forked from e621ng/e621ng
abce4d2551
Fail loudly if we forget to whitelist a param instead of silently ignoring it. misc models: convert to strong params. artist commentaries: convert to strong params. * Disallow changing or setting post_id to a nonexistent post. artists: convert to strong params. * Disallow setting `is_banned` in create/update actions. Changing it this way instead of with the ban/unban actions would leave the artist in a partially banned state. bans: convert to strong params. * Disallow changing the user_id after the ban has been created. comments: convert to strong params. favorite groups: convert to strong params. news updates: convert to strong params. post appeals: convert to strong params. post flags: convert to strong params. * Disallow users from setting the `is_deleted` / `is_resolved` flags. ip bans: convert to strong params. user feedbacks: convert to strong params. * Disallow users from setting `disable_dmail_notification` when creating feedbacks. * Disallow changing the user_id after the feedback has been created. notes: convert to strong params. wiki pages: convert to strong params. * Also fix non-Builders being able to delete wiki pages. saved searches: convert to strong params. pools: convert to strong params. * Disallow setting `post_count` or `is_deleted` in create/update actions. janitor trials: convert to strong params. post disapprovals: convert to strong params. * Factor out quick-mod bar to shared partial. * Fix quick-mod bar to use `Post#is_approvable?` to determine visibility of Approve button. dmail filters: convert to strong params. password resets: convert to strong params. user name change requests: convert to strong params. posts: convert to strong params. users: convert to strong params. * Disallow setting password_hash, last_logged_in_at, last_forum_read_at, has_mail, and dmail_filter_attributes[user_id]. * Remove initialize_default_image_size (dead code). uploads: convert to strong params. * Remove `initialize_status` because status already defaults to pending in the database. tag aliases/implications: convert to strong params. tags: convert to strong params. forum posts: convert to strong params. * Disallow changing the topic_id after creating the post. * Disallow setting is_deleted (destroy/undelete actions should be used instead). * Remove is_sticky / is_locked (nonexistent attributes). forum topics: convert to strong params. * merges https://github.com/evazion/danbooru/tree/wip-rails-5.1 * lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4) * switch to factorybot and change all references Co-authored-by: r888888888 <r888888888@gmail.com> Co-authored-by: evazion <noizave@gmail.com> add diffs
495 lines
11 KiB
Plaintext
495 lines
11 KiB
Plaintext
GIT
|
|
remote: https://github.com/abronte/BigQuery.git
|
|
revision: b92b4e0b54574e3fde7ad910f39a67538ed387ad
