* create account_identity_proofs table
* add endpoint for keybase to check local proofs
* add async task to update validity and liveness of proofs from keybase
* first pass keybase proof CRUD
* second pass keybase proof creation
* clean up proof list and add badges
* add avatar url to keybase api
* Always highlight the “Identity Proofs” navigation item when interacting with proofs.
* Update translations.
* Add profile URL.
* Reorder proofs.
* Add proofs to bio.
* Update settings/identity_proofs front-end.
* Use `link_to`.
* Only encode query params if they exist.
URLs without params had a trailing `?`.
* Only show live proofs.
* change valid to active in proof list and update liveness before displaying
* minor fixes
* add keybase config at well-known path
* extremely naive feature flagging off the identity proof UI
* fixes for rubocop
* make identity proofs page resilient to potential keybase issues
* normalize i18n
* tweaks for brakeman
* remove two unused translations
* cleanup and add more localizations
* make keybase_contacts an admin setting
* fix ExternalProofService my_domain
* use Addressable::URI in identity proofs
* use active model serializer for keybase proof config
* more cleanup of keybase proof config
* rename proof is_valid and is_live to proof_valid and proof_live
* cleanup
* assorted tweaks for more robust communication with keybase
* Clean up
* Small fixes
* Display verified identity identically to verified links
* Clean up unused CSS
* Add caching for Keybase avatar URLs
* Remove keybase_contacts setting
Conflicts:
- app/controllers/accounts_controller.rb
- app/controllers/follower_accounts_controller.rb
- app/controllers/statuses_controller.rb
All conflicts caused by the additional `use_pack` used for glitch-soc's theming
system.
Do not start a session if the current user is not logged in for public-facing pages.
Mark pages that don't care about sessions as publicly cacheable.
Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow.
Fixes#9035.
Conflicts:
- app/controllers/settings/follower_domains_controller.rb
Removed upstream. Did the same here. Maybe we should not have?
- config/locales/en.yml
Upstream removed the “Authorized followers” page and associated
translations. This is too close in the file to our glitch-soc-specific
“flavour” string. No actual conflict.
- config/locales/ja.yml
Same as above.
- config/locales/pl.yml
Same as above.
- config/navigation.rb
No real conflict. New route added too close to the glitch-soc-specific
“flavours” one.
- config/webpack/configuration.js
Upstream refactored the webpack(er) configuration quite a bit.
Tried to keep up.
- config/webpack/loaders/babel.js
Upstream refactored the webpack(er) configuration quite a bit.
Tried to keep up.
The contents of this file have been moved to package.json.
- config/webpack/shared.js
Upstream refactored the webpack(er) configuration quite a bit.
Tried to keep up.
- config/webpacker.yml
Upstream refactored the webpack(er) configuration quite a bit.
Tried to keep up.
- jest.config.js
The contents of this file have been moved to package.json.
- package.json
Upstream refactored the webpack(er) configuration quite a bit.
Tried to keep up.
- yarn.lock
Upstream refactored the webpack(er) configuration quite a bit.
Tried to keep up.
Conflicts:
- app/services/post_status_service.rb
Small conflict due to handling of instance-local toots.
A subsequent change is required to ensure instance-local polls are not leaked
through Update.
* Add polls
Fix#1629
* Add tests
* Fixes
* Change API for creating polls
* Use name instead of content for votes
* Remove poll validation for remote polls
* Add polls to public pages
* When updating the poll, update options just in case they were changed
* Fix public pages showing both poll and other media
Conflicts:
- Dockerfile
Took upstream version and reverted f13ebd02c9.
Hopefuly it's not needed anymore.
- app/controllers/api/v1/search_controller.rb
The conflict was due to us raising the number of results returned.
Upstream raised it further, so took it.
- config/locales/de.yml
Took upstream changes to theme translation strings.
- config/locales/gl.yml
Took upstream changes to theme translation strings.
- config/locales/nl.yml
Took upstream changes to theme translation strings.
- config/locales/sk.yml
Took upstream changes to theme translation strings.
* Add type, limit, offset, min_id, max_id, account_id to search API
Fix#8939
* Make the offset work on accounts and hashtags search as well
* Assure brakeman we are not doing mass assignment here
* Do not allow paginating unless a type is chosen
* Fix search query and index id field on statuses instead of created_at
Conflicts:
- app/serializers/rest/instance_serializer.rb
- app/views/layouts/error.html.haml
- public/oops.png
Took our version (same as upstream but without the things that only
make sense in an animation).
Additional changes:
- app/javascript/flavours/vanilla/theme.yml
Include upstream's javascript in error pages.
Conflicts:
- app/controllers/oauth/authorized_applications_controller.rb
Two changes too close to each other
- app/controllers/settings/sessions_controller.rb
- app/lib/user_settings_decorator.rb
Two changes too close to each other
- app/models/media_attachment.rb
New changes too close to glitch-soc only changes.
- app/models/user.rb
Two changes too close to each other.
- app/services/remove_status_service.rb
Kept direct timeline code which had been removed upstream.
- app/views/settings/preferences/show.html.haml
Two changes too close to each other.
