From 0e1110c947caf31ae650c73ef35adedebc16b28a Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Mon, 10 Jun 2024 16:08:04 -0400 Subject: [PATCH 01/17] Use `SECRET_KEY_BASE_DUMMY` feature as placeholder during asset compilation (#30505) --- .github/workflows/test-ruby.yml | 6 +----- Dockerfile | 6 +----- config/environments/production.rb | 6 +++++- config/initializers/active_record_encryption.rb | 5 +++++ 4 files changed, 12 insertions(+), 11 deletions(-) diff --git a/.github/workflows/test-ruby.yml b/.github/workflows/test-ruby.yml index 5f2297381a..8f05dcab3e 100644 --- a/.github/workflows/test-ruby.yml +++ b/.github/workflows/test-ruby.yml @@ -28,11 +28,7 @@ jobs: env: RAILS_ENV: ${{ matrix.mode }} BUNDLE_WITH: ${{ matrix.mode }} - ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: precompile_placeholder - ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: precompile_placeholder - ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: precompile_placeholder - OTP_SECRET: precompile_placeholder - SECRET_KEY_BASE: precompile_placeholder + SECRET_KEY_BASE_DUMMY: 1 steps: - uses: actions/checkout@v4 diff --git a/Dockerfile b/Dockerfile index cb5b872059..2dc7602b2d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -212,11 +212,7 @@ ARG TARGETPLATFORM RUN \ # Use Ruby on Rails to create Mastodon assets - ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=precompile_placeholder \ - ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=precompile_placeholder \ - ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=precompile_placeholder \ - OTP_SECRET=precompile_placeholder \ - SECRET_KEY_BASE=precompile_placeholder \ + SECRET_KEY_BASE_DUMMY=1 \ bundle exec rails assets:precompile; \ # Cleanup temporary files rm -fr /opt/mastodon/tmp; diff --git a/config/environments/production.rb b/config/environments/production.rb index a39843e956..6686a23d60 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -156,7 +156,11 @@ Rails.application.configure do } # TODO: Remove once devise-two-factor data migration complete - config.x.otp_secret = ENV.fetch('OTP_SECRET') + config.x.otp_secret = if ENV['SECRET_KEY_BASE_DUMMY'] + SecureRandom.hex(64) + else + ENV.fetch('OTP_SECRET') + end # Enable DNS rebinding protection and other `Host` header attacks. # config.hosts = [ diff --git a/config/initializers/active_record_encryption.rb b/config/initializers/active_record_encryption.rb index 900f3c68f0..a83ca80765 100644 --- a/config/initializers/active_record_encryption.rb +++ b/config/initializers/active_record_encryption.rb @@ -5,6 +5,11 @@ ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY ).each do |key| + if ENV['SECRET_KEY_BASE_DUMMY'] + # Use placeholder value during production env asset compilation + ENV[key] = SecureRandom.hex(64) + end + value = ENV.fetch(key) do abort <<~MESSAGE From ef23abcf617813901e34c5dd9587ef7c88fd754d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 11 Jun 2024 08:55:30 +0200 Subject: [PATCH 02/17] chore(deps): update dependency aws-sdk-s3 to v1.152.1 (#30643) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 4d16fea47c..984bc32d49 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -109,7 +109,7 @@ GEM aws-sdk-kms (1.83.0) aws-sdk-core (~> 3, >= 3.197.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.152.0) + aws-sdk-s3 (1.152.1) aws-sdk-core (~> 3, >= 3.197.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.8) From cfd4823b65cc91e758ac9d6d97e367b19ca35691 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 02:57:09 -0400 Subject: [PATCH 03/17] Use fabricator in follow_spec (#30642) --- spec/models/follow_spec.rb | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/spec/models/follow_spec.rb b/spec/models/follow_spec.rb index c7743183cc..9aa172b2f2 100644 --- a/spec/models/follow_spec.rb +++ b/spec/models/follow_spec.rb @@ -36,16 +36,15 @@ RSpec.describe Follow do end end - describe 'recent' do - it 'sorts so that more recent follows comes earlier' do - follow0 = described_class.create!(account: alice, target_account: bob) - follow1 = described_class.create!(account: bob, target_account: alice) + describe '.recent' do + let!(:follow_earlier) { Fabricate(:follow) } + let!