Leatherface/mastodon
0
0
Fork 0
mirror of https://github.com/glitch-soc/mastodon.git synced 2026-03-29 03:00:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3346 from ClearlyClaire/glitch-soc/merge-upstream

Browse Source 
Merge upstream changes up to 19bc3e76ea
This commit is contained in:
Claire
2026-01-13 20:16:29 +01:00
committed by GitHub
parent 7f98a6703e aa83f94ac1
commit 46df08b3a4
17 changed files with 164 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
Gemfile.lock
View File

@@ -96,8 +96,8 @@ GEM
ast (2.4.3)
attr_required (1.0.2)
aws-eventstream (1.4.0)
aws-partitions (1.1200.0)
aws-sdk-core (3.240.0)
aws-partitions (1.1201.0)
aws-sdk-core (3.241.3)
aws-eventstream (~> 1, >= 1.3.0)
aws-partitions (~> 1, >= 1.992.0)
aws-sigv4 (~> 1.9)
@@ -105,11 +105,11 @@ GEM
bigdecimal
jmespath (~> 1, >= 1.6.1)
logger
aws-sdk-kms (1.118.0)
aws-sdk-core (~> 3, >= 3.239.1)
aws-sdk-kms (1.120.0)
aws-sdk-core (~> 3, >= 3.241.3)
aws-sigv4 (~> 1.5)
aws-sdk-s3 (1.209.0)
aws-sdk-core (~> 3, >= 3.234.0)
aws-sdk-s3 (1.211.0)
aws-sdk-core (~> 3, >= 3.241.3)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.5)
aws-sigv4 (1.12.1)
@@ -752,7 +752,7 @@ GEM
rspec-mocks (~> 3.0)
sidekiq (>= 5, < 9)
rspec-support (3.13.6)
rubocop (1.81.7)
rubocop (1.82.1)
json (~> 2.3)
language_server-protocol (~> 3.17.0.2)
lint_roller (~> 1.1.0)
@@ -760,7 +760,7 @@ GEM
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 2.9.3, < 3.0)
rubocop-ast (>= 1.47.1, < 2.0)
rubocop-ast (>= 1.48.0, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 4.0)
rubocop-ast (1.49.0)
@@ -782,7 +782,7 @@ GEM
rack (>= 1.1)
rubocop (>= 1.75.0, < 2.0)
rubocop-ast (>= 1.44.0, < 2.0)
rubocop-rspec (3.8.0)
rubocop-rspec (3.9.0)
lint_roller (~> 1.1)
rubocop (~> 1.81)
rubocop-rspec_rails (2.32.0)

17
app/helpers/theme_helper.rb
View File

@@ -1,9 +1,24 @@
# frozen_string_literal: true
module ThemeHelper
def javascript_inline_tag(path)
entry = InlineScriptManager.instance.file(path)
# Only add hash if we don't allow arbitrary includes already, otherwise it's going
# to break the React Tools browser extension or other inline scripts
unless Rails.env.development? && request.content_security_policy.dup.script_src.include?("'unsafe-inline'")
request.content_security_policy = request.content_security_policy.clone.tap do |policy|
values = policy.script_src
values << "'sha256-#{entry[:digest]}'"
policy.script_src(*values)
end
end
content_tag(:script, entry[:contents], type: 'text/javascript')
end
def theme_style_tags(flavour_and_skin)
flavour, theme = flavour_and_skin
if theme == 'system'
''.html_safe.tap do |tags|
tags << vite_stylesheet_tag("skins/#{flavour}/mastodon-light", type: :virtual, media: 'not all and (prefers-color-scheme: dark)', crossorigin: 'anonymous')

2
app/javascript/flavours/glitch/features/ui/components/media_modal.tsx
View File

@@ -85,7 +85,7 @@ export const MediaModal: FC<MediaModalProps> = forwardRef<
setIndex(newIndex);
setZoomedIn(false);
if (animate) {
void api.start({ x: `-${newIndex * 100}%` });
void api.start({ x: `calc(-${newIndex * 100}% + 0px)` });
}
},
[api, media.size],

17
app/javascript/flavours/glitch/utils/environment.ts
View File

@@ -12,8 +12,21 @@ export function isProduction() {
else return import.meta.env.PROD;
}
export type Features = 'fasp' | 'http_message_signatures';
export type ServerFeatures = 'fasp';
export function isFeatureEnabled(feature: Features) {
export function isServerFeatureEnabled(feature: ServerFeatures) {
return initialState?.features.includes(feature) ?? false;
}
type ClientFeatures = 'profile_redesign';
export function isClientFeatureEnabled(feature: ClientFeatures) {
try {
const features =
window.localStorage.getItem('experiments')?.split(',') ?? [];
return features.includes(feature);
} catch (err) {
console.warn('Could not access localStorage to get client features', err);
return false;
}
}

