Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Squashed commit of the following: commit ff90ebffaa80bb48d12a838d9a4f82fa7edb602b Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 4 16:46:39 2024 +0200 Bump version to v4.1.18 (#30911) commit a1c7aae28aecf06659c5b18cfa131b37cd1512a3 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 4 16:45:52 2024 +0200 Merge pull request from GHSA-xjvf-fm67-4qc3 commit 34aeef345320f7808a1eec00c8b5025e9a9b8329 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 4 16:26:49 2024 +0200 Merge pull request from GHSA-58x8-3qxw-6hm7 * Fix insufficient permission checking for public timeline endpoints Note that this changes unauthenticated access failure code from 401 to 422 * Add more tests for public timelines * Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses` commit 122740047a1a0361e32991e791322e0e6e41ac9f Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 4 16:11:28 2024 +0200 Merge pull request from GHSA-vp5r-5pgw-jwqx * Fix streaming sessions not being closed when revoking access to an app * Add tests for GHSA-7w3c-p9j8-mq3x commit 4b45333aff37671e26ec2650e8a0b10ee02d4509 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Jul 3 09:15:47 2024 +0200 fix: Return HTTP 422 when scheduled status time is less than 5 minutes (#30584) commit 6cf83a2a64bf2f0f4848fb0fabae4d5f181ba587 Author: David Roetzel <david@roetzel.de> Date: Fri Jun 21 14:51:10 2024 +0200 Improve encoding detection for link cards (#30780) commit 2a5819e8bb35a0f04cda7c1c45103a1bf2a3cc91 Author: Eugen Rochko <eugen@zeonfederated.com> Date: Thu Jun 27 23:34:34 2024 +0200 Change search modifiers to be case-insensitive (#30865) commit 815680bd1383840502982e98b0079d9a4dc10cec Author: David Roetzel <david@roetzel.de> Date: Thu Jun 27 16:40:19 2024 +0200 Add size limit for link preview URLs (#30854) commit d8e8437a29d20cf6151ebfcf82d4a941377848fa Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Jul 2 15:34:44 2024 +0200 Update dependency rails commit 839147e09932fbc0a9e9f75b8a76005a5a4704f8 Author: Tim Rogers <rogers.timothy.john@gmail.com> Date: Mon Jun 24 09:41:04 2024 -0500 Added check for STATSD_ADDR setting to emit a warning and proceed rather than crashing if the address is unreachable (#30691) commit 8e924e4338b41080282719bb0421a92cf0df448f Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Jun 24 15:11:10 2024 +0200 Fix `/admin/accounts/:account_id/statuses/:id` for edited posts with media attachments (#30819) commit 2ee88a99d973e99a996b49973ed3bf992ea095e8 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Oct 12 16:47:18 2023 +0200 Change PWA start URL from `/home` to `/` (#27377) commit 1cad857f14f08370a023e46c24eb81f702bc7e86 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 30 15:49:14 2024 +0200 Bump version to v4.1.17 (#30472) commit 95ebcff98e9ec7f3079c4fb21b74bfc9893c1321 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 30 14:56:18 2024 +0200 Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) commit d770b61a749569cc222eb598e1a5d12ee8ceefe9 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 30 14:24:29 2024 +0200 Merge pull request from GHSA-c2r5-cfqr-c553 * Add hardening monkey-patch to prevent IP spoofing on misconfigured installations * Remove rack-attack safelist commit 020228ddba50c5da461093766c0a679382c48a59 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 30 14:14:04 2024 +0200 Merge pull request from GHSA-q3rg-xx5v-4mxh commit e292a28933c390745bbce78cdc87d69c7db82354 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 30 14:03:13 2024 +0200 Merge pull request from GHSA-5fq7-3p3j-9vrf commit ba240cea0c935cc8ca095b4bf91600c1fa82c68a Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 23 19:28:18 2024 +0200 Normalize language code of incoming posts (#30403) commit 257f9abd5606504a1a258aacaabc7963c142dd11 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed May 29 10:15:06 2024 +0200 Fix leaking Elasticsearch connections in Sidekiq processes (#30450) commit b4e3a789b1b5f81f4e651a8c2c338e399c739d3d Author: Claire <claire.github-309c@sitedethib.com> Date: Wed May 29 11:17:20 2024 +0200 Update dependency rexml to 3.2.8 commit b39fbe7c833a0ff23776b03c31b6815d8fe688d7 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 16 10:47:45 2024 +0200 Update dependency nokogiri to 1.16.5 commit