(:follow_later) { Fabricate(:follow) } - a = described_class.recent.to_a + it 'sorts with most recent follows first' do + results = described_class.recent - expect(a.size).to eq 2 - expect(a[0]).to eq follow1 - expect(a[1]).to eq follow0 + expect(results.size).to eq 2 + expect(results).to eq [follow_later, follow_earlier] end end From 0dabda9beec11706fbef8cbf8a141266cc69590c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 11 Jun 2024 09:14:52 +0200 Subject: [PATCH 04/17] New Crowdin Translations (automated) (#30646) Co-authored-by: GitHub Actions --- app/javascript/mastodon/locales/ar.json | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/app/javascript/mastodon/locales/ar.json b/app/javascript/mastodon/locales/ar.json index 68e32dd2aa..6d67d354b6 100644 --- a/app/javascript/mastodon/locales/ar.json +++ b/app/javascript/mastodon/locales/ar.json @@ -225,7 +225,11 @@ "domain_pill.their_username": "مُعرّفُهم الفريد على الخادم. من الممكن العثور على مستخدمين بنفس اسم المستخدم على خوادم مختلفة.", "domain_pill.username": "اسم المستخدم", "domain_pill.whats_in_a_handle": "ما المقصود بالمُعرِّف؟", + "domain_pill.who_they_are": "بما أن المعالجات تقول من هو الشخص ومكان وجوده، يمكنك التفاعل مع الناس عبر الشبكة الاجتماعية لـ .", + "domain_pill.who_you_are": "لأن معالجتك تقول من أنت ومكان وجودك، يمكن الناس التفاعل معك عبر الشبكة الاجتماعية لـ .", "domain_pill.your_handle": "عنوانك الكامل:", + "domain_pill.your_server": "منزلك الرقمي، حيث تعيش جميع مشاركاتك. لا تحب هذا؟ إنقل الخوادم في أي وقت واخضر متابعينك أيضًا.", + "domain_pill.your_username": "معرفك الفريد على هذا الخادم. من الممكن العثور على مستخدمين بنفس إسم المستخدم على خوادم مختلفة.", "embed.instructions": "يمكنكم إدماج هذا المنشور على موقعكم الإلكتروني عن طريق نسخ الشفرة أدناه.", "embed.preview": "إليك ما سيبدو عليه:", "emoji_button.activity": "الأنشطة", @@ -262,6 +266,7 @@ "empty_column.list": "هذه القائمة فارغة مؤقتا و لكن سوف تمتلئ تدريجيا عندما يبدأ الأعضاء المُنتَمين إليها بنشر منشورات.", "empty_column.lists": "ليس عندك أية قائمة بعد. سوف تظهر قوائمك هنا إن قمت بإنشاء واحدة.", "empty_column.mutes": "لم تقم بكتم أي مستخدم بعد.", + "empty_column.notification_requests": "لا يوجد شيء هنا. عندما تتلقى إشعارات جديدة، سوف تظهر هنا وفقًا لإعداداتك.", "empty_column.notifications": "لم تتلق أي إشعار بعدُ. تفاعل مع المستخدمين الآخرين لإنشاء محادثة.", "empty_column.public": "لا يوجد أي شيء هنا! قم بنشر شيء ما للعامة، أو اتبع المستخدمين الآخرين المتواجدين على الخوادم الأخرى لملء خيط المحادثات", "error.unexpected_crash.explanation": "نظرا لوجود خطأ في التعليمات البرمجية أو مشكلة توافق مع المتصفّح، تعذر عرض هذه الصفحة بشكل صحيح.", @@ -292,6 +297,8 @@ "filter_modal.select_filter.subtitle": "استخدم فئة موجودة أو قم بإنشاء فئة جديدة", "filter_modal.select_filter.title": "تصفية هذا المنشور", "filter_modal.title.status": "تصفية منشور", + "filtered_notifications_banner.mentions": "{count, plural, one {إشارة} two {إشارتين} few {# إشارات} other {# إشارة}}", + "filtered_notifications_banner.pending_requests": "إشعارات من {count, plural, zero {}=0 {لا أحد} one {شخص واحد قد تعرفه} two {شخصين قد تعرفهما} few {# أشخاص قد تعرفهم} many {# شخص قد تعرفهم} other {# شخص قد تعرفهم}}", "filtered_notifications_banner.title": "الإشعارات المصفاة", "firehose.all": "الكل", "firehose.local": "هذا الخادم", @@ -301,6 +308,8 @@ "follow_requests.unlocked_explanation": "حتى وإن كان حسابك غير مقفل، يعتقد فريق {domain} أنك قد ترغب في مراجعة طلبات المتابعة من هذه الحسابات يدوياً.", "follow_suggestions.curated_suggestion": "اختيار الموظفين", "follow_suggestions.dismiss": "لا تُظهرها مجدّدًا", + "follow_suggestions.featured_longer": "مختار يدوياً من قِبل فريق {domain}", + "follow_suggestions.friends_of_friends_longer": "مشهور بين الأشخاص الذين تتابعهم", "follow_suggestions.hints.featured": "تم اختيار هذا الملف الشخصي يدوياً من قبل فريق {domain}.", "follow_suggestions.hints.friends_of_friends": "هذا الملف الشخصي مشهور بين الأشخاص الذين تتابعهم.", "follow_suggestions.hints.most_followed": "هذا الملف الشخصي هو واحد من الأكثر متابعة على {domain}.", @@ -405,6 +414,7 @@ "limited_account_hint.action": "إظهار الملف التعريفي على أي حال", "limited_account_hint.title": "تم إخفاء هذا الملف الشخصي من قبل مشرفي {domain}.", "link_preview.author": "مِن {name}", + "link_preview.more_from_author": "المزيد من {name}", "lists.account.add": "أضف إلى القائمة", "lists.account.remove": "احذف