Merge commit '82e477b184b5666fff7fb55933dce22ca2925db8' into glitch-soc/merge-upstream

Conflicts: - `db/migrate/20180831171112_create_bookmarks.rb`: Upstream ran a lint fix on this file, but this file is different in glitch-soc because the feature was added much earlier. Ran the lint fix on our own version of the file.
2023-07-12 16:03:05 +02:00
parent ec95f62cb4 82e477b184
commit 9ae60f8738
458 changed files with 1117 additions and 853 deletions
--- a/config/application.rb
+++ b/config/application.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative 'boot'

 require 'rails'
@@ -194,10 +196,10 @@ module Mastodon
    config.to_prepare do
      Doorkeeper::AuthorizationsController.layout 'modal'
      Doorkeeper::AuthorizedApplicationsController.layout 'admin'
-      Doorkeeper::Application.send :include, ApplicationExtension
-      Doorkeeper::AccessToken.send :include, AccessTokenExtension
-      Devise::FailureApp.send :include, AbstractController::Callbacks
-      Devise::FailureApp.send :include, Localized
+      Doorkeeper::Application.include ApplicationExtension
+      Doorkeeper::AccessToken.include AccessTokenExtension
+      Devise::FailureApp.include AbstractController::Callbacks
+      Devise::FailureApp.include Localized
    end
  end
 end
--- a/config/boot.rb
+++ b/config/boot.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 unless ENV.key?('RAILS_ENV')
  STDERR.puts 'ERROR: Missing RAILS_ENV environment variable, please set it to "production", "development", or "test".'
  exit 1
--- a/config/brakeman.ignore
+++ b/config/brakeman.ignore
@@ -23,29 +23,6 @@
      ],
      "note": ""
    },
-    {
-      "warning_type": "SQL Injection",
-      "warning_code": 0,
-      "fingerprint": "30dfe36e87fe1b8f239df9a33d576e44a9863f73b680198d4713be6540ae61d3",
-      "check_name": "SQL",
-      "message": "Possible SQL injection",
-      "file": "app/models/trends/query.rb",
-      "line": 76,
-      "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
-      "code": "klass.joins(\"join unnest(array[#{ids.join(\",\")}]) with ordinality as x (id, ordering) on #{klass.table_name}.id = x.id\")",
-      "render_path": null,
-      "location": {
-        "type": "method",
-        "class": "Trends::Query",
-        "method": "to_arel"
-      },
-      "user_input": "ids.join(\",\")",
-      "confidence": "Weak",
-      "cwe_id": [
-        89
-      ],
-      "note": ""
-    },
    {
      "warning_type": "Cross-Site Scripting",
      "warning_code": 2,
@@ -79,29 +56,6 @@
      ],
      "note": ""
    },
-    {
-      "warning_type": "SQL Injection",
-      "warning_code": 0,
-      "fingerprint": "75fcd147b7611763ab6915faf8c5b0709e612b460f27c05c72d8b9bd0a6a77f8",
-      "check_name": "SQL",
-      "message": "Possible SQL injection",
-      "file": "lib/mastodon/snowflake.rb",
-      "line": 87,
-      "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
-      "code": "connection.execute(\"CREATE OR REPLACE FUNCTION timestamp_id(table_name text)\\nRETURNS bigint AS\\n$$\\n  DECLARE\\n    time_part bigint;\\n    sequence_base bigint;\\n    tail bigint;\\n  BEGIN\\n    time_part := (\\n      -- Get the time in milliseconds\\n      ((date_part('epoch', now()) * 1000))::bigint\\n      -- And shift it over two bytes\\n      << 16);\\n\\n    sequence_base := (\\n      'x' ||\\n      -- Take the first two bytes (four hex characters)\\n      substr(\\n        -- Of the MD5 hash of the data we documented\\n        md5(table_name || '#{SecureRandom.hex(16)}' || time_part::text),\\n        1, 4\\n      )\\n    -- And turn it into a bigint\\n    )::bit(16)::bigint;\\n\\n    -- Finally, add our sequence number to our base, and chop\\n    -- it to the last two bytes\\n    tail := (\\n      (sequence_base + nextval(table_name || '_id_seq'))\\n      & 65535);\\n\\n    -- Return the time part and the sequence part. OR appears\\n    -- faster here than addition, but they're equivalent:\\n    -- time_part has no trailing two bytes, and tail is only\\n    -- the last two bytes.\\n    RETURN time_part | tail;\\n  END\\n$$ LANGUAGE plpgsql VOLATILE;\\n\")",
-      "render_path": null,
-      "location": {
-        "type": "method",
-        "class": "Mastodon::Snowflake",
-        "method": "define_timestamp_id"
-      },
-      "user_input": "SecureRandom.hex(16)",
-      "confidence": "Medium",
-      "cwe_id": [
-        89
-      ],
-      "note": ""
-    },
    {
      "warning_type": "Denial of Service",
      "warning_code": 76,
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Load the Rails application.
 require_relative 'application'

