tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' into glitch-soc/merge-upstream

Browse Source 
Conflicts:
- `README.md`:
  Upstream updated copyright year, we don't mention it so kept our version.
- `app/controllers/admin/dashboard_controller.rb`:
  Not really a conflict, upstream change (removing the spam checker) too close
  to glitch-soc changes. Ported upstream changes.
- `app/models/form/admin_settings.rb`:
  Same.
- `app/services/remove_status_service.rb`:
  Same.
- `app/views/admin/settings/edit.html.haml`:
  Same.
- `config/settings.yml`:
  Same.
- `config/environments/production.rb`:
  Not a real conflict, upstream added a default HTTP header, but we have
  extra headers in glitch-soc.
  Added the header.
This commit is contained in:
Claire
2021-04-20 12:17:14 +02:00
parent df326b8b5c b5ac17c4b6
commit e2a2bc9021
100 changed files with 1904 additions and 1077 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/application.rb
View File

@ -29,6 +29,7 @@ require_relative '../lib/webpacker/helper_extensions'
require_relative '../lib/action_dispatch/cookie_jar_extensions'
require_relative '../lib/rails/engine_extensions'
require_relative '../lib/active_record/database_tasks_extensions'
require_relative '../lib/active_record/batches'
Dotenv::Railtie.load

9
config/environments/production.rb
View File

@ -90,9 +90,12 @@ Rails.application.configure do
config.action_mailer.perform_caching = false
# E-mails
outgoing_email_address = ENV.fetch('SMTP_FROM_ADDRESS', 'notifications@localhost')
outgoing_mail_domain = Mail::Address.new(outgoing_email_address).domain
config.action_mailer.default_options = {
from: ENV.fetch('SMTP_FROM_ADDRESS', 'notifications@localhost'),
reply_to: ENV['SMTP_REPLY_TO']
from: outgoing_email_address,
reply_to: ENV['SMTP_REPLY_TO'],
'Message-ID': -> { "<#{Mail.random_tag}@#{outgoing_mail_domain}>" },
}
config.action_mailer.smtp_settings = {
@ -116,10 +119,10 @@ Rails.application.configure do
'X-Frame-Options' => 'DENY',
'X-Content-Type-Options' => 'nosniff',
'X-XSS-Protection' => '1; mode=block',
'Permissions-Policy' => 'interest-cohort=()',
'Referrer-Policy' => 'same-origin',
'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload',
'X-Clacks-Overhead' => 'GNU Natalie Nguyen'
}
config.x.otp_secret = ENV.fetch('OTP_SECRET')

14
config/initializers/content_security_policy.rb
View File

@ -53,11 +53,13 @@ Rails.application.config.content_security_policy_nonce_generator = -> request {
Rails.application.config.content_security_policy_nonce_directives = %w(style-src)
PgHero::HomeController.content_security_policy do |p|
p.script_src :self, :unsafe_inline, assets_host
p.style_src :self, :unsafe_inline, assets_host
end
Rails.application.reloader.to_prepare do
PgHero::HomeController.content_security_policy do |p|
p.script_src :self, :unsafe_inline, assets_host
p.style_src :self, :unsafe_inline, assets_host
end
PgHero::HomeController.after_action do
request.content_security_policy_nonce_generator = nil
PgHero::HomeController.after_action do
request.content_security_policy_nonce_generator = nil
end
end

5
config/initializers/doorkeeper.rb
View File

@ -52,6 +52,11 @@ Doorkeeper.configure do
# Issue access tokens with refresh token (disabled by default)
# use_refresh_token
# Forbids creating/updating applications with arbitrary scopes that are
# not in configuration, i.e. `default_scopes` or `optional_scopes`.
# (Disabled by default)
enforce_configured_scopes
# Provide support for an owner to be assigned to each registered application (disabled by default)
# Optional parameter :confirmation => true (default false) if you want to enforce ownership of
# a registered application

4
config/initializers/paperclip.rb
View File

@ -112,7 +112,9 @@ else
)
end
Paperclip.options[:content_type_mappings] = { csv: Import::FILE_TYPES }
Rails.application.reloader.to_prepare do
Paperclip.options[:content_type_mappings] = { csv: Import::FILE_TYPES }
end
# In some places in the code, we rescue this exception, but we don't always
# load the S3 library, so it may be an undefined constant:

4
config/initializers/suppress_csrf_warnings.rb
View File

@ -1,3 +1,5 @@
# frozen_string_literal: true
ActionController::Base.log_warning_on_csrf_failure = false
Rails.application.reloader.to_prepare do
ActionController::Base.log_warning_on_csrf_failure = false
end

