aiden
/
mastodon
mirror of https://github.com/mastodon/mastodon
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,776 Commits
139 Branches
269 Tags
1012 MiB
renovate/ruby-3.x
i18n/crowdin/translations
renovate/docker.io-ruby-3.x
renovate/ox-2.x-lockfile
renovate/rubocop-(non-major)
renovate/nokogiri-1.x-lockfile
renovate/eslint-(non-major)
renovate/rack-test-2.x-lockfile
renovate/pino-9.x-lockfile
renovate/csv-3.x-lockfile
main
feat/fasp
renovate/definitelytyped-types-(non-major)
features/numeric-identifiers
renovate/omniauth-packages
renovate/major-react-monorepo
fixes/notification-trailing-groups
renovate/reduxjs-toolkit-2.x-lockfile
renovate/webpush-digest
feature-streaming-profile
renovate/formatjs-monorepo
feature-starter-packs
refactor-status-content-typescript
renovate/glob-11.x
renovate/react-test-renderer-19.x
fixes/embed-requestAnimationFrame
renovate/immutable-5.x
stable-4.3
stable-4.1
stable-4.2
renovate/net-http-0.x
renovate/major-formatjs-monorepo
features/lock-icon-on-hover-card
renovate/typescript-5.x-lockfile
feature-language-dropdown-warning
feature-admin-report-forward
feature-reports-batch-actions
fix-admin-dashboard-slow
fix-future-date-trend
redesign/content-warning-filters-4.3
fixes/filtered-follows
remove/trendable-provider-attribution
activitypub/summary-over-name
build-stable-nightly
fixes/notification-excerpt-paragraph
fixes/mastodon-setup-task-redis
fixes/out-of-order-private-posts
fixes/regexp-timeout-optional
fixes/small-otp-secret-length-4.1
fixes/small-otp-secret-length-4.2
fixes/dashboard-quick-access-overflow
fixes/middle-column-size
fix-context-socialweb-miscellany
cleanup/remove-old-notifications
fixes/detect-missing-indexes2
cleanup/simplify-css
feature-post-layout
features/media-description-in-embedded-status
design/notifications-grid
fix-lookup-domain
flaky-conversations-test
fixes/crash-orphaned-notification
fixes/report-links
features/filtered-dismiss-accept-all
feat/clean-up-notifications
fixes/everyone-role-n+1
redesign/notification-request
experimental/notification-groups-api-shape
fixes/thread-resolve-worker-skip_fetching
spike/resolve-urls-on-click
cleanup/drop-atomuri
fixes/dismissing-notification-requests-dismisses-too-much
revert-system-check
feature-redirect
fix-unusable-hashtag
tests/flaky-tests-performance-logs
feature-grouped-notifications-ui
drop-redis-below-6.2
fix-mute-buttons
features/local-preview-cards-2nd-take
fix-conversations-background
revert-severed-relationships-feature
features/local-preview-cards
stable-3.5
stable-4.0
stable-3.4
releases/v3.5.17
releases/v4.1.13
releases/v4.2.5
version/v4.3.0-alpha.1
fix/build-env
feature-color-scheme
revert/follow-back-mutual
gh-readonly-queue/main/pr-28626-1ad908e0c08c236389967d86b4f238f428de9fef
fixes/per-user-authorized-fetch
fixes/import-many-follows-overlap
fix-web-thread-sort
test-new-container-build
fixes/24px-icons
features/registration-invite-api
fixes/service-worker-caching
fixes/account-refresh-link-verification
feature-like
tests/introduce-error
fixes/lint-fix