|
|
ref: b92b4e0b54574e3fde7ad910f39a67538ed387ad
|
|
specs:
|
|
bigquery (0.9.0)
|
|
google-api-client (~> 0.9.3)
|
|
googleauth (~> 0.5.0)
|
|
|
|
GIT
|
|
remote: https://github.com/r888888888/dtext_rb.git
|
|
revision: 47f238ec378be0933fcd7eccf1904fbd1f8d8613
|
|
specs:
|
|
dtext_rb (1.7.0)
|
|
nokogiri (~> 1.8)
|
|
|
|
GIT
|
|
remote: https://github.com/r888888888/ruby-imagespec.git
|
|
revision: 2dab9811f4abb4fbaeea66feb42e388ba545b2d8
|
|
branch: exif-fixes
|
|
specs:
|
|
ruby-imagespec (0.3.1)
|
|
|
|
GEM
|
|
remote: https://rubygems.org/
|
|
specs:
|
|
actioncable (5.1.6)
|
|
actionpack (= 5.1.6)
|
|
nio4r (~> 2.0)
|
|
websocket-driver (~> 0.6.1)
|
|
actionmailer (5.1.6)
|
|
actionpack (= 5.1.6)
|
|
actionview (= 5.1.6)
|
|
activejob (= 5.1.6)
|
|
mail (~> 2.5, >= 2.5.4)
|
|
rails-dom-testing (~> 2.0)
|
|
actionpack (5.1.6)
|
|
actionview (= 5.1.6)
|
|
activesupport (= 5.1.6)
|
|
rack (~> 2.0)
|
|
rack-test (>= 0.6.3)
|
|
rails-dom-testing (~> 2.0)
|
|
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
|
actionview (5.1.6)
|
|
activesupport (= 5.1.6)
|
|
builder (~> 3.1)
|
|
erubi (~> 1.4)
|
|
rails-dom-testing (~> 2.0)
|
|
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
|
activejob (5.1.6)
|
|
activesupport (= 5.1.6)
|
|
globalid (>= 0.3.6)
|
|
activemodel (5.1.6)
|
|
activesupport (= 5.1.6)
|
|
activemodel-serializers-xml (1.0.2)
|
|
activemodel (> 5.x)
|
|
activesupport (> 5.x)
|
|
builder (~> 3.1)
|
|
activerecord (5.1.6)
|
|
activemodel (= 5.1.6)
|
|
activesupport (= 5.1.6)
|
|
arel (~> 8.0)
|
|
activesupport (5.1.6)
|
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
i18n (>= 0.7, < 2)
|
|
minitest (~> 5.1)
|
|
tzinfo (~> 1.1)
|
|
addressable (2.5.2)
|
|
public_suffix (>= 2.0.2, < 4.0)
|
|
airbrussh (1.3.0)
|
|
sshkit (>= 1.6.1, != 1.7.0)
|
|
arel (8.0.0)
|
|
awesome_print (1.8.0)
|
|
aws-sdk (2.10.125)
|
|
aws-sdk-resources (= 2.10.125)
|
|
aws-sdk-core (2.10.125)
|
|
aws-sigv4 (~> 1.0)
|
|
jmespath (~> 1.0)
|
|
aws-sdk-resources (2.10.125)
|
|
aws-sdk-core (= 2.10.125)
|
|
aws-sigv4 (1.0.2)
|
|
bcrypt (3.1.11)
|
|
bcrypt (3.1.11-x64-mingw32)
|
|
bootsnap (1.1.8)
|
|
msgpack (~> 1.0)
|
|
buftok (0.2.0)
|
|
builder (3.2.3)
|
|
byebug (10.0.2)
|
|
capistrano (3.10.1)
|
|
airbrussh (>= 1.0.0)
|
|
i18n
|
|
rake (>= 10.0.0)
|
|
sshkit (>= 1.9.0)
|
|
capistrano-bundler (1.3.0)
|
|
capistrano (~> 3.1)
|
|
sshkit (~> 1.2)
|
|
capistrano-deploytags (1.0.7)
|
|
capistrano (>= 3.7.0)
|
|
capistrano-rails (1.3.1)
|
|
capistrano (~> 3.1)
|
|
capistrano-bundler (~> 1.1)
|
|
capistrano-rbenv (2.1.3)
|
|
capistrano (~> 3.1)
|
|
sshkit (~> 1.3)
|
|
capistrano3-unicorn (0.2.1)
|
|
capistrano (~> 3.1, >= 3.1.0)
|
|
chronic (0.10.2)
|
|
cityhash (0.9.0)
|
|
coderay (1.1.2)
|
|
concurrent-ruby (1.0.5)
|
|
crack (0.4.3)
|
|
safe_yaml (~> 1.0.0)
|
|
crass (1.0.3)
