Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							502cf75b16 
							
						 
					 
					
						
						
							
							Merge pull request from GHSA-58x8-3qxw-6hm7  
						
						... 
						
						
						
						* Fix insufficient permission checking for public timeline endpoints
Note that this changes unauthenticated access failure code from 401 to 422
* Add more tests for public timelines
* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses` 
						
						
					 
					
						2024-07-04 16:26:49 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							395f17ca17 
							
						 
					 
					
						
						
							
							Merge pull request from GHSA-vp5r-5pgw-jwqx  
						
						... 
						
						
						
						* Fix streaming sessions not being closed when revoking access to an app
* Add tests for GHSA-7w3c-p9j8-mq3x 
						
						
					 
					
						2024-07-04 16:11:28 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							929b9fdaff 
							
						 
					 
					
						
						
							
							Remove exclusion for Rails/LexicallyScopedActionFilter cop ( #30697 )  
						
						
						
						
					 
					
						2024-06-21 15:34:13 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bb2d77b4a0 
							
						 
					 
					
						
						
							
							Change /api/v2_alpha/notifications to only return historical data in pages ( #30781 )  
						
						
						
						
					 
					
						2024-06-20 15:54:50 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							978601a0ae 
							
						 
					 
					
						
						
							
							Extract permitted params constant in v1/admin/tags ( #30652 )  
						
						
						
						
					 
					
						2024-06-11 15:29:41 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							410370eecd 
							
						 
					 
					
						
						
							
							Extract PERMITTED_PARAMS constant from admin/domain_blocks controller ( #30380 )  
						
						
						
						
					 
					
						2024-06-11 09:40:47 +00:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a2505e8611 
							
						 
					 
					
						
						
							
							Add timeline of public posts about a trending link to REST API ( #30381 )  
						
						
						
						
					 
					
						2024-06-06 08:43:04 +00:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e02d23b549 
							
						 
					 
					
						
						
							
							Change read:me scope to profile scope ( #30357 )  
						
						... 
						
						
						
						Co-authored-by: Claire <claire.github-309c@sitedethib.com> 
						
						
					 
					
						2024-06-06 07:30:10 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							974335e414 
							
						 
					 
					
						
						
							
							Add experimental server-side notification grouping ( #29889 )  
						
						
						
						
					 
					
						2024-06-03 08:35:59 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							469de923aa 
							
						 
					 
					
						
						
							
							Update current_user override mode description in controllers ( #30515 )  
						
						
						
						
					 
					
						2024-06-03 07:16:29 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							85d9053b36 
							
						 
					 
					
						
						
							
							Move pagination_params into API::BaseController ( #28845 )  
						
						
						
						
					 
					
						2024-05-30 14:56:48 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							36fe8f8566 
							
						 
					 
					
						
						
							
							Change ids param to id in /api/v1/statuses and /api/v1/accounts for consistency ( #30465 )  
						
						
						
						
					 
					
						2024-05-29 09:19:17 +00:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							128987eded 
							
						 
					 
					
						
						
							
							Add support for fediverse:creator OpenGraph tag ( #30398 )  
						
						
						
						
					 
					
						2024-05-29 01:34:33 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9b5055d34d 
							
						 
					 
					
						
						
							
							Fix Style/SuperArguments cop ( #30406 )  
						
						
						
						
					 
					
						2024-05-24 08:36:21 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							89f89d738f 
							
						 
					 
					
						
						
							
							Revert "Allow unblocking email addresses from any matching account ( #29305 )" ( #30385 )  
						
						
						
						
					 
					
						2024-05-21 08:56:08 +00:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2da2a1dae9 
							
						 
					 
					
						
						
							
							Support multiple redirect_uris when creating OAuth 2.0 Applications ( #29192 )  
						
						
						
						
					 
					
						2024-05-17 13:46:12 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							65e82211cd 
							
						 
					 
					
						
						
							
							Rename cache_* methods to preload_* in controller concern ( #30209 )  
						
						
						
						
					 
					
						2024-05-16 08:03:46 +00:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f0d6dc4519 
							
						 
					 
					
						
						
							
							Fix: Mark redirect uris field in Development > Application form as required ( #30311 )  
						
						
						
						
					 
					
						2024-05-16 07:59:46 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2fe1b8d169 
							
						 
					 
					
						
						
							
							Add API to get multiple accounts and statuses ( #27871 )  
						
						... 
						
						
						
						Co-authored-by: noellabo <noel.yoshiba@gmail.com> 
						
						
					 
					
						2024-05-06 15:19:15 +00:00 
						 
				 
			
				
					
						
							
							
								Fawaz Farid 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							05126d106f 
							
						 
					 
					
						
						
							
							Redirect back after site upload deletion ( #30141 )  
						
						
						
						
					 
					
						2024-05-06 13:31:39 +00:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							116f01ec7d 
							
						 
					 
					
						
						
							
							Implement RFC 8414 for OAuth 2.0 server metadata ( #29191 )  
						
						
						
						
					 
					
						2024-05-06 13:17:56 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8e4fea77e3 
							
						 
					 
					
						
						
							
							Fix race condition in POST /api/v1/push/subscription ( #30166 )  
						
						
						
						
					 
					
						2024-05-06 12:41:14 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							253ead3aa7 
							
						 
					 
					
						
						
							
							Fix not being able to block a subdomain of an already-blocked domain through the API ( #30119 )  
						
						
						
						
					 
					
						2024-05-02 20:56:21 +00:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							81f0002e76 
							
						 
					 
					
						
						
							
							Fix missing destory audit logs for Domain Allows ( #30125 )  
						