fixes/object-has-own-polyfill
fixes/audio-passthrough
fixes/audit-log-external-confirmation
features/banners
refactor/search-query-parser
remove-profile-directory
redesign/notification-settings
feature-separate-hashtags
fixes/self-destruct-throttle
fixes/subdomain-block-4.1.6
redesign/hashtag-column-follow-button
feature-trend-highlights
revert-23460-fixes/activitypub-hashtag
pg15
prevent-unauthenticated-access-tag-timeline
support-rich-oembed
fix-caniuselite-lockfile
track_unsalvageable_errors
add-publish-button-text-site-setting
nolan/button-a11y
i18n/manage-translations
deps/shakapacker
rubocop-fixes
react18
stable-3.3
stable-3.2
stable-3.1
stable-3.0
stable-2.9
stable-2.8
stable-2.7
stable-2.5
stable-2.6
stable-2.4
v0.1.2
v0.1.1
v0.1.0
v0.6
v0.7
v0.8
v0.9
v0.9.9
v1.0
v1.1
v1.1.1
v1.1.2
v1.2
v1.2.1
v1.2.2
v1.3
v1.3.1
v1.3.2
v1.3.3
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.4.6
v1.4.7
v1.4rc1
v1.4rc2
v1.4rc3
v1.4rc4
v1.4rc5
v1.4rc6
v1.5.0
v1.5.0rc1
v1.5.0rc2
v1.5.0rc3
v1.5.1
v1.6.0
v1.6.0rc1
v1.6.0rc2
v1.6.0rc3
v1.6.0rc4
v1.6.0rc5
v1.6.1
v2.0.0
v2.0.0rc1
v2.0.0rc2
v2.0.0rc3
v2.0.0rc4
v2.1.0
v2.1.0rc1
v2.1.0rc2
v2.1.0rc3
v2.1.0rc4
v2.1.0rc5
v2.1.0rc6
v2.1.1
v2.1.2
v2.1.3
v2.2.0
v2.2.0rc1
v2.2.0rc2
v2.3.0
v2.3.0rc1
v2.3.0rc2
v2.3.0rc3
v2.3.1
v2.3.1rc1
v2.3.1rc2
v2.3.1rc3
v2.3.2
v2.3.2rc1
v2.3.2rc2
v2.3.2rc3
v2.3.2rc4
v2.3.2rc5
v2.3.3
v2.4.0
v2.4.0rc1
v2.4.0rc2
v2.4.0rc3
v2.4.0rc4
v2.4.0rc5
v2.4.1
v2.4.1rc1
v2.4.1rc2
v2.4.1rc3
v2.4.1rc4
v2.4.2
v2.4.2rc1
v2.4.2rc2
v2.4.2rc3
v2.4.3
v2.4.3rc1
v2.4.3rc2
v2.4.3rc3
v2.4.4
v2.4.5
v2.5.0
v2.5.0rc1
v2.5.0rc2
v2.5.1
v2.5.2
v2.6.0
v2.6.0rc1
v2.6.0rc2
v2.6.0rc3
v2.6.0rc4
v2.6.1
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.7.0
v2.7.0rc1
v2.7.0rc2
v2.7.0rc3
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.8.0
v2.8.0rc1
v2.8.0rc2
v2.8.0rc3
v2.8.1
v2.8.2
v2.8.3
v2.8.4
v2.9.0
v2.9.0rc1
v2.9.0rc2
v2.9.1
v2.9.2
v2.9.3
v2.9.4
v3.0.0
v3.0.0rc1
v3.0.0rc2
v3.0.0rc3
v3.0.1
v3.0.2
v3.1.0
v3.1.0rc1
v3.1.0rc2
v3.1.1
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.2.0
v3.2.0rc1
v3.2.0rc2
v3.2.1
v3.2.2
v3.3.0
v3.3.0rc1
v3.3.0rc2
v3.3.0rc3
v3.3.1
v3.3.2
v3.3.3
v3.4.0
v3.4.0rc1
v3.4.0rc2
v3.4.1
v3.4.10
v3.4.2
v3.4.3
v3.4.4
v3.4.5
v3.4.6
v3.4.7
v3.4.8
v3.4.9
v3.5.0
v3.5.0rc1
v3.5.0rc2
v3.5.0rc3
v3.5.1
v3.5.10
v3.5.11
v3.5.12
v3.5.13
v3.5.14
v3.5.15
v3.5.16
v3.5.17
v3.5.18
v3.5.19
v3.5.2
v3.5.3
v3.5.4
v3.5.5
v3.5.6
v3.5.7
v3.5.8
v3.5.9
v4.0.0
v4.0.0rc1
v4.0.0rc2
v4.0.0rc3
v4.0.0rc4
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.1.0
v4.1.0rc1
v4.1.0rc2
v4.1.0rc3
v4.1.1
v4.1.10
v4.1.11
v4.1.12
v4.1.13
v4.1.14
v4.1.15
v4.1.16
v4.1.17
v4.1.18
v4.1.19
v4.1.2
v4.1.20
v4.1.21
v4.1.3
v4.1.4
v4.1.5
v4.1.6
v4.1.7
v4.1.8
v4.1.9
v4.2.0
v4.2.0-beta1
v4.2.0-beta2
v4.2.0-beta3
v4.2.0-rc1
v4.2.0-rc2
v4.2.1
v4.2.10
v4.2.11
v4.2.12
v4.2.13
v4.2.14
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.2.9
v4.3.0
v4.3.0-beta.1
v4.3.0-beta.2
v4.3.0-rc.1
v4.3.1
v4.3.2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd58173e45b'
${ noResults }
Commit Graph

