* Change unapproved and unconfirmed account to not be accessible in the REST API
* Change Account#searchable? to reject unconfirmed and unapproved users
* Disable search for unapproved and unconfirmed users in Account.search_for
* Disable search for unapproved and unconfirmed users in Account.advanced_search_for
* Remove unconfirmed and unapproved accounts from Account.searchable scope
* Prevent mentions to unapproved/unconfirmed accounts
* Fix some old tests for Account.advanced_search_for
* Add some Account.advanced_search_for tests for existing behaviors
* Add some tests for Account.search_for
* Add Account.advanced_search_for tests unconfirmed and unapproved accounts
* Add Account.searchable tests
* Fix Account.without_unapproved scope potentially messing with previously-applied scopes
* Allow lookup of unconfirmed/unapproved accounts through /api/v1/accounts/lookup
This is so that the API can still be used to check whether an username is free
to use.
* Fix warning an account outside of a report closing all reports for that account
* Make it clear what actions solve other reports
* Revert "Make it clear what actions solve other reports"
This reverts commit ad006de821f72e75480701298d13f0945b509059.
This adds a mastodon.streaming.base_url setting in the Helm chart values
file to allow setting the STREAMING_API_BASE_URL in the Mastodon environnment
config map.
* Change RSS feeds
- Use date and time for titles instead of ellipsized text
- Use full content in body, even when there is a content warning
- Use media extensions
* Change feed icons and add width and height attributes to custom emojis
* Fix custom emoji animate on hover breaking
* Fix tests
Fixes#18309
The quickFilter logic was used on display and to request new notification
pages, but not for live updates. The main issue this caused is bump the unread
notifications count regardless of the quickFilter setting.
Since notifications are re-fetched when changing quickFilter settings, it is
safe to drop live notifications that do not match the selected filter.
Fixes#18331
Add some padding below the last element of scrollable lists when the FAB is
shown in order for users to always be able to fully see the last element.
also including some refactoring:
- add `// @ts-check`
- use Map to completely avoid prototype pollution
- assign random id to each iframe for reduce chance to brute-force attack, and leak of iframe counts
- check iframe.contentWindow and MessageEvent.source to validate message is coming from correct iframe (it works on latest Chrome/Firefox/Safari but I'm not sure this is allowed by spec)
follow-up of #17420fix#18299
* Bump version to 3.5.2
* Change some entries to be more clear
* Add some extra notes
* Fix line wrap
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Mastodon has been incompatible with Ruby 2.5 for a few releases due to
some dependencies, this just updates the Gemfile description to match
that situation.
Calculate trends in temporary sets to avoid having to manage items
that go below the decay threshold while not having any moments
where a half-processed set is accessible to end-users
- Change name of conversations column in web UI
- Change hotkey for opening conversations column from `g d` to `g c` in web UI
- Remove shortcuts for creating direct-visibility statuses from web UI
* Fix PeerTube videos appearing with an erroneous “Edited at” marker
PeerTube videos have an `updated` field equal to `published`.
When processing an incoming activity that has the same value for `updated` and
`published`, assume this doesn't represent an actual edit.
* Please CodeClimate
* Fix error responses in `from` search prefix (addresses mastodon/mastodon#17941)
Using unsupported prefixes now reports a 422; searching for posts from an
account the instance is not aware of reports a 404. TODO: The UI for this
on the front end is abysmal.
Searching `from:username@domain` now succeeds when `domain` is the local
domain; searching `from:@username(@domain)?` now works as expected.
* Remove unused methods on new Error classes as they are not being used
Currently when `raise`d there are error messages being supplied, but
this is not actually being used. The associated `raise`s have been
edited accordingly.
* Remove needless comments
* Satisfy rubocop
* Try fixing tests being unable to find AccountFindingConcern methods
* Satisfy rubocop
* Simplify `from` prefix logic
This incorporates @ClearlyClaire's suggestion (see
https://github.com/mastodon/mastodon/pull/17963#pullrequestreview-933986737).
Accepctable account strings in `from:` clauses are more lenient than
before this commit; for example, `from:@user@example.org@asnteo +cat`
will not error, and return posts by @user@example.org containing the
word "cat". This is more consistent with how Mastodon matches mentions
in statuses. In addition, `from` clauses will not be checked for
syntatically invalid usernames or domain names, simply 404ing when
`Account.find_remote!` raises ActiveRecord::NotFound.
New code for this PR that is no longer used has been removed.
* Change e-mail notifications to only be sent when recipient is offline
Change the default for follow and mention notifications back on
* Add preference to always send e-mail notifications
* Change wording
In some rare cases, when receiving statuses out of order from the streaming
API then polling from the REST API, it was possible for the
`expandNormalizedTimeline` function to remove older items from the timeline.
This commit ensures that any item from the replaced slice that is older
than the oldest item retrieved from the API gets added back to the replaced
slice.
In some rare cases, when receiving statuses out of order from the streaming
API then polling from the REST API, it was possible for the
`expandNormalizedTimeline` function to insert duplicates in the timeline,
which would then result in several bugs.
This commits ensures that there are no duplicates inserted in the
timeline.
* Change post text edit to not be considered significant if it's identical after reformatting
* We don't need to clear previous change information anymore
* Require status edits to be explicit, except for poll tallies
* Fix tests
* Add some tests
* Add poll-related tests
* Add HTML-formatting related tests
Not completely sure this could actually have any ill effect, but if
`RemoveStatusService` fails to acquire a lock in an
`ActivityPub::ProcessingWorker` job processing a `Delete`, the status
is currently discarded and causes a job failure but the next time the
job is attempted, it will skip deleting the status due to it being
discarded.
This commit makes the behavior of `RemoveStatusService` a bit more consistent
in case of failure to acquire the lock.
Fixes#17898
Since #17204, the admin API has only been available through the web
application because of the unconditional requirement to provide a valid CSRF
token.
This commit changes it back to `null_session`, which should make it work
both with session-based authentication (provided a CSRF token) and with a
bearer token.
* Replace deprecated String.prototype.substr()
.substr() is deprecated so we replace it with .slice() which works similarily but isn't deprecated
* Change String.prototype.substring() to String.prototype.slice()
.substring() and .slice() work very similary but .slice() is a bit faster and stricter
* Add ESLint rule to forbid usage of .substr and .substring
.substr() is deprecated and .substring() is very similar to .slice() so better to use .slice() at all times
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
* Optimize and clean up `response_to_recipient?` CTE
Marginally improve performances, and make the CTE much more readable
* Limit max depth in `response_to_recipient?` CTE
* Fix /api/v1/admin/accounts
Compatibility was broken since #17009 which changed the underlying filter class
without changing the controller.
This commits restore support for the old parameters.
* Add /api/v2/admin/accounts with the new parameters
* Add tests
* Add missing filter for `silenced` status
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Remove obsolete RSS::Serializer test
Since #17828, RSS::Serializer no longer has specific code for deleted statuses,
but it is never called on deleted statuses anyway.
* Rename erroneously-named test files
* Fix failing test
* Fix test deprecation warnings
* Update CircleCI Ruby orb
1.4.0 has a bug that does not match all the test files due to incorrect
globbing
* Add a hashtag public link to the hashtag management page
* Add support for element 'target' to Counter.js.
Remove 'rel' element.
* Update app/javascript/mastodon/components/admin/Counter.js
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Fix edits with no actual changes being allowed locally
* Fix edits with no actual changes being allowed through ActivityPub
* Fix false positive changes caused by description processing in model
* Fix not recording poll expiration update
* Fix test
* Revert changes to ProcessStatusUpdateService
* Various fixes and improvements
* Fix code style issues
* Various changes and improvements
* Add guard clause
It is still a very partial translation, though, and the localeData I added is
very partial as well, but at least it now uses the strings that actually got
translated, instead of using English strings.
* Fix searching for an already-known status by URL not working
* Fix Update processing from statuses prior to 20220302232632
`ordered_media_attachment_ids_changed?` would return `true` when going from
`nil` to anything (including `[]`).
* Add tests
* Update fix-duplicates task to 2022_02_10_153119
Also add support for Appeal to AccountMerging#merge_with!
* Update fix-duplicates task to 2022_03_07_094650
* Update fix-duplicates task to 2022_03_09_213005
* Update fix-duplicates task to 2022_03_07_083603
* Update fix-duplicates task to 2022_03_10_060626
* Update fix-duplicates script to 2022_03_07_083603
* Update fix-duplicates task to 2022_03_10_060706
* Update fix-duplicates task to 2022_03_10_060959
* Silence CodeClimate
Also, the instruction to reply to e-mail would probably not work in many cases
where the notifications e-mail address is not able to receive incoming emails
or the mailbox is not actively monitored.
* added OpenID Connect as an SSO option
* minor fixes
* added comments, removed an option that shouldn't be set
* fixed Gemfile.lock
* added newline to end of Gemfile.lock
* removed tab from Gemfile.lock
* remove chomp
* codeclimate changes and small name change to make function's purpose clearer
* codeclimate fix
* added SSO buttons to /about page
* minor refactor
* minor style change
* removed spurious change
* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth
* minor changes
* Change how changes to media attachments are stored for edits
Fix not being able to re-order media attachments
* Fix not broadcasting updates when polls/media is changed through ActivityPub
* Various fixes and improvements
* Update app/models/report.rb
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Add tracking of media attachment description changes
* Change poll in status edit to have a structure closer to the real one
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Change design of federation pages in admin UI
* Fix query performance in instance media attachments measure
* Fix reblogs being included in instance languages dimension
* Fix performance of account timelines
* Various fixes and improvements
* Fix duplicate results being returned
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Fix grouping for pinned statuses scope
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Add migration tests for hide_network settings migration
* Add tests about suspended/suspended_at
* Add more tests regarding the results of migrations
* Fix migration test regarding stale conflicting remote account
* Add migration tests about AccountConversation
* Add `/api/v1/accounts/familiar_followers` to REST API
* Change hide network preference to be stored consistently for local and remote accounts
* Add dummy classes to migration
* Apply suggestions from code review
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Redesign /about when already logged in
* Fix sign up form still showing when OMNIAUTH_ONLY is set
* Fix tests
* Change wording based on suggestions
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change old moderation strikes to be displayed in a separate page
Fixes#17552
This changes the moderation strikes displayed on `/auth/edit` to be those from
the past 3 months, and make all moderation strikes targeting the current user
available in `/disputes`.
* Add short description of what the strikes page is for
* Move link to list of strikes to “Account status” instead of navigation item
* Normalize i18n file
* Fix layout and styling of strikes link
* Revert highlights_on regexp
* Reintroduce account status summary
- this way, “Account status” is never empty
- account status is not necessarily bound to strikes, or recent strikes
* Display username rather than display name in report comment
For consistency with report notes and appeals
* Fix remote reports with comments revealing remote reporter
* Display instance name in placeholder
* Make instance name in report comment a link to the federation admin page
* Normalize i18n file
* Add trending statuses
* Fix dangling items with stale scores in localized sets
* Various fixes and improvements
- Change approve_all/reject_all to approve_accounts/reject_accounts
- Change Trends::Query methods to not mutate the original query
- Change Trends::Query#skip to offset
- Change follow recommendations to be refreshed in a transaction
* Add tests for trending statuses filtering behaviour
* Fix not applying filtering scope in controller
* Change report modal to include category selection in web UI
* Various fixes and improvements
- Change thank you text to be different based on category
- Change starting headline to be different for account and status reports
- Change toggle components to have a checkmark when checked
- Fix report dialog being cut off on small screens
- Fix thank you screen offering mute or block if already muted or blocked
- Refactor toggle components in report dialog into one component
* Change wording on final screen
* Change checkboxes to be square when multiple options are possible
Video files with variable framerates are converted to constant framerate videos
and the output framerate picked by ffmpeg is based on the original file's
container framerate (which can be different from the average framerate).
This means that an input video with variable framerate with about 30 frames per
second on average, but a maximum of 120 fps will be converted to a constant 120
fps file, which won't be processed by other Mastodon servers.
This commit changes it so that input files with VFR and a maximum framerate
above the framerate threshold are converted to VFR files with the maximum frame
rate enforced.
* Display an error when an appeal could not be submitted
* Do not offer users to appeal old strikes
* Fix 500 error when trying to appeal a strike that is too old
* Avoid using an extra translatable string
Apparently, when the `zero` case is not defined, the translation string used
for `0` depends on the language. In French, `one` is used, causing some strings
with hardcoded “one” or `1` to misrepresent the actual data.
For instance, the dashboard would display « 1 utilisateur·rice en attente » for
both 0 and 1 pending users.
Fixes#17541
- prefix JSON parsing error message by “Error parsing message from …”
- output user id if a user is logged in, IP address otherwise
- reduce log level from error to warning when a user is logged in, and to silly
otherwise
* Add appeals
* Add ability to reject appeals and ability to browse pending appeals in admin UI
* Add strikes to account page in settings
* Various fixes and improvements
- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes
* Change appealed_at to overruled_at
* Fix missing method error
* Add notifications when a reblogged status has been updated
* Change wording to say "edit" instead of "update" and add missing controls
* Replace previous update notifications with the most up-to-date one
* Change tests to have more specific expectations on sent ActivityPub payloads
* Check that payload doesn't actually contain the contents of the boosted toot
* Fix Undo Announce sometimes inlining the originally Announced status
sidekiq-bulk's push_bulk can either accept arguments directly or run them
through a block.
Setting expectations on the result of evaluating the blocks allows testing
more code (the block itself) and the test is moved closer to the *interface*
of the tested code than its precise implementation.
* Add editing for published statuses
* Fix change of multiple-choice boolean in poll not resetting votes
* Remove the ability to update existing media attachments for now
* Fix structured data parsing from links choking on bad data
- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag
* Remove unnecessary slash escapes from CDATA regex pattern
* Fix error-prone SQL queries in Account search
While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.
This PR parameterises the `to_tsquery` input to make the query more robust.
* Harden code for Status#tagged_with_all and Status#tagged_with_none
Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.
* Remove unneeded spaces surrounding tsquery term
* Please CodeClimate
* Move advanced_search_for SQL template to its own function
This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.
* Add tests covering tagged_with, tagged_with_all and tagged_with_none
* Rewrite tagged_with_none to avoid multiple joins and make it more robust
* Remove obsolete brakeman warnings
* Revert "Remove unneeded spaces surrounding tsquery term"
The two queries are not strictly equivalent.
This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
* Fix followers synchronization mechanism not working when URI has empty path
To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org instead of
something like https://example.org/actor) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.
Also adds tests and rename them to reflect the proper method names.
* Move url prefix regexp to its own constant
* Build container image by GitHub Actions
* Trigger docker build only pushed to main branch
* Tweak tagging imgae
- "edge" is the main branch
- "latest" is the tagged latest release
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
* Change account and user fabricators to simplify and improve tests
- `Fabricate(:account)` implicitly fabricates an associated `user` if
no `domain` attribute is given (an account with `domain: nil` is
considered a local account, but no user record was created), unless
`user: nil` is passed
- `Fabricate(:account, user: Fabricate(:user))` should still be possible
but is discouraged.
* Fix and refactor tests
- avoid passing unneeded attributes to `Fabricate(:user)` or
`Fabricate(:account)`
- avoid embedding `Fabricate(:user)` into a `Fabricate(:account)` or the other
way around
- prefer `Fabricate(:user, account_attributes: …)` to
`Fabricate(:user, account: Fabricate(:account, …)`
- also, some tests were using remote accounts with local user records, which is
not representative of production code.
