting datetime-local

* Display datetime-local inputs as local time

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2022-10-28 12:56:32 +02:00