* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
Conflicts:
- `app/models/user_settings.rb`:
Upstream added a constraint on a setting textually close
to glitch-soc-only settings.
Applied upstream's change.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream added support for the `translate` attribute on a few elements,
where glitch-soc had a different set of allowed elements and attributes.
Extended glitch-soc's allowed attributes with `translate` as upstream did.
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored to use RSpec's `instance_double` instead of `double`,
but glitch-soc had changes to tests due to configurable max toot chars.
Applied upstream's changes while keeping tests against configurable max
toot chars.
* Re-allow title attribute in <abbr>
This was accidentally removed in 7623e18124
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
* Add test
Add a new test to check that title attribute on <abbr> is kept.
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
---------
Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
Conflicts:
- `app/views/settings/profiles/show.html.haml`:
Upstream redesigned the settings page, where glitch-soc had changes because of
the ability to set some custom limits.
Went with upstream's design while keeping our custom limits.
- `yarn.lock`:
Upstream updated dependencies textually close to a glitch-soc-only dependency.
Updated the dependnencies as well.
Conflicts:
- `app/views/settings/preferences/appearance/show.html.haml`:
Upstream fixed a translation bug in the theme selector that is absent from
glitch-soc due to our different theming system.
Discarded upstream changes.
- `streaming/index.js`:
Upstream changed the signature of a function to change its return type.
This is not a real conflict, the conflict being caused by an extra
argument in glitch-soc's code.
Applied upstream's change while keeping our extra argument.
Conflicts:
- `app/javascript/mastodon/load_locale.js`:
The file moved to `app/javascript/mastodon/locales/load_locale.ts`.
Ported the changes there and deleted `app/javascript/mastodon/load_locale.js`.
- `app/javascript/mastodon/locales/index.js`:
The file moved to `app/javascript/mastodon/locales/index.ts`.
Did *not* port the changes as I want to try something a bit different.
Conflicts:
- `package.json`:
Upstream changed various script definitions in lines surrounding the one for
`i18n:extract`, which had glitch-soc-specific changes.
Updated the scripts as upstream did, while keeping our changes to
`i18n:extract`.
Conflicts:
- `config/webpack/generateLocalePacks.js`:
A dependency update changed how functions are imported.
Also, some linting fixes not applicable to glitch-soc.
Conflicts:
- `.github/dependabot.yml`:
Upstream made changes, but we had removed it.
Discarded upstream changes.
- `.rubocop_todo.yml`:
Upstream regenerated the file, we had some glitch-soc-specific ignores.
- `app/models/account_statuses_filter.rb`:
Minor upstream code style change where glitch-soc had slightly different code
due to handling of local-only posts.
Updated to match upstream's code style.
- `app/models/status.rb`:
Upstream moved ActiveRecord callback definitions, glitch-soc had an extra one.
Moved the definitions as upstream did.
- `app/services/backup_service.rb`:
Upstream rewrote a lot of the backup service, glitch-soc had changes because
of exporting local-only posts.
Took upstream changes and added back code to deal with local-only posts.
- `config/routes.rb`:
Upstream split the file into different files, while glitch-soc had a few
extra routes.
Extra routes added to `config/routes/settings.rb`, `config/routes/api.rb`
and `config/routes/admin.rb`
- `db/schema.rb`:
Upstream has new migrations, while glitch-soc had an extra migration.
Updated the expected serial number to match upstream's.
- `lib/mastodon/version.rb`:
Upstream added support to set version tags from environment variables, while
glitch-soc has an extra `+glitch` tag.
Changed the code to support upstream's feature but prepending a `+glitch`.
- `spec/lib/activitypub/activity/create_spec.rb`:
Minor code style change upstream, while glitch-soc has extra tests due to
`directMessage` handling.
Applied upstream's changes while keeping glitch-soc's extra tests.
- `spec/models/concerns/account_interactions_spec.rb`:
Minor code style change upstream, while glitch-soc has extra tests.
Applied upstream's changes while keeping glitch-soc's extra tests.
