Commit graph

1990 commits

Author SHA1 Message Date
7318b74ebf
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile.lock
#	app/models/notification.rb
#	config/locales/simple_form.de.yml
2023-03-05 12:34:16 +01:00
Claire
4ed09276d5 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end of the file, while glitch-soc had its own
  extra lines.
  Took upstream's change.
- `CONTRIBUTING.md`:
  We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes.
  Ported upstream changes.
- `app/controllers/application_controller.rb`:
  Upstream made code style changes in a method that is entirely replaced
  in glitch-soc.
  Ignored the change.
- `app/models/account.rb`:
  Code style changes textually close to glitch-soc-specific changes.
  Ported upstream changes.
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream code style changes.
  Ignored them.
2023-02-25 14:00:40 +01:00
dependabot[bot]
4b964fa605
Bump devise from 4.8.1 to 4.9.0 (#23691)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-21 10:41:28 +01:00
dependabot[bot]
fbbf5c4841
Bump capistrano from 3.17.1 to 3.17.2 (#23775)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-21 09:29:07 +01:00
0e634397c3
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	Gemfile.lock
2023-02-21 00:40:08 +01:00
Claire
7452a95998 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/dependabot.yml`:
  Upstream made changes while we have dropped this file.
  Keep the file deleted.
- `.prettierignore`:
  Upstream made changes at the end of the file, where we
  had our extra lines.
  Just moved our extra lines back at the end.
- `app/serializers/initial_state_serializer.rb`:
  Upstream code style changes.
  Applied them.
- `app/services/backup_service.rb`:
  Upstream code style changes.
  Applied them.
2023-02-19 10:42:55 +01:00
4a6cc45f9d
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile
#	Gemfile.lock
#	config/sidekiq.yml
2023-02-18 22:38:53 +01:00
dependabot[bot]
49b9ef0c1e
Bump oj from 3.13.23 to 3.14.2 (#23560)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-18 14:21:10 +09:00
dependabot[bot]
7cf3430e63
Bump webauthn from 2.5.2 to 3.0.0 (#23659)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-17 10:06:24 +01:00
6ef68d4106
Update and fix dependencies 2023-02-17 00:29:06 +01:00
8de39432a9
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	Gemfile.lock
#	app/javascript/flavours/glitch/actions/interactions.js
#	config/initializers/rack_attack.rb
#	config/locales/en_GB.yml
2023-02-17 00:26:21 +01:00
Aaron Patterson
fb8503e861
Upgrade to Ruby 3.2 (#22928)
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-15 08:30:27 +01:00
dependabot[bot]
737fbe5c02
Bump nokogiri from 1.14.1 to 1.14.2 (#23577)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-14 09:11:51 +01:00
dependabot[bot]
7bc946e8da
Bump aws-sdk-s3 from 1.119.0 to 1.119.1 (#23586)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-14 09:07:12 +01:00
Claire
ce84d163cc Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.prettierignore`:
  Upstream added a line at the end, glitch-soc had extra entries at the end.
  Added upstream's new line before glitch-soc's.
- `Gemfile.lock`:
  Upstream updated dependencies while glitch-soc has an extra one (hcaptcha).
  Updated dependencies like upstream did.
- `app/controllers/api/v1/statuses_controller.rb`:
  Not a real conflict, upstream added a parameter (`allowed_mentions`) where
  glitch-soc already had an extra one (`content_type`).
  Added upstream's new parameter.
- `app/javascript/styles/fonts/roboto-mono.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
- `app/javascript/styles/fonts/roboto.scss`:
  A lot of lines were changed upstream due to code style changes, and a lot
  of those lines had path changes to accomodate glitch-soc's theming system.
  Applied upstream's style changes.
2023-02-13 19:35:35 +01:00
Shlee
c84f38abc4
chewy from 7.2.4 to 7.2.7 (#23572) 2023-02-13 16:33:34 +01:00
Stan Hu
f553b064e0
Switch OpenID Connect gems (#23223)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13 15:47:50 +01:00
dependabot[bot]
93d7c26fa5
Bump rubocop from 1.44.1 to 1.45.1 (#23523)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 14:38:43 +01:00
Claire
cc92c65d83
Add dependency on net-http (#23571) 2023-02-13 14:36:07 +01:00
dependabot[bot]
66f2ad483c
Bump sidekiq-scheduler from 5.0.0 to 5.0.1 (#23569)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 13:55:55 +01:00
dependabot[bot]
31352f0d2c
Bump sidekiq-scheduler from 4.0.3 to 5.0.0 (#23212)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13 13:31:42 +01:00
Nick Schonning
7c5d396fca
Replace hamlit-rails with haml-rails (#23542) 2023-02-13 04:59:30 +01:00
Eugen Rochko
e7b81d7d96
Bump blurhash from 0.1.6 to 0.1.7 (#23517) 2023-02-11 04:02:07 +01:00
Claire
85558a5e18 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `README.md`:
  Minor upstream change, our README is completely different.
  Kept ours.
- `lib/tasks/assets.rake`:
  glitch-soc has extra code to deal with its theming system,
  upstream changed a line that exists in glitch-soc.
  Applied upstream changes.
2023-02-09 12:46:12 +01:00
dependabot[bot]
e559d1e672
Bump rubocop-performance from 1.15.2 to 1.16.0 (#23418)
Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/rubocop/rubocop-performance/releases)
- [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.15.2...v1.16.0)