113 Commits (d58173e45bf0fdf5a6015d40eb88c313a3d99e5c)

Author SHA1 Message Date
Matt Jankowski 7420f59f76
Add `maxlength` to registration reason input (#33162) 3 weeks ago
Eugen Rochko 986a3676d3
Change server rules to be collapsible (#33039) 4 weeks ago
Matt Jankowski e02e88bff4
Use previously extracted model constants in form `maxlength` attributes (#32113) 3 months ago
Matt Jankowski fa2e7b1708
Migrate fontawesome->material in more views (#31360) 4 months ago
Matt Jankowski 71405eabfc
Use material symbols in table link helper (#31359) 4 months ago
Michael Stanclift 8b7f93cc7f
Recolor Preferences/Admin UI to better match main design (#31034) 5 months ago
Matt Jankowski 8d5ed19c6d
Migrate `form_tag` to `form_with` in admin and auth views (#30692) 7 months ago
Matt Jankowski 249cbc449c
Use existing config access to `local_domain` value (#30509) 7 months ago
Eugen Rochko 5b3a8737d6
Add hints for rules (#29539) 10 months ago
Matt Jankowski eed4eef39a
Fix `LineLength` haml-lint in `app/views/auth` area (#28664) 12 months ago
Claire 49b8433c56
Fix confusing screen when visiting a confirmation link for an already-confirmed email (#27368) 1 year ago
Matt Jankowski 70dbf84b9b
Solve simplest haml-lint `Rubocop` lints (#27529) 1 year ago
Matt Jankowski c926f5fd67
Fix haml-lint `UnnecessaryStringOutput` for views (#27531) 1 year ago
Matt Jankowski e923bb9ec9
Use `ENV.fetch` in views, fixes rubocop haml-lint issue (#27527) 1 year ago
Claire 379115e601
Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 1 year ago
Matt Jankowski d4c2dca874
Fix haml-lint `InstanceVariables` rule for auth/sessions/two_factor/o… (#27372) 1 year ago
Matt Jankowski f9abe700e7
Fix haml-lint `InstanceVariables` rule for auth/registrations/status (#27341) 1 year ago
Matt Jankowski e715da6d25
Fix haml-lint Rubocop `Rails/*` cops (#26042) 1 year ago
Eugen Rochko 2f932cb2bb
Add client-side timeout on resend confirmation button (#26300) 1 year ago
Matt Jankowski 6657695ec6
Fix haml-lint `InstanceVariables` rule for auth/registrations/edit (#26061) 1 year ago
Eugen Rochko 39110d1d0a
Fix CAPTCHA page not following design pattern of sign-up flow (#25395) 2 years ago
Claire 0766c9a631
Add card with who invited you to join when displaying rules on sign-up (#23475) 2 years ago
Claire 2a61f14753
Fix account confirmation flow not returning to app after captcha validation (#25057) 2 years ago
Claire bec6a1cad4
Add hCaptcha support (#25019) 2 years ago
Claire e60414792d
Add polling and automatic redirection to `/start` on email confirmation (#25013) 2 years ago
Eugen Rochko 2b0f1f365a
Remove display name input from sign-up form (#24704) 2 years ago
Matt Jankowski 0a5f0a8b20
Remove instance variables from helper usage (#24203) 2 years ago
Eugen Rochko e5c0b16735
Add progress indicator to sign-up flow (#24545) 2 years ago
CSDUMMI d75a1e5054
Link to the Identity provider's account settings from the account settings (#24100) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2 years ago
Nick Schonning 65669d3c57
Fix more haml-lint Rubocop (#24107) 2 years ago
Nick Schonning 75131e7bf7
Setup haml-lint CI with todo config (#23524) 2 years ago
Claire dd58db64d8
Change email address input to be disabled for logged-in users when requesting a new confirmation e-mail (#23247) 
Fixes #23093
 2 years ago
Claire bbc49f15e0
Add explanation text to log-in page (#20946) 2 years ago
Rose 4f15fd0ba1
Fix style for hashes (#20518) 
* Fix style for hashes

Make the style for hashes consistent.

