chore(deps): update dependency opentelemetry-instrumentation-faraday to v0.24.5

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.nvmrc

@@ -1 +1 @@
-20.14
+20.15

.rubocop/rails.yml

@@ -5,10 +5,6 @@ Rails/FilePath:
 Rails/HttpStatus:
   EnforcedStyle: numeric
 
-Rails/LexicallyScopedActionFilter:
-  Exclude:
-    - app/controllers/auth/* # Conflicts with `Lint/UselessMethodDefinition` for inherited controller actions
-
 Rails/NegateInclude:
   Enabled: false
 

.rubocop_todo.yml

@@ -31,14 +31,6 @@ Rails/OutputSafety:
   Exclude:
     - 'config/initializers/simple_form.rb'
 
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: AllowedMethods, AllowedPatterns.
-# AllowedMethods: ==, equal?, eql?
-Style/ClassEqualityComparison:
-  Exclude:
-    - 'app/helpers/jsonld_helper.rb'
-    - 'app/serializers/activitypub/outbox_serializer.rb'
-
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowedVars.
 Style/FetchEnvVar:

Gemfile

@@ -105,7 +105,7 @@ gem 'private_address_check', '~> 0.5'
 gem 'opentelemetry-api', '~> 1.2.5'
 
 group :opentelemetry do
-  gem 'opentelemetry-exporter-otlp', '~> 0.27.0', require: false
+  gem 'opentelemetry-exporter-otlp', '~> 0.28.0', require: false
   gem 'opentelemetry-instrumentation-active_job', '~> 0.7.1', require: false
   gem 'opentelemetry-instrumentation-active_model_serializers', '~> 0.20.1', require: false
   gem 'opentelemetry-instrumentation-concurrent_ruby', '~> 0.21.2', require: false

Gemfile.lock

@@ -89,8 +89,8 @@ GEM
       minitest (>= 5.1)
       mutex_m
       tzinfo (~> 2.0)
-    addressable (2.8.6)
-      public_suffix (>= 2.0.2, < 6.0)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     aes_key_wrap (1.1.0)
     android_key_attestation (0.3.0)
     annotate (3.2.0)
@@ -143,7 +143,7 @@ GEM
     brpoplpush-redis_script (0.1.3)
       concurrent-ruby (~> 1.0, >= 1.0.5)
       redis (>= 1.0, < 6)
-    builder (3.2.4)
+    builder (3.3.0)
     bundler-audit (0.9.1)
       bundler (>= 1.2.0, < 3)
       thor (~> 1.0)
@@ -195,7 +195,7 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (5.0.0)
+    devise-two-factor (5.1.0)
       activesupport (~> 7.0)
       devise (~> 4.0)
       railties (~> 7.0)
@@ -226,7 +226,7 @@ GEM
       htmlentities (~> 4.3.3)
       launchy (~> 2.1)
       mail (~> 2.7)
-    erubi (1.12.0)
+    erubi (1.13.0)
     et-orbi (1.2.11)
       tzinfo
     excon (0.110.0)
@@ -398,6 +398,7 @@ GEM
     llhttp-ffi (0.5.0)
       ffi-compiler (~> 1.0)
       rake (~> 13.0)
+    logger (1.6.0)
     lograge (0.14.0)
       actionpack (>= 4)
       activesupport (>= 4)
@@ -489,8 +490,8 @@ GEM
     opentelemetry-api (1.2.5)
     opentelemetry-common (0.20.1)
       opentelemetry-api (~> 1.0)
-    opentelemetry-exporter-otlp (0.27.0)
-      google-protobuf (~> 3.14)
+    opentelemetry-exporter-otlp (0.28.0)
+      google-protobuf (>= 3.18)
       googleapis-common-protos-types (~> 1.3)
       opentelemetry-api (~> 1.1)
       opentelemetry-common (~> 0.20)
@@ -531,7 +532,7 @@ GEM
     opentelemetry-instrumentation-excon (0.22.3)
       opentelemetry-api (~> 1.0)
       opentelemetry-instrumentation-base (~> 0.22.1)
-    opentelemetry-instrumentation-faraday (0.24.4)
+    opentelemetry-instrumentation-faraday (0.24.5)
       opentelemetry-api (~> 1.0)
       opentelemetry-instrumentation-base (~> 0.22.1)
     opentelemetry-instrumentation-http (0.23.3)
@@ -675,7 +676,7 @@ GEM
       link_header (~> 0.0, >= 0.0.8)
     rdf-normalize (0.7.0)
       rdf (~> 3.3)
-    rdoc (6.6.3.1)
+    rdoc (6.7.0)
       psych (>= 4.0.0)
     redcarpet (3.6.0)
     redis (4.8.1)
@@ -771,8 +772,9 @@ GEM
     scenic (1.8.0)
       activerecord (>= 4.0.0)
       railties (>= 4.0.0)
-    selenium-webdriver (4.21.1)
+    selenium-webdriver (4.22.0)
       base64 (~> 0.2)
+      logger (~> 1.4)
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
@@ -972,7 +974,7 @@ DEPENDENCIES
   omniauth-saml (~> 2.0)
   omniauth_openid_connect (~> 0.6.1)
   opentelemetry-api (~> 1.2.5)
-  opentelemetry-exporter-otlp (~> 0.27.0)
+  opentelemetry-exporter-otlp (~> 0.28.0)
   opentelemetry-instrumentation-active_job (~> 0.7.1)
   opentelemetry-instrumentation-active_model_serializers (~> 0.20.1)
   opentelemetry-instrumentation-concurrent_ruby (~> 0.21.2)

