Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge v4.2.6 #1939

Open
wants to merge 1,712 commits into
base: best-friends
Choose a base branch
from
Open

Merge v4.2.6 #1939

wants to merge 1,712 commits into from

Conversation

rosylilly
Copy link
Member

No description provided.

renovate bot and others added 30 commits August 31, 2023 09:49
@renovate
Update dependency glob to v10.3.4 (mastodon#26734)
15949e4 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
Update dependency webpack-bundle-analyzer to v4.9.1 (mastodon#26733)
ef9a85a 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
Update dependency @babel/preset-env to v7.22.14 (mastodon#26732)
430eac3 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@gunchleoc
Add suggestion for secure cyphers to nginx.conf (mastodon#26349)
cb9f960
@Signez
Add an explanation banner on switching to single column mode (mastodo…
40b69cc 
…n#26019)
@tvler
Add avatar image to webfinger responses (mastodon#26558)
336ec50
@danielmbrasil
Fix /api/v1/timelines/tag/:hashtag allowing for unauthenticated acc…
ccca542 
…ess when public preview is disabled (mastodon#26237)
@arbolitoloco1
Allow filter form in profiles directory to wrap (mastodon#26682)
f1d2501
@renchap
Fix comment in build image workflow (mastodon#26740)
cffc5d2
@ClearlyClaire
Fix searching by username by reverting account verbatim tokenizer to …
6b58cfd 
…`standard` (mastodon#26739)
@ClearlyClaire
Fix AddUniqueIndexOnPreviewCardsStatuses migration requiring Postgr…
1471be8 
…eSQL 12+ in some cases (mastodon#26737)
@Gargron
Fix videos not playing in some browsers due to unsupported color space (
ecd76fa 
mastodon#26745)
@ClearlyClaire
Change importers to avoid a few inefficiencies (mastodon#26721)
9bb2fb6
@Gargron
Fix search queries with slash causing or-condition (mastodon#26699)
0008458
@Gargron
Fix not being able to invoke phrase search using unicode quotation ma…
872145d 
…rks (mastodon#26687)
@Gargron
Fix unmatched quotes and prefixes causing search to fail (mastodon#26701
e754083 
)
@renovate
Update dependency oj to v3.16.1 (mastodon#26749)
630e558 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
Update dependency pg to v1.5.4 (mastodon#26750)
bb0edb1 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@ClearlyClaire
Revert to using primary database in IndexingScheduler (mastodon#26754)
5c0a9aa
@ClearlyClaire
Fix search popout including full-text search instructions when full-t…
6c4c724 
…ext search is disabled (mastodon#26755)
@ClearlyClaire
Add authorized_fetch server setting in addition to env var (mastodo…
9e26cd5 
…n#25798)
@gmemstr @ThisIsMissEm
Move to ioredis for streaming (mastodon#26581)
be991f1 
Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
@ClearlyClaire
Add admin notifications for new Mastodon versions (mastodon#26582)
16681e0
@Gargron
Fix some video encoding failing due to uneven dimensions (mastodon#26766
0509326 
)
@Gargron
Fix wrong color on active icons with counters in web UI (mastodon#26767)
728eb6a
@renovate
Update dependency typescript to v5.2.2 (mastodon#26786)
173041f 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@Gargron
Fix before:, after: and during: failing when time zone not set (m…
e52d049 
…astodon#26782)
@renovate
Update DefinitelyTyped types (non-major) (mastodon#26785)
1f92436 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@c960657
Fix invalid Content-Type header for WebP images (mastodon#26773)
ea31929
@Signez
Fix light mode colors for advanced interface banner (mastodon#26759)
a106c46
brianholley and others added 28 commits January 24, 2024 15:31
@brianholley @ClearlyClaire
Fix "Hide these posts from home" list setting not refreshing when swi…
3ecc991 
…tching lists (mastodon#27763)
@Gargron @ClearlyClaire
Fix unsupported time zone or locale preventing sign-up (mastodon#28035)
4d96d71 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
@ClearlyClaire
Fix error when processing link preview with an array as inLanguage (m…
c609b72 
…astodon#28252)
@ClearlyClaire
Fix streaming API redirection ignoring the port of `streaming_api_bas…
01caa18 
…e_url` (mastodon#28558)
@ClearlyClaire
Fix potential redirection loop of streaming endpoint (mastodon#28665)
c0a9db3
@ClearlyClaire
Convert signature verification specs to request specs (mastodon#28443)
1998c56
@ClearlyClaire
Fix Mastodon not correctly processing HTTP Signatures with query stri…
3837ec2 
…ngs (mastodon#28476)
@tribela @ClearlyClaire
Ignore RecordNotUnique errors in LinkCrawlWorker (mastodon#28748)
499bc71
@ShadowJonathan @ClearlyClaire
Retry 401 errors on replies fetching (mastodon#28788)
2dbf176 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
@ClearlyClaire
Add rate-limit of TOTP authentication attempts at controller level (m…
6fe2a47 
…astodon#28801)
@ClearlyClaire
Fix processing of compacted single-item JSON-LD collections (mastodon…
b377f82 
…#28816)
@ClearlyClaire
Fix error when processing remote files with unusually long names (mas…
779237f 
…todon#28823)
@ClearlyClaire
Update dependency puma to v6.4.2
c5c4648
@ClearlyClaire
Bump ruby version to 3.2.3
7a22999
@ClearlyClaire
Ignore the devise-two-factor advisory as we have rate limits in place (
4eb98ef 
…mastodon#28733)
@ClearlyClaire
Change PostgreSQL version check to check for PostgreSQL 10+
1ab050e
@ClearlyClaire
Bump version to v4.2.4
4633bb8
@ClearlyClaire
Merge pull request from GHSA-3fjr-858r-92rw
a6641f8 
* Fix insufficient origin validation

* Bump version to v4.2.5
@ClearlyClaire
Update dependency nokogiri to 1.16.2
b7230cd
@ClearlyClaire
Update dependency sidekiq-unique-jobs to 7.1.33
ae2dce8
@ThisIsMissEm @ClearlyClaire
Disable administrative doorkeeper routes (mastodon#29187)
6d43b63
@ClearlyClaire
Add sidekiq_unique_jobs:delete_all_locks task and disable `sidekiq-…
1a33d34 
…unique-jobs` UI by default (mastodon#29199)
@ClearlyClaire @ThisIsMissEm
Merge pull request from GHSA-7w3c-p9j8-mq3x
0b0c7af 
* Ensure destruction of OAuth Applications notifies streaming

Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

* Ensure password resets revoke access to Streaming API

* Improve performance of deleting OAuth tokens

---------

Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
@ClearlyClaire
Merge pull request from GHSA-vm39-j3vx-pch3
f170052 
* Prevent different identities from a same SSO provider from accessing a same account

* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

* Rename methods to avoid confusion between OAuth and OmniAuth
@ClearlyClaire
Bump version to v4.2.6
7c8ca0c
@rosylilly
Merge tag 'v4.2.6' into merge-v4.2
6bc3d3e
@rosylilly
Fix emoji code
2410a15
@rosylilly
Remove unused partial view
d03b921
@github-actions GitHub Actions
Copy link

This pull request has merge conflicts that must be resolved before it can be merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
rebase needed 🚧
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.