c717b7da998070d56f01993ceaae30fdc839e56a Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 16 10:46:04 2024 +0200 Update dependency puma to 5.6.8 commit 13bbcdf4d4937df9fe798d0a29a2527761e64acf Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 16 10:44:27 2024 +0200 Update dependency json-jwt to 1.15.3.1 commit 3aec33f5a2c2008ca7a1fae24777b9598f9ee45d Author: Claire <claire.github-309c@sitedethib.com> Date: Wed May 15 15:11:13 2024 +0200 Fix off-by-one in `tootctl media` commands (#30306) commit 984d7d3dc8c8fd11d5469e9169eeee12c4c46a64 Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Tue Apr 30 10:48:02 2024 +0200 Fix missing destory audit logs for Domain Allows (#30125) commit 33a50884e5ea30bb74eafedfe78a2885f22eed1e Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 2 22:56:21 2024 +0200 Fix not being able to block a subdomain of an already-blocked domain through the API (#30119) commit 70c4d70dbedb94ecde099cd71bf7a4deb01d8598 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Apr 26 15:19:02 2024 +0200 Fix Idempotency-Key ignored when scheduling a post (#30084) commit a6089cdfca1d8089318dd694edf44db8ce9bec59 Author: Tim Rogers <rogers.timothy.john@gmail.com> Date: Mon Apr 22 04:00:24 2024 -0500 Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) commit 5973d7a4b628c2f9cfe2c8dd4c0f29765b633301 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Apr 8 15:46:13 2024 +0200 Remove caching in `cache_collection` (#29862) commit ba5551fd1d6eae3edb45b2ee3934e2d3c5c781ae Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Apr 5 09:48:45 2024 +0200 Improve email address validation (#29838) commit 8ce403a85b5e79ed8b7a429397092f5efb137b67 Author: Matt Jankowski <matt@jankowski.online> Date: Fri Mar 22 11:08:27 2024 -0400 Fix results/query in `api/v1/featured_tags/suggestions` (#29597) commit 3ff575f54cd7c8156557852fb31601913cae60f3 Author: Jeong Arm <kjwonmail@gmail.com> Date: Mon Mar 11 18:28:08 2024 +0900 Normalize idna domain before account unblock domain (#29530) commit affbb10566fd4388f5b761cc66857be15fd010eb Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Feb 23 20:04:57 2024 +0100 Fix admin account created by `mastodon:setup` not being auto-approved (#29379) commit 209632a0fd585690e5c456b54f8781a7e822669a Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Tue Feb 6 13:38:14 2024 +0100 Return domain block digests from admin domain blocks API (#29092) commit 079d3e5189903c197eef439dd14a893b16ca044b Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jan 4 15:14:46 2024 +0100 Add fallback redirection when getting a webfinger query `WEB_DOMAIN@WEB_DOMAIN` (#28592) commit 57b72cccc4e67121f7ba0239e2e4f4f2aa5fe3b4 Author: Matt Jankowski <matt@jankowski.online> Date: Thu Dec 14 09:02:33 2023 -0500 Fix reference to non-existent var in CLI maintenance command (#28363) commit 37adb144dbb0729515546eb86076b3223e9b6fc5 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 16 11:52:02 2024 +0200 Fix auto close registration mail (#30323) commit 142dd34b688d05304951e7b90ae434c903ad46fe Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 16 11:28:04 2024 +0200 Fix CI not actually running ruby tests in 4.1 branch (#30321) commit c2d8666bbfd8f771b759ead50a41535f988efe9c Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Feb 23 14:09:38 2024 +0100 Bump version to v4.1.16 (#29371) commit d3c4441af8d82f2135a0453d1cf6fd08e944cb31 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Feb 23 09:53:09 2024 +0100 Fix processing of `Link` objects in `Image` objects (#29364) commit f0541adbd44bc031fb8b070e24a605e0a0e853e4 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 22 19:12:57 2024 +0100 Fix link verifications when page size exceeds 1MB (#29362) commit 3fecb3673970c4495a3757cecc33c64c5af793d1 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 22 18:28:41 2024 +0100 Change registrations to be disabled by default for new servers (#29354) commit c7312411b84498ded85b64d0600823cd4e56c850 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 22 18:15:38 2024 +0100 Fix auto-close email being sent to users with devops permissions instead of settings permissions (#29356) commit 2fc87611be94cd5bfba5cc08d716fff051a18838 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 22 14:39:42 2024 +0100 Automatically switch from open to approved registrations in absence of moderators (#29337) commit 1629ac4c811f215a565647a43144bd88be7cc7a2 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 22 14:52:07 2024 +0100 Update dependencies (#29350) commit 54ae3d5ca526c9aaaed6679ae89bae28a0e84b4f Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 22 14:38:11 2024 +0100 Add basic CI to 4.1 branch (#29351) commit b7b03e8d26a4344ef331ba667c16311110a0d6dd Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 15 11:57:34 2024 +0100 Bump version to v4.1.15 commit a07fff079b184435b156cd9d4fb155cf02694fe9 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Feb 16 11:56:12 2024 +0100 Merge pull request from GHSA-jhrq-qvrm-qr36 * Fix insufficient Content-Type checking of fetched ActivityStreams objects * Allow JSON-LD documents with multiple profiles commit 6f29d50aa51ab81ea4ab9d2b390549cae697927d Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Feb 16 09:42:31 2024 +0100 Update dependency pg to 1.5.5 commit 9e5af6bb58241134a8ff313e40768b1b067e5715 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Feb 14 22:49:45 2024 +0100 Fix user creation failure handling in OAuth paths (#29207) Co-authored-by: Matt Jankowski <matt@jankowski.online> commit 6499850ac45128a7f5836f4c97e5ce032130a5bd Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Feb 14 13:30:32 2024 +0100 Bump version to v4.1.14 commit 6f36b633a7545a2cbbe5f28dc5c8e512aeb98ea9 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Feb 14 15:16:07 2024 +0100 Merge pull request from GHSA-vm39-j3vx-pch3 * Prevent different identities from a same SSO provider from accessing a same account * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true` * Rename methods to avoid confusion between OAuth and OmniAuth commit d807b3960e96dc29669b7767cea1246ac68d508d Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Feb 14 15:15:34 2024 +0100 Merge pull request from GHSA-7w3c-p9j8-mq3x * Ensure destruction of OAuth Applications notifies streaming Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens. * Ensure password resets revoke access to Streaming API * Improve performance of deleting OAuth tokens --------- Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com> commit 2f6518cae2c5d19bfb5ccf46f7b1946f5dac6caf Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Feb 14 13:12:13 2024 +0100 Add `sidekiq_unique_jobs:delete_all_locks` task and disable `sidekiq-unique-jobs` UI by default (#29199) commit cdbe2855f3e33db3cea84b0c91a5f93c782125e2 Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Tue Feb 13 19:11:47 2024 +0100 Disable administrative doorkeeper routes (#29187) commit fdde3cdb4e0c9b2d625e22a2957317cae066e1fe Author: blah <blah@blah> Date: Wed Feb 14 10:33:42 2024 +0000 Update dependency sidekiq-unique-jobs to 7.1.33 commit ce9c641d9a0f55d3c718e701b220da272b0edc69 Author: blah <blah@blah> Date: Wed Feb 14 10:22:28 2024 +0000 Update dependency nokogiri to 1.16.2 commit 5799bc4af76813294a9eee8164d64a96612c0c0d Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Feb 1 15:56:46 2024 +0100 Merge pull request from GHSA-3fjr-858r-92rw * Fix insufficient origin validation * Bump version to v4.1.13 commit fc4e2eca9f48c2c50842e24453f3ad1d8e8e2238 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Jan 23 15:28:21 2024 +0100 Bump version to v4.1.12 commit 2e8943aecd0462e8642befe4d1395c1fda9767d3 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jan 19 13:19:49 2024 +0100 Add rate-limit of TOTP authentication attempts at controller level (#28801) commit e6072a8d13272179671128fa319e4f617106eb00 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jan 19 19:52:59 2024 +0100 Fix error when processing remote files with unusually long names (#28823) commit 460e4fbdd62ed6bb8b04e037fb1359618f9150a7 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jan 19 13:43:10 2024 +0100 Fix processing of compacted single-item JSON-LD collections (#28816) commit de6032271198e3c50852acc22447d7cc8732e00b Author: Jonathan de Jong <jonathandejong02@gmail.com> Date: Fri Jan 19 10:18:21 2024 +0100 Retry 401 errors on replies fetching (#28788) Co-authored-by: Claire <claire.github-309c@sitedethib.com> commit 90bb87068009121fe2824b0e3ef7d2229c895c46 Author: Jeong Arm <kjwonmail@gmail.com> Date: Tue Jan 16 17:35:54 2024 +0900 Ignore RecordNotUnique errors in LinkCrawlWorker (#28748) commit 