From c35ea59ee6be05fbb7af57e339a493f363200103 Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 12 Sep 2024 14:58:12 +0200 Subject: [PATCH 01/12] Fix security context sometimes not being added in LD-Signed activities (#31871) --- app/lib/activitypub/linked_data_signature.rb | 9 ++++++++- spec/lib/activitypub/linked_data_signature_spec.rb | 9 ++------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/app/lib/activitypub/linked_data_signature.rb b/app/lib/activitypub/linked_data_signature.rb index 9459fdd8b7..c42313b05e 100644 --- a/app/lib/activitypub/linked_data_signature.rb +++ b/app/lib/activitypub/linked_data_signature.rb @@ -4,6 +4,7 @@ class ActivityPub::LinkedDataSignature include JsonLdHelper CONTEXT = 'https://w3id.org/identity/v1' + SIGNATURE_CONTEXT = 'https://w3id.org/security/v1' def initialize(json) @json = json.with_indifferent_access @@ -46,7 +47,13 @@ class ActivityPub::LinkedDataSignature signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest.new('SHA256'), to_be_signed)) - @json.merge('signature' => options.merge('signatureValue' => signature)) + # Mastodon's context is either an array or a single URL + context_with_security = Array(@json['@context']) + context_with_security << 'https://w3id.org/security/v1' + context_with_security.uniq! + context_with_security = context_with_security.first if context_with_security.size == 1 + + @json.merge('signature' => options.merge('signatureValue' => signature), '@context' => context_with_security) end private diff --git a/spec/lib/activitypub/linked_data_signature_spec.rb b/spec/lib/activitypub/linked_data_signature_spec.rb index 1af45673c0..b1a8dc5c49 100644 --- a/spec/lib/activitypub/linked_data_signature_spec.rb +++ b/spec/lib/activitypub/linked_data_signature_spec.rb @@ -95,16 +95,11 @@ RSpec.describe ActivityPub::LinkedDataSignature do describe '#sign!' do subject { described_class.new(raw_json).sign!(sender) } - it 'returns a hash' do + it 'returns a hash with a signature, the expected context, and the signature can be verified', :aggregate_failures do expect(subject).to be_a Hash - end - - it 'contains signature' do expect(subject['signature']).to be_a Hash expect(subject['signature']['signatureValue']).to be_present - end - - it 'can be verified again' do + expect(Array(subject['@context'])).to include('https://w3id.org/security/v1') expect(described_class.new(subject).verify_actor!).to eq sender end end From 5f782f9629de25a2029fbc75d79316d583adc9a0 Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 12 Sep 2024 15:15:05 +0200 Subject: [PATCH 02/12] Autofocus primary button in modals (#31883) --- .../mastodon/features/ui/components/block_modal.jsx | 2 +- .../ui/components/confirmation_modals/confirmation_modal.tsx | 5 ++++- .../mastodon/features/ui/components/domain_block_modal.jsx | 2 +- .../mastodon/features/ui/components/mute_modal.jsx | 2 +- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/app/javascript/mastodon/features/ui/components/block_modal.jsx b/app/javascript/mastodon/features/ui/components/block_modal.jsx index fc9233a9cc..d6fc6c4154 100644 --- a/app/javascript/mastodon/features/ui/components/block_modal.jsx +++ b/app/javascript/mastodon/features/ui/components/block_modal.jsx @@ -99,7 +99,7 @@ export const BlockModal = ({ accountId, acct }) => { - diff --git a/app/javascript/mastodon/features/ui/components/confirmation_modals/confirmation_modal.tsx b/app/javascript/mastodon/features/ui/components/confirmation_modals/confirmation_modal.tsx index c3a0c0aa76..ab567c697a 100644 --- a/app/javascript/mastodon/features/ui/components/confirmation_modals/confirmation_modal.tsx +++ b/app/javascript/mastodon/features/ui/components/confirmation_modals/confirmation_modal.tsx @@ -71,7 +71,10 @@ export const ConfirmationModal: React.FC< /> - + {/* eslint-disable-next-line jsx-a11y/no-autofocus -- we are in a modal and thus autofocusing is justified */} + diff --git a/app/javascript/mastodon/features/ui/components/domain_block_modal.jsx b/app/javascript/mastodon/features/ui/components/domain_block_modal.jsx index e69db63489..78d5cbb130 100644 --- a/app/javascript/mastodon/features/ui/components/domain_block_modal.jsx +++ b/app/javascript/mastodon/features/ui/components/domain_block_modal.jsx @@ -88,7 +88,7 @@ export const DomainBlockModal = ({ domain, accountId, acct }) => { - diff --git a/app/javascript/mastodon/features/ui/components/mute_modal.jsx b/app/javascript/mastodon/features/ui/components/mute_modal.jsx index df466cfac6..70d95b5931 100644 --- a/app/javascript/mastodon/features/ui/components/mute_modal.jsx +++ b/app/javascript/mastodon/features/ui/components/mute_modal.jsx @@ -137,7 +137,7 @@ export const MuteModal = ({ accountId, acct }) => { - From a496aeabcb28b7cc7d8a9e69bf47543c2be038c2 Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 12 Sep 2024 15:24:19 +0200 Subject: [PATCH 03/12] Change form-action Content-Security-Policy directive to be more restrictive (#26897) --- .../concerns/web_app_controller_concern.rb | 10 +++++++++ app/lib/content_security_policy.rb | 16 ++++++++++++++ .../initializers/content_security_policy.rb | 22 ++----------------- spec/requests/content_security_policy_spec.rb | 2 +- 4 files changed, 29 insertions(+), 21 deletions(-) diff --git a/app/controllers/concerns/web_app_controller_concern.rb b/app/controllers/concerns/web_app_controller_concern.rb index b8c909877b..e1f599dcb0 100644 --- a/app/controllers/concerns/web_app_controller_concern.rb +++ b/app/controllers/concerns/web_app_controller_concern.rb @@ -8,6 +8,16 @@ module WebAppControllerConcern before_action :redirect_unauthenticated_to_permalinks! before_action :set_app_body_class + + content_security_policy do |p| + policy = ContentSecurityPolicy.new + + if policy.sso_host.present? + p.form_action policy.sso_host + else + p.form_action :none + end + end end def skip_csrf_meta_tags? diff --git a/app/lib/content_security_policy.rb b/app/lib/content_security_policy.rb index 210f37cea0..0b60b0d98c 100644 --- a/app/lib/content_security_policy.rb +++ b/app/lib/content_security_policy.rb @@ -13,6 +13,22 @@ class ContentSecurityPolicy [assets_host, cdn_host_value, paperclip_root_url].compact end + def sso_host + return unless ENV['ONE_CLICK_SSO_LOGIN'] == 'true' && ENV['OMNIAUTH_ONLY'] == 'true' && Devise.omniauth_providers.length == 1 + + provider = Devise.omniauth_configs[Devise.omniauth_providers[0]] + @sso_host ||= begin + case provider.provider + when :cas + provider.cas_url + when :saml + provider.options[:idp_sso_target_url] + when :openid_connect + provider.options.dig(:client_options, :authorization_endpoint) || OpenIDConnect::Discovery::Provider::Config.discover!(provider.options[:issuer]).authorization_endpoint + end + end + end + private def url_from_configured_asset_host diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 7f34d93eee..9f4a41e3ab 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -12,24 +12,6 @@ policy = ContentSecurityPolicy.new assets_host = policy.assets_host media_hosts = policy.media_hosts -def sso_host - return unless ENV['ONE_CLICK_SSO_LOGIN'] == 'true' - return unless ENV['OMNIAUTH_ONLY'] == 'true' - return unless Devise.omniauth_providers.length == 1 - - provider = Devise.omniauth_configs[Devise.omniauth_providers[0]] - @sso_host ||= begin - case provider.provider - when :cas - provider.cas_url - when :saml - provider.options[:idp_sso_target_url] - when :openid_connect - provider.options.dig(:client_options, :authorization_endpoint) || OpenIDConnect::Discovery::Provider::Config.discover!(provider.options[:issuer]).authorization_endpoint - end - end -end - Rails.application.config.content_security_policy do |p| p.base_uri :none p.default_src :none @@ -40,8 +22,8 @@ Rails.application.config.content_security_policy do |p| p.media_src :self, :data, *media_hosts p.manifest_src :self, assets_host - if sso_host.present? - p.form_action :self, sso_host + if policy.sso_host.present? + p.form_action :self, policy.sso_host else p.form_action :self end diff --git a/spec/requests/content_security_policy_spec.rb b/spec/requests/content_security_policy_spec.rb index 7520ecb0db..2bbbdd841e 100644 --- a/spec/requests/content_security_policy_spec.rb +++ b/spec/requests/content_security_policy_spec.rb @@ -26,7 +26,7 @@ RSpec.describe 'Content-Security-Policy' do connect-src 'self' data: blob: https://cb6e6126.ngrok.io #{Rails.configuration.x.streaming_api_base_url} default-src 'none' font-src 'self' https://cb6e6126.ngrok.io - form-action 'self' + form-action 'none' frame-ancestors 'none' frame-src 'self' https: img-src 'self' data: blob: https://cb6e6126.ngrok.io From 17c57c46e7f54f32ad7b17b86c7b936c789ca799 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Thu, 12 Sep 2024 09:25:23 -0400 Subject: [PATCH 04/12] Add coverage for title/limit validations in `List` model (#31869) --- app/models/list.rb | 10 ++++++---- spec/models/list_spec.rb | 27 +++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 4 deletions(-) create mode 100644 spec/models/list_spec.rb diff --git a/app/models/list.rb b/app/models/list.rb index b45bd057bc..d4915f56fa 100644 --- a/app/models/list.rb +++ b/app/models/list.rb @@ -20,21 +20,23 @@ class List < ApplicationRecord enum :replies_policy, { list: 0, followed: 1, none: 2 }, prefix: :show - belongs_to :account, optional: true + belongs_to :account has_many :list_accounts, inverse_of: :list, dependent: :destroy has_many :accounts, through: :list_accounts validates :title, presence: true - validates_each :account_id, on: :create do |record, _attr, value| - record.errors.add(:base, I18n.t('lists.errors.limit')) if List.where(account_id: value).count >= PER_ACCOUNT_LIMIT - end + validate :validate_account_lists_limit, on: :create before_destroy :clean_feed_manager private + def validate_account_lists_limit + errors.add(:base, I18n.t('lists.errors.limit')) if account.lists.count >= PER_ACCOUNT_LIMIT + end + def clean_feed_manager FeedManager.instance.clean_feeds!(:list, [id]) end diff --git a/spec/models/list_spec.rb b/spec/models/list_spec.rb new file mode 100644 index 0000000000..62a84dfebf --- /dev/null +++ b/spec/models/list_spec.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe List do + describe 'Validations' do + subject { Fabricate.build :list } + + it { is_expected.to validate_presence_of(:title) } + + context 'when account has hit max list limit' do + let(:account) { Fabricate :account } + + before { stub_const 'List::PER_ACCOUNT_LIMIT', 0 } + + context 'when creating a new list' do + it { is_expected.to_not allow_value(account).for(:account).against(:base).with_message(I18n.t('lists.errors.limit')) } + end + + context 'when updating an existing list' do + before { subject.save(validate: false) } + + it { is_expected.to allow_value(account).for(:account).against(:base) } + end + end + end +end From 8cdc1481679ef0c7a848d488dae1a265cdcfeac1 Mon Sep 17 00:00:00 2001 From: Christian Schmidt Date: Thu, 12 Sep 2024 15:29:55 +0200 Subject: [PATCH 05/12] Handle invalid visibility (#31571) --- app/models/status.rb | 2 +- spec/services/post_status_service_spec.rb | 14 +++++++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/app/models/status.rb b/app/models/status.rb index 73f0052673..e0630733d8 100644 --- a/app/models/status.rb +++ b/app/models/status.rb @@ -52,7 +52,7 @@ class Status < ApplicationRecord update_index('statuses', :proper) update_index('public_statuses', :proper) - enum :visibility, { public: 0, unlisted: 1, private: 2, direct: 3, limited: 4 }, suffix: :visibility + enum :visibility, { public: 0, unlisted: 1, private: 2, direct: 3, limited: 4 }, suffix: :visibility, validate: true belongs_to :application, class_name: 'Doorkeeper::Application', optional: true diff --git a/spec/services/post_status_service_spec.rb b/spec/services/post_status_service_spec.rb index 7e44789628..26db398d5e 100644 --- a/spec/services/post_status_service_spec.rb +++ b/spec/services/post_status_service_spec.rb @@ -68,7 +68,10 @@ RSpec.describe PostStatusService do it 'raises invalid record error' do expect do subject.call(account, text: 'Hi future!', scheduled_at: invalid_scheduled_time) - end.to raise_error(ActiveRecord::RecordInvalid) + end.to raise_error( + ActiveRecord::RecordInvalid, + 'Validation failed: Scheduled at The scheduled date must be in the future' + ) end end end @@ -123,6 +126,15 @@ RSpec.describe