Bump doorkeeper from 5.6.0 to 5.6.2

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.0 to 5.6.2. - [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases) - [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md) - [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.0...v5.6.2) --- updated-dependencies: - dependency-name: doorkeeper dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
some rewording of signup message
2023-01-14 19:57:06 +00:00 · 2023-01-14 18:28:37 +01:00 · 2023-01-14 18:10:13 +01:00 · 2023-01-14 18:00:30 +01:00 · 2023-01-14 17:56:43 +01:00 · 2023-01-14 17:19:37 +01:00
1091 changed files with 20268 additions and 55196 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -1,8 +1,8 @@
 version: 2.1
 orbs:
-  ruby: circleci/ruby@2.0.0
+  ruby: circleci/ruby@1.4.1
-  node: circleci/node@5.0.3
+  node: circleci/node@5.0.1
 executors:
  default:
@ -19,11 +19,11 @@ executors:
          DB_USER: root
          DISABLE_SIMPLECOV: true
          RAILS_ENV: test
-      - image: cimg/postgres:14.5
+      - image: cimg/postgres:14.0
        environment:
          POSTGRES_USER: root
          POSTGRES_HOST_AUTH_METHOD: trust
-      - image: cimg/redis:7.0
+      - image: cimg/redis:6.2
 commands:
  install-system-dependencies:
@ -45,7 +45,7 @@ commands:
            bundle config without 'development production'
          name: Set bundler settings
      - ruby/install-deps:
-          bundler-version: '2.3.26'
+          bundler-version: '2.3.8'
          key: ruby<< parameters.ruby-version >>-gems-v1
  wait-db:
    steps:
@ -68,9 +68,7 @@ jobs:
          cache-version: v1
          pkg-manager: yarn
      - run:
-          command: |
+          command: ./bin/rails assets:precompile
            export NODE_OPTIONS=--openssl-legacy-provider
            ./bin/rails assets:precompile
          name: Precompile assets
      - persist_to_workspace:
          paths:
@ -221,5 +219,5 @@ workflows:
          pkg-manager: yarn
          requires:
            - build
-          version: '16.18'
+          version: lts
          yarn-run: test:jest
--- a/.deepsource.toml
+++ b/.deepsource.toml
@ -0,0 +1,23 @@
 version = 1
 test_patterns = ["app/javascript/mastodon/**/__tests__/**"]
 exclude_patterns = [
    "db/migrate/**",
    "db/post_migrate/**"
 ]
 [[analyzers]]
 name = "ruby"
 enabled = true
 [[analyzers]]
 name = "javascript"
 enabled = true
  [analyzers.meta]
  environment = [
    "browser",
    "jest",
    "nodejs"
  ]
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -9,7 +9,7 @@ FROM mcr.microsoft.com/vscode/devcontainers/ruby:${VARIANT}
 # The value is a comma-separated list of allowed domains
 ENV RAILS_DEVELOPMENT_HOSTS=".githubpreview.dev"
-# [Choice] Node.js version: lts/*, 18, 16, 14
+# [Choice] Node.js version: lts/*, 16, 14, 12, 10
 ARG NODE_VERSION="lts/*"
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -2,7 +2,7 @@
  "name": "Mastodon",
  "dockerComposeFile": "docker-compose.yml",
  "service": "app",
-  "workspaceFolder": "/mastodon",
+  "workspaceFolder": "/workspaces/mastodon",
  // Set *default* container specific settings.json values on container create.
  "settings": {},
@ -15,18 +15,12 @@
    "webben.browserslist"
  ],
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {
      "version": "latest"
    }
  },
  // Use 'forwardPorts' to make a list of ports inside the container available locally.
  // This can be used to network with other containers or the host.
  "forwardPorts": [3000, 4000],
  // Use 'postCreateCommand' to run commands after the container is created.
-  "postCreateCommand": ".devcontainer/post-create.sh",
+  "postCreateCommand": "bundle install --path vendor/bundle && yarn install && git checkout -- Gemfile.lock && ./bin/rails db:setup",
  // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
  "remoteUser": "vscode"
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@ -11,9 +11,9 @@ services:
        # Use -bullseye variants on local arm64/Apple Silicon.
        VARIANT: '3.0-bullseye'
        # Optional Node.js version to install
-        NODE_VERSION: '16'
+        NODE_VERSION: '14'
    volumes:
-      - ..:/mastodon:cached
+      - ..:/workspaces/mastodon:cached
    environment:
      RAILS_ENV: development
      NODE_ENV: development
--- a/.devcontainer/post-create.sh
+++ b/.devcontainer/post-create.sh
@ -1,21 +0,0 @@
 #!/bin/bash
 set -e # Fail the whole script on first error
 # Fetch Ruby gem dependencies
 bundle install --path vendor/bundle --with='development test'
 # Fetch Javascript dependencies
 yarn install
 # Make Gemfile.lock pristine again
 git checkout -- Gemfile.lock
 # [re]create, migrate, and seed the test database
 RAILS_ENV=test ./bin/rails db:setup
 # Precompile assets for development
 RAILS_ENV=development ./bin/rails assets:precompile
 # Precompile assets for test
 RAILS_ENV=test NODE_ENV=tests ./bin/rails assets:precompile
--- a/.env.production.sample
+++ b/.env.production.sample
@ -54,7 +54,7 @@ VAPID_PUBLIC_KEY=
 # Sending mail
 # ------------
-SMTP_SERVER=
+SMTP_SERVER=smtp.mailgun.org
 SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -1,12 +1,6 @@
 module.exports = {
  root: true,
  extends: [
    'eslint:recommended',
    'plugin:react/recommended',
    'plugin:jsx-a11y/recommended',
  ],
  env: {
    browser: true,
    node: true,
@ -70,8 +64,8 @@ module.exports = {
    eqeqeq: 'error',
    indent: ['warn', 2],
    'jsx-quotes': ['error', 'prefer-single'],
    'no-case-declarations': 'off',
    'no-catch-shadow': 'error',
    'no-cond-assign': 'error',
    'no-console': [
      'warn',
      {
@ -81,14 +75,18 @@ module.exports = {
        ],
      },
    ],
-    'no-empty': 'off',
+    'no-fallthrough': 'error',
    'no-irregular-whitespace': 'error',
    'no-mixed-spaces-and-tabs': 'warn',
    'no-nested-ternary': 'warn',
    'no-restricted-properties': [
      'error',
      { property: 'substring', message: 'Use .slice instead of .substring.' },
      { property: 'substr', message: 'Use .slice instead of .substr.' },
    ],
    'no-self-assign': 'off',
    'no-trailing-spaces': 'warn',
    'no-undef': 'error',
    'no-unreachable': 'error',
    'no-unused-expressions': 'error',
    'no-unused-vars': [
      'error',
@ -98,7 +96,6 @@ module.exports = {
        ignoreRestSiblings: true,
      },
    ],
    'no-useless-escape': 'off',
    'object-curly-spacing': ['error', 'always'],
    'padded-blocks': [
      'error',
@ -108,47 +105,61 @@ module.exports = {
    ],
    quotes: ['error', 'single'],
    semi: 'error',
    strict: 'off',
    'valid-typeof': 'error',
    'react/jsx-boolean-value': 'error',
    'react/jsx-closing-bracket-location': ['error', 'line-aligned'],
    'react/jsx-curly-spacing': 'error',
    'react/display-name': 'off',
    'react/jsx-equals-spacing': 'error',
    'react/jsx-first-prop-new-line': ['error', 'multiline-multiprop'],
    'react/jsx-indent': ['error', 2],
    'react/jsx-no-bind': 'error',
-    'react/jsx-no-target-blank': 'off',
+    'react/jsx-no-duplicate-props': 'error',
    'react/jsx-no-undef': 'error',
    'react/jsx-tag-spacing': 'error',
    'react/jsx-uses-react': 'error',
    'react/jsx-uses-vars': 'error',
    'react/jsx-wrap-multilines': 'error',
-    'react/no-deprecated': 'off',
+    'react/no-multi-comp': 'off',
-    'react/no-unknown-property': 'off',
+    'react/no-string-refs': 'error',
    'react/prop-types': 'error',
    'react/self-closing-comp': 'error',
    // recommended values found in https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/main/src/index.js
    'jsx-a11y/accessible-emoji': 'warn',
-    'jsx-a11y/click-events-have-key-events': 'off',
+    'jsx-a11y/alt-text': 'warn',
-    'jsx-a11y/label-has-associated-control': 'off',
+    'jsx-a11y/anchor-has-content': 'warn',
-    'jsx-a11y/media-has-caption': 'off',
+    'jsx-a11y/anchor-is-valid': [
-    'jsx-a11y/no-autofocus': 'off',
+      'warn',
-    // recommended rule is:
+      {
-    // 'jsx-a11y/no-interactive-element-to-noninteractive-role': [
+        components: [
-    //   'error',
+          'Link',
-    //   {
+          'NavLink',
-    //     tr: ['none', 'presentation'],
+        ],
-    //     canvas: ['img'],
+        specialLink: [
-    //   },
+          'to',
-    // ],
+        ],
-    'jsx-a11y/no-interactive-element-to-noninteractive-role': 'off',
+        aspect: [
-    // recommended rule is:
+          'noHref',
-    // 'jsx-a11y/no-noninteractive-element-interactions': [
+          'invalidHref',
-    //   'error',
+          'preferButton',
-    //   {
+        ],
-    //     body: ['onError', 'onLoad'],
+      },
-    //     iframe: ['onError', 'onLoad'],
+    ],
-    //     img: ['onError', 'onLoad'],
+    'jsx-a11y/aria-activedescendant-has-tabindex': 'warn',
-    //   },
+    'jsx-a11y/aria-props': 'warn',
-    // ],
+    'jsx-a11y/aria-proptypes': 'warn',
    'jsx-a11y/aria-role': 'warn',
    'jsx-a11y/aria-unsupported-elements': 'warn',
    'jsx-a11y/heading-has-content': 'warn',
    'jsx-a11y/html-has-lang': 'warn',
    'jsx-a11y/iframe-has-title': 'warn',
    'jsx-a11y/img-redundant-alt': 'warn',
    'jsx-a11y/interactive-supports-focus': 'warn',
    'jsx-a11y/label-has-for': 'off',
    'jsx-a11y/mouse-events-have-key-events': 'warn',
    'jsx-a11y/no-access-key': 'warn',
    'jsx-a11y/no-distracting-elements': 'warn',
    'jsx-a11y/no-noninteractive-element-interactions': [
      'warn',
      {
@ -157,18 +168,8 @@ module.exports = {
        ],
      },
    ],
    // recommended rule is:
    // 'jsx-a11y/no-noninteractive-tabindex': [
    //   'error',
    //   {
    //     tags: [],
    //     roles: ['tabpanel'],
    //     allowExpressionValues: true,
    //   },
    // ],
    'jsx-a11y/no-noninteractive-tabindex': 'off',
    'jsx-a11y/no-onchange': 'warn',
-    // recommended is full 'error'
+    'jsx-a11y/no-redundant-roles': 'warn',
    'jsx-a11y/no-static-element-interactions': [
      'warn',
      {
@ -177,6 +178,10 @@ module.exports = {
        ],
      },
    ],
    'jsx-a11y/role-has-required-aria-props': 'warn',
    'jsx-a11y/role-supports-aria-props': 'off',
    'jsx-a11y/scope': 'warn',
    'jsx-a11y/tabindex-no-positive': 'warn',
    'import/extensions': [
      'error',
--- a/.github/ISSUE_TEMPLATE/1.bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1.bug_report.yml
@ -1,6 +1,6 @@
 name: Bug Report
 description: If something isn't working as expected
-labels: [bug]
+labels: bug
 body:
  - type: markdown
    attributes:
@ -50,7 +50,7 @@ body:
        Google Chrome 106.0.5249.119
        Firefox 105.0.3
-
+        
        etc...
    validations:
      required: true
--- a/.github/ISSUE_TEMPLATE/2.feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/2.feature_request.yml
@ -1,6 +1,6 @@
 name: Feature Request
 description: I have a suggestion
-labels: [suggestion]
+labels: suggestion
 body:
  - type: markdown
    attributes:
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -2,4 +2,4 @@ blank_issues_enabled: false
 contact_links:
  - name: GitHub Discussions
    url: https://github.com/mastodon/mastodon/discussions
-    about: Please ask and answer questions here.
+    about: Please ask and answer questions here.
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -3,28 +3,28 @@
 # Please see the documentation for all configuration options:
 # https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-# version: 2
+version: 2
-# updates:
+updates:
-#   - package-ecosystem: npm
+  - package-ecosystem: npm
-#     directory: '/'
+    directory: '/'
-#     schedule:
+    schedule:
-#       interval: weekly
+      interval: weekly
-#     open-pull-requests-limit: 99
+    open-pull-requests-limit: 99
-#     allow:
+    allow:
-#       - dependency-type: direct
+      - dependency-type: direct
-# 
+
-#   - package-ecosystem: bundler
+  - package-ecosystem: bundler
-#     directory: '/'
+    directory: '/'
-#     schedule:
+    schedule:
-#       interval: weekly
+      interval: weekly
-#     open-pull-requests-limit: 99
+    open-pull-requests-limit: 99
-#     allow:
+    allow:
-#       - dependency-type: direct
+      - dependency-type: direct
-# 
+
-#   - package-ecosystem: github-actions
+  - package-ecosystem: github-actions
-#     directory: '/'
+    directory: '/'
-#     schedule:
+    schedule:
-#       interval: weekly
+      interval: weekly
-#     open-pull-requests-limit: 99
+    open-pull-requests-limit: 99
-#     allow:
+    allow:
-#       - dependency-type: direct
+      - dependency-type: direct
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@ -12,43 +12,23 @@ on:
      - Dockerfile
 permissions:
  contents: read
  packages: write
 jobs:
  build-image:
    runs-on: ubuntu-latest
    concurrency:
      group: ${{ github.ref }}
      cancel-in-progress: true
    steps:
      - uses: actions/checkout@v3
      - uses: hadolint/hadolint-action@v3.1.0
      - uses: docker/setup-qemu-action@v2
      - uses: docker/setup-buildx-action@v2
-
+      - uses: docker/login-action@v2
      - name: Log in to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
-        if: github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request'
+        if: github.event_name != 'pull_request'
      - name: Log in to the Github Container registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
        if: github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request'
      - uses: docker/metadata-action@v4
        id: meta
        with:
-          images: |
+          images: tootsuite/mastodon
            tootsuite/mastodon
            ghcr.io/mastodon/mastodon
          flavor: |
            latest=auto
          tags: |
@ -56,15 +36,11 @@ jobs:
            type=pep440,pattern={{raw}}
            type=pep440,pattern=v{{major}}.{{minor}}
            type=ref,event=pr
-
+      - uses: docker/build-push-action@v3
      - uses: docker/build-push-action@v4
        with:
          context: .
          platforms: linux/amd64,linux/arm64
-          provenance: false
+          push: ${{ github.event_name != 'pull_request' }}
          builder: ${{ steps.buildx.outputs.name }}
          push: ${{ github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=registry,ref=tootsuite/mastodon:edge
-          cache-from: type=gha
+          cache-to: type=inline
          cache-to: type=gha,mode=max
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@ -25,12 +25,12 @@ jobs:
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
-          ruby-version: .ruby-version
+          ruby-version: '3.0'
          bundler-cache: true
      - name: Check locale file normalization
        run: bundle exec i18n-tasks check-normalized
      - name: Check for unused strings
-        run: bundle exec i18n-tasks unused
+        run: bundle exec i18n-tasks unused -l en
      - name: Check for wrong string interpolations
        run: bundle exec i18n-tasks check-consistent-interpolations
      - name: Check that all required locale files exist
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -1,62 +0,0 @@
 name: 'CodeQL'
 on:
  push:
    branches: ['main']
  pull_request:
    # The branches below must be a subset of the branches above
    branches: ['main']
  schedule:
    - cron: '22 6 * * 1'
 jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: ['javascript', 'ruby']
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v2
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
          # By default, queries listed here will override any specified in a config file.
          # Prefix the list here with "+" to use these queries and those in the config file.
          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
          # queries: security-extended,security-and-quality
      # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
        uses: github/codeql-action/autobuild@v2
      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
      #   If the Autobuild fails above, remove it and uncomment the following three lines.
      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
      # - run: |
      #   echo "Run, Build Application using script"
      #   ./location_of_script_within_repo/buildscript.sh
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/lint-css.yml
+++ b/.github/workflows/lint-css.yml
@ -1,48 +0,0 @@
 name: CSS Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - uses: xt0rted/stylelint-problem-matcher@v1
      - run: echo "::add-matcher::.github/stylelint-matcher.json"
      - name: Stylelint
        run: yarn test:lint:sass
--- a/.github/workflows/lint-js.yml
+++ b/.github/workflows/lint-js.yml
@ -1,40 +0,0 @@
 name: JavaScript Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '.github/workflows/lint-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '.github/workflows/lint-js.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: ESLint
        run: yarn test:lint:js
--- a/.github/workflows/lint-json.yml
+++ b/.github/workflows/lint-json.yml
@ -1,40 +0,0 @@
 name: JSON Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn prettier --check "**/*.json"
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@ -1,41 +0,0 @@
 name: Ruby Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'Gemfile*'
      - '.rubocop.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.rubocop.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: actions/checkout@v3
        with:
          fetch-depth: 0
      - name: Set-up RuboCop Problem Mathcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
      - name: Run rubocop
        uses: github/super-linter@v4
        env:
          DEFAULT_BRANCH: main
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          LINTER_RULES_PATH: .
          RUBY_CONFIG_FILE: .rubocop.yml
          VALIDATE_ALL_CODEBASE: false
          VALIDATE_RUBY: true
--- a/.github/workflows/lint-yml.yml
+++ b/.github/workflows/lint-yml.yml
@ -1,42 +0,0 @@
 name: YML Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn prettier --check "**/*.{yml,yaml}"
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@ -0,0 +1,83 @@
 ---
 #################################
 #################################
 ## Super Linter GitHub Actions ##
 #################################
 #################################
 name: Lint Code Base
 #
 # Documentation:
 # https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
 #
 #############################
 # Start the job on all push #
 #############################
 on:
  push:
    branches-ignore: [main]
    # Remove the line above to run when pushing to master
  pull_request:
    branches: [main]
 ###############
 # Set the Job #
 ###############
 permissions:
  checks: write
  contents: read
  pull-requests: write
  statuses: write
 jobs:
  build:
    # Name the Job
    name: Lint Code Base
    # Set the agent to run on
    runs-on: ubuntu-latest
    ##################
    # Load all steps #
    ##################
    steps:
      ##########################
      # Checkout the code base #
      ##########################
      - name: Checkout Code
        uses: actions/checkout@v3
        with:
          # Full git history is needed to get a proper list of changed files within `super-linter`
          fetch-depth: 0
      - name: Set-up Node.js
        uses: actions/setup-node@v3
        with:
          node-version: 16.x
          cache: yarn
      - name: Install dependencies
        run: yarn install --frozen-lockfile
      - name: Set-up RuboCop Problem Mathcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
      - name: Set-up Stylelint Problem Matcher
        uses: xt0rted/stylelint-problem-matcher@v1
      # https://github.com/xt0rted/stylelint-problem-matcher/issues/360
      - run: echo "::add-matcher::.github/stylelint-matcher.json" 
      ################################
      # Run Linter against code base #
      ################################
      - name: Lint Code Base
        uses: github/super-linter@v4
        env:
          CSS_FILE_NAME: stylelint.config.js
          DEFAULT_BRANCH: main
          NO_COLOR: 1 # https://github.com/xt0rted/stylelint-problem-matcher/issues/360
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          JAVASCRIPT_ES_CONFIG_FILE: .eslintrc.js
          LINTER_RULES_PATH: .
          RUBY_CONFIG_FILE: .rubocop.yml
          VALIDATE_ALL_CODEBASE: false
          VALIDATE_CSS: true
          VALIDATE_JAVASCRIPT_ES: true
          VALIDATE_RUBY: true
--- a/.github/workflows/rebase-needed.yml
+++ b/.github/workflows/rebase-needed.yml
@ -1,17 +0,0 @@
 name: PR Needs Rebase
 on:
  push:
  pull_request_target:
    types: [synchronize]
 jobs:
  label-rebase-needed:
    runs-on: ubuntu-latest
    steps:
      - name: Check for merge conflicts
        uses: eps1lon/actions-label-merge-conflict@releases/2.x
        with:
          dirtyLabel: 'rebase needed :construction:'
          repoToken: '${{ secrets.GITHUB_TOKEN }}'
          commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
--- a/.github/workflows/test-chart.yml
+++ b/.github/workflows/test-chart.yml
@ -0,0 +1,138 @@
 # This is a GitHub workflow defining a set of jobs with a set of steps.
 # ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
 #
 name: Test chart
 on:
  pull_request:
    paths:
      - "chart/**"
      - "!**.md"
      - ".github/workflows/test-chart.yml"
  push:
    paths:
      - "chart/**"
      - "!**.md"
      - ".github/workflows/test-chart.yml"
    branches-ignore:
      - "dependabot/**"
  workflow_dispatch:
 permissions:
  contents: read
 defaults:
  run:
    working-directory: chart
 jobs:
  lint-templates:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-python@v4
        with:
          python-version: "3.x"
      - name: Install dependencies (yamllint)
        run: pip install yamllint
      - run: helm dependency update
      - name: helm lint
        run: |
          helm lint . \
              --values dev-values.yaml
      - name: helm template
        run: |
          helm template . \
              --values dev-values.yaml \
              --output-dir rendered-templates
      - name: yamllint (only on templates we manage)
        run: |
          rm -rf rendered-templates/mastodon/charts
          yamllint rendered-templates \
            --config-data "{rules: {indentation: {spaces: 2}, line-length: disable}}"
  # This job helps us validate that rendered templates are valid k8s resources
  # against a k8s api-server, via "helm template --validate", but also that a
  # basic configuration can be used to successfully startup mastodon.
  #
  test-install:
    runs-on: ubuntu-22.04
    timeout-minutes: 15
    strategy:
      fail-fast: false
      matrix:
        include:
          # k3s-channel reference: https://update.k3s.io/v1-release/channels
          - k3s-channel: latest
          - k3s-channel: stable
          # This represents the oldest configuration we test against.
          #
          # The k8s version chosen is based on the oldest still supported k8s
          # version among two managed k8s services, GKE, EKS.
          # - GKE: https://endoflife.date/google-kubernetes-engine
          # - EKS: https://endoflife.date/amazon-eks
          #
          # The helm client's version can influence what helper functions is
          # available for use in the templates, currently we need v3.6.0 or
          # higher.
          #
          - k3s-channel: v1.21
            helm-version: v3.6.0
    steps:
      - uses: actions/checkout@v3
      # This action starts a k8s cluster with NetworkPolicy enforcement and
      # installs both kubectl and helm.
      #
      # ref: https://github.com/jupyterhub/action-k3s-helm#readme
      #
      - uses: jupyterhub/action-k3s-helm@v3
        with:
          k3s-channel: ${{ matrix.k3s-channel }}
          helm-version: ${{ matrix.helm-version }}
          metrics-enabled: false
          traefik-enabled: false
          docker-enabled: false
      - run: helm dependency update
      # Validate rendered helm templates against the k8s api-server
      - name: helm template --validate
        run: |
          helm template --validate mastodon . \
              --values dev-values.yaml
      - name: helm install
        run: |
          helm install mastodon . \
              --values dev-values.yaml \
              --timeout 10m
      # This actions provides a report about the state of the k8s cluster,
      # providing logs etc on anything that has failed and workloads marked as
      # important.
      #
      # ref: https://github.com/jupyterhub/action-k8s-namespace-report#readme
      #
      - name: Kubernetes namespace report
        uses: jupyterhub/action-k8s-namespace-report@v1
        if: always()
        with:
          important-workloads: >-
            deploy/mastodon-sidekiq
            deploy/mastodon-streaming
            deploy/mastodon-web
            job/mastodon-assets-precompile
            job/mastodon-chewy-upgrade
            job/mastodon-create-admin
            job/mastodon-db-migrate
--- a/.gitignore
+++ b/.gitignore
@ -44,6 +44,12 @@
 /redis
 /elasticsearch
 # ignore Helm charts
 /chart/*.tgz
 # ignore Helm dependency charts
 /chart/charts/*.tgz
 # Ignore Apple files
 .DS_Store
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-16
+14
--- a/.prettierignore
+++ b/.prettierignore
@ -44,6 +44,9 @@
 /redis
 /elasticsearch
 # ignore Helm dependency charts
 /chart/charts/*.tgz
 # Ignore Apple files
 .DS_Store
@ -64,6 +67,9 @@ yarn-debug.log
 # Ignore Docker option files
 docker-compose.override.yml
 # Ignore Helm files
 /chart
 # Ignore emoji map file
 /app/javascript/mastodon/features/emoji/emoji_map.json
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -1,18 +1,12 @@
 require:
  - rubocop-rails
  - rubocop-rspec
  - rubocop-performance
 AllCops:
-  TargetRubyVersion: 2.7
+  TargetRubyVersion: 2.5
-  DisplayCopNames: true
+  NewCops: disable
  DisplayStyleGuide: true
  ExtraDetails: true
  UseCache: true
  CacheRootDirectory: tmp
  NewCops: enable
  Exclude:
-    - db/schema.rb
+    - 'spec/**/*'
    - 'db/**/*'
    - 'app/views/**/*'
    - 'config/**/*'
    - 'bin/*'
@ -73,57 +67,15 @@ Lint/UselessAccessModifier:
    - class_methods
 Metrics/AbcSize:
-  Max: 34 # RuboCop default 17
+  Max: 115
  Exclude:
-    - 'lib/**/*cli*.rb'
+    - 'lib/mastodon/*_cli.rb'
    - db/*migrate/**/*
    - lib/paperclip/color_extractor.rb
    - app/workers/scheduler/follow_recommendations_scheduler.rb
    - app/services/activitypub/fetch*_service.rb
    - lib/paperclip/**/*
  CountRepeatedAttributes: false
  AllowedMethods:
    - update_media_attachments!