|
|
daemons (1.2.6)
|
|
dalli (2.7.6)
|
|
delayed_job (4.1.4)
|
|
activesupport (>= 3.0, < 5.2)
|
|
delayed_job_active_record (4.1.2)
|
|
activerecord (>= 3.0, < 5.2)
|
|
delayed_job (>= 3.0, < 5)
|
|
diff-lcs (1.3)
|
|
docile (1.1.5)
|
|
domain_name (0.5.20170404)
|
|
unf (>= 0.0.5, < 1.0.0)
|
|
dotenv (2.2.1)
|
|
dotenv-rails (2.2.1)
|
|
dotenv (= 2.2.1)
|
|
railties (>= 3.2, < 5.2)
|
|
equalizer (0.0.11)
|
|
erubi (1.7.1)
|
|
execjs (2.7.0)
|
|
factory_bot (4.8.2)
|
|
activesupport (>= 3.0.0)
|
|
faraday (0.12.2)
|
|
multipart-post (>= 1.2, < 3)
|
|
ffaker (2.8.1)
|
|
ffi (1.9.18)
|
|
ffi (1.9.18-x64-mingw32)
|
|
ffi-win32-extensions (1.0.3)
|
|
ffi
|
|
foreman (0.63.0)
|
|
dotenv (>= 0.7)
|
|
thor (>= 0.13.6)
|
|
foreman (0.63.0-mingw32)
|
|
dotenv (>= 0.7)
|
|
thor (>= 0.13.6)
|
|
win32console (~> 1.3.0)
|
|
get_process_mem (0.2.1)
|
|
globalid (0.4.1)
|
|
activesupport (>= 4.2.0)
|
|
google-api-client (0.9.28)
|
|
addressable (~> 2.3)
|
|
googleauth (~> 0.5)
|
|
httpclient (~> 2.7)
|
|
hurley (~> 0.1)
|
|
memoist (~> 0.11)
|
|
mime-types (>= 1.6)
|
|
representable (~> 2.3.0)
|
|
retriable (~> 2.0)
|
|
googleauth (0.5.3)
|
|
faraday (~> 0.12)
|
|
jwt (~> 1.4)
|
|
logging (~> 2.0)
|
|
memoist (~> 0.12)
|
|
multi_json (~> 1.11)
|
|
os (~> 0.9)
|
|
signet (~> 0.7)
|
|
hashdiff (0.3.7)
|
|
highline (1.7.10)
|
|
http (3.0.0)
|
|
addressable (~> 2.3)
|
|
http-cookie (~> 1.0)
|
|
http-form_data (>= 2.0.0.pre.pre2, < 3)
|
|
http_parser.rb (~> 0.6.0)
|
|
http-cookie (1.0.3)
|
|
domain_name (~> 0.5)
|
|
http-form_data (2.0.0)
|
|
http_parser.rb (0.6.0)
|
|
httparty (0.15.6)
|
|
multi_xml (>= 0.5.2)
|
|
httpclient (2.8.3)
|
|
hurley (0.2)
|
|
i18n (1.0.0)
|
|
concurrent-ruby (~> 1.0)
|
|
jmespath (1.3.1)
|
|
json (2.1.0)
|
|
jwt (1.5.6)
|
|
kgio (2.11.2)
|
|
libv8 (3.16.14.19)
|
|
listen (3.1.5)
|
|
rb-fsevent (~> 0.9, >= 0.9.4)
|
|
rb-inotify (~> 0.9, >= 0.9.7)
|
|
ruby_dep (~> 1.2)
|
|
little-plugger (1.1.4)
|
|
logging (2.2.2)
|
|
little-plugger (~> 1.1)
|
|
multi_json (~> 1.10)
|
|
loofah (2.2.2)
|
|
crass (~> 1.0.2)
|
|
nokogiri (>= 1.5.9)
|
|
mail (2.7.0)
|
|
mini_mime (>= 0.1.1)
|
|
mechanize (2.7.5)
|
|
domain_name (~> 0.5, >= 0.5.1)
|
|
http-cookie (~> 1.0)
|
|
mime-types (>= 1.17.2)
|
|
net-http-digest_auth (~> 1.1, >= 1.1.1)
|
|
net-http-persistent (~> 2.5, >= 2.5.2)
|
|
nokogiri (~> 1.6)
|
|
ntlm-http (~> 0.1, >= 0.1.1)
|
|
webrobots (>= 0.0.9, < 0.2)
|
|
memcache-client (1.8.5)
|
|
memcache_mock (0.0.14)
|
|
memoist (0.16.0)
|
|
memoizable (0.4.2)
|
|
thread_safe (~> 0.3, >= 0.3.1)
|
|
metaclass (0.0.4)
|
|
method_source (0.9.0)
|
|
mime-types (3.1)
|
|
mime-types-data (~> 3.2015)
|
|
mime-types-data (3.2016.0521)
|
|
mini_mime (1.0.0)
|
|
mini_portile2 (2.3.0)
|
|
minitest (5.11.3)
|
|
mocha (1.3.0)
|
|
metaclass (~> 0.0.1)
|
|
msgpack (1.2.2)
|
|
msgpack (1.2.2-x64-mingw32)
|
