dependabot[bot]
028ad4124c
[Security] Bump nokogiri from 1.8.4 to 1.8.5 ( #8881 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.8.4 to 1.8.5. **This update includes security fixes.**
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.8.4...v1.8.5 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-05 04:07:44 +02:00
dependabot[bot]
da8abef56d
Bump fog-openstack, rspec-rails and fog-core ( #8877 )
...
Bumps [fog-openstack](https://github.com/fog/fog-openstack ), [rspec-rails](https://github.com/rspec/rspec-rails ) and [fog-core](https://github.com/fog/fog-core ). These dependencies needed to be updated together.
Updates `fog-openstack` from 0.3.6 to 1.0.3
- [Release notes](https://github.com/fog/fog-openstack/releases )
- [Changelog](https://github.com/fog/fog-openstack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/fog/fog-openstack/compare/v0.3.6...v1.0.3 )
Updates `rspec-rails` from 3.7.2 to 3.8.0
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.7.2...v3.8.0 )
Updates `fog-core` from 1.45.0 to 2.1.2
- [Release notes](https://github.com/fog/fog-core/releases )
- [Changelog](https://github.com/fog/fog-core/blob/master/changelog.md )
- [Commits](https://github.com/fog/fog-core/compare/v1.45.0...v2.1.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 15:35:18 +02:00
dependabot[bot]
928102284a
Bump webmock from 3.3.0 to 3.4.2 ( #8874 )
...
Bumps [webmock](https://github.com/bblimke/webmock ) from 3.3.0 to 3.4.2.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.3.0...v3.4.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:34:17 +02:00
dependabot[bot]
10f7916f37
Bump fuubar from 2.3.1 to 2.3.2 ( #8875 )
...
Bumps [fuubar](https://github.com/thekompanee/fuubar ) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/thekompanee/fuubar/releases )
- [Changelog](https://github.com/thekompanee/fuubar/blob/master/CHANGELOG.md )
- [Commits](https://github.com/thekompanee/fuubar/compare/releases/v2.3.1...releases/v2.3.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:33:02 +02:00
dependabot[bot]
b70de2cf69
Bump http from 3.2.0 to 3.3.0 ( #8871 )
...
Bumps [http](https://github.com/httprb/http ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/httprb/http/releases )
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md )
- [Commits](https://github.com/httprb/http/compare/v3.2.0...v3.3.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:32:26 +02:00
dependabot[bot]
ebb3631216
Bump brakeman from 4.2.1 to 4.3.1 ( #8872 )
...
Bumps [brakeman](https://github.com/presidentbeef/brakeman ) from 4.2.1 to 4.3.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases )
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md )
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.2.1...v4.3.1 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 12:31:22 +02:00
dependabot[bot]
ad459ab837
Bump fog-openstack from 0.1.25 to 0.3.6 ( #8860 )
...
Bumps [fog-openstack](https://github.com/fog/fog-openstack ) from 0.1.25 to 0.3.6.
- [Release notes](https://github.com/fog/fog-openstack/releases )
- [Changelog](https://github.com/fog/fog-openstack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/fog/fog-openstack/compare/v0.1.25...v0.3.6 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 01:07:13 +02:00
dependabot[bot]
941c9d0d42
Bump aws-sdk-s3 from 1.9.1 to 1.20.0 ( #8848 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.9.1 to 1.20.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-04 01:06:54 +02:00
dependabot[bot]
3b6ab82db7
Bump capybara from 2.18.0 to 3.8.2 ( #8858 )
...
Bumps [capybara](https://github.com/teamcapybara/capybara ) from 2.18.0 to 3.8.2.
- [Release notes](https://github.com/teamcapybara/capybara/releases )
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md )
- [Commits](https://github.com/teamcapybara/capybara/compare/2.18.0...3.8.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:24:48 +02:00
dependabot[bot]
c62b88e3f2
Bump derailed_benchmarks from 1.3.4 to 1.3.5 ( #8857 )
...
Bumps [derailed_benchmarks](https://github.com/schneems/derailed_benchmarks ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/schneems/derailed_benchmarks/releases )
- [Changelog](https://github.com/schneems/derailed_benchmarks/blob/master/CHANGELOG.md )
- [Commits](https://github.com/schneems/derailed_benchmarks/compare/v1.3.4...v1.3.5 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:22:06 +02:00
dependabot[bot]
58410a54b0
Bump capistrano-rbenv from 2.1.3 to 2.1.4 ( #8859 )
...
