* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
Conflicts:
- `app/models/user_settings.rb`:
Upstream added a constraint on a setting textually close
to glitch-soc-only settings.
Applied upstream's change.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream added support for the `translate` attribute on a few elements,
where glitch-soc had a different set of allowed elements and attributes.
Extended glitch-soc's allowed attributes with `translate` as upstream did.
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored to use RSpec's `instance_double` instead of `double`,
but glitch-soc had changes to tests due to configurable max toot chars.
Applied upstream's changes while keeping tests against configurable max
toot chars.
* Re-allow title attribute in <abbr>
This was accidentally removed in 7623e18124
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
* Add test
Add a new test to check that title attribute on <abbr> is kept.
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
---------
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
Conflicts:
- `.github/dependabot.yml`:
We deleted it.
Kept it removed.
- `app/javascript/packs/public.jsx`:
Upstream changed an import, we have slightly different ones.
Ported upstream changes.
Conflicts:
- `.github/dependabot.yml`:
Upstream made changes, but we had removed it.
Discarded upstream changes.
- `.rubocop_todo.yml`:
Upstream regenerated the file, we had some glitch-soc-specific ignores.
- `app/models/account_statuses_filter.rb`:
Minor upstream code style change where glitch-soc had slightly different code
due to handling of local-only posts.
Updated to match upstream's code style.
- `app/models/status.rb`:
Upstream moved ActiveRecord callback definitions, glitch-soc had an extra one.
Moved the definitions as upstream did.
- `app/services/backup_service.rb`:
Upstream rewrote a lot of the backup service, glitch-soc had changes because
of exporting local-only posts.
Took upstream changes and added back code to deal with local-only posts.
- `config/routes.rb`:
Upstream split the file into different files, while glitch-soc had a few
extra routes.
Extra routes added to `config/routes/settings.rb`, `config/routes/api.rb`
and `config/routes/admin.rb`
- `db/schema.rb`:
Upstream has new migrations, while glitch-soc had an extra migration.
Updated the expected serial number to match upstream's.
- `lib/mastodon/version.rb`:
Upstream added support to set version tags from environment variables, while
glitch-soc has an extra `+glitch` tag.
Changed the code to support upstream's feature but prepending a `+glitch`.
- `spec/lib/activitypub/activity/create_spec.rb`:
Minor code style change upstream, while glitch-soc has extra tests due to
`directMessage` handling.
Applied upstream's changes while keeping glitch-soc's extra tests.
- `spec/models/concerns/account_interactions_spec.rb`:
Minor code style change upstream, while glitch-soc has extra tests.
Applied upstream's changes while keeping glitch-soc's extra tests.
Conflicts:
- `app/javascript/styles/mastodon/forms.scss`:
Conflict because we ran eslint autofix on upstream files.
- `config/initializers/content_security_policy.rb`:
Code style changes but we have a different version.
Kept our version.
- `streaming/index.js`:
Upstream fixed a typo close to glitch-soc-only code.
Applied upstream's changes.
Conflicts:
- `.github/dependabot.yml`:
Updated upstream, removed in glitch-soc to disable noise.
Kept removed.
- `CODE_OF_CONDUCT.md`:
Upstream updated to a new version of the covenant, but I have not read it
yet, so kept unchanged.
- `Gemfile.lock`:
Not a real conflict, one upstream dependency updated textually too close to
the glitch-soc only `hcaptcha` dependency.
Applied upstream changes.
- `app/controllers/admin/base_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/application_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/disputes/base_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/relationships_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/statuses_cleanup_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/helpers/application_helper.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/javascript/mastodon/features/compose/components/compose_form.jsx`:
Upstream added a highlight animation for onboarding, while we changed the
max character limit.
Applied our local changes on top of upstream's new version.
- `app/views/layouts/application.html.haml`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `stylelint.config.js`:
Upstream added ignore paths, glitch-soc had extra ignore paths.
Added the same paths as upstream.
Conflicts:
- `app/controllers/auth/setup_controller.rb`:
Upstream removed a method close to a glitch-soc theming-related method.
Removed the method like upstream did.
Conflicts:
- `package.json`:
Upstream removed a dependency that was textually close to a glitch-soc-only
dependency.
Removed the dependency as upstream did, while keeping the glitch-soc-only
dependency.
* Run rubocop --autocorrect on app/, config/ and lib/, also manually fix some remaining style issues
* Run rubocop --autocorrect-all on db/
* Run rubocop --autocorrect-all on `spec/` and fix remaining issues
Conflicts:
- `README.md`:
Upstream added a link to the roadmap, but we have a completely different README.
Kept ours.
- `app/models/media_attachment.rb`:
Upstream upped media attachment limits.
Updated the default according to upstream's.