9292d998fe2ab523bb8ffbf6418e8cf7810b487d Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Jan 3 12:29:26 2024 +0100 Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) commit 92643f48de80992f1598a97250954c52897b3479 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Dec 22 19:56:22 2023 +0100 Convert signature verification specs to request specs (#28443) commit 458620bdd4d0b8af49b6eef02050b32814acf6e8 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Jan 10 16:05:46 2024 +0100 Fix potential redirection loop of streaming endpoint (#28665) commit a1a71263e09704ca84d30763a03512e2a59091bf Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Jan 2 13:27:51 2024 +0100 Fix streaming API redirection ignoring the port of `streaming_api_base_url` (#28558) commit 4c5575e8e050e69860dd775e8fa98be00d86008c Author: MitarashiDango <mitarashi_dango@mail.matcha-soft.com> Date: Sat Jan 13 00:58:28 2024 +0900 Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482) Co-authored-by: Claire <claire.github-309c@sitedethib.com> commit a2ddd849e273d6d28e5c85f8b0059a93146ba1a5 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Dec 12 09:29:46 2023 +0100 Fix `LinkCrawlWorker` error when encountering empty OEmbed response (#28268) commit 2e4d43933d2775be21bbdce6e904ca8d08c6cc0a Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Dec 18 11:03:20 2023 +0100 Fix SQL query in `/api/v1/directory` (#28412) commit 363bedd0504a29d444a585cd914e7f741915eb8f Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Nov 27 15:00:52 2023 +0100 Bump version to v4.1.11 commit cc94c7097084bf8213130dfba96317ecada58c5f Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Nov 27 14:25:54 2023 +0100 Clamp dates when serializing to Elasticsearch API (#28081) commit 613d00706c3177b345feeafd0f797e31fd5ba2fe Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Nov 24 10:31:28 2023 +0100 Change GIF max matrix size error to explicitly mention GIF files (#27927) commit 8bbe2b970f8cd0c62c83616886c7084d9c93c167 Author: Jonathan de Jong <jonathandejong02@gmail.com> Date: Fri Oct 27 16:55:00 2023 +0200 Have `Follow` activities bypass availability (#27586) Co-authored-by: Claire <claire.github-309c@sitedethib.com> commit 803e15a3cfe1a21661258b40e5276af29b676481 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Nov 6 10:28:14 2023 +0100 Fix incoming status creation date not being restricted to standard ISO8601 (#27655) commit 1d835c94232ede532f89d87fdcf573db2832d9a9 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Oct 30 23:32:25 2023 +0100 Fix posts from force-sensitized accounts being able to trend (#27620) commit ab68df9af087ac8fa0261a5de4c0d5a383de229c Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Oct 27 16:04:51 2023 +0200 Fix hashtag matching pattern matching some URLs (#27584) commit a89a25714dc07ace7dc1762f87faad5c9470f620 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Oct 23 14:19:38 2023 +0200 Fix some link anchors being recognized as hashtags (#27271) commit 1210524a3d897565e1de9dc0d3051d68f94f9c70 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Oct 20 10:45:46 2023 +0200 Fix processing LDSigned activities from actors with unknown public keys (#27474) commit ff3a9dad0de79dff981ded4a3691917521e90b4e Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Oct 27 10:35:21 2023 +0200 Fix error and incorrect URLs in `/api/v1/accounts/:id/featured_tags` for remote accounts (#27459) commit 3ef0a19baceb6ace5201fa1f8a39a324feef11ac Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Oct 26 19:03:31 2023 +0200 Fix report processing notice not mentioning the report number when performing a custom action (#27442) commit 78e457614cae328f73555f11d77dc4cf341019b1 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Oct 23 14:27:07 2023 +0200 Change Content-Security-Policy to be tighter on media paths (#26889) commit 1e896e99d2b85968eaee87b601bd04b8cf0f35bc Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Oct 10 15:32:42 2023 +0200 Update dependencies (#27354) commit df60d04dc170edf9d1203894958a181caf1910f1 Author: Claire <claire.github-309c@sitedethib.com> Date: Sun Oct 8 16:27:12 2023 +0200 Bump version to v4.1.10 commit 335982325e32430858da8112cb86e382e1eaeaa2 Author: Matt Jankowski <matt@jankowski.online> Date: Tue Oct 3 11:01:45 2023 -0400 Dont match mention in url query string (#25656) Co-authored-by: Claire <claire.github-309c@sitedethib.com> commit 15c5727f71eeeb321802f3d3ed264a15e1934c01 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Oct 3 12:21:32 2023 +0200 Add a short-lived lock to trend refresh scheduler (#27253) commit f8154cf732ed07b276fc303e620943e15caf70d6 Author: David Aaron <1858430+suddjian@users.noreply.github.com> Date: Tue Oct 3 02:48:57 2023 -0700 Change min age of backup policy from 1 week to 6 days (#27200) commit 45669ac5e6564301446ab5b22217cc4fbc653b12 Author: Jakob Gillich <jakob@gillich.me> Date: Tue Oct 3 10:47:50 2023 +0200 Fix importer returning negative row estimates (#27258) commit 8d73fbee87c18300c1b088ae4cb55912075588e2 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Oct 3 10:09:00 2023 +0200 Change some worker lock TTLs (#27246) commit f1d3eda159fcc9341a19d1d8060a556f8801d7d4 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Sep 28 13:41:24 2023 +0200 Fix filtering audit log for entries about disabling 2FA (#27186) commit c97fbabb614e6b775a2d13e187ab0375414deb06 Author: Essem <smswessem@gmail.com> Date: Mon Sep 25 12:21:07 2023 -0500 Properly remove tIME chunk from PNG uploads (#27111) commit f2fff6be669d6fcf66a8bd5f46f9db3e3492bc37 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Oct 6 12:58:16 2023 +0200 Fix crash when filtering for “dormant” relationships (#27306) commit b40c42fd1ef57f24a56cc17b20da8aa151e3b117 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Sep 25 15:06:43 2023 +0200 Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116) commit 9950e59578f59f7e0d2edbb7e4eb26273087c2c4 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Sep 21 18:14:24 2023 +0200 Disable setting the `latest` tag for 4.1 docker builds (#27023) commit e4c0aaf6264907de2efd46924946d2281d80e3d4 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Sep 20 17:25:05 2023 +0200 Bump version to v4.1.9 (#26997) commit 5d93c5f0196b556c1faf18fe6cc7ad38ae6e0fc2 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Sep 20 15:59:57 2023 +0200 Fix post translation erroring out (v4.1.x) (#26990) commit af0ee129082bc9c57ec0606dc1899ec13d2dfffb Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Sep 20 12:54:08 2023 +0200 Disable ruby linting for 4.1.x branch (#26993) commit 46bd58f74d11591a0180319285b0c79b2212ef69 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Sep 19 12:11:33 2023 +0200 Bump version to v4.1.8 commit d6c0ae995c45fe5e5e0a8acfc10dff04a774fa75 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Sep 15 19:54:32 2023 +0200 Fix post edits not being forwarded as expected (#26936) commit 5fd89e53d2039cf3062fcae3b25fcbdfa7da0333 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Sep 6 16:40:19 2023 +0200 Fix moderator rights inconsistencies (#26729) commit 5caade9fb0754fa13ae11f86145cd0ca1dcb830b Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Sep 6 12:17:51 2023 +0200 Fix crash when encountering invalid URL (#26814) commit 34959eccd2094500539bbad5c5f03a3723debc18 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Aug 17 16:11:48 2023 +0200 Fix cached posts including stale stats (#26409) commit 21bf42bca14907284cb03ad3ba1be47124d66866 Author: Nicolai Søborg <NicolaiSoeborg@users.noreply.github.com> Date: Fri Aug 18 08:32:47 2023 +0200 Fix `frame_rate` for videos where `ffprobe` reports 0/0 (#26500) commit 780283788515bb13007f4574fb6d9f8c82281da2 Author: yufushiro <62991447+yufushiro@users.noreply.github.com> Date: Wed Aug 23 15:44:56 2023 +0900 Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (#26608) Co-authored-by: Claire <claire.github-309c@sitedethib.com> commit 48ee3ae13de9125beaee726ac737a770a5160961 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Sep 19 16:53:58 2023 +0200 Merge pull request from GHSA-v3xf-c9qf-j667 commit 5f9511c389041570d21c383ce07dd2786df9cc2d Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Sep 19 16:53:21 2023 +0200 Merge pull request from GHSA-2693-xr3m-jhqr commit 38a5d92f3814b071803c046144d94643a3ecb934 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Sep 18 08:32:04 2023 +0200 Change Dockerfile to upgrade packages when building (#26929) Co-authored-by: Renaud Chaput <renchap@gmail.com> commit 7f7e068975315b094a67b49d52241480e6b5db76 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Sep 6 12:19:02 2023 +0200 Update actions for stable-4.1 (#26815) Co-authored-by: Renaud Chaput <renchap@gmail.com> commit 5f88a2d70bee2a48b43bb34f0fde780ae9749162 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Sep 5 14:50:09 2023 +0200 Bump version to v4.1.7 commit cf80d54cbae952705af250a9764c6e25e77cc3c7 Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Mon May 22 13:15:21 2023 +0200 Allow reports with long comments from remote instances, but truncate (#25028) commit ea7fa048f374b31956211b87e265800e83574476 Author: Daniel M Brasil <danielmbrasil@protonmail.com> Date: Thu Aug 31 08:53:24 2023 -0300 Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237) commit 6339806f05cbbe630639df69421394119433896a Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Aug 9 09:39:36 2023 +0200 Fix blocking subdomains of an already-blocked domain (#26392) commit 86afbf25d01349bd2fe0ee98f1d60890ef71b7b9 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Aug 30 17:36:16 2023 +0200 Change text extraction in `PlainTextFormatter` to be faster (#26727) commit 1ad64b5557f8980b8ec54ac09cd79ac51223a2ea Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Aug 31 19:54:10 2023 +0200 Backport container build changes to the stable-4.1 branch (#26738) Co-authored-by: Renaud Chaput <renchap@gmail.com> commit ac7d40b561101084baf4688167d155600eefe9dc Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 27 17:08:09 2023 +0200 Bump version to v4.1.6 commit 2fc6117d1b5643c0de908706d22702a35388a2a4 Author: Renaud Chaput <renchap@gmail.com> Date: Fri Jul 28 19:11:58 2023 +0200 Fix missing return values in streaming (#26233) commit 2eb1a5b7b6d8b6a0b9426e7ee5a1fd04519dd7e2 Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Fri Jul 28 12:06:29 2023 +0200 Fix: Streaming server memory leak in HTTP EventSource cleanup (#26228) commit 6c321bb5e1543c78dbd0fa8e4962e95e544e1f63 Author: Claire <claire.github-309c@sitedethib.com> Date: Sat Jul 22 20:42:31 2023 +0200 Fix incorrect connect timeout in outgoing requests (#26116) commit da230600acda1d1a151eab4caa3d536ce828a097 Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Thu Jul 27 15:38:18 2023 +0200 Refactor streaming's filtering logic & improve documentation (#26213) commit 1792be342a3cfad7bdfa54311b3962a8051962bb Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 27 15:12:10 2023 +0200 Fix wrong filters sometimes applying in streaming (#26159) commit ebf4f034c2e3841fde2d0109667c036fb352f3a8 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 21 14:30:46 2023 +0200 Bump version to v4.1.5 commit 889102013fd687113cec75fe252b5328707e8cc1 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 21 13:34:15 2023 +0200 Fix CSP headers being unintendedly wide (#26105) commit d94a2c8aca731b4986e20401ae8ce5255e041b80 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Jul 18 20:51:20 2023 +0200 Change request timeout handling to use a longer deadline (#26055) commit efd066670d67676d5f5e73a75c268a2bd09c59c7 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Jul 10 18:42:10 2023 +0200 Fix moderation interface for remote instances with a .zip TLD (#25885) commit 13ec425b721c959415921046d7a24ed8c9994cee Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Jul 10 18:42:19 2023 +0200 Fix remote accounts being possibly persisted to database with incomplete protocol values (#25886) commit 7a99f0744d7c69a69b7552e31f6bb3914a6a03e8 Author: Michael Stanclift <mx@vmstan.com> Date: Thu Jul 13 04:12:51 2023 -0500 Fix trending publishers table not rendering correctly on narrow screens (#25945) commit 69c8f26946a5cdeff09ca8fe410bc11be78c158c Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 21 14:18:04 2023 +0200 Add check preventing Sidekiq workers from running with Makara configured (#25850) Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> commit 3f5af768c8f1401f77d14ad5b6aeccdb7e02a9f0 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 7 18:21:10 2023 +0200 Bump version to v4.1.4 commit cb8ab46302ad783869078ab4a26de04c09417a09 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 7 18:22:50 2023 +0200 Update dependencies commit 53b979d5c73f0b28b161581ec3e824d89f66633c Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 7 13:35:22 2023 +0200 Fix processing of media files with unusual names (#25788) commit f2bbac3f9fb37f6f870f25362e140d647d60caf5 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 7 18:10:17 2023 +0200 Fix crash in admin