Bumps [capistrano-rbenv](https://github.com/capistrano/rbenv ) from 2.1.3 to 2.1.4.
- [Release notes](https://github.com/capistrano/rbenv/releases )
- [Changelog](https://github.com/capistrano/rbenv/blob/master/CHANGELOG.md )
- [Commits](https://github.com/capistrano/rbenv/compare/v2.1.3...v2.1.4 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:21:30 +02:00
dependabot[bot]
730f196b96
Bump pg from 1.0.0 to 1.1.3 ( #8856 )
...
Bumps [pg](https://bitbucket.org/ged/ruby-pg ) from 1.0.0 to 1.1.3.
- [Changelog](https://bitbucket.org/ged/ruby-pg/src/master/History.rdoc )
- [Commits](https://bitbucket.org/ged/ruby-pg/branches/compare/v1.1.3..v1.0.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 15:20:56 +02:00
dependabot[bot]
53275b949e
Bump httplog from 1.0.2 to 1.1.1 ( #8839 )
...
Bumps [httplog](https://github.com/trusche/httplog ) from 1.0.2 to 1.1.1.
- [Release notes](https://github.com/trusche/httplog/releases )
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md )
- [Commits](https://github.com/trusche/httplog/compare/v1.0.2...v1.1.1 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-03 04:56:00 +02:00
dependabot[bot]
3f62b119e4
Bump rubocop from 0.55.0 to 0.59.2 ( #8849 )
...
Bumps [rubocop](https://github.com/rubocop-hq/rubocop ) from 0.55.0 to 0.59.2.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases )
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.55.0...v0.59.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 20:16:51 +02:00
dependabot[bot]
d19b625394
Bump redis from 4.0.1 to 4.0.2 ( #8850 )
...
Bumps [redis](https://github.com/redis/redis-rb ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/redis/redis-rb/releases )
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md )
- [Commits](https://github.com/redis/redis-rb/compare/v4.0.1...v4.0.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 20:16:05 +02:00
dependabot[bot]
3dac956587
Bump fastimage from 2.1.1 to 2.1.4 ( #8847 )
...
Bumps [fastimage](https://github.com/sdsykes/fastimage ) from 2.1.1 to 2.1.4.
- [Release notes](https://github.com/sdsykes/fastimage/releases )
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.1.1...v2.1.4 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 17:20:52 +09:00
dependabot[bot]
b95d944625
Bump webpush from 0.3.3 to 0.3.4 ( #8846 )
...
Bumps [webpush](https://github.com/zaru/webpush ) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/zaru/webpush/releases )
- [Commits](https://github.com/zaru/webpush/compare/v0.3.3...v0.3.4 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-02 15:37:28 +09:00
dependabot[bot]
194ad2c90b
Bump rack-attack from 5.2.0 to 5.4.1 ( #8838 )
...
Bumps [rack-attack](https://github.com/kickstarter/rack-attack ) from 5.2.0 to 5.4.1.
- [Release notes](https://github.com/kickstarter/rack-attack/releases )
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kickstarter/rack-attack/compare/v5.2.0...v5.4.1 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 22:49:26 +02:00
Grey Baker
3a2f007eb0
Promote colorize to top-level dependency ( #8844 )
2018-10-02 05:34:25 +09:00
dependabot[bot]
793fb7499d
Bump annotate from 2.7.3 to 2.7.4 ( #8840 )
...
Bumps [annotate](https://github.com/ctran/annotate_models ) from 2.7.3 to 2.7.4.
- [Release notes](https://github.com/ctran/annotate_models/releases )
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.rdoc )
- [Commits](https://github.com/ctran/annotate_models/compare/v2.7.3...v2.7.4 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 14:10:07 +02:00
dependabot[bot]
746da5ccda
Bump ox from 2.9.2 to 2.10.0 ( #8837 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.9.2 to 2.10.0.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.9.2...v2.10.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-10-01 14:08:33 +02:00
dependabot[bot]
e02c45941d
Bump strong_migrations from 0.2.2 to 0.2.3 ( #8818 )
...
Bumps [strong_migrations](https://github.com/ankane/strong_migrations ) from 0.2.2 to 0.2.3.
