Claire 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								2b18f7a943 
								
							 
						 
						
							
							
								
								Fix processing mentions to domains with non-ascii TLDs ( #16689 )  
							
							... 
							
							
							
							Fixes  #16602  
						
							2021-09-01 22:06:40 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f81ff4e5ed 
								
							 
						 
						
							
							
								
								Bump eslint-plugin-react from 7.24.0 to 7.25.1 ( #16680 )  
							
							... 
							
							
							
							Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react ) from 7.24.0 to 7.25.1.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases )
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.24.0...v7.25.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-react
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-09-01 08:18:55 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6abbae5096 
								
							 
						 
						
							
							
								
								Bump tar from 6.1.3 to 6.1.11 ( #16685 )  
							
							... 
							
							
							
							Bumps [tar](https://github.com/npm/node-tar ) from 6.1.3 to 6.1.11.
- [Release notes](https://github.com/npm/node-tar/releases )
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/node-tar/compare/v6.1.3...v6.1.11 )
---
updated-dependencies:
- dependency-name: tar
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-09-01 08:18:29 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								30b9630fc7 
								
							 
						 
						
							
							
								
								Bump rqrcode from 2.0.0 to 2.1.0 ( #16678 )  
							
							... 
							
							
							
							Bumps [rqrcode](https://github.com/whomwah/rqrcode ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/whomwah/rqrcode/releases )
- [Changelog](https://github.com/whomwah/rqrcode/blob/master/CHANGELOG.md )
- [Commits](https://github.com/whomwah/rqrcode/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: rqrcode
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-31 20:58:34 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								dbc59eb2a8 
								
							 
						 
						
							
							
								
								Bump rubocop from 1.19.1 to 1.20.0 ( #16674 )  
							
							... 
							
							
							
							Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.19.1 to 1.20.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.19.1...v1.20.0 )
---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-31 20:56:14 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								c8ed5dad7c 
								
							 
						 
						
							
							
								
								Bump nokogiri from 1.12.3 to 1.12.4 ( #16675 )  
							
							... 
							
							
							
							Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.12.3 to 1.12.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.3...v1.12.4 )
---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-31 20:56:07 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								56f465e571 
								
							 
						 
						
							
							
								
								Bump aws-sdk-s3 from 1.99.0 to 1.100.0 ( #16676 )  
							
							... 
							
							
							
							Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.99.0 to 1.100.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-31 20:56:01 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6a55db34fb 
								
							 
						 
						
							
							
								
								Bump ws from 8.2.0 to 8.2.1 ( #16679 )  
							
							... 
							
							
							
							Bumps [ws](https://github.com/websockets/ws ) from 8.2.0 to 8.2.1.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.2.0...8.2.1 )
---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-31 20:55:49 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								ef61fd4670 
								
							 
						 
						
							
							
								
								Bump sass from 1.38.0 to 1.38.2 ( #16671 )  
							
							... 
							
							
							
							Bumps [sass](https://github.com/sass/dart-sass ) from 1.38.0 to 1.38.2.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.38.0...1.38.2 )
---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-29 09:00:57 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								1b1284afea 
								
							 
						 
						
							
							
								
								Bump eslint-plugin-import from 2.24.1 to 2.24.2 ( #16668 )  
							
							... 
							
							
							
							Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.24.1 to 2.24.2.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.24.1...v2.24.2 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-29 09:00:41 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								63a0cba480 
								
							 
						 
						
							
							
								
								Bump url-parse from 1.5.1 to 1.5.3 ( #16666 )  
							
							... 
							
							
							
							Bumps [url-parse](https://github.com/unshiftio/url-parse ) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/unshiftio/url-parse/releases )
- [Commits](https://github.com/unshiftio/url-parse/compare/1.5.1...1.5.3 )
---
updated-dependencies:
- dependency-name: url-parse
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-28 18:18:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								e617690840 
								
							 
						 
						
							
							
								
								Bump color-string from 1.5.3 to 1.6.0 ( #16665 )  
							
							... 
							
