Commit Graph

803 Commits

Author SHA1 Message Date
dependabot[bot]
7936bae40c
Bump sprockets-rails from 3.2.2 to 3.4.0 (#16990)
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails) from 3.2.2 to 3.4.0.
- [Release notes](https://github.com/rails/sprockets-rails/releases)
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.2...v3.4.0)

---
updated-dependencies:
- dependency-name: sprockets-rails
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:40 +09:00
dependabot[bot]
96f1538cc8
Bump rubocop from 1.22.3 to 1.23.0 (#16989)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.22.3 to 1.23.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.22.3...v1.23.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-18 09:06:26 +09:00
dependabot[bot]
8ce60c94d8
Bump sidekiq from 6.2.2 to 6.3.1 (#16965)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.2.2 to 6.3.1.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.2...v6.3.1)

---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:48:34 +09:00
dependabot[bot]
554d6831b1
Bump aws-sdk-s3 from 1.104.0 to 1.105.1 (#16962)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.104.0 to 1.105.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-13 18:36:28 +09:00
dependabot[bot]
e8f58beeea
Bump aws-sdk-s3 from 1.103.0 to 1.104.0 (#16899)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.103.0 to 1.104.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-28 10:20:43 +09:00
dependabot[bot]
cdcc4523a5
Bump capybara from 3.35.3 to 3.36.0 (#16898)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.35.3 to 3.36.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.35.3...3.36.0)

---
updated-dependencies:
- dependency-name: capybara
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-28 10:20:19 +09:00
dependabot[bot]
db54a1d56d
Bump redis from 4.4.0 to 4.5.1 (#16868)
Bumps [redis](https://github.com/redis/redis-rb) from 4.4.0 to 4.5.1.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.4.0...v4.5.1)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-20 09:49:36 +09:00
Yamagishi Kazutoshi
766a361b86
Remove dependency on parallel_tests (#16862) 2021-10-17 20:12:32 +02:00
dependabot[bot]
79e3abd5bc
Bump rubocop from 1.21.0 to 1.22.1 (#16810)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.21.0 to 1.22.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.21.0...v1.22.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-09 19:42:40 +09:00
dependabot[bot]
a07c897b57
Bump puma from 5.4.0 to 5.5.0 (#16753)
Bumps [puma](https://github.com/puma/puma) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.4.0...v5.5.0)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-09 19:39:55 +09:00
Claire
fc3ae1343d
Switch from unmaintained paperclip to kt-paperclip (#16724)
* Switch from unmaintained paperclip to kt-paperclip

* Drop some compatibility monkey-patches not required by kt-paperclip

* Drop media spoof check monkey-patching

It's broken with kt-paperclip and hopefully it won't be needed anymore

* Fix regression introduced by paperclip 6.1.0

* Do not rely on pathname to call FastImage

* Add test for ogg vorbis file with cover art

* Add audio/vorbis to the accepted content-types

This seems erroneous as this would be the content-type for a vorbis stream
without an ogg container, but that's what the `marcel` gem outputs, so…

* Restore missing for_as_default method

* Refactor Attachmentable concern and delay Paperclip's content-type spoof check

Check for content-type spoofing *after* setting the extension ourselves, this
fixes a regression with kt-paperclip's validations being more strict than
paperclip 6.0.0 and rejecting some Pleroma uploads because of unknown
extensions.

* Please CodeClimate

* Add audio/vorbis to the unreliable set

It doesn't correspond to a file format and thus has no extension associated.
2021-09-29 23:52:36 +02:00
dependabot[bot]
0e4a4db141
Bump aws-sdk-s3 from 1.102.0 to 1.103.0 (#16756)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.102.0 to 1.103.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-29 22:03:59 +09:00
dependabot[bot]
7442c0d347
Bump bootsnap from 1.8.1 to 1.9.1 (#16759)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.8.1 to 1.9.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.8.1...v1.9.1)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-29 22:03:43 +09:00
dependabot[bot]
8e5e6ef144
Bump bundler-audit from 0.8.0 to 0.9.0.1 (#16701)
Bumps [bundler-audit](https://github.com/postmodern/bundler-audit) from 0.8.0 to 0.9.0.1.
- [Release notes](https://github.com/postmodern/bundler-audit/releases)
- [Changelog](https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md)
- [Commits](https://github.com/postmodern/bundler-audit/compare/v0.8.0...v0.9.0.1)

---
updated-dependencies:
- dependency-name: bundler-audit
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-19 14:44:27 +09:00
dependabot[bot]
ec6c50a61f
Bump parallel from 1.20.1 to 1.21.0 (#16736)
Bumps [parallel](https://github.com/grosser/parallel) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/grosser/parallel/releases)
- [Commits](https://github.com/grosser/parallel/compare/v1.20.1...v1.21.0)

---
updated-dependencies:
- dependency-name: parallel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-19 14:43:03 +09:00
dependabot[bot]
d64055c060
Bump bootsnap from 1.6.0 to 1.8.1 (#16677)
* Bump bootsnap from 1.6.0 to 1.8.1

Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.6.0 to 1.8.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.6.0...v1.8.1)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Remove deprecated bootsnap config options

