Conflicts:
- `config/initializers/content_security_policy.rb`:
Upstream added some code to add the Identity Provider's sign-in endpoint to
the `form-action` Content Security Policy directive but our version of the
file is pretty different.
Ported the change.
Conflicts:
- `app/models/form/admin_settings.rb`:
Upstream added the notion of overriden settings, while we had extra code for
pseudo-settings (only used to combine flavour and skin in a single select
field).
Ported upstream changes.
- `config/i18n-tasks.yml`:
Upstream added `simple_form.overridden` to `ignore_unused`,
we had `simple_form.glitch_only`.
Added `simple_form.glitch_only` as well.
Conflicts:
- `app/views/settings/preferences/other/show.html.haml`:
Upstream moved some settings, where glitch-soc has an extra setting.
Ported upstream changes, moving the same settings as them.
Conflicts:
- `.rubocop_todo.yml`:
Upstream regenerated this file, glitch-soc had a specific ignore.
- `README.md`:
Upstream updated its README, but glitch-soc has a completely different one.
Kept glitch-soc's README
Conflicts:
- `app/models/account.rb`:
Upstream added new validations close to lines on which glitch-soc had
modified validations to handle custom limits set through environment
variables.
Ported upstream changes.
- `config/initializers/content_security_policy.rb`:
Upstream added `AZURE_ALIAS_HOST`. Glitch-soc's version of the file is
completely different.
Added `AZURE_ALIAS_HOST` to our version of the file.
Conflicts:
- app/controllers/application_controller.rb:
Upstream added an `include` where we had an extra `include` due to
glitch-soc's theming system.
Added upstream's new `include`.
Conflicts:
- `db/migrate/20180831171112_create_bookmarks.rb`:
Upstream ran a lint fix on this file, but this file is different in
glitch-soc because the feature was added much earlier.
Ran the lint fix on our own version of the file.
Conflicts:
- `app/serializers/initial_state_serializer.rb`:
Upstream renamed an initial state parameter, where we had extra ones.
Renamed as upstream did.
- `app/workers/feed_insert_worker.rb`:
Upstream wrapped database query in a block, we had extra database
queries because of the DM timeline.
Moved everything in the block.
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