							
							
							Bumps [color-string](https://github.com/Qix-/color-string ) from 1.5.3 to 1.6.0.
- [Release notes](https://github.com/Qix-/color-string/releases )
- [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Qix-/color-string/commits/1.6.0 )
---
updated-dependencies:
- dependency-name: color-string
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-28 18:18:35 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								25330a9f04 
								
							 
						 
						
							
							
								
								Bump http from 4.4.1 to 5.0.1 ( #16438 )  
							
							... 
							
							
							
							Bumps [http](https://github.com/httprb/http ) from 4.4.1 to 5.0.1.
- [Release notes](https://github.com/httprb/http/releases )
- [Changelog](https://github.com/httprb/http/blob/master/CHANGES.md )
- [Commits](https://github.com/httprb/http/compare/v4.4.1...v5.0.1 )
---
updated-dependencies:
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-28 18:17:59 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								22a9952040 
								
							 
						 
						
							
							
								
								Bump y18n from 4.0.0 to 4.0.3 ( #16664 )  
							
							... 
							
							
							
							Bumps [y18n](https://github.com/yargs/y18n ) from 4.0.0 to 4.0.3.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/compare/v4.0.0...y18n-v4.0.3 )
---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-28 18:15:05 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								173d2d27e5 
								
							 
						 
						
							
							
								
								Bump jest from 26.6.3 to 27.1.0 ( #16376 )  
							
							... 
							
							
							
							* Bump jest from 26.6.3 to 27.0.4
Bumps [jest](https://github.com/facebook/jest ) from 26.6.3 to 27.0.4.
- [Release notes](https://github.com/facebook/jest/releases )
- [Changelog](https://github.com/facebook/jest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/facebook/jest/compare/v26.6.3...v27.0.4 )
---
updated-dependencies:
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Set test environment for jest
* Remove unnecessary ext
* Bump jest from 27.0.4 to 27.1.0
* Remove --coverage option
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh> 
							
						 
						
							2021-08-28 09:58:04 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								894605a68c 
								
							 
						 
						
							
							
								
								Bump sidekiq from 6.2.1 to 6.2.2 ( #16647 )  
							
							... 
							
							
							
							Bumps [sidekiq](https://github.com/mperham/sidekiq ) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/mperham/sidekiq/releases )
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md )
- [Commits](https://github.com/mperham/sidekiq/compare/v6.2.1...v6.2.2 )
---
updated-dependencies:
- dependency-name: sidekiq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-28 08:59:45 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								42de346335 
								
							 
						 
						
							
							
								
								Bump webpacker from 5.4.0 to 5.4.2 ( #16648 )  
							
							... 
							
							
							
							Bumps [webpacker](https://github.com/rails/webpacker ) from 5.4.0 to 5.4.2.
- [Release notes](https://github.com/rails/webpacker/releases )
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rails/webpacker/compare/v5.4.0...v5.4.2 )
---
updated-dependencies:
- dependency-name: webpacker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-27 21:47:43 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								1c8ce9ae34 
								
							 
						 
						
							
							
								
								Bump faker from 2.18.0 to 2.19.0 ( #16646 )  
							
							... 
							
							
							
							Bumps [faker](https://github.com/faker-ruby/faker ) from 2.18.0 to 2.19.0.
- [Release notes](https://github.com/faker-ruby/faker/releases )
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md )
- [Commits](https://github.com/faker-ruby/faker/compare/v2.18.0...v2.19.0 )
---
updated-dependencies:
- dependency-name: faker
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-27 21:47:00 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								89d62f23c8 
								
							 
						 
						
							
							
								
								Bump rubocop from 1.19.0 to 1.19.1 ( #16649 )  
							
							... 
							
							
							
							Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.19.0...v1.19.1 )
---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-27 21:46:28 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Truong Nguyen 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								7283a5d3b9 
								
							 
						 
						
							
							
								
								Explicitly set userVerification to discoraged ( #16545 )  
							
							
							
						 
						
							2021-08-26 09:51:22 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Claire 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								94bcf45321 
								
							 
						 
						
							
							
								
								Fix authentication failures after going halfway through a sign-in attempt ( #16607 )  
							
							... 
							
