diff --git a/.devcontainer/compose.yaml b/.devcontainer/compose.yaml index ced5ecfe884c88..5da1ec3a24c68a 100644 --- a/.devcontainer/compose.yaml +++ b/.devcontainer/compose.yaml @@ -9,7 +9,6 @@ services: environment: RAILS_ENV: development NODE_ENV: development - VITE_RUBY_HOST: 0.0.0.0 BIND: 0.0.0.0 BOOTSNAP_CACHE_DIR: /tmp REDIS_HOST: redis @@ -23,12 +22,11 @@ services: ES_PORT: '9200' LIBRE_TRANSLATE_ENDPOINT: http://libretranslate:5000 LOCAL_DOMAIN: ${LOCAL_DOMAIN:-localhost:3000} - VITE_DEV_SERVER_PUBLIC: ${VITE_DEV_SERVER_PUBLIC:-localhost:3036} # Overrides default command so things don't shut down after the process ends. command: sleep infinity ports: - '3000:3000' - - '3036:3036' + - '3035:3035' - '4000:4000' networks: - external_network diff --git a/.env.production.sample b/.env.production.sample index 15004b9d0d9fde..4afaf8d7568e92 100644 --- a/.env.production.sample +++ b/.env.production.sample @@ -43,6 +43,7 @@ ES_PASS=password # Make sure to use `bundle exec rails secret` to generate secrets # ------- SECRET_KEY_BASE= +OTP_SECRET= # Encryption secrets # ------------------ diff --git a/.env.test b/.env.test index d2763e582ae926..52379687b41bd7 100644 --- a/.env.test +++ b/.env.test @@ -3,6 +3,8 @@ NODE_ENV=production # Federation LOCAL_DOMAIN=cb6e6126.ngrok.io LOCAL_HTTPS=true +# Elasticsearch +ES_PREFIX=test # Secret values required by ActiveRecord encryption feature # Use `bin/rails db:encryption:init` to generate fresh secrets diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 00000000000000..fa7a0c5353a706 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1 @@ +custom: https://fantia.jp/fanclubs/484677 diff --git a/.github/ISSUE_TEMPLATE/1.bug_report.yml b/.github/ISSUE_TEMPLATE/1.bug_report.yml new file mode 100644 index 00000000000000..10421eed7b17f4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/1.bug_report.yml @@ -0,0 +1,74 @@ +name: バグ報告 +description: kmyblueのバグ報告(ただし情報改竄、秘密情報の漏洩、システムの破損などが発生するバグは、こちらではなく「Security」タブよりセキュリティインシデントとして報告してください) +labels: [bug] +body: + - type: textarea + attributes: + label: バグの再現手順 + description: どのように操作したらバグが発生したのか、バグが発生する直前までの手順を順番に詳しく教えてください + value: | + 1. + 2. + 3. + ... + validations: + required: true + - type: textarea + attributes: + label: 期待する動作 + description: どのように動いてほしかったですか? + validations: + required: true + - type: textarea + attributes: + label: 実際の動作 + description: どのようなバグが発生しましたか? + validations: + required: true + - type: textarea + attributes: + label: 詳しい情報 + validations: + required: false + - type: input + attributes: + label: バグが発生したkmyblueサーバーのドメイン + description: サーバー固有の問題の可能性もありますので、プライバシー上可能な範囲内で、できるだけ書いてください + placeholder: kmy.blue + validations: + required: false + - type: input + attributes: + label: バグが発生したkmyblueのバージョン + description: | + Mastodonではなくkmyblueのバージョンを記述してください。例えばバージョン表記が `v4.2.0+kmyblue.5.1-LTS` の場合、バージョンは `5.1`になります + + バージョンは、PCだと画面左下、スマホだと概要画面の一番下に書いてあります + placeholder: '5.1' + validations: + required: true + - type: input + attributes: + label: ブラウザの名前 + description: | + ブラウザの名前を書いてください。可能であればバージョンも併記してください + placeholder: Firefox 105.0.3 + validations: + required: false + - type: input + attributes: + label: OS + description: | + あなたのOSと、できればバージョンも教えてください。スマホの場合は、「Android」「iPhone」にバージョンをつけてください + placeholder: Windows11 + validations: + required: false + - type: textarea + attributes: + label: その他の詳細情報 + description: | + あなたの環境が特殊な場合、詳しいことを教えてください(例: VPS、tor、学内LANなど) + + サーバー管理者の場合は、Ruby、Node.jsのバージョン、Cloudflareの使用可否なども可能なら書いてください + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/2.feature_request.yml b/.github/ISSUE_TEMPLATE/2.feature_request.yml new file mode 100644 index 00000000000000..10fb4bb23b3abc --- /dev/null +++ b/.github/ISSUE_TEMPLATE/2.feature_request.yml @@ -0,0 +1,16 @@ +name: 機能要望 +description: 機能の提案 +labels: [enhancement] +body: + - type: textarea + attributes: + label: 欲しい機能 + description: 欲しい機能の詳細を書いてください + validations: + required: true + - type: textarea + attributes: + label: 必要性 + description: この機能はあなたにとってなぜ必要でしょうか?どういった状況で使われるものですか? + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/3.spec_change_request.yml b/.github/ISSUE_TEMPLATE/3.spec_change_request.yml new file mode 100644 index 00000000000000..e71befe859de60 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/3.spec_change_request.yml @@ -0,0 +1,28 @@ +name: 仕様変更・改善要望 +description: 既存の仕様や挙動変更の要望 +labels: [specchange] +body: + - type: markdown + attributes: + value: 意図したものとは明らかに異なる挙動をしているものはバグとして、もともと仕様として決められた動きをしているものを変更したいときはこちらでお願いします + - type: textarea + attributes: + label: 挙動を変更してほしい機能や動作 + validations: + required: true + - type: textarea + attributes: + label: 現在の挙動 + validations: + required: true + - type: textarea + attributes: + label: 変更してほしい新しい挙動 + validations: + required: true + - type: textarea + attributes: + label: 必要性 + description: この変更はあなたにとってなぜ必要でしょうか?