من القائمة", "lists.delete": "احذف القائمة", @@ -465,10 +475,13 @@ "notification.follow_request": "لقد طلب {name} متابعتك", "notification.mention": "{name} ذكرك", "notification.moderation-warning.learn_more": "اعرف المزيد", + "notification.moderation_warning": "لقد تلقيت تحذيرًا بالإشراف", + "notification.moderation_warning.action_delete_statuses": "تم إزالة بعض مشاركاتك.", "notification.moderation_warning.action_disable": "تم تعطيل حسابك.", "notification.moderation_warning.action_mark_statuses_as_sensitive": "بعض من منشوراتك تم تصنيفها على أنها حساسة.", "notification.moderation_warning.action_none": "لقد تلقى حسابك تحذيرا بالإشراف.", "notification.moderation_warning.action_sensitive": "سيتم وضع علامة على منشوراتك على أنها حساسة من الآن فصاعدا.", + "notification.moderation_warning.action_silence": "لقد تم تقييد حسابك.", "notification.moderation_warning.action_suspend": "لقد تم تعليق حسابك.", "notification.own_poll": "انتهى استطلاعك للرأي", "notification.poll": "لقد انتهى استطلاع رأي شاركتَ فيه", From b2496177e00af2b9ce73b378233b2ef3de14cbe4 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 03:35:30 -0400 Subject: [PATCH 05/17] Use correct params in `v1/admin/domain_allows` spec (#30378) --- spec/requests/api/v1/admin/domain_allows_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/requests/api/v1/admin/domain_allows_spec.rb b/spec/requests/api/v1/admin/domain_allows_spec.rb index 662a8f9a8d..b8f0b0055c 100644 --- a/spec/requests/api/v1/admin/domain_allows_spec.rb +++ b/spec/requests/api/v1/admin/domain_allows_spec.rb @@ -113,7 +113,7 @@ RSpec.describe 'Domain Allows' do end context 'with invalid domain name' do - let(:params) { 'foo bar' } + let(:params) { { domain: 'foo bar' } } it 'returns http unprocessable entity' do subject From edf6d64eebdf4c1651f09c0e314d46b7436b46df Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 03:36:46 -0400 Subject: [PATCH 06/17] Use correct params in `settings/preferences/appearance` spec (#30379) --- .../settings/preferences/appearance_controller_spec.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/spec/controllers/settings/preferences/appearance_controller_spec.rb b/spec/controllers/settings/preferences/appearance_controller_spec.rb index 261c426acb..84b8277250 100644 --- a/spec/controllers/settings/preferences/appearance_controller_spec.rb +++ b/spec/controllers/settings/preferences/appearance_controller_spec.rb @@ -23,8 +23,11 @@ describe Settings::Preferences::AppearanceController do end describe 'PUT #update' do + subject { put :update, params: { user: { settings_attributes: { theme: 'contrast' } } } } + it 'redirects correctly' do - put :update, params: { user: { setting_theme: 'contrast' } } + expect { subject } + .to change { user.reload.settings.theme }.to('contrast') expect(response).to redirect_to(settings_preferences_appearance_path) end From 88cfc4056de1f7ab86011eb80b904cd9cd6dc754 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 03:42:15 -0400 Subject: [PATCH 07/17] Extract method to generate series of days in measure sql classes (#29928) --- .../admin/metrics/measure/instance_accounts_measure.rb | 2 +- .../admin/metrics/measure/instance_followers_measure.rb | 2 +- app/lib/admin/metrics/measure/instance_follows_measure.rb | 2 +- .../metrics/measure/instance_media_attachments_measure.rb | 2 +- app/lib/admin/metrics/measure/instance_reports_measure.rb | 2 +- .../admin/metrics/measure/instance_statuses_measure.rb | 2 +- app/lib/admin/metrics/measure/new_users_measure.rb | 2 +- app/lib/admin/metrics/measure/opened_reports_measure.rb | 2 +- app/lib/admin/metrics/measure/query_helper.rb | 8 ++++++++ app/lib/admin/metrics/measure/resolved_reports_measure.rb | 2 +- app/lib/admin/metrics/measure/tag_servers_measure.rb | 2 +- 11 files changed, 18 insertions(+), 10 deletions(-) diff --git a/app/lib/admin/metrics/measure/instance_accounts_measure.rb b/app/lib/admin/metrics/measure/instance_accounts_measure.rb index 3d081fdd90..746780ee77 100644 --- a/app/lib/admin/metrics/measure/instance_accounts_measure.rb +++ b/app/lib/admin/metrics/measure/instance_accounts_measure.rb @@ -43,7 +43,7 @@ class Admin::Metrics::Measure::InstanceAccountsMeasure < Admin::Metrics::Measure SELECT count(*) FROM new_accounts ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/instance_followers_measure.rb b/app/lib/admin/metrics/measure/instance_followers_measure.rb index 378c6754d9..0693d5a64a 100644 --- a/app/lib/admin/metrics/measure/instance_followers_measure.rb +++ b/app/lib/admin/metrics/measure/instance_followers_measure.rb @@ -44,7 +44,7 @@ class Admin::Metrics::Measure::InstanceFollowersMeasure < Admin::Metrics::Measur SELECT count(*) FROM new_followers ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/instance_follows_measure.rb b/app/lib/admin/metrics/measure/instance_follows_measure.rb index e213348fbc..90d3819358 100644 --- a/app/lib/admin/metrics/measure/instance_follows_measure.rb +++ b/app/lib/admin/metrics/measure/instance_follows_measure.rb @@ -44,7 +44,7 @@ class Admin::Metrics::Measure::InstanceFollowsMeasure < Admin::Metrics::Measure: SELECT count(*) FROM new_follows ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/instance_media_attachments_measure.rb b/app/lib/admin/metrics/measure/instance_media_attachments_measure.rb index 1d2dbbe414..89f8b41497 100644 --- a/app/lib/admin/metrics/measure/instance_media_attachments_measure.rb +++ b/app/lib/admin/metrics/measure/instance_media_attachments_measure.rb @@ -53,7 +53,7 @@ class Admin::Metrics::Measure::InstanceMediaAttachmentsMeasure < Admin::Metrics: SELECT COALESCE(SUM(size), 0) FROM new_media_attachments ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/instance_reports_measure.rb b/app/lib/admin/metrics/measure/instance_reports_measure.rb index 9da3d53e34..5f58387a64 100644 --- a/app/lib/admin/metrics/measure/instance_reports_measure.rb +++ b/app/lib/admin/metrics/measure/instance_reports_measure.rb @@ -44,7 +44,7 @@ class Admin::Metrics::Measure::InstanceReportsMeasure < Admin::Metrics::Measure: SELECT count(*) FROM new_reports ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/instance_statuses_measure.rb b/app/lib/admin/metrics/measure/instance_statuses_measure.rb index b918a30a57..5873c6e71f 100644 --- a/app/lib/admin/metrics/measure/instance_statuses_measure.rb +++ b/app/lib/admin/metrics/measure/instance_statuses_measure.rb @@ -45,7 +45,7 @@ class Admin::Metrics::Measure::InstanceStatusesMeasure < Admin::Metrics::Measure SELECT count(*) FROM new_statuses ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/new_users_measure.rb b/app/lib/admin/metrics/measure/new_users_measure.rb index 6837c14c82..32057154d6 100644 --- a/app/lib/admin/metrics/measure/new_users_measure.rb +++ b/app/lib/admin/metrics/measure/new_users_measure.rb @@ -32,7 +32,7 @@ class Admin::Metrics::Measure::NewUsersMeasure < Admin::Metrics::Measure::BaseMe SELECT count(*) FROM new_users ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/opened_reports_measure.rb b/app/lib/admin/metrics/measure/opened_reports_measure.rb index c395c46341..47de38bbe6 100644 --- a/app/lib/admin/metrics/measure/opened_reports_measure.rb +++ b/app/lib/admin/metrics/measure/opened_reports_measure.rb @@ -32,7 +32,7 @@ class Admin::Metrics::Measure::OpenedReportsMeasure < Admin::Metrics::Measure::B SELECT count(*) FROM new_reports ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/query_helper.rb b/app/lib/admin/metrics/measure/query_helper.rb index 969065f73f..5969a96ba9 100644 --- a/app/lib/admin/metrics/measure/query_helper.rb +++ b/app/lib/admin/metrics/measure/query_helper.rb @@ -15,6 +15,14 @@ module Admin::Metrics::Measure::QueryHelper ActiveRecord::Base.sanitize_sql_array(sql_array) end + def generated_series_days + Arel.sql( + <<~SQL.squish + SELECT generate_series(timestamp :start_at, :end_at, '1 day')::date AS period + SQL + ) + end + def account_domain_sql(include_subdomains) if include_subdomains "accounts.domain IN (SELECT domain FROM instances WHERE reverse('.' || domain) LIKE reverse('.' || :domain::text))" diff --git a/app/lib/admin/metrics/measure/resolved_reports_measure.rb b/app/lib/admin/metrics/measure/resolved_reports_measure.rb index 780db75a10..ecfd779c86 100644 --- a/app/lib/admin/metrics/measure/resolved_reports_measure.rb +++ b/app/lib/admin/metrics/measure/resolved_reports_measure.rb @@ -32,7 +32,7 @@ class Admin::Metrics::Measure::ResolvedReportsMeasure < Admin::Metrics::Measure: SELECT count(*) FROM resolved_reports ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) AS axis SQL