Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							75027b51a4 
							
						 
					 
					
						
						
							
							Bump ruby-saml from 1.11.0 to 1.13.0 ( #16723 )  
						
						... 
						
						
						
						Fixes  #16720  
					
						2021-09-10 15:43:28 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b4a728b7ba 
							
						 
					 
					
						
						
							
							Bump @babel/plugin-proposal-decorators from 7.14.5 to 7.15.4 ( #16711 )  
						
						... 
						
						
						
						Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators ) from 7.14.5 to 7.15.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.4/packages/babel-plugin-proposal-decorators )
---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-10 09:24:55 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6e0d3c181d 
							
						 
					 
					
						
						
							
							Bump @babel/preset-env from 7.15.0 to 7.15.4 ( #16706 )  
						
						... 
						
						
						
						Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.15.0 to 7.15.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.4/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-10 09:24:39 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c5606db9da 
							
						 
					 
					
						
						
							
							Bump devise-two-factor from 4.0.0 to 4.0.1 ( #16705 )  
						
						... 
						
						
						
						Bumps [devise-two-factor](https://github.com/tinfoil/devise-two-factor ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/tinfoil/devise-two-factor/releases )
- [Changelog](https://github.com/tinfoil/devise-two-factor/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tinfoil/devise-two-factor/compare/v4.0.0...v4.0.1 )
---
updated-dependencies:
- dependency-name: devise-two-factor
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:43:00 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							eb837b3cb3 
							
						 
					 
					
						
						
							
							Bump sass from 1.38.2 to 1.39.0 ( #16707 )  
						
						... 
						
						
						
						Bumps [sass](https://github.com/sass/dart-sass ) from 1.38.2 to 1.39.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.38.2...1.39.0 )
---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:42:38 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b61bdf83f3 
							
						 
					 
					
						
						
							
							Bump axios from 0.21.1 to 0.21.4 ( #16709 )  
						
						... 
						
						
						
						Bumps [axios](https://github.com/axios/axios ) from 0.21.1 to 0.21.4.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v0.21.1...v0.21.4 )
---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:41:47 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b09b28ce28 
							
						 
					 
					
						
						
							
							Bump @babel/runtime from 7.15.3 to 7.15.4 ( #16710 )  
						
						... 
						
						
						
						Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime ) from 7.15.3 to 7.15.4.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.4/packages/babel-runtime )
---
updated-dependencies:
- dependency-name: "@babel/runtime"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:41:26 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bcfbd53d5b 
							
						 
					 
					
						
						
							
							Bump react-redux from 7.2.4 to 7.2.5 ( #16708 )  
						
						... 
						
						
						
						Bumps [react-redux](https://github.com/reduxjs/react-redux ) from 7.2.4 to 7.2.5.
- [Release notes](https://github.com/reduxjs/react-redux/releases )
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md )
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.2.4...v7.2.5 )
---
updated-dependencies:
- dependency-name: react-redux
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:41:03 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							02952bde96 
							
						 
					 
					
						
						
							
							Bump npmlog from 5.0.0 to 5.0.1 ( #16704 )  
						
						... 
						
						
						
						Bumps [npmlog](https://github.com/npm/npmlog ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/npm/npmlog/releases )
- [Changelog](https://github.com/npm/npmlog/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/npmlog/compare/v5.0.0...v5.0.1 )
---
updated-dependencies:
- dependency-name: npmlog
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:40:14 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							abed4fe4e5 
							
						 
					 
					
						
						
							
							Bump oj from 3.13.2 to 3.13.4 ( #16703 )  
						
						... 
						
						
						
						Bumps [oj](https://github.com/ohler55/oj ) from 3.13.2 to 3.13.4.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.13.2...v3.13.4 )
---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:39:49 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ba957156f9 
							
						 
					 
					
						
						
							
							Bump aws-sdk-s3 from 1.100.0 to 1.102.0 ( #16702 )  
						
						... 
						
						
						
						Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.100.0 to 1.102.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:39:21 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							da38b11683 
							
						 
					 
					
						
						
							
							Bump @babel/core from 7.15.0 to 7.15.5 ( #16712 )  
						
						... 
						
						
						
						Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.15.0 to 7.15.5.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.5/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-09 17:36:14 +09:00 
						 
				 
			
				
					
						
							
							
								Holger 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							209f8f3a60 
							
						 
					 
					
						
						
							
							use relative path for scope ( #16714 )  
						
						... 
						
						
						
						Use relative path for `scope` in web manifest to allow users use PWA correctly via alternate domains. 
						