    - account_link_to
    - attempt_oembed
    - build_crutches
    - calculate_scores
    - cc
    - dump_actor!
    - filter_from_home?
    - hydrate
    - import_bookmarks!
    - import_relationships!
    - initialize
    - link_to_mention
    - log_target
    - matches_time_window?
    - parse_metadata
    - perform_statuses_search!
    - privatize_media_attachments!
    - process_update
    - publish_media_attachments!
    - remotable_attachment
    - render_initial_state
    - render_with_cache
    - searchable_by
    - self.cached_filters_for
    - set_fetchable_attributes!
    - signed_request_actor
    - statuses_to_delete
    - update_poll!
 Metrics/BlockLength:
  Max: 55
  Exclude:
    - 'lib/tasks/**/*'
    - 'lib/mastodon/*_cli.rb'
  CountComments: false
  CountAsOne: [array, heredoc]
  AllowedMethods:
    - task
    - namespace
    - class_methods
    - included
 Metrics/BlockNesting:
  Max: 3
@ -133,144 +85,34 @@ Metrics/BlockNesting:
 Metrics/ClassLength:
  CountComments: false
  Max: 500
  CountAsOne: [array, heredoc]
  Exclude:
    - 'lib/mastodon/*_cli.rb'
 Metrics/CyclomaticComplexity:
-  Max: 12
+  Max: 25
  Exclude:
-    - lib/mastodon/*cli*.rb
+    - 'lib/mastodon/*_cli.rb'
    - db/*migrate/**/*
  AllowedMethods:
    - attempt_oembed
    - blocked?
    - build_crutches
    - calculate_scores
    - cc
    - discover_endpoint!
    - filter_from_home?
    - hydrate
    - klass
    - link_to_mention
    - log_target
    - matches_time_window?
    - patch_for_forwarding!
    - preprocess_attributes!
    - process_update
    - remotable_attachment
    - scan_text!
    - self.cached_filters_for
    - set_fetchable_attributes!
    - setup_redis_env_url
    - update_media_attachments!
 Layout/LineLength:
  Max: 140 # RuboCop default 120
  AllowHeredoc: true
  AllowURI: true
-  IgnoreCopDirectives: true
+  Enabled: false
  AllowedPatterns:
    # Allow comments to be long lines
    - !ruby/regexp / \# .*$/
    - !ruby/regexp /^\# .*$/
  Exclude:
    - lib/**/*cli*.rb
    - db/*migrate/**/*
    - db/seeds/**/*
 Metrics/MethodLength:
  CountComments: false
-  CountAsOne: [array, heredoc]
+  Max: 65
  Max: 25 # RuboCop default 10
  Exclude:
    - 'lib/mastodon/*_cli.rb'
  AllowedMethods:
    - account_link_to
    - attempt_oembed
    - body_with_limit
    - build_crutches
    - cached_filters_for
    - calculate_scores
    - check_webfinger!
    - clean_feeds!
    - collection_items
    - collection_presenter
    - copy_account_notes!
    - deduplicate_accounts!
    - deduplicate_conversations!
    - deduplicate_local_accounts!
    - deduplicate_statuses!
    - deduplicate_tags!
    - deduplicate_users!
    - discover_endpoint!
    - extract_extra_uris_with_indices
    - extract_hashtags_with_indices
    - extract_mentions_or_lists_with_indices
    - filter_from_home?
    - from_elasticsearch
    - handle_explicit_update!
    - handle_mark_as_sensitive!
    - hsl_to_rgb
    - import_bookmarks!
    - import_domain_blocks!
    - import_relationships!
    - ldap_options
    - matches_time_window?
    - outbox_presenter
    - pam_get_user
    - parallelize_with_progress
    - parse_and_transform
    - patch_for_forwarding!
    - populate_home
    - post_process_style
    - preload_cache_collection_target_statuses
    - privatize_media_attachments!
    - provides_callback_for
    - publish_media_attachments!
    - relevant_account_timestamp
    - remotable_attachment
    - rgb_to_hsl
    - rss_status_content_format
    - set_fetchable_attributes!
    - setup_redis_env_url
    - signed_request_actor
    - to_preview_card_attributes
    - upgrade_storage_filesystem
    - upgrade_storage_s3
    - user_settings_params
    - hydrate
    - cc
    - self_destruct
 Metrics/ModuleLength:
  CountComments: false
  Max: 200
  CountAsOne: [array, heredoc]
 Metrics/ParameterLists:
-  Max: 5 # RuboCop default 5
+  Max: 5
-  CountKeywordArgs: true # RuboCop default true
+  CountKeywordArgs: true
  MaxOptionalParameters: 3 # RuboCop default 3
  Exclude:
    - app/models/concerns/account_interactions.rb
    - app/services/activitypub/fetch_remote_account_service.rb
    - app/services/activitypub/fetch_remote_actor_service.rb
 Metrics/PerceivedComplexity:
-  Max: 16 # RuboCop default 8
+  Max: 25
  AllowedMethods:
    - attempt_oembed
    - build_crutches
    - calculate_scores
    - deduplicate_users!
    - discover_endpoint!
    - filter_from_home?
    - hydrate
    - patch_for_forwarding!
    - process_update
    - remove_orphans
    - update_media_attachments!
 Naming/MemoizedInstanceVariableName:
  Enabled: false
@ -401,10 +243,6 @@ Style/HashTransformKeys:
 Style/HashTransformValues:
  Enabled: false
 Style/HashSyntax:
  Enabled: true
  EnforcedStyle: ruby19_no_mixed_keys
 Style/IfUnlessModifier:
  Enabled: false
@ -425,6 +263,9 @@ Style/PercentLiteralDelimiters:
 Style/PerlBackrefs:
  AutoCorrect: false
 Style/RedundantAssignment:
  Enabled: false
 Style/RedundantFetchBlock:
  Enabled: true
@ -447,7 +288,7 @@ Style/RegexpLiteral:
  Enabled: false
 Style/RescueStandardError:
-  Enabled: true
+  Enabled: false
 Style/SignalException:
  Enabled: false
@ -466,14 +307,3 @@ Style/TrailingCommaInHashLiteral:
 Style/UnpackFirst:
  Enabled: false
 RSpec/ScatteredSetup:
  Enabled: false
 RSpec/ImplicitExpect:
  Enabled: false
 RSpec/NamedSubject:
  Enabled: false
 RSpec/DescribeClass:
  Enabled: false
 RSpec/LetSetup:
  Enabled: false
--- a/.ruby-version
+++ b/.ruby-version
@ -1 +1 @@
-3.0.6
+3.0.4
--- a/22
+++ b/22
@ -1,4 +1,26 @@
 ffmpeg
 libicu[0-9][0-9]
 libicu-dev
 libidn12
 libidn-dev
 libpq-dev
 libxdamage1
 libxfixes3
 zlib1g-dev
 libcairo2
 libcroco3
 libdatrie1
 libgdk-pixbuf2.0-0
 libgraphite2-3
 libharfbuzz0b
 libpango-1.0-0
 libpangocairo-1.0-0
 libpangoft2-1.0-0
 libpixman-1-0
 librsvg2-2
 libthai-data
 libthai0
 libvpx[5-9]
 libxcb-render0
 libxcb-shm0
 libxrender1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,342 +3,6 @@ Changelog
 All notable changes to this project will be documented in this file.
 ## [4.1.4] - 2023-07-07
 ### Fixed
 - Fix branding:generate_app_icons failing because of disallowed ICO coder ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25794))
 - Fix crash in admin interface when viewing a remote user with verified links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25796))
 - Fix processing of media files with unusual names ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25788))
 ## [4.1.3] - 2023-07-06
 ### Added
 - Add fallback redirection when getting a webfinger query `LOCAL_DOMAIN@LOCAL_DOMAIN` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23600))
 ### Changed
 - Change OpenGraph-based embeds to allow fullscreen ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25058))
 - Change AccessTokensVacuum to also delete expired tokens ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24868))
 - Change profile updates to be sent to recently-mentioned servers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24852))
 - Change automatic post deletion thresholds and load detection ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24614))
 - Change `/api/v1/statuses/:id/history` to always return at least one item ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25510))
 - Change auto-linking to allow carets in URL query params ([renchap](https://github.com/mastodon/mastodon/pull/25216))
 ### Removed
 - Remove invalid `X-Frame-Options: ALLOWALL` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25070))
 ### Fixed
 - Fix wrong view being displayed when a webhook fails validation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25464))
 - Fix soft-deleted post cleanup scheduler overwhelming the streaming server ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25519))
 - Fix incorrect pagination headers in `/api/v2/admin/accounts` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25477))
 - Fix multiple inefficiencies in automatic post cleanup worker ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24607), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24785), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24840))
 - Fix performance of streaming by parsing message JSON once ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25278), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25361))
 - Fix CSP headers when `S3_ALIAS_HOST` includes a path component ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25273))
 - Fix `tootctl accounts approve --number N` not approving N earliest registrations ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24605))
 - Fix reports not being closed when performing batch suspensions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24988))
 - Fix being able to vote on your own polls ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25015))
 - Fix race condition when reblogging a status ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25016))
 - Fix “Authorized applications” inefficiently and incorrectly getting last use date ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25060))
 - Fix “Authorized applications” crashing when listing apps with certain admin API scopes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25713))
 - Fix multiple N+1s in ConversationsController ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25134), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25399), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25499))
 - Fix user archive takeouts when using OpenStack Swift ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24431))
 - Fix searching for remote content by URL not working under certain conditions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25637))
 - Fix inefficiencies in indexing content for search ([VyrCossont](https://github.com/mastodon/mastodon/pull/24285), [VyrCossont](https://github.com/mastodon/mastodon/pull/24342))
 ### Security
 - Add finer permission requirements for managing webhooks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25463))
 - Update dependencies
 - Add hardening headers for user-uploaded files ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25756))
 - Fix verified links possibly hiding important parts of the URL (CVE-2023-36462)
 - Fix timeout handling of outbound HTTP requests (CVE-2023-36461)
 - Fix arbitrary file creation through media processing (CVE-2023-36460)
 - Fix possible XSS in preview cards (CVE-2023-36459)
 ## [4.1.2] - 2023-04-04
 ### Fixed
 - Fix crash in `tootctl` commands making use of parallelization when Elasticsearch is enabled ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24182), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24377))
 - Fix crash in `db:setup` when Elasticsearch is enabled ([rrgeorge](https://github.com/mastodon/mastodon/pull/24302))
 - Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24200))
 - Fix invalid/expired invites being processed on sign-up ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24337))
 ### Security
 - Update Ruby to 3.0.6 due to ReDoS vulnerabilities ([saizai](https://github.com/mastodon/mastodon/pull/24334))
 - Fix unescaped user input in LDAP query ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24379))
 ## [4.1.1] - 2023-03-16
 ### Added
 - Add redirection from paths with url-encoded `@` to their decoded form ([thijskh](https://github.com/mastodon/mastodon/pull/23593))
 - Add `lang` attribute to native language names in language picker in Web UI ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23749))
 - Add headers to outgoing mails to avoid auto-replies ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23597))
 - Add support for refreshing many accounts at once with `tootctl accounts refresh` ([9p4](https://github.com/mastodon/mastodon/pull/23304))
 - Add confirmation modal when clicking to edit a post with a non-empty compose form ([PauloVilarinho](https://github.com/mastodon/mastodon/pull/23936))
 - Add support for the HAproxy PROXY protocol through the `PROXY_PROTO_V1` environment variable ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24064))
 - Add `SENDFILE_HEADER` environment variable ([Gargron](https://github.com/mastodon/mastodon/pull/24123))
 - Add cache headers to static files served through Rails ([Gargron](https://github.com/mastodon/mastodon/pull/24120))
 ### Changed
 - Increase contrast of upload progress bar background ([toolmantim](https://github.com/mastodon/mastodon/pull/23836))
 - Change post auto-deletion throttling constants to better scale with server size ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23320))
 - Change order of bookmark and favourite sidebar entries in single-column UI for consistency ([TerryGarcia](https://github.com/mastodon/mastodon/pull/23701))
 - Change `ActivityPub::DeliveryWorker` retries to be spread out more ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21956))
 ### Fixed
 - Fix “Remove all followers from the selected domains” also removing follows and notifications ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23805))
 - Fix streaming metrics format ([emilweth](https://github.com/mastodon/mastodon/pull/23519), [emilweth](https://github.com/mastodon/mastodon/pull/23520))
 - Fix case-sensitive check for previously used hashtags in hashtag autocompletion ([deanveloper](https://github.com/mastodon/mastodon/pull/23526))
 - Fix focus point of already-attached media not saving after edit ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23566))
 - Fix sidebar behavior in settings/admin UI on mobile ([wxt2005](https://github.com/mastodon/mastodon/pull/23764))
 - Fix inefficiency when searching accounts per username in admin interface ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23801))
 - Fix duplicate “Publish” button on mobile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23804))
 - Fix server error when failing to follow back followers from `/relationships` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23787))
 - Fix server error when attempting to display the edit history of a trendable post in the admin interface ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23574))
 - Fix `tootctl accounts migrate` crashing because of a typo ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23567))
 - Fix original account being unfollowed on migration before the follow request to the new account could be sent ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21957))
 - Fix the “Back” button in column headers sometimes leaving Mastodon ([c960657](https://github.com/mastodon/mastodon/pull/23953))
 - Fix pgBouncer resetting application name on every transaction ([Gargron](https://github.com/mastodon/mastodon/pull/23958))
 - Fix unconfirmed accounts being counted as active users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23803))
 - Fix `/api/v1/streaming` sub-paths not being redirected ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23988))
 - Fix drag'n'drop upload area text that spans multiple lines not being centered ([vintprox](https://github.com/mastodon/mastodon/pull/24029))
 - Fix sidekiq jobs not triggering Elasticsearch index updates ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24046))
 - Fix tags being unnecessarily stripped from plain-text short site description ([c960657](https://github.com/mastodon/mastodon/pull/23975))
 - Fix HTML entities not being un-escaped in extracted plain-text from remote posts ([c960657](https://github.com/mastodon/mastodon/pull/24019))
 - Fix dashboard crash on ElasticSearch server error ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23751))
 - Fix incorrect post links in strikes when the account is remote ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23611))
 - Fix misleading error code when receiving invalid WebAuthn credentials ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23568))
 - Fix duplicate mails being sent when the SMTP server is too slow to close the connection ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23750))
 ### Security
 - Change user backups to use expiring URLs for download when possible ([Gargron](https://github.com/mastodon/mastodon/pull/24136))
 - Add warning for object storage misconfiguration ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24137))
 ## [4.1.0] - 2023-02-10
 ### Added
 - **Add support for importing/exporting server-wide domain blocks** ([enbylenore](https://github.com/mastodon/mastodon/pull/20597), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/21471), [dariusk](https://github.com/mastodon/mastodon/pull/22803), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/21470))
 - **Add listing of followed hashtags** ([connorshea](https://github.com/mastodon/mastodon/pull/21773))
 - **Add support for editing media description and focus point of already-sent posts** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20878))
  - Previously, you could add and remove attachments, but not edit media description of already-attached media
  - REST API changes:
    - `PUT /api/v1/statuses/:id` now takes an extra `media_attributes[]` array parameter with the `id` of the updated media and their updated `description`, `focus`, and `thumbnail`
 - **Add follow request banner on account header** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20785))
  - REST API changes:
    - `Relationship` entities have an extra `requested_by` boolean attribute representing whether the represented user has requested to follow you
 - **Add confirmation screen when handling reports** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22375), [Gargron](https://github.com/mastodon/mastodon/pull/23156), [tribela](https://github.com/mastodon/mastodon/pull/23178))
 - Add option to make the landing page be `/about` even when trends are enabled ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20808))
 - Add `noindex` setting back to the admin interface ([prplecake](https://github.com/mastodon/mastodon/pull/22205))
 - Add instance peers API endpoint toggle back to the admin interface ([dariusk](https://github.com/mastodon/mastodon/pull/22810))
 - Add instance activity API endpoint toggle back to the admin interface ([dariusk](https://github.com/mastodon/mastodon/pull/22833))
 - Add setting for status page URL ([Gargron](https://github.com/mastodon/mastodon/pull/23390), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23499))
  - REST API changes:
    - Add `configuration.urls.status` attribute to the object returned by `GET /api/v1/instance`
 - Add `account.approved` webhook ([Saiv46](https://github.com/mastodon/mastodon/pull/22938))
 - Add 12 hours option to polls ([Pleclown](https://github.com/mastodon/mastodon/pull/21131))
 - Add dropdown menu item to open admin interface for remote domains ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21895))
 - Add `--remove-headers`, `--prune-profiles` and `--include-follows` flags to `tootctl media remove` ([evanphilip](https://github.com/mastodon/mastodon/pull/22149))
 - Add `--email` and `--dry-run` options to `tootctl accounts delete` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22328))
 - Add `tootctl accounts migrate` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22330))
 - Add `tootctl accounts prune` ([tribela](https://github.com/mastodon/mastodon/pull/18397))
 - Add `tootctl domains purge` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22063))
 - Add `SIDEKIQ_CONCURRENCY` environment variable ([muffinista](https://github.com/mastodon/mastodon/pull/19589))
 - Add `DB_POOL` environment variable support for streaming server ([Gargron](https://github.com/mastodon/mastodon/pull/23470))
 - Add `MIN_THREADS` environment variable to set minimum Puma threads ([jimeh](https://github.com/mastodon/mastodon/pull/21048))
 - Add explanation text to log-in page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20946))
 - Add user profile OpenGraph tag on post pages ([bramus](https://github.com/mastodon/mastodon/pull/21423))
 - Add maskable icon support for Android ([workeffortwaste](https://github.com/mastodon/mastodon/pull/20904))
 - Add Belarusian to supported languages ([Mixaill](https://github.com/mastodon/mastodon/pull/22022))
 - Add Western Frisian to supported languages ([ykzts](https://github.com/mastodon/mastodon/pull/18602))
 - Add Montenegrin to the language picker ([ayefries](https://github.com/mastodon/mastodon/pull/21013))
 - Add Southern Sami and Lule Sami to the language picker ([Jullan-M](https://github.com/mastodon/mastodon/pull/21262))
 - Add logging for Rails cache timeouts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21667))
 - Add color highlight for active hashtag “follow” button ([MFTabriz](https://github.com/mastodon/mastodon/pull/21629))
 - Add brotli compression to `assets:precompile` ([Izorkin](https://github.com/mastodon/mastodon/pull/19025))
 - Add “disabled” account filter to the `/admin/accounts` UI ([tribela](https://github.com/mastodon/mastodon/pull/21282))
 - Add transparency to modal background for accessibility ([edent](https://github.com/mastodon/mastodon/pull/18081))
 - Add `lang` attribute to image description textarea and poll option field ([c960657](https://github.com/mastodon/mastodon/pull/23293))
 - Add `spellcheck` attribute to Content Warning and poll option input fields ([c960657](https://github.com/mastodon/mastodon/pull/23395))
 - Add `title` attribute to video elements in media attachments ([bramus](https://github.com/mastodon/mastodon/pull/21420))
 - Add left and right margins to emojis ([dsblank](https://github.com/mastodon/mastodon/pull/20464))
 - Add `roles` attribute to `Account` entities in REST API ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23255), [tribela](https://github.com/mastodon/mastodon/pull/23428))
 - Add `reading:autoplay:gifs` to `/api/v1/preferences` ([j-f1](https://github.com/mastodon/mastodon/pull/22706))
 - Add `hide_collections` parameter to `/api/v1/accounts/credentials` ([CarlSchwan](https://github.com/mastodon/mastodon/pull/22790))
 - Add `policy` attribute to web push subscription objects in REST API at `/api/v1/push/subscriptions` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23210))
 - Add metrics endpoint to streaming API ([Gargron](https://github.com/mastodon/mastodon/pull/23388), [Gargron](https://github.com/mastodon/mastodon/pull/23469))
 - Add more specific error messages to HTTP signature verification ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21617))
 - Add Storj DCS to cloud object storage options in the `mastodon:setup` rake task ([jtolio](https://github.com/mastodon/mastodon/pull/21929))
 - Add checkmark symbol in the checkbox for sensitive media ([sidp](https://github.com/mastodon/mastodon/pull/22795))
 - Add missing accessibility attributes to logout link in modals ([kytta](https://github.com/mastodon/mastodon/pull/22549))
 - Add missing accessibility attributes to “Hide image” button in `MediaGallery` ([hs4man21](https://github.com/mastodon/mastodon/pull/22513))
 - Add missing accessibility attributes to hide content warning field when disabled ([hs4man21](https://github.com/mastodon/mastodon/pull/22568))
 - Add `aria-hidden` to footer circle dividers to improve accessibility ([hs4man21](https://github.com/mastodon/mastodon/pull/22576))
 - Add `lang` attribute to compose form inputs ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23240))
 ### Changed
 - **Ensure exact match is the first result in hashtag searches** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21315))
 - Change account search to return followed accounts first ([dariusk](https://github.com/mastodon/mastodon/pull/22956))
 - Change batch account suspension to create a strike ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20897))
 - Change default reply language to match the default language when replying to a translated post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22272))
 - Change misleading wording about waitlists ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20850))
 - Increase width of the unread notification border ([connorshea](https://github.com/mastodon/mastodon/pull/21692))
 - Change new post notification button on profiles to make it more apparent when it is enabled ([tribela](https://github.com/mastodon/mastodon/pull/22541))
 - Change trending tags admin interface to always show batch action controls ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23013))