* Fix Sidekiq warnings about JSON serialization
This occurs on every symbol argument we pass, and every symbol key in hashes,
because Sidekiq expects strings instead.
See https://github.com/mperham/sidekiq/pull/5071
We do not need to change how workers parse their arguments because this has
not changed and we were already converting to symbols adequately or using
`with_indifferent_access`.
* Set Sidekiq to raise on unsafe arguments in test mode
In order to more easily catch issues that would produce warnings in production
code.
* Fix error-prone SQL queries in Account search
While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.
This PR parameterises the `to_tsquery` input to make the query more robust.
* Harden code for Status#tagged_with_all and Status#tagged_with_none
Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.
* Remove unneeded spaces surrounding tsquery term
* Please CodeClimate
* Move advanced_search_for SQL template to its own function
This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.
* Add tests covering tagged_with, tagged_with_all and tagged_with_none
* Rewrite tagged_with_none to avoid multiple joins and make it more robust
* Remove obsolete brakeman warnings
* Revert "Remove unneeded spaces surrounding tsquery term"
The two queries are not strictly equivalent.
This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN
Fixes#15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
* Add OMNIAUTH_ONLY environment variable to enforce external log-in only
* Disable user registration when OMNIAUTH_ONLY is set to true
* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
Fixes#15959
Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
Some Mastodon versions (v1.1 and v1.2) had a duplicate index in `db/schema.rb`
without any migration script creating it. #2224 (included in v1.3) removed the
duplicate index from the file but did not provide a migration script to remove
it.
This means that any instance that was installed from v1.1 or v1.2's source code
has a duplicate index and a corresponding warning in PgHero. Instances set up
using an earlier or later Mastodon version do not have this issue.
This PR removes the duplicate index if it is present.
* Add support for editing for published statuses
* Fix references to stripped-out code
* Various fixes and improvements
* Further fixes and improvements
* Fix updates being potentially sent to unauthorized recipients
* Various fixes and improvements
* Fix wrong words in test
* Fix notifying accounts that were tagged but were not in the audience
* Fix mistake
This is documented in the Vagrantfile, but not in the README. As far as I know,
following the short guide without installing this plugin will not make the
container accessible at mastodon.local, thus breaking the last step of the
guide.
* Fix timeline streaming stopping for multiple sessions instead of one
Fixes#17256.
In updating the code for a newer version of node-redis, #17183 also broke
redis subscription management when multiple streaming clients subscribe to the
same channel.
This commit restores the redis subscription management code.
* Let node-redis actually handle the subscriptions
Some bundle options are saved as global user config and not project local.
Specially, `deployment` must be saved as local config to be run on copied environment
* Add admin option to remove canonical email blocks from a deleted account
* Add tootctl canonical_email_blocks to inspect and remove canonical email blocks
Changes from “Retention” to “User retention rate by month after sign-up”.
This should make it much clearer to people not familiar with retention charts
what it actually means.
* ignore hashtag suggestions if they vary only in case
* remove console.logs and unused args
* consistently add space when dismissing suggestions
* linting
* Add remove orphans to tootctl statuses remove
* Add REINDEX and change option from vacuum to compression-database
* Changed to extract the deletion target of conversations to a temporary table
* Support progress bar and exceptions when media remove
* Add continue option
* Fix compression to compress
* Remove skip_remove_orphans
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
Logically, it makes more sense to provide the steps leading up to the bug before asking what the bug is. This change moves "steps to reproduce" above "expected behavior" and "actual behavior" to enforce the above progression and logical flow.
* Fix error when suspending user with an already-existing canonical email block
Fixes#17033
While attempting to create a `CanonicalEmailBlock` with an existing hash would
raise an `ActiveRecord::RecordNotUnique` error, this being done within a
transaction would cancel the whole transaction. For this reason, checking for
uniqueness in Rails would query the database within the transaction and avoid
invalidating the whole transaction for this reason.
A race condition is still possible, where multiple accounts sharing a canonical
email would be blocked in concurrent transactions, in which only one would
succeed, but that is way less likely to happen that the current issue, and can
always be retried after the first failure, unlike the current situation.
* Add tests
Some ActivityPub projects have a FEDERATION.md which is used to describe the
various extensions they use.
Everything here is also documented elsewhere, but it's a concise starting point
with links to that documentation.
Under certain conditions, files fetched from remotes trigger an error when
being uploaded using OpenStack Swift. This is because in some cases, the
remote server will not return a content-length, so our ResponseWithLimitAdapter
will hold a `nil` value for `#size`, which will lead to an invalid value
for the Content-Length header of the Swift API call.
This commit fixes that by taking the size from the actually-downloaded file
size rather than the upstream-provided Content-Length header value.
For some reason, some misconfigured servers return an empty document when
queried over webfinger. Since an empty document does not lead to a parse
error, the error is not caught properly and triggers uncaught exceptions
later on.
This PR fixes that by immediately erroring out with `Webfinger::Error` on
getting an empty response.
* Build container image by GitHub Actions
* Trigger docker build only pushed to main branch
* Tweak tagging imgae
- "edge" is the main branch
- "latest" is the tagged latest release
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
In order to work around https://github.com/mastodon/mastodon/issues/16895,
add a warning to .env.production.sample, and change the mastodon:setup rake
task to:
- output a warning if a variable will be interpreted differently by dotenv
and docker-compose
- ensure the printed config is compatible with docker-compose
On notifications page, in settings, "Show" for quick filter bar and
unread notifications markers use the same string, while being placed in
the separate contexts - under different settings categories.
This commit splits the contexts, creating new strings:
- "Show filter bar" in place of "Show" for filter bar;
- "Highlight unread notifications" in place of "Show" for unread
notification markers, which are now simply called "Highlighting";
- There's also "Unread notifications" in place of "Unread notification
markers" string to accompany the changes to "Show" string under that
category.
All new strings have new IDs, which will cause previous strings to
invalidate on the next translation update and new strings to be created.
This will help Mastodon translators to know that there are changes and
improve translation in accordance to the source string update.
* Add tests
* Fix some link previews being incorrectly generated from different prior links
PR #12403 added a cache to avoid redundant queries when the OEmbed endpoint can
be guessed from the URL. This caching mechanism is not perfectly correct as
there is no guarantee that all pages from a given domain share the same
OEmbed provider endpoint.
This PR prevents the FetchOEmbedService from caching OEmbed endpoint that
cannot be generalized by replacing a fully-qualified URL from the endpoint's
parameters, greatly reducing the number of incorrect cached generalizations.
* Add support for fetching Create and Announce activities by URI
This should improve compatibility with ZAP and offer a way to fetch boosts,
which is currently not possible.
* Add tests
* Add followed_by? to account_interactions
* Add RemoveFromFollowersService
* Fix AccountBatch to use RemoveFromFollowersService
* Add remove from followers API
Currently, there is no way for an admin to delete an account record. However,
should that happen in the future, or should an admin mistype an account id,
`/admin/action_logs?target_account_id=<non-existent-account-id>` currently
returns a 404 instead of an empty list.
With this commit, the aforementioned page returns a correct list instead
(potentially non-empty if the account has been manually deleted)
* Do not block existing users' emails on self-destruct
That is wasteful and unintuitive
* Do not close registrations when running tootctl self-destruct with --dry-run
* Close registrations on self-destruct regardless of known remote accounts
* Fix tootctl self-destruct not sending Deletes for recently-suspended accounts
* Suspend local users even if no remote account is known
* Do not show scary confirmation text if ran with --dry-run
When checking for required OAuth scopes, an unexpected error could
happen due to missing (null-y) req.scopes. This commit fixes that by
checking if req.scopes are present before checking if any required
scopes are present, otherwise it skips that straight to rejection.
Adds a tooltip when hovering over the percentages in a poll showing how
many votes were cast for that option.
Also removes descriptions from messages here since they are not picked
up by Crowdin anyway and might be confusing to other developers :)
Fixes#16820
* Fix media attachment size validation not correctly accounting for file type
Fixes a regression introduced in #16724 caused by the fact that kt-paperclip
now correctly runs validations before processing, meaning that file size
verification could not rely on our before_post_processing hook.
Moved the `before_post_processing` hooks to `before_validate` to make sure
the media attachment type is set correctly before the file gets validated.
* Add tests
* Make focus visible on switches and text buttons in columns settings
* Make hover/focus visible on left/right arrows in columns settings
Use same style as for station action bar (reply/boost/fav/etc.)
* Tab first to “Pin/Unpin” before left/right arrows in columns settings
* Switch from unmaintained paperclip to kt-paperclip
* Drop some compatibility monkey-patches not required by kt-paperclip
* Drop media spoof check monkey-patching
It's broken with kt-paperclip and hopefully it won't be needed anymore
* Fix regression introduced by paperclip 6.1.0
* Do not rely on pathname to call FastImage
* Add test for ogg vorbis file with cover art
* Add audio/vorbis to the accepted content-types
This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…
* Restore missing for_as_default method
* Refactor Attachmentable concern and delay Paperclip's content-type spoof check
Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.
* Please CodeClimate
* Add audio/vorbis to the unreliable set
It doesn't correspond to a file format and thus has no extension associated.
* Fix incorrect use of old WebUI paths
PR #16171 renamed some routes but missed some occurrences.
Without #16772, this leads to unreachable routes in those cases.
* Fix floating action button being displayed on statuses and compose screen
* Add aliases for some WebUI routes that were renamed in #16171
Accounts and statuses routes need more work as they use different parameters.
* Add aliases for /statuses/* routes
* Add aliases for /accounts/* WebUI routes
Does not correctly set the “active” state on the navigation tabs but this is
a minor issue.
* Fix some routes
* Fix /accounts/:id/{media,followers,following} not loading on legacy routes
Eliminate need to have custom notifications filtering logic in the
streaming API code by publishing notifications into a separate stream
and then simply using the multi-stream capability to subscribe to that
stream when necessary
* Stop setting a shortcode to newly-created media attachments
The WebUI has stopped using the “short media URL” in ages. This isn't used
anywhere except for mail notifications.
Deprecating it would allow us to eventually get rid of at least a database
column and corruption-prone index, as well as a controller.
* Fix tests
* Add tests
* Add security-related tests
My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.
* Fix authentication failures after going halfway through a sign-in attempt
* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.
We need a new environment variable like for SAML to assume the email
from CAS is verified.
* config/initializers/omniauth.rb: define CAS option for assuming
email are always verified.
* .env.nanobox: add new variable as an example.
The addition of authentication history broke the omniauth login with
the following error:
method=GET path=/auth/auth/cas/callback format=html
controller=Auth::OmniauthCallbacksController action=cas status=500
error='NameError: undefined local variable or method `user' for
#<Auth::OmniauthCallbacksController:0x00000000036290>
Did you mean? @user' duration=435.93 view=0.00 db=36.19
* app/controllers/auth/omniauth_callbacks_controller.rb: fix variable
name to `@user`
By default, it'll only send those headers when the response code is one of the following:
- 200, 201, 204, 206, 301, 302, 303, 304, 307 & 308
As all the traffics should be https, the http protocol only exists to do 301 redirect,
and always send the HSTS header is almost one of the best practices, we should set
nginx to do so.
Reference:
- https://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header
- https://ssl-config.mozilla.org/
Fix issue #16603 undefined method `serialize_payload' for Unsuspend Account Service error.
It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service.
* Fix followers synchronization mechanism not working when URI has empty path
To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org instead of
something like https://example.org/actor) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.
Also adds tests and rename them to reflect the proper method names.
* Move url prefix regexp to its own constant
* Add account statuses cleanup policy model
* Record last inspected toot to delete to speed up successive calls to statuses_to_delete
* Add service to cleanup a given account's statuses within a budget
* Add worker to go through account policies and delete old toots
* Fix last inspected status id logic
All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.
* Add tests
* Refactor scheduler and add tests
* Add user interface
* Add support for discriminating based on boosts/favs
* Add UI support for min_reblogs and min_favs, rework UI
* Address first round of review comments
* Replace Snowflake#id_at_start with with_random parameter
* Add tests
* Add tests for StatusesCleanupController
* Rework settings page
* Adjust load-avoiding mechanisms
* Please CodeClimate
* Add account_notes relationship
* Add tests
* Fix owned account notes not being deleted when an account is deleted
* Add post-migration to clean up orphaned account notes
* Add confirmation modal when closing media edit modal with unsaved changes
* Move focal point media state to redux so it does not get erased by confirmation dialog
* Change upload modal behavior to keep it open while saving changes
Instead of closing it immediately and losing changes if they fail to save…
* Make it work with react-intl 2.9
Fixes#16509
Microsoft Edge with translation enabled rewrites the DOM in ways that confuse
react and prevent it from working properly. Wrapping the offending parts in
a span avoids this issue.
Fixes#16515
Not using a router object somehow made `this.history` lag behind the real
browser history whenever pushing a new history item in `replyCompose`.
Not using the context-provided router in this case was an oversight made
when porting glitch-soc changes in #16499.
The auto-linking code basically rewrote the whole string escaping non-ascii
characters in an inefficient way, and building a full character offset map
between the unescaped and escaped texts before sending the contents to
TwitterText's extractor.
Instead of doing that, this commit changes the TwitterText regexps to include
valid IRI characters in addition to valid URI characters.
* Change references to tootsuite/mastodon to mastodon/mastodon
* Remove obsolete test fixture
* Replace occurrences of tootsuite/mastodon with mastodon/mastodon in CHANGELOG
And a few other places
* Refactor shouldUpdateScroll passing
So far, shouldUpdateScroll has been manually passed down from the very top of
the React component hierarchy even though it is a static function common to
all ScrollContainer instances, so replaced that with a custom class extending
ScrollContainer.
* Generalize “press back to close modal” to any modal and to public pages
* Fix boost confirmation modal closing media modal
3.4.1 dropped account_stats.lock_version, but in a way breaking the usual
upgrade path by requiring services to be reloaded after the post-migrations.
Indeed, `self.locking_column = nil` was not enough for Rails to ignore the
`lock_version` column when preparing statements on application load, resulting
in some ActiveRecord queries (typically those involving
`includes(:account_stat)`) erroring out with:
ActiveRecord::StatementInvalid (PG::UndefinedColumn: ERROR: column account_stats.lock_version does not exist
Always mark jemalloc needed if jemalloc is enabled by akihikodaki · Pull Request #4627 · ruby/ruby
https://github.com/ruby/ruby/pull/4627
> Symbols exported by jemalloc is referred by the shared library but not
> by the executables when building Ruby as a shared library with
> jemalloc. It causes shared libraries such as the GNU C++ library
> occasionally rely on the memory allocator provided by the standard C
> library. Worse, the resolved symbols can later be replaced with
> jemalloc, and jemalloc may see pointers from the standard C library,
> which results in various failures.
> e.g. https://github.com/tootsuite/mastodon/issues/15751
As a workaround, do not rely on jemalloc enablement of Ruby, and
preload libjemalloc.so instead.
* Fix anonymous access to outbox not being cached by the reverse proxy
Up until now, anonymous access to outbox was marked as public, but with a
0 duration for caching, which means remote proxies would only serve from cache
when the server was completely overwhelmed.
Changed that cache duration to one minute, so that repeated anonymous access
to one account's outbox can be appropriately cached.
Also added `Signature` to the `Vary` header in case a page is requested, so
that authenticated fetches are never served from cache (which only contains
public toots).
* Remove Vary: Accept header from webfinger controller
Indeed, we have stopped returning xrd, and only ever return jrd, so the
Accept request header does not matter anymore.