8
app/javascript/flavours/glitch/utils/theme.ts
View File

@@ -5,9 +5,7 @@ export function getUserTheme() {
export function isDarkMode() {
const { userTheme } = document.documentElement.dataset;
return (
(userTheme === 'system' &&
window.matchMedia('(prefers-color-scheme: dark)').matches) ||
userTheme !== 'mastodon-light'
);
return userTheme === 'system'
? window.matchMedia('(prefers-color-scheme: dark)').matches
: userTheme !== 'mastodon-light';
}

23
app/javascript/inline/theme-selection.js Normal file
View File

@@ -0,0 +1,23 @@
(function (element) {
const {userTheme} = element.dataset;
const colorSchemeMediaWatcher = window.matchMedia('(prefers-color-scheme: dark)');
const contrastMediaWatcher = window.matchMedia('(prefers-contrast: more)');
const updateColorScheme = () => {
const useDarkMode = userTheme === 'system' ? colorSchemeMediaWatcher.matches : userTheme !== 'mastodon-light';
element.dataset.mode = useDarkMode ? 'dark' : 'light';
};
const updateContrast = () => {
const useHighContrast = userTheme === 'contrast' || contrastMediaWatcher.matches;
element.dataset.contrast = useHighContrast ? 'high' : 'default';
}
colorSchemeMediaWatcher.addEventListener('change', updateColorScheme);
contrastMediaWatcher.addEventListener('change', updateContrast);
updateColorScheme();
updateContrast();
})(document.documentElement);

2
app/javascript/mastodon/features/ui/components/media_modal.tsx
View File

@@ -85,7 +85,7 @@ export const MediaModal: FC<MediaModalProps> = forwardRef<
setIndex(newIndex);
setZoomedIn(false);
if (animate) {
void api.start({ x: `-${newIndex * 100}%` });
void api.start({ x: `calc(-${newIndex * 100}% + 0px)` });
}
},
[api, media.size],

17
app/javascript/mastodon/utils/environment.ts
View File

@@ -12,8 +12,21 @@ export function isProduction() {
else return import.meta.env.PROD;
}
export type Features = 'fasp' | 'http_message_signatures';
export type ServerFeatures = 'fasp';
export function isFeatureEnabled(feature: Features) {
export function isServerFeatureEnabled(feature: ServerFeatures) {
return initialState?.features.includes(feature) ?? false;
}
type ClientFeatures = 'profile_redesign';
export function isClientFeatureEnabled(feature: ClientFeatures) {
try {
const features =
window.localStorage.getItem('experiments')?.split(',') ?? [];
return features.includes(feature);
} catch (err) {
console.warn('Could not access localStorage to get client features', err);
return false;
}
}

8
app/javascript/mastodon/utils/theme.ts
View File

@@ -5,9 +5,7 @@ export function getUserTheme() {
export function isDarkMode() {
const { userTheme } = document.documentElement.dataset;
return (
(userTheme === 'system' &&
window.matchMedia('(prefers-color-scheme: dark)').matches) ||
userTheme !== 'mastodon-light'
);
return userTheme === 'system'
? window.matchMedia('(prefers-color-scheme: dark)').matches
: userTheme !== 'mastodon-light';
}

31
app/lib/inline_script_manager.rb Normal file
View File

@@ -0,0 +1,31 @@
# frozen_string_literal: true
require 'singleton'
class InlineScriptManager
include Singleton
include ActionView::Helpers::TagHelper
include ActionView::Helpers::JavaScriptHelper
def initialize
@cached_files = {}
end
def file(name)
@cached_files[name] ||= load_file(name)
end
private
def load_file(name)
path = Pathname.new(name).cleanpath
raise ArgumentError, "Invalid inline javascript path: #{path}" if path.to_s.start_with?('..')
path = Rails.root.join('app', 'javascript', 'inline', path)
contents = javascript_cdata_section(path.read)
digest = Digest::SHA256.base64digest(contents)
{ contents:, digest: }
end
end

15
app/services/fetch_resource_service.rb
View File

@@ -58,13 +58,7 @@ class FetchResourceService < BaseService
[@url, { prefetched_body: body }]
elsif !terminal
link_header = response['Link'] && parse_link_header(response)
if link_header&.find_link(%w(rel alternate))
process_link_headers(link_header)
elsif response.mime_type == 'text/html'
process_html(response)
end
process_link_headers(response) || process_html(response)
end
end
@@ -73,13 +67,18 @@ class FetchResourceService < BaseService
end
def process_html(response)
return unless response.mime_type == 'text/html'
page = Nokogiri::HTML5(response.body_with_limit)
json_link = page.xpath('//link[nokogiri:link_rel_include(@rel, "alternate")]', NokogiriHandler).find { |link| ACTIVITY_STREAM_LINK_TYPES.include?(link['type']) }
process(json_link['href'], terminal: true) unless json_link.nil?
end
def process_link_headers(link_header)
def process_link_headers(response)
link_header = response['Link'] && parse_link_header(response)
return if link_header.nil?
json_link = link_header.find_link(%w(rel alternate), %w(type application/activity+json)) || link_header.find_link(%w(rel alternate), ['type', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'])
process(json_link.href, terminal: true) unless json_link.nil?