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2021-09-19 14:42:32 +09:00
dependabot[bot]
8f7308da81
Bump rubocop-rails from 2.11.3 to 2.12.2 (#16734)
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.11.3 to 2.12.2.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.11.3...v2.12.2)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-14 21:14:25 +09:00
dependabot[bot]
121c7a7847
Bump rubocop from 1.20.0 to 1.21.0 (#16733)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.20.0...v1.21.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-14 17:52:53 +09:00
dependabot[bot]
ba957156f9
Bump aws-sdk-s3 from 1.100.0 to 1.102.0 (#16702)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.100.0 to 1.102.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-09 17:39:21 +09:00
dependabot[bot]
30b9630fc7
Bump rqrcode from 2.0.0 to 2.1.0 (#16678)
Bumps [rqrcode](https://github.com/whomwah/rqrcode) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/whomwah/rqrcode/releases)
- [Changelog](https://github.com/whomwah/rqrcode/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whomwah/rqrcode/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: rqrcode
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:58:34 +09:00
dependabot[bot]
dbc59eb2a8
Bump rubocop from 1.19.1 to 1.20.0 (#16674)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.19.1 to 1.20.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.19.1...v1.20.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:56:14 +09:00
dependabot[bot]
56f465e571
Bump aws-sdk-s3 from 1.99.0 to 1.100.0 (#16676)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.99.0 to 1.100.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-31 20:56:01 +09:00
dependabot[bot]
25330a9f04
Bump http from 4.4.1 to 5.0.1 (#16438)
Bumps [http](https://github.com/httprb/http) from 4.4.1 to 5.0.1.
- [Release notes](https://github.com/httprb/http/releases)
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md)
- [Commits](https://github.com/httprb/http/compare/v4.4.1...v5.0.1)

---
updated-dependencies:
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-28 18:17:59 +02:00
dependabot[bot]
1c8ce9ae34
Bump faker from 2.18.0 to 2.19.0 (#16646)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.18.0 to 2.19.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.18.0...v2.19.0)

---
updated-dependencies:
- dependency-name: faker
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-27 21:47:00 +09:00
dependabot[bot]
ce8f41e560
Bump oj from 3.12.2 to 3.13.2 (#16620)
Bumps [oj](https://github.com/ohler55/oj) from 3.12.2 to 3.13.2.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.12.2...v3.13.2)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 13:58:07 +09:00
dependabot[bot]
ec0b8f7e81
Bump aws-sdk-s3 from 1.98.0 to 1.99.0 (#16611)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.98.0 to 1.99.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:49:21 +09:00
dependabot[bot]
f3084bbf7c
Bump webmock from 3.13.0 to 3.14.0 (#16587)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.13.0 to 3.14.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.13.0...v3.14.0)

---
updated-dependencies:
- dependency-name: webmock
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:49:00 +09:00
dependabot[bot]
479a8d1004
Bump rubocop from 1.18.4 to 1.19.0 (#16618)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.18.4 to 1.19.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.18.4...v1.19.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-17 12:40:17 +09:00
Claire
432e3d1eaf
Bump sanitize from 5.2.3 to 6.0.0 (#16580)
Fixes nokogumbo/nokogiri conflicts by dropping the nokogumbo gem, as it has
been merged in the nokogiri gem.
2021-08-09 20:46:57 +02:00
dependabot[bot]
7bd7e45608
Bump aws-sdk-s3 from 1.96.2 to 1.98.0 (#16559)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.96.2 to 1.98.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-07 13:10:27 +09:00
dependabot[bot]
fe8750e851
Bump nokogiri from 1.11.7 to 1.12.0 (#16560)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.7 to 1.12.0.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.7...v1.12.0)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-07 13:01:59 +09:00
dependabot[bot]
a517fc49ef
Bump puma from 5.3.2 to 5.4.0 (#16561)
Bumps [puma](https://github.com/puma/puma) from 5.3.2 to 5.4.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.3.2...v5.4.0)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-07 13:01:32 +09:00
dependabot[bot]
755e946220
Bump redis from 4.3.1 to 4.4.0 (#16562)
Bumps [redis](https://github.com/redis/redis-rb) from 4.3.1 to 4.4.0.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.3.1...v4.4.0)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-07 13:00:49 +09:00
dependabot[bot]
7efe0cb024
Bump brakeman from 5.0.4 to 5.1.1 (#16538)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 5.0.4 to 5.1.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v5.0.4...v5.1.1)

---
updated-dependencies:
- dependency-name: brakeman
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-01 11:13:41 +09:00
dependabot[bot]
b16d220ec9
Bump oj from 3.11.8 to 3.12.1 (#16493)
Bumps [oj](https://github.com/ohler55/oj) from 3.11.8 to 3.12.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.11.8...v3.12.1)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-20 22:25:09 +09:00
Daigo 3 Dango
3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
dependabot[bot]
d36cfb99da
Bump addressable from 2.7.0 to 2.8.0 (#16474)
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/sporkmonger/addressable/releases)
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sporkmonger/addressable/compare/addressable-2.7.0...addressable-2.8.0)