 - Change wording of some OAuth scope descriptions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22491))
 - Change wording of admin report handling actions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18388))
 - Change confirm prompts for relationships management ([tribela](https://github.com/mastodon/mastodon/pull/19411))
 - Change language surrounding disability in prompts for media descriptions ([hs4man21](https://github.com/mastodon/mastodon/pull/20923))
 - Change confusing wording in the sign in banner ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22490))
 - Change `POST /settings/applications/:id` to regenerate token on scopes change ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23359))
 - Change account moderation notes to make links clickable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22553))
 - Change link previews for statuses to never use avatar as fallback ([Gargron](https://github.com/mastodon/mastodon/pull/23376))
 - Change email address input to be read-only for logged-in users when requesting a new confirmation e-mail ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23247))
 - Change notifications per page from 15 to 40 in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/23348))
 - Change number of stored items in home feed from 400 to 800 ([Gargron](https://github.com/mastodon/mastodon/pull/23349))
 - Change API rate limits from 300/5min per user to 1500/5min per user, 300/5min per app ([Gargron](https://github.com/mastodon/mastodon/pull/23347))
 - Save avatar or header correctly even if the other one fails ([tribela](https://github.com/mastodon/mastodon/pull/18465))
 - Change `referrer-policy` to `same-origin` application-wide ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23014), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23037))
 - Add 'private' to `Cache-Control`, match Rails expectations ([daxtens](https://github.com/mastodon/mastodon/pull/20608))
 - Make the button that expands the compose form differentiable from the button that publishes a post ([Tak](https://github.com/mastodon/mastodon/pull/20864))
 - Change automatic post deletion configuration to be accessible to moved users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20774))
 - Make tag following idempotent ([trwnh](https://github.com/mastodon/mastodon/pull/20860), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/21285))
 - Use buildx functions for faster builds ([inductor](https://github.com/mastodon/mastodon/pull/20692))
 - Split off Dockerfile components for faster builds ([moritzheiber](https://github.com/mastodon/mastodon/pull/20933), [ineffyble](https://github.com/mastodon/mastodon/pull/20948), [BtbN](https://github.com/mastodon/mastodon/pull/21028))
 - Change last occurrence of “silence” to “limit” in UI text ([cincodenada](https://github.com/mastodon/mastodon/pull/20637))
 - Change “hide toot” to “hide post” ([seanthegeek](https://github.com/mastodon/mastodon/pull/22385))
 - Don't allow URLs that contain non-normalized paths to be verified ([dgl](https://github.com/mastodon/mastodon/pull/20999))
 - Change the “Trending now” header to be a link to the Explore page ([connorshea](https://github.com/mastodon/mastodon/pull/21759))
 - Change PostgreSQL connection timeout from 2 minutes to 15 seconds ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21790))
 - Make handle more easily selectable on profile page ([cadars](https://github.com/mastodon/mastodon/pull/21479))
 - Allow admins to refresh remotely-suspended accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22327))
 - Change dropdown menu to contain “Copy link to post” even for non-public posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21316))
 - Allow adding relays in secure mode and limited federation mode ([ineffyble](https://github.com/mastodon/mastodon/pull/22324))
 - Change timestamps to be displayed using the user's timezone throughout the moderation interface ([FrancisMurillo](https://github.com/mastodon/mastodon/pull/21878), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/22555))
 - Change CSP directives on API to be tight and concise ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20960))
 - Change web UI to not autofocus the compose form ([raboof](https://github.com/mastodon/mastodon/pull/16517), [Akkiesoft](https://github.com/mastodon/mastodon/pull/23094))
 - Change idempotency key handling for posting when database access is slow ([lambda](https://github.com/mastodon/mastodon/pull/21840))
 - Change remote media files to be downloaded outside of transactions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21796))
 - Improve contrast of charts in “poll has ended” notifications ([j-f1](https://github.com/mastodon/mastodon/pull/22575))
 - Change OEmbed detection and validation to be somewhat more lenient ([ineffyble](https://github.com/mastodon/mastodon/pull/22533))
 - Widen ElasticSearch version detection to not display a warning for OpenSearch ([VyrCossont](https://github.com/mastodon/mastodon/pull/22422), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23064))
 - Change link verification to allow pages larger than 1MB as long as the link is in the first 1MB ([untitaker](https://github.com/mastodon/mastodon/pull/22879))
 - Update default Node.js version to Node.js 16 ([ineffyble](https://github.com/mastodon/mastodon/pull/22223), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/22342))
 ### Removed
 - Officially remove support for Ruby 2.6 ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21477))
 - Remove `object-fit` polyfill used for old versions of Microsoft Edge ([shuuji3](https://github.com/mastodon/mastodon/pull/22693))
 - Remove `intersection-observer` polyfill for old Safari support ([shuuji3](https://github.com/mastodon/mastodon/pull/23284))
 - Remove empty `title` tag from mailer layout ([nametoolong](https://github.com/mastodon/mastodon/pull/23078))
 - Remove post count and last posts from ActivityPub representation of hashtag collections ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23460))
 ### Fixed
 - **Fix changing domain block severity not undoing individual account effects** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22135))
 - Fix suspension worker crashing on S3-compatible setups without ACL support ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22487))
 - Fix possible race conditions when suspending/unsuspending accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22363))
 - Fix being stuck in edit mode when deleting the edited posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22126))
 - Fix attached media uploads not being cleared when replying to a post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23504))
 - Fix filters not being applied to some notification types ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23211))
 - Fix incorrect link in push notifications for some event types ([elizabeth-dev](https://github.com/mastodon/mastodon/pull/23286))
 - Fix some performance issues with `/admin/instances` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21907))
 - Fix some pre-4.0 admin audit logs ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22091))
 - Fix moderation audit log items for warnings having incorrect links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23242))
 - Fix account activation being sometimes triggered before email confirmation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23245))
 - Fix missing OAuth scopes for admin APIs ([trwnh](https://github.com/mastodon/mastodon/pull/20918), [trwnh](https://github.com/mastodon/mastodon/pull/20979))
 - Fix voter count not being cleared when a poll is reset ([afontenot](https://github.com/mastodon/mastodon/pull/21700))
 - Fix attachments of edited posts not being fetched ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21565))
 - Fix irreversible and whole_word parameters handling in `/api/v1/filters` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21988))
 - Fix 500 error when marking posts as sensitive while some of them are deleted ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22134))
 - Fix expanded posts not always being scrolled into view ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21797))
 - Fix not being able to scroll the remote interaction modal on small screens ([xendke](https://github.com/mastodon/mastodon/pull/21763))
 - Fix not being able to scroll in post history modal ([cadars](https://github.com/mastodon/mastodon/pull/23396))
 - Fix audio player volume control on Safari ([minacle](https://github.com/mastodon/mastodon/pull/23187))
 - Fix disappearing “Explore” tabs on Safari ([nyura](https://github.com/mastodon/mastodon/pull/20917), [ykzts](https://github.com/mastodon/mastodon/pull/20982))
 - Fix wrong padding in RTL layout ([Gargron](https://github.com/mastodon/mastodon/pull/23157))
 - Fix drag & drop upload area display in single-column mode ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23217))
 - Fix being unable to get a single EmailDomainBlock from the admin API ([trwnh](https://github.com/mastodon/mastodon/pull/20846))
 - Fix admin-set follow recommandations being case-sensitive ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23500))
 - Fix unserialized `role` on account entities in admin API ([Gargron](https://github.com/mastodon/mastodon/pull/23290))
 - Fix pagination of followed tags ([trwnh](https://github.com/mastodon/mastodon/pull/20861))
 - Fix dropdown menu positions when scrolling ([sidp](https://github.com/mastodon/mastodon/pull/22916), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23062))
 - Fix email with empty domain name labels passing validation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23246))
 - Fix mysterious registration failure when “Require a reason to join” is set with open registrations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22127))
 - Fix attachment rendering of edited posts in OpenGraph ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22270))
 - Fix invalid/empty RSS feed link on account pages ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20772))
 - Fix error in `VerifyLinkService` when processing links with no href ([joshuap](https://github.com/mastodon/mastodon/pull/20741))
 - Fix error in `VerifyLinkService` when processing links with invalid URLs ([untitaker](https://github.com/mastodon/mastodon/pull/23204))
 - Fix media uploads with FFmpeg 5 ([dead10ck](https://github.com/mastodon/mastodon/pull/21191))
 - Fix sensitive flag not being set when replying to a post with a content warning under certain conditions ([kedamaDQ](https://github.com/mastodon/mastodon/pull/21724))
 - Fix misleading message briefly showing up when loading follow requests under some conditions ([c960657](https://github.com/mastodon/mastodon/pull/23386))
 - Fix “Share @:user's profile” profile menu item not working ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21490))
 - Fix crash and incorrect behavior in `tootctl domains crawl` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/19004))
 - Fix autoplay on iOS ([jamesadney](https://github.com/mastodon/mastodon/pull/21422))
 - Fix user clean-up scheduler crash when an unconfirmed account has a moderation note ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23318))
 - Fix spaces not being stripped in admin account search ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21324))
 - Fix spaces not being stripped when adding relays ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22655))
 - Fix infinite loading spinner instead of soft 404 for non-existing remote accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21303))
 - Fix minor visual issue with the top border of verified account fields ([j-f1](https://github.com/mastodon/mastodon/pull/22006))
 - Fix pending account approval and rejection not being recorded in the admin audit log ([FrancisMurillo](https://github.com/mastodon/mastodon/pull/22088))
 - Fix “Sign up” button with closed registrations not opening modal on mobile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22060))
 - Fix UI header overflowing on mobile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21783))
 - Fix 500 error when trying to migrate to an invalid address ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21462))
 - Fix crash when trying to fetch unobtainable avatar of user using external authentication ([lochiiconnectivity](https://github.com/mastodon/mastodon/pull/22462))
 - Fix processing error on incoming malformed JSON-LD under some situations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23416))
 - Fix potential duplicate posts in Explore tab ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22121))
 - Fix deprecation warning in `tootctl accounts rotate` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22120))
 - Fix styling of featured tags in light theme ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23252))
 - Fix missing style in warning and strike cards ([AtelierSnek](https://github.com/mastodon/mastodon/pull/22177), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/22302))
 - Fix wasteful request to `/api/v1/custom_emojis` when not logged in ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22326))
 - Fix replies sometimes being delivered to user-blocked domains ([tribela](https://github.com/mastodon/mastodon/pull/22117))
 - Fix admin dashboard crash when using some ElasticSearch replacements ([cortices](https://github.com/mastodon/mastodon/pull/21006))
 - Fix profile avatar being slightly offset into left border ([RiedleroD](https://github.com/mastodon/mastodon/pull/20994))
 - Fix N+1 queries in `NotificationsController` ([nametoolong](https://github.com/mastodon/mastodon/pull/21202))
 - Fix being unable to react to announcements with the keycap number sign emoji ([kescherCode](https://github.com/mastodon/mastodon/pull/22231))
 - Fix height computation of post embeds ([hodgesmr](https://github.com/mastodon/mastodon/pull/22141))
 - Fix accessibility issue of the search bar due to hidden placeholder ([alexstine](https://github.com/mastodon/mastodon/pull/21275))
 - Fix layout change handler not being removed due to a typo ([nschonni](https://github.com/mastodon/mastodon/pull/21829))
 - Fix typo in the default `S3_HOSTNAME` used in the `mastodon:setup` rake task ([danp](https://github.com/mastodon/mastodon/pull/19932))
 - Fix the top action bar appearing in the multi-column layout ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20943))
 - Fix inability to use local LibreTranslate without setting `ALLOWED_PRIVATE_ADDRESSES` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21926))
 - Fix punycoded local domains not being prettified in initial state ([Tritlo](https://github.com/mastodon/mastodon/pull/21440))
 - Fix CSP violation warning by removing inline CSS from SVG logo ([luxiaba](https://github.com/mastodon/mastodon/pull/20814))
 - Fix margin for search field on medium window size ([minacle](https://github.com/mastodon/mastodon/pull/21606))
 - Fix search popout scrolling with the page in single-column mode ([rgroothuijsen](https://github.com/mastodon/mastodon/pull/16463))
 - Fix minor post cache hydration discrepancy ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/19879))
 - Fix `・` detection in hashtags ([parthoghosh24](https://github.com/mastodon/mastodon/pull/22888))
 - Fix hashtag follows bypassing user blocks ([tribela](https://github.com/mastodon/mastodon/pull/22849))
 - Fix moved accounts being incorrectly redirected to account settings when trying to view a remote profile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22497))
 - Fix site upload validations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22479))
 - Fix “Add new domain block” button using last submitted search value instead of the current one ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22485))
 - Fix misleading hashtag warning when posting with “Followers only” or “Mentioned people only” visibility ([n0toose](https://github.com/mastodon/mastodon/pull/22827))
 - Fix embedded posts with videos grabbing focus ([Akkiesoft](https://github.com/mastodon/mastodon/pull/22778))
 - Fix `$` not being escaped in `.env.production` files generated by the `mastodon:setup` rake task ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23012), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23072))
 - Fix sanitizer parsing link text as HTML when stripping unsupported links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22558))
 - Fix `scheduled_at` input not using `datetime-local` when editing announcements ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21896))
 - Fix REST API serializer for `Account` not including `moved` when the moved account has itself moved ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22483))
 - Fix `/api/v1/admin/trends/tags` using wrong serializer ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18943))
 - Fix situations in which instance actor can be set to a Mastodon-incompatible name ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22307))
 ### Security
 - Add `form-action` CSP directive ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20781), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/20958), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/20962))
 - Fix unbounded recursion in account discovery ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22025))
 - Revoke all authorized applications on password reset ([FrancisMurillo](https://github.com/mastodon/mastodon/pull/21325))
 - Fix unbounded recursion in post discovery ([ClearlyClaire,nametoolong](https://github.com/mastodon/mastodon/pull/23506))
 ## [4.0.2] - 2022-11-15
 ### Fixed
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@ -40,7 +40,7 @@ Project maintainers who do not follow or enforce the Code of Conduct in good fai
 ## Attribution
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [https://contributor-covenant.org/version/1/4][version]
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
-[homepage]: https://contributor-covenant.org
+[homepage]: http://contributor-covenant.org
-[version]: https://contributor-covenant.org/version/1/4/
+[version]: http://contributor-covenant.org/version/1/4/
--- a/168
+++ b/168
@ -1,99 +1,121 @@
-# syntax=docker/dockerfile:1.4
+FROM ubuntu:20.04 as build-dep
 # This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
 ARG NODE_VERSION="16.18.1-bullseye-slim"
-FROM ghcr.io/moritzheiber/ruby-jemalloc:3.0.6-slim as ruby
+# Use bash for the shell
-FROM node:${NODE_VERSION} as build
+SHELL ["/bin/bash", "-c"]
 RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
-COPY --link --from=ruby /opt/ruby /opt/ruby
+# Install Node v16 (LTS)
 ENV NODE_VER="16.17.1"
 RUN ARCH= && \
    dpkgArch="$(dpkg --print-architecture)" && \
  case "${dpkgArch##*-}" in \
    amd64) ARCH='x64';; \
    ppc64el) ARCH='ppc64le';; \
    s390x) ARCH='s390x';; \
    arm64) ARCH='arm64';; \
    armhf) ARCH='armv7l';; \
    i386) ARCH='x86';; \
    *) echo "unsupported architecture"; exit 1 ;; \
  esac && \
    echo "Etc/UTC" > /etc/localtime && \
 	apt-get update && \
 	apt-get install -y --no-install-recommends ca-certificates wget python3 apt-utils && \
 	cd ~ && \
 	wget -q https://nodejs.org/download/release/v$NODE_VER/node-v$NODE_VER-linux-$ARCH.tar.gz && \
 	tar xf node-v$NODE_VER-linux-$ARCH.tar.gz && \
 	rm node-v$NODE_VER-linux-$ARCH.tar.gz && \
 	mv node-v$NODE_VER-linux-$ARCH /opt/node
-ENV DEBIAN_FRONTEND="noninteractive" \
+# Install Ruby 3.0
-    PATH="${PATH}:/opt/ruby/bin"
+ENV RUBY_VER="3.0.4"
 RUN apt-get update && \
  apt-get install -y --no-install-recommends build-essential \
    bison libyaml-dev libgdbm-dev libreadline-dev libjemalloc-dev \
 		libncurses5-dev libffi-dev zlib1g-dev libssl-dev && \
 	cd ~ && \
 	wget https://cache.ruby-lang.org/pub/ruby/${RUBY_VER%.*}/ruby-$RUBY_VER.tar.gz && \
 	tar xf ruby-$RUBY_VER.tar.gz && \
 	cd ruby-$RUBY_VER && \
 	./configure --prefix=/opt/ruby \
 	  --with-jemalloc \
 	  --with-shared \
 	  --disable-install-doc && \
 	make -j"$(nproc)" > /dev/null && \
 	make install && \
 	rm -rf ../ruby-$RUBY_VER.tar.gz ../ruby-$RUBY_VER
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin"
 RUN npm install -g npm@latest && \
 	npm install -g yarn && \
 	gem install bundler && \
 	apt-get update && \
 	apt-get install -y --no-install-recommends git libicu-dev libidn11-dev \
 	libpq-dev shared-mime-info
 WORKDIR /opt/mastodon
 COPY Gemfile* package.json yarn.lock /opt/mastodon/
-# hadolint ignore=DL3008
+RUN cd /opt/mastodon && \
-RUN apt-get update && \
+  bundle config set --local deployment 'true' && \
-    apt-get install -y --no-install-recommends build-essential \
+  bundle config set --local without 'development test' && \
-        ca-certificates \
+  bundle config set silence_root_warning true && \
-        git \
+	bundle install -j"$(nproc)" && \
-        libicu-dev \
+	yarn install --pure-lockfile
        libidn11-dev \
        libpq-dev \
        libjemalloc-dev \
        zlib1g-dev \
        libgdbm-dev \
        libgmp-dev \
        libssl-dev \
        libyaml-0-2 \
        ca-certificates \
        libreadline8 \
        python3 \
        shared-mime-info && \
    bundle config set --local deployment 'true' && \
    bundle config set --local without 'development test' && \
    bundle config set silence_root_warning true && \
    bundle install -j"$(nproc)" && \
    yarn install --pure-lockfile --network-timeout 600000
-FROM node:${NODE_VERSION}
+FROM ubuntu:20.04
-ARG UID="991"
+# Copy over all the langs needed for runtime
-ARG GID="991"
+COPY --from=build-dep /opt/node /opt/node
 COPY --from=build-dep /opt/ruby /opt/ruby
-COPY --link --from=ruby /opt/ruby /opt/ruby
+# Add more PATHs to the PATH
 ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin:/opt/mastodon/bin"
 # Create the mastodon user
 ARG UID=991
 ARG GID=991
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 ENV DEBIAN_FRONTEND="noninteractive" \
    PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
 # Ignoreing these here since we don't want to pin any versions and the Debian image removes apt-get content after use
 # hadolint ignore=DL3008,DL3009
 RUN apt-get update && \
-    echo "Etc/UTC" > /etc/localtime && \
+	echo "Etc/UTC" > /etc/localtime && \
-    groupadd -g "${GID}" mastodon && \
+	apt-get install -y --no-install-recommends whois wget && \
-    useradd -l -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \
+	addgroup --gid $GID mastodon && \
-    apt-get -y --no-install-recommends install whois \
+	useradd -m -u $UID -g $GID -d /opt/mastodon mastodon && \
-        wget \
+	echo "mastodon:$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24 | mkpasswd -s -m sha-256)" | chpasswd && \
-        procps \
+	rm -rf /var/lib/apt/lists/*
        libssl1.1 \
        libpq5 \
        imagemagick \
        ffmpeg \
        libjemalloc2 \
        libicu67 \
        libidn11 \
        libyaml-0-2 \
        file \
        ca-certificates \
        tzdata \
        libreadline8 \
        tini && \
    ln -s /opt/mastodon /mastodon
-# Note: no, cleaning here since Debian does this automatically
+# Install mastodon runtime deps
-# See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
+RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
 RUN apt-get update && \
  apt-get -y --no-install-recommends install \
 	  libssl1.1 libpq5 imagemagick ffmpeg libjemalloc2 \
 	  libicu66 libidn11 libyaml-0-2 \
 	  file ca-certificates tzdata libreadline8 gcc tini apt-utils && \
 	ln -s /opt/mastodon /mastodon && \
 	gem install bundler && \
 	rm -rf /var/cache && \
 	rm -rf /var/lib/apt/lists/*
 # Copy over mastodon source, and dependencies from building, and set permissions
 COPY --chown=mastodon:mastodon . /opt/mastodon
-COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
+COPY --from=build-dep --chown=mastodon:mastodon /opt/mastodon /opt/mastodon
-ENV RAILS_ENV="production" \
+# Run mastodon services in prod mode
-    NODE_ENV="production" \
+ENV RAILS_ENV="production"
-    RAILS_SERVE_STATIC_FILES="true" \
+ENV NODE_ENV="production"
-    BIND="0.0.0.0"
+
 # Tell rails to serve static files
 ENV RAILS_SERVE_STATIC_FILES="true"
 ENV BIND="0.0.0.0"
 # Set the run user
 USER mastodon
 WORKDIR /opt/mastodon