どういった状況で使われるものですか? + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/3.troubleshooting.yml b/.github/ISSUE_TEMPLATE/3.troubleshooting.yml index 004e74bf42eb67..fa9bfc7c80d3b2 100644 --- a/.github/ISSUE_TEMPLATE/3.troubleshooting.yml +++ b/.github/ISSUE_TEMPLATE/3.troubleshooting.yml @@ -50,7 +50,7 @@ body: label: Mastodon version description: | This is displayed at the bottom of the About page, eg. `v4.4.0-alpha.1` - placeholder: v4.4.0-beta.1 + placeholder: v4.3.0 validations: required: false - type: textarea @@ -60,9 +60,9 @@ body: Details about your environment, like how Mastodon is deployed, if containers are used, version numbers, etc. value: | Please at least include those informations: - - Operating system: (eg. Ubuntu 24.04.2) - - Ruby version: (from `ruby --version`, eg. v3.4.4) - - Node.js version: (from `node --version`, eg. v22.16.0) + - Operating system: (eg. Ubuntu 22.04) + - Ruby version: (from `ruby --version`, eg. v3.4.1) + - Node.js version: (from `node --version`, eg. v20.18.0) validations: required: false - type: textarea diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index f5d3196528f92d..0086358db1eb97 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,5 +1 @@ -blank_issues_enabled: false -contact_links: - - name: GitHub Discussions - url: https://github.com/mastodon/mastodon/discussions - about: Please ask and answer questions here. +blank_issues_enabled: true diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 1850a45bbcde71..e638b9c5482f72 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -25,12 +25,26 @@ 'tesseract.js', // Requires code changes 'react-hotkeys', // Requires code changes + // Requires Webpacker upgrade or replacement + '@svgr/webpack', + '@types/webpack', + 'babel-loader', + 'compression-webpack-plugin', + 'css-loader', + 'imports-loader', + 'mini-css-extract-plugin', + 'postcss-loader', + 'sass-loader', + 'terser-webpack-plugin', + 'webpack', + 'webpack-assets-manifest', + 'webpack-bundle-analyzer', + 'webpack-dev-server', + 'webpack-cli', + // react-router: Requires manual upgrade 'history', 'react-router-dom', - - // react-spring: Requires manual upgrade when upgrading react - '@react-spring/web', ], matchUpdateTypes: ['major'], dependencyDashboardApproval: true, @@ -39,6 +53,7 @@ // Require Dependency Dashboard Approval for major version bumps of these Ruby packages matchManagers: ['bundler'], matchPackageNames: [ + 'rack', // Needs to be synced with Rails version 'strong_migrations', // Requires manual upgrade 'sidekiq', // Requires manual upgrade 'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version diff --git a/.github/workflows/bundler-audit.yml b/.github/workflows/bundler-audit.yml index fa28d28f740c45..c96e4429af154b 100644 --- a/.github/workflows/bundler-audit.yml +++ b/.github/workflows/bundler-audit.yml @@ -4,6 +4,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' paths: - 'Gemfile*' diff --git a/.github/workflows/check-i18n.yml b/.github/workflows/check-i18n.yml index c46090c1b565bc..63529e4f162dd2 100644 --- a/.github/workflows/check-i18n.yml +++ b/.github/workflows/check-i18n.yml @@ -4,10 +4,16 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' pull_request: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' env: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8690e9ed6d1639..827629d8e651e7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -5,10 +5,16 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' pull_request: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' schedule: - cron: '22 6 * * 1' diff --git a/.github/workflows/format-check.yml b/.github/workflows/format-check.yml index c10f350a02ef28..a190ece7dfd60b 100644 --- a/.github/workflows/format-check.yml +++ b/.github/workflows/format-check.yml @@ -4,6 +4,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' pull_request: diff --git a/.github/workflows/lint-css.yml b/.github/workflows/lint-css.yml index c1385bf789b0bc..ffab4880e12867 100644 --- a/.github/workflows/lint-css.yml +++ b/.github/workflows/lint-css.yml @@ -4,6 +4,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' paths: - 'package.json' diff --git a/.github/workflows/lint-haml.yml b/.github/workflows/lint-haml.yml index 499be2010adc99..c596261eb04fc4 100644 --- a/.github/workflows/lint-haml.yml +++ b/.github/workflows/lint-haml.yml @@ -4,6 +4,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' paths: - '.github/workflows/haml-lint-problem-matcher.json' diff --git a/.github/workflows/lint-js.yml b/.github/workflows/lint-js.yml index 86e9af23e7efb1..13468e77992fef 100644 --- a/.github/workflows/lint-js.yml +++ b/.github/workflows/lint-js.yml @@ -4,6 +4,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' paths: - 'package.json' diff --git a/.github/workflows/lint-ruby.yml b/.github/workflows/lint-ruby.yml index 87f8aee24e01e9..5bb67b108c6ea3 100644 --- a/.github/workflows/lint-ruby.yml +++ b/.github/workflows/lint-ruby.yml @@ -4,6 +4,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' paths: - 'Gemfile*' diff --git a/.github/workflows/test-js.yml b/.github/workflows/test-js.yml index 0699e6c9ef8193..f962f5c36f7c87 100644 --- a/.github/workflows/test-js.yml +++ b/.github/workflows/test-js.yml @@ -4,6 +4,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' paths: - 'package.json' @@ -40,4 +43,4 @@ jobs: uses: ./.github/actions/setup-javascript - name: JavaScript testing - run: yarn test:js + run: yarn jest --reporters github-actions summary diff --git a/.github/workflows/test-migrations.yml b/.github/workflows/test-migrations.yml index 7aab34f0cf4ee6..c4a716e8f98ff4 100644 --- a/.github/workflows/test-migrations.yml +++ b/.github/workflows/test-migrations.yml @@ -5,6 +5,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' paths: - 'Gemfile*' diff --git a/.github/workflows/test-ruby.yml b/.github/workflows/test-ruby.yml index 63d317250436ae..fd4c66605961d5 100644 --- a/.github/workflows/test-ruby.yml +++ b/.github/workflows/test-ruby.yml @@ -5,6 +5,9 @@ on: push: branches: - 'main' + - 'kb*' + - 'upstream-*' + - 'releases/*' - 'stable-*' pull_request: @@ -49,7 +52,7 @@ jobs: public/assets public/packs public/packs-test - tmp/cache/vite + tmp/cache/webpacker key: ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}-${{ github.sha }} restore-keys: | ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}-${{ github.sha }} @@ -63,7 +66,7 @@ jobs: - name: Archive asset artifacts run: | - tar --exclude={"*.br","*.gz"} -zcf artifacts.tar.gz public/assets public/packs* tmp/cache/vite/last-build*.json + tar --exclude={"*.br","*.gz"} -zcf artifacts.tar.gz public/assets public/packs* - uses: actions/upload-artifact@v4 if: matrix.mode == 'test' @@ -119,6 +122,7 @@ jobs: CAS_ENABLED: true BUNDLE_WITH: 'pam_authentication test' GITHUB_RSPEC: ${{ matrix.ruby-version == '.ruby-version' && github.event.pull_request && 'true' }} + ES_ENABLED: false strategy: fail-fast: false @@ -143,7 +147,7 @@ jobs: uses: ./.github/actions/setup-ruby with: ruby-version: ${{ matrix.ruby-version}} - additional-system-dependencies: ffmpeg libpam-dev + additional-system-dependencies: ffmpeg imagemagick libpam-dev - name: Load database schema run: | @@ -173,8 +177,8 @@ jobs: env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - test-imagemagick: - name: ImageMagick tests + test-libvips: + name: Libvips tests runs-on: ubuntu-latest needs: @@ -220,7 +224,7 @@ jobs: CAS_ENABLED: true BUNDLE_WITH: 'pam_authentication test' GITHUB_RSPEC: ${{ matrix.ruby-version == '.ruby-version' && github.event.pull_request && 'true' }} - MASTODON_USE_LIBVIPS: false + MASTODON_USE_LIBVIPS: true strategy: fail-fast: false @@ -245,7 +249,7 @@ jobs: uses: ./.github/actions/setup-ruby with: ruby-version: ${{ matrix.ruby-version}} - additional-system-dependencies: ffmpeg imagemagick libpam-dev + additional-system-dependencies: ffmpeg libpam-dev - name: Load database schema run: './bin/rails db:create db:schema:load db:seed' @@ -297,6 +301,7 @@ jobs: DB_PASS: postgres RAILS_ENV: test BUNDLE_WITH: test + ES_ENABLED: false LOCAL_DOMAIN: localhost:3000 LOCAL_HTTPS: false @@ -324,7 +329,7 @@ jobs: uses: ./.github/actions/setup-ruby with: ruby-version: ${{ matrix.ruby-version}} - additional-system-dependencies: ffmpeg + additional-system-dependencies: ffmpeg imagemagick - name: Set up Javascript environment uses: ./.github/actions/setup-javascript @@ -332,21 +337,6 @@ jobs: - name: Load database schema run: './bin/rails db:create db:schema:load db:seed' - - name: Cache Playwright Chromium browser - id: playwright-cache - uses: actions/cache@v4 - with: - path: ~/.cache/ms-playwright - key: playwright-browsers-${{ runner.os }}-${{ hashFiles('yarn.lock') }} - - - name: Install Playwright Chromium browser (with deps) - if: steps.playwright-cache.outputs.cache-hit != 'true' - run: yarn run playwright install --with-deps chromium - - - name: Install Playwright Chromium browser deps - if: steps.playwright-cache.outputs.cache-hit == 'true' - run: yarn run playwright install-deps chromium - - run: bin/rspec spec/system --tag streaming --tag js - name: Archive logs @@ -360,7 +350,7 @@ jobs: uses: actions/upload-artifact@v4 if: failure() with: - name: e2e-screenshots-${{ matrix.ruby-version }} + name: e2e-screenshots path: tmp/capybara/ test-search: @@ -458,7 +448,7 @@ jobs: uses: ./.github/actions/setup-ruby with: ruby-version: ${{ matrix.ruby-version}} - additional-system-dependencies: ffmpeg + additional-system-dependencies: ffmpeg imagemagick - name: Set up Javascript environment uses: ./.github/actions/setup-javascript @@ -481,3 +471,93 @@ jobs: with: name: test-search-screenshots path: tmp/capybara/ + + test-back-and-return: + name: Back to original and return test + runs-on: ubuntu-latest + + needs: + - build + + services: + postgres: + image: postgres:14-alpine + env: + POSTGRES_PASSWORD: postgres + POSTGRES_USER: postgres + options: >- + --health-cmd pg_isready + --health-interval 10s + --health-timeout 5s + --health-retries 5 + ports: + - 5432:5432 + + redis: + image: redis:7-alpine + options: >- + --health-cmd "redis-cli ping" + --health-interval 10s + --health-timeout 5s + --health-retries 5 + ports: + - 6379:6379 + + env: + DB_HOST: localhost + DB_USER: postgres + DB_PASS: postgres + DISABLE_SIMPLECOV: ${{ matrix.ruby-version != '.ruby-version' }} + RAILS_ENV: test + ALLOW_NOPAM: true + PAM_ENABLED: true + PAM_DEFAULT_SERVICE: pam_test + PAM_CONTROLLED_SERVICE: pam_test_controlled + OIDC_ENABLED: true + OIDC_SCOPE: read + SAML_ENABLED: true + CAS_ENABLED: true + BUNDLE_WITH: 'pam_authentication test' + GITHUB_RSPEC: ${{ matrix.ruby-version == '.ruby-version' && github.event.pull_request && 'true' }} + ES_ENABLED: false + BACK_UPSTREAM_FORCE: true + + strategy: + fail-fast: false + matrix: + ruby-version: + - '.ruby-version' + steps: + - uses: actions/checkout@v4 + + - uses: actions/download-artifact@v4 + with: + path: './' + name: ${{ github.sha }} + + - name: Expand archived asset artifacts + run: | + tar xvzf artifacts.tar.gz + + - name: Set up Ruby environment + uses: ./.github/actions/setup-ruby + with: + ruby-version: ${{ matrix.ruby-version}} + additional-system-dependencies: ffmpeg imagemagick libpam-dev + + - name: Load database schema + run: './bin/rails db:create db:schema:load db:seed' + + - name: Back to upstream schema + run: 'bundle exec rake dangerous:back_upstream' + + - name: Return to kmyblue + run: './bin/rails db:migrate' + + - run: bin/rspec + + - name: Upload coverage reports to Codecov + if: matrix.ruby-version == '.ruby-version' + uses: codecov/codecov-action@v3 + with: + files: coverage/lcov/mastodon-back-ret.lcov diff --git a/.gitignore b/.gitignore index db63bc07f0d003..7d60baebf86e16 100644 --- a/.gitignore +++ b/.gitignore @@ -21,13 +21,15 @@ /public/system /public/assets /public/packs -/public/packs-dev /public/packs-test .env .env.production -node_modules/ +/node_modules/ /build/ +# Ignore elasticsearch config +/.elasticsearch.yml + # Ignore Vagrant files .vagrant/ @@ -75,6 +77,3 @@ docker-compose.override.yml # Ignore local-only rspec configuration .rspec-local - -*storybook.log -storybook-static diff --git a/.haml-lint.yml b/.haml-lint.yml index 74d243a3ad63f9..7dbc88e9dbd44d 100644 --- a/.haml-lint.yml +++ b/.haml-lint.yml @@ -1,3 +1,5 @@ +inherits_from: .haml-lint_todo.yml + exclude: - 'vendor/**/*' diff --git a/.haml-lint_todo.yml b/.haml-lint_todo.yml new file mode 100644 index 00000000000000..841561291f28da --- /dev/null +++ b/.haml-lint_todo.yml @@ -0,0 +1,36 @@ +# This configuration was generated by +# `haml-lint --auto-gen-config` +# on 2024-01-09 11:30:07 -0500 using Haml-Lint version 0.53.0. +# The point is for the user to remove these configuration records +# one by one as the lints are removed from the code base. +# Note that changes in the inspected code, or installation of new +# versions of Haml-Lint, may require this file to be generated again. + +linters: + # Offense count: 1 + LineLength: + exclude: + - 'app/views/admin/ng_rules/_ng_rule_fields.html.haml' + - 'app/views/admin/roles/_form.html.haml' + + # Offense count: 9 + RuboCop: + exclude: + - 'app/views/home/index.html.haml' + + ViewLength: + exclude: + - 'app/views/admin/accounts/index.html.haml' + - 'app/views/admin/instances/show.html.haml' + - 'app/views/admin/ng_rules/_ng_rule_fields.html.haml' + - 'app/views/admin/settings/discovery/show.html.haml' + - 'app/views/settings/preferences/appearance/show.html.haml' + - 'app/views/settings/preferences/other/show.html.haml' + + InstanceVariables: + exclude: + - 'app/views/application/_sidebar.html.haml' + - 'app/views/admin/ng_rules/_ng_rule_fields.html.haml' + - 'app/views/admin/ng_words/keywords/_ng_word.html.haml' + - 'app/views/admin/ng_words/white_list/_specified_domain.html.haml' + - 'app/views/admin/sensitive_words/_sensitive_word.html.haml' diff --git a/.nvmrc b/.nvmrc index 4a203c23d8335c..744ca17ec07de0 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -22.17 +22.14 diff --git a/.prettierignore b/.prettierignore index 098dac6717786f..80b4c0159e210e 100644 --- a/.prettierignore +++ b/.prettierignore @@ -18,6 +18,10 @@ !/log/.keep /tmp /coverage +/public/system +/public/assets +/public/packs +/public/packs-test .env .env.production .env.development @@ -56,11 +60,10 @@ docker-compose.override.yml /public/packs /public/packs-test /public/system -/public/vite* # Ignore emoji map file /app/javascript/mastodon/features/emoji/emoji_map.json -/app/javascript/mastodon/features/emoji/emoji_data.json +/app/javascript/mastodon/features/emoji/emoji_sheet.json # Ignore locale files /app/javascript/mastodon/locales/*.json @@ -81,6 +84,3 @@ AUTHORS.md # Process a few selected JS files !lint-staged.config.js - -# Ignore config YAML files that include ERB/ruby code prettier does not understand -/config/email.yml diff --git a/.rubocop/metrics.yml b/.rubocop/metrics.yml index 89532af42abb15..2828d5e4a3fb3d 100644 --- a/.rubocop/metrics.yml +++ b/.rubocop/metrics.yml @@ -1,6 +1,7 @@ --- Metrics/AbcSize: Exclude: + - 'app/serializers/initial_state_serializer.rb' - lib/mastodon/cli/*.rb Metrics/BlockLength: @@ -11,6 +12,11 @@ Metrics/ClassLength: Metrics/CyclomaticComplexity: Exclude: + - 'app/lib/feed_manager.rb' + - 'app/policies/status_policy.rb' + - 'app/services/activitypub/process_account_service.rb' + - 'app/services/delivery_antenna_service.rb' + - 'app/services/post_status_service.rb' - lib/mastodon/cli/*.rb Metrics/MethodLength: diff --git a/.rubocop/naming.yml b/.rubocop/naming.yml index 37d3a17efdbdb3..da6ad4ac579a63 100644 --- a/.rubocop/naming.yml +++ b/.rubocop/naming.yml @@ -1,6 +1,3 @@ --- Naming/BlockForwarding: EnforcedStyle: explicit - -Naming/PredicateMethod: - Enabled: false diff --git a/.rubocop/rspec.yml b/.rubocop/rspec.yml index 27f703444ea3da..940701c7226919 100644 --- a/.rubocop/rspec.yml +++ b/.rubocop/rspec.yml @@ -8,6 +8,8 @@ RSpec/MultipleExpectations: RSpec/MultipleMemoizedHelpers: Max: 20 # Overrides default of 5 + Exclude: + - 'spec/services/delete_account_service_spec.rb' RSpec/NamedSubject: EnforcedStyle: named_only @@ -23,6 +25,5 @@ RSpec/SpecFilePathFormat: ActivityPub: activitypub DeepL: deepl FetchOEmbedService: fetch_oembed_service - OAuth: oauth OEmbedController: oembed_controller OStatus: ostatus diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 4ec92f341217a6..8232ec8ec3c4d7 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,6 +1,6 @@ # This configuration was generated by # `rubocop --auto-gen-config --auto-gen-only-exclude --no-offense-counts --no-auto-gen-timestamp` -# using RuboCop version 1.77.0. +# using RuboCop version 1.75.1. