Eugen Rochko and GitHub
5bf67ca913
Add ActivityPub secure mode ( #11269 )
...
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
ThibG and Eugen Rochko
4e1260feaa
Fix BlockService trying to reject incorrect follow request ( #11288 )
...
Fixes #11148
2019-07-11 14:50:27 +02:00
Eugen Rochko and GitHub
4e8dcc5dbb
Add HTTP signatures to all outgoing ActivityPub GET requests ( #11284 )
2019-07-11 14:49:55 +02:00
dependabot-preview[bot] and Eugen Rochko
a6dc6a242f
[Security] Bump lodash from 4.17.11 to 4.17.13 ( #11287 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.11 to 4.17.13. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-11 06:33:07 +02:00
Eugen Rochko and GitHub
5d3feed191
Refactor fetching of remote resources ( #11251 )
2019-07-10 18:59:28 +02:00
ThibG and Eugen Rochko
d04c584159
Drop magic-public-key from webfinger replies as it's only used for OStatus ( #11280 )
2019-07-10 17:10:43 +02:00
ThibG and Eugen Rochko
85eb418e1f
Fix handling of webfinger redirects in ResolveAccountService ( #11279 )
2019-07-10 17:10:12 +02:00
ThibG and Eugen Rochko
27ad4c1501
Fix old migration script depending on the StreamEntry model ( #11278 )
2019-07-10 17:09:10 +02:00
Eugen Rochko and GitHub
6172263a63
Fix activity being rendered within activity due to caching ( #11271 )
...
Fix #11270
2019-07-10 00:43:30 +02:00
Eugen Rochko and GitHub
4e92183227
Refactor domain block checks ( #11268 )
2019-07-09 03:27:35 +02:00
ThibG and Eugen Rochko
1e7187f2a8
Fix Status.remote scope matching *all* statuses ( #11265 )
2019-07-08 18:17:22 +02:00
Eugen Rochko and GitHub
ef15246397
Remove unused remote unfollow controller ( #11250 )
2019-07-08 12:04:06 +02:00
Eugen Rochko and GitHub
63c7fe8e48
Refactor controllers for statuses, accounts, and more ( #11249 )
2019-07-08 12:03:45 +02:00
dependabot-preview[bot] and Yamagishi Kazutoshi
f14776475d
Bump faker from 1.9.3 to 1.9.6 ( #11259 )
...
Bumps [faker](https://github.com/stympy/faker ) from 1.9.3 to 1.9.6.
- [Release notes](https://github.com/stympy/faker/releases )
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/stympy/faker/compare/v1.9.3...1.9.6 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 18:29:00 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
d76ca8964c
Bump simplecov from 0.16.1 to 0.17.0 ( #11260 )
...
Bumps [simplecov](https://github.com/colszowka/simplecov ) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/colszowka/simplecov/releases )
- [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md )
- [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 18:28:33 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
01ee35f14a
Bump aws-sdk-s3 from 1.43.0 to 1.45.0 ( #11262 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.43.0 to 1.45.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.43.0...v1.45.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 18:26:41 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
f935004a74
Bump tzinfo-data from 1.2019.1 to 1.2019.2 ( #11258 )
...
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2019.1 to 1.2019.2.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.1...v1.2019.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 18:26:12 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
d0b40ae7dd
Bump eslint-plugin-react from 7.12.1 to 7.14.2 ( #11253 )
...
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.12.1 to 7.14.2.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.12.1...v7.14.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 18:25:20 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
76d5fd1c5c
Bump @babel/plugin-proposal-class-properties from 7.4.4 to 7.5.0 ( #11254 )
...
Bumps [@babel/plugin-proposal-class-properties](https://github.com/babel/babel ) from 7.4.4 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/compare/v7.4.4...v7.5.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 18:24:38 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
1a8bbcdca4
Bump compression-webpack-plugin from 2.0.0 to 3.0.0 ( #11224 )
...
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin ) from 2.0.0 to 3.0.0.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases )
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v2.0.0...v3.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 16:49:47 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
6a313f872a
Bump intl-relativeformat from 2.2.0 to 6.4.2 ( #11255 )
...
Bumps [intl-relativeformat](https://github.com/formatjs/formatjs ) from 2.2.0 to 6.4.2.