- [Release notes](https://github.com/ankane/strong_migrations/releases )
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.2.2...v0.2.3 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:35:44 +02:00
dependabot[bot]
5da51771cd
Bump oj from 3.5.1 to 3.6.11 ( #8815 )
...
Bumps [oj](https://github.com/ohler55/oj ) from 3.5.1 to 3.6.11.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.5.1...v3.6.11 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:34:31 +02:00
dependabot[bot]
b6985482f7
Bump bootsnap from 1.3.0 to 1.3.2 ( #8816 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.3.0 to 1.3.2.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.3.0...v1.3.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:33:10 +02:00
dependabot[bot]
ec745b32de
Bump simple_form from 4.0.0 to 4.0.1 ( #8814 )
...
Bumps [simple_form](https://github.com/plataformatec/simple_form ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/plataformatec/simple_form/releases )
- [Changelog](https://github.com/plataformatec/simple_form/blob/master/CHANGELOG.md )
- [Commits](https://github.com/plataformatec/simple_form/compare/v4.0.0...v4.0.1 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-28 13:32:40 +02:00
dependabot[bot]
e046a987f6
Bump capistrano from 3.10.2 to 3.11.0 ( #8801 )
...
Bumps [capistrano](https://github.com/capistrano/capistrano ) from 3.10.2 to 3.11.0.
- [Release notes](https://github.com/capistrano/capistrano/releases )
- [Changelog](https://github.com/capistrano/capistrano/blob/master/CHANGELOG.md )
- [Commits](https://github.com/capistrano/capistrano/compare/v3.10.2...v3.11.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 18:24:06 +02:00
dependabot[bot]
20a87b2c7f
Bump stackprof from 0.2.11 to 0.2.12 ( #8803 )
...
Bumps [stackprof](https://github.com/tmm1/stackprof ) from 0.2.11 to 0.2.12.
- [Release notes](https://github.com/tmm1/stackprof/releases )
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md )
- [Commits](https://github.com/tmm1/stackprof/commits )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 17:11:54 +02:00
dependabot[bot]
1cb8600a45
Bump tty-command from 0.8.0 to 0.8.2 ( #8802 )
...
Bumps [tty-command](https://github.com/piotrmurach/tty-command ) from 0.8.0 to 0.8.2.
- [Release notes](https://github.com/piotrmurach/tty-command/releases )
- [Changelog](https://github.com/piotrmurach/tty-command/blob/master/CHANGELOG.md )
- [Commits](https://github.com/piotrmurach/tty-command/compare/v0.8.0...v0.8.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 17:11:29 +02:00
dependabot[bot]
42ab93c8b2
Bump tzinfo-data from 1.2018.4 to 1.2018.5 ( #8800 )
...
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data ) from 1.2018.4 to 1.2018.5.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases )
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2018.4...v1.2018.5 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 14:59:15 +09:00
dependabot[bot]
7efa3d02c7
Bump sidekiq-scheduler from 2.2.1 to 3.0.0 ( #8789 )
...
Bumps [sidekiq-scheduler](https://github.com/moove-it/sidekiq-scheduler ) from 2.2.1 to 3.0.0.
- [Release notes](https://github.com/moove-it/sidekiq-scheduler/releases )
- [Commits](https://github.com/moove-it/sidekiq-scheduler/compare/v2.2.1...v3.0.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:11:21 +09:00
dependabot[bot]
65e7c6d9b5
Bump tty-prompt from 0.16.0 to 0.17.0 ( #8791 )
...
Bumps [tty-prompt](https://github.com/piotrmurach/tty-prompt ) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/piotrmurach/tty-prompt/releases )
- [Changelog](https://github.com/piotrmurach/tty-prompt/blob/master/CHANGELOG.md )
- [Commits](https://github.com/piotrmurach/tty-prompt/compare/v0.16.0...v0.17.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-27 02:02:38 +09:00
dependabot[bot]
30342c865a
Bump memory_profiler from 0.9.10 to 0.9.11 ( #8790 )
...
Bumps [memory_profiler](https://github.com/SamSaffron/memory_profiler ) from 0.9.10 to 0.9.11.