 # Precompile assets
-RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \
+RUN cd ~ && \
-    yarn cache clean
+	OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \
 	yarn cache clean
 # Set the work dir and the container entry point
 WORKDIR /opt/mastodon
 ENTRYPOINT ["/usr/bin/tini", "--"]
 EXPOSE 3000 4000
--- a/53
+++ b/53
@ -1,32 +1,32 @@
 # frozen_string_literal: true
 source 'https://rubygems.org'
-ruby '>= 2.7.0', '< 3.1.0'
+ruby '>= 2.6.0', '< 3.1.0'
-gem 'pkg-config', '~> 1.5'
+gem 'pkg-config', '~> 1.4'
 gem 'rexml', '~> 3.2'
 gem 'puma', '~> 5.6'
 gem 'rails', '~> 6.1.7'
 gem 'sprockets', '~> 3.7.2'
 gem 'thor', '~> 1.2'
-gem 'rack', '~> 2.2.6'
+gem 'rack', '~> 2.2.4'
 gem 'hamlit-rails', '~> 0.2'
 gem 'pg', '~> 1.4'
 gem 'makara', '~> 0.5'
-gem 'pghero'
+gem 'pghero', '~> 2.8'
 gem 'dotenv-rails', '~> 2.8'
-gem 'aws-sdk-s3', '~> 1.119', require: false
+gem 'aws-sdk-s3', '~> 1.114', require: false
-gem 'fog-core', '<= 2.4.0'
+gem 'fog-core', '<= 2.1.0'
 gem 'fog-openstack', '~> 0.3', require: false
 gem 'kt-paperclip', '~> 7.1'
 gem 'blurhash', '~> 0.1'
 gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.8'
-gem 'bootsnap', '~> 1.16.0', require: false
+gem 'bootsnap', '~> 1.13.0', require: false
 gem 'browser'
 gem 'charlock_holmes', '~> 0.7.7'
 gem 'chewy', '~> 7.2'
@ -40,7 +40,7 @@ end
 gem 'net-ldap', '~> 0.17'
 gem 'omniauth-cas', '~> 2.0'
 gem 'omniauth-saml', '~> 1.10'
-gem 'gitlab-omniauth-openid-connect', '~>0.10.1', require: 'omniauth_openid_connect'
+gem 'gitlab-omniauth-openid-connect', '~>0.10.0', require: 'omniauth_openid_connect'
 gem 'omniauth', '~> 1.9'
 gem 'omniauth-rails_csrf_protection', '~> 0.1'
@ -51,43 +51,42 @@ gem 'ed25519', '~> 1.3'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'hiredis', '~> 0.6'
-gem 'redis-namespace', '~> 1.10'
+gem 'redis-namespace', '~> 1.9'
 gem 'htmlentities', '~> 4.3'
 gem 'http', '~> 5.1'
 gem 'http_accept_language', '~> 2.1'
-gem 'httplog', '~> 1.6.2'
+gem 'httplog', '~> 1.6.0'
 gem 'idn-ruby', require: 'idn'
 gem 'kaminari', '~> 1.2'
 gem 'link_header', '~> 0.0'
 gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar'
-gem 'nokogiri', '~> 1.14'
+gem 'nokogiri', '~> 1.13'
 gem 'nsa', '~> 0.2'
 gem 'oj', '~> 3.13'
 gem 'ox', '~> 2.14'
 gem 'parslet'
 gem 'posix-spawn'
-gem 'public_suffix', '~> 5.0'
+gem 'pundit', '~> 2.2'
 gem 'pundit', '~> 2.3'
 gem 'premailer-rails'
 gem 'rack-attack', '~> 6.6'
 gem 'rack-cors', '~> 1.1', require: 'rack/cors'
 gem 'rails-i18n', '~> 6.0'
 gem 'rails-settings-cached', '~> 0.6'
-gem 'redcarpet', '~> 3.6'
+gem 'redcarpet', '~> 3.5'
 gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 2.1'
 gem 'ruby-progressbar', '~> 1.11'
 gem 'sanitize', '~> 6.0'
-gem 'scenic', '~> 1.7'
+gem 'scenic', '~> 1.6'
 gem 'sidekiq', '~> 6.5'
 gem 'sidekiq-scheduler', '~> 4.0'
 gem 'sidekiq-unique-jobs', '~> 7.1'
 gem 'sidekiq-bulk', '~> 0.2.0'
 gem 'simple-navigation', '~> 4.4'
-gem 'simple_form', '~> 5.2'
+gem 'simple_form', '~> 5.1'
 gem 'sprockets-rails', '~> 3.4', require: 'sprockets/railtie'
-gem 'stoplight', '~> 3.0.1'
+gem 'stoplight', '~> 3.0.0'
 gem 'strong_migrations', '~> 0.7'
 gem 'tty-prompt', '~> 0.23', require: false
 gem 'twitter-text', '~> 3.1.0'
@ -107,10 +106,6 @@ group :development, :test do
  gem 'pry-byebug', '~> 3.10'
  gem 'pry-rails', '~> 0.3'
  gem 'rspec-rails', '~> 5.1'
  gem 'rubocop-performance', require: false
  gem 'rubocop-rails', require: false
  gem 'rubocop-rspec', require: false
  gem 'rubocop', require: false
 end
 group :production, :test do
@ -118,16 +113,16 @@ group :production, :test do
 end
 group :test do
-  gem 'capybara', '~> 3.38'
+  gem 'capybara', '~> 3.37'
  gem 'climate_control', '~> 0.2'
-  gem 'faker', '~> 3.1'
+  gem 'faker', '~> 2.23'
-  gem 'json-schema', '~> 3.0'
+  gem 'microformats', '~> 4.4'
  gem 'rack-test', '~> 2.0'  
  gem 'rails-controller-testing', '~> 1.0'
  gem 'rspec_junit_formatter', '~> 0.6'
  gem 'rspec-sidekiq', '~> 3.1'
-  gem 'simplecov', '~> 0.22', require: false
+  gem 'simplecov', '~> 0.21', require: false
  gem 'webmock', '~> 3.18'
  gem 'rspec_junit_formatter', '~> 0.6'
  gem 'rack-test', '~> 2.0'
 end
 group :development do
@ -139,7 +134,9 @@ group :development do
  gem 'letter_opener', '~> 1.8'
  gem 'letter_opener_web', '~> 2.0'
  gem 'memory_profiler'
-  gem 'brakeman', '~> 5.4', require: false
+  gem 'rubocop', '~> 1.30', require: false
  gem 'rubocop-rails', '~> 2.15', require: false
  gem 'brakeman', '~> 5.3', require: false
  gem 'bundler-audit', '~> 0.9', require: false
  gem 'capistrano', '~> 3.17'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -10,40 +10,40 @@ GIT
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (6.1.7.4)
+    actioncable (6.1.7)
-      actionpack (= 6.1.7.4)
+      actionpack (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.7.4)
+    actionmailbox (6.1.7)
-      actionpack (= 6.1.7.4)
+      actionpack (= 6.1.7)
-      activejob (= 6.1.7.4)
+      activejob (= 6.1.7)
-      activerecord (= 6.1.7.4)
+      activerecord (= 6.1.7)
-      activestorage (= 6.1.7.4)
+      activestorage (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      mail (>= 2.7.1)
-    actionmailer (6.1.7.4)
+    actionmailer (6.1.7)
-      actionpack (= 6.1.7.4)
+      actionpack (= 6.1.7)
-      actionview (= 6.1.7.4)
+      actionview (= 6.1.7)
-      activejob (= 6.1.7.4)
+      activejob (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      mail (~> 2.5, >= 2.5.4)
      rails-dom-testing (~> 2.0)
-    actionpack (6.1.7.4)
+    actionpack (6.1.7)
-      actionview (= 6.1.7.4)
+      actionview (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      rack (~> 2.0, >= 2.0.9)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.7.4)
+    actiontext (6.1.7)
-      actionpack (= 6.1.7.4)
+      actionpack (= 6.1.7)
-      activerecord (= 6.1.7.4)
+      activerecord (= 6.1.7)
-      activestorage (= 6.1.7.4)
+      activestorage (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      nokogiri (>= 1.8.5)
-    actionview (6.1.7.4)
+    actionview (6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      builder (~> 3.1)
      erubi (~> 1.4)
      rails-dom-testing (~> 2.0)
@ -54,22 +54,22 @@ GEM
      case_transform (>= 0.2)
      jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
    active_record_query_trace (1.8)
-    activejob (6.1.7.4)
+    activejob (6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      globalid (>= 0.3.6)
-    activemodel (6.1.7.4)
+    activemodel (6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
-    activerecord (6.1.7.4)
+    activerecord (6.1.7)
-      activemodel (= 6.1.7.4)
+      activemodel (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
-    activestorage (6.1.7.4)
+    activestorage (6.1.7)
-      actionpack (= 6.1.7.4)
+      actionpack (= 6.1.7)
-      activejob (= 6.1.7.4)
+      activejob (= 6.1.7)
-      activerecord (= 6.1.7.4)
+      activerecord (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      marcel (~> 1.0)
      mini_mime (>= 1.1.0)
-    activesupport (6.1.7.4)
+    activesupport (6.1.7)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
@ -90,20 +90,20 @@ GEM
    attr_required (1.0.1)
    awrence (1.2.1)
    aws-eventstream (1.2.0)
-    aws-partitions (1.701.0)
+    aws-partitions (1.587.0)
-    aws-sdk-core (3.170.0)
+    aws-sdk-core (3.130.2)
      aws-eventstream (~> 1, >= 1.0.2)
-      aws-partitions (~> 1, >= 1.651.0)
+      aws-partitions (~> 1, >= 1.525.0)
      aws-sigv4 (~> 1.5)
      jmespath (~> 1, >= 1.6.1)
    aws-sdk-kms (1.62.0)
      aws-sdk-core (~> 3, >= 3.165.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.119.0)
+      jmespath (~> 1.0)
-      aws-sdk-core (~> 3, >= 3.165.0)
+    aws-sdk-kms (1.56.0)
      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
    aws-sdk-s3 (1.114.0)
      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sdk-kms (~> 1)
      aws-sigv4 (~> 1.4)
-    aws-sigv4 (1.5.2)
+    aws-sigv4 (1.5.0)
      aws-eventstream (~> 1, >= 1.0.2)
    bcrypt (3.1.17)
    better_errors (2.9.1)
@ -117,19 +117,20 @@ GEM
      erubi (~> 1.4)
      parser (>= 2.4)
      smart_properties
-    bindata (2.4.14)
+    bindata (2.4.10)
    binding_of_caller (1.0.0)
      debug_inspector (>= 0.0.1)
-    blurhash (0.1.7)
+    blurhash (0.1.6)
-    bootsnap (1.16.0)
+      ffi (~> 1.14)
    bootsnap (1.13.0)
      msgpack (~> 1.2)
-    brakeman (5.4.0)
+    brakeman (5.3.1)
    browser (4.2.0)
-    brpoplpush-redis_script (0.1.3)
+    brpoplpush-redis_script (0.1.2)
      concurrent-ruby (~> 1.0, >= 1.0.5)
-      redis (>= 1.0, < 6)
+      redis (>= 1.0, <= 5.0)
    builder (3.2.4)
-    bullet (7.0.7)
+    bullet (7.0.3)
      activesupport (>= 3.0.0)
      uniform_notifier (~> 1.11)
    bundler-audit (0.9.1)
@ -151,7 +152,7 @@ GEM
      sshkit (~> 1.3)
    capistrano-yarn (2.0.2)
      capistrano (~> 3.0)
-    capybara (3.38.0)
+    capybara (3.37.1)
      addressable
      matrix
      mini_mime (>= 0.1.3)
@ -173,7 +174,7 @@ GEM
    cocoon (1.2.15)
    coderay (1.1.3)
    color_diff (0.1)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.1.10)
    connection_pool (2.3.0)
    cose (1.2.1)
      cbor (~> 0.5.9)
@ -181,9 +182,8 @@ GEM
    crack (0.4.5)
      rexml
    crass (1.0.6)
-    css_parser (1.12.0)
+    css_parser (1.7.1)
      addressable
    date (3.3.3)
    debug_inspector (1.0.0)
    devise (4.8.1)
      bcrypt (~> 3.0)
@ -203,10 +203,10 @@ GEM
    diff-lcs (1.5.0)
    discard (1.2.1)
      activerecord (>= 4.2, < 8)
-    docile (1.4.0)
+    docile (1.3.4)
    domain_name (0.5.20190701)
      unf (>= 0.0.5, < 1.0.0)
-    doorkeeper (5.6.6)
+    doorkeeper (5.6.2)
      railties (>= 5)
    dotenv (2.8.1)
    dotenv-rails (2.8.1)
@ -226,9 +226,9 @@ GEM
    erubi (1.12.0)
    et-orbi (1.2.7)
      tzinfo
-    excon (0.95.0)
+    excon (0.76.0)
    fabrication (2.30.0)
-    faker (3.1.1)
+    faker (2.23.0)
      i18n (>= 1.8.11, < 2)
    faraday (1.9.3)
      faraday-em_http (~> 1.0)
@ -271,18 +271,18 @@ GEM
      fog-core (>= 1.45, <= 2.1.0)
      fog-json (>= 1.0)
      ipaddress (>= 0.8)
-    formatador (0.3.0)
+    formatador (0.2.5)
    fugit (1.7.1)
      et-orbi (~> 1, >= 1.2.7)
      raabro (~> 1.4)
    fuubar (2.5.1)
      rspec-core (~> 3.0)
      ruby-progressbar (~> 1.4)
-    gitlab-omniauth-openid-connect (0.10.1)
+    gitlab-omniauth-openid-connect (0.10.0)
      addressable (~> 2.7)
      omniauth (>= 1.9, < 3)
      openid_connect (~> 1.2)
-    globalid (1.1.0)
+    globalid (1.0.0)
      activesupport (>= 5.0)
    hamlit (2.13.0)
      temple (>= 0.8.2)
@ -299,7 +299,7 @@ GEM
    hiredis (0.6.3)
    hkdf (0.3.0)
    htmlentities (4.3.4)
-    http (5.1.1)
+    http (5.1.0)
      addressable (~> 2.8)
      http-cookie (~> 1.0)
      http-form_data (~> 2.2)
@ -309,7 +309,7 @@ GEM
    http-form_data (2.3.0)
    http_accept_language (2.1.1)
    httpclient (2.8.3)
-    httplog (1.6.2)
+    httplog (1.6.0)
      rack (>= 2.0)
      rainbow (>= 2.0.0)
    i18n (1.12.0)
@ -325,16 +325,15 @@ GEM
      rails-i18n
      rainbow (>= 2.2.2, < 4.0)
      terminal-table (>= 1.5.1)
-    idn-ruby (0.1.5)
+    idn-ruby (0.1.4)
    ipaddress (0.8.3)
-    jmespath (1.6.2)
+    jmespath (1.6.1)
-    json (2.6.3)
+    json (2.6.2)
    json-canonicalization (0.3.0)
-    json-jwt (1.15.3)
+    json-jwt (1.13.0)
      activesupport (>= 4.2)
      aes_key_wrap
      bindata
      httpclient
    json-ld (3.2.3)
      htmlentities (~> 4.3)
      json-canonicalization (~> 0.3)
@ -342,13 +341,11 @@ GEM
      multi_json (~> 1.15)
      rack (~> 2.2)
      rdf (~> 3.2, >= 3.2.9)
-    json-ld-preloaded (3.2.2)
+    json-ld-preloaded (3.2.0)
      json-ld (~> 3.2)
      rdf (~> 3.2)
    json-schema (3.0.0)
      addressable (>= 2.8)
    jsonapi-renderer (0.2.2)
-    jwt (2.5.0)
+    jwt (2.4.1)
    kaminari (1.2.2)
      activesupport (>= 4.1.0)
      kaminari-actionview (= 1.2.2)
@ -388,43 +385,34 @@ GEM
    loofah (2.19.1)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
-    mail (2.8.1)
+    mail (2.7.1)
      mini_mime (>= 0.1.1)
      net-imap
      net-pop
      net-smtp
    makara (0.5.1)
      activerecord (>= 5.2.0)
    marcel (1.0.2)
    mario-redis-lock (1.2.1)
      redis (>= 3.0.5)
    matrix (0.4.2)
-    memory_profiler (1.0.1)
+    memory_profiler (1.0.0)
    method_source (1.0.0)
    microformats (4.4.1)
      json (~> 2.2)
      nokogiri (~> 1.10)
    mime-types (3.4.1)
      mime-types-data (~> 3.2015)
    mime-types-data (3.2022.0105)
    mini_mime (1.1.2)
-    mini_portile2 (2.8.2)
+    mini_portile2 (2.8.1)
    minitest (5.17.0)
-    msgpack (1.6.0)
+    msgpack (1.5.4)
    multi_json (1.15.0)
    multipart-post (2.1.1)
    net-imap (0.3.6)
      date
      net-protocol
    net-ldap (0.17.1)
    net-pop (0.1.2)
      net-protocol
    net-protocol (0.2.1)
      timeout
    net-scp (4.0.0.rc1)
      net-ssh (>= 2.6.5, < 8.0.0)
    net-smtp (0.3.3)
      net-protocol
    net-ssh (7.0.1)
-    nio4r (2.5.9)
+    nio4r (2.5.8)
-    nokogiri (1.14.5)
+    nokogiri (1.13.9)
      mini_portile2 (~> 2.8.0)
      racc (~> 1.4)
    nsa (0.2.8)
@ -432,7 +420,7 @@ GEM
      concurrent-ruby (~> 1.0, >= 1.0.2)
      sidekiq (>= 3.5)
      statsd-ruby (~> 1.4, >= 1.4.0)
-    oj (3.13.23)
+    oj (3.13.21)
    omniauth (1.9.2)
      hashie (>= 3.4.6)
      rack (>= 1.6.2, < 3)
@ -446,40 +434,38 @@ GEM
    omniauth-saml (1.10.3)
      omniauth (~> 1.3, >= 1.3.2)
      ruby-saml (~> 1.9)
-    openid_connect (1.4.2)
+    openid_connect (1.3.0)
      activemodel
      attr_required (>= 1.0.0)
-      json-jwt (>= 1.15.0)
+      json-jwt (>= 1.5.0)
-      net-smtp
+      rack-oauth2 (>= 1.6.1)
-      rack-oauth2 (~> 1.21)
+      swd (>= 1.0.0)
      swd (~> 1.3)
      tzinfo
      validate_email
      validate_url
-      webfinger (~> 1.2)
+      webfinger (>= 1.0.1)
    openssl (3.0.0)
    openssl-signature_algorithm (1.2.1)
      openssl (> 2.0, < 3.1)
    orm_adapter (0.5.0)
-    ox (2.14.14)
+    ox (2.14.11)
    parallel (1.22.1)
-    parser (3.2.0.0)
+    parser (3.1.2.1)
      ast (~> 2.4.1)
    parslet (2.0.0)
    pastel (0.8.0)
      tty-color (~> 0.5)
-    pg (1.4.5)
+    pg (1.4.3)
-    pghero (3.1.0)
+    pghero (2.8.3)
-      activerecord (>= 6)
+      activerecord (>= 5)
-    pkg-config (1.5.1)
+    pkg-config (1.4.9)
    posix-spawn (0.3.15)
-    premailer (1.18.0)
+    premailer (1.14.2)
      addressable
-      css_parser (>= 1.12.0)
+      css_parser (>= 1.6.0)
      htmlentities (>= 4.0.0)
-    premailer-rails (1.12.0)
+    premailer-rails (1.11.1)
      actionmailer (>= 3)
      net-smtp
      premailer (~> 1.7, >= 1.7.9)
    private_address_check (0.5.0)
    pry (0.14.1)
@ -490,42 +476,42 @@ GEM
      pry (>= 0.13, < 0.15)
    pry-rails (0.3.9)
      pry (>= 0.10.4)
-    public_suffix (5.0.1)
+    public_suffix (5.0.0)
    puma (5.6.5)
      nio4r (~> 2.0)
-    pundit (2.3.0)
+    pundit (2.2.0)
      activesupport (>= 3.0.0)
    raabro (1.4.0)
    racc (1.6.2)
-    rack (2.2.7)
+    rack (2.2.4)
    rack-attack (6.6.1)
      rack (>= 1.0, < 3)
    rack-cors (1.1.1)
      rack (>= 2.0.0)
-    rack-oauth2 (1.21.3)
+    rack-oauth2 (1.19.0)
      activesupport
      attr_required
      httpclient
      json-jwt (>= 1.11.0)
      rack (>= 2.1.0)
-    rack-proxy (0.7.6)
+    rack-proxy (0.7.0)
      rack
    rack-test (2.0.2)
      rack (>= 1.3)
-    rails (6.1.7.4)
+    rails (6.1.7)
-      actioncable (= 6.1.7.4)
+      actioncable (= 6.1.7)
-      actionmailbox (= 6.1.7.4)
+      actionmailbox (= 6.1.7)
-      actionmailer (= 6.1.7.4)
+      actionmailer (= 6.1.7)
-      actionpack (= 6.1.7.4)
+      actionpack (= 6.1.7)
-      actiontext (= 6.1.7.4)
+      actiontext (= 6.1.7)
-      actionview (= 6.1.7.4)
+      actionview (= 6.1.7)
-      activejob (= 6.1.7.4)
+      activejob (= 6.1.7)
-      activemodel (= 6.1.7.4)
+      activemodel (= 6.1.7)
-      activerecord (= 6.1.7.4)
+      activerecord (= 6.1.7)
-      activestorage (= 6.1.7.4)
+      activestorage (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      bundler (>= 1.15.0)
-      railties (= 6.1.7.4)
+      railties (= 6.1.7)
      sprockets-rails (>= 2.0.0)
    rails-controller-testing (1.0.5)
      actionpack (>= 5.0.1.rc1)
@ -534,16 +520,16 @@ GEM
    rails-dom-testing (2.0.3)
      activesupport (>= 4.2.0)
      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.5.0)
+    rails-html-sanitizer (1.4.4)
      loofah (~> 2.19, >= 2.19.1)
    rails-i18n (6.0.0)
      i18n (>= 0.7, < 2)
      railties (>= 6.0.0, < 7)
    rails-settings-cached (0.6.6)
      rails (>= 4.2.0)
-    railties (6.1.7.4)
+    railties (6.1.7)
-      actionpack (= 6.1.7.4)
+      actionpack (= 6.1.7)
-      activesupport (= 6.1.7.4)
+      activesupport (= 6.1.7)
      method_source
      rake (>= 12.2)
      thor (~> 1.0)
@ -552,15 +538,13 @@ GEM
    random_name_generator (2.0.1)
    rdf (3.2.9)
      link_header (~> 0.0, >= 0.0.8)
-    rdf-normalize (0.5.1)
+    rdf-normalize (0.5.0)
      rdf (~> 3.2)
-    redcarpet (3.6.0)
+    redcarpet (3.5.1)
    redis (4.5.1)
-    redis-namespace (1.10.0)
+    redis-namespace (1.9.0)
      redis (>= 4)
-    redlock (1.3.2)
+    regexp_parser (2.5.0)
      redis (>= 3.0.0, < 6.0)
    regexp_parser (2.6.2)
    request_store (1.5.1)
      rack (>= 1.4)
    responders (3.0.1)
@ -595,30 +579,21 @@ GEM
    rspec-support (3.11.1)
    rspec_junit_formatter (0.6.0)
      rspec-core (>= 2, < 4, != 2.12.0)
-    rubocop (1.44.1)
+    rubocop (1.30.1)
      json (~> 2.3)
      parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.1.0.0)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 1.8, < 3.0)
      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.24.1, < 2.0)
+      rubocop-ast (>= 1.18.0, < 2.0)
      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 3.0)
+      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.24.1)
+    rubocop-ast (1.18.0)
      parser (>= 3.1.1.0)
-    rubocop-capybara (2.17.0)
+    rubocop-rails (2.15.0)
      rubocop (~> 1.41)
    rubocop-performance (1.16.0)
      rubocop (>= 1.7.0, < 2.0)
      rubocop-ast (>= 0.4.0)
    rubocop-rails (2.17.4)
      activesupport (>= 4.2.0)
      rack (>= 1.1)
-      rubocop (>= 1.33.0, < 2.0)
+      rubocop (>= 1.7.0, < 2.0)
    rubocop-rspec (2.18.1)
      rubocop (~> 1.33)
      rubocop-capybara (~> 2.17)
    ruby-progressbar (1.11.0)
    ruby-saml (1.13.0)
      nokogiri (>= 1.10.5)
@ -628,15 +603,15 @@ GEM
      fugit (~> 1.1, >= 1.1.6)
    safety_net_attestation (0.4.0)
      jwt (~> 2.0)
-    sanitize (6.0.2)
+    sanitize (6.0.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
-    scenic (1.7.0)
+    scenic (1.6.0)
      activerecord (>= 4.0.0)
      railties (>= 4.0.0)
    semantic_range (3.0.0)
-    sidekiq (6.5.8)
+    sidekiq (6.5.7)
-      connection_pool (>= 2.2.5, < 3)
+      connection_pool (>= 2.2.5)
      rack (~> 2.0)
      redis (>= 4.5.0, < 5)
    sidekiq-bulk (0.2.0)
@ -646,23 +621,22 @@ GEM
      rufus-scheduler (~> 3.2)
      sidekiq (>= 4, < 7)
      tilt (>= 1.4.0)
-    sidekiq-unique-jobs (7.1.29)
+    sidekiq-unique-jobs (7.1.27)
      brpoplpush-redis_script (> 0.1.1, <= 2.0.0)
      concurrent-ruby (~> 1.0, >= 1.0.5)
-      redis (< 5.0)
+      sidekiq (>= 5.0, < 8.0)
      sidekiq (>= 5.0, < 7.0)
      thor (>= 0.20, < 3.0)
    simple-navigation (4.4.0)
      activesupport (>= 2.3.2)
-    simple_form (5.2.0)
+    simple_form (5.1.0)
      actionpack (>= 5.2)
      activemodel (>= 5.2)
-    simplecov (0.22.0)
+    simplecov (0.21.2)
      docile (~> 1.1)
      simplecov-html (~> 0.11)
      simplecov_json_formatter (~> 0.1)
    simplecov-html (0.12.3)
-    simplecov_json_formatter (0.1.4)
+    simplecov_json_formatter (0.1.2)
    smart_properties (1.17.0)
    sprockets (3.7.2)
      concurrent-ruby (~> 1.0)
@ -674,10 +648,9 @@ GEM
    sshkit (1.21.2)
      net-scp (>= 1.1.2)
      net-ssh (>= 2.8.0)
-    stackprof (0.2.23)
+    stackprof (0.2.22)
    statsd-ruby (1.5.0)
-    stoplight (3.0.1)
+    stoplight (3.0.0)
      redlock (~> 1.0)
    strong_migrations (0.7.9)
      activerecord (>= 5)
    swd (1.3.0)
@ -689,9 +662,8 @@ GEM
      unicode-display_width (>= 1.1.1, < 3)
    terrapin (0.6.0)
      climate_control (>= 0.0.3, < 1.0)
-    thor (1.2.2)
+    thor (1.2.1)
    tilt (2.0.11)
    timeout (0.3.2)
    tpm-key_attestation (0.11.0)
      bindata (~> 2.4)
      openssl (> 2.0, < 3.1)
@ -709,14 +681,14 @@ GEM
    twitter-text (3.1.0)
      idn-ruby
      unf (~> 0.1.0)
-    tzinfo (2.0.6)
+    tzinfo (2.0.5)
      concurrent-ruby (~> 1.0)
-    tzinfo-data (1.2022.7)
+    tzinfo-data (1.2022.4)
      tzinfo (>= 1.0.0)
    unf (0.1.4)
      unf_ext
    unf_ext (0.0.8.2)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.3.0)
    uniform_notifier (1.16.0)
    validate_email (0.1.6)
      activemodel (>= 3.0)
@ -742,7 +714,7 @@ GEM
      addressable (>= 2.8.0)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
-    webpacker (5.4.4)
+    webpacker (5.4.3)
      activesupport (>= 5.2)
      rack-proxy (>= 0.6.1)
      railties (>= 5.2)
@ -754,7 +726,7 @@ GEM
    xorcist (1.1.3)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    zeitwerk (2.6.8)
+    zeitwerk (2.6.6)
 PLATFORMS
  ruby
@ -764,12 +736,12 @@ DEPENDENCIES
  active_record_query_trace (~> 1.8)
  addressable (~> 2.8)
  annotate (~> 3.2)
-  aws-sdk-s3 (~> 1.119)
+  aws-sdk-s3 (~> 1.114)
  better_errors (~> 2.9)
  binding_of_caller (~> 1.0)
  blurhash (~> 0.1)
-  bootsnap (~> 1.16.0)
+  bootsnap (~> 1.13.0)
-  brakeman (~> 5.4)
+  brakeman (~> 5.3)
  browser
  bullet (~> 7.0)
  bundler-audit (~> 0.9)
@ -777,7 +749,7 @@ DEPENDENCIES
  capistrano-rails (~> 1.6)
  capistrano-rbenv (~> 2.2)
  capistrano-yarn (~> 2.0)
-  capybara (~> 3.38)
+  capybara (~> 3.37)
  charlock_holmes (~> 0.7.7)
  chewy (~> 7.2)
  climate_control (~> 0.2)
@ -793,24 +765,23 @@ DEPENDENCIES
  dotenv-rails (~> 2.8)
  ed25519 (~> 1.3)
  fabrication (~> 2.30)
-  faker (~> 3.1)
+  faker (~> 2.23)
  fast_blank (~> 1.0)
  fastimage
-  fog-core (<= 2.4.0)
+  fog-core (<= 2.1.0)
  fog-openstack (~> 0.3)
  fuubar (~> 2.5)
-  gitlab-omniauth-openid-connect (~> 0.10.1)
+  gitlab-omniauth-openid-connect (~> 0.10.0)
  hamlit-rails (~> 0.2)
  hiredis (~> 0.6)
  htmlentities (~> 4.3)
  http (~> 5.1)
  http_accept_language (~> 2.1)
-  httplog (~> 1.6.2)
+  httplog (~> 1.6.0)
  i18n-tasks (~> 1.0)
  idn-ruby
  json-ld
  json-ld-preloaded (~> 3.2)
  json-schema (~> 3.0)
  kaminari (~> 1.2)
  kt-paperclip (~> 7.1)
  letter_opener (~> 1.8)
@ -820,9 +791,10 @@ DEPENDENCIES
  makara (~> 0.5)
  mario-redis-lock (~> 1.2)
  memory_profiler
  microformats (~> 4.4)
  mime-types (~> 3.4.1)
  net-ldap (~> 0.17)
-  nokogiri (~> 1.14)
+  nokogiri (~> 1.13)
  nsa (~> 0.2)
  oj (~> 3.13)
  omniauth (~> 1.9)
@ -832,17 +804,16 @@ DEPENDENCIES
  ox (~> 2.14)
  parslet
  pg (~> 1.4)
-  pghero
+  pghero (~> 2.8)
-  pkg-config (~> 1.5)
+  pkg-config (~> 1.4)
  posix-spawn
  premailer-rails
  private_address_check (~> 0.5)
  pry-byebug (~> 3.10)
  pry-rails (~> 0.3)
  public_suffix (~> 5.0)
  puma (~> 5.6)
-  pundit (~> 2.3)
+  pundit (~> 2.2)
-  rack (~> 2.2.6)
+  rack (~> 2.2.4)
  rack-attack (~> 6.6)
  rack-cors (~> 1.1)
  rack-test (~> 2.0)
@ -852,32 +823,30 @@ DEPENDENCIES
  rails-settings-cached (~> 0.6)
  random_name_generator
  rdf-normalize (~> 0.5)
-  redcarpet (~> 3.6)
+  redcarpet (~> 3.5)
  redis (~> 4.5)
-  redis-namespace (~> 1.10)
+  redis-namespace (~> 1.9)
  rexml (~> 3.2)
  rqrcode (~> 2.1)
  rspec-rails (~> 5.1)
  rspec-sidekiq (~> 3.1)
  rspec_junit_formatter (~> 0.6)
-  rubocop
+  rubocop (~> 1.30)
-  rubocop-performance
+  rubocop-rails (~> 2.15)
  rubocop-rails
  rubocop-rspec
  ruby-progressbar (~> 1.11)
  sanitize (~> 6.0)
-  scenic (~> 1.7)
+  scenic (~> 1.6)
  sidekiq (~> 6.5)
  sidekiq-bulk (~> 0.2.0)
  sidekiq-scheduler (~> 4.0)
  sidekiq-unique-jobs (~> 7.1)
  simple-navigation (~> 4.4)
-  simple_form (~> 5.2)
+  simple_form (~> 5.1)
-  simplecov (~> 0.22)
+  simplecov (~> 0.21)
  sprockets (~> 3.7.2)
  sprockets-rails (~> 3.4)
  stackprof
-  stoplight (~> 3.0.1)
+  stoplight (~> 3.0.0)
  strong_migrations (~> 0.7)
  thor (~> 1.2)
  tty-prompt (~> 0.23)
--- a/README.md
+++ b/README.md
@ -1,4 +1,104 @@
-This is a fork of [Mastodon](https://github.com/mastodon/mastodon) that has been adapted to visualize the ActivityPub protocol exchanges between different Mastodon instances. The changes are based on v4.1.4 of the main repository.
