* Fix issues with POSIX::Spawn, Terrapin and Ruby 3.0
Also improve the Terrapin monkey-patch for the stderr/stdout issue.
* Fix keyword argument handling throughout the codebase
* Monkey-patch Paperclip to fix keyword arguments handling in validators
* Change validation_extensions to please CodeClimate
* Bump microformats from 4.2.1 to 4.3.1
* Allow Ruby 3.0
* Add Ruby 3.0 test target to CircleCI
* Add test for admin dashboard warnings
* Fix admin dashboard warnings on Ruby 3.0
* Fix display of toots without text content
- fixes CWs from other implementations not showing up if toot has no text
contents
- fixes the “Read more” thread indicator not showing up on threaded toots
with no text contents
* Move content-less toot's CW to conents
Express follow_recommendations in terms of account_summaries rather than
accounts, integrate filters that are unconditionally used, and materialize
the resulting view.
This should result in the bulk of the computation being performed only once
instead of **once per recommendation language**.
Database serialization failure occurs when a read-replica is used
and a query takes long enough that rows on the primary database
become unavailable. It should return HTTP 503 as it is temporary.
Re-order rescue definitions according to their status codes
* Fix media processing getting stuck on too much stdin/stderr
See thoughtbot/terrapin#5
* Remove dependency on paperclip-av-transcoder gem
* Remove dependency on streamio-ffmpeg gem
* Disable stdin on ffmpeg process
Clicking the confirmation link multiple times currently leads to entering
account settings, which can be confusing. This commit changes that so that
it redirects to the root path, so it behaves the same way as clicking only
once in most cases.
* Add tests
* Ensure deleted statuses are marked as such
* Save some redis memory by not storing URIs in delete_upon_arrival values
* Avoid possible race condition when processing incoming Deletes
* Avoid potential duplicate Delete forwards
* Lower lock durations to reduce issues in case of hard crash of the Rails process
* Check for `lock.aquired?` and improve comment
* Refactor RedisLock usage in app/lib/activitypub
* Fix using incorrect or non-existent sender for relaying Deletes
Prevent new accounts from being created using the same underlying
e-mail as a suspended account using extensions and period
permutations. Stores e-mails as a SHA256 hash
* Add transition to media modal background
* use reduceMotion
* Move background color transition into css
Signed-off-by: marcin mikołajczak <me@mkljczk.pl>
* Update devise-two-factor to unreleased fork for Rails 6 support
Update tests to match new `rotp` version.
* Update nsa gem to unreleased fork for Rails 6 support
* Update rails to 6.1.3 and rails-i18n to 6.0
* Update to unreleased fork of pluck_each for Ruby 6 support
* Run "rails app:update"
* Add missing ActiveStorage config file
* Use config.ssl_options instead of removed ApplicationController#force_ssl
Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.
* Fix nonce directives by removing Rails 5 specific monkey-patching
* Fix fixture_file_upload deprecation warning
* Fix yield-based test failing with Rails 6
* Use Rails 6's index_with when possible
* Use ActiveRecord::Cache::Store#delete_multi from Rails 6
This will yield better performances when deleting an account
* Disable Rails 6.1's automatic preload link headers
Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.
In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.
* Switch to Rails 6.0 default config
* Switch to Rails 6.1 default config
* Do not include autoload paths in the load path
* Fix ComposeForm being mounted twice in mobile view
Fixes#13094
* Fix compose form focus and pre-selection behavior in mobile view
* Split _updateFocusAndSelection out of componentDidUpdate
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.
This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
* Bypass MX validation for explicitly allowed domains
This spares some lookups and prevent issues in some edge cases with
local domains.
* Add tests
* Fix test
* Removing last-child padding conflicts with light theme in hero widget
* Add missing background color to widget
* Reset widget.scss to default
* Hope this works
Co-authored-by: koyu <me@koyu.space>
* Improve account counters handling
* Use ActiveRecord::Base::sanitize_sql to pass values instead of interpolating them
Keep using string interpolation for `key` as it is safe and using
“ActiveRecord::Base::sanitize_sql_hash_for_assignment” would require stitching
bits of SQL in a way that is not more easily checked for safety.
* Add migration hook to catch PostgreSQL versions earlier than 9.5
* Use ActiveRecord::Result#to_ary instead of deprecated to_hash
They do the same thing, and to_hash has been removed from Rails 6.1
* Explicitly name polymorphic indexes to workaround a bug in Rails 6.1
cf. https://github.com/rails/rails/issues/41693
* Fix incorrect usage of “foreign_key” in migration script
* Use `ActiveModel::Errors#delete` instead of deprecated clear method
* Fix link headers tests on Rails 6.1
Rails 6.1 adds values to the Link header by default, thus it is not a
LinkHeader object anymore. Fix the test to parse the Link header instead
of assuming it is a LinkHeader.
* Prepare Mastodon for zeitwerk autoloader (Rails 6)
Add inflections and rename/move a few classes.
In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.
* Add inflection for Url → URL
* Fix misuse of foreign_type
* Fix use of removed "add_template_helper"
* Use response.media_type instead of response.content_type in tests
* Fix CSV export controller test on Rails 6
Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.
This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.
* Fix emoji formatting with Rails 6
* Make emoji output more idiomatic and robust
* Switch from redis-rails gem to built-in Rails redis cache storage
The exports page showed a different "CSV" capitalisation in the
"Bookmarks" row ("Csv") compared to the other rows ("CSV").
This was due to a referece to a translation string that does not exist,
`bookmarks.csv`, defaulting to the key's last segment in title case.
This issue was introduced in commit dcd86204 (PR #14956).
(h/t @meqif for helping with figuring out the bug)
* Update twitter-text from 1.14 to 3.1.0
* Disable emoji parsing
* Properly depend on twitter-text for url detection
* Fix some URLs being wrongly detected client-side
* Add test for server-side validation of non-autolinkable URLs
* Fix server-side status length counting
* Fix crash on receiving requests with missing Digest header
Return an error pointing out that Digest is missing, instead of crashing.
Fixes#15743
* Fix from review feedback
* Change ResolveAccountService's handling of skip_webfinger
Change it so it never makes any webfinger query, as the name would imply.
* Add tests
* Change FollowService to not take an URI for target_account
* Restore domain-block check in FollowService
* Fix tests
* Fixed picture in picture compatibility error in WebUI when status is deleted
* Revert "Fixed picture in picture compatibility error in WebUI when status is deleted"
This reverts commit f003b7d9d88688e9504f7dfae1545d7522fcfd98.
* Close the modal display of the image when status is deleted
* Fixed the case statement before the default statement
* Removed unnecessary parts
* Fix URI of repeat follow requests not being recorded
In case we receive a “repeat” or “duplicate” follow request, we automatically
fast-forward the accept with the latest received Activity `id`, but we don't
record it.
In general, a “repeat” or “duplicate” follow request may happen if for some
reason (e.g. inconsistent handling of Block or Undo Accept activities, an
instance being brought back up from the dead, etc.) the local instance thought
the remote actor were following them while the remote actor thought otherwise.
In those cases, the remote instance does not know about the older Follow
activity `id`, so keeping that record serves no purpose, but knowing the most
recent one is useful if the remote implementation at some point refers to it
by `id` without inlining it.
* Add tests
* Slightly reorder three dots menu on toots to make it more intuitive
- Make “Pin to profile” always appear at the same place
- Add separator to group “Bookmark” and “Pin to profile”
- Fix separator being the first item in some cases
* Fix missing semicolon and keep status_action_bar.js and action_bar.js in sync
* Various dropdown code quality fixes
* Prepare support for privacy selection in boost modal
* Add dropdown for boost privacy in boost confirmation modal
An uncommon but somewhat difficult to digagnose issue is dealing with
improperly-seeded databases. In such cases, instance-signed fetches will
fail with a ActiveRecord::RecordNotFound error, usually caught and handled
as generic 404, leading people to think the remote resource itself has not
been found, while it's the local instance actor that does not exist.
This commit changes the code so that failure to find the instance actor
automatically creates a new one, so that improperly-seeded databases do
not cause any issue.
* Add “translate” class to other user strings
Follow-up to #15610.
Allow Google Translate to work on more user content:
- poll options
- reply indicator (contents of the status being replied to)
- directory account cards
- account note in follow requests list
* Fix incorrect styling of account bio
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Unlike locally-issued blocks, they weren't clearing follow
relationships in both directions, follow requests or notifications.
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
This also skips fetching the actor completely.
This will be useful if we end up distributing Update activities linked to
account suspensions more widely (they are currently only delivered to
the suspended account's followers), as currently, instances not knowing
about the suspended account would fetch it to then process the suspension.
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* disable NewCops
* update TargetRubyVersion
* Fix Lint/MissingSuper for ActiveModelSerializers::Model
* Fix Lint/MissingSuper for feed
* Fix Lint/FloatComparison
* Do not use instance variables
* Fix being able to import more than allowed number of follows
Without this commit, if someone tries importing a second list of accounts to
follow before the first one has been processed, this will queue imports for
the two whole lists, even if they exceed the account's allowed number of
outgoing follows.
This commit changes it so the individual queued imports aren't exempt from
the follow limit check (they remain exempt from the rate-limiting check
though).
* Catch validation errors to not re-queue failed follows
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Fixes#15374
When the pop-out player was introduced, it had tweaks for the mobile
view, but it's now disabled in mobile mode and the styling was reused
for modals, causing the footer to be hidden on mobile without a good
reason.