Conflicts:
- `app/javascript/styles/mastodon/forms.scss`:
Conflict because we ran eslint autofix on upstream files.
- `config/initializers/content_security_policy.rb`:
Code style changes but we have a different version.
Kept our version.
- `streaming/index.js`:
Upstream fixed a typo close to glitch-soc-only code.
Applied upstream's changes.
Conflicts:
- `.github/dependabot.yml`:
Updated upstream, removed in glitch-soc to disable noise.
Kept removed.
- `CODE_OF_CONDUCT.md`:
Upstream updated to a new version of the covenant, but I have not read it
yet, so kept unchanged.
- `Gemfile.lock`:
Not a real conflict, one upstream dependency updated textually too close to
the glitch-soc only `hcaptcha` dependency.
Applied upstream changes.
- `app/controllers/admin/base_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/application_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/disputes/base_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/relationships_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/controllers/statuses_cleanup_controller.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/helpers/application_helper.rb`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `app/javascript/mastodon/features/compose/components/compose_form.jsx`:
Upstream added a highlight animation for onboarding, while we changed the
max character limit.
Applied our local changes on top of upstream's new version.
- `app/views/layouts/application.html.haml`:
Minor conflict due to glitch-soc's theming system.
Applied upstream changes.
- `stylelint.config.js`:
Upstream added ignore paths, glitch-soc had extra ignore paths.
Added the same paths as upstream.
Conflicts:
- `app/controllers/auth/setup_controller.rb`:
Upstream removed a method close to a glitch-soc theming-related method.
Removed the method like upstream did.
Conflicts:
- `package.json`:
Upstream removed a dependency that was textually close to a glitch-soc-only
dependency.
Removed the dependency as upstream did, while keeping the glitch-soc-only
dependency.
* Run rubocop --autocorrect on app/, config/ and lib/, also manually fix some remaining style issues
* Run rubocop --autocorrect-all on db/
* Run rubocop --autocorrect-all on `spec/` and fix remaining issues
Conflicts:
- `README.md`:
Upstream added a link to the roadmap, but we have a completely different README.
Kept ours.
- `app/models/media_attachment.rb`:
Upstream upped media attachment limits.
Updated the default according to upstream's.
- `db/migrate/20180831171112_create_bookmarks.rb`:
Upstream changed the migration compatibility level.
Did so too.
- `config/initializers/content_security_policy.rb`:
Upstream refactored this file but we have a different version.
Kept our version.
- `app/controllers/settings/preferences_controller.rb`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
The file does not directly references individual settings anymore.
Applied upstream changes.
- `app/lib/user_settings_decorator.rb`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
The file got removed entirely.
Removed it as well.
- `app/models/user.rb`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
References to individual settings have been removed from the file.
Removed them as well.
- `app/views/settings/preferences/appearance/show.html.haml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
Applied upstream's changes and ported ours back.
- `app/views/settings/preferences/notifications/show.html.haml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
Applied upstream's changes and ported ours back.
- `app/views/settings/preferences/other/show.html.haml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
Applied upstream's changes and ported ours back.
- `config/settings.yml`:
Upstream completely refactored user settings storage, and glitch-soc has a
different set of settings.
In particular, upstream removed user-specific and unused settings.
Did the same in glitch-soc.
- `spec/controllers/application_controller_spec.rb`:
Conflicts due to glitch-soc's theming system.
Mostly kept our version, as upstream messed up the tests.
Conflicts:
- `app/models/status.rb`:
Upstream added lines close to a glitch-soc only line, not a real conflict.
Applied upstream's changes (added hooks) while keeping glitch-soc's changes
(`local_only` scope).
- `config/environments/production.rb`:
Upstream removed a header, while we have glitch-soc specific ones.
Removed the header removed upstream.
Conflicts:
- `README.md`:
Upstream changed their README, we have our own.
Kept ours.
- `app/helpers/application_helper.rb`:
Minor code style fix upstream, on a line that is different in glitch-soc
due to the different theming system.