+<h1><picture>
  <source media="(prefers-color-scheme: dark)" srcset="./lib/assets/wordmark.dark.png?raw=true">
  <source media="(prefers-color-scheme: light)" srcset="./lib/assets/wordmark.light.png?raw=true">
  <img alt="Mastodon" src="./lib/assets/wordmark.light.png?raw=true" height="34">
 </picture></h1>
-See it in action on [ActivityPub.Academy](https://activitypub.academy).
+[![GitHub release](https://img.shields.io/github/release/mastodon/mastodon.svg)][releases]
 [![Build Status](https://img.shields.io/circleci/project/github/mastodon/mastodon.svg)][circleci]
 [![Code Climate](https://img.shields.io/codeclimate/maintainability/mastodon/mastodon.svg)][code_climate]
 [![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)][crowdin]
 [![Docker Pulls](https://img.shields.io/docker/pulls/tootsuite/mastodon.svg)][docker]
 [releases]: https://github.com/mastodon/mastodon/releases
 [circleci]: https://circleci.com/gh/mastodon/mastodon
 [code_climate]: https://codeclimate.com/github/mastodon/mastodon
 [crowdin]: https://crowdin.com/project/mastodon
 [docker]: https://hub.docker.com/r/tootsuite/mastodon/
 Mastodon is a **free, open-source social network server** based on ActivityPub where users can follow friends and discover new ones. On Mastodon, users can publish anything they want: links, pictures, text, video. All Mastodon servers are interoperable as a federated network (users on one server can seamlessly communicate with users from another one, including non-Mastodon software that implements ActivityPub)!
 Click below to **learn more** in a video:
 [![Screenshot](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/ezgif-2-60f1b00403.gif)][youtube_demo]
 [youtube_demo]: https://www.youtube.com/watch?v=IPSbNdBmWKE
 ## Navigation
 - [Project homepage 🐘](https://joinmastodon.org)
 - [Support the development via Patreon][patreon]
 - [View sponsors](https://joinmastodon.org/sponsors)
 - [Blog](https://blog.joinmastodon.org)
 - [Documentation](https://docs.joinmastodon.org)
 - [Browse Mastodon servers](https://joinmastodon.org/communities)
 - [Browse Mastodon apps](https://joinmastodon.org/apps)
 [patreon]: https://www.patreon.com/mastodon
 ## Features
 <img src="/app/javascript/images/elephant_ui_working.svg?raw=true" align="right" width="30%" />
 ### No vendor lock-in: Fully interoperable with any conforming platform
 It doesn't have to be Mastodon; whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
 ### Real-time, chronological timeline updates
 Updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
 ### Media attachments like images and short videos
 Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos loop continuously!
 ### Safety and moderation tools
 Mastodon includes private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
 ### OAuth2 and a straightforward REST API
 Mastodon acts as an OAuth2 provider, so 3rd party apps can use the REST and Streaming APIs. This results in a rich app ecosystem with a lot of choices!
 ## Deployment
 ### Tech stack:
 - **Ruby on Rails** powers the REST API and other web pages
 - **React.js** and Redux are used for the dynamic parts of the interface
 - **Node.js** powers the streaming API
 ### Requirements:
 - **PostgreSQL** 9.5+
 - **Redis** 4+
 - **Ruby** 2.6+
 - **Node.js** 14+
 The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
 A **Vagrant** configuration is included for development purposes. To use it, complete following steps:
 - Install Vagrant and Virtualbox
 - Install the `vagrant-hostsupdater` plugin: `vagrant plugin install vagrant-hostsupdater`
 - Run `vagrant up`
 - Run `vagrant ssh -c "cd /vagrant && foreman start"`
 - Open `http://mastodon.local` in your browser
 ## Contributing
 Mastodon is **free, open-source software** licensed under **AGPLv3**.
 You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository or submit translations using Crowdin. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
 **IRC channel**: #mastodon on irc.libera.chat
 ## License
 Copyright (C) 2016-2022 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
--- a/71
+++ b/71
@ -3,14 +3,16 @@
 ENV["PORT"] ||= "3000"
-$provisionA = <<SCRIPT
+$provision = <<SCRIPT
 cd /vagrant # This is where the host folder/repo is mounted
 # Add the yarn repo + yarn repo keys
 curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 sudo apt-add-repository 'deb https://dl.yarnpkg.com/debian/ stable main'
 # Add repo for NodeJS
-curl -sL https://deb.nodesource.com/setup_16.x | sudo bash -
+curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -
 # Add firewall rule to redirect 80 to PORT and save
 sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port #{ENV["PORT"]}
@ -31,56 +33,32 @@ sudo apt-get install \
  redis-tools \
  postgresql \
  postgresql-contrib \
  yarn \
  libicu-dev \
  libidn11-dev \
-  libreadline6-dev \
+  libreadline-dev \
-  autoconf \
+  libpam0g-dev \
  bison \
  build-essential \
  ffmpeg \
  file \
  gcc \
  libffi-dev \
  libgdbm-dev \
  libjemalloc-dev \
  libncurses5-dev \
  libprotobuf-dev \
  libssl-dev \
  libyaml-dev \
  pkg-config \
  protobuf-compiler \
  zlib1g-dev \
  -y
 # Install rvm
-sudo apt-add-repository -y ppa:rael-gc/rvm
+read RUBY_VERSION < .ruby-version
 sudo apt-get install rvm -y
-sudo usermod -a -G rvm $USER
+curl -sSL https://rvm.io/mpapis.asc | gpg --import
 curl -sSL https://rvm.io/pkuczynski.asc | gpg --import
-SCRIPT
+curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer | bash -s stable --ruby=$RUBY_VERSION
-
+source /home/vagrant/.rvm/scripts/rvm
 $provisionB = <<SCRIPT
 source "/etc/profile.d/rvm.sh"
 # Install Ruby
-read RUBY_VERSION < /vagrant/.ruby-version
+rvm reinstall ruby-$RUBY_VERSION --disable-binary
 rvm install ruby-$RUBY_VERSION --disable-binary
 # Configure database
 sudo -u postgres createuser -U postgres vagrant -s
 sudo -u postgres createdb -U postgres mastodon_development
-cd /vagrant # This is where the host folder/repo is mounted
+# Install gems and node modules
 # Install gems
 gem install bundler foreman
 bundle install
 # Install node modules
 sudo corepack enable
 yarn set version classic
 yarn install
 # Build Mastodon
@ -94,11 +72,18 @@ echo 'export $(cat "/vagrant/.env.vagrant" | xargs)' >> ~/.bash_profile
 SCRIPT
 $start = <<SCRIPT
 echo 'To start server'
 echo '  $ vagrant ssh -c "cd /vagrant && foreman start"'
 SCRIPT
 VAGRANTFILE_API_VERSION = "2"
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-  config.vm.box = "ubuntu/focal64"
+  config.vm.box = "ubuntu/bionic64"
  config.vm.provider :virtualbox do |vb|
    vb.name = "mastodon"
@ -115,6 +100,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
    # Use "virtio" network interfaces for better performance.
    vb.customize ["modifyvm", :id, "--nictype1", "virtio"]
    vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
  end
  # This uses the vagrant-hostsupdater plugin, and lets you
@ -132,7 +118,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  end
  if config.vm.networks.any? { |type, options| type == :private_network }
-    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'actimeo=1']
+    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'actimeo=1']
  else
    config.vm.synced_folder ".", "/vagrant"
  end
@ -143,12 +129,9 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.network :forwarded_port, guest: 8080, host: 8080
  # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
-  config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
+  config.vm.provision :shell, inline: $provision, privileged: false
  config.vm.provision :shell, inline: $provisionB, privileged: false
-  config.vm.post_up_message = <<MESSAGE
+  # Start up script, runs on every 'vagrant up'
-To start server
+  config.vm.provision :shell, inline: $start, run: 'always', privileged: false
  $ vagrant ssh -c "cd /vagrant && foreman start"
 MESSAGE
 end
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@ -17,8 +17,6 @@ class AccountsController < ApplicationController
    respond_to do |format|
      format.html do
        expires_in 0, public: true unless user_signed_in?
        @rss_url = rss_url
      end
      format.rss do
--- a/app/controllers/activitypub/inboxes_controller.rb
+++ b/app/controllers/activitypub/inboxes_controller.rb
@ -76,13 +76,7 @@ class ActivityPub::InboxesController < ActivityPub::BaseController
  end
  def process_payload
-    raw_signature = request.headers['Signature']
+    event = ActivityLogEvent.new('inbound', "https://#{Rails.configuration.x.web_domain}#{request.path}", Oj.load(body, mode: :strict))
    tree          = SignatureParamsParser.new.parse(raw_signature)
    signature_params = SignatureParamsTransformer.new.apply(tree)
    sender = actor_from_key_id(signature_params['keyId'])
    event = ActivityLogEvent.new('inbound', sender.uri, "https://#{Rails.configuration.x.web_domain}#{request.path}", Oj.load(body, mode: :strict))
    @activity_log_publisher.publish(event)
--- a/app/controllers/admin/account_actions_controller.rb
+++ b/app/controllers/admin/account_actions_controller.rb
@ -21,7 +21,7 @@ module Admin
      account_action.save!
      if account_action.with_report?
-        redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: params[:report_id])
+        redirect_to admin_reports_path
      else
        redirect_to admin_account_path(@account.id)
      end
--- a/app/controllers/admin/accounts_controller.rb
+++ b/app/controllers/admin/accounts_controller.rb
@ -55,14 +55,12 @@ module Admin
    def approve
      authorize @account.user, :approve?
      @account.user.approve!
      log_action :approve, @account.user
      redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.approved_msg', username: @account.acct)
    end
    def reject
      authorize @account.user, :reject?
      DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
      log_action :reject, @account.user
      redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.rejected_msg', username: @account.acct)
    end
--- a/app/controllers/admin/domain_blocks_controller.rb
+++ b/app/controllers/admin/domain_blocks_controller.rb
@ -4,18 +4,6 @@ module Admin
  class DomainBlocksController < BaseController
    before_action :set_domain_block, only: [:show, :destroy, :edit, :update]
    def batch
      authorize :domain_block, :create?
      @form = Form::DomainBlockBatch.new(form_domain_block_batch_params.merge(current_account: current_account, action: action_from_button))
      @form.save
    rescue ActionController::ParameterMissing
      flash[:alert] = I18n.t('admin.domain_blocks.no_domain_block_selected')
    rescue Mastodon::NotPermittedError
      flash[:alert] = I18n.t('admin.domain_blocks.not_permitted')
    else
      redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
    end
    def new
      authorize :domain_block, :create?
      @domain_block = DomainBlock.new(domain: params[:_domain])
@ -55,8 +43,12 @@ module Admin
    def update
      authorize :domain_block, :update?
-      if @domain_block.update(update_params)
+      @domain_block.update(update_params)
-        DomainBlockWorker.perform_async(@domain_block.id, @domain_block.severity_previously_changed?)
+
      severity_changed = @domain_block.severity_changed?
      if @domain_block.save
        DomainBlockWorker.perform_async(@domain_block.id, severity_changed)
        log_action :update, @domain_block
        redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
      else
@ -84,15 +76,5 @@ module Admin
    def resource_params
      params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate)
    end
    def form_domain_block_batch_params
      params.require(:form_domain_block_batch).permit(domain_blocks_attributes: [:enabled, :domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate])
    end
    def action_from_button
      if params[:save]
        'save'
      end
    end
  end
 end
--- a/app/controllers/admin/email_domain_blocks_controller.rb
+++ b/app/controllers/admin/email_domain_blocks_controller.rb
@ -19,7 +19,7 @@ module Admin
    rescue ActionController::ParameterMissing
      flash[:alert] = I18n.t('admin.email_domain_blocks.no_email_domain_block_selected')
    rescue Mastodon::NotPermittedError
-      flash[:alert] = I18n.t('admin.email_domain_blocks.not_permitted')
+      flash[:alert] = I18n.t('admin.custom_emojis.not_permitted')
    ensure
      redirect_to admin_email_domain_blocks_path
    end
--- a/app/controllers/admin/export_domain_allows_controller.rb
+++ b/app/controllers/admin/export_domain_allows_controller.rb
@ -1,58 +0,0 @@
 # frozen_string_literal: true
 require 'csv'
 module Admin
  class ExportDomainAllowsController < BaseController
    include AdminExportControllerConcern
    before_action :set_dummy_import!, only: [:new]
    def new
      authorize :domain_allow, :create?
    end
    def export
      authorize :instance, :index?
      send_export_file
    end
    def import
      authorize :domain_allow, :create?
      begin
        @import = Admin::Import.new(import_params)
        return render :new unless @import.validate
        @import.csv_rows.each do |row|
          domain = row['#domain'].strip
          next if DomainAllow.allowed?(domain)
          domain_allow = DomainAllow.new(domain: domain)
          log_action :create, domain_allow if domain_allow.save
        end
        flash[:notice] = I18n.t('admin.domain_allows.created_msg')
      rescue ActionController::ParameterMissing
        flash[:error] = I18n.t('admin.export_domain_allows.no_file')
      end
      redirect_to admin_instances_path
    end
    private
    def export_filename
      'domain_allows.csv'
    end
    def export_headers
      %w(#domain)
    end
    def export_data
      CSV.generate(headers: export_headers, write_headers: true) do |content|
        DomainAllow.allowed_domains.each do |instance|
          content << [instance.domain]
        end
      end
    end
  end
 end
--- a/app/controllers/admin/export_domain_blocks_controller.rb
+++ b/app/controllers/admin/export_domain_blocks_controller.rb
@ -1,77 +0,0 @@
 # frozen_string_literal: true
 require 'csv'
 module Admin
  class ExportDomainBlocksController < BaseController
    include AdminExportControllerConcern
    before_action :set_dummy_import!, only: [:new]
    def new
      authorize :domain_block, :create?
    end
    def export
      authorize :instance, :index?
      send_export_file
    end
    def import
      authorize :domain_block, :create?
      @import = Admin::Import.new(import_params)
      return render :new unless @import.validate
      @global_private_comment = I18n.t('admin.export_domain_blocks.import.private_comment_template', source: @import.data_file_name, date: I18n.l(Time.now.utc))
      @form = Form::DomainBlockBatch.new
      @domain_blocks = @import.csv_rows.filter_map do |row|
        domain = row['#domain'].strip
        next if DomainBlock.rule_for(domain).present?
        domain_block = DomainBlock.new(domain: domain,
                                       severity: row.fetch('#severity', :suspend),
                                       reject_media: row.fetch('#reject_media', false),
                                       reject_reports: row.fetch('#reject_reports', false),
                                       private_comment: @global_private_comment,
                                       public_comment: row['#public_comment'],
                                       obfuscate: row.fetch('#obfuscate', false))
        if domain_block.invalid?
          flash.now[:alert] = I18n.t('admin.export_domain_blocks.invalid_domain_block', error: domain_block.errors.full_messages.join(', '))
          next
        end
        domain_block
      rescue ArgumentError => e
        flash.now[:alert] = I18n.t('admin.export_domain_blocks.invalid_domain_block', error: e.message)
        next
      end
      @warning_domains = Instance.where(domain: @domain_blocks.map(&:domain)).where('EXISTS (SELECT 1 FROM follows JOIN accounts ON follows.account_id = accounts.id OR follows.target_account_id = accounts.id WHERE accounts.domain = instances.domain)').pluck(:domain)
    rescue ActionController::ParameterMissing
      flash.now[:alert] = I18n.t('admin.export_domain_blocks.no_file')
      set_dummy_import!
      render :new
    end
    private
    def export_filename
      'domain_blocks.csv'
    end
    def export_headers
      %w(#domain #severity #reject_media #reject_reports #public_comment #obfuscate)
    end
    def export_data
      CSV.generate(headers: export_headers, write_headers: true) do |content|
        DomainBlock.with_limitations.each do |instance|
          content << [instance.domain, instance.severity, instance.reject_media, instance.reject_reports, instance.public_comment, instance.obfuscate]
        end
      end
    end
  end
 end
--- a/app/controllers/admin/instances_controller.rb
+++ b/app/controllers/admin/instances_controller.rb
@ -49,7 +49,7 @@ module Admin
    private
    def set_instance
-      @instance = Instance.find(TagManager.instance.normalize_domain(params[:id]&.strip))
+      @instance = Instance.find(params[:id])
    end
    def set_instances
@ -57,7 +57,7 @@ module Admin
    end
    def preload_delivery_failures!
-      warning_domains_map = DeliveryFailureTracker.warning_domains_map(@instances.map(&:domain))
+      warning_domains_map = DeliveryFailureTracker.warning_domains_map
      @instances.each do |instance|
        instance.failure_days = warning_domains_map[instance.domain]
--- a/app/controllers/admin/relays_controller.rb
+++ b/app/controllers/admin/relays_controller.rb
@ -3,7 +3,7 @@
 module Admin
  class RelaysController < BaseController
    before_action :set_relay, except: [:index, :new, :create]
-    before_action :warn_signatures_not_enabled!, only: [:new, :create, :enable]
+    before_action :require_signatures_enabled!, only: [:new, :create, :enable]
    def index
      authorize :relay, :update?
@ -56,8 +56,8 @@ module Admin
      params.require(:relay).permit(:inbox_url)
    end
-    def warn_signatures_not_enabled!
+    def require_signatures_enabled!
-      flash.now[:error] = I18n.t('admin.relays.signatures_not_enabled') if authorized_fetch_mode?
+      redirect_to admin_relays_path, alert: I18n.t('admin.relays.signatures_not_enabled') if authorized_fetch_mode?
    end
  end
 end
--- a/app/controllers/admin/reports/actions_controller.rb
+++ b/app/controllers/admin/reports/actions_controller.rb
@ -3,11 +3,6 @@
 class Admin::Reports::ActionsController < Admin::BaseController
  before_action :set_report
  def preview
    authorize @report, :show?
    @moderation_action = action_from_button
  end
  def create
    authorize @report, :show?
@ -18,8 +13,7 @@ class Admin::Reports::ActionsController < Admin::BaseController
        status_ids: @report.status_ids,
        current_account: current_account,
        report_id: @report.id,
-        send_email_notification: !@report.spam?,
+        send_email_notification: !@report.spam?
        text: params[:text]
      )
      status_batch_action.save!