PostStatusService do expect(status.visibility).to eq 'private' end + it 'raises on an invalid visibility' do + expect do + create_status_with_options(visibility: :xxx) + end.to raise_error( + ActiveRecord::RecordInvalid, + 'Validation failed: Visibility is not included in the list' + ) + end + it 'creates a status with limited visibility for silenced users' do status = subject.call(Fabricate(:account, silenced: true), text: 'test', visibility: :public) From 4aa600387e71bca60331d672dc5c15ba58886006 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Thu, 12 Sep 2024 09:31:50 -0400 Subject: [PATCH 06/12] Move redirect/base body class to view (#31796) --- app/controllers/redirect/base_controller.rb | 5 --- app/views/redirects/show.html.haml | 2 ++ spec/system/redirections_spec.rb | 38 ++++++++++++--------- 3 files changed, 23 insertions(+), 22 deletions(-) diff --git a/app/controllers/redirect/base_controller.rb b/app/controllers/redirect/base_controller.rb index 90894ec1ed..34558a4126 100644 --- a/app/controllers/redirect/base_controller.rb +++ b/app/controllers/redirect/base_controller.rb @@ -4,7 +4,6 @@ class Redirect::BaseController < ApplicationController vary_by 'Accept-Language' before_action :set_resource - before_action :set_app_body_class def show @redirect_path = ActivityPub::TagManager.instance.url_for(@resource) @@ -14,10 +13,6 @@ class Redirect::BaseController < ApplicationController private - def set_app_body_class - @body_classes = 'app-body' - end - def set_resource raise NotImplementedError end diff --git a/app/views/redirects/show.html.haml b/app/views/redirects/show.html.haml index 64436e05d1..aa0db350a8 100644 --- a/app/views/redirects/show.html.haml +++ b/app/views/redirects/show.html.haml @@ -2,6 +2,8 @@ %meta{ name: 'robots', content: 'noindex, noarchive' }/ %link{ rel: 'canonical', href: @redirect_path } +- content_for :body_classes, 'app-body' + .redirect .redirect__logo = link_to render_logo, root_path diff --git a/spec/system/redirections_spec.rb b/spec/system/redirections_spec.rb index 860bbdd6b7..eba034326b 100644 --- a/spec/system/redirections_spec.rb +++ b/spec/system/redirections_spec.rb @@ -6,27 +6,31 @@ RSpec.describe 'redirection confirmations' do let(:account) { Fabricate(:account, domain: 'example.com', uri: 'https://example.com/users/foo', url: 'https://example.com/@foo') } let(:status) { Fabricate(:status, account: account, uri: 'https://example.com/users/foo/statuses/1', url: 'https://example.com/@foo/1') } - context 'when a logged out user visits a local page for a remote account' do - it 'shows a confirmation page' do - visit "/@#{account.pretty_acct}" + context 'when logged out' do + describe 'a local page for a remote account' do + it 'shows a confirmation page with relevant content' do + visit "/@#{account.pretty_acct}" - # It explains about the redirect - expect(page).to have_content(I18n.t('redirects.title', instance: 'cb6e6126.ngrok.io')) + expect(page) + .to have_content(redirect_title) # Redirect explanation + .and have_link(account.url, href: account.url) # Appropriate account link + .and have_css('body', class: 'app-body') + end + end - # It features an appropriate link - expect(page).to have_link(account.url, href: account.url) + describe 'a local page for a remote status' do + it 'shows a confirmation page with relevant content' do + visit "/@#{account.pretty_acct}/#{status.id}" + + expect(page) + .to have_content(redirect_title) # Redirect explanation + .and have_link(status.url, href: status.url) # Appropriate status link + .and have_css('body', class: 'app-body') + end end end - context 'when a logged out user visits a local page for a remote status' do - it 'shows a confirmation page' do - visit "/@#{account.pretty_acct}/#{status.id}" - - # It explains about the redirect - expect(page).to have_content(I18n.t('redirects.title', instance: 'cb6e6126.ngrok.io')) - - # It features an appropriate link - expect(page).to have_link(status.url, href: status.url) - end + def redirect_title + I18n.t('redirects.title', instance: 'cb6e6126.ngrok.io') end end From f3c48745225fa4a0f21efbfa530e84e34bb56a97 