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
As a regression from the recent optimizations, mentions were left untouched
until `account.destroy`, which would then delete them individually,
and executing queries to find and delete associated notifications, resulting
in a massive slowdown.
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Delete status records by batches of 50
* Do not precompute values that are only used once
* Do not generate redis events for removal of public toots older than two weeks
* Filter reported toots a priori for polls and status deletion
* Do not process reblogs when cleaning up public timelines
As in Mastodon proper, reblogs don't appear in public TLs
* Clean the deleted account's own feed in one go
* Refactor Account#clean_feed_manager and List#clean_feed_manager
* Delete instead of destroy a few more associations
* Fix preloading
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Fix external user creation failing when invite request text is required
Also fixes tootctl-based user creation.
* Add test about invites when invite request text is otherwise required
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Fix deleting polls not deleting notifications
* Fix fav notification deletion when deleting a toot
* Refactor DeleteAccountService spec
* Add DeleteAccountService tests for other associations and notifications
* Add favourite handling spec in status removal
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Fix account deletion workers being queued multiple times for a single account
* Fix poll votes being unnecessarily instantiated on poll deletion
* Fix favourites being unnecessarily instantiated on status deletion
* Remove inaccurate comments
* Delete polls instead of destroying them
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Fix ResolveAccountService accepting mismatching acct: URI
* Set attributes that should be updated regardless of suspension
* Fix key fetching
* Automatically merge remote accounts with duplicate `uri`
* Add tests
* Add "tootctl accounts fix-duplicates"
Finds duplicate accounts sharing a same ActivityPub `id`, re-fetch them and
merge them under the canonical `acct:` URI.
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Improve searching for private toots from URL
Most of the time, when sharing toots, people use the toot URL rather than
the toot URI, which makes sense since it is the user-facing URL.
In Mastodon's case, the URL and URI are different, and Mastodon does not
have an index on URL, which means searching a private toot by URL is done
with a slow query that will only succeed for very recent toots.
This change gets rid of the slow query, and attempts to guess the URI from
URL instead, as Mastodon's are predictable.
* Add tests
* Only return status with guessed uri if url matches
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Change notification permission handling
- allow changing individual alert settings even if permission is not explicitly
enabled (asks for permission on toggle)
- persist permission request banner dismissal across sessions through settings
* Add additional, more discrete message to grant permissions
* Change permission granting button design according to reviews
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Fix admin being able to suspend their own instance account
* Add text about the instance's own actor in admin view
* Change instance actor notice from flash message to template
* Do not list local instance actor in account moderation list
* Add indication to admin UI of whether a report has been forwarded
* Rework how forwarded status is displayed
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Add honeypot fields to limit non-specialized spam
Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.
This should cut down on some non-Mastodon-specific spambots.
* Require a 3 seconds delay before submitting the registration form
* Fix tests
* Move registration form time check to model validation
* Give people a chance to clear the honeypot fields
* Refactor honeypot translation strings
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
From the start, swiping columns was highly unreliable because the logic
could change `ReactSwipeableViews`'s `animateTransitions` property
mid-swipe.
PR #11200 partially fixed this, but at the unintended cost of disabling the
swipe animation altogether.
This PR changes the logic behind `shouldAnimate` to only disable the swiping
animation at the end of a column change not initiated by `ReactSwipeableViews`.
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Extract logic for determining ActivityPub inboxes to send deletes
to to its own class and explicitly include the person the status
replied to (even if not mentioned), people who favourited it, and
people who replied to it (though that one is still not recursive)
- Change overlay background to match color of viewed image
- Add interactive reply/boost/favourite buttons to footer of modal
- Change ugly "View context" link to button among the action bar
* Fix webfinger redirect handling in ResolveAccountService
ResolveAccountService#process_webfinger! handled a one-step webfinger
redirection, but only accepting the result if it matched the exact URI passed
as input, defeating the point of a redirection check.
Instead, use the same logic as in `ActivityPub::FetchRemoteAccountService`,
updating the resulting `acct:` URI with the result of the first webfinger
query.
* Add tests
Nginx can be configured to bypass proxy cache when a special header
is in the request. If the response is cacheable, it will replace
the cache for that request. Proxy caching of media files is
desirable when using object storage as a way of minimizing bandwidth
costs, but has the drawback of leaving deleted media files for
a configured amount of cache time. A cache buster can make those
media files immediately unavailable. This especially makes sense
when suspending and unsuspending an account.
Fixes#15178
PR #11499 introduced a way to deal with all-white canvas, but newer
Firefox versions set random data instead.
This PR detects whether canvas operations are reliable by comparing
the results on a hardcoded 2×2 pixels image, and memoizing the result.
This should be both more reliable and faster than the previous check.
If someone tries logging in to an account and is prompted for a 2FA
code or sign-in token, even if the account's password or e-mail is
updated in the meantime, the session will show the prompt and allow
the login process to complete with a valid 2FA code or sign-in token
Do not downcase the queried tag before passing it to postgres when searching:
- tags are not downcased on creation
- `arel_table[:name].lower.matches(pattern)` generates an ILIKE anyway
- if Postgres and Rails happen to use different case-folding rules,
downcasing before query but not before insertion may mean that some
tags with some casings are not searchable
When failing to fetch the target account, the ProcessingWorker fails
as expected, but since it hasn't cleared the `move_in_progress` flag,
the next attempt at processing skips the `Move` activity altogether.
This commit changes it to clear the flag when encountering any
unexpected error on fetching the target account. This is likely to
occur because, of, e.g., a timeout, when many instances query the
same actor at the same time.
* Fix crash in SuspendAccountWorker
`follows` is an array thanks to `to_a`
* Fix code style issue
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Add more specific error message when request body digest is invalid
This may help other implementors debug their implementation.
* Relax Host parameter requirement to GET requests
The only POST requests processed by Mastodon need objects/actors (including
their host) to be explicitly mentioned in the request's body, so replaying
a legitimate request to another host should not be a security issue.
* Support Digest headers using multiple algorithms or lowercase alogirthm names
- Makes permalink to a toot more easily clickable
- Fix clicking between icon and time in fact clicking the display name
- Fix clicking slightly under time in fact clicking the display name
e.g. if someone on an instance that previously had followers gets mentioned
in a private toot, before this PR, they would not receive a
Collection-Synchronization header and may show the toot to the former followers
in addition to the mentioned person.
* Add support for followers synchronization on the receiving end
Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.
* Add tests for followers synchronization on the receiving end
* Add support for follower synchronization on the sender's end
* Add tests for the sending end
* Switch from AS attributes to HTTP header
Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
receiving instance (where “receiving instance” is determined by accounts
sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor
Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.
* Add environment variable to disable followers synchronization
Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.
The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
netloc as a managed account must be managed by the same Mastodon instance
as well.
As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.
Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.
* Only set follower synchronization header on non-public statuses
This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)
* Change how ActivityPub::SynchronizeFollowersService handles follow requests
If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.
* Integrate review feeback
- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes
* Only select required fields when computing followers_hash
* Use actor URI rather than webfinger domain in synchronization endpoint
* Change hash computation to be a XOR of individual hashes
Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.
* Marginally improve followers_hash computation speed
* Further improve hash computation performances by using pluck_each
* Add support for latest HTTP Signatures spec draft
https://www.ietf.org/id/draft-ietf-httpbis-message-signatures-00.html
- add support for the “hs2019” signature algorithm (assumed to be equivalent
to RSA-SHA256, since we do not have a mechanism to specify the algorithm
within the key metadata yet)
- add support for (created) and (expires) pseudo-headers and related
signature parameters, when using the hs2019 signature algorithm
- adjust default “headers” parameter while being backwards-compatible with
previous implementation
- change the acceptable time window logic from 12 hours surrounding the “date”
header to accepting signatures created up to 1 hour in the future and
expiring up to 1 hour in the past (but only allowing expiration dates up to
12 hours after the creation date)
This doesn't conform with the current draft, as it doesn't permit accounting
for clock skew.
This, however, should be addressed in a next version of the draft:
https://github.com/httpwg/http-extensions/pull/1235
* Add additional signature requirements
* Rewrite signature params parsing using Parslet
* Make apparent which signature algorithm Mastodon on verification failure
Mastodon uses RSASSA-PKCS1-v1_5, which is not recommended for new applications,
and new implementers may thus unknowingly use RSASSA-PSS.
* Add workaround for PeerTube's invalid signature header
The previous parser allowed incorrect Signature headers, such as
those produced by old versions of the `http-signature` node.js package,
and seemingly used by PeerTube.
This commit adds a workaround for that.
* Fix `signature_key_id` raising an exception
Previously, parsing failures would result in `signature_key_id` being nil,
but the parser changes made that result in an exception.
This commit changes the `signature_key_id` method to return `nil` in case
of parsing failures.
* Move extra HTTP signature helper methods to private methods
* Relax (request-target) requirement to (request-target) || digest
This lets requests from Plume work without lowering security significantly.
Follow-up to #14359
In the case of limited toots, the receiver may not be explicitly part of the
audience. If a specific user's inbox URI was specified, it makes sense to
dereference the toot from the corresponding user, instead of trying to find
someone in the explicit audience.
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.
Fix#14091
* Do not serve account actors at all in limited federation mode
When an account is fetched without a signature from an allowed instance,
return an error.
This isn't really an improvement in security, as the only information that was
previously returned was required protocol-level info, and the only personal bit
was the existence of the account. The existence of the account can still be
checked by issuing a webfinger query, as those are accepted without signatures.
