CSDUMMI 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9a70cac9de 
							
						 
					 
					
						
						
							
							Fix   #26849  by adding the domain of the current SSO provider to the form-action CSP ( #26857 )  
						
						
						
						
					 
					
						2023-09-12 13:04:51 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Schmidt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ea31929776 
							
						 
					 
					
						
						
							
							Fix invalid Content-Type header for WebP images ( #26773 )  
						
						
						
						
					 
					
						2023-09-04 09:46:33 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9e26cd5503 
							
						 
					 
					
						
						
							
							Add authorized_fetch server setting in addition to env var ( #25798 )  
						
						
						
						
					 
					
						2023-09-01 15:41:10 +02:00 
						 
				 
			
				
					
						
							
							
								Christian Schmidt 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							286a21afdc 
							
						 
					 
					
						
						
							
							Support webpacker live-reloading on Docker ( #26419 )  
						
						
						
						
					 
					
						2023-08-29 10:17:57 +02:00 
						 
				 
			
				
					
						
							
							
								Renaud Chaput 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b95867ad1f 
							
						 
					 
					
						
						
							
							Allow setting a custom HTTP method in CacheBuster ( #26528 )  
						
						... 
						
						
						
						Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com> 
						
						
					 
					
						2023-08-18 08:18:40 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							dd049fc37a 
							
						 
					 
					
						
						
							
							Fix ES_PRESET not being applied to Chewy's internal index ( #26489 )  
						
						
						
						
					 
					
						2023-08-14 19:00:56 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f5778caa3a 
							
						 
					 
					
						
						
							
							Add ES_PRESET option to customize numbers of shards and replicas ( #26483 )  
						
						... 
						
						
						
						Co-authored-by: Eugen Rochko <eugen@zeonfederated.com> 
						
						
					 
					
						2023-08-14 17:46:16 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4bc0dd751c 
							
						 
					 
					
						
						
							
							Add S3_DISABLE_CHECKSUM_MODE environment variable for compatibility with some S3-compatible providers ( #26435 )  
						
						
						
						
					 
					
						2023-08-10 14:15:18 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							12c43e4ab5 
							
						 
					 
					
						
						
							
							Re-add StatsD support through the nsa gem ( #26310 )  
						
						
						
						
					 
					
						2023-08-03 20:28:14 +02:00 
						 
				 
			
				
					
						
							
							
								Emelia Smith 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e258b4cb64 
							
						 
					 
					
						
						
							
							Refactor: replace whitelist_mode mentions with limited_federation_mode ( #26252 )  
						
						
						
						
					 
					
						2023-08-02 19:32:48 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ad81be6c8e 
							
						 
					 
					
						
						
							
							Update rubocop rules for linelength ( #26190 )  
						
						
						
						
					 
					
						2023-07-28 23:11:45 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bada7a65aa 
							
						 
					 
					
						
						
							
							Ignore long line in regex initializer ( #26182 )  
						
						
						
						
					 
					
						2023-07-26 09:45:27 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e5f1000ad1 
							
						 
					 
					
						
						
							
							Fix CSP headers being unintendedly wide ( #26105 )  
						
						
						
						
					 
					
						2023-07-21 13:34:15 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							934c7b33d1 
							
						 
					 
					
						
						
							
							Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades ( #26023 )  
						
						
						
						
					 
					
						2023-07-21 13:17:43 +02:00 
						 
				 
			
				
					
						
							
							
								Misty De Méo 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b848ba3867 
							
						 
					 
					
						
						
							
							Paperclip: add support for Azure blob storage ( #23607 )  
						
						
						
						
					 
					
						2023-07-19 09:02:49 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ce43ed144c 
							
						 
					 
					
						
						
							
							Rails 7.0 update ( #25668 )  
						
						
						
						
					 
					
						2023-07-13 09:36:07 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2e1391fdd2 
							
						 
					 
					
						
						
							
							Fix Naming/MemoizedInstanceVariableName cop ( #25928 )  
						
						
						
						
					 
					
						2023-07-12 10:08:51 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1d557305d2 
							
						 
					 
					
						
						
							
							Enable Rubocop Style/FrozenStringLiteralComment ( #23793 )  
						
						
						
						
					 
					
						2023-07-12 09:47:08 +02:00 
						 
				 
			
				
					
						
							
							
								Kurtis Rainbolt-Greene 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e4cfe4b3db 
							
						 
					 
					
						
						
							
							First pass at multi-database for read replica using Rails native adapter ( #25693 )  
						
						... 
						
