Claire
f2fff6be66
Fix crash when filtering for “dormant” relationships ( #27306 )
2023-10-10 13:51:56 +02:00
Claire
d6c0ae995c
Fix post edits not being forwarded as expected ( #26936 )
2023-09-19 17:01:44 +02:00
Claire
5fd89e53d2
Fix moderator rights inconsistencies ( #26729 )
2023-09-19 17:01:44 +02:00
Claire
34959eccd2
Fix cached posts including stale stats ( #26409 )
2023-09-19 17:01:44 +02:00
Emelia Smith
cf80d54cba
Allow reports with long comments from remote instances, but truncate ( #25028 )
2023-09-05 19:16:09 +02:00
Daniel M Brasil
ea7fa048f3
Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled ( #26237 )
2023-09-05 19:16:09 +02:00
Claire
889102013f
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:43 +02:00
Claire
53b979d5c7
Fix processing of media files with unusual names ( #25788 )
2023-07-07 19:37:21 +02:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Renaud Chaput
8eb1bb8ba6
Allow carets in URL search params ( #25216 )
2023-07-06 13:45:40 +02:00
Claire
79f5b8f156
Fix ResolveURLService not resolving local URLs for remote content ( #25637 )
2023-07-06 13:45:40 +02:00
Claire
f8930a67a0
Change /api/v1/statuses/:id/history to always return at least one item ( #25510 )
2023-07-06 13:45:40 +02:00
Daniel M Brasil
fd1ffd72eb
Fix incorrect pagination headers in `/api/v2/admin/accounts` ( #25477 )
2023-07-06 13:45:40 +02:00
Claire
7bd34f8b23
Fix infinite loop in AccountsStatusesCleanupScheduler ( #24840 )
2023-07-06 13:45:40 +02:00
Claire
7012bf6ed3
Improve automatic post cleanup worker performances ( #24785 )
2023-07-06 13:45:40 +02:00
Claire
d9e45f2fa9
Fix AccountsStatusesCleanupScheduler not spreading deletes across accounts correctly ( #24607 )
2023-07-06 13:45:40 +02:00
Claire
2779bce9a2
Add fallback redirection when getting a webfinger query `LOCAL_DOMAIN@LOCAL_DOMAIN` ( #23600 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-06 13:45:40 +02:00
Claire
210ff36860
Change AccessTokensVacuum to also delete expired tokens ( #24868 )
2023-07-06 13:45:40 +02:00
Claire
99c2bbbec9
Change profile updates to be sent to recently-mentioned servers ( #24852 )
2023-07-06 13:45:40 +02:00
Claire
7e58779300
Fix reports not being closed when performing batch suspensions ( #24988 )
2023-07-06 13:45:40 +02:00
Claire
4c6c790f80
Fix /api/v1/conversations sometimes returning empty accounts ( #25499 )
2023-07-06 13:45:40 +02:00
Claire
036ac5b5c9
Fix ArgumentError when loading newer Private Mentions ( #25399 )
2023-07-06 13:45:40 +02:00
Claire
8c4ea7d715
Fix misleading error code when receiving invalid WebAuthn credentials ( #23568 )
2023-03-16 11:45:53 +01:00
Claire
68af19c328
Change auto-deletion throttling constants to better scale with server size ( #23320 )
2023-03-13 18:49:01 +01:00
Christian Schmidt
3f2e31800e
Unescape HTML entities ( #24019 )
2023-03-13 18:45:42 +01:00
Claire
0dc342df81
Fix “Remove all followers from the selected domains” being more destructive than it claims ( #23805 )
2023-03-13 18:36:15 +01:00
Claire
0c9eac80d8
Fix unbounded recursion in post discovery ( #23506 )
...
* Add a limit to how many posts can get fetched as a result of a single request
* Add tests
* Always pass `request_id` when processing `Announce` activities
---------
Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2023-02-10 22:16:37 +01:00
Nick Schonning
0592937264
Apply Rubocop Rails/WhereNot ( #23448 )
...
* Apply Rubocop Rails/WhereNot
* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning
1487fcde93
Apply Rubocop Style/ExpandPathArguments ( #23450 )
2023-02-08 07:06:20 +01:00
Nick Schonning
ed570050c6
Autofix Rails/EagerEvaluationLogMessage ( #23429 )
...
* Autofix Rails/EagerEvaluationLogMessage
* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Claire
9edefc779f
Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note ( #23318 )
...
* Fix `UserCleanupScheduler` crash when an unconfirmed account has a moderation note
* Add tests
2023-02-07 01:14:44 +01:00
Claire
20a479ff7c
Change `POST /settings/applications/:id` to regenerate token on scopes change ( #23359 )
...
