mstdn.y-zu.org/mastodon
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13,072 Commits 12 Branches 127 Tags 124 MiB
main
Commit Graph

1373 Commits

Author SHA1 Message Date
YorimiMochida
c92b5559a9
Merge pull request #137 from Y-zu-don-maintenance-org/4.1.18 
4.1.18
 2024-07-05 18:59:51 +09:00
Claire
8e924e4338 Fix /admin/accounts/:account_id/statuses/:id for edited posts with media attachments (#30819) 2024-07-02 16:20:04 +02:00
Claire
5973d7a4b6 Remove caching in cache_collection (#29862) 2024-05-17 12:30:07 +02:00
Claire
ba5551fd1d Improve email address validation (#29838) 2024-05-17 12:30:07 +02:00
Jeong Arm
3ff575f54c Normalize idna domain before account unblock domain (#29530) 2024-05-17 12:30:07 +02:00
YoheiZuho
0eb421cc64 Revert "Add reject pattern to Admin setting" 
This reverts commit 0cd5faaa9d.
 2024-02-22 20:46:08 +09:00
noellabo
0cd5faaa9d Add reject pattern to Admin setting 2024-02-22 20:15:49 +09:00
YorimiMochida
ec77396ddd
Merge pull request #133 from Y-zu-don-maintenance-org/features/v4.1.14 
Features/v4.1.14
 2024-02-15 05:53:04 +09:00
Claire
6f36b633a7
Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-14 15:16:07 +01:00
Claire
d807b3960e
Merge pull request from GHSA-7w3c-p9j8-mq3x 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
 2024-02-14 15:15:34 +01:00
YorimiMochida
2ab80bc511
Merge pull request #129 from Y-zu-don-maintenance-org/features/v4.1.12 
Features/v4.1.12
 2024-02-02 21:31:08 +09:00
Claire
2e4d43933d
Fix SQL query in /api/v1/directory (#28412) 2023-12-18 11:03:20 +01:00
Claire
613d00706c Change GIF max matrix size error to explicitly mention GIF files (#27927) 2023-12-04 15:28:02 +01:00
Claire
1d835c9423 Fix posts from force-sensitized accounts being able to trend (#27620) 2023-12-04 15:28:02 +01:00
Claire
ab68df9af0 Fix hashtag matching pattern matching some URLs (#27584) 2023-12-04 15:28:02 +01:00
Claire
a89a25714d Fix some link anchors being recognized as hashtags (#27271) 2023-12-04 15:28:02 +01:00
YoheiZuho
45b7276b9f Merge tag 'v4.1.10' into features/4.1.9 2023-10-11 18:14:30 +09:00
YoheiZuho
70cf68fc6e Merge tag 'v4.1.9' into features/4.1.9 2023-10-11 18:13:24 +09:00
Matt Jankowski
335982325e Dont match mention in url query string (#25656) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-10-10 13:51:56 +02:00
Claire
f1d3eda159 Fix filtering audit log for entries about disabling 2FA (#27186) 2023-10-10 13:51:56 +02:00
Essem
c97fbabb61 Properly remove tIME chunk from PNG uploads (#27111) 2023-10-10 13:51:56 +02:00
Claire
f2fff6be66 Fix crash when filtering for “dormant” relationships (#27306) 2023-10-10 13:51:56 +02:00
Claire
b40c42fd1e Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116) 2023-10-10 13:51:56 +02:00
Claire
5fd89e53d2 Fix moderator rights inconsistencies (#26729) 2023-09-19 17:01:44 +02:00
Claire
34959eccd2 Fix cached posts including stale stats (#26409) 2023-09-19 17:01:44 +02:00
Emelia Smith
cf80d54cba Allow reports with long comments from remote instances, but truncate (#25028) 2023-09-05 19:16:09 +02:00
YorimiMochida
090f82f070
Merge pull request #120 from Y-zu-don-maintenance-org/features/v4.1.4 
Features/v4.1.4
 2023-07-08 23:41:57 +09:00
Claire
53b979d5c7 Fix processing of media files with unusual names (#25788) 2023-07-07 19:37:21 +02:00
YorimiMochida
ff17262aff
Merge pull request #119 from Y-zu-don-maintenance-org/features/v4.1.3 
Features/v4.1.3
 2023-07-06 22:39:03 +09:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Claire
e65e3a6d14 Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:40 +02:00
Claire
7e58779300 Fix reports not being closed when performing batch suspensions (#24988) 2023-07-06 13:45:40 +02:00
Claire
b1ac3562df Change Identity to not destroy associated User on destroy (#25098) 2023-07-06 13:45:40 +02:00
Claire
4c6c790f80 Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-07-06 13:45:40 +02:00
Claire
036ac5b5c9 Fix ArgumentError when loading newer Private Mentions (#25399) 2023-07-06 13:45:40 +02:00
Claire
3e1724e972 Fix multiple N+1s in ConversationsController (#25134) 2023-07-06 13:45:40 +02:00
YoheiZuho
d05a0c8fa3 下タブバーの実装 2023-07-02 06:22:56 +00:00
YoheiZuho
1b02b4bfde Merge remote-tracking branch 'accelforce/custom/quote' into features/v4.1.2 2023-06-30 20:52:31 +09:00
Claire
b9f271364e Fix unescaped user input in LDAP query (#24379) 
Fix CVE-2023-28853
 2023-04-04 12:41:27 +02:00
Claire
ae64c5b7ec Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:41:27 +02:00
Eugen Rochko
6db76875fd Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:48:42 +01:00
Claire
675c24a34e Fix unconfirmed accounts being registered as active users (#23803) 2023-03-13 18:40:55 +01:00
Claire
aff3f850de Fix server error when failing to follow back followers from /relationships (#23787) 2023-03-13 18:39:35 +01:00
Claire
69564db447 Fix inefficiency when searching accounts per username in admin interface (#23801) 2023-03-13 18:38:01 +01:00
Claire
0dc342df81 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-13 18:36:15 +01:00
Claire
a9c220242b
Fix admin-set follow recommandations being case-sensitive (#23500) 
Fixes #23472
 2023-02-10 11:14:58 +01:00
Claire
67de888bad
Fix server status URL being a required server setting (#23499) 2023-02-10 10:20:43 +01:00
Nick Schonning
0592937264
Apply Rubocop Rails/WhereNot (#23448) 
* Apply Rubocop Rails/WhereNot

* Update spec for where.not
 2023-02-08 10:39:57 +01:00
Nick Schonning
0d1f192c54
Apply Rubocop Performance/BlockGivenWithExplicitBlock (#23441) 
* Apply Rubocop Performance/BlockGivenWithExplicitBlock

* Unprefix used block parameter
 2023-02-08 10:36:23 +01:00
Nick Schonning
f68bb52556
Apply Rubocop Style/NegatedIfElseCondition (#23451) 2023-02-08 07:07:36 +01:00