gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
19037 commits 22 branches 90 tags 309 MiB
Commit graph

2306 commits

Author SHA1 Message Date
Claire
5d2f763f47 Merge pull request from GHSA-jhrq-qvrm-qr36 
* Fix insufficient Content-Type checking of fetched ActivityStreams objects

* Allow JSON-LD documents with multiple profiles
 2024-02-16 20:28:30 +09:00
Claire
ceff4265e1 Fix user creation failure handling in OAuth paths (#29207) 2024-02-15 08:55:35 +09:00
Claire
d9abcc61ff Fix OmniAuth tests (#29201) 2024-02-15 08:51:52 +09:00
Claire
a6997fab01 Merge pull request from GHSA-vm39-j3vx-pch3 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
 2024-02-15 08:33:55 +09:00
Emelia Smith
d5e14b2865 Merge pull request from GHSA-7w3c-p9j8-mq3x 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-02-15 08:33:46 +09:00
Emelia Smith
7c3c2d2444 Disable administrative doorkeeper routes (#29187) 2024-02-15 08:33:03 +09:00
KMY(雪あすか)
6f66145f9d Fix: リモートアカウント情報のNgWord検査でNULLが出る問題 (#541) 
* Fix: リモートアカウント情報のNgWord検査でNULLが出る問題

* Add test
 2024-02-15 08:17:13 +09:00
KMY
76cf23dfd6 Fix: リモートからの参照を無限に受け入れる問題 2024-02-02 09:18:36 +09:00
Claire
23faeafe42 Merge pull request from GHSA-3fjr-858r-92rw 
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
 2024-02-02 07:37:05 +09:00
Claire
1225c22810 Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-25 08:02:44 +09:00
Claire
8c23a8aa2b Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-25 08:00:45 +09:00
Claire
2338fc4aec Fix potential redirection loop of streaming endpoint (#28665) 2024-01-25 08:00:20 +09:00
MitarashiDango
f40e951d29 Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-25 07:56:50 +09:00
KMY
7d9d2e2e86 Fix test 2024-01-24 21:41:48 +09:00
KMY
d87a11bc7d Add: Misskeyに相互限定投稿を配送しないオプション 2024-01-24 20:38:19 +09:00
KMY(雪あすか)
201fd37bc3 Fix: ドメインブロックがOutboxにおいて動作しない問題 (#491) 2024-01-24 20:38:19 +09:00
KMY(雪あすか)
65cc1273aa Fix: 投稿ではないリンクを参照したときにリンクプレビューが生成されない問題 (#482) 2024-01-19 08:24:45 +09:00
KMY(雪あすか)
8cd1d7e5d0 Remove: #454 リンクプレビューを生成する設定の削除、無効化 (#458) 2024-01-19 08:24:45 +09:00
KMY(雪あすか)
407a53aa33
Remove: メディアを配送しない設定の削除 (#445) 2024-01-11 09:16:59 +09:00
KMY(雪あすか)
92a16218c9
Remove: #372 削除予定のドメインブロック項目をいったん削除 (#444) 
* Remove: #372 削除予定のドメインブロック項目をいったん削除

* Fix test
 2024-01-10 19:04:49 +09:00
KMY(雪あすか)
dc73c30d2d
Fix: #442 カスタム絵文字のaliasesにnullが入る場合がある (#443) 
* Fix: #442 カスタム絵文字のaliasesにnullが入る場合がある

* Fix test

* WebのほうにもNULLチェックを追加

* ローカルのエイリアス名を編集するところもついでにスリムに
 2024-01-10 09:43:56 +09:00
KMY(雪あすか)
650d40cb24
Remove: SidekiqHealthScheduler (#441) 2024-01-09 20:44:19 +09:00
KMY(雪あすか)
7694c62bc6
Add: #437 ドメインブロックで「未ログインユーザーに非公開」の設定を「非公開」にコピーするマイグレーションコード (#439) 
* Add: #437 ドメインブロックで「未ログインユーザーに非公開」の設定を「非公開」にコピーするマイグレーションコード