--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Rails.application.configure do
  # Settings specified here will take precedence over those in config/application.rb.

--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Rails.application.configure do
  # Settings specified here will take precedence over those in config/application.rb.

--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Rails.application.configure do
  # Settings specified here will take precedence over those in config/application.rb.

--- a/config/initializers/0_post_deployment_migrations.rb
+++ b/config/initializers/0_post_deployment_migrations.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Post deployment migrations are included by default. This file must be loaded
 # before other initializers as Rails may otherwise memoize a list of migrations
 # excluding the post deployment migrations.
--- a/config/initializers/active_model_serializers.rb
+++ b/config/initializers/active_model_serializers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 ActiveModelSerializers.config.tap do |config|
  config.default_includes = '**'
 end
--- a/config/initializers/application_controller_renderer.rb
+++ b/config/initializers/application_controller_renderer.rb
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # Be sure to restart your server when you modify this file.

 # ActiveSupport::Reloader.to_prepare do
--- a/config/initializers/assets.rb
+++ b/config/initializers/assets.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 # Version of your assets, change this if you want to expire all your assets.
--- a/config/initializers/backtrace_silencers.rb
+++ b/config/initializers/backtrace_silencers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
--- a/config/initializers/cache_logging.rb
+++ b/config/initializers/cache_logging.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Log cache errors with Rail's logger
 # This used to be the default in old Rails versions: https://github.com/rails/rails/commit/7fcf8590e788cef8b64cc266f75931c418902ca9#diff-f0748f0be8a653eea13369ebb1cadabcad71ede7cfaf20282447e64329817befL86
 Rails.cache.logger = Rails.logger
--- a/config/initializers/chewy.rb
+++ b/config/initializers/chewy.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 enabled         = ENV['ES_ENABLED'] == 'true'
 host            = ENV.fetch('ES_HOST') { 'localhost' }
 port            = ENV.fetch('ES_PORT') { 9200 }
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Define an application-wide content security policy
 # For further information see the following documentation
 # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
--- a/config/initializers/cookies_serializer.rb
+++ b/config/initializers/cookies_serializer.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 # Specify a serializer for the signed and encrypted cookie jars.
--- a/config/initializers/cors.rb
+++ b/config/initializers/cors.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 # Avoid CORS issues when API is called from the frontend app.
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'devise/strategies/authenticatable'

 Warden::Manager.after_set_user except: :fetch do |user, warden|
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Doorkeeper.configure do
  # Change the ORM that doorkeeper will use (needs plugins)
  orm :active_record
--- a/config/initializers/fast_blank.rb
+++ b/config/initializers/fast_blank.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 if String.method_defined?(:blank_as?)
  class String
    alias blank? blank_as?
--- a/config/initializers/ffmpeg.rb
+++ b/config/initializers/ffmpeg.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 if ENV['FFMPEG_BINARY'].present?
  FFMPEG.ffmpeg_binary = ENV['FFMPEG_BINARY']
 end
--- a/config/initializers/filter_parameter_logging.rb
+++ b/config/initializers/filter_parameter_logging.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 # Configure sensitive parameters which will be filtered from the log file.
--- a/config/initializers/http_client_proxy.rb
+++ b/config/initializers/http_client_proxy.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Rails.application.configure do
  config.x.http_client_proxy = {}

