mastodon/app/models
Claire 0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
..
account Don't allow URLs that contain non-normalized paths to be verified (#20999) 2022-11-20 19:28:13 +01:00
account_suggestions Fix admin-set follow recommandations being case-sensitive (#23500) 2023-02-10 11:14:58 +01:00
admin Add confirmation screen when handling reports (#22375) 2023-01-18 16:40:09 +01:00
concerns Merge pull request from GHSA-9928-3cp5-93fm 2023-07-06 15:05:05 +02:00
form Fix reports not being closed when performing batch suspensions (#24988) 2023-07-06 13:45:40 +02:00
trends Apply Rubocop Performance/BlockGivenWithExplicitBlock (#23441) 2023-02-08 10:36:23 +01:00
web Add policy param to POST /api/v1/push/subscriptions (#16040) 2021-04-15 05:00:25 +02:00
account.rb Fix inefficiency when searching accounts per username in admin interface (#23801) 2023-03-13 18:38:01 +01:00
account_alias.rb Micro-optimization: only split acct into two Strings (#19901) 2022-11-07 16:17:55 +01:00
account_conversation.rb Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-07-06 13:45:40 +02:00
account_deletion_request.rb Change account suspensions to be reversible by default (#14726) 2020-09-15 14:37:58 +02:00
account_domain_block.rb Fix crash when saving invalid domain name (#11528) 2019-08-08 23:04:19 +02:00
account_filter.rb Add "disabled" user filter for admin/accounts UI (#21282) 2022-12-15 17:30:47 +01:00
account_migration.rb Fix 500 error when trying to migrate to an invalid address (#21462) 2022-12-07 02:35:39 +01:00
account_moderation_note.rb Update dependencies for Ruby (2018-04-23) (#7237) 2018-04-23 11:29:17 +02:00
account_note.rb Fix AccountNote not having a maximum length (#16942) 2021-11-06 00:12:25 +01:00
account_pin.rb Add API endpoint to list featured accounts (fixes #8315) (#8317) 2018-08-20 18:46:04 +02:00
account_stat.rb Fix follower and other counters being able to go negative (#18517) 2022-05-26 20:32:48 +02:00
account_statuses_cleanup_policy.rb Micro-optimization: use if/else instead of Array#compact and Array#min (#19906) 2022-11-08 03:50:47 +01:00
account_statuses_filter.rb Fix performance of account timelines (#17709) 2022-03-08 09:14:39 +01:00
account_suggestions.rb Change auto-following admin-selected accounts, show in recommendations (#16078) 2021-04-24 17:01:43 +02:00
account_summary.rb Fix FollowRecommendationsScheduler failing because of unpopulated views (#16189) 2021-05-09 10:39:29 +02:00
account_warning.rb Fix Account Strike causing PG not null validation error (#23178) 2023-01-21 10:22:22 +01:00
account_warning_preset.rb Add titles to warning presets in admin UI (#13252) 2020-03-12 17:57:59 +01:00
admin.rb Add logging of admin actions (#5757) 2017-11-24 02:05:53 +01:00
announcement.rb Change admin announcement edition interface to use datetime-local (#18321) 2022-10-28 12:56:32 +02:00
announcement_filter.rb Fix error when passing unknown filter param in REST API (#20626) 2022-11-14 08:06:06 +01:00
announcement_mute.rb Add announcements (#12662) 2020-01-23 22:00:13 +01:00
announcement_reaction.rb Add announcements (#12662) 2020-01-23 22:00:13 +01:00
appeal.rb Add audit log entries for user roles (#19040) 2022-08-25 20:39:40 +02:00
application_record.rb Fix records not being indexed sometimes (#12024) 2019-10-01 01:19:11 +02:00
backup.rb Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:41:27 +02:00
block.rb Store URIs of follows, follow requests and blocks for ActivityPub (#7160) 2018-05-04 21:14:34 +02:00
bookmark.rb Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915) 2021-11-18 22:02:08 +01:00
canonical_email_block.rb Add admin API for managing canonical e-mail blocks (#19067) 2022-08-28 03:31:54 +02:00
content_retention_policy.rb Add retention policy for cached content and media (#19232) 2022-09-27 03:08:19 +02:00
context.rb Refactor JSON templates to be generated with ActiveModelSerializers instead of Rabl (#4090) 2017-07-07 04:02:06 +02:00
