Truong Nguyen 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7283a5d3b9 
							
						 
					 
					
						
						
							
							Explicitly set userVerification to discoraged ( #16545 )  
						
						
						
						
					 
					
						2021-08-26 09:51:22 -05:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							94bcf45321 
							
						 
					 
					
						
						
							
							Fix authentication failures after going halfway through a sign-in attempt ( #16607 )  
						
						... 
						
						
						
						* Add tests
* Add security-related tests
My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.
* Fix authentication failures after going halfway through a sign-in attempt
* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious 
						
						
					 
					
						2021-08-25 22:52:41 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2ed1c92c63 
							
						 
					 
					
						
						
							
							New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED ( #16655 )  
						
						... 
						
						
						
						When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.
We need a new environment variable like for SAML to assume the email
from CAS is verified.
* config/initializers/omniauth.rb: define CAS option for assuming
  email are always verified.
* .env.nanobox: add new variable as an example. 
						
						
					 
					
						2021-08-25 18:41:24 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							366e0b82db 
							
						 
					 
					
						
						
							
							Bump rails from 6.1.4 to 6.1.4.1 ( #16650 )  
						
						... 
						
						
						
						Bumps [rails](https://github.com/rails/rails ) from 6.1.4 to 6.1.4.1.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v6.1.4...v6.1.4.1 )
---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-26 01:39:55 +09:00 
						 
				 
			
				
					
						
							
							
								matildepark 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							79341d0f5f 
							
						 
					 
					
						
						
							
							Fix follow request count to dynamically update ( #16652 )  
						
						
						
						
					 
					
						2021-08-25 17:46:29 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5c21021176 
							
						 
					 
					
						
						
							
							Fix undefined variable for Auth::OmniauthCallbacksController ( #16654 )  
						
						... 
						
						
						
						The addition of authentication history broke the omniauth login with
the following error:
  method=GET path=/auth/auth/cas/callback format=html
  controller=Auth::OmniauthCallbacksController action=cas status=500
  error='NameError: undefined local variable or method `user' for
  #<Auth::OmniauthCallbacksController:0x00000000036290>
  Did you mean?  @user' duration=435.93 view=0.00 db=36.19
* app/controllers/auth/omniauth_callbacks_controller.rb: fix variable
  name to `@user` 
						
						
					 
					
						2021-08-25 17:40:56 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4562ada4b9 
							
						 
					 
					
						
						
							
							Bump eslint-plugin-import from 2.24.0 to 2.24.1 ( #16635 )  
						
						... 
						
						
						
						Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.24.0 to 2.24.1.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.24.0...v2.24.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-23 22:03:53 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							dd096568d9 
							
						 
					 
					
						
						
							
							Bump ws from 8.1.0 to 8.2.0 ( #16636 )  
						
						... 
						
						
						
						Bumps [ws](https://github.com/websockets/ws ) from 8.1.0 to 8.2.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.1.0...8.2.0 )
---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-23 22:03:38 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							3ee038ac7d 
							
						 
					 
					
						
						
							
							Bump @babel/plugin-transform-runtime from 7.14.5 to 7.15.0 ( #16590 )  
						
						... 
						
						
						
						Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.14.5 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-23 22:03:23 +09:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							3c45dfa0fe 
							
						 
					 
					
						
						
							
							Fix “discoverable” account setting being tied to profile directory ( #16637 )  
						
						
						
						
					 
					
						2021-08-20 16:11:58 +02:00 
						 
				 
			
				
					
						
							
							
								Peter Dave Hello 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a2afcac7d9 
							
						 
					 
					
						
						
							
							Make sure nginx always send HSTS header ( #16633 )  
						
						... 
						
						
						
						By default, it'll only send those headers when the response code is one of the following:
- 200, 201, 204, 206, 301, 302, 303, 304, 307 & 308
As all the traffics should be https, the http protocol only exists to do 301 redirect,
and always send the HSTS header is almost one of the best practices, we should set
nginx to do so.
Reference:
- https://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header 
- https://ssl-config.mozilla.org/  
						
						
					 
					
						2021-08-20 10:54:11 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6702148472 
							
						 
					 
					
						
						
							
							Add tests for SuspendAccountService and UnsuspendAccountService ( #16627 )  
						
						... 
						
						
						
						* Add tests for SuspendAccountService
* Add tests for UnsuspendAccountService 
						
						
					 
					
						2021-08-20 10:53:33 +01:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							90a8d4ef1c 
							
						 
					 
					
						
						
							
							Bump rspec-rails from 5.0.1 to 5.0.2 ( #16622 )  
						
						... 
						
						
						
						Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.1...v5.0.2 )
---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-20 18:48:39 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							588f48bf6f 
							
						 
					 
					
						
						
							
							Bump sass from 1.37.0 to 1.38.0 ( #16623 )  
						
						... 
						
