0728a6a709
Merge upstream security fixes of v4.0.5 ( #1316 )
...
It's already running on our instance (queer.group) and working fine.
Manually reviewed the changes, hadn't found anything that could break
hometown-specific code.
And to update our instance, I also just followed the [steps on the
release](https://github.com/mastodon/mastodon/releases/tag/v4.0.5 ) aka
`bundle install && yarn install` followed by a restart of all processes.
---------
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Co-authored-by: Daniel M Brasil <danielmbrasil@protonmail.com>
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Co-authored-by: Vyr Cossont <VyrCossont@users.noreply.github.com>
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-07-06 12:30:13 -07:00
9fe562c31c
Merge tag 'v4.0.4' into hometown-4.0.4
2023-05-19 11:25:13 +01:00
05c45e9eeb
Fix unescaped user input in LDAP query ( #24379 )
...
Fix CVE-2023-28853
2023-04-04 12:39:56 +02:00
274bb193b2
Fix invalid/expired invites being processed on sign-up ( #24337 )
2023-04-04 12:39:56 +02:00
aa37eeadf3
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2023-04-04 12:39:56 +02:00
9715a211c7
Add warning for object storage misconfiguration ( #24137 )
2023-03-16 22:49:35 +01:00
a6217bd035
Change user backups to use expiring URLs for download when possible ( #24136 )
2023-03-16 22:49:35 +01:00
2c3cb903ad
Fix misleading error code when receiving invalid WebAuthn credentials ( #23568 )
2023-03-16 11:58:46 +01:00
86924c344d
Fix incorrect post links in strikes when the account is remote ( #23611 )
2023-03-16 11:58:34 +01:00
f834fdaf6a
Fix dashboard crash on ElasticSearch server error ( #23751 )
2023-03-16 11:57:23 +01:00
97e19e8802
Add mail headers to avoid auto-replies ( #23597 )
2023-03-14 10:00:38 +01:00
bd43f7d4cc
Add `lang` tag to native language names in language picker ( #23749 )
2023-03-14 10:00:28 +01:00
4ea4c3f49c
Unescape HTML entities ( #24019 )
2023-03-14 10:00:13 +01:00
419bd9281d
Do not strip tags from `Setting.site_short_description` ( #23975 )
2023-03-14 10:00:07 +01:00
c2d38ef0f1
Center the text itself in upload area ( #24029 )
2023-03-14 09:59:46 +01:00
290d02e936
Fix original account being unfollowed on migration before the follow request could be sent ( #21957 )
2023-03-14 09:59:00 +01:00
11f04e3b97
Fix unconfirmed accounts being registered as active users ( #23803 )
2023-03-14 09:58:47 +01:00
76c96cdd72
Fix error when displaying post history of a trendable post in the admin interface ( #23574 )
2023-03-14 09:58:34 +01:00
c22c4247d9
Fix server error when failing to follow back followers from `/relationships` ( #23787 )
2023-03-14 09:58:26 +01:00
348599a543
Fix inefficiency when searching accounts per username in admin interface ( #23801 )
2023-03-14 09:58:13 +01:00
0e3f06da99
Fix sidebar cut-off on small screens in admin UI ( #23764 )
2023-03-14 09:58:05 +01:00
cc80f4ed9b
Fix case-sensitive check for previously used hashtags ( #23526 )
2023-03-14 09:57:10 +01:00
e2103c9175
Fix “Remove all followers from the selected domains” being more destructive than it claims ( #23805 )
2023-03-14 09:50:57 +01:00
4c577a769a
Fix leak where edited, local-only statuses federated
...
More info to come in release notes, coming very very soon.
2023-01-13 16:43:16 -08:00
15e78b9a0a
One more fixup per @gargron suggestion
2023-01-05 13:43:04 -08:00
d6171de99f
Fix ranking order to correct direction
2023-01-05 13:12:00 -08:00
7d12ca1fa5
Make autosuggest for mentions return followed accounts first
...
This makes it so that (when elasticsearch is disabled) when a user types '@foo' in the compose box, they are first going to get accounts they follow ordered by the ranking algorithm, and then second they will get accounts they do not follow, also ordered by the ranking algorithm.
This makes behavior more consistent with user expectation and also with results when elasticsearch is enabled.
Fixes #1272
2023-01-05 12:51:57 -08:00
b761fbac34
Linter fix
2023-01-03 09:44:29 -08:00
c88d2835fb
Add sign-in button to mobile view when logged out
2023-01-03 09:39:31 -08:00
84d86aa0bd
Removing ellipsis which render pooly on Safari
2023-01-02 18:29:39 -08:00
b3d1449add
Fix long blocked domain names on mobile about page
2023-01-02 14:46:07 -08:00
ce672d8acf
Fix css issue with compose form overflow
2023-01-02 14:20:27 -08:00
c7b321d5ad
Fix linter
2023-01-02 14:08:45 -08:00
ad27ebf327
Add "localOnly" property to created AP notes
...
Useful for third party clients doing feature detection.
2023-01-02 12:11:13 -08:00
6d1665ed64
Moving "Show more" CW button to next line
2023-01-02 11:07:06 -08:00
73afe0e0ea
CSS tweaks, fixing text render contrast
2023-01-02 10:54:19 -08:00
2ccb6d4529
Tweak mastodon-light theme
2022-12-31 23:30:35 -08:00
79507fa7b2
Change to Hometown branding
2022-12-31 22:45:52 -08:00
eeb8b24f6d
Tweaking basic status margins
2022-12-31 15:48:50 -08:00
027a9861a3
Linter fixes
2022-12-31 15:42:26 -08:00
6d155613aa
More whitespace tweaks, this time for follow notifications
2022-12-31 15:39:27 -08:00
81f5857c6b
Changing margins for more compact text
2022-12-31 14:39:59 -08:00
ff37c8cb1a
Add persistent state to nav bar expand/retract
2022-12-31 12:18:53 -08:00
9a4af5ace4
Fix issue where all pages redirect to about when signed out
2022-12-31 11:49:05 -08:00
90350fd418
Fix menu sidebar width on desktop
2022-12-31 10:10:30 -08:00
7548424b02
Disable the federation dropdown when editing posts
...
You're not allowed to change post visibility on an edit so the dropdown is misleading.
2022-12-31 01:06:59 -08:00
e1df6bc049
Fix merge
2022-12-30 23:06:34 -08:00
4f7f5a3256
Improve mobile layout ( #1265 )
2022-12-30 22:19:59 -08:00
bcfefcbe0f
More styling and content fixes to static about page
2022-12-30 22:03:52 -08:00
0ec450b144
Fixing a PropType
2022-12-30 01:52:41 -08:00
Jasmin
Darius Kazemi
Claire
Eugen Rochko
Christian Schmidt
Rodion Borisov
Botao Wang
Dean Bassett
Darius Kazemi