						
					 
					
						2021-09-08 23:33:36 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							12cd097e7c 
							
						 
					 
					
						
						
							
							Fix addressing of remote groups' followers ( #16700 )  
						
						... 
						
						
						
						Fixes  #16699  
					
						2021-09-08 23:33:23 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7c7e78d807 
							
						 
					 
					
						
						
							
							Fix suspicious sign-in mail text being out of date ( #16690 )  
						
						... 
						
						
						
						Fixes  #16687  
					
						2021-09-04 16:44:50 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2b18f7a943 
							
						 
					 
					
						
						
							
							Fix processing mentions to domains with non-ascii TLDs ( #16689 )  
						
						... 
						
						
						
						Fixes  #16602  
					
						2021-09-01 22:06:40 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f81ff4e5ed 
							
						 
					 
					
						
						
							
							Bump eslint-plugin-react from 7.24.0 to 7.25.1 ( #16680 )  
						
						... 
						
						
						
						Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.24.0 to 7.25.1.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.24.0...v7.25.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-react
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-01 08:18:55 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6abbae5096 
							
						 
					 
					
						
						
							
							Bump tar from 6.1.3 to 6.1.11 ( #16685 )  
						
						... 
						
						
						
						Bumps [tar](https://github.com/npm/node-tar ) from 6.1.3 to 6.1.11.
- [Release notes](https://github.com/npm/node-tar/releases )
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/node-tar/compare/v6.1.3...v6.1.11 )
---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-09-01 08:18:29 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							30b9630fc7 
							
						 
					 
					
						
						
							
							Bump rqrcode from 2.0.0 to 2.1.0 ( #16678 )  
						
						... 
						
						
						
						Bumps [rqrcode](https://github.com/whomwah/rqrcode ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/whomwah/rqrcode/releases )
- [Changelog](https://github.com/whomwah/rqrcode/blob/master/CHANGELOG.md )
- [Commits](https://github.com/whomwah/rqrcode/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: rqrcode
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-31 20:58:34 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							dbc59eb2a8 
							
						 
					 
					
						
						
							
							Bump rubocop from 1.19.1 to 1.20.0 ( #16674 )  
						
						... 
						
						
						
						Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.19.1 to 1.20.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.19.1...v1.20.0 )
---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-31 20:56:14 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c8ed5dad7c 
							
						 
					 
					
						
						
							
							Bump nokogiri from 1.12.3 to 1.12.4 ( #16675 )  
						
						... 
						
						
						
						Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.12.3 to 1.12.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.3...v1.12.4 )
---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-31 20:56:07 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							56f465e571 
							
						 
					 
					
						
						
							
							Bump aws-sdk-s3 from 1.99.0 to 1.100.0 ( #16676 )  
						
						... 
						
						
						
						Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.99.0 to 1.100.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-31 20:56:01 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6a55db34fb 
							
						 
					 
					
						
						
							
							Bump ws from 8.2.0 to 8.2.1 ( #16679 )  
						
						... 
						
						
						
						Bumps [ws](https://github.com/websockets/ws ) from 8.2.0 to 8.2.1.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.2.0...8.2.1 )
---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-31 20:55:49 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ef61fd4670 
							
						 
					 
					
						
						
							
							Bump sass from 1.38.0 to 1.38.2 ( #16671 )  
						
						... 
						
						
						
						Bumps [sass](https://github.com/sass/dart-sass ) from 1.38.0 to 1.38.2.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.38.0...1.38.2 )
---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-29 09:00:57 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1b1284afea 
							
						 
					 
					
						
						
							
							Bump eslint-plugin-import from 2.24.1 to 2.24.2 ( #16668 )  
						
						... 
						
						
						
						Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.24.1 to 2.24.2.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.24.1...v2.24.2 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-29 09:00:41 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							63a0cba480 
							
						 
					 
					
						
						
							
							Bump url-parse from 1.5.1 to 1.5.3 ( #16666 )  
						
						... 
						
						
						
						Bumps [url-parse](https://github.com/unshiftio/url-parse ) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases )
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3 )
---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-28 18:18:58 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e617690840 
							
						 
					 
					
						
						
							
							Bump color-string from 1.5.3 to 1.6.0 ( #16665 )  
						
						... 
						