---
updated-dependencies:
- dependency-name: addressable
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-08 14:35:20 +09:00
dependabot[bot]
7b14b8074d
Bump rails from 6.1.3.2 to 6.1.4 (#16436)
Bumps [rails](https://github.com/rails/rails) from 6.1.3.2 to 6.1.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.3.2...v6.1.4)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-04 05:07:32 +09:00
dependabot[bot]
01de07c91a
Bump rubocop from 1.17.0 to 1.18.1 (#16451)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.17.0 to 1.18.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.17.0...v1.18.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-01 01:59:58 +09:00
dependabot[bot]
3460df6fe3
Bump sidekiq-unique-jobs from 7.0.12 to 7.1.1 (#16450)
Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 7.0.12 to 7.1.1.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v7.0.12...v7.1.1)

---
updated-dependencies:
- dependency-name: sidekiq-unique-jobs
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-01 00:45:49 +09:00
dependabot[bot]
9cd724a3b4
Bump rubocop from 1.16.1 to 1.17.0 (#16424)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.16.1 to 1.17.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.16.1...v1.17.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-25 00:55:34 +09:00
dependabot[bot]
afc170a231
Bump rubocop-rails from 2.10.1 to 2.11.0 (#16419)
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.10.1 to 2.11.0.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.10.1...v2.11.0)

---
updated-dependencies:
- dependency-name: rubocop-rails
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-24 23:57:03 +09:00
dependabot[bot]
42dc78569f
Bump redis from 4.2.5 to 4.3.1 (#16396)
Bumps [redis](https://github.com/redis/redis-rb) from 4.2.5 to 4.3.1.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.2.5...v4.3.1)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-14 23:58:47 +09:00
dependabot[bot]
0b72aecab3
Bump sidekiq-scheduler from 3.0.1 to 3.1.0 (#16365)
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler) from 3.0.1 to 3.1.0.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases)
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v3.0.1...v3.1.0)

---
updated-dependencies:
- dependency-name: sidekiq-scheduler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-10 23:46:18 +09:00
dependabot[bot]
a1c7ab968a
Bump rubocop from 1.15.0 to 1.16.0 (#16368)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-10 23:46:04 +09:00
dependabot[bot]
9abf81d10e
Bump aws-sdk-s3 from 1.95.1 to 1.96.0 (#16372)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.95.1 to 1.96.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-10 23:45:27 +09:00
dependabot[bot]
cf08a595af
Bump rubocop from 1.14.0 to 1.15.0 (#16300)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.14.0...v1.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-29 09:17:34 +09:00
dependabot[bot]
30cdedfa6e
Bump httplog from 1.4.3 to 1.5.0 (#16303)
Bumps [httplog](https://github.com/trusche/httplog) from 1.4.3 to 1.5.0.
- [Release notes](https://github.com/trusche/httplog/releases)
- [Changelog](https://github.com/trusche/httplog/blob/v1.5.0/CHANGELOG.md)
- [Commits](https://github.com/trusche/httplog/compare/v1.4.3...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-29 09:17:23 +09:00
dependabot[bot]
2efe711a51
Bump aws-sdk-s3 from 1.94.1 to 1.95.0 (#16298)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.94.1 to 1.95.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-27 17:55:25 +09:00
dependabot[bot]
01dfa58aab
Bump webpacker from 5.3.0 to 5.4.0 (#16297)
Bumps [webpacker](https://github.com/rails/webpacker) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v5.3.0...v5.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-27 17:48:18 +09:00
dependabot[bot]
dc86f709e3
Bump simple-navigation from 4.1.0 to 4.3.0 (#16255)
Bumps [simple-navigation](https://github.com/codeplant/simple-navigation) from 4.1.0 to 4.3.0.
- [Release notes](https://github.com/codeplant/simple-navigation/releases)
- [Changelog](https://github.com/codeplant/simple-navigation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codeplant/simple-navigation/commits/v4.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-22 00:52:32 +09:00
dependabot[bot]
8ce6cc8bf9
Bump faker from 2.17.0 to 2.18.0 (#16259)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.17.0 to 2.18.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.17.0...v2.18.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-22 00:49:03 +09:00
dependabot[bot]
3012a12f02
Bump webmock from 3.12.2 to 3.13.0 (#16254)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.12.2 to 3.13.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.12.2...v3.13.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-22 00:46:44 +09:00
dependabot[bot]
a8cce402e0
Bump rubocop from 1.13.0 to 1.14.0 (#16192)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.13.0...v1.14.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 17:41:37 +02:00
dependabot[bot]
04e4e864c1
Bump rqrcode from 1.2.0 to 2.0.0 (#16198)
Bumps [rqrcode](https://github.com/whomwah/rqrcode) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/whomwah/rqrcode/releases)
- [Changelog](https://github.com/whomwah/rqrcode/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whomwah/rqrcode/compare/v1.2.0...v2.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 17:36:14 +02:00
dependabot[bot]
43e8b4982f
Bump rubocop-rails from 2.9.1 to 2.10.1 (#16193)
Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.9.1 to 2.10.1.
- [Release notes](https://github.com/rubocop/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.9.1...v2.10.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 17:35:24 +02:00
dependabot[bot]
10cd2d1e86
Bump puma from 5.2.2 to 5.3.0 (#16194)
Bumps [puma](https://github.com/puma/puma) from 5.2.2 to 5.3.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.2.2...v5.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 17:27:50 +02:00
dependabot[bot]
b44585aa89
Bump webpacker from 5.2.1 to 5.3.0 (#16144)
Bumps [webpacker](https://github.com/rails/webpacker) from 5.2.1 to 5.3.0.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v5.2.1...v5.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 12:33:21 +09:00
dependabot[bot]
9e5bdd8007
Bump devise from 4.7.3 to 4.8.0 (#16140)
Bumps [devise](https://github.com/plataformatec/devise) from 4.7.3 to 4.8.0.
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/heartcombo/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v4.7.3...v4.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-07 12:27:58 +09:00
Claire
566fc90913
Add Ruby 3.0 support (#16046)
* Fix issues with POSIX::Spawn, Terrapin and Ruby 3.0

Also improve the Terrapin monkey-patch for the stderr/stdout issue.