							
							
							* Add tests
* Add security-related tests
My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.
* Fix authentication failures after going halfway through a sign-in attempt
* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious 
							
						 
						
							2021-08-25 22:52:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								2ed1c92c63 
								
							 
						 
						
							
							
								
								New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED ( #16655 )  
							
							... 
							
							
							
							When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.
We need a new environment variable like for SAML to assume the email
from CAS is verified.
* config/initializers/omniauth.rb: define CAS option for assuming
  email are always verified.
* .env.nanobox: add new variable as an example. 
							
						 
						
							2021-08-25 18:41:24 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								366e0b82db 
								
							 
						 
						
							
							
								
								Bump rails from 6.1.4 to 6.1.4.1 ( #16650 )  
							
							... 
							
							
							
							Bumps [rails](https://github.com/rails/rails ) from 6.1.4 to 6.1.4.1.
- [Release notes](https://github.com/rails/rails/releases )
- [Commits](https://github.com/rails/rails/compare/v6.1.4...v6.1.4.1 )
---
updated-dependencies:
- dependency-name: rails
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-26 01:39:55 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									matildepark 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								79341d0f5f 
								
							 
						 
						
							
							
								
								Fix follow request count to dynamically update ( #16652 )  
							
							
							
						 
						
							2021-08-25 17:46:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Daniel 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								5c21021176 
								
							 
						 
						
							
							
								
								Fix undefined variable for Auth::OmniauthCallbacksController ( #16654 )  
							
							... 
							
							
							
							The addition of authentication history broke the omniauth login with
the following error:
  method=GET path=/auth/auth/cas/callback format=html
  controller=Auth::OmniauthCallbacksController action=cas status=500
  error='NameError: undefined local variable or method `user' for
  #<Auth::OmniauthCallbacksController:0x00000000036290>
  Did you mean?  @user' duration=435.93 view=0.00 db=36.19
* app/controllers/auth/omniauth_callbacks_controller.rb: fix variable
  name to `@user` 
							
						 
						
							2021-08-25 17:40:56 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								4562ada4b9 
								
							 
						 
						
							
							
								
								Bump eslint-plugin-import from 2.24.0 to 2.24.1 ( #16635 )  
							
							... 
							
							
							
							Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.24.0 to 2.24.1.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.24.0...v2.24.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-23 22:03:53 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								dd096568d9 
								
							 
						 
						
							
							
								
								Bump ws from 8.1.0 to 8.2.0 ( #16636 )  
							
							... 
							
							
							
							Bumps [ws](https://github.com/websockets/ws ) from 8.1.0 to 8.2.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.1.0...8.2.0 )
---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-23 22:03:38 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								3ee038ac7d 
								
							 
						 
						
							
							
								
								Bump @babel/plugin-transform-runtime from 7.14.5 to 7.15.0 ( #16590 )  
							
							... 
							
							
							
							Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime ) from 7.14.5 to 7.15.0.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.15.0/packages/babel-plugin-transform-runtime )
---
updated-dependencies:
- dependency-name: "@babel/plugin-transform-runtime"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-23 22:03:23 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Claire 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								3c45dfa0fe 
								
							 
						 
						
							
							
								
								Fix “discoverable” account setting being tied to profile directory ( #16637 )  
							
							
							
						 
						
							2021-08-20 16:11:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Peter Dave Hello 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								a2afcac7d9 
								
							 
						 
						
							
							
								
								Make sure nginx always send HSTS header ( #16633 )  
							
							... 
							
							
							
							By default, it'll only send those headers when the response code is one of the following:
- 200, 201, 204, 206, 301, 302, 303, 304, 307 & 308
As all the traffics should be https, the http protocol only exists to do 301 redirect,
and always send the HSTS header is almost one of the best practices, we should set
nginx to do so.
Reference:
- https://nginx.org/en/docs/http/ngx_http_headers_module.html#add_header 
- https://ssl-config.mozilla.org/  
							
						 
						
							2021-08-20 10:54:11 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Claire 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6702148472 
								
							 
						 
						
							
							
								
								Add tests for SuspendAccountService and UnsuspendAccountService ( #16627 )  
							
							... 
							
