Merge pull request #1899 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
2022-11-07 08:31:36 +01:00 · 2022-11-07 08:31:36 +01:00 · b67e0c94a6
parent 54101563bb 7ba13dddfa
commit b67e0c94a6
13 changed files with 25 additions and 17 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -10,9 +10,8 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through

 ## Supported Versions

-| Version | Supported          |
-| ------- | ------------------ |
-| 3.5.x   | Yes                |
-| 3.4.x   | Yes                |
-| 3.3.x   | No                 |
-| < 3.3   | No                 |
+| Version | Supported |
+| ------- | ----------|
+| 4.0.x   | Yes       |
+| 3.5.x   | Yes       |
+| < 3.5   | No        |
--- a/app/controllers/api/v1/filters_controller.rb
+++ b/app/controllers/api/v1/filters_controller.rb
@ -52,7 +52,7 @@ class Api::V1::FiltersController < Api::BaseController
  end

  def resource_params
-    params.permit(:phrase, :expires_in, :irreversible, :whole_word, context: [])
+    params.permit(:phrase, :expires_in, :irreversible, context: [])
  end

  def filter_params
--- a/app/javascript/flavours/glitch/components/column_header.js
+++ b/app/javascript/flavours/glitch/components/column_header.js
@ -63,7 +63,7 @@ class ColumnHeader extends React.PureComponent {
  }

  handleTitleClick = () => {
-    this.props.onClick();
+    this.props.onClick?.();
  }

  handleMoveLeft = () => {
--- a/app/javascript/flavours/glitch/features/notifications/components/column_settings.js
+++ b/app/javascript/flavours/glitch/features/notifications/components/column_settings.js
@ -22,7 +22,7 @@ export default class ColumnSettings extends React.PureComponent {
    onRequestNotificationPermission: PropTypes.func,
    alertsEnabled: PropTypes.bool,
    browserSupport: PropTypes.bool,
-    browserPermission: PropTypes.bool,
+    browserPermission: PropTypes.string,
  };

  onPushChange = (path, checked) => {
--- a/app/javascript/flavours/glitch/styles/components/emoji_picker.scss
+++ b/app/javascript/flavours/glitch/styles/components/emoji_picker.scss
@ -132,6 +132,10 @@
    &:active {
      outline: 0 !important;
    }
+
+    &::-webkit-search-cancel-button {
+      display: none;
+    }
  }
 }

--- a/app/javascript/mastodon/components/column_header.js
+++ b/app/javascript/mastodon/components/column_header.js
@ -57,7 +57,7 @@ class ColumnHeader extends React.PureComponent {
  }

  handleTitleClick = () => {
-    this.props.onClick();
+    this.props.onClick?.();
  }

  handleMoveLeft = () => {
--- a/app/javascript/mastodon/features/notifications/components/column_settings.js
+++ b/app/javascript/mastodon/features/notifications/components/column_settings.js
@ -21,7 +21,7 @@ export default class ColumnSettings extends React.PureComponent {
    onRequestNotificationPermission: PropTypes.func,
    alertsEnabled: PropTypes.bool,
    browserSupport: PropTypes.bool,
-    browserPermission: PropTypes.bool,
+    browserPermission: PropTypes.string,
  };

  onPushChange = (path, checked) => {
--- a/app/javascript/styles/mastodon/emoji_picker.scss
+++ b/app/javascript/styles/mastodon/emoji_picker.scss
@ -132,6 +132,10 @@
    &:active {
      outline: 0 !important;
    }
+
+    &::-webkit-search-cancel-button {
+      display: none;
+    }
  }
 }

--- a/app/models/account_migration.rb
+++ b/app/models/account_migration.rb
@ -58,7 +58,7 @@ class AccountMigration < ApplicationRecord
  private

  def set_target_account
-    self.target_account = ResolveAccountService.new.call(acct)
+    self.target_account = ResolveAccountService.new.call(acct, skip_cache: true)
  rescue Webfinger::Error, HTTP::Error, OpenSSL::SSL::SSLError, Mastodon::Error
    # Validation will take care of it
  end
--- a/app/views/auth/registrations/new.html.haml
+++ b/app/views/auth/registrations/new.html.haml
@ -19,7 +19,7 @@
    = f.simple_fields_for :account do |ff|
      = ff.input :display_name, wrapper: :with_label, label: false, required: false, input_html: { 'aria-label' => t('simple_form.labels.defaults.display_name'), :autocomplete => 'off', placeholder: t('simple_form.labels.defaults.display_name') }
      = ff.input :username, wrapper: :with_label, label: false, required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.username'), :autocomplete => 'off', placeholder: t('simple_form.labels.defaults.username'), pattern: '[a-zA-Z0-9_]+', maxlength: 30 }, append: "@#{site_hostname}", hint: false
-    = f.input :email, placeholder: t('simple_form.labels.defaults.email'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.email'), :autocomplete => 'off' }, hint: false
+    = f.input :email, placeholder: t('simple_form.labels.defaults.email'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.email'), :autocomplete => 'username' }, hint: false
    = f.input :password, placeholder: t('simple_form.labels.defaults.password'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.password'), :autocomplete => 'new-password', :minlength => User.password_length.first, :maxlength => User.password_length.last }, hint: false
    = f.input :password_confirmation, placeholder: t('simple_form.labels.defaults.confirm_password'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.confirm_password'), :autocomplete => 'new-password' }, hint: false
    = f.input :confirm_password, as: :string, placeholder: t('simple_form.labels.defaults.honeypot', label: t('simple_form.labels.defaults.password')), required: false, input_html: { 'aria-label' => t('simple_form.labels.defaults.honeypot', label: t('simple_form.labels.defaults.password')), :autocomplete => 'off' }, hint: false
--- a/app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml
+++ b/app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml
@ -5,7 +5,7 @@
  %p.hint.authentication-hint= t('simple_form.hints.sessions.otp')

  .fields-group
-    = f.input :otp_attempt, type: :number, wrapper: :with_label, label: t('simple_form.labels.defaults.otp_attempt'), input_html: { 'aria-label' => t('simple_form.labels.defaults.otp_attempt'), :autocomplete => 'off' }, autofocus: true
+    = f.input :otp_attempt, type: :number, wrapper: :with_label, label: t('simple_form.labels.defaults.otp_attempt'), input_html: { 'aria-label' => t('simple_form.labels.defaults.otp_attempt'), :autocomplete => 'one-time-code' }, autofocus: true

  .actions
    = f.button :button, t('auth.login'), type: :submit
--- a/app/views/disputes/strikes/show.html.haml
+++ b/app/views/disputes/strikes/show.html.haml
@ -59,8 +59,9 @@
                        = media_attachment.file_file_name
                .strike-card__statuses-list__item__meta
                  %time.formatted{ datetime: status.created_at.iso8601, title: l(status.created_at) }= l(status.created_at)
-                  ·
-                  = status.application.name
+                  - unless status.application.nil?
+                    ·
+                    = status.application.name
              - else
                .one-liner= t('disputes.strikes.status', id: status_id)
                .strike-card__statuses-list__item__meta
--- a/dist/nginx.conf
+++ b/dist/nginx.conf
@ -112,7 +112,7 @@ server {
    try_files $uri =404;
  }

-  location ^~ /api/v1/streaming/ {
+  location ^~ /api/v1/streaming {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;