						
						
						Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com> 
						
						
					 
					
						2023-07-08 19:45:36 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							dc8f1fbd97 
							
						 
					 
					
						
						
							
							Merge pull request from GHSA-9928-3cp5-93fm  
						
						... 
						
						
						
						* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged 
						
						
					 
					
						2023-07-06 15:05:05 +02:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ba06a2f104 
							
						 
					 
					
						
						
							
							Revert "Rails 7 update" ( #25667 )  
						
						
						
						
					 
					
						2023-07-02 11:14:22 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							50c2a03695 
							
						 
					 
					
						
						
							
							Rails 7 update ( #24241 )  
						
						
						
						
					 
					
						2023-07-02 10:38:53 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f378f10404 
							
						 
					 
					
						
						
							
							Fix compatibility of recent migration with PostgreSQL 10 ( #25324 )  
						
						
						
						
					 
					
						2023-06-07 01:53:50 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c66250abf1 
							
						 
					 
					
						
						
							
							Autofix Rubocop Regex Style rules ( #23690 )  
						
						... 
						
						
						
						Co-authored-by: Claire <claire.github-309c@sitedethib.com> 
						
						
					 
					
						2023-06-06 14:50:51 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e428670e61 
							
						 
					 
					
						
						
							
							Fix CSP headers when S3_ALIAS_HOST includes a path component ( #25273 )  
						
						
						
						
					 
					
						2023-06-05 17:35:05 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e49819142f 
							
						 
					 
					
						
						
							
							Remove unmaintained nsa gem ( #25265 )  
						
						
						
						
					 
					
						2023-06-05 01:57:05 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							94329f28e1 
							
						 
					 
					
						
						
							
							Change wording of “Content cache retention period” setting to highlight destructive implications ( #23261 )  
						
						
						
						
					 
					
						2023-06-02 18:09:08 +02:00 
						 
				 
			
				
					
						
							
							
								Renaud Chaput 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							942d850b0a 
							
						 
					 
					
						
						
							
							Allow carets in URL search params ( #25216 )  
						
						
						
						
					 
					
						2023-06-01 12:14:49 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c0b9664a31 
							
						 
					 
					
						
						
							
							Autofix Rubocop spacing in config ( #25022 )  
						
						
						
						
					 
					
						2023-05-22 13:17:56 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							cee4369cf5 
							
						 
					 
					
						
						
							
							Autofix Rubocop Lint/AmbiguousOperatorPrecedence ( #25002 )  
						
						
						
						
					 
					
						2023-05-16 10:51:59 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d9a958fcf7 
							
						 
					 
					
						
						
							
							Fix Performance/RedundantMerge cop ( #24817 )  
						
						
						
						
					 
					
						2023-05-04 05:25:43 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d902a707a3 
							
						 
					 
					
						
						
							
							Fix Rails/CompactBlank cop ( #24690 )  
						
						
						
						
					 
					
						2023-04-30 14:07:21 +02:00 
						 
				 
			
				
					
						
							
							
								Matt Jankowski 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5a2aa06a51 
							
						 
					 
					
						
						
							
							Fix Rails/Present cop ( #24688 )  
						
						
						
						
					 
					
						2023-04-30 06:47:50 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							49fad26eca 
							
						 
					 
					
						
						
							
							Drop EOL Ruby 2.7 ( #24237 )  
						
						
						
						
					 
					
						2023-04-27 01:46:18 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4687967176 
							
						 
					 
					
						
						
							
