9871f0fede 
					 
					
						
						
							
							prepping for update  
						
						
						
						
					 
					
						2023-07-11 09:37:44 -04:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1a7157000a 
					 
					
						
						
							
							Theming and such  
						
						
						
						
					 
					
						2023-07-06 13:23:31 -04:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						32ebeed59b 
					 
					
						
						
							
							Merge pull request from GHSA-55j9-c3mp-6fcq  
						
						
						
						
					 
					
						2023-07-06 15:06:50 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						e75ad1de0f 
					 
					
						
						
							
							Merge pull request from GHSA-9pxv-6qvf-pjwc  
						
						... 
						
						
						
						* Fix timeout handling of outbound HTTP requests
* Use CLOCK_MONOTONIC instead of Time.now 
						
						
					 
					
						2023-07-06 15:06:24 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						0aa0b71f2c 
					 
					
						
						
							
							Merge pull request from GHSA-9928-3cp5-93fm  
						
						... 
						
						
						
						* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged 
						
						
					 
					
						2023-07-06 15:05:05 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						c4f2609f7a 
					 
					
						
						
							
							Merge pull request from GHSA-ccm4-vgcc-73hp  
						
						... 
						
						
						
						* Tighten allowed HTML in oEmbed-based preview cards
* Sanitize preview cards at render time
* Add `sandbox` attribute to preview card iframes 
						
						
					 
					
						2023-07-06 15:03:33 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						a3d69a2c5d 
					 
					
						
						
							
							Fix OAuth apps page crashing when listing apps with certain admin API scopes ( #25713 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Vyr Cossont 
							
						 
					 
					
						
						
							
						
						652ff76462 
					 
					
						
						
							
							Fix Redis client and type errors introduced in  #24285  ( #24342 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Vyr Cossont 
							
						 
					 
					
						
						
							
						
						6f484fbbd2 
					 
					
						
						
							
							IndexingScheduler: fetch and import in batches ( #24285 )  
						
						... 
						
						
						
						Co-authored-by: Claire <claire.github-309c@sitedethib.com > 
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						79f5b8f156 
					 
					
						
						
							
							Fix ResolveURLService not resolving local URLs for remote content ( #25637 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						f8930a67a0 
					 
					
						
						
							
							Change /api/v1/statuses/:id/history to always return at least one item ( #25510 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						e65e3a6d14 
					 
					
						
						
							
							Add finer permission requirements for managing webhooks ( #25463 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						8acbfc6ab1 
					 
					
						
						
							
							Fix wrong view being displayed when a webhook fails validation ( #25464 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
						
						3ef53958b2 
					 
					
						
						
							
							Prevent UserCleanupScheduler from overwhelming streaming ( #25519 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel M Brasil 
							
						 
					 
					
						
						
							
						
						fd1ffd72eb 
					 
					
						
						
							
							Fix incorrect pagination headers in /api/v2/admin/accounts ( #25477 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						7bd34f8b23 
					 
					
						
						
							
							Fix infinite loop in AccountsStatusesCleanupScheduler ( #24840 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						7012bf6ed3 
					 
					
						
						
							
							Improve automatic post cleanup worker performances ( #24785 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						d9e45f2fa9 
					 
					
						
						
							
							Fix AccountsStatusesCleanupScheduler not spreading deletes across accounts correctly ( #24607 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						0e139e3c4d 
					 
					
						
						
							
							Change automatic post deletion thresholds and load detection ( #24614 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						2779bce9a2 
					 
					
						
						
							
							Add fallback redirection when getting a webfinger query LOCAL_DOMAIN@LOCAL_DOMAIN ( #23600 )  
						
						... 
						
						
						
						Co-authored-by: Eugen Rochko <eugen@zeonfederated.com > 
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						210ff36860 
					 
					
						
						
							
							Change AccessTokensVacuum to also delete expired tokens ( #24868 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						99c2bbbec9 
					 
					
						
						
							
							Change profile updates to be sent to recently-mentioned servers ( #24852 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						7e58779300 
					 
					
						
						
							
							Fix reports not being closed when performing batch suspensions ( #24988 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						cca464bce3 
					 
					
						
						
							
							Fix being able to vote on your own polls ( #25015 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						1301af60e0 
					 
					
						
						
							
							Fix race condition when reblogging a status ( #25016 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						f962e83856 
					 
					
						
						
							
							Change OpenGraph-based embeds to allow fullscreen ( #25058 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						b3cbcd7447 
					 
					
						
						
							
							Fix “Authorized applications” inefficiently and incorrectly getting last use date ( #25060 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						72d96bf17a 
					 
					
						
						
							