1
app/views/layouts/application.html.haml
View File

@@ -20,6 +20,7 @@
- if use_mask_icon?
%link{ rel: 'mask-icon', href: frontend_asset_path('images/logo-symbol-icon.svg'), color: '#6364FF' }/
%link{ rel: 'manifest', href: manifest_path(format: :json) }/
= javascript_inline_tag 'theme-selection.js'
= theme_color_tags current_theme
%meta{ name: 'mobile-web-app-capable', content: 'yes' }/

12
app/workers/activitypub/delivery_worker.rb
View File

@@ -38,7 +38,7 @@ class ActivityPub::DeliveryWorker
if @inbox_url.present?
if @performed
failure_tracker.track_success!
else
elsif !@unsalvageable
failure_tracker.track_failure!
end
end
@@ -62,9 +62,13 @@ class ActivityPub::DeliveryWorker
stoplight_wrapper.run do
request_pool.with(@host) do |http_client|
build_request(http_client).perform do |response|
raise Mastodon::UnexpectedResponseError, response unless response_successful?(response) || response_error_unsalvageable?(response) || unsalvageable_authorization_failure?(response)
@performed = true
if response_successful?(response)
@performed = true
elsif response_error_unsalvageable?(response) || unsalvageable_authorization_failure?(response)
@unsalvageable = true
else
raise Mastodon::UnexpectedResponseError, response
end
end
end
end

36
app/workers/move_worker.rb
View File

@@ -45,30 +45,34 @@ class MoveWorker
end
# Then handle accounts that follow both the old and new account
@source_account.passive_relationships
.where(account: Account.local)
.where(account: @target_account.followers.local)
.in_batches do |follows|
ListAccount.where(follow: follows).includes(:list).find_each do |list_account|
list_account.list.accounts << @target_account
rescue ActiveRecord::RecordInvalid
nil
end
source_local_followers
.where(account: @target_account.followers.local)
.in_batches do |follows|
ListAccount.where(follow: follows).includes(:list).find_each do |list_account|
list_account.list.accounts << @target_account
rescue ActiveRecord::RecordInvalid
nil
end
end
# Finally, handle the common case of accounts not following the new account
@source_account.passive_relationships
.where(account: Account.local)
.where.not(account: @target_account.followers.local)
.where.not(account_id: @target_account.id)
.in_batches do |follows|
ListAccount.where(follow: follows).in_batches.update_all(account_id: @target_account.id)
num_moved += follows.update_all(target_account_id: @target_account.id)
source_local_followers
.where.not(account: @target_account.followers.local)
.where.not(account_id: @target_account.id)
.in_batches do |follows|
ListAccount.where(follow: follows).in_batches.update_all(account_id: @target_account.id)
num_moved += follows.update_all(target_account_id: @target_account.id)
end
num_moved
end
def source_local_followers
@source_account
.passive_relationships
.where(account: Account.local)
end
def queue_follow_unfollows!
bypass_locked = @target_account.local?

3
lib/paperclip/attachment_extensions.rb
View File

@@ -16,8 +16,7 @@ module Paperclip
# if we're processing the original, close + unlink the source tempfile
intermediate_files << original if name == :original
@queued_for_write[name] = style.processors
.inject(original) do |file, processor|
@queued_for_write[name] = style.processors.inject(original) do |file, processor|
file = Paperclip.processor(processor).make(file, style.processor_options, self)
intermediate_files << file unless file == original
file

9
spec/requests/api/v1/statuses_spec.rb
View File

@@ -508,6 +508,15 @@ RSpec.describe '/api/v1/statuses' do
.to start_with('application/json')
end
end
context 'when status has non-default quote policy and param is omitted' do
let(:status) { Fabricate(:status, account: user.account, quote_approval_policy: 'nobody') }
it 'preserves existing quote approval policy' do
expect { subject }
.to_not(change { status.reload.quote_approval_policy })
end
end
end
end

2
spec/requests/content_security_policy_spec.rb
View File

@@ -32,7 +32,7 @@ RSpec.describe 'Content-Security-Policy' do
img-src 'self' data: blob: #{local_domain}
manifest-src 'self' #{local_domain}
media-src 'self' data: #{local_domain}
script-src 'self' #{local_domain} 'wasm-unsafe-eval'
script-src 'self' #{local_domain} 'wasm-unsafe-eval' 'sha256-Q/2Cjx8v06hAdOF8/DeBUpsmBcSj7sLN3I/WpTF8T8c='
style-src 'self' #{local_domain} 'nonce-ZbA+JmE7+bK8F5qvADZHuQ=='
worker-src 'self' blob: #{local_domain}
CSP