* Cache negative webfinger hits for 3 minutes
compression-webpack-plugin 6.0.0 has changed how filenames were generated,
so from #14892 onward (Mastodon v3.3.0 and later), compressed files were
output to a file named `.gz` instead of the correct filenames.
* Add tests
* Fix serialization of followers/following counts when user hides their network
Fixes#16382
Signed-off-by: Claire <claire.github-309c@sitedethib.com>
Fixes#15472
If the Tesseract worker fails at any point, re-try with cache settings that
overwrite the cache. It is difficult to catch more precise errors as those
are pretty opaque and do not occur when loading lang data but when trying to
detect text.
* Add support for latest HTTP Signatures spec draft
https://www.ietf.org/id/draft-ietf-httpbis-message-signatures-00.html
- add support for the “hs2019” signature algorithm (assumed to be equivalent
to RSA-SHA256, since we do not have a mechanism to specify the algorithm
within the key metadata yet)
- add support for (created) and (expires) pseudo-headers and related
signature parameters, when using the hs2019 signature algorithm
- adjust default “headers” parameter while being backwards-compatible with
previous implementation
- change the acceptable time window logic from 12 hours surrounding the “date”
header to accepting signatures created up to 1 hour in the future and
expiring up to 1 hour in the past (but only allowing expiration dates up to
12 hours after the creation date)
This doesn't conform with the current draft, as it doesn't permit accounting
for clock skew.
This, however, should be addressed in a next version of the draft:
https://github.com/httpwg/http-extensions/pull/1235
* Add additional signature requirements
* Rewrite signature params parsing using Parslet
* Make apparent which signature algorithm Mastodon on verification failure
Mastodon uses RSASSA-PKCS1-v1_5, which is not recommended for new applications,
and new implementers may thus unknowingly use RSASSA-PSS.
* Add workaround for PeerTube's invalid signature header
The previous parser allowed incorrect Signature headers, such as
those produced by old versions of the `http-signature` node.js package,
and seemingly used by PeerTube.
This commit adds a workaround for that.
* Fix `signature_key_id` raising an exception
Previously, parsing failures would result in `signature_key_id` being nil,
but the parser changes made that result in an exception.
This commit changes the `signature_key_id` method to return `nil` in case
of parsing failures.
* Move extra HTTP signature helper methods to private methods
* Relax (request-target) requirement to (request-target) || digest
This lets requests from Plume work without lowering security significantly.
Follow-up to #14359
In the case of limited toots, the receiver may not be explicitly part of the
audience. If a specific user's inbox URI was specified, it makes sense to
dereference the toot from the corresponding user, instead of trying to find
someone in the explicit audience.
* Fix contrast calculation for thumbnail color extraction
Luminance calculation was using 0-255 RGB values instead of 0-1 sRGB values,
leading to incorrectly-computed contrast values.
Since we use ColorDiff already, just use its XYZ colorspace conversion code
to get the value.
* Require at least 3:1 contrast for both accent and foreground colors
* Lower required contrast for the accent color
* Change content-type to be always computed from file data
Restore previous behavior, detecting the content-type isn't very
expensive, and some instances may serve files as application/octet-stream
regardless of their true type, making fetching media from them fail, while
it used to work pre-3.2.0.
* Add test
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.
Fix#14091
* Do not serve account actors at all in limited federation mode
When an account is fetched without a signature from an allowed instance,
return an error.
This isn't really an improvement in security, as the only information that was
previously returned was required protocol-level info, and the only personal bit
was the existence of the account. The existence of the account can still be
checked by issuing a webfinger query, as those are accepted without signatures.
However, this change makes it so that unallowed instances won't create account
records on their end when they find a reference to an unknown account.
The previous behavior of rendering a limited list of fields, instead of not
rendering the actor at all, was in order to prevent situations in which two
instances in Authorized Fetch mode or Limited Federation mode would fail to
reach each other because resolving an account would require a signed query…
from an account which can only be fetched with a signed query itself. However,
this should now be fine as fetching accounts is done by signing on behalf of
the special instance actor, which does not require any kind of valid signature
to be fetched.
* Fix tests
- Rate limit login attempts by target account
- Rate limit password resets and e-mail re-confirmations by target account
- Rate limit sign-up/login attempts, password resets, and e-mail re-confirmations by IP like before
While OAuth tokens were immediately revoked, accessing the home
controller immediately generated new OAuth tokens and "revived"
the session due to a combination of using remember_me tokens and
overwriting the `authenticate_user!` method
* Features/mild master (#278)
* 3.1.3 (#275)
* Fix announcements with fully-qualified mention to local user crashing WebUI (#13164)
* [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords
Fixes#13154
* Refactor
* Fix elasticsearch-api and faraday incompatibilities (#13166)
* Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
* Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add tooltips to audio/video player buttons (#13203)
* Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes#13168
* Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
* Remove useless `respond_to` calls (#13208)
* Change GIF label to be displayed even when autoplay is enabled in web UI (#13209)
* Fix too large announcements not being scrollable in web UI (#13211)
* Add specific rate limits for posting and following (#13172)
* Fix text area above/right of emoji picker being accidentally clickable in web UI (#13148)
* Add sorting by username, creation and last activity in moderation view (#13076)
* Add ability to order accounts in moderation view
* Display last status date in “Most recent activity” for remote users
* Fix error when searching for URLs that contain the mention syntax (#13151)
Fixes#13150
* Set BUNDLE_PATH in CircleCI (#13214)
* Change description of privacy levels to be more intuitive in web UI (#13197)
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads
* Refactor and move links into hints
* Fix i18n tests
* Fix HTML output of site_upload_delete_hint
* Add `--skip-media-remove` option to `tootctl statuses remove` (#13080)
* Add skip_media_remove option to tootctl statuses remove
* Add skip_media_remove option to tootctl statuses remove
Co-authored-by: tateisu <tateisu@juggler.jp>
* Code style improvements in JavaScript (#13159)
* JS-linter: fix trailing comma's
* Configure eslinter to ignore this onchange error.
* Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page
* Duplicate save button on long form
* Fix click submit on profile spec
* Update nginx.conf (#13066)
* Change wording of media display preferences to be more intuitive (#13198)
* Change the tooltip "Toggle visibility" to "Hide media" in web UI (#13199)
* Add support for links to statuses in announcements to be opened in web UI (#13212)
* Add support for links to public statuses in announcements to be opened in WebUI
* Please CodeClimate
* Fix public posts from silenced accounts not being changed to unlisted visibility (#13096)
* Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change local media attachments to perform heavy processing asynchronously (#13210)
Fix#9106
* Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix compatibility with cld3 3.3.0
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
* Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
* Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.
* update
* Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)
* Fix videos with unsupported colorspace not being transcoded (#13242)
* Fix regression in “Edit media” modal in web UI (#13243)
* [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile
* Update Dockerfile
* Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
* Add titles to warning presets in admin UI (#13252)
* Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI
* Add option to blacklist resolved MX and IP records for e-mail domains
* Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes#13266
* Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump capistrano from 3.11.2 to 3.12.1
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289)
* Decommission support for Ruby 2.4 (#13287)
* Update Gemfile
* Update README.md
* Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
* Make bookmarks also searchable (#13271)
* Add link to bookmarks in web UI dropdown (#13273)
* Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock
* Update package.json
* Update public.js
* Update admin.js
* Update log_out.js
* Update common.js
* [Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Sidekiq::Logger.logger -> Sidekiq.logger
* Drop support Ruby 2.4
* update
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix bookmarks also searchable (#13293)
* Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294)
* Change poll option hover/active styling to be less confusing (#13313)
* Fix frontend crash when deleting announcements (#13312)
Refactor and fix#13283, which only worked in some cases.
* Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
* Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump aws-sdk-s3 from 1.60.1 to 1.61.1 (#13306)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* New Crowdin translations (#13064)
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations devise.en.yml (Icelandic)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Swedish)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Asturian)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations activerecord.en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Kabyle)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations devise.en.yml (Breton)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations doorkeeper.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations devise.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Bump babel-plugin-preval from 4.0.0 to 5.0.0 (#13297)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v4.0.0...v5.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-react-inline-elements from 7.8.3 to 7.9.0 (#13298)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/core from 7.8.6 to 7.9.0 (#13303)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.6 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.6...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack-bundle-analyzer from 3.6.0 to 3.6.1 (#13300)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.6.0...v3.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change `tootctl media remove-orphans` to work for all classes (#13316)
Change `tootctl media lookup` to not use an interactive prompt
* Bump react-select from 3.0.8 to 3.1.0 (#13296)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 (#13301)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack from 4.41.5 to 4.42.1 (#13319)
Bumps [webpack](https://github.com/webpack/webpack) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix Paperclip using deprecated URI.escape function (#13320)
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
* Bump brakeman from 4.7.2 to 4.8.0 (#13309)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
Fixes#13321
* Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
* Fix incorrect deletion of local accounts imported by overwriting (#13350)
* Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)
* Bump pg from 1.2.2 to 1.2.3 (#13344)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump oj from 3.10.3 to 3.10.5 (#13345)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump iso-639 from 0.2.8 to 0.3.5 (#13343)
Bumps [iso-639](https://github.com/xwmx/iso-639) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases)
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump ox from 2.12.1 to 2.13.2 (#13342)
Bumps [ox](https://github.com/ohler55/ox) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump better_errors from 2.5.1 to 2.6.0 (#13340)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix ImportsController param to permit :mode (#13347)
* Bump parallel_tests from 2.30.1 to 2.32.0 (#13341)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump uuid from 3.4.0 to 7.0.2 (#13295)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix content warning being unnecessarily cleared when enabling/disabling CW (#13348)
* Bump concurrent-ruby from 1.1.5 to 1.1.6 (#13346)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react from 16.12.0 to 16.13.1 (#13337)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump stringz from 2.0.0 to 2.1.0 (#13331)
Bumps [stringz](https://github.com/sallar/stringz) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases)
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sallar/stringz/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 25.1.0 to 25.2.4 (#13332)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-env from 7.8.3 to 7.9.0 (#13336)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump yargs from 15.1.0 to 15.3.1 (#13334)
Bumps [yargs](https://github.com/yargs/yargs) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-loader from 8.0.6 to 8.1.0 (#13333)
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-react from 7.8.3 to 7.9.4 (#13335)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump autoprefixer from 9.7.4 to 9.7.5 (#13338)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix re-sending of e-mail confirmation not being rate limited (#13360)
Fix#13330
* Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix background jobs not using locks like they are supposed to (#13361)
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 (#13367)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump faker from 2.10.1 to 2.11.0 (#13363)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump tty-prompt from 0.20.0 to 0.21.0 (#13366)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump bootsnap from 1.4.5 to 1.4.6 (#13369)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.1 to 3.1.2 (#13368)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)
Fix#13216
* Fix returning results when searching for URL with non-zero offset (#13377)
Fix#13083
* Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)
Fix#13371
* Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
* Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Add ability to filter audit log in admin UI (#13381)
* Update Vagrant box to Bionic (#13384)
* Update config.yml (#13379)
* Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
* Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
* Bump version to 3.1.3 (#13389)
* Fix PostgreSQL load when linking in announcements (#13250)
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
* [Security] Update Dockerfile for Ruby 2.6.6 (#13393)
* Update .ruby-version (#13395)
* Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Add rate limit for reporting (#13390)
* New Crowdin translations (#13317)
* New translations en.yml (Italian)
[ci skip]
* New translations doorkeeper.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (Ido)
[ci skip]
* New translations doorkeeper.en.yml (Ido)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Georgian)
[ci skip]
* New translations doorkeeper.en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations doorkeeper.en.yml (Greek)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Hebrew)
[ci skip]
* New translations devise.en.yml (Hebrew)
[ci skip]
* New translations doorkeeper.en.yml (Hebrew)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations doorkeeper.en.yml (Esperanto)
[ci skip]
* New translations doorkeeper.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Estonian)
[ci skip]
* New translations simple_form.en.yml (Estonian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]
* New translations activerecord.en.yml (Vietnamese)
[ci skip]
* New translations devise.en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (German)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations devise.en.yml (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.y…
* clean up old theme (#279)
fix override settings
Co-authored-by: ThibG <thib@sitedethib.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: koyu <me@koyu.space>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: David Cook <divergentdave@gmail.com>
Co-authored-by: tateisu <tateisu@gmail.com>
Co-authored-by: tateisu <tateisu@juggler.jp>
Co-authored-by: Bèr Kessels <ber@berk.es>
Co-authored-by: guigeekz <pattusg@gmail.com>
Co-authored-by: Shlee <github@shl.ee>
Co-authored-by: mayaeh <mayaeh@marimo-net.org>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Daniel Sockwell <dsockwell@gmail.com>
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Takeshi Umeda <noel.yoshiba@gmail.com>
Co-authored-by: Sasha Sorokin <dafri.nochiterov8@gmail.com>
Co-authored-by: fuyu <54523771+mfmfuyu@users.noreply.github.com>
Co-authored-by: Rintan <rintanminecraft@gmail.com>
* 3.1.3 (#275)
* Fix announcements with fully-qualified mention to local user crashing WebUI (#13164)
* [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords
Fixes#13154
* Refactor
* Fix elasticsearch-api and faraday incompatibilities (#13166)
* Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
* Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add tooltips to audio/video player buttons (#13203)
* Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes#13168
* Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
* Remove useless `respond_to` calls (#13208)
* Change GIF label to be displayed even when autoplay is enabled in web UI (#13209)
* Fix too large announcements not being scrollable in web UI (#13211)
* Add specific rate limits for posting and following (#13172)
* Fix text area above/right of emoji picker being accidentally clickable in web UI (#13148)
* Add sorting by username, creation and last activity in moderation view (#13076)
* Add ability to order accounts in moderation view
* Display last status date in “Most recent activity” for remote users
* Fix error when searching for URLs that contain the mention syntax (#13151)
Fixes#13150
* Set BUNDLE_PATH in CircleCI (#13214)
* Change description of privacy levels to be more intuitive in web UI (#13197)
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads
* Refactor and move links into hints
* Fix i18n tests
* Fix HTML output of site_upload_delete_hint
* Add `--skip-media-remove` option to `tootctl statuses remove` (#13080)
* Add skip_media_remove option to tootctl statuses remove
* Add skip_media_remove option to tootctl statuses remove
Co-authored-by: tateisu <tateisu@juggler.jp>
* Code style improvements in JavaScript (#13159)
* JS-linter: fix trailing comma's
* Configure eslinter to ignore this onchange error.
* Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page
* Duplicate save button on long form
* Fix click submit on profile spec
* Update nginx.conf (#13066)
* Change wording of media display preferences to be more intuitive (#13198)
* Change the tooltip "Toggle visibility" to "Hide media" in web UI (#13199)
* Add support for links to statuses in announcements to be opened in web UI (#13212)
* Add support for links to public statuses in announcements to be opened in WebUI
* Please CodeClimate
* Fix public posts from silenced accounts not being changed to unlisted visibility (#13096)
* Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change local media attachments to perform heavy processing asynchronously (#13210)
Fix#9106
* Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix compatibility with cld3 3.3.0
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
* Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
* Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.