interface when viewing a remote user with verified links (#25796) commit 015ed99612241b8dbf2810db478b1485f4c31031 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Jul 7 18:10:00 2023 +0200 Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794) commit cf58535193708d9a4bd584266423168cda75f415 Author: nemobis <federicoleva@tiscali.it> Date: Fri Jul 7 15:15:54 2023 +0300 Fix typo in CHANGELOG.md (#25764) commit 0d5781ca7609590a6d5340bb685bb1804056bb46 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Jun 21 09:13:30 2023 +0200 Bump version to v4.1.3 commit 32ebeed59ba424732130073474fe03699efe07fc Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 6 15:06:50 2023 +0200 Merge pull request from GHSA-55j9-c3mp-6fcq commit e75ad1de0f95f38b45748cafb1212560fe7587f5 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 6 15:06:24 2023 +0200 Merge pull request from GHSA-9pxv-6qvf-pjwc * Fix timeout handling of outbound HTTP requests * Use CLOCK_MONOTONIC instead of Time.now commit 0aa0b71f2cae9e35cff613b13d05ee3aeaf9f944 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 6 15:05:05 2023 +0200 Merge pull request from GHSA-9928-3cp5-93fm * Fix attachments getting processed despite failing content-type validation * Add a restrictive ImageMagick security policy tailored for Mastodon * Fix misdetection of MP3 files with large cover art * Reject unprocessable audio/video files instead of keeping them unchanged commit c4f2609f7a604daef1648e164ef8181d858bd058 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 6 15:03:33 2023 +0200 Merge pull request from GHSA-ccm4-vgcc-73hp * Tighten allowed HTML in oEmbed-based preview cards * Sanitize preview cards at render time * Add `sandbox` attribute to preview card iframes commit 9b6c0cac7d435905bdbea6e3b0cbb47da9490270 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jul 6 14:31:37 2023 +0200 Add hardened headers to user-uploaded files (#25756) commit fac2c9eb7d904e44244e20a8e1e8f6feb3b9db5b Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Jun 28 12:47:00 2023 +0200 Update rack, rails, nokogiri and doorkeeper gems commit a3d69a2c5d3fcc0df61929684fe31567860e7f2e Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Jul 4 18:58:23 2023 +0200 Fix OAuth apps page crashing when listing apps with certain admin API scopes (#25713) commit 8eb1bb8ba697bce5b72027a0a5263db29fa5e34b Author: Renaud Chaput <renchap@gmail.com> Date: Thu Jun 1 12:14:49 2023 +0200 Allow carets in URL search params (#25216) commit 652ff76462f33f90e257e331009f89c41d600409 Author: Vyr Cossont <VyrCossont@users.noreply.github.com> Date: Fri Mar 31 23:28:35 2023 -0700 Fix Redis client and type errors introduced in #24285 (#24342) commit 6f484fbbd280294bd8e43b5a9d0e54d6e34604b9 Author: Vyr Cossont <VyrCossont@users.noreply.github.com> Date: Fri Mar 31 05:38:47 2023 -0700 IndexingScheduler: fetch and import in batches (#24285) Co-authored-by: Claire <claire.github-309c@sitedethib.com> commit 79f5b8f156f65c25ada4712f8415c8d5f1f6dde7 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jun 29 14:48:54 2023 +0200 Fix ResolveURLService not resolving local URLs for remote content (#25637) commit f8930a67a05f9adcaef5bc3f6e874d86f3228415 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jun 22 14:56:14 2023 +0200 Change /api/v1/statuses/:id/history to always return at least one item (#25510) commit e65e3a6d14174378b8bf58f5997cde3de40c3ca7 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jun 22 14:52:25 2023 +0200 Add finer permission requirements for managing webhooks (#25463) commit 8acbfc6ab1b1a1f026fd85208089b9f31255aba6 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Jun 20 18:15:35 2023 +0200 Fix wrong view being displayed when a webhook fails validation (#25464) commit 3ef53958b27da2edd1f1eba27ef2316fef64099f Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Tue Jun 20 18:04:35 2023 +0200 Prevent UserCleanupScheduler from overwhelming streaming (#25519) commit fd1ffd72ebec4c435b5e4406c1eafa80da69b317 Author: Daniel M Brasil <danielmbrasil@protonmail.com> Date: Mon Jun 19 03:53:05 2023 -0300 Fix incorrect pagination headers in `/api/v2/admin/accounts` (#25477) commit 7bd34f8b23f26fc4ebd10bcc3f2e0bae7cdd6520 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 4 10:13:00 2023 +0200 Fix infinite loop in AccountsStatusesCleanupScheduler (#24840) commit 7012bf6ed3188148e91870d83c446c529d46907d Author: Claire <claire.github-309c@sitedethib.com> Date: Wed May 3 10:31:40 2023 +0200 Improve automatic post cleanup worker performances (#24785) commit d9e45f2fa94449fe367a92b34f12775a0c85a8ee Author: Claire <claire.github-309c@sitedethib.com> Date: Sun Apr 23 22:25:40 2023 +0200 Fix AccountsStatusesCleanupScheduler not spreading deletes across accounts correctly (#24607) commit 0e139e3c4d8faa94fe0357d235f84a3f4c2abb50 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri Apr 21 18:14:19 2023 +0200 Change automatic post deletion thresholds and load detection (#24614) commit 23e7b4d28dc94ef927f6db4e5832a45e333b252e Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Sat Jun 10 18:24:37 2023 +0200 Fix logging of messages that are binary before closing their connection (#25361) commit e78ee582f7b845c16cdcada44c96ed7053f07ff1 Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Date: Fri Jun 9 19:29:16 2023 +0200 Fix performance of streaming by parsing message JSON once (#25278) commit a197fc094f9f55379d34a46bb530a7ce97d530b6 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon Jun 5 17:35:05 2023 +0200 Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) commit bd7cbeeadfbb7d087c71cd6e0a016d44ca39a786 Author: Daniel M Brasil <danielmbrasil@protonmail.com> Date: Sun Apr 30 01:50:58 2023 -0300 Fix `tootctl accounts approve --number N` not aproving N earliest registrations (#24605) commit 2779bce9a22f556b6c7a2e39eab82ab7438ac240 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue May 2 17:42:42 2023 +0200 Add fallback redirection when getting a webfinger query `LOCAL_DOMAIN@LOCAL_DOMAIN` (#23600) Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> commit 210ff368605c6752dcd8740b088570f393d322cf Author: Claire <claire.github-309c@sitedethib.com> Date: Thu May 11 04:40:03 2023 +0200 Change AccessTokensVacuum to also delete expired tokens (#24868) commit 99c2bbbec9bb004fd54d4f0920c1109e960ebb04 Author: Claire <claire.github-309c@sitedethib.com> Date: Fri May 12 13:13:04 2023 +0200 Change profile updates to be sent to recently-mentioned servers (#24852) commit 7e587793004c0558d5131ff8eff359a77617a206 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue May 16 14:56:49 2023 +0200 Fix reports not being closed when performing batch suspensions (#24988) commit cca464bce3c2ac43e2759d6a0ab0c977b4098d90 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed May 17 00:08:42 2023 +0200 Fix being able to vote on your own polls (#25015) commit 1301af60e042fb9db39172977fb3a5d720ca7a31 Author: Claire <claire.github-309c@sitedethib.com> Date: Wed May 17 00:09:21 2023 +0200 Fix race condition when reblogging a status (#25016) commit f962e838567143640036c9a4f01e161e2a88941b Author: Claire <claire.github-309c@sitedethib.com> Date: Mon May 22 12:25:56 2023 +0200 Change OpenGraph-based embeds to allow fullscreen (#25058) commit b3cbcd744719cd3a8a65f6dbefbc0f3912827a55 Author: Claire <claire.github-309c@sitedethib.com> Date: Mon May 22 14:03:38 2023 +0200 Fix “Authorized applications” inefficiently and incorrectly getting last use date (#25060) commit 72d96bf17a6c44344f5896b2b26d751315650f0e Author: Claire <claire.github-309c@sitedethib.com> Date: Tue May 23 14:27:17 2023 +0200 Remove invalid X-Frame-Options: ALLOWALL (#25070) commit b1ac3562dff4c2e21a51bacf7cf963e3203097b8 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue May 23 15:00:36 2023 +0200 Change Identity to not destroy associated User on destroy (#25098) commit 4c6c790f80f598d80e4fce44c06309a17dfd65e6 Author: Claire <claire.github-309c@sitedethib.com> Date: Tue Jun 20 18:32:26 2023 +0200 Fix /api/v1/conversations sometimes returning empty accounts (#25499) commit 036ac5b5c9597f8a2042a102439f14eaa9474f6c Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Jun 14 08:54:52 2023 +0200 Fix ArgumentError when loading newer Private Mentions (#25399) commit 3e1724e97282a2725778eccdf46d7756773d2771 Author: Claire <claire.github-309c@sitedethib.com> Date: Thu Jun 1 02:41:51 2023 +0200 Fix multiple N+1s in ConversationsController (#25134) commit bc8592627bc7effa94c12d17bd8ee7e0b6ff52be Author: Claire <claire.github-309c@sitedethib.com> Date: Wed Apr 5 19:31:49 2023 +0200 Fix user archive takeouts when using OpenStack Swift (#24431)
- Loading branch information