							
							
							* Add tests for SuspendAccountService
* Add tests for UnsuspendAccountService 
							
						 
						
							2021-08-20 10:53:33 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								90a8d4ef1c 
								
							 
						 
						
							
							
								
								Bump rspec-rails from 5.0.1 to 5.0.2 ( #16622 )  
							
							... 
							
							
							
							Bumps [rspec-rails](https://github.com/rspec/rspec-rails ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/rspec/rspec-rails/releases )
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md )
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.1...v5.0.2 )
---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-20 18:48:39 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								588f48bf6f 
								
							 
						 
						
							
							
								
								Bump sass from 1.37.0 to 1.38.0 ( #16623 )  
							
							... 
							
							
							
							Bumps [sass](https://github.com/sass/dart-sass ) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.37.0...1.38.0 )
---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-20 18:48:25 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								63fa767c83 
								
							 
						 
						
							
							
								
								Bump fast_blank from 1.0.0 to 1.0.1 ( #16621 )  
							
							... 
							
							
							
							Bumps [fast_blank](https://github.com/SamSaffron/fast_blank ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/SamSaffron/fast_blank/releases )
- [Commits](https://github.com/SamSaffron/fast_blank/compare/1.0.0...v1.0.1 )
---
updated-dependencies:
- dependency-name: fast_blank
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-20 18:47:45 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Peter Dave Hello 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								e03dc3956f 
								
							 
						 
						
							
							
								
								Disable nginx ssl_session_tickets for better security ( #16632 )  
							
							... 
							
							
							
							It's default turned on, but it's better to turn it off for security reason.
Reference:
- https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_tickets 
- https://github.com/mozilla/server-side-tls/issues/135  
							
						 
						
							2021-08-20 08:15:07 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Claire 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								9ac7e6fef7 
								
							 
						 
						
							
							
								
								Fix remotely-suspended accounts' toots being merged back into timelines ( #16628 )  
							
							... 
							
							
							
							* Fix remotely-suspended accounts' toots being merged back into timelines
* Mark remotely-deleted accounts as remotely suspended 
							
						 
						
							2021-08-20 07:40:33 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Holger 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								0cae6c07bb 
								
							 
						 
						
							
							
								
								Fix   #16603  ( #16605 )  
							
							... 
							
							
							
							Fix issue #16603  undefined method `serialize_payload' for Unsuspend Account Service error.
It seems that this service forgot to `include Payloadable` so that `serialize_payload` could not be found in this service. 
							
						 
						
							2021-08-20 07:39:37 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								ce8f41e560 
								
							 
						 
						
							
							
								
								Bump oj from 3.12.2 to 3.13.2 ( #16620 )  
							
							... 
							
							
							
							Bumps [oj](https://github.com/ohler55/oj ) from 3.12.2 to 3.13.2.
- [Release notes](https://github.com/ohler55/oj/releases )
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/ohler55/oj/compare/v3.12.2...v3.13.2 )
---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:58:07 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6cdbff88e7 
								
							 
						 
						
							
							
								
								Bump eslint-plugin-import from 2.23.4 to 2.24.0 ( #16592 )  
							
							... 
							
							
							
							Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.23.4 to 2.24.0.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/master/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.23.4...v2.24.0 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:20:21 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								c04c3e98e3 
								
							 
						 
						
							
							
								
								Bump yargs from 17.0.1 to 17.1.1 ( #16614 )  
							
							... 
							
							
							
							Bumps [yargs](https://github.com/yargs/yargs ) from 17.0.1 to 17.1.1.
- [Release notes](https://github.com/yargs/yargs/releases )
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/yargs/compare/v17.0.1...v17.1.1 )
---
updated-dependencies:
- dependency-name: yargs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:19:51 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								1d63f0798a 
								
							 
						 
						
							
							
								
								Bump ws from 8.0.0 to 8.1.0 ( #16616 )  
							
							... 
							
							
							
							Bumps [ws](https://github.com/websockets/ws ) from 8.0.0 to 8.1.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/8.0.0...8.1.0 )
---
updated-dependencies:
- dependency-name: ws
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:19:31 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f5a8011cf4 
								
							 
						 
						
							
							
								
								Bump bullet from 6.1.4 to 6.1.5 ( #16617 )  
							
							... 
							
