Conflicts:
- `spec/lib/sanitize/config_spec.rb`:
Upstream rewrote top-level `describe` calls to `RSpec.describe`, and
glitch-soc had differences in the first few tests because of the wider
subset of HTML it accepts.
Changed `describe` to `RSpec.describe` as upstream did, keeping
glitch-soc's tests.
Conflicts:
- `spec/requests/api/v1/timelines/tag_spec.rb`:
Upstream refactored this file, while we had a change to switch a default setting.
Updated as upstream did.
- `spec/views/statuses/show.html.haml_spec.rb`:
Upstream refactored this file, while we stubbed different methods.
Updated as upstream did, and updated the stubs accordingly.
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
Upstream added a test for a new attribute, next to a line we modified
in glitch-soc because of a different default value.
Updated as upstream's did, keeping glitch-soc's default value.
Conflicts:
- `app/javascript/material-icons/400-24px/chat.svg`:
Glitch-soc used this one but not upstream.
Upstream pulled a presumably more up-to-date version of the file.
Switched to upstream's version.
- `app/views/layouts/application.html.haml`:
Upstream removed use of font-awesome.
I hope we are ready.
- `app/views/layouts/embedded.html.haml`:
Upstream removed use of font-awesome.
I hope we are ready.
- `app/views/layouts/error.html.haml`:
Upstream removed use of font-awesome.
I hope we are ready.
Conflicts:
- `package.json`:
Upstream removed their direct dependency `autoprefixer`, which was textually adjacent
to glitch-soc-only dependency `atrament`.
Removed direct dependency on `autoprefixer`.
- `yarn.lock`:
Upstream removed their direct dependency `autoprefixer`, which was textually adjacent
to glitch-soc-only dependency `atrament`.
Removed direct dependency on `autoprefixer`.
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
Conflict because glitch-soc has a different list of allowed tags.
Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
Conflict because of glitch-soc's default settings.
Updated accordingly.
* Fix insufficient permission checking for public timeline endpoints
Note that this changes unauthenticated access failure code from 401 to 422
* Add more tests for public timelines
* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