- [Release notes](https://github.com/SamSaffron/memory_profiler/releases )
- [Changelog](https://github.com/SamSaffron/memory_profiler/blob/master/CHANGELOG.md )
- [Commits](https://github.com/SamSaffron/memory_profiler/compare/v0.9.10...v0.9.11 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 15:06:05 +09:00
dependabot[bot]
3064917881
Bump pkg-config from 1.3.0 to 1.3.1 ( #8788 )
...
Bumps [pkg-config](https://github.com/ruby-gnome2/pkg-config ) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/ruby-gnome2/pkg-config/releases )
- [Changelog](https://github.com/ruby-gnome2/pkg-config/blob/master/NEWS )
- [Commits](https://github.com/ruby-gnome2/pkg-config/compare/1.3.0...1.3.1 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 14:50:02 +09:00
Grey Baker
6e075b9cc4
Bump devise from 4.4.3 to 4.5.0 ( #8778 )
...
Bumps [devise](https://github.com/plataformatec/devise ) from 4.4.3 to 4.5.0.
- [Release notes](https://github.com/plataformatec/devise/releases )
- [Changelog](https://github.com/plataformatec/devise/blob/master/CHANGELOG.md )
- [Commits](https://github.com/plataformatec/devise/compare/v4.4.3...v4.5.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 04:27:53 +09:00
dependabot[bot]
8096df1055
Bump sidekiq from 5.1.3 to 5.2.2 ( #8779 )
...
Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 5.1.3 to 5.2.2.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v5.1.3...v5.2.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:33:00 +02:00
dependabot[bot]
29e2d9e1b7
Bump mime-types from 3.1 to 3.2.2 ( #8781 )
...
Bumps [mime-types](https://github.com/mime-types/ruby-mime-types ) from 3.1 to 3.2.2.
- [Release notes](https://github.com/mime-types/ruby-mime-types/releases )
- [Changelog](https://github.com/mime-types/ruby-mime-types/blob/master/History.md )
- [Commits](https://github.com/mime-types/ruby-mime-types/compare/v3.1...v3.2.2 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:32:37 +02:00
dependabot[bot]
d7f8e2ea41
Bump sanitize from 4.6.4 to 4.6.6 ( #8783 )
...
Bumps [sanitize](https://github.com/rgrove/sanitize ) from 4.6.4 to 4.6.6.
- [Release notes](https://github.com/rgrove/sanitize/releases )
- [Changelog](https://github.com/rgrove/sanitize/blob/master/HISTORY.md )
- [Commits](https://github.com/rgrove/sanitize/compare/v4.6.4...v4.6.6 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-26 03:31:46 +09:00
dependabot[bot]
a7f75485d1
Bump pghero from 2.1.0 to 2.2.0 ( #8782 )
...
Bumps [pghero](https://github.com/ankane/pghero ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/ankane/pghero/releases )
- [Changelog](https://github.com/ankane/pghero/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ankane/pghero/compare/v2.1.0...v2.2.0 )
Signed-off-by: dependabot[bot] <support@dependabot.com>
2018-09-25 20:31:40 +02:00
Eugen Rochko
56efc28189
Update ruby dependencies ( #8743 )
...
* Update ffi to 1.9.25
* Update private_address_check to 0.5.0
2018-09-21 00:42:59 +02:00
Yamagishi Kazutoshi
0ddbccf7e6
Upgrade Babel to version 7.0.0 ( #5925 )
2018-09-14 17:59:48 +02:00
Alexander
64a5561b5a
update devise_pam_authenticatable2, new feature: pam gets ip address of client ( #8623 )
2018-09-14 17:42:45 +02:00
Eugen Rochko
c597249124
Add thor to Gemfile directly ( #8467 )
...
It's a common dependency, but just in case
2018-08-26 20:02:32 +02:00
Alexander
cfe3cd58d6
fix pam authentication for certain hostnames ( #8412 )
2018-08-25 22:35:29 +02:00
Eugen Rochko
b37ae64578
Upgrade Doorkeeper to 5.0.0 ( #8409 )
...
See doorkeeper-gem/doorkeeper#1137
2018-08-24 18:17:11 +02:00
ThibG
f06fa09962
Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote ( #8339 )
...