However, this change makes it so that unallowed instances won't create account
records on their end when they find a reference to an unknown account.
The previous behavior of rendering a limited list of fields, instead of not
rendering the actor at all, was in order to prevent situations in which two
instances in Authorized Fetch mode or Limited Federation mode would fail to
reach each other because resolving an account would require a signed query…
from an account which can only be fetched with a signed query itself. However,
this should now be fine as fetching accounts is done by signing on behalf of
the special instance actor, which does not require any kind of valid signature
to be fetched.
* Fix tests
* Change how CDN_HOST is passed down to make assets build reproducible
* Change webpacker/webpack configuration to dynamically load publicPath based on meta header
* Fix embedded layout missing the cdn-host meta header
* Add notification permission handling code
* Request notification permission when enabling any notification setting
* Add badge to notification settings when permissions insufficient
* Disable alerts by default, requesting permission and enable them on onboarding
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.
Fix#14091
Fixes#14862
This used to be the case until #13987, which introduced a hotkey to toggle
the Content Warning field.
Unfortunately, MacOS relies on the “alt” key for many things, including
composing text (see #14862), therefore, even if that makes the CW toggle
hotkey significantly less useful, it makes sense to not interfere with
composing toots.
* Add bell button
Fix#4890
* Remove duplicate type from post-deployment migration
* Fix legacy class type mappings
* Improve query performance with better index
* Fix validation
* Remove redundant index from notifications
* Add paragraph about browser add-ons when encountering some errors
When a crash is caused by a NotFoundError exception, add a paragraph
to the error page mentioning browser add-ons.
Indeed, crashes with NotFoundError are often caused by browser extensions
messing with the DOM in ways React.JS can't recover from (e.g. issues #13325
and #14731).
* Reword error messages
* Do not serve account actors at all in limited federation mode
When an account is fetched without a signature from an allowed instance,
return an error.
This isn't really an improvement in security, as the only information that was
previously returned was required protocol-level info, and the only personal bit
was the existence of the account. The existence of the account can still be
checked by issuing a webfinger query, as those are accepted without signatures.
However, this change makes it so that unallowed instances won't create account
records on their end when they find a reference to an unknown account.
The previous behavior of rendering a limited list of fields, instead of not
rendering the actor at all, was in order to prevent situations in which two
instances in Authorized Fetch mode or Limited Federation mode would fail to
reach each other because resolving an account would require a signed query…
from an account which can only be fetched with a signed query itself. However,
this should now be fine as fetching accounts is done by signing on behalf of
the special instance actor, which does not require any kind of valid signature
to be fetched.
* Fix tests
* Check for and record reblog info atomically
Instead of using ZREVRANK to determine whether a reblog is a new reblog or not,
use ZADD's NX option to perform the check/addition option atomically.
* Replace ZREVRANK call with ZSCORE key which is more efficient
* Make tests a bit stricter
* Fix off-by-one
* Add database support for list show-reply preferences
* Add backend support to read and update list-specific show_replies settings
* Add basic UI to set list replies setting
* Add specs for list replies policy
* Switch "cycling" reply policy link to a set of radio inputs
* Capitalize replies_policy strings
* Change radio button design to be consistent with that of the directory explorer
* [WiP] Update Tesseract.js
- Update Tesseract.js to 2.2.1
- Use versioned file names
- differentiate two progression states: preparing OCR and detecting picture
* Get rid of copy-webpack-plugin
* Add back "Home" link to "Getting started" when Home column isn't mounted
* Fix keys in getting_started
It should not matter much in practice as the list of items will only
change extremely rarely, but having a `key` that corresponds to the actual
item makes much more sense than having it be the index of the item within
the list.
* Make Array-creation behavior of Paginable more predictable
Paginable.paginate_by_id usually returns ActiveRecord::Relation, but it
returns an Array if min_id option is present. The behavior caused problems
fixed with the following commits:
- 552e886b64
- b63ede5005
- 64ef37b89d
To prevent from recurring similar problems, this commit introduces two
changes:
- The scope now always returns an Array whether min_id option is present
or not.
- The scope is renamed to to_a_paginated_by_id to clarify it returns an
Array.
* Transform Paginable.to_a_paginated_by_id from a scope to a class method
https://api.rubyonrails.org/classes/ActiveRecord/Scoping/Named/ClassMethods.html#method-i-scope
> The method is intended to return an ActiveRecord::Relation object, which
> is composable with other scopes.
Paginable.to_a_paginated_by_id returns an Array and is not appropriate
as a scope.
* Replace incorrect use of distinct with group
Some uses of ActiveRecord::QueryMethods#distinct pass field names but they
are incorrect for the current version of Rails.
ActiveRecord::QueryMethods#group provides the expected behavior and
benefits performance. See commit 6da24aad4cafdef8d8a2c92bac2002a5fc2fe9c8.
* Introduce ApplicationController#cache_collection_paginated_by_id
ApplicationController#cache_collection_paginated_by_id fuses
ApplicationController#cache_collection and Paginable.paginate_by_id.
An advantage of this method is that it prevents from modifying scope which
Paginable.paginate_by_id may provide.
ApplicationController#cache_collection always return an array and there
is no possibility of the scope modification. It is also clear for a
programmer, considering the implication of "cache".
This method can also emit more efficient queries by using
Cacheable.cache_ids before calling Paginable.paginate_by_id.
Some uses of ActiveRecord::QueryMethods#distinct pass field names but they
are incorrect for the current version of Rails.
ActiveRecord::QueryMethods#group provides the expected behavior and
benefits performance. See commit 6da24aad4cafdef8d8a2c92bac2002a5fc2fe9c8.
The old implementation had two queries:
1. The query constructed in Api::V1::FavouritesController#results
2. The query constructed in #cached_favourites, which is merged with 1.
Both of them are issued againt PostgreSQL. The combination of the two
queries caused the following problems:
- The small window between the two queries involves race conditions.
- Minor performance inefficiency.
Moreover, the construction of query 2, which involves merging with query
1 has a bug. Query 1 is finalized with paginate_by_id, but paginate_by_id
returns an array when min_id parameter is specified. The behavior prevents
from merging the query, and in the real world, ActiveRecord simply ignores
the merge (!), which results in querying the entire scan of statuses and
favourites table.
This change fixes these issues by simply letting query 1 get all the works
done.
DISTINCT clause removes duplicated records according to all the selected
attributes. In reality, it can remove duplicated records only looking at
statuses.id, but the clause confuses the query planner and yields
insufficient performance.
The behavior is also problematic if the scope produced by HashQueryService
is used to query columns without id (using pluck method, for example). The
scope is expected to contain unique statuses, but the uniquness will be
evaluated with some arbitrary columns other than id.
GROUP BY clause resolves those problem by explicitly specifying the
column to take into account for the record distinction.
A workaround for the problem of DISTINCT clause in
Api::V1::Timelines::TagController is no longer necessary and removed.
* Add support for latest HTTP Signatures spec draft
https://www.ietf.org/id/draft-ietf-httpbis-message-signatures-00.html
- add support for the “hs2019” signature algorithm (assumed to be equivalent
to RSA-SHA256, since we do not have a mechanism to specify the algorithm
within the key metadata yet)
- add support for (created) and (expires) pseudo-headers and related
signature parameters, when using the hs2019 signature algorithm
- adjust default “headers” parameter while being backwards-compatible with
previous implementation
- change the acceptable time window logic from 12 hours surrounding the “date”
header to accepting signatures created up to 1 hour in the future and
expiring up to 1 hour in the past (but only allowing expiration dates up to
12 hours after the creation date)
This doesn't conform with the current draft, as it doesn't permit accounting
for clock skew.
This, however, should be addressed in a next version of the draft:
https://github.com/httpwg/http-extensions/pull/1235
* Add additional signature requirements
* Rewrite signature params parsing using Parslet
* Make apparent which signature algorithm Mastodon on verification failure
Mastodon uses RSASSA-PKCS1-v1_5, which is not recommended for new applications,
and new implementers may thus unknowingly use RSASSA-PSS.
* Add workaround for PeerTube's invalid signature header
The previous parser allowed incorrect Signature headers, such as
those produced by old versions of the `http-signature` node.js package,
and seemingly used by PeerTube.
This commit adds a workaround for that.
* Fix `signature_key_id` raising an exception
Previously, parsing failures would result in `signature_key_id` being nil,
but the parser changes made that result in an exception.
This commit changes the `signature_key_id` method to return `nil` in case
of parsing failures.
* Move extra HTTP signature helper methods to private methods
* Relax (request-target) requirement to (request-target) || digest
This lets requests from Plume work without lowering security significantly.
Follow-up to #14359
In the case of limited toots, the receiver may not be explicitly part of the
audience. If a specific user's inbox URI was specified, it makes sense to
dereference the toot from the corresponding user, instead of trying to find
someone in the explicit audience.
* feat: add possibility of adding WebAuthn security keys to use as 2FA
This adds a basic UI for enabling WebAuthn 2FA. We did a little refactor
to the Settings page for editing the 2FA methods – now it will list the
methods that are available to the user (TOTP and WebAuthn) and from
there they'll be able to add or remove any of them.
Also, it's worth mentioning that for enabling WebAuthn it's required to
have TOTP enabled, so the first time that you go to the 2FA Settings
page, you'll be asked to set it up.
This work was inspired by the one donde by Github in their platform, and
despite it could be approached in different ways, we decided to go with
this one given that we feel that this gives a great UX.
