Merge branch 'feature_disable_reply_counts' into cybrespace

and produces cleaner output

.babelrc

@@ -0,0 +1,66 @@
+{
+  "presets": [
+    "react",
+    [
+      "env",
+      {
+        "exclude": ["transform-async-to-generator", "transform-regenerator"],
+        "loose": true,
+        "modules": false,
+        "targets": {
+          "browsers": ["last 2 versions", "IE >= 11", "iOS >= 9"]
+        }
+      }
+    ]
+  ],
+  "plugins": [
+    "syntax-dynamic-import",
+    ["transform-object-rest-spread", { "useBuiltIns": true }],
+    "transform-decorators-legacy",
+    "transform-class-properties",
+    [
+      "react-intl",
+      {
+        "messagesDir": "./build/messages"
+      }
+    ],
+    "preval"
+  ],
+  "env": {
+    "development": {
+      "plugins": [
+        "transform-react-jsx-source",
+        "transform-react-jsx-self"
+      ]
+    },
+    "production": {
+      "plugins": [
+        "lodash",
+        [
+          "transform-react-remove-prop-types",
+          {
+            "mode": "remove",
+            "removeImport": true,
+            "additionalLibraries": [
+              "react-immutable-proptypes"
+            ]
+          }
+        ],
+        "transform-react-inline-elements",
+        [
+          "transform-runtime",
+          {
+            "helpers": true,
+            "polyfill": false,
+            "regenerator": false
+          }
+        ]
+      ]
+    },
+    "test": {
+      "plugins": [
+        "transform-es2015-modules-commonjs"
+      ]
+    }
+  }
+}

.circleci/config.yml

@@ -3,7 +3,7 @@ version: 2
 aliases:
   - &defaults
     docker:
-      - image: circleci/ruby:2.6-stretch-node
+      - image: circleci/ruby:2.5.1-stretch-node
         environment: &ruby_environment
           BUNDLE_APP_CONFIG: ./.bundle/
           DB_HOST: localhost
@@ -13,9 +13,6 @@ aliases:
           ALLOW_NOPAM: true
           CONTINUOUS_INTEGRATION: true
           DISABLE_SIMPLECOV: true
-          PAM_ENABLED: true
-          PAM_DEFAULT_SERVICE: pam_test
-          PAM_CONTROLLED_SERVICE: pam_test_controlled
     working_directory: ~/projects/mastodon/
 
   - &attach_workspace
@@ -98,21 +95,21 @@ jobs:
     <<: *defaults
     <<: *install_steps
 
-  install-ruby2.6:
-    <<: *defaults
-    <<: *install_ruby_dependencies
-
   install-ruby2.5:
     <<: *defaults
-    docker:
-      - image: circleci/ruby:2.5-stretch-node
-        environment: *ruby_environment
     <<: *install_ruby_dependencies
 
   install-ruby2.4:
     <<: *defaults
     docker:
-      - image: circleci/ruby:2.4-stretch-node
+      - image: circleci/ruby:2.4.4-stretch-node
+        environment: *ruby_environment
+    <<: *install_ruby_dependencies
+
+  install-ruby2.3:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.3.7-stretch-node
         environment: *ruby_environment
     <<: *install_ruby_dependencies
 
@@ -128,43 +125,43 @@ jobs:
               - ./mastodon/public/assets
               - ./mastodon/public/packs-test/
 
-  test-ruby2.6:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.6-stretch-node
-        environment: *ruby_environment
-      - image: circleci/postgres:10.6-alpine
-        environment:
-          POSTGRES_USER: root
-      - image: circleci/redis:5-alpine
-    <<: *test_steps
-
   test-ruby2.5:
     <<: *defaults
     docker:
-      - image: circleci/ruby:2.5-stretch-node
+      - image: circleci/ruby:2.5.1-stretch-node
         environment: *ruby_environment
-      - image: circleci/postgres:10.6-alpine
+      - image: circleci/postgres:10.3-alpine
         environment:
           POSTGRES_USER: root
-      - image: circleci/redis:5-alpine
+      - image: circleci/redis:4.0.9-alpine
     <<: *test_steps
 
   test-ruby2.4:
     <<: *defaults
     docker:
-      - image: circleci/ruby:2.4-stretch-node
+      - image: circleci/ruby:2.4.4-stretch-node
         environment: *ruby_environment
-      - image: circleci/postgres:10.6-alpine
+      - image: circleci/postgres:10.3-alpine
         environment:
           POSTGRES_USER: root
-      - image: circleci/redis:5-alpine
+      - image: circleci/redis:4.0.9-alpine
+    <<: *test_steps
+
+  test-ruby2.3:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.3.7-stretch-node
+        environment: *ruby_environment
+      - image: circleci/postgres:10.3-alpine
+        environment:
+          POSTGRES_USER: root
+      - image: circleci/redis:4.0.9-alpine
     <<: *test_steps
 
   test-webui:
     <<: *defaults
     docker:
-      - image: circleci/node:12.9-stretch
+      - image: circleci/node:8.11.1-stretch
     steps:
       - *attach_workspace
       - run: ./bin/retry yarn test:jest
@@ -173,35 +170,28 @@ jobs:
     <<: *defaults
     steps:
       - *attach_workspace
-      - *install_system_dependencies
       - run: bundle exec i18n-tasks check-normalized
-      - run: bundle exec i18n-tasks unused -l en
-      - run: bundle exec i18n-tasks check-consistent-interpolations
-      - run: bundle exec rake repo:check_locales_files
+      - run: bundle exec i18n-tasks unused
 
 workflows:
   version: 2
   build-and-test:
     jobs:
       - install
-      - install-ruby2.6:
-          requires:
-            - install
       - install-ruby2.5:
           requires:
             - install
-            - install-ruby2.6
       - install-ruby2.4:
           requires:
             - install
-            - install-ruby2.6
+            - install-ruby2.5
+      - install-ruby2.3:
+          requires:
+            - install
+            - install-ruby2.5
       - build:
           requires:
-            - install-ruby2.6
-      - test-ruby2.6:
-          requires:
-            - install-ruby2.6
-            - build
+            - install-ruby2.5
       - test-ruby2.5:
           requires:
             - install-ruby2.5
@@ -210,9 +200,13 @@ workflows:
           requires:
             - install-ruby2.4
             - build
+      - test-ruby2.3:
+          requires:
+            - install-ruby2.3
+            - build
       - test-webui:
           requires:
             - install
       - check-i18n:
           requires:
-            - install-ruby2.6
+            - install-ruby2.5

.codeclimate.yml

@@ -27,11 +27,11 @@ plugins:
     enabled: true
   eslint:
     enabled: true
-    channel: eslint-5
+    channel: eslint-4
   rubocop:
     enabled: true
-    channel: rubocop-0-71
-  sass-lint:
+    channel: rubocop-0-54
+  scss-lint:
     enabled: true
 exclude_patterns:
 - spec/

.dependabot/config.yml

@@ -1,10 +0,0 @@
-version: 1
-
-update_configs:
-  - package_manager: "ruby:bundler"
-    directory: "/"
-    update_schedule: "weekly"
-
-  - package_manager: "javascript"
-    directory: "/"
-    update_schedule: "weekly"

.env.nanobox

@@ -11,14 +11,24 @@ DB_NAME=gonano
 DB_PASS=$DATA_DB_PASS
 DB_PORT=5432
 
-# DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano
+DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano
 
 # Optional ElasticSearch configuration
 ES_ENABLED=true
 ES_HOST=$DATA_ELASTIC_HOST
 ES_PORT=9200
 
-BIND=0.0.0.0
+# Optimizations
+LD_PRELOAD=/data/lib/libjemalloc.so
+
+# ImageMagick optimizations
+MAGICK_TEMPORARY_PATH=/app/tmp
+MAGICK_MEMORY_LIMIT=128MiB
+MAGICK_MAP_LIMIT=64MiB
+MAGICK_TIME_LIMIT=15
+MAGICK_AREA_LIMIT=16MP
+MAGICK_WIDTH_LIMIT=8KP
+MAGICK_HEIGHT_LIMIT=8KP
 
 # Federation
 # Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
@@ -74,7 +84,6 @@ SMTP_PORT=587
 SMTP_LOGIN=$SMTP_LOGIN
 SMTP_PASSWORD=$SMTP_PASSWORD
 SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
-#SMTP_REPLY_TO=
 #SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
 #SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
 #SMTP_AUTH_METHOD=plain
@@ -88,17 +97,9 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 # PAPERCLIP_ROOT_URL=/system
 
 # Optional asset host for multi-server setups
-# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
-# if WEB_DOMAIN is not set. For example, the server may have the
-# following header field:
-# Access-Control-Allow-Origin: https://example.com/
 # CDN_HOST=https://assets.example.com
 
 # S3 (optional)
-# The attachment host must allow cross origin request from WEB_DOMAIN or
-# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
-# following header field:
-# Access-Control-Allow-Origin: https://192.168.1.123:9000/
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
@@ -108,8 +109,6 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 # S3_HOSTNAME=192.168.1.123:9000
 
 # S3 (Minio Config (optional) Please check Minio instance for details)
-# The attachment host must allow cross origin request - see the description
-# above.
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
@@ -120,30 +119,12 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 # S3_ENDPOINT=
 # S3_SIGNATURE_VERSION=
 
-# Google Cloud Storage (optional)
-# Use S3 compatible API. Since GCS does not support Multipart Upload,
-# increase the value of S3_MULTIPART_THRESHOLD to disable Multipart Upload.
-# The attachment host must allow cross origin request - see the description
-# above.
-# S3_ENABLED=true
-# AWS_ACCESS_KEY_ID=
-# AWS_SECRET_ACCESS_KEY=
-# S3_REGION=
-# S3_PROTOCOL=https
-# S3_HOSTNAME=storage.googleapis.com
-# S3_ENDPOINT=https://storage.googleapis.com
-# S3_MULTIPART_THRESHOLD=52428801 # 50.megabytes
-
 # Swift (optional)
-# The attachment host must allow cross origin request - see the description
-# above.
 # SWIFT_ENABLED=true
 # SWIFT_USERNAME=
 # For Keystone V3, the value for SWIFT_TENANT should be the project name
 # SWIFT_TENANT=
 # SWIFT_PASSWORD=
-# Some OpenStack V3 providers require PROJECT_ID (optional)
-# SWIFT_PROJECT_ID=
 # Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
 # issues with token rate-limiting during high load.
 # SWIFT_AUTH_URL=
@@ -190,8 +171,8 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 # The pam environment variable "email" is provided by:
 # https://github.com/devkral/pam_email_extractor
 # PAM_ENABLED=true
-# Fallback email domain for email address generation (LOCAL_DOMAIN by default)
-# PAM_EMAIL_DOMAIN=example.com
+# Fallback Suffix for email address generation (nil by default)
+# PAM_DEFAULT_SUFFIX=pam
 # Name of the pam service (pam "auth" section is evaluated)
 # PAM_DEFAULT_SERVICE=rpam
 # Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
@@ -239,14 +220,7 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 # SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
 # SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
 # SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
-# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
-# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42"
-# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4"
+# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.5.4.42"
 # SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
-
-# Use HTTP proxy for outgoing request (optional)
-# http_proxy=http://gateway.local:8118
-# Access control for hidden service.
-# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true

.env.production.sample

@@ -10,7 +10,6 @@ DB_NAME=postgres
 DB_PASS=
 DB_PORT=5432
 # Optional ElasticSearch configuration
-# You may also set ES_PREFIX to share the same cluster between multiple Mastodon servers (falls back to REDIS_NAMESPACE if not set)
 # ES_ENABLED=true
 # ES_HOST=es
 # ES_PORT=9200
@@ -69,7 +68,6 @@ SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
 SMTP_FROM_ADDRESS=notifications@example.com
-#SMTP_REPLY_TO=
 #SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
 #SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
 #SMTP_AUTH_METHOD=plain
@@ -115,20 +113,6 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # S3_ENDPOINT=
 # S3_SIGNATURE_VERSION=
 
-# Google Cloud Storage (optional)
-# Use S3 compatible API. Since GCS does not support Multipart Upload,
-# increase the value of S3_MULTIPART_THRESHOLD to disable Multipart Upload.
-# The attachment host must allow cross origin request - see the description
-# above.
-# S3_ENABLED=true
-# AWS_ACCESS_KEY_ID=
-# AWS_SECRET_ACCESS_KEY=
-# S3_REGION=
-# S3_PROTOCOL=https
-# S3_HOSTNAME=storage.googleapis.com
-# S3_ENDPOINT=https://storage.googleapis.com
-# S3_MULTIPART_THRESHOLD=52428801 # 50.megabytes
-
 # Swift (optional)
 # The attachment host must allow cross origin request - see the description
 # above.
@@ -178,7 +162,7 @@ STREAMING_CLUSTER_NUM=1
 # LDAP_BIND_DN=
 # LDAP_PASSWORD=
 # LDAP_UID=cn
-# LDAP_SEARCH_FILTER=%{uid}=%{email}
+# LDAP_SEARCH_FILTER="%{uid}=%{email}"
 
 # PAM authentication (optional)
 # PAM authentication uses for the email generation the "email" pam variable

.env.test

@@ -3,3 +3,7 @@ NODE_ENV=test
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
+# test pam authentication
+PAM_ENABLED=true
+PAM_DEFAULT_SERVICE=pam_test
+PAM_CONTROLLED_SERVICE=pam_test_controlled

.env.vagrant

@@ -1,2 +1,2 @@
 VAGRANT=true
-LOCAL_DOMAIN=mastodon.local
+LOCAL_DOMAIN=mastodon.dev

.eslintignore

@@ -1,13 +1,30 @@
-/build/**
-/coverage/**
-/db/**
-/lib/**
-/log/**
-/node_modules/**
-/nonobox/**
-/public/**
-!/public/embed.js
-/spec/**
-/tmp/**
-/vendor/**
-!.eslintrc.js
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-journal
+
+# Ignore all logfiles and tempfiles.
+/log/*
+!/log/.keep
+/tmp
+coverage
+public/system
+public/assets
+.env
+.env.production
+node_modules/
+neo4j/
+
+# Ignore Vagrant files
+.vagrant/
+
+# Ignore Capistrano customizations
+config/deploy/*

.eslintrc.js

@@ -1,204 +0,0 @@
-module.exports = {
-  root: true,
-
-  env: {
-    browser: true,
-    node: true,
-    es6: true,
-    jest: true,
-  },
-
-  globals: {
-    ATTACHMENT_HOST: false,
-  },
-
-  parser: 'babel-eslint',
-
-  plugins: [
-    'react',
-    'jsx-a11y',
-    'import',
-    'promise',
-  ],
-
-  parserOptions: {
-    sourceType: 'module',
-    ecmaFeatures: {
-      experimentalObjectRestSpread: true,
-      jsx: true,
-    },
-    ecmaVersion: 2018,
-  },
-
-  settings: {
-    react: {
-      version: 'detect',
-    },
-    'import/extensions': [
-      '.js',
-    ],
-    'import/ignore': [
-      'node_modules',
-      '\\.(css|scss|json)$',
-    ],
-    'import/resolver': {
-      node: {
-        paths: ['app/javascript'],
-      },
-    },
-  },
-
-  rules: {
-    'brace-style': 'warn',
-    'comma-dangle': ['error', 'always-multiline'],
-    'comma-spacing': [
-      'warn',
-      {
-        before: false,
-        after: true,
-      },
-    ],
-    'comma-style': ['warn', 'last'],
-    'consistent-return': 'error',
-    'dot-notation': 'error',
-    eqeqeq: 'error',
-    indent: ['warn', 2],
-    'jsx-quotes': ['error', 'prefer-single'],
-    'no-catch-shadow': 'error',
-    'no-cond-assign': 'error',
-    'no-console': [
-      'warn',
-      {
-        allow: [
-          'error',
-          'warn',
-        ],
-      },
-    ],
-    'no-fallthrough': 'error',
-    'no-irregular-whitespace': 'error',
-    'no-mixed-spaces-and-tabs': 'warn',
-    'no-nested-ternary': 'warn',
-    'no-trailing-spaces': 'warn',
-    'no-undef': 'error',
-    'no-unreachable': 'error',
-    'no-unused-expressions': 'error',
-    'no-unused-vars': [
-      'error',
-      {
-        vars: 'all',
-        args: 'after-used',
-        ignoreRestSiblings: true,
-      },
-    ],
-    'object-curly-spacing': ['error', 'always'],
-    'padded-blocks': [
-      'error',
-      {
-        classes: 'always',
-      },
-    ],
-    quotes: ['error', 'single'],
-    semi: 'error',
-    strict: 'off',
-    'valid-typeof': 'error',
-
-    'react/jsx-boolean-value': 'error',
-    'react/jsx-closing-bracket-location': ['error', 'line-aligned'],
-    'react/jsx-curly-spacing': 'error',
-    'react/jsx-equals-spacing': 'error',
-    'react/jsx-first-prop-new-line': ['error', 'multiline-multiprop'],
-    'react/jsx-indent': ['error', 2],
-    'react/jsx-no-bind': 'error',
-    'react/jsx-no-duplicate-props': 'error',
-    'react/jsx-no-undef': 'error',
-    'react/jsx-tag-spacing': 'error',
-    'react/jsx-uses-react': 'error',
-    'react/jsx-uses-vars': 'error',
-    'react/jsx-wrap-multilines': 'error',
-    'react/no-multi-comp': 'off',
-    'react/no-string-refs': 'error',
-    'react/prop-types': 'error',
-    'react/self-closing-comp': 'error',
-
-    'jsx-a11y/accessible-emoji': 'warn',
-    'jsx-a11y/alt-text': 'warn',
-    'jsx-a11y/anchor-has-content': 'warn',
-    'jsx-a11y/anchor-is-valid': [
-      'warn',
-      {
-        components: [
-          'Link',
-          'NavLink',
-        ],
-        specialLink: [
-          'to',
-        ],
-        aspect: [
-          'noHref',
-          'invalidHref',
-          'preferButton',
-        ],
-      },
-    ],
-    'jsx-a11y/aria-activedescendant-has-tabindex': 'warn',
-    'jsx-a11y/aria-props': 'warn',
-    'jsx-a11y/aria-proptypes': 'warn',
-    'jsx-a11y/aria-role': 'warn',
-    'jsx-a11y/aria-unsupported-elements': 'warn',
-    'jsx-a11y/heading-has-content': 'warn',
-    'jsx-a11y/html-has-lang': 'warn',
-    'jsx-a11y/iframe-has-title': 'warn',
-    'jsx-a11y/img-redundant-alt': 'warn',
-    'jsx-a11y/interactive-supports-focus': 'warn',
-    'jsx-a11y/label-has-for': 'off',
-    'jsx-a11y/mouse-events-have-key-events': 'warn',
-    'jsx-a11y/no-access-key': 'warn',
-    'jsx-a11y/no-distracting-elements': 'warn',
-    'jsx-a11y/no-noninteractive-element-interactions': [
-      'warn',
-      {
-        handlers: [
-          'onClick',
-        ],
-      },
-    ],
-    'jsx-a11y/no-onchange': 'warn',
-    'jsx-a11y/no-redundant-roles': 'warn',
-    'jsx-a11y/no-static-element-interactions': [
-      'warn',
-      {
-        handlers: [
-          'onClick',
-        ],
-      },
-    ],
-    'jsx-a11y/role-has-required-aria-props': 'warn',
-    'jsx-a11y/role-supports-aria-props': 'off',
-    'jsx-a11y/scope': 'warn',
-    'jsx-a11y/tabindex-no-positive': 'warn',
-
-    'import/extensions': [
-      'error',
-      'always',
-      {
-        js: 'never',
-      },
-    ],
-    'import/newline-after-import': 'error',
-    'import/no-extraneous-dependencies': [
-      'error',
-      {
-        devDependencies: [
-          'config/webpack/**',
-          'app/javascript/mastodon/test_setup.js',
-          'app/javascript/**/__tests__/**',
-        ],
-      },
-    ],
-    'import/no-unresolved': 'error',
-    'import/no-webpack-loader-syntax': 'error',
-
-    'promise/catch-or-return': 'error',
-  },
-};

.eslintrc.yml

@@ -0,0 +1,170 @@
+---
+root: true
+
+env:
+  browser: true
+  node: true
+  es6: true
+  jest: true
+
+globals:
+  ATTACHMENT_HOST: false
+
+parser: babel-eslint
+
+plugins:
+- react
+- jsx-a11y
+- import
+- promise
+
+parserOptions:
+  sourceType: module
+  ecmaFeatures:
+    experimentalObjectRestSpread: true
+    jsx: true
+  ecmaVersion: 2018
+
+settings:
+  import/extensions:
+  - .js
+  import/ignore:
+  - node_modules
+  - \\.(css|scss|json)$
+
+rules:
+  brace-style: warn
+  comma-dangle:
+  - error
+  - always-multiline
+  comma-spacing:
+  - warn
+  - before: false
+    after: true
+  comma-style:
+  - warn
+  - last
+  consistent-return: error
+  dot-notation: error
+  eqeqeq: error
+  indent:
+  - warn
+  - 2
+  jsx-quotes:
+  - error
+  - prefer-single
+  no-catch-shadow: error
+  no-cond-assign: error
+  no-console:
+  - warn
+  - allow:
+    - error
+    - warn
+  no-fallthrough: error
+  no-irregular-whitespace: error
+  no-mixed-spaces-and-tabs: warn
+  no-nested-ternary: warn
+  no-trailing-spaces: warn
+  no-undef: error
+  no-unreachable: error
+  no-unused-expressions: error
+  no-unused-vars:
+  - error
+  - vars: all
+    args: after-used
+    ignoreRestSiblings: true
+  object-curly-spacing:
+  - error
+  - always
+  padded-blocks:
+  - error
+  - classes: always
+  quotes:
+  - error
+  - single
+  semi: error
+  strict: off
+  valid-typeof: error
+
+  react/jsx-boolean-value: error
+  react/jsx-closing-bracket-location:
+  - error
+  - line-aligned
+  react/jsx-curly-spacing: error
+  react/jsx-equals-spacing: error
+  react/jsx-first-prop-new-line:
+  - error
+  - multiline-multiprop
+  react/jsx-indent:
+  - error
+  - 2
+  react/jsx-no-bind: error
+  react/jsx-no-duplicate-props: error
+  react/jsx-no-undef: error
+  react/jsx-tag-spacing: error
+  react/jsx-uses-react: error
+  react/jsx-uses-vars: error
+  react/jsx-wrap-multilines: error
+  react/no-multi-comp: off
+  react/no-string-refs: error
+  react/prop-types: error
+  react/self-closing-comp: error
+
+  jsx-a11y/accessible-emoji: warn
+  jsx-a11y/alt-text: warn
+  jsx-a11y/anchor-has-content: warn
+  jsx-a11y/anchor-is-valid:
+  - warn
+  - components:
+    - Link
+    - NavLink
+    specialLink:
+    - to
+    aspect:
+    - noHref
+    - invalidHref
+    - preferButton
+  jsx-a11y/aria-activedescendant-has-tabindex: warn
+  jsx-a11y/aria-props: warn
+  jsx-a11y/aria-proptypes: warn
+  jsx-a11y/aria-role: warn
+  jsx-a11y/aria-unsupported-elements: warn
+  jsx-a11y/heading-has-content: warn
+  jsx-a11y/html-has-lang: warn
+  jsx-a11y/iframe-has-title: warn
+  jsx-a11y/img-redundant-alt: warn
+  jsx-a11y/interactive-supports-focus: warn
+  jsx-a11y/label-has-for: off
+  jsx-a11y/mouse-events-have-key-events: warn
+  jsx-a11y/no-access-key: warn
+  jsx-a11y/no-distracting-elements: warn
+  jsx-a11y/no-noninteractive-element-interactions:
+  - warn
+  - handlers:
+    - onClick
+  jsx-a11y/no-onchange: warn
+  jsx-a11y/no-redundant-roles: warn
+  jsx-a11y/no-static-element-interactions:
+  - warn
+  - handlers:
+    - onClick
+  jsx-a11y/role-has-required-aria-props: warn
+  jsx-a11y/role-supports-aria-props: off
+  jsx-a11y/scope: warn
+  jsx-a11y/tabindex-no-positive: warn
+
+  import/extensions:
+  - error
+  - always
+  - js: never
+  import/newline-after-import: error
+  import/no-extraneous-dependencies:
+  - error
+  - devDependencies:
+    - "config/webpack/**"
+    - "app/javascript/mastodon/test_setup.js"
+    - "app/javascript/**/__tests__/**"
+  import/no-unresolved: error
+  import/no-webpack-loader-syntax: error
+
+  promise/catch-or-return: error

.github/FUNDING.yml

@@ -1,2 +0,0 @@
-patreon: mastodon
-open_collective: mastodon

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,27 +1,12 @@
 ---
 name: Bug Report
-about: If something isn't working as expected
+about: Create a report to help us improve
 
 ---
 
-<!-- Make sure that you are submitting a new bug that was not previously reported or already fixed -->
+[Issue text goes here].
 
-<!-- Please use a concise and distinct title for the issue -->
+* * * *
 
-### Expected behaviour
-
-<!-- What should have happened? -->
-
-### Actual behaviour
-
-<!-- What happened? -->
-
-### Steps to reproduce the problem
-
-<!-- What were you trying to do? -->
-
-### Specifications
-
-<!-- What version or commit hash of Mastodon did you find this bug in? -->
-
-<!-- If a front-end issue, what browser and operating systems were you using? -->
+- [ ] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
+- [ ] This bug happens on a [tagged release](https://github.com/tootsuite/mastodon/releases) and not on `master` (If you're a user, don't worry about this).

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,17 +1,11 @@
 ---
 name: Feature Request
-about: I have a suggestion
+about: Suggest an idea for this project
 
 ---
 
-<!-- Please use a concise and distinct title for the issue -->
+[Issue text goes here].
 
-<!-- Consider: Could it be implemented as a 3rd party app using the REST API instead? -->
+* * * *
 
-### Pitch
-
-<!-- Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before -->
-
-### Motivation
-
-<!-- Why do you think this feature is needed? Who would benefit from it? -->
+- [ ] I searched or browsed the repo’s other issues to ensure this is not a duplicate.