						
						
						Bumps [sass](https://github.com/sass/dart-sass ) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.37.0...1.38.0 )
---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-20 18:48:25 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							63fa767c83 
							
						 
					 
					
						
						
							
							Bump fast_blank from 1.0.0 to 1.0.1 ( #16621 )  
						
						... 
						
						
						
						Bumps [fast_blank](https://github.com/SamSaffron/fast_blank ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/SamSaffron/fast_blank/releases )
- [Commits](https://github.com/SamSaffron/fast_blank/compare/1.0.0...v1.0.1 )
---
updated-dependencies:
- dependency-name: fast_blank
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-20 18:47:45 +09:00 
						 
				 
			
				
					
						
							
							
								Peter Dave Hello 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e03dc3956f 
							
						 
					 
					
						
						
							
							Disable nginx ssl_session_tickets for better security ( #16632 )  
						
						... 
						
						
						
						It's default turned on, but it's better to turn it off for security reason.
Reference:
- https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets 
- https://github.com/mozilla/server-side-tls/issues/135  
						
						
					 
					
						2021-08-20 08:15:07 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9ac7e6fef7 
							
						 
					 
					
						
						
							
							Fix remotely-suspended accounts' toots being merged back into timelines ( #16628 )  
						
						... 
						
						
						
						* Fix remotely-suspended accounts' toots being merged back into timelines
* Mark remotely-deleted accounts as remotely suspended 
						
						
					 
					
						2021-08-20 07:40:33 +01:00 
						 
				 
			
				
					
						
							
							
								Holger 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0cae6c07bb 
							
						 
					 
					
						
						
							
							Fix   #16603  ( #16605 )  
						
						... 
						
						
						
						Fix issue #16603  undefined method `serialize_payload' for Unsuspend Account Service error.
It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service. 
						
						
					 
					
						2021-08-20 07:39:37 +01:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ce8f41e560 
							
						 
					 
					
						
						
							
							Bump oj from 3.12.2 to 3.13.2 ( #16620 )  
						
						... 
						
						
						
						Bumps [oj](https://github.com/ohler55/oj ) from 3.12.2 to 3.13.2.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.12.2...v3.13.2 )
---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:58:07 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6cdbff88e7 
							
						 
					 
					
						
						
							
							Bump eslint-plugin-import from 2.23.4 to 2.24.0 ( #16592 )  
						
						... 
						
						
						
						Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.23.4 to 2.24.0.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.23.4...v2.24.0 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:20:21 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c04c3e98e3 
							
						 
					 
					
						
						
							
							Bump yargs from 17.0.1 to 17.1.1 ( #16614 )  
						
						... 
						
						
						
						Bumps [yargs](https://github.com/yargs/yargs ) from 17.0.1 to 17.1.1.
- [Release notes](https://github.com/yargs/yargs/releases )
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/yargs/compare/v17.0.1...v17.1.1 )
---
updated-dependencies:
- dependency-name: yargs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:19:51 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1d63f0798a 
							
						 
					 
					
						
						
							
							Bump ws from 8.0.0 to 8.1.0 ( #16616 )  
						
						... 
						
						
						
						Bumps [ws](https://github.com/websockets/ws ) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.0.0...8.1.0 )
---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:19:31 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f5a8011cf4 
							
						 
					 
					
						
						
							
							Bump bullet from 6.1.4 to 6.1.5 ( #16617 )  
						
						... 
						
						
						
						Bumps [bullet](https://github.com/flyerhzm/bullet ) from 6.1.4 to 6.1.5.
- [Release notes](https://github.com/flyerhzm/bullet/releases )
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md )
- [Commits](https://github.com/flyerhzm/bullet/compare/6.1.4...6.1.5 )
---
updated-dependencies:
- dependency-name: bullet
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:01:31 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							00944fc0f4 
							
						 
					 
					
						
						
							
							Bump fastimage from 2.2.4 to 2.2.5 ( #16609 )  
						
						... 
						
						
						
						Bumps [fastimage](https://github.com/sdsykes/fastimage ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/sdsykes/fastimage/releases )
- [Changelog](https://github.com/sdsykes/fastimage/blob/master/CHANGELOG )
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.4...v2.2.5 )
---
updated-dependencies:
- dependency-name: fastimage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:00:53 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							3318aa26f2 
							
						 
					 
					
						
						
							
							Bump nokogiri from 1.12.2 to 1.12.3 ( #16610 )  
						
						... 
						
						
						
						Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.12.2 to 1.12.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.2...v1.12.3 )
---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:00:37 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							358b43c3a6 
							
						 
					 
					
						
						
							
							Bump blurhash from 1.1.3 to 1.1.4 ( #16613 )  
						
						... 
						