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: add request for WebAuthn as second factor at login if enabled
This commits adds the feature for using WebAuthn as a second factor for
login when enabled.
If users have WebAuthn enabled, now a page requesting for the use of a
WebAuthn credential for log in will appear, although a link redirecting
to the old page for logging in using a two-factor code will also be
present.
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: add possibility of deleting WebAuthn Credentials
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: disable WebAuthn when an Admin disables 2FA for a user
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* feat: remove ability to disable TOTP leaving only WebAuthn as 2FA
Following examples form other platforms like Github, we decided to make
Webauthn 2FA secondary to 2FA with TOTP, so that we removed the
possibility of removing TOTP authentication only, leaving users with
just WEbAuthn as 2FA. Instead, users will have to click on 'Disable 2FA'
in order to remove second factor auth.
The reason for WebAuthn being secondary to TOPT is that in that way,
users will still be able to log in using their code from their phone's
application if they don't have their security keys with them – or maybe
even lost them.
* We had to change a little the flow for setting up TOTP, given that now
it's possible to setting up again if you already had TOTP, in order to
let users modify their authenticator app – given that now it's not
possible for them to disable TOTP and set it up again with another
authenticator app.
So, basically, now instead of storing the new `otp_secret` in the
user, we store it in the session until the process of set up is
finished.
This was because, as it was before, when users clicked on 'Edit' in
the new two-factor methods lists page, but then went back without
finishing the flow, their `otp_secret` had been changed therefore
invalidating their previous authenticator app, making them unable to
log in again using TOTP.
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
* refactor: fix eslint errors
The PR build was failing given that linting returning some errors.
This commit attempts to fix them.
* refactor: normalize i18n translations
The build was failing given that i18n translations files were not
normalized.
This commits fixes that.
* refactor: avoid having the webauthn gem locked to a specific version
* refactor: use symbols for routes without '/'
* refactor: avoid sending webauthn disabled email when 2FA is disabled
When an admins disable 2FA for users, we were sending two mails
to them, one notifying that 2FA was disabled and the other to notify
that WebAuthn was disabled.
As the second one is redundant since the first email includes it, we can
remove it and send just one email to users.
* refactor: avoid creating new env variable for webauthn_origin config
* refactor: improve flash error messages for webauthn pages
Co-authored-by: Facundo Padula <facundo.padula@cedarcode.com>
Before this change:
- unsubscribe() was not called for a disconnection
- It seems that WebSocketClient calls connected() and reconnected().
subscriptionCounters were incremented twice for a single reconnection,
first from connected() and second from reconnected()
This might be a an additional change to
https://github.com/tootsuite/mastodon/pull/14579
to recover subscriptions after a reconnect.
* Increase DNS timeout from 1 second to 5 seconds for MX check
1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.
* Add more precise error messages for invalid e-mail addresses
* Fix client-side username validation at registration
It used the Account::USERNAME_RE regexp which is for *remote* users,
local user validation is stricter. Also take into account max username length.
* Add client-side form validation for password change
* Add client-side form validation to dedicated registration form
Previous changes only applied to the /about page, not the dedicated form on
/auth
* Add HTML-level validation of username in sign-up form
* Make required fields with incorrect values more visible
* Enable HTML form validation for the registration form
* Mark agreement checkbox as required client-side
* Add minimum length to password
* Add client-side password confirmation validation
* Fix not handling Undo on some activity types when they aren't inlined
When receiving an Undo for a non-inlined activity, try looking it up in
database using the URI. The queries are ad-hoc because we don't have a global
index of object URIs, and not all activity types are stored in database with
an index on their URI.
Announces are just statuses, and have an index on URIs, so this check can
be done efficiently.
Accepts cannot be handled at all because we don't record their URI at any
point.
Follows don't have an index on URI, but they have an index on the issuing
account, which should make such queries largely manageable.
Likes don't have an index on URI, they have an index on the issuing account,
but the number of favs per account may be very high, so I decided not to
handle that.
Blocks don't have an index on URI, but they have an index on the issuing
account, which should make such queries largely manageable.
In all cases, if an Undo could not be handled properly, we call `delete_later!`
because that does not require us to know more than the URI of the undone
property.
* Add tests
* Make newer blocks overwrite older ones
Allows re-synchronizing block info by re-blocking and un-blocking again
when the original Undo Block has been lost.
* Add tests for some cachable responses
This only covers responses that we should have managed to make cachable
so far. It's not the case of all responses that should be cachable in
the end.
* Fix RSS feeds not being cachable
* Add toot send by current user at local state after send a new toot
Related to #14021
* Decrement toot counter at profile when remove a toot
Related to #14021
* Remove semicolon at end of line
That should've worked just fine, but unfortunately, Crowdin wasn't able
to pick up on our non-existent "one" category, thus appending empty
translation block to people's translations. Empty block WILL BE used by
any ICU FormatMessage library, thus resulting in an empty translation
for "one" category, and that requires immediate fix.
This commit duplicates contents of the "other" plural category.
Fixes#14337
The new audio player sets the background and foreground colors automatically
based on the thumbnail of the audio file, but the mastodon-light theme
overrides the controls' colors with a hardcoded color, which sometimes make
them unreadable.
* Fix the local group's followers collection
* Fix to accept followed relayed_through_account
* Add local delivery to the group's followers
* Fix code style
* Revert "Add local delivery to the group's followers"
This reverts commit 3237effc199772e4c4d30f19082cbc5633f56196.
Since #14145, the `set_type_and_extension` has been moved from
`before_post_process` to `before_file_post_process`, but while the former
runs before all validations performed by Paperclip, the latter is dependent
on the order validations and hooks are defined.
In our case, this meant video files could be checked against the generic 10MB
limit, causing validation failures, which, internally, make Paperclip skip
post-processing, and thus, transcoding of the video file.
The actual validation would then happen after the type is correctly set, so
the large file would pass validation, but without being transcoded first.
This commit moves the hook definition so that it is run before checking for
the file size.
* Fix audio and video items in account gallery in web UI
- Fix audio items not using thumbnails
- Fix video items not using custom thumbnails
- Fix video items autoplaying like GIFs
* Change audio and video items in account gallery to autoplay when opened in web UI
* Fix code style issue
* Fix audio player ticks position
* Split visualizer code into own file to comply with license
* Change top-left corner of visualizer always showing peaks, clean up code
There was a missed empty hash check. As well as rendering is now wrapped
in try/catch block, so app won't crash if any Blurhash component fails
to render its contents as it's not that critical.
This commit replaces all unnecessarily repeated code for decoding and
embedding blurhash canvases with separate component - <Blurhash>.
Under the hood Blurhash component will use effect dependent on its
props. This gives a few benefits: it will only be re-rendered whenever
the hash or width/height/dummy props update, and will not render if
canvas won't get to the final DOM, because then effect won't fire,
which prevents weird bugs like #14257.
While OAuth tokens were immediately revoked, accessing the home
controller immediately generated new OAuth tokens and "revived"
the session due to a combination of using remember_me tokens and
overwriting the `authenticate_user!` method
While OAuth tokens were immediately revoked, accessing the home
controller immediately generated new OAuth tokens and "revived"
the session due to a combination of using remember_me tokens and
overwriting the `authenticate_user!` method
This commit introduces new utility component - ShortNumber. It should
work almost the same way as original shortNumberFormat function,
though it also localizes units and accepts one more prop - renderer.
Renderer is a function that takes rendered short formatted number
and also ready-to-pluralize number to format display result accordingly.
Ready-to-pluralize number allows to correctly select plural for
compactly notated numbers, respecting thousands and other units.
Issue #12451 accurately describes the issue with using raw numbers
when replacing counter with short version. In short, it doesn't work
with languages such as Russian, that require different plurals,
according to the unit number was compacted to.
All previous usages of shortNumberFormat were replaced with new
function, and as it became unused, it was removed to avoid misleading.
* Change move handler to carry blocks and mutes over
When user A blocks user B and B moves to a new account C, make A block C
accordingly.
Note that it only works if A's instance is aware of the Move, that is,
if B is on A's instance or has followers there.
* Also notify instances with known people blocking you when moving
* Add automatic account notes when blocking/muting an account that had no note
* Add UserNote model
* Add UI for user notes
* Put comment in relationships entity
* Add API to create user notes
* Copy user notes to new account when receiving a Move activity
* Address some of the review remarks
* Replace modal by inline edition
* Please CodeClimate
* Button design changes
* Change design again
* Cancel note edition when pressing Escape
* Fixes
* Tweak design again
* Move “Add note” item, and allow users to add notes to themselves
* Rename UserNote into AccountNote, rename “comment” Relationship attribute to “note”
- Change audio files to not be stripped of metadata
- Automatically extract cover art from audio if it exists
- Add `thumbnail` parameter to `POST /api/v1/media`, `POST /api/v2/media` and `PUT /api/v1/media/:id`
- Add `icon` to represent it in attachments in ActivityPub
- Fix `preview_url` containing URL of missing missing image when there is no thumbnail instead of null
- Fix duration of audio not being displayed on public pages until the file is loaded
* Fix header button changing header size in settings pages
* Make form buttons look more like a part of the form in settings pages
- Put buttons closer, using same distance as between inputs
- Make buton font size a bit smaller to blend a bit more
- Add the class button to button tags for consisent styling
Thai does not separate words by spaces, so I figured out it should be
in 'reliable characters regexp' that denotes languages that do the same.
Related #13891.
