asonix/mastodon
1
1
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity
15190 commits 36 branches 245 tags 214 MiB
Commit graph

430 commits

Author SHA1 Message Date
Emelia Smith 6d43b63275 Disable administrative doorkeeper routes (#29187) 2024-02-14 11:03:21 +01:00
Claire ef149674f0 Change Content-Security-Policy to be tighter on media paths (#26889) 2023-12-04 15:28:15 +01:00
Claire 8acc75435b
Change S3 checksum mode to be disabled by default (#27007) 2023-09-21 14:00:51 +02:00
Claire a04ae16201
Fix CSP when using ONE_CLICK_SSO_LOGIN (#26901) 2023-09-13 19:54:04 +02:00
CSDUMMI 9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857) 2023-09-12 13:04:51 +02:00
Christian Schmidt ea31929776
Fix invalid Content-Type header for WebP images (#26773) 2023-09-04 09:46:33 +02:00
Claire 9e26cd5503
Add authorized_fetch server setting in addition to env var (#25798) 2023-09-01 15:41:10 +02:00
Christian Schmidt 286a21afdc
Support webpacker live-reloading on Docker (#26419) 2023-08-29 10:17:57 +02:00
Renaud Chaput b95867ad1f
Allow setting a custom HTTP method in CacheBuster (#26528) 
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
 2023-08-18 08:18:40 +02:00
Claire dd049fc37a
Fix ES_PRESET not being applied to Chewy's internal index (#26489) 2023-08-14 19:00:56 +02:00
Claire f5778caa3a
Add ES_PRESET option to customize numbers of shards and replicas (#26483) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-08-14 17:46:16 +02:00
Claire 4bc0dd751c
Add S3_DISABLE_CHECKSUM_MODE environment variable for compatibility with some S3-compatible providers (#26435) 2023-08-10 14:15:18 +02:00
Claire 12c43e4ab5
Re-add StatsD support through the nsa gem (#26310) 2023-08-03 20:28:14 +02:00
Emelia Smith e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
Matt Jankowski ad81be6c8e
Update rubocop rules for linelength (#26190) 2023-07-28 23:11:45 +02:00
Matt Jankowski bada7a65aa
Ignore long line in regex initializer (#26182) 2023-07-26 09:45:27 +02:00
Claire e5f1000ad1
Fix CSP headers being unintendedly wide (#26105) 2023-07-21 13:34:15 +02:00
Claire 934c7b33d1
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades (#26023) 2023-07-21 13:17:43 +02:00
Misty De Méo b848ba3867
Paperclip: add support for Azure blob storage (#23607) 2023-07-19 09:02:49 +02:00
Matt Jankowski ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Matt Jankowski 2e1391fdd2
Fix Naming/MemoizedInstanceVariableName cop (#25928) 2023-07-12 10:08:51 +02:00
Nick Schonning 1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Kurtis Rainbolt-Greene e4cfe4b3db
First pass at multi-database for read replica using Rails native adapter (#25693) 
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
 2023-07-08 19:45:36 +02:00
Claire dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Eugen Rochko ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski 50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Claire f378f10404
Fix compatibility of recent migration with PostgreSQL 10 (#25324) 2023-06-07 01:53:50 +02:00
Nick Schonning c66250abf1
Autofix Rubocop Regex Style rules (#23690) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-06-06 14:50:51 +02:00
Claire e428670e61
Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-06-05 17:35:05 +02:00
Matt Jankowski e49819142f
Remove unmaintained nsa gem (#25265) 2023-06-05 01:57:05 +02:00
Claire 94329f28e1
Change wording of “Content cache retention period” setting to highlight destructive implications (#23261) 2023-06-02 18:09:08 +02:00
Renaud Chaput 942d850b0a
Allow carets in URL search params (#25216) 2023-06-01 12:14:49 +02:00
Nick Schonning c0b9664a31
Autofix Rubocop spacing in config (#25022) 2023-05-22 13:17:56 +02:00
Nick Schonning cee4369cf5
Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#25002) 2023-05-16 10:51:59 +02:00
Matt Jankowski d9a958fcf7
Fix Performance/RedundantMerge cop (#24817) 2023-05-04 05:25:43 +02:00
Matt Jankowski d902a707a3
Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
Matt Jankowski 5a2aa06a51
Fix Rails/Present cop (#24688) 2023-04-30 06:47:50 +02:00
Nick Schonning 49fad26eca
Drop EOL Ruby 2.7 (#24237) 2023-04-27 01:46:18 +02:00
Nick Schonning 4687967176
Autofix Rubocop Style/NumericLiterals (#24468) 2023-04-23 22:30:07 +02:00
Claire 5c499f54e3
Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-03 15:05:39 +02:00
Nick Schonning 500d6f93be
Autofix Rubocop Style/IdenticalConditionalBranches (#24322) 2023-03-31 09:33:52 +02:00
Eugen Rochko a9b5598c97
Change user settings to be stored in a more optimal way (#23630) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2023-03-30 14:44:00 +02:00
Claire e084b5b82d
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
Claire f432db7b9f
Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-12 23:47:55 +01:00
Jean byroot Boussier 922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616) 
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
 2023-03-04 16:38:28 +01:00
Jamie Hoyle de137e6bb0
Added support for specifying S3 storage classes in environment (#22480) 2023-03-03 20:53:37 +01:00
Eugen Rochko c6ef56fd5e
Change rate limits to 1,500/5m per user, 300/5m per app (#23347) 2023-02-02 00:07:49 +01:00
luzpaz 596923da4a
Fix typos in source documentation (#21046) 
Fixed 2 source comment/documentation typos
 2022-12-15 15:57:26 +01:00
Claire d587a268fd
Add logging for Rails cache timeouts (#21667) 
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds

* Log cache store errors
 2022-11-27 20:37:37 +01:00
Claire 7955d4b959
Add form-action CSP directive (#20781) 2022-11-17 10:55:03 +01:00