aiden
/
mastodon
mirror of https://github.com/mastodon/mastodon
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,927 Commits
139 Branches
269 Tags
1012 MiB
renovate/ruby-3.x
i18n/crowdin/translations
renovate/docker.io-ruby-3.x
renovate/ox-2.x-lockfile
renovate/rubocop-(non-major)
renovate/nokogiri-1.x-lockfile
renovate/eslint-(non-major)
renovate/rack-test-2.x-lockfile
renovate/pino-9.x-lockfile
renovate/csv-3.x-lockfile
main
feat/fasp
renovate/definitelytyped-types-(non-major)
features/numeric-identifiers
renovate/omniauth-packages
renovate/major-react-monorepo
fixes/notification-trailing-groups
renovate/reduxjs-toolkit-2.x-lockfile
renovate/webpush-digest
feature-streaming-profile
renovate/formatjs-monorepo
feature-starter-packs
refactor-status-content-typescript
renovate/glob-11.x
renovate/react-test-renderer-19.x
fixes/embed-requestAnimationFrame
renovate/immutable-5.x
stable-4.3
stable-4.1
stable-4.2
renovate/net-http-0.x
renovate/major-formatjs-monorepo
features/lock-icon-on-hover-card
renovate/typescript-5.x-lockfile
feature-language-dropdown-warning
feature-admin-report-forward
feature-reports-batch-actions
fix-admin-dashboard-slow
fix-future-date-trend
redesign/content-warning-filters-4.3
fixes/filtered-follows
remove/trendable-provider-attribution
activitypub/summary-over-name
build-stable-nightly
fixes/notification-excerpt-paragraph
fixes/mastodon-setup-task-redis
fixes/out-of-order-private-posts
fixes/regexp-timeout-optional
fixes/small-otp-secret-length-4.1
fixes/small-otp-secret-length-4.2
fixes/dashboard-quick-access-overflow
fixes/middle-column-size
fix-context-socialweb-miscellany
cleanup/remove-old-notifications
fixes/detect-missing-indexes2
cleanup/simplify-css
feature-post-layout
features/media-description-in-embedded-status
design/notifications-grid
fix-lookup-domain
flaky-conversations-test
fixes/crash-orphaned-notification
fixes/report-links
features/filtered-dismiss-accept-all
feat/clean-up-notifications
fixes/everyone-role-n+1
redesign/notification-request
experimental/notification-groups-api-shape
fixes/thread-resolve-worker-skip_fetching
spike/resolve-urls-on-click
cleanup/drop-atomuri
fixes/dismissing-notification-requests-dismisses-too-much
revert-system-check
feature-redirect
fix-unusable-hashtag
tests/flaky-tests-performance-logs
feature-grouped-notifications-ui
drop-redis-below-6.2
fix-mute-buttons
features/local-preview-cards-2nd-take
fix-conversations-background
revert-severed-relationships-feature
features/local-preview-cards
stable-3.5
stable-4.0
stable-3.4
releases/v3.5.17
releases/v4.1.13
releases/v4.2.5
version/v4.3.0-alpha.1
fix/build-env
feature-color-scheme
revert/follow-back-mutual
gh-readonly-queue/main/pr-28626-1ad908e0c08c236389967d86b4f238f428de9fef
fixes/per-user-authorized-fetch
fixes/import-many-follows-overlap
fix-web-thread-sort
test-new-container-build
fixes/24px-icons
features/registration-invite-api
fixes/service-worker-caching
fixes/account-refresh-link-verification
feature-like
tests/introduce-error
fixes/lint-fix