Applied the code style fix to our own code.
- `app/views/settings/preferences/appearance/show.html.haml`:
Code style fix on a line next to lines exclusive to glitch-soc.
Applied upstream changes.
- `yarn.lock`:
Upstream updated a dependency textually close to a glitch-soc-only
dependency.
Updated the dependency like upstream did.
Conflicts:
- `.github/workflows/build-image.yml`:
Upstream switched to pushing to both DockerHub and GitHub Container
Repository, while glitch-soc was already pushing to the latter only.
Updated our configuration to be slightly more consistent with upstream's
naming and styling, but kept our behavior.
- `Gemfile.lock`:
Updated dependencies textually too close to glitch-soc only hcaptcha
dependency.
Updated dependencies as upstream did.
- `README.md`:
Upstream updated its README, but we have a completely different one.
Kept our README, though it probably should be reworked at some point.
- `app/views/auth/sessions/two_factor.html.haml`:
Minor style fix upstream that's on a line glitch-soc removed because
of its different theming system.
Kept our file as is.
- `spec/controllers/health_controller_spec.rb`:
This file apparently did not exist upstream, upstream created it with
different contents but it is functionally the same.
Switched to upstream's version of the file.
- `spec/presenters/instance_presenter_spec.rb`:
Upstream changed the specs around `GITHUB_REPOSITORY`, while glitch-soc
had its own code because it's a fork and does not have the same default
source URL.
Took upstream's change, but with glitch-soc's repo as the default case.
- `yarn.lock`:
Upstream dependencies textually too close to a glitch-soc only one.
Updated dependencies as upstream did.
Conflicts:
- `README.md`:
Upstream README has been changed, but we have a completely different one.
Kept our `README.md`.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream added support for more incoming HTML tags (a large subset of what
glitch-soc accepts).
Change the code style to match upstream's but otherwise do not change our
code.
- `spec/lib/sanitize_config_spec.rb`:
Upstream added support for more incoming HTML tags (a large subset of what
glitch-soc accepts).
Kept our version, since the tests are mostly glitch-soc's, except for cases
which are purposefuly different.
Conflicts:
- `.prettierignore`:
Upstream added a line at the end of the file, while glitch-soc had its own
extra lines.
Took upstream's change.
- `CONTRIBUTING.md`:
We have our custom CONTRIBUTING.md quoting upstream. Upstream made changes.
Ported upstream changes.
- `app/controllers/application_controller.rb`:
Upstream made code style changes in a method that is entirely replaced
in glitch-soc.
Ignored the change.
- `app/models/account.rb`:
Code style changes textually close to glitch-soc-specific changes.
Ported upstream changes.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream code style changes.
Ignored them.
Conflicts:
- `.github/dependabot.yml`:
Upstream made changes while we have dropped this file.
Keep the file deleted.
- `.prettierignore`:
Upstream made changes at the end of the file, where we
had our extra lines.
Just moved our extra lines back at the end.
- `app/serializers/initial_state_serializer.rb`:
Upstream code style changes.
Applied them.
- `app/services/backup_service.rb`:
Upstream code style changes.
Applied them.
Conflicts:
- `.prettierignore`:
Upstream added a line at the end, glitch-soc had extra entries at the end.
Added upstream's new line before glitch-soc's.
- `Gemfile.lock`:
Upstream updated dependencies while glitch-soc has an extra one (hcaptcha).
Updated dependencies like upstream did.
- `app/controllers/api/v1/statuses_controller.rb`:
Not a real conflict, upstream added a parameter (`allowed_mentions`) where
glitch-soc already had an extra one (`content_type`).
Added upstream's new parameter.
- `app/javascript/styles/fonts/roboto-mono.scss`:
A lot of lines were changed upstream due to code style changes, and a lot
of those lines had path changes to accomodate glitch-soc's theming system.
Applied upstream's style changes.
