778a69cd
97d971014d
Warn users that emails can be late
2023-09-08 00:05:17 +02:00
778a69cd
660763b124
Notify users about valid usernames
2023-09-08 00:05:17 +02:00
778a69cd
9492e8cf51
use custom links.potsda.mn logo
2023-09-08 00:05:17 +02:00
Claire
5f88a2d70b
Bump version to v4.1.7
2023-09-05 19:16:09 +02:00
Emelia Smith
cf80d54cba
Allow reports with long comments from remote instances, but truncate ( #25028 )
2023-09-05 19:16:09 +02:00
Daniel M Brasil
ea7fa048f3
Fix /api/v1/timelines/tag/:hashtag
allowing for unauthenticated access when public preview is disabled ( #26237 )
2023-09-05 19:16:09 +02:00
Claire
6339806f05
Fix blocking subdomains of an already-blocked domain ( #26392 )
2023-09-05 19:16:09 +02:00
Claire
86afbf25d0
Change text extraction in PlainTextFormatter
to be faster ( #26727 )
2023-09-05 19:16:09 +02:00
Claire
1ad64b5557
Backport container build changes to the stable-4.1 branch ( #26738 )
...
Co-authored-by: Renaud Chaput <renchap@gmail.com>
2023-08-31 19:54:10 +02:00
Claire
ac7d40b561
Bump version to v4.1.6
2023-07-31 14:33:06 +02:00
Renaud Chaput
2fc6117d1b
Fix missing return values in streaming ( #26233 )
2023-07-31 14:33:06 +02:00
Emelia Smith
2eb1a5b7b6
Fix: Streaming server memory leak in HTTP EventSource cleanup ( #26228 )
2023-07-31 14:33:06 +02:00
Claire
6c321bb5e1
Fix incorrect connect timeout in outgoing requests ( #26116 )
2023-07-31 14:33:06 +02:00
Emelia Smith
da230600ac
Refactor streaming's filtering logic & improve documentation ( #26213 )
2023-07-31 14:33:06 +02:00
Claire
1792be342a
Fix wrong filters sometimes applying in streaming ( #26159 )
2023-07-31 14:33:06 +02:00
Claire
ebf4f034c2
Bump version to v4.1.5
2023-07-21 16:07:43 +02:00
Claire
889102013f
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:43 +02:00
Claire
d94a2c8aca
Change request timeout handling to use a longer deadline ( #26055 )
2023-07-21 16:07:43 +02:00
Claire
efd066670d
Fix moderation interface for remote instances with a .zip TLD ( #25885 )
2023-07-21 16:07:43 +02:00
Claire
13ec425b72
Fix remote accounts being possibly persisted to database with incomplete protocol values ( #25886 )
2023-07-21 16:07:43 +02:00
Michael Stanclift
7a99f0744d
Fix trending publishers table not rendering correctly on narrow screens ( #25945 )
2023-07-21 16:07:43 +02:00
Claire
69c8f26946
Add check preventing Sidekiq workers from running with Makara configured ( #25850 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-21 14:18:04 +02:00
Claire
3f5af768c8
Bump version to v4.1.4
2023-07-07 19:37:21 +02:00
Claire
cb8ab46302
Update dependencies
2023-07-07 19:37:21 +02:00
Claire
53b979d5c7
Fix processing of media files with unusual names ( #25788 )
2023-07-07 19:37:21 +02:00
Claire
f2bbac3f9f
Fix crash in admin interface when viewing a remote user with verified links ( #25796 )
2023-07-07 19:37:21 +02:00
Claire
015ed99612
Fix branding:generate_app_icons failing because of disallowed ICO coder ( #25794 )
2023-07-07 19:37:21 +02:00
nemobis
cf58535193
Fix typo in CHANGELOG.md ( #25764 )
2023-07-07 19:37:21 +02:00
Claire
0d5781ca76
Bump version to v4.1.3
2023-07-06 15:07:20 +02:00
Claire
32ebeed59b
Merge pull request from GHSA-55j9-c3mp-6fcq
2023-07-06 15:06:50 +02:00
Claire
e75ad1de0f
Merge pull request from GHSA-9pxv-6qvf-pjwc
...
* Fix timeout handling of outbound HTTP requests
* Use CLOCK_MONOTONIC instead of Time.now
2023-07-06 15:06:24 +02:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
c4f2609f7a
Merge pull request from GHSA-ccm4-vgcc-73hp
...
* Tighten allowed HTML in oEmbed-based preview cards
* Sanitize preview cards at render time
* Add `sandbox` attribute to preview card iframes
2023-07-06 15:03:33 +02:00
Claire
9b6c0cac7d
Add hardened headers to user-uploaded files ( #25756 )
2023-07-06 14:32:26 +02:00
Claire
fac2c9eb7d
Update rack, rails, nokogiri and doorkeeper gems
2023-07-06 13:45:40 +02:00
Claire
a3d69a2c5d
Fix OAuth apps page crashing when listing apps with certain admin API scopes ( #25713 )
2023-07-06 13:45:40 +02:00
Renaud Chaput
8eb1bb8ba6
Allow carets in URL search params ( #25216 )
2023-07-06 13:45:40 +02:00
Vyr Cossont
652ff76462
Fix Redis client and type errors introduced in #24285 ( #24342 )
2023-07-06 13:45:40 +02:00
Vyr Cossont
6f484fbbd2
IndexingScheduler: fetch and import in batches ( #24285 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-07-06 13:45:40 +02:00
Claire
79f5b8f156
Fix ResolveURLService not resolving local URLs for remote content ( #25637 )
2023-07-06 13:45:40 +02:00
Claire
f8930a67a0
Change /api/v1/statuses/:id/history to always return at least one item ( #25510 )
2023-07-06 13:45:40 +02:00
Claire
e65e3a6d14
Add finer permission requirements for managing webhooks ( #25463 )
2023-07-06 13:45:40 +02:00
Claire
8acbfc6ab1
Fix wrong view being displayed when a webhook fails validation ( #25464 )
2023-07-06 13:45:40 +02:00
Emelia Smith
3ef53958b2
Prevent UserCleanupScheduler from overwhelming streaming ( #25519 )
2023-07-06 13:45:40 +02:00
Daniel M Brasil
fd1ffd72eb
Fix incorrect pagination headers in /api/v2/admin/accounts
( #25477 )
2023-07-06 13:45:40 +02:00
Claire
7bd34f8b23
Fix infinite loop in AccountsStatusesCleanupScheduler ( #24840 )
2023-07-06 13:45:40 +02:00
Claire
7012bf6ed3
Improve automatic post cleanup worker performances ( #24785 )
2023-07-06 13:45:40 +02:00
Claire
d9e45f2fa9
Fix AccountsStatusesCleanupScheduler not spreading deletes across accounts correctly ( #24607 )
2023-07-06 13:45:40 +02:00
Claire
0e139e3c4d
Change automatic post deletion thresholds and load detection ( #24614 )
2023-07-06 13:45:40 +02:00
Emelia Smith
23e7b4d28d
Fix logging of messages that are binary before closing their connection ( #25361 )
2023-07-06 13:45:40 +02:00