						
						
						Bumps [color-string](https://github.com/Qix-/color-string ) from 1.5.3 to 1.6.0.
- [Release notes](https://github.com/Qix-/color-string/releases )
- [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Qix-/color-string/commits/1.6.0 )
---
updated-dependencies:
- dependency-name: color-string
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-28 18:18:35 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							25330a9f04 
							
						 
					 
					
						
						
							
							Bump http from 4.4.1 to 5.0.1 ( #16438 )  
						
						... 
						
						
						
						Bumps [http](https://github.com/httprb/http ) from 4.4.1 to 5.0.1.
- [Release notes](https://github.com/httprb/http/releases )
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md )
- [Commits](https://github.com/httprb/http/compare/v4.4.1...v5.0.1 )
---
updated-dependencies:
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-28 18:17:59 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							22a9952040 
							
						 
					 
					
						
						
							
							Bump y18n from 4.0.0 to 4.0.3 ( #16664 )  
						
						... 
						
						
						
						Bumps [y18n](https://github.com/yargs/y18n ) from 4.0.0 to 4.0.3.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/compare/v4.0.0...y18n-v4.0.3 )
---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-28 18:15:05 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							173d2d27e5 
							
						 
					 
					
						
						
							
							Bump jest from 26.6.3 to 27.1.0 ( #16376 )  
						
						... 
						
						
						
						* Bump jest from 26.6.3 to 27.0.4
Bumps [jest](https://github.com/facebook/jest ) from 26.6.3 to 27.0.4.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/compare/v26.6.3...v27.0.4 )
---
updated-dependencies:
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Set test environment for jest
* Remove unnecessary ext
* Bump jest from 27.0.4 to 27.1.0
* Remove --coverage option
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> 
						
						
					 
					
						2021-08-28 09:58:04 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							894605a68c 
							
						 
					 
					
						
						
							
							Bump sidekiq from 6.2.1 to 6.2.2 ( #16647 )  
						
						... 
						
						
						
						Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.1...v6.2.2 )
---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-28 08:59:45 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							42de346335 
							
						 
					 
					
						
						
							
							Bump webpacker from 5.4.0 to 5.4.2 ( #16648 )  
						
						... 
						
						
						
						Bumps [webpacker](https://github.com/rails/webpacker ) from 5.4.0 to 5.4.2.
- [Release notes](https://github.com/rails/webpacker/releases )
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rails/webpacker/compare/v5.4.0...v5.4.2 )
---
updated-dependencies:
- dependency-name: webpacker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-27 21:47:43 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1c8ce9ae34 
							
						 
					 
					
						
						
							
							Bump faker from 2.18.0 to 2.19.0 ( #16646 )  
						
						... 
						
						
						
						Bumps [faker](https://github.com/faker-ruby/faker ) from 2.18.0 to 2.19.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v2.18.0...v2.19.0 )
---
updated-dependencies:
- dependency-name: faker
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-27 21:47:00 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							89d62f23c8 
							
						 
					 
					
						
						
							
							Bump rubocop from 1.19.0 to 1.19.1 ( #16649 )  
						
						... 
						
						
						
						Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.19.0...v1.19.1 )
---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-27 21:46:28 +09:00 
						 
				 
			
				
					
						
							
							
								Truong Nguyen 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							7283a5d3b9 
							
						 
					 
					
						
						
							
							Explicitly set userVerification to discoraged ( #16545 )  
						
						
						
						
					 
					
						2021-08-26 09:51:22 -05:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							94bcf45321 
							
						 
					 
					
						
						
							
							Fix authentication failures after going halfway through a sign-in attempt ( #16607 )  
						
						... 
						
						
						
						* Add tests
* Add security-related tests
My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.
* Fix authentication failures after going halfway through a sign-in attempt
* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious 
						
						
					 
					
						2021-08-25 22:52:41 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2ed1c92c63 
							
						 
					 
					
						
						
							
							New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED ( #16655 )  
						
						... 
						
						
						
						When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.
We need a new environment variable like for SAML to assume the email
from CAS is verified.
* config/initializers/omniauth.rb: define CAS option for assuming
  email are always verified.
* .env.nanobox: add new variable as an example. 
						
						
					 
					
						2021-08-25 18:41:24 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							366e0b82db 
							
						 
					 
					
						
						
							
							Bump rails from 6.1.4 to 6.1.4.1 ( #16650 )  
						
						... 
						
						
						
						Bumps [rails](https://github.com/rails/rails ) from 6.1.4 to 6.1.4.1.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v6.1.4...v6.1.4.1 )
---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-26 01:39:55 +09:00 
						 
				 
			
				
					
						
							
							
								matildepark 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							79341d0f5f 
							
						 
					 
					
						
						
							
							Fix follow request count to dynamically update ( #16652 )  
						
						
						
						
					 
					
						2021-08-25 17:46:29 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							5c21021176 
							
						 
					 
					
						
						
							
							Fix undefined variable for Auth::OmniauthCallbacksController ( #16654 )  
						
						... 
						