* Fix design issues with sensitive preview cards
* Center “sensitive” label on preview image for interactive cards
* Add “button” role to sensitive preview card text
- Fix audio attachments not being represented in OpenGraph tags
- Fix audio being represented as "1 image" in OpenGraph descriptions
- Fix video metadata being overwritten by paperclip-av-transcoder
- Fix embedded player not using Mastodon's UI
- Fix audio/video progress bars not moving smoothly
- Fix audio/video buffered bars not displaying correctly
* Fix audio download button not starting download in web UI
* Fix volume controls on audio and video players in web UI
* Remove download button from video player in web UI
* Fixed emoji detection problem to append border
* Add tests
* Add missing semicolon
* Fixed wrong result when includes different variation selector
* Add missing semicolon
* Remove grapheme-splitter and Change emoji list to array from string
* Update comment
* Remove spaces
Co-authored-by: ThibG <thib@sitedethib.com>
* Split media cleanup from reject-media domain blocks to its own service
* Slightly improve ClearDomainMediaService error handling
* Lower DomainClearMediaWorker to lowest-priority queue
* Do not catch ActiveRecord::RecordNotFound in domain block workers
* Fix DomainBlockWorker spec labels
* Add some specs
* Change domain blocks to immediately mark accounts as suspended
Rather than doing so sequentially, account after account, while cleaning
their data. This doesn't change much about the time the block takes to
complete, but it immediately prevents interaction with the blocked domain,
while up to now, it would only be guaranteed when the process ends.
* Refactor list of emoji requiring added outlines so that it can be theme-specific
* Split inaccessible emoji to emoji requiring an outline and ones that can be inverted
* Drop the “silouhettes” from black emoji as they seem to have changed color
* Add inaccessible emojis list for the light theme
* Use bordered emoji variant instead of unreliable CSS
* FIX: filters ignore media descriptions
* remove parentheses to make codeclimate happy
* combine the text and run the regular expression only once.
https://github.com/tootsuite/mastodon/pull/13837#discussion_r431752581
* Fix use of “filter” instead of “compact”, fix coding style issues
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Display appropriate error when performing unpermitted operation on custom emoji
Fixes#13897
* Remove links to custom emoji actions not performable by moderators
* Fix admin page crashing when trying to block an invalid domain name
Fixes#13880
* Fix trailing and leading spaces not being properly stripped for domain blocks
Unfortunately, Firefox does not support the `keepalive` parameter
I used in the previous PR. However it supports the `navigator.sendBeacon`
API that allows that kind of things, but does not allow setting headers.
Therefore, this PR replaces it with a `sendBeacon` call that passes the
bearer token in the POST data.
Doorkeeper will then handle the auth token out of the box, as long as
it is passed as form data. Passing the query as JSON does not work.
* Periodically save timeline markers
This saves timeline markers immediately upon message arrival, but not more
than once every 5 minutes.
This does not change how the markers are saved on closing the window,
except that it avoids submitting them if there is no need for it.
* Use the Fetch API when possible instead of XHR on window unload
* Fix some account avatars on public pages having incorrect size
* Remove outdated and overridden width and height attributes
* Remove more hardcoded width/height attributes
When attempting to access the log-in page while already logged in,
Devise's `require_no_authentication` kicks in and sets a flash
message “You are already signed in.”
In almost all cases, this also causes a redirect to /web, which
does not display or clear flash messages, thus leaving the message
to a potentially much later date, like for instance, accessing
/preferences several minutes after being redirected to /web.
* Improve RSS entries for statuses
- Render polls in both accounts and tags serializers
- Refactor RSS serializers
- Change title preview to include ellipsis when truncated
- Change title preview to show CW instead of toot text
- Add tests
* Remove title from OEmbed serialization
Twitter doesn't serialize title either, and tihs allows us to move the
title formatting code to the RSS serializers.
Change `account_link_to` to use an image tag rather than some
inline CSS. Dropped the `size` parameter in the process, but it wasn't
used for anything except the default value of 36px.
Dropped CSS rules that were always overriden, and defaulted to 36px width
and height instead.
When deduplicating account usernames for OAuthable users, the routine did check if any account was known with that username, including remote accounts. This caused some unnecessary deduplication, and usernames ending with unexpected trailing _1.
This fixes#13580
* Move .back-button inline styles to CSS file
All occurrences of the back-button CSS class used the same inline
CSS rules, so moved them over to the CSS file
* Fix “Add new domain block” button using inline CSS
* Replace common pattern of inline-styled button boxes by a CSS class
In particular, switching from `float: left/right` to a flexbox with
`justify-content: space-between`. This implied changing the order of
a few HTML tags and adding an empty `div` in one case.
Also removed a `margin-bottom` rule that wasn't needed due to the
margins of surrounding elements.
* Move account admin view inline CSS to CSS file
Fixes#13573
For some reason (I suspect this may be related to focusing the item before it
got drown by the browser), Firefox scrolls to top when bringing up dropdown
menus with pre-selected items.
This commit uses the “preventScroll” option as, due to the placement behavior,
the menu should be visible anyway and not trigger scrolling.
* Move some inline styles to CSS files
* Move default_account_display_name span to fix useless tags with duplicate id
* Change handling of public pages spoiler text from inline CSS to dataset attribute
* Use the `dir` HTML attribute instead of inline CSS
* Move status action bar inline CSS to CSS file
* Hide logo resources from CSS file, not inline CSS
Fixes#11601
* Move translation prompt styling from inline CSS to CSS file
* Move “invited by” styling on registration form from inline to CSS file
* Use the progress tag to display poll results in JS fallback
* Fix poll results JS-less fallback when the user has voted for an option
* Change account public page “moved” notice to use img tags instead of inline CSS
* Move OTP hint inline CSS to SCSS file
* Hide JS-less fallback vote progressbars from accessibility tools
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Attempting to upload image files that the browser is unable to load results
in “Oops! An unexpected error occurred.”
This commit changes the error handling so that an unprocessable image results
in the file being sent anyway, which might cover a few corner cases, and
provide a slightly better error message.
Fixes#13536
- Expanding a paused video doesn't autoplay anymore
- Default volume level for the expanded video inherited from the original video
Position/playing state/volume are carried over from the original video player
to the modal, but they're not reported back to the modal as it would require
deeper changes.
This is achieved by sending a DELETE request to
/settings/profile/pictures/{avatar,header} via a link that is part of
the upload form's hint of the respective picture.
Some browsers (at least recent Chrome versions) automatically take
image metadata into account when drawing images into a canvas.
There seem to be no way to prevent that behavior, and the only
way to detect it seems to compare with a known image.
See: https://github.com/w3c/csswg-drafts/issues/4666
Solution adapted from: 1e4df70782
Follow-up to #13452, fixing broken `uri.nil?` test.
Also remove the separate check for `uri` presence, as that would result
in a “Please review 2 errors below” while only one would be listed.
* Fix “Email changed” notification sometimes having wrong e-mail
Fixes#6778
The root of the issue is that `send_devise_notification` was called before
the changes were properly commited to the database, causing the mailer to
pick previous values if running too early.
Devise's documentation provides guidance on how to handle that[1][2], however,
I have found it to not be working, as the following happens, in that order:
- `send_devise_notification` is called for the `email_changed` notification.
In that case, `changed?` is false and `saved_changes?` is true, so
if we use the former, we have the same issue.
- the `after_commit` hook is called
- `send_devise_notification` is called for the `confirmation_instructions`
notification.
In that case, `changed?` is still false, and `saved_changes?` still true,
so if we use the latter, that second notification email is simply not
going to be sent (as we would be queuing the notification *after*
executing the after_commit hook).
This is because it may be called from either an `after_update` or
`after_commit` hook, the difference not being a call to `save` but the
transaction actually being committed to the database. This may arguably
be a bug in Devise, or Devise's notification.
The proposed workaround is inspired by Devise's documentation but checks
whether a transaction is open to make the call whether to immediately
send the notification or defer it to the `after_commit` hook.
[1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification
[2]: 406915cb78/lib/devise/models/authenticatable.rb (L133-L194)
* Fix cases when sending notifications without changing the model
* Defer sending if and only if in transaction including current record
* Features/mild master (#278)
* 3.1.3 (#275)
* Fix announcements with fully-qualified mention to local user crashing WebUI (#13164)
* [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords
Fixes#13154
* Refactor
* Fix elasticsearch-api and faraday incompatibilities (#13166)
* Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
* Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add tooltips to audio/video player buttons (#13203)
* Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes#13168
* Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
* Remove useless `respond_to` calls (#13208)
* Change GIF label to be displayed even when autoplay is enabled in web UI (#13209)
* Fix too large announcements not being scrollable in web UI (#13211)
* Add specific rate limits for posting and following (#13172)
* Fix text area above/right of emoji picker being accidentally clickable in web UI (#13148)
* Add sorting by username, creation and last activity in moderation view (#13076)
* Add ability to order accounts in moderation view
* Display last status date in “Most recent activity” for remote users
* Fix error when searching for URLs that contain the mention syntax (#13151)
Fixes#13150
* Set BUNDLE_PATH in CircleCI (#13214)
* Change description of privacy levels to be more intuitive in web UI (#13197)
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads
* Refactor and move links into hints
* Fix i18n tests
* Fix HTML output of site_upload_delete_hint
* Add `--skip-media-remove` option to `tootctl statuses remove` (#13080)
* Add skip_media_remove option to tootctl statuses remove
* Add skip_media_remove option to tootctl statuses remove
Co-authored-by: tateisu <tateisu@juggler.jp>
* Code style improvements in JavaScript (#13159)
* JS-linter: fix trailing comma's
* Configure eslinter to ignore this onchange error.
* Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page
* Duplicate save button on long form
* Fix click submit on profile spec
* Update nginx.conf (#13066)
* Change wording of media display preferences to be more intuitive (#13198)
* Change the tooltip "Toggle visibility" to "Hide media" in web UI (#13199)
* Add support for links to statuses in announcements to be opened in web UI (#13212)
* Add support for links to public statuses in announcements to be opened in WebUI
* Please CodeClimate
* Fix public posts from silenced accounts not being changed to unlisted visibility (#13096)
* Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change local media attachments to perform heavy processing asynchronously (#13210)
Fix#9106
* Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix compatibility with cld3 3.3.0
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
* Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
* Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.
* update
* Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)
* Fix videos with unsupported colorspace not being transcoded (#13242)
* Fix regression in “Edit media” modal in web UI (#13243)
* [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile
* Update Dockerfile
* Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
* Add titles to warning presets in admin UI (#13252)
* Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI
* Add option to blacklist resolved MX and IP records for e-mail domains
* Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes#13266
* Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump capistrano from 3.11.2 to 3.12.1
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289)
* Decommission support for Ruby 2.4 (#13287)
* Update Gemfile
* Update README.md
* Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
* Make bookmarks also searchable (#13271)
* Add link to bookmarks in web UI dropdown (#13273)
* Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock
* Update package.json
* Update public.js
* Update admin.js
* Update log_out.js
* Update common.js
* [Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Sidekiq::Logger.logger -> Sidekiq.logger
* Drop support Ruby 2.4
* update
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix bookmarks also searchable (#13293)
* Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294)
* Change poll option hover/active styling to be less confusing (#13313)
* Fix frontend crash when deleting announcements (#13312)
Refactor and fix#13283, which only worked in some cases.
* Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
* Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump aws-sdk-s3 from 1.60.1 to 1.61.1 (#13306)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* New Crowdin translations (#13064)
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations devise.en.yml (Icelandic)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Swedish)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Asturian)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations activerecord.en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Kabyle)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations devise.en.yml (Breton)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations doorkeeper.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations devise.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Bump babel-plugin-preval from 4.0.0 to 5.0.0 (#13297)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v4.0.0...v5.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-react-inline-elements from 7.8.3 to 7.9.0 (#13298)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/core from 7.8.6 to 7.9.0 (#13303)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.6 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.6...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack-bundle-analyzer from 3.6.0 to 3.6.1 (#13300)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.6.0...v3.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change `tootctl media remove-orphans` to work for all classes (#13316)
Change `tootctl media lookup` to not use an interactive prompt
* Bump react-select from 3.0.8 to 3.1.0 (#13296)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 (#13301)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack from 4.41.5 to 4.42.1 (#13319)
Bumps [webpack](https://github.com/webpack/webpack) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix Paperclip using deprecated URI.escape function (#13320)
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
* Bump brakeman from 4.7.2 to 4.8.0 (#13309)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
Fixes#13321
* Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
* Fix incorrect deletion of local accounts imported by overwriting (#13350)
* Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)
* Bump pg from 1.2.2 to 1.2.3 (#13344)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump oj from 3.10.3 to 3.10.5 (#13345)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump iso-639 from 0.2.8 to 0.3.5 (#13343)
Bumps [iso-639](https://github.com/xwmx/iso-639) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases)
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump ox from 2.12.1 to 2.13.2 (#13342)
Bumps [ox](https://github.com/ohler55/ox) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump better_errors from 2.5.1 to 2.6.0 (#13340)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix ImportsController param to permit :mode (#13347)
* Bump parallel_tests from 2.30.1 to 2.32.0 (#13341)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump uuid from 3.4.0 to 7.0.2 (#13295)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix content warning being unnecessarily cleared when enabling/disabling CW (#13348)
* Bump concurrent-ruby from 1.1.5 to 1.1.6 (#13346)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react from 16.12.0 to 16.13.1 (#13337)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump stringz from 2.0.0 to 2.1.0 (#13331)
Bumps [stringz](https://github.com/sallar/stringz) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases)
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sallar/stringz/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 25.1.0 to 25.2.4 (#13332)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-env from 7.8.3 to 7.9.0 (#13336)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump yargs from 15.1.0 to 15.3.1 (#13334)
Bumps [yargs](https://github.com/yargs/yargs) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-loader from 8.0.6 to 8.1.0 (#13333)
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-react from 7.8.3 to 7.9.4 (#13335)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump autoprefixer from 9.7.4 to 9.7.5 (#13338)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix re-sending of e-mail confirmation not being rate limited (#13360)
Fix#13330
* Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix background jobs not using locks like they are supposed to (#13361)
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 (#13367)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump faker from 2.10.1 to 2.11.0 (#13363)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump tty-prompt from 0.20.0 to 0.21.0 (#13366)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump bootsnap from 1.4.5 to 1.4.6 (#13369)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.1 to 3.1.2 (#13368)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)
Fix#13216
* Fix returning results when searching for URL with non-zero offset (#13377)
Fix#13083
* Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)
Fix#13371
* Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
* Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Add ability to filter audit log in admin UI (#13381)
* Update Vagrant box to Bionic (#13384)
* Update config.yml (#13379)
* Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
* Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
* Bump version to 3.1.3 (#13389)
* Fix PostgreSQL load when linking in announcements (#13250)
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
* [Security] Update Dockerfile for Ruby 2.6.6 (#13393)
* Update .ruby-version (#13395)
* Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Add rate limit for reporting (#13390)
* New Crowdin translations (#13317)
* New translations en.yml (Italian)
[ci skip]
* New translations doorkeeper.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (Ido)
[ci skip]
* New translations doorkeeper.en.yml (Ido)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Georgian)
[ci skip]
* New translations doorkeeper.en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations doorkeeper.en.yml (Greek)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Hebrew)
[ci skip]
* New translations devise.en.yml (Hebrew)
[ci skip]
* New translations doorkeeper.en.yml (Hebrew)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations doorkeeper.en.yml (Esperanto)
[ci skip]
* New translations doorkeeper.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Estonian)
[ci skip]
* New translations simple_form.en.yml (Estonian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]
* New translations activerecord.en.yml (Vietnamese)
[ci skip]
* New translations devise.en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (German)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations devise.en.yml (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.y…
* clean up old theme (#279)
fix override settings
Co-authored-by: ThibG <thib@sitedethib.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: koyu <me@koyu.space>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: David Cook <divergentdave@gmail.com>
Co-authored-by: tateisu <tateisu@gmail.com>
Co-authored-by: tateisu <tateisu@juggler.jp>
Co-authored-by: Bèr Kessels <ber@berk.es>
Co-authored-by: guigeekz <pattusg@gmail.com>
Co-authored-by: Shlee <github@shl.ee>
Co-authored-by: mayaeh <mayaeh@marimo-net.org>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Daniel Sockwell <dsockwell@gmail.com>
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Takeshi Umeda <noel.yoshiba@gmail.com>
Co-authored-by: Sasha Sorokin <dafri.nochiterov8@gmail.com>
Co-authored-by: fuyu <54523771+mfmfuyu@users.noreply.github.com>
Co-authored-by: Rintan <rintanminecraft@gmail.com>
* Fix announcements with fully-qualified mention to local user crashing WebUI (#13164)
* [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords
Fixes#13154
* Refactor
* Fix elasticsearch-api and faraday incompatibilities (#13166)
* Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
* Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add tooltips to audio/video player buttons (#13203)
* Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes#13168
* Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
* Remove useless `respond_to` calls (#13208)
* Change GIF label to be displayed even when autoplay is enabled in web UI (#13209)
* Fix too large announcements not being scrollable in web UI (#13211)
* Add specific rate limits for posting and following (#13172)
* Fix text area above/right of emoji picker being accidentally clickable in web UI (#13148)
* Add sorting by username, creation and last activity in moderation view (#13076)
* Add ability to order accounts in moderation view
* Display last status date in “Most recent activity” for remote users
* Fix error when searching for URLs that contain the mention syntax (#13151)
Fixes#13150
* Set BUNDLE_PATH in CircleCI (#13214)
* Change description of privacy levels to be more intuitive in web UI (#13197)
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads
* Refactor and move links into hints
* Fix i18n tests
* Fix HTML output of site_upload_delete_hint
* Add `--skip-media-remove` option to `tootctl statuses remove` (#13080)
* Add skip_media_remove option to tootctl statuses remove
* Add skip_media_remove option to tootctl statuses remove
Co-authored-by: tateisu <tateisu@juggler.jp>
* Code style improvements in JavaScript (#13159)
* JS-linter: fix trailing comma's
* Configure eslinter to ignore this onchange error.
* Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page
* Duplicate save button on long form
* Fix click submit on profile spec
* Update nginx.conf (#13066)
* Change wording of media display preferences to be more intuitive (#13198)
* Change the tooltip "Toggle visibility" to "Hide media" in web UI (#13199)
* Add support for links to statuses in announcements to be opened in web UI (#13212)
* Add support for links to public statuses in announcements to be opened in WebUI
* Please CodeClimate
* Fix public posts from silenced accounts not being changed to unlisted visibility (#13096)
* Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change local media attachments to perform heavy processing asynchronously (#13210)
Fix#9106
* Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix compatibility with cld3 3.3.0
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
* Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
* Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.