* update
* Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)
* Fix videos with unsupported colorspace not being transcoded (#13242)
* Fix regression in “Edit media” modal in web UI (#13243)
* [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile
* Update Dockerfile
* Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
* Add titles to warning presets in admin UI (#13252)
* Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI
* Add option to blacklist resolved MX and IP records for e-mail domains
* Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes#13266
* Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump capistrano from 3.11.2 to 3.12.1
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289)
* Decommission support for Ruby 2.4 (#13287)
* Update Gemfile
* Update README.md
* Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
* Make bookmarks also searchable (#13271)
* Add link to bookmarks in web UI dropdown (#13273)
* Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock
* Update package.json
* Update public.js
* Update admin.js
* Update log_out.js
* Update common.js
* [Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Sidekiq::Logger.logger -> Sidekiq.logger
* Drop support Ruby 2.4
* update
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix bookmarks also searchable (#13293)
* Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294)
* Change poll option hover/active styling to be less confusing (#13313)
* Fix frontend crash when deleting announcements (#13312)
Refactor and fix#13283, which only worked in some cases.
* Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
* Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump aws-sdk-s3 from 1.60.1 to 1.61.1 (#13306)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* New Crowdin translations (#13064)
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations devise.en.yml (Icelandic)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Swedish)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Asturian)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations activerecord.en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Kabyle)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations devise.en.yml (Breton)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations doorkeeper.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations devise.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Bump babel-plugin-preval from 4.0.0 to 5.0.0 (#13297)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v4.0.0...v5.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-react-inline-elements from 7.8.3 to 7.9.0 (#13298)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/core from 7.8.6 to 7.9.0 (#13303)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.6 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.6...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack-bundle-analyzer from 3.6.0 to 3.6.1 (#13300)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.6.0...v3.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change `tootctl media remove-orphans` to work for all classes (#13316)
Change `tootctl media lookup` to not use an interactive prompt
* Bump react-select from 3.0.8 to 3.1.0 (#13296)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 (#13301)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack from 4.41.5 to 4.42.1 (#13319)
Bumps [webpack](https://github.com/webpack/webpack) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix Paperclip using deprecated URI.escape function (#13320)
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
* Bump brakeman from 4.7.2 to 4.8.0 (#13309)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
Fixes#13321
* Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
* Fix incorrect deletion of local accounts imported by overwriting (#13350)
* Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)
* Bump pg from 1.2.2 to 1.2.3 (#13344)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump oj from 3.10.3 to 3.10.5 (#13345)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump iso-639 from 0.2.8 to 0.3.5 (#13343)
Bumps [iso-639](https://github.com/xwmx/iso-639) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases)
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump ox from 2.12.1 to 2.13.2 (#13342)
Bumps [ox](https://github.com/ohler55/ox) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump better_errors from 2.5.1 to 2.6.0 (#13340)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix ImportsController param to permit :mode (#13347)
* Bump parallel_tests from 2.30.1 to 2.32.0 (#13341)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump uuid from 3.4.0 to 7.0.2 (#13295)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix content warning being unnecessarily cleared when enabling/disabling CW (#13348)
* Bump concurrent-ruby from 1.1.5 to 1.1.6 (#13346)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react from 16.12.0 to 16.13.1 (#13337)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump stringz from 2.0.0 to 2.1.0 (#13331)
Bumps [stringz](https://github.com/sallar/stringz) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases)
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sallar/stringz/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 25.1.0 to 25.2.4 (#13332)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-env from 7.8.3 to 7.9.0 (#13336)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump yargs from 15.1.0 to 15.3.1 (#13334)
Bumps [yargs](https://github.com/yargs/yargs) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-loader from 8.0.6 to 8.1.0 (#13333)
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-react from 7.8.3 to 7.9.4 (#13335)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump autoprefixer from 9.7.4 to 9.7.5 (#13338)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix re-sending of e-mail confirmation not being rate limited (#13360)
Fix#13330
* Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix background jobs not using locks like they are supposed to (#13361)
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 (#13367)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump faker from 2.10.1 to 2.11.0 (#13363)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump tty-prompt from 0.20.0 to 0.21.0 (#13366)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump bootsnap from 1.4.5 to 1.4.6 (#13369)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.1 to 3.1.2 (#13368)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)
Fix#13216
* Fix returning results when searching for URL with non-zero offset (#13377)
Fix#13083
* Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)
Fix#13371
* Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
* Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Add ability to filter audit log in admin UI (#13381)
* Update Vagrant box to Bionic (#13384)
* Update config.yml (#13379)
* Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
* Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
* Bump version to 3.1.3 (#13389)
* Fix PostgreSQL load when linking in announcements (#13250)
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
* [Security] Update Dockerfile for Ruby 2.6.6 (#13393)
* Update .ruby-version (#13395)
* Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Add rate limit for reporting (#13390)
* New Crowdin translations (#13317)
* New translations en.yml (Italian)
[ci skip]
* New translations doorkeeper.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (Ido)
[ci skip]
* New translations doorkeeper.en.yml (Ido)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Georgian)
[ci skip]
* New translations doorkeeper.en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations doorkeeper.en.yml (Greek)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Hebrew)
[ci skip]
* New translations devise.en.yml (Hebrew)
[ci skip]
* New translations doorkeeper.en.yml (Hebrew)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations doorkeeper.en.yml (Esperanto)
[ci skip]
* New translations doorkeeper.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Estonian)
[ci skip]
* New translations simple_form.en.yml (Estonian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]
* New translations activerecord.en.yml (Vietnamese)
[ci skip]
* New translations devise.en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (German)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations devise.en.yml (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New t…
* Materialテーマのアップデートとバリエーションの追加 (#276)
* Material theme (dev) initial release
* fix CSP
* fix CSP (#268)
* fix icon font path
* 相対パスの修正 (#269)
* fix CSP
* fix icon font path
* 相対パスの修正 (#270)
* fix CSP
* fix icon font path
* fix font path
* Revert "相対パスの修正 (#270)" (#271)
This reverts commit 27998a80fe.
* Revert "相対パスの修正 (#269)" (#272)
This reverts commit f864de23f4.
* fix relative path
* fix override settings
* Add variation
Update material theme
Co-authored-by: YoheiZuho <yuuman002@gmail.com>
Co-authored-by: ThibG <thib@sitedethib.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: koyu <me@koyu.space>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: David Cook <divergentdave@gmail.com>
Co-authored-by: tateisu <tateisu@gmail.com>
Co-authored-by: tateisu <tateisu@juggler.jp>
Co-authored-by: Bèr Kessels <ber@berk.es>
Co-authored-by: guigeekz <pattusg@gmail.com>
Co-authored-by: Shlee <github@shl.ee>
Co-authored-by: mayaeh <mayaeh@marimo-net.org>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Daniel Sockwell <dsockwell@gmail.com>
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Takeshi Umeda <noel.yoshiba@gmail.com>
Co-authored-by: Sasha Sorokin <dafri.nochiterov8@gmail.com>
Co-authored-by: fuyu <54523771+mfmfuyu@users.noreply.github.com>
Co-authored-by: Rintan <rintanminecraft@gmail.com>
* Fix announcements with fully-qualified mention to local user crashing WebUI (#13164)
* [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords
Fixes#13154
* Refactor
* Fix elasticsearch-api and faraday incompatibilities (#13166)
* Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
* Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add tooltips to audio/video player buttons (#13203)
* Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes#13168
* Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
* Remove useless `respond_to` calls (#13208)
* Change GIF label to be displayed even when autoplay is enabled in web UI (#13209)
* Fix too large announcements not being scrollable in web UI (#13211)
* Add specific rate limits for posting and following (#13172)
* Fix text area above/right of emoji picker being accidentally clickable in web UI (#13148)
* Add sorting by username, creation and last activity in moderation view (#13076)
* Add ability to order accounts in moderation view
* Display last status date in “Most recent activity” for remote users
* Fix error when searching for URLs that contain the mention syntax (#13151)
Fixes#13150
* Set BUNDLE_PATH in CircleCI (#13214)
* Change description of privacy levels to be more intuitive in web UI (#13197)
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads
* Refactor and move links into hints
* Fix i18n tests
* Fix HTML output of site_upload_delete_hint
* Add `--skip-media-remove` option to `tootctl statuses remove` (#13080)
* Add skip_media_remove option to tootctl statuses remove
* Add skip_media_remove option to tootctl statuses remove
Co-authored-by: tateisu <tateisu@juggler.jp>
* Code style improvements in JavaScript (#13159)
* JS-linter: fix trailing comma's
* Configure eslinter to ignore this onchange error.
* Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page
* Duplicate save button on long form
* Fix click submit on profile spec
* Update nginx.conf (#13066)
* Change wording of media display preferences to be more intuitive (#13198)
* Change the tooltip "Toggle visibility" to "Hide media" in web UI (#13199)
* Add support for links to statuses in announcements to be opened in web UI (#13212)
* Add support for links to public statuses in announcements to be opened in WebUI
* Please CodeClimate
* Fix public posts from silenced accounts not being changed to unlisted visibility (#13096)
* Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change local media attachments to perform heavy processing asynchronously (#13210)
Fix#9106
* Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix compatibility with cld3 3.3.0
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
* Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
* Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.
* update
* Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)
* Fix videos with unsupported colorspace not being transcoded (#13242)
* Fix regression in “Edit media” modal in web UI (#13243)
* [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile
* Update Dockerfile
* Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
* Add titles to warning presets in admin UI (#13252)
* Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI
* Add option to blacklist resolved MX and IP records for e-mail domains
* Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes#13266
* Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump capistrano from 3.11.2 to 3.12.1
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289)
* Decommission support for Ruby 2.4 (#13287)
* Update Gemfile
* Update README.md
* Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
* Make bookmarks also searchable (#13271)
* Add link to bookmarks in web UI dropdown (#13273)
* Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock
* Update package.json
* Update public.js
* Update admin.js
* Update log_out.js
* Update common.js
* [Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Sidekiq::Logger.logger -> Sidekiq.logger
* Drop support Ruby 2.4
* update
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix bookmarks also searchable (#13293)
* Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294)
* Change poll option hover/active styling to be less confusing (#13313)
* Fix frontend crash when deleting announcements (#13312)
Refactor and fix#13283, which only worked in some cases.
* Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
* Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump aws-sdk-s3 from 1.60.1 to 1.61.1 (#13306)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* New Crowdin translations (#13064)
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations devise.en.yml (Icelandic)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Swedish)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Asturian)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations activerecord.en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Kabyle)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations devise.en.yml (Breton)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations doorkeeper.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations devise.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Bump babel-plugin-preval from 4.0.0 to 5.0.0 (#13297)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v4.0.0...v5.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-react-inline-elements from 7.8.3 to 7.9.0 (#13298)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/core from 7.8.6 to 7.9.0 (#13303)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.6 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.6...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack-bundle-analyzer from 3.6.0 to 3.6.1 (#13300)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.6.0...v3.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change `tootctl media remove-orphans` to work for all classes (#13316)
Change `tootctl media lookup` to not use an interactive prompt
* Bump react-select from 3.0.8 to 3.1.0 (#13296)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 (#13301)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack from 4.41.5 to 4.42.1 (#13319)
Bumps [webpack](https://github.com/webpack/webpack) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix Paperclip using deprecated URI.escape function (#13320)
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
* Bump brakeman from 4.7.2 to 4.8.0 (#13309)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
Fixes#13321
* Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
* Fix incorrect deletion of local accounts imported by overwriting (#13350)
* Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)
* Bump pg from 1.2.2 to 1.2.3 (#13344)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump oj from 3.10.3 to 3.10.5 (#13345)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump iso-639 from 0.2.8 to 0.3.5 (#13343)
Bumps [iso-639](https://github.com/xwmx/iso-639) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases)
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump ox from 2.12.1 to 2.13.2 (#13342)
Bumps [ox](https://github.com/ohler55/ox) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump better_errors from 2.5.1 to 2.6.0 (#13340)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix ImportsController param to permit :mode (#13347)
* Bump parallel_tests from 2.30.1 to 2.32.0 (#13341)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump uuid from 3.4.0 to 7.0.2 (#13295)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix content warning being unnecessarily cleared when enabling/disabling CW (#13348)
* Bump concurrent-ruby from 1.1.5 to 1.1.6 (#13346)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react from 16.12.0 to 16.13.1 (#13337)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump stringz from 2.0.0 to 2.1.0 (#13331)
Bumps [stringz](https://github.com/sallar/stringz) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases)
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sallar/stringz/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 25.1.0 to 25.2.4 (#13332)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-env from 7.8.3 to 7.9.0 (#13336)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump yargs from 15.1.0 to 15.3.1 (#13334)
Bumps [yargs](https://github.com/yargs/yargs) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-loader from 8.0.6 to 8.1.0 (#13333)
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-react from 7.8.3 to 7.9.4 (#13335)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump autoprefixer from 9.7.4 to 9.7.5 (#13338)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix re-sending of e-mail confirmation not being rate limited (#13360)
Fix#13330
* Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix background jobs not using locks like they are supposed to (#13361)
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 (#13367)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump faker from 2.10.1 to 2.11.0 (#13363)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump tty-prompt from 0.20.0 to 0.21.0 (#13366)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump bootsnap from 1.4.5 to 1.4.6 (#13369)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.1 to 3.1.2 (#13368)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)
Fix#13216
* Fix returning results when searching for URL with non-zero offset (#13377)
Fix#13083
* Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)
Fix#13371
* Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
* Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Add ability to filter audit log in admin UI (#13381)
* Update Vagrant box to Bionic (#13384)
* Update config.yml (#13379)
* Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
* Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
* Bump version to 3.1.3 (#13389)
* Fix PostgreSQL load when linking in announcements (#13250)
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
* [Security] Update Dockerfile for Ruby 2.6.6 (#13393)
* Update .ruby-version (#13395)
* Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Add rate limit for reporting (#13390)
* New Crowdin translations (#13317)
* New translations en.yml (Italian)
[ci skip]
* New translations doorkeeper.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (Ido)
[ci skip]
* New translations doorkeeper.en.yml (Ido)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Georgian)
[ci skip]
* New translations doorkeeper.en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations doorkeeper.en.yml (Greek)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Hebrew)
[ci skip]
* New translations devise.en.yml (Hebrew)
[ci skip]
* New translations doorkeeper.en.yml (Hebrew)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations doorkeeper.en.yml (Esperanto)
[ci skip]
* New translations doorkeeper.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Estonian)
[ci skip]
* New translations simple_form.en.yml (Estonian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]
* New translations activerecord.en.yml (Vietnamese)
[ci skip]
* New translations devise.en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (German)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations devise.en.yml (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New t…
Co-authored-by: ThibG <thib@sitedethib.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: koyu <me@koyu.space>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: David Cook <divergentdave@gmail.com>
Co-authored-by: tateisu <tateisu@gmail.com>
Co-authored-by: tateisu <tateisu@juggler.jp>
Co-authored-by: Bèr Kessels <ber@berk.es>
Co-authored-by: guigeekz <pattusg@gmail.com>
Co-authored-by: Shlee <github@shl.ee>
Co-authored-by: mayaeh <mayaeh@marimo-net.org>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Daniel Sockwell <dsockwell@gmail.com>
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Takeshi Umeda <noel.yoshiba@gmail.com>
Co-authored-by: Sasha Sorokin <dafri.nochiterov8@gmail.com>
Co-authored-by: fuyu <54523771+mfmfuyu@users.noreply.github.com>
* Fix announcements with fully-qualified mention to local user crashing WebUI (#13164)
* [Security] Bump puma from 4.3.1 to 4.3.2 (#13167)
Bumps [puma](https://github.com/puma/puma) from 4.3.1 to 4.3.2. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.3.1...v4.3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix installation failing when Redis password contains special characters (#13156)
* Add support for special characters in Redis passwords
Fixes#13154
* Refactor
* Fix elasticsearch-api and faraday incompatibilities (#13166)
* Bump puma from 4.3.2 to 4.3.3 (#13177)
This fixes cookies and devise authentication being broken as a result of
upgrading to puma 4.3.2, see https://github.com/puma/puma/issues/2132
* Bump strong_migrations from 0.5.1 to 0.6.2 (#13071)
Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.1 to 0.6.2.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.1...v0.6.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump oj from 3.10.1 to 3.10.3 (#13187)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump json-ld-preloaded from 3.1.0 to 3.1.1 (#13143)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/core from 7.8.4 to 7.8.6 (#13185)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.4 to 7.8.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.4...v7.8.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump webpack-dev-server from 3.10.1 to 3.10.3 (#13184)
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 3.10.1 to 3.10.3.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v3.10.1...v3.10.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump @babel/runtime from 7.8.3 to 7.8.4 (#13183)
Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.8.3 to 7.8.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.8.4/packages/babel-runtime)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add tooltips to audio/video player buttons (#13203)
* Fix "tootctl media remove-orphans" crashing when encountering invalid media (#13170)
Fixes#13168
* Change the string "Hide everything from …" to "Block domain …" in web UI (#13178)
Blocking a domain is closer to blocking all its users than to a mute
action.