* Fix keyword argument handling throughout the codebase

* Monkey-patch Paperclip to fix keyword arguments handling in validators

* Change validation_extensions to please CodeClimate

* Bump microformats from 4.2.1 to 4.3.1

* Allow Ruby 3.0

* Add Ruby 3.0 test target to CircleCI

* Add test for admin dashboard warnings

* Fix admin dashboard warnings on Ruby 3.0
2021-05-06 14:22:54 +02:00
Eugen Rochko
036556d350
Fix media processing getting stuck on too much stdin/stderr (#16136)
* Fix media processing getting stuck on too much stdin/stderr

See thoughtbot/terrapin#5

* Remove dependency on paperclip-av-transcoder gem

* Remove dependency on streamio-ffmpeg gem

* Disable stdin on ffmpeg process
2021-05-05 19:44:01 +02:00
Claire
dfa002932d
Workaround Resolv::DNS-induced hangs by installing resolv 0.1.0 (#16157)
See https://github.com/tootsuite/mastodon/pull/16154#issuecomment-832062139
2021-05-05 15:59:43 +02:00
dependabot[bot]
970ffd8d1a
Bump aws-sdk-s3 from 1.93.1 to 1.94.0 (#16143)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.93.1 to 1.94.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-03 20:12:02 +09:00
dependabot[bot]
d4d19706f8
Bump rubocop from 1.12.1 to 1.13.0 (#16115)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.12.1 to 1.13.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.12.1...v1.13.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-26 21:47:17 +09:00
dependabot[bot]
43f42310ae
Bump cld3 from 3.4.1 to 3.4.2 (#16069)
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.4.1 to 3.4.2.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.4.1...v3.4.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-19 15:33:41 +02:00
Eugen Rochko
bb68a9570e
Bump nsa from git to 0.2.8 (#16033) 2021-04-13 03:45:45 +02:00
dependabot[bot]
04fe071279
Bump parallel_tests from 3.6.0 to 3.7.0 (#16024)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.6.0...v3.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-12 14:37:29 +02:00
Eugen Rochko
120965eb0b
Change Web Push API deliveries to use request pooling (#16014) 2021-04-12 14:25:34 +02:00
Eugen Rochko
ad61265268
Remove dependency on pluck_each gem (#16012) 2021-04-12 03:35:58 +02:00
Eugen Rochko
619fad6cf8
Remove spam check and dependency on nilsimsa gem (#16011) 2021-04-11 11:22:50 +02:00
Eugen Rochko
b3e9094e14
Bump devise-two-factor from git to 4.0.0 (#15987) 2021-04-10 11:50:41 +02:00
Eugen Rochko
82cce18227
Change health check (#15988) 2021-04-03 02:39:04 +02:00
dependabot[bot]
a394b08fd7
Bump aws-sdk-s3 from 1.92.0 to 1.93.0 (#15973)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.92.0 to 1.93.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:58:23 +09:00
dependabot[bot]
6b2eacbeeb
Bump rubocop from 1.11.0 to 1.12.0 (#15970)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.11.0...v1.12.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:49:45 +09:00
dependabot[bot]
6fe6412bcc
Bump parallel_tests from 3.5.2 to 3.6.0 (#15968)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.5.2 to 3.6.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.5.2...v3.6.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:48:30 +09:00
dependabot[bot]
1d61af9a9a
Bump fabrication from 2.21.1 to 2.22.0 (#15966)
Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.21.1 to 2.22.0.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-30 23:47:06 +09:00
dependabot[bot]
88d69d3261
Bump brakeman from 4.10.1 to 5.0.0 (#15656)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.10.1...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-24 10:53:23 +01:00
Claire
cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00
dependabot[bot]
1b3ebcfe53
Bump aws-sdk-s3 from 1.91.0 to 1.92.0 (#15938)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.91.0 to 1.92.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:39:39 +01:00
dependabot[bot]
64942fa31d
Bump sidekiq from 6.1.3 to 6.2.0 (#15943)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.1.3 to 6.2.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.3...v6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-22 07:37:51 +01:00
Claire
43eff898a0
Prepare Mastodon for Rails 6 (#15911)
* Fix misuse of foreign_type

* Fix use of removed "add_template_helper"

* Use response.media_type instead of response.content_type in tests

* Fix CSV export controller test on Rails 6

Rails 6 sets a "filename*" field in the Content-Disposition header to
explicitly encode the filename as UTF-8.

This changes checks the first part of the Content-Disposition header so
it matches in both Rails 5 and Rails 6.