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new @@ -26,14 +26,69 @@ Metrics/CyclomaticComplexity: # Configuration parameters: AllowedMethods, AllowedPatterns. Metrics/PerceivedComplexity: Max: 27 + Exclude: + - 'app/policies/status_policy.rb' + - 'app/services/delivery_antenna_service.rb' + - 'app/services/post_status_service.rb' + +Rails/OutputSafety: + Exclude: + - 'config/initializers/simple_form.rb' # This cop supports safe autocorrection (--autocorrect). -# Configuration parameters: AllowedVars, DefaultToNil. +# Configuration parameters: AllowedVars. Style/FetchEnvVar: Exclude: + - 'config/environments/production.rb' + - 'config/initializers/2_limited_federation_mode.rb' + - 'config/initializers/3_omniauth.rb' + - 'config/initializers/cache_buster.rb' + - 'config/initializers/devise.rb' - 'config/initializers/paperclip.rb' + - 'config/initializers/vapid.rb' + - 'lib/tasks/repo.rake' + +# This cop supports safe autocorrection (--autocorrect). +# Configuration parameters: EnforcedStyle, MaxUnannotatedPlaceholdersAllowed, Mode, AllowedMethods, AllowedPatterns. +# SupportedStyles: annotated, template, unannotated +# AllowedMethods: redirect +Style/FormatStringToken: + Exclude: + - 'config/initializers/devise.rb' + - 'lib/paperclip/color_extractor.rb' # This cop supports safe autocorrection (--autocorrect). # Configuration parameters: MinBodyLength, AllowConsecutiveConditionals. Style/GuardClause: Enabled: false + +# This cop supports unsafe autocorrection (--autocorrect-all). +Style/HashTransformValues: + Exclude: + - 'app/serializers/rest/web_push_subscription_serializer.rb' + - 'app/services/import_service.rb' + +# Configuration parameters: AllowedMethods. +# AllowedMethods: respond_to_missing? +Style/OptionalBooleanParameter: + Exclude: + - 'app/lib/admin/system_check/message.rb' + - 'app/lib/request.rb' + - 'app/lib/webfinger.rb' + - 'app/services/block_domain_service.rb' + - 'app/services/fetch_resource_service.rb' + - 'app/workers/domain_block_worker.rb' + - 'app/workers/unfollow_follow_worker.rb' + +# This cop supports unsafe autocorrection (--autocorrect-all). +# Configuration parameters: EnforcedStyle. +# SupportedStyles: short, verbose +Style/PreferredHashMethods: + Exclude: + - 'config/initializers/paperclip.rb' + +# This cop supports safe autocorrection (--autocorrect). +Style/RedundantConstantBase: + Exclude: + - 'config/environments/production.rb' + - 'config/initializers/sidekiq.rb' diff --git a/.ruby-version b/.ruby-version index f9892605c753d1..4d9d11cf505d5d 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.4.4 +3.4.2 diff --git a/AUTHORS_KB.md b/AUTHORS_KB.md new file mode 100644 index 00000000000000..2cda5fd31d9f89 --- /dev/null +++ b/AUTHORS_KB.md @@ -0,0 +1,18 @@ +# Authors for kmyblue fork + +## 貢献者 + +kmyblueフォークは、以下の方の貢献によって成り立っています。 +本家Mastodonの貢献者については、`AUTHORS.md`をご覧ください。 + +- [aoisensi](https://github.com/aoisensi) +- [KMY](https://github.com/kmycode) +- [S-H-GAMELINKS](https://github.com/S-H-GAMELINKS) +- [Yuicho](https://github.com/yuicho) + +## 特記 + +kmyblueフォークの開発にあたって、API・Activity仕様の設計(一部機能については内部仕様)策定の過程で下記リポジトリのコードを参考にしました。 +kmyblueフォークに直接貢献したわけではありませんが、以下のリポジトリにある絵文字リアクション機能・検索範囲機能のコードのうち一部にkmyblueへ転写した箇所がございますため、お名前記載させていただきます。 + +- [Fedibird](https://github.com/fedibird/mastodon) diff --git a/CHANGELOG.md b/CHANGELOG.md index efdd3adf120264..a9819a6c790ca4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,294 +2,6 @@ All notable changes to this project will be documented in this file. -## [4.4.0] - UNRELEASED - -### Added - -- **Add “Followers you know” widget to user profiles and hover cards** (#34652, #34678, #34681, #34697, #34699, #34769, #34774 and #34914 by @diondiondion) -- **Add featured tab to profiles on web UI and rework pinned posts** (#34405, #34483, #34491, #34754, #34855, #34858, #34868, #34869, #34927, #34995, #35056 and #34931 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @diondiondion) -- Add endorsed accounts to featured tab in web UI (#34421 and #34568 by @Gargron)\ - This also includes the following new REST API endpoints: - - `GET /api/v1/accounts/:id/endorsements`: https://docs.joinmastodon.org/methods/accounts/#endorsements - - `POST /api/v1/accounts/:id/endorse`: https://docs.joinmastodon.org/methods/accounts/#endorse - - `POST /api/v1/accounts/:id/unendorse`: https://docs.joinmastodon.org/methods/accounts/#unendorse -- Add ability to add and remove hashtags from featured tags in web UI (#34489, #34887, and #34490 by @ClearlyClaire and @Gargron)\ - This is achieved through the new REST API endpoints: - - `POST /api/v1/tags/:id/feature`: https://docs.joinmastodon.org/methods/tags/#feature - - `POST /api/v1/tags/:id/unfeature`: https://docs.joinmastodon.org/methods/tags/#unfeature -- Add reminder when about to post without alt text in web UI (#33760 and #33784 by @Gargron) -- Add a warning in Web UI when composing a post when the selected and detected language are different (#33042, #33683, #33700, #33724, #33770, and #34193 by @ClearlyClaire and @Gargron) -- Add support for verifying and displaying remote quote posts (#34370, #34481, #34510, #34551, #34480, #34479, #34553, #34584, #34623, #34738, #34766, #34770, #34772, #34773, #34786, #34790, #34864, #34957, #34961, #35016, #35022, #35036, #34946, #34945 and #34958 by @ClearlyClaire and @diondiondion)\ - Support for verifying remote quotes according to [FEP-044f](https://codeberg.org/fediverse/fep/src/branch/main/fep/044f/fep-044f.md) and displaying them in the Web UI has been implemented.