7318b74ebf
Merge remote-tracking branch 'upstream/main' into develop
...
# Conflicts:
# Gemfile.lock
# app/models/notification.rb
# config/locales/simple_form.de.yml
2023-03-05 12:34:16 +01:00
Claire
4ed09276d5
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `.prettierignore`:
Upstream added a line at the end of the file, while glitch-soc had its own
extra lines.
Took upstream's change.
- `CONTRIBUTING.md`:
We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes.
Ported upstream changes.
- `app/controllers/application_controller.rb`:
Upstream made code style changes in a method that is entirely replaced
in glitch-soc.
Ignored the change.
- `app/models/account.rb`:
Code style changes textually close to glitch-soc-specific changes.
Ported upstream changes.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream code style changes.
Ignored them.
2023-02-25 14:00:40 +01:00
dependabot[bot]
4b964fa605
Bump devise from 4.8.1 to 4.9.0 ( #23691 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-21 10:41:28 +01:00
dependabot[bot]
fbbf5c4841
Bump capistrano from 3.17.1 to 3.17.2 ( #23775 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-21 09:29:07 +01:00
0e634397c3
Merge remote-tracking branch 'upstream/main' into develop
...
# Conflicts:
# .github/workflows/build-image.yml
# Gemfile.lock
2023-02-21 00:40:08 +01:00
Claire
7452a95998
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `.github/dependabot.yml`:
Upstream made changes while we have dropped this file.
Keep the file deleted.
- `.prettierignore`:
Upstream made changes at the end of the file, where we
had our extra lines.
Just moved our extra lines back at the end.
- `app/serializers/initial_state_serializer.rb`:
Upstream code style changes.
Applied them.
- `app/services/backup_service.rb`:
Upstream code style changes.
Applied them.
2023-02-19 10:42:55 +01:00
4a6cc45f9d
Merge remote-tracking branch 'upstream/main' into develop
...
# Conflicts:
# Gemfile
# Gemfile.lock
# config/sidekiq.yml
2023-02-18 22:38:53 +01:00
dependabot[bot]
49b9ef0c1e
Bump oj from 3.13.23 to 3.14.2 ( #23560 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-18 14:21:10 +09:00
dependabot[bot]
7cf3430e63
Bump webauthn from 2.5.2 to 3.0.0 ( #23659 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-17 10:06:24 +01:00
6ef68d4106
Update and fix dependencies
2023-02-17 00:29:06 +01:00
8de39432a9
Merge remote-tracking branch 'upstream/main' into develop
...
# Conflicts:
# .github/workflows/build-image.yml
# Gemfile.lock
# app/javascript/flavours/glitch/actions/interactions.js
# config/initializers/rack_attack.rb
# config/locales/en_GB.yml
2023-02-17 00:26:21 +01:00
Aaron Patterson
fb8503e861
Upgrade to Ruby 3.2 ( #22928 )
...
Co-authored-by: Matthew Ford <matt@bitzesty.com>
2023-02-15 08:30:27 +01:00
dependabot[bot]
737fbe5c02
Bump nokogiri from 1.14.1 to 1.14.2 ( #23577 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-14 09:11:51 +01:00
dependabot[bot]
7bc946e8da
Bump aws-sdk-s3 from 1.119.0 to 1.119.1 ( #23586 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-14 09:07:12 +01:00
Claire
ce84d163cc
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `.prettierignore`:
Upstream added a line at the end, glitch-soc had extra entries at the end.
Added upstream's new line before glitch-soc's.
- `Gemfile.lock`:
Upstream updated dependencies while glitch-soc has an extra one (hcaptcha).
Updated dependencies like upstream did.
- `app/controllers/api/v1/statuses_controller.rb`:
Not a real conflict, upstream added a parameter (`allowed_mentions`) where
glitch-soc already had an extra one (`content_type`).
Added upstream's new parameter.
- `app/javascript/styles/fonts/roboto-mono.scss`:
A lot of lines were changed upstream due to code style changes, and a lot
of those lines had path changes to accomodate glitch-soc's theming system.
Applied upstream's style changes.
- `app/javascript/styles/fonts/roboto.scss`:
A lot of lines were changed upstream due to code style changes, and a lot
of those lines had path changes to accomodate glitch-soc's theming system.
Applied upstream's style changes.