* Fix emoji formatting with Rails 6

* Make emoji output more idiomatic and robust

* Switch from redis-rails gem to built-in Rails redis cache storage
2021-03-17 10:09:55 +01:00
dependabot[bot]
9cb6bc56fa
Bump rspec-rails from 4.1.0 to 5.0.0 (#15876)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v4.1.0...v5.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 07:55:43 +09:00
dependabot[bot]
506010abc5
Bump bundler-audit from 0.7.0.1 to 0.8.0 (#15877)
Bumps [bundler-audit](https://github.com/postmodern/bundler-audit) from 0.7.0.1 to 0.8.0.
- [Release notes](https://github.com/postmodern/bundler-audit/releases)
- [Changelog](https://github.com/rubysec/bundler-audit/blob/master/ChangeLog.md)
- [Commits](https://github.com/postmodern/bundler-audit/compare/v0.7.0.1...v0.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 21:19:16 +09:00
dependabot[bot]
33198d8c05
Bump pghero from 2.7.4 to 2.8.0 (#15907)
Bumps [pghero](https://github.com/ankane/pghero) from 2.7.4 to 2.8.0.
- [Release notes](https://github.com/ankane/pghero/releases)
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/pghero/compare/v2.7.4...v2.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 08:09:47 +01:00
dependabot[bot]
c495ac7e1f
Bump aws-sdk-s3 from 1.89.0 to 1.91.0 (#15879)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.89.0 to 1.91.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 16:56:43 +09:00
dependabot[bot]
ba0fbc0dd5
Bump faker from 2.16.0 to 2.17.0 (#15873)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.16.0 to 2.17.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.16.0...v2.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 15:21:05 +09:00
dependabot[bot]
b5057c4717
Bump sidekiq-unique-jobs from 6.0.25 to 7.0.1 (#15627)
* Bump sidekiq-unique-jobs from 6.0.25 to 7.0.1

Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.25 to 7.0.1.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.25...v7.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix migration being broken by sidekiq-unique-jobs update

* Fix migration script following API changes in dependency

* Fixup

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: ThibG <thib@sitedethib.com>
2021-03-12 05:39:58 +01:00
dependabot[bot]
b8db129f40
Bump rubocop from 1.9.1 to 1.11.0 (#15820)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.9.1 to 1.11.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.9.1...v1.11.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-12 05:38:44 +01:00
dependabot[bot]
d1e5a1babc
Bump rspec-rails from 4.0.2 to 4.1.0 (#15852)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 4.0.2 to 4.1.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v4.0.2...v4.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-08 23:05:35 +09:00
dependabot[bot]
c27d320296
Bump parallel_tests from 3.4.0 to 3.5.0 (#15813)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.4.0...v3.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-05 06:39:46 +09:00
dependabot[bot]
27d3fc99a9
Bump capistrano from 3.15.0 to 3.16.0 (#15818)
* Bump capistrano from 3.15.0 to 3.16.0

Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.15.0 to 3.16.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.15.0...v3.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

* 3.16

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-03-05 06:38:52 +09:00
Claire
65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
2021-03-02 12:02:56 +01:00
dependabot[bot]
9ff5338508
Bump webmock from 3.11.2 to 3.12.0 (#15817)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.11.2 to 3.12.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.11.2...v3.12.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 23:36:45 +09:00
dependabot[bot]
a65ff30b2a
Bump aws-sdk-s3 from 1.88.1 to 1.89.0 (#15814)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.88.1 to 1.89.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-01 23:35:00 +09:00
dependabot[bot]
eb83ab45e2
Bump doorkeeper from 5.4.0 to 5.5.0 (#15757)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.4.0...v5.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-24 06:58:39 +09:00
dependabot[bot]
dcc7c686f3
Bump rails from 5.2.4.4 to 5.2.4.5 (#15729)
Bumps [rails](https://github.com/rails/rails) from 5.2.4.4 to 5.2.4.5.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.4.4...v5.2.4.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-20 21:38:05 +09:00
dependabot[bot]
68d1a4ee0c
Bump puma from 5.1.1 to 5.2.1 (#15670)
Bumps [puma](https://github.com/puma/puma) from 5.1.1 to 5.2.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.1.1...v5.2.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-20 15:55:12 +09:00
dependabot[bot]
fd2cd8c278
Bump simple_form from 5.0.3 to 5.1.0 (#15732)
Bumps [simple_form](https://github.com/plataformatec/simple_form) from 5.0.3 to 5.1.0.
- [Release notes](https://github.com/plataformatec/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/simple_form/compare/v5.0.3...v5.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 18:09:30 +09:00
dependabot[bot]
ffc5398f91
Bump faker from 2.15.1 to 2.16.0 (#15735)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.15.1 to 2.16.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.15.1...v2.16.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 18:08:09 +09:00
Claire
21fb3f3684
Drop dependency on secure_headers, fix response headers (#15712)
* Drop dependency on secure_headers, use always_write_cookie instead

* Fix cookies in Tor Hidden Services by moving configuration to application.rb

* Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
2021-02-11 23:47:05 +01:00
Claire
01e44b886d
Downgrade bootsnap to 1.6.0 (#15711)
* Revert "Bump bootsnap from 1.5.1 to 1.7.1 (#15669)"

This reverts commit c3d1b7a2f5.