							Autofix Rubocop Style/NumericLiterals ( #24468 )  
						
						
						
						
					 
					
						2023-04-23 22:30:07 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5c499f54e3 
							
						 
					 
					
						
						
							
							Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )  
						
						
						
						
					 
					
						2023-04-03 15:05:39 +02:00 
						 
				 
			
				
					
						
							
							
								Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							500d6f93be 
							
						 
					 
					
						
						
							
							Autofix Rubocop Style/IdenticalConditionalBranches ( #24322 )  
						
						
						
						
					 
					
						2023-03-31 09:33:52 +02:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a9b5598c97 
							
						 
					 
					
						
						
							
							Change user settings to be stored in a more optimal way ( #23630 )  
						
						... 
						
						
						
						Co-authored-by: Claire <claire.github-309c@sitedethib.com> 
						
						
					 
					
						2023-03-30 14:44:00 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e084b5b82d 
							
						 
					 
					
						
						
							
							Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )  
						
						
						
						
					 
					
						2023-03-27 17:07:37 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f432db7b9f 
							
						 
					 
					
						
						
							
							Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )  
						
						
						
						
					 
					
						2023-03-12 23:47:55 +01:00 
						 
				 
			
				
					
						
							
							
								Jean byroot Boussier 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							922837dc96 
							
						 
					 
					
						
						
							
							Upgrade to latest redis-rb 4.x and fix deprecations ( #23616 )  
						
						... 
						
						
						
						Co-authored-by: Jean Boussier <jean.boussier@gmail.com> 
						
						
					 
					
						2023-03-04 16:38:28 +01:00 
						 
				 
			
				
					
						
							
							
								Jamie Hoyle 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							de137e6bb0 
							
						 
					 
					
						
						
							
							Added support for specifying S3 storage classes in environment ( #22480 )  
						
						
						
						
					 
					
						2023-03-03 20:53:37 +01:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c6ef56fd5e 
							
						 
					 
					
						
						
							
							Change rate limits to 1,500/5m per user, 300/5m per app ( #23347 )  
						
						
						
						
					 
					
						2023-02-02 00:07:49 +01:00 
						 
				 
			
				
					
						
							
							
								luzpaz 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							596923da4a 
							
						 
					 
					
						
						
							
							Fix typos in source documentation ( #21046 )  
						
						... 
						
						
						
						Fixed 2 source comment/documentation typos 
						
						
					 
					
						2022-12-15 15:57:26 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d587a268fd 
							
						 
					 
					
						
						
							
							Add logging for Rails cache timeouts ( #21667 )  
						
						... 
						
						
						
						* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds
* Log cache store errors 
						
						
					 
					
						2022-11-27 20:37:37 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7955d4b959 
							
						 
					 
					
						
						
							
							Add form-action CSP directive ( #20781 )  
						
						
						
						
					 
					
						2022-11-17 10:55:03 +01:00 
						 
				 
			
				
					
						
							
							
								trwnh 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a2931d19ae 
							
						 
					 
					
						
						
							
							Add missing admin scopes ( fix   #20892 ) ( #20918 )  
						
						
						
						
					 
					
						2022-11-17 10:50:21 +01:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							43b0b2f3f4 
							
						 
					 
					
						
						
							
							Fix wrong directive unsafe-wasm-eval to wasm-unsafe-eval ( #20729 )  
						
						
						
						
					 
					
						2022-11-15 03:39:06 +01:00 
						 
				 
			
				
					
						
							
							
								prplecake 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b46b7c3d5e 
							
						 
					 
					
						
						
							
							Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP ( #20606 )  
						
						... 
						
						
						
						* Add "unsafe-eval" to script-src CSP
* Use 'unsafe-wasm-eval' instead of 'unsafe-eval' 
						
						
					 
					
						2022-11-15 03:22:38 +01:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							21fd25a269 
							
						 
					 
					
						
						
							
							Fix rate limiting for paths with formats ( #20675 )  
						
						
						
						
					 
					
						2022-11-14 20:26:31 +01:00