end diff --git a/app/lib/admin/metrics/measure/tag_servers_measure.rb b/app/lib/admin/metrics/measure/tag_servers_measure.rb index f273d739d0..5db1076062 100644 --- a/app/lib/admin/metrics/measure/tag_servers_measure.rb +++ b/app/lib/admin/metrics/measure/tag_servers_measure.rb @@ -40,7 +40,7 @@ class Admin::Metrics::Measure::TagServersMeasure < Admin::Metrics::Measure::Base SELECT COUNT(*) FROM tag_servers ) AS value FROM ( - SELECT generate_series(date_trunc('day', :start_at::timestamp)::date, date_trunc('day', :end_at::timestamp)::date, interval '1 day') AS period + #{generated_series_days} ) as axis SQL end From 1622f7aeb9e911d43296caef45e17181652c9c0e Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 03:48:42 -0400 Subject: [PATCH 08/17] Remove duplicate fabricator validity checks (#29667) --- spec/models/import_spec.rb | 5 ----- spec/models/poll_spec.rb | 8 -------- 2 files changed, 13 deletions(-) diff --git a/spec/models/import_spec.rb b/spec/models/import_spec.rb index 3605f0b9bf..10df5f8c0b 100644 --- a/spec/models/import_spec.rb +++ b/spec/models/import_spec.rb @@ -8,11 +8,6 @@ RSpec.describe Import do let(:data) { attachment_fixture('imports.txt') } describe 'validations' do - it 'has a valid parameters' do - import = described_class.create(account: account, type: type, data: data) - expect(import).to be_valid - end - it 'is invalid without an type' do import = described_class.create(account: account, data: data) expect(import).to model_have_error_on_field(:type) diff --git a/spec/models/poll_spec.rb b/spec/models/poll_spec.rb index 5aa5548cc8..ebcc459078 100644 --- a/spec/models/poll_spec.rb +++ b/spec/models/poll_spec.rb @@ -31,14 +31,6 @@ describe Poll do end describe 'validations' do - context 'when valid' do - let(:poll) { Fabricate.build(:poll) } - - it 'is valid with valid attributes' do - expect(poll).to be_valid - end - end - context 'when not valid' do let(:poll) { Fabricate.build(:poll, expires_at: nil) } From 665f6f09a07fa9d1d813e8343f1687b369e7f3dc Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 04:50:51 -0400 Subject: [PATCH 09/17] Add expired/revoked scopes for doorkeeper models via extension modules (#29936) --- app/lib/access_grant_extension.rb | 10 ++++++++++ app/lib/access_token_extension.rb | 4 ++++ app/lib/vacuum/access_tokens_vacuum.rb | 8 ++++---- app/models/web/push_subscription.rb | 2 +- config/application.rb | 1 + 5 files changed, 20 insertions(+), 5 deletions(-) create mode 100644 app/lib/access_grant_extension.rb diff --git a/app/lib/access_grant_extension.rb b/app/lib/access_grant_extension.rb new file mode 100644 index 0000000000..bf8f5ae25a --- /dev/null +++ b/app/lib/access_grant_extension.rb @@ -0,0 +1,10 @@ +# frozen_string_literal: true + +module AccessGrantExtension + extend ActiveSupport::Concern + + included do + scope :expired, -> { where.not(expires_in: nil).where('created_at + MAKE_INTERVAL(secs => expires_in) < NOW()') } + scope :revoked, -> { where.not(revoked_at: nil).where(revoked_at: ...Time.now.utc) } + end +end diff --git a/app/lib/access_token_extension.rb b/app/lib/access_token_extension.rb index 4e9585dd1e..6e06f988a5 100644 --- a/app/lib/access_token_extension.rb +++ b/app/lib/access_token_extension.rb @@ -9,6 +9,10 @@ module AccessTokenExtension has_many :web_push_subscriptions, class_name: 'Web::PushSubscription', inverse_of: :access_token after_commit :push_to_streaming_api + + scope :expired, -> { where.not(expires_in: nil).where('created_at + MAKE_INTERVAL(secs => expires_in) < NOW()') } + scope :not_revoked, -> { where(revoked_at: nil) } + scope :revoked, -> { where.not(revoked_at: nil).where(revoked_at: ...Time.now.utc) } end def revoke(clock = Time) diff --git a/app/lib/vacuum/access_tokens_vacuum.rb b/app/lib/vacuum/access_tokens_vacuum.rb index a224f6d638..281ae22bf0 100644 --- a/app/lib/vacuum/access_tokens_vacuum.rb +++ b/app/lib/vacuum/access_tokens_vacuum.rb @@ -9,12 +9,12 @@ class Vacuum::AccessTokensVacuum private def vacuum_revoked_access_tokens! - Doorkeeper::AccessToken.where.not(expires_in: nil).where('created_at + make_interval(secs => expires_in) < NOW()').in_batches.delete_all - Doorkeeper::AccessToken.where.not(revoked_at: nil).where('revoked_at < NOW()').in_batches.delete_all + Doorkeeper::AccessToken.expired.in_batches.delete_all + Doorkeeper::AccessToken.revoked.in_batches.delete_all end def vacuum_revoked_access_grants! - Doorkeeper::AccessGrant.where.not(expires_in: nil).where('created_at + make_interval(secs => expires_in) < NOW()').in_batches.delete_all - Doorkeeper::AccessGrant.where.not(revoked_at: nil).where('revoked_at < NOW()').in_batches.delete_all + Doorkeeper::AccessGrant.expired.in_batches.delete_all + Doorkeeper::AccessGrant.revoked.in_batches.delete_all end end diff --git a/app/models/web/push_subscription.rb b/app/models/web/push_subscription.rb index b482ad3afe..ddfd08146e 100644 --- a/app/models/web/push_subscription.rb +++ b/app/models/web/push_subscription.rb @@ -75,7 +75,7 @@ class Web::PushSubscription < ApplicationRecord class << self def unsubscribe_for(application_id, resource_owner) - access_token_ids = Doorkeeper::AccessToken.where(application_id: application_id, resource_owner_id: resource_owner.id, revoked_at: nil).pluck(:id) + access_token_ids = Doorkeeper::AccessToken.where(application_id: application_id, resource_owner_id: resource_owner.id).not_revoked.pluck(:id) where(access_token_id: access_token_ids).delete_all end end diff --git a/config/application.rb b/config/application.rb index b3a9b99ff5..65407da05c 100644 --- a/config/application.rb +++ b/config/application.rb @@ -115,6 +115,7 @@ module Mastodon Doorkeeper::AuthorizationsController.layout 'modal' Doorkeeper::AuthorizedApplicationsController.layout 'admin' Doorkeeper::Application.include ApplicationExtension + Doorkeeper::AccessGrant.include AccessGrantExtension Doorkeeper::AccessToken.include AccessTokenExtension Devise::FailureApp.include AbstractController::Callbacks Devise::FailureApp.include Localized From 410370eecdcc6ad7aeac30c48957d3b044e7cabe Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 05:40:47 -0400 Subject: [PATCH 10/17] Extract `PERMITTED_PARAMS` constant from `admin/domain_blocks` controller (#30380) --- .../admin/domain_blocks_controller.rb | 22 +++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/app/controllers/admin/domain_blocks_controller.rb b/app/controllers/admin/domain_blocks_controller.rb index 325b33df80..16a8cb9eea 100644 --- a/app/controllers/admin/domain_blocks_controller.rb +++ b/app/controllers/admin/domain_blocks_controller.rb @@ -4,6 +4,18 @@ module Admin class DomainBlocksController < BaseController before_action :set_domain_block, only: [:destroy, :edit, :update] + PERMITTED_PARAMS = %i( + domain + obfuscate + private_comment + public_comment + reject_media + reject_reports + severity + ).freeze + + PERMITTED_UPDATE_PARAMS = PERMITTED_PARAMS.without(:domain).freeze + def batch authorize :domain_block, :create? @form = Form::DomainBlockBatch.new(form_domain_block_batch_params.merge(current_account: current_account, action: action_from_button)) @@ -88,11 +100,17 @@ module Admin end def update_params - params.require(:domain_block).permit(:severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate) + params + .require(:domain_block) + .slice(*PERMITTED_UPDATE_PARAMS) + .permit(*PERMITTED_UPDATE_PARAMS) end def resource_params - params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate) + params + .require(:domain_block) + .slice(*PERMITTED_PARAMS) + .permit(*PERMITTED_PARAMS) end def form_domain_block_batch_params From f48f39a7679667da51171a77a0e1bcbc7512cd36 Mon Sep 17 00:00:00 2001 From: David Roetzel Date: Tue, 11 Jun 2024 14:54:37 +0200 Subject: [PATCH 11/17] Fix cutoff of instance name (#30598) --- app/javascript/styles/mastodon/forms.scss | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/javascript/styles/mastodon/forms.scss b/app/javascript/styles/mastodon/forms.scss index f6ec44fb53..26bb2bee14 100644 --- a/app/javascript/styles/mastodon/forms.scss +++ b/app/javascript/styles/mastodon/forms.scss @@ -613,9 +613,10 @@ code { font-family: inherit; pointer-events: none; cursor: default; - max-width: 140px; + max-width: 50%; white-space: nowrap; overflow: hidden; + text-overflow: ellipsis; &::after { content: ''; From 328d3a87f5749b5b9ea2c17289fc7a53dbaa6d7b Mon Sep 17 00:00:00 2001 From: Claire Date: Tue, 11 Jun 2024 15:58:10 +0200 Subject: [PATCH 12/17] Fix libvips color extraction when multiple maxima differ only on blue component (#30632) --- lib/paperclip/color_extractor.rb | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/lib/paperclip/color_extractor.rb b/lib/paperclip/color_extractor.rb index 0f168d233b..378af0961d 100644 --- a/lib/paperclip/color_extractor.rb +++ b/lib/paperclip/color_extractor.rb @@ -122,26 +122,28 @@ module Paperclip colors['out_array'].zip(colors['x_array'], colors['y_array']).map do |v, x, y| rgb_from_xyv(histogram, x, y, v) - end.reverse + end.flatten.reverse.uniq end # rubocop:disable Naming/MethodParameterName def rgb_from_xyv(image, x, y, v) pixel = image.getpoint(x, y) - # Unfortunately, we only have the first 2 dimensions, so try to - # guess the third one by looking up the value + # As we only have the first 2 dimensions for this maximum, we + # can't distinguish with different maxima with the same `r` and `g` + # values but different `b` values. + # + # Therefore, we return an array of maxima, which is always non-empty, + # but may contain multiple colors with the same values. - # NOTE: this means that if multiple bins with the same `r` and `g` - # components have the same number of occurrences, we will always return - # the one with the lowest `b` value. This means that in case of a tie, - # we will return the same color twice and skip the ones it tied with. - z = pixel.find_index(v) + pixel.filter_map.with_index do |pv, z| + next if pv != v - r = (x + 0.5) * 256 / BINS - g = (y + 0.5) * 256 / BINS - b = (z + 0.5) * 256 / BINS - ColorDiff::Color::RGB.new(r, g, b) + r = (x + 0.5) * 256 / BINS + g = (y + 0.5) * 256 / BINS + b = (z + 0.5) * 256 / BINS + ColorDiff::Color::RGB.new(r, g, b) + end end def w3c_contrast(color1, color2) From b124dff1748797e54256e1c8161d18513b921458 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 11 Jun 2024 15:58:40 +0200 Subject: [PATCH 13/17] chore(deps): update opentelemetry-ruby (non-major) (#30648) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- Gemfile.lock | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 984bc32d49..c2253fe19c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -498,6 +498,10 @@ GEM opentelemetry-semantic_conventions opentelemetry-helpers-sql-obfuscation (0.1.0) opentelemetry-common (~> 0.20) + opentelemetry-instrumentation-action_mailer (0.1.0) + opentelemetry-api (~> 1.0) + opentelemetry-instrumentation-active_support (~> 0.1) + opentelemetry-instrumentation-base (~> 0.22.1) opentelemetry-instrumentation-action_pack (0.9.0) opentelemetry-api (~> 1.0) opentelemetry-instrumentation-base (~> 0.22.1) @@ -551,8 +555,9 @@ GEM opentelemetry-api (~> 1.0) opentelemetry-common (~> 0.20.0) opentelemetry-instrumentation-base (~> 0.22.1) - opentelemetry-instrumentation-rails (0.30.1) + opentelemetry-instrumentation-rails (0.30.2) opentelemetry-api (~> 1.0) + opentelemetry-instrumentation-action_mailer (~> 0.1.0) opentelemetry-instrumentation-action_pack (~> 0.9.0) opentelemetry-instrumentation-action_view (~> 0.7.0) opentelemetry-instrumentation-active_job (~> 0.7.0) From 62d070c438a2cccb6af486a02d8c6839d642c827 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 09:59:56 -0400 Subject: [PATCH 14/17] Check both before/after state in `AccountDomainBlock` spec (#30640) --- spec/models/account_domain_block_spec.rb | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/spec/models/account_domain_block_spec.rb b/spec/models/account_domain_block_spec.rb index 10bd579363..d994403b8e 100644 --- a/spec/models/account_domain_block_spec.rb +++ b/spec/models/account_domain_block_spec.rb @@ -3,22 +3,30 @@ require 'rails_helper' RSpec.describe AccountDomainBlock do + let(:account) { Fabricate(:account) } + it 'removes blocking cache after creation' do - account = Fabricate(:account) Rails.cache.write("exclude_domains_for:#{account.id}", 'a.domain.already.blocked') - described_class.create!(account: account, domain: 'a.domain.blocked.later') - - expect(Rails.cache.exist?("exclude_domains_for:#{account.id}")).to be false + expect { block_domain_for_account('a.domain.blocked.later') } + .to change { account_has_exclude_domains_cache? }.to(false) end it 'removes blocking cache after destruction' do - account = Fabricate(:account) - block = described_class.create!