* Fix uncaching worker
* Revert to using Paperclip's filesystem backend instead of fog-local
fog-local has lots of concurrency issues, causing failure to delete files,
dangling file records, and spurious errors UncacheMediaWorker
2018-08-21 17:53:01 +02:00
ThibG
8ac5e651e1
Upgrade doorkeeper to 4.4.2 ( #8321 )
2018-08-20 22:42:02 +02:00
AkiraFukushima
58ffe3f7c3
Revert "Upgrade Doorkeeper to 4.4.1 ( #8197 )" ( #8231 )
...
* Revert "Upgrade Doorkeeper to 4.4.1 (#8197 )"
This reverts commit 464daffdf9
.
* Except migration files from revert commit
2018-08-19 03:20:37 +02:00
Eugen Rochko
c6eab9e0aa
Add Makara dependency to support read-replicas ( #8216 )
...
Not active by default unless config/database.yml is edited
2018-08-18 21:06:12 +02:00
Eugen Rochko
464daffdf9
Upgrade Doorkeeper to 4.4.1 ( #8197 )
2018-08-14 20:24:47 +02:00
S.H
2aeeffc3ec
Update Rails ( #8141 )
...
* Update Rails
* fix Update Rails
2018-08-12 12:25:23 +02:00
Daigo 3 Dango
cd1b90d223
Update sprockets gem ( #7858 )
...
https://blog.heroku.com/rails-asset-pipeline-vulnerability
2018-06-20 15:22:37 +02:00
Eugen Rochko
1a9124f50b
Update bcrypt to 3.1.12 fix issue with Fedora ( #7845 )
2018-06-19 00:19:17 +02:00
Eugen Rochko
53f0452b70
Remove rack-timeout ( #7809 )
...
Timeout considered harmful due to leaving the app in a broken
state, including unreaped database connections
2018-06-15 19:46:25 +02:00
MIYAGI Hikaru
0b1f88cfd5
Upgrade posix-spawn to master ( #7542 )
2018-05-19 02:20:43 +02:00
MIYAGI Hikaru
6bed372ad2
Fix posix-spawn to version 0.3.12 ( #7517 )
...
Because 0.3.13 causes build error in x86 or other ILP32 environments.
closes #7453
2018-05-16 16:52:19 +02:00
Yamagishi Kazutoshi
f77b11cd10
Update http_parser.rb to head version ( #7467 )
2018-05-13 11:32:46 +02:00
Yamagishi Kazutoshi
4d706f9976
Downgrade doorkeeper to version 4.2.6 ( #7456 )
...
ref https://github.com/doorkeeper-gem/doorkeeper/pull/1060
2018-05-12 12:08:12 +02:00
Yamagishi Kazutoshi
8c35d163a5
Port travis_retry for CI ( #7379 )
...
* Port travis_retry for CI
* Add license
2018-05-06 10:55:50 +02:00
Eugen Rochko
a78b27c7cc
Marginally improve convert/ffmpeg calls performance with posix-spawn ( #7346 )
2018-05-04 13:22:23 +02:00
Shuhei Kitagawa
ab773e4d5f
Add pry-byebug ( #7307 )
2018-05-03 12:08:54 +02:00
Eugen Rochko
cb5b5cb5f7
Slightly reduce RAM usage ( #7301 )
...
* No need to re-require sidekiq plugins, they are required via Gemfile
* Add derailed_benchmarks tool, no need to require TTY gems in Gemfile
* Replace ruby-oembed with FetchOEmbedService
Reduce startup by 45382 allocated objects
* Remove preloaded JSON-LD in favour of caching HTTP responses
Reduce boot RAM by about 6 MiB
* Fix tests
* Fix test suite by stubbing out JSON-LD contexts
2018-05-02 18:58:48 +02:00
Yamagishi Kazutoshi
9613a53cb3
Update dependencies for Ruby (2018-04-23) ( #7237 )
...