.github/ISSUE_TEMPLATE/support.md

@@ -1,10 +0,0 @@
----
-name: Support
-about: Ask for help with your deployment
-
----
-
-We primarily use GitHub as a bug and feature tracker. For usage questions, troubleshooting of deployments and other individual technical assistance, please use one of the resources below:
-
-- https://discourse.joinmastodon.org
-- #mastodon on irc.freenode.net

.postcssrc.yml

@@ -0,0 +1,9 @@
+plugins:
+  postcss-smart-import: {}
+  precss: {}
+  autoprefixer:
+    browsers:
+      - last 2 versions
+      - IE >= 11
+      - iOS >= 9
+  postcss-object-fit-images: {}

.rubocop.yml

@@ -1,6 +1,3 @@
-require:
-  - rubocop-rails
-
 AllCops:
   TargetRubyVersion: 2.3
   Exclude:
@@ -80,14 +77,6 @@ Rails/SkipsModelValidations:
 Rails/HttpStatus:
   Enabled: false
 
-Rails/Exit:
-  Exclude:
-    - 'lib/mastodon/*'
-    - 'lib/cli.rb'
-
-Rails/HelperInstanceVariable:
-  Enabled: false
-
 Style/ClassAndModuleChildren:
   Enabled: false
 

.ruby-version

@@ -1 +1 @@
-2.6.5
+2.5.1

.sass-lint.yml

@@ -1,37 +0,0 @@
-# Linter Documentation:
-# https://github.com/sasstools/sass-lint/tree/v1.13.1/docs/options
-
-files:
-  include: app/javascript/styles/**/*.scss
-  ignore:
-    - app/javascript/styles/mastodon/reset.scss
-
-rules:
-  # Disallows
-  no-color-literals: 0
-  no-css-comments: 0
-  no-duplicate-properties: 0
-  no-ids: 0
-  no-important: 0
-  no-mergeable-selectors: 0
-  no-misspelled-properties: 0
-  no-qualifying-elements: 0
-  no-transition-all: 0
-  no-vendor-prefixes: 0
-
-  # Nesting
-  force-element-nesting: 0
-  force-attribute-nesting: 0
-  force-pseudo-nesting: 0
-
-  # Name Formats
-  class-name-format: 0
-  leading-zero: 0
-
-  # Style Guide
-  attribute-quotes: 0
-  hex-length: 0
-  indentation: 0
-  nesting-depth: 0
-  property-sort-order: 0
-  quotes: 0

.scss-lint.yml

@@ -0,0 +1,264 @@
+# Linter Documentation:
+# https://github.com/brigade/scss-lint/blob/v0.42.2/lib/scss_lint/linter/README.md
+
+scss_files: 'app/javascript/styles/**/*.scss'
+
+exclude:
+  - app/javascript/styles/reset.scss
+
+linters:
+  # Reports when you use improper spacing around ! (the "bang") in !default,
+  # !global, !important, and !optional flags.
+  BangFormat:
+    enabled: false
+
+  # Whether or not to prefer `border: 0` over `border: none`.
+  BorderZero:
+    enabled: false
+
+  # Reports when you define a rule set using a selector with chained classes
+  # (a.k.a. adjoining classes).
+  ChainedClasses:
+    enabled: false
+
+  # Prefer hexadecimal color codes over color keywords.
+  # (e.g. `color: green` is a color keyword)
+  ColorKeyword:
+    enabled: false
+
+  # Prefer color literals (keywords or hexadecimal codes) to be used only in
+  # variable declarations. They should be referred to via variables everywhere
+  # else.
+  ColorVariable:
+    enabled: true
+
+  # Which form of comments to prefer in CSS.
+  Comment:
+    enabled: false
+
+  # Reports @debug statements (which you probably left behind accidentally).
+  DebugStatement:
+    enabled: false
+
+  # Rule sets should be ordered as follows:
+  # - @extend declarations
+  # - @include declarations without inner @content
+  # - properties, @include declarations with inner @content
+  # - nested rule sets.
+  DeclarationOrder:
+    enabled: false
+
+  # `scss-lint:disable` control comments should be preceded by a comment
+  # explaining why these linters are being disabled for this file.
+  # See https://github.com/brigade/scss-lint#disabling-linters-via-source for
+  # more information.
+  DisableLinterReason:
+    enabled: true
+
+  # Reports when you define the same property twice in a single rule set.
+  DuplicateProperty:
+    enabled: false
+
+  # Separate rule, function, and mixin declarations with empty lines.
+  EmptyLineBetweenBlocks:
+    enabled: true
+
+  # Reports when you have an empty rule set.
+  EmptyRule:
+    enabled: true
+
+  # Reports when you have an @extend directive.
+  ExtendDirective:
+    enabled: false
+
+  # Files should always have a final newline. This results in better diffs
+  # when adding lines to the file, since SCM systems such as git won't
+  # think that you touched the last line.
+  FinalNewline:
+    enabled: false
+
+  # HEX colors should use three-character values where possible.
+  HexLength:
+    enabled: false
+
+  # HEX color values should use lower-case colors to differentiate between
+  # letters and numbers, e.g. `#E3E3E3` vs. `#e3e3e3`.
+  HexNotation:
+    enabled: true
+
+  # Avoid using ID selectors.
+  IdSelector:
+    enabled: false
+
+  # The basenames of @imported SCSS partials should not begin with an
+  # underscore and should not include the filename extension.
+  ImportPath:
+    enabled: false
+
+  # Avoid using !important in properties. It is usually indicative of a
+  # misunderstanding of CSS specificity and can lead to brittle code.
+  ImportantRule:
+    enabled: false
+
+  # Indentation should always be done in increments of 2 spaces.
+  Indentation:
+    enabled: true
+    width: 2
+
+  # Don't write leading zeros for numeric values with a decimal point.
+  LeadingZero:
+    enabled: false
+
+  # Reports when you define the same selector twice in a single sheet.
+  MergeableSelector:
+    enabled: false
+
+  # Functions, mixins, variables, and placeholders should be declared
+  # with all lowercase letters and hyphens instead of underscores.
+  NameFormat:
+    enabled: false
+
+  # Avoid nesting selectors too deeply.
+  NestingDepth:
+    enabled: false
+
+  # Always use placeholder selectors in @extend.
+  PlaceholderInExtend:
+    enabled: false
+
+  # Sort properties in a strict order.
+  PropertySortOrder:
+    enabled: false
+
+  # Reports when you use an unknown or disabled CSS property
+  # (ignoring vendor-prefixed properties).
+  PropertySpelling:
+    enabled: false
+
+  # Configure which units are allowed for property values.
+  PropertyUnits:
+    enabled: false
+
+  # Pseudo-elements, like ::before, and ::first-letter, should be declared
+  # with two colons. Pseudo-classes, like :hover and :first-child, should
+  # be declared with one colon.
+  PseudoElement:
+    enabled: true
+
+  # Avoid qualifying elements in selectors (also known as "tag-qualifying").
+  QualifyingElement:
+    enabled: false
+
+  # Don't write selectors with a depth of applicability greater than 3.
+  SelectorDepth:
+    enabled: false
+
+  # Selectors should always use hyphenated-lowercase, rather than camelCase or
+  # snake_case.
+  SelectorFormat:
+    enabled: false
+    convention: hyphenated_lowercase
+
+  # Prefer the shortest shorthand form possible for properties that support it.
+  Shorthand:
+    enabled: true
+
+  # Each property should have its own line, except in the special case of
+  # single line rulesets.
+  SingleLinePerProperty:
+    enabled: true
+    allow_single_line_rule_sets: true
+
+  # Split selectors onto separate lines after each comma, and have each
+  # individual selector occupy a single line.
+  SingleLinePerSelector:
+    enabled: true
+
+  # Commas in lists should be followed by a space.
+  SpaceAfterComma:
+    enabled: false
+
+  # Properties should be formatted with a single space separating the colon
+  # from the property's value.
+  SpaceAfterPropertyColon:
+    enabled: true
+
+  # Properties should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterPropertyName:
+    enabled: true
+
+  # Variables should be formatted with a single space separating the colon
+  # from the variable's value.
+  SpaceAfterVariableColon:
+    enabled: true
+
+  # Variables should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterVariableName:
+    enabled: false
+
+  # Operators should be formatted with a single space on both sides of an
+  # infix operator.
+  SpaceAroundOperator:
+    enabled: true
+
+  # Opening braces should be preceded by a single space.
+  SpaceBeforeBrace:
+    enabled: true
+
+  # Parentheses should not be padded with spaces.
+  SpaceBetweenParens:
+    enabled: false
+
+  # Enforces that string literals should be written with a consistent form
+  # of quotes (single or double).
+  StringQuotes:
+    enabled: false
+
+  # Property values, @extend, @include, and @import directives, and variable
+  # declarations should always end with a semicolon.
+  TrailingSemicolon:
+    enabled: true
+
+  # Reports lines containing trailing whitespace.
+  TrailingWhitespace:
+    enabled: true
+
+  # Don't write trailing zeros for numeric values with a decimal point.
+  TrailingZero:
+    enabled: false
+
+  # Don't use the `all` keyword to specify transition properties.
+  TransitionAll:
+    enabled: false
+
+  # Numeric values should not contain unnecessary fractional portions.
+  UnnecessaryMantissa:
+    enabled: false
+
+  # Do not use parent selector references (&) when they would otherwise
+  # be unnecessary.
+  UnnecessaryParentReference:
+    enabled: false
+
+  # URLs should be valid and not contain protocols or domain names.
+  UrlFormat:
+    enabled: true
+
+  # URLs should always be enclosed within quotes.
+  UrlQuotes:
+    enabled: true
+
+  # Properties, like color and font, are easier to read and maintain
+  # when defined using variables rather than literals.
+  VariableForProperty:
+    enabled: false
+
+  # Avoid vendor prefixes. Or rather: don't write them yourself.
+  VendorPrefix:
+    enabled: false
+
+  # Omit length units on zero values, e.g. `0px` vs. `0`.
+  ZeroUnit:
+    enabled: true

.yarnclean

@@ -43,4 +43,4 @@ Gruntfile.js
 
 # for specific ignore
 !.svgo.yml
-!sass-lint/**/*.yml
+

AUTHORS.md

@@ -1,105 +1,78 @@
-Authors
-=======
-
 Mastodon is available on [GitHub](https://github.com/tootsuite/mastodon)
 and provided thanks to the work of the following contributors:
 
