23ea0e7508
Add aria-label and title attributes to local settings navigation items ( #1949 )
2022-11-16 20:56:06 +01:00
8c56441b4a
Add form-action CSP directive ( #1948 )
2022-11-16 16:28:48 +01:00
ad84fd25f1
Merge pull request #1941 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2022-11-16 09:38:31 +01:00
7efe2cf00f
Modify image build workflow for Glitch workflows ( #1942 )
2022-11-16 09:27:34 +01:00
1901829f9a
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `config/initializers/content_security_policy.rb`:
Our config file is pretty different from upstream.
Upstream changed CSP directive `script-src` to include
`wasm-unsafe-eval` instead of `unsafe-eval`, which we
did not include.
Added `wasm-unsafe-eval` to `script-src` to fix
execution of the OCR web worker.
- `package.json`:
Upstream updated a dependency (`array-includes`) textually
adjacent to a glitch-soc-only dependency (`atrament`).
Updated `array-includes` as upstream did.
2022-11-16 08:30:00 +01:00
4d85c27d1a
Add 'private' to Cache-Control, match Rails expectations ( #20608 )
...
Several controlers set quite intricate Cache-Control headers in order to
hopefully not be cached by any intermediate proxies or local caches. Unfortunately,
these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes
and discards any values set alongside no-store other than private:
8015c2c2cf/actionpack/lib/action_dispatch/http/cache.rb (L207-L209)
2022-11-16 04:56:30 +01:00
ac7a29f068
Bump loader-utils from 1.4.1 to 1.4.2 ( #20826 )
...
Bumps [loader-utils](https://github.com/webpack/loader-utils ) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/webpack/loader-utils/releases )
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md )
- [Commits](https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2 )
---
updated-dependencies:
- dependency-name: loader-utils
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 12:03:58 +09:00
f7d261cac7
Bump sidekiq from 6.5.7 to 6.5.8 ( #20035 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.5.7 to 6.5.8.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/main/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.5.7...v6.5.8 )
---
updated-dependencies:
- dependency-name: sidekiq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 23:52:44 +09:00
575bf3fa20
Bump oj from 3.13.21 to 3.13.23 ( #20046 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.13.21 to 3.13.23.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.13.21...v3.13.23 )
---
updated-dependencies:
- dependency-name: oj
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 23:42:59 +09:00
dde60e2634
Bump object.values from 1.1.5 to 1.1.6 ( #20047 )
...
Bumps [object.values](https://github.com/es-shims/Object.values ) from 1.1.5 to 1.1.6.
- [Release notes](https://github.com/es-shims/Object.values/releases )
- [Changelog](https://github.com/es-shims/Object.values/blob/main/CHANGELOG.md )
- [Commits](https://github.com/es-shims/Object.values/compare/v1.1.5...v1.1.6 )
---
updated-dependencies:
- dependency-name: object.values
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 23:42:20 +09:00
f32c2de6af
Bump pg from 1.4.3 to 1.4.4 ( #19597 )
...
Bumps [pg](https://github.com/ged/ruby-pg ) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/ged/ruby-pg/releases )
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc )
- [Commits](https://github.com/ged/ruby-pg/compare/v1.4.3...v1.4.4 )
---
updated-dependencies:
- dependency-name: pg
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:49:50 +09:00
acbf4d0dfe
Bump jsdom from 20.0.1 to 20.0.2 ( #19603 )
...
Bumps [jsdom](https://github.com/jsdom/jsdom ) from 20.0.1 to 20.0.2.
- [Release notes](https://github.com/jsdom/jsdom/releases )
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md )
- [Commits](https://github.com/jsdom/jsdom/compare/20.0.1...20.0.2 )
---
updated-dependencies:
- dependency-name: jsdom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:49:21 +09:00
dd360e653e
Bump blurhash from 2.0.3 to 2.0.4 ( #19601 )
...
Bumps [blurhash](https://github.com/woltapp/blurhash ) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/woltapp/blurhash/releases )
- [Commits](https://github.com/woltapp/blurhash/commits )
---
updated-dependencies:
- dependency-name: blurhash
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:49:00 +09:00
ca6106603b
Bump array-includes from 3.1.5 to 3.1.6 ( #20680 )
...
Bumps [array-includes](https://github.com/es-shims/array-includes ) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/es-shims/array-includes/releases )
- [Changelog](https://github.com/es-shims/array-includes/blob/main/CHANGELOG.md )
- [Commits](https://github.com/es-shims/array-includes/compare/v3.1.5...v3.1.6 )
---
updated-dependencies:
- dependency-name: array-includes
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:48:01 +09:00
dba1645bf0
Bump postcss from 8.4.18 to 8.4.19 ( #20684 )
...
Bumps [postcss](https://github.com/postcss/postcss ) from 8.4.18 to 8.4.19.
- [Release notes](https://github.com/postcss/postcss/releases )
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md )
- [Commits](https://github.com/postcss/postcss/compare/8.4.18...8.4.19 )
---
updated-dependencies:
- dependency-name: postcss
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:38:23 +09:00
9f95c419d2
Bump yargs from 17.6.0 to 17.6.2 ( #20063 )
...
