Commit Graph

536 Commits (7f2cfcccab8d81feca98328e371373a9dd7f7c12)

Author SHA1 Message Date
Matt Jankowski be2d4615ab
Rely on Rails to enable YJIT when available (#33017) 1 month ago
Emelia Smith 4517e18b79
Update dependency doorkeeper to v5.8.0 (#33000)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 month ago
Renaud Chaput bcf5d30e01
Add OpenTelemetry VCS attributes (#32904) 1 month ago
Claire f5f6273d2b
Move `ALLOWED_PRIVATE_ADDRESSES` parsing to an initializer (#32850) 2 months ago
David Roetzel d60ef3f17e
Disable `httplog` gem in production (#32776) 2 months ago
Matt Jankowski a139dac18e
Remove cookie rotator (#32289) 2 months ago
Emelia Smith e1b7382ea6
Add userinfo oauth endpoint (#32548) 2 months ago
Claire 6ff1954bdb
Change Active Record Encryption variable check to check for emptiness (#32537) 2 months ago
Claire ffa1032381
Add further warnings about encryption secrets (#32476) 3 months ago
Emelia Smith 454d21ab5a
Remove OAuth Password Grant Type support (#30960) 3 months ago
Claire e22eff8900
Remove regexp timeout feature (#32169) 3 months ago
David Roetzel cfb8fc6222
Increase regexp timeout and allow override (#32056) 3 months ago
Tim Campbell 11eae691ba
Feature more otel customization (#31998) 3 months ago
Matt Jankowski 5405bdd344
Remove unused E2EE messaging code (#31193) 3 months ago
Claire d5cf27e667
Add global Regexp timeout (#31928) 3 months ago
Claire a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive (#26897) 4 months ago
Eugen Rochko 24ef8255b3
Change design of embed modal in web UI (#31801) 4 months ago
Matt Jankowski b530fc5267
Update rails to version 7.1.4 (#31563) 4 months ago
Claire ee55d20fd5
Allow `POST /oauth/revoke` through CORS (#31743) 4 months ago
David Roetzel 388d5473e1
Refactor (ruby) redis configuration (#31694) 4 months ago
Matt Jankowski 85e8d1f285
Use rails configuration storage for paperclip path (#31651) 4 months ago
Matt Jankowski 6ec768668e
Remove `nsa` statsd integration (replaced by OpenTelemetry) (#30240) 4 months ago
Matt Jankowski 02df1b4e4a
Finish email allow/deny list naming migration (#30530) 5 months ago
Emelia Smith a1f723a6a4
Add support for PKCE Extension in OmniAuth OIDC (#31131) 5 months ago
Claire eaedd52def
Fix incorrect rate limit on PUT requests (#31356) 5 months ago
Adam Niedzielski 887e64efd4
Allow @ at the end of an URL (#31124) 5 months ago
Renaud Chaput 36592d10aa
Change Sidekiq readiness file to use an environment variable (#30988) 6 months ago
Renaud Chaput 7542a134d5
Add a file for Sidekiq to signal it is ready to process jobs (#30971) 6 months ago
Claire 8de5df225e
Change instructions to use `bundle exec rails` instead of `rake` (#30917) 6 months ago
Matt Jankowski bc3737f0c3
Add detail about running version on vips error failure (#30858) 6 months ago
Claire b15a3614dc
Stub `Vips::Error` when not using libvips (#30857) 6 months ago
Renaud Chaput 845fe1c693
Add the Interlingua locale (#30828) 6 months ago
Tim Rogers f6e466058a
Added check for STATSD_ADDR setting to emit a warning and proceed rather than crashing if the address is unreachable (#30691) 6 months ago
Matt Jankowski 980034e2e1
Fix `Style/NilLambda` cop in paperclip initializer (#30695) 7 months ago
Matt Jankowski 0e1110c947
Use `SECRET_KEY_BASE_DUMMY` feature as placeholder during asset compilation (#30505) 7 months ago
Matt Jankowski 0cf91213c9
Opt in to remaining Rails 7.1 defaults (#30332)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
7 months ago
Claire 80cd001e0a
Fix linting issue (#30595) 7 months ago
Isa S 773283ffb9
Make S3's retry limit a ENV variable (#23215) 7 months ago
Victor Dyotte 299ae9bf92
Add `S3_KEY_PREFIX` environment variable (#30181) 7 months ago
Emelia Smith e02d23b549
Change `read:me` scope to `profile` scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
7 months ago
Eugen Rochko 5f15a892fa
Add support for libvips in addition to ImageMagick (#30090)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
7 months ago
Matt Jankowski 4d3748ac44
Fix rack attack `match_type` value typo in logging config (#30514) 7 months ago
Matt Jankowski a22865a352
Add `:email` to filter parameter logging config (#30492) 7 months ago
Claire 73a78cc19d
Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) 7 months ago
Claire 3fa0dd0b88
Merge pull request from GHSA-c2r5-cfqr-c553
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
7 months ago
Claire 16249946ae
Merge pull request from GHSA-q3rg-xx5v-4mxh 7 months ago
Emelia Smith d20a5c3ec9
Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
7 months ago
Nick Schonning 87156f57b5
Enable Style/StringConcatenation (#30428) 7 months ago
Renaud Chaput acc77c3836
Add instrumentation to the search services (#30350) 7 months ago
Renaud Chaput 9658d3e580
Use the job class as span name for Sidekiq root spans (#30353) 7 months ago