 * [Gargron](https://github.com/Gargron)
-* [ThibG](https://github.com/ThibG)
 * [ykzts](https://github.com/ykzts)
-* [dependabot[bot]](https://github.com/apps/dependabot)
-* [akihikodaki](https://github.com/akihikodaki)
-* [dependabot-preview[bot]](https://github.com/apps/dependabot-preview)
 * [mjankowski](https://github.com/mjankowski)
+* [akihikodaki](https://github.com/akihikodaki)
 * [unarist](https://github.com/unarist)
 * [yiskah](https://github.com/yiskah)
+* [m4sk1n](https://github.com/m4sk1n)
 * [nolanlawson](https://github.com/nolanlawson)
-* [ysksn](https://github.com/ysksn)
-* [abcang](https://github.com/abcang)
 * [sorin-davidoi](https://github.com/sorin-davidoi)
+* [abcang](https://github.com/abcang)
+* [ThibG](https://github.com/ThibG)
 * [lynlynlynx](https://github.com/lynlynlynx)
-* [mayaeh](https://github.com/mayaeh)
-* [m4sk1n](mailto:me@m4sk.in)
-* [Marcin Mikołajczak](mailto:me@m4sk.in)
-* [Kjwon15](https://github.com/Kjwon15)
-* [renatolond](https://github.com/renatolond)
 * [alpaca-tc](https://github.com/alpaca-tc)
-* [jeroenpraat](https://github.com/jeroenpraat)
 * [nclm](https://github.com/nclm)
 * [ineffyble](https://github.com/ineffyble)
-* [mabkenar](https://github.com/mabkenar)
+* [jeroenpraat](https://github.com/jeroenpraat)
 * [blackle](https://github.com/blackle)
 * [Quent-in](https://github.com/Quent-in)
 * [JantsoP](https://github.com/JantsoP)
-* [zunda](https://github.com/zunda)
 * [nullkal](https://github.com/nullkal)
 * [yookoala](https://github.com/yookoala)
-* [Aditoo17](https://github.com/Aditoo17)
-* [Quenty31](https://github.com/Quenty31)
-* [marek-lach](https://github.com/marek-lach)
-* [shuheiktgw](https://github.com/shuheiktgw)
+* [ysksn](https://github.com/ysksn)
 * [ashfurrow](https://github.com/ashfurrow)
 * [eramdam](https://github.com/eramdam)
-* [noellabo](https://github.com/noellabo)
-* [takayamaki](https://github.com/takayamaki)
-* [danhunsaker](https://github.com/danhunsaker)
-* [masarakki](https://github.com/masarakki)
+* [mayaeh](https://github.com/mayaeh)
+* [zunda](https://github.com/zunda)
 * [ticky](https://github.com/ticky)
-* [ThisIsMissEm](https://github.com/ThisIsMissEm)
-* [hcmiya](https://github.com/hcmiya)
-* [stephenburgess8](https://github.com/stephenburgess8)
+* [masarakki](https://github.com/masarakki)
 * [Wonderfall](https://github.com/Wonderfall)
 * [matteoaquila](https://github.com/matteoaquila)
-* [yukimochi](https://github.com/yukimochi)
-* [palindromordnilap](https://github.com/palindromordnilap)
 * [rkarabut](https://github.com/rkarabut)
+* [stephenburgess8](https://github.com/stephenburgess8)
+* [Kjwon15](https://github.com/Kjwon15)
 * [Artoria2e5](https://github.com/Artoria2e5)
-* [nightpool](https://github.com/nightpool)
+* [yukimochi](https://github.com/yukimochi)
 * [marrus-sh](https://github.com/marrus-sh)
-* [hinaloe](https://github.com/hinaloe)
 * [krainboltgreene](https://github.com/krainboltgreene)
-* [pfigel](https://github.com/pfigel)
-* [Aldarone](https://github.com/Aldarone)
+* [renatolond](https://github.com/renatolond)
 * [BoFFire](https://github.com/BoFFire)
 * [clworld](https://github.com/clworld)
-* [MasterGroosha](https://github.com/MasterGroosha)
-* [dracos](https://github.com/dracos)
-* [MaciekBaron](https://github.com/MaciekBaron)
-* [SerCom_KC](mailto:sercom-kc@users.noreply.github.com)
-* [Sylvhem](https://github.com/Sylvhem)
+* [danhunsaker](https://github.com/danhunsaker)
+* [patf](https://github.com/patf)
+* [Quenty31](https://github.com/Quenty31)
 * [MitarashiDango](https://github.com/MitarashiDango)
+* [Aldarone](https://github.com/Aldarone)
 * [JeanGauthier](https://github.com/JeanGauthier)
 * [kschaper](https://github.com/kschaper)
-* [beatrix-bitrot](https://github.com/beatrix-bitrot)
-* [angristan](https://github.com/angristan)
+* [takayamaki](https://github.com/takayamaki)
 * [adbelle](https://github.com/adbelle)
 * [evanminto](https://github.com/evanminto)
+* [mabkenar](https://github.com/mabkenar)
 * [MightyPork](https://github.com/MightyPork)
-* [ashleyhull-versent](mailto:ashley.hull@versent.com.au)
+* [beatrix-bitrot](https://github.com/beatrix-bitrot)
 * [yhirano55](https://github.com/yhirano55)
-* [rinsuki](https://github.com/rinsuki)
 * [camponez](https://github.com/camponez)
-* [SerCom_KC](mailto:szescxz@gmail.com)
 * [aschmitz](https://github.com/aschmitz)
-* [trwnh](https://github.com/trwnh)
-* [devkral](https://github.com/devkral)
 * [fpiesche](https://github.com/fpiesche)
-* [hugogameiro](https://github.com/hugogameiro)
 * [gandaro](https://github.com/gandaro)
 * [johnsudaar](https://github.com/johnsudaar)
-* [ariasuni](https://github.com/ariasuni)
 * [trebmuh](https://github.com/trebmuh)
-* [rmhasan](https://github.com/rmhasan)
-* [kedamaDQ](https://github.com/kedamaDQ)
+* [Sylvhem](https://github.com/Sylvhem)
 * [lindwurm](https://github.com/lindwurm)
-* [victorhck](mailto:victorhck@geeko.site)
 * [voidsatisfaction](https://github.com/voidsatisfaction)
-* [BenLubar](https://github.com/BenLubar)
+* [neetshin](https://github.com/neetshin)
+* [valentin2105](https://github.com/valentin2105)
 * [hikari-no-yume](https://github.com/hikari-no-yume)
+* [Angristan](https://github.com/Angristan)
 * [seefood](https://github.com/seefood)
 * [jackjennings](https://github.com/jackjennings)
-* [koyuawsmbrtn](https://github.com/koyuawsmbrtn)
-* [spla](mailto:spla@mastodont.cat)
+* [hcmiya](https://github.com/hcmiya)
+* [nightpool](https://github.com/nightpool)
+* [salvadorpla](https://github.com/salvadorpla)
 * [expenses](https://github.com/expenses)
 * [walf443](https://github.com/walf443)
 * [JoelQ](https://github.com/JoelQ)
@@ -108,177 +81,120 @@ and provided thanks to the work of the following contributors:
 * [xqus](https://github.com/xqus)
 * [pfm-eyesightjp](https://github.com/pfm-eyesightjp)
 * [fakenine](https://github.com/fakenine)
-* [Shleeble](https://github.com/Shleeble)
 * [tsuwatch](https://github.com/tsuwatch)
 * [victorhck](https://github.com/victorhck)
-* [mkljczk](https://github.com/mkljczk)
-* [manuelviens](https://github.com/manuelviens)
 * [puckipedia](https://github.com/puckipedia)
-* [fvh-P](https://github.com/fvh-P)
-* [rtucker](https://github.com/rtucker)
-* [Anna e só](mailto:contraexemplos@gmail.com)
+* [contraexemplo](https://github.com/contraexemplo)
 * [kazu9su](https://github.com/kazu9su)
 * [Komic](https://github.com/Komic)
-* [lmorchard](https://github.com/lmorchard)
 * [diomed](https://github.com/diomed)
-* [Neetshin](mailto:neetshin@neetsh.in)
 * [rainyday](https://github.com/rainyday)
-* [ProgVal](https://github.com/ProgVal)
-* [valentin2105](https://github.com/valentin2105)
-* [yuntan](https://github.com/yuntan)
-* [goofy-bz](mailto:goofy@babelzilla.org)
 * [kadiix](https://github.com/kadiix)
 * [kodacs](https://github.com/kodacs)
-* [marcin mikołajczak](mailto:me@m4sk.in)
-* [JMendyk](https://github.com/JMendyk)
-* [KScl](https://github.com/KScl)
+* [ProgVal](https://github.com/ProgVal)
 * [sterdev](https://github.com/sterdev)
 * [TheKinrar](https://github.com/TheKinrar)
 * [AA4ch1](https://github.com/AA4ch1)
 * [alexgleason](https://github.com/alexgleason)
 * [cpytel](https://github.com/cpytel)
 * [northerner](https://github.com/northerner)
-* [fhemberger](https://github.com/fhemberger)
-* [greysteil](https://github.com/greysteil)
-* [hencatsmith](https://github.com/hencatsmith)
-* [d6rkaiz](https://github.com/d6rkaiz)
-* [Reverite](https://github.com/Reverite)
+* [hnrysmth](https://github.com/hnrysmth)
+* [hugogameiro](https://github.com/hugogameiro)
 * [JohnD28](https://github.com/JohnD28)
 * [znz](https://github.com/znz)
 * [Naouak](https://github.com/Naouak)
-* [pawelngei](https://github.com/pawelngei)
+* [rtucker](https://github.com/rtucker)
 * [reneklacan](https://github.com/reneklacan)
-* [ekiru](https://github.com/ekiru)
+* [KScl](https://github.com/KScl)
+* [SerCom-KC](https://github.com/SerCom-KC)
 * [tcitworld](https://github.com/tcitworld)
 * [geta6](https://github.com/geta6)
+* [goofy-bz](https://github.com/goofy-bz)
 * [happycoloredbanana](https://github.com/happycoloredbanana)
 * [leopku](https://github.com/leopku)
 * [SansPseudoFix](https://github.com/SansPseudoFix)
-* [salvadorpla](https://github.com/salvadorpla)
 * [tomfhowe](https://github.com/tomfhowe)
 * [noraworld](https://github.com/noraworld)
-* [theboss](https://github.com/theboss)
-* [nzws](https://github.com/nzws)
+* [fvh-P](https://github.com/fvh-P)
 * [178inaba](https://github.com/178inaba)
-* [xgess](https://github.com/xgess)
+* [devkral](https://github.com/devkral)
 * [alyssais](https://github.com/alyssais)
-* [aablinov](https://github.com/aablinov)
+* [kodnaplakal](https://github.com/kodnaplakal)
 * [stalker314314](https://github.com/stalker314314)
-* [cutls](https://github.com/cutls)
 * [huertanix](https://github.com/huertanix)
 * [genesixx](https://github.com/genesixx)
+* [fhemberger](https://github.com/fhemberger)
 * [halkeye](https://github.com/halkeye)
 * [treby](https://github.com/treby)
+* [d6rkaiz](https://github.com/d6rkaiz)
 * [jpdevries](https://github.com/jpdevries)
-* [gdpelican](https://github.com/gdpelican)
-* [kmichl](https://github.com/kmichl)
-* [Kurtis Rainbolt-Greene](mailto:me@kurtisrainboltgreene.name)
+* [rndm-stranger](https://github.com/rndm-stranger)
 * [saper](https://github.com/saper)
-* [Dar13](https://github.com/Dar13)
 * [nevillepark](https://github.com/nevillepark)
 * [ornithocoder](https://github.com/ornithocoder)
-* [pwoolcoc](https://github.com/pwoolcoc)
 * [pierreozoux](https://github.com/pierreozoux)
-* [qguv](https://github.com/qguv)
-* [Ram Lmn](mailto:ramlmn@users.noreply.github.com)
-* [aurelia-sl](https://github.com/aurelia-sl)
+* [ramlmn](https://github.com/ramlmn)
 * [harukasan](https://github.com/harukasan)
 * [stamak](https://github.com/stamak)
-* [Technowix](https://github.com/Technowix)
-* [Zoeille](https://github.com/Zoeille)
-* [Thor Harald Johansen](mailto:thj@thj.no)
+* [Eychics](https://github.com/Eychics)
+* [thor-the-norseman](https://github.com/thor-the-norseman)
 * [0x70b1a5](https://github.com/0x70b1a5)
 * [gled-rs](https://github.com/gled-rs)
-* [Valentin_NC](mailto:valentin.ouvrard@nautile.sarl)
 * [R0ckweb](https://github.com/R0ckweb)
-* [unasuke](https://github.com/unasuke)
-* [caasi](https://github.com/caasi)
-* [chr-1x](https://github.com/chr-1x)
 * [esetomo](https://github.com/esetomo)
 * [foxiehkins](https://github.com/foxiehkins)
-* [hoodie](mailto:hoodiekitten@outlook.com)
-* [luzi82](https://github.com/luzi82)
-* [duxovni](https://github.com/duxovni)
-* [slice](https://github.com/slice)
-* [tmm576](https://github.com/tmm576)
-* [unsmell](mailto:unsmell@users.noreply.github.com)
-* [valerauko](https://github.com/valerauko)
+* [sdukhovni](https://github.com/sdukhovni)
+* [unsmell](https://github.com/unsmell)
 * [chriswmartin](https://github.com/chriswmartin)
 * [vahnj](https://github.com/vahnj)
 * [ikuradon](https://github.com/ikuradon)
 * [AndreLewin](https://github.com/AndreLewin)
-* [0xflotus](https://github.com/0xflotus)
 * [redtachyons](https://github.com/redtachyons)
-* [acid-chicken](https://github.com/acid-chicken)
 * [thurloat](https://github.com/thurloat)
 * [aaribaud](https://github.com/aaribaud)
-* [pointlessone](https://github.com/pointlessone)
-* [Andrew](mailto:andrewlchronister@gmail.com)
-* [aurelien-reeves](https://github.com/aurelien-reeves)
-* [AnaGelez](https://github.com/AnaGelez)
 * [estuans](https://github.com/estuans)
 * [dissolve](https://github.com/dissolve)
 * [PurpleBooth](https://github.com/PurpleBooth)
 * [bradurani](https://github.com/bradurani)
 * [wavebeem](https://github.com/wavebeem)
 * [bruwalfas](https://github.com/bruwalfas)
-* [LottieVixen](https://github.com/LottieVixen)
+* [foxsan48](https://github.com/foxsan48)
 * [wchristian](https://github.com/wchristian)
 * [muffinista](https://github.com/muffinista)
 * [cdutson](https://github.com/cdutson)
 * [farlistener](https://github.com/farlistener)
-* [dariusk](https://github.com/dariusk)
 * [DavidLibeau](https://github.com/DavidLibeau)
-* [ddevault](https://github.com/ddevault)
+* [SirCmpwn](https://github.com/SirCmpwn)
+* [MasterGroosha](https://github.com/MasterGroosha)
 * [Fjoerfoks](https://github.com/Fjoerfoks)
 * [fmauNeko](https://github.com/fmauNeko)
 * [gloaec](https://github.com/gloaec)
-* [Gomasy](https://github.com/Gomasy)
+* [greysteil](https://github.com/greysteil)
 * [unstabler](https://github.com/unstabler)
 * [potato4d](https://github.com/potato4d)
-* [Hanage999](https://github.com/Hanage999)
 * [h-izumi](https://github.com/h-izumi)
 * [ErikXXon](https://github.com/ErikXXon)
 * [ian-kelling](https://github.com/ian-kelling)
-* [immae](https://github.com/immae)
-* [J0WI](https://github.com/J0WI)
 * [foozmeat](https://github.com/foozmeat)
 * [jasonrhodes](https://github.com/jasonrhodes)
-* [Jason Snell](mailto:jason@newrelic.com)
+* [asm](https://github.com/asm)
 * [jviide](https://github.com/jviide)
-* [YuleZ](https://github.com/YuleZ)
 * [crakaC](https://github.com/crakaC)
 * [tkbky](https://github.com/tkbky)
-* [Kaylee](mailto:kaylee@codethat.sucks)
 * [Kazhnuz](https://github.com/Kazhnuz)
-* [connyduck](https://github.com/connyduck)
-* [LindseyB](https://github.com/LindseyB)
-* [Lorenz Diener](mailto:halcyon@icosahedron.website)
 * [alimony](https://github.com/alimony)
 * [mig5](https://github.com/mig5)
-* [moritzheiber](https://github.com/moritzheiber)
 * [ndarville](https://github.com/ndarville)
 * [Abzol](https://github.com/Abzol)
-* [PatOnTheBack](https://github.com/PatOnTheBack)
 * [xPaw](https://github.com/xPaw)
-* [petzah](https://github.com/petzah)
-* [ignisf](https://github.com/ignisf)
 * [raymestalez](https://github.com/raymestalez)
-* [remram44](https://github.com/remram44)
-* [sts10](https://github.com/sts10)
-* [SuperSandro2000](https://github.com/SuperSandro2000)
-* [u1-liquid](https://github.com/u1-liquid)
-* [rosylilly](https://github.com/rosylilly)
 * [sim6](https://github.com/sim6)
-* [Sir-Boops](https://github.com/Sir-Boops)
-* [stemid](https://github.com/stemid)
-* [sumdog](https://github.com/sumdog)
+* [ekiru](https://github.com/ekiru)
+* [Technowix](https://github.com/Technowix)
 * [ThomasLeister](https://github.com/ThomasLeister)
 * [mcat-ee](https://github.com/mcat-ee)
 * [tototoshi](https://github.com/tototoshi)
-* [TrashMacNugget](https://github.com/TrashMacNugget)
 * [VirtuBox](https://github.com/VirtuBox)
-* [Vladyslav](mailto:vaden@tuta.io)
 * [kaniini](https://github.com/kaniini)
 * [vayan](https://github.com/vayan)
 * [yannicka](https://github.com/yannicka)
@@ -286,66 +202,48 @@ and provided thanks to the work of the following contributors:
 * [zacanger](https://github.com/zacanger)
 * [amazedkoumei](https://github.com/amazedkoumei)
 * [anon5r](https://github.com/anon5r)
-* [aus-social](https://github.com/aus-social)
-* [imbsky](https://github.com/imbsky)
-* [bsky](mailto:me@imbsky.net)
 * [codl](https://github.com/codl)
-* [cpsdqs](https://github.com/cpsdqs)
 * [barzamin](https://github.com/barzamin)
 * [fhalna](https://github.com/fhalna)
-* [highemerly](https://github.com/highemerly)
 * [haoyayoi](https://github.com/haoyayoi)
 * [ik11235](https://github.com/ik11235)
 * [kawax](https://github.com/kawax)
 * [007lva](https://github.com/007lva)
-* [mbajur](https://github.com/mbajur)
 * [matsurai25](https://github.com/matsurai25)
 * [mecab](https://github.com/mecab)
 * [nicobz25](https://github.com/nicobz25)
 * [oliverkeeble](https://github.com/oliverkeeble)
-* [partev](https://github.com/partev)
 * [pinfort](https://github.com/pinfort)
 * [rbaumert](https://github.com/rbaumert)
-* [rhoio](https://github.com/rhoio)
 * [usagi-f](https://github.com/usagi-f)
 * [vidarlee](https://github.com/vidarlee)
 * [vjackson725](https://github.com/vjackson725)
 * [wxcafe](https://github.com/wxcafe)
-* [新都心(Neet Shin)](mailto:nucx@dio-vox.com)
-* [clarfon](https://github.com/clarfon)
+* [rinsuki](https://github.com/rinsuki)
 * [cygnan](https://github.com/cygnan)
 * [Awea](https://github.com/Awea)
 * [halcy](https://github.com/halcy)
+* [bounshi](https://github.com/bounshi)
 * [8398a7](https://github.com/8398a7)
 * [857b](https://github.com/857b)
-* [insom](https://github.com/insom)
-* [tachyons](https://github.com/tachyons)
-* [Esteth](https://github.com/Esteth)
 * [unascribed](https://github.com/unascribed)
 * [Aguay-val](https://github.com/Aguay-val)
 * [knu](https://github.com/knu)
-* [h3poteto](https://github.com/h3poteto)
-* [unleashed](https://github.com/unleashed)
 * [alxrcs](https://github.com/alxrcs)
 * [console-cowboy](https://github.com/console-cowboy)
-* [Alkarex](https://github.com/Alkarex)
+* [pointlessone](https://github.com/pointlessone)
 * [a2](https://github.com/a2)
-* [alfiedotwtf](https://github.com/alfiedotwtf)
 * [0xa](https://github.com/0xa)
 * [virtualpain](https://github.com/virtualpain)
 * [sapphirus](https://github.com/sapphirus)
 * [amandavisconti](https://github.com/amandavisconti)
 * [ameliavoncat](https://github.com/ameliavoncat)
 * [ilpianista](https://github.com/ilpianista)
-* [Andreas Drop](mailto:andy@remline.de)
-* [andi1984](https://github.com/andi1984)
+* [andydrop](https://github.com/andydrop)
 * [schas002](https://github.com/schas002)
-* [contraexemplo](https://github.com/contraexemplo)
-* [abackstrom](https://github.com/abackstrom)
-* [armandfardeau](https://github.com/armandfardeau)
-* [raboof](https://github.com/raboof)
 * [jumbosushi](https://github.com/jumbosushi)
 * [ayumin](https://github.com/ayumin)
+* [BaptisteGelez](https://github.com/BaptisteGelez)
 * [bzg](https://github.com/bzg)
 * [benediktg](https://github.com/benediktg)
 * [blakebarnett](https://github.com/blakebarnett)
@@ -353,48 +251,30 @@ and provided thanks to the work of the following contributors:
 * [brycied00d](https://github.com/brycied00d)
 * [carlosjs23](https://github.com/carlosjs23)
 * [cgxxx](https://github.com/cgxxx)
-* [kibitan](https://github.com/kibitan)
 * [chrisheninger](https://github.com/chrisheninger)
 * [chris-martin](https://github.com/chris-martin)
 * [DoubleMalt](https://github.com/DoubleMalt)
 * [Moosh-be](https://github.com/Moosh-be)
 * [Motoma](https://github.com/Motoma)
-* [Christopher Kolstad](mailto:christopher.kolstad@finn.no)
+* [chriswk](https://github.com/chriswk)
 * [csu](https://github.com/csu)
 * [kklleemm](https://github.com/kklleemm)
-* [colindean](https://github.com/colindean)
-* [dachinat](https://github.com/dachinat)
-* [multiple-creatures](https://github.com/multiple-creatures)
+* [monsterpit-daggertooth](https://github.com/monsterpit-daggertooth)
 * [watilde](https://github.com/watilde)
 * [daprice](https://github.com/daprice)
-* [da2x](https://github.com/da2x)
 * [dar5hak](https://github.com/dar5hak)
 * [kant](https://github.com/kant)
-* [maxolasersquad](https://github.com/maxolasersquad)
 * [singingwolfboy](https://github.com/singingwolfboy)
 * [davidcelis](https://github.com/davidcelis)
-* [davefp](https://github.com/davefp)
 * [yipdw](https://github.com/yipdw)
 * [debanshuk](https://github.com/debanshuk)
-* [DerekNonGeneric](https://github.com/DerekNonGeneric)
 * [dblandin](https://github.com/dblandin)
-* [Drew Gates](mailto:aranaur@users.noreply.github.com)
-* [dtschust](https://github.com/dtschust)
-* [Dryusdan](https://github.com/Dryusdan)
-* [eai04191](https://github.com/eai04191)
+* [aranaur](https://github.com/aranaur)
 * [d3vgru](https://github.com/d3vgru)
 * [Elizafox](https://github.com/Elizafox)
-* [enewhuis](https://github.com/enewhuis)
 * [ericblade](https://github.com/ericblade)
 * [mikoim](https://github.com/mikoim)
-* [espenronnevik](https://github.com/espenronnevik)
-* [fabianonline](https://github.com/fabianonline)
-* [Finariel](https://github.com/Finariel)
 * [siuying](https://github.com/siuying)
-* [zoc](https://github.com/zoc)
-* [fwenzel](https://github.com/fwenzel)
-* [GenbuHase](https://github.com/GenbuHase)
-* [nilsding](https://github.com/nilsding)
 * [hattori6789](https://github.com/hattori6789)
 * [algernon](https://github.com/algernon)
 * [Fastbyte01](https://github.com/Fastbyte01)
@@ -403,27 +283,22 @@ and provided thanks to the work of the following contributors:
 * [Fiaxhs](https://github.com/Fiaxhs)
 * [reedcourty](https://github.com/reedcourty)
 * [anneau](https://github.com/anneau)
-* [lanodan](https://github.com/lanodan)
-* [Harmon758](https://github.com/Harmon758)
 * [HellPie](https://github.com/HellPie)
 * [Habu-Kagumba](https://github.com/Habu-Kagumba)
+* [hinaloe](https://github.com/hinaloe)
 * [suzukaze](https://github.com/suzukaze)
 * [Hiromi-Kai](https://github.com/Hiromi-Kai)
-* [hishamhm](https://github.com/hishamhm)
-* [Slaynash](https://github.com/Slaynash)
 * [musashino205](https://github.com/musashino205)
 * [iwaim](https://github.com/iwaim)
 * [valrus](https://github.com/valrus)
 * [IMcD23](https://github.com/IMcD23)
 * [yi0713](https://github.com/yi0713)
+* [immae](https://github.com/immae)
 * [iblech](https://github.com/iblech)
-* [J Yeary](mailto:usbsnowcrash@users.noreply.github.com)
 * [jack-michaud](https://github.com/jack-michaud)
 * [Floppy](https://github.com/Floppy)
 * [loomchild](https://github.com/loomchild)
-* [jenkr55](https://github.com/jenkr55)
-* [hyenagirl64](https://github.com/hyenagirl64)
-* [press5](https://github.com/press5)
+* [docjkl](https://github.com/docjkl)
 * [TrollDecker](https://github.com/TrollDecker)
 * [jmontane](https://github.com/jmontane)
 * [jonathanklee](https://github.com/jonathanklee)
@@ -436,331 +311,140 @@ and provided thanks to the work of the following contributors:
 * [j0k3r](https://github.com/j0k3r)
 * [KEINOS](https://github.com/KEINOS)
 * [futoase](https://github.com/futoase)
-* [pot8to](https://github.com/pot8to)
-* [Kit Redgrave](mailto:qwertyitis@gmail.com)
-* [Knut Erik](mailto:abjectio@users.noreply.github.com)
+* [abjectio](https://github.com/abjectio)
 * [mkody](https://github.com/mkody)
+* [connyduck](https://github.com/connyduck)
 * [k0ta0uchi](https://github.com/k0ta0uchi)
 * [KrzysiekJ](https://github.com/KrzysiekJ)
-* [Leo Wzukw](mailto:leowzukw@users.noreply.github.com)
-* [Tak](https://github.com/Tak)
+* [leowzukw](https://github.com/leowzukw)
+* [lmorchard](https://github.com/lmorchard)
 * [cacheflow](https://github.com/cacheflow)
 * [ldidry](https://github.com/ldidry)
 * [jemus42](https://github.com/jemus42)
 * [lfuelling](https://github.com/lfuelling)
 * [Grabacr07](https://github.com/Grabacr07)
 * [mistermantas](https://github.com/mistermantas)
-* [MareenaKunjachan](https://github.com/MareenaKunjachan)
-* [mareklach](https://github.com/mareklach)
 * [wirehack7](https://github.com/wirehack7)
-* [martymcguire](https://github.com/martymcguire)
 * [marvinkopf](https://github.com/marvinkopf)
 * [otsune](https://github.com/otsune)
-* [mbugowski](https://github.com/mbugowski)
-* [Mathias B](mailto:10813340+mathias-b@users.noreply.github.com)
-* [madmath03](https://github.com/madmath03)
+* [m-blc](https://github.com/m-blc)
 * [matt-auckland](https://github.com/matt-auckland)
-* [webroo](https://github.com/webroo)
-* [Matthias Beyer](mailto:mail@beyermatthias.de)
-* [Matthias Jouan](mailto:matthias.jouan@gmail.com)
-* [Matthieu Paret](mailto:matthieuparet69@gmail.com)
-* [Maxime BORGES](mailto:maxime.borges@gmail.com)
-* [Mayu Laierlence](mailto:minacle@live.com)
-* [Michael Deeb](mailto:michaeldeeb@me.com)
-* [Michael Vieira](mailto:dtox94@gmail.com)
-* [Michel](mailto:michel@cyweo.com)
-* [Midgard](mailto:m1dgard@users.noreply.github.com)
-* [Mike Burns](mailto:mburns@thoughtbot.com)
-* [Milan](mailto:me@petabyteboy.de)
-* [Milan*](mailto:tchncs@vivaldi.net)
-* [Milton Mazzarri](mailto:milmazz@gmail.com)
-* [Minku Lee](mailto:premist@me.com)
-* [Minori Hiraoka](mailto:mnkai@users.noreply.github.com)
-* [Mitchell Hentges](mailto:mitch9654@gmail.com)
-* [Mostafa Ahangarha](mailto:ahangarha@users.noreply.github.com)
-* [Mouse Reeve](mailto:mousereeve@riseup.net)
-* [Mozinet](mailto:mozinet-fr@users.noreply.github.com)
-* [Musee U](mailto:lae@users.noreply.github.com)
-* [NOGISAKA Sadata](mailto:ngsksdt@gmail.com)
-* [Naf](mailto:uenok.htc@gmail.com)
-* [Nanamachi](mailto:town7.haruki@gmail.com)
-* [Nathaniel Ekoniak](mailto:nekoniak@ennate.tech)
-* [NecroTechno](mailto:necrotechno@riseup.net)
-* [Nick Gerakines](mailto:nick@gerakines.net)
-* [Nicolai von Neudeck](mailto:nicolai@vonneudeck.com)
-* [Ninetailed](mailto:ninetailed@gmail.com)
-* [Nishi, Keisuke](mailto:k24@users.noreply.github.com)
-* [Noiob](mailto:noiob@users.noreply.github.com)
-* [Nope Nope](mailto:hireme@kwaio.ninja)
-* [Norayr Chilingarian](mailto:norayr@arnet.am)
-* [Noëlle Anthony](mailto:noelle.d.anthony@gmail.com)
-* [N氏](mailto:uenok.htc@gmail.com)
-* [Olivier Nicole](mailto:olivierthnicole@gmail.com)
-* [Oskari Noppa](mailto:noppa@users.noreply.github.com)
-* [Otakan](mailto:otakan951@gmail.com)
-* [Padraig Fahy](mailto:tech@padraigfahy.com)
-* [PatrickRWells](mailto:32802366+patrickrwells@users.noreply.github.com)
-* [Paul](mailto:naydex.mc+github@gmail.com)
-* [Pete Keen](mailto:pete@petekeen.net)
-* [Pierre-Morgan Gate](mailto:pgate@users.noreply.github.com)
-* [Ratmir Karabut](mailto:rkarabut@sfmodern.ru)
-* [Reto Kromer](mailto:retokromer@users.noreply.github.com)
-* [Rob Watson](mailto:rfwatson@users.noreply.github.com)
-* [Ryan Freebern](mailto:ryan@freebern.org)
-* [Ryan Wade](mailto:ryan.wade@protonmail.com)
-* [Ryo Kajiwara](mailto:kfe-fecn6.prussian@s01.info)
-* [S.H](mailto:gamelinks007@gmail.com)
-* [Sadiq Saif](mailto:staticsafe@users.noreply.github.com)
-* [Sam Hewitt](mailto:hewittsamuel@gmail.com)
-* [Sasha Sorokin](mailto:dafri.nochiterov8@gmail.com)
-* [Satoshi KOJIMA](mailto:skoji@mac.com)
-* [ScienJus](mailto:i@scienjus.com)
-* [Scott Larkin](mailto:scott@codeclimate.com)
-* [Sebastian Hübner](mailto:imolein@users.noreply.github.com)
-* [Sebastian Morr](mailto:sebastian@morr.cc)
-* [Sergei Č](mailto:noiwex1911@gmail.com)
-* [Setuu](mailto:yuki764setuu@gmail.com)
-* [Shaun Gillies](mailto:me@shaungillies.net)
-* [Shin Adachi](mailto:shn@glucose.jp)
-* [Shin Kojima](mailto:shin@kojima.org)
-* [Shouko Yu](mailto:imshouko@gmail.com)
-* [Sina Mashek](mailto:sina@mashek.xyz)
-* [Soshi Kato](mailto:mail@sossii.com)
-* [Spanky](mailto:2788886+spankyworks@users.noreply.github.com)
-* [StefOfficiel](mailto:pichard.stephane@free.fr)
-* [Steven Tappert](mailto:admin@dark-it.net)
-* [Svetlozar Todorov](mailto:svetlik@users.noreply.github.com)
-* [Sébastien Santoro](mailto:dereckson@espace-win.org)
-* [Tad Thorley](mailto:phaedryx@users.noreply.github.com)
-* [Takayoshi Nishida](mailto:takayoshi.nishida@gmail.com)
-* [Takayuki KUSANO](mailto:github@tkusano.jp)
-* [TakesxiSximada](mailto:takesxi.sximada@gmail.com)
-* [Tao Bror Bojlén](mailto:brortao@users.noreply.github.com)
-* [TheInventrix](mailto:theinventrix@users.noreply.github.com)
-* [Thomas Alberola](mailto:thomas@needacoffee.fr)
-* [Toby Deshane](mailto:fortyseven@users.noreply.github.com)
-* [Toby Pinder](mailto:gigitrix@gmail.com)
-* [Tomonori Murakami](mailto:crosslife777@gmail.com)
-* [TomoyaShibata](mailto:wind.of.hometown@gmail.com)
-* [Treyssat-Vincent Nino](mailto:treyssatvincent@users.noreply.github.com)
-* [Udo Kramer](mailto:optik@fluffel.io)
-* [Una](mailto:una@unascribed.com)
-* [Ushitora Anqou](mailto:ushitora@anqou.net)
-* [Ushitora Anqou](mailto:ushitora_anqou@yahoo.co.jp)
-* [Valentin Lorentz](mailto:progval+git@progval.net)
-* [Vladimir Mincev](mailto:vladimir@canicinteractive.com)
-* [Waldir Pimenta](mailto:waldyrious@gmail.com)
-* [Wenceslao Páez Chávez](mailto:wcpaez@gmail.com)
-* [Wesley Ellis](mailto:tahnok@gmail.com)
-* [Wiktor](mailto:wiktor@metacode.biz)
-* [Wonderfall](mailto:wonderfall@schrodinger.io)
-* [YDrogen](mailto:ydrogen45@gmail.com)
-* [YMHuang](mailto:ymhuang@fmbase.tw)
-* [YOSHIOKA Eiichiro](mailto:yoshioka.eiichiro@gmail.com)
-* [YOU](mailto:stackexchange.you@gmail.com)
-* [YaQ](mailto:i_k_o_m_a_7@yahoo.co.jp)
-* [Yanaken](mailto:yanakend@gmail.com)
-* [Yann Klis](mailto:yann.klis@gmail.com)
-* [Yağızhan](mailto:35808275+yagizhan49@users.noreply.github.com)
-* [Yeechan Lu](mailto:wz.bluesnow@gmail.com)
-* [Yusuke Abe](mailto:moonset20@gmail.com)
-* [Zachary Spector](mailto:logicaldash@gmail.com)
-* [ZiiX](mailto:ziix@users.noreply.github.com)
-* [asria-jp](mailto:is@alicematic.com)
-* [ava](mailto:vladooku@users.noreply.github.com)
-* [benklop](mailto:benklop@gmail.com)
-* [bsky](mailto:git@imbsky.net)
-* [caesarologia](mailto:lopesgemelli.1@gmail.com)
-* [cbayerlein](mailto:c.bayerlein@gmail.com)
-* [chrolis](mailto:chrolis@users.noreply.github.com)
-* [cormo](mailto:cormorant2+github@gmail.com)
-* [d0p1](mailto:dopi-sama@hush.com)
-* [dxwc](mailto:dxwc@users.noreply.github.com)
-* [evilny0](mailto:evilny0@moomoocamp.net)
-* [febrezo](mailto:felixbrezo@gmail.com)
-* [fsubal](mailto:fsubal@users.noreply.github.com)
-* [fusshi-](mailto:dikky1218@users.noreply.github.com)
-* [gentaro](mailto:gentaroooo@gmail.com)
-* [gol-cha](mailto:info@mevo.xyz)
-* [hakoai](mailto:hk--76@qa2.so-net.ne.jp)
-* [haosbvnker](mailto:github@chaosbunker.com)
-* [ichi_i](mailto:51489410+ichi-i@users.noreply.github.com)
-* [isati](mailto:phil@juchnowi.cz)
-* [jacob](mailto:jacobherringtondeveloper@gmail.com)
-* [jenn kaplan](mailto:me@jkap.io)
-* [jirayudech](mailto:jirayudech@gmail.com)
-* [jomo](mailto:github@jomo.tv)
-* [jooops](mailto:joops@autistici.org)
-* [jukper](mailto:jukkaperanto@gmail.com)
-* [jumoru](mailto:jumoru@mailbox.org)
-* [karlyeurl](mailto:karl.yeurl@gmail.com)
-* [kedama](mailto:32974885+kedamadq@users.noreply.github.com)
-* [kodai](mailto:shirafuta.kodai@gmail.com)
-* [kuro5hin](mailto:rusty@kuro5hin.org)
-* [luzpaz](mailto:luzpaz@users.noreply.github.com)
-* [maxypy](mailto:maxime@mpigou.fr)
-* [mhe](mailto:mail@marcus-herrmann.com)
-* [mike castleman](mailto:m@mlcastle.net)
-* [mimikun](mailto:dzdzble_effort_311@outlook.jp)
-* [mohemohe](mailto:mohemohe@users.noreply.github.com)
-* [mshrtkch](mailto:mshrtkch@users.noreply.github.com)
-* [muan](mailto:muan@github.com)
-* [namelessGonbai](mailto:43787036+namelessgonbai@users.noreply.github.com)
-* [neetshin](mailto:neetshin@neetsh.in)
-* [nzws](mailto:git-yuzu@svk.jp)
-* [rch850](mailto:rich850@gmail.com)
-* [roikale](mailto:roikale@users.noreply.github.com)
-* [rysiekpl](mailto:rysiek@hackerspace.pl)
-* [saturday06](mailto:dyob@lunaport.net)
-* [scriptjunkie](mailto:scriptjunkie@scriptjunkie.us)
-* [seekr](mailto:mario.drs@gmail.com)
-* [sundevour](mailto:31990469+sundevour@users.noreply.github.com)
-* [syui](mailto:syui@users.noreply.github.com)
-* [tackeyy](mailto:mailto.takita.yusuke@gmail.com)
-* [tateisu](mailto:tateisu@gmail.com)
-* [tmyt](mailto:shigure@refy.net)
-* [trevDev()](mailto:trev@trevdev.ca)
-* [tsia](mailto:github@tsia.de)
-* [umonaca](mailto:53662960+umonaca@users.noreply.github.com)
-* [utam0k](mailto:k0ma@utam0k.jp)
-* [vpzomtrrfrt](mailto:vpzomtrrfrt@gmail.com)
-* [walfie](mailto:walfington@gmail.com)
-* [y-temp4](mailto:y.temp4@gmail.com)
-* [ymmtmdk](mailto:ymmtmdk@gmail.com)
-* [yoshipc](mailto:yoooo@yoshipc.net)
-* [Özcan Zafer AYAN](mailto:ozcanzaferayan@gmail.com)
-* [ばん](mailto:detteiu0321@gmail.com)
-* [ふるふる](mailto:frfs@users.noreply.github.com)
-* [りんすき](mailto:6533808+rinsuki@users.noreply.github.com)
-* [ヨイツの賢狼ホロ | 3rd style](mailto:horo@yoitsu.moe)
-* [唐宗勛](mailto:tangzongxun@hotmail.com)
-* [猫吸血鬼ディフリス / 猫ロキP](mailto:deflis@gmail.com)
-* [艮 鮟鱇](mailto:ushitora_anqou@yahoo.co.jp)
-* [西小倉宏信](mailto:nishiko@mindia.jp)
-* [雨宮美羽](mailto:k737566@gmail.com)
+* [mattjmattj](https://github.com/mattjmattj)
+* [mtparet](https://github.com/mtparet)
+* [maximeborges](https://github.com/maximeborges)
+* [minacle](https://github.com/minacle)
+* [michaeljdeeb](https://github.com/michaeljdeeb)
+* [Themimitoof](https://github.com/Themimitoof)
+* [cyweo](https://github.com/cyweo)
+* [M1dgard](https://github.com/M1dgard)
+* [mike-burns](https://github.com/mike-burns)
+* [verymilan](https://github.com/verymilan)
+* [milmazz](https://github.com/milmazz)
+* [Mnkai](https://github.com/Mnkai)
+* [mitchhentges](https://github.com/mitchhentges)
+* [moritzheiber](https://github.com/moritzheiber)
+* [mouse-reeve](https://github.com/mouse-reeve)
+* [lae](https://github.com/lae)
+* [Nanamachi](https://github.com/Nanamachi)
+* [ngerakines](https://github.com/ngerakines)
+* [vonneudeck](https://github.com/vonneudeck)
+* [Ninetailed](https://github.com/Ninetailed)
+* [k24](https://github.com/k24)
+* [noiob](https://github.com/noiob)
+* [kwaio](https://github.com/kwaio)
+* [norayr](https://github.com/norayr)
+* [joyeusenoelle](https://github.com/joyeusenoelle)
+* [OlivierNicole](https://github.com/OlivierNicole)
+* [Otakan951](https://github.com/Otakan951)
+* [fahy](https://github.com/fahy)
+* [Pangoraw](https://github.com/Pangoraw)
+* [pwoolcoc](https://github.com/pwoolcoc)
+* [peterkeen](https://github.com/peterkeen)
+* [petzah](https://github.com/petzah)
+* [ignisf](https://github.com/ignisf)
+* [rfwatson](https://github.com/rfwatson)
+* [rfreebern](https://github.com/rfreebern)
+* [sylph01](https://github.com/sylph01)
+* [staticsafe](https://github.com/staticsafe)
+* [snwh](https://github.com/snwh)
+* [skoji](https://github.com/skoji)
+* [ScienJus](https://github.com/ScienJus)
+* [larkinscott](https://github.com/larkinscott)
+* [imolein](https://github.com/imolein)
+* [blinry](https://github.com/blinry)
+* [Noiwex](https://github.com/Noiwex)
+* [yuki764](https://github.com/yuki764)
+* [shnjp](https://github.com/shnjp)
+* [ernix](https://github.com/ernix)
+* [rosylilly](https://github.com/rosylilly)
+* [shouko](https://github.com/shouko)
+* [sossii](https://github.com/sossii)
+* [StefOfficiel](https://github.com/StefOfficiel)
+* [svetlik](https://github.com/svetlik)
+* [dereckson](https://github.com/dereckson)
+* [theboss](https://github.com/theboss)
+* [takp](https://github.com/takp)
+* [tkusano](https://github.com/tkusano)
+* [TheInventrix](https://github.com/TheInventrix)
+* [shug0](https://github.com/shug0)
+* [Fortyseven](https://github.com/Fortyseven)
+* [tobypinder](https://github.com/tobypinder)
+* [tomosm](https://github.com/tomosm)
+* [TomoyaShibata](https://github.com/TomoyaShibata)
+* [TrashMacNugget](https://github.com/TrashMacNugget)
+* [treyssatvincent](https://github.com/treyssatvincent)
+* [optikfluffel](https://github.com/optikfluffel)
+* [vmincev](https://github.com/vmincev)
+* [waldyrious](https://github.com/waldyrious)
+* [tahnok](https://github.com/tahnok)
+* [YDrogen](https://github.com/YDrogen)
+* [YOSHIOKAEiichiro](https://github.com/YOSHIOKAEiichiro)
+* [S-YOU](https://github.com/S-YOU)
+* [YaQ00](https://github.com/YaQ00)
+* [yanakend](https://github.com/yanakend)
+* [orzFly](https://github.com/orzFly)
+* [chansuke](https://github.com/chansuke)
+* [yuntan](https://github.com/yuntan)
+* [LogicalDash](https://github.com/LogicalDash)
+* [ZiiX](https://github.com/ZiiX)
+* [benklop](https://github.com/benklop)
+* [caasi](https://github.com/caasi)
+* [caesarologia](https://github.com/caesarologia)
+* [chrolis](https://github.com/chrolis)
+* [cormojs](https://github.com/cormojs)
+* [cpsdqs](https://github.com/cpsdqs)
+* [d0p1s4m4](https://github.com/d0p1s4m4)
+* [evilny0](https://github.com/evilny0)
+* [febrezo](https://github.com/febrezo)
+* [fsubal](https://github.com/fsubal)
+* [dikky1218](https://github.com/dikky1218)
+* [gentarok](https://github.com/gentarok)
+* [hakoai](https://github.com/hakoai)
+* [chaosbunker](https://github.com/chaosbunker)
+* [isati](https://github.com/isati)
+* [jkap](https://github.com/jkap)
+* [jirayudech](https://github.com/jirayudech)
+* [jukper](https://github.com/jukper)
+* [karlyeurl](https://github.com/karlyeurl)
+* [kedamaDQ](https://github.com/kedamaDQ)
+* [kuro5hin](https://github.com/kuro5hin)
+* [maxypy](https://github.com/maxypy)
+* [marcus-herrmann](https://github.com/marcus-herrmann)
+* [mshrtkch](https://github.com/mshrtkch)
+* [muan](https://github.com/muan)
+* [rch850](https://github.com/rch850)
+* [roikale](https://github.com/roikale)
+* [rysiekpl](https://github.com/rysiekpl)
+* [saturday06](https://github.com/saturday06)
+* [scriptjunkie](https://github.com/scriptjunkie)
+* [seekr](https://github.com/seekr)
+* [syui](https://github.com/syui)
+* [tackeyy](https://github.com/tackeyy)
+* [tmyt](https://github.com/tmyt)
+* [utam0k](https://github.com/utam0k)
+* [vpzomtrrfrt](https://github.com/vpzomtrrfrt)
+* [walfie](https://github.com/walfie)
+* [y-temp4](https://github.com/y-temp4)
+* [ymmtmdk](https://github.com/ymmtmdk)
 