* Downgrade bootsnap to 1.6.0
2021-02-11 19:20:58 +01:00
dependabot[bot]
3fcc6b9aff
Bump rubocop from 1.8.1 to 1.9.1 (#15677)
* Bump rubocop from 1.8.1 to 1.9.1

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.8.1 to 1.9.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.8.1...v1.9.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix .codeclimate.yml

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-02-12 00:10:00 +09:00
dependabot[bot]
69c1889a6a
Bump rack-attack from 6.4.0 to 6.5.0 (#15671)
Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.4.0 to 6.5.0.
- [Release notes](https://github.com/rack/rack-attack/releases)
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack-attack/compare/v6.4.0...v6.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-11 20:58:46 +09:00
dependabot[bot]
c3d1b7a2f5
Bump bootsnap from 1.5.1 to 1.7.1 (#15669)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.5.1 to 1.7.1.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.5.1...v1.7.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-11 20:51:09 +09:00
Cecylia Bocovich
e79f8dd85c
Onion service related changes to HTTPS handling (#15560)
* Enable secure cookie flag for https only

* Disable force_ssl for .onion hosts only

Co-authored-by: Aiden McClelland <me@drbonez.dev>
2021-02-11 04:40:13 +01:00
dependabot[bot]
0a630a1bc3
Bump aws-sdk-s3 from 1.87.0 to 1.88.0 (#15667)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.87.0 to 1.88.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-10 09:55:51 +09:00
dependabot[bot]
b109df0e2c
Bump capybara from 3.34.0 to 3.35.3 (#15649)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.34.0 to 3.35.3.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.34.0...3.35.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 23:47:35 +09:00
dependabot[bot]
ab39d5fda5
Bump chewy from 5.1.0 to 5.2.0 (#15648)
Bumps [chewy](https://github.com/toptal/chewy) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/toptal/chewy/releases)
- [Changelog](https://github.com/toptal/chewy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/toptal/chewy/compare/v5.1.0...v5.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 23:47:12 +09:00
dependabot[bot]
eb0f9e3159
Bump rubocop from 1.7.0 to 1.8.1 (#15573)
* Bump rubocop from 1.7.0 to 1.8.1

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.7.0 to 1.8.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.7.0...v1.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix .codeclimate.yml

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-02-01 03:48:29 +09:00
dependabot[bot]
e9ac263229
Bump thor from 1.0.1 to 1.1.0 (#15622)
Bumps [thor](https://github.com/erikhuda/thor) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/erikhuda/thor/releases)
- [Changelog](https://github.com/erikhuda/thor/blob/master/CHANGELOG.md)
- [Commits](https://github.com/erikhuda/thor/compare/v1.0.1...v1.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 23:35:03 +09:00
dependabot[bot]
70128820dc
Bump tzinfo-data from 1.2020.6 to 1.2021.1 (#15623)
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2020.6 to 1.2021.1.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2020.6...v1.2021.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 23:34:48 +09:00
dependabot[bot]
3a3990a81d
Bump rack-attack from 6.3.1 to 6.4.0 (#15628)
Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.3.1 to 6.4.0.
- [Release notes](https://github.com/rack/rack-attack/releases)
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack-attack/compare/v6.3.1...v6.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-26 23:33:06 +09:00
dependabot[bot]
3ca089d4d7
Bump makara from 0.4.1 to 0.5.0 (#15578)
Bumps [makara](https://github.com/taskrabbit/makara) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/taskrabbit/makara/releases)
- [Changelog](https://github.com/instacart/makara/blob/master/CHANGELOG.md)
- [Commits](https://github.com/taskrabbit/makara/compare/v0.4.1...v0.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-23 23:25:08 +09:00
dependabot[bot]
c0499c1fcb
Bump oj from 3.10.18 to 3.11.0 (#15583)
Bumps [oj](https://github.com/ohler55/oj) from 3.10.18 to 3.11.0.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.10.18...v3.11.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-20 21:30:56 +09:00
dependabot[bot]
e46b50e805
Bump capistrano from 3.14.1 to 3.15.0 (#15537)
* Bump capistrano from 3.14.1 to 3.15.0

Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.14.1 to 3.15.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.14.1...v3.15.0)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix config/deploy.rb