* update
* Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)
* Fix videos with unsupported colorspace not being transcoded (#13242)
* Fix regression in “Edit media” modal in web UI (#13243)
* [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile
* Update Dockerfile
* Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
* Add titles to warning presets in admin UI (#13252)
* Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI
* Add option to blacklist resolved MX and IP records for e-mail domains
* Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes#13266
* Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump capistrano from 3.11.2 to 3.12.1
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289)
* Decommission support for Ruby 2.4 (#13287)
* Update Gemfile
* Update README.md
* Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
* Make bookmarks also searchable (#13271)
* Add link to bookmarks in web UI dropdown (#13273)
* Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock
* Update package.json
* Update public.js
* Update admin.js
* Update log_out.js
* Update common.js
* [Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Sidekiq::Logger.logger -> Sidekiq.logger
* Drop support Ruby 2.4
* update
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix bookmarks also searchable (#13293)
* Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294)
* Change poll option hover/active styling to be less confusing (#13313)
* Fix frontend crash when deleting announcements (#13312)
Refactor and fix#13283, which only worked in some cases.
* Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
* Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump aws-sdk-s3 from 1.60.1 to 1.61.1 (#13306)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* New Crowdin translations (#13064)
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations devise.en.yml (Icelandic)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Swedish)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Asturian)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations activerecord.en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Kabyle)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations devise.en.yml (Breton)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations doorkeeper.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations devise.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Bump babel-plugin-preval from 4.0.0 to 5.0.0 (#13297)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v4.0.0...v5.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-react-inline-elements from 7.8.3 to 7.9.0 (#13298)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/core from 7.8.6 to 7.9.0 (#13303)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.6 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.6...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack-bundle-analyzer from 3.6.0 to 3.6.1 (#13300)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.6.0...v3.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change `tootctl media remove-orphans` to work for all classes (#13316)
Change `tootctl media lookup` to not use an interactive prompt
* Bump react-select from 3.0.8 to 3.1.0 (#13296)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 (#13301)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack from 4.41.5 to 4.42.1 (#13319)
Bumps [webpack](https://github.com/webpack/webpack) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix Paperclip using deprecated URI.escape function (#13320)
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
* Bump brakeman from 4.7.2 to 4.8.0 (#13309)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
Fixes#13321
* Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
* Fix incorrect deletion of local accounts imported by overwriting (#13350)
* Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)
* Bump pg from 1.2.2 to 1.2.3 (#13344)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump oj from 3.10.3 to 3.10.5 (#13345)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump iso-639 from 0.2.8 to 0.3.5 (#13343)
Bumps [iso-639](https://github.com/xwmx/iso-639) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases)
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump ox from 2.12.1 to 2.13.2 (#13342)
Bumps [ox](https://github.com/ohler55/ox) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump better_errors from 2.5.1 to 2.6.0 (#13340)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix ImportsController param to permit :mode (#13347)
* Bump parallel_tests from 2.30.1 to 2.32.0 (#13341)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump uuid from 3.4.0 to 7.0.2 (#13295)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix content warning being unnecessarily cleared when enabling/disabling CW (#13348)
* Bump concurrent-ruby from 1.1.5 to 1.1.6 (#13346)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react from 16.12.0 to 16.13.1 (#13337)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump stringz from 2.0.0 to 2.1.0 (#13331)
Bumps [stringz](https://github.com/sallar/stringz) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases)
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sallar/stringz/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 25.1.0 to 25.2.4 (#13332)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-env from 7.8.3 to 7.9.0 (#13336)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump yargs from 15.1.0 to 15.3.1 (#13334)
Bumps [yargs](https://github.com/yargs/yargs) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-loader from 8.0.6 to 8.1.0 (#13333)
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-react from 7.8.3 to 7.9.4 (#13335)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump autoprefixer from 9.7.4 to 9.7.5 (#13338)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix re-sending of e-mail confirmation not being rate limited (#13360)
Fix#13330
* Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix background jobs not using locks like they are supposed to (#13361)
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 (#13367)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump faker from 2.10.1 to 2.11.0 (#13363)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump tty-prompt from 0.20.0 to 0.21.0 (#13366)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump bootsnap from 1.4.5 to 1.4.6 (#13369)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.1 to 3.1.2 (#13368)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)
Fix#13216
* Fix returning results when searching for URL with non-zero offset (#13377)
Fix#13083
* Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)
Fix#13371
* Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
* Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Add ability to filter audit log in admin UI (#13381)
* Update Vagrant box to Bionic (#13384)
* Update config.yml (#13379)
* Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
* Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
* Bump version to 3.1.3 (#13389)
* Fix PostgreSQL load when linking in announcements (#13250)
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
* [Security] Update Dockerfile for Ruby 2.6.6 (#13393)
* Update .ruby-version (#13395)
* Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Add rate limit for reporting (#13390)
* New Crowdin translations (#13317)
* New translations en.yml (Italian)
[ci skip]
* New translations doorkeeper.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (Ido)
[ci skip]
* New translations doorkeeper.en.yml (Ido)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Georgian)
[ci skip]
* New translations doorkeeper.en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations doorkeeper.en.yml (Greek)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Hebrew)
[ci skip]
* New translations devise.en.yml (Hebrew)
[ci skip]
* New translations doorkeeper.en.yml (Hebrew)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations doorkeeper.en.yml (Esperanto)
[ci skip]
* New translations doorkeeper.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Estonian)
[ci skip]
* New translations simple_form.en.yml (Estonian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]
* New translations activerecord.en.yml (Vietnamese)
[ci skip]
* New translations devise.en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (German)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations devise.en.yml (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New t…
Co-authored-by: ThibG <thib@sitedethib.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: koyu <me@koyu.space>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: David Cook <divergentdave@gmail.com>
Co-authored-by: tateisu <tateisu@gmail.com>
Co-authored-by: tateisu <tateisu@juggler.jp>
Co-authored-by: Bèr Kessels <ber@berk.es>
Co-authored-by: guigeekz <pattusg@gmail.com>
Co-authored-by: Shlee <github@shl.ee>
Co-authored-by: mayaeh <mayaeh@marimo-net.org>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Daniel Sockwell <dsockwell@gmail.com>
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Takeshi Umeda <noel.yoshiba@gmail.com>
Co-authored-by: Sasha Sorokin <dafri.nochiterov8@gmail.com>
Co-authored-by: fuyu <54523771+mfmfuyu@users.noreply.github.com>
* Fix announcements with fully-qualified mention to local user crashing WebUI (#13164)
* [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords
Fixes#13154
* Refactor
* Fix elasticsearch-api and faraday incompatibilities (#13166)
* Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
* Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add tooltips to audio/video player buttons (#13203)
* Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes#13168
* Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
* Remove useless `respond_to` calls (#13208)
* Change GIF label to be displayed even when autoplay is enabled in web UI (#13209)
* Fix too large announcements not being scrollable in web UI (#13211)
* Add specific rate limits for posting and following (#13172)
* Fix text area above/right of emoji picker being accidentally clickable in web UI (#13148)
* Add sorting by username, creation and last activity in moderation view (#13076)
* Add ability to order accounts in moderation view
* Display last status date in “Most recent activity” for remote users
* Fix error when searching for URLs that contain the mention syntax (#13151)
Fixes#13150
* Set BUNDLE_PATH in CircleCI (#13214)
* Change description of privacy levels to be more intuitive in web UI (#13197)
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads
* Refactor and move links into hints
* Fix i18n tests
* Fix HTML output of site_upload_delete_hint
* Add `--skip-media-remove` option to `tootctl statuses remove` (#13080)
* Add skip_media_remove option to tootctl statuses remove
* Add skip_media_remove option to tootctl statuses remove
Co-authored-by: tateisu <tateisu@juggler.jp>
* Code style improvements in JavaScript (#13159)
* JS-linter: fix trailing comma's
* Configure eslinter to ignore this onchange error.
* Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page
* Duplicate save button on long form
* Fix click submit on profile spec
* Update nginx.conf (#13066)
* Change wording of media display preferences to be more intuitive (#13198)
* Change the tooltip "Toggle visibility" to "Hide media" in web UI (#13199)
* Add support for links to statuses in announcements to be opened in web UI (#13212)
* Add support for links to public statuses in announcements to be opened in WebUI
* Please CodeClimate
* Fix public posts from silenced accounts not being changed to unlisted visibility (#13096)
* Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change local media attachments to perform heavy processing asynchronously (#13210)
Fix#9106
* Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix compatibility with cld3 3.3.0
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
* Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
* Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.
* update
* Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)
* Fix videos with unsupported colorspace not being transcoded (#13242)
* Fix regression in “Edit media” modal in web UI (#13243)
* [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile
* Update Dockerfile
* Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
* Add titles to warning presets in admin UI (#13252)
* Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI
* Add option to blacklist resolved MX and IP records for e-mail domains
* Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes#13266
* Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump capistrano from 3.11.2 to 3.12.1
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289)
* Decommission support for Ruby 2.4 (#13287)
* Update Gemfile
* Update README.md
* Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
* Make bookmarks also searchable (#13271)
* Add link to bookmarks in web UI dropdown (#13273)
* Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock
* Update package.json
* Update public.js
* Update admin.js
* Update log_out.js
* Update common.js
* [Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Sidekiq::Logger.logger -> Sidekiq.logger
* Drop support Ruby 2.4
* update
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix bookmarks also searchable (#13293)
* Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294)
* Change poll option hover/active styling to be less confusing (#13313)
* Fix frontend crash when deleting announcements (#13312)
Refactor and fix#13283, which only worked in some cases.
* Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
* Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump aws-sdk-s3 from 1.60.1 to 1.61.1 (#13306)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* New Crowdin translations (#13064)
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations devise.en.yml (Icelandic)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Swedish)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Asturian)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations activerecord.en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Kabyle)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations devise.en.yml (Breton)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations doorkeeper.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations devise.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Bump babel-plugin-preval from 4.0.0 to 5.0.0 (#13297)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v4.0.0...v5.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-react-inline-elements from 7.8.3 to 7.9.0 (#13298)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/core from 7.8.6 to 7.9.0 (#13303)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.6 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.6...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack-bundle-analyzer from 3.6.0 to 3.6.1 (#13300)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.6.0...v3.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change `tootctl media remove-orphans` to work for all classes (#13316)
Change `tootctl media lookup` to not use an interactive prompt
* Bump react-select from 3.0.8 to 3.1.0 (#13296)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 (#13301)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack from 4.41.5 to 4.42.1 (#13319)
Bumps [webpack](https://github.com/webpack/webpack) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix Paperclip using deprecated URI.escape function (#13320)
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
* Bump brakeman from 4.7.2 to 4.8.0 (#13309)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
Fixes#13321
* Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
* Fix incorrect deletion of local accounts imported by overwriting (#13350)
* Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)
* Bump pg from 1.2.2 to 1.2.3 (#13344)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump oj from 3.10.3 to 3.10.5 (#13345)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump iso-639 from 0.2.8 to 0.3.5 (#13343)
Bumps [iso-639](https://github.com/xwmx/iso-639) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases)
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump ox from 2.12.1 to 2.13.2 (#13342)
Bumps [ox](https://github.com/ohler55/ox) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump better_errors from 2.5.1 to 2.6.0 (#13340)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix ImportsController param to permit :mode (#13347)
* Bump parallel_tests from 2.30.1 to 2.32.0 (#13341)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump uuid from 3.4.0 to 7.0.2 (#13295)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix content warning being unnecessarily cleared when enabling/disabling CW (#13348)
* Bump concurrent-ruby from 1.1.5 to 1.1.6 (#13346)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react from 16.12.0 to 16.13.1 (#13337)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump stringz from 2.0.0 to 2.1.0 (#13331)
Bumps [stringz](https://github.com/sallar/stringz) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases)
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sallar/stringz/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 25.1.0 to 25.2.4 (#13332)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-env from 7.8.3 to 7.9.0 (#13336)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump yargs from 15.1.0 to 15.3.1 (#13334)
Bumps [yargs](https://github.com/yargs/yargs) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-loader from 8.0.6 to 8.1.0 (#13333)
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-react from 7.8.3 to 7.9.4 (#13335)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump autoprefixer from 9.7.4 to 9.7.5 (#13338)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix re-sending of e-mail confirmation not being rate limited (#13360)
Fix#13330
* Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix background jobs not using locks like they are supposed to (#13361)
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 (#13367)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump faker from 2.10.1 to 2.11.0 (#13363)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump tty-prompt from 0.20.0 to 0.21.0 (#13366)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump bootsnap from 1.4.5 to 1.4.6 (#13369)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.1 to 3.1.2 (#13368)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)
Fix#13216
* Fix returning results when searching for URL with non-zero offset (#13377)
Fix#13083
* Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)
Fix#13371
* Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
* Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Add ability to filter audit log in admin UI (#13381)
* Update Vagrant box to Bionic (#13384)
* Update config.yml (#13379)
* Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
* Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
* Bump version to 3.1.3 (#13389)
* Fix PostgreSQL load when linking in announcements (#13250)
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
* [Security] Update Dockerfile for Ruby 2.6.6 (#13393)
* Update .ruby-version (#13395)
* Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Add rate limit for reporting (#13390)
* New Crowdin translations (#13317)
* New translations en.yml (Italian)
[ci skip]
* New translations doorkeeper.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (Ido)
[ci skip]
* New translations doorkeeper.en.yml (Ido)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Georgian)
[ci skip]
* New translations doorkeeper.en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations doorkeeper.en.yml (Greek)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Hebrew)
[ci skip]
* New translations devise.en.yml (Hebrew)
[ci skip]
* New translations doorkeeper.en.yml (Hebrew)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations doorkeeper.en.yml (Esperanto)
[ci skip]
* New translations doorkeeper.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Estonian)
[ci skip]
* New translations simple_form.en.yml (Estonian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]
* New translations activerecord.en.yml (Vietnamese)
[ci skip]
* New translations devise.en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (German)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations devise.en.yml (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Albanian)
[ci skip]
* New translations en.json (Indonesian)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations en.json (Ido)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.json (Kannada)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations en.json (Hindi)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.json (Malayalam)
[ci skip]
* New translations en.json (Marathi)
[ci skip]
* New translations en.json (Norwegian)
[ci skip]
* New translations en.json (Norwegian Nynorsk)
[ci skip]
* New translations en.json (Malay)
[ci skip]
* New translations en.json (Kazakh)
[ci skip]
* New translations en.json (Korean)
[ci skip]
* New translations en.json (Latvian)
[ci skip]
* New translations en.json (Lithuanian)
[ci skip]
* New translations en.json (Macedonian)
[ci skip]
* New translations en.json (Bulgarian)
[ci skip]
* New translations en.json (Catalan)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Traditional)
[ci skip]
* New translations en.json (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.json (Asturian)
[ci skip]
* New translations en.json (Armenian)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.json (Estonian)
[ci skip]
* New translations en.json (Georgian)
[ci skip]
* New translations en.json (German)
[ci skip]
* New translations en.json (Croatian)
[ci skip]
* New translations en.json (Czech)
[ci skip]
* New translations en.json (Corsican)
[ci skip]
* New translations en.json (Esperanto)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Danish)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Telugu)
[ci skip]
* New translations en.json (Turkish)
[ci skip]
* New translations en.json (Tamil)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.json (Spanish, Argentina)
[ci skip]
* New translations en.json (Welsh)
[ci skip]
* New translations en.json (Vietnamese)
[ci skip]
* New translations en.json (Urdu (Pakistan))
[ci skip]
* New translations en.json (Ukrainian)
[ci skip]
* New translations en.json (Serbian (Latin))
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Polish)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Occitan)
[ci skip]
* New translations en.json (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.json (Romanian)
[ci skip]
* New translations en.json (Serbian (Cyrillic))
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.json (Spanish, Argentina)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations activerecord.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Catalan)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations en.json (German)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.json (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations doorkeeper.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Update CHANGELOG.md (#13397)
Co-authored-by: ThibG <thib@sitedethib.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: koyu <me@koyu.space>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: David Cook <divergentdave@gmail.com>
Co-authored-by: tateisu <tateisu@gmail.com>
Co-authored-by: tateisu <tateisu@juggler.jp>
Co-authored-by: Bèr Kessels <ber@berk.es>
Co-authored-by: guigeekz <pattusg@gmail.com>
Co-authored-by: Shlee <github@shl.ee>
Co-authored-by: mayaeh <mayaeh@marimo-net.org>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Daniel Sockwell <dsockwell@gmail.com>
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Takeshi Umeda <noel.yoshiba@gmail.com>
Co-authored-by: Sasha Sorokin <dafri.nochiterov8@gmail.com>
Co-authored-by: fuyu <54523771+mfmfuyu@users.noreply.github.com>
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
Fixes#13136
When a user's canonical acct domain is different from its id's domain
(WEB_DOMAIN ≠ LOCAL_DOMAIN), two webfinger queries are required to find the
canonical domain from the URI. However, we skip webfinger queries when
updating only the key of a remote user, which led to the creation of a
duplicate account, using the URI's domain instead of the canonical acct: one.
`request.format` is not a symbol but a `Mime::Type`, so the condition actually
never matched, and a session was created even for those requests, preventing
caching.
If the “Why do you want to join?” textarea is left empty and the entered params
do not validate, the textarea isn't shown again, unlike other fields.
This commit fixes that by populating an empty `UserInviteRequest` when needed.
Instead of returning a signature verification error, pretend there
was no signature (i.e., this does not allow access to resources that
need a valid signature), so public resources can still be fetched
Fix#13011
* Change meaning of /api/v1/announcements/:id/dismiss to mark an announcement as read
* Change how unread announcements are counted in UI
* Add unread marker to announcements and mark announcements as unread as they are displayed
* Fixups
This adds "Show thread" button to the status view which is used in
profiles. The logic to display the button is mimicking logic in
web app available at app/javascript/mastodon/components/status.js#L439.
* The little change in components CSS required to remove enforced
underline for all links on public pages on our button.
This commit attempts to fix most of regressions caused by #12961
pull request which added even spread of space between tabs.
The following fixes were done:
- Don't hide overflow in tabs
As tabs use ::after and ::before pseudo-elements to create arrow on
the bottom of selected tab, "overflow: hidden" will cause this arrow
to look split from the bottom container.
For the future we probably should use slider element instead, which
would align according to currently selected tab, instead of relying
on pseudo-elements. Such method would also allow smooth transitions.
- Disallow wrapping tab text on insufficient space
This would fix some unwanted behavior[1] when on insufficient width,
renderer might attempt wrapping text to not overtake others' space.
[1]: https://mastodon.social/@Gargron/103546083813829165