21
config/locales/en.yml
View File

@ -315,10 +315,12 @@ en:
new:
create: Create announcement
title: New announcement
publish: Publish
published_msg: Announcement successfully published!
scheduled_for: Scheduled for %{time}
scheduled_msg: Announcement scheduled for publication!
title: Announcements
unpublish: Unpublish
unpublished_msg: Announcement successfully unpublished!
updated_msg: Announcement successfully updated!
custom_emojis:
@ -363,7 +365,6 @@ en:
feature_profile_directory: Profile directory
feature_registrations: Registrations
feature_relay: Federation relay
feature_spam_check: Anti-spam
feature_timeline_preview: Timeline preview
features: Features
hidden_service: Federation with hidden services
@ -441,6 +442,14 @@ en:
create: Add domain
title: Block new e-mail domain
title: Blocked e-mail domains
follow_recommendations:
description_html: "<strong>Follow recommendations help new users quickly find interesting content</strong>. When a user has not interacted with others enough to form personalized follow recommendations, these accounts are recommended instead. They are re-calculated on a daily basis from a mix of accounts with the highest recent engagements and highest local follower counts for a given language."
language: For language
status: Status
suppress: Suppress follow recommendation
suppressed: Suppressed
title: Follow recommendations
unsuppress: Restore follow recommendation
instances:
by_domain: Domain
delivery_available: Delivery is available
@ -545,8 +554,10 @@ en:
updated_at: Updated
rules:
add_new: Add rule
description: While most claim to have read and agree to the terms of service, usually people do not read through until after a problem arises. Make it easier to see your server's rules at a glance by providing them in a flat bullet point list. Try to keep individual rules short and simple, but try not to split them up into many separate items either.
delete: Delete
description_html: While most claim to have read and agree to the terms of service, usually people do not read through until after a problem arises. <strong>Make it easier to see your server's rules at a glance by providing them in a flat bullet point list.</strong> Try to keep individual rules short and simple, but try not to split them up into many separate items either.
edit: Edit rule
empty: No server rules have been defined yet.
title: Server rules
settings:
activity_api_enabled:
@ -627,9 +638,6 @@ en:
desc_html: You can write your own privacy policy, terms of service or other legalese. You can use HTML tags
title: Custom terms of service
site_title: Server name
spam_check_enabled:
desc_html: Mastodon can auto-report accounts that send repeated unsolicited messages. There may be false positives.
title: Anti-spam automation
thumbnail:
desc_html: Used for previews via OpenGraph and API. 1200x630px recommended
title: Server thumbnail
@ -691,6 +699,7 @@ en:
add_new: Add new
delete: Delete
edit_preset: Edit warning preset
empty: You haven't defined any warning presets yet.
title: Manage warning presets
admin_mailer:
new_pending_account:
@ -1209,8 +1218,6 @@ en:
relationships: Follows and followers
two_factor_authentication: Two-factor Auth
webauthn_authentication: Security keys
spam_check:
spam_detected: This is an automated report. Spam has been detected.
statuses:
attached:
audio:

14
config/locales/simple_form.en.yml
View File

@ -30,19 +30,19 @@ en:
defaults:
autofollow: People who sign up through the invite will automatically follow you
avatar: PNG, GIF or JPG. At most %{size}. Will be downscaled to %{dimensions}px
bot: This account mainly performs automated actions and might not be monitored
bot: Signal to others that the account mainly performs automated actions and might not be monitored
context: One or multiple contexts where the filter should apply
current_password: For security purposes please enter the password of the current account
current_username: To confirm, please enter the username of the current account
digest: Only sent after a long period of inactivity and only if you have received any personal messages in your absence
discoverable: The profile directory is another way by which your account can reach a wider audience
discoverable: Allow your account to be discovered by strangers through recommendations and other features
email: You will be sent a confirmation e-mail
fields: You can have up to 4 items displayed as a table on your profile
header: PNG, GIF or JPG. At most %{size}. Will be downscaled to %{dimensions}px
inbox_url: Copy the URL from the frontpage of the relay you want to use
irreversible: Filtered toots will disappear irreversibly, even if filter is later removed
locale: The language of the user interface, e-mails and push notifications
locked: Requires you to manually approve followers
locked: Manually control who can follow you by approving follow requests
password: Use at least 8 characters
phrase: Will be matched regardless of casing in text or content warning of a toot
scopes: Which APIs the application will be allowed to access. If you select a top-level scope, you don't need to select individual ones.
@ -51,7 +51,7 @@ en:
setting_display_media_default: Hide media marked as sensitive
setting_display_media_hide_all: Always hide media
setting_display_media_show_all: Always show media
setting_hide_network: Who you follow and who follows you will not be shown on your profile
setting_hide_network: Who you follow and who follows you will be hidden on your profile
setting_noindex: Affects your public profile and status pages
setting_show_application: The application you use to toot will be displayed in the detailed view of your toots
setting_use_blurhash: Gradients are based on the colors of the hidden visuals but obfuscate any details
@ -128,7 +128,7 @@ en:
context: Filter contexts
current_password: Current password
data: Data
discoverable: List this account on the directory
discoverable: Suggest account to others
display_name: Display name
email: E-mail address
expires_in: Expire after
@ -138,7 +138,7 @@ en:
inbox_url: URL of the relay inbox
irreversible: Drop instead of hide
locale: Interface language
locked: Lock account
locked: Require follow requests
max_uses: Max number of uses
new_password: New password
note: Bio
@ -160,7 +160,7 @@ en:
setting_display_media_hide_all: Hide all
setting_display_media_show_all: Show all
setting_expand_spoilers: Always expand toots marked with content warnings
setting_hide_network: Hide your network
setting_hide_network: Hide your social graph
setting_noindex: Opt-out of search engine indexing
setting_reduce_motion: Reduce motion in animations
setting_show_application: Disclose application used to send toots

