Tree: 9ca179e2e9

WIP-hometown-skip-link

dariusk-working/4_3_0

dariusk-working/4_4_0

dariusk-working/4_5_0

hometown-1.0.8-security

hometown-3.5.10-merge

hometown-3.5.14-merge

hometown-4.0.10-merge

hometown-4.0.4

hometown-4.0.6-merge

hometown-4.2-merge

hometown-dev

hometown-rich-text

lets-bump-hometown-to-mastodon-4.2

v4.2.17+hometown-1.1.1

v4.2.17+hometown-1.1.2

2019-06-18

pre-release-0.1.0

v0.0.1.0

v0.1.0

v0.1.1

v0.1.2

v0.6

v0.7

v0.8

v0.9

v0.9.9

v1.0

v1.0.0+2.9.3

v1.0.1+2.9.3

v1.0.2+2.9.3

v1.0.3+3.0.1

v1.0.3+3.1.2

v1.0.4+3.1.4

v1.0.4+3.1.5

v1.0.5+3.2.0

v1.0.5+3.3.0

v1.0.5+3.4.0

v1.0.5+3.4.6

v1.0.5+3.5.2

v1.0.6+3.5.2

v1.0.7+3.5.4

v1.0.7+3.5.5

v1.1

v1.1.1

v1.1.2

v1.2

v1.2.1

v1.2.2

v1.3

v1.3.1

v1.3.2

v1.3.3

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4rc1

v1.4rc2

v1.4rc3

v1.4rc4

v1.4rc5

v1.4rc6

v1.5.0

v1.5.0rc1

v1.5.0rc2

v1.5.0rc3

v1.5.1

v1.6.0

v1.6.0rc1

v1.6.0rc2

v1.6.0rc3

v1.6.0rc4

v1.6.0rc5

v1.6.1

v2.0.0

v2.0.0rc1

v2.0.0rc2

v2.0.0rc3

v2.0.0rc4

v2.1.0

v2.1.0rc1

v2.1.0rc2

v2.1.0rc3

v2.1.0rc4

v2.1.0rc5

v2.1.0rc6

v2.1.1

v2.1.2

v2.1.3

v2.2.0

v2.2.0rc1

v2.2.0rc2

v2.3.0

v2.3.0rc1

v2.3.0rc2

v2.3.0rc3

v2.3.1

v2.3.1rc1

v2.3.1rc2

v2.3.1rc3

v2.3.2

v2.3.2rc1

v2.3.2rc2

v2.3.2rc3

v2.3.2rc4

v2.3.2rc5

v2.3.3

v2.4.0

v2.4.0rc1

v2.4.0rc2

v2.4.0rc3

v2.4.0rc4

v2.4.0rc5

v2.4.1

v2.4.1rc1

v2.4.1rc2

v2.4.1rc3

v2.4.1rc4

v2.4.2

v2.4.2rc1

v2.4.2rc2

v2.4.2rc3

v2.4.3

v2.4.3rc1

v2.4.3rc2

v2.4.3rc3

v2.4.4

v2.4.5

v2.5.0

v2.5.0rc1

v2.5.0rc2

v2.5.1

v2.5.2

v2.6.0

v2.6.0rc1

v2.6.0rc2

v2.6.0rc3

v2.6.0rc4

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.7.0

v2.7.0rc1

v2.7.0rc2

v2.7.0rc3

v2.7.1

v2.7.2

v2.7.3

v2.7.4

v2.8.0

v2.8.0rc1

v2.8.0rc2

v2.8.0rc3

v2.8.1

v2.8.2

v2.8.3

v2.8.4

v2.9.0

v2.9.0rc1

v2.9.0rc2

v2.9.1

v2.9.2

v2.9.3

v2.9.4

v3.0.0

v3.0.0rc1

v3.0.0rc2

v3.0.0rc3

v3.0.1

v3.0.2

v3.1.0

v3.1.0rc1

v3.1.0rc2

v3.1.1

v3.1.2

v3.1.3

v3.1.4

v3.1.5

v3.2.0

v3.2.0rc1

v3.2.0rc2

v3.2.1

v3.2.2

v3.3.0

v3.3.0rc1

v3.3.0rc2

v3.3.0rc3

v3.3.1

v3.3.2

v3.3.3

v3.4.0

v3.4.0rc1

v3.4.0rc2

v3.4.1

v3.4.2

v3.4.3

v3.4.4

v3.4.5

v3.4.6

v3.4.7

v3.5.0

v3.5.0rc1

v3.5.0rc2

v3.5.0rc3

v3.5.1

v3.5.10+hometown-1.0.8

v3.5.14+hometown-1.0.8

v3.5.17+hometown-1.0.8

v3.5.19+hometown-1.0.8

v3.5.2

v3.5.5+hometown-1.0.8

v4.0.10+hometown-1.1.1

v4.0.13+hometown-1.1.1

v4.0.14+hometown-1.1.1

v4.0.15+hometown-1.1.1

v4.0.2+hometown-1.1.0

v4.0.2+hometown-1.1.1

v4.0.4+hometown-1.1.1

v4.0.4+hometown-1.1.1-patch

v4.0.5+hometown-1.1.1

v4.0.6+hometown-1.1.1

v4.2.10+hometown-1.1.1

v4.2.17+hometown-1.1.2

v4.5.6+hometown-1.2.0

v4.5.7+hometown-1.2.0

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '9ca179e2e9'

