tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,736 Commits 10 Branches 0 Tags
28ec7def5869ff1a85f49a070b9575c166a432ee
Commit Graph

14736 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Claire
0a120d86d2 Fix error-prone SQL queries (#15828) 
* Fix error-prone SQL queries in Account search

While this code seems to not present an actual vulnerability, one could
easily be introduced by mistake due to how the query is built.

This PR parameterises the `to_tsquery` input to make the query more robust.

* Harden code for Status#tagged_with_all and Status#tagged_with_none

Those two scopes aren't used in a way that could be vulnerable to an SQL
injection, but keeping them unchanged might be a hazard.

* Remove unneeded spaces surrounding tsquery term

* Please CodeClimate

* Move advanced_search_for SQL template to its own function

This avoids one level of indentation while making clearer that the SQL template
isn't build from all the dynamic parameters of advanced_search_for.

* Add tests covering tagged_with, tagged_with_all and tagged_with_none

* Rewrite tagged_with_none to avoid multiple joins and make it more robust

* Remove obsolete brakeman warnings

* Revert "Remove unneeded spaces surrounding tsquery term"

The two queries are not strictly equivalent.

This reverts commit 86f16c537e06c6ba4a8b250f25dcce9f049023ff.
 2022-01-23 18:10:10 +01:00
Claire
a63495230a Change percent to rate in retention metrics API (#16910) 2022-01-23 16:01:25 +01:00
Claire
bddd9ba36d Add OMNIAUTH_ONLY environment variable to enforce externa log-in (#17288) 
* Remove support for OAUTH_REDIRECT_AT_SIGN_IN

Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.

* Add OMNIAUTH_ONLY environment variable to enforce external log-in only

* Disable user registration when OMNIAUTH_ONLY is set to true

* Replace log-in links When OMNIAUTH_ONLY is set with exactly one OmniAuth provider
 2022-01-23 15:52:58 +01:00
Claire
cfa583fa71 Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287) 
Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
 2022-01-23 15:50:41 +01:00
Claire
8a07ecd377 Remove leftover database columns from Devise::Models::Rememberable (#17191) 
* Remove leftover database columns from Devise::Models::Rememberable

* Update fix-duplication maintenance script

* Improve errors/warnings in the fix-duplicates maintenance script
 2022-01-23 15:46:30 +01:00
Claire
96f0b33c8b Remove old duplicate index (#17245) 
Some Mastodon versions (v1.1 and v1.2) had a duplicate index in `db/schema.rb`
without any migration script creating it. #2224 (included in v1.3) removed the
duplicate index from the file but did not provide a migration script to remove
it.

This means that any instance that was installed from v1.1 or v1.2's source code
has a duplicate index and a corresponding warning in PgHero. Instances set up
using an earlier or later Mastodon version do not have this issue.

This PR removes the duplicate index if it is present.
 2022-01-23 13:53:58 +01:00
Claire
3a103cd317 Fix text being incorrectly pre-selected in composer textarea on /share (#17339) 
Fixes #17295
 2022-01-20 20:56:21 +01:00
Claire
1e8c885e5a Change mastodon:webpush:generate_vapid_key task to not require functional env (#17338) 
Fixes #17297
 2022-01-20 14:51:23 +01:00
Claire
6eea3f8f9c Add post edited notice in admin and public UIs (#17335) 
* Add edited toot flag on public pages