1
config/navigation.rb
View File

@ -45,6 +45,7 @@ SimpleNavigation::Configuration.run do |navigation|
s.item :accounts, safe_join([fa_icon('users fw'), t('admin.accounts.title')]), admin_accounts_url, highlights_on: %r{/admin/accounts|/admin/pending_accounts}
s.item :invites, safe_join([fa_icon('user-plus fw'), t('admin.invites.title')]), admin_invites_path
s.item :tags, safe_join([fa_icon('hashtag fw'), t('admin.tags.title')]), admin_tags_path, highlights_on: %r{/admin/tags}
s.item :follow_recommendations, safe_join([fa_icon('user-plus fw'), t('admin.follow_recommendations.title')]), admin_follow_recommendations_path, highlights_on: %r{/admin/follow_recommendations}
s.item :instances, safe_join([fa_icon('cloud fw'), t('admin.instances.title')]), admin_instances_url(limited: whitelist_mode? ? nil : '1'), highlights_on: %r{/admin/instances|/admin/domain_blocks|/admin/domain_allows}, if: -> { current_user.admin? }
s.item :email_domain_blocks, safe_join([fa_icon('envelope fw'), t('admin.email_domain_blocks.title')]), admin_email_domain_blocks_url, highlights_on: %r{/admin/email_domain_blocks}, if: -> { current_user.admin? }
s.item :ip_blocks, safe_join([fa_icon('ban fw'), t('admin.ip_blocks.title')]), admin_ip_blocks_url, highlights_on: %r{/admin/ip_blocks}, if: -> { current_user.admin? }

4
config/routes.rb
View File

@ -3,8 +3,6 @@
require 'sidekiq_unique_jobs/web'
require 'sidekiq-scheduler/web'
Sidekiq::Web.set :session_secret, Rails.application.secrets[:secret_key_base]
Rails.application.routes.draw do
root 'home#index'
@ -296,6 +294,7 @@ Rails.application.routes.draw do
end
resources :account_moderation_notes, only: [:create, :destroy]
resource :follow_recommendations, only: [:show, :update]
resources :tags, only: [:index, :show, :update] do
collection do
@ -513,6 +512,7 @@ Rails.application.routes.draw do
namespace :v2 do
resources :media, only: [:create]
get '/search', to: 'search#index', as: :search
resources :suggestions, only: [:index]
end
namespace :web do

1
config/settings.yml
View File

@ -75,7 +75,6 @@ defaults: &defaults
show_reblogs_in_public_timelines: false
show_replies_in_public_timelines: false
default_content_type: 'text/plain'
spam_check_enabled: true
show_domain_blocks: 'disabled'
show_domain_blocks_rationale: 'disabled'
outgoing_spoilers: ''

4
config/sidekiq.yml
View File

@ -25,6 +25,10 @@
cron: '<%= Random.rand(0..59) %> <%= Random.rand(0..2) %> * * *'
class: Scheduler::FeedCleanupScheduler
queue: scheduler
follow_recommendations_scheduler:
cron: '<%= Random.rand(0..59) %> <%= Random.rand(6..9) %> * * *'
class: Scheduler::FollowRecommendationsScheduler
queue: scheduler
doorkeeper_cleanup_scheduler:
cron: '<%= Random.rand(0..59) %> <%= Random.rand(0..2) %> * * 0'
class: Scheduler::DoorkeeperCleanupScheduler