WIP create invites via API

Merge tag 'v2.7.0' into kosmos
Fix background style
2019-03-09 09:18:53 +07:00 · 2019-01-27 10:26:58 +08:00 · 2018-10-31 23:10:39 +01:00 · 2018-10-31 22:10:00 +01:00 · 2018-10-31 22:09:43 +01:00 · 2018-09-03 21:26:36 +08:00
6096 changed files with 102816 additions and 367880 deletions
--- a/.browserslistrc
+++ b/.browserslistrc
@ -1,7 +0,0 @@
 [production]
 defaults
 not IE 11
 not dead
 [development]
 supports es6-module
--- a/.buildpacks
+++ b/.buildpacks
@ -1,3 +1,4 @@
 https://github.com/heroku/heroku-buildpack-apt
 https://github.com/Scalingo/ffmpeg-buildpack
 https://github.com/Scalingo/nodejs-buildpack
 https://github.com/Scalingo/ruby-buildpack
--- a/.bundler-audit.yml
+++ b/.bundler-audit.yml
@ -1,6 +0,0 @@
 ---
 ignore:
  # devise-two-factor advisory about brute-forcing TOTP
  # We have rate-limits on authentication endpoints in place (including second
  # factor verification) since Mastodon v3.2.0
  - CVE-2024-0227
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -0,0 +1,217 @@
 version: 2
 aliases:
  - &defaults
    docker:
      - image: circleci/ruby:2.6.0-stretch-node
        environment: &ruby_environment
          BUNDLE_APP_CONFIG: ./.bundle/
          DB_HOST: localhost
          DB_USER: root
          RAILS_ENV: test
          PARALLEL_TEST_PROCESSORS: 4
          ALLOW_NOPAM: true
          CONTINUOUS_INTEGRATION: true
          DISABLE_SIMPLECOV: true
          PAM_ENABLED: true
          PAM_DEFAULT_SERVICE: pam_test
          PAM_CONTROLLED_SERVICE: pam_test_controlled
    working_directory: ~/projects/mastodon/
  - &attach_workspace
    attach_workspace:
      at: ~/projects/
  - &persist_to_workspace
    persist_to_workspace:
      root: ~/projects/
      paths:
        - ./mastodon/
  - &restore_ruby_dependencies
    restore_cache:
      keys:
        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-
        - v2-ruby-dependencies-
  - &install_steps
    steps:
      - checkout
      - *attach_workspace
      - restore_cache:
          keys:
            - v1-node-dependencies-{{ checksum "yarn.lock" }}
            - v1-node-dependencies-
      - run: yarn install --frozen-lockfile
      - save_cache:
          key: v1-node-dependencies-{{ checksum "yarn.lock" }}
          paths:
            - ./node_modules/
      - *persist_to_workspace
  - &install_system_dependencies
      run:
        name: Install system dependencies
        command: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev libprotobuf-dev protobuf-compiler
  - &install_ruby_dependencies
      steps:
        - *attach_workspace
        - *install_system_dependencies
        - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
        - *restore_ruby_dependencies
        - run: bundle install --clean --jobs 16 --path ./vendor/bundle/ --retry 3 --with pam_authentication --without development production && bundle clean
        - save_cache:
            key: v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
            paths:
              - ./.bundle/
              - ./vendor/bundle/
        - persist_to_workspace:
            root: ~/projects/
            paths:
                - ./mastodon/.bundle/
                - ./mastodon/vendor/bundle/
  - &test_steps
      steps:
        - *attach_workspace
        - *install_system_dependencies
        - run: sudo apt-get install -y ffmpeg
        - run:
            name: Prepare Tests
            command: ./bin/rails parallel:create parallel:load_schema parallel:prepare
        - run:
            name: Run Tests
            command: ./bin/retry bundle exec parallel_test ./spec/ --group-by filesize --type rspec
 jobs:
  install:
    <<: *defaults
    <<: *install_steps
  install-ruby2.6:
    <<: *defaults
    <<: *install_ruby_dependencies
  install-ruby2.5:
    <<: *defaults
    docker:
      - image: circleci/ruby:2.5.3-stretch-node
        environment: *ruby_environment
    <<: *install_ruby_dependencies
  install-ruby2.4:
    <<: *defaults
    docker:
      - image: circleci/ruby:2.4.5-stretch-node
        environment: *ruby_environment
    <<: *install_ruby_dependencies
  build:
    <<: *defaults
    steps:
      - *attach_workspace
      - *install_system_dependencies
      - run: ./bin/rails assets:precompile
      - persist_to_workspace:
          root: ~/projects/
          paths:
              - ./mastodon/public/assets
              - ./mastodon/public/packs-test/
  test-ruby2.6:
    <<: *defaults
    docker:
      - image: circleci/ruby:2.6.0-stretch-node
        environment: *ruby_environment
      - image: circleci/postgres:10.6-alpine
        environment:
          POSTGRES_USER: root
      - image: circleci/redis:5.0.3-alpine3.8
    <<: *test_steps
  test-ruby2.5:
    <<: *defaults
    docker:
      - image: circleci/ruby:2.5.3-stretch-node
        environment: *ruby_environment
      - image: circleci/postgres:10.6-alpine
        environment:
          POSTGRES_USER: root
      - image: circleci/redis:4.0.12-alpine
    <<: *test_steps
  test-ruby2.4:
    <<: *defaults
    docker:
      - image: circleci/ruby:2.4.5-stretch-node
        environment: *ruby_environment
      - image: circleci/postgres:10.6-alpine
        environment:
          POSTGRES_USER: root
      - image: circleci/redis:4.0.12-alpine
    <<: *test_steps
  test-webui:
    <<: *defaults
    docker:
      - image: circleci/node:8.15.0-stretch
    steps:
      - *attach_workspace
      - run: ./bin/retry yarn test:jest
  check-i18n:
    <<: *defaults
    steps:
      - *attach_workspace
      - run: bundle exec i18n-tasks check-normalized
      - run: bundle exec i18n-tasks unused
      - run: bundle exec i18n-tasks missing -t plural
      - run: bundle exec i18n-tasks check-consistent-interpolations
 workflows:
  version: 2
  build-and-test:
    jobs:
      - install
      - install-ruby2.6:
          requires:
            - install
      - install-ruby2.5:
          requires:
            - install
            - install-ruby2.6
      - install-ruby2.4:
          requires:
            - install
            - install-ruby2.6
      - build:
          requires:
            - install-ruby2.6
      - test-ruby2.6:
          requires:
            - install-ruby2.6
            - build
      - test-ruby2.5:
          requires:
            - install-ruby2.5
            - build
      - test-ruby2.4:
          requires:
            - install-ruby2.4
            - build
      - test-webui:
          requires:
            - install
      - check-i18n:
          requires:
            - install-ruby2.6
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@ -0,0 +1,38 @@
 version: "2"
 checks:
  argument-count:
    enabled: false
  complex-logic:
    enabled: false
  file-lines:
    enabled: false
  method-complexity:
    enabled: false
  method-count:
    enabled: false
  method-lines:
    enabled: false
  nested-control-flow:
    enabled: false
  return-statements:
    enabled: false
  similar-code:
    enabled: false
  identical-code:
    enabled: false
 plugins:
  brakeman:
    enabled: true
  bundler-audit:
    enabled: true
  eslint:
    enabled: true
    channel: eslint-5
  rubocop:
    enabled: true
    channel: rubocop-0-54
  scss-lint:
    enabled: true
 exclude_patterns:
 - spec/
 - vendor/asset
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -1,20 +0,0 @@
 # For details, see https://github.com/devcontainers/images/tree/main/src/ruby
 FROM mcr.microsoft.com/devcontainers/ruby:1-3.2-bullseye
 # Install Rails
 # RUN gem install rails webdrivers
 ARG NODE_VERSION="16"
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
 # [Optional] Uncomment this section to install additional OS packages.
 RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
    && apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg imagemagick libpam-dev
 # [Optional] Uncomment this line to install additional gems.
 RUN gem install foreman
 # [Optional] Uncomment this line to install global node packages.
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g yarn" 2>&1
 COPY welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt
--- a/.devcontainer/codespaces/devcontainer.json
+++ b/.devcontainer/codespaces/devcontainer.json
@ -1,49 +0,0 @@
 {
  "name": "Mastodon on GitHub Codespaces",
  "dockerComposeFile": "../docker-compose.yml",
  "service": "app",
  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {}
  },
  "runServices": ["app", "db", "redis"],
  "forwardPorts": [3000, 4000],
  "portsAttributes": {
    "3000": {
      "label": "web",
      "onAutoForward": "notify"
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent"
    }
  },
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "remoteEnv": {
    "LOCAL_DOMAIN": "${localEnv:CODESPACE_NAME}-3000.app.github.dev",
    "LOCAL_HTTPS": "true",
    "STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
    "DISABLE_FORGERY_REQUEST_PROTECTION": "true",
    "ES_ENABLED": "",
    "LIBRE_TRANSLATE_ENDPOINT": ""
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
  "postCreateCommand": ".devcontainer/post-create.sh",
  "waitFor": "postCreateCommand",
  "customizations": {
    "vscode": {
      "settings": {},
      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
    }
  }
 }
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -1,40 +0,0 @@
 {
  "name": "Mastodon on local machine",
  "dockerComposeFile": "docker-compose.yml",
  "service": "app",
  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {}
  },
  "forwardPorts": [3000, 4000],
  "portsAttributes": {
    "3000": {
      "label": "web",
      "onAutoForward": "notify",
      "requireLocalPort": true
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent",
      "requireLocalPort": true
    }
  },
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
  "postCreateCommand": ".devcontainer/post-create.sh",
  "waitFor": "postCreateCommand",
  "customizations": {
    "vscode": {
      "settings": {},
      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
    }
  }
 }
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@ -1,90 +0,0 @@
 version: '3'
 services:
  app:
    build:
      context: .
      dockerfile: Dockerfile
    volumes:
      - ../..:/workspaces:cached
    environment:
      RAILS_ENV: development
      NODE_ENV: development
      BIND: 0.0.0.0
      REDIS_HOST: redis
      REDIS_PORT: '6379'
      DB_HOST: db
      DB_USER: postgres
      DB_PASS: postgres
      DB_PORT: '5432'
      ES_ENABLED: 'true'
      ES_HOST: es
      ES_PORT: '9200'
      LIBRE_TRANSLATE_ENDPOINT: http://libretranslate:5000
    # Overrides default command so things don't shut down after the process ends.
    command: sleep infinity
    ports:
      - '127.0.0.1:3000:3000'
      - '127.0.0.1:3035:3035'
      - '127.0.0.1:4000:4000'
    networks:
      - external_network
      - internal_network
  db:
    image: postgres:14-alpine
    restart: unless-stopped
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: postgres
      POSTGRES_DB: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_HOST_AUTH_METHOD: trust
    networks:
      - internal_network
  redis:
    image: redis:7-alpine
    restart: unless-stopped
    volumes:
      - redis-data:/data
    networks:
      - internal_network
  es:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
    restart: unless-stopped
    environment:
      ES_JAVA_OPTS: -Xms512m -Xmx512m
      cluster.name: es-mastodon
      discovery.type: single-node
      bootstrap.memory_lock: 'true'
    volumes:
      - es-data:/usr/share/elasticsearch/data
    networks:
      - internal_network
    ulimits:
      memlock:
        soft: -1
        hard: -1
  libretranslate:
    image: libretranslate/libretranslate:v1.3.11
    restart: unless-stopped
    volumes:
      - lt-data:/home/libretranslate/.local
    networks:
      - external_network
      - internal_network
 volumes:
  postgres-data:
  redis-data:
  es-data:
  lt-data:
 networks:
  external_network:
  internal_network:
    internal: true
--- a/.devcontainer/post-create.sh
+++ b/.devcontainer/post-create.sh
@ -1,26 +0,0 @@
 #!/bin/bash
 set -e # Fail the whole script on first error
 # Fetch Ruby gem dependencies
 bundle config path 'vendor/bundle'
 bundle config with 'development test'
 bundle install
 # Make Gemfile.lock pristine again
 git checkout -- Gemfile.lock
 # Fetch Javascript dependencies
 yarn --frozen-lockfile
 # [re]create, migrate, and seed the test database
 RAILS_ENV=test ./bin/rails db:setup
 # [re]create, migrate, and seed the development database
 RAILS_ENV=development ./bin/rails db:setup
 # Precompile assets for development
 RAILS_ENV=development ./bin/rails assets:precompile
 # Precompile assets for test
 RAILS_ENV=test NODE_ENV=tests ./bin/rails assets:precompile
--- a/.devcontainer/welcome-message.txt
+++ b/.devcontainer/welcome-message.txt
@ -1,8 +0,0 @@
 👋 Welcome to "Mastodon" in GitHub Codespaces!
 🛠️  Your environment is fully setup with all the required software.
 🔍 To explore VS Code to its fullest, search using the Command Palette (Cmd/Ctrl + Shift + P or F1).
 📝 Edit away, run your app as usual, and we'll automatically make it available for you to access.
--- a/.dockerignore
+++ b/.dockerignore
@ -1,10 +1,6 @@
 .bundle
 .env
 .env.*
 .git
 .gitattributes
 .gitignore
 .github
 public/system
 public/assets
 public/packs
@ -15,7 +11,5 @@ vendor/bundle
 *.swp
 *~
 postgres
 postgres14
 redis
 elasticsearch
 chart
--- a/.editorconfig
+++ b/.editorconfig
@ -10,4 +10,3 @@ insert_final_newline = true
 charset = utf-8
 indent_style = space
 indent_size = 2
 trim_trailing_whitespace = true
--- a/.env.nanobox
+++ b/.env.nanobox
@ -0,0 +1,226 @@
 # Service dependencies
 # You may set REDIS_URL instead for more advanced options
 REDIS_HOST=$DATA_REDIS_HOST
 REDIS_PORT=6379
 # REDIS_DB=0
 # You may set DATABASE_URL instead for more advanced options
 DB_HOST=$DATA_DB_HOST
 DB_USER=$DATA_DB_USER
 DB_NAME=gonano
 DB_PASS=$DATA_DB_PASS
 DB_PORT=5432
 DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano
 # Optional ElasticSearch configuration
 ES_ENABLED=true
 ES_HOST=$DATA_ELASTIC_HOST
 ES_PORT=9200
 # Optimizations
 LD_PRELOAD=/data/lib/libjemalloc.so
 # ImageMagick optimizations
 MAGICK_TEMPORARY_PATH=/app/tmp
 MAGICK_MEMORY_LIMIT=128MiB
 MAGICK_MAP_LIMIT=64MiB
 MAGICK_TIME_LIMIT=15
 MAGICK_AREA_LIMIT=16MP
 MAGICK_WIDTH_LIMIT=8KP
 MAGICK_HEIGHT_LIMIT=8KP
 # Federation
 # Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
 # LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
 LOCAL_DOMAIN=${APP_NAME}.nanoapp.io
 # Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
 # Use this only if you need to run mastodon on a different domain than the one used for federation.
 # You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
 # DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
 # WEB_DOMAIN=mastodon.example.com
 # Use this if you want to have several aliases handler@example1.com
 # handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
 # be added. Comma separated values
 # ALTERNATE_DOMAINS=example1.com,example2.com
 # Application secrets
 # Generate each with the `rake secret` task (`nanobox run bundle exec rake secret`)
 SECRET_KEY_BASE=$SECRET_KEY_BASE
 OTP_SECRET=$OTP_SECRET
 # VAPID keys (used for push notifications)
 # You can generate the keys using the following command (first is the private key, second is the public one)
 # You should only generate this once per instance. If you later decide to change it, all push subscription will
 # be invalidated, requiring the users to access the website again to resubscribe.
 #
 # Generate with `rake mastodon:webpush:generate_vapid_key` task (`nanobox run bundle exec rake mastodon:webpush:generate_vapid_key`)
 #
 # For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
 VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
 VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY
 # Registrations
 # Single user mode will disable registrations and redirect frontpage to the first profile
 # SINGLE_USER_MODE=true
 # Prevent registrations with following e-mail domains
 # EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
 # Only allow registrations with the following e-mail domains
 # EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
 # Optionally change default language
 # DEFAULT_LOCALE=de
 # E-mail configuration
 # Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
 # If you want to use an SMTP server without authentication (e.g local Postfix relay)
 # then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
 # *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
 SMTP_SERVER=$SMTP_SERVER
 SMTP_PORT=587
 SMTP_LOGIN=$SMTP_LOGIN
 SMTP_PASSWORD=$SMTP_PASSWORD
 SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 #SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
 #SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
 #SMTP_AUTH_METHOD=plain
 #SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
 #SMTP_OPENSSL_VERIFY_MODE=peer
 #SMTP_ENABLE_STARTTLS_AUTO=true
 #SMTP_TLS=true
 # Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
 # PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
 # PAPERCLIP_ROOT_URL=/system
 # Optional asset host for multi-server setups
 # CDN_HOST=https://assets.example.com
 # S3 (optional)
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
 # AWS_SECRET_ACCESS_KEY=
 # S3_REGION=
 # S3_PROTOCOL=http
 # S3_HOSTNAME=192.168.1.123:9000
 # S3 (Minio Config (optional) Please check Minio instance for details)
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
 # AWS_SECRET_ACCESS_KEY=
 # S3_REGION=
 # S3_PROTOCOL=https
 # S3_HOSTNAME=
 # S3_ENDPOINT=
 # S3_SIGNATURE_VERSION=
 # Swift (optional)
 # SWIFT_ENABLED=true
 # SWIFT_USERNAME=
 # For Keystone V3, the value for SWIFT_TENANT should be the project name
 # SWIFT_TENANT=
 # SWIFT_PASSWORD=
 # Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
 # issues with token rate-limiting during high load.
 # SWIFT_AUTH_URL=
 # SWIFT_CONTAINER=
 # SWIFT_OBJECT_URL=
 # SWIFT_REGION=
 # Defaults to 'default'
 # SWIFT_DOMAIN_NAME=
 # Defaults to 60 seconds. Set to 0 to disable
 # SWIFT_CACHE_TTL=
 # Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
 # S3_ALIAS_HOST=
 # Streaming API integration
 # STREAMING_API_BASE_URL=
 # Advanced settings
 # If you need to use pgBouncer, you need to disable prepared statements:
 # PREPARED_STATEMENTS=false
 # Cluster number setting for streaming API server.
 # If you comment out following line, cluster number will be `numOfCpuCores - 1`.
 # STREAMING_CLUSTER_NUM=1
 # Docker mastodon user
 # If you use Docker, you may want to assign UID/GID manually.
 # UID=1000
 # GID=1000
 # LDAP authentication (optional)
 # LDAP_ENABLED=true
 # LDAP_HOST=localhost
 # LDAP_PORT=389
 # LDAP_METHOD=simple_tls
 # LDAP_BASE=
 # LDAP_BIND_DN=
 # LDAP_PASSWORD=
 # LDAP_UID=cn
 # PAM authentication (optional)
 # PAM authentication uses for the email generation the "email" pam variable
 # and optional as fallback PAM_DEFAULT_SUFFIX
 # The pam environment variable "email" is provided by:
 # https://github.com/devkral/pam_email_extractor
 # PAM_ENABLED=true
 # Fallback Suffix for email address generation (nil by default)
 # PAM_DEFAULT_SUFFIX=pam
 # Name of the pam service (pam "auth" section is evaluated)
 # PAM_DEFAULT_SERVICE=rpam
 # Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
 # PAM_CONTROLLED_SERVICE=rpam
 # Global OAuth settings (optional) :
 # If you have only one strategy, you may want to enable this
 # OAUTH_REDIRECT_AT_SIGN_IN=true
 # Optional CAS authentication (cf. omniauth-cas) :
 # CAS_ENABLED=true
 # CAS_URL=https://sso.myserver.com/
 # CAS_HOST=sso.myserver.com/
 # CAS_PORT=443
 # CAS_SSL=true
 # CAS_VALIDATE_URL=
 # CAS_CALLBACK_URL=
 # CAS_LOGOUT_URL=
 # CAS_LOGIN_URL=
 # CAS_UID_FIELD='user'
 # CAS_CA_PATH=
 # CAS_DISABLE_SSL_VERIFICATION=false
 # CAS_UID_KEY='user'
 # CAS_NAME_KEY='name'
 # CAS_EMAIL_KEY='email'
 # CAS_NICKNAME_KEY='nickname'
 # CAS_FIRST_NAME_KEY='firstname'
 # CAS_LAST_NAME_KEY='lastname'
 # CAS_LOCATION_KEY='location'
 # CAS_IMAGE_KEY='image'
 # CAS_PHONE_KEY='phone'
 # Optional SAML authentication (cf. omniauth-saml)
 # SAML_ENABLED=true
 # SAML_ACS_URL=
 # SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
 # SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
 # SAML_IDP_CERT=
 # SAML_IDP_CERT_FINGERPRINT=
 # SAML_NAME_IDENTIFIER_FORMAT=
 # SAML_CERT=
 # SAML_PRIVATE_KEY=
 # SAML_SECURITY_WANT_ASSERTION_SIGNED=true
 # SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
 # SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
 # SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
 # SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
 # SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.5.4.42"
 # SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
--- a/.env.production.sample
+++ b/.env.production.sample
@ -1,77 +1,232 @@
-# This is a sample configuration file. You can generate your configuration
+# Service dependencies
-# with the `rake mastodon:setup` interactive setup wizard, but to customize
+# You may set REDIS_URL instead for more advanced options
-# your setup even further, you'll need to edit it manually. This sample does
+# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
-# not demonstrate all available configuration options. Please look at
+REDIS_HOST=redis
 # https://docs.joinmastodon.org/admin/config/ for the full documentation.
 # Note that this file accepts slightly different syntax depending on whether
 # you are using `docker-compose` or not. In particular, if you use
 # `docker-compose`, the value of each declared variable will be taken verbatim,
 # including surrounding quotes.
 # See: https://github.com/mastodon/mastodon/issues/16895
 # Federation
 # ----------
 # This identifies your server and cannot be changed safely later
 # ----------
 LOCAL_DOMAIN=example.com
 # Redis
 # -----
 REDIS_HOST=localhost
 REDIS_PORT=6379
-
+# You may set DATABASE_URL instead for more advanced options
-# PostgreSQL
+DB_HOST=db
-# ----------
+DB_USER=postgres
-DB_HOST=/var/run/postgresql
+DB_NAME=postgres
 DB_USER=mastodon
 DB_NAME=mastodon_production
 DB_PASS=
 DB_PORT=5432
 # Optional ElasticSearch configuration
 # ES_ENABLED=true
 # ES_HOST=es
 # ES_PORT=9200
-# Elasticsearch (optional)
+# Federation
-# ------------------------
+# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
-ES_ENABLED=true
+# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
-ES_HOST=localhost
+LOCAL_DOMAIN=example.com
 ES_PORT=9200
 # Authentication for ES (optional)
 ES_USER=elastic
 ES_PASS=password
-# Secrets
+# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
-# -------
+
-# Make sure to use `rake secret` to generate secrets
+# Use this only if you need to run mastodon on a different domain than the one used for federation.
-# -------
+# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
 # DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
 # WEB_DOMAIN=mastodon.example.com
 # Use this if you want to have several aliases handler@example1.com
 # handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
 # be added. Comma separated values
 # ALTERNATE_DOMAINS=example1.com,example2.com
 # Application secrets
 # Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
 SECRET_KEY_BASE=
 OTP_SECRET=
-# Web Push
+# VAPID keys (used for push notifications
-# --------
+# You can generate the keys using the following command (first is the private key, second is the public one)
-# Generate with `rake mastodon:webpush:generate_vapid_key`
+# You should only generate this once per instance. If you later decide to change it, all push subscription will
-# --------
+# be invalidated, requiring the users to access the website again to resubscribe.