Bumps [yargs](https://github.com/yargs/yargs ) from 17.6.0 to 17.6.2.
- [Release notes](https://github.com/yargs/yargs/releases )
- [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md )
- [Commits](https://github.com/yargs/yargs/compare/v17.6.0...v17.6.2 )
---
updated-dependencies:
- dependency-name: yargs
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:26:51 +09:00
3301aadba8
Bump redux-thunk from 2.4.1 to 2.4.2 ( #20060 )
...
Bumps [redux-thunk](https://github.com/reduxjs/redux-thunk ) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/reduxjs/redux-thunk/releases )
- [Commits](https://github.com/reduxjs/redux-thunk/compare/v2.4.1...v2.4.2 )
---
updated-dependencies:
- dependency-name: redux-thunk
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:23:00 +09:00
4ef4db2a5a
Bump loader-utils from 1.4.0 to 1.4.1 ( #20085 )
...
Bumps [loader-utils](https://github.com/webpack/loader-utils ) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/webpack/loader-utils/releases )
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.1/CHANGELOG.md )
- [Commits](https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1 )
---
updated-dependencies:
- dependency-name: loader-utils
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:21:35 +09:00
fc4452104c
Bump json-ld-preloaded from 3.2.0 to 3.2.2 ( #20058 )
...
Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded ) from 3.2.0 to 3.2.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases )
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.2.0...3.2.2 )
---
updated-dependencies:
- dependency-name: json-ld-preloaded
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:21:04 +09:00
c76f29ae45
Bump tzinfo-data from 1.2022.4 to 1.2022.6 ( #20056 )
...
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2022.4 to 1.2022.6.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2022.4...v1.2022.6 )
---
updated-dependencies:
- dependency-name: tzinfo-data
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:20:42 +09:00
61264e52cc
Bump memory_profiler from 1.0.0 to 1.0.1 ( #20054 )
...
Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/SamSaffron/memory_profiler/releases )
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md )
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v1.0.0...v1.0.1 )
---
updated-dependencies:
- dependency-name: memory_profiler
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:19:34 +09:00
3b82d1ef68
Bump reselect from 4.1.6 to 4.1.7 ( #20052 )
...
Bumps [reselect](https://github.com/reduxjs/reselect ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/reduxjs/reselect/releases )
- [Changelog](https://github.com/reduxjs/reselect/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/reselect/compare/v4.1.6...v4.1.7 )
---
updated-dependencies:
- dependency-name: reselect
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:19:09 +09:00
66a22ab391
Bump promise.prototype.finally from 3.1.3 to 3.1.4 ( #20050 )
...
Bumps [promise.prototype.finally](https://github.com/es-shims/Promise.prototype.finally ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/es-shims/Promise.prototype.finally/releases )
- [Changelog](https://github.com/es-shims/Promise.prototype.finally/blob/main/CHANGELOG.md )
- [Commits](https://github.com/es-shims/Promise.prototype.finally/compare/v3.1.3...v3.1.4 )
---
updated-dependencies:
- dependency-name: promise.prototype.finally
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 20:18:48 +09:00
a1738f8991
New Crowdin updates ( #20580 )
...
* New translations en.json (Catalan)
* New translations en.yml (Chinese Traditional)
* New translations en.yml (Thai)
* New translations en.yml (Spanish)
* New translations en.yml (Ukrainian)
* New translations en.json (Catalan)
* New translations en.yml (Catalan)
* New translations en.yml (Hungarian)
* New translations en.json (Slovak)
* New translations en.yml (Portuguese, Brazilian)
* New translations en.yml (Asturian)
* New translations simple_form.en.yml (Catalan)
* New translations en.yml (Turkish)
* New translations en.yml (Portuguese, Brazilian)
* New translations en.yml (Thai)
* New translations en.yml (German)
* New translations en.json (German)
* New translations simple_form.en.yml (Thai)
* New translations en.json (Irish)
* New translations en.yml (Norwegian)
* New translations en.yml (German)
* New translations en.json (Romanian)
* New translations en.yml (Danish)
* New translations en.json (Irish)
* New translations en.yml (Irish)
* New translations en.yml (Norwegian)
* New translations en.yml (Russian)
* New translations en.yml (Norwegian Nynorsk)
* New translations simple_form.en.yml (Irish)
* New translations doorkeeper.en.yml (Irish)
* New translations en.yml (Danish)
* New translations en.json (Catalan)
* New translations en.yml (Norwegian)
* New translations en.yml (Scottish Gaelic)
* New translations simple_form.en.yml (Norwegian)
* New translations en.json (Catalan)
* New translations en.json (Portuguese, Brazilian)
* New translations simple_form.en.yml (Portuguese, Brazilian)