---
updated-dependencies:
- dependency-name: rubocop-performance
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:40:36 +09:00
dependabot[bot]
ea4ff7e786
Bump doorkeeper from 5.6.3 to 5.6.4 (#23422)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.3 to 5.6.4.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.3...v5.6.4)

---
updated-dependencies:
- dependency-name: doorkeeper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:39:37 +09:00
dependabot[bot]
fb7919e4ec
Bump webpacker from 5.4.3 to 5.4.4 (#23424)
Bumps [webpacker](https://github.com/rails/webpacker) from 5.4.3 to 5.4.4.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v5.4.3...v5.4.4)

---
updated-dependencies:
- dependency-name: webpacker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:39:02 +09:00
dependabot[bot]
4f14957723
Bump faker from 3.1.0 to 3.1.1 (#23425)
Bumps [faker](https://github.com/faker-ruby/faker) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: faker
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:38:30 +09:00
dependabot[bot]
1f9f8035e4
Bump bootsnap from 1.15.0 to 1.16.0 (#23340)
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-04 15:55:07 +09:00
Claire
aeacebb3d7 Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream updated `docker/build-push-action`, and we a different config
  for `docker/metadata-action` so the lines directly above were different,
  but it's not a real conflict.
  Upgraded `docker/build-push-action` as upstream did.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
  Upstream changed the codestyle near a line we had modified to accommodate
  configurable character count.
  Kept our change.
2023-02-03 19:23:27 +01:00
dependabot[bot]
05f5e5ae6f
Bump nokogiri from 1.14.0 to 1.14.1 (#23330)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.0...v1.14.1)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:33:07 +01:00
dependabot[bot]
91ceb8af11
Bump ox from 2.14.13 to 2.14.14 (#23338)
Bumps [ox](https://github.com/ohler55/ox) from 2.14.13 to 2.14.14.
- [Release notes](https://github.com/ohler55/ox/releases)
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/ox/compare/v2.14.13...v2.14.14)

---
updated-dependencies:
- dependency-name: ox
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:31:50 +01:00
dependabot[bot]
41baf4b217
Bump redcarpet from 3.5.1 to 3.6.0 (#23339)
Bumps [redcarpet](https://github.com/vmg/redcarpet) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/vmg/redcarpet/releases)
- [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vmg/redcarpet/compare/v3.5.1...v3.6.0)