|
multi_json (1.13.1)
|
|
multi_xml (0.6.0)
|
|
multipart-post (2.0.0)
|
|
naught (1.1.0)
|
|
net-http-digest_auth (1.4.1)
|
|
net-http-persistent (2.9.4)
|
|
net-scp (1.2.1)
|
|
net-ssh (>= 2.6.5)
|
|
net-sftp (2.1.2)
|
|
net-ssh (>= 2.6.5)
|
|
net-ssh (4.2.0)
|
|
newrelic_rpm (4.8.0.341)
|
|
nio4r (2.3.0)
|
|
nokogiri (1.8.2)
|
|
mini_portile2 (~> 2.3.0)
|
|
nokogiri (1.8.2-x64-mingw32)
|
|
mini_portile2 (~> 2.3.0)
|
|
nokogumbo (1.5.0)
|
|
nokogiri
|
|
ntlm-http (0.1.1)
|
|
oauth2 (1.4.0)
|
|
faraday (>= 0.8, < 0.13)
|
|
jwt (~> 1.0)
|
|
multi_json (~> 1.3)
|
|
multi_xml (~> 0.5)
|
|
rack (>= 1.2, < 3)
|
|
os (0.9.6)
|
|
pg (0.21.0)
|
|
pg (0.21.0-x64-mingw32)
|
|
pry (0.11.3)
|
|
coderay (~> 1.1.0)
|
|
method_source (~> 0.9.0)
|
|
pry-byebug (3.6.0)
|
|
byebug (~> 10.0)
|
|
pry (~> 0.10)
|
|
ptools (1.3.5)
|
|
ptools (1.3.5-universal-mingw32)
|
|
win32-file (>= 0.7.0)
|
|
public_suffix (3.0.1)
|
|
rack (2.0.4)
|
|
rack-test (1.0.0)
|
|
rack (>= 1.0, < 3)
|
|
radix62 (1.0.1)
|
|
rails (5.1.6)
|
|
actioncable (= 5.1.6)
|
|
actionmailer (= 5.1.6)
|
|
actionpack (= 5.1.6)
|
|
actionview (= 5.1.6)
|
|
activejob (= 5.1.6)
|
|
activemodel (= 5.1.6)
|
|
activerecord (= 5.1.6)
|
|
activesupport (= 5.1.6)
|
|
bundler (>= 1.3.0)
|
|
railties (= 5.1.6)
|
|
sprockets-rails (>= 2.0.0)
|
|
rails-dom-testing (2.0.3)
|
|
activesupport (>= 4.2.0)
|
|
nokogiri (>= 1.6)
|
|
rails-html-sanitizer (1.0.4)
|
|
loofah (~> 2.2, >= 2.2.2)
|
|
railties (5.1.6)
|
|
actionpack (= 5.1.6)
|
|
activesupport (= 5.1.6)
|
|
method_source
|
|
rake (>= 0.8.7)
|
|
thor (>= 0.18.1, < 2.0)
|
|
raindrops (0.19.0)
|
|
rake (12.3.1)
|
|
rakismet (1.5.4)
|
|
rb-fsevent (0.10.2)
|
|
rb-inotify (0.9.10)
|
|
ffi (>= 0.5.0, < 2)
|
|
recaptcha (4.6.4)
|
|
json
|
|
ref (2.0.0)
|
|
representable (2.3.0)
|
|
uber (~> 0.0.7)
|
|
responders (2.4.0)
|
|
actionpack (>= 4.2.0, < 5.3)
|
|
railties (>= 4.2.0, < 5.3)
|
|
retriable (2.1.0)
|
|
ruby-prof (0.17.0)
|
|
ruby-vips (2.0.9)
|
|
ffi (~> 1.9)
|
|
ruby_dep (1.5.0)
|
|
rubyzip (1.2.1)
|
|
safe_yaml (1.0.4)
|
|
sanitize (4.6.0)
|
|
crass (~> 1.0.2)
|
|
nokogiri (>= 1.4.4)
|
|
nokogumbo (~> 1.4)
|
|
sass (3.5.5)
|
|
sass-listen (~> 4.0.0)
|
|
sass-listen (4.0.0)
|
|
rb-fsevent (~> 0.9, >= 0.9.4)
|
|
rb-inotify (~> 0.9, >= 0.9.7)
|
|
sass-rails (5.0.7)
|
|
railties (>= 4.0.0, < 6)
|
|
sass (~> 3.1)
|
|
sprockets (>= 2.8, < 4.0)
|
|
sprockets-rails (>= 2.0, < 4.0)
|
|
tilt (>= 1.1, < 3)
|
|
shoulda-context (1.2.2)
|
|
shoulda-matchers (3.1.2)
|
|
activesupport (>= 4.0.0)
|
|
signet (0.8.1)
|
|
addressable (~> 2.3)
|
|
faraday (~> 0.9)
|
|
jwt (>= 1.5, < 3.0)
|
|
multi_json (~> 1.10)
|
|
simple_form (3.5.0)
|
|
actionpack (> 4, < 5.2)
|
|
activemodel (> 4, < 5.2)
|
|
simple_oauth (0.3.1)
|
|
simplecov (0.15.1)
|
|
docile (~> 1.1.0)
|
|
json (>= 1.8, < 3)
|
|
simplecov-html (~> 0.10.0)
|
|
