* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth
Conflicts:
- `app/lib/content_security_policy.rb`:
Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
environment variable.
Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
Conflicts:
- `app/models/form/admin_settings.rb`:
Upstream changed code style change, including on a line modified by glitch-soc.
Kept glitch-soc's line but with the code style change applied.
Conflicts:
- `Gemfile.lock`:
Conflict caused by the `json` gem thing once again.
Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
Upstream refactored a bunch of specs, including one place that differs
because of glitch-soc's theming system.
Refactored as upstream did, adapting it for glitch-soc's theming system.
Conflicts:
- `.rubocop_todo.yml`:
Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
`Metrics/AbcSize` cop.
Glitch-soc has different code and slightly higher `AbcSize` complexity,
modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
Upstream changed `account.suspended?` to `account.unavailable?` to prepare
for delete flags. Glitch-soc has additional local-only conditions.
Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
Upstream refactored a bunch of stuff while glitch-soc has more settings.
Refactored as upstream did while keeping glitch-soc's settings.
Conflicts:
- `app/views/admin/custom_emojis/new.html.haml`:
Conflict caused by glitch-soc having a different file size limit constant
name.
Updated like upstream did while keeping glitch-soc's constant name.
Conflicts:
- `app/validators/status_pin_validator.rb`:
Upstream refactored that file, while glitch-soc had configurable limits for
pinned statuses.
Updated the code with upstream's refactor, while keeping glitch-soc's
configurability.
Conflicts:
- `.github/workflows/build-nightly.yml`:
Upstream changed the environment variables used for defining the version
number. This change occurs close to lines that were modified in glitch-soc
to account for the different repositories to push to.
Ported upstream changes.
- `.github/workflows/build-push-pr.yml`:
Upstream changed the environment variables used for defining the version
number. This change occurs close to lines that were modified in glitch-soc
to account for the different repositories to push to.
Ported upstream changes.
- `lib/mastodon/version.rb`:
Upstream changed how the version string is built from environment variables.
Adapted the logic to account for the `+glitch` in glitch-soc.
Conflicts:
- `db/schema.rb`:
Upstream regenerated the schema file using Rails 7, the conflicts are
caused by our extra columns.
Applied upstream's changes, but keeping our extra columns.
Conflicts:
- app/controllers/application_controller.rb:
Upstream added an `include` where we had an extra `include` due to
glitch-soc's theming system.
Added upstream's new `include`.
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
