There is an idempotency key generated by clients when authoring a post,
and stored in Redis, to ensure that if a user or client retries posting
the same status, we don't get a duplicate.
Hachyderm.io has been experiencing some filesystem and database
performance issues, causing database writes to be slow. This can mean
that there are successful posts, but the reverse proxy returns 504
Gateway Timeout before the idempotency status has been updated; users or
clients who retry (such as Tusky which retries automatically, see
tuskyapp/Tusky#2951) can re-try the same post with the same idempotency
key before it has actually been recorded in Redis, leading to duplicate
posts.
To address this issue, move all of the database updates after the
initial transaction that creates the status into the
`postprocess_status!` method, so we can insert the idempotency key
immediately after the status has been created, significantly reducing
the window in which the status could be created but the idempotency key
not yet stored.
Note: this has not yet been tested; I'm submitting this PR for
discussion and to offer to the Hachyderm.io admins to try out to fix the
multiple posting problem.
Co-authored-by: Brian Campbell <brcampbell@beta.team>
When opening a page such as /web/timelines/home in a desktop browser, the
cursor was automatically placed in the textarea of the compose form.
When using the keyboard for navigation (using a browser plugin like vimium or
vim vixen, or just to hit 'space' to scroll down a page), you have remember to
leave the field before using that.
Since you only visit the page to write a new post some of the time, this PR
attempts to have nothing focused initially (and require the user to click or
e.g. use 'tab' to focus the textarea).
Tested:
* /web/timeslines/home no longer autofocuses the compose box
* pressing the 'n' hotkey still focuses the compose box
* clicking 'reply' for a post still focuses the compose box
* replying to a CW'ed post still focuses the compose box
* introducing the CW field still focuses the CW field
* introducing the CW field for a reply still focuses the CW field
* removing the CW field still focuses the compose box
* /web/statuses/new still autofocuses the compose box
fixes#15862
* Use Rails tag API to build RSS feed for spoilers and polls
While the previous method did not contain a bug or a potential issue,
the tag API can be very resilient against future problems and reduces the
amount of manual management of the escape status of the content.
I've added tests to ensure that the formatting is broken and still
escapes control characters correctly.
* this seems cleaner and passes
* Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself
* whoops, tag helper doesn't use a self-closing tag
The smaller border is difficult to see for some users, especially
when the browser window was thinner, and so the unread border is at the
very left edge of the window.
* Fix remaining plain %time to %time.formatted
* Add %time.relative-formatted to client format dates on the current day
* Add missing comma dangle to formats
* Use client side message format instead of the server
* Add fallback message to relatve_format.today
* Remove unused translation key and fix js lint issue
Co-authored-by: Effy Elden <effy@effy.space>
#⃣
This bug is caused by the emoji consisting of:
U+23 #
U+FE0F
U+20E3 ⃣
Because it starts with a #, it's interpreted as an anchor link, which is not passed to the API. Therefore, the API sees no emoji to react with and answers correctly with a 404.
* hotfix for #20822
I don't know why it was shifted in the first place or why the width is specified twice, but this fixes the problem, so it looks fine to me.
* realigned pfp with content below
* fixed formatting
my bad
* added comment to explain the negative margin
before I forget - comments are *important* !
Co-authored-by: Riedler <riedler@gelse.eu>
Nil unwrap causes the admin dashboard to crash/500 when the Chewy client info version number value is nil.
This occurs when running another ES-compatible backend such as MeiliSearch.
Obviously it would be good for chewy to recognise upstream but at least avoiding the crash would be fine.
* Clear sessions on password change
* Rename User::clear_sessions to revoke_access for a clearer meaning
* Add reset paassword controller test
* Use User.find instead of User.find_for_authentication for reset password test
* Use redirect and render for better test meaning in reset password
Co-authored-by: Effy Elden <effy@effy.space>
* Change suspension text to mention that a remotely suspended account is not locally-suspended
* Add ability to refresh profile of remotely suspended accounts
It looks like a [bug](https://bugs.ruby-lang.org/issues/18633) around
autosplat is [fixed](fbaadd1cfe)
on ruby-3.2.0-rc1 and breaks a test (but not on ruby <= 3.1.3):
```
$ bundle exec rspec ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:41
:
1) Api::V1::Emails::ConfirmationsController#create with an oauth token from an app that created the account when the account is already confirmed but user changed e-mail and has not confirmed it returns http success
Failure/Error:
def email_changed(user, **)
@resource = user
@instance = Rails.configuration.x.local_domain
return unless @resource.active_for_authentication?
I18n.with_locale(locale) do
mail to: @resource.email, subject: I18n.t('devise.mailer.email_changed.subject')
end
end
ArgumentError:
wrong number of arguments (given 2, expected 1)
# ./app/mailers/user_mailer.rb:51:in `email_changed'
# ./app/models/user.rb:444:in `render_and_send_devise_message'
# ./app/models/user.rb:430:in `block in send_pending_devise_notifications'
# ./app/models/user.rb:429:in `each'
# ./app/models/user.rb:429:in `send_pending_devise_notifications'
# ./spec/controllers/api/v1/emails/confirmations_controller_spec.rb:38:in `block (7 levels) in <top (required)>'
```