 This document is provided for informational purposes only. Since it is only updated once per release, the version you are looking at may be currently out of date. To see the full list of contributors, consider looking at the [git history](https://github.com/tootsuite/mastodon/graphs/contributors) instead.
-
-## Translators
-
-Following people have contributed to translation of Mastodon:
-
-- Zoltán Gera (*Hungarian*)
-- Kristijan Tkalec (*Slovenian*)
-- Evert Prants (*Estonian*)
-- borys_sh (*Ukrainian*)
-- ButterflyOfFire (*Arabic; French*)
-- Osoitz (*Basque*)
-- oɹʇuʞ (*Spanish, Argentina*)
-- koyu (*German*)
-- Jeroen (*Dutch*)
-- Muha Aliss (*Turkish*)
-- 唐宗勛 (*Chinese Simplified*)
-- Jeong Arm (*Korean; Esperanto; Japanese*)
-- Oguz Ersen (*Turkish*)
-- spla (*Catalan*)
-- Ramdziana F Y (*Indonesian*)
-- Aditoo17 (*Czech*)
-- Xosé M. (*Galician*)
-- Roboron (*Spanish*)
-- Alix Rossi (*Corsican; French*)
-- Maya Minatsuki (*Japanese*)
-- Masoud Abkenar (*Persian*)
-- Thai Localization (*Thai*)
-- Marek Ľach (*Slovak; Polish*)
-- d5Ziif3K (*Ukrainian*)
-- lamnatos (*Greek*)
-- Emyn Nant Nefydd (*Welsh*)
-- Diluns (*Occitan*)
-- atarashiako (*Chinese Simplified*)
-- 101010 (*Polish*)
-- Yi-Jyun Pan (*Chinese Traditional*)
-- silkevicious (*Italian*)
-- FédiQuébec (*French*)
-- Jaz-Michael King (*Welsh*)
-- christalleras (*Norwegian Nynorsk*)
-- tykayn (*French*)
-- Alessandro Levati (*Italian*)
-- carolinagiorno (*Portuguese, Brazilian*)
-- taoxvx (*Danish*)
-- sabri (*Spanish*)
-- Sasha Sorokin (*Russian*)
-- shioko (*Chinese Simplified*)
-- Evgeny Petrov (*Russian*)
-- ariasuni (*French; Esperanto*)
-- Tiago Epifânio (*Portuguese*)
-- dxwc (*Bengali*)
-- liffon (*Swedish*)
-- Vanege (*Esperanto*)
-- Johan Schiff (*Swedish*)
-- kat (*Ukrainian; Russian*)
-- oti4500 (*Hungarian; Ukrainian*)
-- Juan José Salvador Piedra (*Spanish*)
-- diazepan (*Spanish*)
-- SHeija (*Finnish*)
-- Jack R (*Spanish*)
-- Saederup92 (*Danish*)
-- Stasiek Michalski (*Polish*)
-- Dewi (*Breton; French*)
-- cybergene (*Japanese*)
-- AW Unad (*Indonesian*)
-- Andrea Lo Iacono (*Italian*)
-- Ray (*Spanish*)
-- Unmual (*Spanish*)
-- Ryo (*Korean*)
-- juanda097 (*Spanish*)
-- Anunnakey (*Macedonian*)
-- Cutls (*Japanese*)
-- erikstl (*Esperanto*)
-- ruine (*Japanese*)
-- MadeInSteak (*Finnish*)
-- Sokratis Alichanidis (*Greek*)
-- dragnucs2 (*Arabic*)
-- frumble (*German*)
-- Rikard Linde (*Swedish*)
-- PPNplus (*Thai*)
-- arethsu (*Swedish*)
-- EPEMA YT (*German*)
-- Rhys Harrison (*Esperanto*)
-- KEINOS (*Japanese*)
-- filippodb (*Italian*)
-- JzshAC (*Chinese Simplified*)
-- Rintan1 (*Japanese*)
-- Antillion (*Spanish*)
-- hiphipvargas (*Portuguese*)
-- Ch. (*Korean*)
-- tctovsli (*Norwegian Nynorsk*)
-- vjasiegd (*Polish*)
-- SamitiMed (*Thai*)
-- umelard (*Hebrew*)
-- 硫酸鶏 (*Japanese*)
-- Adrián Lattes (*Spanish*)
-- Hinaloe (*Japanese*)
-- Renato "Lond" Cerqueira (*Portuguese, Brazilian*)
-- parnikkapore (*Thai*)
-- Marcin Mikołajczak (*Polish*)
-- 森の子リスのミーコの大冒険 (*Japanese*)
-- Marcepanek_ (*Polish*)
-- Sahak Petrosyan (*Armenian*)
-- Daniel Dimitrov (*Bulgarian*)
-- Hugh Liu (*Chinese Simplified*)
-- Rakino (*Chinese Simplified*)
-- hussama (*Portuguese, Brazilian*)
-- ThibG (*French*)
-- SnDer (*Dutch*)
-- PifyZ (*French*)
-- eichkat3r (*German*)
-- Karol Kosek (*Polish*)
-- Akarshan Biswas (*Bengali*)
-- Tradjincal (*French*)
-- Steven Tappert (*German*)
-- sergioaraujo1 (*Portuguese, Brazilian*)
-- mmokhi (*Persian*)
-- fedot (*Russian*)
-- skaaarrr (*German*)
-- JackXu (*Chinese Simplified*)
-- Lukas Fülling (*German*)
-- Zoé Bőle (*German*)
-- Dremski (*Bulgarian*)
-- tamaina (*Japanese*)
-- OpenAlgeria (*Arabic*)

Aptfile

@@ -10,20 +10,3 @@ libxdamage1
 libxfixes3
 protobuf-compiler
 zlib1g-dev
-libcairo2
-libcroco3
-libdatrie1
-libgdk-pixbuf2.0-0
-libgraphite2-3
-libharfbuzz0b
-libpango-1.0-0
-libpangocairo-1.0-0
-libpangoft2-1.0-0
-libpixman-1-0
-librsvg2-2
-libthai-data
-libthai0
-libvpx5
-libxcb-render0
-libxcb-shm0
-libxrender1