fixes/object-has-own-polyfill
fixes/audio-passthrough
fixes/audit-log-external-confirmation
features/banners
refactor/search-query-parser
remove-profile-directory
redesign/notification-settings
feature-separate-hashtags
fixes/self-destruct-throttle
fixes/subdomain-block-4.1.6
redesign/hashtag-column-follow-button
feature-trend-highlights
revert-23460-fixes/activitypub-hashtag
pg15
prevent-unauthenticated-access-tag-timeline
support-rich-oembed
fix-caniuselite-lockfile
track_unsalvageable_errors
add-publish-button-text-site-setting
nolan/button-a11y
i18n/manage-translations
deps/shakapacker
rubocop-fixes
react18
stable-3.3
stable-3.2
stable-3.1
stable-3.0
stable-2.9
stable-2.8
stable-2.7
stable-2.5
stable-2.6
stable-2.4
v0.1.2
v0.1.1
v0.1.0
v0.6
v0.7
v0.8
v0.9
v0.9.9
v1.0
v1.1
v1.1.1
v1.1.2
v1.2
v1.2.1
v1.2.2
v1.3
v1.3.1
v1.3.2
v1.3.3
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.4.6
v1.4.7
v1.4rc1
v1.4rc2
v1.4rc3
v1.4rc4
v1.4rc5
v1.4rc6
v1.5.0
v1.5.0rc1
v1.5.0rc2
v1.5.0rc3
v1.5.1
v1.6.0
v1.6.0rc1
v1.6.0rc2
v1.6.0rc3
v1.6.0rc4
v1.6.0rc5
v1.6.1
v2.0.0
v2.0.0rc1
v2.0.0rc2
v2.0.0rc3
v2.0.0rc4
v2.1.0
v2.1.0rc1
v2.1.0rc2
v2.1.0rc3
v2.1.0rc4
v2.1.0rc5
v2.1.0rc6
v2.1.1
v2.1.2
v2.1.3
v2.2.0
v2.2.0rc1
v2.2.0rc2
v2.3.0
v2.3.0rc1
v2.3.0rc2
v2.3.0rc3
v2.3.1
v2.3.1rc1
v2.3.1rc2
v2.3.1rc3
v2.3.2
v2.3.2rc1
v2.3.2rc2
v2.3.2rc3
v2.3.2rc4
v2.3.2rc5
v2.3.3
v2.4.0
v2.4.0rc1
v2.4.0rc2
v2.4.0rc3
v2.4.0rc4
v2.4.0rc5
v2.4.1
v2.4.1rc1
v2.4.1rc2
v2.4.1rc3
v2.4.1rc4
v2.4.2
v2.4.2rc1
v2.4.2rc2
v2.4.2rc3
v2.4.3
v2.4.3rc1
v2.4.3rc2
v2.4.3rc3
v2.4.4
v2.4.5
v2.5.0
v2.5.0rc1
v2.5.0rc2
v2.5.1
v2.5.2
v2.6.0
v2.6.0rc1
v2.6.0rc2
v2.6.0rc3
v2.6.0rc4
v2.6.1
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.7.0
v2.7.0rc1
v2.7.0rc2
v2.7.0rc3
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.8.0
v2.8.0rc1
v2.8.0rc2
v2.8.0rc3
v2.8.1
v2.8.2
v2.8.3
v2.8.4
v2.9.0
v2.9.0rc1
v2.9.0rc2
v2.9.1
v2.9.2
v2.9.3
v2.9.4
v3.0.0
v3.0.0rc1
v3.0.0rc2
v3.0.0rc3
v3.0.1
v3.0.2
v3.1.0
v3.1.0rc1
v3.1.0rc2
v3.1.1
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.2.0
v3.2.0rc1
v3.2.0rc2
v3.2.1
v3.2.2
v3.3.0
v3.3.0rc1
v3.3.0rc2
v3.3.0rc3
v3.3.1
v3.3.2
v3.3.3
v3.4.0
v3.4.0rc1
v3.4.0rc2
v3.4.1
v3.4.10
v3.4.2
v3.4.3
v3.4.4
v3.4.5
v3.4.6
v3.4.7
v3.4.8
v3.4.9
v3.5.0
v3.5.0rc1
v3.5.0rc2
v3.5.0rc3
v3.5.1
v3.5.10
v3.5.11
v3.5.12
v3.5.13
v3.5.14
v3.5.15
v3.5.16
v3.5.17
v3.5.18
v3.5.19
v3.5.2
v3.5.3
v3.5.4
v3.5.5
v3.5.6
v3.5.7
v3.5.8
v3.5.9
v4.0.0
v4.0.0rc1
v4.0.0rc2
v4.0.0rc3
v4.0.0rc4
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.1.0
v4.1.0rc1
v4.1.0rc2
v4.1.0rc3
v4.1.1
v4.1.10
v4.1.11
v4.1.12
v4.1.13
v4.1.14
v4.1.15
v4.1.16
v4.1.17
v4.1.18
v4.1.19
v4.1.2
v4.1.20
v4.1.21
v4.1.3
v4.1.4
v4.1.5
v4.1.6
v4.1.7
v4.1.8
v4.1.9
v4.2.0
v4.2.0-beta1
v4.2.0-beta2
v4.2.0-beta3
v4.2.0-rc1
v4.2.0-rc2
v4.2.1
v4.2.10
v4.2.11
v4.2.12
v4.2.13
v4.2.14
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.2.9
v4.3.0
v4.3.0-beta.1
v4.3.0-beta.2
v4.3.0-rc.1
v4.3.1
v4.3.2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '65cea8f89f'
${ noResults }
Commit Graph