\ - Quoting other people is not implemented yet, and it is currently not possible to mark your own posts as allowing quotes. However, a new “Who can quote” setting has been added to the “Posting defaults” section of the user settings. This setting allows you to set a default that will be used for new posts made on Mastodon 4.5 and newer, when quote posts will be fully implemented.\ - In the REST API, quote posts are represented by a new `quote` attribute on `Status` and `StatusEdit` entities: https://docs.joinmastodon.org/entities/StatusEdit/#quote https://docs.joinmastodon.org/entities/Status/#quote -- Add ability to reorder and translate server rules (#34637, #34737, #34494, #34756, #34820, #34997, #35170, #35174 and #35174 by @ChaosExAnima and @ClearlyClaire)\ - Rules are now shown in the user’s language, if a translation has been set.\ - In the REST API, `Rule` entities now have a new `translations` attribute: https://docs.joinmastodon.org/entities/Rule/#translations -- Add emoji from Twemoji 15.1.0, including in the emoji picker/completion (#33395, #34321, #34620, and #34677 by @ChaosExAnima, @ClearlyClaire, @TheEssem, and @eramdam) -- Add option to remove account from followers in web UI (#34488 by @Gargron) -- Add relationship tags to profiles and hover cards in web UI (#34467 and #34792 by @Gargron and @diondiondion) -- Add ability to open posts in a new tab by middle-clicking in web UI (#32988, #33106, #33419, and #34700 by @ClearlyClaire, @Gargron, and @tribela) -- Add new filter action to blur media (#34256 by @ClearlyClaire)\ - In the REST API, this adds a new possible value of `blur` to the `filter_action` attribute: https://docs.joinmastodon.org/entities/Filter/#filter_action -- Add dropdown menu to hashtag links in web UI (#34393 by @Gargron) -- **Add server setting to allow referrer** (#33214, #33239, #33903, and #34731 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @renchap)\ - In order to protect the privacy of users of small or thematic servers, Mastodon previously avoided transmitting referrer information when clicking outside links, which unfortunately made Mastodon completely invisible to other websites, even though the privacy implications on large generic servers are very limited.\ - Server administrators can now chose to opt in to transmit referrer information when following an external link. Only the domain name is transmitted, not the referrer path. -- Add double tap to zoom and swipe to dismiss to media modal in web UI (#34210 by @Gargron) -- Add link from Web UI for Hashtags to the Moderation UI (#31448 by @ThisIsMissEm) -- **Add terms of service** (#33055, #33233, #33230, #33703, #33699, #33994, #33993, #34105, #34122, #34200, #34527, #35053, #35115, #35126 and #35127 by @ClearlyClaire, @Gargron, @mjankowski, and @oneiros)\ - Server administrators can now fill in Terms of Service and notify their users of upcoming changes. -- Add optional bulk mailer settings (#35191 and #35203 by @oneiros)\ - This adds the optional environment variables `BULK_SMTP_PORT`, `BULK_SMTP_SERVER`, `BULK_SMTP_LOGIN` and so on analogous to `SMTP_PORT`, `SMTP_SERVER`, `SMTP_LOGIN` and related SMTP configuration environment variables.\ - When `BULK_SMTP_SERVER` is set, this group of variables is used instead of the regular ones for sending announcement notification emails and Terms of Service notification emails. -- **Add age verification on sign-up** (#34150, #34663, and #34636 by @ClearlyClaire and @Gargron)\ - Server administrators now have a setting to set a minimum age requirement for creating a new server, asking users for their date of birth. The date of birth is checked against the minimum age requirement server-side but not stored.\ - The following REST API changes have been made to accommodate this: - - `registrations.min_age` has been added to the `Instance` entity: https://docs.joinmastodon.org/entities/Instance/#registrations-min_age - - the `date_of_birth` parameter has been added to the account creation API: https://docs.joinmastodon.org/methods/accounts/#create -- Add ability to dismiss alt text badge by tapping it in web UI (#33737 by @Gargron) -- Add loading indicator to timeline gap indicators in web UI (#33762 by @Gargron) -- Add interaction modal when trying to interact with a poll while logged out (#32609 by @ThisIsMissEm) -- **Add experimental FASP support** (#34031, #34415, #34765, #34965, #34964, #34033 and #35218 by @oneiros)\ - This is a first step towards supporting “Fediverse Auxiliary Service Providers” (https://github.com/mastodon/fediverse_auxiliary_service_provider_specifications). This is mostly