* Update annotate to version 2.7.3
* Update aws-sdk-s3 to version 1.9.2
* Update browser to version 2.5.3
* Update capistrano to version 3.10.2
* Update domain_name to version 0.5.20180417
* Update http to version 3.2.0
* Update lograge to version 0.10.0
* Update oj to version 3.5.1
* Update parallel_tests to version 2.21.3
* Update puma to version 3.11.4
* Update rubocop to version 0.55.0
* Update scss_lint to version 0.57.0
* Update simplecov to version 0.16.1
* Update tty-command to version 0.8.0
* Update tty-prompt to version 0.16.0
* Update pkg-config to version 1.3.0
* Update fog-local to version 0.5.0
* Update fog-openstack to version 0.1.25
* Update devise-two-factor to version 3.0.3
* bundle update
2018-04-23 11:29:17 +02:00
Yamagishi Kazutoshi
b438224751
Introduce rspec-retry ( #7206 )
2018-04-20 19:31:30 +02:00
Yamagishi Kazutoshi
50529cbceb
Upgrade Rails to version 5.2.0 ( #5898 )
2018-04-12 14:45:17 +02:00
Alexander
8e88a18316
update gem, test pam authentication ( #7028 )
...
* update gem, test pam authentication
* add description for test parameters
* fix inclusion of optional group
2018-04-11 21:40:38 +02:00
Eugen Rochko
d4de2239b0
Add a circuit breaker for ActivityPub deliveries ( #7053 )
2018-04-07 21:36:58 +02:00
Pierre-Morgan Gate
47cee7cc8e
Upgrade charlock_holmes to version 0.7.6 ( #6966 )
...
This version fixes compilation errors when trying to build its native extension with ICU 61.
2018-03-30 09:52:44 +02:00
Yamagishi Kazutoshi
28384c1771
Revert "Revert "Upgrade Paperclip to version 6.0.0" ( #6807 )" ( #6808 )
...
This reverts commit 40871caa4b
.
2018-03-24 12:52:45 +01:00
Patrick Figel
d97903a358
Update sanitize and loofah ( #6855 )
...
Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS
vulnerabilities present in these gems when built against
libxml2 >= 2.9.2.
2018-03-21 17:43:28 +01:00
Alexander
0306e3e9be
bugfixes and gem update ( #6831 )
...
* update to new version of devise_pam_authenticatable2
* fix behaviour if suffix is nil, fix environment loading, fix user email creation
* code cleanup/fix linter warning
2018-03-19 20:08:56 +01:00
Eugen Rochko
40871caa4b
Revert "Upgrade Paperclip to version 6.0.0" ( #6807 )
...
* Revert "Bump version to 2.3.2rc1"
This reverts commit cdf8b92fea
.
* Revert "Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806 )"
This reverts commit 0074cad44f
.
* Revert "Handle Mastodon::HostValidationError when pulling remoteable assets (#6782 )"
This reverts commit 4a0a19fe54
.
* Revert "Correct the reference to user's password in mastodon:add_user task (#6800 )"
This reverts commit 338bff8b93
.
* Revert "Upgrade Paperclip to version 6.0.0 (#6754 )"
This reverts commit b88fcd53f7
.
2018-03-17 14:20:35 +01:00
Yamagishi Kazutoshi
b88fcd53f7
Upgrade Paperclip to version 6.0.0 ( #6754 )
2018-03-17 12:37:58 +01:00
Yamagishi Kazutoshi
e9e475a29d
Upgrade chewy to version 5.0.0 ( #6649 )
2018-03-06 06:14:26 +01:00
Patrick Figel
e4db0f28d2
Update omniauth-saml to 1.10 ( #6587 )
...
Fixes CVE-2017-11428
2018-03-02 02:32:08 +01:00
Eugen Rochko
47bdb9b33b
Fix #942 : Seamless LDAP login ( #6556 )
2018-02-28 19:04:53 +01:00
masarakki
22a441e374
remove-uglifier ( #6561 )
2018-02-26 16:19:48 +01:00
Akihiko Odaki
2e8a492e88
Raise Mastodon::HostValidationError when host for HTTP request is private ( #6410 )
2018-02-24 19:16:11 +01:00
Eugen Rochko
61ed133fea
Account archive download ( #6460 )
...
* Fix #201 : Account archive download
* Export actor and private key in the archive
* Optimize BackupService
- Add conversation to cached associations of status, because
somehow it was forgotten and is source of N+1 queries
- Explicitly call GC between batches of records being fetched
(Model class allocations are the worst offender)
- Stream media files into the tar in 1MB chunks
(Do not allocate media file (up to 8MB) as string into memory)
- Use #bytesize instead of #size to calculate file size for JSON
(Fix FileOverflow error)
- Segment media into subfolders by status ID because apparently
GIF-to-MP4 media are all named "media.mp4" for some reason
* Keep uniquely generated filename in Paperclip::GifTranscoder
* Ensure dumped files do not overwrite each other by maintaing directory partitions
* Give tar archives a good name
* Add scheduler to remove week-old backups
* Fix code style issue
2018-02-21 23:21:32 +01:00
Eugen Rochko
a7171af0a3
Fix avatar and header issues by using custom geometry detector ( #6515 )
...