 #
 # Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
 #
 # For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
 VAPID_PRIVATE_KEY=
 VAPID_PUBLIC_KEY=
-# Sending mail
+# Registrations
-# ------------
+# Single user mode will disable registrations and redirect frontpage to the first profile
-SMTP_SERVER=
+# SINGLE_USER_MODE=true
 # Prevent registrations with following e-mail domains
 # EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
 # Only allow registrations with the following e-mail domains
 # EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
 # Optionally change default language
 # DEFAULT_LOCALE=de
 # E-mail configuration
 # Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
 # If you want to use an SMTP server without authentication (e.g local Postfix relay)
 # then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
 # *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
 SMTP_SERVER=smtp.mailgun.org
 SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
 SMTP_FROM_ADDRESS=notifications@example.com
 #SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
 #SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
 #SMTP_AUTH_METHOD=plain
 #SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
 #SMTP_OPENSSL_VERIFY_MODE=peer
 #SMTP_ENABLE_STARTTLS_AUTO=true
 #SMTP_TLS=true
-# File storage (optional)
+# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
-# -----------------------
+# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
-S3_ENABLED=true
+# PAPERCLIP_ROOT_URL=/system
 S3_BUCKET=files.example.com
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
 S3_ALIAS_HOST=files.example.com
-# IP and session retention
+# Optional asset host for multi-server setups
-# -----------------------
+# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
-# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
+# if WEB_DOMAIN is not set. For example, the server may have the
-# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
+# following header field:
-# -----------------------
+# Access-Control-Allow-Origin: https://example.com/
-IP_RETENTION_PERIOD=31556952
+# CDN_HOST=https://assets.example.com
-SESSION_RETENTION_PERIOD=31556952
+
 # S3 (optional)
 # The attachment host must allow cross origin request from WEB_DOMAIN or
 # LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
 # following header field:
 # Access-Control-Allow-Origin: https://192.168.1.123:9000/
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
 # AWS_SECRET_ACCESS_KEY=
 # S3_REGION=
 # S3_PROTOCOL=http
 # S3_HOSTNAME=192.168.1.123:9000
 # S3 (Minio Config (optional) Please check Minio instance for details)
 # The attachment host must allow cross origin request - see the description
 # above.
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
 # AWS_SECRET_ACCESS_KEY=
 # S3_REGION=
 # S3_PROTOCOL=https
 # S3_HOSTNAME=
 # S3_ENDPOINT=
 # S3_SIGNATURE_VERSION=
 # Swift (optional)
 # The attachment host must allow cross origin request - see the description
 # above.
 # SWIFT_ENABLED=true
 # SWIFT_USERNAME=
 # For Keystone V3, the value for SWIFT_TENANT should be the project name
 # SWIFT_TENANT=
 # SWIFT_PASSWORD=
 # Some OpenStack V3 providers require PROJECT_ID (optional)
 # SWIFT_PROJECT_ID=
 # Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
 # issues with token rate-limiting during high load.
 # SWIFT_AUTH_URL=
 # SWIFT_CONTAINER=
 # SWIFT_OBJECT_URL=
 # SWIFT_REGION=
 # Defaults to 'default'
 # SWIFT_DOMAIN_NAME=
 # Defaults to 60 seconds. Set to 0 to disable
 # SWIFT_CACHE_TTL=
 # Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
 # S3_ALIAS_HOST=
 # Streaming API integration
 # STREAMING_API_BASE_URL=
 # Advanced settings
 # If you need to use pgBouncer, you need to disable prepared statements:
 # PREPARED_STATEMENTS=false
 # Cluster number setting for streaming API server.
 # If you comment out following line, cluster number will be `numOfCpuCores - 1`.
 STREAMING_CLUSTER_NUM=1
 # Docker mastodon user
 # If you use Docker, you may want to assign UID/GID manually.
 # UID=1000
 # GID=1000
 # LDAP authentication (optional)
 # LDAP_ENABLED=true
 # LDAP_HOST=localhost
 # LDAP_PORT=389
 # LDAP_METHOD=simple_tls
 # LDAP_BASE=
 # LDAP_BIND_DN=
 # LDAP_PASSWORD=
 # LDAP_UID=cn
 # LDAP_SEARCH_FILTER="%{uid}=%{email}"
 # PAM authentication (optional)
 # PAM authentication uses for the email generation the "email" pam variable
 # and optional as fallback PAM_DEFAULT_SUFFIX
 # The pam environment variable "email" is provided by:
 # https://github.com/devkral/pam_email_extractor
 # PAM_ENABLED=true
 # Fallback email domain for email address generation (LOCAL_DOMAIN by default)
 # PAM_EMAIL_DOMAIN=example.com
 # Name of the pam service (pam "auth" section is evaluated)
 # PAM_DEFAULT_SERVICE=rpam
 # Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
 # PAM_CONTROLLED_SERVICE=rpam
 # Global OAuth settings (optional) :
 # If you have only one strategy, you may want to enable this
 # OAUTH_REDIRECT_AT_SIGN_IN=true
 # Optional CAS authentication (cf. omniauth-cas) :
 # CAS_ENABLED=true
 # CAS_URL=https://sso.myserver.com/
 # CAS_HOST=sso.myserver.com/
 # CAS_PORT=443
 # CAS_SSL=true
 # CAS_VALIDATE_URL=
 # CAS_CALLBACK_URL=
 # CAS_LOGOUT_URL=
 # CAS_LOGIN_URL=
 # CAS_UID_FIELD='user'
 # CAS_CA_PATH=
 # CAS_DISABLE_SSL_VERIFICATION=false
 # CAS_UID_KEY='user'
 # CAS_NAME_KEY='name'
 # CAS_EMAIL_KEY='email'
 # CAS_NICKNAME_KEY='nickname'
 # CAS_FIRST_NAME_KEY='firstname'
 # CAS_LAST_NAME_KEY='lastname'
 # CAS_LOCATION_KEY='location'
 # CAS_IMAGE_KEY='image'
 # CAS_PHONE_KEY='phone'
 # Optional SAML authentication (cf. omniauth-saml)
 # SAML_ENABLED=true
 # SAML_ACS_URL=
 # SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
 # SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
 # SAML_IDP_CERT=
 # SAML_IDP_CERT_FINGERPRINT=
 # SAML_NAME_IDENTIFIER_FORMAT=
 # SAML_CERT=
 # SAML_PRIVATE_KEY=
 # SAML_SECURITY_WANT_ASSERTION_SIGNED=true
 # SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
 # SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
 # SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
 # SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
 # SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
 # SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42"
 # SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4"
 # SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
 # Use HTTP proxy for outgoing request (optional)
 # http_proxy=http://gateway.local:8118
 # Access control for hidden service.
 # ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
--- a/.env.test
+++ b/.env.test
@ -1,5 +1,5 @@
 # Node.js
-NODE_ENV=tests
+NODE_ENV=test
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
--- a/.env.vagrant
+++ b/.env.vagrant
@ -1,8 +1,2 @@
 VAGRANT=true
 LOCAL_DOMAIN=mastodon.local
 BIND=0.0.0.0
 DB_HOST=/var/run/postgresql/
 ES_ENABLED=true
 ES_HOST=localhost
 ES_PORT=9200
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -1,71 +1,66 @@
 module.exports = {
  root: true,
  extends: [
    'eslint:recommended',
    'plugin:react/recommended',
    'plugin:react-hooks/recommended',
    'plugin:jsx-a11y/recommended',
    'plugin:import/recommended',
    'plugin:promise/recommended',
    'plugin:jsdoc/recommended',
    'plugin:prettier/recommended',
  ],
  env: {
    browser: true,
    node: true,
    es6: true,
    jest: true,
  },
  globals: {
    ATTACHMENT_HOST: false,
  },
-  parser: '@typescript-eslint/parser',
+  parser: 'babel-eslint',
  plugins: [
    'react',
    'jsx-a11y',
    'import',
    'promise',
    '@typescript-eslint',
    'formatjs',
  ],
  parserOptions: {
    sourceType: 'module',
    ecmaFeatures: {
      experimentalObjectRestSpread: true,
      jsx: true,
    },
-    ecmaVersion: 2021,
+    ecmaVersion: 2018,
    requireConfigFile: false,
    babelOptions: {
      configFile: false,
      presets: ['@babel/react', '@babel/env'],
    },
  },
  settings: {
    react: {
      version: 'detect',
    },
    'import/extensions': [
      '.js',
    ],
    'import/ignore': [
      'node_modules',
      '\\.(css|scss|json)$',
    ],
    'import/resolver': {
      typescript: {},
    },
  },
  rules: {
    'brace-style': 'warn',
    'comma-dangle': ['error', 'always-multiline'],
    'comma-spacing': [
      'warn',
      {
        before: false,
        after: true,
      },
    ],
    'comma-style': ['warn', 'last'],
    'consistent-return': 'error',
    'dot-notation': 'error',
-    eqeqeq: ['error', 'always', { 'null': 'ignore' }],
+    eqeqeq: 'error',
    indent: ['warn', 2],
    'jsx-quotes': ['error', 'prefer-single'],
    'no-case-declarations': 'off',
    'no-catch-shadow': 'error',
    'no-cond-assign': 'error',
    'no-console': [
      'warn',
      {
@ -75,75 +70,86 @@ module.exports = {
        ],
      },
    ],
-    'no-empty': 'off',
+    'no-fallthrough': 'error',
-    'no-restricted-properties': [
+    'no-irregular-whitespace': 'error',
-      'error',
+    'no-mixed-spaces-and-tabs': 'warn',
-      { property: 'substring', message: 'Use .slice instead of .substring.' },
+    'no-nested-ternary': 'warn',
-      { property: 'substr', message: 'Use .slice instead of .substr.' },
+    'no-trailing-spaces': 'warn',
-    ],
+    'no-undef': 'error',
-    'no-restricted-syntax': [
+    'no-unreachable': 'error',
      'error',
      {
        // eslint-disable-next-line no-restricted-syntax
        selector: 'Literal[value=/•/], JSXText[value=/•/]',
        // eslint-disable-next-line no-restricted-syntax
        message: "Use '·' (middle dot) instead of '•' (bullet)",
      },
    ],
    'no-self-assign': 'off',
    'no-unused-expressions': 'error',
-    'no-unused-vars': 'off',
+    'no-unused-vars': [
    '@typescript-eslint/no-unused-vars': [
      'error',
      {
        vars: 'all',
        args: 'after-used',
        destructuredArrayIgnorePattern: '^_',
        ignoreRestSiblings: true,
      },
    ],
    'object-curly-spacing': ['error', 'always'],
    'padded-blocks': [
      'error',
      {
        classes: 'always',
      },
    ],
    quotes: ['error', 'single'],
    semi: 'error',
    strict: 'off',
    'valid-typeof': 'error',
    'react/jsx-filename-extension': ['error', { extensions: ['.jsx', 'tsx'] }],
    'react/jsx-boolean-value': 'error',
-    'react/display-name': 'off',
+    'react/jsx-closing-bracket-location': ['error', 'line-aligned'],
-    'react/jsx-fragments': ['error', 'syntax'],
+    'react/jsx-curly-spacing': 'error',
    'react/jsx-equals-spacing': 'error',
    'react/jsx-first-prop-new-line': ['error', 'multiline-multiprop'],
    'react/jsx-indent': ['error', 2],
    'react/jsx-no-bind': 'error',
-    'react/jsx-no-useless-fragment': 'error',
+    'react/jsx-no-duplicate-props': 'error',
-    'react/jsx-no-target-blank': 'off',
+    'react/jsx-no-undef': 'error',
    'react/jsx-tag-spacing': 'error',
-    'react/jsx-uses-react': 'off', // not needed with new JSX transform
+    'react/jsx-uses-react': 'error',
    'react/jsx-uses-vars': 'error',
    'react/jsx-wrap-multilines': 'error',
-    'react/no-deprecated': 'off',
+    'react/no-multi-comp': 'off',
-    'react/no-unknown-property': 'off',
+    'react/no-string-refs': 'error',
-    'react/react-in-jsx-scope': 'off', // not needed with new JSX transform
+    'react/prop-types': 'error',
    'react/self-closing-comp': 'error',
    // recommended values found in https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/main/src/index.js
    'jsx-a11y/accessible-emoji': 'warn',
-    'jsx-a11y/click-events-have-key-events': 'off',
+    'jsx-a11y/alt-text': 'warn',
-    'jsx-a11y/label-has-associated-control': 'off',
+    'jsx-a11y/anchor-has-content': 'warn',
-    'jsx-a11y/media-has-caption': 'off',
+    'jsx-a11y/anchor-is-valid': [
-    'jsx-a11y/no-autofocus': 'off',
+      'warn',
-    // recommended rule is:
+      {
-    // 'jsx-a11y/no-interactive-element-to-noninteractive-role': [
+        components: [
-    //   'error',
+          'Link',
-    //   {
+          'NavLink',
-    //     tr: ['none', 'presentation'],
+        ],
-    //     canvas: ['img'],
+        specialLink: [
-    //   },
+          'to',
-    // ],
+        ],
-    'jsx-a11y/no-interactive-element-to-noninteractive-role': 'off',
+        aspect: [
-    // recommended rule is:
+          'noHref',
-    // 'jsx-a11y/no-noninteractive-element-interactions': [
+          'invalidHref',
-    //   'error',
+          'preferButton',
-    //   {
+        ],
-    //     body: ['onError', 'onLoad'],
+      },
-    //     iframe: ['onError', 'onLoad'],
+    ],
-    //     img: ['onError', 'onLoad'],
+    'jsx-a11y/aria-activedescendant-has-tabindex': 'warn',
-    //   },
+    'jsx-a11y/aria-props': 'warn',
-    // ],
+    'jsx-a11y/aria-proptypes': 'warn',
    'jsx-a11y/aria-role': 'warn',
    'jsx-a11y/aria-unsupported-elements': 'warn',
    'jsx-a11y/heading-has-content': 'warn',
    'jsx-a11y/html-has-lang': 'warn',
    'jsx-a11y/iframe-has-title': 'warn',
    'jsx-a11y/img-redundant-alt': 'warn',
    'jsx-a11y/interactive-supports-focus': 'warn',
    'jsx-a11y/label-has-for': 'off',
    'jsx-a11y/mouse-events-have-key-events': 'warn',
    'jsx-a11y/no-access-key': 'warn',
    'jsx-a11y/no-distracting-elements': 'warn',
    'jsx-a11y/no-noninteractive-element-interactions': [
      'warn',
      {
@ -152,18 +158,8 @@ module.exports = {
        ],
      },
    ],
    // recommended rule is:
    // 'jsx-a11y/no-noninteractive-tabindex': [
    //   'error',
    //   {
    //     tags: [],
    //     roles: ['tabpanel'],
    //     allowExpressionValues: true,
    //   },
    // ],
    'jsx-a11y/no-noninteractive-tabindex': 'off',
    'jsx-a11y/no-onchange': 'warn',
-    // recommended is full 'error'
+    'jsx-a11y/no-redundant-roles': 'warn',
    'jsx-a11y/no-static-element-interactions': [
      'warn',
      {
@ -172,213 +168,32 @@ module.exports = {
        ],
      },
    ],
    'jsx-a11y/role-has-required-aria-props': 'warn',
    'jsx-a11y/role-supports-aria-props': 'off',
    'jsx-a11y/scope': 'warn',
    'jsx-a11y/tabindex-no-positive': 'warn',
    // See https://github.com/import-js/eslint-plugin-import/blob/main/config/recommended.js
    'import/extensions': [
      'error',
      'always',
      {
        js: 'never',
        jsx: 'never',
        mjs: 'never',
        ts: 'never',
        tsx: 'never',
      },
    ],
    'import/first': 'error',
    'import/newline-after-import': 'error',
    'import/no-anonymous-default-export': 'error',
    'import/no-extraneous-dependencies': [
      'error',
      {
        devDependencies: [
          'config/webpack/**',
          'app/javascript/mastodon/performance.js',
          'app/javascript/mastodon/test_setup.js',
          'app/javascript/**/__tests__/**',
        ],
      },
    ],
-    'import/no-amd': 'error',
+    'import/no-unresolved': 'error',
    'import/no-commonjs': 'error',
    'import/no-import-module-exports': 'error',
    'import/no-relative-packages': 'error',
    'import/no-self-import': 'error',
    'import/no-useless-path-segments': 'error',
    'import/no-webpack-loader-syntax': 'error',
-    'import/order': [
+    'promise/catch-or-return': 'error',
      'error',
      {
        alphabetize: { order: 'asc' },
        'newlines-between': 'always',
        groups: [
          'builtin',
          'external',
          'internal',
          'parent',
          ['index', 'sibling'],
          'object',
        ],
        pathGroups: [
          // React core packages
          {
            pattern: '{react,react-dom,react-dom/client,prop-types}',
            group: 'builtin',
            position: 'after',
          },
          // I18n
          {
            pattern: '{react-intl,intl-messageformat}',
            group: 'builtin',
            position: 'after',
          },
          // Common React utilities
          {
            pattern: '{classnames,react-helmet,react-router-dom}',
            group: 'external',
            position: 'before',
          },
          // Immutable / Redux / data store
          {
            pattern: '{immutable,react-redux,react-immutable-proptypes,react-immutable-pure-component,reselect}',
            group: 'external',
            position: 'before',
          },
          // Internal packages
          {
            pattern: '{mastodon/**}',
            group: 'internal',
            position: 'after',
          },
        ],
        pathGroupsExcludedImportTypes: [],
      },
    ],
    'promise/always-return': 'off',
    'promise/catch-or-return': [
      'error',
      {
        allowFinally: true,
      },
    ],
    'promise/no-callback-in-promise': 'off',
    'promise/no-nesting': 'off',
    'promise/no-promise-in-callback': 'off',
    'formatjs/blocklist-elements': 'error',
    'formatjs/enforce-default-message': ['error', 'literal'],
    'formatjs/enforce-description': 'off', // description values not currently used
    'formatjs/enforce-id': 'off', // Explicit IDs are used in the project
    'formatjs/enforce-placeholders': 'off', // Issues in short_number.jsx
    'formatjs/enforce-plural-rules': 'error',
    'formatjs/no-camel-case': 'off', // disabledAccount is only non-conforming
    'formatjs/no-complex-selectors': 'error',
    'formatjs/no-emoji': 'error',
    'formatjs/no-id': 'off', // IDs are used for translation keys
    'formatjs/no-invalid-icu': 'error',
    'formatjs/no-literal-string-in-jsx': 'off', // Should be looked at, but mainly flagging punctuation outside of strings
    'formatjs/no-multiple-plurals': 'off', // Only used by hashtag.jsx
    'formatjs/no-multiple-whitespaces': 'error',
    'formatjs/no-offset': 'error',
    'formatjs/no-useless-message': 'error',
    'formatjs/prefer-formatted-message': 'error',
    'formatjs/prefer-pound-in-plural': 'error',
    'jsdoc/check-types': 'off',
    'jsdoc/no-undefined-types': 'off',
    'jsdoc/require-jsdoc': 'off',
    'jsdoc/require-param-description': 'off',
    'jsdoc/require-property-description': 'off',
    'jsdoc/require-returns-description': 'off',
    'jsdoc/require-returns': 'off',
  },
  overrides: [
    {
      files: [
        '*.config.js',
        '.*rc.js',
        'ide-helper.js',
        'config/webpack/**/*',
        'config/formatjs-formatter.js',
      ],
      env: {
        commonjs: true,
      },
      parserOptions: {
        sourceType: 'script',
      },
      rules: {
        'import/no-commonjs': 'off',
      },
    },
    {
      files: [
        '**/*.ts',
        '**/*.tsx',
      ],
      extends: [
        'eslint:recommended',
        'plugin:@typescript-eslint/strict-type-checked',
        'plugin:@typescript-eslint/stylistic-type-checked',
        'plugin:react/recommended',
        'plugin:react-hooks/recommended',
        'plugin:jsx-a11y/recommended',
        'plugin:import/recommended',
        'plugin:import/typescript',
        'plugin:promise/recommended',
        'plugin:jsdoc/recommended-typescript',
        'plugin:prettier/recommended',
      ],
      parserOptions: {
        project: true,
        tsconfigRootDir: __dirname,
      },
      rules: {
        'import/consistent-type-specifier-style': ['error', 'prefer-top-level'],
        '@typescript-eslint/consistent-type-definitions': ['warn', 'interface'],
        '@typescript-eslint/consistent-type-exports': 'error',
        '@typescript-eslint/consistent-type-imports': 'error',
        "@typescript-eslint/prefer-nullish-coalescing": ['error', {ignorePrimitives: {boolean: true}}],
        'jsdoc/require-jsdoc': 'off',
        // Those rules set stricter rules for TS files
        // to enforce better practices when converting from JS
        'import/no-default-export': 'warn',
        'react/prefer-stateless-function': 'warn',
        'react/function-component-definition': ['error', { namedComponents: 'arrow-function' }],
        'react/jsx-uses-react': 'off', // not needed with new JSX transform
        'react/react-in-jsx-scope': 'off', // not needed with new JSX transform
        'react/prop-types': 'off',
      },
    },
    {
      files: [
        '**/__tests__/*.js',
        '**/__tests__/*.jsx',
      ],
      env: {
        jest: true,
      },
    },
    {
      files: [
        'streaming/**/*',
      ],
      rules: {
        'import/no-commonjs': 'off',
      },
    },
  ],
 };
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -0,0 +1,32 @@
 # CODEOWNERS for tootsuite/mastodon
 # Translators
 # To add translator, copy these lines, replace `fr` with appropriate language code and replace `@żelipapą` with user's GitHub nickname preceded by `@` sign or e-mail address.
 # /app/javascript/mastodon/locales/fr.json @żelipapą
 # /app/views/user_mailer/*.fr.html.erb @żelipapą
 # /app/views/user_mailer/*.fr.text.erb @żelipapą
 # /config/locales/*.fr.yml @żelipapą
 # /config/locales/fr.yml @żelipapą
 # Polish
 /app/javascript/mastodon/locales/pl.json @m4sk1n
 /app/views/user_mailer/*.pl.html.erb @m4sk1n
 /app/views/user_mailer/*.pl.text.erb @m4sk1n
 /config/locales/*.pl.yml @m4sk1n
 /config/locales/pl.yml @m4sk1n
 # French
 /app/javascript/mastodon/locales/fr.json @aldarone
 /app/javascript/mastodon/locales/whitelist_fr.json @aldarone
 /app/views/user_mailer/*.fr.html.erb @aldarone
 /app/views/user_mailer/*.fr.text.erb @aldarone
 /config/locales/*.fr.yml @aldarone
 /config/locales/fr.yml @aldarone
 # Dutch
 /app/javascript/mastodon/locales/nl.json @jeroenpraat
 /app/javascript/mastodon/locales/whitelist_nl.json @jeroenpraat
 /app/views/user_mailer/*.nl.html.erb @jeroenpraat
 /app/views/user_mailer/*.nl.text.erb @jeroenpraat
 /config/locales/*.nl.yml @jeroenpraat
 /config/locales/nl.yml @jeroenpraat
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,3 +0,0 @@
 patreon: mastodon
 open_collective: mastodon
 custom: https://sponsor.joinmastodon.org
--- a/.github/ISSUE_TEMPLATE/1.web_bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1.web_bug_report.yml
@ -1,76 +0,0 @@
 name: Bug Report (Web Interface)
 description: If you are using Mastodon's web interface and something is not working as expected
 labels: [bug, 'status/to triage', 'area/web interface']
 body:
  - type: markdown
    attributes:
      value: |
        Make sure that you are submitting a new bug that was not previously reported or already fixed.
        Please use a concise and distinct title for the issue.
  - type: textarea
    attributes:
      label: Steps to reproduce the problem
      description: What were you trying to do?
      value: |
        1.
        2.
        3.
        ...
    validations:
      required: true
  - type: input
    attributes:
      label: Expected behaviour
      description: What should have happened?
    validations:
      required: true
  - type: input
    attributes:
      label: Actual behaviour
      description: What happened?
    validations:
      required: true
  - type: textarea
    attributes:
      label: Detailed description
    validations:
      required: false
  - type: input
    attributes:
      label: Mastodon instance
      description: The address of the Mastodon instance where you experienced the issue
      placeholder: mastodon.social
    validations:
      required: true
  - type: input
    attributes:
      label: Mastodon version
      description: |
        This is displayed at the bottom of the About page, eg. `v4.1.2+nightly-20230627`
      placeholder: v4.1.2
    validations:
      required: true
  - type: input
    attributes:
      label: Browser name and version
      description: |
        What browser are you using when getting this bug? Please specify the version as well.
      placeholder: Firefox 105.0.3
    validations:
      required: true
  - type: input
    attributes:
      label: Operating system
      description: |
        What OS are you running? Please specify the version as well.
      placeholder: macOS 13.4.1
    validations:
      required: true
  - type: textarea
    attributes:
      label: Technical details
      description: |
        Any additional technical details you may have. This can include the full error log, inspector's output…
    validations:
      required: false
--- a/.github/ISSUE_TEMPLATE/2.server_bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/2.server_bug_report.yml
@ -1,65 +0,0 @@
 name: Bug Report (server / API)
 description: |
  If something is not working as expected, but is not from using the web interface.
 labels: [bug, 'status/to triage']
 body:
  - type: markdown
    attributes:
      value: |
        Make sure that you are submitting a new bug that was not previously reported or already fixed.
        Please use a concise and distinct title for the issue.
  - type: textarea
    attributes:
      label: Steps to reproduce the problem
      description: What were you trying to do?
      value: |
        1.
        2.
        3.
        ...
    validations:
      required: true
  - type: input
    attributes:
      label: Expected behaviour
      description: What should have happened?
    validations:
      required: true
  - type: input
    attributes:
      label: Actual behaviour
      description: What happened?
    validations:
      required: true
  - type: textarea
    attributes:
      label: Detailed description
    validations:
      required: false
  - type: input
    attributes:
      label: Mastodon instance
      description: The address of the Mastodon instance where you experienced the issue
      placeholder: mastodon.social
    validations:
      required: false
  - type: input
    attributes:
      label: Mastodon version
      description: |
        This is displayed at the bottom of the About page, eg. `v4.1.2+nightly-20230627`
      placeholder: v4.1.2
    validations:
      required: false
  - type: textarea
    attributes:
      label: Technical details
      description: |
        Any additional technical details you may have, like logs or error traces
      value: |
        If this is happening on your own Mastodon server, please fill out those:
        - Ruby version: (from `ruby --version`, eg. v3.1.2)
        - Node.js version: (from `node --version`, eg. v18.16.0)
    validations:
      required: false
--- a/.github/ISSUE_TEMPLATE/3.feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/3.feature_request.yml
@ -1,22 +0,0 @@
 name: Feature Request
 description: I have a suggestion
 labels: [suggestion]
 body:
  - type: markdown
    attributes:
      value: |
        Please use a concise and distinct title for the issue.
        Consider: Could it be implemented as a 3rd party app using the REST API instead?
  - type: textarea
    attributes:
      label: Pitch
      description: Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before.
    validations:
      required: true
  - type: textarea
    attributes:
      label: Motivation
      description: Why do you think this feature is needed? Who would benefit from it?
    validations:
      required: true
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -0,0 +1,27 @@
 ---
 name: Bug Report
 about: If something isn't working as expected
 ---
 <!-- Make sure that you are submitting a new bug that was not previously reported or already fixed -->
 <!-- Please use a concise and distinct title for the issue -->
 ### Expected behaviour
 <!-- What should have happened? -->
 ### Actual behaviour
 <!-- What happened? -->
 ### Steps to reproduce the problem
 <!-- What were you trying to do? -->
 ### Specifications
 <!-- What version or commit hash of Mastodon did you find this bug in? -->
 <!-- If a front-end issue, what browser and operating systems were you using? -->
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -1,5 +0,0 @@
 blank_issues_enabled: false
 contact_links:
  - name: GitHub Discussions
    url: https://github.com/mastodon/mastodon/discussions
    about: Please ask and answer questions here.
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@ -0,0 +1,17 @@
 ---
 name: Feature Request
 about: I have a suggestion
 ---
 <!-- Please use a concise and distinct title for the issue -->
 <!-- Consider: Could it be implemented as a 3rd party app using the REST API instead? -->
 ### Pitch
 <!-- Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before -->
 ### Motivation
 <!-- Why do you think this feature is needed? Who would benefit from it? -->
--- a/.github/ISSUE_TEMPLATE/support.md
+++ b/.github/ISSUE_TEMPLATE/support.md
@ -0,0 +1,10 @@
 ---
 name: Support
 about: Ask for help with your deployment
 ---
 We primarily use GitHub as a bug and feature tracker. For usage questions, troubleshooting of deployments and other individual technical assistance, please use one of the resources below:
 - https://discourse.joinmastodon.org
 - #mastodon on irc.freenode.net
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@ -1,124 +0,0 @@
 {
  $schema: 'https://docs.renovatebot.com/renovate-schema.json',
  extends: [
    'config:recommended',
    ':labels(dependencies)',
    ':maintainLockFilesMonthly', // update non-direct dependencies monthly
    ':prConcurrentLimitNone', // Remove limit for open PRs at any time.
    ':prHourlyLimit2', // Rate limit PR creation to a maximum of two per hour.
  ],
  minimumReleaseAge: '3', // Wait 3 days after the package has been published before upgrading it
  // packageRules order is important, they are applied from top to bottom and are merged,
  // meaning the most important ones must be at the bottom, for example grouping rules
  // If we do not want a package to be grouped with others, we need to set its groupName
  // to `null` after any other rule set it to something.
  dependencyDashboardHeader: 'This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. Before approving any upgrade: read the description and comments in the [`renovate.json5` file](https://github.com/mastodon/mastodon/blob/main/.github/renovate.json5).',
  packageRules: [
    {
      // Require Dependency Dashboard Approval for major version bumps of these node packages
      matchManagers: ['npm'],
      matchPackageNames: [
        'tesseract.js', // Requires code changes
        'react-hotkeys', // Requires code changes
        // Requires Webpacker upgrade or replacement
        '@types/webpack',
        'babel-loader',
        'compression-webpack-plugin',
        'css-loader',
        'imports-loader',
        'mini-css-extract-plugin',
        'postcss-loader',
        'sass-loader',
        'terser-webpack-plugin',
        'webpack',
        'webpack-assets-manifest',
        'webpack-bundle-analyzer',
        'webpack-dev-server',
        'webpack-cli',
        // react-router: Requires manual upgrade
        'history',
        'react-router-dom',
      ],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Require Dependency Dashboard Approval for major version bumps of these Ruby packages
      matchManagers: ['bundler'],
      matchPackageNames: [
        'rack', // Needs to be synced with Rails version
        'sprockets', // Requires manual upgrade https://github.com/rails/sprockets/blob/master/UPGRADING.md#guide-to-upgrading-from-sprockets-3x-to-4x
        'strong_migrations', // Requires manual upgrade
        'sidekiq', // Requires manual upgrade
        'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version
        'redis', // Requires manual upgrade and sync with Sidekiq version
      ],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Update Github Actions and Docker images weekly
      matchManagers: ['github-actions', 'dockerfile', 'docker-compose'],
      extends: ['schedule:weekly'],
    },
    {
      // Require Dependency Dashboard Approval for major & minor bumps for the ruby image, this needs to be synced with .ruby-version
      matchManagers: ['dockerfile'],
      matchPackageNames: ['moritzheiber/ruby-jemalloc'],
      matchUpdateTypes: ['minor', 'major'],
      dependencyDashboardApproval: true,
    },
    {
      // Require Dependency Dashboard Approval for major bumps for the node image, this needs to be synced with .nvmrc
      matchManagers: ['dockerfile'],
      matchPackageNames: ['node'],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Require Dependency Dashboard Approval for major postgres bumps in the docker-compose file, as those break dev environments
      matchManagers: ['docker-compose'],
      matchPackageNames: ['postgres'],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Update devDependencies every week, with one grouped PR
      matchDepTypes: 'devDependencies',
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'devDependencies (non-major)',
      extends: ['schedule:weekly'],
    },
    {
      // Group all eslint-related packages with `eslint` in the same PR
      matchManagers: ['npm'],
      matchPackageNames: ['eslint'],
      matchPackagePrefixes: ['eslint-', '@typescript-eslint/'],
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'eslint (non-major)',
    },
    {
      // Update @types/* packages every week, with one grouped PR
      matchPackagePrefixes: '@types/',
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'DefinitelyTyped types (non-major)',
      extends: ['schedule:weekly'],
      addLabels: ['typescript'],
    },
    {
      // We want those packages to always have their own PR
      matchManagers: ['npm'],
      matchPackageNames: [
        'typescript', // Typescript has code-impacting changes in minor versions
      ],
      groupName: null, // We dont want them to belong to any group
    },
    // Add labels depending on package manager
    { matchManagers: ['npm', 'nvm'], addLabels: ['javascript'] },
    { matchManagers: ['bundler', 'ruby-version'], addLabels: ['ruby'] },
    { matchManagers: ['docker-compose', 'dockerfile'], addLabels: ['docker'] },
    { matchManagers: ['github-actions'], addLabels: ['github_actions'] },
  ],
 }
--- a/.github/stale.yml
+++ b/.github/stale.yml
@ -1,10 +0,0 @@
 daysUntilStale: 120
 daysUntilClose: 7
 exemptLabels:
  - security
 staleLabel: wontfix
 markComment: >
  This issue has been automatically marked as stale because it has not had
  recent activity. It will be closed if no further activity occurs. Thank you
  for your contributions.
 only: pulls
--- a/.github/stylelint-matcher.json
+++ b/.github/stylelint-matcher.json
@ -1,21 +0,0 @@
 {
  "problemMatcher": [
    {
      "owner": "stylelint",
      "pattern": [
        {
          "regexp": "^([^\\s].*)$",
          "file": 1
        },
        {
          "regexp": "^\\s+((\\d+):(\\d+))?\\s+(✖|×)\\s+(.*)\\s{2,}(.*)$",
          "line": 2,
          "column": 3,
          "message": 5,
          "code": 6,
          "loop": true
        }
      ]
    }
  ]
 }
--- a/.github/workflows/build-container-image.yml
+++ b/.github/workflows/build-container-image.yml
@ -1,99 +0,0 @@
 on:
  workflow_call:
    inputs:
      platforms:
        required: true
        type: string
      cache:
        type: boolean
        default: true
      use_native_arm64_builder:
        type: boolean
      push_to_images:
        type: string
      version_prerelease:
        type: string
      version_metadata:
        type: string
      flavor:
        type: string
      tags:
        type: string
      labels:
        type: string
 jobs:
  build-image:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: docker/setup-qemu-action@v2
        if: contains(inputs.platforms, 'linux/arm64') && !inputs.use_native_arm64_builder
      - uses: docker/setup-buildx-action@v2
        id: buildx
        if: ${{ !(inputs.use_native_arm64_builder && contains(inputs.platforms, 'linux/arm64')) }}
      - name: Start a local Docker Builder
        if: inputs.use_native_arm64_builder && contains(inputs.platforms, 'linux/arm64')
        run: |
          docker run --rm -d --name buildkitd -p 1234:1234 --privileged moby/buildkit:latest --addr tcp://0.0.0.0:1234
      - uses: docker/setup-buildx-action@v2
        id: buildx-native
        if: inputs.use_native_arm64_builder && contains(inputs.platforms, 'linux/arm64')
        with:
          driver: remote
          endpoint: tcp://localhost:1234
          platforms: linux/amd64
          append: |
            - endpoint: tcp://${{ vars.DOCKER_BUILDER_HETZNER_ARM64_01_HOST }}:13865
              platforms: linux/arm64
              name: mastodon-docker-builder-arm64-01
              driver-opts:
                - servername=mastodon-docker-builder-arm64-01
        env:
          BUILDER_NODE_1_AUTH_TLS_CACERT: ${{ secrets.DOCKER_BUILDER_HETZNER_ARM64_01_CACERT }}
          BUILDER_NODE_1_AUTH_TLS_CERT: ${{ secrets.DOCKER_BUILDER_HETZNER_ARM64_01_CERT }}
          BUILDER_NODE_1_AUTH_TLS_KEY: ${{ secrets.DOCKER_BUILDER_HETZNER_ARM64_01_KEY }}
      - name: Log in to Docker Hub
        if: contains(inputs.push_to_images, 'tootsuite')
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Log in to the Github Container registry
        if: contains(inputs.push_to_images, 'ghcr.io')
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - uses: docker/metadata-action@v4
        id: meta
        if: ${{ inputs.push_to_images != '' }}
        with:
          images: ${{ inputs.push_to_images }}
          flavor: ${{ inputs.flavor }}
          tags: ${{ inputs.tags }}
          labels: ${{ inputs.labels }}
      - uses: docker/build-push-action@v4
        with:
          context: .
          build-args: |
            MASTODON_VERSION_PRERELEASE=${{ inputs.version_prerelease }}
            MASTODON_VERSION_METADATA=${{ inputs.version_metadata }}
          platforms: ${{ inputs.platforms }}
          provenance: false
          builder: ${{ steps.buildx.outputs.name || steps.buildx-native.outputs.name }}
          push: ${{ inputs.push_to_images != '' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: ${{ inputs.cache && 'type=gha' || '' }}
          cache-to: ${{ inputs.cache && 'type=gha,mode=max' || '' }}
--- a/.github/workflows/build-nightly.yml
+++ b/.github/workflows/build-nightly.yml
@ -1,42 +0,0 @@
 name: Build nightly container image
 on:
  workflow_dispatch:
  schedule:
    - cron: '0 2 * * *' # run at 2 AM UTC
 permissions:
  contents: read
  packages: write
 jobs:
  compute-suffix:
    runs-on: ubuntu-latest
    steps:
      - id: version_vars
        env:
          TZ: Etc/UTC
        run: |
          echo mastodon_version_prerelease=nightly.$(date +'%Y-%m-%d')>> $GITHUB_OUTPUT
    outputs:
      prerelease: ${{ steps.version_vars.outputs.mastodon_version_prerelease }}
  build-image:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      cache: false
      push_to_images: |
        tootsuite/mastodon
        ghcr.io/mastodon/mastodon
      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
      labels: |
        org.opencontainers.image.description=Nightly build image used for testing purposes
      flavor: |
        latest=auto
      tags: |
        type=raw,value=edge
        type=raw,value=nightly
        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
    secrets: inherit
--- a/.github/workflows/build-push-pr.yml
+++ b/.github/workflows/build-push-pr.yml
@ -1,41 +0,0 @@
 name: Build container image for PR
 on:
  pull_request:
    types: [labeled, synchronize, reopened, ready_for_review, opened]
 permissions:
  contents: read
  packages: write
 jobs:
  compute-suffix:
    runs-on: ubuntu-latest
    # This is only allowed to run if:
    # - the PR branch is in the `mastodon/mastodon` repository
    # - the PR is not a draft
    # - the PR has the "build-image" label
    if: ${{ github.event.pull_request.head.repo.full_name == github.repository && !github.event.pull_request.draft && contains(github.event.pull_request.labels.*.name, 'build-image') }}
    steps:
      # Repository needs to be cloned so `git rev-parse` below works
      - name: Clone repository
        uses: actions/checkout@v4
      - id: version_vars
        run: |
          echo mastodon_version_metadata=pr-${{ github.event.pull_request.number }}-$(git rev-parse --short HEAD) >> $GITHUB_OUTPUT
    outputs:
      metadata: ${{ steps.version_vars.outputs.mastodon_version_metadata }}
  build-image:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      push_to_images: |
        ghcr.io/mastodon/mastodon
      version_metadata: ${{ needs.compute-suffix.outputs.metadata }}
      flavor: |
        latest=auto
      tags: |
        type=ref,event=pr
    secrets: inherit
--- a/.github/workflows/build-releases.yml
+++ b/.github/workflows/build-releases.yml
@ -1,29 +0,0 @@
 name: Build container release images
 on:
  push:
    tags:
      - '*'
 permissions:
  contents: read
  packages: write
 jobs:
  build-image:
    uses: ./.github/workflows/build-container-image.yml
    with:
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      push_to_images: |
        tootsuite/mastodon
        ghcr.io/mastodon/mastodon
      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
      cache: false
      # Only tag with latest when ran against the latest stable branch
      # This needs to be updated after each minor version release
      flavor: |
        latest=${{ startsWith(github.ref, 'refs/tags/v4.2.') }}
      tags: |
        type=pep440,pattern={{raw}}
        type=pep440,pattern=v{{major}}.{{minor}}
    secrets: inherit
--- a/.github/workflows/bundler-audit.yml
+++ b/.github/workflows/bundler-audit.yml
@ -1,40 +0,0 @@
 name: Bundler Audit
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'Gemfile*'
      - '.ruby-version'
      - '.bundler-audit.yml'
      - '.github/workflows/bundler-audit.yml'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.ruby-version'
      - '.bundler-audit.yml'
      - '.github/workflows/bundler-audit.yml'
  schedule:
    - cron: '0 5 * * 1'
 jobs:
  security:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Run bundler-audit
        run: bundle exec bundler-audit
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@ -1,62 +0,0 @@
 name: Check i18n
 on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
 env:
  RAILS_ENV: test
 permissions:
  contents: read
 jobs:
  check-i18n:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4
      - name: Install system dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Check for missing strings in English JSON
        run: |
          yarn i18n:extract --throws
          git diff --exit-code
      - name: Check locale file normalization
        run: bundle exec i18n-tasks check-normalized
      - name: Check for unused strings
        run: bundle exec i18n-tasks unused
      - name: Check for missing strings in English YML
        run: |
          bundle exec i18n-tasks add-missing -l en
          git diff --exit-code
      - name: Check for wrong string interpolations
        run: bundle exec i18n-tasks check-consistent-interpolations
      - name: Check that all required locale files exist
        run: bundle exec rake repo:check_locales_files
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -1,62 +0,0 @@
 name: 'CodeQL'
 on:
  push:
    branches: ['main']
  pull_request:
    # The branches below must be a subset of the branches above
    branches: ['main']
  schedule:
    - cron: '22 6 * * 1'
 jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: ['javascript', 'ruby']
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v2
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
          # By default, queries listed here will override any specified in a config file.
          # Prefix the list here with "+" to use these queries and those in the config file.
          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
          # queries: security-extended,security-and-quality
      # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
        uses: github/codeql-action/autobuild@v2
      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
      #   If the Autobuild fails above, remove it and uncomment the following three lines.
      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
      # - run: |
      #   echo "Run, Build Application using script"
      #   ./location_of_script_within_repo/buildscript.sh
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/crowdin-download.yml
+++ b/.github/workflows/crowdin-download.yml
@ -1,76 +0,0 @@
 name: Crowdin / Download translations
 on:
  schedule:
    - cron: '17 4 * * *' # Every day
  workflow_dispatch:
 permissions:
  contents: write
  pull-requests: write
 jobs:
  download-translations:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Increase Git http.postBuffer
        # This is needed due to a bug in Ubuntu's cURL version?
        # See https://github.com/orgs/community/discussions/55820
        run: |
          git config --global http.version HTTP/1.1
          git config --global http.postBuffer 157286400
      # Download the translation files from Crowdin
      - name: crowdin action
        uses: crowdin/github-action@v1
        with:
          upload_sources: false
          upload_translations: false
          download_translations: true
          crowdin_branch_name: main
          push_translations: false
          create_pull_request: false
        env:
          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
      # As the files are extracted from a Docker container, they belong to root:root
      # We need to fix this before the next steps
      - name: Fix file permissions
        run: sudo chown -R runner:docker .
      # This is needed to run the normalize step
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Run i18n normalize task
        run: bundle exec i18n-tasks normalize
      # Create or update the pull request
      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v5.0.2
        with:
          commit-message: 'New Crowdin translations'
          title: 'New Crowdin Translations (automated)'
          author: 'GitHub Actions <noreply@github.com>'
          body: |
            New Crowdin translations, automated with Github Actions
            See `.github/workflows/crowdin-download.yml`
            This PR will be updated every day with new translations.
            Due to a limitation in Github Actions, checks are not running on this PR without manual action.
            If you want to run the checks, then close and re-open it.
          branch: i18n/crowdin/translations
          base: main
          labels: i18n
--- a/.github/workflows/crowdin-upload.yml
+++ b/.github/workflows/crowdin-upload.yml
@ -1,35 +0,0 @@
 name: Crowdin / Upload translations
 on:
  push:
    branches:
      - main
    paths:
      - crowdin.yml
      - app/javascript/mastodon/locales/en.json
      - config/locales/en.yml
      - config/locales/simple_form.en.yml
      - config/locales/activerecord.en.yml
      - config/locales/devise.en.yml
      - config/locales/doorkeeper.en.yml
      - .github/workflows/crowdin-upload.yml
 jobs:
  upload-translations:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: crowdin action
        uses: crowdin/github-action@v1
        with:
          upload_sources: true
          upload_translations: false
          download_translations: false
          crowdin_branch_name: main
        env:
          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
--- a/.github/workflows/haml-lint-problem-matcher.json
+++ b/.github/workflows/haml-lint-problem-matcher.json
@ -1,17 +0,0 @@
 {
  "problemMatcher": [
    {
      "owner": "haml-lint",
      "severity": "warning",
      "pattern": [
        {
          "regexp": "^(.*):(\\d+)\\s\\[W]\\s(.*):\\s(.*)$",
          "file": 1,
          "line": 2,
          "code": 3,
          "message": 4
        }
      ]
    }
  ]
 }
--- a/.github/workflows/lint-css.yml
+++ b/.github/workflows/lint-css.yml
@ -1,52 +0,0 @@
 name: CSS Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - uses: xt0rted/stylelint-problem-matcher@v1
      - run: echo "::add-matcher::.github/stylelint-matcher.json"
      - name: Stylelint
        run: yarn lint:sass
--- a/.github/workflows/lint-haml.yml
+++ b/.github/workflows/lint-haml.yml
@ -1,47 +0,0 @@
 name: Haml Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - '.github/workflows/haml-lint-problem-matcher.json'
      - '.github/workflows/lint-haml.yml'
      - '.haml-lint*.yml'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '**/*.haml'
      - 'Gemfile*'
  pull_request:
    paths:
      - '.github/workflows/haml-lint-problem-matcher.json'
      - '.github/workflows/lint-haml.yml'
      - '.haml-lint*.yml'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '**/*.haml'
      - 'Gemfile*'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Run haml-lint
        run: |
          echo "::add-matcher::.github/workflows/haml-lint-problem-matcher.json"
          bundle exec haml-lint
--- a/.github/workflows/lint-js.yml
+++ b/.github/workflows/lint-js.yml
@ -1,55 +0,0 @@
 name: JavaScript Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - 'tsconfig.json'
      - '.nvmrc'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '.github/workflows/lint-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - 'tsconfig.json'
      - '.nvmrc'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '.github/workflows/lint-js.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: ESLint
        run: yarn lint:js --max-warnings 0
      - name: Typecheck
        run: yarn typecheck
--- a/.github/workflows/lint-json.yml
+++ b/.github/workflows/lint-json.yml
@ -1,44 +0,0 @@
 name: JSON Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:json
--- a/.github/workflows/lint-md.yml
+++ b/.github/workflows/lint-md.yml
@ -1,44 +0,0 @@
 name: Markdown Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - '.github/workflows/lint-md.yml'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.md'
      - '!AUTHORS.md'
      - 'package.json'
      - 'yarn.lock'
  pull_request:
    paths:
      - '.github/workflows/lint-md.yml'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.md'
      - '!AUTHORS.md'
      - 'package.json'
      - 'yarn.lock'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:md
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@ -1,51 +0,0 @@
 name: Ruby Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
      - 'config/brakeman.ignore'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
      - 'config/brakeman.ignore'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Set-up RuboCop Problem Matcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
      - name: Run rubocop
        run: bundle exec rubocop
      - name: Run brakeman
        if: always() # Run both checks, even if the first failed
        run: bundle exec brakeman
--- a/.github/workflows/lint-yml.yml
+++ b/.github/workflows/lint-yml.yml
@ -1,46 +0,0 @@
 name: YML Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:yml
--- a/.github/workflows/rebase-needed.yml
+++ b/.github/workflows/rebase-needed.yml
@ -1,27 +0,0 @@
 name: PR Needs Rebase
 on:
  schedule:
    - cron: '0 * * * *'
 permissions:
  pull-requests: write
 jobs:
  label-rebase-needed:
    runs-on: ubuntu-latest
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}
      cancel-in-progress: true
    steps:
      - name: Check for merge conflicts
        uses: eps1lon/actions-label-merge-conflict@releases/2.x
        with:
          dirtyLabel: 'rebase needed :construction:'
          repoToken: '${{ secrets.GITHUB_TOKEN }}'
          commentOnClean: This pull request has resolved merge conflicts and is ready for review.
          commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
          retryMax: 30
          continueOnMissingPermissions: false
--- a/.github/workflows/test-image-build.yml
+++ b/.github/workflows/test-image-build.yml
@ -1,21 +0,0 @@
 name: Test container image build
 on:
  pull_request:
    paths:
      - .github/workflows/build-nightly.yml
      - .github/workflows/build-push-pr.yml
      - .github/workflows/build-releases.yml
      - .github/workflows/test-image-build.yml
      - Dockerfile
 permissions:
  contents: read
 jobs:
  build-image:
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}
      cancel-in-progress: true
    uses: ./.github/workflows/build-container-image.yml
    with:
      platforms: linux/amd64 # Testing only on native platform so it is performant
--- a/.github/workflows/test-js.yml
+++ b/.github/workflows/test-js.yml
@ -1,48 +0,0 @@
 name: JavaScript Testing
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '**/*.snap'
      - '.github/workflows/test-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '**/*.snap'
      - '.github/workflows/test-js.yml'
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Jest testing
        run: yarn jest --reporters github-actions summary
--- a/.github/workflows/test-migrations-one-step.yml
+++ b/.github/workflows/test-migrations-one-step.yml
@ -1,111 +0,0 @@
 name: Test one step migrations
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
  pull_request:
 jobs:
  pre_job:
    runs-on: ubuntu-latest
    outputs:
      should_skip: ${{ steps.skip_check.outputs.should_skip }}
    steps:
      - id: skip_check
        uses: fkirc/skip-duplicate-actions@v5
        with:
          paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-one-step.yml", "lib/tasks/tests.rake"]'
  test:
    runs-on: ubuntu-latest
    needs: pre_job
    if: needs.pre_job.outputs.should_skip != 'true'
    strategy:
      fail-fast: false
      matrix:
        postgres:
          - 14-alpine
          - 15-alpine
    services:
      postgres:
        image: postgres:${{ matrix.postgres}}
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
    env:
      CONTINUOUS_INTEGRATION: true
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_CLEAN: true
      BUNDLE_FROZEN: true
      BUNDLE_WITHOUT: 'development production'
      BUNDLE_JOBS: 3
      BUNDLE_RETRY: 3
    steps:
      - uses: actions/checkout@v4
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Create database
        run: './bin/rails db:create'
      - name: Run migrations up to v2.0.0
        run: './bin/rails db:migrate VERSION=20171010025614'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2'
      - name: Run migrations up to v2.4.0
        run: './bin/rails db:migrate VERSION=20180514140000'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4'
      - name: Run migrations up to v2.4.3
        run: './bin/rails db:migrate VERSION=20180707154237'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4_3'
      - name: Run all remaining migrations
        run: './bin/rails db:migrate'
      - name: Check migration result
        run: './bin/rails tests:migrations:check_database'
--- a/.github/workflows/test-migrations-two-step.yml
+++ b/.github/workflows/test-migrations-two-step.yml
@ -1,119 +0,0 @@
 name: Test two step migrations
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
  pull_request:
 jobs:
  pre_job:
    runs-on: ubuntu-latest
    outputs:
      should_skip: ${{ steps.skip_check.outputs.should_skip }}
    steps:
      - id: skip_check
        uses: fkirc/skip-duplicate-actions@v5
        with:
          paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-two-step.yml", "lib/tasks/tests.rake"]'
  test:
    runs-on: ubuntu-latest
    needs: pre_job
    if: needs.pre_job.outputs.should_skip != 'true'
    strategy:
      fail-fast: false
      matrix:
        postgres:
          - 14-alpine
          - 15-alpine
    services:
      postgres:
        image: postgres:${{ matrix.postgres}}
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
    env:
      CONTINUOUS_INTEGRATION: true
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_CLEAN: true
      BUNDLE_FROZEN: true
      BUNDLE_WITHOUT: 'development production'
      BUNDLE_JOBS: 3
      BUNDLE_RETRY: 3
    steps:
      - uses: actions/checkout@v4
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Create database
        run: './bin/rails db:create'
      - name: Run migrations up to v2.0.0
        run: './bin/rails db:migrate VERSION=20171010025614'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2'
      - name: Run pre-deployment migrations up to v2.4.0
        run: './bin/rails db:migrate VERSION=20180514140000'
        env:
          SKIP_POST_DEPLOYMENT_MIGRATIONS: true
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4'
      - name: Run migrations up to v2.4.3
        run: './bin/rails db:migrate VERSION=20180707154237'
        env:
          SKIP_POST_DEPLOYMENT_MIGRATIONS: true
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4_3'
      - name: Run all remaining pre-deployment migrations
        run: './bin/rails db:migrate'
        env:
          SKIP_POST_DEPLOYMENT_MIGRATIONS: true
      - name: Run all post-deployment migrations
        run: './bin/rails db:migrate'
      - name: Check migration result
        run: './bin/rails tests:migrations:check_database'
--- a/.github/workflows/test-ruby.yml
+++ b/.github/workflows/test-ruby.yml
@ -1,365 +0,0 @@
 name: Ruby Testing
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
  pull_request:
 env:
  BUNDLE_CLEAN: true
  BUNDLE_FROZEN: true
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: true
      matrix:
        mode:
          - production
          - test
    env:
      RAILS_ENV: ${{ matrix.mode }}
      BUNDLE_WITH: ${{ matrix.mode }}
      OTP_SECRET: precompile_placeholder
      SECRET_KEY_BASE: precompile_placeholder
    steps:
      - uses: actions/checkout@v4
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - run: yarn --frozen-lockfile --production
      - name: Precompile assets
        # Previously had set this, but it's not supported
        # export NODE_OPTIONS=--openssl-legacy-provider
        run: |-
          ./bin/rails assets:precompile
      - uses: actions/upload-artifact@v3
        if: matrix.mode == 'test'
        with:
          path: |-
            ./public/assets
            ./public/packs-test
          name: ${{ github.sha }}
          retention-days: 0
  test:
    runs-on: ubuntu-latest
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      ALLOW_NOPAM: true
      PAM_ENABLED: true
      PAM_DEFAULT_SERVICE: pam_test
      PAM_CONTROLLED_SERVICE: pam_test_controlled
      OIDC_ENABLED: true
      OIDC_SCOPE: read
      SAML_ENABLED: true
      CAS_ENABLED: true
      BUNDLE_WITH: 'pam_authentication test'
      CI_JOBS: ${{ matrix.ci_job }}/4
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.0'
          - '3.1'
          - '.ruby-version'
        ci_job:
          - 1
          - 2
          - 3
          - 4
    steps:
      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v3
        with:
          path: './public'
          name: ${{ github.sha }}
      - name: Update package index
        run: sudo apt-get update
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Install additional system dependencies
        run: sudo apt-get install -y ffmpeg imagemagick libpam-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby-version}}
          bundler-cache: true
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
      - run: bundle exec rake rspec_chunked
  test-e2e:
    name: End to End testing
    runs-on: ubuntu-latest
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_WITH: test
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.0'
          - '3.1'
          - '.ruby-version'
    steps:
      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v3
        with:
          path: './public'
          name: ${{ github.sha }}
      - name: Update package index
        run: sudo apt-get update
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Install additional system dependencies
        run: sudo apt-get install -y ffmpeg imagemagick
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby-version}}
          bundler-cache: true
      - run: yarn --frozen-lockfile
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
      - run: bundle exec rake spec:system
      - name: Archive logs
        uses: actions/upload-artifact@v3
        if: failure()
        with:
          name: e2e-logs-${{ matrix.ruby-version }}
          path: log/
      - name: Archive test screenshots
        uses: actions/upload-artifact@v3
        if: failure()
        with:
          name: e2e-screenshots
          path: tmp/screenshots/
  test-search:
    name: Testing search
    runs-on: ubuntu-latest
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
      elasticsearch:
        image: docker.elastic.co/elasticsearch/elasticsearch:7.17.13
        env:
          discovery.type: single-node
          xpack.security.enabled: false
        options: >-
          --health-cmd "curl http://localhost:9200/_cluster/health"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 10
        ports:
          - 9200:9200
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_WITH: test
      ES_ENABLED: true
      ES_HOST: localhost
      ES_PORT: 9200
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.0'
          - '3.1'
          - '.ruby-version'
    steps:
      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v3
        with:
          path: './public'
          name: ${{ github.sha }}
      - name: Update package index
        run: sudo apt-get update
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Install additional system dependencies
        run: sudo apt-get install -y ffmpeg imagemagick
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby-version}}
          bundler-cache: true
      - run: yarn --frozen-lockfile
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
      - run: bundle exec rake spec:search
      - name: Archive logs
        uses: actions/upload-artifact@v3
        if: failure()
        with:
          name: test-search-logs-${{ matrix.ruby-version }}
          path: log/
      - name: Archive test screenshots
        uses: actions/upload-artifact@v3
        if: failure()
        with:
          name: test-search-screenshots
          path: tmp/screenshots/
--- a/.gitignore
+++ b/.gitignore
@ -13,36 +13,33 @@
 /db/*.sqlite3-journal
 # Ignore all logfiles and tempfiles.
 .eslintcache
 /log/*
 !/log/.keep
 /tmp
-/coverage
+coverage
-/public/system
+public/system
-/public/assets
+public/assets
-/public/packs
+public/packs
-/public/packs-test
+public/packs-test
 .env
 .env.production
-.env.development
+node_modules/
-/node_modules/
+build/
 /build/
 # Ignore Vagrant files
 .vagrant/
 # Ignore Capistrano customizations
-/config/deploy/*
+config/deploy/*
 # Ignore IDE files
 .vscode/
 .idea/
 # Ignore postgres + redis + elasticsearch volume optionally created by docker-compose
-/postgres
+postgres
-/postgres14
+redis
-/redis
+elasticsearch
 /elasticsearch
 # Ignore Apple files
 .DS_Store
@ -58,8 +55,6 @@ npm-debug.log
 yarn-error.log
 yarn-debug.log
 # Ignore vagrant log files
 *-cloudimg-console.log
 # Ignore Docker option files
 docker-compose.override.yml
--- a/.haml-lint.yml
+++ b/.haml-lint.yml
@ -1,14 +1,108 @@
-inherits_from: .haml-lint_todo.yml
+# Whether to ignore frontmatter at the beginning of HAML documents for
 # frameworks such as Jekyll/Middleman
 skip_frontmatter: false
 exclude:
  - 'vendor/**/*'
-  - lib/templates/haml/scaffold/_form.html.haml
+  - 'spec/**/*'
-
+  - 'lib/templates/**/*'
-require:
+  - 'app/views/kaminari/**/*'
  - ./lib/linter/haml_middle_dot.rb
 linters:
  AltText:
    enabled: false
  ClassAttributeWithStaticValue:
    enabled: true
-  MiddleDot:
+
  ClassesBeforeIds:
    enabled: true
  ConsecutiveComments:
    enabled: true
  ConsecutiveSilentScripts:
    enabled: true
    max_consecutive: 2
  EmptyObjectReference:
    enabled: true
  EmptyScript:
    enabled: true
  FinalNewline:
    enabled: true
    present: true
  HtmlAttributes:
    enabled: true
  ImplicitDiv:
    enabled: true
  LeadingCommentSpace:
    enabled: true
  LineLength:
    enabled: false
    max: 80
  MultilinePipe:
    enabled: true
  MultilineScript:
    enabled: true
  ObjectReferenceAttributes:
    enabled: true
  RuboCop:
    enabled: true
    # These cops are incredibly noisy when it comes to HAML templates, so we
    # ignore them.
    ignored_cops:
      - Lint/BlockAlignment
      - Lint/EndAlignment
      - Lint/Void
      - Metrics/BlockLength
      - Metrics/LineLength
      - Style/AlignParameters
      - Style/BlockNesting
      - Style/ElseAlignment
      - Style/EndOfLine
      - Style/FileName
      - Style/FinalNewline
      - Style/FrozenStringLiteralComment
      - Style/IfUnlessModifier
      - Style/IndentationWidth
      - Style/Next
      - Style/TrailingBlankLines
      - Style/TrailingWhitespace
      - Style/WhileUntilModifier
  RubyComments:
    enabled: true
  SpaceBeforeScript:
    enabled: true
  SpaceInsideHashAttributes:
    enabled: true
    style: space
  Indentation:
    enabled: true
    character: space # or tab
  TagName:
    enabled: true
  TrailingWhitespace:
    enabled: true
  UnnecessaryInterpolation:
    enabled: true
  UnnecessaryStringOutput:
    enabled: true
--- a/.haml-lint_todo.yml
+++ b/.haml-lint_todo.yml
@ -1,47 +0,0 @@
 # This configuration was generated by
 # `haml-lint --auto-gen-config`
 # on 2023-07-20 09:47:50 -0400 using Haml-Lint version 0.48.0.
 # The point is for the user to remove these configuration records
 # one by one as the lints are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of Haml-Lint, may require this file to be generated again.
 linters:
  # Offense count: 951
  LineLength:
    enabled: false
  # Offense count: 22
  UnnecessaryStringOutput:
    enabled: false
  # Offense count: 57
  RuboCop:
    enabled: false
  # Offense count: 3
  ViewLength:
    exclude:
      - 'app/views/admin/accounts/show.html.haml'
      - 'app/views/admin/reports/show.html.haml'
      - 'app/views/disputes/strikes/show.html.haml'
  # Offense count: 32
  InstanceVariables:
    exclude:
      - 'app/views/admin/reports/_actions.html.haml'
      - 'app/views/admin/roles/_form.html.haml'
      - 'app/views/admin/webhooks/_form.html.haml'
      - 'app/views/auth/registrations/_status.html.haml'
      - 'app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml'
      - 'app/views/authorize_interactions/_post_follow_actions.html.haml'
      - 'app/views/invites/_form.html.haml'
      - 'app/views/relationships/_account.html.haml'
      - 'app/views/shared/_og.html.haml'
  # Offense count: 3
  IdNames:
    exclude:
      - 'app/views/authorize_interactions/error.html.haml'
      - 'app/views/oauth/authorizations/error.html.haml'
      - 'app/views/shared/_error_messages.html.haml'
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@ -1,4 +0,0 @@
 #!/bin/sh
 . "$(dirname "$0")/_/husky.sh"
 yarn lint-staged
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-20.7
+8
--- a/.prettierignore
+++ b/.prettierignore
@ -1,78 +0,0 @@
 # See https://help.github.com/articles/ignoring-files for more about ignoring files.
 #
 # If you find yourself ignoring temporary files generated by your text editor
 # or operating system, you probably want to add a global ignore instead:
 #   git config --global core.excludesfile '~/.gitignore_global'
 # Ignore bundler config and downloaded libraries.
 /.bundle
 /vendor/bundle
 # Ignore the default SQLite database.
 /db/*.sqlite3
 /db/*.sqlite3-journal
 # Ignore all logfiles and tempfiles.
 .eslintcache
 /log/*
 !/log/.keep
 /tmp
 /coverage
 /public/system
 /public/assets
 /public/packs
 /public/packs-test
 .env
 .env.production
 .env.development
 /node_modules/
 /build/
 # Ignore Vagrant files
 .vagrant/
 # Ignore Capistrano customizations
 /config/deploy/*
 # Ignore IDE files
 .vscode/
 .idea/
 # Ignore postgres + redis + elasticsearch volume optionally created by docker-compose
 /postgres
 /postgres14
 /redis
 /elasticsearch
 # Ignore Apple files
 .DS_Store
 # Ignore vim files
 *~
 *.swp
 # Ignore log files
 *.log
 # Ignore Docker option files
 docker-compose.override.yml
 # Ignore emoji map file
 /app/javascript/mastodon/features/emoji/emoji_map.json
 # Ignore locale files
 /app/javascript/mastodon/locales/*.json
 /config/locales
 # Ignore vendored CSS reset
 app/javascript/styles/mastodon/reset.scss
 # Ignore Javascript pending https://github.com/mastodon/mastodon/pull/23631
 *.js
 *.jsx
 # Ignore HTML till cleaned and included in CI
 *.html
 # Ignore the generated AUTHORS.md
 AUTHORS.md
--- a/.prettierrc.js
+++ b/.prettierrc.js
@ -1,4 +0,0 @@
 module.exports = {
  singleQuote: true,
  jsxSingleQuote: true
 }
--- a/.profile
+++ b/.profile
@ -1 +1 @@
-LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio:/app/.apt/usr/lib/x86_64-linux-gnu/openblas-pthread
+LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -1,202 +1,126 @@
 # Can be removed once all rules are addressed or moved to this file as documented overrides
 inherit_from: .rubocop_todo.yml
 # Used for merging with exclude lists with .rubocop_todo.yml
 inherit_mode:
  merge:
    - Exclude
 require:
  - rubocop-rails
  - rubocop-rspec
  - rubocop-performance
  - rubocop-capybara
  - ./lib/linter/rubocop_middle_dot
 AllCops:
-  TargetRubyVersion: 3.0 # Set to minimum supported version of CI
+  TargetRubyVersion: 2.3
  DisplayCopNames: true
  DisplayStyleGuide: true
  ExtraDetails: true
  UseCache: true
  CacheRootDirectory: tmp
  NewCops: enable # Opt-in to newly added rules
  Exclude:
-    - db/schema.rb
+  - 'spec/**/*'
-    - 'bin/*'
+  - 'db/**/*'
-    - 'node_modules/**/*'
+  - 'app/views/**/*'
-    - 'Vagrantfile'
+  - 'config/**/*'
-    - 'vendor/**/*'
+  - 'bin/*'
-    - 'lib/json_ld/*' # Generated files
+  - 'Rakefile'
-    - 'lib/templates/**/*'
+  - 'node_modules/**/*'
  - 'Vagrantfile'
  - 'vendor/**/*'
  - 'lib/json_ld/*'
  - 'lib/templates/**/*'
-# Reason: Prefer Hashes without extreme indentation
+Bundler/OrderedGems:
 # https://docs.rubocop.org/rubocop/cops_layout.html#layoutfirsthashelementindentation
 Layout/FirstHashElementIndentation:
  EnforcedStyle: consistent
 # Reason: Currently disabled in .rubocop_todo.yml
 # https://docs.rubocop.org/rubocop/cops_layout.html#layoutlinelength
 Layout/LineLength:
  Max: 320 # Default of 120 causes a duplicate entry in generated todo file
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_lint.html#lintuselessaccessmodifier
 Lint/UselessAccessModifier:
  ContextCreatingMethods:
    - class_methods
 ## Disable most Metrics/*Length cops
 # Reason: those are often triggered and force significant refactors when this happend
 #         but the team feel they are not really improving the code quality.
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricsblocklength
 Metrics/BlockLength:
  Enabled: false
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsclasslength
+Layout/AccessModifierIndentation:
-Metrics/ClassLength:
+  EnforcedStyle: indent
 Layout/EmptyLineAfterMagicComment:
  Enabled: false
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsmethodlength
+Layout/SpaceInsideHashLiteralBraces:
-Metrics/MethodLength:
+  EnforcedStyle: space
  Enabled: false
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricsmodulelength
 Metrics/ModuleLength:
  Enabled: false
 ## End Disable Metrics/*Length cops
 # Reason: Currently disabled in .rubocop_todo.yml
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricsabcsize
 Metrics/AbcSize:
-  Exclude:
+  Max: 100
-    - 'lib/mastodon/cli/*.rb'
+
-    - db/*migrate/**/*
+Metrics/BlockLength:
  Max: 35
  Exclude:
    - 'lib/tasks/**/*'
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricsblocknesting
 Metrics/BlockNesting:
-  Exclude:
+  Max: 3
-    - 'lib/mastodon/cli/*.rb'
+
 Metrics/ClassLength:
  CountComments: false
  Max: 300
 # Reason: Currently disabled in .rubocop_todo.yml
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricscyclomaticcomplexity
 Metrics/CyclomaticComplexity:
-  Exclude:
+  Max: 25
-    - lib/mastodon/cli/*.rb
+
-    - db/*migrate/**/*
+Metrics/LineLength:
  AllowURI: true
  Enabled: false
 Metrics/MethodLength:
  CountComments: false
  Max: 55
 Metrics/ModuleLength:
  CountComments: false
  Max: 200
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricsparameterlists
 Metrics/ParameterLists:
-  CountKeywordArgs: false
+  Max: 5
  CountKeywordArgs: true
-# Reason: Prevailing style is argument file paths
+Metrics/PerceivedComplexity:
-# https://docs.rubocop.org/rubocop-rails/cops_rails.html#railsfilepath
+  Max: 20
-Rails/FilePath:
+
-  EnforcedStyle: arguments
+Naming/MemoizedInstanceVariableName:
  Enabled: false
 Rails:
  Enabled: true
 Rails/HasAndBelongsToMany:
  Enabled: false
 Rails/SkipsModelValidations:
  Enabled: false
 # Reason: Prevailing style uses numeric status codes, matches RSpec/Rails/HttpStatus
 # https://docs.rubocop.org/rubocop-rails/cops_rails.html#railshttpstatus
 Rails/HttpStatus:
-  EnforcedStyle: numeric
+  Enabled: false
 # Reason: Allowed in `tootctl` CLI code and in boot ENV checker
 # https://docs.rubocop.org/rubocop-rails/cops_rails.html#railsexit
 Rails/Exit:
  Exclude:
-    - 'config/boot.rb'
+    - 'lib/mastodon/*'
-    - 'lib/mastodon/cli/*.rb'
+    - 'lib/cli'
 # Reason: Some single letter camel case files shouldn't be split
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecfilepath
 RSpec/FilePath:
  CustomTransform:
    ActivityPub: activitypub # Ignore the snake_case due to the amount of files to rename
    DeepL: deepl
    FetchOEmbedService: fetch_oembed_service
    JsonLdHelper: jsonld_helper
    OEmbedController: oembed_controller
    OStatus: ostatus
    NodeInfoController: nodeinfo_controller # NodeInfo isn't snake_cased for any of the instances
  Exclude:
    - 'spec/config/initializers/rack_attack_spec.rb' # namespaces usually have separate folder
    - 'spec/lib/sanitize_config_spec.rb' # namespaces usually have separate folder
 # Reason:
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecnamedsubject
 RSpec/NamedSubject:
  EnforcedStyle: named_only
 # Reason: Prevailing style choice
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecnottonot
 RSpec/NotToNot:
  EnforcedStyle: to_not
 # Reason: Prevailing style uses numeric status codes, matches Rails/HttpStatus
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec_rails.html#rspecrailshttpstatus
 RSpec/Rails/HttpStatus:
  EnforcedStyle: numeric
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_style.html#styleclassandmodulechildren
 Style/ClassAndModuleChildren:
  Enabled: false
-# Reason: Classes mostly self-document with their names
+Style/CollectionMethods:
-# https://docs.rubocop.org/rubocop/cops_style.html#styledocumentation
+  Enabled: true
  PreferredMethods:
    find_all: 'select'
 Style/Documentation:
  Enabled: false
-# Reason: Enforce modern Ruby style
+Style/DoubleNegation:
-# https://docs.rubocop.org/rubocop/cops_style.html#stylehashsyntax
+  Enabled: true
 Style/HashSyntax:
  EnforcedStyle: ruby19_no_mixed_keys
-# Reason:
+Style/FrozenStringLiteralComment:
-# https://docs.rubocop.org/rubocop/cops_style.html#stylenumericliterals
+  Enabled: true
-Style/NumericLiterals:
+
-  AllowedPatterns:
+Style/GuardClause:
-    - \d{4}_\d{2}_\d{2}_\d{6} # For DB migration date version number readability
+  Enabled: false
 Style/Lambda:
  Enabled: false
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_style.html#stylepercentliteraldelimiters
 Style/PercentLiteralDelimiters:
  PreferredDelimiters:
    '%i': '()'
    '%w': '()'
-# Reason: Prefer less indentation in conditional assignments
+Style/PerlBackrefs:
-# https://docs.rubocop.org/rubocop/cops_style.html#styleredundantbegin
+  AutoCorrect: false
-Style/RedundantBegin:
+
 Style/RegexpLiteral:
  Enabled: false
 # Reason: Overridden to reduce implicit StandardError rescues
 # https://docs.rubocop.org/rubocop/cops_style.html#stylerescuestandarderror
 Style/RescueStandardError:
  EnforcedStyle: implicit
 # Reason: Simplify some spec layouts
 # https://docs.rubocop.org/rubocop/cops_style.html#stylesemicolon
 Style/Semicolon:
  AllowAsExpressionSeparator: true
 # Reason: Originally disabled for CodeClimate, and no config consensus has been found
 # https://docs.rubocop.org/rubocop/cops_style.html#stylesymbolarray
 Style/SymbolArray:
  Enabled: false
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_style.html#styletrailingcommainarrayliteral
 Style/TrailingCommaInArrayLiteral:
  EnforcedStyleForMultiline: 'comma'
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_style.html#styletrailingcommainhashliteral
 Style/TrailingCommaInHashLiteral:
  EnforcedStyleForMultiline: 'comma'
 Style/MiddleDot:
  Enabled: true
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@ -1,842 +0,0 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --no-exclude-limit --no-offense-counts --no-auto-gen-timestamp`
 # using RuboCop version 1.56.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: TreatCommentsAsGroupSeparators, ConsiderPunctuation, Include.
 # Include: **/*.gemfile, **/Gemfile, **/gems.rb
 Bundler/OrderedGems:
  Exclude:
    - 'Gemfile'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, IndentationWidth.
 # SupportedStyles: with_first_argument, with_fixed_indentation
 Layout/ArgumentAlignment:
  Exclude:
    - 'config/initializers/cors.rb'
    - 'config/initializers/session_store.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
 # SupportedHashRocketStyles: key, separator, table
 # SupportedColonStyles: key, separator, table
 # SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
 Layout/HashAlignment:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/rack_attack.rb'
    - 'config/routes.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowDoxygenCommentStyle, AllowGemfileRubyComment.
 Layout/LeadingCommentSpace:
  Exclude:
    - 'config/application.rb'
    - 'config/initializers/3_omniauth.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
 # URISchemes: http, https
 Layout/LineLength:
  Exclude:
    - 'app/models/account.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: require_no_space, require_space
 Layout/SpaceInLambdaLiteral:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/content_security_policy.rb'
 # Configuration parameters: AllowComments, AllowEmptyLambdas.
 Lint/EmptyBlock:
  Exclude:
    - 'spec/controllers/api/v2/search_controller_spec.rb'
    - 'spec/fabricators/access_token_fabricator.rb'
    - 'spec/fabricators/conversation_fabricator.rb'
    - 'spec/fabricators/system_key_fabricator.rb'
    - 'spec/lib/activitypub/adapter_spec.rb'
    - 'spec/models/user_role_spec.rb'
 Lint/NonLocalExitFromIterator:
  Exclude:
    - 'app/helpers/jsonld_helper.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Lint/OrAssignmentToConstant:
  Exclude:
    - 'lib/sanitize_ext/sanitize_config.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
 Lint/UnusedBlockArgument:
  Exclude:
    - 'config/initializers/content_security_policy.rb'
    - 'config/initializers/doorkeeper.rb'
    - 'config/initializers/paperclip.rb'
    - 'config/initializers/simple_form.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Lint/UselessAssignment:
  Exclude:
    - 'app/services/activitypub/process_status_update_service.rb'
    - 'config/initializers/3_omniauth.rb'
    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
    - 'db/post_migrate/20190511152737_remove_suspended_silenced_account_fields.rb'
    - 'spec/controllers/api/v1/favourites_controller_spec.rb'
    - 'spec/controllers/concerns/account_controller_concern_spec.rb'
    - 'spec/helpers/jsonld_helper_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/domain_block_spec.rb'
    - 'spec/models/status_spec.rb'
    - 'spec/models/user_spec.rb'
    - 'spec/models/webauthn_credentials_spec.rb'
    - 'spec/services/account_search_service_spec.rb'
    - 'spec/services/post_status_service_spec.rb'
    - 'spec/services/precompute_feed_service_spec.rb'
    - 'spec/services/resolve_url_service_spec.rb'
    - 'spec/views/statuses/show.html.haml_spec.rb'
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
  Max: 144
 # Configuration parameters: CountBlocks, Max.
 Metrics/BlockNesting:
  Exclude:
    - 'lib/tasks/mastodon.rake'
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/CyclomaticComplexity:
  Max: 25
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/PerceivedComplexity:
  Max: 27
 # Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
 # SupportedStyles: snake_case, normalcase, non_integer
 # AllowedIdentifiers: capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
 Naming/VariableNumber:
  Exclude:
    - 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
    - 'db/migrate/20180514140000_revert_index_change_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
    - 'db/migrate/20190820003045_update_statuses_index.rb'
    - 'db/migrate/20190823221802_add_local_index_to_statuses.rb'
    - 'db/migrate/20200119112504_add_public_index_to_statuses.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/domain_block_spec.rb'
    - 'spec/models/user_spec.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: SafeMultiline.
 Performance/DeletePrefix:
  Exclude:
    - 'app/models/featured_tag.rb'
 Performance/MapMethodChain:
  Exclude:
    - 'app/models/feed.rb'
    - 'lib/mastodon/cli/maintenance.rb'
    - 'spec/services/bulk_import_service_spec.rb'
    - 'spec/services/import_service_spec.rb'
 RSpec/AnyInstance:
  Exclude:
    - 'spec/controllers/activitypub/inboxes_controller_spec.rb'
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/controllers/admin/resets_controller_spec.rb'
    - 'spec/controllers/admin/settings/branding_controller_spec.rb'
    - 'spec/controllers/api/v1/media_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/recovery_codes_controller_spec.rb'
    - 'spec/lib/request_spec.rb'
    - 'spec/lib/status_filter_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/setting_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/validators/follow_limit_validator_spec.rb'
    - 'spec/workers/activitypub/delivery_worker_spec.rb'
    - 'spec/workers/web/push_notification_worker_spec.rb'
 # Configuration parameters: CountAsOne.
 RSpec/ExampleLength:
  Max: 22
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: implicit, each, example
 RSpec/HookArgument:
  Exclude:
    - 'spec/controllers/api/v1/streaming_controller_spec.rb'
    - 'spec/controllers/well_known/webfinger_controller_spec.rb'
    - 'spec/helpers/instance_helper_spec.rb'
    - 'spec/models/user_spec.rb'
    - 'spec/rails_helper.rb'
    - 'spec/serializers/activitypub/note_serializer_spec.rb'
    - 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
    - 'spec/services/import_service_spec.rb'
 # Configuration parameters: AssignmentOnly.
 RSpec/InstanceVariable:
  Exclude:
    - 'spec/controllers/api/v1/streaming_controller_spec.rb'
    - 'spec/controllers/auth/confirmations_controller_spec.rb'
    - 'spec/controllers/auth/passwords_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
    - 'spec/controllers/concerns/export_controller_concern_spec.rb'
    - 'spec/controllers/home_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/webauthn_credentials_controller_spec.rb'
    - 'spec/controllers/statuses_cleanup_controller_spec.rb'
    - 'spec/models/concerns/account_finder_concern_spec.rb'
    - 'spec/models/concerns/account_interactions_spec.rb'
    - 'spec/models/public_feed_spec.rb'
    - 'spec/serializers/activitypub/note_serializer_spec.rb'
    - 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
    - 'spec/services/remove_status_service_spec.rb'
    - 'spec/services/search_service_spec.rb'
    - 'spec/services/unblock_domain_service_spec.rb'
 RSpec/LetSetup:
  Exclude:
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/controllers/admin/action_logs_controller_spec.rb'
    - 'spec/controllers/admin/instances_controller_spec.rb'
    - 'spec/controllers/admin/reports/actions_controller_spec.rb'
    - 'spec/controllers/admin/statuses_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/statuses_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/filters_controller_spec.rb'
    - 'spec/controllers/api/v1/followed_tags_controller_spec.rb'
    - 'spec/controllers/api/v2/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/keywords_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/statuses_controller_spec.rb'
    - 'spec/controllers/auth/confirmations_controller_spec.rb'
    - 'spec/controllers/auth/passwords_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
    - 'spec/controllers/follower_accounts_controller_spec.rb'
    - 'spec/controllers/following_accounts_controller_spec.rb'
    - 'spec/controllers/oauth/authorized_applications_controller_spec.rb'
    - 'spec/controllers/oauth/tokens_controller_spec.rb'
    - 'spec/controllers/settings/imports_controller_spec.rb'
    - 'spec/lib/activitypub/activity/delete_spec.rb'
    - 'spec/lib/vacuum/applications_vacuum_spec.rb'
    - 'spec/lib/vacuum/preview_cards_vacuum_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/account_statuses_cleanup_policy_spec.rb'
    - 'spec/models/canonical_email_block_spec.rb'
    - 'spec/models/status_spec.rb'
    - 'spec/models/user_spec.rb'
    - 'spec/services/account_statuses_cleanup_service_spec.rb'
    - 'spec/services/activitypub/fetch_featured_collection_service_spec.rb'
    - 'spec/services/activitypub/fetch_remote_status_service_spec.rb'
    - 'spec/services/activitypub/process_account_service_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/services/batched_remove_status_service_spec.rb'
    - 'spec/services/block_domain_service_spec.rb'
    - 'spec/services/bulk_import_service_spec.rb'
    - 'spec/services/delete_account_service_spec.rb'
    - 'spec/services/import_service_spec.rb'
    - 'spec/services/notify_service_spec.rb'
    - 'spec/services/remove_status_service_spec.rb'
    - 'spec/services/report_service_spec.rb'
    - 'spec/services/resolve_account_service_spec.rb'
    - 'spec/services/suspend_account_service_spec.rb'
    - 'spec/services/unallow_domain_service_spec.rb'
    - 'spec/services/unsuspend_account_service_spec.rb'
    - 'spec/workers/scheduler/user_cleanup_scheduler_spec.rb'
 RSpec/MessageChain:
  Exclude:
    - 'spec/controllers/api/v1/media_controller_spec.rb'
    - 'spec/models/concerns/remotable_spec.rb'
    - 'spec/models/session_activation_spec.rb'
    - 'spec/models/setting_spec.rb'
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: have_received, receive
 RSpec/MessageSpies:
  Exclude:
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/helpers/admin/account_moderation_notes_helper_spec.rb'
    - 'spec/lib/webfinger_resource_spec.rb'
    - 'spec/models/admin/account_action_spec.rb'
    - 'spec/models/concerns/remotable_spec.rb'
    - 'spec/models/follow_request_spec.rb'
    - 'spec/models/identity_spec.rb'
    - 'spec/models/session_activation_spec.rb'
    - 'spec/models/setting_spec.rb'
    - 'spec/services/activitypub/fetch_replies_service_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/spec_helper.rb'
    - 'spec/validators/status_length_validator_spec.rb'
 RSpec/MultipleExpectations:
  Max: 8
 # Configuration parameters: AllowSubject.
 RSpec/MultipleMemoizedHelpers:
  Max: 21
 # Configuration parameters: AllowedGroups.
 RSpec/NestedGroups:
  Max: 6
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Rails/ApplicationController:
  Exclude:
    - 'app/controllers/health_controller.rb'
 # Configuration parameters: Include.
 # Include: db/**/*.rb
 Rails/CreateTableWithTimestamps:
  Exclude:
    - 'db/migrate/20170508230434_create_conversation_mutes.rb'
    - 'db/migrate/20170823162448_create_status_pins.rb'
    - 'db/migrate/20171116161857_create_list_accounts.rb'
    - 'db/migrate/20180929222014_create_account_conversations.rb'
    - 'db/migrate/20181007025445_create_pghero_space_stats.rb'
    - 'db/migrate/20190103124649_create_scheduled_statuses.rb'
    - 'db/migrate/20220824233535_create_status_trends.rb'
    - 'db/migrate/20221006061337_create_preview_card_trends.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: Severity.
