Merge pull request #2274 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
Merge branch 'main' into glitch-soc/merge-upstream
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
Merge pull request #2256 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
Merge commit '55e7c08a83547424024bac311d5459cb82cf6dae' into glitch-soc/merge-upstream
Conflicts:
- `app/models/user_settings.rb`:
Upstream added a constraint on a setting textually close
to glitch-soc-only settings.
Applied upstream's change.
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream added support for the `translate` attribute on a few elements,
where glitch-soc had a different set of allowed elements and attributes.
Extended glitch-soc's allowed attributes with `translate` as upstream did.
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored to use RSpec's `instance_double` instead of `double`,
but glitch-soc had changes to tests due to configurable max toot chars.
Applied upstream's changes while keeping tests against configurable max
toot chars.
Fix `RSpec/VerifiedDoubles` cop (#25469)
Fix user settings not getting validated (#25508)
Merge pull request #2251 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
Fix glitch-soc-only test being broken by refactor of the surrounding tests
Merge commit '9e245d147bcb2c72cc552ff8c276a1c34e2f686d' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/profiles/show.html.haml`:
Upstream redesigned the settings page, where glitch-soc had changes because of
the ability to set some custom limits.
Went with upstream's design while keeping our custom limits.
- `yarn.lock`:
Upstream updated dependencies textually close to a glitch-soc-only dependency.
Updated the dependnencies as well.
Update rubocop-rspec to version 2.22.0, fix `RSpec/IndexedLet` cop (#24698)
Fix `ArgumentError` in `/api/v1/admin/accounts/:id/action` (#25386)
Reduce factory data created in spec/models/trends/statuses spec (#25410)
Merge pull request #2246 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
Merge commit '3a2a15c6ea4d4603469861ed9be09da12a122e45' into glitch-soc/merge-upstream
Conflicts:
- `app/views/settings/preferences/appearance/show.html.haml`:
Conflict because glitch-soc does not have a theme selector here.
Reduce `RSpec/MultipleExpectations` cop max to 8 (#25313)
Disable paperclip processing in specs (#25359)
Merge commit 'b85c387c5c0527b0ad31c27031a09d361826c5fc' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
Kept our version, it was not affected by upstream's bug.