c92b5559a9
Merge pull request #137 from Y-zu-don-maintenance-org/4.1.18
...
4.1.18
2024-07-05 18:59:51 +09:00
Tim Rogers
839147e099
Added check for STATSD_ADDR setting to emit a warning and proceed rather than crashing if the address is unreachable ( #30691 )
2024-07-02 16:20:04 +02:00
Claire
95ebcff98e
Fix rate-limiting incorrectly triggering a session cookie on most endpoints ( #30483 )
2024-05-30 15:20:04 +02:00
Claire
d770b61a74
Merge pull request from GHSA-c2r5-cfqr-c553
...
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations
* Remove rack-attack safelist
2024-05-30 14:24:29 +02:00
Claire
020228ddba
Merge pull request from GHSA-q3rg-xx5v-4mxh
2024-05-30 14:14:04 +02:00
Tim Rogers
a6089cdfca
Fixed crash when supplying FFMPEG_BINARY environment variable ( #30022 )
2024-05-17 12:30:07 +02:00
Claire
3fecb36739
Change registrations to be disabled by default for new servers ( #29354 )
2024-02-22 18:28:41 +01:00
Claire
2fc87611be
Automatically switch from open to approved registrations in absence of moderators ( #29337 )
2024-02-22 18:28:28 +01:00
0eb421cc64
Revert "Add reject pattern to Admin setting"
...
This reverts commit 0cd5faaa9d
2024-02-22 20:46:08 +09:00
c2e185162d
Revert "fix typo"
...
This reverts commit af41ff0e2b
2024-02-22 20:46:00 +09:00
93cd53398a
Revert "add i18n"
...
This reverts commit 0ca146a155
2024-02-22 20:45:50 +09:00
0ca146a155
add i18n
2024-02-22 20:24:24 +09:00
af41ff0e2b
fix typo
2024-02-22 20:20:07 +09:00
noellabo
0cd5faaa9d
Add reject pattern to Admin setting
2024-02-22 20:15:49 +09:00
1b06c5befc
Merge pull request #134 from Y-zu-don-maintenance-org/features/v4.1.15
...
Features/v4.1.15
2024-02-17 10:18:09 +09:00
Claire
9e5af6bb58
Fix user creation failure handling in OAuth paths ( #29207 )
...
Co-authored-by: Matt Jankowski <matt@jankowski.online>
2024-02-14 23:16:39 +01:00
ec77396ddd
Merge pull request #133 from Y-zu-don-maintenance-org/features/v4.1.14
...
Features/v4.1.14
2024-02-15 05:53:04 +09:00
Claire
2f6518cae2
Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default ( #29199 )
2024-02-14 13:17:55 +01:00
Emelia Smith
cdbe2855f3
Disable administrative doorkeeper routes ( #29187 )
2024-02-14 11:34:46 +01:00
2ab80bc511
Merge pull request #129 from Y-zu-don-maintenance-org/features/v4.1.12
...
Features/v4.1.12
2024-02-02 21:31:08 +09:00
Claire
2e8943aecd
Add rate-limit of TOTP authentication attempts at controller level ( #28801 )
2024-01-24 15:31:06 +01:00
Claire
ff3a9dad0d
Fix error and incorrect URLs in /api/v1/accounts/:id/featured_tags for remote accounts ( #27459 )
2023-12-04 15:28:02 +01:00
Claire
78e457614c
Change Content-Security-Policy to be tighter on media paths ( #26889 )
2023-12-04 15:28:02 +01:00
70cf68fc6e
Merge tag 'v4.1.9' into features/4.1.9
2023-10-11 18:13:24 +09:00
Claire
889102013f
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:43 +02:00
Claire
efd066670d
Fix moderation interface for remote instances with a .zip TLD ( #25885 )
2023-07-21 16:07:43 +02:00
Claire
69c8f26946
Add check preventing Sidekiq workers from running with Makara configured ( #25850 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-21 14:18:04 +02:00
2c3b5a9d0c
fix show hints
2023-07-10 16:20:49 +00:00
ff17262aff
Merge pull request #119 from Y-zu-don-maintenance-org/features/v4.1.3
...
Features/v4.1.3
2023-07-06 22:39:03 +09:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Renaud Chaput
8eb1bb8ba6
Allow carets in URL search params ( #25216 )
2023-07-06 13:45:40 +02:00
Claire
e65e3a6d14
Add finer permission requirements for managing webhooks ( #25463 )
2023-07-06 13:45:40 +02:00
Claire
a197fc094f
Fix CSP headers when S3_ALIAS_HOST includes a path component ( #25273 )
2023-07-06 13:45:40 +02:00
Claire
cca464bce3
Fix being able to vote on your own polls ( #25015 )
2023-07-06 13:45:40 +02:00
0f7e94a055
add pinktheme
2023-07-04 06:11:29 +00:00
d05a0c8fa3
下タブバーの実装
2023-07-02 06:22:56 +00:00
158f9604ea
投稿 to トゥート
2023-06-30 19:52:56 +09:00
Claire
4eaa6d58b2
Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )
2023-04-04 12:41:27 +02:00
Claire
ae64c5b7ec
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2023-04-04 12:41:27 +02:00
Claire
6a7b91a038
Add warning for object storage misconfiguration ( #24137 )
2023-03-16 22:48:42 +01:00
Eugen Rochko
6db76875fd
Change user backups to use expiring URLs for download when possible ( #24136 )
2023-03-16 22:48:42 +01:00
Eugen Rochko
59a2fe32ff
Add cache headers to static files served through Rails ( #24120 )
2023-03-16 11:43:18 +01:00
Eugen Rochko
5cc39a3810
Add SENDFILE_HEADER environment variable ( #24123 )
2023-03-16 11:42:41 +01:00
CSDUMMI
4e02c7dc2c
Support the PROXY protocol through the PROXY_PROTO_V1 env variable ( #24064 )
2023-03-16 11:42:27 +01:00
Claire
2a37dc7967
Change unintended SMTP read timeout from 5 seconds to 20 seconds ( #23750 )
2023-03-13 18:49:38 +01:00
Thijs Kinkhorst
40ae8d5e03
Fix paths with url-encoded @ to redirect to the correct path ( #23593 )
2023-03-13 18:46:57 +01:00
Claire
479b66637b
Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )
2023-03-13 18:44:09 +01:00
Claire
4bfbeb8139
Fix /api/v1/streaming sub-paths not being redirected ( #23988 )
2023-03-13 18:43:04 +01:00
Eugen Rochko
2fed61a477
Fix pgBouncer resetting application name on every transaction ( #23958 )
2023-03-13 18:42:45 +01:00
Claire
aff3f850de
Fix server error when failing to follow back followers from /relationships ( #23787 )
2023-03-13 18:39:35 +01:00