@ -29,16 +23,13 @@ class Admin::Reports::ActionsController < Admin::BaseController
        report_id: @report.id,
        target_account: @report.target_account,
        current_account: current_account,
-        send_email_notification: !@report.spam?,
+        send_email_notification: !@report.spam?
        text: params[:text]
      )
      account_action.save!
    else
      return redirect_to admin_report_path(@report), alert: I18n.t('admin.reports.unknown_action_msg', action: action_from_button)
    end
-    redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: @report.id)
+    redirect_to admin_reports_path
  end
  private
@ -56,8 +47,6 @@ class Admin::Reports::ActionsController < Admin::BaseController
      'silence'
    elsif params[:suspend]
      'suspend'
    elsif params[:moderation_action]
      params[:moderation_action]
    end
  end
 end
--- a/app/controllers/admin/webhooks_controller.rb
+++ b/app/controllers/admin/webhooks_controller.rb
@ -20,7 +20,6 @@ module Admin
      authorize :webhook, :create?
      @webhook = Webhook.new(resource_params)
      @webhook.current_account = current_account
      if @webhook.save
        redirect_to admin_webhook_path(@webhook)
@ -40,12 +39,10 @@ module Admin
    def update
      authorize @webhook, :update?
      @webhook.current_account = current_account
      if @webhook.update(resource_params)
        redirect_to admin_webhook_path(@webhook)
      else
-        render :edit
+        render :show
      end
    end
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -16,26 +16,6 @@ class Api::BaseController < ApplicationController
  protect_from_forgery with: :null_session
  content_security_policy do |p|
    # Set every directive that does not have a fallback
    p.default_src :none
    p.frame_ancestors :none
    p.form_action :none
    # Disable every directive with a fallback to cut on response size
    p.base_uri false
    p.font_src false
    p.img_src false
    p.style_src false
    p.media_src false
    p.frame_src false
    p.manifest_src false
    p.connect_src false
    p.script_src false
    p.child_src false
    p.worker_src false
  end
  rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
    render json: { error: e.to_s }, status: 422
  end
@ -149,7 +129,7 @@ class Api::BaseController < ApplicationController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'private, no-store'
+    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
  end
  def disallow_unauthenticated_api_access?
--- a/app/controllers/api/v1/accounts/credentials_controller.rb
+++ b/app/controllers/api/v1/accounts/credentials_controller.rb
@ -21,17 +21,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
  private
  def account_params
-    params.permit(
+    params.permit(:display_name, :note, :avatar, :header, :locked, :bot, :discoverable, fields_attributes: [:name, :value])
      :display_name,
      :note,
      :avatar,
      :header,
      :locked,
      :bot,
      :discoverable,
      :hide_collections,
      fields_attributes: [:name, :value]
    )
  end
  def user_settings_params
--- a/app/controllers/api/v1/activity_log_controller.rb
+++ b/app/controllers/api/v1/activity_log_controller.rb
@ -3,22 +3,38 @@
 class Api::V1::ActivityLogController < Api::BaseController
  include ActionController::Live
  # before_action -> { doorkeeper_authorize! :read }, only: [:show]
  before_action :require_user!
  rescue_from ArgumentError do |e|
    render json: { error: e.to_s }, status: 422
  end
  def index
    render :text => "hello world"
  end
  def show
    response.headers['Content-Type'] = 'text/event-stream'
    # hack to avoid computing Etag, which delays sending of data
    response.headers['Last-Modified'] = Time.now.httpdate
-    # adapted from https://blog.chumakoff.com/en/posts/rails_sse_rack_hijacking_api
+    sse = SSE.new(response.stream)
    response.headers["rack.hijack"] = proc do |stream|
      ActivityLogger.register(current_account.username, SSE.new(stream))
    end
-    head :ok
+    # id = current_account.local_username_and_domain
    id = current_account.username
    begin
      ActivityLogger.register(id, sse)
      while true
        event = ActivityLogEvent.new('keep-alive', nil, nil)
        ActivityLogger.log(id, event)
        sleep 10
      end
    ensure
      ActivityLogger.unregister(id, sse)
      sse.close
    end
  end
 end
--- a/app/controllers/api/v1/admin/accounts_controller.rb
+++ b/app/controllers/api/v1/admin/accounts_controller.rb
@ -54,14 +54,12 @@ class Api::V1::Admin::AccountsController < Api::BaseController
  def approve
    authorize @account.user, :approve?
    @account.user.approve!
    log_action :approve, @account.user
    render json: @account, serializer: REST::Admin::AccountSerializer
  end
  def reject
    authorize @account.user, :reject?
    DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
    log_action :reject, @account.user
    render_empty
  end
--- a/app/controllers/api/v1/admin/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/admin/domain_blocks_controller.rb
@ -40,8 +40,10 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
  def update
    authorize @domain_block, :update?
-    @domain_block.update!(domain_block_params)
+    @domain_block.update(domain_block_params)
-    DomainBlockWorker.perform_async(@domain_block.id, @domain_block.severity_previously_changed?)
+    severity_changed = @domain_block.severity_changed?
    @domain_block.save!
    DomainBlockWorker.perform_async(@domain_block.id, severity_changed)
    log_action :update, @domain_block
    render json: @domain_block, serializer: REST::Admin::DomainBlockSerializer
  end
--- a/app/controllers/api/v1/admin/trends/tags_controller.rb
+++ b/app/controllers/api/v1/admin/trends/tags_controller.rb
@ -3,14 +3,6 @@
 class Api::V1::Admin::Trends::TagsController < Api::V1::Trends::TagsController
  before_action -> { authorize_if_got_token! :'admin:read' }
  def index
    if current_user&.can?(:manage_taxonomies)
      render json: @tags, each_serializer: REST::Admin::TagSerializer
    else
      super
    end
  end
  private
  def enabled?
--- a/app/controllers/api/v1/conversations_controller.rb
+++ b/app/controllers/api/v1/conversations_controller.rb
@ -11,7 +11,7 @@ class Api::V1::ConversationsController < Api::BaseController
  def index
    @conversations = paginated_conversations
-    render json: @conversations, each_serializer: REST::ConversationSerializer, relationships: StatusRelationshipsPresenter.new(@conversations.map(&:last_status), current_user&.account_id)
+    render json: @conversations, each_serializer: REST::ConversationSerializer
  end
  def read
@ -32,19 +32,6 @@ class Api::V1::ConversationsController < Api::BaseController
  def paginated_conversations
    AccountConversation.where(account: current_account)
                       .includes(
                         account: :account_stat,
                         last_status: [
                           :media_attachments,
                           :preview_cards,
                           :status_stat,
                           :tags,
                           {
                             active_mentions: [account: :account_stat],
                             account: :account_stat,
                           },
                         ]
                       )
                       .to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
  end
--- a/app/controllers/api/v1/filters_controller.rb
+++ b/app/controllers/api/v1/filters_controller.rb
@ -13,7 +13,7 @@ class Api::V1::FiltersController < Api::BaseController
  def create
    ApplicationRecord.transaction do
-      filter_category = current_account.custom_filters.create!(filter_params)
+      filter_category = current_account.custom_filters.create!(resource_params)
      @filter = filter_category.keywords.create!(keyword_params)
    end
@ -52,11 +52,11 @@ class Api::V1::FiltersController < Api::BaseController
  end
  def resource_params
-    params.permit(:phrase, :expires_in, :irreversible, :whole_word, context: [])
+    params.permit(:phrase, :expires_in, :irreversible, context: [])
  end
  def filter_params
-    resource_params.slice(:phrase, :expires_in, :irreversible, :context)
+    resource_params.slice(:expires_in, :irreversible, :context)
  end
  def keyword_params
--- a/app/controllers/api/v1/followed_tags_controller.rb
+++ b/app/controllers/api/v1/followed_tags_controller.rb
@ -3,11 +3,11 @@
 class Api::V1::FollowedTagsController < Api::BaseController
  TAGS_LIMIT = 100
-  before_action -> { doorkeeper_authorize! :follow, :read, :'read:follows' }
+  before_action -> { doorkeeper_authorize! :follow, :read, :'read:follows' }, except: :show
  before_action :require_user!
  before_action :set_results
-  after_action :insert_pagination_headers
+  after_action :insert_pagination_headers, only: :show
  def index
    render json: @results.map(&:tag), each_serializer: REST::TagSerializer, relationships: TagRelationshipsPresenter.new(@results.map(&:tag), current_user&.account_id)
@ -43,7 +43,7 @@ class Api::V1::FollowedTagsController < Api::BaseController
  end
  def records_continue?
-    @results.size == limit_param(TAGS_LIMIT)
+    @results.size == limit_param(TAG_LIMIT)
  end
  def pagination_params(core_params)
--- a/app/controllers/api/v1/json_ld_controller.rb
+++ b/app/controllers/api/v1/json_ld_controller.rb
@ -1,80 +0,0 @@
 # frozen_string_literal: true
 require "faraday"
 require "uri"
 class Api::V1::JsonLdController < Api::BaseController
  include ActionController::Live
  rescue_from ArgumentError do |e|
    render json: { error: e.to_s }, status: 422
  end
  before_action :require_user!
  REQUEST_TARGET = '(request-target)'
  def signature(headers)
    account = Account.representative
    key_id = ActivityPub::TagManager.instance.key_uri_for(account)
    algorithm = 'rsa-sha256'
    signed_string = headers.map { |key, value| "#{key.downcase}: #{value}" }.join("\n")
    signature = Base64.strict_encode64(account.keypair.sign(OpenSSL::Digest.new('SHA256'), signed_string))
    "keyId=\"#{key_id}\",algorithm=\"#{algorithm}\",headers=\"#{headers.keys.join(' ').downcase}\",signature=\"#{signature}\""
  end
  def signed_headers(url_string)
    if url_string.include?(".well-known")
      return {'Accept': 'application/jrd+json'}
    end
    url = URI.parse(url_string)
    tmp_headers = {
      'Date': Time.now.utc.httpdate,
      'Host': url.host,
      'Accept': 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
    }
    tmp_headers[REQUEST_TARGET] = "get #{url_string.delete_prefix("#{url.scheme}://#{url.host}")}"
    additional_headers = {
      'Signature': signature(tmp_headers),
      'User-Agent': Mastodon::Version.user_agent,
    }
    tmp_headers.merge(additional_headers).except(REQUEST_TARGET)
  end
  def show
    url = params[:url]
    request.env['rack.hijack'].call
    io = request.env['rack.hijack_io']
    Thread.new {
      begin
        conn = Faraday::Connection.new
        api_response = conn.get(url, nil, signed_headers(url))
        max_redirects = 5
        while api_response.status == 301 || api_response.status == 302 and max_redirects > 0 do
          api_response = conn.get(api_response.headers['Location'], nil, signed_headers(api_response.headers['Location']))
          max_redirects -= 1
        end
        io.write("HTTP/1.1 #{api_response.status}\r\n")
        io.write("Content-Type: #{api_response.headers['Content-Type']}\r\n")
        io.write("Access-Control-Allow-Origin: *\r\n")
        io.write("Connection: close\r\n")
        io.write("\r\n")
        io.write(api_response.body)
      rescue
        io.write("HTTP/1.1 500\r\n")
        io.write("Access-Control-Allow-Origin: *\r\n")
        io.write("Connection: close\r\n")
        io.write("\r\n")
      ensure
        io.close
      end
    }
  end
 end
--- a/app/controllers/api/v1/notifications_controller.rb
+++ b/app/controllers/api/v1/notifications_controller.rb
@ -6,7 +6,7 @@ class Api::V1::NotificationsController < Api::BaseController
  before_action :require_user!
  after_action :insert_pagination_headers, only: :index
-  DEFAULT_NOTIFICATIONS_LIMIT = 40
+  DEFAULT_NOTIFICATIONS_LIMIT = 15
  def index
    @notifications = load_notifications
@ -31,7 +31,7 @@ class Api::V1::NotificationsController < Api::BaseController
  private
  def load_notifications
-    notifications = browserable_account_notifications.includes(from_account: [:account_stat, :user]).to_a_paginated_by_id(
+    notifications = browserable_account_notifications.includes(from_account: :account_stat).to_a_paginated_by_id(
      limit_param(DEFAULT_NOTIFICATIONS_LIMIT),
      params_slice(:max_id, :since_id, :min_id)
    )
--- a/app/controllers/api/v1/statuses/histories_controller.rb
+++ b/app/controllers/api/v1/statuses/histories_controller.rb
@ -7,15 +7,11 @@ class Api::V1::Statuses::HistoriesController < Api::BaseController
  before_action :set_status
  def show
-    render json: status_edits, each_serializer: REST::StatusEditSerializer
+    render json: @status.edits.includes(:account, status: [:account]), each_serializer: REST::StatusEditSerializer
  end
  private
  def status_edits
    @status.edits.includes(:account, status: [:account]).to_a.presence || [@status.build_snapshot(at_time: @status.edited_at || @status.created_at)]
  end
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
--- a/app/controllers/api/v1/statuses/reblogs_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogs_controller.rb
@ -2,8 +2,6 @@
 class Api::V1::Statuses::ReblogsController < Api::BaseController
  include Authorization
  include Redisable
  include Lockable
  before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
  before_action :require_user!
@ -12,9 +10,7 @@ class Api::V1::Statuses::ReblogsController < Api::BaseController
  override_rate_limit_headers :create, family: :statuses
  def create
-    with_lock("reblog:#{current_account.id}:#{@reblog.id}") do
+    @status = ReblogService.new.call(current_account, @reblog, reblog_params)
      @status = ReblogService.new.call(current_account, @reblog, reblog_params)
    end
    render json: @status, serializer: REST::StatusSerializer
  end
--- a/app/controllers/api/v1/statuses_controller.rb
+++ b/app/controllers/api/v1/statuses_controller.rb
@ -79,7 +79,6 @@ class Api::V1::StatusesController < Api::BaseController
      current_account.id,
      text: status_params[:status],
      media_ids: status_params[:media_ids],
      media_attributes: status_params[:media_attributes],
      sensitive: status_params[:sensitive],
      language: status_params[:language],
      spoiler_text: status_params[:spoiler_text],
@ -129,12 +128,6 @@ class Api::V1::StatusesController < Api::BaseController
      :language,
      :scheduled_at,
      media_ids: [],
      media_attributes: [
        :id,
        :thumbnail,
        :description,
        :focus,
      ],
      poll: [
        :multiple,
        :hide_totals,
--- a/app/controllers/api/v1/streaming_controller.rb
+++ b/app/controllers/api/v1/streaming_controller.rb
@ -2,10 +2,10 @@
 class Api::V1::StreamingController < Api::BaseController
  def index
-    if Rails.configuration.x.streaming_api_base_url == request.host
+    if Rails.configuration.x.streaming_api_base_url != request.host
      not_found
    else
      redirect_to streaming_api_url, status: 301
    else
      not_found
    end
  end
--- a/app/controllers/api/v1/tags_controller.rb
+++ b/app/controllers/api/v1/tags_controller.rb
@ -12,7 +12,7 @@ class Api::V1::TagsController < Api::BaseController
  end
  def follow
-    TagFollow.create_with(rate_limit: true).find_or_create_by!(tag: @tag, account: current_account)
+    TagFollow.create!(tag: @tag, account: current_account, rate_limit: true)
    render json: @tag, serializer: REST::TagSerializer
  end
--- a/app/controllers/api/v2/admin/accounts_controller.rb
+++ b/app/controllers/api/v2/admin/accounts_controller.rb
@ -18,14 +18,6 @@ class Api::V2::Admin::AccountsController < Api::V1::Admin::AccountsController
  private
  def next_path
    api_v2_admin_accounts_url(pagination_params(max_id: pagination_max_id)) if records_continue?
  end
  def prev_path
    api_v2_admin_accounts_url(pagination_params(min_id: pagination_since_id)) unless @accounts.empty?
  end
  def filtered_accounts
    AccountFilter.new(translated_filter_params).results
  end
--- a/app/controllers/auth/passwords_controller.rb
+++ b/app/controllers/auth/passwords_controller.rb
@ -10,8 +10,6 @@ class Auth::PasswordsController < Devise::PasswordsController
    super do |resource|
      if resource.errors.empty?
        resource.session_activations.destroy_all
        resource.revoke_access!
      end
    end
  end
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@ -66,7 +66,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
    super(hash)
    resource.locale                 = I18n.locale
-    resource.invite_code            = @invite&.code if resource.invite_code.blank?
+    resource.invite_code            = params[:invite_code] if resource.invite_code.blank?
    resource.registration_form_time = session[:registration_form_time]
    resource.sign_up_ip             = request.remote_ip
@ -74,8 +74,8 @@ class Auth::RegistrationsController < Devise::RegistrationsController
  end
  def configure_sign_up_params
-    devise_parameter_sanitizer.permit(:sign_up) do |user_params|
+    devise_parameter_sanitizer.permit(:sign_up) do |u|
-      user_params.permit({ account_attributes: [:username, :display_name], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code, :agreement, :website, :confirm_password)
+      u.permit({ account_attributes: [:username, :display_name], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code, :agreement, :website, :confirm_password)
    end
  end
@ -145,13 +145,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
  end
  def determine_layout
-    if %w(edit update).include?(action_name)
+    %w(edit update).include?(action_name) ? 'admin' : 'auth'
      'admin'
    elsif action_name == 'new'
      'academy-signup'
    else
      'auth'
    end
  end
  def set_sessions
@ -180,7 +174,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'private, no-store'
+    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
  end
  @@first_name_generator = RandomNameGenerator.new(File.new("#{File.dirname(__FILE__)}/roman.txt"))
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -14,10 +14,6 @@ class Auth::SessionsController < Devise::SessionsController
  before_action :set_instance_presenter, only: [:new]
  before_action :set_body_classes
  content_security_policy only: :new do |p|
    p.form_action(false)
  end
  def check_suspicious!
    user = find_user
    @login_is_suspicious = suspicious_sign_in?(user) unless user.nil?
--- a/app/controllers/backups_controller.rb
+++ b/app/controllers/backups_controller.rb
@ -1,31 +0,0 @@
 # frozen_string_literal: true
 class BackupsController < ApplicationController
  include RoutingHelper
  skip_before_action :require_functional!
  before_action :authenticate_user!
  before_action :set_backup
  def download
    case Paperclip::Attachment.default_options[:storage]
    when :s3
      redirect_to @backup.dump.expiring_url(10)
    when :fog
      if Paperclip::Attachment.default_options.dig(:fog_credentials, :openstack_temp_url_key).present?
        redirect_to @backup.dump.expiring_url(Time.now.utc + 10)
      else
        redirect_to full_asset_url(@backup.dump.url)
      end
    when :filesystem
      redirect_to full_asset_url(@backup.dump.url)
    end
  end
  private
  def set_backup
    @backup = current_user.backups.find(params[:id])
  end
 end
--- a/app/controllers/concerns/admin_export_controller_concern.rb
+++ b/app/controllers/concerns/admin_export_controller_concern.rb
@ -1,29 +0,0 @@
 # frozen_string_literal: true
 module AdminExportControllerConcern
  extend ActiveSupport::Concern
  private
  def send_export_file
    respond_to do |format|
      format.csv { send_data export_data, filename: export_filename }
    end
  end
  def export_data
    raise 'Override in controller'
  end
  def export_filename
    raise 'Override in controller'
  end
  def set_dummy_import!
    @import = Admin::Import.new
  end
  def import_params
    params.require(:admin_import).permit(:data)
  end
 end
--- a/app/controllers/concerns/rate_limit_headers.rb
+++ b/app/controllers/concerns/rate_limit_headers.rb
@ -58,7 +58,7 @@ module RateLimitHeaders
  end
  def api_throttle_data
-    most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_key, value| value[:limit] - value[:count] }
+    most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_, v| v[:limit] - v[:count] }
    request.env['rack.attack.throttle_data'][most_limited_type]
  end
--- a/app/controllers/concerns/signature_verification.rb
+++ b/app/controllers/concerns/signature_verification.rb
@ -28,8 +28,8 @@ module SignatureVerification
  end
  class SignatureParamsTransformer < Parslet::Transform
-    rule(params: subtree(:param)) do
+    rule(params: subtree(:p)) do
-      (param.is_a?(Array) ? param : [param]).each_with_object({}) { |(key, value), hash| hash[key] = value }
+      (p.is_a?(Array) ? p : [p]).each_with_object({}) { |(key, val), h| h[key] = val }
    end
    rule(param: { key: simple(:key), value: simple(:val) }) do
@ -46,11 +46,11 @@ module SignatureVerification
  end
  def require_account_signature!
-    render json: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_account
+    render plain: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_account
  end
  def require_actor_signature!
-    render json: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_actor
+    render plain: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_actor
  end
  def signed_request?
@ -97,11 +97,11 @@ module SignatureVerification
    actor = stoplight_wrap_request { actor_refresh_key!(actor) }
-    raise SignatureVerificationError, "Could not refresh public key #{signature_params['keyId']}" if actor.nil?
+    raise SignatureVerificationError, "Public key not found for key #{signature_params['keyId']}" if actor.nil?
    return actor unless verify_signature(actor, signature, compare_signed_string).nil?
-    fail_with! "Verification failed for #{actor.to_log_human_identifier} #{actor.uri} using rsa-sha256 (RSASSA-PKCS1-v1_5 with SHA-256)", signed_string: compare_signed_string, signature: signature_params['signature']
+    fail_with! "Verification failed for #{actor.to_log_human_identifier} #{actor.uri} using rsa-sha256 (RSASSA-PKCS1-v1_5 with SHA-256)"
  rescue SignatureVerificationError => e
    fail_with! e.message
  rescue HTTP::Error, OpenSSL::SSL::SSLError => e
@ -118,8 +118,8 @@ module SignatureVerification
  private
-  def fail_with!(message, **options)
+  def fail_with!(message)
-    @signature_verification_failure_reason = { error: message }.merge(options)
+    @signature_verification_failure_reason = message
    @signed_request_actor = nil
  end
@ -209,8 +209,8 @@ module SignatureVerification
      end
      expires_time = Time.at(signature_params['expires'].to_i).utc if signature_params['expires'].present?
-    rescue ArgumentError => e
+    rescue ArgumentError
-      raise SignatureVerificationError, "Invalid Date header: #{e.message}"
+      return false
    end
    expires_time ||= created_time + 5.minutes unless created_time.nil?
@ -227,7 +227,7 @@ module SignatureVerification
  end
  def to_header_name(name)
-    name.split('-').map(&:capitalize).join('-')
+    name.split(/-/).map(&:capitalize).join('-')
  end
  def missing_required_signature_parameters?
--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@ -4,16 +4,21 @@ module WebAppControllerConcern
  extend ActiveSupport::Concern
  included do
-    prepend_before_action :redirect_unauthenticated_to_permalinks!
+    before_action :redirect_unauthenticated_to_permalinks!
    before_action :set_app_body_class
    before_action :set_referrer_policy_header
  end
  def set_app_body_class
    @body_classes = 'app-body'
  end
  def set_referrer_policy_header
    response.headers['Referrer-Policy'] = 'origin'
  end
  def redirect_unauthenticated_to_permalinks!
-    return if user_signed_in? && current_account.moved_to_account_id.nil?