interesting to developers who would like to implement their own FASP, but also includes the capability to share data with a discovery provider (see https://www.fediscovery.org). -- Add ability for admins to send announcements to all users via email (#33928 and #34411 by @ClearlyClaire)\ - This is meant for critical announcements only, as this will potentially send a lot of emails and cannot be opted out of by users. -- Add Server Moderation Notes (#31529 by @ThisIsMissEm) -- Add loading spinner to “Post” button when sending a post (#35153 by @diondiondion) -- Add option to use system scrollbar styling (#32117 by @vmstan) -- Add hover cards to follow suggestions (#33749 by @ClearlyClaire) -- Add `t` hotkey for post translations (#33441 by @ClearlyClaire) -- Add timestamp to all announcements in Web UI (#18329 by @ClearlyClaire) -- Add dropdown menu with quick actions to lists of accounts in web UI (#34391, #34709, and #34767 by @Gargron, @diondiondion, and @mkljczk) -- Add support for displaying “year in review” notification in web UI (#32710, #32765, #32709, #32807, #32914, #33148, and #33882 by @Gargron and @mjankowski)\ - Note that the notification is currently not generated automatically, and at the moment requires a manual undocumented administrator action. -- Add experimental support for receiving HTTP Message Signatures (RFC9421) (#34814, #35033 and #35109 by @oneiros)\ - For now, this needs to be explicitly enabled through the `http_message_signatures` feature flag (`EXPERIMENTAL_FEATURES=http_message_signatures`). This currently only covers verifying such signatures (inbound HTTP requests), not issuing them (outbound HTTP requests). -- Add experimental Async Refreshes API (#34918 by @oneiros) -- Add experimental server-side feature to fetch remote replies (#32615, #34147, #34149, #34151, #34615, #34682, and #34702 by @ClearlyClaire and @sneakers-the-rat)\ - This experimental feature causes the server to recursively fetch replies in background tasks whenever a user opens a remote post. This happens asynchronously and the client is currently not notified of the existence of new replies, which will thus only be displayed the next time this post’s context gets requested.\ - This feature needs to be explicitly enabled server-side by setting `FETCH_REPLIES_ENABLED` environment variable to `true`. -- Add simple feature flag system through the `EXPERIMENTAL_FEATURES` environment variable (#34038 and #34124 by @oneiros)\ - This allows enabling comma-separated feature flags for experimental features.\ - The current supported feature flags are `inbound_quotes`, `fasp` and `http_message_signatures`. -- Add `dev:populate_sample_data` rake task to populate test data (#34676, #34733, #34771, #34787, and #34791 by @ClearlyClaire and @diondiondion) -- Add support for displaying fallback representation when receiving MathML (#27107 by @4e554c4c) -- Add warning for Elasticsearch index analyzers mismatch (#34515 and #34567 by @ClearlyClaire and @Gargron) -- Add `-only-mapping` option to `tootctl search deploy` (#34466 and #34566 by @Gargron) -- Add server-side support for grouping account sign-up notifications (#34298 by @ClearlyClaire) -- Add `registrations.reason_required` attribute to `/api/v2/instance` response (#34280 by @ClearlyClaire)\ - This is documented at https://docs.joinmastodon.org/entities/Instance/#registrations-reason_required -- Add `EXTRA_MEDIA_HOSTS` environment variable to add extra hosts to Content-Security-Policy (#34184 by @shleeable) -- Add `Deprecation` headers on deprecated API endpoints (#34262 and #34397 by @ClearlyClaire)\ - This is documented at https://docs.joinmastodon.org/api/guidelines/#deprecations -- Add `about`, `privacy_policy` and `terms_of_service` URLs to `/api/v2/instance` (#33849 by @ClearlyClaire) -- Add API to delete media attachments that are not in use (#33991 and #34035 by @ClearlyClaire and @ThisIsMissEm)\ - `DELETE /api/v1/media/:id`: https://docs.joinmastodon.org/methods/media/#delete -- Add optional `delete_media` parameter to `DELETE /api/v1/statuses/:id` (#33988 by @ClearlyClaire)\ - This is documented at https://docs.joinmastodon.org/methods/statuses/#delete -- Add `og:locale` to expose status language in OpenGraph previews (#34012 by @ThisIsMissEm) -- Add `-skip-filled-timeline` option to `tootctl feed build` to skip half-filled feeds (#33844 by @ClearlyClaire) -- Add support for changing the base Docker registry with the `BASE_REGISTRY` `ARG` (#33712 by @wolfspyre) -- Add an optional metric exporter (#33734, #33840, #34172, #34192, #34223, and #35005 by @oneiros and @renchap)\ - Optionally enable the `prometheus_exporter` ruby gem (see https://github.com/discourse/prometheus_exporter) to collect and expose metrics. See the documentation for all the details: https://docs.joinmastodon.org/admin/config/#prometheus -- Add `attribution_domains` attribute to `PATCH /api/v1/accounts/update_credentials` (#32730 by @c960657)\ - This is documented at https://docs.joinmastodon.org/methods/accounts/#update_credentials -- Add support for standard WebPush in addition to previous draft (#33572, #33528, and #33587 by @ClearlyClaire and @p1gp1g) -- Add support for Active Record query log tags (#33342 by @renchap) -- Add OTel trace & span IDs to