conversation.rb Revert "Remove conversation URI (#11423)" (#11424) 2019-07-28 17:47:37 +02:00
conversation_mute.rb Update dependencies for Ruby (2018-04-23) (#7237) 2018-04-23 11:29:17 +02:00
custom_emoji.rb Fix metadata scrubbing removing color profile from images (#20389) 2022-11-11 09:20:10 +01:00
custom_emoji_category.rb Add batch actions and categories to admin UI for custom emojis (#11793) 2019-09-09 22:44:17 +02:00
custom_emoji_filter.rb Fix error when passing unknown filter param in REST API (#20626) 2022-11-14 08:06:06 +01:00
custom_filter.rb Fix irreversible and whole_word parameters handling in /api/v1/filters (#21988) 2022-12-07 00:10:53 +01:00
custom_filter_keyword.rb Change how hashtags are normalized (#18795) 2022-07-13 15:03:28 +02:00
custom_filter_status.rb Add ability to select all accounts matching search for batch actions (#19053) 2022-08-25 23:33:34 +02:00
device.rb Add E2EE API (#13820) 2020-06-02 19:24:53 +02:00
domain_allow.rb Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597) 2022-11-17 11:05:09 +01:00
domain_block.rb Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597) 2022-11-17 11:05:09 +01:00
email_domain_block.rb Add admin API for managing e-mail domain blocks (#19066) 2022-08-28 03:37:55 +02:00
encrypted_message.rb Fix single Redis connection being used across all threads (#18135) 2022-04-28 17:47:34 +02:00
export.rb Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
extended_description.rb Change about page to be mounted in the web UI (#19345) 2022-10-13 14:42:37 +02:00
favourite.rb Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915) 2021-11-18 22:02:08 +01:00
featured_tag.rb Improve performance by avoiding regex construction (#20215) 2022-11-10 05:49:30 +01:00
feed.rb allow pagination by min_id and max_id (#14776) 2020-09-12 17:09:49 +02:00
follow.rb Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
follow_recommendation.rb Fix FollowRecommendationsScheduler failing because of unpopulated views (#16189) 2021-05-09 10:39:29 +02:00
follow_recommendation_filter.rb Fix single Redis connection being used across all threads (#18135) 2022-04-28 17:47:34 +02:00
follow_recommendation_suppression.rb Add cold-start follow recommendations (#15945) 2021-04-12 12:37:14 +02:00
follow_request.rb Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
home_feed.rb Fix rubocop config and warnings (#15503) 2021-01-07 09:40:55 +01:00
identity.rb Change Identity to not destroy associated User on destroy (#25098) 2023-07-06 13:45:40 +02:00
import.rb Fix follow limit preventing re-following of a moved account (#14207) 2020-12-18 09:18:31 +01:00
instance.rb Add audit log entries for user roles (#19040) 2022-08-25 20:39:40 +02:00
instance_filter.rb Fix error when passing unknown filter param in REST API (#20626) 2022-11-14 08:06:06 +01:00
invite.rb Change account suspensions to be reversible by default (#14726) 2020-09-15 14:37:58 +02:00
invite_filter.rb Fix error when passing unknown filter param in REST API (#20626) 2022-11-14 08:06:06 +01:00
ip_block.rb Fix IP blocks not having a unique index (#19456) 2022-10-25 21:43:44 +02:00
list.rb Improve account deletion performances further (#15407) 2020-12-22 23:57:46 +01:00
list_account.rb Add abilityto add oneself to lists (#12271) 2019-11-04 13:02:01 +01:00
list_feed.rb Fix rubocop config and warnings (#15503) 2021-01-07 09:40:55 +01:00
login_activity.rb Add authentication history (#16408) 2021-06-21 17:07:30 +02:00
marker.rb Add timeline read markers API (#11762) 2019-09-06 13:55:51 +02:00
media_attachment.rb Change remote media files to be downloaded outside of transactions (#21796) 2022-12-15 18:09:48 +01:00
mention.rb Improve support for aspects/circles (#8950) 2018-10-17 17:13:04 +02:00
message_franking.rb Add E2EE API (#13820) 2020-06-02 19:24:53 +02:00
mute.rb Add duration parameter to muting. (#13831) 2020-10-13 01:01:14 +02:00
notification.rb Add notifications for new reports (#18697) 2022-06-27 09:30:15 +02:00
one_time_key.rb Add E2EE API (#13820) 2020-06-02 19:24:53 +02:00
poll.rb Clear voter count when poll is reset (#21700) 2022-11-26 23:08:25 +01:00
poll_vote.rb Add optimistic lock to avoid race conditions when handling votes (#10196) 2019-03-06 19:53:57 +01:00
preview_card.rb Fix metadata scrubbing removing color profile from images (#20389) 2022-11-11 09:20:10 +01:00
preview_card_provider.rb Fix metadata scrubbing removing color profile from images (#20389) 2022-11-11 09:20:10 +01:00
preview_card_trend.rb Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
privacy_policy.rb Fix privacy policy being empty if custom setting exists but is empty (#19318) 2022-10-08 08:34:00 +02:00
public_feed.rb Revert filtering public timelines by locale by default (#20294) 2022-11-10 05:34:42 +01:00
relationship_filter.rb Fix error when passing unknown filter param in REST API (#20626) 2022-11-14 08:06:06 +01:00
relay.rb Strip spaces around URL when adding a relay (#22655) 2023-01-05 13:33:33 +01:00
remote_follow.rb Remove dependency on goldfinger gem (#14919) 2020-10-08 00:34:57 +02:00
report.rb Fix notifications about deleted reports not being also deleted (#19475) 2022-10-27 02:10:54 +02:00
report_filter.rb Fix error when passing unknown filter param in REST API (#20626) 2022-11-14 08:06:06 +01:00
report_note.rb Fix scope latest of ReportNote (#9630) 2018-12-26 06:38:59 +01:00
rule.rb Fix rules with same priority being sorted non-deterministically (#20623) 2022-11-14 06:28:19 +01:00
scheduled_status.rb Fix deleting a scheduled status immediately deleting media attachments (#9728) 2019-01-06 16:38:40 +01:00
search.rb Refactor JSON templates to be generated with ActiveModelSerializers instead of Rabl (#4090) 2017-07-07 04:02:06 +02:00
session_activation.rb Apply Rubocop Rails/WhereNot (#23448) 2023-02-08 10:39:57 +01:00
setting.rb Apply Rubocop Style/RedundantAssignment (#23452) 2023-02-08 07:06:50 +01:00
site_upload.rb Fix metadata scrubbing removing color profile from images (#20389) 2022-11-11 09:20:10 +01:00
status.rb Add roles attribute to Account entities in REST API (#23255) 2023-01-25 19:55:40 +01:00
status_edit.rb Add ability to view previous edits of a status in admin UI (#19462) 2022-10-26 13:42:29 +02:00
status_pin.rb Add feature to automatically delete old toots (#16529) 2021-08-09 23:11:50 +02:00
status_stat.rb Fix follower and other counters being able to go negative (#18517) 2022-05-26 20:32:48 +02:00
status_trend.rb Fix trending statuses returning more than one post by the same author (#19349) 2022-10-14 01:44:23 +02:00
system_key.rb Add E2EE API (#13820) 2020-06-02 19:24:53 +02:00
tag.rb Fix ・ detection in hashtag regex to construct hashtag correctly (#22888) 2023-01-04 02:12:48 +01:00
tag_feed.rb Revert filtering public timelines by locale by default (#20294) 2022-11-10 05:34:42 +01:00
tag_follow.rb Add ability to follow hashtags (#18809) 2022-07-17 13:49:29 +02:00
tombstone.rb Record deleted(by mod) status to prevent re-appear (#10732) 2019-05-09 22:03:02 +02:00
trends.rb Fix missing skip_review? (#19335) 2022-10-10 08:03:19 +02:00
unavailable_domain.rb Add audit log entries for user roles (#19040) 2022-08-25 20:39:40 +02:00
user.rb Fix unconfirmed accounts being registered as active users (#23803) 2023-03-13 18:40:55 +01:00
user_invite_request.rb Add "why do you want to join" field to invite requests (#10524) 2019-04-09 23:06:30 +09:00
user_ip.rb Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
user_role.rb Add audit log entries for user roles (#19040) 2022-08-25 20:39:40 +02:00
web.rb Add extended about page stub 2017-01-13 03:24:41 +01:00
webauthn_credential.rb Fix validates :sign_count of WebauthnCredential (#14806) 2020-09-16 20:16:46 +02:00
webhook.rb Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:40 +02:00