CHANGELOG.md

@@ -1,964 +0,0 @@
-Changelog
-=========
-
-All notable changes to this project will be documented in this file.
-
-## [3.0.1] - 2019-10-10
-### Added
-
-- Add `tootctl media usage` command ([Gargron](https://github.com/tootsuite/mastodon/pull/12115))
-- Add admin setting to auto-approve trending hashtags ([Gargron](https://github.com/tootsuite/mastodon/pull/12122), [Gargron](https://github.com/tootsuite/mastodon/pull/12130))
-
-### Changed
-
-- Change `tootctl media refresh` to skip already downloaded attachments ([Gargron](https://github.com/tootsuite/mastodon/pull/12118))
-
-### Removed
-
-- Remove auto-silence behaviour from spam check ([Gargron](https://github.com/tootsuite/mastodon/pull/12117))
-- Remove HTML `lang` attribute from individual statuses in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/12124))
-- Remove fallback to long description on sidebar and meta description ([Gargron](https://github.com/tootsuite/mastodon/pull/12119))
-
-### Fixed
-
-- Fix preloaded JSON-LD context for identity not being used ([Gargron](https://github.com/tootsuite/mastodon/pull/12138))
-- Fix media editing modal changing dimensions once the image loads ([Gargron](https://github.com/tootsuite/mastodon/pull/12131))
-- Fix not showing whether a custom emoji has a local counterpart in admin UI ([Gargron](https://github.com/tootsuite/mastodon/pull/12135))
-- Fix attachment not being re-downloaded even if file is not stored ([Gargron](https://github.com/tootsuite/mastodon/pull/12125))
-- Fix old migration trying to use new column due to default status scope ([Gargron](https://github.com/tootsuite/mastodon/pull/12095))
-- Fix column back button missing for not found accounts ([trwnh](https://github.com/tootsuite/mastodon/pull/12094))
-- Fix issues with tootctl's parallelization and progress reporting ([Gargron](https://github.com/tootsuite/mastodon/pull/12093), [Gargron](https://github.com/tootsuite/mastodon/pull/12097))
-- Fix existing user records with now-renamed `pt` locale ([Gargron](https://github.com/tootsuite/mastodon/pull/12092))
-- Fix hashtag timeline REST API accepting too many hashtags ([Gargron](https://github.com/tootsuite/mastodon/pull/12091))
-- Fix `GET /api/v1/instance` REST APIs being unavailable in secure mode ([Gargron](https://github.com/tootsuite/mastodon/pull/12089))
-- Fix performance of home feed regeneration and merging ([Gargron](https://github.com/tootsuite/mastodon/pull/12084))
-- Fix ffmpeg performance issues due to stdout buffer overflow ([hugogameiro](https://github.com/tootsuite/mastodon/pull/12088))
-- Fix S3 adapter retrying failing uploads with exponential backoff ([Gargron](https://github.com/tootsuite/mastodon/pull/12085))
-- Fix `tootctl accounts cull` advertising unused option flag ([Kjwon15](https://github.com/tootsuite/mastodon/pull/12074))
-
-## [3.0.0] - 2019-10-03
-### Added
-
-- Add "not available" label to unloaded media attachments in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11715), [Gargron](https://github.com/tootsuite/mastodon/pull/11745))
-- **Add profile directory to web UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11688), [mayaeh](https://github.com/tootsuite/mastodon/pull/11872))
-  - Add profile directory opt-in federation
-  - Add profile directory REST API
-- Add special alert for throttled requests in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11677))
-- Add confirmation modal when logging out from the web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11671))
-- **Add audio player in web UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11644), [Gargron](https://github.com/tootsuite/mastodon/pull/11652), [Gargron](https://github.com/tootsuite/mastodon/pull/11654), [ThibG](https://github.com/tootsuite/mastodon/pull/11629), [Gargron](https://github.com/tootsuite/mastodon/pull/12056))
-- **Add autosuggestions for hashtags in web UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11422), [ThibG](https://github.com/tootsuite/mastodon/pull/11632), [Gargron](https://github.com/tootsuite/mastodon/pull/11764), [Gargron](https://github.com/tootsuite/mastodon/pull/11588), [Gargron](https://github.com/tootsuite/mastodon/pull/11442))
-- **Add media editing modal with OCR tool in web UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11563), [Gargron](https://github.com/tootsuite/mastodon/pull/11566), [ThibG](https://github.com/tootsuite/mastodon/pull/11575), [ThibG](https://github.com/tootsuite/mastodon/pull/11576), [Gargron](https://github.com/tootsuite/mastodon/pull/11577), [Gargron](https://github.com/tootsuite/mastodon/pull/11573), [Gargron](https://github.com/tootsuite/mastodon/pull/11571))
-- Add indicator of unread notifications to window title when web UI is out of focus ([Gargron](https://github.com/tootsuite/mastodon/pull/11560), [Gargron](https://github.com/tootsuite/mastodon/pull/11572))
-- Add indicator for which options you voted for in a poll in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11195))
-- **Add search results pagination to web UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11409), [ThibG](https://github.com/tootsuite/mastodon/pull/11447))
-- **Add option to disable real-time updates in web UI ("slow mode")** ([Gargron](https://github.com/tootsuite/mastodon/pull/9984), [ykzts](https://github.com/tootsuite/mastodon/pull/11880), [ThibG](https://github.com/tootsuite/mastodon/pull/11883), [Gargron](https://github.com/tootsuite/mastodon/pull/11898), [ThibG](https://github.com/tootsuite/mastodon/pull/11859))
-- Add option to disable blurhash previews in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11188))
-- Add native smooth scrolling when supported in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11207))
-- Add scrolling to the search bar on focus in web UI ([Kjwon15](https://github.com/tootsuite/mastodon/pull/12032))
-- Add refresh button to list of rebloggers/favouriters in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/12031))
-- Add error description and button to copy stack trace to web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/12033))
-- Add search and sort functions to hashtag admin UI ([mayaeh](https://github.com/tootsuite/mastodon/pull/11829), [Gargron](https://github.com/tootsuite/mastodon/pull/11897), [mayaeh](https://github.com/tootsuite/mastodon/pull/11875))
-- Add setting for default search engine indexing in admin UI ([brortao](https://github.com/tootsuite/mastodon/pull/11804))
-- Add account bio to account view in admin UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11473))
-- **Add option to include reported statuses in warning e-mail from admin UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11639), [Gargron](https://github.com/tootsuite/mastodon/pull/11812), [Gargron](https://github.com/tootsuite/mastodon/pull/11741), [Gargron](https://github.com/tootsuite/mastodon/pull/11698), [mayaeh](https://github.com/tootsuite/mastodon/pull/11765))
-- Add number of pending accounts and pending hashtags to dashboard in admin UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11514))
-- **Add account migration UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11846), [noellabo](https://github.com/tootsuite/mastodon/pull/11905), [noellabo](https://github.com/tootsuite/mastodon/pull/11907), [noellabo](https://github.com/tootsuite/mastodon/pull/11906), [noellabo](https://github.com/tootsuite/mastodon/pull/11902))
-- **Add table of contents to about page** ([Gargron](https://github.com/tootsuite/mastodon/pull/11885), [ykzts](https://github.com/tootsuite/mastodon/pull/11941), [ykzts](https://github.com/tootsuite/mastodon/pull/11895), [Kjwon15](https://github.com/tootsuite/mastodon/pull/11916))
-- **Add password challenge to 2FA settings, e-mail notifications** ([Gargron](https://github.com/tootsuite/mastodon/pull/11878))
-- **Add optional public list of domain blocks with comments** ([ThibG](https://github.com/tootsuite/mastodon/pull/11298), [ThibG](https://github.com/tootsuite/mastodon/pull/11515), [Gargron](https://github.com/tootsuite/mastodon/pull/11908))
-- Add an RSS feed for featured hashtags ([noellabo](https://github.com/tootsuite/mastodon/pull/10502))
-- Add explanations to featured hashtags UI and profile ([Gargron](https://github.com/tootsuite/mastodon/pull/11586))
-- **Add hashtag trends with admin and user settings** ([Gargron](https://github.com/tootsuite/mastodon/pull/11490), [Gargron](https://github.com/tootsuite/mastodon/pull/11502), [Gargron](https://github.com/tootsuite/mastodon/pull/11641), [Gargron](https://github.com/tootsuite/mastodon/pull/11594), [Gargron](https://github.com/tootsuite/mastodon/pull/11517), [mayaeh](https://github.com/tootsuite/mastodon/pull/11845), [Gargron](https://github.com/tootsuite/mastodon/pull/11774), [Gargron](https://github.com/tootsuite/mastodon/pull/11712), [Gargron](https://github.com/tootsuite/mastodon/pull/11791), [Gargron](https://github.com/tootsuite/mastodon/pull/11743), [Gargron](https://github.com/tootsuite/mastodon/pull/11740), [Gargron](https://github.com/tootsuite/mastodon/pull/11714), [ThibG](https://github.com/tootsuite/mastodon/pull/11631), [Sasha-Sorokin](https://github.com/tootsuite/mastodon/pull/11569), [Gargron](https://github.com/tootsuite/mastodon/pull/11524), [Gargron](https://github.com/tootsuite/mastodon/pull/11513))
-  - Add hashtag usage breakdown to admin UI
-  - Add batch actions for hashtags to admin UI
-  - Add trends to web UI
-  - Add trends to public pages
-  - Add user preference to hide trends
-  - Add admin setting to disable trends
-- **Add categories for custom emojis** ([Gargron](https://github.com/tootsuite/mastodon/pull/11196), [Gargron](https://github.com/tootsuite/mastodon/pull/11793), [Gargron](https://github.com/tootsuite/mastodon/pull/11920), [highemerly](https://github.com/tootsuite/mastodon/pull/11876))
-  - Add custom emoji categories to emoji picker in web UI
-  - Add `category` to custom emojis in REST API
-  - Add batch actions for custom emojis in admin UI
-- Add max image dimensions to error message ([raboof](https://github.com/tootsuite/mastodon/pull/11552))
-- Add aac, m4a, 3gp, amr, wma to allowed audio formats ([Gargron](https://github.com/tootsuite/mastodon/pull/11342), [umonaca](https://github.com/tootsuite/mastodon/pull/11687))
-- **Add search syntax for operators and phrases** ([Gargron](https://github.com/tootsuite/mastodon/pull/11411))
-- **Add REST API for managing featured hashtags** ([noellabo](https://github.com/tootsuite/mastodon/pull/11778))
-- **Add REST API for managing timeline read markers** ([Gargron](https://github.com/tootsuite/mastodon/pull/11762))
-- Add `exclude_unreviewed` param to `GET /api/v2/search` REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/11977))
-- Add `reason` param to `POST /api/v1/accounts` REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/12064))
-- **Add ActivityPub secure mode** ([Gargron](https://github.com/tootsuite/mastodon/pull/11269), [ThibG](https://github.com/tootsuite/mastodon/pull/11332), [ThibG](https://github.com/tootsuite/mastodon/pull/11295))
-- Add HTTP signatures to all outgoing ActivityPub GET requests ([Gargron](https://github.com/tootsuite/mastodon/pull/11284), [ThibG](https://github.com/tootsuite/mastodon/pull/11300))
-- Add support for ActivityPub Audio activities ([ThibG](https://github.com/tootsuite/mastodon/pull/11189))
-- Add ActivityPub actor representing the entire server ([ThibG](https://github.com/tootsuite/mastodon/pull/11321), [rtucker](https://github.com/tootsuite/mastodon/pull/11400), [ThibG](https://github.com/tootsuite/mastodon/pull/11561), [Gargron](https://github.com/tootsuite/mastodon/pull/11798))
-- **Add whitelist mode** ([Gargron](https://github.com/tootsuite/mastodon/pull/11291), [mayaeh](https://github.com/tootsuite/mastodon/pull/11634))
-- Add config of multipart threshold for S3 ([ykzts](https://github.com/tootsuite/mastodon/pull/11924), [ykzts](https://github.com/tootsuite/mastodon/pull/11944))
-- Add health check endpoint for web ([ykzts](https://github.com/tootsuite/mastodon/pull/11770), [ykzts](https://github.com/tootsuite/mastodon/pull/11947))
-- Add HTTP signature keyId to request log ([Gargron](https://github.com/tootsuite/mastodon/pull/11591))
-- Add `SMTP_REPLY_TO` environment variable ([hugogameiro](https://github.com/tootsuite/mastodon/pull/11718))
-- Add `tootctl preview_cards remove` command ([mayaeh](https://github.com/tootsuite/mastodon/pull/11320))
-- Add `tootctl media refresh` command ([Gargron](https://github.com/tootsuite/mastodon/pull/11775))
-- Add `tootctl cache recount` command ([Gargron](https://github.com/tootsuite/mastodon/pull/11597))
-- Add option to exclude suspended domains from `tootctl domains crawl` ([dariusk](https://github.com/tootsuite/mastodon/pull/11454))
-- Add parallelization to `tootctl search deploy` ([noellabo](https://github.com/tootsuite/mastodon/pull/12051))
-- Add soft delete for statuses for instant deletes through API ([Gargron](https://github.com/tootsuite/mastodon/pull/11623), [Gargron](https://github.com/tootsuite/mastodon/pull/11648))
-- Add rails-level JSON caching ([Gargron](https://github.com/tootsuite/mastodon/pull/11333), [Gargron](https://github.com/tootsuite/mastodon/pull/11271))
-- **Add request pool to improve delivery performance** ([Gargron](https://github.com/tootsuite/mastodon/pull/10353), [ykzts](https://github.com/tootsuite/mastodon/pull/11756))
-- Add concurrent connection attempts to resolved IP addresses ([ThibG](https://github.com/tootsuite/mastodon/pull/11757))
-- Add index for remember_token to improve login performance ([abcang](https://github.com/tootsuite/mastodon/pull/11881))
-- **Add more accurate hashtag search** ([Gargron](https://github.com/tootsuite/mastodon/pull/11579), [Gargron](https://github.com/tootsuite/mastodon/pull/11427), [Gargron](https://github.com/tootsuite/mastodon/pull/11448))
-- **Add more accurate account search** ([Gargron](https://github.com/tootsuite/mastodon/pull/11537), [Gargron](https://github.com/tootsuite/mastodon/pull/11580))
-- **Add a spam check** ([Gargron](https://github.com/tootsuite/mastodon/pull/11217), [Gargron](https://github.com/tootsuite/mastodon/pull/11806), [ThibG](https://github.com/tootsuite/mastodon/pull/11296))
-- Add new languages ([Gargron](https://github.com/tootsuite/mastodon/pull/12062))
-  - Breton
-  - Spanish (Argentina)
-  - Estonian
-  - Macedonian
-  - New Norwegian
-- Add NodeInfo endpoint ([Gargron](https://github.com/tootsuite/mastodon/pull/12002), [Gargron](https://github.com/tootsuite/mastodon/pull/12058))
-
-### Changed
-
-- **Change conversations UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/11896))
-- Change dashboard to short number notation ([noellabo](https://github.com/tootsuite/mastodon/pull/11847), [noellabo](https://github.com/tootsuite/mastodon/pull/11911))
-- Change REST API `GET /api/v1/timelines/public` to require authentication when public preview is off ([ThibG](https://github.com/tootsuite/mastodon/pull/11802))
-- Change REST API `POST /api/v1/follow_requests/:id/(approve|reject)` to return relationship ([ThibG](https://github.com/tootsuite/mastodon/pull/11800))
-- Change rate limit for media proxy ([ykzts](https://github.com/tootsuite/mastodon/pull/11814))
-- Change unlisted custom emoji to not appear in autosuggestions ([Gargron](https://github.com/tootsuite/mastodon/pull/11818))
-- Change max length of media descriptions from 420 to 1500 characters ([Gargron](https://github.com/tootsuite/mastodon/pull/11819), [ThibG](https://github.com/tootsuite/mastodon/pull/11836))
-- **Change deletes to preserve soft-deleted statuses in unresolved reports** ([Gargron](https://github.com/tootsuite/mastodon/pull/11805))
-- **Change tootctl to use inline parallelization instead of Sidekiq** ([Gargron](https://github.com/tootsuite/mastodon/pull/11776))
-- **Change account deletion page to have better explanations** ([Gargron](https://github.com/tootsuite/mastodon/pull/11753), [Gargron](https://github.com/tootsuite/mastodon/pull/11763))
-- Change hashtag component in web UI to show numbers for 2 last days ([Gargron](https://github.com/tootsuite/mastodon/pull/11742), [Gargron](https://github.com/tootsuite/mastodon/pull/11755), [Gargron](https://github.com/tootsuite/mastodon/pull/11754))
-- Change OpenGraph description on sign-up page to reflect invite ([Gargron](https://github.com/tootsuite/mastodon/pull/11744))
-- Change layout of public profile directory to be the same as in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11705))
-- Change detailed status child ordering to sort self-replies on top ([ThibG](https://github.com/tootsuite/mastodon/pull/11686))
-- Change window resize handler to switch to/from mobile layout as soon as needed ([ThibG](https://github.com/tootsuite/mastodon/pull/11656))
-- Change icon button styles to make hover/focus states more obvious ([ThibG](https://github.com/tootsuite/mastodon/pull/11474))
-- Change contrast of status links that are not mentions or hashtags ([ThibG](https://github.com/tootsuite/mastodon/pull/11406))
-- **Change hashtags to preserve first-used casing** ([Gargron](https://github.com/tootsuite/mastodon/pull/11416), [Gargron](https://github.com/tootsuite/mastodon/pull/11508), [Gargron](https://github.com/tootsuite/mastodon/pull/11504), [Gargron](https://github.com/tootsuite/mastodon/pull/11507), [Gargron](https://github.com/tootsuite/mastodon/pull/11441))
-- **Change unconfirmed user login behaviour** ([Gargron](https://github.com/tootsuite/mastodon/pull/11375), [ThibG](https://github.com/tootsuite/mastodon/pull/11394), [Gargron](https://github.com/tootsuite/mastodon/pull/11860))
-- **Change single-column mode to scroll the whole page** ([Gargron](https://github.com/tootsuite/mastodon/pull/11359), [Gargron](https://github.com/tootsuite/mastodon/pull/11894), [Gargron](https://github.com/tootsuite/mastodon/pull/11891), [ThibG](https://github.com/tootsuite/mastodon/pull/11655), [Gargron](https://github.com/tootsuite/mastodon/pull/11463), [Gargron](https://github.com/tootsuite/mastodon/pull/11458), [ThibG](https://github.com/tootsuite/mastodon/pull/11395), [Gargron](https://github.com/tootsuite/mastodon/pull/11418))
-- Change `tootctl accounts follow` to only work with local accounts ([angristan](https://github.com/tootsuite/mastodon/pull/11592))
-- Change Dockerfile ([Shleeble](https://github.com/tootsuite/mastodon/pull/11710), [ykzts](https://github.com/tootsuite/mastodon/pull/11768), [Shleeble](https://github.com/tootsuite/mastodon/pull/11707))
-- Change supported Node versions to include v12 ([abcang](https://github.com/tootsuite/mastodon/pull/11706))
-- Change Portuguese language from `pt` to `pt-PT` ([Gargron](https://github.com/tootsuite/mastodon/pull/11820))
-- Change domain block silence to always require approval on follow ([ThibG](https://github.com/tootsuite/mastodon/pull/11975))
-- Change link preview fetcher to not perform a HEAD request first ([Gargron](https://github.com/tootsuite/mastodon/pull/12028))
-- Change `tootctl domains purge` to accept multiple domains at once ([Gargron](https://github.com/tootsuite/mastodon/pull/12046))
-
-### Removed
-
-- **Remove OStatus support** ([Gargron](https://github.com/tootsuite/mastodon/pull/11205), [Gargron](https://github.com/tootsuite/mastodon/pull/11303), [Gargron](https://github.com/tootsuite/mastodon/pull/11460), [ThibG](https://github.com/tootsuite/mastodon/pull/11280), [ThibG](https://github.com/tootsuite/mastodon/pull/11278))
-- Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ([Gargron](https://github.com/tootsuite/mastodon/pull/11247))
-- Remove WebP support ([angristan](https://github.com/tootsuite/mastodon/pull/11589))
-- Remove deprecated config options from Heroku and Scalingo ([ykzts](https://github.com/tootsuite/mastodon/pull/11925))
-- Remove deprecated REST API `GET /api/v1/search` API ([Gargron](https://github.com/tootsuite/mastodon/pull/11823))
-- Remove deprecated REST API `GET /api/v1/statuses/:id/card` ([Gargron](https://github.com/tootsuite/mastodon/pull/11213))
-- Remove deprecated REST API `POST /api/v1/notifications/dismiss?id=:id` ([Gargron](https://github.com/tootsuite/mastodon/pull/11214))
-- Remove deprecated REST API `GET /api/v1/timelines/direct` ([Gargron](https://github.com/tootsuite/mastodon/pull/11212))
-
-### Fixed
-
-- Fix manifest warning ([ykzts](https://github.com/tootsuite/mastodon/pull/11767))
-- Fix admin UI for custom emoji not respecting GIF autoplay preference ([ThibG](https://github.com/tootsuite/mastodon/pull/11801))
-- Fix page body not being scrollable in admin/settings layout ([Gargron](https://github.com/tootsuite/mastodon/pull/11893))
-- Fix placeholder colors for inputs not being explicitly defined ([Gargron](https://github.com/tootsuite/mastodon/pull/11890))
-- Fix incorrect enclosure length in RSS ([tsia](https://github.com/tootsuite/mastodon/pull/11889))
-- Fix TOTP codes not being filtered from logs during enabling/disabling ([Gargron](https://github.com/tootsuite/mastodon/pull/11877))
-- Fix webfinger response not returning 410 when account is suspended ([Gargron](https://github.com/tootsuite/mastodon/pull/11869))
-- Fix ActivityPub Move handler queuing jobs that will fail if account is suspended ([Gargron](https://github.com/tootsuite/mastodon/pull/11864))
-- Fix SSO login not using existing account when e-mail is verified ([Gargron](https://github.com/tootsuite/mastodon/pull/11862))
-- Fix web UI allowing uploads past status limit via drag & drop ([Gargron](https://github.com/tootsuite/mastodon/pull/11863))
-- Fix expiring polls not being displayed as such in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11835))
-- Fix 2FA challenge and password challenge for non-database users ([Gargron](https://github.com/tootsuite/mastodon/pull/11831), [Gargron](https://github.com/tootsuite/mastodon/pull/11943))
-- Fix profile fields overflowing page width in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11828))
-- Fix web push subscriptions being deleted on rate limit or timeout ([Gargron](https://github.com/tootsuite/mastodon/pull/11826))
-- Fix display of long poll options in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11717), [ThibG](https://github.com/tootsuite/mastodon/pull/11833))
-- Fix search API not resolving URL when `type` is given ([Gargron](https://github.com/tootsuite/mastodon/pull/11822))
-- Fix hashtags being split by ZWNJ character ([Gargron](https://github.com/tootsuite/mastodon/pull/11821))
-- Fix scroll position resetting when opening media modals in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11815))
-- Fix duplicate HTML IDs on about page ([ThibG](https://github.com/tootsuite/mastodon/pull/11803))
-- Fix admin UI showing superfluous reject media/reports on suspended domain blocks ([ThibG](https://github.com/tootsuite/mastodon/pull/11749))
-- Fix ActivityPub context not being dynamically computed ([ThibG](https://github.com/tootsuite/mastodon/pull/11746))
-- Fix Mastodon logo style on hover on public pages' footer ([ThibG](https://github.com/tootsuite/mastodon/pull/11735))
-- Fix height of dashboard counters ([ThibG](https://github.com/tootsuite/mastodon/pull/11736))
-- Fix custom emoji animation on hover in web UI directory bios ([ThibG](https://github.com/tootsuite/mastodon/pull/11716))
-- Fix non-numbers being passed to Redis and causing an error ([Gargron](https://github.com/tootsuite/mastodon/pull/11697))
-- Fix error in REST API for an account's statuses ([Gargron](https://github.com/tootsuite/mastodon/pull/11700))
-- Fix uncaught error when resource param is missing in Webfinger request ([Gargron](https://github.com/tootsuite/mastodon/pull/11701))
-- Fix uncaught domain normalization error in remote follow ([Gargron](https://github.com/tootsuite/mastodon/pull/11703))
-- Fix uncaught 422 and 500 errors ([Gargron](https://github.com/tootsuite/mastodon/pull/11590), [Gargron](https://github.com/tootsuite/mastodon/pull/11811))
-- Fix uncaught parameter missing exceptions and missing error templates ([Gargron](https://github.com/tootsuite/mastodon/pull/11702))
-- Fix encoding error when checking e-mail MX records ([Gargron](https://github.com/tootsuite/mastodon/pull/11696))
-- Fix items in StatusContent render list not all having a key ([ThibG](https://github.com/tootsuite/mastodon/pull/11645))
-- Fix remote and staff-removed statuses leaving media behind for a day ([Gargron](https://github.com/tootsuite/mastodon/pull/11638))
-- Fix CSP needlessly allowing blob URLs in script-src ([ThibG](https://github.com/tootsuite/mastodon/pull/11620))
-- Fix ignoring whole status because of one invalid hashtag ([Gargron](https://github.com/tootsuite/mastodon/pull/11621))
-- Fix hidden statuses losing focus ([ThibG](https://github.com/tootsuite/mastodon/pull/11208))
-- Fix loading bar being obscured by other elements in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11598))
-- Fix multiple issues with replies collection for pages further than self-replies ([ThibG](https://github.com/tootsuite/mastodon/pull/11582))
-- Fix blurhash and autoplay not working on public pages ([Gargron](https://github.com/tootsuite/mastodon/pull/11585))
-- Fix 422 being returned instead of 404 when POSTing to unmatched routes ([Gargron](https://github.com/tootsuite/mastodon/pull/11574), [Gargron](https://github.com/tootsuite/mastodon/pull/11704))
-- Fix client-side resizing of image uploads ([ThibG](https://github.com/tootsuite/mastodon/pull/11570))
-- Fix short number formatting for numbers above million in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11559))
-- Fix ActivityPub and REST API queries setting cookies and preventing caching ([ThibG](https://github.com/tootsuite/mastodon/pull/11539), [ThibG](https://github.com/tootsuite/mastodon/pull/11557), [ThibG](https://github.com/tootsuite/mastodon/pull/11336), [ThibG](https://github.com/tootsuite/mastodon/pull/11331))
-- Fix some emojis in profile metadata labels are not emojified. ([kedamaDQ](https://github.com/tootsuite/mastodon/pull/11534))
-- Fix account search always returning exact match on paginated results ([Gargron](https://github.com/tootsuite/mastodon/pull/11525))
-- Fix acct URIs with IDN domains not being resolved ([Gargron](https://github.com/tootsuite/mastodon/pull/11520))
-- Fix admin dashboard missing latest features ([Gargron](https://github.com/tootsuite/mastodon/pull/11505))
-- Fix jumping of toot date when clicking spoiler button ([ariasuni](https://github.com/tootsuite/mastodon/pull/11449))
-- Fix boost to original audience not working on mobile in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11371))
-- Fix handling of webfinger redirects in ResolveAccountService ([ThibG](https://github.com/tootsuite/mastodon/pull/11279))
-- Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker ([Gargron](https://github.com/tootsuite/mastodon/pull/11231))
-- Fix support for HTTP proxies ([ThibG](https://github.com/tootsuite/mastodon/pull/11245))
-- Fix HTTP requests to IPv6 hosts ([ThibG](https://github.com/tootsuite/mastodon/pull/11240))
-- Fix error in ElasticSearch index import ([mayaeh](https://github.com/tootsuite/mastodon/pull/11192))
-- Fix duplicate account error when seeding development database ([ysksn](https://github.com/tootsuite/mastodon/pull/11366))
-- Fix performance of session clean-up scheduler ([abcang](https://github.com/tootsuite/mastodon/pull/11871))
-- Fix older migrations not running ([zunda](https://github.com/tootsuite/mastodon/pull/11377))
-- Fix URLs counting towards RTL detection ([ahangarha](https://github.com/tootsuite/mastodon/pull/11759))
-- Fix unnecessary status re-rendering in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11211))
-- Fix http_parser.rb gem not being compiled when no network available ([petabyteboy](https://github.com/tootsuite/mastodon/pull/11444))
-- Fix muted text color not applying to all text ([trwnh](https://github.com/tootsuite/mastodon/pull/11996))
-- Fix follower/following lists resetting on back-navigation in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11986))
-- Fix n+1 query when approving multiple follow requests ([abcang](https://github.com/tootsuite/mastodon/pull/12004))
-- Fix records not being indexed into ElasticSearch sometimes ([Gargron](https://github.com/tootsuite/mastodon/pull/12024))
-- Fix needlessly indexing unsearchable statuses into ElasticSearch ([Gargron](https://github.com/tootsuite/mastodon/pull/12041))
-- Fix new user bootstrapping crashing when to-be-followed accounts are invalid ([ThibG](https://github.com/tootsuite/mastodon/pull/12037))
-- Fix featured hashtag URL being interpreted as media or replies tab ([Gargron](https://github.com/tootsuite/mastodon/pull/12048))
-- Fix account counters being overwritten by parallel writes ([Gargron](https://github.com/tootsuite/mastodon/pull/12045))
-
-### Security
-
-- Fix performance of GIF re-encoding and always strip EXIF data from videos ([Gargron](https://github.com/tootsuite/mastodon/pull/12057))
-
-## [2.9.3] - 2019-08-10
-### Added
-
-- Add GIF and WebP support for custom emojis ([Gargron](https://github.com/tootsuite/mastodon/pull/11519))
-- Add logout link to dropdown menu in web UI ([koyuawsmbrtn](https://github.com/tootsuite/mastodon/pull/11353))
-- Add indication that text search is unavailable in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11112), [ThibG](https://github.com/tootsuite/mastodon/pull/11202))
-- Add `suffix` to `Mastodon::Version` to help forks ([clarfon](https://github.com/tootsuite/mastodon/pull/11407))
-- Add on-hover animation to animated custom emoji in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11348), [ThibG](https://github.com/tootsuite/mastodon/pull/11404), [ThibG](https://github.com/tootsuite/mastodon/pull/11522))
-- Add custom emoji support in profile metadata labels ([ThibG](https://github.com/tootsuite/mastodon/pull/11350))
-
-### Changed
-
-- Change default interface of web and streaming from 0.0.0.0 to 127.0.0.1 ([Gargron](https://github.com/tootsuite/mastodon/pull/11302), [zunda](https://github.com/tootsuite/mastodon/pull/11378), [Gargron](https://github.com/tootsuite/mastodon/pull/11351), [zunda](https://github.com/tootsuite/mastodon/pull/11326))
-- Change the retry limit of web push notifications ([highemerly](https://github.com/tootsuite/mastodon/pull/11292))
-- Change ActivityPub deliveries to not retry HTTP 501 errors ([Gargron](https://github.com/tootsuite/mastodon/pull/11233))
-- Change language detection to include hashtags as words ([Gargron](https://github.com/tootsuite/mastodon/pull/11341))
-- Change terms and privacy policy pages to always be accessible ([Gargron](https://github.com/tootsuite/mastodon/pull/11334))
-- Change robots tag to include `noarchive` when user opts out of indexing ([Kjwon15](https://github.com/tootsuite/mastodon/pull/11421))
-
-### Fixed
-
-- Fix account domain block not clearing out notifications ([Gargron](https://github.com/tootsuite/mastodon/pull/11393))
-- Fix incorrect locale sometimes being detected for browser ([Gargron](https://github.com/tootsuite/mastodon/pull/8657))
-- Fix crash when saving invalid domain name ([Gargron](https://github.com/tootsuite/mastodon/pull/11528))
-- Fix pinned statuses REST API returning pagination headers ([Gargron](https://github.com/tootsuite/mastodon/pull/11526))
-- Fix "cancel follow request" button having unreadable text in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11521))
-- Fix image uploads being blank when canvas read access is blocked ([ThibG](https://github.com/tootsuite/mastodon/pull/11499))
-- Fix avatars not being animated on hover when not logged in ([ThibG](https://github.com/tootsuite/mastodon/pull/11349))
-- Fix overzealous sanitization of HTML lists ([ThibG](https://github.com/tootsuite/mastodon/pull/11354))
-- Fix block crashing when a follow request exists ([ThibG](https://github.com/tootsuite/mastodon/pull/11288))
-- Fix backup service crashing when an attachment is missing ([ThibG](https://github.com/tootsuite/mastodon/pull/11241))
-- Fix account moderation action always sending e-mail notification ([Gargron](https://github.com/tootsuite/mastodon/pull/11242))
-- Fix swiping columns on mobile sometimes failing in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11200))
-- Fix wrong actor URI being serialized into poll updates ([ThibG](https://github.com/tootsuite/mastodon/pull/11194))
-- Fix statsd UDP sockets not being cleaned up in Sidekiq ([Gargron](https://github.com/tootsuite/mastodon/pull/11230))
-- Fix expiration date of filters being set to "never" when editing them ([ThibG](https://github.com/tootsuite/mastodon/pull/11204))
-- Fix support for MP4 files that are actually M4V files ([Gargron](https://github.com/tootsuite/mastodon/pull/11210))
-- Fix `alerts` not being typecast correctly in push subscription in REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/11343))
-- Fix some notices staying on unrelated pages ([ThibG](https://github.com/tootsuite/mastodon/pull/11364))
-- Fix unboosting sometimes preventing a boost from reappearing on feed ([ThibG](https://github.com/tootsuite/mastodon/pull/11405), [Gargron](https://github.com/tootsuite/mastodon/pull/11450))
-- Fix only one middle dot being recognized in hashtags ([Gargron](https://github.com/tootsuite/mastodon/pull/11345), [ThibG](https://github.com/tootsuite/mastodon/pull/11363))
-- Fix unnecessary SQL query performed on unauthenticated requests ([Gargron](https://github.com/tootsuite/mastodon/pull/11179))
-- Fix incorrect timestamp displayed on featured tags ([Kjwon15](https://github.com/tootsuite/mastodon/pull/11477))