${ noResults }

Commit Graph

141 Commits (9ca179e2e95bdce4fca6d91300a2c63dbc348182)

Author	SHA1	Message	Date
Misty De Meo	23633720a8	merge tag v4.5.0	4 months ago
Misty De Meo	86df8feb80	merge v4.4.0 into mastodon_4_3_0	4 months ago
Misty De Meo	63f17f1775	ruby: fix formatting in hometown code & merge errors	4 months ago
Matt Jankowski	a397141d78	Move non-action public method controller callback to private methods (#31933)	2 years ago
Matt Jankowski	a9d0b48b65	Set "admin" body class from `admin` nested layout (#31269)	2 years ago
Renaud Chaput	c3e1d86d58	Fix log out from user menu not working on Safari (#31402)	2 years ago
Claire	2ec1181ee5	Fix contrast between background and form elements on some pages (#31266)	2 years ago
Matt Jankowski	929b9fdaff	Remove exclusion for `Rails/LexicallyScopedActionFilter` cop (#30697)	2 years ago
Matt Jankowski	9b5055d34d	Fix `Style/SuperArguments` cop (#30406)	2 years ago
Misty De Méo	ba20b7d86a	Merge upstream changes from v4.0.15 (#1344) ... This includes the security content of Mastodon 4.0.15/4.2.7. https://github.com/mastodon/mastodon/releases/tag/v4.2.7 --------- Co-authored-by: Claire <claire.github-309c@sitedethib.com> Co-authored-by: Matt Jankowski <matt@jankowski.online>	2 years ago
Claire	870ee80fd3	Fix user creation failure handling in OAuth paths (#29207)	2 years ago
Claire	d4d0565b0f	Fix user creation failure handling in OAuth paths (#29207)	2 years ago
Misty De Méo	3c9599f19a	Upstream backports (#1343) ... This backports the commits from the upstream `stable-4.0` branch, including the security content of [4.2.6](https://github.com/mastodon/mastodon/releases/tag/v4.2.6). --------- Co-authored-by: blah <blah@blah> Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com> Co-authored-by: Claire <claire.github-309c@sitedethib.com>	2 years ago
Claire	b31af34c97	Merge pull request from GHSA-vm39-j3vx-pch3 ... * Prevent different identities from a same SSO provider from accessing a same account * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true` * Rename methods to avoid confusion between OAuth and OmniAuth	2 years ago
Claire	f1700523f1	Merge pull request from GHSA-vm39-j3vx-pch3 ... * Prevent different identities from a same SSO provider from accessing a same account * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true` * Rename methods to avoid confusion between OAuth and OmniAuth	2 years ago
Claire	eeabf9af72	Fix compatibility with Redis <6.2 (#29123)	2 years ago
Matt Jankowski	17ea22671d	Fix `Style/GuardClause` cop in app/controllers (#28420)	2 years ago
Claire	6fe2a47357	Add rate-limit of TOTP authentication attempts at controller level (#28801)	2 years ago
Claire	e2d9635074	Add notification email on invalid second authenticator (#28822)	2 years ago
Claire	3593ee2e36	Add rate-limit of TOTP authentication attempts at controller level (#28801)	2 years ago
Matt Jankowski	0e5b8fc46b	Fix `Style/RedundantReturn` cop (#28391)	2 years ago
Claire	963354978a	Add `Account#unavailable?` and `Account#permanently_unavailable?` aliases (#28053)	2 years ago
Matt Jankowski	1f1c75bba5	File cleanup/organization in `controllers/concerns` (#27846)	2 years ago
Claire	07a4059901	Add support for invite codes in the registration API (#27805)	2 years ago
Claire	49b8433c56	Fix confusing screen when visiting a confirmation link for an already-confirmed email (#27368)	2 years ago