							Remove invalid X-Frame-Options: ALLOWALL ( #25070 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						b1ac3562df 
					 
					
						
						
							
							Change Identity to not destroy associated User on destroy ( #25098 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						4c6c790f80 
					 
					
						
						
							
							Fix /api/v1/conversations sometimes returning empty accounts ( #25499 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						036ac5b5c9 
					 
					
						
						
							
							Fix ArgumentError when loading newer Private Mentions ( #25399 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						3e1724e972 
					 
					
						
						
							
							Fix multiple N+1s in ConversationsController ( #25134 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						bc8592627b 
					 
					
						
						
							
							Fix user archive takeouts when using OpenStack Swift ( #24431 )  
						
						
						
						
					 
					
						2023-07-06 13:45:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						b9f271364e 
					 
					
						
						
							
							Fix unescaped user input in LDAP query ( #24379 )  
						
						... 
						
						
						
						Fix CVE-2023-28853 
						
						
					 
					
						2023-04-04 12:41:27 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						51572ac615 
					 
					
						
						
							
							Fix invalid/expired invites being processed on sign-up ( #24337 )  
						
						
						
						
					 
					
						2023-04-04 12:41:27 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						ae64c5b7ec 
					 
					
						
						
							
							Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )  
						
						
						
						
					 
					
						2023-04-04 12:41:27 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						6a7b91a038 
					 
					
						
						
							
							Add warning for object storage misconfiguration ( #24137 )  
						
						
						
						
					 
					
						2023-03-16 22:48:42 +01:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
						
						6db76875fd 
					 
					
						
						
							
							Change user backups to use expiring URLs for download when possible ( #24136 )  
						
						
						
						
					 
					
						2023-03-16 22:48:42 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						8c4ea7d715 
					 
					
						
						
							
							Fix misleading error code when receiving invalid WebAuthn credentials ( #23568 )  
						
						
						
						
					 
					
						2023-03-16 11:45:53 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						cc65f32714 
					 
					
						
						
							
							Fix incorrect post links in strikes when the account is remote ( #23611 )  
						
						
						
						
					 
					
						2023-03-16 11:45:33 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						0363064501 
					 
					
						
						
							
							Fix dashboard crash on ElasticSearch server error ( #23751 )  
						
						
						
						
					 
					
						2023-03-16 11:45:01 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						6962d117b7 
					 
					
						
						
							
							Change ActivityPub::DeliveryWorker retries to be spread out more ( #21956 )  
						
						
						
						
					 
					
						2023-03-13 18:49:50 +01:00 
						 
				 
			
				
					
						
							
							
								Terry Garcia 
							
						 
					 
					
						
						
							
						
						a54bd84690 
					 
					
						
						
							
							Switched bookmark and favourites around ( #23701 )  
						
						
						
						
					 
					
						2023-03-13 18:49:27 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						68af19c328 
					 
					
						
						
							
							Change auto-deletion throttling constants to better scale with server size ( #23320 )  
						
						
						
						
					 
					
						2023-03-13 18:49:01 +01:00 
						 
				 
			
				
					
						
							
							
								Tim Lucas 
							
						 
					 
					
						
						
							
						
						a133570b26 
					 
					
						
						
							
							Increase contrast of upload progress background ( #23836 )  
						
						
						
						
					 
					
						2023-03-13 18:48:21 +01:00 
						 
				 
			
				
					
						
							
							
								PauloVilarinho 
							
						 
					 
					
						
						
							
						
						9972eb41ae 
					 
					
						
						
							
							add modal message when editing toot ( #23936 )  
						
						... 
						
						
						
						Co-authored-by: PauloVilarinho <paulotarsobranco@hotmail.com > 
						
						
					 
					
						2023-03-13 18:48:06 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						cec59417d7 
					 
					
						
						
							
							Add mail headers to avoid auto-replies ( #23597 )  
						
						
						
						
					 
					
						2023-03-13 18:47:28 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
						
						9377c4a87c 
					 
					
						
						
							
							Add lang tag to native language names in language picker ( #23749 )  
						
						
						
						
					 
					
						2023-03-13 18:47:14 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Schmidt 
							
						 
					 
					
						
						
							
						
						3f2e31800e 
					 
					
						
						
							
							Unescape HTML entities ( #24019 )  
						
						
						
						
					 
					
						2023-03-13 18:45:42 +01:00 
						 
				 
			
				
					
						
							
							
								Christian Schmidt 
							
						 
					 
					
						
						
							
						
						92a26638eb 
					 
					
						
						
							
							Do not strip tags from Setting.site_short_description ( #23975 )  
						
						
						
						
					 
					
						2023-03-13 18:44:38 +01:00