+    return if user_signed_in?
    redirect_path = PermalinkRedirector.new(request.path).redirect_path
--- a/app/controllers/follower_accounts_controller.rb
+++ b/app/controllers/follower_accounts_controller.rb
@ -63,7 +63,7 @@ class FollowerAccountsController < ApplicationController
        id: account_followers_url(@account, page: params.fetch(:page, 1)),
        type: :ordered,
        size: @account.followers_count,
-        items: follows.map { |follow| ActivityPub::TagManager.instance.uri_for(follow.account) },
+        items: follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.account) },
        part_of: account_followers_url(@account),
        next: next_page_url,
        prev: prev_page_url
--- a/app/controllers/following_accounts_controller.rb
+++ b/app/controllers/following_accounts_controller.rb
@ -66,7 +66,7 @@ class FollowingAccountsController < ApplicationController
        id: account_following_index_url(@account, page: params.fetch(:page, 1)),
        type: :ordered,
        size: @account.following_count,
-        items: follows.map { |follow| ActivityPub::TagManager.instance.uri_for(follow.target_account) },
+        items: follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.target_account) },
        part_of: account_following_index_url(@account),
        next: next_page_url,
        prev: prev_page_url
--- a/app/controllers/media_controller.rb
+++ b/app/controllers/media_controller.rb
@ -12,8 +12,8 @@ class MediaController < ApplicationController
  before_action :check_playable, only: :player
  before_action :allow_iframing, only: :player
-  content_security_policy only: :player do |policy|
+  content_security_policy only: :player do |p|
-    policy.frame_ancestors(false)
+    p.frame_ancestors(false)
  end
  def show
@ -46,6 +46,6 @@ class MediaController < ApplicationController
  end
  def allow_iframing
-    response.headers.delete('X-Frame-Options')
+    response.headers['X-Frame-Options'] = 'ALLOWALL'
  end
 end
--- a/app/controllers/oauth/authorizations_controller.rb
+++ b/app/controllers/oauth/authorizations_controller.rb
@ -7,10 +7,6 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
  before_action :authenticate_resource_owner!
  before_action :set_cache_headers
  content_security_policy do |p|
    p.form_action(false)
  end
  include Localized
  private
@ -34,6 +30,6 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'private, no-store'
+    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
  end
 end
--- a/app/controllers/oauth/authorized_applications_controller.rb
+++ b/app/controllers/oauth/authorized_applications_controller.rb
@ -8,8 +8,6 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
  before_action :require_not_suspended!, only: :destroy
  before_action :set_body_classes
  before_action :set_last_used_at_by_app, only: :index, unless: -> { request.format == :json }
  skip_before_action :require_functional!
  include Localized
@ -32,14 +30,4 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
  def require_not_suspended!
    forbidden if current_account.suspended?
  end
  def set_last_used_at_by_app
    @last_used_at_by_app = Doorkeeper::AccessToken
                           .select('DISTINCT ON (application_id) application_id, last_used_at')
                           .where(resource_owner_id: current_resource_owner.id)
                           .where.not(last_used_at: nil)
                           .order(application_id: :desc, last_used_at: :desc)
                           .pluck(:application_id, :last_used_at)
                           .to_h
  end
 end
--- a/app/controllers/relationships_controller.rb
+++ b/app/controllers/relationships_controller.rb
@ -19,8 +19,6 @@ class RelationshipsController < ApplicationController
    @form.save
  rescue ActionController::ParameterMissing
    # Do nothing
  rescue Mastodon::NotPermittedError, ActiveRecord::RecordNotFound
    flash[:alert] = I18n.t('relationships.follow_failure') if action_from_button == 'follow'
  ensure
    redirect_to relationships_path(filter_params)
  end
@ -62,8 +60,8 @@ class RelationshipsController < ApplicationController
      'unfollow'
    elsif params[:remove_from_followers]
      'remove_from_followers'
-    elsif params[:block_domains] || params[:remove_domains_from_followers]
+    elsif params[:block_domains]
-      'remove_domains_from_followers'
+      'block_domains'
    end
  end
--- a/app/controllers/settings/applications_controller.rb
+++ b/app/controllers/settings/applications_controller.rb
@ -29,13 +29,7 @@ class Settings::ApplicationsController < Settings::BaseController
  def update
    if @application.update(application_params)
-      if @application.scopes_previously_changed?
+      redirect_to settings_applications_path, notice: I18n.t('generic.changes_saved_msg')
        @access_token = current_user.token_for_app(@application)
        @access_token.destroy
        redirect_to settings_application_path(@application), notice: I18n.t('applications.token_regenerated')
      else
        redirect_to settings_application_path(@application), notice: I18n.t('generic.changes_saved_msg')
      end
    else
      render :show
    end
--- a/app/controllers/settings/base_controller.rb
+++ b/app/controllers/settings/base_controller.rb
@ -14,7 +14,7 @@ class Settings::BaseController < ApplicationController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'private, no-store'
+    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
  end
  def require_not_suspended!
--- a/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb
+++ b/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb
@ -52,7 +52,7 @@ module Settings
            end
          else
            flash[:error] = I18n.t('webauthn_credentials.create.error')
-            status = :unprocessable_entity
+            status = :internal_server_error
          end
        else
          flash[:error] = t('webauthn_credentials.create.error')
--- a/app/controllers/statuses_cleanup_controller.rb
+++ b/app/controllers/statuses_cleanup_controller.rb
@ -19,10 +19,6 @@ class StatusesCleanupController < ApplicationController
    # Do nothing
  end
  def require_functional!
    redirect_to edit_user_registration_path unless current_user.functional_or_moved?
  end
  private
  def set_policy
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@ -17,8 +17,8 @@ class StatusesController < ApplicationController
  skip_around_action :set_locale, if: -> { request.format == :json }
  skip_before_action :require_functional!, only: [:show, :embed], unless: :whitelist_mode?
-  content_security_policy only: :embed do |policy|
+  content_security_policy only: :embed do |p|
-    policy.frame_ancestors(false)
+    p.frame_ancestors(false)
  end
  def show
@ -43,7 +43,7 @@ class StatusesController < ApplicationController
    return not_found if @status.hidden? || @status.reblog?
    expires_in 180, public: true
-    response.headers.delete('X-Frame-Options')
+    response.headers['X-Frame-Options'] = 'ALLOWALL'
    render layout: 'embedded'
  end
--- a/app/controllers/tags_controller.rb
+++ b/app/controllers/tags_controller.rb
@ -11,7 +11,7 @@ class TagsController < ApplicationController
  before_action :authenticate_user!, if: :whitelist_mode?
  before_action :set_local
  before_action :set_tag
-  before_action :set_statuses, if: -> { request.format == :rss }
+  before_action :set_statuses
  before_action :set_instance_presenter
  skip_before_action :require_functional!, unless: :whitelist_mode?
@ -44,7 +44,12 @@ class TagsController < ApplicationController
  end
  def set_statuses
-    @statuses = cache_collection(TagFeed.new(@tag, nil, local: @local).get(limit_param), Status)
+    case request.format&.to_sym
    when :json
      @statuses = cache_collection(TagFeed.new(@tag, current_account, local: @local).get(PAGE_SIZE, params[:max_id], params[:since_id], params[:min_id]), Status)
    when :rss
      @statuses = cache_collection(TagFeed.new(@tag, nil, local: @local).get(limit_param), Status)
    end
  end
  def set_instance_presenter
@ -59,6 +64,8 @@ class TagsController < ApplicationController
    ActivityPub::CollectionPresenter.new(
      id: tag_url(@tag),
      type: :ordered,
      size: @tag.statuses.count,
      items: @statuses.map { |s| ActivityPub::TagManager.instance.uri_for(s) }
    )
  end
 end
--- a/app/controllers/well_known/webfinger_controller.rb
+++ b/app/controllers/well_known/webfinger_controller.rb
@ -18,14 +18,7 @@ module WellKnown
    private
    def set_account
-      username = username_from_resource
+      @account = Account.find_local!(username_from_resource)
      @account = begin
        if username == Rails.configuration.x.local_domain
          Account.representative
        else
          Account.find_local!(username)
        end
      end
    end
    def username_from_resource
--- a/app/helpers/admin/action_logs_helper.rb
+++ b/app/helpers/admin/action_logs_helper.rb
@ -20,7 +20,7 @@ module Admin::ActionLogsHelper
    when 'Status'
      link_to log.human_identifier, log.permalink
    when 'AccountWarning'
-      link_to log.human_identifier, disputes_strike_path(log.target_id)
+      link_to log.human_identifier, admin_account_path(log.target_id)
    when 'Announcement'
      link_to truncate(log.human_identifier), edit_admin_announcement_path(log.target_id)
    when 'IpBlock', 'Instance', 'CustomEmoji'
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -67,7 +67,7 @@ module ApplicationHelper
  def link_to_login(name = nil, html_options = nil, &block)
    target = new_user_session_path
-    html_options = name if block
+    html_options = name if block_given?
    if omniauth_only? && Devise.mappings[:user].omniauthable? && User.omniauth_providers.size == 1
      target = omniauth_authorize_path(:user, User.omniauth_providers[0])
@ -75,7 +75,7 @@ module ApplicationHelper
      html_options[:method] = :post
    end
-    if block
+    if block_given?
      link_to(target, html_options, &block)
    else
      link_to(name, target, html_options)
--- a/app/helpers/email_helper.rb
+++ b/app/helpers/email_helper.rb
@ -7,7 +7,7 @@ module EmailHelper
  def email_to_canonical_email(str)
    username, domain = str.downcase.split('@', 2)
-    username, = username.delete('.').split('+', 2)
+    username, = username.gsub('.', '').split('+', 2)
    "#{username}@#{domain}"
  end
--- a/app/helpers/formatting_helper.rb
+++ b/app/helpers/formatting_helper.rb
@ -23,28 +23,19 @@ module FormattingHelper
    before_html = begin
      if status.spoiler_text?
-        tag.p do
+        "<p><strong>#{I18n.t('rss.content_warning', locale: available_locale_or_nil(status.language) || I18n.default_locale)}</strong> #{h(status.spoiler_text)}</p><hr />"
-          tag.strong do
+      else
-            I18n.t('rss.content_warning', locale: available_locale_or_nil(status.language) || I18n.default_locale)
+        ''
          end
          status.spoiler_text
        end + tag.hr
      end
-    end
+    end.html_safe # rubocop:disable Rails/OutputSafety
    after_html = begin
      if status.preloadable_poll
-        tag.p do
+        "<p>#{status.preloadable_poll.options.map { |o| "<input type=#{status.preloadable_poll.multiple? ? 'checkbox' : 'radio'} disabled /> #{h(o)}" }.join('<br />')}</p>"
-          safe_join(
+      else
-            status.preloadable_poll.options.map do |o|
+        ''
              tag.send(status.preloadable_poll.multiple? ? 'checkbox' : 'radio', o, disabled: true)
            end,
            tag.br
          )
        end
      end
-    end
+    end.html_safe # rubocop:disable Rails/OutputSafety
    prerender_custom_emojis(
      safe_join([before_html, html, after_html]),
@ -58,10 +49,6 @@ module FormattingHelper
  end
  def account_field_value_format(field, with_rel_me: true)
-    if field.verified? && !field.account.local?
+    html_aware_format(field.value, field.account.local?, with_rel_me: with_rel_me, with_domains: true, multiline: false)
      TextFormatter.shortened_link(field.value_for_verification)
    else
      html_aware_format(field.value, field.account.local?, with_rel_me: with_rel_me, with_domains: true, multiline: false)
    end
  end
 end
--- a/app/helpers/jsonld_helper.rb
+++ b/app/helpers/jsonld_helper.rb
@ -213,7 +213,7 @@ module JsonLdHelper
    end
  end
-  def load_jsonld_context(url, _options = {}, &block)
+  def load_jsonld_context(url, _options = {}, &_block)
    json = Rails.cache.fetch("jsonld:context:#{url}", expires_in: 30.days, raw: true) do
      request = Request.new(:get, url)
      request.add_headers('Accept' => 'application/ld+json')
@ -226,6 +226,6 @@ module JsonLdHelper
    doc = JSON::LD::API::RemoteDocument.new(json, documentUrl: url)
-    block ? yield(doc) : doc
+    block_given? ? yield(doc) : doc
  end
 end
--- a/app/helpers/languages_helper.rb
+++ b/app/helpers/languages_helper.rb
@ -190,17 +190,12 @@ module LanguagesHelper
  ISO_639_3 = {
    ast: ['Asturian', 'Asturianu'].freeze,
    ckb: ['Sorani (Kurdish)', 'سۆرانی'].freeze,
    cnr: ['Montenegrin', 'crnogorski'].freeze,
    jbo: ['Lojban', 'la .lojban.'].freeze,
    kab: ['Kabyle', 'Taqbaylit'].freeze,
    kmr: ['Kurmanji (Kurdish)', 'Kurmancî'].freeze,
    ldn: ['Láadan', 'Láadan'].freeze,
    lfn: ['Lingua Franca Nova', 'lingua franca nova'].freeze,
    sco: ['Scots', 'Scots'].freeze,
    sma: ['Southern Sami', 'Åarjelsaemien Gïele'].freeze,
    smj: ['Lule Sami', 'Julevsámegiella'].freeze,
    szl: ['Silesian', 'ślůnsko godka'].freeze,
    tai: ['Tai', 'ภาษาไท or ภาษาไต'].freeze,
    tok: ['Toki Pona', 'toki pona'].freeze,
    zba: ['Balaibalan', 'باليبلن'].freeze,
    zgh: ['Standard Moroccan Tamazight', 'ⵜⴰⵎⴰⵣⵉⵖⵜ'].freeze,
@ -212,10 +207,8 @@ module LanguagesHelper
  # names, but for some translations, we need the names of the
  # regional variants specifically
  REGIONAL_LOCALE_NAMES = {
    'en-GB': 'English (British)',
    'es-AR': 'Español (Argentina)',
    'es-MX': 'Español (México)',
    'fr-QC': 'Français (Canadien)',
    'pt-BR': 'Português (Brasil)',
    'pt-PT': 'Português (Portugal)',
    'sr-Latn': 'Srpski (latinica)',
--- a/app/helpers/statuses_helper.rb
+++ b/app/helpers/statuses_helper.rb
@ -21,7 +21,7 @@ module StatusesHelper
  def media_summary(status)
    attachments = { image: 0, video: 0, audio: 0 }
-    status.ordered_media_attachments.each do |media|
+    status.media_attachments.each do |media|
      if media.video?
        attachments[:video] += 1
      elsif media.audio?
--- a/app/javascript/images/academy-mascot.webp
+++ b/app/javascript/images/academy-mascot.webp
--- a/app/javascript/images/logo-symbol-icon.svg
+++ b/app/javascript/images/logo-symbol-icon.svg
@ -1,2 +1,2 @@
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="79" height="79" viewBox="0 0 79 75"><symbol id="logo-symbol-icon"><path d="M74.7135 16.6043C73.6199 8.54587 66.5351 2.19527 58.1366 0.964691C56.7196 0.756754 51.351 0 38.9148 0H38.822C26.3824 0 23.7135 0.756754 22.2966 0.964691C14.1319 2.16118 6.67571 7.86752 4.86669 16.0214C3.99657 20.0369 3.90371 24.4888 4.06535 28.5726C4.29578 34.4289 4.34049 40.275 4.877 46.1075C5.24791 49.9817 5.89495 53.8251 6.81328 57.6088C8.53288 64.5968 15.4938 70.4122 22.3138 72.7848C29.6155 75.259 37.468 75.6697 44.9919 73.971C45.8196 73.7801 46.6381 73.5586 47.4475 73.3063C49.2737 72.7302 51.4164 72.086 52.9915 70.9542C53.0131 70.9384 53.0308 70.9178 53.0433 70.8942C53.0558 70.8706 53.0628 70.8445 53.0637 70.8179V65.1661C53.0634 65.1412 53.0574 65.1167 53.0462 65.0944C53.035 65.0721 53.0189 65.0525 52.9992 65.0371C52.9794 65.0218 52.9564 65.011 52.9318 65.0056C52.9073 65.0002 52.8819 65.0003 52.8574 65.0059C48.0369 66.1472 43.0971 66.7193 38.141 66.7103C29.6118 66.7103 27.3178 62.6981 26.6609 61.0278C26.1329 59.5842 25.7976 58.0784 25.6636 56.5486C25.6622 56.5229 25.667 56.4973 25.6775 56.4738C25.688 56.4502 25.7039 56.4295 25.724 56.4132C25.7441 56.397 25.7678 56.3856 25.7931 56.3801C25.8185 56.3746 25.8448 56.3751 25.8699 56.3816C30.6101 57.5151 35.4693 58.0873 40.3455 58.086C41.5183 58.086 42.6876 58.086 43.8604 58.0553C48.7647 57.919 53.9339 57.6701 58.7591 56.7361C58.8794 56.7123 58.9998 56.6918 59.103 56.6611C66.7139 55.2124 73.9569 50.665 74.6929 39.1501C74.7204 38.6967 74.7892 34.4016 74.7892 33.9312C74.7926 32.3325 75.3085 22.5901 74.7135 16.6043ZM62.9996 45.3371H54.9966V25.9069C54.9966 21.8163 53.277 19.7302 49.7793 19.7302C45.9343 19.7302 44.0083 22.1981 44.0083 27.0727V37.7082H36.0534V27.0727C36.0534 22.1981 34.124 19.7302 30.279 19.7302C26.8019 19.7302 25.0651 21.8163 25.0617 25.9069V45.3371H17.0656V25.3172C17.0656 21.2266 18.1191 17.9769 20.2262 15.568C22.3998 13.1648 25.2509 11.9308 28.7898 11.9308C32.8859 11.9308 35.9812 13.492 38.0447 16.6111L40.036 19.9245L42.0308 16.6111C44.0943 13.492 47.1896 11.9308 51.2788 11.9308C54.8143 11.9308 57.6654 13.1648 59.8459 15.568C61.9529 17.9746 63.0065 21.2243 63.0065 25.3172L62.9996 45.3371Z" fill="currentColor"/></symbol><use xlink:href="#logo-symbol-icon"/></svg>
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="79" height="79" viewBox="0 0 79 75"><symbol id="logo-symbol-icon"><path d="M74.7135 16.6043C73.6199 8.54587 66.5351 2.19527 58.1366 0.964691C56.7196 0.756754 51.351 0 38.9148 0H38.822C26.3824 0 23.7135 0.756754 22.2966 0.964691C14.1319 2.16118 6.67571 7.86752 4.86669 16.0214C3.99657 20.0369 3.90371 24.4888 4.06535 28.5726C4.29578 34.4289 4.34049 40.275 4.877 46.1075C5.24791 49.9817 5.89495 53.8251 6.81328 57.6088C8.53288 64.5968 15.4938 70.4122 22.3138 72.7848C29.6155 75.259 37.468 75.6697 44.9919 73.971C45.8196 73.7801 46.6381 73.5586 47.4475 73.3063C49.2737 72.7302 51.4164 72.086 52.9915 70.9542C53.0131 70.9384 53.0308 70.9178 53.0433 70.8942C53.0558 70.8706 53.0628 70.8445 53.0637 70.8179V65.1661C53.0634 65.1412 53.0574 65.1167 53.0462 65.0944C53.035 65.0721 53.0189 65.0525 52.9992 65.0371C52.9794 65.0218 52.9564 65.011 52.9318 65.0056C52.9073 65.0002 52.8819 65.0003 52.8574 65.0059C48.0369 66.1472 43.0971 66.7193 38.141 66.7103C29.6118 66.7103 27.3178 62.6981 26.6609 61.0278C26.1329 59.5842 25.7976 58.0784 25.6636 56.5486C25.6622 56.5229 25.667 56.4973 25.6775 56.4738C25.688 56.4502 25.7039 56.4295 25.724 56.4132C25.7441 56.397 25.7678 56.3856 25.7931 56.3801C25.8185 56.3746 25.8448 56.3751 25.8699 56.3816C30.6101 57.5151 35.4693 58.0873 40.3455 58.086C41.5183 58.086 42.6876 58.086 43.8604 58.0553C48.7647 57.919 53.9339 57.6701 58.7591 56.7361C58.8794 56.7123 58.9998 56.6918 59.103 56.6611C66.7139 55.2124 73.9569 50.665 74.6929 39.1501C74.7204 38.6967 74.7892 34.4016 74.7892 33.9312C74.7926 32.3325 75.3085 22.5901 74.7135 16.6043ZM62.9996 45.3371H54.9966V25.9069C54.9966 21.8163 53.277 19.7302 49.7793 19.7302C45.9343 19.7302 44.0083 22.1981 44.0083 27.0727V37.7082H36.0534V27.0727C36.0534 22.1981 34.124 19.7302 30.279 19.7302C26.8019 19.7302 25.0651 21.8163 25.0617 25.9069V45.3371H17.0656V25.3172C17.0656 21.2266 18.1191 17.9769 20.2262 15.568C22.3998 13.1648 25.2509 11.9308 28.7898 11.9308C32.8859 11.9308 35.9812 13.492 38.0447 16.6111L40.036 19.9245L42.0308 16.6111C44.0943 13.492 47.1896 11.9308 51.2788 11.9308C54.8143 11.9308 57.6654 13.1648 59.8459 15.568C61.9529 17.9746 63.0065 21.2243 63.0065 25.3172L62.9996 45.3371Z" fill="currentColor"/></symbol><use xlink:href="#logo-symbol-icon" style="color:#fff" /></svg>
--- a/app/javascript/images/logo-symbol-wordmark.svg
+++ b/app/javascript/images/logo-symbol-wordmark.svg
@ -7,5 +7,5 @@
 <stop stop-color="#6364FF"/>
 <stop offset="1" stop-color="#563ACC"/>
 </linearGradient>
-</defs></symbol><use xlink:href="#logo-symbol-wordmark"/>
+</defs></symbol><use xlink:href="#logo-symbol-wordmark" style="color:#fff"/>
 </svg>
--- a/app/javascript/mastodon/actions/account_notes.js
+++ b/app/javascript/mastodon/actions/account_notes.js
@ -14,24 +14,24 @@ export function submitAccountNote(id, value) {
      dispatch(submitAccountNoteSuccess(response.data));
    }).catch(error => dispatch(submitAccountNoteFail(error)));
  };
-}
+};
 export function submitAccountNoteRequest() {
  return {
    type: ACCOUNT_NOTE_SUBMIT_REQUEST,
  };
-}
+};
 export function submitAccountNoteSuccess(relationship) {
  return {
    type: ACCOUNT_NOTE_SUBMIT_SUCCESS,
    relationship,
  };
-}
+};
 export function submitAccountNoteFail(error) {
  return {
    type: ACCOUNT_NOTE_SUBMIT_FAIL,
    error,
  };
-}
+};
--- a/app/javascript/mastodon/actions/accounts.js
+++ b/app/javascript/mastodon/actions/accounts.js
@ -91,7 +91,7 @@ export function fetchAccount(id) {
      dispatch(fetchAccountFail(id, error));
    });
  };
-}
+};
 export const lookupAccount = acct => (dispatch, getState) => {
  dispatch(lookupAccountRequest(acct));
@ -126,13 +126,13 @@ export function fetchAccountRequest(id) {
    type: ACCOUNT_FETCH_REQUEST,
    id,
  };
-}
+};
 export function fetchAccountSuccess() {
  return {
    type: ACCOUNT_FETCH_SUCCESS,
  };
-}
+};
 export function fetchAccountFail(id, error) {
  return {
@ -141,7 +141,7 @@ export function fetchAccountFail(id, error) {