							
							
							Bumps [bullet](https://github.com/flyerhzm/bullet ) from 6.1.4 to 6.1.5.
- [Release notes](https://github.com/flyerhzm/bullet/releases )
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md )
- [Commits](https://github.com/flyerhzm/bullet/compare/6.1.4...6.1.5 )
---
updated-dependencies:
- dependency-name: bullet
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:01:31 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								00944fc0f4 
								
							 
						 
						
							
							
								
								Bump fastimage from 2.2.4 to 2.2.5 ( #16609 )  
							
							... 
							
							
							
							Bumps [fastimage](https://github.com/sdsykes/fastimage ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/sdsykes/fastimage/releases )
- [Changelog](https://github.com/sdsykes/fastimage/blob/master/CHANGELOG )
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.4...v2.2.5 )
---
updated-dependencies:
- dependency-name: fastimage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:00:53 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								3318aa26f2 
								
							 
						 
						
							
							
								
								Bump nokogiri from 1.12.2 to 1.12.3 ( #16610 )  
							
							... 
							
							
							
							Bumps [nokogiri](https://github.com/sparklemotion/nokogiri ) from 1.12.2 to 1.12.3.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases )
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.2...v1.12.3 )
---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:00:37 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								358b43c3a6 
								
							 
						 
						
							
							
								
								Bump blurhash from 1.1.3 to 1.1.4 ( #16613 )  
							
							... 
							
							
							
							Bumps [blurhash](https://github.com/woltapp/blurhash ) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/woltapp/blurhash/releases )
- [Commits](https://github.com/woltapp/blurhash/commits )
---
updated-dependencies:
- dependency-name: blurhash
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:00:17 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								68e9e9ee0f 
								
							 
						 
						
							
							
								
								Bump pundit from 2.1.0 to 2.1.1 ( #16615 )  
							
							... 
							
							
							
							Bumps [pundit](https://github.com/varvet/pundit ) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/varvet/pundit/releases )
- [Changelog](https://github.com/varvet/pundit/blob/master/CHANGELOG.md )
- [Commits](https://github.com/varvet/pundit/compare/v2.1.0...v2.1.1 )
---
updated-dependencies:
- dependency-name: pundit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 13:00:04 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f77d347f88 
								
							 
						 
						
							
							
								
								Bump path-parse from 1.0.6 to 1.0.7 ( #16597 )  
							
							... 
							
							
							
							Bumps [path-parse](https://github.com/jbgutierrez/path-parse ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases )
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7 )
---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 12:58:37 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								81d11b01fc 
								
							 
						 
						
							
							
								
								Bump parallel_tests from 3.7.0 to 3.7.1 ( #16612 )  
							
							... 
							
							
							
							Bumps [parallel_tests](https://github.com/grosser/parallel_tests ) from 3.7.0 to 3.7.1.
- [Release notes](https://github.com/grosser/parallel_tests/releases )
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md )
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.7.0...v3.7.1 )
---
updated-dependencies:
- dependency-name: parallel_tests
  dependency-type: direct:development
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 12:49:59 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								ec0b8f7e81 
								
							 
						 
						
							
							
								
								Bump aws-sdk-s3 from 1.98.0 to 1.99.0 ( #16611 )  
							
							... 
							
							
							
							Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby ) from 1.98.0 to 1.99.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases )
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-ruby/commits )
---
updated-dependencies:
- dependency-name: aws-sdk-s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 12:49:21 +09:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									dependabot[bot] 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								f3084bbf7c 
								
							 
						 
						
							
							
								
								Bump webmock from 3.13.0 to 3.14.0 ( #16587 )  
							
							... 
							
							
							
							Bumps [webmock](https://github.com/bblimke/webmock ) from 3.13.0 to 3.14.0.
- [Release notes](https://github.com/bblimke/webmock/releases )
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md )
- [Commits](https://github.com/bblimke/webmock/compare/v3.13.0...v3.14.0 )
---
updated-dependencies:
- dependency-name: webmock
  dependency-type: direct:development
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
							
						 
						
							2021-08-17 12:49:00 +09:00