121 Commits (65cea8f89f7c6453e6709f834a39b4552a330743)

Author SHA1 Message Date
Eugen Rochko 2f34b747b3
Allow mods to disable login, improve message when login disabled (#8329) 
* Allow moderators to disable/enable login

* Instead of rejecting login, show forbidden error when login disabled

Avoid confusion because when login is rejected, the message is that
the account is not activated, which is wrong.

* Fix tests
 6 years ago
Jakub Mendyk 6cb3514d64 Add ability to change an instance default theme from the administration panel (#7092) (#8381) 
* Add default_settings class method to ScopedSettings

ScopedSettings was extended to use value of unscoped setting instead of
only using defaults set in config/settings.yml for selected settings.
This adds possibility for admins to set default values of users' settings,
for example default theme (as requested in #7092).

* Add ability to change an instance default theme

Closes #7092
 6 years ago
abcang 9e75aa30cd Unuse ActiveRecord::Base#cache_key (#8185) 
* Unuse ActiveRecord::Base#cache_key

* Enable cache_versioning

* Call cache_collection
 6 years ago
Eugen Rochko ebf2fef029
Catch ActionController::UnknownFormat and return HTTP 406 (#7621) 
An error like that should not appear in production error log.
 7 years ago
ThibG 352bae8c3e Update session activation time (fixes #5605) (#7408) 7 years ago
Emelia Smith 2e59751823 Improve require_admin! and require_staff! filters (#7018) 
Previously these returns 302 redirects instead of 403s, which meant posting links to admin pages in slack caused them to unfurl, rather than stay as a link. Additionally, require_admin! doesn't appear to be actively used, on require_staff!
 7 years ago
Eugen Rochko 47bdb9b33b
Fix #942: Seamless LDAP login (#6556) 7 years ago
Eugen Rochko d8bc64bb09
Fix #6526: Only store redirect location if not in JSON format (#6528) 7 years ago
Alexander 04fef7b888 pam authentication (#5303) 
* add pam support, without extra column

* bugfixes for pam login

* document options

* fix code style

* fix codestyle

* fix tests

* don't call remember_me without password

* fix codestyle

* improve checks for pam usage (should fix tests)

* fix remember_me part 1

* add remember_token column because :rememberable requires either a password or this column.

* migrate db for remember_token

* move pam_authentication to the right place, fix logic bug in edit.html.haml

* fix tests

* fix pam authentication, improve username lookup, add comment

* valid? is sometimes not honored, return nil instead trying to authenticate with pam

* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests

* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user

* codeconvention fixes

* code convention fixes

* fix idention

* update dependency, explicit conflict check

* fix disabled password updates if in pam mode

* fix check password if password is present, fix templates

* block registration if account is maintained by pam

* Revert "block registration if account is maintained by pam"

This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.

* fix identation error introduced by rebase

* block usernames maintained by pam

* document pam settings better

* fix code style
 7 years ago
Yamagishi Kazutoshi 1d92b90be9 Fix force_ssl conditional (#6201) 7 years ago
Yamagishi Kazutoshi da809f9eec Fix unintended cache (#6214) 7 years ago
ThibG 3bee0996c5 Make sure private toots remain private and do not end up in HTTP caches (#6175) 7 years ago
Eugen Rochko c10f4bdb03
Cache JSON of immutable ActivityPub representations (#6171) 7 years ago
Eugen Rochko 38fc1b498d
Add more instance stats APIs (#6125) 
* Add GET /api/v1/instance/peers API to reveal known domains

* Add GET /api/v1/instance/activity API

* Make new APIs disableable, exclude private statuses from activity stats

* Fix code style issue

* Fix week timestamps
 7 years ago
Eugen Rochko 3e90987c8b Fix some rubocop style issues (#5730) 7 years ago
Eugen Rochko 7bb8b0b2fc
Add moderator role and add pundit policies for admin actions (#5635) 
* Add moderator role and add pundit policies for admin actions