2023-02-13 19:35:35 +01:00
Shlee
c84f38abc4
chewy from 7.2.4 to 7.2.7 ( #23572 )
2023-02-13 16:33:34 +01:00
Stan Hu
f553b064e0
Switch OpenID Connect gems ( #23223 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13 15:47:50 +01:00
dependabot[bot]
93d7c26fa5
Bump rubocop from 1.44.1 to 1.45.1 ( #23523 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 14:38:43 +01:00
Claire
cc92c65d83
Add dependency on net-http ( #23571 )
2023-02-13 14:36:07 +01:00
dependabot[bot]
66f2ad483c
Bump sidekiq-scheduler from 5.0.0 to 5.0.1 ( #23569 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-13 13:55:55 +01:00
dependabot[bot]
31352f0d2c
Bump sidekiq-scheduler from 4.0.3 to 5.0.0 ( #23212 )
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-02-13 13:31:42 +01:00
Nick Schonning
7c5d396fca
Replace hamlit-rails with haml-rails ( #23542 )
2023-02-13 04:59:30 +01:00
Eugen Rochko
e7b81d7d96
Bump blurhash from 0.1.6 to 0.1.7 ( #23517 )
2023-02-11 04:02:07 +01:00
Claire
85558a5e18
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `README.md`:
Minor upstream change, our README is completely different.
Kept ours.
- `lib/tasks/assets.rake`:
glitch-soc has extra code to deal with its theming system,
upstream changed a line that exists in glitch-soc.
Applied upstream changes.
2023-02-09 12:46:12 +01:00
dependabot[bot]
e559d1e672
Bump rubocop-performance from 1.15.2 to 1.16.0 ( #23418 )
...
Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance ) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/rubocop/rubocop-performance/releases )
- [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.15.2...v1.16.0 )
---
updated-dependencies:
- dependency-name: rubocop-performance
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:40:36 +09:00
dependabot[bot]
ea4ff7e786
Bump doorkeeper from 5.6.3 to 5.6.4 ( #23422 )
...
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper ) from 5.6.3 to 5.6.4.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases )
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md )
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.3...v5.6.4 )
---
updated-dependencies:
- dependency-name: doorkeeper
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:39:37 +09:00
dependabot[bot]
fb7919e4ec
Bump webpacker from 5.4.3 to 5.4.4 ( #23424 )
...
Bumps [webpacker](https://github.com/rails/webpacker ) from 5.4.3 to 5.4.4.
- [Release notes](https://github.com/rails/webpacker/releases )
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rails/webpacker/compare/v5.4.3...v5.4.4 )
---
updated-dependencies:
- dependency-name: webpacker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:39:02 +09:00
dependabot[bot]
4f14957723
Bump faker from 3.1.0 to 3.1.1 ( #23425 )
...
Bumps [faker](https://github.com/faker-ruby/faker ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/main/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v3.1.0...v3.1.1 )
---
updated-dependencies:
- dependency-name: faker
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-08 00:38:30 +09:00
dependabot[bot]
1f9f8035e4
Bump bootsnap from 1.15.0 to 1.16.0 ( #23340 )
...
Bumps [bootsnap](https://github.com/Shopify/bootsnap ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases )
- [Changelog](https://github.com/Shopify/bootsnap/blob/main/CHANGELOG.md )
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.15.0...v1.16.0 )
---
updated-dependencies:
- dependency-name: bootsnap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-04 15:55:07 +09:00
Claire
aeacebb3d7
Merge branch 'main' into glitch-soc/merge-upstream
...
Conflicts:
- `.github/workflows/build-image.yml`:
Upstream updated `docker/build-push-action`, and we a different config
for `docker/metadata-action` so the lines directly above were different,
but it's not a real conflict.
Upgraded `docker/build-push-action` as upstream did.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
Upstream changed the codestyle near a line we had modified to accommodate
configurable character count.
Kept our change.
2023-02-03 19:23:27 +01:00
dependabot[bot]
05f5e5ae6f
Bump nokogiri from 1.14.0 to 1.14.1 ( #23330 )
...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.14.0...v1.14.1 )
---
updated-dependencies:
- dependency-name: nokogiri
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:33:07 +01:00
dependabot[bot]
91ceb8af11
Bump ox from 2.14.13 to 2.14.14 ( #23338 )
...
Bumps [ox](https://github.com/ohler55/ox ) from 2.14.13 to 2.14.14.
- [Release notes](https://github.com/ohler55/ox/releases )
- [Changelog](https://github.com/ohler55/ox/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/ox/compare/v2.14.13...v2.14.14 )
---
updated-dependencies:
- dependency-name: ox
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:31:50 +01:00
dependabot[bot]
41baf4b217
Bump redcarpet from 3.5.1 to 3.6.0 ( #23339 )
...
Bumps [redcarpet](https://github.com/vmg/redcarpet ) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/vmg/redcarpet/releases )
- [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md )
- [Commits](https://github.com/vmg/redcarpet/compare/v3.5.1...v3.6.0 )
---
updated-dependencies:
- dependency-name: redcarpet
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:19:30 +01:00
dependabot[bot]
fa379a993d
Bump aws-sdk-s3 from 1.118.0 to 1.119.0 ( #23341 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.118.0 to 1.119.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:16:38 +01:00
dependabot[bot]
723412ac5e
Bump rubocop from 1.44.0 to 1.44.1 ( #23337 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.44.0 to 1.44.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.44.0...v1.44.1 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:16:13 +01:00
dependabot[bot]
801a209e06
Bump simple_form from 5.1.0 to 5.2.0 ( #23328 )
...