-- Fix privacy dropdown active state when dropdown is placed on top of it ([ThibG](https://github.com/tootsuite/mastodon/pull/11495))
-- Fix filters not being applied to poll options ([ThibG](https://github.com/tootsuite/mastodon/pull/11174))
-- Fix keyboard navigation on various dropdowns ([ThibG](https://github.com/tootsuite/mastodon/pull/11511), [ThibG](https://github.com/tootsuite/mastodon/pull/11492), [ThibG](https://github.com/tootsuite/mastodon/pull/11491))
-- Fix keyboard navigation in modals ([ThibG](https://github.com/tootsuite/mastodon/pull/11493))
-- Fix image conversation being non-deterministic due to timestamps ([Gargron](https://github.com/tootsuite/mastodon/pull/11408))
-- Fix web UI performance ([ThibG](https://github.com/tootsuite/mastodon/pull/11211), [ThibG](https://github.com/tootsuite/mastodon/pull/11234))
-- Fix scrolling to compose form when not necessary in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11246), [ThibG](https://github.com/tootsuite/mastodon/pull/11182))
-- Fix save button being enabled when list title is empty in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11475))
-- Fix poll expiration not being pre-filled on delete & redraft in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11203))
-- Fix content warning sometimes being set when not requested in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/11206))
-
-### Security
-
-- Fix invites not being disabled upon account suspension ([ThibG](https://github.com/tootsuite/mastodon/pull/11412))
-- Fix blocked domains still being able to fill database with account records ([Gargron](https://github.com/tootsuite/mastodon/pull/11219))
-
-## [2.9.2] - 2019-06-22
-### Added
-
-- Add `short_description` and `approval_required` to `GET /api/v1/instance` ([Gargron](https://github.com/tootsuite/mastodon/pull/11146))
-
-### Changed
-
-- Change camera icon to paperclip icon in upload form ([koyuawsmbrtn](https://github.com/tootsuite/mastodon/pull/11149))
-
-### Fixed
-
-- Fix audio-only OGG and WebM files not being processed as such ([Gargron](https://github.com/tootsuite/mastodon/pull/11151))
-- Fix audio not being downloaded from remote servers ([Gargron](https://github.com/tootsuite/mastodon/pull/11145))
-
-## [2.9.1] - 2019-06-22
-### Added
-
-- Add moderation API ([Gargron](https://github.com/tootsuite/mastodon/pull/9387))
-- Add audio uploads ([Gargron](https://github.com/tootsuite/mastodon/pull/11123), [Gargron](https://github.com/tootsuite/mastodon/pull/11141))
-
-### Changed
-
-- Change domain blocks to automatically support subdomains ([Gargron](https://github.com/tootsuite/mastodon/pull/11138))
-- Change Nanobox configuration to bring it up to date ([danhunsaker](https://github.com/tootsuite/mastodon/pull/11083))
-
-### Removed
-
-- Remove expensive counters from federation page in admin UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11139))
-
-### Fixed
-
-- Fix converted media being saved with original extension and mime type ([Gargron](https://github.com/tootsuite/mastodon/pull/11130))
-- Fix layout of identity proofs settings ([acid-chicken](https://github.com/tootsuite/mastodon/pull/11126))
-- Fix active scope only returning suspended users ([ThibG](https://github.com/tootsuite/mastodon/pull/11111))
-- Fix sanitizer making block level elements unreadable ([Gargron](https://github.com/tootsuite/mastodon/pull/10836))
-- Fix label for site theme not being translated in admin UI ([palindromordnilap](https://github.com/tootsuite/mastodon/pull/11121))
-- Fix statuses not being filtered irreversibly in web UI under some circumstances ([ThibG](https://github.com/tootsuite/mastodon/pull/11113))
-- Fix scrolling behaviour in compose form ([ThibG](https://github.com/tootsuite/mastodon/pull/11093))
-
-## [2.9.0] - 2019-06-13
-### Added
-
-- **Add single-column mode in web UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/10807), [Gargron](https://github.com/tootsuite/mastodon/pull/10848), [Gargron](https://github.com/tootsuite/mastodon/pull/11003), [Gargron](https://github.com/tootsuite/mastodon/pull/10961), [Hanage999](https://github.com/tootsuite/mastodon/pull/10915), [noellabo](https://github.com/tootsuite/mastodon/pull/10917), [abcang](https://github.com/tootsuite/mastodon/pull/10859), [Gargron](https://github.com/tootsuite/mastodon/pull/10820), [Gargron](https://github.com/tootsuite/mastodon/pull/10835), [Gargron](https://github.com/tootsuite/mastodon/pull/10809), [Gargron](https://github.com/tootsuite/mastodon/pull/10963), [noellabo](https://github.com/tootsuite/mastodon/pull/10883), [Hanage999](https://github.com/tootsuite/mastodon/pull/10839))
-- Add waiting time to the list of pending accounts in admin UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10985))
-- Add a keyboard shortcut to hide/show media in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10647), [Gargron](https://github.com/tootsuite/mastodon/pull/10838), [ThibG](https://github.com/tootsuite/mastodon/pull/10872))
-- Add `account_id` param to `GET /api/v1/notifications` ([pwoolcoc](https://github.com/tootsuite/mastodon/pull/10796))
-- Add confirmation modal for unboosting toots in web UI ([aurelien-reeves](https://github.com/tootsuite/mastodon/pull/10287))
-- Add emoji suggestions to content warning and poll option fields in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10555))
-- Add `source` attribute to response of `DELETE /api/v1/statuses/:id` ([ThibG](https://github.com/tootsuite/mastodon/pull/10669))
-- Add some caching for HTML versions of public status pages ([ThibG](https://github.com/tootsuite/mastodon/pull/10701))
-- Add button to conveniently copy OAuth code ([ThibG](https://github.com/tootsuite/mastodon/pull/11065))
-
-### Changed
-
-- **Change default layout to single column in web UI** ([Gargron](https://github.com/tootsuite/mastodon/pull/10847))
-- **Change light theme** ([Gargron](https://github.com/tootsuite/mastodon/pull/10992), [Gargron](https://github.com/tootsuite/mastodon/pull/10996), [yuzulabo](https://github.com/tootsuite/mastodon/pull/10754), [Gargron](https://github.com/tootsuite/mastodon/pull/10845))
-- **Change preferences page into appearance, notifications, and other** ([Gargron](https://github.com/tootsuite/mastodon/pull/10977), [Gargron](https://github.com/tootsuite/mastodon/pull/10988))
-- Change priority of delete activity forwards for replies and reblogs ([Gargron](https://github.com/tootsuite/mastodon/pull/11002))
-- Change Mastodon logo to use primary text color of the given theme ([Gargron](https://github.com/tootsuite/mastodon/pull/10994))
-- Change reblogs counter to be updated when boosted privately ([Gargron](https://github.com/tootsuite/mastodon/pull/10964))
-- Change bio limit from 160 to 500 characters ([trwnh](https://github.com/tootsuite/mastodon/pull/10790))
-- Change API rate limiting to reduce allowed unauthenticated requests ([ThibG](https://github.com/tootsuite/mastodon/pull/10860), [hinaloe](https://github.com/tootsuite/mastodon/pull/10868), [mayaeh](https://github.com/tootsuite/mastodon/pull/10867))
-- Change help text of `tootctl emoji import` command to specify a gzipped TAR archive is required ([dariusk](https://github.com/tootsuite/mastodon/pull/11000))
-- Change web UI to hide poll options behind content warnings ([ThibG](https://github.com/tootsuite/mastodon/pull/10983))
-- Change silencing to ensure local effects and remote effects are the same for silenced local users ([ThibG](https://github.com/tootsuite/mastodon/pull/10575))
-- Change `tootctl domains purge` to remove custom emoji as well ([Kjwon15](https://github.com/tootsuite/mastodon/pull/10721))
-- Change Docker image to keep `apt` working ([SuperSandro2000](https://github.com/tootsuite/mastodon/pull/10830))
-
-### Removed
-
-- Remove `dist-upgrade` from Docker image ([SuperSandro2000](https://github.com/tootsuite/mastodon/pull/10822))
-
-### Fixed
-
-- Fix RTL layout not being RTL within the columns area in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10990))
-- Fix display of alternative text when a media attachment is not available in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10981))
-- Fix not being able to directly switch between list timelines in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10973))
-- Fix media sensitivity not being maintained in delete & redraft in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10980))
-- Fix emoji picker being always displayed in web UI ([noellabo](https://github.com/tootsuite/mastodon/pull/10979), [yuzulabo](https://github.com/tootsuite/mastodon/pull/10801), [wcpaez](https://github.com/tootsuite/mastodon/pull/10978))
-- Fix potential private status leak through caching ([ThibG](https://github.com/tootsuite/mastodon/pull/10969))
-- Fix refreshing featured toots when the new collection is empty in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10971))
-- Fix undoing domain block also undoing individual moderation on users from before the domain block ([ThibG](https://github.com/tootsuite/mastodon/pull/10660))
-- Fix time not being local in the audit log ([yuzulabo](https://github.com/tootsuite/mastodon/pull/10751))
-- Fix statuses removed by moderation re-appearing on subsequent fetches ([Kjwon15](https://github.com/tootsuite/mastodon/pull/10732))
-- Fix misattribution of inlined announces if `attributedTo` isn't present in ActivityPub ([ThibG](https://github.com/tootsuite/mastodon/pull/10967))
-- Fix `GET /api/v1/polls/:id` not requiring authentication for non-public polls ([Gargron](https://github.com/tootsuite/mastodon/pull/10960))
-- Fix handling of blank poll options in ActivityPub ([ThibG](https://github.com/tootsuite/mastodon/pull/10946))
-- Fix avatar preview aspect ratio on edit profile page ([Kjwon15](https://github.com/tootsuite/mastodon/pull/10931))
-- Fix web push notifications not being sent for polls ([ThibG](https://github.com/tootsuite/mastodon/pull/10864))
-- Fix cut off letters in last paragraph of statuses in web UI ([ariasuni](https://github.com/tootsuite/mastodon/pull/10821))
-- Fix list not being automatically unpinned when it returns 404 in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/11045))
-- Fix login sometimes redirecting to paths that are not pages ([Gargron](https://github.com/tootsuite/mastodon/pull/11019))
-
-## [2.8.4] - 2019-05-24
-### Fixed
-
-- Fix delivery not retrying on some inbox errors that should be retriable ([ThibG](https://github.com/tootsuite/mastodon/pull/10812))
-- Fix unnecessary 5 minute cooldowns on signature verifications in some cases ([ThibG](https://github.com/tootsuite/mastodon/pull/10813))
-- Fix possible race condition when processing statuses ([ThibG](https://github.com/tootsuite/mastodon/pull/10815))
-
-### Security
-
-- Require specific OAuth scopes for specific endpoints of the streaming API, instead of merely requiring a token for all endpoints, and allow using WebSockets protocol negotiation to specify the access token instead of using a query string ([ThibG](https://github.com/tootsuite/mastodon/pull/10818))
-
-## [2.8.3] - 2019-05-19
-### Added
-
-- Add `og:image:alt` OpenGraph tag ([BenLubar](https://github.com/tootsuite/mastodon/pull/10779))
-- Add clickable area below avatar in statuses in web UI ([Dar13](https://github.com/tootsuite/mastodon/pull/10766))
-- Add crossed-out eye icon on account gallery in web UI ([Kjwon15](https://github.com/tootsuite/mastodon/pull/10715))
-- Add media description tooltip to thumbnails in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10713))
-
-### Changed
-
-- Change "mark as sensitive" button into a checkbox for clarity ([ThibG](https://github.com/tootsuite/mastodon/pull/10748))
-
-### Fixed
-
-- Fix bug allowing users to publicly boost their private statuses ([ThibG](https://github.com/tootsuite/mastodon/pull/10775), [ThibG](https://github.com/tootsuite/mastodon/pull/10783))
-- Fix performance in formatter by a little ([ThibG](https://github.com/tootsuite/mastodon/pull/10765))
-- Fix some colors in the light theme ([yuzulabo](https://github.com/tootsuite/mastodon/pull/10754))
-- Fix some colors of the high contrast theme ([yuzulabo](https://github.com/tootsuite/mastodon/pull/10711))
-- Fix ambivalent active state of poll refresh button in web UI ([MaciekBaron](https://github.com/tootsuite/mastodon/pull/10720))
-- Fix duplicate posting being possible from web UI ([hinaloe](https://github.com/tootsuite/mastodon/pull/10785))
-- Fix "invited by" not showing up in admin UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10791))
-
-## [2.8.2] - 2019-05-05
-### Added
-
-- Add `SOURCE_TAG` environment variable ([ushitora-anqou](https://github.com/tootsuite/mastodon/pull/10698))
-
-### Fixed
-
-- Fix cropped hero image on frontpage ([BaptisteGelez](https://github.com/tootsuite/mastodon/pull/10702))
-- Fix blurhash gem not compiling on some operating systems ([Gargron](https://github.com/tootsuite/mastodon/pull/10700))
-- Fix unexpected CSS animations in some browsers ([ThibG](https://github.com/tootsuite/mastodon/pull/10699))
-- Fix closing video modal scrolling timelines to top ([ThibG](https://github.com/tootsuite/mastodon/pull/10695))
-
-## [2.8.1] - 2019-05-04
-### Added
-
-- Add link to existing domain block when trying to block an already-blocked domain ([ThibG](https://github.com/tootsuite/mastodon/pull/10663))
-- Add button to view context to media modal when opened from account gallery in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10676))
-- Add ability to create multiple-choice polls in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10603))
-- Add `GITHUB_REPOSITORY` and `SOURCE_BASE_URL` environment variables ([rosylilly](https://github.com/tootsuite/mastodon/pull/10600))
-- Add `/interact/` paths to `robots.txt` ([ThibG](https://github.com/tootsuite/mastodon/pull/10666))
-- Add `blurhash` to the Attachment entity in the REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/10630))
-
-### Changed
-
-- Change hidden media to be shown as a blurhash-based colorful gradient instead of a black box in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10630))
-- Change rejected media to be shown as a blurhash-based gradient instead of a list of filenames in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10630))
-- Change e-mail whitelist/blacklist to not be checked when invited ([Gargron](https://github.com/tootsuite/mastodon/pull/10683))
-- Change cache header of REST API results to no-cache ([ThibG](https://github.com/tootsuite/mastodon/pull/10655))
-- Change the "mark media as sensitive" button to be more obvious in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10673), [Gargron](https://github.com/tootsuite/mastodon/pull/10682))
-- Change account gallery in web UI to display 3 columns, open media modal ([Gargron](https://github.com/tootsuite/mastodon/pull/10667), [Gargron](https://github.com/tootsuite/mastodon/pull/10674))
-
-### Fixed
-
-- Fix LDAP/PAM/SAML/CAS users not being pre-approved ([Gargron](https://github.com/tootsuite/mastodon/pull/10621))
-- Fix accounts created through tootctl not being always pre-approved ([Gargron](https://github.com/tootsuite/mastodon/pull/10684))
-- Fix Sidekiq retrying ActivityPub processing jobs that fail validation ([ThibG](https://github.com/tootsuite/mastodon/pull/10614))
-- Fix toots not being scrolled into view sometimes through keyboard selection ([ThibG](https://github.com/tootsuite/mastodon/pull/10593))
-- Fix expired invite links being usable to bypass approval mode ([ThibG](https://github.com/tootsuite/mastodon/pull/10657))
-- Fix not being able to save e-mail preference for new pending accounts ([Gargron](https://github.com/tootsuite/mastodon/pull/10622))
-- Fix upload progressbar when image resizing is involved ([ThibG](https://github.com/tootsuite/mastodon/pull/10632))
-- Fix block action not automatically cancelling pending follow request ([ThibG](https://github.com/tootsuite/mastodon/pull/10633))
-- Fix stoplight logging to stderr separate from Rails logger ([Gargron](https://github.com/tootsuite/mastodon/pull/10624))
-- Fix sign up button not saying sign up when invite is used ([Gargron](https://github.com/tootsuite/mastodon/pull/10623))
-- Fix health checks in Docker Compose configuration ([fabianonline](https://github.com/tootsuite/mastodon/pull/10553))
-- Fix modal items not being scrollable on touch devices ([kedamaDQ](https://github.com/tootsuite/mastodon/pull/10605))
-- Fix Keybase configuration using wrong domain when a web domain is used ([BenLubar](https://github.com/tootsuite/mastodon/pull/10565))
-- Fix avatar GIFs not being animated on-hover on public profiles ([hyenagirl64](https://github.com/tootsuite/mastodon/pull/10549))
-- Fix OpenGraph parser not understanding some valid property meta tags ([da2x](https://github.com/tootsuite/mastodon/pull/10604))
-- Fix wrong fonts being displayed when Roboto is installed on user's machine ([ThibG](https://github.com/tootsuite/mastodon/pull/10594))
-- Fix confirmation modals being too narrow for a secondary action button ([ThibG](https://github.com/tootsuite/mastodon/pull/10586))
-
-## [2.8.0] - 2019-04-10
-### Added
-
-- Add polls ([Gargron](https://github.com/tootsuite/mastodon/pull/10111), [ThibG](https://github.com/tootsuite/mastodon/pull/10155), [Gargron](https://github.com/tootsuite/mastodon/pull/10184), [ThibG](https://github.com/tootsuite/mastodon/pull/10196), [Gargron](https://github.com/tootsuite/mastodon/pull/10248), [ThibG](https://github.com/tootsuite/mastodon/pull/10255), [ThibG](https://github.com/tootsuite/mastodon/pull/10322), [Gargron](https://github.com/tootsuite/mastodon/pull/10138), [Gargron](https://github.com/tootsuite/mastodon/pull/10139), [Gargron](https://github.com/tootsuite/mastodon/pull/10144), [Gargron](https://github.com/tootsuite/mastodon/pull/10145),[Gargron](https://github.com/tootsuite/mastodon/pull/10146), [Gargron](https://github.com/tootsuite/mastodon/pull/10148), [Gargron](https://github.com/tootsuite/mastodon/pull/10151), [ThibG](https://github.com/tootsuite/mastodon/pull/10150), [Gargron](https://github.com/tootsuite/mastodon/pull/10168), [Gargron](https://github.com/tootsuite/mastodon/pull/10165), [Gargron](https://github.com/tootsuite/mastodon/pull/10172), [Gargron](https://github.com/tootsuite/mastodon/pull/10170), [Gargron](https://github.com/tootsuite/mastodon/pull/10171), [Gargron](https://github.com/tootsuite/mastodon/pull/10186), [Gargron](https://github.com/tootsuite/mastodon/pull/10189), [ThibG](https://github.com/tootsuite/mastodon/pull/10200), [rinsuki](https://github.com/tootsuite/mastodon/pull/10203), [Gargron](https://github.com/tootsuite/mastodon/pull/10213), [Gargron](https://github.com/tootsuite/mastodon/pull/10246), [Gargron](https://github.com/tootsuite/mastodon/pull/10265), [Gargron](https://github.com/tootsuite/mastodon/pull/10261), [ThibG](https://github.com/tootsuite/mastodon/pull/10333), [Gargron](https://github.com/tootsuite/mastodon/pull/10352), [ThibG](https://github.com/tootsuite/mastodon/pull/10140), [ThibG](https://github.com/tootsuite/mastodon/pull/10142), [ThibG](https://github.com/tootsuite/mastodon/pull/10141), [ThibG](https://github.com/tootsuite/mastodon/pull/10162), [ThibG](https://github.com/tootsuite/mastodon/pull/10161), [ThibG](https://github.com/tootsuite/mastodon/pull/10158), [ThibG](https://github.com/tootsuite/mastodon/pull/10156), [ThibG](https://github.com/tootsuite/mastodon/pull/10160), [Gargron](https://github.com/tootsuite/mastodon/pull/10185), [Gargron](https://github.com/tootsuite/mastodon/pull/10188), [ThibG](https://github.com/tootsuite/mastodon/pull/10195), [ThibG](https://github.com/tootsuite/mastodon/pull/10208), [Gargron](https://github.com/tootsuite/mastodon/pull/10187), [ThibG](https://github.com/tootsuite/mastodon/pull/10214), [ThibG](https://github.com/tootsuite/mastodon/pull/10209))
-- Add follows & followers managing UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10268), [Gargron](https://github.com/tootsuite/mastodon/pull/10308), [Gargron](https://github.com/tootsuite/mastodon/pull/10404), [Gargron](https://github.com/tootsuite/mastodon/pull/10293))
-- Add identity proof integration with Keybase ([Gargron](https://github.com/tootsuite/mastodon/pull/10297), [xgess](https://github.com/tootsuite/mastodon/pull/10375), [Gargron](https://github.com/tootsuite/mastodon/pull/10338), [Gargron](https://github.com/tootsuite/mastodon/pull/10350), [Gargron](https://github.com/tootsuite/mastodon/pull/10414))
-- Add option to overwrite imported data instead of merging ([Gargron](https://github.com/tootsuite/mastodon/pull/9962))
-- Add featured hashtags to profiles ([Gargron](https://github.com/tootsuite/mastodon/pull/9755), [Gargron](https://github.com/tootsuite/mastodon/pull/10167), [Gargron](https://github.com/tootsuite/mastodon/pull/10249), [ThibG](https://github.com/tootsuite/mastodon/pull/10034))
-- Add admission-based registrations mode ([Gargron](https://github.com/tootsuite/mastodon/pull/10250), [ThibG](https://github.com/tootsuite/mastodon/pull/10269), [Gargron](https://github.com/tootsuite/mastodon/pull/10264), [ThibG](https://github.com/tootsuite/mastodon/pull/10321), [Gargron](https://github.com/tootsuite/mastodon/pull/10349), [Gargron](https://github.com/tootsuite/mastodon/pull/10469))
-- Add support for WebP uploads ([acid-chicken](https://github.com/tootsuite/mastodon/pull/9879))
-- Add "copy link" item to status action bars in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/9983))
-- Add list title editing in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/9748))
-- Add a "Block & Report" button to the block confirmation dialog in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10360))
-- Add disappointed elephant when the page crashes in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10275))
-- Add ability to upload multiple files at once in web UI ([tmm576](https://github.com/tootsuite/mastodon/pull/9856))
-- Add indication when you are not allowed to follow an account in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10420), [Gargron](https://github.com/tootsuite/mastodon/pull/10491))
-- Add validations to admin settings to catch common mistakes ([Gargron](https://github.com/tootsuite/mastodon/pull/10348), [ThibG](https://github.com/tootsuite/mastodon/pull/10354))
-- Add `type`, `limit`, `offset`, `min_id`, `max_id`, `account_id` to search API ([Gargron](https://github.com/tootsuite/mastodon/pull/10091))
-- Add a preferences API so apps can share basic behaviours ([Gargron](https://github.com/tootsuite/mastodon/pull/10109))
-- Add `visibility` param to reblog REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/9851), [ThibG](https://github.com/tootsuite/mastodon/pull/10302))
-- Add `allowfullscreen` attribute to OEmbed iframe ([rinsuki](https://github.com/tootsuite/mastodon/pull/10370))
-- Add `blocked_by` relationship to the REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/10373))
-- Add `tootctl statuses remove` to sweep unreferenced statuses ([Gargron](https://github.com/tootsuite/mastodon/pull/10063))
-- Add `tootctl search deploy` to avoid ugly rake task syntax ([Gargron](https://github.com/tootsuite/mastodon/pull/10403))
-- Add `tootctl self-destruct` to shut down server gracefully ([Gargron](https://github.com/tootsuite/mastodon/pull/10367))
-- Add option to hide application used to toot ([ThibG](https://github.com/tootsuite/mastodon/pull/9897), [rinsuki](https://github.com/tootsuite/mastodon/pull/9994), [hinaloe](https://github.com/tootsuite/mastodon/pull/10086))
-- Add `DB_SSLMODE` configuration variable ([sascha-sl](https://github.com/tootsuite/mastodon/pull/10210))
-- Add click-to-copy UI to invites page ([Gargron](https://github.com/tootsuite/mastodon/pull/10259))
-- Add self-replies fetching ([ThibG](https://github.com/tootsuite/mastodon/pull/10106), [ThibG](https://github.com/tootsuite/mastodon/pull/10128), [ThibG](https://github.com/tootsuite/mastodon/pull/10175), [ThibG](https://github.com/tootsuite/mastodon/pull/10201))
-- Add rate limit for media proxy requests ([Gargron](https://github.com/tootsuite/mastodon/pull/10490))
-- Add `tootctl emoji purge` ([Gargron](https://github.com/tootsuite/mastodon/pull/10481))
-- Add `tootctl accounts approve` ([Gargron](https://github.com/tootsuite/mastodon/pull/10480))
-- Add `tootctl accounts reset-relationships` ([noellabo](https://github.com/tootsuite/mastodon/pull/10483))
-
-### Changed
-
-- Change design of landing page ([Gargron](https://github.com/tootsuite/mastodon/pull/10232), [Gargron](https://github.com/tootsuite/mastodon/pull/10260), [ThibG](https://github.com/tootsuite/mastodon/pull/10284), [ThibG](https://github.com/tootsuite/mastodon/pull/10291), [koyuawsmbrtn](https://github.com/tootsuite/mastodon/pull/10356), [Gargron](https://github.com/tootsuite/mastodon/pull/10245))
-- Change design of profile column in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10337), [Aditoo17](https://github.com/tootsuite/mastodon/pull/10387), [ThibG](https://github.com/tootsuite/mastodon/pull/10390), [mayaeh](https://github.com/tootsuite/mastodon/pull/10379), [ThibG](https://github.com/tootsuite/mastodon/pull/10411))
-- Change language detector threshold from 140 characters to 4 words ([Gargron](https://github.com/tootsuite/mastodon/pull/10376))
-- Change language detector to always kick in for non-latin alphabets ([Gargron](https://github.com/tootsuite/mastodon/pull/10276))
-- Change icons of features on admin dashboard ([Gargron](https://github.com/tootsuite/mastodon/pull/10366))
-- Change DNS timeouts from 1s to 5s ([ThibG](https://github.com/tootsuite/mastodon/pull/10238))
-- Change Docker image to use Ubuntu with jemalloc ([Sir-Boops](https://github.com/tootsuite/mastodon/pull/10100), [BenLubar](https://github.com/tootsuite/mastodon/pull/10212))
-- Change public pages to be cacheable by proxies ([BenLubar](https://github.com/tootsuite/mastodon/pull/9059))
-- Change the 410 gone response for suspended accounts to be cacheable by proxies ([ThibG](https://github.com/tootsuite/mastodon/pull/10339))
-- Change web UI to not not empty timeline of blocked users on block ([ThibG](https://github.com/tootsuite/mastodon/pull/10359))
-- Change JSON serializer to remove unused `@context` values ([Gargron](https://github.com/tootsuite/mastodon/pull/10378))
-- Change GIFV file size limit to be the same as for other videos ([rinsuki](https://github.com/tootsuite/mastodon/pull/9924))
-- Change Webpack to not use @babel/preset-env to compile node_modules ([ykzts](https://github.com/tootsuite/mastodon/pull/10289))
-- Change web UI to use new Web Share Target API ([gol-cha](https://github.com/tootsuite/mastodon/pull/9963))
-- Change ActivityPub reports to have persistent URIs ([ThibG](https://github.com/tootsuite/mastodon/pull/10303))
-- Change `tootctl accounts cull --dry-run` to list accounts that would be deleted ([BenLubar](https://github.com/tootsuite/mastodon/pull/10460))
-- Change format of CSV exports of follows and mutes to include extra settings ([ThibG](https://github.com/tootsuite/mastodon/pull/10495), [ThibG](https://github.com/tootsuite/mastodon/pull/10335))
-- Change ActivityPub collections to be cacheable by proxies ([ThibG](https://github.com/tootsuite/mastodon/pull/10467))
-- Change REST API and public profiles to not return follows/followers for users that have blocked you ([Gargron](https://github.com/tootsuite/mastodon/pull/10491))
-- Change the groupings of menu items in settings navigation ([Gargron](https://github.com/tootsuite/mastodon/pull/10533))
-
-### Removed
-
-- Remove zopfli compression to speed up Webpack from 6min to 1min ([nolanlawson](https://github.com/tootsuite/mastodon/pull/10288))
-- Remove stats.json generation to speed up Webpack ([nolanlawson](https://github.com/tootsuite/mastodon/pull/10290))
-
-### Fixed
-
-- Fix public timelines being broken by new toots when they are not mounted in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10131))
-- Fix quick filter settings not being saved when selecting a different filter in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10296))
-- Fix remote interaction dialogs being indexed by search engines ([Gargron](https://github.com/tootsuite/mastodon/pull/10240))
-- Fix maxed-out invites not showing up as expired in UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10274))
-- Fix scrollbar styles on compose textarea ([Gargron](https://github.com/tootsuite/mastodon/pull/10292))
-- Fix timeline merge workers being queued for remote users ([Gargron](https://github.com/tootsuite/mastodon/pull/10355))
-- Fix alternative relay support regression ([Gargron](https://github.com/tootsuite/mastodon/pull/10398))
-- Fix trying to fetch keys of unknown accounts on a self-delete from them ([ThibG](https://github.com/tootsuite/mastodon/pull/10326))
-- Fix CAS `:service_validate_url` option ([enewhuis](https://github.com/tootsuite/mastodon/pull/10328))
-- Fix race conditions when creating backups ([ThibG](https://github.com/tootsuite/mastodon/pull/10234))
-- Fix whitespace not being stripped out of username before validation ([aurelien-reeves](https://github.com/tootsuite/mastodon/pull/10239))
-- Fix n+1 query when deleting status ([Gargron](https://github.com/tootsuite/mastodon/pull/10247))
-- Fix exiting follows not being rejected when suspending a remote account ([ThibG](https://github.com/tootsuite/mastodon/pull/10230))
-- Fix the underlying button element in a disabled icon button not being disabled ([ThibG](https://github.com/tootsuite/mastodon/pull/10194))
-- Fix race condition when streaming out deleted statuses ([ThibG](https://github.com/tootsuite/mastodon/pull/10280))
-- Fix performance of admin federation UI by caching account counts ([Gargron](https://github.com/tootsuite/mastodon/pull/10374))
-- Fix JS error on pages that don't define a CSRF token ([hinaloe](https://github.com/tootsuite/mastodon/pull/10383))
-- Fix `tootctl accounts cull` sometimes removing accounts that are temporarily unreachable ([BenLubar](https://github.com/tootsuite/mastodon/pull/10460))
-
-## [2.7.4] - 2019-03-05
-### Fixed
-
-- Fix web UI not cleaning up notifications after block ([Gargron](https://github.com/tootsuite/mastodon/pull/10108))
-- Fix redundant HTTP requests when resolving private statuses ([ThibG](https://github.com/tootsuite/mastodon/pull/10115))
-- Fix performance of account media query ([abcang](https://github.com/tootsuite/mastodon/pull/10121))
-- Fix mention processing for unknown accounts ([ThibG](https://github.com/tootsuite/mastodon/pull/10125))
-- Fix getting started column not scrolling on short screens ([trwnh](https://github.com/tootsuite/mastodon/pull/10075))
-- Fix direct messages pagination in the web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10126))
-- Fix serialization of Announce activities ([ThibG](https://github.com/tootsuite/mastodon/pull/10129))
-- Fix home timeline perpetually reloading when empty in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10130))
-- Fix lists export ([ThibG](https://github.com/tootsuite/mastodon/pull/10136))
-- Fix edit profile page crash for suspended-then-unsuspended users ([ThibG](https://github.com/tootsuite/mastodon/pull/10178))
-
-## [2.7.3] - 2019-02-23
-### Added
-
-- Add domain filter to the admin federation page ([ThibG](https://github.com/tootsuite/mastodon/pull/10071))
-- Add quick link from admin account view to block/unblock instance ([ThibG](https://github.com/tootsuite/mastodon/pull/10073))
-
-### Fixed
-
-- Fix video player width not being updated to fit container width ([ThibG](https://github.com/tootsuite/mastodon/pull/10069))
-- Fix domain filter being shown in admin page when local filter is active ([ThibG](https://github.com/tootsuite/mastodon/pull/10074))
-- Fix crash when conversations have no valid participants ([ThibG](https://github.com/tootsuite/mastodon/pull/10078))
-- Fix error when performing admin actions on no statuses ([ThibG](https://github.com/tootsuite/mastodon/pull/10094))
-
-### Changed
-
-- Change custom emojis to randomize stored file name ([hinaloe](https://github.com/tootsuite/mastodon/pull/10090))
-
-## [2.7.2] - 2019-02-17
-### Added
-
-- Add support for IPv6 in e-mail validation ([zoc](https://github.com/tootsuite/mastodon/pull/10009))
-- Add record of IP address used for signing up ([ThibG](https://github.com/tootsuite/mastodon/pull/10026))
-- Add tight rate-limit for API deletions (30 per 30 minutes) ([Gargron](https://github.com/tootsuite/mastodon/pull/10042))
-- Add support for embedded `Announce` objects attributed to the same actor ([ThibG](https://github.com/tootsuite/mastodon/pull/9998), [Gargron](https://github.com/tootsuite/mastodon/pull/10065))
-- Add spam filter for `Create` and `Announce` activities ([Gargron](https://github.com/tootsuite/mastodon/pull/10005), [Gargron](https://github.com/tootsuite/mastodon/pull/10041), [Gargron](https://github.com/tootsuite/mastodon/pull/10062))
-- Add `registrations` attribute to `GET /api/v1/instance` ([Gargron](https://github.com/tootsuite/mastodon/pull/10060))
-- Add `vapid_key` to `POST /api/v1/apps` and `GET /api/v1/apps/verify_credentials` ([Gargron](https://github.com/tootsuite/mastodon/pull/10058))
-
-### Fixed
-
-- Fix link color and add link underlines in high-contrast theme ([Gargron](https://github.com/tootsuite/mastodon/pull/9949), [Gargron](https://github.com/tootsuite/mastodon/pull/10028))
-- Fix unicode characters in URLs not being linkified ([JMendyk](https://github.com/tootsuite/mastodon/pull/8447), [hinaloe](https://github.com/tootsuite/mastodon/pull/9991))
-- Fix URLs linkifier grabbing ending quotation as part of the link ([Gargron](https://github.com/tootsuite/mastodon/pull/9997))
