Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
Conflict because glitch-soc has a different list of allowed tags.
Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
Conflict because of glitch-soc's default settings.
Updated accordingly.
* Fix insufficient permission checking for public timeline endpoints
Note that this changes unauthenticated access failure code from 401 to 422
* Add more tests for public timelines
* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
Conflicts:
- `yarn.lock`:
Not a real conflict, just a line adjacent to a glitch-soc only dependency
getting updated.
Updated dependencies as upstream did.
Conflicts:
- `app/helpers/application_helper.rb`:
Not a real conflict, upstream added helpers right next to glitch-soc only
helpers.
Added upstream's helpers.
- `spec/models/status_spec.rb`:
Not a real conflict, upstream added specs right next to glitch-soc only
specs.
Added upstream's tests.
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
Switched to using upstream's implementation of the tests.
Conflicts:
- `app/models/account.rb`:
Upstream refactored this file a bit, moving validation limits to constants.
We already had a similar change, although with different constant names.
Updated to match upstream's code.
The following files were also modified accordingly:
- `app/views/settings/profiles/show.html.haml`
- `spec/requests/api/v1/accounts/credentials_spec.rb`
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
Conflict due to glitch-soc having a different default site name.
Updated the tests as upstream did, keeping glitch-soc's default name.
Conflicts:
- `spec/controllers/api/v1/accounts/credentials_controller_spec.rb`
Conflict due to glitch-soc's different note length handling.
Ported the changes in `spec/requests/api/v1/accounts/credentials_spec.rb` instead.
Conflicts:
- `config/routes/api.rb`:
glitch-soc has an extra `:destroy` action on notifications for historical reasons.
Kept it for now, while otherwise updating as upstream did.
Conflicts:
- `.github/workflows/build-security.yml`:
Changes were already cherry-picked and adapted in glitch-soc.
Kept glitch-soc's version.
- `Gemfile.lock`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
Conflicts:
- `spec/controllers/api/v1/timelines/direct_controller_spec.rb`:
`spec/controllers/api/v1/timelines` has been renamed, but we had an extra
spec here for a glitch-soc-only endpoint.
Kept glitch-soc's file unchanged (will port to a request spec later).
Claire
Matt Jankowski
Daniel M Brasil
Eugen Rochko
Emelia Smith
Renaud Chaput