* Revert "Bump version to 2.3.2rc1"
This reverts commit cdf8b92fea269209cedf38c50bca276cdf47b1fe.
* Revert "Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)"
This reverts commit 0074cad44ffcbbdbc798f57a21829359741e60d9.
* Revert "Handle Mastodon::HostValidationError when pulling remoteable assets (#6782)"
This reverts commit 4a0a19fe54f1d2d433ad3d72c35f2bbb915279f6.
* Revert "Correct the reference to user's password in mastodon:add_user task (#6800)"
This reverts commit 338bff8b93fa939c2968818e53386fd0c013d9a9.
* Revert "Upgrade Paperclip to version 6.0.0 (#6754)"
This reverts commit b88fcd53f711673b21e5ff4a547dbf929866a2ee.
In cases where a URL has a trailing hyphen the FetchLinkCardService incorrectly removes the hyphen when it is parsed
The hyphen is not a reserved character in the URI spec https://tools.ietf.org/html/rfc3986#section-2.2
* Add full-text search for authorized statuses
- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index
Fix#5880Fix#4293Fix#1152
* Add commented out docker-compose configuration for ES container
* Optimize index import, filter search results
* Add basic normalization to the index
* Add better stemming and normalization to the index
* Skip webfinger request if search query includes both @ and a space
* Fix code style
* Visually separate search result sections
* Fix code style issues
CSRF token checking was enabled for API controllers in #6223,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.
This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
Previously each protected path had a separate rate limit. Now they're all in the same bucket, so people are more likely to hit one with register->login. Increasing to 25 per 5 minutes should be fine.
* Add confirmation step for email changes
This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.
Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.
Fixes#3871
* Add review fixes
Call to warden.authenticate! in resource_owner_from_credentials would
make the request redirect to sign-in path, which is a bad response for
apps. Now bad credentials just return nil, which leads to HTTP 401
from Doorkeeper. Also, accounts with enabled 2FA cannot be logged into
this way.
* Revert "Enable UniqueRetryJobMiddleware even when called from sidekiq worker (#4836)"
This reverts commit 6859d4c0289e767955aac3f345074220fe200604.
* Revert "Do not execute the job with the same arguments as the retry job (#4814)"
This reverts commit be7ffa2d7539d5a1946a3933cb9d242b9fac0ddc.
Keystone V2 is deprecated in favour of V3. This adds the necessary
connection parameters for establishing a V3 connection. Connections
to V2 endpoints are still possible and the configuration should
remain compatible.
This also introduces a SWIFT_REGION variable for multi-region
OpenStack environments and a SWIFT_CACHE_TTL that controls how long
tokens and other meta-data is cached for. Caching tokens avoids
rate-limiting errors that would result in media uploads becoming
unavailable during high load or when using tasks like
media:remove_remote. fog-openstack only supports token caching for
V3 endpoints, so a recommendation for using V3 was added.
* Add handling of Linked Data Signatures in payloads
* Add a way to sign JSON, fix canonicalization of signature options
* Fix signatureValue encoding, send out signed JSON when distributing
* Add missing security context
