Recently, caa81452f4 relaxed the condition for Snappy pinning a post
from `body.startswith(':#marseypin:')` to the same sans trailing colon.
I believe this was intended to allow :marseypin2: to also lead to post
pinning. However, the amusing, though incorrect, side effect is that
:marseypinkcat: and :marseypinochet: can now also lead to Snappy pins.
This has been remedied by explicitly defining the two conditions we
want rather than hoping all :marseypin [sic] are about pinning.
cb1bb4e43b40: Server cleaned out schema.sql for some reason and
it was autocommitted by the sneed cron. This is why the tests fail.
2737a6ca479b: Originally pulled from themotte/rDrama @ 309bf44f12ba.
In light of the fact this is breaking comment previews right now and
the actual XSS threat is unclear, given we sanitize serverside,
this is reverted until I find time to look at it.
Comments of the style e.g. "@TLSM / @TLSM2" would mistakenly be
`sanitize`d to have identical links only on "@TLSM", the latter
instance having a dangling 2 on the end. It seems this is purely an
issue with text formatting; alerts.py @ NOTIF_USERS had no such
issues. The root cause appears to be partly an optimization and
partly the use of str.replace without a count limit.
The award modal note field had a maxLength of 200 characters.
This was retained when repurposing the field for the new flair to be
applied by a flairlock award. However, flairs have a maxLength of 100
characters. award_modal.js now makes this clearer in the UI by
changing the maxLength of note when a flairlock award is picked.
The shop discount from Big Spender badges was incorrectly implemented:
intended behavior was for 2pp per badge. However, the values in
const.py were set as if a user could only have one Spender badge at
once, while user.py @ discount was implemented as if they were
additive. Since users factually do have multiple big spender badges,
the values in const were adjusted to reflect this fact.
Also, lootbox Roller badges now each offer a 1pp discount.
users.py @ discount was improved to check against the `discounts`
keys for appropriate badges, rather than a hardcoded list.