- [Release notes](https://github.com/formatjs/formatjs/releases )
- [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@2.2.0...intl-relativeformat@6.4.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 16:49:26 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
239befc6e8
Bump react-redux from 6.0.1 to 7.1.0 ( #11256 )
...
Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 6.0.1 to 7.1.0.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v6.0.1...v7.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-08 16:48:44 +09:00
ThibG and Eugen Rochko
87c1ad4ea3
Fix BackupService crashing when an attachment is missing ( #11241 )
...
* Fix BackupService crashing when an attachment is missing
For various reasons such as admin error or out-of-sync media and
database backups, it might be possible for local attachments to be lost.
This commit allows the BackupService to continue its work even if some media
file is missing.
* Change error message
2019-07-08 02:24:25 +02:00
Georg Gadinger and Eugen Rochko
3ece6e25e6
Update fuubar dependency to 2.4.1 ( #11248 )
...
See also: thekompanee/fuubar#111
2019-07-07 18:13:19 +02:00
Eugen Rochko and GitHub
b851456139
Remove Atom feeds and old URLs in the form of GET /:username/updates/:id ( #11247 )
2019-07-07 16:16:51 +02:00
Eugen Rochko and GitHub
406b46395d
Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker ( #11231 )
2019-07-07 03:37:01 +02:00
ThibG and Eugen Rochko
58276715be
Fix support for HTTP proxies ( #11245 )
...
* Disable incorrect check for hidden services in Socket
Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.
Hidden services are already filtered in `Request#initialize`.
* Use our Socket class to connect to HTTP proxies
Avoid the timeout logic being bypassed
* Add support for IP addresses in Request::Socket
* Refactor a bit, no need to keep the DNS resolver around
2019-07-07 02:05:38 +02:00
Eugen Rochko and GitHub
23aeef52cc
Remove Salmon and PubSubHubbub ( #11205 )
...
* Remove Salmon and PubSubHubbub endpoints
* Add error when trying to follow OStatus accounts
* Fix new accounts not being created in ResolveAccountService
2019-07-06 23:26:16 +02:00
ThibG and Eugen Rochko
c07cca4727
Only scroll to the compose form if it's not horizontally in the viewport ( #11246 )
...
Avoids jumping the scroll around vertically when giving it focus and
editing long toots.
2019-07-06 18:18:08 +02:00
Eugen Rochko and GitHub
ae003d54f9
Fix option to send e-mail notification about account action always being true ( #11242 )
2019-07-06 13:54:32 +02:00
ThibG and Eugen Rochko
ed544f3166
Fix HTTP requests to IPv6 hosts ( #11240 )
2019-07-05 22:03:00 +02:00
Eugen Rochko and GitHub
0c1b1069c9
Remove deprecated REST API GET /api/v1/statuses/:id/card ( #11213 )
2019-07-05 02:15:24 +02:00
Eugen Rochko and GitHub
30f5bcf3e7
Remove deprecated REST API POST /api/v1/notifications/dismiss?id=:id ( #11214 )
2019-07-05 02:15:13 +02:00
Eugen Rochko and GitHub
3fd6ab99e6
Remove deprecated REST API GET /api/v1/timelines/direct ( #11212 )
2019-07-05 02:14:56 +02:00
ThibG and Eugen Rochko
99924f282f
Memoize ancestorIds and descendantIds in detailed status view ( #11234 )
2019-07-02 16:03:54 +02:00
Eugen Rochko and GitHub
3bc0c4a884
Remove unused StatsD code and expose StatsD as a global variable ( #11232 )
...
The instrumentation code was used for StatsD metrics collection
prior to the switch to the nsa gem and should have been removed
at that point as it no longer does anything at all
2019-07-02 11:34:39 +02:00
Eugen Rochko and GitHub
1a747f7020
Fix statsd UDP sockets not being cleaned up in Sidekiq ( #11230 )
2019-07-02 01:01:17 +02:00
Eugen Rochko and GitHub
bc60d794f8
Change ActivityPub::DeliveryWorker to not retry HTTP 501 errors ( #11233 )
2019-07-02 00:59:53 +02:00
ThibG and Eugen Rochko
dc88d226e1
When deleting & redrafting a poll, fill in closest expires_in ( #11203 )
...
Use the smallest preset expires_in such that the new poll would
not expire before the old one.
In the typical case of a quick delete & redraft, this results in
using the same poll duration.
Fixes #10567
2019-07-02 00:36:16 +02:00
Eugen Rochko and GitHub
0d9ffe56fb
Add request pool to improve delivery performance ( #10353 )
...
