nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12710 commits 4 branches 0 tags 121 MiB
Commit graph

12710 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jonne Haß
f2ce9fa17f * Fix CVE-2013-0269 by updating the gems json to 1.7.7 and multi\_json to 1.5.1. [Read more](https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_YvCpLzL58) 
* Additionally ensure can't affect us by bumping Rails to 3.2.12. [Read more](https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/AFBKNY7VSH8)
* And exclude CVE-2013-0262 and CVE-2013-0263 by updating rack to 1.4.5.
 2013-02-11 20:51:02 +01:00
Jonne Haß
dfbb6fa324 Merge branch 'hotfix/0.0.2.4' 2013-02-01 22:22:09 +01:00
Jonne Haß
7134513b28 Fix XSS vulnerabilities caused by not escaping a users name fields when loading it from JSON. #3948 
From a quick look at the for us available databases this was not actually used in the wild.
 2013-02-01 22:20:31 +01:00
Jonne Haß
7f865e739c Merge branch 'hotfix/0.0.2.3' 2013-01-28 20:39:06 +01:00
Jonne Haß
8a8ee42ebc Update Devise to 2.1.3 
http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/
 2013-01-28 20:38:30 +01:00
Jonne Haß
eedf32ed9d Merge branch 'hotfix/0.0.2.2' 2013-01-09 00:09:46 +01:00
Florian Staudacher
b320e50236 bump Rails to 3.2.11 
see:
http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/
 2013-01-09 00:09:07 +01:00
Jonne Haß
947127bec3 Merge branch 'hotfix/0.0.2.1' 2013-01-02 23:41:58 +01:00
Jonne Haß
11f82c794e Bump to Rails 3.2.10 as per CVE-2012-5664 
https://groups.google.com/group/rubyonrails-security/browse_thread/thread/c2353369fea8c53
 2013-01-02 23:40:46 +01:00
Florian Staudacher
eea59b0918 Merge branch 'release/0.0.2.0' 
Conflicts:
	Changelog.md
	config/defaults.yml
 2012-11-20 19:11:48 +01:00
Florian Staudacher
42f4762689 changelog update before release 2012-11-20 19:09:47 +01:00
Florian Staudacher
742d320c0e Merge pull request #3739 from davecocoa/feature/3534-add-x-frame-header 
add x-frame headers
 2012-11-20 09:59:08 -08:00
Jonne Haß
1af49a0477 updated 78 locale files [ci skip] 2012-11-20 18:54:27 +01:00
Sean Tilley
a5050273ca Merge pull request #3727 from jaywink/feature/2321-fix-message-notifications 
Fix notifications for private messages between local users, fixes #2321
 2012-11-19 13:48:17 -08:00
Jonne Haß
e9bccb8afe get rid of string concat of translatable strings in getting started 2012-11-18 17:24:43 +01:00
David McMullin
9678a1d4b2 add x-frame headers 2012-11-18 09:55:10 +00:00
Florian Staudacher
9723c4abc9 don't let the install script run as root user 2012-11-16 15:34:44 +01:00
Florian Staudacher
5066db9941 Merge pull request #3733 from marpo60/3682-fix-padlock-images 
3682 fix padlock images
 2012-11-15 14:07:53 -08:00
Fabián Rodríguez
f3134206e1 update changelog 2012-11-15 18:18:47 -02:00
Fabián Rodríguez
f590abb343 fix 3682, use correct image path for padlocks 2012-11-15 18:17:15 -02:00
Dennis Schubert
ae53254259 Really remove Devises timeoutable... 
... and force it to really remember the session by a hidden field.
 2012-11-14 20:32:15 +01:00
Jonne Haß
70b0c9e2b7 add rb-fsevent to the Gemfile for our OS X devs 2012-11-14 19:57:52 +01:00
Jason Robinson
c437636131 Fix message_spec test and add tests for private message notification unread count. Update changelog 2012-11-12 22:00:13 +02:00
Jason Robinson
6cf6f1dd7d Fix notifications for private messages between local users, fixes #2321 2012-11-11 23:35:19 +02:00
Jonne Haß
7517c29ed0 Merge pull request #3726 from movilla/css_people_inv 
fix css error with intivation people block in search results
 2012-11-11 06:51:33 -08:00
movilla
764aa579cd fix css error with intivation people block in search results 2012-11-11 15:38:03 +01:00
Jonne Haß
63f2d335a4 Merge branch 'notifications_count' of git://github.com/movilla/diaspora into develop 2012-11-11 15:00:46 +01:00
movilla
554fe40235 Web mobile notificacions count dont change to unread-read when click in link post 2012-11-11 14:45:07 +01:00
Jonne Haß
6056572b99 update changelog for gem updates [ci skip] 2012-11-11 14:32:39 +01:00
Jonne Haß
e7be5d2f80 Merge pull request #3612 from diaspora/update_gems 
Update gems
 2012-11-11 04:48:04 -08:00
Jonne Haß
0b206534bd bump selenium-webdriver 2012-11-11 13:29:41 +01:00
Jonne Haß
f6d352bc7e bump gon 2012-11-11 13:29:40 +01:00
Jonne Haß
c4d5597fa4 bump faraday_middleware 2012-11-11 13:29:40 +01:00
Jonne Haß
8e2d509f8d bump coffee-script-source 2012-11-11 13:29:40 +01:00
Jonne Haß
4fc2cb1cba bump carrierwave 2012-11-11 13:29:40 +01:00
Jonne Haß
f2f741a518 bump capybara 2012-11-11 13:29:40 +01:00
Jonne Haß
74ecdeb35d bump formatador 2012-11-11 13:29:40 +01:00
Jonne Haß
04aee6a6fe bump tzinfo 2012-11-11 13:29:39 +01:00
Jonne Haß
f4d63c6d90 bump twitter 2012-11-11 13:26:19 +01:00
Jonne Haß
03f5cfcce5 bump rails-i18n 2012-11-11 13:26:18 +01:00
Jonne Haß
497b822d03 bump debugger 2012-11-11 13:25:20 +01:00
Jonne Haß
c447eba4d1 bump rails_admin 2012-11-11 13:25:15 +01:00
Jonne Haß
ec0483ccdb bump rack-rewrite 2012-11-11 13:23:25 +01:00
Jonne Haß
229c514251 bump childprocess 2012-11-11 13:23:25 +01:00
Jonne Haß
468781008a bump bootstrap-sass 2012-11-11 13:23:25 +01:00
Jonne Haß
91e6644bc2 bump rspec-rails 2012-11-11 13:23:24 +01:00
Jonne Haß
4a4f98c3ef bump unicorn 2012-11-11 13:23:24 +01:00
Jonne Haß
38a6768ad5 bump gherkin 2012-11-11 13:23:24 +01:00
Jonne Haß
fdc28ccdc1 bump treetop 2012-11-11 13:23:24 +01:00
Jonne Haß
882f5affcf bump database_cleaner 2012-11-11 13:23:24 +01:00