* Add rake task for turning user into mod and revoking it again

* Fix handling of unauthorized exception

* Deliver new report e-mails to staff, not just admins

* Add promote/demote to admin UI, hide some actions conditionally

* Fix unused i18n
 7 years ago
Andrew 0401a24558 Add support for multiple themes (#4959) 
* Add support for selecting a theme

* Fix codeclimate issues

* Look up site default style if current user is not available due to e.g. not being logged in

* Remove outdated comment in common.js

* Address requested changes in themes PR

* Fix codeclimate issues

* Explicitly check current_account in application controller and only check theme availability if non-nil

* codeclimate

* explicit precedence with &&

* Fix code style in application_controller according to @nightpool's suggestion, use default style in embedded.html.haml

* codeclimate: indentation + return
 7 years ago
Eugen Rochko df605f0f8b Add "signed in as" header to some pages (#4523) 8 years ago
Eugen Rochko 00df69bc89 Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091) 
* Fix #4058 - Use a long-lived cookie to keep track of user-level sessions

* Fix tests, smooth migrate from previous session-based identifier
 8 years ago
Eugen Rochko ed7dc1704d Bind web UI access tokens to sessions (#3940) 
* Add overview of active sessions

* Better display of browser/platform name

* Improve how browser information is stored and displayed for sessions overview

* Fix test

* Fix #2347 - Bind web UI access token to session

When you logout, session also destroys the access token, so it's no longer
valid. If access token is destroyed some other way, the session is also
destroyed, requiring a re-login.

Fix #1681 - Add scheduler to remove revoked access tokens and grants

* Fix test
 8 years ago
Yamagishi Kazutoshi 676ba50601 Show error message to suspended user (#3281) 8 years ago
Yamagishi Kazutoshi 73e4468ff3 Change "Account.any?" to "Account.exists?" (#3217) 8 years ago
Akihiko Odaki aa662cecad single_user_mode? always returns boolean (#3215) 
This change also adds a specification for the method.
 8 years ago
Matt Jankowski 7bffd16024 Error responses cleanup (#2692) 
* Use respond_with_error for forbidden errors

* Wrap up common error code into single method
 8 years ago
Matt Jankowski fdcf884cf7 Extract user tracking into concern (#2600) 8 years ago
alpaca-tc 9317ec8eb1 Localize with i18n for Devise::FailureApp (#2309) 
This PR fixes I18n.locale for rake middlewares. Mastodon uses Devise that depends on Warden.
Warden::Manager can be found in rake middleware. It is outside of the controller.

In the case of authentication failed, warden calls throw(:warden). At the time Warden::Manager
delegates request to failure_app to generate response and flash[:alert] after catching it.
Unfortunately, I18n.locale is already reset then because I18n.with_locale is enabled only
inside the controller. If we used I18n.locale=, Devise::FailureApp could get the current locale.
 8 years ago
Matt Jankowski a0dd90a397 Return force_ssl to the controller (#2380) 8 years ago
Evan Minto 66fd8e7821 ActivityPub: Add basic, read-only support for Outboxes, Notes, and Create/Announce Activities (#2197) 
* Clean up collapsible components

* Expose user Outboxes and AS2 representations of statuses

* Save work thus far.

* Fix bad merge.

* Save my work

* Clean up pagination.

* First test working.

* Add tests.

* Add Forbidden error template.

* Revert yarn.lock changes.

* Fix code style deviations and use localized instead of hardcoded English text.
 8 years ago
Matt Jankowski ee82d8a876 Move force_ssl check to production config (#2165) 
The force_ssl method from controllers does not add all of the options that the
sitewide configuration in a config block does. For example, HSTS enforcement is
not added by the controller method, but is added by this style.
 8 years ago
Takayoshi Nishida 5e33ad29d4 Fix #2195 - Set locale to error pages (#2255) 
* Fix #2195 - Set locale to error pages

* Fix #2195 - Cut duplicate process into one method
 8 years ago
Eugen 5d710b1139 Make file attachment on MediaAttachment optional (#1865) 
Create MediaAttachment but without actual file download when domain is blocked with reject_media set to true
Clean up old media files when creating a new domain block with reject_media set to true
Return remote_url in media attachments API if local file is not present
Undo domain block action in admin UI
Ability to enable reject_media from admin UI
 8 years ago
Marcin Cieślak 1c8477eab2 Give SINGLE_USER a chance to register (#1820) 
An attempt to open a brand new Mastodon instance configured
as SINGLE_USER_MODE=true will cause an exception.