-- Fix authorized applications page design ([rinsuki](https://github.com/tootsuite/mastodon/pull/9969))
-- Fix custom emojis not showing up in share page emoji picker ([rinsuki](https://github.com/tootsuite/mastodon/pull/9970))
-- Fix too liberal application of whitespace in toots ([trwnh](https://github.com/tootsuite/mastodon/pull/9968))
-- Fix misleading e-mail hint being displayed in admin view ([ThibG](https://github.com/tootsuite/mastodon/pull/9973))
-- Fix tombstones not being cleared out ([abcang](https://github.com/tootsuite/mastodon/pull/9978))
-- Fix some timeline jumps ([ThibG](https://github.com/tootsuite/mastodon/pull/9982), [ThibG](https://github.com/tootsuite/mastodon/pull/10001), [rinsuki](https://github.com/tootsuite/mastodon/pull/10046))
-- Fix content warning input taking keyboard focus even when hidden ([hinaloe](https://github.com/tootsuite/mastodon/pull/10017))
-- Fix hashtags select styling in default and high-contrast themes ([Gargron](https://github.com/tootsuite/mastodon/pull/10029))
-- Fix style regressions on landing page ([Gargron](https://github.com/tootsuite/mastodon/pull/10030))
-- Fix hashtag column not subscribing to stream on mount ([Gargron](https://github.com/tootsuite/mastodon/pull/10040))
-- Fix relay enabling/disabling not resetting inbox availability status ([Gargron](https://github.com/tootsuite/mastodon/pull/10048))
-- Fix mutes, blocks, domain blocks and follow requests not paginating ([Gargron](https://github.com/tootsuite/mastodon/pull/10057))
-- Fix crash on public hashtag pages when streaming fails ([ThibG](https://github.com/tootsuite/mastodon/pull/10061))
-
-### Changed
-
-- Change icon for unlisted visibility level ([clarcharr](https://github.com/tootsuite/mastodon/pull/9952))
-- Change queue of actor deletes from push to pull for non-follower recipients ([ThibG](https://github.com/tootsuite/mastodon/pull/10016))
-- Change robots.txt to exclude media proxy URLs ([nightpool](https://github.com/tootsuite/mastodon/pull/10038))
-- Change upload description input to allow line breaks ([BenLubar](https://github.com/tootsuite/mastodon/pull/10036))
-- Change `dist/mastodon-streaming.service` to recommend running node without intermediary npm command ([nolanlawson](https://github.com/tootsuite/mastodon/pull/10032))
-- Change conversations to always show names of other participants ([Gargron](https://github.com/tootsuite/mastodon/pull/10047))
-- Change buttons on timeline preview to open the interaction dialog ([Gargron](https://github.com/tootsuite/mastodon/pull/10054))
-- Change error graphic to hover-to-play ([Gargron](https://github.com/tootsuite/mastodon/pull/10055))
-
-## [2.7.1] - 2019-01-28
-### Fixed
-
-- Fix SSO authentication not working due to missing agreement boolean ([Gargron](https://github.com/tootsuite/mastodon/pull/9915))
-- Fix slow fallback of CopyAccountStats migration setting stats to 0 ([Gargron](https://github.com/tootsuite/mastodon/pull/9930))
-- Fix wrong command in migration error message ([angristan](https://github.com/tootsuite/mastodon/pull/9877))
-- Fix initial value of volume slider in video player and handle volume changes ([ThibG](https://github.com/tootsuite/mastodon/pull/9929))
-- Fix missing hotkeys for notifications ([ThibG](https://github.com/tootsuite/mastodon/pull/9927))
-- Fix being able to attach unattached media created by other users ([ThibG](https://github.com/tootsuite/mastodon/pull/9921))
-- Fix unrescued SSL error during link verification ([renatolond](https://github.com/tootsuite/mastodon/pull/9914))
-- Fix Firefox scrollbar color regression ([trwnh](https://github.com/tootsuite/mastodon/pull/9908))
-- Fix scheduled status with media immediately creating a status ([ThibG](https://github.com/tootsuite/mastodon/pull/9894))
-- Fix missing strong style for landing page description ([Kjwon15](https://github.com/tootsuite/mastodon/pull/9892))
-
-## [2.7.0] - 2019-01-20
-### Added
-
-- Add link for adding a user to a list from their profile ([namelessGonbai](https://github.com/tootsuite/mastodon/pull/9062))
-- Add joining several hashtags in a single column ([gdpelican](https://github.com/tootsuite/mastodon/pull/8904))
-- Add volume sliders for videos ([sumdog](https://github.com/tootsuite/mastodon/pull/9366))
-- Add a tooltip explaining what a locked account is ([pawelngei](https://github.com/tootsuite/mastodon/pull/9403))
-- Add preloaded cache for common JSON-LD contexts ([ThibG](https://github.com/tootsuite/mastodon/pull/9412))
-- Add profile directory ([Gargron](https://github.com/tootsuite/mastodon/pull/9427))
-- Add setting to not group reblogs in home feed ([ThibG](https://github.com/tootsuite/mastodon/pull/9248))
-- Add admin ability to remove a user's header image ([ThibG](https://github.com/tootsuite/mastodon/pull/9495))
-- Add account hashtags to ActivityPub actor JSON ([Gargron](https://github.com/tootsuite/mastodon/pull/9450))
-- Add error message for avatar image that's too large ([sumdog](https://github.com/tootsuite/mastodon/pull/9518))
-- Add notification quick-filter bar ([pawelngei](https://github.com/tootsuite/mastodon/pull/9399))
-- Add new first-time tutorial ([Gargron](https://github.com/tootsuite/mastodon/pull/9531))
-- Add moderation warnings ([Gargron](https://github.com/tootsuite/mastodon/pull/9519))
-- Add emoji codepoint mappings for v11.0 ([Gargron](https://github.com/tootsuite/mastodon/pull/9618))
-- Add REST API for creating an account ([Gargron](https://github.com/tootsuite/mastodon/pull/9572))
-- Add support for Malayalam in language filter ([tachyons](https://github.com/tootsuite/mastodon/pull/9624))
-- Add exclude_reblogs option to account statuses API ([Gargron](https://github.com/tootsuite/mastodon/pull/9640))
-- Add local followers page to admin account UI ([chr-1x](https://github.com/tootsuite/mastodon/pull/9610))
-- Add healthcheck commands to docker-compose.yml ([BenLubar](https://github.com/tootsuite/mastodon/pull/9143))
-- Add handler for Move activity to migrate followers ([Gargron](https://github.com/tootsuite/mastodon/pull/9629))
-- Add CSV export for lists and domain blocks ([Gargron](https://github.com/tootsuite/mastodon/pull/9677))
-- Add `tootctl accounts follow ACCT` ([Gargron](https://github.com/tootsuite/mastodon/pull/9414))
-- Add scheduled statuses ([Gargron](https://github.com/tootsuite/mastodon/pull/9706))
-- Add immutable caching for S3 objects ([nolanlawson](https://github.com/tootsuite/mastodon/pull/9722))
-- Add cache to custom emojis API ([Gargron](https://github.com/tootsuite/mastodon/pull/9732))
-- Add preview cards to non-detailed statuses on public pages ([Gargron](https://github.com/tootsuite/mastodon/pull/9714))
-- Add `mod` and `moderator` to list of default reserved usernames ([Gargron](https://github.com/tootsuite/mastodon/pull/9713))
-- Add quick links to the admin interface in the web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/8545))
-- Add `tootctl domains crawl` ([Gargron](https://github.com/tootsuite/mastodon/pull/9809))
-- Add attachment list fallback to public pages ([ThibG](https://github.com/tootsuite/mastodon/pull/9780))
-- Add `tootctl --version` ([Gargron](https://github.com/tootsuite/mastodon/pull/9835))
-- Add information about how to opt-in to the directory on the directory ([Gargron](https://github.com/tootsuite/mastodon/pull/9834))
-- Add timeouts for S3 ([Gargron](https://github.com/tootsuite/mastodon/pull/9842))
-- Add support for non-public reblogs from ActivityPub ([Gargron](https://github.com/tootsuite/mastodon/pull/9841))
-- Add sending of `Reject` activity when sending a `Block` activity ([ThibG](https://github.com/tootsuite/mastodon/pull/9811))
-
-### Changed
-
-- Temporarily pause timeline if mouse moved recently ([lmorchard](https://github.com/tootsuite/mastodon/pull/9200))
-- Change the password form order ([mayaeh](https://github.com/tootsuite/mastodon/pull/9267))
-- Redesign admin UI for accounts ([Gargron](https://github.com/tootsuite/mastodon/pull/9340), [Gargron](https://github.com/tootsuite/mastodon/pull/9643))
-- Redesign admin UI for instances/domain blocks ([Gargron](https://github.com/tootsuite/mastodon/pull/9645))
-- Swap avatar and header input fields in profile page ([ThibG](https://github.com/tootsuite/mastodon/pull/9271))
-- When posting in mobile mode, go back to previous history location ([ThibG](https://github.com/tootsuite/mastodon/pull/9502))
-- Split out is_changing_upload from is_submitting ([ThibG](https://github.com/tootsuite/mastodon/pull/9536))
-- Back to the getting-started when pins the timeline. ([kedamaDQ](https://github.com/tootsuite/mastodon/pull/9561))
-- Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses ([Gargron](https://github.com/tootsuite/mastodon/pull/9573))
-- Limit maximum visibility of local silenced users to unlisted ([ThibG](https://github.com/tootsuite/mastodon/pull/9583))
-- Change API error message for unconfirmed accounts ([noellabo](https://github.com/tootsuite/mastodon/pull/9625))
-- Change the icon to "reply-all" when it's a reply to other accounts ([mayaeh](https://github.com/tootsuite/mastodon/pull/9378))
-- Do not ignore federated reports targetting already-reported accounts ([ThibG](https://github.com/tootsuite/mastodon/pull/9534))
-- Upgrade default Ruby version to 2.6.0 ([Gargron](https://github.com/tootsuite/mastodon/pull/9688))
-- Change e-mail digest frequency ([Gargron](https://github.com/tootsuite/mastodon/pull/9689))
-- Change Docker images for Tor support in docker-compose.yml ([Sir-Boops](https://github.com/tootsuite/mastodon/pull/9438))
-- Display fallback link card thumbnail when none is given ([Gargron](https://github.com/tootsuite/mastodon/pull/9715))
-- Change account bio length validation to ignore mention domains and URLs ([Gargron](https://github.com/tootsuite/mastodon/pull/9717))
-- Use configured contact user for "anonymous" federation activities ([yukimochi](https://github.com/tootsuite/mastodon/pull/9661))
-- Change remote interaction dialog to use specific actions instead of generic "interact" ([Gargron](https://github.com/tootsuite/mastodon/pull/9743))
-- Always re-fetch public key when signature verification fails to support blind key rotation ([ThibG](https://github.com/tootsuite/mastodon/pull/9667))
-- Make replies to boosts impossible, connect reply to original status instead ([valerauko](https://github.com/tootsuite/mastodon/pull/9129))
-- Change e-mail MX validation to check both A and MX records against blacklist ([Gargron](https://github.com/tootsuite/mastodon/pull/9489))
-- Hide floating action button on search and getting started pages ([tmm576](https://github.com/tootsuite/mastodon/pull/9826))
-- Redesign public hashtag page to use a masonry layout ([Gargron](https://github.com/tootsuite/mastodon/pull/9822))
-- Use `summary` as summary instead of content warning for converted ActivityPub objects ([Gargron](https://github.com/tootsuite/mastodon/pull/9823))
-- Display a double reply arrow on public pages for toots that are replies ([ThibG](https://github.com/tootsuite/mastodon/pull/9808))
-- Change admin UI right panel size to be wider ([Kjwon15](https://github.com/tootsuite/mastodon/pull/9768))
-
-### Removed
-
-- Remove links to bridge.joinmastodon.org (non-functional) ([Gargron](https://github.com/tootsuite/mastodon/pull/9608))
-- Remove LD-Signatures from activities that do not need them ([ThibG](https://github.com/tootsuite/mastodon/pull/9659))
-
-### Fixed
-
-- Remove unused computation of reblog references from updateTimeline ([ThibG](https://github.com/tootsuite/mastodon/pull/9244))
-- Fix loaded embeds resetting if a status arrives from API again ([ThibG](https://github.com/tootsuite/mastodon/pull/9270))
-- Fix race condition causing shallow status with only a "favourited" attribute ([ThibG](https://github.com/tootsuite/mastodon/pull/9272))
-- Remove intermediary arrays when creating hash maps from results ([Gargron](https://github.com/tootsuite/mastodon/pull/9291))
-- Extract counters from accounts table to account_stats table to improve performance ([Gargron](https://github.com/tootsuite/mastodon/pull/9295))
-- Change identities id column to a bigint ([Gargron](https://github.com/tootsuite/mastodon/pull/9371))
-- Fix conversations API pagination ([ThibG](https://github.com/tootsuite/mastodon/pull/9407))
-- Improve account suspension speed and completeness ([Gargron](https://github.com/tootsuite/mastodon/pull/9290))
-- Fix thread depth computation in statuses_controller ([ThibG](https://github.com/tootsuite/mastodon/pull/9426))
-- Fix database deadlocks by moving account stats update outside transaction ([ThibG](https://github.com/tootsuite/mastodon/pull/9437))
-- Escape HTML in profile name preview in profile settings ([pawelngei](https://github.com/tootsuite/mastodon/pull/9446))
-- Use same CORS policy for /@:username and /users/:username ([ThibG](https://github.com/tootsuite/mastodon/pull/9485))
-- Make custom emoji domains case insensitive ([Esteth](https://github.com/tootsuite/mastodon/pull/9474))
-- Various fixes to scrollable lists and media gallery ([ThibG](https://github.com/tootsuite/mastodon/pull/9501))
-- Fix bootsnap cache directory being declared relatively ([Gargron](https://github.com/tootsuite/mastodon/pull/9511))
-- Fix timeline pagination in the web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/9516))
-- Fix padding on dropdown elements in preferences ([ThibG](https://github.com/tootsuite/mastodon/pull/9517))
-- Make avatar and headers respect GIF autoplay settings ([ThibG](https://github.com/tootsuite/mastodon/pull/9515))
-- Do no retry Web Push workers if the server returns a 4xx response ([Gargron](https://github.com/tootsuite/mastodon/pull/9434))
-- Minor scrollable list fixes ([ThibG](https://github.com/tootsuite/mastodon/pull/9551))
-- Ignore low-confidence CharlockHolmes guesses when parsing link cards ([ThibG](https://github.com/tootsuite/mastodon/pull/9510))
-- Fix `tootctl accounts rotate` not updating public keys ([Gargron](https://github.com/tootsuite/mastodon/pull/9556))
-- Fix CSP / X-Frame-Options for media players ([jomo](https://github.com/tootsuite/mastodon/pull/9558))
-- Fix unnecessary loadMore calls when the end of a timeline has been reached ([ThibG](https://github.com/tootsuite/mastodon/pull/9581))
-- Skip mailer job retries when a record no longer exists ([Gargron](https://github.com/tootsuite/mastodon/pull/9590))
-- Fix composer not getting focus after reply confirmation dialog ([ThibG](https://github.com/tootsuite/mastodon/pull/9602))
-- Fix signature verification stoplight triggering on non-timeout errors ([Gargron](https://github.com/tootsuite/mastodon/pull/9617))
-- Fix ThreadResolveWorker getting queued with invalid URLs ([Gargron](https://github.com/tootsuite/mastodon/pull/9628))
-- Fix crash when clearing uninitialized timeline ([ThibG](https://github.com/tootsuite/mastodon/pull/9662))
-- Avoid duplicate work by merging ReplyDistributionWorker into DistributionWorker ([ThibG](https://github.com/tootsuite/mastodon/pull/9660))
-- Skip full text search if it fails, instead of erroring out completely ([Kjwon15](https://github.com/tootsuite/mastodon/pull/9654))
-- Fix profile metadata links not verifying correctly sometimes ([shrft](https://github.com/tootsuite/mastodon/pull/9673))
-- Ensure blocked user unfollows blocker if Block/Undo-Block activities are processed out of order ([ThibG](https://github.com/tootsuite/mastodon/pull/9687))
-- Fix unreadable text color in report modal for some statuses ([Gargron](https://github.com/tootsuite/mastodon/pull/9716))
-- Stop GIFV timeline preview explicitly when it's opened in modal ([kedamaDQ](https://github.com/tootsuite/mastodon/pull/9749))
-- Fix scrollbar width compensation ([ThibG](https://github.com/tootsuite/mastodon/pull/9824))
-- Fix race conditions when processing deleted toots ([ThibG](https://github.com/tootsuite/mastodon/pull/9815))
-- Fix SSO issues on WebKit browsers by disabling Same-Site cookie again ([moritzheiber](https://github.com/tootsuite/mastodon/pull/9819))
-- Fix empty OEmbed error ([renatolond](https://github.com/tootsuite/mastodon/pull/9807))
-- Fix drag & drop modal not disappearing sometimes ([hinaloe](https://github.com/tootsuite/mastodon/pull/9797))
-- Fix statuses with content warnings being displayed in web push notifications sometimes ([ThibG](https://github.com/tootsuite/mastodon/pull/9778))
-- Fix scroll-to-detailed status not working on public pages ([ThibG](https://github.com/tootsuite/mastodon/pull/9773))
-- Fix media modal loading indicator ([ThibG](https://github.com/tootsuite/mastodon/pull/9771))
-- Fix hashtag search results not having a permalink fallback in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/9810))
-- Fix slightly cropped font on settings page dropdowns when using system font ([ariasuni](https://github.com/tootsuite/mastodon/pull/9839))
-- Fix not being able to drag & drop text into forms ([tmm576](https://github.com/tootsuite/mastodon/pull/9840))
-
-### Security
-
-- Sanitize and sandbox toot embeds in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/9552))
-- Add tombstones for remote statuses to prevent replay attacks ([ThibG](https://github.com/tootsuite/mastodon/pull/9830))
-
-## [2.6.5] - 2018-12-01
-### Changed
-
-- Change lists to display replies to others on the list and list owner ([ThibG](https://github.com/tootsuite/mastodon/pull/9324))
-
-### Fixed
-
-- Fix failures caused by commonly-used JSON-LD contexts being unavailable ([ThibG](https://github.com/tootsuite/mastodon/pull/9412))
-
-## [2.6.4] - 2018-11-30
-### Fixed
-
-- Fix yarn dependencies not installing due to yanked event-stream package ([Gargron](https://github.com/tootsuite/mastodon/pull/9401))
-
-## [2.6.3] - 2018-11-30
-### Added
-
-- Add hyphen to characters allowed in remote usernames ([ThibG](https://github.com/tootsuite/mastodon/pull/9345))
-
-### Changed
-
-- Change server user count to exclude suspended accounts ([Gargron](https://github.com/tootsuite/mastodon/pull/9380))
-
-### Fixed
-
-- Fix ffmpeg processing sometimes stalling due to overfilled stdout buffer ([hugogameiro](https://github.com/tootsuite/mastodon/pull/9368))
-- Fix missing DNS records raising the wrong kind of exception ([Gargron](https://github.com/tootsuite/mastodon/pull/9379))
-- Fix already queued deliveries still trying to reach inboxes marked as unavailable ([Gargron](https://github.com/tootsuite/mastodon/pull/9358))
-
-### Security
-
-- Fix TLS handshake timeout not being enforced ([Gargron](https://github.com/tootsuite/mastodon/pull/9381))
-
-## [2.6.2] - 2018-11-23
-### Added
-
-- Add Page to whitelisted ActivityPub types ([mbajur](https://github.com/tootsuite/mastodon/pull/9188))
-- Add 20px to column width in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/9227))
-- Add amount of freed disk space in `tootctl media remove` ([Gargron](https://github.com/tootsuite/mastodon/pull/9229), [Gargron](https://github.com/tootsuite/mastodon/pull/9239), [mayaeh](https://github.com/tootsuite/mastodon/pull/9288))
-- Add "Show thread" link to self-replies ([Gargron](https://github.com/tootsuite/mastodon/pull/9228))
-
-### Changed
-
-- Change order of Atom and RSS links so Atom is first ([Alkarex](https://github.com/tootsuite/mastodon/pull/9302))
-- Change Nginx configuration for Nanobox apps ([danhunsaker](https://github.com/tootsuite/mastodon/pull/9310))
-- Change the follow action to appear instant in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/9220))
-- Change how the ActiveRecord connection is instantiated in on_worker_boot ([Gargron](https://github.com/tootsuite/mastodon/pull/9238))
-- Change `tootctl accounts cull` to always touch accounts so they can be skipped ([renatolond](https://github.com/tootsuite/mastodon/pull/9293))
-- Change mime type comparison to ignore JSON-LD profile ([valerauko](https://github.com/tootsuite/mastodon/pull/9179))
-
-### Fixed
-
-- Fix web UI crash when conversation has no last status ([sammy8806](https://github.com/tootsuite/mastodon/pull/9207))
-- Fix follow limit validator reporting lower number past threshold ([Gargron](https://github.com/tootsuite/mastodon/pull/9230))
-- Fix form validation flash message color and input borders ([Gargron](https://github.com/tootsuite/mastodon/pull/9235))
-- Fix invalid twitter:player cards being displayed ([ThibG](https://github.com/tootsuite/mastodon/pull/9254))
-- Fix emoji update date being processed incorrectly ([ThibG](https://github.com/tootsuite/mastodon/pull/9255))
-- Fix playing embed resetting if status is reloaded in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/9270), [Gargron](https://github.com/tootsuite/mastodon/pull/9275))
-- Fix web UI crash when favouriting a deleted status ([ThibG](https://github.com/tootsuite/mastodon/pull/9272))
-- Fix intermediary arrays being created for hash maps ([Gargron](https://github.com/tootsuite/mastodon/pull/9291))
-- Fix filter ID not being a string in REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/9303))
-
-### Security
-
-- Fix multiple remote account deletions being able to deadlock the database ([Gargron](https://github.com/tootsuite/mastodon/pull/9292))
-- Fix HTTP connection timeout of 10s not being enforced ([Gargron](https://github.com/tootsuite/mastodon/pull/9329))
-
-## [2.6.1] - 2018-10-30
-### Fixed
-
-- Fix resolving resources by URL not working due to a regression in [valerauko](https://github.com/tootsuite/mastodon/pull/9132) ([Gargron](https://github.com/tootsuite/mastodon/pull/9171))
-- Fix reducer error in web UI when a conversation has no last status ([Gargron](https://github.com/tootsuite/mastodon/pull/9173))
-
-## [2.6.0] - 2018-10-30
-### Added
-
-- Add link ownership verification ([Gargron](https://github.com/tootsuite/mastodon/pull/8703))
-- Add conversations API ([Gargron](https://github.com/tootsuite/mastodon/pull/8832))
-- Add limit for the number of people that can be followed from one account ([Gargron](https://github.com/tootsuite/mastodon/pull/8807))
-- Add admin setting to customize mascot ([ashleyhull-versent](https://github.com/tootsuite/mastodon/pull/8766))
-- Add support for more granular ActivityPub audiences from other software, i.e. circles ([Gargron](https://github.com/tootsuite/mastodon/pull/8950), [Gargron](https://github.com/tootsuite/mastodon/pull/9093), [Gargron](https://github.com/tootsuite/mastodon/pull/9150))
-- Add option to block all reports from a domain ([Gargron](https://github.com/tootsuite/mastodon/pull/8830))
-- Add user preference to always expand toots marked with content warnings ([webroo](https://github.com/tootsuite/mastodon/pull/8762))
-- Add user preference to always hide all media ([fvh-P](https://github.com/tootsuite/mastodon/pull/8569))
-- Add `force_login` param to OAuth authorize page ([Gargron](https://github.com/tootsuite/mastodon/pull/8655))
-- Add `tootctl accounts backup` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl accounts create` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl accounts cull` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl accounts delete` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl accounts modify` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl accounts refresh` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl feeds build` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl feeds clear` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl settings registrations open` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `tootctl settings registrations close` ([Gargron](https://github.com/tootsuite/mastodon/pull/8642), [Gargron](https://github.com/tootsuite/mastodon/pull/8811))
-- Add `min_id` param to REST API to support backwards pagination ([Gargron](https://github.com/tootsuite/mastodon/pull/8736))
-- Add a confirmation dialog when hitting reply and the compose box isn't empty ([ThibG](https://github.com/tootsuite/mastodon/pull/8893))
-- Add PostgreSQL disk space growth tracking in PGHero ([Gargron](https://github.com/tootsuite/mastodon/pull/8906))
-- Add button for disabling local account to report quick actions bar ([Gargron](https://github.com/tootsuite/mastodon/pull/9024))
-- Add Czech language ([Aditoo17](https://github.com/tootsuite/mastodon/pull/8594))
-- Add `same-site` (`lax`) attribute to cookies ([sorin-davidoi](https://github.com/tootsuite/mastodon/pull/8626))
-- Add support for styled scrollbars in Firefox Nightly ([sorin-davidoi](https://github.com/tootsuite/mastodon/pull/8653))
-- Add highlight to the active tab in web UI profiles ([rhoio](https://github.com/tootsuite/mastodon/pull/8673))
-- Add auto-focus for comment textarea in report modal ([ThibG](https://github.com/tootsuite/mastodon/pull/8689))
-- Add auto-focus for emoji picker's search field ([ThibG](https://github.com/tootsuite/mastodon/pull/8688))
-- Add nginx and systemd templates to `dist/` directory ([Gargron](https://github.com/tootsuite/mastodon/pull/8770))
-- Add support for `/.well-known/change-password` ([Gargron](https://github.com/tootsuite/mastodon/pull/8828))
-- Add option to override FFMPEG binary path ([sascha-sl](https://github.com/tootsuite/mastodon/pull/8855))
-- Add `dns-prefetch` tag when using different host for assets or uploads ([Gargron](https://github.com/tootsuite/mastodon/pull/8942))
-- Add `description` meta tag ([Gargron](https://github.com/tootsuite/mastodon/pull/8941))
-- Add `Content-Security-Policy` header ([ThibG](https://github.com/tootsuite/mastodon/pull/8957))
-- Add cache for the instance info API ([ykzts](https://github.com/tootsuite/mastodon/pull/8765))
-- Add suggested follows to search screen in mobile layout ([Gargron](https://github.com/tootsuite/mastodon/pull/9010))
-- Add CORS header to `/.well-known/*` routes ([BenLubar](https://github.com/tootsuite/mastodon/pull/9083))
-- Add `card` attribute to statuses returned from REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/9120))
-- Add in-stream link preview ([Gargron](https://github.com/tootsuite/mastodon/pull/9120))
-- Add support for ActivityPub `Page` objects ([mbajur](https://github.com/tootsuite/mastodon/pull/9121))
-
-### Changed
-
-- Change forms design ([Gargron](https://github.com/tootsuite/mastodon/pull/8703))
-- Change reports overview to group by target account ([Gargron](https://github.com/tootsuite/mastodon/pull/8674))
-- Change web UI to show "read more" link on overly long in-stream statuses ([lanodan](https://github.com/tootsuite/mastodon/pull/8205))
-- Change design of direct messages column ([Gargron](https://github.com/tootsuite/mastodon/pull/8832), [Gargron](https://github.com/tootsuite/mastodon/pull/9022))
-- Change home timelines to exclude DMs ([Gargron](https://github.com/tootsuite/mastodon/pull/8940))
-- Change list timelines to exclude all replies ([cbayerlein](https://github.com/tootsuite/mastodon/pull/8683))
-- Change admin accounts UI default sort to most recent ([Gargron](https://github.com/tootsuite/mastodon/pull/8813))
-- Change documentation URL in the UI ([Gargron](https://github.com/tootsuite/mastodon/pull/8898))
-- Change style of success and failure messages ([Gargron](https://github.com/tootsuite/mastodon/pull/8973))
-- Change DM filtering to always allow DMs from staff ([qguv](https://github.com/tootsuite/mastodon/pull/8993))
-- Change recommended Ruby version to 2.5.3 ([zunda](https://github.com/tootsuite/mastodon/pull/9003))
-- Change docker-compose default to persist volumes in current directory ([Gargron](https://github.com/tootsuite/mastodon/pull/9055))
-- Change character counters on edit profile page to input length limit ([Gargron](https://github.com/tootsuite/mastodon/pull/9100))
-- Change notification filtering to always let through messages from staff ([Gargron](https://github.com/tootsuite/mastodon/pull/9152))
-- Change "hide boosts from user" function also hiding notifications about boosts ([ThibG](https://github.com/tootsuite/mastodon/pull/9147))
-- Change CSS `detailed-status__wrapper` class actually wrap the detailed status ([trwnh](https://github.com/tootsuite/mastodon/pull/8547))
-
-### Deprecated
-
-- `GET /api/v1/timelines/direct` → `GET /api/v1/conversations` ([Gargron](https://github.com/tootsuite/mastodon/pull/8832))
-- `POST /api/v1/notifications/dismiss` → `POST /api/v1/notifications/:id/dismiss` ([Gargron](https://github.com/tootsuite/mastodon/pull/8905))
-- `GET /api/v1/statuses/:id/card` → `card` attributed included in status ([Gargron](https://github.com/tootsuite/mastodon/pull/9120))
-
-### Removed
-
-- Remove "on this device" label in column push settings ([rhoio](https://github.com/tootsuite/mastodon/pull/8704))
-- Remove rake tasks in favour of tootctl commands ([Gargron](https://github.com/tootsuite/mastodon/pull/8675))
-
-### Fixed
-
-- Fix remote statuses using instance's default locale if no language given ([Kjwon15](https://github.com/tootsuite/mastodon/pull/8861))
-- Fix streaming API not exiting when port or socket is unavailable ([Gargron](https://github.com/tootsuite/mastodon/pull/9023))
-- Fix network calls being performed in database transaction in ActivityPub handler ([Gargron](https://github.com/tootsuite/mastodon/pull/8951))
-- Fix dropdown arrow position ([ThibG](https://github.com/tootsuite/mastodon/pull/8637))
-- Fix first element of dropdowns being focused even if not using keyboard ([ThibG](https://github.com/tootsuite/mastodon/pull/8679))
-- Fix tootctl requiring `bundle exec` invocation ([abcang](https://github.com/tootsuite/mastodon/pull/8619))
-- Fix public pages not using animation preference for avatars ([renatolond](https://github.com/tootsuite/mastodon/pull/8614))
-- Fix OEmbed/OpenGraph cards not understanding relative URLs ([ThibG](https://github.com/tootsuite/mastodon/pull/8669))
-- Fix some dark emojis not having a white outline ([ThibG](https://github.com/tootsuite/mastodon/pull/8597))
-- Fix media description not being displayed in various media modals ([ThibG](https://github.com/tootsuite/mastodon/pull/8678))
-- Fix generated URLs of desktop notifications missing base URL ([GenbuHase](https://github.com/tootsuite/mastodon/pull/8758))
-- Fix RTL styles ([mabkenar](https://github.com/tootsuite/mastodon/pull/8764), [mabkenar](https://github.com/tootsuite/mastodon/pull/8767), [mabkenar](https://github.com/tootsuite/mastodon/pull/8823), [mabkenar](https://github.com/tootsuite/mastodon/pull/8897), [mabkenar](https://github.com/tootsuite/mastodon/pull/9005), [mabkenar](https://github.com/tootsuite/mastodon/pull/9007), [mabkenar](https://github.com/tootsuite/mastodon/pull/9018), [mabkenar](https://github.com/tootsuite/mastodon/pull/9021), [mabkenar](https://github.com/tootsuite/mastodon/pull/9145), [mabkenar](https://github.com/tootsuite/mastodon/pull/9146))
-- Fix crash in streaming API when tag param missing ([Gargron](https://github.com/tootsuite/mastodon/pull/8955))
-- Fix hotkeys not working when no element is focused ([ThibG](https://github.com/tootsuite/mastodon/pull/8998))
-- Fix some hotkeys not working on detailed status view ([ThibG](https://github.com/tootsuite/mastodon/pull/9006))
-- Fix og:url on status pages ([ThibG](https://github.com/tootsuite/mastodon/pull/9047))
-- Fix upload option buttons only being visible on hover ([Gargron](https://github.com/tootsuite/mastodon/pull/9074))
-- Fix tootctl not returning exit code 1 on wrong arguments ([sascha-sl](https://github.com/tootsuite/mastodon/pull/9094))
-- Fix preview cards for appearing for profiles mentioned in toot ([ThibG](https://github.com/tootsuite/mastodon/pull/6934), [ThibG](https://github.com/tootsuite/mastodon/pull/9158))
-- Fix local accounts sometimes being duplicated as faux-remote ([Gargron](https://github.com/tootsuite/mastodon/pull/9109))
-- Fix emoji search when the shortcode has multiple separators ([ThibG](https://github.com/tootsuite/mastodon/pull/9124))
-- Fix dropdowns sometimes being partially obscured by other elements ([kedamaDQ](https://github.com/tootsuite/mastodon/pull/9126))
-- Fix cache not updating when reply/boost/favourite counters or media sensitivity update ([Gargron](https://github.com/tootsuite/mastodon/pull/9119))
-- Fix empty display name precedence over username in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/9163))
-- Fix td instead of th in sessions table header ([Gargron](https://github.com/tootsuite/mastodon/pull/9162))
-- Fix handling of content types with profile ([valerauko](https://github.com/tootsuite/mastodon/pull/9132))
-
-## [2.5.2] - 2018-10-12
-### Security
-
-- Fix XSS vulnerability ([Gargron](https://github.com/tootsuite/mastodon/pull/8959))
-
-## [2.5.1] - 2018-10-07
-### Fixed
-
-- Fix database migrations for PostgreSQL below 9.5 ([Gargron](https://github.com/tootsuite/mastodon/pull/8903))
-- Fix class autoloading issue in ActivityPub Create handler ([Gargron](https://github.com/tootsuite/mastodon/pull/8820))
-- Fix cache statistics not being sent via statsd when statsd enabled ([ykzts](https://github.com/tootsuite/mastodon/pull/8831))
-- Bump puma from 3.11.4 to 3.12.0 ([dependabot[bot]](https://github.com/tootsuite/mastodon/pull/8883))
-
-### Security
-
-- Fix some local images not having their EXIF metadata stripped on upload ([ThibG](https://github.com/tootsuite/mastodon/pull/8714))
-- Fix being able to enable a disabled relay via ActivityPub Accept handler ([ThibG](https://github.com/tootsuite/mastodon/pull/8864))
-- Bump nokogiri from 1.8.4 to 1.8.5 ([dependabot[bot]](https://github.com/tootsuite/mastodon/pull/8881))
-- Fix being able to report statuses not belonging to the reported account ([ThibG](https://github.com/tootsuite/mastodon/pull/8916))