* Remove useless `respond_to` calls (#13208)
* Change GIF label to be displayed even when autoplay is enabled in web UI (#13209)
* Fix too large announcements not being scrollable in web UI (#13211)
* Add specific rate limits for posting and following (#13172)
* Fix text area above/right of emoji picker being accidentally clickable in web UI (#13148)
* Add sorting by username, creation and last activity in moderation view (#13076)
* Add ability to order accounts in moderation view
* Display last status date in “Most recent activity” for remote users
* Fix error when searching for URLs that contain the mention syntax (#13151)
Fixes#13150
* Set BUNDLE_PATH in CircleCI (#13214)
* Change description of privacy levels to be more intuitive in web UI (#13197)
* Improve description of privacy levels in compose interface
* Change strings in defaultMessage and source as well as english
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
* Add ability to delete files uploaded for settings in admin UI (#13192)
* Allow deleting site uploads
* Refactor and move links into hints
* Fix i18n tests
* Fix HTML output of site_upload_delete_hint
* Add `--skip-media-remove` option to `tootctl statuses remove` (#13080)
* Add skip_media_remove option to tootctl statuses remove
* Add skip_media_remove option to tootctl statuses remove
Co-authored-by: tateisu <tateisu@juggler.jp>
* Code style improvements in JavaScript (#13159)
* JS-linter: fix trailing comma's
* Configure eslinter to ignore this onchange error.
* Add submit button to the top of preferences pages (#13068)
* Move submit button to the top of the edit page
* Duplicate save button on long form
* Fix click submit on profile spec
* Update nginx.conf (#13066)
* Change wording of media display preferences to be more intuitive (#13198)
* Change the tooltip "Toggle visibility" to "Hide media" in web UI (#13199)
* Add support for links to statuses in announcements to be opened in web UI (#13212)
* Add support for links to public statuses in announcements to be opened in WebUI
* Please CodeClimate
* Fix public posts from silenced accounts not being changed to unlisted visibility (#13096)
* Bump doorkeeper from 5.2.3 to 5.3.1 (#13144)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.3 to 5.3.1.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.3...v.5.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change local media attachments to perform heavy processing asynchronously (#13210)
Fix#9106
* Add federation support for the "hide network" preference (#11673)
* Change ActivityPub follower/following collections to not link first page
* Add support for hiding followers and following of remote users
* Switch to using a single `hide_collections` column
* Address code style remarks
* Bump cld3 from 3.2.6 to 3.3.0 (#13107)
* Bump cld3 from 3.2.6 to 3.3.0
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.6 to 3.3.0.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.2.6...v3.3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Fix compatibility with cld3 3.3.0
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
* Change video uploads to enforce certain limits (#13218)
- Dimensions at most 1920x1200
- Frame rate at most 60
* Change video uploads to always be converted to H264/MP4 (#13220)
Even if the container format is the same (.mp4), the codec could
be different and not playable in web browsers
* Change the string "hidden" to "blocked" in WebUI (#13221)
* Change the string "hidden" to "blocked" in WebUI.
* update
* Bump file-loader from 5.0.2 to 5.1.0 (#13225)
Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v5.0.2...v5.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump wicg-inert from 3.0.0 to 3.0.2 (#13226)
Bumps [wicg-inert](https://github.com/WICG/inert) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/WICG/inert/releases)
- [Commits](https://github.com/WICG/inert/compare/v3.0.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump cross-env from 6.0.3 to 7.0.2 (#13228)
Bumps [cross-env](https://github.com/kentcdodds/cross-env) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/kentcdodds/cross-env/releases)
- [Changelog](https://github.com/kentcdodds/cross-env/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/cross-env/compare/v6.0.3...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump eslint-plugin-react from 7.17.0 to 7.19.0 (#13224)
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.17.0 to 7.19.0.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.17.0...v7.19.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix MP4 (H264 + AAC) video files being needlessly re-encoded (#13239)
* Fix videos with unsupported colorspace not being transcoded (#13242)
* Fix regression in “Edit media” modal in web UI (#13243)
* [Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile
* Update Dockerfile
* Fix detailed view of direct messages displaying a 0 boost count (#13244)
The boost count is already removed from private toots,
do the same with direct messages.
* Add titles to warning presets in admin UI (#13252)
* Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (#13254)
* Add shortcuts to blacklist a user's e-mail domain in admin UI
* Add option to blacklist resolved MX and IP records for e-mail domains
* Fix some timeouts when searching URLs by limiting some database queries (#13253)
Only look up private toots from database if the request failed because of 401,
403 or 404 errors, as those may indicate a private toot, rather than something
that isn't a toot or cannot be processed.
* Fix WebUI crash in single-column mode on prehistoric browsers (#13267)
Fixes#13266
* Bump react-immutable-proptypes from 2.1.0 to 2.2.0 (#13259)
Bumps [react-immutable-proptypes](https://github.com/HurricaneJames/react-immutable-proptypes) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/HurricaneJames/react-immutable-proptypes/releases)
- [Changelog](https://github.com/HurricaneJames/react-immutable-proptypes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/HurricaneJames/react-immutable-proptypes/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 24.9.0 to 25.1.0 (#12973)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 24.9.0 to 25.1.0.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.1.0/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-dom from 16.12.0 to 16.13.0 (#13181)
Bumps [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-dom)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react-test-renderer from 16.12.0 to 16.13.0 (#13260)
Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.12.0 to 16.13.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.0/packages/react-test-renderer)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sass from 1.25.0 to 1.26.3 (#13263)
Bumps [sass](https://github.com/sass/dart-sass) from 1.25.0 to 1.26.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.25.0...1.26.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump mkdirp from 0.5.1 to 1.0.3 (#12979)
Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 0.5.1 to 1.0.3.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/commits/v1.0.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump redis from 2.8.0 to 3.0.2 (#13102)
Bumps [redis](https://github.com/NodeRedis/node-redis) from 2.8.0 to 3.0.2.
- [Release notes](https://github.com/NodeRedis/node-redis/releases)
- [Changelog](https://github.com/NodeRedis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NodeRedis/node-redis/compare/v.2.8.0...v3.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.0 to 3.1.1 (#13230)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.0...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simple_form from 5.0.1 to 5.0.2 (#13231)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.1...v5.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq-scheduler from 3.0.0 to 3.0.1 (#13233)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.0...v3.0.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webmock from 3.8.0 to 3.8.3 (#13265)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.0 to 3.8.3.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.0...v3.8.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump capistrano from 3.11.2 to 3.12.1 (#13264)
* Bump capistrano from 3.11.2 to 3.12.1
Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.11.2 to 3.12.1.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.11.2...v3.12.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Bump capistrano from 3.11.2 to 3.12.1
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix reported accounts not being whitelisted when resolving a spamcheck report (#13289)
* Decommission support for Ruby 2.4 (#13287)
* Update Gemfile
* Update README.md
* Fix frontend crash when deleting announcements (#13283)
This two-line change fixes a crash in the front end that occurred
under the following circumstances:
* A server had more than one announcement,
* A user was displaying the announcements, and
* An announcement was deleted (or unpublished, which amounts to
the same thing.)
As might be expected, the bug was caused by attempting to access a
notification using an index value outside the bounds of the existing
announcements. Specifically, in two places. First,
`_markAnnouncementAsRead` attempts to modify announcements based on
the current index. This is what caused the front end crash. Second,
when rendering the `Announcements` component, the code paginates the
announcements and displays the current one. This did not cause a
crash, but caused the front end to confusingly display a blank
announcement (in situations that would have caused a crash) with no
way for the user to navigate back to previous announcements.
This commit fixes both issues by adding a check to ensure that the
code never attempts to access an announcement with an index greater
than or equal to the number of announcements present.
* Make bookmarks also searchable (#13271)
* Add link to bookmarks in web UI dropdown (#13273)
* Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock
* Update package.json
* Update public.js
* Update admin.js
* Update log_out.js
* Update common.js
* [Security] Bump omniauth from 1.9.0 to 1.9.1 (#13229)
Bumps [omniauth](https://github.com/omniauth/omniauth) from 1.9.0 to 1.9.1. **This update includes a security fix.**
- [Release notes](https://github.com/omniauth/omniauth/releases)
- [Commits](https://github.com/omniauth/omniauth/compare/v1.9.0...v1.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
* Bump sidekiq from 5.2.7 to 6.0.0
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.7 to 6.0.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v5.2.7...v6.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Sidekiq::Logger.logger -> Sidekiq.logger
* Drop support Ruby 2.4
* update
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Fix bookmarks also searchable (#13293)
* Bump sidekiq-unique-jobs from 6.0.18 to 6.0.20 (#13294)
* Change poll option hover/active styling to be less confusing (#13313)
* Fix frontend crash when deleting announcements (#13312)
Refactor and fix#13283, which only worked in some cases.
* Fix media not being marked sensitive when client sets a CW but no text (#13277)
Mastodon enforces the “sensitive” flag on media attachments whenever a toot
is posted with a Content Warning. However, it does so *after* potentially
converting the Content Warning to toot text (when there is no toot text),
which leads to inconsistent and surprising behavior for API clients.
This commit fixes this inconsistency.
* Bump browser from 3.0.3 to 4.0.0 (#13307)
Bumps [browser](https://github.com/fnando/browser) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v3.0.3...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump i18n-tasks from 0.9.30 to 0.9.31 (#13304)
Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.30 to 0.9.31.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.30...v0.9.31)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump simplecov from 0.18.2 to 0.18.5 (#13310)
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.18.2 to 0.18.5.
- [Release notes](https://github.com/colszowka/simplecov/releases)
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md)
- [Commits](https://github.com/colszowka/simplecov/compare/v0.18.2...v0.18.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump rspec-rails from 3.9.0 to 3.9.1 (#13305)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.0 to 3.9.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.0...v3.9.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump discard from 1.1.0 to 1.2.0 (#13308)
Bumps [discard](https://github.com/jhawthorn/discard) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/jhawthorn/discard/releases)
- [Changelog](https://github.com/jhawthorn/discard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jhawthorn/discard/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump aws-sdk-s3 from 1.60.1 to 1.61.1 (#13306)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.60.1 to 1.61.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* New Crowdin translations (#13064)
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Dutch)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations devise.en.yml (Icelandic)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Lithuanian)
[ci skip]
* New translations en.yml (Norwegian)
[ci skip]
* New translations en.yml (Norwegian Nynorsk)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Kazakh)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Slovenian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Turkish)
[ci skip]
* New translations en.yml (Ukrainian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Serbian (Cyrillic))
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Albanian)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Kabyle)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Czech)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Esperanto)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Dutch)
[ci skip]
* New translations en.yml (Danish)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations en.yml (Vietnamese)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Swedish)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Welsh)
[ci skip]
* New translations simple_form.en.yml (Welsh)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Catalan)
[ci skip]
* New translations simple_form.en.yml (Portuguese)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations simple_form.en.yml (Korean)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Galician)
[ci skip]
* New translations simple_form.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations simple_form.en.yml (Corsican)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations simple_form.en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (Asturian)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations devise.en.yml (Kabyle)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Occitan)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations doorkeeper.en.yml (Slovak)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations activerecord.en.yml (Occitan)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations activerecord.en.yml (Kabyle)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations devise.en.yml (Breton)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations doorkeeper.en.yml (Breton)
[ci skip]
* New translations simple_form.en.yml (Breton)
[ci skip]
* New translations en.yml (Breton)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations devise.en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Russian)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations simple_form.en.yml (Japanese)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Bump babel-plugin-preval from 4.0.0 to 5.0.0 (#13297)
Bumps [babel-plugin-preval](https://github.com/kentcdodds/babel-plugin-preval) from 4.0.0 to 5.0.0.
- [Release notes](https://github.com/kentcdodds/babel-plugin-preval/releases)
- [Changelog](https://github.com/kentcdodds/babel-plugin-preval/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kentcdodds/babel-plugin-preval/compare/v4.0.0...v5.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-react-inline-elements from 7.8.3 to 7.9.0 (#13298)
Bumps [@babel/plugin-transform-react-inline-elements](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/core from 7.8.6 to 7.9.0 (#13303)
Bumps [@babel/core](https://github.com/babel/babel) from 7.8.6 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.6...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack-bundle-analyzer from 3.6.0 to 3.6.1 (#13300)
Bumps [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases)
- [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/webpack-bundle-analyzer/compare/v3.6.0...v3.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Change `tootctl media remove-orphans` to work for all classes (#13316)
Change `tootctl media lookup` to not use an interactive prompt
* Bump react-select from 3.0.8 to 3.1.0 (#13296)
Bumps [react-select](https://github.com/JedWatson/react-select) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/.sweet-changelogs.js)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@3.0.8...react-select@3.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/plugin-transform-runtime from 7.8.3 to 7.9.0 (#13301)
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump webpack from 4.41.5 to 4.42.1 (#13319)
Bumps [webpack](https://github.com/webpack/webpack) from 4.41.5 to 4.42.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.5...v4.42.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix Paperclip using deprecated URI.escape function (#13320)
Monkey-patch Paperclip to perform URL escaping in a slightly more
appropriate way, and get rid of runtime deprecation warnings.
* Bump brakeman from 4.7.2 to 4.8.0 (#13309)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.2...v4.8.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
Fixes#13321
* Fix 404 and 410 API errors being silently discarded in WebUI (#13279)
* Fix 404 and 410 API errors being silently discarded in WebUI
Fixes#13278
* Return more appropriate error when user replies to a deleted toot
* Please CodeClimate
* Fix 404/410 errors on fetching account timelines & identity proofs
* Refactor error handling
* Move error message string to statuses.errors
* Fix incorrect deletion of local accounts imported by overwriting (#13350)
* Fix wrong color for ellipsis in boost confirmation dialog in Web UI (#13355)
* Bump pg from 1.2.2 to 1.2.3 (#13344)
Bumps [pg](https://github.com/ged/ruby-pg) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.2.2...v1.2.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump oj from 3.10.3 to 3.10.5 (#13345)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.3 to 3.10.5.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.3...v3.10.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump iso-639 from 0.2.8 to 0.3.5 (#13343)
Bumps [iso-639](https://github.com/xwmx/iso-639) from 0.2.8 to 0.3.5.