- `db/migrate/20180831171112_create_bookmarks.rb`:
Upstream changed the migration compatibility level.
Did so too.
- `config/initializers/content_security_policy.rb`:
Upstream refactored this file but we have a different version.
Kept our version.
- `app/controllers/settings/preferences_controller.rb`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
The file does not directly references individual settings anymore.
Applied upstream changes.
- `app/lib/user_settings_decorator.rb`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
The file got removed entirely.
Removed it as well.
- `app/models/user.rb`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
References to individual settings have been removed from the file.
Removed them as well.
- `app/views/settings/preferences/appearance/show.html.haml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
Applied upstream's changes and ported ours back.
- `app/views/settings/preferences/notifications/show.html.haml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
Applied upstream's changes and ported ours back.
- `app/views/settings/preferences/other/show.html.haml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
Applied upstream's changes and ported ours back.
- `config/settings.yml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
In particular, upstream removed user-specific and unused settings.
Did the same in glitch-soc.
- `spec/controllers/application_controller_spec.rb`:
Conflicts due to glitch-soc's theming system.
Mostly kept our version, as upstream messed up the tests.
Conflicts:
- `app/models/status.rb`:
Upstream added lines close to a glitch-soc only line, not a real conflict.
Applied upstream's changes (added hooks) while keeping glitch-soc's changes
(`local_only` scope).
- `config/environments/production.rb`:
Upstream removed a header, while we have glitch-soc specific ones.
Removed the header removed upstream.
Conflicts:
- `README.md`:
Upstream changed their README, we have our own.
Kept ours.
- `app/helpers/application_helper.rb`:
Minor code style fix upstream, on a line that is different in glitch-soc
due to the different theming system.
Applied the code style fix to our own code.
- `app/views/settings/preferences/appearance/show.html.haml`:
Code style fix on a line next to lines exclusive to glitch-soc.
Applied upstream changes.
- `yarn.lock`:
Upstream updated a dependency textually close to a glitch-soc-only
dependency.
Updated the dependency like upstream did.
Conflicts:
- `.github/workflows/build-image.yml`:
Upstream switched to pushing to both DockerHub and GitHub Container
Repository, while glitch-soc was already pushing to the latter only.
Updated our configuration to be slightly more consistent with upstream's
naming and styling, but kept our behavior.
- `Gemfile.lock`:
Updated dependencies textually too close to glitch-soc only hcaptcha
dependency.
Updated dependencies as upstream did.
- `README.md`:
Upstream updated its README, but we have a completely different one.
Kept our README, though it probably should be reworked at some point.
- `app/views/auth/sessions/two_factor.html.haml`:
Minor style fix upstream that's on a line glitch-soc removed because
of its different theming system.
Kept our file as is.
- `spec/controllers/health_controller_spec.rb`:
This file apparently did not exist upstream, upstream created it with
different contents but it is functionally the same.
Switched to upstream's version of the file.
- `spec/presenters/instance_presenter_spec.rb`:
Upstream changed the specs around `GITHUB_REPOSITORY`, while glitch-soc
had its own code because it's a fork and does not have the same default
source URL.
Took upstream's change, but with glitch-soc's repo as the default case.
- `yarn.lock`:
Upstream dependencies textually too close to a glitch-soc only one.
Updated dependencies as upstream did.
Conflicts:
- `README.md`:
Upstream README has been changed, but we have a completely different one.
Kept our `README.md`.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream added support for more incoming HTML tags (a large subset of what
glitch-soc accepts).
Change the code style to match upstream's but otherwise do not change our
code.
- `spec/lib/sanitize_config_spec.rb`:
Upstream added support for more incoming HTML tags (a large subset of what
glitch-soc accepts).
Kept our version, since the tests are mostly glitch-soc's, except for cases
which are purposefuly different.
Conflicts:
- `.prettierignore`:
Upstream added a line at the end of the file, while glitch-soc had its own
extra lines.
Took upstream's change.
- `CONTRIBUTING.md`:
We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes.
Ported upstream changes.
- `app/controllers/application_controller.rb`:
Upstream made code style changes in a method that is entirely replaced
in glitch-soc.
Ignored the change.
- `app/models/account.rb`:
Code style changes textually close to glitch-soc-specific changes.
Ported upstream changes.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream code style changes.
Ignored them.
Conflicts:
- `.github/dependabot.yml`:
Upstream made changes while we have dropped this file.
Keep the file deleted.
- `.prettierignore`:
Upstream made changes at the end of the file, where we
had our extra lines.
Just moved our extra lines back at the end.
- `app/serializers/initial_state_serializer.rb`:
Upstream code style changes.
Applied them.
- `app/services/backup_service.rb`:
Upstream code style changes.
Applied them.