 Rails/DuplicateAssociation:
  Exclude:
    - 'app/serializers/activitypub/collection_serializer.rb'
    - 'app/serializers/activitypub/note_serializer.rb'
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
 Rails/HasAndBelongsToMany:
  Exclude:
    - 'app/models/concerns/account_associations.rb'
    - 'app/models/preview_card.rb'
    - 'app/models/status.rb'
    - 'app/models/tag.rb'
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
 Rails/HasManyOrHasOneDependent:
  Exclude:
    - 'app/models/concerns/account_counters.rb'
    - 'app/models/conversation.rb'
    - 'app/models/custom_emoji.rb'
    - 'app/models/custom_emoji_category.rb'
    - 'app/models/domain_block.rb'
    - 'app/models/invite.rb'
    - 'app/models/status.rb'
    - 'app/models/user.rb'
    - 'app/models/web/push_subscription.rb'
 Rails/I18nLocaleTexts:
  Exclude:
    - 'lib/tasks/mastodon.rake'
    - 'spec/helpers/flashes_helper_spec.rb'
 # Configuration parameters: Include.
 # Include: app/controllers/**/*.rb, app/mailers/**/*.rb
 Rails/LexicallyScopedActionFilter:
  Exclude:
    - 'app/controllers/auth/passwords_controller.rb'
    - 'app/controllers/auth/registrations_controller.rb'
    - 'app/controllers/auth/sessions_controller.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Rails/NegateInclude:
  Exclude:
    - 'app/controllers/concerns/signature_verification.rb'
    - 'app/helpers/jsonld_helper.rb'
    - 'app/lib/activitypub/activity/create.rb'
    - 'app/lib/activitypub/activity/move.rb'
    - 'app/lib/feed_manager.rb'
    - 'app/lib/link_details_extractor.rb'
    - 'app/models/concerns/attachmentable.rb'
    - 'app/models/concerns/remotable.rb'
    - 'app/models/custom_filter.rb'
    - 'app/services/activitypub/process_status_update_service.rb'
    - 'app/services/fetch_link_card_service.rb'
    - 'app/services/search_service.rb'
    - 'app/workers/web/push_notification_worker.rb'
    - 'lib/paperclip/color_extractor.rb'
 Rails/OutputSafety:
  Exclude:
    - 'config/initializers/simple_form.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: Include.
 # Include: **/Rakefile, **/*.rake
 Rails/RakeEnvironment:
  Exclude:
    - 'lib/tasks/auto_annotate_models.rake'
    - 'lib/tasks/db.rake'
    - 'lib/tasks/emojis.rake'
    - 'lib/tasks/mastodon.rake'
    - 'lib/tasks/repo.rake'
    - 'lib/tasks/statistics.rake'
 # Configuration parameters: Include.
 # Include: db/**/*.rb
 Rails/ReversibleMigration:
  Exclude:
    - 'db/migrate/20160223164502_make_uris_nullable_in_statuses.rb'
    - 'db/migrate/20161122163057_remove_unneeded_indexes.rb'
    - 'db/migrate/20170205175257_remove_devices.rb'
    - 'db/migrate/20170322143850_change_primary_key_to_bigint_on_statuses.rb'
    - 'db/migrate/20170520145338_change_language_filter_to_opt_out.rb'
    - 'db/migrate/20170609145826_remove_default_language_from_statuses.rb'
    - 'db/migrate/20170711225116_fix_null_booleans.rb'
    - 'db/migrate/20171129172043_add_index_on_stream_entries.rb'
    - 'db/migrate/20171212195226_remove_duplicate_indexes_in_lists.rb'
    - 'db/migrate/20171226094803_more_faster_index_on_notifications.rb'
    - 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
    - 'db/migrate/20180617162849_remove_unused_indexes.rb'
    - 'db/migrate/20220827195229_change_canonical_email_blocks_nullable.rb'
 # Configuration parameters: ForbiddenMethods, AllowedMethods.
 # ForbiddenMethods: decrement!, decrement_counter, increment!, increment_counter, insert, insert!, insert_all, insert_all!, toggle!, touch, touch_all, update_all, update_attribute, update_column, update_columns, update_counters, upsert, upsert_all
 Rails/SkipsModelValidations:
  Exclude:
    - 'app/controllers/admin/invites_controller.rb'
    - 'app/controllers/concerns/session_tracking_concern.rb'
    - 'app/models/concerns/account_merging.rb'
    - 'app/models/concerns/expireable.rb'
    - 'app/models/status.rb'
    - 'app/models/trends/links.rb'
    - 'app/models/trends/preview_card_batch.rb'
    - 'app/models/trends/preview_card_provider_batch.rb'
    - 'app/models/trends/status_batch.rb'
    - 'app/models/trends/statuses.rb'
    - 'app/models/trends/tag_batch.rb'
    - 'app/models/trends/tags.rb'
    - 'app/models/user.rb'
    - 'app/services/activitypub/process_status_update_service.rb'
    - 'app/services/approve_appeal_service.rb'
    - 'app/services/block_domain_service.rb'
    - 'app/services/delete_account_service.rb'
    - 'app/services/process_mentions_service.rb'
    - 'app/services/unallow_domain_service.rb'
    - 'app/services/unblock_domain_service.rb'
    - 'app/services/update_status_service.rb'
    - 'app/workers/activitypub/post_upgrade_worker.rb'
    - 'app/workers/move_worker.rb'
    - 'app/workers/scheduler/ip_cleanup_scheduler.rb'
    - 'app/workers/scheduler/scheduled_statuses_scheduler.rb'
    - 'db/migrate/20161203164520_add_from_account_id_to_notifications.rb'
    - 'db/migrate/20170105224407_add_shortcode_to_media_attachments.rb'
    - 'db/migrate/20170209184350_add_reply_to_statuses.rb'
    - 'db/migrate/20170304202101_add_type_to_media_attachments.rb'
    - 'db/migrate/20180528141303_fix_accounts_unique_index.rb'
    - 'db/migrate/20180609104432_migrate_web_push_subscriptions2.rb'
    - 'db/migrate/20181207011115_downcase_custom_emoji_domains.rb'
    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
    - 'db/migrate/20191007013357_update_pt_locales.rb'
    - 'db/migrate/20220316233212_update_kurdish_locales.rb'
    - 'db/post_migrate/20190511152737_remove_suspended_silenced_account_fields.rb'
    - 'db/post_migrate/20200917193528_migrate_notifications_type.rb'
    - 'db/post_migrate/20201017234926_fill_account_suspension_origin.rb'
    - 'db/post_migrate/20220617202502_migrate_roles.rb'
    - 'db/post_migrate/20221101190723_backfill_admin_action_logs.rb'
    - 'db/post_migrate/20221206114142_backfill_admin_action_logs_again.rb'
    - 'lib/mastodon/cli/accounts.rb'
    - 'lib/mastodon/cli/main.rb'
    - 'lib/mastodon/cli/maintenance.rb'
    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
    - 'spec/lib/activitypub/activity/follow_spec.rb'
    - 'spec/services/follow_service_spec.rb'
    - 'spec/services/update_account_service_spec.rb'
 # Configuration parameters: Include.
 # Include: db/**/*.rb
 Rails/ThreeStateBooleanColumn:
  Exclude:
    - 'db/migrate/20160325130944_add_admin_to_users.rb'
    - 'db/migrate/20161123093447_add_sensitive_to_statuses.rb'
    - 'db/migrate/20170123203248_add_reject_media_to_domain_blocks.rb'
    - 'db/migrate/20170127165745_add_devise_two_factor_to_users.rb'
    - 'db/migrate/20170209184350_add_reply_to_statuses.rb'
    - 'db/migrate/20170330163835_create_imports.rb'
    - 'db/migrate/20170905165803_add_local_to_statuses.rb'
    - 'db/migrate/20181203021853_add_discoverable_to_accounts.rb'
    - 'db/migrate/20190509164208_add_by_moderator_to_tombstone.rb'
    - 'db/migrate/20190805123746_add_capabilities_to_tags.rb'
    - 'db/migrate/20191212163405_add_hide_collections_to_accounts.rb'
    - 'db/migrate/20200309150742_add_forwarded_to_reports.rb'
    - 'db/migrate/20210609202149_create_login_activities.rb'
    - 'db/migrate/20210621221010_add_skip_sign_in_token_to_users.rb'
    - 'db/migrate/20211031031021_create_preview_card_providers.rb'
    - 'db/migrate/20211115032527_add_trendable_to_preview_cards.rb'
    - 'db/migrate/20220202200743_add_trendable_to_accounts.rb'
    - 'db/migrate/20220202200926_add_trendable_to_statuses.rb'
    - 'db/migrate/20220303000827_add_ordered_media_attachment_ids_to_status_edits.rb'
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
 Rails/UniqueValidationWithoutIndex:
  Exclude:
    - 'app/models/account_alias.rb'
    - 'app/models/custom_filter_status.rb'
    - 'app/models/identity.rb'
    - 'app/models/webauthn_credential.rb'
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
 Rails/UnusedIgnoredColumns:
  Exclude:
    - 'app/models/account.rb'
    - 'app/models/account_stat.rb'
    - 'app/models/admin/action_log.rb'
    - 'app/models/custom_filter.rb'
    - 'app/models/email_domain_block.rb'
    - 'app/models/report.rb'
    - 'app/models/status_edit.rb'
    - 'app/models/user.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: exists, where
 Rails/WhereExists:
  Exclude:
    - 'app/controllers/activitypub/inboxes_controller.rb'
    - 'app/controllers/admin/email_domain_blocks_controller.rb'
    - 'app/controllers/auth/registrations_controller.rb'
    - 'app/lib/activitypub/activity/create.rb'
    - 'app/lib/delivery_failure_tracker.rb'
    - 'app/lib/feed_manager.rb'
    - 'app/lib/status_cache_hydrator.rb'
    - 'app/lib/suspicious_sign_in_detector.rb'
    - 'app/models/concerns/account_interactions.rb'
    - 'app/models/featured_tag.rb'
    - 'app/models/poll.rb'
    - 'app/models/session_activation.rb'
    - 'app/models/status.rb'
    - 'app/models/user.rb'
    - 'app/policies/status_policy.rb'
    - 'app/serializers/rest/announcement_serializer.rb'
    - 'app/serializers/rest/tag_serializer.rb'
    - 'app/services/activitypub/fetch_remote_status_service.rb'
    - 'app/services/app_sign_up_service.rb'
    - 'app/services/vote_service.rb'
    - 'app/validators/reaction_validator.rb'
    - 'app/validators/vote_validator.rb'
    - 'app/workers/move_worker.rb'
    - 'db/migrate/20190529143559_preserve_old_layout_for_existing_users.rb'
    - 'lib/tasks/tests.rake'
    - 'spec/models/account_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/services/purge_domain_service_spec.rb'
    - 'spec/services/unallow_domain_service_spec.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowOnConstant, AllowOnSelfClass.
 Style/CaseEquality:
  Exclude:
    - 'config/initializers/trusted_proxies.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 # AllowedMethods: ==, equal?, eql?
 Style/ClassEqualityComparison:
  Exclude:
    - 'app/helpers/jsonld_helper.rb'
    - 'app/serializers/activitypub/outbox_serializer.rb'
 Style/ClassVars:
  Exclude:
    - 'config/initializers/devise.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/CombinableLoops:
  Exclude:
    - 'app/models/form/custom_emoji_batch.rb'
    - 'app/models/form/ip_block_batch.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowedVars.
 Style/FetchEnvVar:
  Exclude:
    - 'app/lib/redis_configuration.rb'
    - 'app/lib/translation_service.rb'
    - 'config/environments/development.rb'
    - 'config/environments/production.rb'
    - 'config/initializers/2_limited_federation_mode.rb'
    - 'config/initializers/3_omniauth.rb'
    - 'config/initializers/blacklists.rb'
    - 'config/initializers/cache_buster.rb'
    - 'config/initializers/content_security_policy.rb'
    - 'config/initializers/devise.rb'
    - 'config/initializers/paperclip.rb'
    - 'config/initializers/vapid.rb'
    - 'lib/mastodon/premailer_webpack_strategy.rb'
    - 'lib/mastodon/redis_config.rb'
    - 'lib/tasks/repo.rake'
    - 'spec/features/profile_spec.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, MaxUnannotatedPlaceholdersAllowed, AllowedMethods, AllowedPatterns.
 # SupportedStyles: annotated, template, unannotated
 # AllowedMethods: redirect
 Style/FormatStringToken:
  Exclude:
    - 'app/models/privacy_policy.rb'
    - 'config/initializers/devise.rb'
    - 'lib/paperclip/color_extractor.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/GlobalStdStream:
  Exclude:
    - 'config/boot.rb'
    - 'config/environments/development.rb'
    - 'config/environments/production.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: MinBodyLength, AllowConsecutiveConditionals.
 Style/GuardClause:
  Exclude:
    - 'app/controllers/admin/confirmations_controller.rb'
    - 'app/controllers/auth/confirmations_controller.rb'
    - 'app/controllers/auth/passwords_controller.rb'
    - 'app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb'
    - 'app/lib/activitypub/activity/block.rb'
    - 'app/lib/request.rb'
    - 'app/lib/request_pool.rb'
    - 'app/lib/webfinger.rb'
    - 'app/lib/webfinger_resource.rb'
    - 'app/models/concerns/account_counters.rb'
    - 'app/models/concerns/ldap_authenticable.rb'
    - 'app/models/tag.rb'
    - 'app/models/user.rb'
    - 'app/services/fan_out_on_write_service.rb'
    - 'app/services/post_status_service.rb'
    - 'app/services/process_hashtags_service.rb'
    - 'app/workers/move_worker.rb'
    - 'app/workers/redownload_avatar_worker.rb'
    - 'app/workers/redownload_header_worker.rb'
    - 'app/workers/redownload_media_worker.rb'
    - 'app/workers/remote_account_refresh_worker.rb'
    - 'config/initializers/devise.rb'
    - 'db/migrate/20170901141119_truncate_preview_cards.rb'
    - 'db/post_migrate/20220704024901_migrate_settings_to_user_roles.rb'
    - 'lib/devise/two_factor_ldap_authenticatable.rb'
    - 'lib/devise/two_factor_pam_authenticatable.rb'
    - 'lib/mastodon/cli/accounts.rb'
    - 'lib/mastodon/cli/maintenance.rb'
    - 'lib/mastodon/cli/media.rb'
    - 'lib/paperclip/attachment_extensions.rb'
    - 'lib/tasks/repo.rake'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: braces, no_braces
 Style/HashAsLastArrayItem:
  Exclude:
    - 'app/controllers/admin/statuses_controller.rb'
    - 'app/controllers/api/v1/statuses_controller.rb'
    - 'app/models/concerns/account_counters.rb'
    - 'app/models/concerns/status_threading_concern.rb'
    - 'app/models/status.rb'
    - 'app/services/batched_remove_status_service.rb'
    - 'app/services/notify_service.rb'
    - 'db/migrate/20181024224956_migrate_account_conversations.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/HashTransformValues:
  Exclude:
    - 'app/serializers/rest/web_push_subscription_serializer.rb'
    - 'app/services/import_service.rb'
 # This cop supports safe autocorrection (--autocorrect).
 Style/IfUnlessModifier:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/devise.rb'
    - 'config/initializers/ffmpeg.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: InverseMethods, InverseBlocks.
 Style/InverseMethods:
  Exclude:
    - 'app/models/custom_filter.rb'
    - 'app/services/update_account_service.rb'
    - 'spec/controllers/activitypub/replies_controller_spec.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: line_count_dependent, lambda, literal
 Style/Lambda:
  Exclude:
    - 'config/initializers/simple_form.rb'
    - 'config/routes.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/MapToHash:
  Exclude:
    - 'app/models/status.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: literals, strict
 Style/MutableConstant:
  Exclude:
    - 'app/models/tag.rb'
    - 'app/services/delete_account_service.rb'
    - 'lib/mastodon/migration_warning.rb'
 # This cop supports safe autocorrection (--autocorrect).
 Style/NilLambda:
  Exclude:
    - 'config/initializers/paperclip.rb'
 # Configuration parameters: AllowedMethods.
 # AllowedMethods: respond_to_missing?
 Style/OptionalBooleanParameter:
  Exclude:
    - 'app/helpers/admin/account_moderation_notes_helper.rb'
    - 'app/helpers/jsonld_helper.rb'
    - 'app/lib/admin/system_check/message.rb'
    - 'app/lib/request.rb'
    - 'app/lib/webfinger.rb'
    - 'app/services/block_domain_service.rb'
    - 'app/services/fetch_resource_service.rb'
    - 'app/workers/domain_block_worker.rb'
    - 'app/workers/unfollow_follow_worker.rb'
    - 'lib/mastodon/redis_config.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: PreferredDelimiters.
 Style/PercentLiteralDelimiters:
  Exclude:
    - 'config/deploy.rb'
    - 'config/initializers/doorkeeper.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: short, verbose
 Style/PreferredHashMethods:
  Exclude:
    - 'config/initializers/paperclip.rb'
 # This cop supports safe autocorrection (--autocorrect).
 Style/RedundantConstantBase:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/sidekiq.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: SafeForConstants.
 Style/RedundantFetchBlock:
  Exclude:
    - 'config/initializers/1_hosts.rb'
    - 'config/initializers/chewy.rb'
    - 'config/initializers/devise.rb'
    - 'config/initializers/paperclip.rb'
    - 'config/puma.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMultipleReturnValues.
 Style/RedundantReturn:
  Exclude:
    - 'app/controllers/api/v1/directories_controller.rb'
    - 'app/controllers/auth/confirmations_controller.rb'
    - 'app/lib/ostatus/tag_manager.rb'
    - 'app/models/form/import.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: ConvertCodeThatCanStartToReturnNil, AllowedMethods, MaxChainLength.
 # AllowedMethods: present?, blank?, presence, try, try!
 Style/SafeNavigation:
  Exclude:
    - 'app/models/concerns/account_finder_concern.rb'
    - 'app/models/status.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: only_raise, only_fail, semantic
 Style/SignalException:
  Exclude:
    - 'lib/devise/two_factor_ldap_authenticatable.rb'
    - 'lib/devise/two_factor_pam_authenticatable.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SingleArgumentDig:
  Exclude:
    - 'lib/webpacker/manifest_extensions.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: require_parentheses, require_no_parentheses
 Style/StabbyLambdaParentheses:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/content_security_policy.rb'
 # This cop supports safe autocorrection (--autocorrect).
 Style/StderrPuts:
  Exclude:
    - 'config/boot.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: Mode.
 Style/StringConcatenation:
  Exclude:
    - 'config/initializers/paperclip.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, ConsistentQuotesInMultiline.
 # SupportedStyles: single_quotes, double_quotes
 Style/StringLiterals:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/backtrace_silencers.rb'
    - 'config/initializers/http_client_proxy.rb'
    - 'config/initializers/rack_attack.rb'
    - 'config/initializers/webauthn.rb'
    - 'config/routes.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: AllowMethodsWithArguments, AllowedMethods, AllowedPatterns, AllowComments.
 # AllowedMethods: define_method, mail, respond_to
 Style/SymbolProc:
  Exclude:
    - 'config/initializers/3_omniauth.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, AllowSafeAssignment.
 # SupportedStyles: require_parentheses, require_no_parentheses, require_parentheses_when_complex
 Style/TernaryParentheses:
  Exclude:
    - 'config/environments/development.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyleForMultiline.
 # SupportedStylesForMultiline: comma, consistent_comma, no_comma
 Style/TrailingCommaInArguments:
  Exclude:
    - 'config/initializers/paperclip.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyleForMultiline.
 # SupportedStylesForMultiline: comma, consistent_comma, no_comma
 Style/TrailingCommaInHashLiteral:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/environments/test.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, MinSize, WordRegex.
 # SupportedStyles: percent, brackets
 Style/WordArray:
  Exclude:
    - 'app/helpers/languages_helper.rb'
    - 'config/initializers/cors.rb'
    - 'spec/controllers/settings/imports_controller_spec.rb'
    - 'spec/models/form/import_spec.rb'
--- a/.ruby-gemset
+++ b/.ruby-gemset
@ -1 +0,0 @@
 mastodon
--- a/.ruby-version
+++ b/.ruby-version
@ -1 +1 @@
-3.3.0
+2.6.0
--- a/.scss-lint.yml
+++ b/.scss-lint.yml
@ -0,0 +1,264 @@
 # Linter Documentation:
 # https://github.com/brigade/scss-lint/blob/v0.42.2/lib/scss_lint/linter/README.md
 scss_files: 'app/javascript/styles/**/*.scss'
 exclude:
  - app/javascript/styles/reset.scss
 linters:
  # Reports when you use improper spacing around ! (the "bang") in !default,
  # !global, !important, and !optional flags.
  BangFormat:
    enabled: false
  # Whether or not to prefer `border: 0` over `border: none`.
  BorderZero:
    enabled: false
  # Reports when you define a rule set using a selector with chained classes
  # (a.k.a. adjoining classes).
  ChainedClasses:
    enabled: false
  # Prefer hexadecimal color codes over color keywords.
  # (e.g. `color: green` is a color keyword)
  ColorKeyword:
    enabled: false
  # Prefer color literals (keywords or hexadecimal codes) to be used only in
  # variable declarations. They should be referred to via variables everywhere
  # else.
  ColorVariable:
    enabled: true
  # Which form of comments to prefer in CSS.
  Comment:
    enabled: false
  # Reports @debug statements (which you probably left behind accidentally).
  DebugStatement:
    enabled: false
  # Rule sets should be ordered as follows:
  # - @extend declarations
  # - @include declarations without inner @content
  # - properties, @include declarations with inner @content
  # - nested rule sets.
  DeclarationOrder:
    enabled: false
  # `scss-lint:disable` control comments should be preceded by a comment
  # explaining why these linters are being disabled for this file.
  # See https://github.com/brigade/scss-lint#disabling-linters-via-source for
  # more information.
  DisableLinterReason:
    enabled: true
  # Reports when you define the same property twice in a single rule set.
  DuplicateProperty:
    enabled: false
  # Separate rule, function, and mixin declarations with empty lines.
  EmptyLineBetweenBlocks:
    enabled: true
  # Reports when you have an empty rule set.
  EmptyRule:
    enabled: true
  # Reports when you have an @extend directive.
  ExtendDirective:
    enabled: false
  # Files should always have a final newline. This results in better diffs
  # when adding lines to the file, since SCM systems such as git won't
  # think that you touched the last line.
  FinalNewline:
    enabled: false
  # HEX colors should use three-character values where possible.
  HexLength:
    enabled: false
  # HEX color values should use lower-case colors to differentiate between
  # letters and numbers, e.g. `#E3E3E3` vs. `#e3e3e3`.
  HexNotation:
    enabled: true
  # Avoid using ID selectors.
  IdSelector:
    enabled: false
  # The basenames of @imported SCSS partials should not begin with an
  # underscore and should not include the filename extension.
  ImportPath:
    enabled: false
  # Avoid using !important in properties. It is usually indicative of a
  # misunderstanding of CSS specificity and can lead to brittle code.
  ImportantRule:
    enabled: false
  # Indentation should always be done in increments of 2 spaces.
  Indentation:
    enabled: true
    width: 2
  # Don't write leading zeros for numeric values with a decimal point.
  LeadingZero:
    enabled: false
  # Reports when you define the same selector twice in a single sheet.
  MergeableSelector:
    enabled: false
  # Functions, mixins, variables, and placeholders should be declared
  # with all lowercase letters and hyphens instead of underscores.
  NameFormat:
    enabled: false
  # Avoid nesting selectors too deeply.
  NestingDepth:
    enabled: false
  # Always use placeholder selectors in @extend.
  PlaceholderInExtend:
    enabled: false
  # Sort properties in a strict order.
  PropertySortOrder:
    enabled: false
  # Reports when you use an unknown or disabled CSS property
  # (ignoring vendor-prefixed properties).
  PropertySpelling:
    enabled: false
  # Configure which units are allowed for property values.
  PropertyUnits:
    enabled: false
  # Pseudo-elements, like ::before, and ::first-letter, should be declared
  # with two colons. Pseudo-classes, like :hover and :first-child, should
  # be declared with one colon.
  PseudoElement:
    enabled: true
  # Avoid qualifying elements in selectors (also known as "tag-qualifying").
  QualifyingElement:
    enabled: false
  # Don't write selectors with a depth of applicability greater than 3.
  SelectorDepth:
    enabled: false
  # Selectors should always use hyphenated-lowercase, rather than camelCase or
  # snake_case.
  SelectorFormat:
    enabled: false
    convention: hyphenated_lowercase
  # Prefer the shortest shorthand form possible for properties that support it.
  Shorthand:
    enabled: true
  # Each property should have its own line, except in the special case of
  # single line rulesets.
  SingleLinePerProperty:
    enabled: true
    allow_single_line_rule_sets: true
  # Split selectors onto separate lines after each comma, and have each
  # individual selector occupy a single line.
  SingleLinePerSelector:
    enabled: true
  # Commas in lists should be followed by a space.
  SpaceAfterComma:
    enabled: false
  # Properties should be formatted with a single space separating the colon
  # from the property's value.
  SpaceAfterPropertyColon:
    enabled: true
  # Properties should be formatted with no space between the name and the
  # colon.
  SpaceAfterPropertyName:
    enabled: true
  # Variables should be formatted with a single space separating the colon
  # from the variable's value.
  SpaceAfterVariableColon:
    enabled: true
  # Variables should be formatted with no space between the name and the
  # colon.
  SpaceAfterVariableName:
    enabled: false
  # Operators should be formatted with a single space on both sides of an
  # infix operator.
  SpaceAroundOperator:
    enabled: true
  # Opening braces should be preceded by a single space.
  SpaceBeforeBrace:
    enabled: true
  # Parentheses should not be padded with spaces.
  SpaceBetweenParens:
    enabled: false
  # Enforces that string literals should be written with a consistent form
  # of quotes (single or double).
  StringQuotes:
    enabled: false
  # Property values, @extend, @include, and @import directives, and variable
  # declarations should always end with a semicolon.
  TrailingSemicolon:
    enabled: true
  # Reports lines containing trailing whitespace.
  TrailingWhitespace:
    enabled: true
  # Don't write trailing zeros for numeric values with a decimal point.
  TrailingZero:
    enabled: false
  # Don't use the `all` keyword to specify transition properties.
  TransitionAll:
    enabled: false
  # Numeric values should not contain unnecessary fractional portions.
  UnnecessaryMantissa:
    enabled: false
  # Do not use parent selector references (&) when they would otherwise
  # be unnecessary.
  UnnecessaryParentReference:
    enabled: false
  # URLs should be valid and not contain protocols or domain names.
  UrlFormat:
    enabled: true
  # URLs should always be enclosed within quotes.
  UrlQuotes:
    enabled: true
  # Properties, like color and font, are easier to read and maintain
  # when defined using variables rather than literals.
  VariableForProperty:
    enabled: false
  # Avoid vendor prefixes. Or rather: don't write them yourself.
  VendorPrefix:
    enabled: false
  # Omit length units on zero values, e.g. `0px` vs. `0`.
  ZeroUnit:
    enabled: true
--- a/.yarnclean
+++ b/.yarnclean
@ -43,7 +43,4 @@ Gruntfile.js
 # for specific ignore
 !.svgo.yml
 !sass-lint/**/*.yml
 # breaks lint-staged or generally anything using https://github.com/eemeli/yaml/issues/384
 !**/yaml/dist/**/doc
--- a/AUTHORS.md
+++ b/AUTHORS.md
--- a/26
+++ b/26
@ -1,5 +1,29 @@
 ffmpeg
-libopenblas0-pthread
+libicu[0-9][0-9]
 libicu-dev
 libidn11
 libidn11-dev
 libpq-dev
 libprotobuf-dev
 libssl-dev
 libxdamage1
 libxfixes3
 protobuf-compiler
 zlib1g-dev
 libcairo2
 libcroco3
 libdatrie1
 libgdk-pixbuf2.0-0
 libgraphite2-3
 libharfbuzz0b
 libpango-1.0-0
 libpangocairo-1.0-0
 libpangoft2-1.0-0
 libpixman-1-0
 librsvg2-2
 libthai-data
 libthai0
 libvpx5
 libxcb-render0
 libxcb-shm0
 libxrender1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@ -2,131 +2,45 @@
 ## Our Pledge
-We as members, contributors, and leaders pledge to make participation in our
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
 community a harassment-free experience for everyone, regardless of age, body
 size, visible or invisible disability, ethnicity, sex characteristics, gender
 identity and expression, level of experience, education, socio-economic status,
 nationality, personal appearance, race, caste, color, religion, or sexual
 identity and orientation.