* Fix avatar and header issues by using custom geometry detector
Revert a part of #6508 . The file passed to dynamic styles method
was not actually a file, but an instance of Paperclip::Attachment,
which broke all styles by always returning {} from the method.
One problem with GIF avatars was that Paperclip::GeometryDetector
reported wrong dimensions for them, e.g. 120x120 GIF avatar would
for some reason be detected as 120x53. By writing our own geometry
parser, we can use FastImage, which also happens to be faster than
ImageMagick, to detect image dimensions, which are also correct.
Unfortunately, this PR does not implement skipping a `convert`
entirely if the dimensions are already correct, as I found no easy
way to write that behaviour into Paperclip without rewriting the
Paperclip::Thumbnail class.
* Only invoke convert if dimension or format needs to be changed
2018-02-21 03:40:12 +01:00
Eugen Rochko
9dbae6e8a1
Save video metadata and improve video OpenGraph tags ( #6481 )
...
* Save metadata from video attachments, put correct dimensions into OG tags
* Add twitter:player for videos
* Fix code style and test
2018-02-16 07:22:20 +01:00
Eugen Rochko
cf36d184f4
Interactive `rake mastodon:setup` task ( #6451 )
...
* Add better CLI prompt
* Add rake mastodon:setup interactive wizard
* Test db/redis/smtp configurations and add admin user at the end
* Test database connection even when database does not exist yet
2018-02-11 18:40:57 +01:00
Eugen Rochko
3ebc0ad4d3
Full-text search for authorized statuses ( #6423 )
...
* Add full-text search for authorized statuses
- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index
Fix #5880
Fix #4293
Fix #1152
* Add commented out docker-compose configuration for ES container
* Optimize index import, filter search results
* Add basic normalization to the index
* Add better stemming and normalization to the index
* Skip webfinger request if search query includes both @ and a space
* Fix code style
* Visually separate search result sections
* Fix code style issues
2018-02-09 23:04:47 +01:00
Eugen Rochko
26f21fd5a0
CAS + SAML authentication feature ( #6425 )
...
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
2018-02-04 05:42:13 +01:00
Alexander
04fef7b888
pam authentication ( #5303 )
...
* add pam support, without extra column
* bugfixes for pam login
* document options
* fix code style
* fix codestyle
* fix tests
* don't call remember_me without password
* fix codestyle
* improve checks for pam usage (should fix tests)
* fix remember_me part 1
* add remember_token column because :rememberable requires either a password or this column.
* migrate db for remember_token
* move pam_authentication to the right place, fix logic bug in edit.html.haml
* fix tests
* fix pam authentication, improve username lookup, add comment
* valid? is sometimes not honored, return nil instead trying to authenticate with pam
* update devise_pam_authenticatable2 and adjust code. Fixes sideeffects observed in tests
* update devise_pam_authenticatable gem, fixes for codeconventions, fix finding user
* codeconvention fixes
* code convention fixes
* fix idention
* update dependency, explicit conflict check
* fix disabled password updates if in pam mode
* fix check password if password is present, fix templates
* block registration if account is maintained by pam
* Revert "block registration if account is maintained by pam"
This reverts commit 8e7a083d650240b6fac414926744b4b90b435f20.
* fix identation error introduced by rebase
* block usernames maintained by pam
* document pam settings better
* fix code style
2018-02-02 10:18:55 +01:00
Rob Watson
f4bd51da1e
Upgrade Paperclip > 5.2.1 ( #6404 )
...
Mitigation for CVE-2017-0889.
https://www.cvedetails.com/cve/CVE-2017-0889/
https://medium.com/in-the-weeds/all-about-paperclips-cve-2017-0889-server-side-request-forgery-ssrf-vulnerability-8cb2b1c96fe8
2018-02-01 17:54:22 +01:00
Eugen Rochko
d966878e87
Update goldfinger, ostatus2 and http.rb versions ( #6337 )
2018-01-23 14:30:42 +01:00
Aboobacker MK
112b1fa265
Redirect to 2FA creation page when otp_secret is not available ( #6314 )
2018-01-21 13:21:28 +01:00
Yamagishi Kazutoshi
7233ac07d2
Add support Ruby v2.5.0 ( #6097 )
2018-01-19 20:53:30 +01:00
Eugen Rochko
5276c0a090
HTML e-mails for UserMailer ( #6256 )
...
