This fix was heavily inspired by Mastodon's fix for GHSA-9928-3cp5-93fm.
So, thank you Cure53 for finding this issue, thank you Mozilla for
paying Cure53 to look into it, and thanks for Mastodon for fixing it.
Newly generated binstubs will check for the string
`This file was generated by Bundler` inside `bin/bundle`, so we'd have
to update that anyway.
Also, there is a non-zero chance the updated `bundle` binstub resolves
some of the setup-specific issues we've seen.
This is the default bundler version that comes with ruby 2.7, and it
looks like ruby ruby 2.7 and bundler 2.3.18 have a problem with the new
splitted version where each gem source has it's own block and it
crashes.
To have less problems for podmins when updating, lets just downgrade
bundler and use the old lockfile format in next-minor. It's not a
problem anymore in develop as we don't have rails-assets anymore there,
as we switched to yarn.
This route was removed from the federation and doesn't exist anymore, so
checking for it doesn't make any sense.
But lets check if a server responds to /.well-known/nodeinfo instead.
All other software which supports the diaspora protocol should have this
endpoint by now. Parsing/validating nodeinfo is still handled
gracefully.
closes#8377
When no `.sprockets-manifest-xxx.json` existed, every instance of
`Sprockets::Manifest` generated their own path with their own random
filename, and since this happened before the assets were actually
precompiled, they were all empty. So the error pages didn't find the
manifest and the non-digest assets also didn't have any assets to copy.
So lets create our own instance of `Sprockets::Manifest` here, AFTER
`assets:precompile`, which then loads the manifest json that was used
during precompile, so all precompiled assets are available.
closes#8366
This is to prepare for zeitwerk autoloader, and the old file couldn't be
autoloaded anyway, so the easiest is to just move it out of the models
folder.
markerb is dead and isn't compatible with rails 6 anymore. Removing it
means adding separate templates for text and html, this sadly means some
code duplication, but also luckily the templates aren't that
complicated, so the duplication is also very minimal.