Enable temporary registration if we have no users in the database

Fixes #1817
 8 years ago
Eugen Rochko 4b621188ad Fix #1165 - before_action was called before protect_from_forgery 8 years ago
Eugen Rochko e3a3422a65 Allow setting of default language through config 
Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug
 8 years ago
Eugen Rochko b510a56c0c Only call regeneration worker after first login after a 14 day break 8 years ago
Eugen Rochko 2d07cb5771 Catching rack timeout from rails doesn't work 8 years ago
Eugen Rochko 5b12624847 Add proper error page for request timeouts 8 years ago
Eugen Rochko 08b96f1b9f Fix wrong HTTP status codes on error pages 8 years ago
Eugen Rochko e22a56183a Improve error page layouting. 500 page has to stay static because it's 
used from nginx when Rails fails.
 8 years ago
Effy Elden ed41f9f0b1 Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 8 years ago
Eugen Rochko 3282448878 Fix #86 - resolve layout breaking on zoom-out on accounts grid 8 years ago
Eugen Rochko f406e01fcf Add filters for suspended accounts 8 years ago
Eugen Rochko 816284d739 Fix #248 - Reload all accounts when fetching from cache 8 years ago
Eugen Rochko 1d0321fc45 Fix pt translations, improve pre-cache queries, removing will_paginate 
from accounts/tags because it's a terribly inefficient way to paginate
large sets of data
 8 years ago
Eugen Rochko a21bcac9e1 Further abstract caching for includes 8 years ago
Eugen Rochko 356d3874eb Normalize localizations, add stub for admin/accounts 8 years ago
Eugen Rochko ff21ff1489 Make User#current_sign_in_at actually track when user was last active, 
by updating it at least every 24h if the user visits the site
 8 years ago
Eugen Rochko 7e90772c92 Unify collection caching code 8 years ago
Eugen Rochko 27fc49d745 Add simple admin overview of PuSH subscriptions 8 years ago
Eugen Rochko 8e34bed7cc Mini Profiler not working well, remove it 8 years ago
Eugen Rochko 4bdb6a0eaf Rename "publish" to "toot" in english locale, fix lightbox showing old image 
before loading new one, cache notifications API, fix missing follow button
on public profiles
 8 years ago
Eugen Rochko 5c78547198 More query optimizations 8 years ago
Eugen Rochko fc90d38893 Moving some counter queries out of subqueries in the API 8 years ago
Eugen Rochko fb48cc3b74 Desktop notifications 8 years ago
Eugen Rochko 2c766bd4b4 Add user locale setting 8 years ago
Eugen Rochko fdc17bea58 Fix rubocop issues, introduce usage of frozen literal to improve performance 8 years ago
Eugen Rochko b60430fe8f Fix sign-in redirecting "back" to a missing image because missing static files hit the raise_not_found method 8 years ago
Eugen Rochko fe77921e47 Catching more exceptions that slipped through, removing AR logging from 
production as it's very verbose and not very useful
 8 years ago
Eugen Rochko 9d59d7b463 Adding a block model and filter mentions from blocked users (fix #60) 8 years ago
Eugen Rochko fc198a8b4c Adding e-mail confirmations 8 years ago
Eugen Rochko a0f85774c4 Redirect after sign in to previous page (unless it's a sign in/up/etc page) 8 years ago
Eugen Rochko 927333f4f8 Improve code style 8 years ago
Eugen Rochko 509c18eb13 Fix local follows, 404 in logs 8 years ago
Eugen Rochko bc0692d75b Removing mini-profiler that doesn't work, formatting timelines a bit better 8 years ago
Eugen Rochko 49520d6e62 Adding React.js, Redux, revamping dashboard 8 years ago
Eugen Rochko 8985f8e66c Fixing more configuration issues with ActionCable 8 years ago
Eugen Rochko 8459acd123 Fix for force SSL issue with websockets 8 years ago
Eugen Rochko 6426819b6f Fix tests 8 years ago
Eugen Rochko 6deb9f966e Live timelines using ActionCable 8 years ago
Eugen Rochko e24bfbde1a Fixing FanOutOnWriteService, fixing Sidekiq not having enough DB connections 
in the pool, adding a throttle of 60rpm per IP, adding mini profiler, adding
admin status to users
 9 years ago
Eugen Rochko 9c4856bdb1 Initial commit 9 years ago