- [Release notes](https://github.com/xwmx/iso-639/releases)
- [Commits](https://github.com/xwmx/iso-639/compare/0.2.8...0.3.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump ox from 2.12.1 to 2.13.2 (#13342)
Bumps [ox](https://github.com/ohler55/ox) from 2.12.1 to 2.13.2.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.12.1...v2.13.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump better_errors from 2.5.1 to 2.6.0 (#13340)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.5.1...v2.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix ImportsController param to permit :mode (#13347)
* Bump parallel_tests from 2.30.1 to 2.32.0 (#13341)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.1 to 2.32.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.1...v2.32.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump uuid from 3.4.0 to 7.0.2 (#13295)
Bumps [uuid](https://github.com/uuidjs/uuid) from 3.4.0 to 7.0.2.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v3.4.0...v7.0.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix content warning being unnecessarily cleared when enabling/disabling CW (#13348)
* Bump concurrent-ruby from 1.1.5 to 1.1.6 (#13346)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.5...v1.1.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump react from 16.12.0 to 16.13.1 (#13337)
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.12.0 to 16.13.1.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.13.1/packages/react)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump stringz from 2.0.0 to 2.1.0 (#13331)
Bumps [stringz](https://github.com/sallar/stringz) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/sallar/stringz/releases)
- [Changelog](https://github.com/sallar/stringz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sallar/stringz/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-jest from 25.1.0 to 25.2.4 (#13332)
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 25.1.0 to 25.2.4.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v25.2.4/packages/babel-jest)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-env from 7.8.3 to 7.9.0 (#13336)
Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.8.3 to 7.9.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump yargs from 15.1.0 to 15.3.1 (#13334)
Bumps [yargs](https://github.com/yargs/yargs) from 15.1.0 to 15.3.1.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.1.0...v15.3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump babel-loader from 8.0.6 to 8.1.0 (#13333)
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0.
- [Release notes](https://github.com/babel/babel-loader/releases)
- [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel-loader/compare/v8.0.6...v8.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump @babel/preset-react from 7.8.3 to 7.9.4 (#13335)
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.8.3 to 7.9.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.8.3...v7.9.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump autoprefixer from 9.7.4 to 9.7.5 (#13338)
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.4 to 9.7.5.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.4...9.7.5)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix re-sending of e-mail confirmation not being rate limited (#13360)
Fix#13330
* Improve toot clicking areas (#13327)
* Make the area to the left “Show Thread” also expand the toot in Web UI
* Clicking the left part of a conversation with the avatars now opens it in Web UI
* Fix background jobs not using locks like they are supposed to (#13361)
Also:
- Fix locks not being removed when jobs go to the dead job queue
- Add UI for managing locks to the Sidekiq dashboard
- Remove unused Sidekiq workers
Fix#13349
* Bump sidekiq-unique-jobs from 6.0.20 to 6.0.21 (#13367)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.20 to 6.0.21.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.20...v6.0.21)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump faker from 2.10.1 to 2.11.0 (#13363)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/commits/v2.11.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump tty-prompt from 0.20.0 to 0.21.0 (#13366)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.20.0...v0.21.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump bootsnap from 1.4.5 to 1.4.6 (#13369)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Bump json-ld from 3.1.1 to 3.1.2 (#13368)
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)
Fix#13216
* Fix returning results when searching for URL with non-zero offset (#13377)
Fix#13083
* Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)
Fix#13371
* Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.
Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
* Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* Add ability to filter audit log in admin UI (#13381)
* Update Vagrant box to Bionic (#13384)
* Update config.yml (#13379)
* Add explanation as to why unlocked accounts may have follow requests (#13385)
* Add explanation as to why unlocked accounts may have follow requests
* Change wording to avoid “silenced”
* Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)
* Bump rails from 5.2.4.1 to 5.2.4.2
* Bump kind-of from 6.0.2 to 6.0.3
* Bump version to 3.1.3 (#13389)
* Fix PostgreSQL load when linking in announcements (#13250)
* Fix PostgreSQL load when linking in announcements
Fixes#13245 by caching status lookups
Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.
Since it's only used by announcements so far, there won't
be much statuses to cache.
* Perform status lookup when saving announcements, not when rendering them
* Change EntityCache#status to fetch URLs instead of looking into the database
* Move announcement link lookup to publishing worker
* Address issues pointed out during review
* [Security] Update Dockerfile for Ruby 2.6.6 (#13393)
* Update .ruby-version (#13395)
* Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages
Fixes#13169
* Fix initial text of CW button on public pages when CW are unfolded by default
* Add rate limit for reporting (#13390)
* New Crowdin translations (#13317)
* New translations en.yml (Italian)
[ci skip]
* New translations doorkeeper.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations devise.en.yml (Ido)
[ci skip]
* New translations doorkeeper.en.yml (Ido)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Georgian)
[ci skip]
* New translations doorkeeper.en.yml (Georgian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations simple_form.en.yml (German)
[ci skip]
* New translations doorkeeper.en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations simple_form.en.yml (Greek)
[ci skip]
* New translations doorkeeper.en.yml (Greek)
[ci skip]
* New translations en.yml (Hebrew)
[ci skip]
* New translations simple_form.en.yml (Hebrew)
[ci skip]
* New translations activerecord.en.yml (Hebrew)
[ci skip]
* New translations devise.en.yml (Hebrew)
[ci skip]
* New translations doorkeeper.en.yml (Hebrew)
[ci skip]
* New translations en.yml (Hindi)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations doorkeeper.en.yml (Esperanto)
[ci skip]
* New translations doorkeeper.en.yml (French)
[ci skip]
* New translations devise.en.yml (French)
[ci skip]
* New translations simple_form.en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations doorkeeper.en.yml (Finnish)
[ci skip]
* New translations simple_form.en.yml (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations doorkeeper.en.yml (Estonian)
[ci skip]
* New translations simple_form.en.yml (Estonian)
[ci skip]
* New translations en.yml (Estonian)
[ci skip]
* New translations doorkeeper.en.yml (Welsh)
[ci skip]
* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Serbian (Latin))
[ci skip]
* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]
* New translations activerecord.en.yml (Vietnamese)
[ci skip]
* New translations devise.en.yml (Vietnamese)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations simple_form.en.yml (Tamil)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Basque)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations simple_form.en.yml (Basque)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations devise.en.yml (German)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Swedish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.yml (Chinese Traditional)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations simple_form.en.yml (Italian)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Tamil)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations simple_form.en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Indonesian)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations simple_form.en.yml (Slovak)
[ci skip]
* New translations en.yml (Slovak)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Chinese Simplified)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations devise.en.yml (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Catalan)
[ci skip]
* New translations en.yml (Arabic)
[ci skip]
* New translations simple_form.en.yml (Persian)
[ci skip]
* New translations en.yml (Persian)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Korean)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Hungarian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (French)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (Russian)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (German)
[ci skip]
* New translations en.yml (Greek)
[ci skip]
* New translations en.yml (Italian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Occitan)
[ci skip]
* New translations en.yml (Corsican)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Spanish, Argentina)
[ci skip]
* New translations en.json (Albanian)
[ci skip]
* New translations en.json (Indonesian)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations en.json (Ido)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.json (Kabyle)
[ci skip]
* New translations en.json (Kannada)
[ci skip]
* New translations en.json (Hebrew)
[ci skip]
* New translations en.json (Hindi)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.json (Greek)
[ci skip]
* New translations en.json (Malayalam)
[ci skip]
* New translations en.json (Marathi)
[ci skip]
* New translations en.json (Norwegian)
[ci skip]
* New translations en.json (Norwegian Nynorsk)
[ci skip]
* New translations en.json (Malay)
[ci skip]
* New translations en.json (Kazakh)
[ci skip]
* New translations en.json (Korean)
[ci skip]
* New translations en.json (Latvian)
[ci skip]
* New translations en.json (Lithuanian)
[ci skip]
* New translations en.json (Macedonian)
[ci skip]
* New translations en.json (Bulgarian)
[ci skip]
* New translations en.json (Catalan)
[ci skip]
* New translations en.json (Chinese Simplified)
[ci skip]
* New translations en.json (Chinese Traditional)
[ci skip]
* New translations en.json (Chinese Traditional, Hong Kong)
[ci skip]
* New translations en.json (Breton)
[ci skip]
* New translations en.json (Asturian)
[ci skip]
* New translations en.json (Armenian)
[ci skip]
* New translations en.json (Basque)
[ci skip]
* New translations en.json (Bengali)
[ci skip]
* New translations en.json (Arabic)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations en.json (Finnish)
[ci skip]
* New translations en.json (French)
[ci skip]
* New translations en.json (Estonian)
[ci skip]
* New translations en.json (Georgian)
[ci skip]
* New translations en.json (German)
[ci skip]
* New translations en.json (Croatian)
[ci skip]
* New translations en.json (Czech)
[ci skip]
* New translations en.json (Corsican)
[ci skip]
* New translations en.json (Esperanto)
[ci skip]
* New translations en.json (Dutch)
[ci skip]
* New translations en.json (Danish)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations en.json (Telugu)
[ci skip]
* New translations en.json (Turkish)
[ci skip]
* New translations en.json (Tamil)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.json (Spanish, Argentina)
[ci skip]
* New translations en.json (Welsh)
[ci skip]
* New translations en.json (Vietnamese)
[ci skip]
* New translations en.json (Urdu (Pakistan))
[ci skip]
* New translations en.json (Ukrainian)
[ci skip]
* New translations en.json (Serbian (Latin))
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Portuguese)
[ci skip]
* New translations en.json (Polish)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Occitan)
[ci skip]
* New translations en.json (Portuguese, Brazilian)
[ci skip]
* New translations en.json (Slovenian)
[ci skip]
* New translations en.json (Slovak)
[ci skip]
* New translations en.json (Romanian)
[ci skip]
* New translations en.json (Serbian (Cyrillic))
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.yml (Portuguese, Brazilian)
[ci skip]
* New translations en.yml (Portuguese)
[ci skip]
* New translations en.json (Russian)
[ci skip]
* New translations en.json (Swedish)
[ci skip]
* New translations en.json (Spanish, Argentina)
[ci skip]
* New translations en.json (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations activerecord.en.yml (Icelandic)
[ci skip]
* New translations en.yml (Icelandic)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Catalan)
[ci skip]
* New translations en.json (Italian)
[ci skip]
* New translations en.json (German)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.json (Persian)
[ci skip]
* New translations en.json (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations simple_form.en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Japanese)
[ci skip]
* New translations en.yml (Japanese)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Hungarian)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.yml (Polish)
[ci skip]
* New translations en.json (Spanish)
[ci skip]
* New translations en.yml (Spanish)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations simple_form.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* New translations en.json (Galician)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.yml (Galician)
[ci skip]
* New translations en.json (Thai)
[ci skip]
* New translations doorkeeper.en.yml (Thai)
[ci skip]
* New translations en.yml (Thai)
[ci skip]
* i18n-tasks normalize
* yarn manage:translations
* Update CHANGELOG.md (#13397)
Co-authored-by: ThibG <thib@sitedethib.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
Co-authored-by: koyu <me@koyu.space>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: David Cook <divergentdave@gmail.com>
Co-authored-by: tateisu <tateisu@gmail.com>
Co-authored-by: tateisu <tateisu@juggler.jp>
Co-authored-by: Bèr Kessels <ber@berk.es>
Co-authored-by: guigeekz <pattusg@gmail.com>
Co-authored-by: Shlee <github@shl.ee>
Co-authored-by: mayaeh <mayaeh@marimo-net.org>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Daniel Sockwell <dsockwell@gmail.com>
Co-authored-by: Jeong Arm <kjwonmail@gmail.com>
Co-authored-by: Takeshi Umeda <noel.yoshiba@gmail.com>
Co-authored-by: Sasha Sorokin <dafri.nochiterov8@gmail.com>
Co-authored-by: fuyu <54523771+mfmfuyu@users.noreply.github.com>
We primarily use GitHub as a bug and feature tracker. For usage questions, troubleshooting of deployments and other individual technical assistance, please use one of the resources below:
All notable changes to this project will be documented in this file.