 We pledge to act and interact in ways that contribute to an open, welcoming,
 diverse, inclusive, and healthy community.
 ## Our Standards
-Examples of behavior that contributes to a positive environment for our
+Examples of behavior that contributes to creating a positive environment include:
 community include:
- Demonstrating empathy and kindness toward other people
+* Using welcoming and inclusive language
- Being respectful of differing opinions, viewpoints, and experiences
+* Being respectful of differing viewpoints and experiences
- Giving and gracefully accepting constructive feedback
+* Gracefully accepting constructive criticism
- Accepting responsibility and apologizing to those affected by our mistakes,
+* Focusing on what is best for the community
-  and learning from the experience
+* Showing empathy towards other community members
 - Focusing on what is best not just for us as individuals, but for the overall
  community
-Examples of unacceptable behavior include:
+Examples of unacceptable behavior by participants include:
- The use of sexualized language or imagery, and sexual attention or advances of
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
-  any kind
+* Trolling, insulting/derogatory comments, and personal or political attacks
- Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
- Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
- Publishing others' private information, such as a physical or email address,
+* Other conduct which could reasonably be considered inappropriate in a professional setting
  without their explicit permission
 - Other conduct which could reasonably be considered inappropriate in a
  professional setting
-## Enforcement Responsibilities
+## Our Responsibilities
-Community leaders are responsible for clarifying and enforcing our standards of
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
 acceptable behavior and will take appropriate and fair corrective action in
 response to any behavior that they deem inappropriate, threatening, offensive,
 or harmful.
-Community leaders have the right and responsibility to remove, edit, or reject
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
 comments, commits, code, wiki edits, issues, and other contributions that are
 not aligned to this Code of Conduct, and will communicate reasons for moderation
 decisions when appropriate.
 ## Scope
-This Code of Conduct applies within all community spaces, and also applies when
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
 an individual is officially representing the community in public spaces.
 Examples of representing our community include using an official e-mail address,
 posting via an official social media account, or acting as an appointed
 representative at an online or offline event.
 ## Enforcement
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at eugen@zeonfederated.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
 reported to the community leaders responsible for enforcement at
 [hello@joinmastodon.org](mailto:hello@joinmastodon.org).
 All complaints will be reviewed and investigated promptly and fairly.
-All community leaders are obligated to respect the privacy and security of the
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
 reporter of any incident.
 ## Enforcement Guidelines
 Community leaders will follow these Community Impact Guidelines in determining
 the consequences for any action they deem in violation of this Code of Conduct:
 ### 1. Correction
 **Community Impact**: Use of inappropriate language or other behavior deemed
 unprofessional or unwelcome in the community.
 **Consequence**: A private, written warning from community leaders, providing
 clarity around the nature of the violation and an explanation of why the
 behavior was inappropriate. A public apology may be requested.
 ### 2. Warning
 **Community Impact**: A violation through a single incident or series of
 actions.
 **Consequence**: A warning with consequences for continued behavior. No
 interaction with the people involved, including unsolicited interaction with
 those enforcing the Code of Conduct, for a specified period of time. This
 includes avoiding interactions in community spaces as well as external channels
 like social media. Violating these terms may lead to a temporary or permanent
 ban.
 ### 3. Temporary Ban
 **Community Impact**: A serious violation of community standards, including
 sustained inappropriate behavior.
 **Consequence**: A temporary ban from any sort of interaction or public
 communication with the community for a specified period of time. No public or
 private interaction with the people involved, including unsolicited interaction
 with those enforcing the Code of Conduct, is allowed during this period.
 Violating these terms may lead to a permanent ban.
 ### 4. Permanent Ban
 **Community Impact**: Demonstrating a pattern of violation of community
 standards, including sustained inappropriate behavior, harassment of an
 individual, or aggression toward or disparagement of classes of individuals.
 **Consequence**: A permanent ban from any sort of public interaction within the
 community.
 ## Attribution
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
 version 2.1, available at
 [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
-Community Impact Guidelines were inspired by
+[homepage]: http://contributor-covenant.org
-[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+[version]: http://contributor-covenant.org/version/1/4/
 For answers to common questions about this code of conduct, see the FAQ at
 [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
 [https://www.contributor-covenant.org/translations][translations].
 [homepage]: https://www.contributor-covenant.org
 [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
 [Mozilla CoC]: https://github.com/mozilla/diversity
 [FAQ]: https://www.contributor-covenant.org/faq
 [translations]: https://www.contributor-covenant.org/translations
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,6 +1,7 @@
-# Contributing
+Contributing
 ============
-Thank you for considering contributing to Mastodon 🐘
+Thank you for considering contributing to Mastodon 🐘 
 You can contribute in the following ways:
@ -9,31 +10,21 @@ You can contribute in the following ways:
 - Contributing code to Mastodon by fixing bugs or implementing features
 - Improving the documentation
 If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
 ## Bug reports
-Bug reports and feature suggestions must use descriptive and concise titles and be submitted to [GitHub Issues](https://github.com/mastodon/mastodon/issues). Please use the search function to make sure that you are not submitting duplicates, and that a similar report or request has not already been resolved or rejected.
+Bug reports and feature suggestions can be submitted to [GitHub Issues](https://github.com/tootsuite/mastodon/issues). Please make sure that you are not submitting duplicates, and that a similar report or request has not already been resolved or rejected in the past using the search function. Please also use descriptive, concise titles.
 ## Translations
-You can submit translations via [Crowdin](https://crowdin.com/project/mastodon). They are periodically merged into the codebase.
+You can submit translations via [Weblate](https://weblate.joinmastodon.org/). They are periodically merged into the codebase.
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)](https://crowdin.com/project/mastodon)
+[![Mastodon translation statistics by language](https://weblate.joinmastodon.org/widgets/mastodon/-/multi-auto.svg)](https://weblate.joinmastodon.org/)
 ## Pull requests
-**Please use clean, concise titles for your pull requests.** Unless the pull request is about refactoring code, updating dependencies or other internal tasks, assume that the person reading the pull request title is not a programmer or Mastodon developer, but instead a Mastodon user or server administrator, and **try to describe your change or fix from their perspective**. We use commit squashing, so the final commit in the main branch will carry the title of the pull request, and commits from the main branch are fed into the changelog. The changelog is separated into [keepachangelog.com categories](https://keepachangelog.com/en/1.0.0/), and while that spec does not prescribe how the entries ought to be named, for easier sorting, start your pull request titles using one of the verbs "Add", "Change", "Deprecate", "Remove", or "Fix" (present tense).
+Please use clean, concise titles for your pull requests. We use commit squashing, so the final commit in the master branch will carry the title of the pull request.
-Example:
+The smaller the set of changes in the pull request is, the quicker it can be reviewed and merged. Splitting tasks into multiple smaller pull requests is often preferable.
 | Not ideal                            | Better                                                        |
 | ------------------------------------ | ------------------------------------------------------------- |
 | Fixed NoMethodError in RemovalWorker | Fix nil error when removing statuses caused by race condition |
 It is not always possible to phrase every change in such a manner, but it is desired.
 **The smaller the set of changes in the pull request is, the quicker it can be reviewed and merged.** Splitting tasks into multiple smaller pull requests is often preferable.
 **Pull requests that do not pass automated checks may not be reviewed**. In particular, you need to keep in mind:
@ -43,4 +34,4 @@ It is not always possible to phrase every change in such a manner, but it is des
 ## Documentation
-The [Mastodon documentation](https://docs.joinmastodon.org) is a statically generated site. You can [submit merge requests to mastodon/documentation](https://github.com/mastodon/documentation).
+The [Mastodon documentation](https://docs.joinmastodon.org) is a statically generated site. You can [submit merge requests to mastodon/docs](https://source.joinmastodon.org/mastodon/docs).
--- a/1
+++ b/1
@ -1,5 +1,4 @@
 # frozen_string_literal: true
 require 'capistrano/setup'
 require 'capistrano/deploy'
 require 'capistrano/scm/git'
--- a/183
+++ b/183
@ -1,105 +1,90 @@
-# syntax=docker/dockerfile:1.4
+FROM node:8.15-alpine as node
-# This needs to be bookworm-slim because the Ruby image is built on bookworm-slim
+FROM ruby:2.6-alpine3.8
 ARG NODE_VERSION="20.6-bookworm-slim"
-FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.3-slim as ruby
+LABEL maintainer="https://github.com/tootsuite/mastodon" \
-FROM node:${NODE_VERSION} as build
+      description="Your self-hosted, globally interconnected microblogging community"
-COPY --link --from=ruby /opt/ruby /opt/ruby
+ARG UID=991
 ARG GID=991
-ENV DEBIAN_FRONTEND="noninteractive" \
+ENV PATH=/mastodon/bin:$PATH \
-    PATH="${PATH}:/opt/ruby/bin"
+    RAILS_SERVE_STATIC_FILES=true \
    RAILS_ENV=production \
    NODE_ENV=production
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+ARG LIBICONV_VERSION=1.15
 ARG LIBICONV_DOWNLOAD_SHA256=ccf536620a45458d26ba83887a983b96827001e92a13847b45e4925cc8913178
 WORKDIR /opt/mastodon
 COPY Gemfile* package.json yarn.lock /opt/mastodon/
 # hadolint ignore=DL3008
 RUN apt-get update && \
    apt-get -yq dist-upgrade && \
    apt-get install -y --no-install-recommends build-essential \
        git \
        libicu-dev \
        libidn-dev \
        libpq-dev \
        libjemalloc-dev \
        zlib1g-dev \
        libgdbm-dev \
        libgmp-dev \
        libssl-dev \
        libyaml-0-2 \
        ca-certificates \
        libreadline8 \
        python3 \
        shared-mime-info && \
    bundle config set --local deployment 'true' && \
    bundle config set --local without 'development test' && \
    bundle config set silence_root_warning true && \
    bundle install -j"$(nproc)" && \
    yarn install --pure-lockfile --production --network-timeout 600000 && \
    yarn cache clean
 FROM node:${NODE_VERSION}
 # Use those args to specify your own version flags & suffixes
 ARG MASTODON_VERSION_PRERELEASE=""
 ARG MASTODON_VERSION_METADATA=""
 ARG UID="991"
 ARG GID="991"
 COPY --link --from=ruby /opt/ruby /opt/ruby
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 ENV DEBIAN_FRONTEND="noninteractive" \
    PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
 # Ignoring these here since we don't want to pin any versions and the Debian image removes apt-get content after use
 # hadolint ignore=DL3008,DL3009
 RUN apt-get update && \
    echo "Etc/UTC" > /etc/localtime && \
    groupadd -g "${GID}" mastodon && \
    useradd -l -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \
    apt-get -y --no-install-recommends install whois \
        wget \
        procps \
        libssl3 \
        libpq5 \
        imagemagick \
        ffmpeg \
        libjemalloc2 \
        libicu72 \
        libidn12 \
        libyaml-0-2 \
        file \
        ca-certificates \
        tzdata \
        libreadline8 \
        tini && \
    ln -s /opt/mastodon /mastodon
 # Note: no, cleaning here since Debian does this automatically
 # See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
 COPY --chown=mastodon:mastodon . /opt/mastodon
 COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
 ENV RAILS_ENV="production" \
    NODE_ENV="production" \
    RAILS_SERVE_STATIC_FILES="true" \
    BIND="0.0.0.0" \
    MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
    MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}"
 # Set the run user
 USER mastodon
 WORKDIR /opt/mastodon
 # Precompile assets
 RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile
 # Set the work dir and the container entry point
 ENTRYPOINT ["/usr/bin/tini", "--"]
 EXPOSE 3000 4000
 WORKDIR /mastodon
 COPY --from=node /usr/local/bin/node /usr/local/bin/node
 COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
 COPY --from=node /usr/local/bin/npm /usr/local/bin/npm
 COPY --from=node /opt/yarn-* /opt/yarn
 RUN apk -U upgrade \
 && apk add -t build-dependencies \
    build-base \
    icu-dev \
    libidn-dev \
    libressl \
    libtool \
    libxml2-dev \
    libxslt-dev \
    postgresql-dev \
    protobuf-dev \
    python \
 && apk add \
    ca-certificates \
    ffmpeg \
    file \
    git \
    icu-libs \
    imagemagick \
    libidn \
    libpq \
    libxml2 \
    libxslt \
    protobuf \
    tini \
    tzdata \
 && update-ca-certificates \
 && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
 && ln -s /opt/yarn/bin/yarnpkg /usr/local/bin/yarnpkg \
 && mkdir -p /tmp/src /opt \
 && wget -O libiconv.tar.gz "https://ftp.gnu.org/pub/gnu/libiconv/libiconv-$LIBICONV_VERSION.tar.gz" \
 && echo "$LIBICONV_DOWNLOAD_SHA256 *libiconv.tar.gz" | sha256sum -c - \
 && tar -xzf libiconv.tar.gz -C /tmp/src \
 && rm libiconv.tar.gz \
 && cd /tmp/src/libiconv-$LIBICONV_VERSION \
 && ./configure --prefix=/usr/local \
 && make -j$(getconf _NPROCESSORS_ONLN)\
 && make install \
 && libtool --finish /usr/local/lib \
 && cd /mastodon \
 && rm -rf /tmp/* /var/cache/apk/*
 COPY Gemfile Gemfile.lock package.json yarn.lock .yarnclean /mastodon/
 RUN bundle config build.nokogiri --use-system-libraries --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
 && bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without test development \
 && yarn install --pure-lockfile --ignore-engines \
 && yarn cache clean
 RUN addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon \
 && mkdir -p /mastodon/public/system /mastodon/public/assets /mastodon/public/packs \
 && chown -R mastodon:mastodon /mastodon/public
 COPY . /mastodon
 RUN chown -R mastodon:mastodon /mastodon
 VOLUME /mastodon/public/system
 USER mastodon
 RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile
 ENTRYPOINT ["/sbin/tini", "--"]
--- a/FEDERATION.md
+++ b/FEDERATION.md
@ -1,31 +0,0 @@
 ## ActivityPub federation in Mastodon
 Mastodon largely follows the ActivityPub server-to-server specification but it makes uses of some non-standard extensions, some of which are required for interacting with Mastodon at all.
 Supported vocabulary: https://docs.joinmastodon.org/spec/activitypub/
 ### Required extensions
 #### Webfinger
 In Mastodon, users are identified by a `username` and `domain` pair (e.g., `Gargron@mastodon.social`).
 This is used both for discovery and for unambiguously mentioning users across the fediverse. Furthermore, this is part of Mastodon's database design from its very beginnings.
 As a result, Mastodon requires that each ActivityPub actor uniquely maps back to an `acct:` URI that can be resolved via WebFinger.
 More information and examples are available at: https://docs.joinmastodon.org/spec/webfinger/
 #### HTTP Signatures
 In order to authenticate activities, Mastodon relies on HTTP Signatures, signing every `POST` and `GET` request to other ActivityPub implementations on behalf of the user authoring an activity (for `POST` requests) or an actor representing the Mastodon server itself (for most `GET` requests).
 Mastodon requires all `POST` requests to be signed, and MAY require `GET` requests to be signed, depending on the configuration of the Mastodon server.
 More information on HTTP Signatures, as well as examples, can be found here: https://docs.joinmastodon.org/spec/security/#http
 ### Optional extensions
 - Linked-Data Signatures: https://docs.joinmastodon.org/spec/security/#ld
 - Bearcaps: https://docs.joinmastodon.org/spec/bearcaps/
 - Followers collection synchronization: https://codeberg.org/fediverse/fep/src/branch/main/fep/8fcf/fep-8fcf.md
 - Search indexing consent for actors: https://codeberg.org/fediverse/fep/src/branch/main/fep/5feb/fep-5feb.md
--- a/270
+++ b/270
@ -1,207 +1,149 @@
 # frozen_string_literal: true
 source 'https://rubygems.org'
-ruby '>= 3.0.0'
+ruby '>= 2.4.0', '< 2.7.0'
-gem 'puma', '~> 6.3'
+gem 'pkg-config', '~> 1.3'
 gem 'rails', '~> 7.0'
 gem 'sprockets', '~> 3.7.2'
 gem 'thor', '~> 1.2'
 gem 'rack', '~> 2.2.7'
-gem 'haml-rails', '~>2.0'
+gem 'puma', '~> 3.12'
-gem 'pg', '~> 1.5'
+gem 'rails', '~> 5.2.2'
-gem 'pghero'
+gem 'thor', '~> 0.20'
 gem 'dotenv-rails', '~> 2.8'
-gem 'aws-sdk-s3', '~> 1.123', require: false
+gem 'hamlit-rails', '~> 0.2'
-gem 'fog-core', '<= 2.4.0'
+gem 'pg', '~> 1.1'
 gem 'makara', '~> 0.4'
 gem 'pghero', '~> 2.2'
 gem 'dotenv-rails', '~> 2.6'
 gem 'aws-sdk-s3', '~> 1.30', require: false
 gem 'fog-core', '<= 2.1.0'
 gem 'fog-openstack', '~> 0.3', require: false
-gem 'kt-paperclip', '~> 7.2'
+gem 'paperclip', '~> 6.0'
-gem 'md-paperclip-azure', '~> 2.2', require: false
+gem 'paperclip-av-transcoder', '~> 0.6'
-gem 'blurhash', '~> 0.1'
+gem 'streamio-ffmpeg', '~> 3.0'
 gem 'active_model_serializers', '~> 0.10'
-gem 'addressable', '~> 2.8'
+gem 'addressable', '~> 2.5'
-gem 'bootsnap', '~> 1.16.0', require: false
+gem 'bootsnap', '~> 1.3', require: false
 gem 'browser'
-gem 'charlock_holmes', '~> 0.7.7'
+gem 'charlock_holmes', '~> 0.7.6'
-gem 'chewy', '~> 7.3'
+gem 'iso-639'
-gem 'devise', '~> 4.9'
+gem 'chewy', '~> 5.0'
-gem 'devise-two-factor', '~> 4.1'
+gem 'cld3', '~> 3.2.3'
 gem 'devise', '~> 4.5'
 gem 'devise-two-factor', '~> 3.0'
 group :pam_authentication, optional: true do
  gem 'devise_pam_authenticatable2', '~> 9.2'
 end
-gem 'net-ldap', '~> 0.18'
+gem 'net-ldap', '~> 0.10'
 gem 'omniauth-cas', '~> 1.1'
 gem 'omniauth-saml', '~> 1.10'
 gem 'omniauth', '~> 1.9'
-# TODO: Point back at released omniauth-cas gem when PR merged
+gem 'doorkeeper', '~> 5.0'
 # https://github.com/dlindahl/omniauth-cas/pull/68
 gem 'omniauth-cas', github: 'stanhu/omniauth-cas', ref: '4211e6d05941b4a981f9a36b49ec166cecd0e271'
 gem 'omniauth-saml', '~> 2.0'
 gem 'omniauth_openid_connect', '~> 0.6.1'
 gem 'omniauth', '~> 2.0'
 gem 'omniauth-rails_csrf_protection', '~> 1.0'
 gem 'color_diff', '~> 0.1'
 gem 'discard', '~> 1.2'
 gem 'doorkeeper', '~> 5.6'
 gem 'ed25519', '~> 1.3'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'goldfinger', '~> 2.1'
 gem 'hiredis', '~> 0.6'
-gem 'redis-namespace', '~> 1.10'
+gem 'redis-namespace', '~> 1.5'
 gem 'htmlentities', '~> 4.3'
-gem 'http', '~> 5.1'
+gem 'http', '~> 3.3'
 gem 'http_accept_language', '~> 2.1'
-gem 'httplog', '~> 1.6.2'
+gem 'http_parser.rb', '~> 0.6', git: 'https://github.com/tmm1/http_parser.rb', ref: '54b17ba8c7d8d20a16dfc65d1775241833219cf2'
 gem 'httplog', '~> 1.2'
 gem 'idn-ruby', require: 'idn'
-gem 'kaminari', '~> 1.2'
+gem 'kaminari', '~> 1.1'
 gem 'link_header', '~> 0.0'
-gem 'mime-types', '~> 3.5.0', require: 'mime/types/columnar'
+gem 'mime-types', '~> 3.2', require: 'mime/types/columnar'
-gem 'nokogiri', '~> 1.15'
+gem 'nokogiri', '~> 1.10'
-gem 'nsa'
+gem 'nsa', '~> 0.2'
-gem 'oj', '~> 3.14'
+gem 'oj', '~> 3.7'
-gem 'ox', '~> 2.14'
+gem 'ostatus2', '~> 2.0'
-gem 'parslet'
+gem 'ox', '~> 2.10'
-gem 'public_suffix', '~> 5.0'
+gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
-gem 'pundit', '~> 2.3'
+gem 'pundit', '~> 2.0'
 gem 'premailer-rails'
-gem 'rack-attack', '~> 6.6'
+gem 'rack-attack', '~> 5.4'
-gem 'rack-cors', '~> 2.0', require: 'rack/cors'
+gem 'rack-cors', '~> 1.0', require: 'rack/cors'
-gem 'rails-i18n', '~> 7.0'
+gem 'rails-i18n', '~> 5.1'
-gem 'rails-settings-cached', '~> 0.6', git: 'https://github.com/mastodon/rails-settings-cached.git', branch: 'v0.6.6-aliases-true'
+gem 'rails-settings-cached', '~> 0.6'
-gem 'redcarpet', '~> 3.6'
+gem 'redis', '~> 4.1', require: ['redis', 'redis/connection/hiredis']
 gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
-gem 'rqrcode', '~> 2.2'
+gem 'rqrcode', '~> 0.10'
-gem 'ruby-progressbar', '~> 1.13'
+gem 'sanitize', '~> 5.0'
-gem 'sanitize', '~> 6.0'
+gem 'sidekiq', '~> 5.2'
-gem 'scenic', '~> 1.7'
+gem 'sidekiq-scheduler', '~> 3.0'
-gem 'sidekiq', '~> 6.5'
+gem 'sidekiq-unique-jobs', '~> 6.0'
-gem 'sidekiq-scheduler', '~> 5.0'
+gem 'sidekiq-bulk', '~>0.2.0'
-gem 'sidekiq-unique-jobs', '~> 7.1'
+gem 'simple-navigation', '~> 4.0'
-gem 'sidekiq-bulk', '~> 0.2.0'
+gem 'simple_form', '~> 4.1'
-gem 'simple-navigation', '~> 4.4'
+gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie'
-gem 'simple_form', '~> 5.2'
+gem 'stoplight', '~> 2.1.3'
-gem 'sprockets-rails', '~> 3.4', require: 'sprockets/railtie'
+gem 'strong_migrations', '~> 0.3'
-gem 'stoplight', '~> 3.0.1'
+gem 'tty-command', '~> 0.8', require: false
-gem 'strong_migrations', '~> 0.8'
+gem 'tty-prompt', '~> 0.18', require: false
-gem 'tty-prompt', '~> 0.23', require: false
+gem 'twitter-text', '~> 1.14'
-gem 'twitter-text', '~> 3.1.0'
+gem 'tzinfo-data', '~> 1.2018'
-gem 'tzinfo-data', '~> 1.2023'
+gem 'webpacker', '~> 3.5'
-gem 'webpacker', '~> 5.4'
+gem 'webpush'
 gem 'webpush', github: 'ClearlyClaire/webpush', ref: 'f14a4d52e201128b1b00245d11b6de80d6cfdcd9'
 gem 'webauthn', '~> 3.0'
-gem 'json-ld'
+gem 'json-ld', '~> 3.0'
-gem 'json-ld-preloaded', '~> 3.2'
+gem 'json-ld-preloaded', '~> 3.0'
-gem 'rdf-normalize', '~> 0.5'
+gem 'rdf-normalize', '~> 0.3'
-gem 'private_address_check', '~> 0.5'
+group :development, :test do
  gem 'fabrication', '~> 2.20'
  gem 'fuubar', '~> 2.3'
  gem 'i18n-tasks', '~> 0.9', require: false
  gem 'pry-byebug', '~> 3.6'
  gem 'pry-rails', '~> 0.3'
  gem 'rspec-rails', '~> 3.8'
 end
 group :production, :test do
  gem 'private_address_check', '~> 0.5'
 end
 group :test do
-  # Used to split testing into chunks in CI
+  gem 'capybara', '~> 3.12'
  gem 'rspec_chunked', '~> 0.6'
  # RSpec progress bar formatter
  gem 'fuubar', '~> 2.5'
  # Extra RSpec extenion methods and helpers for sidekiq
  gem 'rspec-sidekiq', '~> 4.0'
  # Browser integration testing
  gem 'capybara', '~> 3.39'
  gem 'selenium-webdriver'
  # Used to reset the database between system tests
  gem 'database_cleaner-active_record'
  # Used to mock environment variables
  gem 'climate_control', '~> 0.2'
-
+  gem 'faker', '~> 1.9'
-  # Generating fake data for specs
+  gem 'microformats', '~> 4.0'
  gem 'faker', '~> 3.2'
  # Generate test objects for specs
  gem 'fabrication', '~> 2.30'
  # Add back helpers functions removed in Rails 5.1
  gem 'rails-controller-testing', '~> 1.0'
-
+  gem 'rspec-sidekiq', '~> 3.0'
-  # Validate schemas in specs
+  gem 'simplecov', '~> 0.16', require: false
-  gem 'json-schema', '~> 4.0'
+  gem 'webmock', '~> 3.5'
-
+  gem 'parallel_tests', '~> 2.27'
  # Test harness fo rack components
  gem 'rack-test', '~> 2.1'
  # Coverage formatter for RSpec test if DISABLE_SIMPLECOV is false
  gem 'simplecov', '~> 0.22', require: false
  # Stub web requests for specs
  gem 'webmock', '~> 3.18'
 end
 group :development do
-  # Code linting CLI and plugins
+  gem 'active_record_query_trace', '~> 1.5'
-  gem 'rubocop', require: false
+  gem 'annotate', '~> 2.7'
-  gem 'rubocop-capybara', require: false
+  gem 'better_errors', '~> 2.5'
-  gem 'rubocop-performance', require: false
+  gem 'binding_of_caller', '~> 0.7'
-  gem 'rubocop-rails', require: false
+  gem 'bullet', '~> 5.9'
-  gem 'rubocop-rspec', require: false
+  gem 'letter_opener', '~> 1.7'
  gem 'letter_opener_web', '~> 1.3'
  gem 'memory_profiler'
  gem 'rubocop', '~> 0.63', require: false
  gem 'brakeman', '~> 4.4', require: false
  gem 'bundler-audit', '~> 0.6', require: false
  gem 'scss_lint', '~> 0.57', require: false
-  # Annotates modules with schema
+  gem 'capistrano', '~> 3.11'
-  gem 'annotate', '~> 3.2'
+  gem 'capistrano-rails', '~> 1.4'
-
+  gem 'capistrano-rbenv', '~> 2.1'
  # Enhanced error message pages for development
  gem 'better_errors', '~> 2.9'
  gem 'binding_of_caller', '~> 1.0'
  # Preview mail in the browser
  gem 'letter_opener', '~> 1.8'
  gem 'letter_opener_web', '~> 2.0'
  # Security analysis CLI tools
  gem 'brakeman', '~> 6.0', require: false
  gem 'bundler-audit', '~> 0.9', require: false
  # Linter CLI for HAML files
  gem 'haml_lint', require: false
  # Deployment automation
  gem 'capistrano', '~> 3.17'
  gem 'capistrano-rails', '~> 1.6'
  gem 'capistrano-rbenv', '~> 2.2'
  gem 'capistrano-yarn', '~> 2.0'
-  # Validate missing i18n keys
+  gem 'derailed_benchmarks'
-  gem 'i18n-tasks', '~> 1.0', require: false
+  gem 'stackprof'
 end
 group :development, :test do
  # Profiling tools
  gem 'memory_profiler', require: false
  gem 'ruby-prof', require: false
  gem 'stackprof', require: false
  gem 'test-prof'
  # RSpec runner for rails
  gem 'rspec-rails', '~> 6.0'
 end
 group :production do
-  gem 'lograge', '~> 0.12'
+  gem 'lograge', '~> 0.10'
