* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth
* Ensure destruction of OAuth Applications notifies streaming
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
* Ensure password resets revoke access to Streaming API
* Improve performance of deleting OAuth tokens
---------
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth
* Ensure destruction of OAuth Applications notifies streaming
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
* Ensure password resets revoke access to Streaming API
* Improve performance of deleting OAuth tokens
---------
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
* Add env variable support for number of followable hashtags in feed column.
* Add a note about performance concerns for higher values.
See discussion in https://github.com/glitch-soc/mastodon/pull/2500
* Update .devcontainer/docker-compose.yml
---------
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
Upstream refactored, changing lines textually close of glitch-soc-only lines
pertaining to the theming system.
Resolved the conflict.
- `app/controllers/auth/passwords_controller.rb`:
Upstream refactored, changing lines textually close of glitch-soc-only lines
pertaining to the theming system.
Resolved the conflict.
- `app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb`:
Upstream refactored, changing lines textually close of glitch-soc-only lines
pertaining to the theming system.
Resolved the conflict.
Conflicts:
- `app/lib/settings/scoped_settings.rb`:
Removed upstream, while glitch-soc had a change related to its theming system.
Removed as well, as it's unused.
Conflicts:
- `app/lib/content_security_policy.rb`:
Conflict caused by glitch-soc's support for the extra `EXTRA_DATA_HOSTS`
environment variable.
Ported upstream's changes while keeping support for `EXTRA_DATA_HOSTS`.
Conflicts:
- `app/models/form/admin_settings.rb`:
Upstream changed code style change, including on a line modified by glitch-soc.
Kept glitch-soc's line but with the code style change applied.
Conflicts:
- `Gemfile.lock`:
Conflict caused by the `json` gem thing once again.
Updated as upstream did, but keeping the most recent `json` version.
- `spec/helpers/application_helper_spec.rb`:
Upstream refactored a bunch of specs, including one place that differs
because of glitch-soc's theming system.
Refactored as upstream did, adapting it for glitch-soc's theming system.
Conflicts:
- `.rubocop_todo.yml`:
Upstream fixed a bunch lint issues, and changed the `Max` parameter of the
`Metrics/AbcSize` cop.
Glitch-soc has different code and slightly higher `AbcSize` complexity,
modified the `.rubocop_todo.yml` file accordingly.
- `app/policies/status_policy.rb`:
Upstream changed `account.suspended?` to `account.unavailable?` to prepare
for delete flags. Glitch-soc has additional local-only conditions.
Ported upstream's refactor while keeping glitch-soc's additional condition.
- `app/serializers/initial_state_serializer.rb`:
Upstream refactored a bunch of stuff while glitch-soc has more settings.
Refactored as upstream did while keeping glitch-soc's settings.
Conflicts:
- `config/initializers/content_security_policy.rb`:
Upstream reworked the CSP, we kept our version for now.
- `spec/requests/content_security_policy_spec.rb`:
Upstream reworked the CSP, we kept our version for now.
Conflicts:
- `app/views/admin/custom_emojis/new.html.haml`:
Conflict caused by glitch-soc having a different file size limit constant
name.
Updated like upstream did while keeping glitch-soc's constant name.
Conflicts:
- `app/validators/status_pin_validator.rb`:
Upstream refactored that file, while glitch-soc had configurable limits for
pinned statuses.
Updated the code with upstream's refactor, while keeping glitch-soc's
configurability.
Conflicts:
- `package.json`:
Upstream split some dependencies, including `express`, to
`streaming/package.json`.
However, glitch-soc had extra dependencies textually close to `express`.
Kept the extra dependencies and moved `express` to streaming.
- `yarn.lock`:
Upstream split some dependencies, including `express`, to
`streaming/package.json`.
However, glitch-soc had extra dependencies textually close to `express`.
Kept the extra dependencies and moved `express` to streaming.
Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
Upstream enforced new code style rules, where we had different code.
Applied the new code style rules.
Conflicts:
- `app/models/trends/statuses.rb`:
Upstream fixed a bug in the trending post condition.
Glitch-soc's condition is different because we potentially allow CWed content
to trend.
Ported upstream's fix while keeping glitch-soc's change.
- `config/initializers/content_security_policy.rb`:
Kept our version for now, we will switch to upstream later down the road.
Conflicts:
- `config/initializers/content_security_policy.rb`:
Upstream changed how asset host CSP directives are used, and glitch-soc has
a pretty different CSP file.
It may be worth reconsidering the differences between upstream and glitch-soc
but for now, just port the change.
Conflicts:
- `app/javascript/mastodon/features/compose/components/compose_form.jsx`:
Upstream changed one import, close to a glitch-soc-only import to handle
different max character counts.
Ported upstream's change.
Conflicts:
- `config/environments/production.rb`:
Upstream enforced a code style change and glitch-soc had a few different lines.
Applied upstream's code style to glitch-soc's changes.
Conflicts:
- `config/initializers/cors.rb`:
Upstream refactored this file, and glitch-soc had local changes.
I could not find the rationale for the glitch-soc changes, so I
used upstream's version.
Conflicts:
- `.github/workflows/build-nightly.yml`:
Upstream modified this file close to a line modified by glitch-soc to
disable the ARMv64 builder (as glitch-soc doesn't have one).
Ported upstream's changes.
- `.github/workflows/build-releases.yml`:
Upstream modified this file close to lines changed by glitch-soc to
change the Docker image repositories used (only ghcr, and based on the
organization's name).
Ported upstream's changes.
Conflicts:
- `app/models/form/admin_settings.rb`:
Upstream added the notion of overriden settings, while we had extra code for
pseudo-settings (only used to combine flavour and skin in a single select
field).
Ported upstream changes.
- `config/i18n-tasks.yml`:
Upstream added `simple_form.overridden` to `ignore_unused`,
we had `simple_form.glitch_only`.
Added `simple_form.glitch_only` as well.
Conflicts:
- `.github/workflows/build-releases.yml`:
Upstream changed comments close to a line we modified to account for
different container image repositories.
Updated the comments as upstream did.
Conflicts:
- `.github/workflows/build-nightly.yml`:
Upstream changed the environment variables used for defining the version
number. This change occurs close to lines that were modified in glitch-soc
to account for the different repositories to push to.
Ported upstream changes.
- `.github/workflows/build-push-pr.yml`:
Upstream changed the environment variables used for defining the version
number. This change occurs close to lines that were modified in glitch-soc
to account for the different repositories to push to.
Ported upstream changes.
- `lib/mastodon/version.rb`:
Upstream changed how the version string is built from environment variables.
Adapted the logic to account for the `+glitch` in glitch-soc.
Conflicts:
- `app/views/settings/preferences/other/show.html.haml`:
Upstream moved some settings, where glitch-soc has an extra setting.
Ported upstream changes, moving the same settings as them.
Conflicts:
- `.rubocop_todo.yml`:
Upstream regenerated this file, glitch-soc had a specific ignore.
- `README.md`:
Upstream updated its README, but glitch-soc has a completely different one.
Kept glitch-soc's README
Claire