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Thu, 12 Sep 2024 09:38:15 -0400 Subject: [PATCH 07/12] Remove unused `statuses#embed` body class assignment (#31787) --- app/controllers/statuses_controller.rb | 5 ----- 1 file changed, 5 deletions(-) diff --git a/app/controllers/statuses_controller.rb b/app/controllers/statuses_controller.rb index a0885b469b..341b0e6472 100644 --- a/app/controllers/statuses_controller.rb +++ b/app/controllers/statuses_controller.rb @@ -11,7 +11,6 @@ class StatusesController < ApplicationController before_action :require_account_signature!, only: [:show, :activity], if: -> { request.format == :json && authorized_fetch_mode? } before_action :set_status before_action :redirect_to_original, only: :show - before_action :set_body_classes, only: :embed after_action :set_link_headers @@ -51,10 +50,6 @@ class StatusesController < ApplicationController private - def set_body_classes - @body_classes = 'with-modals' - end - def set_link_headers response.headers['Link'] = LinkHeader.new( [[ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]]] From 1b6a82b7994e436d145b0e2282af07314fe54308 Mon Sep 17 00:00:00 2001 From: Taylor Chaparro <33099255+notchairmk@users.noreply.github.com> Date: Thu, 12 Sep 2024 06:40:20 -0700 Subject: [PATCH 08/12] Fix invalid date searches returning 503 (#31526) --- app/lib/search_query_transformer.rb | 17 +++++-- lib/exceptions.rb | 1 + spec/lib/search_query_transformer_spec.rb | 57 +++++++++++++++++++++-- 3 files changed, 69 insertions(+), 6 deletions(-) diff --git a/app/lib/search_query_transformer.rb b/app/lib/search_query_transformer.rb index 606819ed40..1306ed12ed 100644 --- a/app/lib/search_query_transformer.rb +++ b/app/lib/search_query_transformer.rb @@ -168,15 +168,15 @@ class SearchQueryTransformer < Parslet::Transform when 'before' @filter = :created_at @type = :range - @term = { lt: term, time_zone: @options[:current_account]&.user_time_zone.presence || 'UTC' } + @term = { lt: TermValidator.validate_date!(term), time_zone: @options[:current_account]&.user_time_zone.presence || 'UTC' } when 'after' @filter = :created_at @type = :range - @term = { gt: term, time_zone: @options[:current_account]&.user_time_zone.presence || 'UTC' } + @term = { gt: TermValidator.validate_date!(term), time_zone: @options[:current_account]&.user_time_zone.presence || 'UTC' } when 'during' @filter = :created_at @type = :range - @term = { gte: term, lte: term, time_zone: @options[:current_account]&.user_time_zone.presence || 'UTC' } + @term = { gte: TermValidator.validate_date!(term), lte: TermValidator.validate_date!(term), time_zone: @options[:current_account]&.user_time_zone.presence || 'UTC' } when 'in' @operator = :flag @term = term @@ -224,6 +224,17 @@ class SearchQueryTransformer < Parslet::Transform end end + class TermValidator + STRICT_DATE_REGEX = /\A\d{4}-\d{2}-\d{2}\z/ # yyyy-MM-dd + EPOCH_MILLIS_REGEX = /\A\d{1,19}\z/ + + def self.validate_date!(value) + return value if value.match?(STRICT_DATE_REGEX) || value.match?(EPOCH_MILLIS_REGEX) + + raise Mastodon::FilterValidationError, "Invalid date #{value}" + end + end + rule(clause: subtree(:clause)) do prefix = clause[:prefix][:term].to_s.downcase if clause[:prefix] operator = clause[:operator]&.to_s diff --git a/lib/exceptions.rb b/lib/exceptions.rb index d3b92f4a09..c2ff162a6e 100644 --- a/lib/exceptions.rb +++ b/lib/exceptions.rb @@ -8,6 +8,7 @@ module Mastodon class LengthValidationError < ValidationError; end class DimensionsValidationError < ValidationError; end class StreamValidationError < ValidationError; end + class FilterValidationError < ValidationError; end class RaceConditionError < Error; end class RateLimitExceededError < Error; end class SyntaxError < Error; end diff --git a/spec/lib/search_query_transformer_spec.rb b/spec/lib/search_query_transformer_spec.rb index 00220f84fd..9399f3503d 100644 --- a/spec/lib/search_query_transformer_spec.rb +++ b/spec/lib/search_query_transformer_spec.rb @@ -8,6 +8,37 @@ RSpec.describe SearchQueryTransformer do let(:account) { Fabricate(:account) } let(:parser) { SearchQueryParser.new.parse(query) } + shared_examples 