simplecov-html (0.10.2)
|
|
sprockets (3.7.1)
|
|
concurrent-ruby (~> 1.0)
|
|
rack (> 1, < 3)
|
|
sprockets-rails (3.2.1)
|
|
actionpack (>= 4.0)
|
|
activesupport (>= 4.0)
|
|
sprockets (>= 3.0.0)
|
|
sshkit (1.15.1)
|
|
net-scp (>= 1.1.2)
|
|
net-ssh (>= 2.8.0)
|
|
statistics2 (0.54)
|
|
streamio-ffmpeg (3.0.2)
|
|
multi_json (~> 1.8)
|
|
stripe (3.9.1)
|
|
faraday (~> 0.10)
|
|
term-ansicolor (1.6.0)
|
|
tins (~> 1.0)
|
|
therubyracer (0.12.3)
|
|
libv8 (~> 3.16.14.15)
|
|
ref
|
|
thor (0.20.0)
|
|
thread_safe (0.3.6)
|
|
tilt (2.0.8)
|
|
timecop (0.9.1)
|
|
tins (1.16.3)
|
|
twitter (6.2.0)
|
|
addressable (~> 2.3)
|
|
buftok (~> 0.2.0)
|
|
equalizer (~> 0.0.11)
|
|
http (~> 3.0)
|
|
http-form_data (~> 2.0)
|
|
http_parser.rb (~> 0.6.0)
|
|
memoizable (~> 0.4.0)
|
|
multipart-post (~> 2.0)
|
|
naught (~> 1.0)
|
|
simple_oauth (~> 0.3.0)
|
|
tzinfo (1.2.5)
|
|
thread_safe (~> 0.1)
|
|
tzinfo-data (1.2018.3)
|
|
tzinfo (>= 1.0.0)
|
|
uber (0.0.15)
|
|
uglifier (4.1.5)
|
|
execjs (>= 0.3.0, < 3)
|
|
unf (0.1.4)
|
|
unf_ext
|
|
unf_ext (0.0.7.4)
|
|
unf_ext (0.0.7.4-x64-mingw32)
|
|
unicorn (5.4.0)
|
|
kgio (~> 2.6)
|
|
raindrops (~> 0.7)
|
|
unicorn-worker-killer (0.4.4)
|
|
get_process_mem (~> 0)
|
|
unicorn (>= 4, < 6)
|
|
webmock (3.3.0)
|
|
addressable (>= 2.3.6)
|
|
crack (>= 0.3.2)
|
|
hashdiff
|
|
webrobots (0.1.2)
|
|
websocket-driver (0.6.5)
|
|
websocket-extensions (>= 0.1.0)
|
|
websocket-extensions (0.1.3)
|
|
whenever (0.10.0)
|
|
chronic (>= 0.6.3)
|
|
win32-file (0.8.1)
|
|
ffi
|
|
ffi-win32-extensions
|
|
win32-file-stat (>= 1.4.0)
|
|
win32-file-stat (1.5.5)
|
|
ffi
|
|
ffi-win32-extensions
|
|
win32console (1.3.2)
|
|
|
|
PLATFORMS
|
|
ruby
|
|
x64-mingw32
|
|
|
|
DEPENDENCIES
|
|
activemodel-serializers-xml
|
|
addressable
|
|
awesome_print
|
|
aws-sdk (~> 2)
|
|
bcrypt
|
|
bigquery!
|
|
bootsnap
|
|
capistrano (~> 3.10)
|
|
capistrano-deploytags (~> 1.0.0)
|
|
capistrano-rails
|
|
capistrano-rbenv
|
|
capistrano3-unicorn
|
|
cityhash
|
|
daemons
|
|
dalli
|
|
delayed_job
|
|
delayed_job_active_record
|
|
diff-lcs
|
|
dotenv-rails
|
|
dtext_rb!
|
|
factory_bot
|
|
ffaker
|
|
foreman
|
|
google-api-client
|
|
highline
|
|
httparty
|
|
listen
|
|
mechanize
|
|
memcache-client
|
|
memcache_mock
|
|
memoist
|
|
mocha
|
|
net-sftp
|
|
newrelic_rpm
|
|
oauth2
|
|
pg
|
|
pry-byebug
|
|
ptools
|
|
radix62 (~> 1.0.1)
|
|
rails (~> 5.1)
|
|
rakismet
|
|
recaptcha
|
|
responders
|
|
ruby-imagespec!
|
|
ruby-prof
|
|
ruby-vips
|
|
rubyzip
|
|
sanitize
|
|
sass-rails
|
|
shoulda-context
|
|
shoulda-matchers
|
|
simple_form
|
|
simplecov
|
|
sprockets-rails
|
|
statistics2
|
|
streamio-ffmpeg
|
|
stripe
|
|
term-ansicolor
|
|
therubyracer
|
|
timecop
|
|
twitter
|
|
tzinfo-data
|
|
uglifier
|
|
unicorn
|
|
unicorn-worker-killer
|
|
webmock
|
|
whenever
|
|
|
|
BUNDLED WITH
|
|
1.16.1
|