  gem 'redis-rails', '~> 5.0'
 end
 gem 'concurrent-ruby', require: false
 gem 'connection_pool', require: false
 gem 'xorcist', '~> 1.1'
 gem 'cocoon', '~> 1.2'
 gem 'net-http', '~> 0.3.2'
 gem 'rubyzip', '~> 2.3'
 gem 'hcaptcha', '~> 7.1'
 gem 'mail', '~> 2.8'
--- a/Gemfile.lock
+++ b/Gemfile.lock
--- a/14
+++ b/14
@ -1,14 +1,2 @@
-web: bin/heroku-web
+web: bundle exec puma -C config/puma.rb
 worker: bundle exec sidekiq
 # For the streaming API, you need a separate app that shares Postgres and Redis:
 #
 # heroku create
 # heroku buildpacks:add heroku/nodejs
 # heroku config:set RUN_STREAMING=true
 # heroku addons:attach <main-app>::DATABASE
 # heroku addons:attach <main-app>::REDIS
 #
 # and let the main app use the separate app:
 #
 # heroku config:set STREAMING_API_BASE_URL=wss://<streaming-app>.herokuapp.com -a <main-app>
--- a/Procfile.dev
+++ b/Procfile.dev
@ -1,4 +1,4 @@
-web: env PORT=3000 RAILS_ENV=development bundle exec puma -C config/puma.rb
+web: env PORT=3000 bundle exec puma -C config/puma.rb
-sidekiq: env PORT=3000 RAILS_ENV=development bundle exec sidekiq
+sidekiq: env PORT=3000 bundle exec sidekiq
 stream: env PORT=4000 yarn run start
-webpack: bin/webpack-dev-server
+webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0
--- a/README.md
+++ b/README.md
@ -1,17 +1,19 @@
-<h1><picture>
+![Mastodon](https://i.imgur.com/NhZc40l.png)
-  <source media="(prefers-color-scheme: dark)" srcset="./lib/assets/wordmark.dark.png?raw=true">
+========
  <source media="(prefers-color-scheme: light)" srcset="./lib/assets/wordmark.light.png?raw=true">
  <img alt="Mastodon" src="./lib/assets/wordmark.light.png?raw=true" height="34">
 </picture></h1>
-[![GitHub release](https://img.shields.io/github/release/mastodon/mastodon.svg)][releases]
+[![GitHub release](https://img.shields.io/github/release/tootsuite/mastodon.svg)][releases]
-[![Ruby Testing](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml/badge.svg)](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml)
+[![Build Status](https://img.shields.io/circleci/project/github/tootsuite/mastodon.svg)][circleci]
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)][crowdin]
+[![Code Climate](https://img.shields.io/codeclimate/maintainability/tootsuite/mastodon.svg)][code_climate]
 [![Translation status](https://weblate.joinmastodon.org/widgets/mastodon/-/svg-badge.svg)][weblate]
 [![Docker Pulls](https://img.shields.io/docker/pulls/tootsuite/mastodon.svg)][docker]
-[releases]: https://github.com/mastodon/mastodon/releases
+[releases]: https://github.com/tootsuite/mastodon/releases
-[crowdin]: https://crowdin.com/project/mastodon
+[circleci]: https://circleci.com/gh/tootsuite/mastodon
 [code_climate]: https://codeclimate.com/github/tootsuite/mastodon
 [weblate]: https://weblate.joinmastodon.org/engage/mastodon/
 [docker]: https://hub.docker.com/r/tootsuite/mastodon/
-Mastodon is a **free, open-source social network server** based on ActivityPub where users can follow friends and discover new ones. On Mastodon, users can publish anything they want: links, pictures, text, and video. All Mastodon servers are interoperable as a federated network (users on one server can seamlessly communicate with users from another one, including non-Mastodon software that implements ActivityPub!)
+Mastodon is a **free, open-source social network server** based on ActivityPub. Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. All servers of Mastodon are interoperable as a federated network, i.e. users on one server can seamlessly communicate with users from another one. This includes non-Mastodon software that also implements ActivityPub!
 Click below to **learn more** in a video:
@ -19,120 +21,72 @@ Click below to **learn more** in a video:
 [youtube_demo]: https://www.youtube.com/watch?v=IPSbNdBmWKE
-## Navigation
+## Navigation 
 - [Project homepage 🐘](https://joinmastodon.org)
 - [Support the development via Patreon][patreon]
 - [View sponsors](https://joinmastodon.org/sponsors)
 - [Blog](https://blog.joinmastodon.org)
 - [Documentation](https://docs.joinmastodon.org)
- [Roadmap](https://joinmastodon.org/roadmap)
+- [Browse Mastodon servers](https://joinmastodon.org/#getting-started)
 - [Official Docker image](https://github.com/mastodon/mastodon/pkgs/container/mastodon)
 - [Browse Mastodon servers](https://joinmastodon.org/communities)
 - [Browse Mastodon apps](https://joinmastodon.org/apps)
 [patreon]: https://www.patreon.com/mastodon
 ## Features
-<img src="/app/javascript/images/elephant_ui_working.svg?raw=true" align="right" width="30%" />
+<img src="https://docs.joinmastodon.org/elephant.svg" align="right" width="30%" />
-### No vendor lock-in: Fully interoperable with any conforming platform
+**No vendor lock-in: Fully interoperable with any conforming platform**
-It doesn't have to be Mastodon; whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
+It doesn't have to be Mastodon, whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
-### Real-time, chronological timeline updates
+**Real-time, chronological timeline updates**
-Updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
+See the updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
-### Media attachments like images and short videos
+**Media attachments like images and short videos**
-Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos loop continuously!
+Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos are looped - like vines!
-### Safety and moderation tools
+**Safety and moderation tools**
-Mastodon includes private posts, locked accounts, phrase filtering, muting, blocking, and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
+Private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
-### OAuth2 and a straightforward REST API
+**OAuth2 and a straightforward REST API**
-Mastodon acts as an OAuth2 provider, so 3rd party apps can use the REST and Streaming APIs. This results in a rich app ecosystem with a lot of choices!
+Mastodon acts as an OAuth2 provider so 3rd party apps can use the REST and Streaming APIs, resulting in a rich app ecosystem with a lot of choice!
 ## Deployment
-### Tech stack
+**Tech stack:**
 - **Ruby on Rails** powers the REST API and other web pages
 - **React.js** and Redux are used for the dynamic parts of the interface
 - **Node.js** powers the streaming API
-### Requirements
+**Requirements:**
 - **PostgreSQL** 9.5+
- **Redis** 4+
+- **Redis**
- **Ruby** 2.7+
+- **Ruby** 2.4+
- **Node.js** 14+
+- **Node.js** 8+
-The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. For Helm charts, reference the [mastodon/chart repository](https://github.com/mastodon/chart). The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
+The repository includes deployment configurations for **Docker and docker-compose**, but also a few specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. The [**stand-alone** installation guide](https://docs.joinmastodon.org/administration/installation/) is available in the documentation.
-## Development
+A **Vagrant** configuration is included for development purposes.
 ### Vagrant
 A **Vagrant** configuration is included for development purposes. To use it, complete the following steps:
 - Install Vagrant and Virtualbox
 - Install the `vagrant-hostsupdater` plugin: `vagrant plugin install vagrant-hostsupdater`
 - Run `vagrant up`
 - Run `vagrant ssh -c "cd /vagrant && foreman start"`
 - Open `http://mastodon.local` in your browser
 ### MacOS
 To set up **MacOS** for native development, complete the following steps:
 - Install the latest stable Ruby version (use a Ruby version manager for easy installation and management of Ruby versions)
 - Run `brew install postgresql@14`
 - Run `brew install redis`
 - Run `brew install imagemagick`
 - Install Foreman or a similar tool (such as [overmind](https://github.com/DarthSim/overmind)) to handle multiple process launching.
 - Navigate to Mastodon's root directory and run `brew install nvm` then `nvm use` to use the version from .nvmrc
 - Run `corepack enable && yarn set version classic`
 - Run `bundle exec rails db:setup` (optionally prepend `RAILS_ENV=development` to target the dev environment)
 - Finally, run `overmind start -f Procfile.dev`
 ### Docker
 For development with **Docker**, complete the following steps:
 - Install Docker Desktop
 - Run `docker compose -f .devcontainer/docker-compose.yml up -d`
 - Run `docker compose -f .devcontainer/docker-compose.yml exec app .devcontainer/post-create.sh`
 - Finally, run `docker compose -f .devcontainer/docker-compose.yml exec app foreman start -f Procfile.dev`
 If you are using an IDE with [support for the Development Container specification](https://containers.dev/supporting), it will run the above `docker compose` commands automatically. For **Visual Studio Code** this requires the [Dev Container extension](https://containers.dev/supporting#dev-containers).
 ### GitHub Codespaces
 To get you coding in just a few minutes, GitHub Codespaces provides a web-based version of Visual Studio Code and a cloud-hosted development environment fully configured with the software needed for this project..
 - Click this button to create a new codespace:<br>
  [![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://github.com/codespaces/new?hide_repo_select=true&ref=main&repo=52281283&devcontainer_path=.devcontainer%2Fcodespaces%2Fdevcontainer.json)
 - Wait for the environment to build. This will take a few minutes.
 - When the editor is ready, run `foreman start -f Procfile.dev` in the terminal.
 - After a few seconds, a popup will appear with a button labeled _Open in Browser_. This will open Mastodon.
 - On the _Ports_ tab, right click on the “stream” row and select _Port visibility_ → _Public_.
 ## Contributing
-Mastodon is **free, open-source software** licensed under **AGPLv3**.
+Mastodon is **free, open source software** licensed under **AGPLv3**.
-You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository or submit translations using Crowdin. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
+You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository, or submit translations using Weblate. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md)
-**IRC channel**: #mastodon on irc.libera.chat
+**IRC channel**: #mastodon on irc.freenode.net
 ## License
-Copyright (C) 2016-2023 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
+Copyright (C) 2016-2018 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
--- a/4
+++ b/4
@ -1,8 +1,6 @@
 # frozen_string_literal: true
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-require File.expand_path('config/application', __dir__)
+require File.expand_path('../config/application', __FILE__)
 Rails.application.load_tasks
--- a/SECURITY.md
+++ b/SECURITY.md
@ -1,20 +0,0 @@
 # Security Policy
 If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can either:
 - open a [Github security issue on the Mastodon project](https://github.com/mastodon/mastodon/security/advisories/new)
 - reach us at <security@joinmastodon.org>
 You should _not_ report such issues on public GitHub issues or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
 ## Scope
 A "vulnerability in Mastodon" is a vulnerability in the code distributed through our main source code repository on GitHub. Vulnerabilities that are specific to a given installation (e.g. misconfiguration) should be reported to the owner of that installation and not us.
 ## Supported Versions
 | Version | Supported |
 | ------- | --------- |
 | 4.2.x   | Yes       |
 | 4.1.x   | Yes       |
 | < 4.1   | No        |
--- a/118
+++ b/118
@ -3,14 +3,16 @@
 ENV["PORT"] ||= "3000"
-$provisionA = <<SCRIPT
+$provision = <<SCRIPT
 cd /vagrant # This is where the host folder/repo is mounted
 # Add the yarn repo + yarn repo keys
 curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 sudo apt-add-repository 'deb https://dl.yarnpkg.com/debian/ stable main'
 # Add repo for NodeJS
-curl -sL https://deb.nodesource.com/setup_16.x | sudo bash -
+curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -
 # Add firewall rule to redirect 80 to PORT and save
 sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port #{ENV["PORT"]}
@ -31,111 +33,61 @@ sudo apt-get install \
  redis-tools \
  postgresql \
  postgresql-contrib \
  protobuf-compiler \
  yarn \
  libicu-dev \
  libidn11-dev \
  libreadline6-dev \
  autoconf \
  bison \
  build-essential \
  ffmpeg \
  file \
  gcc \
  libffi-dev \
  libgdbm-dev \
  libjemalloc-dev \
  libncurses5-dev \
  libprotobuf-dev \
-  libssl-dev \
+  libreadline-dev \
-  libyaml-dev \
+  libpam0g-dev \
  pkg-config \
  protobuf-compiler \
  zlib1g-dev \
  -y
 # Install rvm
-sudo apt-add-repository -y ppa:rael-gc/rvm
+read RUBY_VERSION < .ruby-version
-sudo apt-get install rvm -y
+gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
-
+curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer | bash -s stable --ruby=$RUBY_VERSION
-sudo usermod -a -G rvm $USER
+source /home/vagrant/.rvm/scripts/rvm
 SCRIPT
 $provisionElasticsearch = <<SCRIPT
 # Install Elastic Search
 sudo apt install openjdk-17-jre-headless -y
 sudo wget -O /usr/share/keyrings/elasticsearch.asc https://artifacts.elastic.co/GPG-KEY-elasticsearch
 sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
 sudo apt update
 sudo apt install elasticsearch -y
 sudo systemctl daemon-reload
 sudo systemctl enable --now elasticsearch
 echo 'path.data: /var/lib/elasticsearch
 path.logs: /var/log/elasticsearch
 network.host: 0.0.0.0
 http.port: 9200
 discovery.seed_hosts: ["localhost"]
 cluster.initial_master_nodes: ["node-1"]
 xpack.security.enabled: false' > /etc/elasticsearch/elasticsearch.yml
 sudo systemctl restart elasticsearch
 # Install Kibana
 sudo apt install kibana -y
 sudo systemctl enable --now kibana
 echo 'server.host: "0.0.0.0"
 elasticsearch.hosts: ["http://localhost:9200"]' > /etc/kibana/kibana.yml
 sudo systemctl restart kibana
 SCRIPT
 $provisionB = <<SCRIPT
 source "/etc/profile.d/rvm.sh"
 # Install Ruby
-read RUBY_VERSION < /vagrant/.ruby-version
+rvm reinstall ruby-$RUBY_VERSION --disable-binary
 rvm install ruby-$RUBY_VERSION --disable-binary
 # Configure database
 sudo -u postgres createuser -U postgres vagrant -s
 sudo -u postgres createdb -U postgres mastodon_development
-cd /vagrant # This is where the host folder/repo is mounted
+# Install gems and node modules
 # Install gems
 gem install bundler foreman
 bundle install
 # Install node modules
 sudo corepack enable
 yarn set version classic
 yarn install
 # Build Mastodon
 export RAILS_ENV=development 
 export $(cat ".env.vagrant" | xargs)
 bundle exec rails db:setup
 # Configure automatic loading of environment variable
 echo 'export RAILS_ENV=development' >> ~/.bash_profile
 echo 'export $(cat "/vagrant/.env.vagrant" | xargs)' >> ~/.bash_profile
 SCRIPT
 $start = <<SCRIPT
 echo 'To start server'
 echo '  $ vagrant ssh -c "cd /vagrant && foreman start"'
 SCRIPT
 VAGRANTFILE_API_VERSION = "2"
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-  config.vm.box = "ubuntu/focal64"
+  config.vm.box = "ubuntu/xenial64"
  config.vm.provider :virtualbox do |vb|
    vb.name = "mastodon"
-    vb.customize ["modifyvm", :id, "--memory", "8192"]
+    vb.customize ["modifyvm", :id, "--memory", "2048"]
-    vb.customize ["modifyvm", :id, "--cpus", "3"]
+    # Increase the number of CPUs. Uncomment and adjust to
    # increase performance
    # vb.customize ["modifyvm", :id, "--cpus", "3"]
    # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
    # https://github.com/mitchellh/vagrant/issues/1172
@ -145,6 +97,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
    # Use "virtio" network interfaces for better performance.
    vb.customize ["modifyvm", :id, "--nictype1", "virtio"]
    vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
  end
  # This uses the vagrant-hostsupdater plugin, and lets you
@ -162,7 +115,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  end
  if config.vm.networks.any? { |type, options| type == :private_network }
-    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'actimeo=1']
+    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'actimeo=1']
  else
    config.vm.synced_folder ".", "/vagrant"
  end
@ -171,20 +124,11 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.network :forwarded_port, guest: 3000, host: 3000
  config.vm.network :forwarded_port, guest: 4000, host: 4000
  config.vm.network :forwarded_port, guest: 8080, host: 8080
  config.vm.network :forwarded_port, guest: 9200, host: 9200
  config.vm.network :forwarded_port, guest: 9300, host: 9300
  config.vm.network :forwarded_port, guest: 9243, host: 9243
  config.vm.network :forwarded_port, guest: 5601, host: 5601
  # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
-  config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
+  config.vm.provision :shell, inline: $provision, privileged: false
  # Run with elevated privileges for Elasticsearch installation
  config.vm.provision :shell, inline: $provisionElasticsearch, privileged: true
  config.vm.provision :shell, inline: $provisionB, privileged: false
-  config.vm.post_up_message = <<MESSAGE
+  # Start up script, runs on every 'vagrant up'
-To start server
+  config.vm.provision :shell, inline: $start, run: 'always', privileged: false
  $ vagrant ssh -c "cd /vagrant && foreman start"
 MESSAGE
 end
--- a/app.json
+++ b/app.json
@ -1,8 +1,8 @@
 {
  "name": "Mastodon",
  "description": "A GNU Social-compatible microblogging server",
-  "repository": "https://github.com/mastodon/mastodon",
+  "repository": "https://github.com/tootsuite/mastodon",
-  "logo": "https://github.com/mastodon.png",
+  "logo": "https://github.com/tootsuite.png",
  "env": {
    "HEROKU": {
      "description": "Leave this as true",
@ -13,6 +13,15 @@
      "description": "The domain that your Mastodon instance will run on (this can be appname.herokuapp.com or a custom domain)",
      "required": true
    },
    "LOCAL_HTTPS": {
      "description": "Will your domain support HTTPS? (Automatic for herokuapp, requires manual configuration for custom domains)",
      "value": "false",
      "required": true
    },
    "PAPERCLIP_SECRET": {
      "description": "The secret key for storing media files",
      "generator": "secret"
    },
    "SECRET_KEY_BASE": {
      "description": "The secret key base",
      "generator": "secret"
@ -79,13 +88,8 @@
      "description": "SMTP server certificate verification mode. Defaults is 'peer'.",
      "required": false
    },
    "SMTP_ENABLE_STARTTLS": {
      "description": "Enable STARTTLS? Default is 'auto'.",
      "value": "auto",
      "required": false
    },
    "SMTP_ENABLE_STARTTLS_AUTO": {
-      "description": "Enable STARTTLS if SMTP server supports it? Deprecated by SMTP_ENABLE_STARTTLS.",
+      "description": "Enable STARTTLS if SMTP server supports it? Default is true.",
      "required": false
    }
  },
@ -93,6 +97,9 @@
    {
      "url": "https://github.com/heroku/heroku-buildpack-apt"
    },
    {
      "url": "heroku/nodejs"
    },
    {
      "url": "heroku/ruby"
    }
@ -100,5 +107,8 @@
  "scripts": {
    "postdeploy": "bundle exec rails db:migrate && bundle exec rails db:seed"
  },
-  "addons": ["heroku-postgresql", "heroku-redis"]
+  "addons": [
    "heroku-postgresql",
    "heroku-redis"
  ]
 }
--- a/app/chewy/accounts_index.rb
+++ b/app/chewy/accounts_index.rb
@ -1,70 +0,0 @@
 # frozen_string_literal: true
 class AccountsIndex < Chewy::Index
  include DatetimeClampingConcern
  settings index: index_preset(refresh_interval: '30s'), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
      natural: {
        tokenizer: 'standard',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      verbatim: {
        tokenizer: 'standard',
        filter: %w(lowercase asciifolding cjk_width),
      },
      edge_ngram: {
        tokenizer: 'edge_ngram',
        filter: %w(lowercase asciifolding cjk_width),
      },
    },
    tokenizer: {
      edge_ngram: {
        type: 'edge_ngram',
        min_gram: 1,
        max_gram: 15,
      },
    },
  }
  index_scope ::Account.searchable.includes(:account_stat)
  root date_detection: false do
    field(:id, type: 'long')
    field(:following_count, type: 'long')
    field(:followers_count, type: 'long')
    field(:properties, type: 'keyword', value: ->(account) { account.searchable_properties })
    field(:last_status_at, type: 'date', value: ->(account) { clamp_date(account.last_status_at || account.created_at) })
    field(:display_name, type: 'text', analyzer: 'verbatim') { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
    field(:username, type: 'text', analyzer: 'verbatim', value: ->(account) { [account.username, account.domain].compact.join('@') }) { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
    field(:text, type: 'text', analyzer: 'verbatim', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
  end
 end
--- a/app/chewy/concerns/datetime_clamping_concern.rb
+++ b/app/chewy/concerns/datetime_clamping_concern.rb
@ -1,14 +0,0 @@
 # frozen_string_literal: true
 module DatetimeClampingConcern
  extend ActiveSupport::Concern
  MIN_ISO8601_DATETIME = '0000-01-01T00:00:00Z'.to_datetime.freeze
  MAX_ISO8601_DATETIME = '9999-12-31T23:59:59Z'.to_datetime.freeze
  class_methods do
    def clamp_date(datetime)
      datetime.clamp(MIN_ISO8601_DATETIME, MAX_ISO8601_DATETIME)
    end
  end
 end
--- a/app/chewy/instances_index.rb
+++ b/app/chewy/instances_index.rb
@ -1,12 +0,0 @@
 # frozen_string_literal: true
 class InstancesIndex < Chewy::Index
  settings index: index_preset(refresh_interval: '30s')
  index_scope ::Instance.searchable
  root date_detection: false do
    field :domain, type: 'text', index_prefixes: { min_chars: 1, max_chars: 5 }
    field :accounts_count, type: 'long'
  end
 end
--- a/app/chewy/public_statuses_index.rb
+++ b/app/chewy/public_statuses_index.rb
@ -1,69 +0,0 @@
 # frozen_string_literal: true
 class PublicStatusesIndex < Chewy::Index
  include DatetimeClampingConcern
  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
        tokenizer: 'standard',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
  index_scope ::Status.unscoped
                      .kept
                      .indexable
                      .includes(:media_attachments, :preloadable_poll, :preview_cards, :tags)
  root date_detection: false do
    field(:id, type: 'long')
    field(:account_id, type: 'long')
    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
    field(:tags, type: 'text', analyzer: 'hashtag', value: ->(status) { status.tags.map(&:display_name) })
    field(:language, type: 'keyword')
    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
  end
 end
--- a/app/chewy/statuses_index.rb
+++ b/app/chewy/statuses_index.rb
@ -1,67 +1,61 @@
 # frozen_string_literal: true
 class StatusesIndex < Chewy::Index
-  include DatetimeClampingConcern
+  settings index: { refresh_interval: '15m' }, analysis: {
  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
-        tokenizer: 'standard',
+        tokenizer: 'uax_url_email',
        filter: %w(
          english_possessive_stemmer
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
-  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preview_cards, :local_mentioned, :local_favorited, :local_reblogged, :local_bookmarked, :tags, preloadable_poll: :local_voters), delete_if: ->(status) { status.searchable_by.empty? }
+  define_type ::Status.unscoped.without_reblogs do
    crutch :mentions do |collection|
      data = ::Mention.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
    end
-  root date_detection: false do
+    crutch :favourites do |collection|
-    field(:id, type: 'long')
+      data = ::Favourite.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
-    field(:account_id, type: 'long')
+      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
-    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
+    end
-    field(:tags, type: 'text', analyzer: 'hashtag',  value: ->(status) { status.tags.map(&:display_name) })
+
-    field(:searchable_by, type: 'long', value: ->(status) { status.searchable_by })
+    crutch :reblogs do |collection|
-    field(:language, type: 'keyword')
+      data = ::Status.where(reblog_of_id: collection.map(&:id)).pluck(:reblog_of_id, :account_id)
-    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
+      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
-    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
+    end
    root date_detection: false do
      field :account_id, type: 'long'
      field :text, type: 'text', value: ->(status) { [status.spoiler_text, Formatter.instance.plaintext(status)].join("\n\n") } do
        field :stemmed, type: 'text', analyzer: 'content'
      end
      field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
      field :created_at, type: 'date'
    end
  end
 end
--- a/app/chewy/tags_index.rb
+++ b/app/chewy/tags_index.rb
@ -1,49 +0,0 @@
 # frozen_string_literal: true
 class TagsIndex < Chewy::Index
  include DatetimeClampingConcern
  settings index: index_preset(refresh_interval: '30s'), analysis: {
    analyzer: {
      content: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
      edge_ngram: {
        tokenizer: 'edge_ngram',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
    tokenizer: {
      edge_ngram: {
        type: 'edge_ngram',
        min_gram: 2,
        max_gram: 15,
      },
    },
  }
  index_scope ::Tag.listable
  crutch :time_period do
    7.days.ago.to_date..0.days.ago.to_date
  end
  root date_detection: false do
    field(:name, type: 'text', analyzer: 'content', value: :display_name) { field(:edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content') }
    field(:reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? })
    field(:usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts })
    field(:last_status_at, type: 'date', value: ->(tag) { clamp_date(tag.last_status_at || tag.created_at) })
  end
 end
--- a/app/controllers/about_controller.rb
+++ b/app/controllers/about_controller.rb
@ -1,19 +1,42 @@
 # frozen_string_literal: true
 class AboutController < ApplicationController
-  include WebAppControllerConcern
+  before_action :set_body_classes
-
+  before_action :set_instance_presenter, only: [:show, :more, :terms]
  skip_before_action :require_functional!