Bumps [simple_form](https://github.com/heartcombo/simple_form ) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/heartcombo/simple_form/releases )
- [Changelog](https://github.com/heartcombo/simple_form/blob/main/CHANGELOG.md )
- [Commits](https://github.com/heartcombo/simple_form/compare/v5.1.0...v5.2.0 )
---
updated-dependencies:
- dependency-name: simple_form
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:07:16 +01:00
dependabot[bot]
d49879cc7b
Bump rails from 6.1.7.1 to 6.1.7.2 ( #23326 )
...
Bumps [rails](https://github.com/rails/rails ) from 6.1.7.1 to 6.1.7.2.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v6.1.7.1...v6.1.7.2 )
---
updated-dependencies:
- dependency-name: rails
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 11:06:59 +01:00
dependabot[bot]
409fcd1985
Bump doorkeeper from 5.6.2 to 5.6.3 ( #23324 )
...
Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper ) from 5.6.2 to 5.6.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases )
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md )
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.2...v5.6.3 )
---
updated-dependencies:
- dependency-name: doorkeeper
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 10:58:10 +01:00
dependabot[bot]
1ca3127a1d
Bump gitlab-omniauth-openid-connect from 0.10.0 to 0.10.1 ( #23241 )
...
Bumps [gitlab-omniauth-openid-connect](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect ) from 0.10.0 to 0.10.1.
- [Release notes](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/tags )
- [Commits](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/compare/v0.10.0...v0.10.1 )
---
updated-dependencies:
- dependency-name: gitlab-omniauth-openid-connect
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-31 00:46:27 +09:00
dependabot[bot]
ea1507ee85
Bump aws-sdk-s3 from 1.117.2 to 1.118.0 ( #23202 )
...
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.117.2 to 1.118.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 10:57:59 +09:00
dependabot[bot]
1708167dd3
Bump sanitize from 6.0.0 to 6.0.1 ( #23281 )
...
Bumps [sanitize](https://github.com/rgrove/sanitize ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/rgrove/sanitize/releases )
- [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md )
- [Commits](https://github.com/rgrove/sanitize/compare/v6.0.0...v6.0.1 )
---
updated-dependencies:
- dependency-name: sanitize
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-28 18:12:57 +09:00
855b0d4dbb
Merge remote-tracking branch 'upstream/main' into develop
...
# Conflicts:
# .github/workflows/build-image.yml
# lib/mastodon/version.rb
2023-01-26 17:27:01 +01:00
Claire
3074338d79
Merge branch 'main' into glitch-soc/merge-upstream
2023-01-24 20:32:31 +01:00
dependabot[bot]
23a2451576
Bump concurrent-ruby from 1.1.10 to 1.2.0 ( #23236 )
...
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby ) from 1.1.10 to 1.2.0.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases )
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.10...v1.2.0 )
---
updated-dependencies:
- dependency-name: concurrent-ruby
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-24 09:46:26 +01:00
dependabot[bot]
95fb53c53e
Bump rubocop from 1.43.0 to 1.44.0 ( #23213 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.43.0...v1.44.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-23 18:03:20 +01:00
dependabot[bot]
77c2ea1f0f
Bump rubocop-rspec from 2.18.0 to 2.18.1 ( #23203 )
...
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec ) from 2.18.0 to 2.18.1.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases )
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.18.0...v2.18.1 )
---
updated-dependencies:
- dependency-name: rubocop-rspec
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-23 13:14:11 +01:00
44e4991a07
PgHero CVE fix
...
Backport of 9b795a25cd
2023-01-23 08:29:54 +01:00
Kaspar V
9b795a25cd
fix(pghero): update because CVE-2023-22626 ( #23190 )
...
There is a vulnerability
[CVE-2023-22626](https://github.com/advisories/GHSA-vf99-xw26-86g5 )
```
Name: pghero
Version: 2.8.3
CVE: CVE-2023-22626
GHSA: GHSA-vf99-xw26-86g5
Criticality: High
URL: https://github.com/ankane/pghero/issues/439
Title: Information Disclosure Through EXPLAIN Feature
Solution: upgrade to '>= 3.1.0'
```
2023-01-22 23:09:02 +01:00
bf5076e970
Update a few gems
2023-01-18 22:33:07 +01:00
0d829dadea
Merge remote-tracking branch 'upstream/main' into develop
...
# Conflicts:
# Gemfile.lock
# app/javascript/flavours/glitch/features/ui/index.js
# app/javascript/mastodon/features/ui/index.js
2023-01-18 22:29:27 +01:00