~cytrogen/masto-fe

ref: 82eebd048204be2cb99a3e4a27d1bce9a5e642c9 masto-fe/lib d---------
a40529fa — Claire 2 years ago 
Merge pull request #2279 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
b9aa228c — Claire 2 years ago 
Merge branch 'main' into glitch-soc/merge-upstream

Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream attempted something with tags.
  Kept our version.
00511283 — Claire 2 years ago 
Bump version to v4.1.4 (#25805)
71d44949 — Claire 2 years ago 
Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794)
c25ba31e — Claire 2 years ago 
Merge pull request #2274 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
ff7aae30 — Claire 2 years ago 
Merge branch 'main' into glitch-soc/merge-upstream
5e1752ce — Claire 2 years ago 
Bump version to v4.1.3 (#25757)
dc8f1fbd — Claire 2 years ago 
Merge pull request from GHSA-9928-3cp5-93fm

* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
6d8e0fae — Claire 2 years ago 
Merge pull request from GHSA-ccm4-vgcc-73hp

* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
fed9cbfd — Claire 2 years ago 
Add hardened headers to user-uploaded files (#25756)
b052a7ed — Claire 2 years ago 
Merge pull request #2256 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
178e1510 — Claire 2 years ago 
Merge commit '55e7c08a83547424024bac311d5459cb82cf6dae' into glitch-soc/merge-upstream

Conflicts:
- `app/models/user_settings.rb`:
  Upstream added a constraint on a setting textually close
  to glitch-soc-only settings.
  Applied upstream's change.
- `lib/sanitize_ext/sanitize_config.rb`:
  Upstream added support for the `translate` attribute on a few elements,
  where glitch-soc had a different set of allowed elements and attributes.
  Extended glitch-soc's allowed attributes with `translate` as upstream did.
- `spec/validators/status_length_validator_spec.rb`:
  Upstream refactored to use RSpec's `instance_double` instead of `double`,
  but glitch-soc had changes to tests due to configurable max toot chars.
  Applied upstream's changes while keeping tests against configurable max
  toot chars.
c78280a8 — Claire 2 years ago 
Add translate="no" to outgoing mentions and links (#25524)
eba3411b — Plastikmensch 2 years ago 
Re-allow title attribute in <abbr> (#2254)

* Re-allow title attribute in <abbr>

This was accidentally removed in 7623e181247b4d2227b7774143514f6e1ca9253b

Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>

* Add test

Add a new test to check that title attribute on <abbr> is kept.

Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>

---------

Signed-off-by: Plastikmensch <plastikmensch@users.noreply.github.com>
f3c2035f — Claire 2 years ago 
Merge pull request #2251 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
65cbcce9 — Claire 2 years ago 
Merge commit '39110d1d0af5e3d9cf452ae47496a52797249fd0' into glitch-soc/merge-upstream
af97a6ac — Claire 2 years ago 
Merge pull request #2246 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
b5675e26 — Matt Jankowski 2 years ago 
Add coverage for `CLI::Feeds` command (#25319)
07933db7 — Matt Jankowski 2 years ago 
Add coverage for `CLI::Cache` command (#25238)
c48ec9cb — Claire 2 years ago 
Merge commit 'b85c387c5c0527b0ad31c27031a09d361826c5fc' into glitch-soc/merge-upstream

Conflicts:
- `config/initializers/content_security_policy.rb`:
  Kept our version, it was not affected by upstream's bug.
Next