mastodon

Author	SHA1	Message	Date
Claire	f5f6273d2b	Move `ALLOWED_PRIVATE_ADDRESSES` parsing to an initializer (#32850 )	2024-11-12 13:00:52 +00:00
David Roetzel	d60ef3f17e	Disable `httplog` gem in production (#32776 )	2024-11-05 08:55:34 +00:00
Matt Jankowski	a139dac18e	Remove cookie rotator (#32289 )	2024-11-04 09:11:00 +00:00
Emelia Smith	e1b7382ea6	Add userinfo oauth endpoint (#32548 )	2024-10-30 14:38:10 +00:00
Claire	6ff1954bdb	Change Active Record Encryption variable check to check for emptiness (#32537 )	2024-10-16 08:43:45 +00:00
Claire	ffa1032381	Add further warnings about encryption secrets (#32476 )	2024-10-14 13:00:20 +00:00
Emelia Smith	454d21ab5a	Remove OAuth Password Grant Type support (#30960 )	2024-10-01 09:56:58 +00:00
Claire	e22eff8900	Remove regexp timeout feature (#32169 )	2024-09-30 09:41:06 +00:00
David Roetzel	cfb8fc6222	Increase regexp timeout and allow override (#32056 )	2024-09-24 13:16:58 +00:00
Tim Campbell	11eae691ba	Feature more otel customization (#31998 )	2024-09-23 08:55:35 +00:00
Matt Jankowski	5405bdd344	Remove unused E2EE messaging code (#31193 )	2024-09-18 09:27:43 +00:00
Claire	d5cf27e667	Add global Regexp timeout (#31928 )	2024-09-16 09:40:18 +00:00
Claire	a496aeabcb	Change form-action Content-Security-Policy directive to be more restrictive (#26897 )	2024-09-12 13:24:19 +00:00
Eugen Rochko	24ef8255b3	Change design of embed modal in web UI (#31801 )	2024-09-12 12:54:16 +00:00
Matt Jankowski	b530fc5267	Update rails to version 7.1.4 (#31563 )	2024-09-06 15:22:35 +00:00
Claire	ee55d20fd5	Allow `POST /oauth/revoke` through CORS (#31743 )	2024-09-04 10:46:28 +00:00
David Roetzel	388d5473e1	Refactor (ruby) redis configuration (#31694 )	2024-09-02 14:19:55 +00:00
Matt Jankowski	85e8d1f285	Use rails configuration storage for paperclip path (#31651 )	2024-08-30 09:46:09 +00:00
Matt Jankowski	6ec768668e	Remove `nsa` statsd integration (replaced by OpenTelemetry) (#30240 )	2024-08-22 20:28:54 +00:00
Matt Jankowski	02df1b4e4a	Finish email allow/deny list naming migration (#30530 )	2024-08-13 07:37:32 +00:00
Emelia Smith	a1f723a6a4	Add support for PKCE Extension in OmniAuth OIDC (#31131 )	2024-08-12 14:32:52 +00:00
Claire	eaedd52def	Fix incorrect rate limit on PUT requests (#31356 )	2024-08-09 14:48:05 +00:00
Adam Niedzielski	887e64efd4	Allow @ at the end of an URL (#31124 )	2024-07-25 15:02:58 +00:00
Renaud Chaput	36592d10aa	Change Sidekiq readiness file to use an environment variable (#30988 )	2024-07-10 12:57:25 +00:00
Renaud Chaput	7542a134d5	Add a file for Sidekiq to signal it is ready to process jobs (#30971 )	2024-07-09 10:47:08 +00:00
Claire	8de5df225e	Change instructions to use `bundle exec rails` instead of `rake` (#30917 )	2024-07-05 08:54:45 +00:00
Matt Jankowski	bc3737f0c3	Add detail about running version on vips error failure (#30858 )	2024-06-27 16:27:42 +00:00
Claire	b15a3614dc	Stub `Vips::Error` when not using libvips (#30857 )	2024-06-27 15:25:27 +00:00
Renaud Chaput	845fe1c693	Add the Interlingua locale (#30828 )	2024-06-25 14:05:24 +00:00
Tim Rogers	f6e466058a	Added check for STATSD_ADDR setting to emit a warning and proceed rather than crashing if the address is unreachable (#30691 )	2024-06-24 14:41:04 +00:00
Matt Jankowski	980034e2e1	Fix `Style/NilLambda` cop in paperclip initializer (#30695 )	2024-06-14 09:50:50 +00:00
Matt Jankowski	0e1110c947	Use `SECRET_KEY_BASE_DUMMY` feature as placeholder during asset compilation (#30505 )	2024-06-10 20:08:04 +00:00
Matt Jankowski	0cf91213c9	Opt in to remaining Rails 7.1 defaults (#30332 ) Co-authored-by: Claire <claire.github-309c@sitedethib.com>	2024-06-10 06:32:20 +00:00
Claire	80cd001e0a	Fix linting issue (#30595 )	2024-06-07 14:32:29 +00:00
Isa S	773283ffb9	Make S3's retry limit a ENV variable (#23215 )	2024-06-07 13:54:55 +00:00
Victor Dyotte	299ae9bf92	Add `S3_KEY_PREFIX` environment variable (#30181 )	2024-06-07 12:29:30 +00:00
Emelia Smith	e02d23b549	Change `read:me` scope to `profile` scope (#30357 ) Co-authored-by: Claire <claire.github-309c@sitedethib.com>	2024-06-06 07:30:10 +00:00
Eugen Rochko	5f15a892fa	Add support for libvips in addition to ImageMagick (#30090 ) Co-authored-by: Claire <claire.github-309c@sitedethib.com>	2024-06-05 19:15:39 +00:00
Matt Jankowski	4d3748ac44	Fix rack attack `match_type` value typo in logging config (#30514 )	2024-06-03 07:16:01 +00:00
Matt Jankowski	a22865a352	Add `:email` to filter parameter logging config (#30492 )	2024-05-31 09:35:56 +00:00
Claire	73a78cc19d	Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483 )	2024-05-30 12:56:18 +00:00
Claire	3fa0dd0b88	Merge pull request from GHSA-c2r5-cfqr-c553 * Add hardening monkey-patch to prevent IP spoofing on misconfigured installations * Remove rack-attack safelist	2024-05-30 14:24:29 +02:00
Claire	16249946ae	Merge pull request from GHSA-q3rg-xx5v-4mxh	2024-05-30 14:14:04 +02:00
Emelia Smith	d20a5c3ec9	Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316 ) Co-authored-by: Claire <claire.github-309c@sitedethib.com>	2024-05-29 14:00:05 +00:00
Nick Schonning	87156f57b5	Enable Style/StringConcatenation (#30428 )	2024-05-27 09:41:45 +00:00
Renaud Chaput	acc77c3836	Add instrumentation to the search services (#30350 )	2024-05-24 13:13:23 +00:00
Renaud Chaput	9658d3e580	Use the job class as span name for Sidekiq root spans (#30353 )	2024-05-20 08:01:04 +00:00
Claire	12472e7f40	Add emphasis on ActiveRecord Encryption configuration values being secret (#30340 )	2024-05-17 09:28:40 +00:00
Matt Jankowski	1b6eb2c7f0	Enable YJIT when available (#30310 )	2024-05-16 09:56:48 +00:00
Renaud Chaput	283a891e92	Allow to customise the OTEL service name prefix (#30322 )	2024-05-16 09:28:10 +00:00

1 2 3 4 5 ...

533 Commits