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2021-01-18 11:10:23 +09:00
dependabot[bot]
32df8950ae
Bump binding_of_caller from 0.8.0 to 1.0.0 (#15489)
Bumps [binding_of_caller](https://github.com/banister/binding_of_caller) from 0.8.0 to 1.0.0.
- [Release notes](https://github.com/banister/binding_of_caller/releases)
- [Commits](https://github.com/banister/binding_of_caller/compare/v0.8.0...v1.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-07 14:10:49 +09:00
dependabot[bot]
15be57059d
Bump nokogiri from 1.10.10 to 1.11.0 (#15487)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.10 to 1.11.0.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.10...v1.11.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 20:01:31 +01:00
dependabot[bot]
c747883dc8
Bump ruby-progressbar from 1.10.1 to 1.11.0 (#15491)
Bumps [ruby-progressbar](https://github.com/jfelchner/ruby-progressbar) from 1.10.1 to 1.11.0.
- [Release notes](https://github.com/jfelchner/ruby-progressbar/releases)
- [Changelog](https://github.com/jfelchner/ruby-progressbar/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jfelchner/ruby-progressbar/compare/releases/v1.10.1...releases/v1.11.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 02:10:33 +09:00
dependabot[bot]
77611aad83
Bump simplecov from 0.20.0 to 0.21.0 (#15485)
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases)
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md)
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.20.0...v0.21.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-05 02:10:10 +09:00
dependabot[bot]
ccd7bc6da7
Bump cld3 from 3.3.0 to 3.4.1 (#15391)
Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](https://github.com/akihikodaki/cld3-ruby/compare/v3.3.0...v3.4.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 12:39:38 +09:00
dependabot[bot]
5a5b89397e
Bump webmock from 3.10.0 to 3.11.0 (#15388)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.10.0...v3.11.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 12:17:56 +09:00
dependabot[bot]
7b7b102a63
Bump rubocop-rails from 2.8.1 to 2.9.1 (#15390)
Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.8.1 to 2.9.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.8.1...v2.9.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 12:17:11 +09:00
dependabot[bot]
b379349053
Bump capybara from 3.33.0 to 3.34.0 (#15245)
Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.33.0 to 3.34.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.33.0...3.34.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:13:48 +09:00
dependabot[bot]
8e59e26e2b
Bump rubocop from 1.3.1 to 1.7.0 (#15447)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.3.1 to 1.7.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.3.1...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:12:03 +09:00
dependabot[bot]
6b74380917
Bump rqrcode from 1.1.2 to 1.2.0 (#15450)
Bumps [rqrcode](https://github.com/whomwah/rqrcode) from 1.1.2 to 1.2.0.
- [Release notes](https://github.com/whomwah/rqrcode/releases)
- [Commits](https://github.com/whomwah/rqrcode/commits/v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:11:30 +09:00
dependabot[bot]
e329ddc580
Bump aws-sdk-s3 from 1.85.0 to 1.87.0 (#15446)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.85.0 to 1.87.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:09:11 +09:00
dependabot[bot]
26d63df65c
Bump tty-prompt from 0.22.0 to 0.23.0 (#15400)
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases)
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.22.0...v0.23.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:08:23 +09:00
dependabot[bot]
b1e4f7b89f
Bump ox from 2.13.4 to 2.14.0 (#15396)
Bumps [ox](https://github.com/ohler55/ox) from 2.13.4 to 2.14.0.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.13.4...v2.14.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-30 00:08:06 +09:00
dependabot[bot]
5c46bd4845
Bump puma from 5.0.4 to 5.1.1 (#15339)
Bumps [puma](https://github.com/puma/puma) from 5.0.4 to 5.1.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.4...v5.1.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:55:32 +09:00
dependabot[bot]
df30ae1d1c
Bump simplecov from 0.19.1 to 0.20.0 (#15244)
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.19.1 to 0.20.0.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases)
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md)
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.19.1...v0.20.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:40:35 +09:00
dependabot[bot]
20789e7e60
Bump net-ldap from 0.16.3 to 0.17.0 (#15242)
Bumps [net-ldap](https://github.com/ruby-ldap/ruby-net-ldap) from 0.16.3 to 0.17.0.
- [Release notes](https://github.com/ruby-ldap/ruby-net-ldap/releases)
- [Changelog](https://github.com/ruby-ldap/ruby-net-ldap/blob/master/History.rdoc)
- [Commits](https://github.com/ruby-ldap/ruby-net-ldap/compare/v0.16.3...v0.17.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:32:37 +09:00
dependabot[bot]
3cc9789eb2
Bump faker from 2.14.0 to 2.15.1 (#15239)
Bumps [faker](https://github.com/faker-ruby/faker) from 2.14.0 to 2.15.1.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.14.0...v2.15.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-29 23:28:58 +09:00
Eugen Rochko
216b85b053
Fix performance on instances list in admin UI (#15282)
- Reduce duplicate queries
- Remove n+1 queries
- Add accounts count to detailed view
- Add separate action log entry for updating existing domain blocks
2020-12-14 09:06:34 +01:00
Eugen Rochko
13b07b88f1
Fix omniauth (SAML/CAS) sign-in routes not having CSRF protection (#15228) 2020-11-28 05:17:53 +01:00
dependabot[bot]
005354b98e
Bump parallel_tests from 3.3.0 to 3.4.0 (#15203)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.3.0...v3.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 17:02:30 +09:00
dependabot[bot]
b257c50571
Bump aws-sdk-s3 from 1.84.1 to 1.85.0 (#15207)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.84.1 to 1.85.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-23 16:59:45 +09:00
Daigo 3 Dango
541b9f8c1c
Use Ruby 2.7.2 (#15150)
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
dependabot[bot]
67ace1d890
Bump omniauth-cas from 1.1.1 to 2.0.0 (#15165)
Bumps [omniauth-cas](https://github.com/dlindahl/omniauth-cas) from 1.1.1 to 2.0.0.
- [Release notes](https://github.com/dlindahl/omniauth-cas/releases)
- [Changelog](https://github.com/dlindahl/omniauth-cas/blob/master/CHANGELOG.md)
- [Commits](https://github.com/dlindahl/omniauth-cas/compare/v1.1.1...v2.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-19 17:43:58 +01:00
dependabot[bot]
1a9099ca7c
Bump rubocop from 0.93.1 to 1.3.0 (#15170)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.93.1 to 1.3.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.93.1...v1.3.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-19 17:43:35 +01:00
dependabot[bot]
9b188a65be
Bump webmock from 3.9.5 to 3.10.0 (#15172)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.9.5 to 3.10.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.9.5...v3.10.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-19 10:42:05 +09:00
dependabot[bot]
e9b4d97d88
Bump better_errors from 2.8.3 to 2.9.1 (#15117)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.8.3 to 2.9.1.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.8.3...v2.9.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 23:11:15 +09:00
dependabot[bot]
501261cb90
Bump aws-sdk-s3 from 1.83.1 to 1.84.0 (#15135)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.83.1 to 1.84.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 18:29:30 +09:00
dependabot[bot]
44fb2038c9
Bump bootsnap from 1.4.9 to 1.5.0 (#15116)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.9 to 1.5.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.9...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 18:23:24 +09:00
dependabot[bot]
21d1989b53
Bump parallel from 1.19.2 to 1.20.0 (#15115)
Bumps [parallel](https://github.com/grosser/parallel) from 1.19.2 to 1.20.0.
- [Release notes](https://github.com/grosser/parallel/releases)
- [Commits](https://github.com/grosser/parallel/compare/v1.19.2...v1.20.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-10 18:20:41 +09:00
dependabot[bot]
5567a50a25
Bump active_record_query_trace from 1.7 to 1.8 (#14999)
Bumps [active_record_query_trace](https://github.com/brunofacca/active-record-query-trace) from 1.7 to 1.8.
- [Release notes](https://github.com/brunofacca/active-record-query-trace/releases)
- [Changelog](https://github.com/brunofacca/active-record-query-trace/blob/master/HISTORY.md)
- [Commits](https://github.com/brunofacca/active-record-query-trace/compare/v1.7...v1.8)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-22 12:11:20 +09:00
ThibG
ca56527140
Add follower synchronization mechanism (#14510)
* Add support for followers synchronization on the receiving end