						
						
						The addition of authentication history broke the omniauth login with
the following error:
  method=GET path=/auth/auth/cas/callback format=html
  controller=Auth::OmniauthCallbacksController action=cas status=500
  error='NameError: undefined local variable or method `user' for
  #<Auth::OmniauthCallbacksController:0x00000000036290>
  Did you mean?  @user' duration=435.93 view=0.00 db=36.19
* app/controllers/auth/omniauth_callbacks_controller.rb: fix variable
  name to `@user` 
						
						
					 
					
						2021-08-25 17:40:56 +02:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4562ada4b9 
							
						 
					 
					
						
						
							
							Bump eslint-plugin-import from 2.24.0 to 2.24.1 ( #16635 )  
						
						... 
						
						
						
						Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.24.0 to 2.24.1.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.24.0...v2.24.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-23 22:03:53 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							dd096568d9 
							
						 
					 
					
						
						
							
							Bump ws from 8.1.0 to 8.2.0 ( #16636 )  
						
						... 
						
						
						
						Bumps [ws](https://github.com/websockets/ws ) from 8.1.0 to 8.2.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.1.0...8.2.0 )
---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-23 22:03:38 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							3ee038ac7d 
							
						 
					 
					
						
						
							
							Bump @babel/plugin-transform-runtime from 7.14.5 to 7.15.0 ( #16590 )  
						
						... 
						
						
						
						Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.14.5 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-23 22:03:23 +09:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							3c45dfa0fe 
							
						 
					 
					
						
						
							
							Fix “discoverable” account setting being tied to profile directory ( #16637 )  
						
						
						
						
					 
					
						2021-08-20 16:11:58 +02:00 
						 
				 
			
				
					
						
							
							
								Peter Dave Hello 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a2afcac7d9 
							
						 
					 
					
						
						
							
							Make sure nginx always send HSTS header ( #16633 )  
						
						... 
						
						
						
						By default, it'll only send those headers when the response code is one of the following:
- 200, 201, 204, 206, 301, 302, 303, 304, 307 & 308
As all the traffics should be https, the http protocol only exists to do 301 redirect,
and always send the HSTS header is almost one of the best practices, we should set
nginx to do so.
Reference:
- https://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header 
- https://ssl-config.mozilla.org/  
						
						
					 
					
						2021-08-20 10:54:11 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6702148472 
							
						 
					 
					
						
						
							
							Add tests for SuspendAccountService and UnsuspendAccountService ( #16627 )  
						
						... 
						
						
						
						* Add tests for SuspendAccountService
* Add tests for UnsuspendAccountService 
						
						
					 
					
						2021-08-20 10:53:33 +01:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							90a8d4ef1c 
							
						 
					 
					
						
						
							
							Bump rspec-rails from 5.0.1 to 5.0.2 ( #16622 )  
						
						... 
						
						
						
						Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.1...v5.0.2 )
---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-20 18:48:39 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							588f48bf6f 
							
						 
					 
					
						
						
							
							Bump sass from 1.37.0 to 1.38.0 ( #16623 )  
						
						... 
						
						
						
						Bumps [sass](https://github.com/sass/dart-sass ) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.37.0...1.38.0 )
---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-20 18:48:25 +09:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							63fa767c83 
							
						 
					 
					
						
						
							
							Bump fast_blank from 1.0.0 to 1.0.1 ( #16621 )  
						
						... 
						
						
						
						Bumps [fast_blank](https://github.com/SamSaffron/fast_blank ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/SamSaffron/fast_blank/releases )
- [Commits](https://github.com/SamSaffron/fast_blank/compare/1.0.0...v1.0.1 )
---
updated-dependencies:
- dependency-name: fast_blank
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2021-08-20 18:47:45 +09:00 
						 
				 
			
				
					
						
							
							
								Peter Dave Hello 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e03dc3956f 
							
						 
					 
					
						
						
							
							Disable nginx ssl_session_tickets for better security ( #16632 )  
						
						... 
						
						
						
						It's default turned on, but it's better to turn it off for security reason.
Reference:
- https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets 
- https://github.com/mozilla/server-side-tls/issues/135  
						
						
					 
					
						2021-08-20 08:15:07 +01:00