						
						
						
					 
					
						2024-04-30 08:48:02 +00:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							049b159beb 
							
						 
					 
					
						
						
							
							Add read:me OAuth 2.0 scope, allowing more limited access to user data ( #29087 )  
						
						
						
						
					 
					
						2024-04-23 11:47:00 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							11e0049b08 
							
						 
					 
					
						
						
							
							Use enum-generated scopes/queries for BulkImport ( #29975 )  
						
						
						
						
					 
					
						2024-04-18 10:13:35 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							650c548c31 
							
						 
					 
					
						
						
							
							Add not_featured_by scope to Tag ( #28815 )  
						
						
						
						
					 
					
						2024-04-17 10:05:38 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1d3ecd3fba 
							
						 
					 
					
						
						
							
							Add API::Pagination concern ( #28826 )  
						
						
						
						
					 
					
						2024-04-17 09:22:45 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							caad1e2628 
							
						 
					 
					
						
						
							
							Add scope Status.distributable_visibility ( #29950 )  
						
						
						
						
					 
					
						2024-04-16 13:16:54 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							babbf6017d 
							
						 
					 
					
						
						
							
							Remove caching in cache_collection ( #29862 )  
						
						
						
						
					 
					
						2024-04-08 13:46:13 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							edde54e991 
							
						 
					 
					
						
						
							
							Update stoplight to version 4.1.0 ( #28366 )  
						
						
						
						
					 
					
						2024-04-02 15:47:40 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							34f293475e 
							
						 
					 
					
						
						
							
							Fix results/query in api/v1/featured_tags/suggestions ( #29597 )  
						
						
						
						
					 
					
						2024-03-22 15:08:27 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							77897cd24c 
							
						 
					 
					
						
						
							
							Use existing SeveredRelationship.about_local_account scope in more places ( #29673 )  
						
						
						
						
					 
					
						2024-03-21 08:36:49 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							44bf7b8128 
							
						 
					 
					
						
						
							
							Add notifications of severed relationships ( #27511 )  
						
						
						
						
					 
					
						2024-03-20 15:37:21 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8a1423a474 
							
						 
					 
					
						
						
							
							Allow unblocking email addresses from any matching account ( #29305 )  
						
						
						
						
					 
					
						2024-03-20 14:38:00 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b5115850bb 
							
						 
					 
					
						
						
							
							Move repeated insert_pagination_headers method to api base class ( #29606 )  
						
						
						
						
					 
					
						2024-03-18 10:11:53 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7720c684c5 
							
						 
					 
					
						
						
							
							Move common module inclusion in sub classes to ActivityPub::BaseController ( #29560 )  
						
						
						
						
					 
					
						2024-03-15 10:40:21 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f9100743ec 
							
						 
					 
					
						
						
							
							Add Api::ErrorHandling concern for api/base controller ( #29574 )  
						
						
						
						
					 
					
						2024-03-14 09:09:47 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c09b8a7164 
							
						 
					 
					
						
						
							
							Add Account.without_internal scope ( #29559 )  
						
						... 
						
						
						
						Co-authored-by: Claire <claire.github-309c@sitedethib.com> 
						
						
					 
					
						2024-03-13 14:11:23 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9754967d5f 
							
						 
					 
					
						
						
							
							Move pagination_max_id and pagination_since_id into api/base controller ( #28844 )  
						
						
						
						
					 
					
						2024-03-13 08:51:44 +00:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c10bbf5fe3 
							
						 
					 
					
						
						
							
							Add notification policies and notification requests in web UI ( #29433 )  
						
						
						
						
					 
					
						2024-03-11 15:02:21 +00:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5b3a8737d6 
							
						 
					 
					
						
						
							
							Add hints for rules ( #29539 )  
						
						
						
						
					 
					
						2024-03-11 08:57:07 +00:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							50b17f7e10 
							
						 
					 
					
						
						
							
							Add notification policies and notification requests ( #29366 )  
						
						
						
						
					 
					
						2024-03-07 14:53:37 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							eb1b8f69de 
							
						 
					 
					
						
						
							
							Allow pagination Link headers on API accounts/statuses when pinned true ( #29442 )  
						
						
						
						
					 
					
						2024-02-29 14:21:56 +00:00 
						 
				 
			
				
					
						
							
							
								zunda 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a30cdfd4d4 
							
						 
					 
					
						
						
							
							Specify 410 for code when responding as json while self-destruction ( #29420 )  
						
						
						
						
					 
					
						2024-02-26 22:43:07 +00:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							785e2f9399 
							
						 
					 
					
						
						
							
							Add scope providing_styles to UserRole ( #29286 )  
						
						
						
						
					 
					
						2024-02-20 09:18:05 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d4d0565b0f 
							
						 
					 
					
						
						
							
							Fix user creation failure handling in OAuth paths ( #29207 )  
						
						
						
						
					 
					
						2024-02-14 21:49:45 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b31af34c97 
							
						 
					 
					
						
						
							
							Merge pull request from GHSA-vm39-j3vx-pch3  
						
						... 
						
						
						
						* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth 
						
						
					 
					
						2024-02-14 15:16:07 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7efc33b909 
							
						 
					 
					
						
						
							
							Move HTTP Signature parsing code to its own class ( #28932 )  
						
						
						
						
					 
					
						2024-02-07 13:35:37 +00:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							eeabf9af72 
							
						 
					 
					
						
						
							
							Fix compatibility with Redis <6.2 ( #29123 )  
						
						
						
						
					 
					
						2024-02-07 11:52:38 +00:00