- premailer gem to turn CSS into inline styles automatically
- rework UserMailer templates
- reword UserMailer templates
2018-01-16 03:29:11 +01:00
Eugen Rochko
ff924f95bb
Fix OpenSSL dependency in ostatus2 ( #6174 )
2018-01-04 10:56:00 +09:00
Patrick Figel
04ecf44c2f
Add confirmation step for email changes ( #6071 )
...
* Add confirmation step for email changes
This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.
Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.
Fixes #3871
* Add review fixes
2018-01-02 16:55:00 +01:00
beatrix
127bfda521
add ruby-progressbar to gemfile ( fixes #6110 ) ( #6111 )
2017-12-26 18:43:52 +01:00
Yamagishi Kazutoshi
b0db4dad79
Revert fog-aws (ref #5604 ) ( #5934 )
2017-12-09 00:47:52 +01:00
Eugen Rochko
42bcbd36b7
Remove rabl dependency ( #5894 )
...
* Remove rabl dependency
* Replicate old Oj configuration
2017-12-06 15:04:49 +09:00
Yamagishi Kazutoshi
dd23ae031f
Update dependencies for Ruby (2017-12-03) ( #5878 )
...
* Update active_model_serializers to version 0.10.7
* Update capistrano-rails to version 1.3.1
* Update capistrano-rbenv to version 2.1.3
* Update capybara to version 2.16.1
* Update devise-two-factor to version 3.0.2
* Update i18n-tasks to version 0.8.19
* Update ox to version 2.8.2
* Update parallel_tests to version 2.19.0
* Update puma to version 3.11.0
* Update redis-namespace to version 1.6.0
* Update rspec-rails to version 3.7.2
* Update scss_lint to version 0.56.0
* Update webmock to version 3.1.1
* Update webpush to version 0.3.3
* bundle update
2017-12-03 16:55:27 +01:00
Yamagishi Kazutoshi
47b0c61853
Unify file upload to using fog ( #5604 )
2017-11-07 14:30:31 +01:00
K.SHIRAKASHI
47d56438da
Revert ruby-jwt version ( #5575 )
...
jwt 2.1.0 still does not work well.
ref. https://github.com/zaru/webpush/issues/42
2017-11-01 00:47:35 +09:00
Yamagishi Kazutoshi
a2a4bf4e78
Update dependencies for Ruby (2017-10-30) ( #5566 )
...
* Update better_errors to version 2.4.0
* Update binding_of_caller to version 0.7.3
* Update bootsnap to version 1.1.5
* Update browser to version 2.5.2
* Update capistrano to version 3.10.0
* Update capistrano-bundler to version 1.3.0
* Update capistrano-rbenv to version 2.1.2
* Update capybara to version 2.15.4
* Update cld3 to version 3.2.1
* Update fabrication to version 2.18.0
* Update fog-openstack to version 0.1.22
* Update kaminari to version 1.1.1
* Update lograge to version 0.7.1
* Update nokogiri to version 1.8.1
* Update oj to version 3.3.9
* Update ox to version 2.8.1
* Update parallel_tests to version 2.17.0
* Update pkg-config to version 1.2.8
* Update rspec-rails to version 3.7.1
* Update rubocop to version 0.51.0
* Update scss_lint to version 0.55.0
* Update sidekiq to version 5.0.5
* Update sidekiq-scheduler to version 2.1.10
* Update tzinfo-data to version 1.2017.3
* Update webpacker to version 3.0.2
* bundle update
2017-10-31 12:22:32 +01:00
abcang
2eab41cd1a
Close connection when succeeded posting ( #5390 )
...
* Close connection when succeeded posting
* Update webmock
2017-10-14 14:38:57 +02:00
Eugen Rochko
35a8cafa35
Replace self-rolled statsd instrumention with localshred/nsa ( #5118 )
2017-09-29 03:16:44 +02:00