Fixes #23096
2023-02-02 12:03:49 +01:00
Claire
13a2abacc8
Add `roles` attribute to Account entities in REST API ( #23255 )
2023-01-25 19:55:40 +01:00
Claire
a5a00d7f7a
Fix email with empty domain name labels passing validation ( #23246 )
...
* Fix email with empty domain name labels passing validation
`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.
* Add tests
2023-01-24 20:18:41 +01:00
Claire
6883fddb19
Fix account activation being triggered before email confirmation ( #23245 )
...
* Add tests
* Fix account activation being triggered before email confirmation
Fixes #23098
2023-01-24 19:40:21 +01:00
Markus Unterwaditzer
f2a6e71bb6
Suppress AddressFamilyError in link verification ( #23204 )
...
* Suppress AddressFamilyError
* clarify comment
2023-01-23 13:05:54 +01:00
Claire
448be26b34
Add missing `policy` attribute to `WebPushSubscriptionSerializer` ( #23210 )
...
* Add missing `policy` attribute to `WebPushSubscriptionSerializer`
Fixes #23145
* Add tests
2023-01-23 13:05:30 +01:00
Claire
68dcbcb7bf
Add more specific error messages to HTTP signature verification ( #21617 )
...
* Return specific error on failure to parse Date header
* Add error message when preferredUsername is not set
* Change error report to be JSON and include more details
* Change error report to differentiate unknown account and failed refresh
* Add tests
2023-01-18 16:47:56 +01:00
Claire
343e1fe8e9
Add confirmation screen when handling reports ( #22375 )
...
* Add confirmation screen on moderation actions
* Add flash notice when a report has been processed
* Refactor tests
* Add tests
2023-01-18 16:40:09 +01:00
Claire
4b92e59f4f
Add support for editing media description and focus point of already-posted statuses ( #20878 )
...
* Add backend support for editing media attachments of existing posts
* Allow editing media attachments of already-posted toots
* Add tests
2023-01-18 16:33:55 +01:00
Claire
fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists ( #21470 )
...
* Change domain block CSV parsing to be more robust and handle more lists
* Add some tests
* Improve domain block import validation and reporting
2023-01-18 16:20:52 +01:00
Claire
21a1a8ee88
Fix crash when marking statuses as sensitive while some statuses are deleted ( #22134 )
...
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments
* Fix crash when marking statuses as sensitive while some statuses are deleted
Fixes #21910
* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”
* Add tests
2023-01-13 10:46:52 +01:00
Claire
15b88a83ab
Fix sanitizer parsing link text as HTML when stripping unsupported links ( #22558 )
2023-01-11 22:21:10 +01:00
Markus Unterwaditzer
0c689b9d01
fix: allow verification when page size exceeds 1MB (using HTML5 parser) ( #22879 )
...
* fix: allow verification when page size exceeds 1MB
Truncates the page after 1MB instead
Closes #15316
* switch to HTML5 parser, fix rubocop errors
* undo rubocop fixes
Co-authored-by: Chris Zubak-Skees <chriszs@gmail.com>
2023-01-11 21:59:13 +01:00
Claire
18fb01ef7c
Fix possible race conditions when suspending/unsuspending accounts ( #22363 )
...
* Fix possible race conditions when suspending/unsuspending accounts
* Fix tests
Tests were assuming SuspensionWorker and UnsuspensionWorker would do the
suspending/unsuspending themselves, but this has changed.
2023-01-05 13:47:21 +01:00
Jeong Arm
fdd1facba1
Fix home TL could contain post from who blocked me ( #22849 )
...
* Fix home tl contains post from who blocked me
* Add test
* Fix feed_manager's build_crutches
blocked_by was not includes status' owner
* Add test for status from I blocked
* Fix typo
2023-01-05 13:30:38 +01:00
Partho Ghosh
115ab2869b
Fix ・ detection in hashtag regex to construct hashtag correctly ( #22888 )
...
* Fix ・ detection in hashtag regex to construct hashtag correctly
* Fixed rubocop liniting issues
* More rubocop linting fix
2023-01-04 02:12:48 +01:00
Claire
70415714f1
Add follow request banner on account header ( #20785 )
...
* Add requested_by to relationship maps
* Display whether an account has requested to follow you on their profile
2022-12-15 18:50:11 +01:00
Claire
8556a649d5
Fix changing domain block severity not undoing individual account effects ( #22135 )
...
* Fix changing domain block severity not undoing individual account effects
Fixes #22133
* Add tests
2022-12-15 17:45:02 +01:00
Jeong Arm
d412147d02
Save avatar or header correctly even if other one fails ( #18465 )
...
* Save avatar or header correctly if other one fails
* Fix test
2022-12-15 17:11:14 +01:00