app/controllers/auth/registrations_controller.rb

@@ -25,6 +25,14 @@ class Auth::RegistrationsController < Devise::RegistrationsController
     super(&:build_invite_request)
   end
 
+  def edit # rubocop:disable Lint/UselessMethodDefinition
+    super
+  end
+
+  def create # rubocop:disable Lint/UselessMethodDefinition
+    super
+  end
+
   def update
     super do |resource|
       resource.clear_other_sessions(current_session.session_id) if resource.saved_change_to_encrypted_password?

app/helpers/jsonld_helper.rb

@@ -141,7 +141,7 @@ module JsonLdHelper
   def safe_for_forwarding?(original, compacted)
     original.without('@context', 'signature').all? do |key, value|
       compacted_value = compacted[key]
-      return false unless value.class == compacted_value.class
+      return false unless value.instance_of?(compacted_value.class)
 
       if value.is_a?(Hash)
         safe_for_forwarding?(value, compacted_value)

app/javascript/mastodon/actions/timelines.js

@@ -63,10 +63,10 @@ export function updateTimeline(timeline, status, accept) {
 export function deleteFromTimelines(id) {
   return (dispatch, getState) => {
     const accountId  = getState().getIn(['statuses', id, 'account']);
-    const references = getState().get('statuses').filter(status => status.get('reblog') === id).map(status => status.get('id')).toJSON();
+    const references = getState().get('statuses').filter(status => status.get('reblog') === id).map(status => status.get('id')).valueSeq().toJSON();
     const reblogOf   = getState().getIn(['statuses', id, 'reblog'], null);
 
-    dispatch(timelineDelete(id, accountId, references, reblogOf));
+    dispatch(timelineDelete({ statusId: id, accountId, references, reblogOf }));
   };
 }
 