* Fix test for LTS

* Fix test
 2024-01-09 16:19:23 +09:00
KMY(雪あすか)
ecf6f31ecd
Remove: #429 ドメインブロックの「未ログインユーザーに非公開にする」オプション (#430) 2024-01-07 16:23:19 +09:00
KMY
a0a3d1b101 Merge remote-tracking branch 'parent/main' into upstream-20230105 2024-01-05 10:01:36 +09:00
Matt Jankowski
964a0ecf37
Add sleep statement to nudge thread scheduler in request pool spec (#28596) 2024-01-04 16:55:00 +00:00
Matt Jankowski
f06c1f1552
Fix Capybara/ClickLinkOrButtonStyle cop in spec/features (#28576) 2024-01-04 09:20:32 +00:00
Claire
dfdadb92e8
Add ability to require approval when users sign up using specific email domains (#28468) 2024-01-04 09:07:05 +00:00
KMY(雪あすか)
98753287ac
Fix: アンテナに登録された投稿がアンテナ削除時Redisから削除されない問題 (#417) 
* Fix: アンテナに登録された投稿がRedisから削除されない問題

* Fix test

* Tootctlに変更

* 処理を共通化
 2024-01-04 15:28:22 +09:00
Matt Jankowski
f92d8c654d
Standardize on Thor methods in CLI classes (#28566) 2024-01-03 15:08:08 +00:00
Matt Jankowski
5c769de096
Add spec coverage for CLI::Media#remove_orphans command (#28267) 2024-01-03 14:12:56 +00:00
Matt Jankowski
74a0d81e90
Add coverage for CLI self-destruct command (#28565) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-03 13:06:38 +00:00
Claire
092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-03 11:29:26 +00:00
Claire
bd415af9a1
Change streaming API host to not be overridden to localhost in development mode (#28557) 2024-01-03 10:23:58 +00:00
KMY
4355dfc64f Merge remote-tracking branch 'parent/main' into upstream-20231225 2023-12-25 09:59:33 +09:00
Claire
a2624ff739
Convert signature verification specs to request specs (#28443) 2023-12-22 18:56:22 +00:00
Matt Jankowski
bb8077e784
Fix RSpec/LetSetup cop in models/account_status_cleanup_policy (#28470) 2023-12-22 15:29:50 +00:00
Claire
2bf84b93d4
Fix media attachment order of remote posts (#28469) 2023-12-22 15:10:39 +00:00
Matt Jankowski
a4d49c236d
Fix RSpec/LetSetup cop in ap/fetch_featured_collection_service (#28461) 2023-12-22 12:57:29 +00:00
Matt Jankowski
e6e217fedd
Clean up tagged_with_* Status specs, fix RSpec/LetSetup cop (#28462) 2023-12-22 08:32:27 +00:00
Matt Jankowski
513d35969e
Fix RSpec/LetSetup cop in auth controller specs (#28464) 2023-12-22 08:03:59 +00:00
Matt Jankowski
9251779d75
Fix RSpec/LetSetup cop in spec/services (#28459) 2023-12-21 14:23:53 +00:00
Matt Jankowski
efd16f3c2c
Clean up of RSpec/LetSetup within spec/services/activitypub (#28445) 2023-12-21 11:20:12 +00:00
Matt Jankowski
c99f88e1a8
Clean up of RSpec/LetSetup within spec/lib (#28447) 2023-12-21 11:19:56 +00:00
Matt Jankowski
cd64a5b2ec
Clean up of RSpec/LetSetup within api/ (#28448) 2023-12-21 10:10:18 +00:00
Matt Jankowski
f32d672d2f
Clean up of RSpec/LetSetup within spec/controllers (#28446) 2023-12-21 09:28:41 +00:00
Matt Jankowski
c753b1ad35
Clean up of RSpec/LetSetup within spec/models (#28444) 2023-12-21 09:18:38 +00:00
Matt Jankowski
2463b53363
More duplicates in cli maintenance spec, misc bug fixes (#28449) 2023-12-21 08:51:03 +00:00
KMY(雪あすか)
789afccf9b
Change: 時限投稿はフォロワー以外にはActivityを発行しない (#250) 
* Change: 時限投稿はフォロワー以外にはActivityを発行しない

* Fix: ドメイン単位の認証になるように

* Add test and fix

* Fix lint

* Fix test

* Fix test

* Revert "Fix test"

This reverts commit 22f1114b7f.

* Revert "Fix lint"

This reverts commit a828efa9be.

* Revert "Revert "Fix lint""

This reverts commit 6a2d68f28a.

* Revert "Revert "Fix test""

This reverts commit a21c0b9d3e.
 2023-12-21 11:21:33 +09:00
KMY
a6b57e3890 Merge remote-tracking branch 'parent/main' into upstream-20231221 2023-12-21 08:37:12 +09:00