## [3.5.3] - 2022-05-26
### Added
- **Add language dropdown to compose form in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/18420), [ykzts](https://github.com/mastodon/mastodon/pull/18460))
- **Add warning for limited accounts in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/18344))
- Add `limited` attribute to accounts in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/18344))
- Fix moderator identity leak when approving appeal of sensitive marked statuses ([Gargron](https://github.com/mastodon/mastodon/pull/18525))
- Fix suspended users being able to access APIs that don't require a user ([Gargron](https://github.com/mastodon/mastodon/pull/18524))
- Fix confirmation redirect to app without `Location` header ([Gargron](https://github.com/mastodon/mastodon/pull/18523))
## [3.5.2] - 2022-05-04
### Added
- Add warning on direct messages screen in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/18289))
- We already had a warning when composing a direct message, it has now been reworded to be more clear
- Same warning is now displayed when viewing sent and received direct messages
- Add ability to set approval-based registration through tootctl ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18248))
- Add pre-filling of domain from search filter in domain allow/block admin UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18172))
## Changed
- Change name of “Direct” visibility to “Mentioned people only” in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/18146), [Gargron](https://github.com/mastodon/mastodon/pull/18289), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/18291))
- Change trending posts to only show one post from each account ([Gargron](https://github.com/mastodon/mastodon/pull/18181))
- Change half-life of trending posts from 6 hours to 2 hours ([Gargron](https://github.com/mastodon/mastodon/pull/18182))
- Change full-text search feature to also include polls you have voted in ([tribela](https://github.com/mastodon/mastodon/pull/18070))
- Change Redis from using one connection per process, to using a connection pool ([Gargron](https://github.com/mastodon/mastodon/pull/18135), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/18160), [Gargron](https://github.com/mastodon/mastodon/pull/18171))
- Different threads no longer have to wait on a mutex over a single connection
- However, this does increase the number of Redis connections by a fair amount
- We are planning to optimize Redis use so that the pool can be made smaller in the future
## Removed
- Remove IP matching from e-mail domain blocks ([Gargron](https://github.com/mastodon/mastodon/pull/18190))
- The IPs of the blocked e-mail domain or its MX records are no longer checked
- Previously it was too easy to block e-mail providers by mistake
## Fixed
- Fix compatibility with Friendica's pinned posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18254), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/18260))
- Fix error when looking up handle with surrounding spaces in REST API ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18225))
- Fix double render error when authorizing interaction ([Gargron](https://github.com/mastodon/mastodon/pull/18203))
- Fix error when a post references an invalid media attachment ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18211))
- Fix error when trying to revoke OAuth token without supplying a token ([Gargron](https://github.com/mastodon/mastodon/pull/18205))
- Fix error caused by missing subject in Webfinger response ([Gargron](https://github.com/mastodon/mastodon/pull/18204))
- Fix error on attempting to delete an account moderation note ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18196))
- Fix light-mode emoji borders in web UI ([Gaelan](https://github.com/mastodon/mastodon/pull/18131))
- Fix being able to scroll away from the loading bar in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/18170))
- Fix error when a bookmark or favorite has been reported and deleted ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18174))
- Fix being offered empty “Server rules violation” report option in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18165))
- Fix temporary network errors preventing from authorizing interactions with remote accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18161))
- Fix incorrect link in "new trending tags" email ([cdzombak](https://github.com/mastodon/mastodon/pull/18156))
- Fix missing indexes on some foreign keys ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18157))
- Fix n+1 query on feed merge and populate operations ([Gargron](https://github.com/mastodon/mastodon/pull/18111))
- Fix feed unmerge worker being exceptionally slow in some conditions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18110))
- Fix PeerTube videos appearing with an erroneous “Edited at” marker ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18100))
- Fix instance actor being created incorrectly when running through migrations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18109))
- Fix web push notifications containing HTML entities ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18071))
- Fix inconsistent parsing of `TRUSTED_PROXY_IP` ([ykzts](https://github.com/mastodon/mastodon/pull/18051))
- Fix error when fetching pinned posts ([tribela](https://github.com/mastodon/mastodon/pull/18030))
- Fix wrong optimization in feed populate operation ([dogelover911](https://github.com/mastodon/mastodon/pull/18009))
- Fix error in alias settings page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18004))
## [3.5.1] - 2022-04-08
### Added
- Add pagination for trending statuses in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17976))
### Changed
- Change e-mail notifications to only be sent when recipient is offline ([Gargron](https://github.com/mastodon/mastodon/pull/17984))
- Send e-mails for mentions and follows by default again
- But only when recipient does not have push notifications through an app
- Change `website` attribute to be nullable on `Application` entity in REST API ([rinsuki](https://github.com/mastodon/mastodon/pull/17962))
### Removed
- Remove sign-in token authentication, instead send e-mail about new sign-in ([Gargron](https://github.com/mastodon/mastodon/pull/17970))
- You no longer need to enter a security code sent through e-mail
- Instead you get an e-mail about a new sign-in from an unfamiliar IP address
### Fixed
- Fix error resposes for `from` search prefix ([single-right-quote](https://github.com/mastodon/mastodon/pull/17963))
- Fix error when re-running some migrations if they get interrupted at the wrong moment ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17989))
- Fix potentially missing statuses when reconnecting to streaming API in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17981), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17987), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17980))
- Fix error when sending warning emails with custom text ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17983))
- Fix unset `SMTP_RETURN_PATH` environment variable causing e-mail not to send ([Gargron](https://github.com/mastodon/mastodon/pull/17982))
- Fix possible duplicate statuses in timelines in some edge cases in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17971))
- Fix spurious edits and require incoming edits to be explicitly marked as such ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17918))
- Fix error when encountering invalid pinned statuses ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17964))
- Fix inconsistency in error handling when removing a status ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17974))
- Fix admin API unconditionally requiring CSRF token ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17975))
- Fix trending tags endpoint missing `offset` param in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/17973))
- Fix unusual number formatting in some locales ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17929))
- Fix `S3_FORCE_SINGLE_REQUEST` environment variable not working ([HolgerHuo](https://github.com/mastodon/mastodon/pull/17922))
- Fix failure to build assets with OpenSSL 3 ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17930))
- Fix PWA manifest using outdated routes ([HolgerHuo](https://github.com/mastodon/mastodon/pull/17921))
- Fix error when indexing statuses into Elasticsearch ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17912))
- Hashtag trends algorithm is extended to work for posts and links
- Links are only considered if they have an adequate preview card
- Preview card generation has been improved to support structured data
- Links can only trend if the publisher (domain) has been approved
- Posts can only trend if the author has been approved
- Individual approval and rejection for posts and links is also available
- Moderators are notified about pending trends at most once every 2 hours
- Posts and link trends are language-specific
- Search page is redesigned into explore page in web UI
- Discovery tab is coming soon in official iOS and Android apps
- New REST APIs:
-`GET /api/v1/trends/links`
-`GET /api/v1/trends/statuses`
-`GET /api/v1/trends/tags` (alias of `GET /api/v1/trends`)
-`GET /api/v1/admin/trends/links`
-`GET /api/v1/admin/trends/statuses`
-`GET /api/v1/admin/trends/tags`
- **Add graphs and retention metrics to admin dashboard** ([Gargron](https://github.com/mastodon/mastodon/pull/16829), [Gargron](https://github.com/mastodon/mastodon/pull/17617), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17570), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16910), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16909), [mashirozx](https://github.com/mastodon/mastodon/pull/16884), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16854))
- Dashboard shows more numbers with development over time
- Other data such as most used interface languages and sign-up sources
- User retention graph shows how many new users stick around
- New REST APIs:
-`POST /api/v1/admin/measures`
-`POST /api/v1/admin/dimensions`
-`POST /api/v1/admin/retention`
- Add `GET /api/v1/accounts/familiar_followers` to REST API ([Gargron](https://github.com/mastodon/mastodon/pull/17700))
- Add `POST /api/v1/accounts/:id/remove_from_followers` to REST API ([noellabo](https://github.com/mastodon/mastodon/pull/16864))
- Add `category` and `rule_ids` params to `POST /api/v1/reports` IN REST API ([Gargron](https://github.com/mastodon/mastodon/pull/17492), [Gargron](https://github.com/mastodon/mastodon/pull/17682), [Gargron](https://github.com/mastodon/mastodon/pull/17713))
-`category` can be one of: `spam`, `violation`, `other` (default)
-`rule_ids` must reference `rules` returned in `GET /api/v1/instance`
- Add global `lang` param to REST API ([Gargron](https://github.com/mastodon/mastodon/pull/17464), [Gargron](https://github.com/mastodon/mastodon/pull/17592))
- Add `types` param to `GET /api/v1/notifications` in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/17767))
- **Add notifications for moderators about new sign-ups** ([Gargron](https://github.com/mastodon/mastodon/pull/16953), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17629))
- When a new user confirms e-mail, moderators receive a notification
- New notification type:
-`admin.sign_up`
- Add authentication history ([Gargron](https://github.com/mastodon/mastodon/pull/16408), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16428), [baby-gnu](https://github.com/mastodon/mastodon/pull/16654))
- Add ability to automatically delete old posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16529), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17691), [tribela](https://github.com/mastodon/mastodon/pull/16653))
- Add ability to filter search results by author using `from:` syntax ([tribela](https://github.com/mastodon/mastodon/pull/16526))
- Add ability to delete canonical email blocks in admin UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16644))
- Add ability to purge undeliverable domains in admin UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16686), [tribela](https://github.com/mastodon/mastodon/pull/17210), [tribela](https://github.com/mastodon/mastodon/pull/17741), [tribela](https://github.com/mastodon/mastodon/pull/17209))
- Add ability to disable e-mail token authentication for specific users in admin UI ([Gargron](https://github.com/mastodon/mastodon/pull/16427))
- **Add ability to suspend accounts in batches in admin UI** ([Gargron](https://github.com/mastodon/mastodon/pull/17009), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17301), [Gargron](https://github.com/mastodon/mastodon/pull/17444))
- New, redesigned accounts list in admin UI
- Batch suspensions are meant to help clean up spam and bot accounts
- They do not generate notifications
- Add ability to filter reports by origin of target account in admin UI ([Gargron](https://github.com/mastodon/mastodon/pull/16487))
- Add support for login through OpenID Connect ([chandrn7](https://github.com/mastodon/mastodon/pull/16221))
- Add lazy loading for emoji picker in web UI ([mashirozx](https://github.com/mastodon/mastodon/pull/16907), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17011))
- Add single option votes tooltip in polls in web UI ([Brawaru](https://github.com/mastodon/mastodon/pull/16849))
- Add confirmation modal when closing media edit modal with unsaved changes in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16518))
- Add hint about missing media attachment description in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17845))
- Add support for fetching Create and Announce activities by URI in ActivityPub ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16383))
- Change report modal to include category selection in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17565), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17734), [Gargron](https://github.com/mastodon/mastodon/pull/17654), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17632))
- Change reblogs to not count towards hashtag trends anymore ([Gargron](https://github.com/mastodon/mastodon/pull/17501))
- Change languages to be listed under standard instead of native name in admin UI ([Gargron](https://github.com/mastodon/mastodon/pull/17485))
- Change routing paths to use usernames in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/16171), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16772), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16773), [mashirozx](https://github.com/mastodon/mastodon/pull/16793), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17060))
- Change list title input design in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17092))
- Change "Opt-in to profile directory" preference to be general discoverability preference ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16637))
- Change API rate limits to use /64 masking on IPv6 addresses ([tribela](https://github.com/mastodon/mastodon/pull/17588), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17600), [zunda](https://github.com/mastodon/mastodon/pull/17590))
- Change allowed formats for locally uploaded custom emojis to include GIF ([rgroothuijsen](https://github.com/mastodon/mastodon/pull/17706), [Gargron](https://github.com/mastodon/mastodon/pull/17759))
- Change error message when chosen password is too long ([rgroothuijsen](https://github.com/mastodon/mastodon/pull/17082))
- Change minimum required Elasticsearch version from 6 to 7 ([noellabo](https://github.com/mastodon/mastodon/pull/16915))
### Removed
- Remove profile directory link from main navigation panel in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17688))
- **Remove language detection through cld3** ([Gargron](https://github.com/mastodon/mastodon/pull/17478), [ykzts](https://github.com/mastodon/mastodon/pull/17539), [Gargron](https://github.com/mastodon/mastodon/pull/17496), [Gargron](https://github.com/mastodon/mastodon/pull/17722))
- cld3 is very inaccurate on short-form content even with unique alphabets
- Post language can be overriden individually using `language` param
- Otherwise, it defaults to the user's interface language
- Remove support for `OAUTH_REDIRECT_AT_SIGN_IN` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17287))
- Remove old columns and indexes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17245), [Gargron](https://github.com/mastodon/mastodon/pull/16409), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17191))
- Remove shortcodes from newly-created media attachments ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16730), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/16763))
### Deprecated
-`GET /api/v1/trends` → `GET /api/v1/trends/tags`
- OAuth `follow` scope → `read` and/or `write`
-`text` attribute on `DELETE /api/v1/statuses/:id` → `GET /api/v1/statuses/:id/source`
### Fixed
- Fix IDN domains not being rendered correctly in a few left-over places ([Gargron](https://github.com/mastodon/mastodon/pull/17848))
- Fix Sanskrit translation not being used in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17820))
- Fix Kurdish languages having the wrong language codes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17812))
- Fix pghero making database schema suggestions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17807))
- Fix encoding glitch in the OpenGraph description of a profile page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17821))
- Fix web manifest not permitting PWA usage from alternate domains ([HolgerHuo](https://github.com/mastodon/mastodon/pull/16714))
- Fix not being able to edit media attachments for scheduled posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17690))
- Fix subscribed relay activities being recorded as boosts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17571))
- Fix streaming API server error messages when JSON parsing fails not specifying the source ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17559))
- Fix browsers autofilling new password field with old password ([mashirozx](https://github.com/mastodon/mastodon/pull/17702))
- Fix text being invisible before fonts load in web UI ([tribela](https://github.com/mastodon/mastodon/pull/16330))
- Fix public profile pages of unconfirmed users being accessible ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17385), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17457))
- Fix nil error when trying to fetch key for signature verification ([Gargron](https://github.com/mastodon/mastodon/pull/17747))
- Fix null values being included in some indexes ([Gargron](https://github.com/mastodon/mastodon/pull/17711))
- Fix `POST /api/v1/emails/confirmations` not being available after sign-up ([Gargron](https://github.com/mastodon/mastodon/pull/17743))
- Fix rare race condition when reblogged post is deleted ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17693), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17730))
- Fix being able to add more than 4 hashtags to hashtag column in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17729))
- Fix data integrity of featured tags ([Gargron](https://github.com/mastodon/mastodon/pull/17712))
- Fix performance of account timelines ([Gargron](https://github.com/mastodon/mastodon/pull/17709))
- Fix returning empty `<p>` tag for blank account `note` in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/17687))
- Fix leak of existence of otherwise inaccessible posts in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/17684))
- Fix not showing loading indicator when searching in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/17655))
- Fix media modal footer's “external link” not being a link ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17561))
- Fix reply button on media modal not giving focus to compose form ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17626))
- Fix some media attachments being converted with too high framerates ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17619))
- Fix sign in token and warning emails failing to send when contact e-mail address is malformed ([helloworldstack](https://github.com/mastodon/mastodon/pull/17589))
- Fix opening the emoji picker scrolling the single-column view to the top ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17579))
- Fix edge case where settings/admin page sidebar would be incorrectly hidden ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17580))
- Fix performance of server-side filtering ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17575))
- Fix privacy policy link not being visible on small screens ([Gargron](https://github.com/mastodon/mastodon/pull/17533))
- Fix duplicate accounts when searching by IP range in admin UI ([Gargron](https://github.com/mastodon/mastodon/pull/17524), [tribela](https://github.com/mastodon/mastodon/pull/17150))
- Fix error when performing a batch action on posts in admin UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17532))
- Fix deletes not being signed in authorized fetch mode ([Gargron](https://github.com/mastodon/mastodon/pull/17484))
- Fix Undo Announce sometimes inlining the originally Announced status ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17516))
- Fix localization of cold-start follow recommendations ([Gargron](https://github.com/mastodon/mastodon/pull/17479), [Gargron](https://github.com/mastodon/mastodon/pull/17486))
- Fix errors when multiple Delete are received for a given actor ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17460))
- Fixed prototype pollution bug and only allow trusted origin ([r0hanSH](https://github.com/mastodon/mastodon/pull/17420))
- Fix text being incorrectly pre-selected in composer textarea on /share ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17339))
- Fix SMTP_ENABLE_STARTTLS_AUTO/SMTP_TLS/SMTP_SSL environment variables don't work ([kgtkr](https://github.com/mastodon/mastodon/pull/17216))
- Fix media upload specific rate limits only being applied to v1 endpoint in REST API ([tribela](https://github.com/mastodon/mastodon/pull/17272))
- Fix media descriptions not being used for client-side filtering ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17206))
- Fix cold-start follow recommendation favouring older accounts due to wrong sorting ([noellabo](https://github.com/mastodon/mastodon/pull/17126))
- Fix not redirect to the right page after authenticating with WebAuthn ([heguro](https://github.com/mastodon/mastodon/pull/17098))
- Fix searching for additional hashtags in hashtag column ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17054))
- Fix color of hashtag column settings inputs ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17058))
- Fix performance of `tootctl statuses remove` ([noellabo](https://github.com/mastodon/mastodon/pull/17052))
- Fix `tootctl accounts cull` not excluding domains on timeouts and certificate issues ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16433))
- Fix 404 error when filtering admin action logs by non-existent target account ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16643))
- Fix error when accessing streaming API without any OAuth scopes ([Brawaru](https://github.com/mastodon/mastodon/pull/16823))
- Fix follow request count not updating when new follow requests arrive over streaming API in web UI ([matildepark](https://github.com/mastodon/mastodon/pull/16652))
- Fix error when unsuspending a local account ([HolgerHuo](https://github.com/mastodon/mastodon/pull/16605))
- Fix crash when a notification contains a not yet processed media attachment in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16573))
- Fix wrong color of download button in audio player in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16572))
- Fix notes for others accounts not being deleted when an account is deleted ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16579))
- Fix error when logging occurrence of unsupported video file ([noellabo](https://github.com/mastodon/mastodon/pull/16581))
- Fix wrong elements in trends widget being hidden on smaller screens in web UI ([tribela](https://github.com/mastodon/mastodon/pull/16570))
- Fix link to about page being displayed in limited federation mode ([weex](https://github.com/mastodon/mastodon/pull/16432))
- Fix styling of boost button in media modal not reflecting ability to boost ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16387))
- Fix OCR failure when erroneous lang data is in cache ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16386))
- Fix downloading media from blocked domains in `tootctl media refresh` ([tribela](https://github.com/mastodon/mastodon/pull/16914))
- Fix login form being displayed on landing page when already logged in ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17348))
- Fix polling for media processing status too frequently in web UI ([tribela](https://github.com/mastodon/mastodon/pull/17271))
- Fix hashtag autocomplete overriding user-typed case ([weex](https://github.com/mastodon/mastodon/pull/16460))
- Fix WebAuthn authentication setup to not prompt for PIN ([truongnmt](https://github.com/mastodon/mastodon/pull/16545))
### Security
- Fix being able to post URLs longer than 4096 characters ([Gargron](https://github.com/mastodon/mastodon/pull/17908))
- Fix being able to bypass e-mail restrictions ([Gargron](https://github.com/mastodon/mastodon/pull/17909))
## [3.4.6] - 2022-02-03
### Fixed
- Fix `mastodon:webpush:generate_vapid_key` task requiring a functional environment ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17338))
- Fix spurious errors when receiving an Add activity for a private post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17425))
@@ -59,7 +428,7 @@ All notable changes to this project will be documented in this file.