Check the `collectionSynchronization` attribute on `Create` and `Announce`
activities and synchronize followers from provided collection if possible.

* Add tests for followers synchronization on the receiving end

* Add support for follower synchronization on the sender's end

* Add tests for the sending end

* Switch from AS attributes to HTTP header

Replace the custom `collectionSynchronization` ActivityStreams attribute by
an HTTP header (`X-AS-Collection-Synchronization`) with the same syntax as
the `Signature` header and the following fields:
- `collectionId` to specify which collection to synchronize
- `digest` for the SHA256 hex-digest of the list of followers known on the
   receiving instance (where “receiving instance” is determined by accounts
   sharing the same host name for their ActivityPub actor `id`)
- `url` of a collection that should be fetched by the instance actor

Internally, move away from the webfinger-based `domain` attribute and use
account `uri` prefix to group accounts.

* Add environment variable to disable followers synchronization

Since the whole mechanism relies on some new preconditions that, in some
extremely rare cases, might not be met, add an environment variable
(DISABLE_FOLLOWERS_SYNCHRONIZATION) to disable the mechanism altogether and
avoid followers being incorrectly removed.

The current conditions are:
1. all managed accounts' actor `id` and inbox URL have the same URI scheme and
   netloc.
2. all accounts whose actor `id` or inbox URL share the same URI scheme and
   netloc as a managed account must be managed by the same Mastodon instance
   as well.

As far as Mastodon is concerned, breaking those preconditions require extensive
configuration changes in the reverse proxy and might also cause other issues.

Therefore, this environment variable provides a way out for people with highly
unusual configurations, and can be safely ignored for the overwhelming majority
of Mastodon administrators.

* Only set follower synchronization header on non-public statuses

This is to avoid unnecessary computations and allow Follow-related
activities to be handled by the usual codepath instead of going through
the synchronization mechanism (otherwise, any Follow/Undo/Accept activity
would trigger the synchronization mechanism even if processing the activity
itself would be enough to re-introduce synchronization)

* Change how ActivityPub::SynchronizeFollowersService handles follow requests

If the remote lists a local follower which we only know has sent a follow
request, consider the follow request as accepted instead of sending an Undo.

* Integrate review feeback

- rename X-AS-Collection-Synchronization to Collection-Synchronization
- various minor refactoring and code style changes

* Only select required fields when computing followers_hash

* Use actor URI rather than webfinger domain in synchronization endpoint

* Change hash computation to be a XOR of individual hashes

Makes it much easier to be memory-efficient, and avoid sorting discrepancy issues.

* Marginally improve followers_hash computation speed

* Further improve hash computation performances by using pluck_each
2020-10-21 18:04:09 +02:00
dependabot[bot]
06c3d36395
Bump rubocop from 0.92.0 to 0.93.0 (#14967)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.92.0 to 0.93.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.92.0...v0.93.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-13 15:45:37 +09:00
Eugen Rochko
7d985f2aac
Remove dependency on goldfinger gem (#14919)
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.

Fix #14091
2020-10-08 00:34:57 +02:00
dependabot[bot]
2e9dc7eb98
Bump brakeman from 4.9.1 to 4.10.0 (#14933)
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.9.1 to 4.10.0.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.9.1...v4.10.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 17:07:50 +09:00
dependabot[bot]
30941dd6ea
Bump aws-sdk-s3 from 1.81.1 to 1.83.0 (#14929)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.81.1 to 1.83.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-06 16:56:13 +09:00