* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
Conflicts:
- `app/models/user_settings.rb`:
Upstream added a constraint on a setting textually close
to glitch-soc-only settings.
Applied upstream's change.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream added support for the `translate` attribute on a few elements,
where glitch-soc had a different set of allowed elements and attributes.
Extended glitch-soc's allowed attributes with `translate` as upstream did.
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored to use RSpec's `instance_double` instead of `double`,
but glitch-soc had changes to tests due to configurable max toot chars.
Applied upstream's changes while keeping tests against configurable max
toot chars.
Conflicts:
- `app/views/settings/profiles/show.html.haml`:
Upstream redesigned the settings page, where glitch-soc had changes because of
the ability to set some custom limits.
Went with upstream's design while keeping our custom limits.
- `yarn.lock`:
Upstream updated dependencies textually close to a glitch-soc-only dependency.
Updated the dependnencies as well.
Conflicts:
- `.github/dependabot.yml`:
Updated upstream, but we've deleted it.
Keep it deleted.
- `app/javascript/mastodon/locales/index.js`:
Reworked upstream, but the code was mostly in
`app/javascript/locales/index.js` in glitch-soc.
Updated that file accordingly.
- `app/javascript/packs/public.jsx`:
Not a real conflict, but different imports in
glitch-soc and upstream.
- `app/views/layouts/application.html.haml`:
Conflict due to locales loading and theme system
discrepancies.
Updated in our own way.
- `app/views/layouts/embedded.html.haml`:
Conflict due to locales loading and theme system
discrepancies.
Updated in our own way.
- `config/webpack/generateLocalePacks.js`:
Deleted upstream, as upstream now directly loads the
JSON at runtime.
Deleted as well, will switch to runtime loading in
an upcoming commit.
- `config/webpack/shared.js`:
Not a real conflict, but different imports in
glitch-soc and upstream.
- `config/webpack/translationRunner.js`:
Mostly deleted upstream, to be replaced with `formatjs-formatter.js`
instead.
Moved the glitch-soc logic there and deleted the file.
Conflicts:
- `.eslintrc.js`:
Upstream moved a configuration block in which we had added a glitch-only
path.
Moved the configuration block as upstream did.
- other files:
Upstream reordered imports, and those files had different ones.
Kept our version and reordered imports using the same rules.
Reactions will be backported to the vanilla
flavour, which requires all related settings to
be accessible from the vanilla settings page
rather than the glitch specific settings modal.
Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
Upstream merged our captcha code, but there are some
conflicts due to glitch-soc's theming system.
- `app/views/admin/settings/registrations/show.html.haml`:
Upstream merged our captcha code, but there are some
conflicts due to glitch-soc's theming system.
Additional changes:
- `Gemfile`:
Upstream added hcaptcha dependency in another place in the file.
- `config/settings.yml`:
Upstream added the `captcha_enabled` setting in another place in the file.
Conflicts:
- `config/webpack/generateLocalePacks.js`:
A dependency update changed how functions are imported.
Also, some linting fixes not applicable to glitch-soc.
Reactions will be backported to the vanilla
flavour, which requires all related settings to
be accessible from the vanilla settings page
rather than the glitch specific settings modal.
Conflicts:
- `app/javascript/packs/admin.jsx`:
Upstream reworked imports, but we had many changes.
Reworked imports as upstream did.
- `app/javascript/packs/public.jsx`:
Upstream reworked imports, but we had many changes.
Reworked imports as upstream did.
Conflicts:
- `.github/dependabot.yml`:
Upstream made changes, but we had removed it.
Discarded upstream changes.
- `.rubocop_todo.yml`:
Upstream regenerated the file, we had some glitch-soc-specific ignores.
- `app/models/account_statuses_filter.rb`:
Minor upstream code style change where glitch-soc had slightly different code
due to handling of local-only posts.
Updated to match upstream's code style.
- `app/models/status.rb`:
Upstream moved ActiveRecord callback definitions, glitch-soc had an extra one.
Moved the definitions as upstream did.
- `app/services/backup_service.rb`:
Upstream rewrote a lot of the backup service, glitch-soc had changes because
of exporting local-only posts.
Took upstream changes and added back code to deal with local-only posts.
- `config/routes.rb`:
Upstream split the file into different files, while glitch-soc had a few
extra routes.
Extra routes added to `config/routes/settings.rb`, `config/routes/api.rb`
and `config/routes/admin.rb`
- `db/schema.rb`:
Upstream has new migrations, while glitch-soc had an extra migration.
Updated the expected serial number to match upstream's.
- `lib/mastodon/version.rb`:
Upstream added support to set version tags from environment variables, while
glitch-soc has an extra `+glitch` tag.
Changed the code to support upstream's feature but prepending a `+glitch`.
- `spec/lib/activitypub/activity/create_spec.rb`:
Minor code style change upstream, while glitch-soc has extra tests due to
`directMessage` handling.
Applied upstream's changes while keeping glitch-soc's extra tests.
- `spec/models/concerns/account_interactions_spec.rb`:
Minor code style change upstream, while glitch-soc has extra tests.
Applied upstream's changes while keeping glitch-soc's extra tests.
