~cytrogen/masto-fe

ref: e48a6a5f2c878e0deecddbd92ba4d823bebd7f9e masto-fe/lib d---------
b2515feb — Claire 2 years ago 
Merge commit 'cfd50f30bb5dda4dd90e1ad01f3e62c99135c36f' into glitch-soc/merge-upstream
7635c674 — Claire 2 years ago 
Merge commit '144a406d332b034caa812ade2629df03ed4898d7' into glitch-soc/merge-upstream

Conflicts:
- `app/views/layouts/application.html.haml`:
  Upstream removed the `crossorigin` attribute from `preload_pack_asset`.
  Glitch-soc had different calls to `preload_pack_asset` because of the
  different theming system.
  Ported the change.
- `app/views/layouts/embedded.html.haml`:
  Upstream removed the `crossorigin` attribute from `preload_pack_asset`.
  Glitch-soc had different calls to `preload_pack_asset` because of the
  different theming system.
  Ported the change.
f2c68333 — Claire 2 years ago 
Bump version to v4.1.5 (#26108)
42698b4c — Renaud Chaput 2 years ago 
Fix the crossorigin attribute (#26096)
bb98d970 — Claire 2 years ago 
Merge pull request #2291 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
9ae60f87 — Claire 2 years ago 
Merge commit '82e477b184b5666fff7fb55933dce22ca2925db8' into glitch-soc/merge-upstream

Conflicts:
- `db/migrate/20180831171112_create_bookmarks.rb`:
  Upstream ran a lint fix on this file, but this file is different in
  glitch-soc because the feature was added much earlier.
  Ran the lint fix on our own version of the file.
f8314520 — Matt Jankowski 2 years ago 
Refactor `Snowflake` to avoid brakeman sql injection warnings (#25879)
b8b2470c — Matt Jankowski 2 years ago 
Fix `Style/SlicingWithRange` cop (#25923)
1d557305 — Nick Schonning 2 years ago 
Enable Rubocop Style/FrozenStringLiteralComment (#23793)
a40529fa — Claire 2 years ago 
Merge pull request #2279 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
b9aa228c — Claire 2 years ago 
Merge branch 'main' into glitch-soc/merge-upstream

Conflicts:
- `.github/workflows/build-image.yml`:
  Upstream attempted something with tags.
  Kept our version.
00511283 — Claire 2 years ago 
Bump version to v4.1.4 (#25805)
71d44949 — Claire 2 years ago 
Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794)
c25ba31e — Claire 2 years ago 
Merge pull request #2274 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
ff7aae30 — Claire 2 years ago 
Merge branch 'main' into glitch-soc/merge-upstream
5e1752ce — Claire 2 years ago 
Bump version to v4.1.3 (#25757)
dc8f1fbd — Claire 2 years ago 
Merge pull request from GHSA-9928-3cp5-93fm

* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
6d8e0fae — Claire 2 years ago 
Merge pull request from GHSA-ccm4-vgcc-73hp

* Tighten allowed HTML in oEmbed-based preview cards

* Sanitize preview cards at render time

* Add `sandbox` attribute to preview card iframes
fed9cbfd — Claire 2 years ago 
Add hardened headers to user-uploaded files (#25756)
b052a7ed — Claire 2 years ago 
Merge pull request #2256 from ClearlyClaire/glitch-soc/merge-upstream

Merge upstream changes
Next