(account: account, domain: 'domain') + block = block_domain_for_account('domain') Rails.cache.write("exclude_domains_for:#{account.id}", 'domain') - block.destroy! + expect { block.destroy! } + .to change { account_has_exclude_domains_cache? }.to(false) + end - expect(Rails.cache.exist?("exclude_domains_for:#{account.id}")).to be false + private + + def block_domain_for_account(domain) + Fabricate(:account_domain_block, account: account, domain: domain) + end + + def account_has_exclude_domains_cache? + Rails.cache.exist?("exclude_domains_for:#{account.id}") end end From 978601a0ae556c4e214df8f6d73181c2a6359531 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 11:29:41 -0400 Subject: [PATCH 15/17] Extract permitted params constant in v1/admin/tags (#30652) --- app/controllers/api/v1/admin/tags_controller.rb | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/app/controllers/api/v1/admin/tags_controller.rb b/app/controllers/api/v1/admin/tags_controller.rb index 67d987d0e3..283383acb4 100644 --- a/app/controllers/api/v1/admin/tags_controller.rb +++ b/app/controllers/api/v1/admin/tags_controller.rb @@ -13,6 +13,13 @@ class Api::V1::Admin::TagsController < Api::BaseController LIMIT = 100 + PERMITTED_PARAMS = %i( + display_name + listable + trendable + usable + ).freeze + def index authorize :tag, :index? render json: @tags, each_serializer: REST::Admin::TagSerializer @@ -40,7 +47,9 @@ class Api::V1::Admin::TagsController < Api::BaseController end def tag_params - params.permit(:display_name, :trendable, :usable, :listable) + params + .slice(*PERMITTED_PARAMS) + .permit(*PERMITTED_PARAMS) end def next_path From 921b0db5440cc6e0bc990d6f0186c43aaa887fe9 Mon Sep 17 00:00:00 2001 From: Claire Date: Tue, 11 Jun 2024 17:29:45 +0200 Subject: [PATCH 16/17] Add `noindex` meta tag and `rel=canonical` link to redirect interstitials (#30651) --- app/views/redirects/show.html.haml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/views/redirects/show.html.haml b/app/views/redirects/show.html.haml index 0d09387a9c..64436e05d1 100644 --- a/app/views/redirects/show.html.haml +++ b/app/views/redirects/show.html.haml @@ -1,3 +1,7 @@ +- content_for :header_tags do + %meta{ name: 'robots', content: 'noindex, noarchive' }/ + %link{ rel: 'canonical', href: @redirect_path } + .redirect .redirect__logo = link_to render_logo, root_path From d818ddd6870094e89e58ef61f37da4cb73935856 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 11 Jun 2024 11:36:21 -0400 Subject: [PATCH 17/17] Extract `SIGN_COUNT_LIMIT` constant in `WebauthnCredential` class (#30636) --- app/models/webauthn_credential.rb | 4 +++- ...bauthn_credentials_spec.rb => webauthn_credential_spec.rb} | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) rename spec/models/{webauthn_credentials_spec.rb => webauthn_credential_spec.rb} (95%) diff --git a/app/models/webauthn_credential.rb b/app/models/webauthn_credential.rb index 4fa31ece52..d7ed1b9d40 100644 --- a/app/models/webauthn_credential.rb +++ b/app/models/webauthn_credential.rb @@ -15,9 +15,11 @@ # class WebauthnCredential < ApplicationRecord + SIGN_COUNT_LIMIT = (2**63) + validates :external_id, :public_key, :nickname, :sign_count, presence: true validates :external_id, uniqueness: true validates :nickname, uniqueness: { scope: :user_id } validates :sign_count, - numericality: { only_integer: true, greater_than_or_equal_to: 0, less_than_or_equal_to: (2**63) - 1 } + numericality: { only_integer: true, greater_than_or_equal_to: 0, less_than_or_equal_to: SIGN_COUNT_LIMIT - 1 } end diff --git a/spec/models/webauthn_credentials_spec.rb b/spec/models/webauthn_credential_spec.rb similarity index 95% rename from spec/models/webauthn_credentials_spec.rb rename to spec/models/webauthn_credential_spec.rb index 9631245e11..23f0229a67 100644 --- a/spec/models/webauthn_credentials_spec.rb +++ b/spec/models/webauthn_credential_spec.rb @@ -71,8 +71,8 @@ RSpec.describe WebauthnCredential do expect(webauthn_credential).to model_have_error_on_field(:sign_count) end - it 'is invalid if sign_count is greater 2**63 - 1' do - webauthn_credential = Fabricate.build(:webauthn_credential, sign_count: 2**63) + it 'is invalid if sign_count is greater than the limit' do + webauthn_credential = Fabricate.build(:webauthn_credential, sign_count: (described_class::SIGN_COUNT_LIMIT * 2)) webauthn_credential.valid?