Claire	379115e601	Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439)	2 years ago
Matt Jankowski	340f1a68be	Simplify instance presenter view access (#26046)	3 years ago
Matt Jankowski	50ff3d3342	Coverage for `Auth::OmniauthCallbacks` controller (#26147)	3 years ago
Claire	b629e21515	Fix unexpected redirection to /explore after sign-in (#26143)	3 years ago
Matt Jankowski	5134fc65e2	Fix `Naming/AccessorMethodName` cop (#25924)	3 years ago
Claire	e6a8faae81	Add users index on unconfirmed_email (#25672)	3 years ago
Claire	180f0e6715	Fix inefficient query when requesting a new confirmation email from a logged-in account (#25669)	3 years ago
Eugen Rochko	f20698000f	Fix always redirecting to onboarding in web UI (#25396)	3 years ago
Frankie Roberto	36a77748b4	Order sessions by most-recent to least-recently updated (#25005)	3 years ago
Claire	bec6a1cad4	Add hCaptcha support (#25019)	3 years ago
Matt Jankowski	6e226f5a32	Fix Rails/ActionOrder cop (#24692)	3 years ago
Eugen Rochko	e98c86050a	Refactor `Cache-Control` and `Vary` definitions (#24347)	3 years ago
Eugen Rochko	e5c0b16735	Add progress indicator to sign-up flow (#24545)	3 years ago
Claire	51572ac615	Fix invalid/expired invites being processed on sign-up (#24337)	3 years ago
Claire	274bb193b2	Fix invalid/expired invites being processed on sign-up (#24337)	3 years ago
Claire	280fa3b2c0	Fix invalid/expired invites being processed on sign-up (#24337)	3 years ago
CSDUMMI	d258ec8e3b	Prefer the stored location as after_sign_in_path in Omniauth Callback Controller (#24073)	3 years ago
Nick Schonning	aef0051fd0	Enable Rubocop HTTP status rules (#23717)	3 years ago
Nick Schonning	e2a3ebb271	Autofix Rubocop Style/IfUnlessModifier (#23697)	3 years ago
David Vega	1b5d207131	Fix single name variables on controller folder (#20092) ... Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com> Co-authored-by: Effy Elden <effy@effy.space>	3 years ago
Francis Murillo	5fb1c3e934	Revoke all authorized applications on password reset (#21325) ... * Clear sessions on password change * Rename User::clear_sessions to revoke_access for a clearer meaning * Add reset paassword controller test * Use User.find instead of User.find_for_authentication for reset password test * Use redirect and render for better test meaning in reset password Co-authored-by: Effy Elden <effy@effy.space>	3 years ago
Claire	48e136605a	Fix form-action CSP directive for external login (#20962)	3 years ago
Daniel Axtens	4d85c27d1a	Add 'private' to Cache-Control, match Rails expectations (#20608) ... Several controlers set quite intricate Cache-Control headers in order to hopefully not be cached by any intermediate proxies or local caches. Unfortunately, these headers are processed by ActionDispatch::HTTP::Cache in a way that squashes and discards any values set alongside no-store other than private: 8015c2c2cf/actionpack/lib/action_dispatch/http/cache.rb (L207-L209) We want to preserve no-store on these responses, but we might as well remove parts that are going to be dropped anyway. As many of the endpoints in these controllers are private to a particular user, we should also add "private", which will be preserved alongside no-store.	3 years ago
Claire	1e1289b024	Fix crash when external auth provider has no display_name set (#19962) ... Fixes #19913	3 years ago
Claire	a529d6d93e	Fix invites (#19560) ... Fixes #19507 Fix regression from #19296	3 years ago