--- a/config/initializers/httplog.rb
+++ b/config/initializers/httplog.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 HttpLog.configure do |config|
  config.logger = Rails.logger
  config.color = { color: :yellow }
--- a/config/initializers/inflections.rb
+++ b/config/initializers/inflections.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 # Add new inflection rules using the following format. Inflections
--- a/config/initializers/mail_delivery_job.rb
+++ b/config/initializers/mail_delivery_job.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 ActionMailer::MailDeliveryJob.class_eval do
  discard_on ActiveJob::DeserializationError
 end
--- a/config/initializers/mime_types.rb
+++ b/config/initializers/mime_types.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 Mime::Type.register 'application/json', :json, %w(text/x-json application/jsonrequest application/jrd+json application/activity+json application/ld+json)
--- a/config/initializers/oj.rb
+++ b/config/initializers/oj.rb
@@ -1 +1,3 @@
+# frozen_string_literal: true
+
 Oj.default_options = { mode: :compat, time_format: :ruby, use_to_json: true }
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Rails.application.config.middleware.use OmniAuth::Builder do
  # Vanilla omniauth strategies
 end
--- a/config/initializers/open_uri_redirection.rb
+++ b/config/initializers/open_uri_redirection.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'open-uri'

 module OpenURI
--- a/config/initializers/permissions_policy.rb
+++ b/config/initializers/permissions_policy.rb
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # Define an application-wide HTTP permissions policy. For further
 # information see https://developers.google.com/web/updates/2018/06/feature-policy
 #
--- a/config/initializers/pghero.rb
+++ b/config/initializers/pghero.rb
@@ -1 +1,3 @@
+# frozen_string_literal: true
+
 PgHero.show_migrations = Rails.env.development?
--- a/config/initializers/preload_link_headers.rb
+++ b/config/initializers/preload_link_headers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Since Rails 6.1, ActionView adds preload links for javascript files
 # in the Links header per default.

--- a/config/initializers/premailer_rails.rb
+++ b/config/initializers/premailer_rails.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative '../../lib/mastodon/premailer_webpack_strategy'

 Premailer::Rails.config.merge!(remove_ids: true,
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -5,9 +5,9 @@ require 'doorkeeper/grape/authorization_decorator'
 class Rack::Attack
  class Request
    def authenticated_token
-      return @token if defined?(@token)
+      return @authenticated_token if defined?(@authenticated_token)

-      @token = Doorkeeper::OAuth::Token.authenticate(
+      @authenticated_token = Doorkeeper::OAuth::Token.authenticate(
        Doorkeeper::Grape::AuthorizationDecorator.new(self),
        *Doorkeeper.configuration.access_token_methods
      )
--- a/config/initializers/rack_attack_logging.rb
+++ b/config/initializers/rack_attack_logging.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 ActiveSupport::Notifications.subscribe(/rack_attack/) do |_name, _start, _finish, _request_id, payload|
  req = payload[:request]

--- a/config/initializers/redis.rb
+++ b/config/initializers/redis.rb
@@ -1 +1,3 @@
+# frozen_string_literal: true
+
 Redis.sadd_returns_boolean = false
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 Rails.application.config.session_store :cookie_store,
--- a/config/initializers/simple_form.rb
+++ b/config/initializers/simple_form.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Use this setup block to configure all options available in SimpleForm.

 module AppendComponent
--- a/config/initializers/stoplight.rb
+++ b/config/initializers/stoplight.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'stoplight'

 Rails.application.reloader.to_prepare do
--- a/config/initializers/trusted_proxies.rb
+++ b/config/initializers/trusted_proxies.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Rack
  class Request
    def trusted_proxy?(ip)
--- a/config/initializers/twitter_regex.rb
+++ b/config/initializers/twitter_regex.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Twitter::TwitterText
  class Configuration
    def emoji_parsing_enabled
--- a/config/initializers/webauthn.rb
+++ b/config/initializers/webauthn.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 WebAuthn.configure do |config|
  # This value needs to match `window.location.origin` evaluated by
  # the User Agent during registration and authentication ceremonies.
--- a/config/initializers/wrap_parameters.rb
+++ b/config/initializers/wrap_parameters.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Be sure to restart your server when you modify this file.

 # This file contains settings for ActionController::ParamsWrapper which
--- a/config/locales/sr-Latn.rb
+++ b/config/locales/sr-Latn.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_i18n/common_pluralizations/romanian'

 ::RailsI18n::Pluralization::Romanian.with_locale(:'sr-Latn')
--- a/config/locales/sr.rb
+++ b/config/locales/sr.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_i18n/common_pluralizations/romanian'

 ::RailsI18n::Pluralization::Romanian.with_locale(:sr)
--- a/config/puma.rb
+++ b/config/puma.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 persistent_timeout ENV.fetch('PERSISTENT_TIMEOUT') { 20 }.to_i

 max_threads_count = ENV.fetch('MAX_THREADS') { 5 }.to_i