    error,
    skipAlert: true,
  };
-}
+};
 export function followAccount(id, options = { reblogs: true }) {
  return (dispatch, getState) => {
@ -156,7 +156,7 @@ export function followAccount(id, options = { reblogs: true }) {
      dispatch(followAccountFail(error, locked));
    });
  };
-}
+};
 export function unfollowAccount(id) {
  return (dispatch, getState) => {
@ -168,7 +168,7 @@ export function unfollowAccount(id) {
      dispatch(unfollowAccountFail(error));
    });
  };
-}
+};
 export function followAccountRequest(id, locked) {
  return {
@ -177,7 +177,7 @@ export function followAccountRequest(id, locked) {
    locked,
    skipLoading: true,
  };
-}
+};
 export function followAccountSuccess(relationship, alreadyFollowing) {
  return {
@ -186,7 +186,7 @@ export function followAccountSuccess(relationship, alreadyFollowing) {
    alreadyFollowing,
    skipLoading: true,
  };
-}
+};
 export function followAccountFail(error, locked) {
  return {
@ -195,7 +195,7 @@ export function followAccountFail(error, locked) {
    locked,
    skipLoading: true,
  };
-}
+};
 export function unfollowAccountRequest(id) {
  return {
@ -203,7 +203,7 @@ export function unfollowAccountRequest(id) {
    id,
    skipLoading: true,
  };
-}
+};
 export function unfollowAccountSuccess(relationship, statuses) {
  return {
@ -212,7 +212,7 @@ export function unfollowAccountSuccess(relationship, statuses) {
    statuses,
    skipLoading: true,
  };
-}
+};
 export function unfollowAccountFail(error) {
  return {
@ -220,7 +220,7 @@ export function unfollowAccountFail(error) {
    error,
    skipLoading: true,
  };
-}
+};
 export function blockAccount(id) {
  return (dispatch, getState) => {
@ -233,7 +233,7 @@ export function blockAccount(id) {
      dispatch(blockAccountFail(id, error));
    });
  };
-}
+};
 export function unblockAccount(id) {
  return (dispatch, getState) => {
@ -245,14 +245,14 @@ export function unblockAccount(id) {
      dispatch(unblockAccountFail(id, error));
    });
  };
-}
+};
 export function blockAccountRequest(id) {
  return {
    type: ACCOUNT_BLOCK_REQUEST,
    id,
  };
-}
+};
 export function blockAccountSuccess(relationship, statuses) {
  return {
@ -260,35 +260,35 @@ export function blockAccountSuccess(relationship, statuses) {
    relationship,
    statuses,
  };
-}
+};
 export function blockAccountFail(error) {
  return {
    type: ACCOUNT_BLOCK_FAIL,
    error,
  };
-}
+};
 export function unblockAccountRequest(id) {
  return {
    type: ACCOUNT_UNBLOCK_REQUEST,
    id,
  };
-}
+};
 export function unblockAccountSuccess(relationship) {
  return {
    type: ACCOUNT_UNBLOCK_SUCCESS,
    relationship,
  };
-}
+};
 export function unblockAccountFail(error) {
  return {
    type: ACCOUNT_UNBLOCK_FAIL,
    error,
  };
-}
+};
 export function muteAccount(id, notifications, duration=0) {
@ -302,7 +302,7 @@ export function muteAccount(id, notifications, duration=0) {
      dispatch(muteAccountFail(id, error));
    });
  };
-}
+};
 export function unmuteAccount(id) {
  return (dispatch, getState) => {
@ -314,14 +314,14 @@ export function unmuteAccount(id) {
      dispatch(unmuteAccountFail(id, error));
    });
  };
-}
+};
 export function muteAccountRequest(id) {
  return {
    type: ACCOUNT_MUTE_REQUEST,
    id,
  };
-}
+};
 export function muteAccountSuccess(relationship, statuses) {
  return {
@ -329,35 +329,35 @@ export function muteAccountSuccess(relationship, statuses) {
    relationship,
    statuses,
  };
-}
+};
 export function muteAccountFail(error) {
  return {
    type: ACCOUNT_MUTE_FAIL,
    error,
  };
-}
+};
 export function unmuteAccountRequest(id) {
  return {
    type: ACCOUNT_UNMUTE_REQUEST,
    id,
  };
-}
+};
 export function unmuteAccountSuccess(relationship) {
  return {
    type: ACCOUNT_UNMUTE_SUCCESS,
    relationship,
  };
-}
+};
 export function unmuteAccountFail(error) {
  return {
    type: ACCOUNT_UNMUTE_FAIL,
    error,
  };
-}
+};
 export function fetchFollowers(id) {
@ -374,14 +374,14 @@ export function fetchFollowers(id) {
      dispatch(fetchFollowersFail(id, error));
    });
  };
-}
+};
 export function fetchFollowersRequest(id) {
  return {
    type: FOLLOWERS_FETCH_REQUEST,
    id,
  };
-}
+};
 export function fetchFollowersSuccess(id, accounts, next) {
  return {
@ -390,7 +390,7 @@ export function fetchFollowersSuccess(id, accounts, next) {
    accounts,
    next,
  };
-}
+};
 export function fetchFollowersFail(id, error) {
  return {
@ -399,7 +399,7 @@ export function fetchFollowersFail(id, error) {
    error,
    skipNotFound: true,
  };
-}
+};
 export function expandFollowers(id) {
  return (dispatch, getState) => {
@ -421,14 +421,14 @@ export function expandFollowers(id) {
      dispatch(expandFollowersFail(id, error));
    });
  };
-}
+};
 export function expandFollowersRequest(id) {
  return {
    type: FOLLOWERS_EXPAND_REQUEST,
    id,
  };
-}
+};
 export function expandFollowersSuccess(id, accounts, next) {
  return {
@ -437,7 +437,7 @@ export function expandFollowersSuccess(id, accounts, next) {
    accounts,
    next,
  };
-}
+};
 export function expandFollowersFail(id, error) {
  return {
@ -445,7 +445,7 @@ export function expandFollowersFail(id, error) {
    id,
    error,
  };
-}
+};
 export function fetchFollowing(id) {
  return (dispatch, getState) => {
@ -461,14 +461,14 @@ export function fetchFollowing(id) {
      dispatch(fetchFollowingFail(id, error));
    });
  };
-}
+};
 export function fetchFollowingRequest(id) {
  return {
    type: FOLLOWING_FETCH_REQUEST,
    id,
  };
-}
+};
 export function fetchFollowingSuccess(id, accounts, next) {
  return {
@ -477,7 +477,7 @@ export function fetchFollowingSuccess(id, accounts, next) {
    accounts,
    next,
  };
-}
+};
 export function fetchFollowingFail(id, error) {
  return {
@ -486,7 +486,7 @@ export function fetchFollowingFail(id, error) {
    error,
    skipNotFound: true,
  };
-}
+};
 export function expandFollowing(id) {
  return (dispatch, getState) => {
@ -508,14 +508,14 @@ export function expandFollowing(id) {
      dispatch(expandFollowingFail(id, error));
    });
  };
-}
+};
 export function expandFollowingRequest(id) {
  return {
    type: FOLLOWING_EXPAND_REQUEST,
    id,
  };
-}
+};
 export function expandFollowingSuccess(id, accounts, next) {
  return {
@ -524,7 +524,7 @@ export function expandFollowingSuccess(id, accounts, next) {
    accounts,
    next,
  };
-}
+};
 export function expandFollowingFail(id, error) {
  return {
@ -532,7 +532,7 @@ export function expandFollowingFail(id, error) {
    id,
    error,
  };
-}
+};
 export function fetchRelationships(accountIds) {
  return (dispatch, getState) => {
@ -553,7 +553,7 @@ export function fetchRelationships(accountIds) {
      dispatch(fetchRelationshipsFail(error));
    });
  };
-}
+};
 export function fetchRelationshipsRequest(ids) {
  return {
@ -561,7 +561,7 @@ export function fetchRelationshipsRequest(ids) {
    ids,
    skipLoading: true,
  };
-}
+};
 export function fetchRelationshipsSuccess(relationships) {
  return {
@ -569,7 +569,7 @@ export function fetchRelationshipsSuccess(relationships) {
    relationships,
    skipLoading: true,
  };
-}
+};
 export function fetchRelationshipsFail(error) {
  return {
@ -578,7 +578,7 @@ export function fetchRelationshipsFail(error) {
    skipLoading: true,
    skipNotFound: true,
  };
-}
+};
 export function fetchFollowRequests() {
  return (dispatch, getState) => {
@ -590,13 +590,13 @@ export function fetchFollowRequests() {
      dispatch(fetchFollowRequestsSuccess(response.data, next ? next.uri : null));
    }).catch(error => dispatch(fetchFollowRequestsFail(error)));
  };
-}
+};
 export function fetchFollowRequestsRequest() {
  return {
    type: FOLLOW_REQUESTS_FETCH_REQUEST,
  };
-}
+};
 export function fetchFollowRequestsSuccess(accounts, next) {
  return {
@ -604,14 +604,14 @@ export function fetchFollowRequestsSuccess(accounts, next) {
    accounts,
    next,
  };
-}
+};
 export function fetchFollowRequestsFail(error) {
  return {
    type: FOLLOW_REQUESTS_FETCH_FAIL,
    error,
  };
-}
+};
 export function expandFollowRequests() {
  return (dispatch, getState) => {
@ -629,13 +629,13 @@ export function expandFollowRequests() {
      dispatch(expandFollowRequestsSuccess(response.data, next ? next.uri : null));
    }).catch(error => dispatch(expandFollowRequestsFail(error)));
  };
-}
+};
 export function expandFollowRequestsRequest() {
  return {
    type: FOLLOW_REQUESTS_EXPAND_REQUEST,
  };
-}
+};
 export function expandFollowRequestsSuccess(accounts, next) {
  return {
@ -643,14 +643,14 @@ export function expandFollowRequestsSuccess(accounts, next) {
    accounts,
    next,
  };
-}
+};
 export function expandFollowRequestsFail(error) {
  return {
    type: FOLLOW_REQUESTS_EXPAND_FAIL,
    error,
  };
-}
+};
 export function authorizeFollowRequest(id) {
  return (dispatch, getState) => {
@ -661,21 +661,21 @@ export function authorizeFollowRequest(id) {
      .then(() => dispatch(authorizeFollowRequestSuccess(id)))
      .catch(error => dispatch(authorizeFollowRequestFail(id, error)));
  };
-}
+};
 export function authorizeFollowRequestRequest(id) {
  return {
    type: FOLLOW_REQUEST_AUTHORIZE_REQUEST,
    id,
  };
-}
+};
 export function authorizeFollowRequestSuccess(id) {
  return {
    type: FOLLOW_REQUEST_AUTHORIZE_SUCCESS,
    id,
  };
-}
+};
 export function authorizeFollowRequestFail(id, error) {
  return {
@ -683,7 +683,7 @@ export function authorizeFollowRequestFail(id, error) {
    id,
    error,
  };
-}
+};
 export function rejectFollowRequest(id) {
@ -695,21 +695,21 @@ export function rejectFollowRequest(id) {
      .then(() => dispatch(rejectFollowRequestSuccess(id)))
      .catch(error => dispatch(rejectFollowRequestFail(id, error)));
  };
-}
+};
 export function rejectFollowRequestRequest(id) {
  return {
    type: FOLLOW_REQUEST_REJECT_REQUEST,
    id,
  };
-}
+};
 export function rejectFollowRequestSuccess(id) {
  return {
    type: FOLLOW_REQUEST_REJECT_SUCCESS,
    id,
  };
-}
+};
 export function rejectFollowRequestFail(id, error) {
  return {
@ -717,7 +717,7 @@ export function rejectFollowRequestFail(id, error) {
    id,
    error,
  };
-}
+};
 export function pinAccount(id) {
  return (dispatch, getState) => {
@ -729,7 +729,7 @@ export function pinAccount(id) {
      dispatch(pinAccountFail(error));
    });
  };
-}
+};
 export function unpinAccount(id) {
  return (dispatch, getState) => {
@ -741,49 +741,49 @@ export function unpinAccount(id) {
      dispatch(unpinAccountFail(error));
    });
  };
-}
+};
 export function pinAccountRequest(id) {
  return {
    type: ACCOUNT_PIN_REQUEST,
    id,
  };
-}
+};
 export function pinAccountSuccess(relationship) {
  return {
    type: ACCOUNT_PIN_SUCCESS,
    relationship,
  };
-}
+};
 export function pinAccountFail(error) {
  return {
    type: ACCOUNT_PIN_FAIL,
    error,
  };
-}
+};
 export function unpinAccountRequest(id) {
  return {
    type: ACCOUNT_UNPIN_REQUEST,
    id,
  };
-}
+};
 export function unpinAccountSuccess(relationship) {
  return {
    type: ACCOUNT_UNPIN_SUCCESS,
    relationship,
  };
-}
+};
 export function unpinAccountFail(error) {
  return {
    type: ACCOUNT_UNPIN_FAIL,
    error,
  };
-}
+};
 export const revealAccount = id => ({
  type: ACCOUNT_REVEAL,
--- a/app/javascript/mastodon/actions/activity_log.js
+++ b/app/javascript/mastodon/actions/activity_log.js
@ -1,11 +0,0 @@
 export const ACTIVITY_LOG_RESET ='ACTIVITY_LOG_RESET';
 export const ACTIVITY_LOG_ADD = 'ACTIVITY_LOG_ADD';
 export const resetActivityLog = () => ({
  type: ACTIVITY_LOG_RESET,
 });
 export const addActivityLog = value => ({
  type: ACTIVITY_LOG_ADD,
  value,
 });
--- a/app/javascript/mastodon/actions/activitypub_explorer.js
+++ b/app/javascript/mastodon/actions/activitypub_explorer.js
@ -1,12 +0,0 @@
 export const ACTIVITYPUB_EXPLORER_DATA ='ACTIVITYPUB_EXPLORER_DATA';
 export const ACTIVITYPUB_EXPLORER_URL ='ACTIVITYPUB_EXPLORER_URL';
 export const setExplorerData = (value) => ({
  type: ACTIVITYPUB_EXPLORER_DATA,
  value,
 });
 export const setExplorerUrl = (value) => ({
  type: ACTIVITYPUB_EXPLORER_URL,
  value,
 });
--- a/Show more
+++ b/Show more
Author	SHA1	Message	Date
dependabot[bot]	1557b51232	Bump doorkeeper from 5.6.0 to 5.6.2 Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.6.0 to 5.6.2. - [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases) - [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/main/CHANGELOG.md) - [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.6.0...v5.6.2) --- updated-dependencies: - dependency-name: doorkeeper dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-01-14 19:57:06 +00:00
Sebastian Jambor	ac398426fc	some rewording of signup message	2023-01-14 18:28:37 +01:00
Sebastian Jambor	e02602e445	change email confirmation flash to not mention email	2023-01-14 18:10:13 +01:00
Sebastian Jambor	ac32e5ec1d	remove email and password section from account preferences	2023-01-14 18:00:30 +01:00
Sebastian Jambor	8d3ceafe34	allow account redirect without specifying password	2023-01-14 17:56:43 +01:00
Sebastian Jambor	58d83a8cb1	add description to activity log page	2023-01-14 17:19:37 +01:00
Sebastian Jambor	240160f877	fix issue in activity logger	2023-01-14 17:12:20 +01:00
Sebastian Jambor	a622b0b947	add hotkey to go to activity log, and hotkey to copy logs	2023-01-13 17:59:12 +01:00
Sebastian Jambor	f727ee6a45	increase number of syllables for last name	2023-01-13 17:37:34 +01:00
Sebastian Jambor	25008e0555	scheduler to delete old accounts	2023-01-13 16:49:12 +01:00
Sebastian Jambor	995c69a45b	allow multiple clients for the same id	2023-01-12 19:48:04 +01:00
Sebastian Jambor	291027c1c3	first explanation on sign-up page	2023-01-10 18:50:16 +01:00
Sebastian Jambor	a84f182cf4	allow shorter time for sign up	2023-01-10 18:49:59 +01:00
Sebastian Jambor	12abf5e142	redirect to sign-up after logging out	2023-01-10 18:49:43 +01:00
Sebastian Jambor	638c1ed7d8	when not logged in, / redirects to sign-up; when logged-in, / redirects to activity_log	2023-01-10 15:23:33 +01:00
Sebastian Jambor	e90505cfdf	use resdis configuration for activity log	2023-01-09 21:46:58 +01:00
Sebastian Jambor	d73bf5770d	one-click sign-up with autogenerated usernames	2023-01-09 21:25:59 +01:00
Sebastian Jambor	fd92599890	use public package	2023-01-09 14:48:03 +01:00
Sebastian Jambor	5560887862	filter keep-alives	2023-01-09 14:48:03 +01:00
Sebastian Jambor	426e096a9b	fix timestamp	2023-01-09 14:48:03 +01:00
Sebastian Jambor	9785c2849a	integrate audience helper	2023-01-09 14:48:03 +01:00
Sebastian Jambor	57617faa27	handle duplicates	2023-01-09 14:48:03 +01:00
Sebastian Jambor	d5408766cc	handle followers	2023-01-09 14:48:03 +01:00
Sebastian Jambor	7a30154bc5	handle audicence fields	2023-01-09 14:48:03 +01:00
Sebastian Jambor	f1ee1eadd9	extending functionality of audience helper	2023-01-09 14:48:03 +01:00
Sebastian Jambor	e884c39a03	fix keep-alive	2023-01-09 14:48:03 +01:00
Sebastian Jambor	f643515fdd	starting a test for audience helper	2023-01-09 14:48:03 +01:00
Sebastian Jambor	078688149a	remove mode settings	2023-01-09 14:48:03 +01:00
Sebastian Jambor	f94db7a54f	convert to hooks	2023-01-09 14:48:03 +01:00
Sebastian Jambor	cb83422a8a	extract dummy data	2023-01-09 14:48:03 +01:00
Sebastian Jambor	7a0e5c9900	starting column header	2023-01-09 14:48:03 +01:00
Sebastian Jambor	14570da001	some cleanup	2023-01-09 14:48:03 +01:00
Sebastian Jambor	0a479aa734	add link to main column	2023-01-09 14:48:03 +01:00
Sebastian Jambor	b9df613b31	enable dark mode	2023-01-09 14:48:03 +01:00
Sebastian Jambor	faf7925ce0	use external library	2023-01-09 14:48:03 +01:00
Sebastian Jambor	bfd9f4938d	add timestamps	2023-01-09 14:48:03 +01:00
Sebastian Jambor	4a01c00ef2	starting with some styling	2023-01-09 14:48:03 +01:00
Sebastian Jambor	12c4213ecf	removing debug output	2023-01-09 14:48:03 +01:00
Sebastian Jambor	3f4a72e7f3	log outbound events as well	2023-01-09 14:48:03 +01:00
Sebastian Jambor	a414adc582	showing inbound activities in frontend via redis pub/sub	2023-01-09 14:48:03 +01:00
Sebastian Jambor	313af50864	prototyping server sent events	2023-01-09 14:48:02 +01:00
Sebastian Jambor	3142c2b31a	adding activity log page	2023-01-09 14:48:02 +01:00
Sebastian Jambor	e35b438f06	log activity pub messages to error log	2023-01-09 14:48:02 +01:00
`@ -1,2 +1,2 @@`
	<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="79" height="79" viewBox="0 0 79 75"><symbol id="logo-symbol-icon"><path d="M74.7135 16.6043C73.6199 8.54587 66.5351 2.19527 58.1366 0.964691C56.7196 0.756754 51.351 0 38.9148 0H38.822C26.3824 0 23.7135 0.756754 22.2966 0.964691C14.1319 2.16118 6.67571 7.86752 4.86669 16.0214C3.99657 20.0369 3.90371 24.4888 4.06535 28.5726C4.29578 34.4289 4.34049 40.275 4.877 46.1075C5.24791 49.9817 5.89495 53.8251 6.81328 57.6088C8.53288 64.5968 15.4938 70.4122 22.3138 72.7848C29.6155 75.259 37.468 75.6697 44.9919 73.971C45.8196 73.7801 46.6381 73.5586 47.4475 73.3063C49.2737 72.7302 51.4164 72.086 52.9915 70.9542C53.0131 70.9384 53.0308 70.9178 53.0433 70.8942C53.0558 70.8706 53.0628 70.8445 53.0637 70.8179V65.1661C53.0634 65.1412 53.0574 65.1167 53.0462 65.0944C53.035 65.0721 53.0189 65.0525 52.9992 65.0371C52.9794 65.0218 52.9564 65.011 52.9318 65.0056C52.9073 65.0002 52.8819 65.0003 52.8574 65.0059C48.0369 66.1472 43.0971 66.7193 38.141 66.7103C29.6118 66.7103 27.3178 62.6981 26.6609 61.0278C26.1329 59.5842 25.7976 58.0784 25.6636 56.5486C25.6622 56.5229 25.667 56.4973 25.6775 56.4738C25.688 56.4502 25.7039 56.4295 25.724 56.4132C25.7441 56.397 25.7678 56.3856 25.7931 56.3801C25.8185 56.3746 25.8448 56.3751 25.8699 56.3816C30.6101 57.5151 35.4693 58.0873 40.3455 58.086C41.5183 58.086 42.6876 58.086 43.8604 58.0553C48.7647 57.919 53.9339 57.6701 58.7591 56.7361C58.8794 56.7123 58.9998 56.6918 59.103 56.6611C66.7139 55.2124 73.9569 50.665 74.6929 39.1501C74.7204 38.6967 74.7892 34.4016 74.7892 33.9312C74.7926 32.3325 75.3085 22.5901 74.7135 16.6043ZM62.9996 45.3371H54.9966V25.9069C54.9966 21.8163 53.277 19.7302 49.7793 19.7302C45.9343 19.7302 44.0083 22.1981 44.0083 27.0727V37.7082H36.0534V27.0727C36.0534 22.1981 34.124 19.7302 30.279 19.7302C26.8019 19.7302 25.0651 21.8163 25.0617 25.9069V45.3371H17.0656V25.3172C17.0656 21.2266 18.1191 17.9769 20.2262 15.568C22.3998 13.1648 25.2509 11.9308 28.7898 11.9308C32.8859 11.9308 35.9812 13.492 38.0447 16.6111L40.036 19.9245L42.0308 16.6111C44.0943 13.492 47.1896 11.9308 51.2788 11.9308C54.8143 11.9308 57.6654 13.1648 59.8459 15.568C61.9529 17.9746 63.0065 21.2243 63.0065 25.3172L62.9996 45.3371Z" fill="currentColor"/></symbol><use xlink:href="#logo-symbol-icon"/></svg>	<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="79" height="79" viewBox="0 0 79 75"><symbol id="logo-symbol-icon"><path d="M74.7135 16.6043C73.6199 8.54587 66.5351 2.19527 58.1366 0.964691C56.7196 0.756754 51.351 0 38.9148 0H38.822C26.3824 0 23.7135 0.756754 22.2966 0.964691C14.1319 2.16118 6.67571 7.86752 4.86669 16.0214C3.99657 20.0369 3.90371 24.4888 4.06535 28.5726C4.29578 34.4289 4.34049 40.275 4.877 46.1075C5.24791 49.9817 5.89495 53.8251 6.81328 57.6088C8.53288 64.5968 15.4938 70.4122 22.3138 72.7848C29.6155 75.259 37.468 75.6697 44.9919 73.971C45.8196 73.7801 46.6381 73.5586 47.4475 73.3063C49.2737 72.7302 51.4164 72.086 52.9915 70.9542C53.0131 70.9384 53.0308 70.9178 53.0433 70.8942C53.0558 70.8706 53.0628 70.8445 53.0637 70.8179V65.1661C53.0634 65.1412 53.0574 65.1167 53.0462 65.0944C53.035 65.0721 53.0189 65.0525 52.9992 65.0371C52.9794 65.0218 52.9564 65.011 52.9318 65.0056C52.9073 65.0002 52.8819 65.0003 52.8574 65.0059C48.0369 66.1472 43.0971 66.7193 38.141 66.7103C29.6118 66.7103 27.3178 62.6981 26.6609 61.0278C26.1329 59.5842 25.7976 58.0784 25.6636 56.5486C25.6622 56.5229 25.667 56.4973 25.6775 56.4738C25.688 56.4502 25.7039 56.4295 25.724 56.4132C25.7441 56.397 25.7678 56.3856 25.7931 56.3801C25.8185 56.3746 25.8448 56.3751 25.8699 56.3816C30.6101 57.5151 35.4693 58.0873 40.3455 58.086C41.5183 58.086 42.6876 58.086 43.8604 58.0553C48.7647 57.919 53.9339 57.6701 58.7591 56.7361C58.8794 56.7123 58.9998 56.6918 59.103 56.6611C66.7139 55.2124 73.9569 50.665 74.6929 39.1501C74.7204 38.6967 74.7892 34.4016 74.7892 33.9312C74.7926 32.3325 75.3085 22.5901 74.7135 16.6043ZM62.9996 45.3371H54.9966V25.9069C54.9966 21.8163 53.277 19.7302 49.7793 19.7302C45.9343 19.7302 44.0083 22.1981 44.0083 27.0727V37.7082H36.0534V27.0727C36.0534 22.1981 34.124 19.7302 30.279 19.7302C26.8019 19.7302 25.0651 21.8163 25.0617 25.9069V45.3371H17.0656V25.3172C17.0656 21.2266 18.1191 17.9769 20.2262 15.568C22.3998 13.1648 25.2509 11.9308 28.7898 11.9308C32.8859 11.9308 35.9812 13.492 38.0447 16.6111L40.036 19.9245L42.0308 16.6111C44.0943 13.492 47.1896 11.9308 51.2788 11.9308C54.8143 11.9308 57.6654 13.1648 59.8459 15.568C61.9529 17.9746 63.0065 21.2243 63.0065 25.3172L62.9996 45.3371Z" fill="currentColor"/></symbol><use xlink:href="#logo-symbol-icon" style="color:#fff" /></svg>