Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
Conflict because glitch-soc has a different list of allowed tags.
Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
Conflict because of glitch-soc's default settings.
Updated accordingly.
* Fix insufficient permission checking for public timeline endpoints
Note that this changes unauthenticated access failure code from 401 to 422
* Add more tests for public timelines
* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
Conflicts:
- `yarn.lock`:
Not a real conflict, just a line adjacent to a glitch-soc only dependency
getting updated.
Updated dependencies as upstream did.
Conflicts:
- `app/controllers/activitypub/collections_controller.rb`:
Upstream renamed a helper method everywhere.
There was one glitch-soc line involving changes because of the local-only post
feature.
Ported upstream's change.
Conflicts:
- `app/helpers/application_helper.rb`:
Not a real conflict, upstream added helpers right next to glitch-soc only
helpers.
Added upstream's helpers.
- `spec/models/status_spec.rb`:
Not a real conflict, upstream added specs right next to glitch-soc only
specs.
Added upstream's tests.
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
Switched to using upstream's implementation of the tests.
Conflicts:
- `app/models/account.rb`:
Upstream refactored this file a bit, moving validation limits to constants.
We already had a similar change, although with different constant names.
Updated to match upstream's code.
The following files were also modified accordingly:
- `app/views/settings/profiles/show.html.haml`
- `spec/requests/api/v1/accounts/credentials_spec.rb`
Conflicts:
- `app/controllers/accounts_controller.rb`:
Conflict due to glitch-soc's local-only posting feature.
Refactored as upstream did but kept local changes.
- `app/lib/account_statuses_filter.rb`:
Conflict due to glitch-soc's local-only posting feature.
Refactored as upstream did but kept local changes.
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
Conflict due to glitch-soc having a different default site name.
Updated the tests as upstream did, keeping glitch-soc's default name.
Conflicts:
- `app/lib/themes.rb`
- `app/views/layouts/application.html.haml`
- `app/views/layouts/embedded.html.haml`
- `app/views/layouts/error.html.haml`
- `config/settings.yml`
All these conflicts are because glitch-soc and upstream have different theming
systems and upstream changed a few things to have dynamic theme selection based
on system settings.
Conflicts were solved to take that into account, and `current_theme` has been
changed in the process to return a tuple of `[flavour, skin]` to be used in
the `theme_style_tags` helper.
Packs are now loaded from views, just like upstream, and are
identified by their filenames. The definition of `theme.yml` has
changed as such:
- `pack_directory` is now required
- `pack` is now unused
- `signed_in_preload` has been introduced
Remove the `fallback` property and do not fallback to using another flavour
when a pack is not available in the selected flavour.
Flavours should define all packs, and should they wish to piggy-back on
another one, they can import that other one's pack explicitly instead.
Conflicts:
- `package.json`:
Upstream updated a dependency that is on an adjacent line to a
glitch-soc-only dependency in that file.
Updated as upstream did.
- `yarn.lock`:
Upstream updated a dependency that is on an adjacent line to a
glitch-soc-only dependency in that file.
Updated as upstream did.
Conflicts:
- `config/routes/api.rb`:
glitch-soc has an extra `:destroy` action on notifications for historical reasons.
Kept it for now, while otherwise updating as upstream did.
Conflicts:
- `app/controllers/application_controller.rb`:
Not a real conflict, upstream fixed a bug in a line adjacent to code
modified by glitch-soc.
Ported upstream's change.
Conflicts:
- `Gemfile.lock`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
- `README.md`:
Upstream updated its README, we have a completely different one.
Kept glitch-soc's README.
- `app/models/account.rb`:
Not a real conflict, upstream updated some lines textually adjacent
to glitch-soc-specific lines.
Ported upstream's changes.
Conflicts:
- `.github/workflows/build-security.yml`:
Changes were already cherry-picked and adapted in glitch-soc.
Kept glitch-soc's version.
- `Gemfile.lock`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth
* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth