Commit Graph

442 Commits

Author SHA1 Message Date
Claire f1700523f1
Merge pull request from GHSA-vm39-j3vx-pch3
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
2024-02-14 15:16:07 +01:00
Claire 0b0c7af2c1
Merge pull request from GHSA-7w3c-p9j8-mq3x
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
2024-02-14 15:15:34 +01:00
Eugen Rochko 4d96d716c4 Fix unsupported time zone or locale preventing sign-up (#28035)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 15:31:13 +01:00
Claire e6f4c91c5c Fix hashtag matching pattern matching some URLs (#27584) 2023-12-04 15:28:15 +01:00
Claire cdedae6d63 Fix some link anchors being recognized as hashtags (#27271) 2023-12-04 15:28:15 +01:00
Matt Jankowski a9588065b2 Dont match mention in url query string (#25656)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-10 13:52:41 +02:00
Claire 0619ec1592 Fix boosts of local users being filtered in account timelines (#27204) 2023-10-10 13:52:41 +02:00
Claire fa98c9b077 Fix crash when filtering for “dormant” relationships (#27306) 2023-10-10 13:52:41 +02:00
Claire 1f99d86287
Fix blocked domain appears from account feed (#26823)
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-09-06 21:04:48 +02:00
Christian Schmidt ea31929776
Fix invalid Content-Type header for WebP images (#26773) 2023-09-04 09:46:33 +02:00
Claire 16681e0f20
Add admin notifications for new Mastodon versions (#26582) 2023-09-01 17:47:07 +02:00
jsgoldstein 30c191aaa0
Add new public status index (#26344)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-08-24 16:40:04 +02:00
Nick Schonning b970ed6098
Update rubocop and rubocop-rspec (#26329) 2023-08-22 09:31:40 +02:00
Matt Jankowski c363978782
Spec media attachment speedups (#25416) 2023-08-07 17:58:12 +02:00
Christian Schmidt f2257069b2
Fix AVIF attachments (#26264) 2023-08-01 19:34:11 +02:00
Matt Jankowski 6f1fa1364f
Fix `RSpec/EmptyExampleGroup` cop (#24735) 2023-07-28 23:15:33 +02:00
Claire 1e3b19230a
Add stricter protocol fields validation for accounts (#25937) 2023-07-20 18:23:48 +02:00
Matt Jankowski c75df62ccc
Fix `RSpec/SubjectDeclaration` cop (#25312) 2023-07-12 09:49:33 +02:00
Claire dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Matt Jankowski 05f9e39b32
Fix `RSpec/VerifiedDoubles` cop (#25469) 2023-06-22 14:55:22 +02:00
Claire dd07393e75
Fix user settings not getting validated (#25508) 2023-06-19 14:06:06 +01:00
Matt Jankowski 4c5aa0e470
Update rubocop-rspec to version 2.22.0, fix `RSpec/IndexedLet` cop (#24698) 2023-06-14 16:44:37 +02:00
Daniel M Brasil d9c6f70cc6
Fix `ArgumentError` in `/api/v1/admin/accounts/:id/action` (#25386) 2023-06-14 15:21:36 +02:00
Matt Jankowski ae9f5379d1
Reduce factory data created in spec/models/trends/statuses spec (#25410) 2023-06-14 09:57:06 +02:00
Matt Jankowski 62c996b52d
Reduce `RSpec/MultipleExpectations` cop max to 8 (#25313) 2023-06-10 18:38:22 +02:00
Matt Jankowski c94bb9ba9a
Disable paperclip processing in specs (#25359) 2023-06-10 18:27:35 +02:00
Matt Jankowski 6c0e3f490a
Fix RSpec/MissingExampleGroupArgument cop (#25310) 2023-06-06 15:51:42 +02:00
Matt Jankowski c42591356d
Fix `RSpec/DescribedClass` cop (#25104) 2023-06-06 13:58:33 +02:00
Matt Jankowski b22bfae4f9
Add coverage for `DomainBlock#public_domain` method (#25283) 2023-06-06 13:34:04 +02:00
Claire 8884d1ece0
Add support for importing lists (#25203) 2023-06-01 14:47:31 +02:00
Matt Jankowski d2e5430d4a
Fix RSpec/ExpectChange cop (#25101) 2023-05-24 11:23:40 +02:00
Matt Jankowski b896b16cb3
Fix RSpec/PredicateMatcher cop (#25102) 2023-05-23 16:49:11 +02:00
Emelia Smith 19f9098551
Allow reports with long comments from remote instances, but truncate (#25028) 2023-05-22 13:15:21 +02:00
Nick Schonning 99e2e9b81f
Fix minor typos in comments and spec names (#21831) 2023-05-19 17:13:29 +02:00
Claire 3ed3d54bf3
Fix reports not being closed when performing batch suspensions (#24988) 2023-05-16 14:56:49 +02:00
Matt Jankowski c97b611b6b
Fix RSpec/InferredSpecType cop (#24736) 2023-05-04 05:49:53 +02:00
Matt Jankowski 710745e16b
Fix RSpec/ContextWording cop (#24739) 2023-05-04 05:49:08 +02:00
Claire 1e75eb690d
Fix own posts not getting delivered to own lists (#24810) 2023-05-03 19:17:40 +02:00
Matt Jankowski 3df665fd23
Fix Lint/ConstantDefinitionInBlock cop (#24763) 2023-05-03 10:32:30 +02:00
Matt Jankowski a0c9f2447e
Fix Performance/MethodObjectAsBlock cop (#24798) 2023-05-03 10:30:54 +02:00
Matt Jankowski 570079f8ce
Fix Performance/TimesMap cop (#24789) 2023-05-02 18:07:16 +02:00
Claire 6693a4fe7c
Change lists to be able to include accounts with pending follow requests (#19727) 2023-05-02 14:40:36 +02:00
Claire 32a030dd74
Rewrite import feature (#21054) 2023-05-02 12:08:48 +02:00
Matt Jankowski 274d561430
Enable local account key generation spec (#24728) 2023-04-30 02:28:52 +02:00
Matt Jankowski 4cfe52635c
Add pending spec for User.those_who_can (#24724) 2023-04-29 22:03:36 +02:00
Nick Schonning 5841f1af8c
Autofix Rubocop RSpec/MatchArray (#24675) 2023-04-26 21:29:36 +02:00
Nick Schonning a3393d0d07
Autofix Rubocop RSpec/MatchArray (#24050) 2023-04-26 20:21:54 +02:00
Heitor de Melo Cardozo bc75e62ca6
Change moderation search an account using the username with @ (#24242) 2023-04-17 14:16:36 +02:00
Christian Schmidt b4f38edf74
Wrong type for user setting when default is defined by lambda (#24321) 2023-03-31 07:33:17 +02:00
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00