* Add request pool to improve delivery performance
Fix #7909
* Ensure connection is closed when exception interrupts execution
* Remove Timeout#timeout from socket connection
* Fix infinite retrial loop on HTTP::ConnectionError
* Close sockets on failure, reduce idle time to 90 seconds
* Add MAX_REQUEST_POOL_SIZE option to limit concurrent connections to the same server
* Use a shared pool size, 512 by default, to stay below open file limit
* Add some tests
* Add more tests
* Reduce MAX_IDLE_TIME from 90 to 30 seconds, reap every 30 seconds
* Use a shared pool that returns preferred connection but re-purposes other ones when needed
* Fix wrong connection being returned on subsequent calls within the same thread
* Reduce mutex calls on flushes from 2 to 1 and add test for reaping
2019-07-02 00:34:38 +02:00
Eugen Rochko and GitHub
2cfa427ea7
Change domain block behaviour to prevent creation of accounts from suspended domains ( #11219 )
2019-07-01 19:13:30 +02:00
dependabot-preview[bot] and Yamagishi Kazutoshi
13f54f41ad
Bump rubocop from 0.71.0 to 0.72.0 ( #11229 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.71.0 to 0.72.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.71.0...v0.72.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-01 22:36:45 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
ffb6da8b78
Bump capybara from 3.24.0 to 3.25.0 ( #11225 )
...
Bumps [capybara](https://github.com/teamcapybara/capybara ) from 3.24.0 to 3.25.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/3.24.0...3.25.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-01 22:34:51 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
8c4287c239
Bump memory_profiler from 0.9.13 to 0.9.14 ( #11227 )
...
Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler ) from 0.9.13 to 0.9.14.
- [Release notes](https://github.com/SamSaffron/memory_profiler/releases )
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md )
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v0.9.13...v0.9.14 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-01 22:34:25 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
47b4cd0fff
Bump bullet from 6.0.0 to 6.0.1 ( #11228 )
...
Bumps [bullet](https://github.com/flyerhzm/bullet ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/flyerhzm/bullet/releases )
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md )
- [Commits](https://github.com/flyerhzm/bullet/compare/6.0.0...6.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-01 22:33:54 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
3936404911
Bump eslint-plugin-promise from 4.1.1 to 4.2.1 ( #11223 )
...
Bumps [eslint-plugin-promise](https://github.com/xjamundx/eslint-plugin-promise ) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/xjamundx/eslint-plugin-promise/releases )
- [Changelog](https://github.com/xjamundx/eslint-plugin-promise/blob/master/CHANGELOG.md )
- [Commits](https://github.com/xjamundx/eslint-plugin-promise/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-01 21:29:56 +09:00
dependabot-preview[bot] and Yamagishi Kazutoshi
d33a30377c
Bump webpack-cli from 3.3.4 to 3.3.5 ( #11221 )
...
Bumps [webpack-cli](https://github.com/webpack/webpack-cli ) from 3.3.4 to 3.3.5.
- [Release notes](https://github.com/webpack/webpack-cli/releases )
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md )
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.4...v3.3.5 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com >
2019-07-01 21:23:40 +09:00
ThibG and Eugen Rochko
082b3b282f
Fix expiration date of filters being set to “Never” when editing them ( #11204 )
...
When editing a custom filter, select the shortest preset duration that
still covers the remaining time of that filter.
Fixes #9506
2019-06-30 16:11:21 +02:00
Eugen Rochko and GitHub
06424786a1
Fix support for MP4 files that are actually M4V files ( #11210 )
...
Resolve #11187
2019-06-30 16:10:43 +02:00
ThibG and Eugen Rochko
f895bf1984
Optimize makeGetStatus ( #11211 )
...
* Optimize makeGetStatus
Because `ImmutableList.filter` always returns a new object and `createSelector`
memoizes based on object identity, the selector returned by `makeGetStatus`
would *always* execute.
To avoid that, we wrap `getFilters` into a new memoizer that memoizes based on
deep equality, thus returning the same object as long as the filters haven't
changed, allowing the memoization of `makeGetStatus` to work.
Furthermore, we memoize the compiled regexs instead of recomputing them each
time the selector is called.
* Fix memoized result being cleared too often
* Make notifications use memoized getFiltersRegex
2019-06-30 00:12:38 +02:00