logs (#33339 and #33362 by @renchap) -- Add missing `on_delete: :cascade` foreign keys option to various database columns (#33175 by @mjankowski) -- Add explicit migration breakpoints (#33089 by @ClearlyClaire) -- Add rel alternate rss/json links to pages for tags (#33179 by @mjankowski) -- Add media attachment description limit to instance API response (#33153 by @mjankowski)\ - This adds the `configuration.media_attachments.description_limit` attribute to the `Instance` entity, documented at https://docs.joinmastodon.org/entities/Instance/#description_limit -- Add `maxlength` to registration reason input (#33162 by @mjankowski) -- Add `REPLICA_PREPARED_STATEMENTS` and `REPLICA_DB_TASKS` environment variables (#32908 by @shleeable)\ - See documentation at https://docs.joinmastodon.org/admin/scaling/#read-replicas -- Add a range of reserved usernames to reduce potential misuse by malicious actors (#32828 by @jmking-iftas) -- Add operations on relays to the admin audit log (#32819 by @ThisIsMissEm) -- Add userinfo OAuth endpoint (#32548 by @ThisIsMissEm) -- Add the standard VCS attributes to OpenTelemetry spans (#32904 by @renchap) -- Add endpoint to remove web push subscription (#32626 by @oneiros)\ - Mastodon now sets a new `Unsubscribe-URL` request header when performing WebPush requests. This URL can be used by the WebPush server to disable the WebPush subscription on Mastodon’s side in case of unfixable errors. -- Add missing content warning text to RSS feeds (#32406 by @mjankowski) -- Add Swiss German to languages dropdown (#29281 by @FlohEinstein) - -### Changed - -- Change design of navigation panel in Web UI, change layout on narrow screens (#34910, #34987, #35017, #34986, #35029, #35065, #35067, #35072, #35074, #35075, #35101, #35173, #35183, #35193 and #35225 by @ClearlyClaire, @Gargron, and @diondiondion) -- Change design of lists in web UI (#32881, #33054, and #33036 by @Gargron) -- Change design of edit media modal in web UI (#33516, #33702, #33725, #33725, #33771, and #34345 by @Gargron) -- Change design of audio player in web UI (#34520, #34740, #34865, #34929, #34933, and #35034 by @ClearlyClaire, @Gargron, and @diondiondion) -- Change design of interaction modal in web UI (#33278 by @Gargron) -- Change list timelines to reflect added and removed users retroactively (#32930 by @Gargron) -- Change account search to be more forgiving of spaces (#34455 by @Gargron) -- Change unfollow button label from “Mutual” to “Unfollow” in web UI (#34392 by @Gargron) -- Change “Specific people” to “Private mention” in menu in web UI (#33963 by @Gargron) -- Change "Explore" to "Trending" and remove explanation banners (#34985 by @Gargron) -- Change media attachments of moderated posts to not be accessible (#34872 by @Gargron) - Moderators will still be able to access them while they are kept, but they won't be accessible to the public in the meantime. -- Change language names in compose box language picker to be localized (#33402 by @c960657) -- Change onboarding flow in web UI (#32998, #33119, #33471 and #34962 by @ClearlyClaire and @Gargron) -- Change Advanced Web UI to use the new main menu instead of the “Getting started” column (#35117 by @diondiondion) -- Change emoji categories in admin interface to be ordered by name (#33630 by @ShadowJonathan) -- Change design of rich text elements in web UI (#32633 by @Gargron) -- Change wording of “single choice” to “pick one” in poll authoring form (#32397 by @ThisIsMissEm) -- Change returned favorite and boost counts to use those provided by the remote server, if available (#32620, #34594, #34618, and #34619 by @ClearlyClaire and @sneakers-the-rat) -- Change label of favourite notifications on private mentions (#31659 by @ClearlyClaire) -- Change wording of "discard draft?" confirmation dialogs (#35192 by @diondiondion) -- Change `libvips` to be enabled by default in place of ImageMagick (#34741 and #34753 by @ClearlyClaire and @diondiondion) -- Change avatar and header size limits from 2MB to 8MB when using libvips (#33002 by @Gargron) -- Change search to use query params in web UI (#32949 and #33670 by @ClearlyClaire and @Gargron) -- Change build system from Webpack to Vite (#34454, #34450, #34758, #34768, #34813, #34808, #34837, #34732, #35007, #35035 and #35177 by @ChaosExAnima, @ClearlyClaire, @mjankowski, and @renchap) -- Change account creation API to forbid creation from user tokens (#34828 by @ThisIsMissEm) -- Change `/api/v2/instance` to be enabled without authentication when limited federation mode is enabled (#34576 by @ClearlyClaire) -- Change `DEFAULT_LOCALE` to not override unauthenticated users’ browser language (#34535 by @ClearlyClaire)\ - If you want to preserve the old behavior, you can add `FORCE_DEFAULT_LOCALE=true`. -- Change size of profile picture on profile page from 90px to 92px (#34807 by @larouxn) -- Change passthrough video processing to emit `moov` atom at start of video (#34726 by @ClearlyClaire) -- Change kerning to be disabled for Japanese text to preserve monospaced alignment for readability (#34448 by @nagutabby) -- Change error handling of various endpoints to return 422 instead of 500 on invalid parameters (#29308, #34434, and #34452 by @danielmbrasil and @mjankowski) -- Change Web UI to use `