This matches the "websafe" upstream preset[0], and our current limit is too low for high-noise images (like a scene full of snow).
[0]: c7d070ec65/config/policy-websafe.xml (L58)
The script changed from old unmaintained ya2yaml (which is broken with
current ruby version) to default `to_yaml` from ruby. That's why the
diff is "a bit" bigger than usual, because it looks like some keys are
sorted differently.
Now with likes on comments, diaspora also tries to fetch comments if it
receives a like for a comment it doesn't know yet. So this now also
allows to fetch comments with `/fetch/comment/<guid>`.
This fix was heavily inspired by Mastodon's fix for GHSA-9928-3cp5-93fm.
So, thank you Cure53 for finding this issue, thank you Mozilla for
paying Cure53 to look into it, and thanks for Mastodon for fixing it.
The callbacks aren't used in cluster mode, and puma prints a warning
about that. This is fine, we don't need the callbacks in single-mode,
but can still keep it, in case somebody switches on cluster mode.
The problem is, the current puma version has a bug, where pumactl
crashes when trying to print these warnings, so lets just silence the
warnings. People running in single mode also don't need to care about
the warnings anyway.
There are no new releases anymore and the current version isn't
compatible with ruby 3.x.
As this feature wasn't really used a lot (Icelandic didn't even setup
inflections properly), it's probably not worth fighting for it, so lets
just drop it.
Related to #8369
Some imagemagick-versions (I tested Ubuntu 22.04 and debian bullseye)
always loose exif data when converting from jpg to webp. So this made
our CI fail now, but even if it wasn't failing before, some pods always
had and have versions which might loose the information anyway. So
having a setting to keep exif information is kinda pointless, if we
can't guarantee that the information isn't lost. Also, diaspora isn't a
photo sharing platform and we don't display exif information anywhere,
so I think we should just always strip exif data (which was already the
default before), as we don't need them.