app/javascript/mastodon/locales/hi.json

@@ -80,6 +80,7 @@
   "admin.dashboard.retention.cohort_size": "नये उपयोगकर्ता",
   "admin.impact_report.instance_accounts": "ये अकाउंट प्रोफाइल मिटा देगा",
   "admin.impact_report.instance_followers": "हमारे यूजर्स इन फॉलोअर्स को खो देंगे",
+  "admin.impact_report.instance_follows": "उनके उपयोगकर्ता इतने फ़ॉलोअर खो देंगे",
   "admin.impact_report.title": "प्रभावकां सारांश",
   "alert.rate_limited.message": "कृप्या {retry_time, time, medium} के बाद दुबारा कोशिश करें",
   "alert.rate_limited.title": "सीमित दर",
@@ -88,6 +89,7 @@
   "announcement.announcement": "घोषणा",
   "attachments_list.unprocessed": "(असंसाधित)",
   "audio.hide": "हाईड ऑडियो",
+  "block_modal.remote_users_caveat": "हम {domain} को आपके निर्णय का सम्मान करने को कहेंगे।हालाकि इसकी आपूर्ति कि प्रत्याभूति नहीं हे। क्योंकि कुछ सर्वर ब्लॉक को अलग तरह से निभा सकते हे। अभी भी सार्वजानिक पोस्ट लोग- इन बगैर के उपयोगकर्ताओं को दिख सकती हैं।",
   "block_modal.show_less": "कम दिखाएं",
   "block_modal.show_more": "और दिखाएँ",
   "block_modal.they_cant_mention": "वे आपको मेंशन या फॉलो नहीं कर सकते",
@@ -205,7 +207,12 @@
   "dismissable_banner.dismiss": "डिसमिस",
   "dismissable_banner.explore_links": "इन समाचारों के बारे में लोगों द्वारा इस पर और डेसेंट्रलीसेड नेटवर्क के अन्य सर्वरों पर अभी बात की जा रही है।",
   "dismissable_banner.explore_tags": "ये हैशटैग अभी इस पर और डेसेंट्रलीसेड नेटवर्क के अन्य सर्वरों पर लोगों के बीच कर्षण प्राप्त कर रहे हैं।",
+  "dismissable_banner.public_timeline": "यह ताजा सार्वजनिक पोस्ट है जिसका सामाजिक वेब {domain} के लोगो द्वारा अनुसरण हो रहा हैं।",
   "domain_block_modal.block": "सर्वर ब्लॉक करें",
+  "domain_block_modal.block_account_instead": "इसकी जगह यह @{name} रखें",
+  "domain_block_modal.they_can_interact_with_old_posts": "इस सर्वर की लोग आपकी पूरानी पोस्ट्स का अनुसरण किया जा sakta है।",
+  "domain_block_modal.they_cant_follow": "इस सर्वर मेसे कोई भी आपका अनुसरण नहीं कर सकता।",
+  "domain_block_modal.they_wont_know": "उनको पता नहीं चलेगा कि वे अवरोधित किए गए है।",
   "domain_block_modal.title": "डोमेन ब्लॉक करें",
   "domain_pill.server": "सर्वर",
   "domain_pill.username": "यूज़रनेम",

app/javascript/mastodon/reducers/timelines.js

@@ -159,7 +159,7 @@ const filterTimelines = (state, relationship, statuses) => {
       return;
     }
 
-    references = statuses.filter(item => item.get('reblog') === status.get('id')).map(item => item.get('id'));
+    references = statuses.filter(item => item.get('reblog') === status.get('id')).map(item => item.get('id')).valueSeq().toJSON();
     state      = deleteStatus(state, status.get('id'), references, relationship.id);
   });
 

app/lib/cache_buster.rb

@@ -2,13 +2,8 @@
 
 class CacheBuster
   def initialize(options = {})
-    Rails.application.deprecators[:mastodon].warn('Default values for the cache buster secret header name and values will be removed in Mastodon 4.3. Please set them explicitely if you rely on those.') unless options[:http_method] || (options[:secret] && options[:secret_header])
-
-    @secret_header = options[:secret_header] ||
-                     (options[:http_method] ? nil : 'Secret-Header')
-    @secret = options[:secret] ||
-              (options[:http_method] ? nil : 'True')
-
+    @secret_header = options[:secret_header]
+    @secret = options[:secret]
     @http_method = options[:http_method] || 'GET'
   end
 

app/lib/link_details_extractor.rb

@@ -269,15 +269,20 @@ class LinkDetailsExtractor
   end
 
   def document
-    @document ||= Nokogiri::HTML(@html, nil, encoding)
+    @document ||= detect_encoding_and_parse_document
   end
 