* New translations en.yml (Portuguese, Brazilian)
* New translations simple_form.en.yml (Portuguese, Brazilian)
* New translations en.yml (Latvian)
* New translations en.json (Irish)
* New translations en.json (Swedish)
* New translations en.yml (Galician)
* New translations en.json (Latvian)
* New translations en.yml (Latvian)
* New translations en.json (Kabyle)
* New translations en.yml (Welsh)
* New translations en.json (Breton)
* New translations en.json (Kabyle)
* New translations en.yml (Kabyle)
* New translations simple_form.en.yml (Kabyle)
* New translations en.json (Malay)
* New translations simple_form.en.yml (Spanish)
* New translations simple_form.en.yml (Malay)
* New translations activerecord.en.yml (Malay)
* New translations devise.en.yml (Malay)
* New translations doorkeeper.en.yml (Malay)
* New translations en.json (Malay)
* New translations en.yml (Malay)
* New translations en.json (Welsh)
* New translations en.yml (Welsh)
* New translations simple_form.en.yml (Malay)
* New translations simple_form.en.yml (Welsh)
* New translations doorkeeper.en.yml (Welsh)
* New translations activerecord.en.yml (Malay)
* New translations activerecord.en.yml (Welsh)
* New translations devise.en.yml (Welsh)
* New translations doorkeeper.en.yml (Malay)
* New translations en.yml (Dutch)
* New translations en.json (Malay)
* New translations en.yml (Malay)
* New translations en.json (English, United Kingdom)
* New translations en.yml (Welsh)
* New translations simple_form.en.yml (Malay)
* New translations devise.en.yml (Welsh)
* New translations en.yml (German)
* New translations en.yml (Vietnamese)
* New translations en.yml (Malay)
* New translations en.json (Welsh)
* New translations en.yml (Welsh)
* New translations simple_form.en.yml (German)
* New translations simple_form.en.yml (Malay)
* New translations simple_form.en.yml (Welsh)
* New translations doorkeeper.en.yml (Welsh)
* New translations devise.en.yml (Welsh)
* New translations devise.en.yml (Malay)
* New translations en.json (Vietnamese)
* New translations en.yml (Malay)
* New translations en.json (Welsh)
* New translations simple_form.en.yml (German)
* New translations en.yml (Thai)
* New translations en.yml (German)
* New translations en.json (German)
* New translations en.json (Catalan)
* New translations en.json (Welsh)
* New translations simple_form.en.yml (German)
* New translations simple_form.en.yml (Malay)
* New translations devise.en.yml (Thai)
* New translations en.yml (Thai)
* New translations en.json (Thai)
* New translations en.yml (German)
* New translations en.json (German)
* New translations en.json (Catalan)
* New translations en.json (Norwegian)
* New translations en.json (Welsh)
* New translations simple_form.en.yml (German)
* New translations simple_form.en.yml (Norwegian)
* New translations devise.en.yml (Thai)
* New translations en.yml (German)
* New translations en.json (German)
* New translations en.json (Korean)
* New translations en.yml (Korean)
* New translations en.yml (Norwegian)
* New translations simple_form.en.yml (German)
* New translations simple_form.en.yml (Korean)
* New translations en.json (Esperanto)
* New translations en.json (Korean)
* New translations en.yml (Korean)
* New translations en.yml (Norwegian)
* New translations en.json (Welsh)
* New translations simple_form.en.yml (Korean)
* New translations simple_form.en.yml (Norwegian)
* New translations en.json (Korean)
* New translations en.yml (Korean)
* New translations doorkeeper.en.yml (Korean)
* New translations devise.en.yml (Korean)
* New translations en.json (Asturian)
* New translations en.json (Asturian)
* Run `yarn manage:translations`
* Run `bundle exec i18n-tasks normalize`
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-11-15 14:37:37 +09:00
03b0f3ac83
Bump version to 4.0.2 ( #20725 )
2022-11-15 03:57:18 +01:00
43b0b2f3f4
Fix wrong directive `unsafe-wasm-eval` to `wasm-unsafe-eval` ( #20729 )
2022-11-15 03:39:06 +01:00
b46b7c3d5e
Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP ( #20606 )
...
* Add "unsafe-eval" to script-src CSP
* Use 'unsafe-wasm-eval' instead of 'unsafe-eval'
2022-11-15 03:22:38 +01:00
b59683c156
Bump nokogiri from 1.13.8 to 1.13.9 ( #20041 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.13.8 to 1.13.9.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.13.8...v1.13.9 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 03:19:56 +01:00
17bd9a87b9
Fix wrong color on mentions hidden behind content warning in web UI ( #20724 )
2022-11-15 02:58:00 +01:00
eb675af0fb
Merge pull request #1932 from ClearlyClaire/glitch-soc/merge-upstream
...
Merge upstream changes
2022-11-15 02:11:22 +01:00
66461ae79a
Merge branch 'main' into glitch-soc/merge-upstream
2022-11-15 02:10:37 +01:00
8c3c6dcae9
Fix filters from other users being used in the streaming service ( #20719 )
2022-11-15 02:09:58 +01:00
ceafd1f68f
Fix infinite loop when system emoji font is enabled ( #1931 )
...
Fixes #1930
2022-11-15 00:32:59 +01:00
Claire
Effy Elden
Daniel Axtens
dependabot[bot]
Eugen Rochko
prplecake