Commit Graph

404 Commits

Author SHA1 Message Date
f378f10404 Fix compatibility of recent migration with PostgreSQL 10 (#25324) 2023-06-07 01:53:50 +02:00
c66250abf1 Autofix Rubocop Regex Style rules (#23690)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
e428670e61 Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-06-05 17:35:05 +02:00
e49819142f Remove unmaintained nsa gem (#25265) 2023-06-05 01:57:05 +02:00
94329f28e1 Change wording of “Content cache retention period” setting to highlight destructive implications (#23261) 2023-06-02 18:09:08 +02:00
942d850b0a Allow carets in URL search params (#25216) 2023-06-01 12:14:49 +02:00
c0b9664a31 Autofix Rubocop spacing in config (#25022) 2023-05-22 13:17:56 +02:00
cee4369cf5 Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#25002) 2023-05-16 10:51:59 +02:00
d9a958fcf7 Fix Performance/RedundantMerge cop (#24817) 2023-05-04 05:25:43 +02:00
d902a707a3 Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
5a2aa06a51 Fix Rails/Present cop (#24688) 2023-04-30 06:47:50 +02:00
49fad26eca Drop EOL Ruby 2.7 (#24237) 2023-04-27 01:46:18 +02:00
4687967176 Autofix Rubocop Style/NumericLiterals (#24468) 2023-04-23 22:30:07 +02:00
5c499f54e3 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-03 15:05:39 +02:00
500d6f93be Autofix Rubocop Style/IdenticalConditionalBranches (#24322) 2023-03-31 09:33:52 +02:00
a9b5598c97 Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
e084b5b82d Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
f432db7b9f Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-12 23:47:55 +01:00
922837dc96 Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
de137e6bb0 Added support for specifying S3 storage classes in environment (#22480) 2023-03-03 20:53:37 +01:00
c6ef56fd5e Change rate limits to 1,500/5m per user, 300/5m per app (#23347) 2023-02-02 00:07:49 +01:00
596923da4a Fix typos in source documentation (#21046)
Fixed 2 source comment/documentation typos
2022-12-15 15:57:26 +01:00
d587a268fd Add logging for Rails cache timeouts (#21667)
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds

* Log cache store errors
2022-11-27 20:37:37 +01:00
7955d4b959 Add form-action CSP directive (#20781) 2022-11-17 10:55:03 +01:00
a2931d19ae Add missing admin scopes (fix #20892) (#20918) 2022-11-17 10:50:21 +01:00
43b0b2f3f4 Fix wrong directive unsafe-wasm-eval to wasm-unsafe-eval (#20729) 2022-11-15 03:39:06 +01:00
b46b7c3d5e Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP (#20606)
* Add "unsafe-eval" to script-src CSP

* Use 'unsafe-wasm-eval' instead of 'unsafe-eval'
2022-11-15 03:22:38 +01:00
21fd25a269 Fix rate limiting for paths with formats (#20675) 2022-11-14 20:26:31 +01:00
9d039209cc Add Cache-Control header to openstack-stored files (#20610)
When storing files in S3, paperclip is configured with a Cache-Control header
indicating the file is immutable, however no such header was added when using
OpenStack storage.

Luckily Paperclip's fog integration makes this trivial, with a simple
`fog_file` `Cache-Control` default doing the trick.
2022-11-14 05:26:49 +01:00
290d78cea4 Allow unsetting x-amz-acl S3 Permission headers (#20510)
Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent.

This is tested as working with Cloudflare R2.
2022-11-13 06:57:10 +01:00
aafbc82d88 Add "unsafe-eval" to script-src CSP (#18817) 2022-10-26 19:23:16 +02:00
bf0ab3e0fa Fix vacuum scheduler missing lock, locks never expiring (#19458)
Remove vacuuming of orphaned preview cards
2022-10-26 12:10:48 +02:00
0d6b878808 Add user content translations with configurable backends (#19218) 2022-09-23 23:00:12 +02:00
546672e292 Change "Allow trends without prior review" setting to include statuses (#17977)
* Change "Allow trends without prior review" setting to include posts

* Fix i18n-tasks
2022-08-28 04:00:39 +02:00
861b35dd54 Support "http_hidden_proxy" ENV var for hidden service only proxy (#18427)
* Support "http_hidden_proxy" ENV var for hidden service only proxy

* Fallback to http_proxy if http_hidden_proxy is not set
2022-08-25 04:41:14 +02:00
e7aa2be828 Change how hashtags are normalized (#18795)
* Change how hashtags are normalized

* Fix tests
2022-07-13 15:03:28 +02:00
ae4f068a84 Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored (#18568) 2022-06-01 19:22:55 +02:00
96129c2f10 Fix confirmation redirect to app without Location header (#18523) 2022-05-26 22:03:54 +02:00
679b7158e3 Change search indexing to use batches to minimize resource usage (#18451) 2022-05-18 23:29:14 +02:00
7b0fe4aef9 Fix opening and closing Redis connections instead of using a pool (#18171)
* Fix opening and closing Redis connections instead of using a pool

* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
8284110c55 Fix stoplight not using REDIS_NAMESPACE (#18160) 2022-04-28 18:11:31 +02:00
3917353645 Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
6e418bf346 Fix cookies secure flag being set when served over Tor (#17992) 2022-04-08 12:47:18 +02:00
39b489ba4c fix: s3_force_single_request not parsed (#17922) 2022-04-01 23:56:23 +02:00
cefa526c6d Refactor formatter (#17828)
* Refactor formatter

* Move custom emoji pre-rendering logic to view helpers

* Move more methods out of Formatter

* Fix code style issues

* Remove Formatter

* Add inline poll options to RSS feeds

* Remove unused helper method

* Fix code style issues

* Various fixes and improvements

* Fix test
2022-03-26 02:53:34 +01:00
895212bb2f Fix PgHero suggesting migrations (#17807)
* Fix PgHero suggesting migrations

Fixes #17768

* Keep migration suggestions in development env
2022-03-15 20:27:49 +01:00
eb9a7e3626 Fix LetterOpennerWeb CSP (#17770) 2022-03-14 19:20:40 +01:00
46ad7fea9d Bump rack-attack from 6.5.0 to 6.6.0 (#17405)
* Bump rack-attack from 6.5.0 to 6.6.0

Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/rack/rack-attack/releases)
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0)

---
updated-dependencies:
- dependency-name: rack-attack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix usage of deprecated API

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-12 09:23:53 +01:00
a6ed6845c9 Allow login through OpenID Connect (#16221)
* added OpenID Connect as an SSO option

* minor fixes

* added comments, removed an option that shouldn't be set

* fixed Gemfile.lock

* added newline to end of Gemfile.lock

* removed tab from Gemfile.lock

* remove chomp

* codeclimate changes and small name change to make function's purpose clearer

* codeclimate fix

* added SSO buttons to /about page

* minor refactor

* minor style change

* removed spurious change

* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth

* minor changes
2022-03-09 12:07:35 +01:00
b5329e0035 Spelling (#17705)
* spelling: account

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: affiliated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: appearance

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: autosuggest

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: cacheable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: component

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: conversations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: domain.example

Clarify what's distinct and use RFC friendly domain space.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: environment

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: exceeds

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: functional

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: inefficiency

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: not

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: notifications

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: occurring

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: position

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: progress

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: promotable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: reblogging

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: repetitive

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: resolve

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: saturated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: similar

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: strategies

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: success

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: targeting

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: thumbnails

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unauthorized

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unsensitizes

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: validations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: various

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2022-03-06 22:51:40 +01:00