-  def encoding
-    @encoding ||= begin
+  def detect_encoding_and_parse_document
+    [detect_encoding, nil, @html_charset, 'UTF-8'].uniq.each do |encoding|
+      document = Nokogiri::HTML(@html, nil, encoding)
+      return document if document.to_s.valid_encoding?
+    end
+  end
+
+  def detect_encoding
     guess = detector.detect(@html, @html_charset)
     guess&.fetch(:confidence, 0).to_i > 60 ? guess&.fetch(:encoding, nil) : nil
   end
-  end
 
   def detector
     @detector ||= CharlockHolmes::EncodingDetector.new.tap do |detector|

app/serializers/activitypub/outbox_serializer.rb

@@ -2,7 +2,7 @@
 
 class ActivityPub::OutboxSerializer < ActivityPub::CollectionSerializer
   def self.serializer_for(model, options)
-    if model.class.name == 'ActivityPub::ActivityPresenter'
+    if model.instance_of?(::ActivityPub::ActivityPresenter)
       ActivityPub::ActivitySerializer
     else
       super

db/migrate/20160227230233_add_attachment_avatar_to_accounts.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class AddAttachmentAvatarToAccounts < ActiveRecord::Migration[4.2]
-  def self.up
+  def up
     change_table :accounts do |t|
       # The following corresponds to `t.attachment :avatar` in an older version of Paperclip
       t.string :avatar_file_name
@@ -11,7 +11,7 @@ class AddAttachmentAvatarToAccounts < ActiveRecord::Migration[4.2]
     end
   end
 
-  def self.down
+  def down
     remove_attachment :accounts, :avatar
   end
 end

db/migrate/20160305115639_add_devise_to_users.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class AddDeviseToUsers < ActiveRecord::Migration[4.2]
-  def self.up
+  def up
     change_table(:users, bulk: true) do |t|
       ## Database authenticatable
       t.string :encrypted_password, null: false, default: ''
@@ -24,7 +24,7 @@ class AddDeviseToUsers < ActiveRecord::Migration[4.2]
     add_index :users, :reset_password_token, unique: true
   end
 
-  def self.down
+  def down
     remove_index :users, :reset_password_token
 
     remove_column :users, :encrypted_password

db/migrate/20160312193225_add_attachment_header_to_accounts.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class AddAttachmentHeaderToAccounts < ActiveRecord::Migration[4.2]
-  def self.up
+  def up
     change_table :accounts do |t|
       # The following corresponds to `t.attachment :header` in an older version of Paperclip
       t.string :header_file_name
@@ -11,7 +11,7 @@ class AddAttachmentHeaderToAccounts < ActiveRecord::Migration[4.2]
     end
   end
 
-  def self.down
+  def down
     remove_attachment :accounts, :header
   end
 end

db/migrate/20161006213403_rails_settings_migration.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class RailsSettingsMigration < ActiveRecord::Migration[5.0]
-  def self.up
+  def up
     create_table :settings do |t|
       t.string     :var, null: false
       t.text       :value
@@ -11,7 +11,7 @@ class RailsSettingsMigration < ActiveRecord::Migration[5.0]
     add_index :settings, [:target_type, :target_id, :var], unique: true
   end
 
-  def self.down
+  def down
     drop_table :settings
   end
 end

db/migrate/20170330164118_add_attachment_data_to_imports.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class AddAttachmentDataToImports < ActiveRecord::Migration[4.2]
-  def self.up
+  def up
     change_table :imports do |t|
       # The following corresponds to `t.attachment :data` in an older version of Paperclip
       t.string :data_file_name
@@ -11,7 +11,7 @@ class AddAttachmentDataToImports < ActiveRecord::Migration[4.2]
     end
   end
 