'date operator' do |operator| + let(:statement_operations) { [] } + + [ + ['2022-01-01', '2022-01-01'], + ['"2022-01-01"', '2022-01-01'], + ['12345678', '12345678'], + ['"12345678"', '12345678'], + ].each do |value, parsed| + context "with #{operator}:#{value}" do + let(:query) { "#{operator}:#{value}" } + + it 'transforms clauses' do + ops = statement_operations.index_with { |_op| parsed } + + expect(subject.send(:must_clauses)).to be_empty + expect(subject.send(:must_not_clauses)).to be_empty + expect(subject.send(:filter_clauses).map(&:term)).to contain_exactly(**ops, time_zone: 'UTC') + end + end + end + + context "with #{operator}:\"abc\"" do + let(:query) { "#{operator}:\"abc\"" } + + it 'raises an exception' do + expect { subject }.to raise_error(Mastodon::FilterValidationError, 'Invalid date abc') + end + end + end + context 'with "hello world"' do let(:query) { 'hello world' } @@ -68,13 +99,33 @@ RSpec.describe SearchQueryTransformer do end end - context 'with \'before:"2022-01-01 23:00"\'' do - let(:query) { 'before:"2022-01-01 23:00"' } + context 'with \'is:"foo bar"\'' do + let(:query) { 'is:"foo bar"' } it 'transforms clauses' do expect(subject.send(:must_clauses)).to be_empty expect(subject.send(:must_not_clauses)).to be_empty - expect(subject.send(:filter_clauses).map(&:term)).to contain_exactly(lt: '2022-01-01 23:00', time_zone: 'UTC') + expect(subject.send(:filter_clauses).map(&:term)).to contain_exactly('foo bar') + end + end + + context 'with date operators' do + context 'with "before"' do + it_behaves_like 'date operator', 'before' do + let(:statement_operations) { [:lt] } + end + end + + context 'with "after"' do + it_behaves_like 'date operator', 'after' do + let(:statement_operations) { [:gt] } + end + end + + context 'with "during"' do + it_behaves_like 'date operator', 'during' do + let(:statement_operations) { [:gte, :lte] } + end end end end From 207c073bf87855c02a218526a3a389fc851e6c25 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Thu, 12 Sep 2024 10:04:46 -0400 Subject: [PATCH 09/12] Remove debug output in migration controller spec (#31886) --- spec/controllers/settings/migrations_controller_spec.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/controllers/settings/migrations_controller_spec.rb b/spec/controllers/settings/migrations_controller_spec.rb index 67d5ab54f0..93c5de0899 100644 --- a/spec/controllers/settings/migrations_controller_spec.rb +++ b/spec/controllers/settings/migrations_controller_spec.rb @@ -95,7 +95,6 @@ RSpec.describe Settings::MigrationsController do before do moved_to = Fabricate(:account, also_known_as: [ActivityPub::TagManager.instance.uri_for(user.account)]) - p moved_to.acct user.account.migrations.create!(acct: moved_to.acct) end From a269ff9253050fb9a0b2c063c253eacfad77b738 Mon Sep 17 00:00:00 2001 From: Michael Stanclift Date: Thu, 12 Sep 2024 09:18:43 -0500 Subject: [PATCH 10/12] Fix review history and action modal styling (#31864) --- .../styles/mastodon-light/diff.scss | 27 ------------------- .../styles/mastodon/components.scss | 11 +++++--- 2 files changed, 8 insertions(+), 30 deletions(-) diff --git a/app/javascript/styles/mastodon-light/diff.scss b/app/javascript/styles/mastodon-light/diff.scss index c0cabf837c..45da56994c 100644 --- a/app/javascript/styles/mastodon-light/diff.scss +++ b/app/javascript/styles/mastodon-light/diff.scss @@ -147,33 +147,6 @@ border-top-color: lighten($ui-base-color, 4%); } -// Change the background colors of modals -.actions-modal, -.boost-modal, -.confirmation-modal, -.mute-modal, -.block-modal, -.report-modal, -.report-dialog-modal, -.embed-modal, -.error-modal, -.onboarding-modal, -.compare-history-modal, -.report-modal__comment, -.report-modal__comment, -.announcements, -.picture-in-picture__header, -.picture-in-picture__footer, -.reactions-bar__item { - background: $white; - border: 1px solid var(--background-border-color); -} - -.setting-text__wrapper, -.setting-text { - border: 1px solid var(--background-border-color); -} - .reactions-bar__item:hover, .reactions-bar__item:focus, .reactions-bar__item:active { diff --git a/app/javascript/styles/mastodon/components.scss b/app/javascript/styles/mastodon/components.scss index 8adad2441a..a53eef52c4 100644 --- a/app/javascript/styles/mastodon/components.scss +++ b/app/javascript/styles/mastodon/components.scss @@ -6362,6 +6362,11 @@ a.status-card { width: 480px; position: relative; flex-direction: column; + + @media screen and (max-width: $no-columns-breakpoint) { + border-bottom: 0; + border-radius: 4px 4px 0 0; + } } .boost-modal__container { @@ -6759,7 +6764,7 @@ a.status-card { li:not(:empty) { a { - color: $inverted-text-color; + color: $primary-text-color; display: flex; padding: 12px 16px; font-size: 15px; @@ -6839,7 +6844,7 @@ a.status-card { .compare-history-modal { .report-modal__target { - border-bottom: 1px solid $ui-secondary-color; + border-bottom: 1px solid var(--background-border-color); } &__container { @@ -6849,7 +6854,7 @@ a.status-card { } .status__content { - color: $inverted-text-color; + color: $secondary-text-color; font-size: 19px; line-height: 24px; From cc3cf9c4656460dbf3b93de0e95c4dc29e454cb2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Sep 2024 14:20:44 +0000 Subject: [PATCH 11/12] Update dependency aws-sdk-s3 to v1.162.0 (#31875) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- Gemfile.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 1564c267b8..206178a530 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -100,17 +100,17 @@ GEM attr_required (1.0.2) awrence (1.2.1) aws-eventstream (1.3.0) - aws-partitions (1.973.0) - aws-sdk-core (3.204.0) + aws-partitions (1.974.0) + aws-sdk-core (3.205.0) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.9) jmespath (~> 1, >= 1.6.1) - aws-sdk-kms (1.90.0) - aws-sdk-core (~> 3, >= 3.203.0) + aws-sdk-kms (1.91.0) + aws-sdk-core (~> 3, >= 3.205.0) aws-sigv4 (~> 1.5) - aws-sdk-s3 (1.161.0) - aws-sdk-core (~> 3, >= 3.203.0) + aws-sdk-s3 (1.162.0) + aws-sdk-core (~> 3, >= 3.205.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.5) aws-sigv4 (1.9.1) From 0226bbe5165a53658b29e46ddbef6a10507fdc8c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Sep 2024 14:21:06 +0000 Subject: [PATCH 12/12] Update dependency express to v4.21.0 (#31877) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- yarn.lock | 91 ++++++++++++------------------------------------------- 1 file changed, 19 insertions(+), 72 deletions(-) diff --git a/yarn.lock b/yarn.lock index f498a5560e..50443c6db9 100644 --- a/yarn.lock +++ b/yarn.lock @@ -82,19 +82,7 @@ __metadata: languageName: node linkType: hard -"@babel/generator@npm:^7.25.0, @babel/generator@npm:^7.7.2": - version: 7.25.0 - resolution: "@babel/generator@npm:7.25.0" - dependencies: - "@babel/types": "npm:^7.25.0" - "@jridgewell/gen-mapping": "npm:^0.3.5" - "@jridgewell/trace-mapping": "npm:^0.3.25" - jsesc: "npm:^2.5.1" - checksum: 10c0/d0e2dfcdc8bdbb5dded34b705ceebf2e0bc1b06795a1530e64fb6a3ccf313c189db7f60c1616effae48114e1a25adc75855bc4496f3779a396b3377bae718ce7 - languageName: node - linkType: hard - -"@babel/generator@npm:^7.25.4": +"@babel/generator@npm:^7.25.0, @babel/generator@npm:^7.25.4, @babel/generator@npm:^7.7.2": version: 7.25.4 resolution: "@babel/generator@npm:7.25.4" dependencies: @@ -1533,18 +1521,7 @@ __metadata: languageName: node linkType: hard -"@babel/types@npm:^7.0.0, @babel/types@npm:^7.0.0-beta.49, @babel/types@npm:^7.12.11, @babel/types@npm:^7.12.6, @babel/types@npm:^7.20.7, @babel/types@npm:^7.24.7, @babel/types@npm:^7.24.8, @babel/types@npm:^7.25.0, @babel/types@npm:^7.25.2, @babel/types@npm:^7.3.3, @babel/types@npm:^7.4.4": - version: 7.25.2 - resolution: "@babel/types@npm:7.25.2" - dependencies: - "@babel/helper-string-parser": "npm:^7.24.8" - "@babel/helper-validator-identifier": "npm:^7.24.7" - to-fast-properties: "npm:^2.0.0" - checksum: 10c0/e489435856be239f8cc1120c90a197e4c2865385121908e5edb7223cfdff3768cba18f489adfe0c26955d9e7bbb1fb10625bc2517505908ceb0af848989bd864 - languageName: node - linkType: hard - -"@babel/types@npm:^7.25.4": +"@babel/types@npm:^7.0.0, @babel/types@npm:^7.0.0-beta.49, @babel/types@npm:^7.12.11, @babel/types@npm:^7.12.6, @babel/types@npm:^7.20.7, @babel/types@npm:^7.24.7, @babel/types@npm:^7.24.8, @babel/types@npm:^7.25.0, @babel/types@npm:^7.25.2, @babel/types@npm:^7.25.4, @babel/types@npm:^7.3.3, @babel/types@npm:^7.4.4": version: 7.25.4 resolution: "@babel/types@npm:7.25.4" dependencies: @@ -8364,8 +8341,8 @@ __metadata: linkType: hard "express@npm:^4.17.1, express@npm:^4.18.2": - version: 4.20.0 - resolution: "express@npm:4.20.0" + version: 4.21.0 + resolution: "express@npm:4.21.0" dependencies: accepts: "npm:~1.3.8" array-flatten: "npm:1.1.1" @@ -8379,7 +8356,7 @@ __metadata: encodeurl: "npm:~2.0.0" escape-html: "npm:~1.0.3" etag: "npm:~1.8.1" - finalhandler: "npm:1.2.0" + finalhandler: "npm:1.3.1" fresh: "npm:0.5.2" http-errors: "npm:2.0.0" merge-descriptors: "npm:1.0.3" @@ -8388,17 +8365,17 @@ __metadata: parseurl: "npm:~1.3.3" path-to-regexp: "npm:0.1.10" proxy-addr: "npm:~2.0.7" - qs: "npm:6.11.0" + qs: "npm:6.13.0" range-parser: "npm:~1.2.1" safe-buffer: "npm:5.2.1" send: "npm:0.19.0" - serve-static: "npm:1.16.0" + serve-static: "npm:1.16.2" setprototypeof: "npm:1.2.0" statuses: "npm:2.0.1" type-is: "npm:~1.6.18" utils-merge: "npm:1.0.1" vary: "npm:~1.1.2" - checksum: 10c0/626e440e9feffa3f82ebce5e7dc0ad7a74fa96079994f30048cce450f4855a258abbcabf021f691aeb72154867f0d28440a8498c62888805faf667a829fb65aa + checksum: 10c0/4cf7ca328f3fdeb720f30ccb2ea7708bfa7d345f9cc460b64a82bf1b2c91e5b5852ba15a9a11b2a165d6089acf83457fc477dc904d59cd71ed34c7a91762c6cc languageName: node linkType: hard @@ -8600,18 +8577,18 @@ __metadata: languageName: node linkType: hard -"finalhandler@npm:1.2.0": - version: 1.2.0 - resolution: "finalhandler@npm:1.2.0" +"finalhandler@npm:1.3.1": + version: 1.3.1 + resolution: "finalhandler@npm:1.3.1" dependencies: debug: "npm:2.6.9" - encodeurl: "npm:~1.0.2" + encodeurl: "npm:~2.0.0" escape-html: "npm:~1.0.3" on-finished: "npm:2.4.1" parseurl: "npm:~1.3.3" statuses: "npm:2.0.1" unpipe: "npm:~1.0.0" - checksum: 10c0/64b7e5ff2ad1fcb14931cd012651631b721ce657da24aedb5650ddde9378bf8e95daa451da43398123f5de161a81e79ff5affe4f9f2a6d2df4a813d6d3e254b7 + checksum: 10c0/d38035831865a49b5610206a3a9a9aae4e8523cbbcd01175d0480ffbf1278c47f11d89be3ca7f617ae6d94f29cf797546a4619cd84dd109009ef33f12f69019f languageName: node linkType: hard @@ -14354,15 +14331,6 @@ __metadata: languageName: node linkType: hard -"qs@npm:6.11.0": - version: 6.11.0 - resolution: "qs@npm:6.11.0" - dependencies: - side-channel: "npm:^1.0.4" - checksum: 10c0/4e4875e4d7c7c31c233d07a448e7e4650f456178b9dd3766b7cfa13158fdb24ecb8c4f059fa91e820dc6ab9f2d243721d071c9c0378892dcdad86e9e9a27c68f - languageName: node - linkType: hard - "qs@npm:6.13.0, qs@npm:^6.11.0": version: 6.13.0 resolution: "qs@npm:6.13.0" @@ -15621,27 +15589,6 @@ __metadata: languageName: node linkType: hard -"send@npm:0.18.0": - version: 0.18.0 - resolution: "send@npm:0.18.0" - dependencies: - debug: "npm:2.6.9" - depd: "npm:2.0.0" - destroy: "npm:1.2.0" - encodeurl: "npm:~1.0.2" - escape-html: "npm:~1.0.3" - etag: "npm:~1.8.1" - fresh: "npm:0.5.2" - http-errors: "npm:2.0.0" - mime: "npm:1.6.0" - ms: "npm:2.1.3" - on-finished: "npm:2.4.1" - range-parser: "npm:~1.2.1" - statuses: "npm:2.0.1" - checksum: 10c0/0eb134d6a51fc13bbcb976a1f4214ea1e33f242fae046efc311e80aff66c7a43603e26a79d9d06670283a13000e51be6e0a2cb80ff0942eaf9f1cd30b7ae736a - languageName: node - linkType: hard - "send@npm:0.19.0": version: 0.19.0 resolution: "send@npm:0.19.0" @@ -15696,15 +15643,15 @@ __metadata: languageName: node linkType: hard -"serve-static@npm:1.16.0": - version: 1.16.0 - resolution: "serve-static@npm:1.16.0" +"serve-static@npm:1.16.2": + version: 1.16.2 + resolution: "serve-static@npm:1.16.2" dependencies: - encodeurl: "npm:~1.0.2" + encodeurl: "npm:~2.0.0" escape-html: "npm:~1.0.3" parseurl: "npm:~1.3.3" - send: "npm:0.18.0" - checksum: 10c0/d7a5beca08cc55f92998d8b87c111dd842d642404231c90c11f504f9650935da4599c13256747b0a988442a59851343271fe8e1946e03e92cd79c447b5f3ae01 + send: "npm:0.19.0" + checksum: 10c0/528fff6f5e12d0c5a391229ad893910709bc51b5705962b09404a1d813857578149b8815f35d3ee5752f44cd378d0f31669d4b1d7e2d11f41e08283d5134bd1f languageName: node linkType: hard