						
						
						Bumps [blurhash](https://github.com/woltapp/blurhash ) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/woltapp/blurhash/releases )
- [Commits](https://github.com/woltapp/blurhash/commits )
---
updated-dependencies:
- dependency-name: blurhash
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:00:17 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							68e9e9ee0f 
							
						 
					 
					
						
						
							
							Bump pundit from 2.1.0 to 2.1.1 ( #16615 )  
						
						... 
						
						
						
						Bumps [pundit](https://github.com/varvet/pundit ) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/varvet/pundit/releases )
- [Changelog](https://github.com/varvet/pundit/blob/master/CHANGELOG.md )
- [Commits](https://github.com/varvet/pundit/compare/v2.1.0...v2.1.1 )
---
updated-dependencies:
- dependency-name: pundit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 13:00:04 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f77d347f88 
							
						 
					 
					
						
						
							
							Bump path-parse from 1.0.6 to 1.0.7 ( #16597 )  
						
						... 
						
						
						
						Bumps [path-parse](https://github.com/jbgutierrez/path-parse ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases )
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7 )
---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:58:37 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							81d11b01fc 
							
						 
					 
					
						
						
							
							Bump parallel_tests from 3.7.0 to 3.7.1 ( #16612 )  
						
						... 
						
						
						
						Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.7.0 to 3.7.1.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.7.0...v3.7.1 )
---
updated-dependencies:
- dependency-name: parallel_tests
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:49:59 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ec0b8f7e81 
							
						 
					 
					
						
						
							
							Bump aws-sdk-s3 from 1.98.0 to 1.99.0 ( #16611 )  
						
						... 
						
						
						
						Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.98.0 to 1.99.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:49:21 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f3084bbf7c 
							
						 
					 
					
						
						
							
							Bump webmock from 3.13.0 to 3.14.0 ( #16587 )  
						
						... 
						
						
						
						Bumps [webmock](https://github.com/bblimke/webmock ) from 3.13.0 to 3.14.0.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.13.0...v3.14.0 )
---
updated-dependencies:
- dependency-name: webmock
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:49:00 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							30cf90c931 
							
						 
					 
					
						
						
							
							Bump redux from 4.1.0 to 4.1.1 ( #16586 )  
						
						... 
						
						
						
						Bumps [redux](https://github.com/reduxjs/redux ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/reduxjs/redux/releases )
- [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/redux/compare/v4.1.0...v4.1.1 )
---
updated-dependencies:
- dependency-name: redux
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:41:01 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							479a8d1004 
							
						 
					 
					
						
						
							
							Bump rubocop from 1.18.4 to 1.19.0 ( #16618 )  
						
						... 
						
						
						
						Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.18.4 to 1.19.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.18.4...v1.19.0 )
---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:40:17 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2d080f5e04 
							
						 
					 
					
						
						
							
							Bump strong_migrations from 0.7.7 to 0.7.8 ( #16584 )  
						
						... 
						
						
						
						Bumps [strong_migrations](https://github.com/ankane/strong_migrations ) from 0.7.7 to 0.7.8.
- [Release notes](https://github.com/ankane/strong_migrations/releases )
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.7.7...v0.7.8 )
---
updated-dependencies:
- dependency-name: strong_migrations
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:32:29 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d5b4290caa 
							
						 
					 
					
						
						
							
							Bump @babel/runtime from 7.14.8 to 7.15.3 ( #16619 )  
						
						... 
						
						
						
						Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.14.8 to 7.15.3.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.3/packages/babel-runtime )
---
updated-dependencies:
- dependency-name: "@babel/runtime"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:31:14 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1bdd3dafb8 
							
						 
					 
					
						
						
							
							Bump @babel/core from 7.14.8 to 7.15.0 ( #16588 )  
						
						... 
						
						
						
						Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.14.8 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:30:54 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2ddf0fdb87 
							
						 
					 
					
						
						
							
							Bump @testing-library/react from 11.2.7 to 12.0.0 ( #16440 )  
						
						... 
						
						
						
						Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library ) from 11.2.7 to 12.0.0.
- [Release notes](https://github.com/testing-library/react-testing-library/releases )
- [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/react-testing-library/compare/v11.2.7...v12.0.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/react"
  dependency-type: direct:development
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-17 12:30:15 +09:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0c24c865b7 
							
						 
					 
					
						
						
							
							Fix crash if a notification contains an unprocessed media attachment ( #16573 )  
						
						... 
						
						
						
						* Refactor AttachmentList
* Do not crash if a notification contains an unprocessed media attachment
Fixes  #16530 
* Fix spacing in compact form 
						
						
					 
					
						2021-08-11 17:49:10 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							aaf24d3093 
							
						 
					 
					
						
						
							
							Fix download button color in audio player ( #16572 )  
						
						... 
						