-  def self.down
+  def down
     remove_attachment :imports, :data
   end
 end

package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mastodon/mastodon",
   "license": "AGPL-3.0-or-later",
-  "packageManager": "yarn@4.3.0",
+  "packageManager": "yarn@4.3.1",
   "engines": {
     "node": ">=18"
   },

spec/fixtures/requests/low_confidence_latin1.txt

@@ -0,0 +1,17 @@
+HTTP/1.1 200 OK
+server: nginx
+date: Thu, 13 Jun 2024 14:33:13 GMT
+content-type: text/html; charset=ISO-8859-1
+content-length: 158
+accept-ranges: bytes
+
+<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <title>Tofu á l'orange</title>
+</head>
+<body>
+  <h2>Tofu á l'orange</h2>
+</body>
+</html>

spec/lib/cache_buster_spec.rb

@@ -28,14 +28,6 @@ describe CacheBuster do
     end
 
     context 'when using default options' do
-      around do |example|
-        # Disables the CacheBuster.new deprecation warning about default arguments.
-        # Remove this `silence` block when default arg support is removed from CacheBuster
-        Rails.application.deprecators[:mastodon].silence do
-          example.run
-        end
-      end
-
       include_examples 'makes_request'
     end
 

spec/services/fetch_link_card_service_spec.rb

@@ -26,6 +26,7 @@ RSpec.describe FetchLinkCardService do
     stub_request(:get, 'http://example.com/sjis_with_wrong_charset').to_return(request_fixture('sjis_with_wrong_charset.txt'))
     stub_request(:get, 'http://example.com/koi8-r').to_return(request_fixture('koi8-r.txt'))
     stub_request(:get, 'http://example.com/windows-1251').to_return(request_fixture('windows-1251.txt'))
+    stub_request(:get, 'http://example.com/low_confidence_latin1').to_return(request_fixture('low_confidence_latin1.txt'))
 
     Rails.cache.write('oembed_endpoint:example.com', oembed_cache) if oembed_cache
 
@@ -148,6 +149,14 @@ RSpec.describe FetchLinkCardService do
       end
     end
 
+    context 'with a URL of a page in ISO-8859-1 encoding, that charlock_holmes cannot detect' do
+      let(:status) { Fabricate(:status, text: 'Check out http://example.com/low_confidence_latin1') }
+
+      it 'decodes the HTML' do
+        expect(status.preview_card.title).to eq("Tofu á l'orange")
+      end
+    end
+
     context 'with a Japanese path URL' do
       let(:status) { Fabricate(:status, text: 'テストhttp://example.com/日本語') }
 

streaming/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mastodon/streaming",
   "license": "AGPL-3.0-or-later",
-  "packageManager": "yarn@4.3.0",
+  "packageManager": "yarn@4.3.1",
   "engines": {
     "node": ">=18"
   },
@@ -34,7 +34,7 @@
     "@types/cors": "^2.8.16",
     "@types/express": "^4.17.17",
     "@types/pg": "^8.6.6",
-    "@types/uuid": "^9.0.0",
+    "@types/uuid": "^10.0.0",
     "@types/ws": "^8.5.9",
     "eslint-define-config": "^2.0.0",
     "pino-pretty": "^11.0.0",

yarn.lock

@@ -2925,7 +2925,7 @@ __metadata:
     "@types/cors": "npm:^2.8.16"
     "@types/express": "npm:^4.17.17"
     "@types/pg": "npm:^8.6.6"
-    "@types/uuid": "npm:^9.0.0"
+    "@types/uuid": "npm:^10.0.0"
     "@types/ws": "npm:^8.5.9"
     bufferutil: "npm:^4.0.7"
     cors: "npm:^2.8.5"
@@ -4045,10 +4045,10 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/uuid@npm:^9.0.0":
-  version: 9.0.8
-  resolution: "@types/uuid@npm:9.0.8"
-  checksum: 10c0/b411b93054cb1d4361919579ef3508a1f12bf15b5fdd97337d3d351bece6c921b52b6daeef89b62340fd73fd60da407878432a1af777f40648cbe53a01723489
+"@types/uuid@npm:^10.0.0":
+  version: 10.0.0
+  resolution: "@types/uuid@npm:10.0.0"
+  checksum: 10c0/9a1404bf287164481cb9b97f6bb638f78f955be57c40c6513b7655160beb29df6f84c915aaf4089a1559c216557dc4d2f79b48d978742d3ae10b937420ddac60
   languageName: node
   linkType: hard