* Add toot edit flag to admin pages
 2022-01-20 13:37:31 +01:00
Claire
4d0383d75a Add content-type to status source in glitch-soc 2022-01-20 00:03:44 +01:00
Eugen Rochko
d4654dc892 [Glitch] Add support for editing for published statuses 
Port front-end changes from 1060666c58 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-20 00:03:41 +01:00
Claire
1af4618a06 Merge branch 'main' into glitch-soc/merge-upstream 2022-01-19 23:52:53 +01:00
Claire
fe89554a54 Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `app/lib/activitypub/activity/create.rb`:
  Upstream refactored how `Create` activities are handled and how values are
  extracted from `Create`d objects. This conflicted with how glitch-soc
  supported the `directMessage` flag to explicitly distinguish between
  limited and direct messages.
  Ported glitch-soc's changes to latest upstream changes.
- `app/services/fan_out_on_write_service.rb`:
  Upstream largely refactored that file and changed some of the logic.
  This conflicted with glitch-soc's handling of the direct timeline and
  the options to allow replies and boosts in public feeds.
  Ported those glitch-soc changes on top of latest upstream changes.
- `app/services/process_mentions_service.rb`:
  Upstream refactored to move mention-related ActivityPub deliveries to
  `ActivityPub::DeliveryWorker`, while glitch-soc contained an extra check
  to not send local-only toots to remote mentioned users.
  Took upstream's version, as the check is not needed anymore, since it is
  performed at the `ActivityPub::DeliveryWorker` call site already.
- `app/workers/feed_insert_worker.rb`:
  Upstream added support for `update` toot events, while glitch-soc had
  support for an extra timeline support, `direct`.
  Ported upstream changes and extended them to the `direct` timeline.

Additional changes:
- `app/lib/activitypub/parser/status_parser.rb`:
  Added code to handle the `directMessage` flag and take it into account
  to compute visibility.
- `app/lib/feed_manager.rb`:
  Extended upstream's support of `update` toot events to glitch-soc's
  `direct` timeline.
 2022-01-19 23:52:48 +01:00
Eugen Rochko
9eb775a9d1 Fix error when using raw distribution worker (#17334) 
Regression from #16697
 2022-01-19 23:05:59 +01:00
Eugen Rochko
d412a8d1f2 Fix error when processing poll updates (#17333) 
Regression from #16697
 2022-01-19 22:50:01 +01:00
Eugen Rochko
1060666c58 Add support for editing for published statuses (#16697) 
* Add support for editing for published statuses

* Fix references to stripped-out code

* Various fixes and improvements

* Further fixes and improvements

* Fix updates being potentially sent to unauthorized recipients

* Various fixes and improvements

* Fix wrong words in test

* Fix notifying accounts that were tagged but were not in the audience

* Fix mistake
 2022-01-19 22:37:27 +01:00
Claire
b209e919bd Merge pull request #1662 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes
 2022-01-19 14:22:59 +01:00
Claire
c42938aed4 Merge branch 'main' into glitch-soc/merge-upstream 2022-01-19 12:32:44 +01:00
Jeong Arm
2d1f082bb6 Fix NameError on ActivityPub::FetchFeaturedCollectionService (#17326) 
Related: #16954
 2022-01-19 04:08:46 +01:00
dependabot[bot]
f616897841 Bump json-ld from 3.1.10 to 3.2.0 (#17224) 
Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.10 to 3.2.0.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.10...3.2.0)

---
updated-dependencies:
- dependency-name: json-ld
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:12:01 +09:00
dependabot[bot]
a1c14eb076 Bump thor from 1.1.0 to 1.2.1 (#17250) 
Bumps [thor](https://github.com/rails/thor) from 1.1.0 to 1.2.1.
- [Release notes](https://github.com/rails/thor/releases)
- [Commits](https://github.com/rails/thor/compare/v1.1.0...v1.2.1)

---
updated-dependencies:
- dependency-name: thor
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:07:37 +09:00
dependabot[bot]
987299e0d1 Bump nokogiri from 1.12.5 to 1.13.1 (#17306) 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.5 to 1.13.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.5...v1.13.1)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:06:17 +09:00
dependabot[bot]
db9d8c8e33 Bump aws-sdk-s3 from 1.109.0 to 1.111.1 (#17277) 
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.109.0 to 1.111.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:04:34 +09:00
dependabot[bot]
587dc720c3 Bump prop-types from 15.7.2 to 15.8.1 (#17278) 
Bumps [prop-types](https://github.com/facebook/prop-types) from 15.7.2 to 15.8.1.
- [Release notes](https://github.com/facebook/prop-types/releases)
- [Changelog](https://github.com/facebook/prop-types/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/prop-types/compare/v15.7.2...v15.8.1)