						
						
						Fixes  #16571  
					
						2021-08-11 17:48:55 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5efb1ff337 
							
						 
					 
					
						
						
							
							Fix followers synchronization mechanism not working when URI has empty path ( #16510 )  
						
						... 
						
						
						
						* Fix followers synchronization mechanism not working when URI has empty path
To my knowledge, there is no current implementation on the fediverse
that can use bare domains (e.g., actor is at https://example.org  instead of
something like https://example.org/actor ) that also plans to support the
followers synchronization mechanism. However, Mastodon's current implementation
would exclude such accounts from followers list.
Also adds tests and rename them to reflect the proper method names.
* Move url prefix regexp to its own constant 
						
						
					 
					
						2021-08-11 17:48:42 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							13b08610a0 
							
						 
					 
					
						
						
							
							Fix crash when encountering invalid account fields ( #16598 )  
						
						... 
						
						
						
						* Add test
* Fix crash when encountering invalid account fields 
						
						
					 
					
						2021-08-11 16:40:55 +02:00 
						 
				 
			
				
					
						
							
							
								Shlee 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							229f5d1681 
							
						 
					 
					
						
						
							
							NodeJS 14 support - circleci/docker/.nvmrc ( #16163 )  
						
						... 
						
						
						
						* Update config.yml
* Update Dockerfile
* Update .nvmrc
* Update Dockerfile
* NodeJS 10 is EOL.
* Update package.json
* Update README.md
* Update Vagrantfile
* Update Dockerfile
* Update Dockerfile 
						
						
					 
					
						2021-08-10 22:56:13 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4ac78e2a06 
							
						 
					 
					
						
						
							
							Add feature to automatically delete old toots ( #16529 )  
						
						... 
						
						
						
						* Add account statuses cleanup policy model
* Record last inspected toot to delete to speed up successive calls to statuses_to_delete
* Add service to cleanup a given account's statuses within a budget
* Add worker to go through account policies and delete old toots
* Fix last inspected status id logic
All existing statuses older or equal to last inspected status id must be
kept by the current policy. This is an invariant that must be kept so that
resuming deletion from the last inspected status remains sound.
* Add tests
* Refactor scheduler and add tests
* Add user interface
* Add support for discriminating based on boosts/favs
* Add UI support for min_reblogs and min_favs, rework UI
* Address first round of review comments
* Replace Snowflake#id_at_start with with_random parameter
* Add tests
* Add tests for StatusesCleanupController
* Rework settings page
* Adjust load-avoiding mechanisms
* Please CodeClimate 
						
						
					 
					
						2021-08-09 23:11:50 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							432e3d1eaf 
							
						 
					 
					
						
						
							
							Bump sanitize from 5.2.3 to 6.0.0 ( #16580 )  
						
						... 
						
						
						
						Fixes nokogumbo/nokogiri conflicts by dropping the nokogumbo gem, as it has
been merged in the nokogiri gem. 
						
						
					 
					
						2021-08-09 20:46:57 +02:00 
						 
				 
			
				
					
						
							
							
								Takeshi Umeda 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							709876bd6c 
							
						 
					 
					
						
						
							
							Fix invalid blurhash handling in Create activity ( #16583 )  
						
						
						
						
					 
					
						2021-08-09 13:33:19 +02:00 
						 
				 
			
				
					
						
							
							
								Takeshi Umeda 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							590e1578bf 
							
						 
					 
					
						
						
							
							Fix when MoveWorker cannot get locale from remote account ( #16576 )  
						
						
						
						
					 
					
						2021-08-08 15:31:02 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							763ab0c7eb 
							
						 
					 
					
						
						
							
							Fix owned account notes not being deleted when an account is deleted ( #16579 )  
						
						... 
						
						
						
						* Add account_notes relationship
* Add tests
* Fix owned account notes not being deleted when an account is deleted
* Add post-migration to clean up orphaned account notes 
						
						
					 
					
						2021-08-08 15:29:57 +02:00 
						 
				 
			
				
					
						
							
							
								Takeshi Umeda 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							818e0b314f 
							
						 
					 
					
						
						
							
							Fix unsupported video error message handling ( #16581 )  
						
						
						
						
					 
					
						2021-08-08 15:28:57 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							fe29f9c621 
							
						 
					 
					
						
						
							
							Bump @babel/preset-env from 7.14.8 to 7.15.0 ( #16577 )  
						
						... 
						
						
						
						Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.14.8 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-07 17:49:05 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6b910b3f5b 
							
						 
					 
					
						
						
							
							Bump sass from 1.36.0 to 1.37.0 ( #16551 )  
						
						... 
						
						
						
						Bumps [sass](https://github.com/sass/dart-sass ) from 1.36.0 to 1.37.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.36.0...1.37.0 )
---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-07 13:10:48 +09:00