Commit Graph

1334 Commits (90beba57d8d034adc2dd1022f709db2157ea7838)

Author SHA1 Message Date
Claire b0bf6216e6
Fix /api/v1/instance/domain_blocks being unconditionally cached ()
Claire 62ab7506d6
Fix /actor needlessly reading session cookie and varying on Signature ()
Claire 1419f90ef2
Fix some user-independent endpoints potentially reading session cookies ()
Claire 276c39361b
Fix anonymous visitors getting a session cookie on first visit ()
Eugen Rochko 6084461cd0
Change unauthenticated responses to be cached in REST API ()
Claire e9a79d46cd
Fix crash when SSO_ACCOUNT_SETTINGS is not defined ()
Matt Jankowski 0a5f0a8b20
Remove instance variables from helper usage ()
Claire 58a1b2e330
Fix caching logic with regards to Accept-Language, Cookie, and Signature ()
Eugen Rochko e98c86050a
Refactor `Cache-Control` and `Vary` definitions ()
Robert R George 4db8230194
Add trend management to admin API ()
Eugen Rochko e5c0b16735
Add progress indicator to sign-up flow ()
Matt Jankowski d193bc8c5c
Remove unused methods in 2FA OTP Auth Controller ()
Claire 9d08b81193
Fix user archive takeouts when using OpenStack Swift ()
Claire 280fa3b2c0
Fix invalid/expired invites being processed on sign-up ()
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way ()
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Claire e084b5b82d
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ()
Matt Jankowski 0663803348
Move link header setting to after_action ()
Matt Jankowski e633b26f4f
Add allow_other_host in redirects which may go outside app ()
Claire 2626097869
Fix Rails cache namespace being overriden with `v2` for cached statuses ()
Matt Jankowski 7bef11630d
Remove references to non-existent actions ()
Jean byroot Boussier 160f38f03d
Workaround the ActiveRecord / Marshal serialization bug on Ruby 3.2 ()
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
CSDUMMI d75a1e5054
Link to the Identity provider's account settings from the account settings ()
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Eugen Rochko 75e5a6e437
Change user backups to use expiring URLs for download when possible ()
Christian Schmidt bd047acc35
Replace `Status#translatable?` with language matrix in separate endpoint ()
Nick Schonning 25d36b6edd
Autofix Rubocop Style/RedundantArgument ()
Claire a232a1feb8
Fix misleading error code when receiving invalid WebAuthn credentials ()
CSDUMMI 39c7236649
Redirect users to SLO at the IdP after logging them out of Mastodon. ()
CSDUMMI d258ec8e3b
Prefer the stored location as after_sign_in_path in Omniauth Callback Controller ()
Claire f8bb4d0d6b
Fix server error when failing to follow back followers from `/relationships` ()
Claire c2a046ded1
Fix “Remove all followers from the selected domains” being more destructive than it claims ()
Nick Schonning 434770f580
Autofix Rubocop Rails/FindById ()
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules ()
Nick Schonning aef0051fd0
Enable Rubocop HTTP status rules ()
Nick Schonning 2177daeae9
Autofix Rubocop Style/RedundantBegin ()
Nick Schonning c38bd17657
Autofix Rubocop Style/TrailingCommaInArguments ()
Nick Schonning e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier ()
Nick Schonning a6f77aa28a
Autofix Rubocop Lint/AmbiguousOperatorPrecedence ()
Claire d6930b3847
Add API parameter to safeguard unexpect mentions in new posts ()
Claire 832595d1e7
Remove posts count and last posts from ActivityPub representation of hashtag collections ()
Nick Schonning f68bb52556
Apply Rubocop Style/NegatedIfElseCondition ()
Nick Schonning 2e652aa81c
Apply Rubocop Performance/RedundantSplitRegexpArgument ()
* Apply Rubocop Performance/RedundantSplitRegexpArgument

* Update app/controllers/concerns/signature_verification.rb
Claire 20a479ff7c
Change `POST /settings/applications/:id` to regenerate token on scopes change ()
Fixes 
Eugen Rochko 21780c0204
Change notifications per page from 15 to 40 in REST API ()
Claire 68dcbcb7bf
Add more specific error messages to HTTP signature verification ()
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
Claire 343e1fe8e9
Add confirmation screen when handling reports ()
* Add confirmation screen on moderation actions

* Add flash notice when a report has been processed

* Refactor tests

* Add tests
Claire 4b92e59f4f
Add support for editing media description and focus point of already-posted statuses ()
* Add backend support for editing media attachments of existing posts

* Allow editing media attachments of already-posted toots

* Add tests
Claire b034dc42be
Fix /api/v1/admin/trends/tags using wrong serializer ()
* Fix /api/v1/admin/trends/tags using wrong serializer

Fix regression from 

* Only use `REST::Admin::TagSerializer` when the user can `manage_taxonomies`

* Fix admin trending hashtag component to not link if `id` is unknown
Claire fcc4c9b34a
Change domain block CSV parsing to be more robust and handle more lists ()
* Change domain block CSV parsing to be more robust and handle more lists

* Add some tests

* Improve domain block import validation and reporting
Carl Schwan f33e22ae4c
Allow changing hide_collections setting with the api ()
* Allow changing hide_collections setting with the api

This is currently only possible with app/controllers/settings/profiles_controller.rb
and is the only difference in the allowed parameter between the two controllers

* Fix the lint issue

* Use normal indent
Claire aefefc74c4
Change referrer-policy to no-referrer application-wide ()