* New style

More consistency
 2 years ago
Claire 9f4930ec11
Add password autocomplete hints (#20071) 
Fixes #20067

Our password autocomplete hints were “off” but that does not prevent current
browsers from trying to autocomplete them anyway, so use `current-password` and
`new-password` so they don't put a newly-generated password in a password
confirmation prompt, or the old password for a password renewal prompt.
 2 years ago
Chris Rose a70e2cd649
Tag the OTP field with autocomplete for password managers (#19946) 
This is modeled on #19833, and based on the attribute values documented
in https://developer.apple.com/documentation/security/password_autofill/enabling_password_autofill_on_an_html_input_element?language=objc
 2 years ago
rcombs e53fc34e9a
Set autocomplete attr for email field on signup page (#19833) 
The email address will be used as the "username" for sign-in purposes, so it's the value that should be stored in password managers. We can inform the password manager of this by setting `autocomplete="email"`. Without this hint, password managers may instead store the `username` field, which isn't valid for sign-in (this happens with iCloud Keychain in Safari, for instance).
 2 years ago
Claire a529d6d93e
Fix invites (#19560) 
Fixes #19507

Fix regression from #19296
 2 years ago
Eugen Rochko 93f340a4bf
Remove setting that disables account deletes (#17683) 2 years ago
Eugen Rochko 679274465b
Add server rules to sign-up flow (#19296) 2 years ago
Eugen Rochko 6221b36b27
Remove sign-in token authentication, instead send e-mail about new sign-in (#17970) 3 years ago
Eugen Rochko 392b367835
Fix IDN domains not being rendered correctly in a few left-over places (#17848) 3 years ago
Claire 14919fe11e
Change old moderation strikes to be displayed in a separate page (#17566) 
* Change old moderation strikes to be displayed in a separate page

Fixes #17552

This changes the moderation strikes displayed on `/auth/edit` to be those from
the past 3 months, and make all moderation strikes targeting the current user
available in `/disputes`.

* Add short description of what the strikes page is for

* Move link to list of strikes to “Account status” instead of navigation item

* Normalize i18n file

* Fix layout and styling of strikes link

* Revert highlights_on regexp

* Reintroduce account status summary

- this way, “Account status” is never empty
- account status is not necessarily bound to strikes, or recent strikes
 3 years ago
Eugen Rochko 564efd0651
Add appeals (#17364) 
* Add appeals

* Add ability to reject appeals and ability to browse pending appeals in admin UI

* Add strikes to account page in settings

* Various fixes and improvements

- Add separate notification setting for appeals, separate from reports
- Fix style of links in report/strike header
- Change approving an appeal to not restore statuses (due to federation complexities)
- Change style of successfully appealed strikes on account settings page
- Change account settings page to only show unappealed or recently appealed strikes

* Change appealed_at to overruled_at

* Fix missing method error
 3 years ago
Claire bddd9ba36d
Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN

Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.

* Add OMNIAUTH_ONLY environment variable to enforce external log-in only

* Disable user registration when OMNIAUTH_ONLY is set to true

* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
 3 years ago
Eugen Rochko d174d12c83
Add authentication history (#16408) 4 years ago
ThibG 47e507fa61
Add ability to require invite request text (#15326) 
Fixes #15273

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 4 years ago
ThibG 49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276) 
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 4 years ago
Eugen Rochko 13b07b88f1
Fix omniauth (SAML/CAS) sign-in routes not having CSRF protection (#15228) 4 years ago
Eugen Rochko 9b1f2a4b61
Add subresource integrity for JS and CSS assets (#15096) 
Fix #2744
 4 years ago