Conflicts:
- `app/helpers/application_helper.rb`:
Not a real conflict, upstream added helpers right next to glitch-soc only
helpers.
Added upstream's helpers.
- `spec/models/status_spec.rb`:
Not a real conflict, upstream added specs right next to glitch-soc only
specs.
Added upstream's tests.
Conflicts:
- `spec/validators/status_length_validator_spec.rb`:
Upstream refactored tests to stub `StatusLengthValidator::MAX_CHARS`
while glitch-soc had custom code to read from `MAX_TOOT_CHARS`.
Switched to using upstream's implementation of the tests.
Conflicts:
- `app/controllers/accounts_controller.rb`:
Conflict due to glitch-soc's local-only posting feature.
Refactored as upstream did but kept local changes.
- `app/lib/account_statuses_filter.rb`:
Conflict due to glitch-soc's local-only posting feature.
Refactored as upstream did but kept local changes.
Conflicts:
- `package.json`:
Upstream updated a dependency that is on an adjacent line to a
glitch-soc-only dependency in that file.
Updated as upstream did.
- `yarn.lock`:
Upstream updated a dependency that is on an adjacent line to a
glitch-soc-only dependency in that file.
Updated as upstream did.
Conflicts:
- `config/routes/api.rb`:
glitch-soc has an extra `:destroy` action on notifications for historical reasons.
Kept it for now, while otherwise updating as upstream did.
Conflicts:
- `Gemfile.lock`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
- `README.md`:
Upstream updated its README, we have a completely different one.
Kept glitch-soc's README.
- `app/models/account.rb`:
Not a real conflict, upstream updated some lines textually adjacent
to glitch-soc-specific lines.
Ported upstream's changes.
Conflicts:
- `.github/workflows/build-security.yml`:
Changes were already cherry-picked and adapted in glitch-soc.
Kept glitch-soc's version.
- `Gemfile.lock`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
- `lib/mastodon/version.rb`:
Changes were already cherry-picked and updated further in glitch-soc.
Kept glitch-soc's version.
* Prevent different identities from a same SSO provider from accessing a same account
* Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`
* Rename methods to avoid confusion between OAuth and OmniAuth
* Ensure destruction of OAuth Applications notifies streaming
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
* Ensure password resets revoke access to Streaming API
* Improve performance of deleting OAuth tokens
---------
Co-authored-by: Claire <claire.github-309c@sitedethib.com>