  before_action :set_instance_presenter
  def show
-    expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
+    serializable_resource = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(initial_state_params), serializer: InitialStateSerializer)
    @initial_state_json   = serializable_resource.to_json
  end
  def more
    render layout: 'public'
  end
  def terms
    render layout: 'public'
  end
  private
  def new_user
    User.new.tap(&:build_account)
  end
  helper_method :new_user
  def set_instance_presenter
    @instance_presenter = InstancePresenter.new
  end
  def set_body_classes
    @body_classes = 'with-modals'
  end
  def initial_state_params
    {
      settings: { known_fediverse: Setting.show_known_fediverse_at_about_page },
      token: current_session&.token,
    }
  end
 end
--- a/app/controllers/account_follow_controller.rb
+++ b/app/controllers/account_follow_controller.rb
@ -0,0 +1,12 @@
 # frozen_string_literal: true
 class AccountFollowController < ApplicationController
  include AccountControllerConcern
  before_action :authenticate_user!
  def create
    FollowService.new.call(current_user.account, @account.acct)
    redirect_to account_path(@account)
  end
 end
--- a/app/controllers/account_unfollow_controller.rb
+++ b/app/controllers/account_unfollow_controller.rb
@ -0,0 +1,12 @@
 # frozen_string_literal: true
 class AccountUnfollowController < ApplicationController
  include AccountControllerConcern
  before_action :authenticate_user!
  def create
    UnfollowService.new.call(current_user.account, @account)
    redirect_to account_path(@account)
  end
 end
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@ -1,47 +1,62 @@
 # frozen_string_literal: true
 class AccountsController < ApplicationController
-  PAGE_SIZE     = 20
+  PAGE_SIZE = 20
  PAGE_SIZE_MAX = 200
  include AccountControllerConcern
  include SignatureAuthentication
-  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }
+  before_action :set_cache_headers
  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
  skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
  skip_before_action :require_functional!, unless: :limited_federation_mode?
  def show
    respond_to do |format|
      format.html do
-        expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.hour) unless user_signed_in?
+        @body_classes      = 'with-modals'
        @pinned_statuses   = []
        @endorsed_accounts = @account.endorsed_accounts.to_a.sample(4)
-        @rss_url = rss_url
+        if current_account && @account.blocking?(current_account)
          @statuses = []
          return
        end
        @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses?
        @statuses        = filtered_status_page(params)
        @statuses        = cache_collection(@statuses, Status)
        unless @statuses.empty?
          @older_url = older_url if @statuses.last.id > filtered_statuses.last.id
          @newer_url = newer_url if @statuses.first.id < filtered_statuses.first.id
        end
      end
      format.atom do
        @entries = @account.stream_entries.where(hidden: false).with_includes.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id])
        render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, @entries.reject { |entry| entry.status.nil? }))
      end
      format.rss do
-        expires_in 1.minute, public: true
+        @statuses = cache_collection(default_statuses.without_reblogs.without_replies.limit(PAGE_SIZE), Status)
-
+        render xml: RSS::AccountSerializer.render(@account, @statuses)
        limit     = params[:limit].present? ? [params[:limit].to_i, PAGE_SIZE_MAX].min : PAGE_SIZE
        @statuses = filtered_statuses.without_reblogs.limit(limit)
        @statuses = cache_collection(@statuses, Status)
      end
      format.json do
-        expires_in 3.minutes, public: !(authorized_fetch_mode? && signed_request_account.present?)
+        skip_session!
-        render_with_cache json: @account, content_type: 'application/activity+json', serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter
+
        render_cached_json(['activitypub', 'actor', @account], content_type: 'application/activity+json') do
          ActiveModelSerializers::SerializableResource.new(@account, serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter)
        end
      end
    end
  end
  private
  def show_pinned_statuses?
    [replies_requested?, media_requested?, params[:max_id].present?, params[:min_id].present?].none?
  end
  def filtered_statuses
    default_statuses.tap do |statuses|
      statuses.merge!(hashtag_scope)    if tag_requested?
      statuses.merge!(only_media_scope) if media_requested?
      statuses.merge!(no_replies_scope) unless replies_requested?
    end
@ -52,61 +67,53 @@ class AccountsController < ApplicationController
  end
  def only_media_scope
-    Status.joins(:media_attachments).merge(@account.media_attachments.reorder(nil)).group(:id)
+    Status.where(id: account_media_status_ids)
  end
  def account_media_status_ids
    @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
  end
  def no_replies_scope
    Status.without_replies
  end
-  def hashtag_scope
+  def set_account
-    tag = Tag.find_normalized(params[:tag])
+    @account = Account.find_local!(params[:username])
  end
-    if tag
+  def older_url
-      Status.tagged_with(tag.id)
+    ::Rails.logger.info("older: max_id #{@statuses.last.id}, url #{pagination_url(max_id: @statuses.last.id)}")
    pagination_url(max_id: @statuses.last.id)
  end
  def newer_url
    pagination_url(min_id: @statuses.first.id)
  end
  def pagination_url(max_id: nil, min_id: nil)
    if media_requested?
      short_account_media_url(@account, max_id: max_id, min_id: min_id)
    elsif replies_requested?
      short_account_with_replies_url(@account, max_id: max_id, min_id: min_id)
    else
-      Status.none
+      short_account_url(@account, max_id: max_id, min_id: min_id)
    end
  end
  def username_param
    params[:username]
  end
  def skip_temporary_suspension_response?
    request.format == :json
  end
  def rss_url
    if tag_requested?
      short_account_tag_url(@account, params[:tag], format: 'rss')
    else
      short_account_url(@account, format: 'rss')
    end
  end
  def media_requested?
-    request.path.split('.').first.end_with?('/media') && !tag_requested?
+    request.path.ends_with?('/media')
  end
  def replies_requested?
-    request.path.split('.').first.end_with?('/with_replies') && !tag_requested?
+    request.path.ends_with?('/with_replies')
  end
-  def tag_requested?
+  def filtered_status_page(params)
-    request.path.split('.').first.end_with?(Addressable::URI.parse("/tagged/#{params[:tag]}").normalize)
+    if params[:min_id].present?
-  end
+      filtered_statuses.paginate_by_min_id(PAGE_SIZE, params[:min_id]).reverse
-
+    else
-  def cached_filtered_status_page
+      filtered_statuses.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id]).to_a
-    cache_collection_paginated_by_id(
+    end
      filtered_statuses,
      Status,
      PAGE_SIZE,
      params_slice(:max_id, :min_id, :since_id)
    )
  end
  def params_slice(*keys)
    params.slice(*keys).permit(*keys)
  end
 end
--- a/app/controllers/activitypub/base_controller.rb
+++ b/app/controllers/activitypub/base_controller.rb
@ -1,13 +0,0 @@
 # frozen_string_literal: true
 class ActivityPub::BaseController < Api::BaseController
  skip_before_action :require_authenticated_user!
  skip_before_action :require_not_suspended!
  skip_around_action :set_locale
  private
  def skip_temporary_suspension_response?
    false
  end
 end
--- a/app/controllers/activitypub/claims_controller.rb
+++ b/app/controllers/activitypub/claims_controller.rb
@ -1,21 +0,0 @@
 # frozen_string_literal: true
 class ActivityPub::ClaimsController < ActivityPub::BaseController
  include SignatureVerification
  include AccountOwnedConcern
  skip_before_action :authenticate_user!
  before_action :require_account_signature!
  before_action :set_claim_result
  def create
    render json: @claim_result, serializer: ActivityPub::OneTimeKeySerializer
  end
  private
  def set_claim_result
    @claim_result = ::Keys::ClaimService.new.call(@account.id, params[:id])
  end
 end
--- a/app/controllers/activitypub/collections_controller.rb
+++ b/app/controllers/activitypub/collections_controller.rb
@ -1,75 +1,57 @@
 # frozen_string_literal: true
-class ActivityPub::CollectionsController < ActivityPub::BaseController
+class ActivityPub::CollectionsController < Api::BaseController
  include SignatureVerification
  include AccountOwnedConcern
-  vary_by -> { 'Signature' if authorized_fetch_mode? }
+  before_action :set_account
  before_action :require_account_signature!, if: :authorized_fetch_mode?
  before_action :set_items
  before_action :set_size
-  before_action :set_type
+  before_action :set_statuses
  def show
-    expires_in 3.minutes, public: public_fetch_mode?
+    render json: collection_presenter,
-    render_with_cache json: collection_presenter, content_type: 'application/activity+json', serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter
+           serializer: ActivityPub::CollectionSerializer,
           adapter: ActivityPub::Adapter,
           content_type: 'application/activity+json',
           skip_activities: true
  end
  private
-  def set_items
+  def set_account
-    case params[:id]
+    @account = Account.find_local!(params[:account_username])
-    when 'featured'
+  end
-      @items = for_signed_account { cache_collection(@account.pinned_statuses, Status) }
+
-      @items = @items.map { |item| item.distributable? ? item : ActivityPub::TagManager.instance.uri_for(item) }
+  def set_statuses
-    when 'tags'
+    @statuses = scope_for_collection
-      @items = for_signed_account { @account.featured_tags }
+    @statuses = cache_collection(@statuses, Status)
    when 'devices'
      @items = @account.devices
    else
      not_found
    end
  end
  def set_size
    case params[:id]
-    when 'featured', 'devices', 'tags'
+    when 'featured'
-      @size = @items.size
+      @account.pinned_statuses.count
    else
-      not_found
+      raise ActiveRecord::RecordNotFound
    end
  end
-  def set_type
+  def scope_for_collection
    case params[:id]
    when 'featured'
-      @type = :ordered
+      @account.statuses.permitted_for(@account, signed_request_account).tap do |scope|
-    when 'devices', 'tags'
+        scope.merge!(@account.pinned_statuses)
-      @type = :unordered
+      end
    else
-      not_found
+      raise ActiveRecord::RecordNotFound
    end
  end
  def collection_presenter
    ActivityPub::CollectionPresenter.new(
      id: account_collection_url(@account, params[:id]),
-      type: @type,
+      type: :ordered,
      size: @size,
-      items: @items
+      items: @statuses
    )
  end
  def for_signed_account
    # Because in public fetch mode we cache the response, there would be no
    # benefit from performing the check below, since a blocked account or domain
    # would likely be served the cache from the reverse proxy anyway
    if authorized_fetch_mode? && !signed_request_account.nil? && (@account.blocking?(signed_request_account) || (!signed_request_account.domain.nil? && @account.domain_blocking?(signed_request_account.domain)))
      []
    else
      yield
    end
  end
 end
--- a/app/controllers/activitypub/followers_synchronizations_controller.rb
+++ b/app/controllers/activitypub/followers_synchronizations_controller.rb
@ -1,37 +0,0 @@
 # frozen_string_literal: true
 class ActivityPub::FollowersSynchronizationsController < ActivityPub::BaseController
  include SignatureVerification
  include AccountOwnedConcern
  vary_by -> { 'Signature' if authorized_fetch_mode? }
  before_action :require_account_signature!
  before_action :set_items
  def show
    expires_in 0, public: false
    render json: collection_presenter,
           serializer: ActivityPub::CollectionSerializer,
           adapter: ActivityPub::Adapter,
           content_type: 'application/activity+json'
  end
  private
  def uri_prefix
    signed_request_account.uri[Account::URL_PREFIX_RE]
  end
  def set_items
    @items = @account.followers.where(Account.arel_table[:uri].matches("#{Account.sanitize_sql_like(uri_prefix)}/%", false, true)).or(@account.followers.where(uri: uri_prefix)).pluck(:uri)
  end
  def collection_presenter
    ActivityPub::CollectionPresenter.new(
      id: account_followers_synchronization_url(@account),
      type: :ordered,
      items: @items
    )
  end
 end
--- a/app/controllers/activitypub/inboxes_controller.rb
+++ b/app/controllers/activitypub/inboxes_controller.rb
@ -1,76 +1,41 @@
 # frozen_string_literal: true
-class ActivityPub::InboxesController < ActivityPub::BaseController
+class ActivityPub::InboxesController < Api::BaseController
  include SignatureVerification
  include JsonLdHelper
  include AccountOwnedConcern
-  before_action :skip_unknown_actor_activity
+  before_action :set_account
  before_action :require_actor_signature!
  skip_before_action :authenticate_user!
  def create
-    upgrade_account
+    if signed_request_account
-    process_collection_synchronization
+      upgrade_account
-    process_payload
+      process_payload
-    head 202
+      head 202
    else
      render plain: signature_verification_failure_reason, status: 401
    end
  end
  private
-  def skip_unknown_actor_activity
+  def set_account
-    head 202 if unknown_affected_account?
+    @account = Account.find_local!(params[:account_username]) if params[:account_username]
  end
  def unknown_affected_account?
    json = Oj.load(body, mode: :strict)
    json.is_a?(Hash) && %w(Delete Update).include?(json['type']) && json['actor'].present? && json['actor'] == value_or_id(json['object']) && !Account.where(uri: json['actor']).exists?
  rescue Oj::ParseError
    false
  end
  def account_required?
    params[:account_username].present?
  end
  def skip_temporary_suspension_response?
    true
  end
  def body
-    return @body if defined?(@body)
+    @body ||= request.body.read
    @body = request.body.read
    @body.force_encoding('UTF-8') if @body.present?
    request.body.rewind if request.body.respond_to?(:rewind)
    @body
  end
  def upgrade_account
-    if signed_request_account&.ostatus?
+    if signed_request_account.ostatus?
      signed_request_account.update(last_webfingered_at: nil)
      ResolveAccountWorker.perform_async(signed_request_account.acct)
    end
-    DeliveryFailureTracker.reset!(signed_request_actor.inbox_url)
+    Pubsubhubbub::UnsubscribeWorker.perform_async(signed_request_account.id) if signed_request_account.subscribed?
-  end
+    DeliveryFailureTracker.track_inverse_success!(signed_request_account)
  def process_collection_synchronization
    raw_params = request.headers['Collection-Synchronization']
    return if raw_params.blank? || ENV['DISABLE_FOLLOWERS_SYNCHRONIZATION'] == 'true' || signed_request_account.nil?
    # Re-using the syntax for signature parameters
    tree   = SignatureParamsParser.new.parse(raw_params)
    params = SignatureParamsTransformer.new.apply(tree)
    ActivityPub::PrepareFollowersSynchronizationService.new.call(signed_request_account, params)
  rescue Parslet::ParseFailed
    Rails.logger.warn 'Error parsing Collection-Synchronization header'
  end
  def process_payload
-    ActivityPub::ProcessingWorker.perform_async(signed_request_actor.id, body, @account&.id, signed_request_actor.class.name)
+    ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'), @account&.id)
  end
 end
--- a/app/controllers/activitypub/outboxes_controller.rb
+++ b/app/controllers/activitypub/outboxes_controller.rb
@ -1,85 +1,65 @@
 # frozen_string_literal: true
-class ActivityPub::OutboxesController < ActivityPub::BaseController
+class ActivityPub::OutboxesController < Api::BaseController
  LIMIT = 20
  include SignatureVerification
  include AccountOwnedConcern
-  vary_by -> { 'Signature' if authorized_fetch_mode? || page_requested? }
+  before_action :set_account
  before_action :require_account_signature!, if: :authorized_fetch_mode?
  before_action :set_statuses
  def show
    if page_requested?
      expires_in(1.minute, public: public_fetch_mode? && signed_request_account.nil?)
    else
      expires_in(3.minutes, public: public_fetch_mode?)
    end
    render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
  end
  private
  def set_account
    @account = Account.find_local!(params[:account_username])
  end
  def outbox_presenter
    if page_requested?
      ActivityPub::CollectionPresenter.new(
-        id: outbox_url(**page_params),
+        id: account_outbox_url(@account, page_params),
        type: :ordered,
-        part_of: outbox_url,
+        part_of: account_outbox_url(@account),
        prev: prev_page,
        next: next_page,
        items: @statuses
      )
    else
      ActivityPub::CollectionPresenter.new(
-        id: outbox_url,
+        id: account_outbox_url(@account),
        type: :ordered,
        size: @account.statuses_count,
-        first: outbox_url(page: true),
+        first: account_outbox_url(@account, page: true),
-        last: outbox_url(page: true, min_id: 0)
+        last: account_outbox_url(@account, page: true, min_id: 0)
      )
    end
  end
  def outbox_url(**kwargs)
    if params[:account_username].present?
      account_outbox_url(@account, **kwargs)
    else
      instance_actor_outbox_url(**kwargs)
    end
  end
  def next_page
-    outbox_url(page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
+    account_outbox_url(@account, page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
  end
  def prev_page
-    outbox_url(page: true, min_id: @statuses.first.id) unless @statuses.empty?
+    account_outbox_url(@account, page: true, min_id: @statuses.first.id) unless @statuses.empty?
  end
  def set_statuses
    return unless page_requested?
-    @statuses = cache_collection_paginated_by_id(
+    @statuses = @account.statuses.permitted_for(@account, signed_request_account)
-      AccountStatusesFilter.new(@account, signed_request_account).results,
+    @statuses = params[:min_id].present? ? @statuses.paginate_by_min_id(LIMIT, params[:min_id]).reverse : @statuses.paginate_by_max_id(LIMIT, params[:max_id])
-      Status,
+    @statuses = cache_collection(@statuses, Status)
      LIMIT,
      params_slice(:max_id, :min_id, :since_id)
    )
  end
  def page_requested?
-    truthy_param?(:page)
+    params[:page] == 'true'
  end
  def page_params
    { page: true, max_id: params[:max_id], min_id: params[:min_id] }.compact
  end
  def set_account
    @account = params[:account_username].present? ? Account.find_local!(username_param) : Account.representative
  end
 end
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Sebastian Kippe	48822cc0b1	WIP create invites via API	2019-03-09 09:18:53 +07:00
Sebastian Kippe	582b1423c8	Merge tag 'v2.7.0' into kosmos	2019-01-27 10:26:58 +08:00
Sebastian Kippe	1b3bac997d	Fix background style	2018-10-31 23:10:39 +01:00
Sebastian Kippe	c7697ad5f4	Merge tag 'v2.6.1' into kosmos	2018-10-31 22:10:00 +01:00
Sebastian Kippe	ebdf94e346	Revert "Skip incompatible migration entirely" This reverts commit 545eb6385d73efb004dd73535adc5279cd7b7a92.	2018-10-31 22:09:43 +01:00
Sebastian Kippe	545eb6385d	Skip incompatible migration entirely	2018-09-03 21:26:36 +08:00
Sebastian Kippe	18c4e7ecb1	Revert "Prevent upsert operation" This reverts commit 641ecd4677b0c95fdbf83a8b4429c51c39e603aa.	2018-09-03 21:09:01 +08:00
Sebastian Kippe	641ecd4677	Prevent upsert operation Only works in newer postgresql, but also not really necessary because the table is brandnew there.	2018-09-03 20:43:38 +08:00
Sebastian Kippe	35dc6c095a	Merge tag 'v2.5.0' into kosmos	2018-09-03 19:36:47 +08:00
Sebastian Kippe	65beeb044d	Merge tag 'v2.4.5' into kosmos	2018-08-26 16:40:40 +02:00
Sebastian Kippe	8a86cd15cb	Merge tag 'v2.4.4' into kosmos	2018-08-26 16:11:40 +02:00
Eugen Rochko	add3b63a0c	Bump version to 2.4.5	2018-08-24 20:11:40 +02:00
Eugen Rochko	221c8c771f	Prevent ActivityPub movedTo recursion (#8092 ) Fix #8051	2018-08-24 20:11:16 +02:00
ThibG	a16d41e9fb	Fix FixAccountsUniqueIndex migration (#8212 )	2018-08-24 20:10:18 +02:00
ThibG	f6ad5edbaa	Make some migration script more robust (fixes #8007 ) (#8170 ) Include a dummy Account class in the migration script containing only the attributes relevant to the migration in order to not rely as much on the codebase being in sync with the database schema.	2018-08-24 20:09:57 +02:00
Akihiko Odaki	3f4812c583	Fix index detection a migration to revert index change (#8026 )	2018-08-24 20:09:13 +02:00
Eugen Rochko	86792bd309	Upgrade Doorkeeper to 5.0.0 (#8409 ) See doorkeeper-gem/doorkeeper#1137	2018-08-24 20:06:50 +02:00
Eugen Rochko	612d02028c	Bump version to 2.4.4	2018-08-22 20:56:43 +02:00
Eugen Rochko	f100e84372	Improve federated ID validation (#8372 ) * Fix URI not being sufficiently validated with prefetched JSON * Add additional id validation to OStatus documents, when possible	2018-08-22 20:56:26 +02:00
ThibG	31a209cb01	Upgrade doorkeeper to 4.4.2 (#8321 )	2018-08-22 19:31:27 +02:00
Eugen Rochko	13a062a5d9	Upgrade Doorkeeper to 4.4.1 (#8197 )	2018-08-22 19:30:02 +02:00
Sebastian Kippe	e9606628f0	Merge tag 'v2.4.3' into kosmos	2018-07-17 17:30:35 +02:00
Sebastian Kippe	f1cd068781	Merge tag 'v2.4.2' into kosmos	2018-06-22 14:30:48 -07:00
Sebastian Kippe	4b0a895846	Merge tag 'v2.4.1' into kosmos	2018-06-10 19:56:53 +02:00
Sebastian Kippe	d7ffa77545	Fixed background on about page	2018-05-24 20:24:07 +02:00
Sebastian Kippe	3dccf8bab9	Merge tag 'v2.4.0' into kosmos	2018-05-23 11:30:36 +02:00
Sebastian Kippe	818a285769	Merge tag 'v2.3.2' into kosmos	2018-05-08 15:32:18 +02:00
Sebastian Kippe	1fe1cf1cf2	Merge tag 'v2.2.0' into kosmos	2018-01-30 11:34:16 +00:00
Sebastian Kippe	e89ade266a	Merge tag 'v2.1.3' into kosmos	2018-01-13 14:07:04 +00:00
Sebastian Kippe	42cea8a076	Merge tag 'v2.1.2' into kosmos	2018-01-09 19:54:13 +00:00
Sebastian Kippe	9b7b1fbf35	Call our users kosmonauts on about page	2017-12-20 10:45:34 +00:00
Sebastian Kippe	6d1b204b6a	Merge branch 'master' into kosmos	2017-12-20 10:15:42 +00:00
Sebastian Kippe	5091739526	Re-enable custom styles	2017-10-28 23:04:15 +02:00
Sebastian Kippe	63e288ed6f	Merge tag 'v2.0.0' into kosmos	2017-10-28 22:51:56 +02:00
Sebastian Kippe	65d025267c	Merge tag 'v1.6.1' into kosmos	2017-09-19 18:43:12 +02:00
Sebastian Kippe	560a7b602d	Merge branch 'master' into kosmos	2017-09-10 17:12:34 +02:00
Sebastian Kippe	6d1295c0e6	Merge tag 'v1.5.0' into kosmos	2017-08-01 17:30:25 +02:00
Sebastian Kippe	1388d73e0c	Merge tag 'v1.5.0rc3' into kosmos	2017-08-01 12:56:22 +02:00
Sebastian Kippe	3704f3ccb3	Merge tag 'v1.5.0rc2' into kosmos	2017-07-29 10:10:15 +02:00
Sebastian Kippe	0b4a382151	Adjust styles for new frontpage	2017-07-27 11:09:31 +02:00
Sebastian Kippe	ba1b8a5a11	Merge branch 'master' into kosmos	2017-07-27 10:46:36 +02:00
Sebastian Kippe	4c3a7ebcca	Customize styles	2017-06-16 11:17:28 -07:00
`@ -1 +1 @@`
	`LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio:/app/.apt/usr/lib/x86_64-linux-gnu/openblas-pthread`	`LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio`