Claire
00f23e8823
Change Mastodon to issue correctly-signed queries by default ( #31994 )
2024-09-30 13:27:55 +02:00
Claire
43fa9daede
Fix security context sometimes not being added in LD-Signed activities ( #31871 )
2024-09-30 13:27:55 +02:00
Claire
d2d0692232
Fix issue when encountering reblog of deleted post in feed rebuild ( #32001 )
2024-09-30 13:27:55 +02:00
Claire
aa3fc5364c
Fix division by zero on some video/GIF files ( #30600 )
2024-08-16 12:37:08 +02:00
Adam Niedzielski
3e1f1b545d
Select correct self link when parsing Webfinger response ( #31110 )
2024-08-16 12:37:08 +02:00
Claire
d673b6e920
Fix status processing failing halfway when a remote post has a malformed replies
attribute ( #31246 )
2024-08-16 12:37:08 +02:00
Claire
a1c7aae28a
Merge pull request from GHSA-xjvf-fm67-4qc3
2024-07-04 16:45:52 +02:00
Claire
122740047a
Merge pull request from GHSA-vp5r-5pgw-jwqx
...
* Fix streaming sessions not being closed when revoking access to an app
* Add tests for GHSA-7w3c-p9j8-mq3x
2024-07-04 16:11:28 +02:00
David Roetzel
6cf83a2a64
Improve encoding detection for link cards ( #30780 )
2024-07-03 11:13:40 +02:00
Eugen Rochko
2a5819e8bb
Change search modifiers to be case-insensitive ( #30865 )
2024-07-03 11:13:40 +02:00
Claire
ba240cea0c
Normalize language code of incoming posts ( #30403 )
2024-05-29 15:31:34 +02:00
Tim Rogers
a6089cdfca
Fixed crash when supplying FFMPEG_BINARY environment variable ( #30022 )
2024-05-17 12:30:07 +02:00
Claire
d807b3960e
Merge pull request from GHSA-7w3c-p9j8-mq3x
...
* Ensure destruction of OAuth Applications notifies streaming
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
* Ensure password resets revoke access to Streaming API
* Improve performance of deleting OAuth tokens
---------
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
2024-02-14 15:15:34 +01:00
Claire
5799bc4af7
Merge pull request from GHSA-3fjr-858r-92rw
...
* Fix insufficient origin validation
* Bump version to v4.1.13
2024-02-01 15:56:46 +01:00
Claire
9292d998fe
Fix Mastodon not correctly processing HTTP Signatures with query strings ( #28476 )
2024-01-24 15:31:06 +01:00
MitarashiDango
4c5575e8e0
Fix Undo Announce activity is not sent, when not followed by the reblogged post author ( #18482 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-24 15:31:06 +01:00
Claire
803e15a3cf
Fix incoming status creation date not being restricted to standard ISO8601 ( #27655 )
2023-12-04 15:28:02 +01:00
Claire
1210524a3d
Fix processing LDSigned activities from actors with unknown public keys ( #27474 )
2023-12-04 15:28:02 +01:00
Jakob Gillich
45669ac5e6
Fix importer returning negative row estimates ( #27258 )
2023-10-10 13:51:56 +02:00
Claire
5d93c5f019
Fix post translation erroring out (v4.1.x) ( #26990 )
2023-09-20 15:59:57 +02:00
Claire
d6c0ae995c
Fix post edits not being forwarded as expected ( #26936 )
2023-09-19 17:01:44 +02:00
Claire
5fd89e53d2
Fix moderator rights inconsistencies ( #26729 )
2023-09-19 17:01:44 +02:00
Claire
5caade9fb0
Fix crash when encountering invalid URL ( #26814 )
2023-09-19 17:01:44 +02:00
Nicolai Søborg
21bf42bca1
Fix frame_rate
for videos where ffprobe
reports 0/0 ( #26500 )
2023-09-19 17:01:44 +02:00
Claire
48ee3ae13d
Merge pull request from GHSA-v3xf-c9qf-j667
2023-09-19 16:53:58 +02:00
Emelia Smith
cf80d54cba
Allow reports with long comments from remote instances, but truncate ( #25028 )
2023-09-05 19:16:09 +02:00
Claire
86afbf25d0
Change text extraction in PlainTextFormatter
to be faster ( #26727 )
2023-09-05 19:16:09 +02:00
Claire
6c321bb5e1
Fix incorrect connect timeout in outgoing requests ( #26116 )
2023-07-31 14:33:06 +02:00
Claire
d94a2c8aca
Change request timeout handling to use a longer deadline ( #26055 )
2023-07-21 16:07:43 +02:00
Claire
f2bbac3f9f
Fix crash in admin interface when viewing a remote user with verified links ( #25796 )
2023-07-07 19:37:21 +02:00
Claire
32ebeed59b
Merge pull request from GHSA-55j9-c3mp-6fcq
2023-07-06 15:06:50 +02:00
Claire
e75ad1de0f
Merge pull request from GHSA-9pxv-6qvf-pjwc
...
* Fix timeout handling of outbound HTTP requests
* Use CLOCK_MONOTONIC instead of Time.now
2023-07-06 15:06:24 +02:00
Claire
a3d69a2c5d
Fix OAuth apps page crashing when listing apps with certain admin API scopes ( #25713 )
2023-07-06 13:45:40 +02:00
Claire
210ff36860
Change AccessTokensVacuum to also delete expired tokens ( #24868 )
2023-07-06 13:45:40 +02:00
Claire
99c2bbbec9
Change profile updates to be sent to recently-mentioned servers ( #24852 )
2023-07-06 13:45:40 +02:00
Claire
f962e83856
Change OpenGraph-based embeds to allow fullscreen ( #25058 )
2023-07-06 13:45:40 +02:00
Claire
b3cbcd7447
Fix “Authorized applications” inefficiently and incorrectly getting last use date ( #25060 )
2023-07-06 13:45:40 +02:00
Claire
6a7b91a038
Add warning for object storage misconfiguration ( #24137 )
2023-03-16 22:48:42 +01:00
Claire
0363064501
Fix dashboard crash on ElasticSearch server error ( #23751 )
2023-03-16 11:45:01 +01:00
Christian Schmidt
3f2e31800e
Unescape HTML entities ( #24019 )
2023-03-13 18:45:42 +01:00
Claire
0c9eac80d8
Fix unbounded recursion in post discovery ( #23506 )
...
* Add a limit to how many posts can get fetched as a result of a single request
* Add tests
* Always pass `request_id` when processing `Announce` activities
---------
Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2023-02-10 22:16:37 +01:00
Nick Schonning
0592937264
Apply Rubocop Rails/WhereNot ( #23448 )
...
* Apply Rubocop Rails/WhereNot
* Update spec for where.not
2023-02-08 10:39:57 +01:00
Nick Schonning
0d1f192c54
Apply Rubocop Performance/BlockGivenWithExplicitBlock ( #23441 )
...
* Apply Rubocop Performance/BlockGivenWithExplicitBlock
* Unprefix used block parameter
2023-02-08 10:36:23 +01:00
Nick Schonning
203739dd3a
Apply Rubocop Performance/StringIdentifierArgument ( #23444 )
2023-02-08 02:36:20 +01:00
Nick Schonning
ef8988aef2
Apply Rubocop Performance/DoubleStartEndWith ( #23442 )
2023-02-08 10:06:48 +09:00
Nick Schonning
ed570050c6
Autofix Rails/EagerEvaluationLogMessage ( #23429 )
...
* Autofix Rails/EagerEvaluationLogMessage
* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Eugen Rochko
4c919812b9
Change number of stored items in home feed from 400 to 800 ( #23349 )
2023-02-01 11:24:22 +01:00
Claire
41517a4845
Fix spurious admin dashboard warning when using ElasticSearch 7.x ( #23064 )
...
Some 7.x ElasticSearch versions support some 6.x nodes, thus the version check
is inadequate. I am not sure there is a good way to check if a server
implements all the 7.x APIs, so check server version and minimum wire version
instead.
2023-01-18 16:21:48 +01:00
Markus Unterwaditzer
0c689b9d01
fix: allow verification when page size exceeds 1MB (using HTML5 parser) ( #22879 )
...
* fix: allow verification when page size exceeds 1MB
Truncates the page after 1MB instead
Closes #15316
* switch to HTML5 parser, fix rubocop errors
* undo rubocop fixes
Co-authored-by: Chris Zubak-Skees <chriszs@gmail.com>
2023-01-11 21:59:13 +01:00
Kaspar V
ae62e5fa53
Fix/remove calling private method with send in model ( #22951 )
...
* fix(status): remove send usage for private unlink_from_conversations
- make unlink_from_conversations public method
- rename unlink_from_conversations to unlink_from_conversations!
- fix send call on private method in statuses_vacuum and batched_remove_status_service
* fix(feeds_vacuum): replace find_in_batches with in_batches
because active record query results should be a little more efficient than
itterating with map and each. Postgres can grasp such lists of ids much quicker
than ruby can.
Will probably make allmost no difference, but cannot hurt either.
2023-01-11 21:57:24 +01:00