- `app/javascript/styles/fonts/roboto.scss`:
A lot of lines were changed upstream due to code style changes, and a lot
of those lines had path changes to accomodate glitch-soc's theming system.
Applied upstream's style changes.
* Add a limit to how many posts can get fetched as a result of a single request
* Add tests
* Always pass `request_id` when processing `Announce` activities
---------
Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
Conflicts:
- `README.md`:
Minor upstream change, our README is completely different.
Kept ours.
- `lib/tasks/assets.rake`:
glitch-soc has extra code to deal with its theming system,
upstream changed a line that exists in glitch-soc.
Applied upstream changes.
Conflicts:
- `.github/workflows/build-image.yml`:
Upstream updated `docker/build-push-action`, and we a different config
for `docker/metadata-action` so the lines directly above were different,
but it's not a real conflict.
Upgraded `docker/build-push-action` as upstream did.
- `app/javascript/mastodon/features/compose/components/compose_form.js`:
Upstream changed the codestyle near a line we had modified to accommodate
configurable character count.
Kept our change.
* Fix email with empty domain name labels passing validation
`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.
* Add tests
Conflicts:
- `config/i18n-tasks.yml`:
Upstream added new ignored strings, glitch-soc has extra ignored strings
because of the theming system.
Added upstream's changes.
* Return specific error on failure to parse Date header
* Add error message when preferredUsername is not set
* Change error report to be JSON and include more details
* Change error report to differentiate unknown account and failed refresh
* Add tests
* Do not offer to mark statuses as sensitive if there is no undeleted status with media attachments
* Fix crash when marking statuses as sensitive while some statuses are deleted
Fixes#21910
* Fix multiple strikes being created for a single report when selecting “Mark as sensitive”
* Add tests
Conflicts:
- `app/models/status.rb`:
Minor upstream refactor moved hook definitions around,
and glitch-soc has an extra `before_create`.
Moved the `before_create` accordingly.
- `app/services/batched_remove_status_service.rb`:
Minor upstream refactor changed a block in which glitch-soc
had one extra call to handle direct timelines.
Adapted changes to keep glitch-soc's extra call.
Conflicts:
- `README.md`:
Upstream updated its README, while we have a completely different one.
Kept our README.
- `app/controllers/concerns/web_app_controller_concern.rb`:
Conflict because of glitch-soc's theming system.
Additionally, glitch-soc has different behavior regarding moved accounts.
Ported some of the changes, but kept our overall behavior.
- `app/javascript/packs/admin.js`:
Code changes actually applied to `app/javascript/core/admin.js`
* Fix possible race conditions when suspending/unsuspending accounts
* Fix tests
Tests were assuming SuspensionWorker and UnsuspensionWorker would do the
suspending/unsuspending themselves, but this has changed.
* Fix home tl contains post from who blocked me
* Add test
* Fix feed_manager's build_crutches
blocked_by was not includes status' owner
* Add test for status from I blocked
* Fix typo
Conflicts:
- `README.md`:
Discarded upstream changes: we have our own README
- `app/controllers/follower_accounts_controller.rb`:
Port upstream's minor refactoring
* Use Rails tag API to build RSS feed for spoilers and polls
While the previous method did not contain a bug or a potential issue,
the tag API can be very resilient against future problems and reduces the
amount of manual management of the escape status of the content.
I've added tests to ensure that the formatting is broken and still
escapes control characters correctly.
* this seems cleaner and passes
* Incorporate feedback by moving the br to its own line and using the tag helper over the string constant for the br tag itself
* whoops, tag helper doesn't use a self-closing tag
* Clear sessions on password change
* Rename User::clear_sessions to revoke_access for a clearer meaning
* Add reset paassword controller test
* Use User.find instead of User.find_for_authentication for reset password test
* Use redirect and render for better test meaning in reset password
Co-authored-by: Effy Elden <effy@effy.space>
Conflicts:
- `app/models/concerns/domain_materializable.rb`:
Fixed a code style issue upstream in a PR that got merged in glitch-soc
earlier.
Changed the code to match upstream's.