---
updated-dependencies:
- dependency-name: redcarpet
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:19:30 +01:00
dependabot[bot]
fa379a993d
Bump aws-sdk-s3 from 1.118.0 to 1.119.0 (#23341)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.118.0 to 1.119.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:16:38 +01:00
dependabot[bot]
723412ac5e
Bump rubocop from 1.44.0 to 1.44.1 (#23337)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.44.0 to 1.44.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.44.0...v1.44.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:16:13 +01:00
dependabot[bot]
801a209e06
Bump simple_form from 5.1.0 to 5.2.0 (#23328)
Bumps [simple_form](https://github.com/heartcombo/simple_form) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/heartcombo/simple_form/releases)
- [Changelog](https://github.com/heartcombo/simple_form/blob/main/CHANGELOG.md)
- [Commits](https://github.com/heartcombo/simple_form/compare/v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: simple_form
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:07:16 +01:00
dependabot[bot]
d49879cc7b
Bump rails from 6.1.7.1 to 6.1.7.2 (#23326)
Bumps [rails](https://github.com/rails/rails) from 6.1.7.1 to 6.1.7.2.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v6.1.7.1...v6.1.7.2)

---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:06:59 +01:00
dependabot[bot]
409fcd1985
Bump doorkeeper from 5.6.2 to 5.6.3 (#23324)
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.2 to 5.6.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.2...v5.6.3)

---
updated-dependencies:
- dependency-name: doorkeeper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 10:58:10 +01:00
dependabot[bot]
1ca3127a1d
Bump gitlab-omniauth-openid-connect from 0.10.0 to 0.10.1 (#23241)
Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect) from 0.10.0 to 0.10.1.
- [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags)
- [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.10.0...v0.10.1)

---
updated-dependencies:
- dependency-name: gitlab-omniauth-openid-connect
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-31 00:46:27 +09:00
dependabot[bot]
ea1507ee85
Bump aws-sdk-s3 from 1.117.2 to 1.118.0 (#23202)
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.117.2 to 1.118.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 10:57:59 +09:00
dependabot[bot]
1708167dd3
Bump sanitize from 6.0.0 to 6.0.1 (#23281)
Bumps [sanitize](https://github.com/rgrove/sanitize) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md)
- [Commits](https://github.com/rgrove/sanitize/compare/v6.0.0...v6.0.1)

---
updated-dependencies:
- dependency-name: sanitize
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-28 18:12:57 +09:00
855b0d4dbb
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	.github/workflows/build-image.yml
#	lib/mastodon/version.rb
2023-01-26 17:27:01 +01:00
Claire
3074338d79 Merge branch 'main' into glitch-soc/merge-upstream 2023-01-24 20:32:31 +01:00
dependabot[bot]
23a2451576
Bump concurrent-ruby from 1.1.10 to 1.2.0 (#23236)
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.10 to 1.2.0.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.10...v1.2.0)

---
updated-dependencies:
- dependency-name: concurrent-ruby
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-24 09:46:26 +01:00
dependabot[bot]
95fb53c53e
Bump rubocop from 1.43.0 to 1.44.0 (#23213)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.43.0...v1.44.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-23 18:03:20 +01:00
dependabot[bot]
77c2ea1f0f
Bump rubocop-rspec from 2.18.0 to 2.18.1 (#23203)
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.18.0 to 2.18.1.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.18.0...v2.18.1)

---
updated-dependencies:
- dependency-name: rubocop-rspec
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-23 13:14:11 +01:00
44e4991a07
PgHero CVE fix
Backport of 9b795a25cd
2023-01-23 08:29:54 +01:00
Kaspar V
9b795a25cd
fix(pghero): update because CVE-2023-22626 (#23190)
There is a vulnerability
[CVE-2023-22626](https://github.com/advisories/GHSA-vf99-xw26-86g5)

```
Name: pghero
Version: 2.8.3
CVE: CVE-2023-22626
GHSA: GHSA-vf99-xw26-86g5
Criticality: High
URL: https://github.com/ankane/pghero/issues/439
Title: Information Disclosure Through EXPLAIN Feature
Solution: upgrade to '>= 3.1.0'
```
2023-01-22 23:09:02 +01:00
bf5076e970
Update a few gems 2023-01-18 22:33:07 +01:00
0d829dadea
Merge remote-tracking branch 'upstream/main' into develop
# Conflicts:
#	Gemfile.lock
#	app/javascript/flavours/glitch/features/ui/index.js
#	app/javascript/mastodon/features/ui/index.js
2023-01-18 22:29:27 +01:00