Conflicts:
- `lib/sanitize_ext/sanitize_config.rb`:
Conflict because glitch-soc has a different list of allowed tags.
Added upstream's new allowed tags while keeping ours.
- `spec/requests/api/v1/timelines/public_spec.rb`:
Conflict because of glitch-soc's default settings.
Updated accordingly.
* Fix insufficient permission checking for public timeline endpoints
Note that this changes unauthenticated access failure code from 401 to 422
* Add more tests for public timelines
* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
Conflicts:
- `spec/requests/api/v2/instance_spec.rb`:
Conflict due to glitch-soc having a different default site name.
Updated the tests as upstream did, keeping glitch-soc's default name.
Conflicts:
- `spec/controllers/api/v1/timelines/direct_controller_spec.rb`:
`spec/controllers/api/v1/timelines` has been renamed, but we had an extra
spec here for a glitch-soc-only endpoint.
Kept glitch-soc's file unchanged (will port to a request spec later).
Conflicts:
- `spec/controllers/api/v1/timelines/tag_controller_spec.rb`:
Glitch-soc had a few extra lines in this file to account for a different
default setting. This file got replaced by
`spec/requests/api/v1/timelines/tag_spec.rb`, into which the glitch-soc
additions were moved too.
Additional changes:
- `spec/requests/api/v1/statuses/sources_spec.rb`:
Add glitch-soc-only attribute `content_type`.
Conflicts:
- `.github/workflows/build-image.yml`:
Upstream entirely refactored this, while we changed the docker repository
to upload to and disabled the “latest” tag.
Applied the repository change to `.github/workflows/build-*.yml`, as well
as disabling native ARMv64 builds.
- `README.md`:
We have a completely different README.
Kept ours.
- `app/views/admin/settings/shared/_links.html.haml`:
Upstream refactored, we had an extra item.
Refactored as upstream did.
- `spec/controllers/api/v1/timelines/public_controller_spec.rb`:
Upstream deleted this file, to be replaced by a request spec at
`spec/requests/api/v1/timelines/public_spec.rb`.
We had an extra bit about enabling the public timelines because we have
different defaults than upstream.
Moved that bit to `spec/requests/api/v1/timelines/public_spec.rb`