---
updated-dependencies:
- dependency-name: prop-types
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:04:24 +09:00
dependabot[bot]
8e619ab341 Bump ed25519 from 1.2.4 to 1.3.0 (#17310) 
Bumps [ed25519](https://github.com/RubyCrypto/ed25519) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/RubyCrypto/ed25519/releases)
- [Changelog](https://github.com/RubyCrypto/ed25519/blob/main/CHANGES.md)
- [Commits](https://github.com/RubyCrypto/ed25519/compare/v1.2.4...v1.3.0)

---
updated-dependencies:
- dependency-name: ed25519
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:04:11 +09:00
dependabot[bot]
da2e05582b Bump bootsnap from 1.9.3 to 1.10.1 (#17311) 
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.9.3 to 1.10.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.9.3...v1.10.1)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:03:28 +09:00
dependabot[bot]
37ecfa090f Bump sass from 1.45.2 to 1.48.0 (#17315) 
Bumps [sass](https://github.com/sass/dart-sass) from 1.45.2 to 1.48.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.45.2...1.48.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 11:01:18 +09:00
dependabot[bot]
bc563c4847 Bump babel-jest from 27.4.5 to 27.4.6 (#17280) 
Bumps [babel-jest](https://github.com/facebook/jest/tree/HEAD/packages/babel-jest) from 27.4.5 to 27.4.6.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v27.4.6/packages/babel-jest)

---
updated-dependencies:
- dependency-name: babel-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 10:53:39 +09:00
dependabot[bot]
4cda245ed9 Bump @babel/plugin-transform-runtime from 7.16.7 to 7.16.8 (#17314) 
Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) from 7.16.7 to 7.16.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.8/packages/babel-plugin-transform-runtime)

---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 10:53:26 +09:00
dependabot[bot]
c4e748dcf2 Bump ws from 8.3.0 to 8.4.2 (#17318) 
Bumps [ws](https://github.com/websockets/ws) from 8.3.0 to 8.4.2.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/8.3.0...8.4.2)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 10:53:12 +09:00
dependabot[bot]
b066bcf277 Bump rubocop-rails from 2.13.0 to 2.13.2 (#17321) 
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.13.0 to 2.13.2.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.13.0...v2.13.2)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-19 10:53:03 +09:00
dependabot[bot]
777b248bd1 Bump redis from 4.0.1 to 4.0.2 (#17309) 
Bumps [redis](https://github.com/redis/node-redis) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/redis/node-redis/releases)
- [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/node-redis/compare/redis@4.0.1...redis@4.0.2)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:39:12 +09:00
dependabot[bot]
3b825be804 Bump bullet from 7.0.0 to 7.0.1 (#17312) 
Bumps [bullet](https://github.com/flyerhzm/bullet) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/flyerhzm/bullet/releases)
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flyerhzm/bullet/compare/7.0.0...7.0.1)

---
updated-dependencies:
- dependency-name: bullet
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:38:54 +09:00
dependabot[bot]
733691322c Bump react-select from 5.2.1 to 5.2.2 (#17313) 
Bumps [react-select](https://github.com/JedWatson/react-select) from 5.2.1 to 5.2.2.
- [Release notes](https://github.com/JedWatson/react-select/releases)
- [Changelog](https://github.com/JedWatson/react-select/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/JedWatson/react-select/compare/react-select@5.2.1...react-select@5.2.2)

---
updated-dependencies:
- dependency-name: react-select
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:38:45 +09:00
dependabot[bot]
95d63271be Bump @babel/preset-env from 7.16.7 to 7.16.8 (#17317) 
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.16.7 to 7.16.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.16.8/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:38:12 +09:00
dependabot[bot]
11a97be4b1 Bump pkg-config from 1.4.6 to 1.4.7 (#17307) 
Bumps [pkg-config](https://github.com/ruby-gnome/pkg-config) from 1.4.6 to 1.4.7.
- [Release notes](https://github.com/ruby-gnome/pkg-config/releases)
- [Changelog](https://github.com/ruby-gnome/pkg-config/blob/master/NEWS)
- [Commits](https://github.com/ruby-gnome/pkg-config/compare/1.4.6...1.4.7)