- config/locales/en.yml
Introduction of a new string too close to glitch-soc-only's “flavour”
- config/locales/ja.yml
Introduction of a new string too close to glitch-soc-only's “flavour”
- config/locales/pl.yml
Introduction of a new string too close to glitch-soc-only's “flavour”
- config/locales/simple_form.en.yml
Introduction of a new string too close to glitch-soc-only's “skin”
- config/locales/simple_form.pl.yml
Introduction of a new string too close to glitch-soc-only's “skin”
- config/settings.yml
Reverted upstream's decision of enabling posting application by default.
* Add hashtag filter to profiles
GET /@:username/tagged/:hashtag
GET /api/v1/accounts/:id/statuses?tagged=:hashtag
* Display featured hashtags on public profile
* Use separate model for featured tags
* Update featured hashtag counters on-write
* Limit featured tags to 10
Conflicts:
- .eslintrc.yml
Removed, as upstream removed it.
- app/controllers/admin/statuses_controller.rb
Minor code cleanup when porting one of our features.
- app/models/account.rb
Note length validation has changed upstream.
We now use upstream's validation (dropped legacy glitch-soc
account metadata stuff) but with configurable limit.
- app/services/post_status_service.rb
Upstream has added support for scheduled toots, refactoring
the code a bit. Adapted our changes to this refactoring.
- app/views/stream_entries/_detailed_status.html.haml
Not a real conflict, changes too close.
- app/views/stream_entries/_simple_status.html.haml
Not a real conflict, changes too close.
* Refactor signature verification a bit
* Rescue signature verification if recorded public key is invalid
Fixes#8822
* Always re-fetch AP signing key when HTTP Signature verification fails
But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.
* Apply stoplight to key/account update as well as initial key retrieval
* Change remote interaction dialog to use specific actions
Instead of just "interact", use different strings based on whether
it's a reply, reblog or favourite. Add explanation why the step
is necessary in the first place
* Remove obsolete strings
* Allow to show a specific status in the admin interface
* Let the front-end know the current account is a moderator
* Add admin links to status and account menus
If the current logged-in user is an admin, add quick links to the admin
interface in account and toot dropdown menu. Suggestion by @ashkitten
* Use @statuses.first instead of @statuses[0]
* Add local followers page to admin account UI
For moderation, I often find myself wondering who, locally, is following
a remote user. Currently, to see this, I have to go back to the web UI,
paste in their full handle, click their profile, and go to the
"Followers" tab (plus, this information is incidental, and if mastodon
ever decides to resolve all of the follower information, there will be
no place local followers are shown). This PR adds a new page which is
accessible via the "following" count on the admin's account view
page, which shows the local followers. (It has filter parameters for
account location to indicate that only local followers are shown, and
leave room for expansion if mastodon ever decides to store the entire
remote follow list).
* Normalize en.yml
* Add REST API for creating an account
The method is available to apps with a token obtained via the client
credentials grant. It creates a user and account records, as well as
an access token for the app that initiated the request. The user is
unconfirmed, and an e-mail is sent as usual.
The method returns the access token, which the app should save for
later. The REST API is not available to users with unconfirmed
accounts, so the app must be smart to wait for the user to click a
link in their e-mail inbox.
The method is rate-limited by IP to 5 requests per 30 minutes.
* Redirect users back to app from confirmation if they were created with an app
* Add tests
* Return 403 on the method if registrations are not open
* Require agreement param to be true in the API when creating an account
* Add moderation warnings
Replace individual routes for disabling, silencing, and suspending
a user, as well as the report update route, with a unified account
action controller that allows you to select an action (none,
disable, silence, suspend) as well as whether it should generate an
e-mail notification with optional custom text. That notification,
with the optional custom text, is saved as a warning.
Additionally, there are warning presets you can configure to save
time when performing the above.
* Use Account#local_username_and_domain
Conflicts:
- app/controllers/admin/base_controller.rb
Some refactoring made upstream, no real conflict.
- app/javascript/mastodon/features/compose/components/compose_form.js
Updated using upstream's code but using maxChars instead of the
hardcoded length of 500 characters per toot.
- app/javascript/styles/mastodon/components.scss
Upstream redesigned the onboarding modal. Not sure why we had a
conflict there.
Define `Settings::BaseController#set_body_classes` so that sub classes
inherit `Settings::BaseController` don't need to define
`#set_body_classes` agein.
* Add instance-wide setting to disable profile directory
Fixes#9496
When the profile directory is disabled:
- The “discoverable” setting is hidden from users
- The “profile directory” link is not shown on public pages
- /explore returns 404
* Move Setting.profile_directory check to a before_action filter
* Add setting to not aggregate reblogs
Fixes#9222
* Handle cases where user is nil in add_to_home and add_to_list
* Add hint for setting_aggregate_reblogs option
* Reword setting_aggregate_reblogs label
* Improve overview of accounts in admin UI
- Display suspended status, role, last activity and IP prominently
- Default to showing local accounts
- Default to not showing suspended accounts
* Remove unused strings
* Fix tests
* Allow filtering accounts by IP mask
* Eliminate extra accounts select query from FollowService
* Optimistically update follow state in web UI and hide loading bar
Fix#6205
* Asynchronize NotifyService in FollowService
And fix failing test
* Skip Webfinger resolve routine when called from FollowService if possible
If an account is ActivityPub, then webfinger re-resolving is not necessary
when called from FollowService. Improve options of ResolveAccountService