- Fix suspended accounts statuses being merged back into timelines ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16628))
- Fix crash when encountering invalid account fields ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16598))
- Fix invalid blurhash handling for remote activities ([noellabo](https://github.com/mastodon/mastodon/pull/16583))
- Fix newlines being added to accout notes when an account moves ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16415), [noellabo](https://github.com/mastodon/mastodon/pull/16576))
- Fix newlines being added to account notes when an account moves ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16415), [noellabo](https://github.com/mastodon/mastodon/pull/16576))
- Fix crash when creating an announcement with links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16941))
- Fix logging out from one browser logging out all other sessions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/16943))
@@ -392,7 +761,7 @@ All notable changes to this project will be documented in this file.
- Fix inefficiency when fetching bookmarks ([akihikodaki](https://github.com/mastodon/mastodon/pull/14674))
- Fix inefficiency when fetching favourites ([akihikodaki](https://github.com/mastodon/mastodon/pull/14673))
- Fix inefficiency when fetching media-only account timeline ([akihikodaki](https://github.com/mastodon/mastodon/pull/14675))
- Fix redundant query when processing batch actions on custom emojis ([niwatori24](https://github.com/mastodon/mastodon/pull/14534))
- Fix slow distinct queries where grouped queries are faster ([Gargron](https://github.com/mastodon/mastodon/pull/15287))
- Fix performance on instances list in admin UI ([Gargron](https://github.com/mastodon/mastodon/pull/15282))
@@ -479,7 +848,7 @@ All notable changes to this project will be documented in this file.
- Add blurhash to link previews ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13984), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14143), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/13985), [Sasha-Sorokin](https://github.com/mastodon/mastodon/pull/14267), [Sasha-Sorokin](https://github.com/mastodon/mastodon/pull/14278), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14126), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14261), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14260))
- In web UI, toots cannot be marked as sensitive unless there is media attached
- However, it's possible to do via API or ActivityPub
- Thumnails of link previews of such posts now use blurhash in web UI
- Thumbnails of link previews of such posts now use blurhash in web UI
- The Card entity in REST API has a new `blurhash` attribute
- Add support for `summary` field for media description in ActivityPub ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13763))
- Add hints about incomplete remote content to web UI ([Gargron](https://github.com/mastodon/mastodon/pull/14031), [noellabo](https://github.com/mastodon/mastodon/pull/14195))
@@ -502,7 +871,7 @@ All notable changes to this project will be documented in this file.
- The `meta` attribute on the Media Attachment entity in REST API can now have a `colors` attribute which in turn contains three hex colors: `background`, `foreground`, and `accent`
- The background color is chosen from the most dominant color around the edges of the thumbnail
- The foreground and accent colors are chosen from the colors that are the most different from the background color using the CIEDE2000 algorithm
- The most satured color of the two is designated as the accent color
- The most saturated color of the two is designated as the accent color
- The one with the highest W3C contrast is designated as the foreground color
- If there are not enough colors in the thumbnail, new ones are generated using a monochrome pattern
- Add a visibility indicator to toots in web UI ([noellabo](https://github.com/mastodon/mastodon/pull/14123), [highemerly](https://github.com/mastodon/mastodon/pull/14292))
@@ -528,7 +897,7 @@ All notable changes to this project will be documented in this file.
- Change boost button to no longer serve as visibility indicator in web UI ([noellabo](https://github.com/mastodon/mastodon/pull/14132), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14373))
- Change contrast of flash messages ([cchoi12](https://github.com/mastodon/mastodon/pull/13892))
- Change wording from "Hide media" to "Hide image/images" in web UI ([ariasuni](https://github.com/mastodon/mastodon/pull/13834))
- Change appearence of settings pages to be more consistent ([ariasuni](https://github.com/mastodon/mastodon/pull/13938))
- Change appearance of settings pages to be more consistent ([ariasuni](https://github.com/mastodon/mastodon/pull/13938))
- Change "Add media" tooltip to not include long list of formats in web UI ([ariasuni](https://github.com/mastodon/mastodon/pull/13954))
- Change how badly contrasting emoji are rendered in web UI ([leo60228](https://github.com/mastodon/mastodon/pull/13773), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/13772), [mfmfuyu](https://github.com/mastodon/mastodon/pull/14020), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14015))
- Change structure of unavailable content section on about page ([ariasuni](https://github.com/mastodon/mastodon/pull/13930))
@@ -544,14 +913,14 @@ All notable changes to this project will be documented in this file.
- Remove some unnecessary database indices ([lfuelling](https://github.com/mastodon/mastodon/pull/13695), [noellabo](https://github.com/mastodon/mastodon/pull/14259))
- Remove some unnecessary database indexes ([lfuelling](https://github.com/mastodon/mastodon/pull/13695), [noellabo](https://github.com/mastodon/mastodon/pull/14259))
- Remove unnecessary Node.js version upper bound ([ykzts](https://github.com/mastodon/mastodon/pull/14139))
### Fixed
- Fix `following` param not working when exact match is found in account search ([noellabo](https://github.com/mastodon/mastodon/pull/14394))
- Fix sometimes occuring duplicate mention notifications ([noellabo](https://github.com/mastodon/mastodon/pull/14378))
- Fix RSS feeds not being cachable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14368))
- Fix sometimes occurring duplicate mention notifications ([noellabo](https://github.com/mastodon/mastodon/pull/14378))
- Fix RSS feeds not being cacheable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14368))
- Fix lack of locking around processing of Announce activities in ActivityPub ([noellabo](https://github.com/mastodon/mastodon/pull/14365))
- Fix boosted toots from blocked account not being retroactively removed from TL ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14339))
- Fix large shortened numbers (like 1.2K) using incorrect pluralization ([Sasha-Sorokin](https://github.com/mastodon/mastodon/pull/14061))
@@ -563,7 +932,7 @@ All notable changes to this project will be documented in this file.
- Fix new posts pushing down origin of opened dropdown in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/14271), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14348))
- Fix timeline markers not being saved sometimes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13887), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/13889), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/14155))
- Fix CSV uploads being rejected ([noellabo](https://github.com/mastodon/mastodon/pull/13835))
- Fix incompatibility with ElasticSearch 7.x ([noellabo](https://github.com/mastodon/mastodon/pull/13828))
- Fix incompatibility with Elasticsearch 7.x ([noellabo](https://github.com/mastodon/mastodon/pull/13828))
- Fix being able to search posts where you're in the target audience but not actively mentioned ([noellabo](https://github.com/mastodon/mastodon/pull/13829))
- Fix non-local posts appearing on local-only hashtag timelines in web UI ([noellabo](https://github.com/mastodon/mastodon/pull/13827))
- Fix `tootctl media remove-orphans` choking on unknown files in storage ([Gargron](https://github.com/mastodon/mastodon/pull/13765))
@@ -678,7 +1047,7 @@ All notable changes to this project will be documented in this file.
- Fix poll refresh button not being debounced in web UI ([rasjonell](https://github.com/mastodon/mastodon/pull/13485), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/13490))
- Fix confusing error when failing to add an alias to an unknown account ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13480))
- Fix "Email changed" notification sometimes having wrong e-mail ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13475))
- Fix varioues issues on the account aliases page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13452))
- Fix various issues on the account aliases page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13452))
- Fix API footer link in web UI ([bubblineyuri](https://github.com/mastodon/mastodon/pull/13441))
- Fix pagination of following, followers, follow requests, blocks and mutes lists in web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13445))
- Fix styling of polls in JS-less fallback on public pages ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/13436))
@@ -1167,7 +1536,7 @@ All notable changes to this project will be documented in this file.
- Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker ([Gargron](https://github.com/mastodon/mastodon/pull/11231))
- Fix support for HTTP proxies ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/11245))
- Fix HTTP requests to IPv6 hosts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/11240))
- Fix error in ElasticSearch index import ([mayaeh](https://github.com/mastodon/mastodon/pull/11192))
- Fix error in Elasticsearch index import ([mayaeh](https://github.com/mastodon/mastodon/pull/11192))
- Fix duplicate account error when seeding development database ([ysksn](https://github.com/mastodon/mastodon/pull/11366))
- Fix performance of session clean-up scheduler ([abcang](https://github.com/mastodon/mastodon/pull/11871))
- Fix older migrations not running ([zunda](https://github.com/mastodon/mastodon/pull/11377))
@@ -1177,8 +1546,8 @@ All notable changes to this project will be documented in this file.
- Fix muted text color not applying to all text ([trwnh](https://github.com/mastodon/mastodon/pull/11996))
- Fix follower/following lists resetting on back-navigation in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/11986))
- Fix n+1 query when approving multiple follow requests ([abcang](https://github.com/mastodon/mastodon/pull/12004))
- Fix records not being indexed into ElasticSearch sometimes ([Gargron](https://github.com/mastodon/mastodon/pull/12024))
- Fix needlessly indexing unsearchable statuses into ElasticSearch ([Gargron](https://github.com/mastodon/mastodon/pull/12041))
- Fix records not being indexed into Elasticsearch sometimes ([Gargron](https://github.com/mastodon/mastodon/pull/12024))
- Fix needlessly indexing unsearchable statuses into Elasticsearch ([Gargron](https://github.com/mastodon/mastodon/pull/12041))
- Fix new user bootstrapping crashing when to-be-followed accounts are invalid ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/12037))
- Fix featured hashtag URL being interpreted as media or replies tab ([Gargron](https://github.com/mastodon/mastodon/pull/12048))
- Fix account counters being overwritten by parallel writes ([Gargron](https://github.com/mastodon/mastodon/pull/12045))
@@ -1645,7 +2014,7 @@ All notable changes to this project will be documented in this file.
- Limit maximum visibility of local silenced users to unlisted ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9583))
- Change API error message for unconfirmed accounts ([noellabo](https://github.com/mastodon/mastodon/pull/9625))
- Change the icon to "reply-all" when it's a reply to other accounts ([mayaeh](https://github.com/mastodon/mastodon/pull/9378))
- Do not ignore federated reports targetting already-reported accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9534))
- Do not ignore federated reports targeting already-reported accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/9534))
- Upgrade default Ruby version to 2.6.0 ([Gargron](https://github.com/mastodon/mastodon/pull/9688))
- Change e-mail digest frequency ([Gargron](https://github.com/mastodon/mastodon/pull/9689))
- Change Docker images for Tor support in docker-compose.yml ([Sir-Boops](https://github.com/mastodon/mastodon/pull/9438))
Mastodon largely follows the ActivityPub server-to-server specification but it makes uses of some non-standard extensions, some of which are required for interacting with Mastodon at all.
In Mastodon, users are identified by a `username` and `domain` pair (e.g., `Gargron@mastodon.social`).
This is used both for discovery and for unambiguously mentioning users across the fediverse. Furthermore, this is part of Mastodon's database design from its very beginnings.
As a result, Mastodon requires that each ActivityPub actor uniquely maps back to an `acct:` URI that can be resolved via WebFinger.
More information and examples are available at: https://docs.joinmastodon.org/spec/webfinger/
#### HTTP Signatures
In order to authenticate activities, Mastodon relies on HTTP Signatures, signing every `POST` and `GET` request to other ActivityPub implementations on behalf of the user authoring an activity (for `POST` requests) or an actor representing the Mastodon server itself (for most `GET` requests).
Mastodon requires all `POST` requests to be signed, and MAY require `GET` requests to be signed, depending on the configuration of the Mastodon server.
More information on HTTP Signatures, as well as examples, can be found here: https://docs.joinmastodon.org/spec/security/#http
**No vendor lock-in: Fully interoperable with any conforming platform**
### No vendor lock-in: Fully interoperable with any conforming platform
It doesn't have to be Mastodon, whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
It doesn't have to be Mastodon; whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
**Real-time, chronological timeline updates**
### Real-time, chronological timeline updates
See the updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
Updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
**Media attachments like images and short videos**
### Media attachments like images and short videos
Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos are looped - like vines!
Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos loop continuously!
**Safety and moderation tools**
### Safety and moderation tools
Private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
Mastodon includes private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
**OAuth2 and a straightforward REST API**
### OAuth2 and a straightforward REST API
Mastodon acts as an OAuth2 provider so 3rd party apps can use the REST and Streaming APIs, resulting in a rich app ecosystem with a lot of choices!
Mastodon acts as an OAuth2 provider, so 3rd party apps can use the REST and Streaming APIs. This results in a rich app ecosystem with a lot of choices!
## Deployment
**Tech stack:**
### Tech stack:
- **Ruby on Rails** powers the REST API and other web pages
- **React.js** and Redux are used for the dynamic parts of the interface
- **Node.js** powers the streaming API
**Requirements:**
### Requirements:
- **PostgreSQL** 9.5+
- **Redis** 4+
- **Ruby** 2.5+
- **Node.js** 12+
The repository includes deployment configurations for **Docker and docker-compose**, but also a few specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. The [**stand-alone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
A **Vagrant** configuration is included for development purposes.
A **Vagrant** configuration is included for development purposes. To use it, complete following steps:
- Install Vagrant and Virtualbox
- Install the `vagrant-hostsupdater` plugin: `vagrant plugin install vagrant-hostsupdater`
- Run `vagrant up`
- Run `vagrant ssh -c "cd /vagrant && foreman start"`
- Open `http://mastodon.local` in your browser
## Contributing
Mastodon is **free, open-source software** licensed under **AGPLv3**.
You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository, or submit translations using Crowdin. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository or submit translations using Crowdin. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
**IRC channel**: #mastodon on irc.libera.chat
## License
Copyright (C) 2016-2021 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
Copyright (C) 2016-2022 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you should submit the report through our [Bug Bounty Program][bug-bounty]. Alternatively, you can reach us at <hello@joinmastodon.org>.
You should *not* report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
## Scope
A "vulnerability in Mastodon" is a vulnerability in the code distributed through our main source code repository on GitHub. Vulnerabilities that are specific to a given installation (e.g. misconfiguration) should be reported to the owner of that installation and not us.
@@ -19,6 +19,6 @@ class Api::V1::Emails::ConfirmationsController < Api::BaseController
end
defrequire_user_not_confirmed!
renderjson:{error:'This method is only available while the e-mail is awaiting confirmation'},status::forbiddenifcurrent_user.confirmed?||current_user.unconfirmed_email.blank?
renderjson:{error:'This method is only available while the e-mail is awaiting confirmation'},status::forbiddenunless!current_user.confirmed?||current_user.unconfirmed_email.present?
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