---
updated-dependencies:
- dependency-name: pkg-config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:36:39 +09:00
dependabot[bot]
18cf973345 Bump active_model_serializers from 0.10.12 to 0.10.13 (#17305) 
Bumps [active_model_serializers](https://github.com/rails-api/active_model_serializers) from 0.10.12 to 0.10.13.
- [Release notes](https://github.com/rails-api/active_model_serializers/releases)
- [Changelog](https://github.com/rails-api/active_model_serializers/blob/v0.10.13/CHANGELOG.md)
- [Commits](https://github.com/rails-api/active_model_serializers/compare/v0.10.12...v0.10.13)

---
updated-dependencies:
- dependency-name: active_model_serializers
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:36:22 +09:00
dependabot[bot]
eefa287d59 Bump follow-redirects from 1.14.4 to 1.14.7 (#17285) 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.4 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.4...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:36:11 +09:00
dependabot[bot]
8f8f4ab099 Bump jest from 27.4.5 to 27.4.7 (#17279) 
Bumps [jest](https://github.com/facebook/jest) from 27.4.5 to 27.4.7.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/compare/v27.4.5...v27.4.7)

---
updated-dependencies:
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:35:31 +09:00
dependabot[bot]
ecfed4f3e5 Bump rspec_junit_formatter from 0.5.0 to 0.5.1 (#17275) 
Bumps [rspec_junit_formatter](https://github.com/sj26/rspec_junit_formatter) from 0.5.0 to 0.5.1.
- [Release notes](https://github.com/sj26/rspec_junit_formatter/releases)
- [Changelog](https://github.com/sj26/rspec_junit_formatter/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sj26/rspec_junit_formatter/compare/v0.5.0...v0.5.1)

---
updated-dependencies:
- dependency-name: rspec_junit_formatter
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:35:15 +09:00
dependabot[bot]
8647e19020 Bump rubocop-rails from 2.13.0 to 2.13.1 (#17274) 
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.13.0 to 2.13.1.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.13.0...v2.13.1)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:35:02 +09:00
dependabot[bot]
2a0fb61e31 Bump scenic from 1.5.4 to 1.5.5 (#17193) 
Bumps [scenic](https://github.com/scenic-views/scenic) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/scenic-views/scenic/releases)
- [Changelog](https://github.com/scenic-views/scenic/blob/main/CHANGELOG.md)
- [Commits](https://github.com/scenic-views/scenic/compare/v1.5.4...v1.5.5)

---
updated-dependencies:
- dependency-name: scenic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-18 22:34:45 +09:00
Claire
f6acc039ec Merge pull request #1660 from ClearlyClaire/glitch-soc/features/themes-multiple-packs 
Refactor glitch-soc's theme handling
 2022-01-18 00:18:07 +01:00
Claire
b9ed7e0f55 Please CodeClimate 2022-01-17 13:06:06 +01:00
Claire
c7e2b9cf64 Move controller theming code to concern 2022-01-17 12:50:52 +01:00
Claire
c60f8ce032 Fix pinned attribute not being set for private self-posts (#17304) 2022-01-17 11:59:46 +01:00
Eugen Rochko
69208ef6ff [Glitch] Add notifications for statuses deleted by moderators 
Port front-end changes from 14f436c457 to glitch-soc

Signed-off-by: Claire <claire.github-309c@sitedethib.com>
 2022-01-17 11:19:44 +01:00
Claire
b3bf32a21e Merge branch 'main' into glitch-soc/merge-upstream 
Conflicts:
- `app/views/admin/reports/show.html.haml`:
  Conflicts due to glitch-soc's theming system.
 2022-01-17 10:45:25 +01:00
Claire
430d442791 Merge pull request #1661 from ClearlyClaire/glitch-soc/merge-upstream 
Merge upstream changes
 2022-01-17 10:01:02 +01:00
Claire
77dd4ab8f5 Fix pinned attribute not being set for private self-posts 2022-01-17 09:52:19 +01:00