CONTRIBUTING.md

@@ -1,39 +1,56 @@
-Contributing
+CONTRIBUTING
 ============
 
-Thank you for considering contributing to Mastodon 🐘
+There are three ways in which you can contribute to this repository:
 
-You can contribute in the following ways:
+1. By improving the documentation
+2. By working on the back-end application
+3. By working on the front-end application
 
-- Finding and reporting bugs
-- Translating the Mastodon interface into various languages
-- Contributing code to Mastodon by fixing bugs or implementing features
-- Improving the documentation
+Choosing what to work on in a large open source project is not easy. The list of [GitHub issues](https://github.com/tootsuite/mastodon/issues) may provide some ideas, but not every feature request has been greenlit. Likewise, not every change or feature that resolves a personal itch will be merged into the main repository. Some communication ahead of time may be wise. If your addition creates a new feature or setting, or otherwise changes how things work in some substantial way, please remember to submit a correlating pull request to document your changes in the [documentation](http://github.com/tootsuite/documentation).
 
-If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
+Below are the guidelines for working on pull requests:
 
-## Bug reports
+## General
 
-Bug reports and feature suggestions can be submitted to [GitHub Issues](https://github.com/tootsuite/mastodon/issues). Please make sure that you are not submitting duplicates, and that a similar report or request has not already been resolved or rejected in the past using the search function. Please also use descriptive, concise titles.
-
-## Translations
-
-You can submit translations via [Crowdin](https://crowdin.com/project/mastodon). They are periodically merged into the codebase.
-
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)][crowdin]
-
-## Pull requests
-
-Please use clean, concise titles for your pull requests. We use commit squashing, so the final commit in the master branch will carry the title of the pull request.
-
-The smaller the set of changes in the pull request is, the quicker it can be reviewed and merged. Splitting tasks into multiple smaller pull requests is often preferable.
-
-**Pull requests that do not pass automated checks may not be reviewed**. In particular, you need to keep in mind:
-
-- Unit and integration tests (rspec, jest)
-- Code style rules (rubocop, eslint)
-- Normalization of locale files (i18n-tasks)
+- 2 spaces indentation
 
 ## Documentation
 
-The [Mastodon documentation](https://docs.joinmastodon.org) is a statically generated site. You can [submit merge requests to mastodon/docs](https://source.joinmastodon.org/mastodon/docs).
+- No spelling mistakes
+- No orthographic mistakes
+- No Markdown syntax errors
+
+## Requirements
+
+- Ruby
+- Node.js
+- PostgreSQL
+- Redis
+- Nginx (optional)
+
+## Back-end application
+
+It is expected that you have a working development environment set up. The development environment includes [rubocop](https://github.com/bbatsov/rubocop), which checks your Ruby code for compliance with our style guide and best practices. Sublime Text, likely like other editors, has a [Rubocop plugin](https://github.com/pderichs/sublime_rubocop) that runs checks on files as you edit them. The codebase also has a test suite.
+
+* The codebase is not perfect, at the time of writing, but it is expected that you do not introduce new code style violations
+* The rspec test suite must pass
+* To the extent that it is possible, verify your changes. In the best case, by adding new tests to the test suite. At the very least, by running the server or console and checking it manually
+* If you are introducing new strings to the user interface, they must be using localization methods
+
+If your code has syntax errors that won't let it run, it's a good sign that the pull request isn't ready for submission yet.
+
+## Front-end application
+
+It is expected that you have a working development environment set up (see back-end application section). This project includes an ESLint configuration file, with which you can lint your changes.
+
+* Avoid grave ESLint violations
+* Verify that your changes work
+* If you are introducing new strings, they must be using localization methods
+
+If the JavaScript or CSS assets won't compile due to a syntax error, it's a good sign that the pull request isn't ready for submission yet.
+
+## Translate
+
+You can contribute to translating Mastodon via Weblate at [weblate.joinmastodon.org](https://weblate.joinmastodon.org/).
+[![Mastodon translation statistics by language](https://weblate.joinmastodon.org/widgets/mastodon/-/multi-auto.svg)](https://weblate.joinmastodon.org/)

Dockerfile

@@ -1,125 +1,86 @@
-FROM ubuntu:18.04 as build-dep
+FROM node:8.11.3-alpine as node
+FROM ruby:2.4.4-alpine3.6
 
-# Use bash for the shell
-SHELL ["bash", "-c"]
+LABEL maintainer="https://github.com/tootsuite/mastodon" \
+      description="Your self-hosted, globally interconnected microblogging community"
 
-# Install Node
-ENV NODE_VER="12.11.1"
-RUN	echo "Etc/UTC" > /etc/localtime && \
-	apt update && \
-	apt -y install wget python && \
-	cd ~ && \
-	wget https://nodejs.org/download/release/v$NODE_VER/node-v$NODE_VER-linux-x64.tar.gz && \
-	tar xf node-v$NODE_VER-linux-x64.tar.gz && \
-	rm node-v$NODE_VER-linux-x64.tar.gz && \
-	mv node-v$NODE_VER-linux-x64 /opt/node
-
-# Install jemalloc
-ENV JE_VER="5.2.1"
-RUN apt update && \
-	apt -y install make autoconf gcc g++ && \
-	cd ~ && \
-	wget https://github.com/jemalloc/jemalloc/archive/$JE_VER.tar.gz && \
-	tar xf $JE_VER.tar.gz && \
-	cd jemalloc-$JE_VER && \
-	./autogen.sh && \
-	./configure --prefix=/opt/jemalloc && \
-	make -j$(nproc) > /dev/null && \
-	make install_bin install_include install_lib
-
-# Install ruby
-ENV RUBY_VER="2.6.5"
-ENV CPPFLAGS="-I/opt/jemalloc/include"
-ENV LDFLAGS="-L/opt/jemalloc/lib/"
-RUN apt update && \
-	apt -y install build-essential \
-		bison libyaml-dev libgdbm-dev libreadline-dev \
-		libncurses5-dev libffi-dev zlib1g-dev libssl-dev && \
-	cd ~ && \
-	wget https://cache.ruby-lang.org/pub/ruby/${RUBY_VER%.*}/ruby-$RUBY_VER.tar.gz && \
-	tar xf ruby-$RUBY_VER.tar.gz && \
-	cd ruby-$RUBY_VER && \
-	./configure --prefix=/opt/ruby \
-	  --with-jemalloc \
-	  --with-shared \
-	  --disable-install-doc && \
-	ln -s /opt/jemalloc/lib/* /usr/lib/ && \
-	make -j$(nproc) > /dev/null && \
-	make install
-
-ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin"
-
-RUN npm install -g yarn && \
-	gem install bundler && \
-	apt update && \
-	apt -y install git libicu-dev libidn11-dev \
-	libpq-dev libprotobuf-dev protobuf-compiler
-
-COPY Gemfile* package.json yarn.lock /opt/mastodon/
-
-RUN cd /opt/mastodon && \
-	bundle install -j$(nproc) --deployment --without development test && \
-	yarn install --pure-lockfile
-
-FROM ubuntu:18.04
-
-# Copy over all the langs needed for runtime
-COPY --from=build-dep /opt/node /opt/node
-COPY --from=build-dep /opt/ruby /opt/ruby
-COPY --from=build-dep /opt/jemalloc /opt/jemalloc
-
-# Add more PATHs to the PATH
-ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin:/opt/mastodon/bin"
-
-# Create the mastodon user
 ARG UID=991
 ARG GID=991
-RUN apt update && \
-	echo "Etc/UTC" > /etc/localtime && \
-	ln -s /opt/jemalloc/lib/* /usr/lib/ && \
-	apt install -y whois wget && \
-	addgroup --gid $GID mastodon && \
-	useradd -m -u $UID -g $GID -d /opt/mastodon mastodon && \
-	echo "mastodon:`head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24 | mkpasswd -s -m sha-256`" | chpasswd
 
-# Install mastodon runtime deps
-RUN apt -y --no-install-recommends install \
-	  libssl1.1 libpq5 imagemagick ffmpeg \
-	  libicu60 libprotobuf10 libidn11 libyaml-0-2 \
-	  file ca-certificates tzdata libreadline7 && \
-	apt -y install gcc && \
-	ln -s /opt/mastodon /mastodon && \
-	gem install bundler && \
-	rm -rf /var/cache && \
-	rm -rf /var/lib/apt/lists/*
+ENV PATH=/mastodon/bin:$PATH \
+    RAILS_SERVE_STATIC_FILES=true \
+    RAILS_ENV=production \
+    NODE_ENV=production
 
-# Add tini
-ENV TINI_VERSION="0.18.0"
-ENV TINI_SUM="12d20136605531b09a2c2dac02ccee85e1b874eb322ef6baf7561cd93f93c855"
-ADD https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini /tini
-RUN echo "$TINI_SUM tini" | sha256sum -c -
-RUN chmod +x /tini
+ARG LIBICONV_VERSION=1.15
+ARG LIBICONV_DOWNLOAD_SHA256=ccf536620a45458d26ba83887a983b96827001e92a13847b45e4925cc8913178
 
-# Copy over mastodon source, and dependencies from building, and set permissions
-COPY --chown=mastodon:mastodon . /opt/mastodon
-COPY --from=build-dep --chown=mastodon:mastodon /opt/mastodon /opt/mastodon
+EXPOSE 3000 4000
 
-# Run mastodon services in prod mode
-ENV RAILS_ENV="production"
-ENV NODE_ENV="production"
+WORKDIR /mastodon
 
-# Tell rails to serve static files
-ENV RAILS_SERVE_STATIC_FILES="true"
-ENV BIND="0.0.0.0"
+COPY --from=node /usr/local/bin/node /usr/local/bin/node
+COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
+COPY --from=node /usr/local/bin/npm /usr/local/bin/npm
+COPY --from=node /opt/yarn-* /opt/yarn
+
+RUN apk -U upgrade \
+ && apk add -t build-dependencies \
+    build-base \
+    icu-dev \
+    libidn-dev \
+    libressl \
+    libtool \
+    postgresql-dev \
+    protobuf-dev \
+    python \
+ && apk add \
+    ca-certificates \
+    ffmpeg \
+    file \
+    git \
+    icu-libs \
+    imagemagick \
+    libidn \
+    libpq \
+    protobuf \
+    tini \
+    tzdata \
+ && update-ca-certificates \
+ && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
+ && ln -s /opt/yarn/bin/yarnpkg /usr/local/bin/yarnpkg \
+ && mkdir -p /tmp/src /opt \
+ && wget -O libiconv.tar.gz "https://ftp.gnu.org/pub/gnu/libiconv/libiconv-$LIBICONV_VERSION.tar.gz" \
+ && echo "$LIBICONV_DOWNLOAD_SHA256 *libiconv.tar.gz" | sha256sum -c - \
+ && tar -xzf libiconv.tar.gz -C /tmp/src \
+ && rm libiconv.tar.gz \
+ && cd /tmp/src/libiconv-$LIBICONV_VERSION \
+ && ./configure --prefix=/usr/local \
+ && make -j$(getconf _NPROCESSORS_ONLN)\
+ && make install \
+ && libtool --finish /usr/local/lib \
+ && cd /mastodon \
+ && rm -rf /tmp/* /var/cache/apk/*
+
+COPY Gemfile Gemfile.lock package.json yarn.lock .yarnclean /mastodon/
+
+RUN bundle config build.nokogiri --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
+ && bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without test development \
+ && yarn install --pure-lockfile --ignore-engines \
+ && yarn cache clean
+
+RUN addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon \
+ && mkdir -p /mastodon/public/system /mastodon/public/assets /mastodon/public/packs \
+ && chown -R mastodon:mastodon /mastodon/public
+
+COPY . /mastodon
+
+RUN chown -R mastodon:mastodon /mastodon
+
+VOLUME /mastodon/public/system
 
-# Set the run user
 USER mastodon
 
-# Precompile assets
-RUN cd ~ && \
-	OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \
-	yarn cache clean
+RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile
 
-# Set the work dir and the container entry point
-WORKDIR /opt/mastodon
-ENTRYPOINT ["/tini", "--"]
+ENTRYPOINT ["/sbin/tini", "--"]

Gemfile

@@ -1,146 +1,139 @@
 # frozen_string_literal: true
 
 source 'https://rubygems.org'
-ruby '>= 2.4.0', '< 2.7.0'
+ruby '>= 2.3.0', '< 2.6.0'
 
 gem 'pkg-config', '~> 1.3'
 
-gem 'puma', '~> 4.2'
-gem 'rails', '~> 5.2.3'
+gem 'puma', '~> 3.11'
+gem 'rails', '~> 5.2.1'
 gem 'thor', '~> 0.20'
 
 gem 'hamlit-rails', '~> 0.2'
-gem 'pg', '~> 1.1'
+gem 'pg', '~> 1.0'
 gem 'makara', '~> 0.4'
-gem 'pghero', '~> 2.3'
-gem 'dotenv-rails', '~> 2.7'
+gem 'pghero', '~> 2.1'
+gem 'dotenv-rails', '~> 2.2', '< 2.3'
 
-gem 'aws-sdk-s3', '~> 1.48', require: false
-gem 'fog-core', '<= 2.1.0'
-gem 'fog-openstack', '~> 0.3', require: false
+gem 'aws-sdk-s3', '~> 1.9', require: false
+gem 'fog-core', '~> 1.45'
+gem 'fog-openstack', '~> 0.1', require: false
 gem 'paperclip', '~> 6.0'
 gem 'paperclip-av-transcoder', '~> 0.6'
 gem 'streamio-ffmpeg', '~> 3.0'
-gem 'blurhash', '~> 0.1'
 
 gem 'active_model_serializers', '~> 0.10'
-gem 'addressable', '~> 2.7'
-gem 'bootsnap', '~> 1.4', require: false
+gem 'addressable', '~> 2.5'
+gem 'bootsnap', '~> 1.3'
 gem 'browser'
 gem 'charlock_holmes', '~> 0.7.6'
 gem 'iso-639'
-gem 'chewy', '~> 5.1'
-gem 'cld3', '~> 3.2.4'
-gem 'devise', '~> 4.7'
-gem 'devise-two-factor', '~> 3.1'
+gem 'chewy', '~> 5.0'
+gem 'cld3', '~> 3.2.0'
+gem 'devise', '~> 4.4'
+gem 'devise-two-factor', '~> 3.0'
 
 group :pam_authentication, optional: true do
-  gem 'devise_pam_authenticatable2', '~> 9.2'
+  gem 'devise_pam_authenticatable2', '~> 9.1'
 end
 
 gem 'net-ldap', '~> 0.10'
 gem 'omniauth-cas', '~> 1.1'
 gem 'omniauth-saml', '~> 1.10'
-gem 'omniauth', '~> 1.9'
+gem 'omniauth', '~> 1.2'
 
-gem 'discard', '~> 1.1'
-gem 'doorkeeper', '~> 5.2'
+gem 'doorkeeper', '~> 5.0'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'goldfinger', '~> 2.1'
 gem 'hiredis', '~> 0.6'
 gem 'redis-namespace', '~> 1.5'
-gem 'health_check', git: 'https://github.com/ianheggie/health_check', ref: '0b799ead604f900ed50685e9b2d469cd2befba5b'
 gem 'htmlentities', '~> 4.3'
-gem 'http', '~> 3.3'
+gem 'http', '~> 3.2'
 gem 'http_accept_language', '~> 2.1'
-gem 'http_parser.rb', '~> 0.6', git: 'https://github.com/tmm1/http_parser.rb', ref: '54b17ba8c7d8d20a16dfc65d1775241833219cf2', submodules: true
-gem 'httplog', '~> 1.3'
+gem 'http_parser.rb', '~> 0.6', git: 'https://github.com/tmm1/http_parser.rb', ref: '54b17ba8c7d8d20a16dfc65d1775241833219cf2'
+gem 'httplog', '~> 1.0'
 gem 'idn-ruby', require: 'idn'
 gem 'kaminari', '~> 1.1'
 gem 'link_header', '~> 0.0'
-gem 'mime-types', '~> 3.3', require: 'mime/types/columnar'
-gem 'nilsimsa', git: 'https://github.com/witgo/nilsimsa', ref: 'fd184883048b922b176939f851338d0a4971a532'
-gem 'nokogiri', '~> 1.10'
+gem 'mime-types', '~> 3.1', require: 'mime/types/columnar'
+gem 'nokogiri', '~> 1.8'
 gem 'nsa', '~> 0.2'
-gem 'oj', '~> 3.9'
+gem 'oj', '~> 3.5'
 gem 'ostatus2', '~> 2.0'
-gem 'ox', '~> 2.11'
-gem 'parslet'
-gem 'parallel', '~> 1.17'
+gem 'ox', '~> 2.9'
 gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
-gem 'pundit', '~> 2.1'
+gem 'pundit', '~> 1.1'
 gem 'premailer-rails'
-gem 'rack-attack', '~> 6.1'
+gem 'rack-attack', '~> 5.2'
 gem 'rack-cors', '~> 1.0', require: 'rack/cors'
 gem 'rails-i18n', '~> 5.1'
 gem 'rails-settings-cached', '~> 0.6'
-gem 'redis', '~> 4.1', require: ['redis', 'redis/connection/hiredis']
+gem 'redis', '~> 4.0', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 0.10'
-gem 'ruby-progressbar', '~> 1.10'
-gem 'sanitize', '~> 5.1'
-gem 'sidekiq', '~> 5.2'
-gem 'sidekiq-scheduler', '~> 3.0'
-gem 'sidekiq-unique-jobs', '~> 6.0'
-gem 'sidekiq-bulk', '~>0.2.0'
-gem 'simple-navigation', '~> 4.1'
-gem 'simple_form', '~> 4.1'
+gem 'ruby-progressbar', '~> 1.4'
+gem 'sanitize', '~> 4.6'
+gem 'sidekiq', '~> 5.1'
+gem 'sidekiq-scheduler', '~> 2.2'
+gem 'sidekiq-unique-jobs', '~> 5.0'
+gem 'sidekiq-bulk', '~>0.1.1'
+gem 'simple-navigation', '~> 4.0'
+gem 'simple_form', '~> 4.0'
 gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie'
 gem 'stoplight', '~> 2.1.3'
-gem 'strong_migrations', '~> 0.4'
-gem 'tty-command', '~> 0.9', require: false
-gem 'tty-prompt', '~> 0.19', require: false
+gem 'strong_migrations', '~> 0.2'
+gem 'tty-command', '~> 0.8', require: false
+gem 'tty-prompt', '~> 0.16', require: false
 gem 'twitter-text', '~> 1.14'
-gem 'tzinfo-data', '~> 1.2019'
-gem 'webpacker', '~> 4.0'
+gem 'tzinfo-data', '~> 1.2018'
+gem 'webpacker', '~> 3.4'
 gem 'webpush'
 
-gem 'json-ld', git: 'https://github.com/ruby-rdf/json-ld.git', ref: 'e742697a0906e74e8bb777ef98137bc3955d981d'
-gem 'json-ld-preloaded', '~> 3.0'
+gem 'json-ld', '~> 2.2'
 gem 'rdf-normalize', '~> 0.3'
 
 group :development, :test do
   gem 'fabrication', '~> 2.20'
-  gem 'fuubar', '~> 2.4'
+  gem 'fuubar', '~> 2.2'
   gem 'i18n-tasks', '~> 0.9', require: false
-  gem 'pry-byebug', '~> 3.7'
+  gem 'pry-byebug', '~> 3.6'
   gem 'pry-rails', '~> 0.3'
-  gem 'rspec-rails', '~> 3.8'
+  gem 'rspec-rails', '~> 3.7'
 end
 
 group :production, :test do
-  gem 'private_address_check', '~> 0.5'
+  gem 'private_address_check', '~> 0.4.1'
 end
 
 group :test do
-  gem 'capybara', '~> 3.29'
+  gem 'capybara', '~> 2.18'
   gem 'climate_control', '~> 0.2'
-  gem 'faker', '~> 2.5'
-  gem 'microformats', '~> 4.1'
+  gem 'faker', '~> 1.8'
+  gem 'microformats', '~> 4.0'
   gem 'rails-controller-testing', '~> 1.0'
   gem 'rspec-sidekiq', '~> 3.0'
-  gem 'simplecov', '~> 0.17', require: false
-  gem 'webmock', '~> 3.7'
-  gem 'parallel_tests', '~> 2.29'
+  gem 'simplecov', '~> 0.16', require: false
+  gem 'webmock', '~> 3.3'
+  gem 'parallel_tests', '~> 2.21'
 end
 
 group :development do
-  gem 'active_record_query_trace', '~> 1.6'
+  gem 'active_record_query_trace', '~> 1.5'
   gem 'annotate', '~> 2.7'
-  gem 'better_errors', '~> 2.5'
+  gem 'better_errors', '~> 2.4'
   gem 'binding_of_caller', '~> 0.7'
-  gem 'bullet', '~> 6.0'
-  gem 'letter_opener', '~> 1.7'
+  gem 'bullet', '~> 5.7'
+  gem 'letter_opener', '~> 1.4'
   gem 'letter_opener_web', '~> 1.3'
   gem 'memory_profiler'
-  gem 'rubocop', '~> 0.74', require: false
-  gem 'rubocop-rails', '~> 2.3', require: false
-  gem 'brakeman', '~> 4.6', require: false
+  gem 'rubocop', '~> 0.55', require: false
+  gem 'brakeman', '~> 4.2', require: false
   gem 'bundler-audit', '~> 0.6', require: false
+  gem 'scss_lint', '~> 0.57', require: false
 
-  gem 'capistrano', '~> 3.11'
-  gem 'capistrano-rails', '~> 1.4'
+  gem 'capistrano', '~> 3.10'
+  gem 'capistrano-rails', '~> 1.3'
   gem 'capistrano-rbenv', '~> 2.1'
   gem 'capistrano-yarn', '~> 2.0'
 
@@ -149,9 +142,6 @@ group :development do
 end
 
 group :production do
-  gem 'lograge', '~> 0.11'
+  gem 'lograge', '~> 0.10'
   gem 'redis-rails', '~> 5.0'
 end
-
-gem 'concurrent-ruby', require: false
-gem 'connection_pool', require: false

Procfile

@@ -1,14 +1,2 @@
-web: if [ "$RUN_STREAMING" != "true" ]; then BIND=0.0.0.0 bundle exec puma -C config/puma.rb; else BIND=0.0.0.0 node ./streaming; fi
+web: bundle exec puma -C config/puma.rb
 worker: bundle exec sidekiq
-
-# For the streaming API, you need a separate app that shares Postgres and Redis:
-#
-# heroku create
-# heroku buildpacks:add heroku/nodejs
-# heroku config:set RUN_STREAMING=true
-# heroku addons:attach <main-app>::DATABASE
-# heroku addons:attach <main-app>::REDIS
-#
-# and let the main app use the separate app:
-#
-# heroku config:set STREAMING_API_BASE_URL=wss://<streaming-app>.herokuapp.com -a <main-app>

README.md

@@ -1,95 +1,98 @@
 ![Mastodon](https://i.imgur.com/NhZc40l.png)
 ========
 
-[![GitHub release](https://img.shields.io/github/release/tootsuite/mastodon.svg)][releases]
 [![Build Status](https://img.shields.io/circleci/project/github/tootsuite/mastodon.svg)][circleci]
 [![Code Climate](https://img.shields.io/codeclimate/maintainability/tootsuite/mastodon.svg)][code_climate]
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)][crowdin]
-[![Docker Pulls](https://img.shields.io/docker/pulls/tootsuite/mastodon.svg)][docker]
+[![Translation status](https://weblate.joinmastodon.org/widgets/mastodon/-/svg-badge.svg)][weblate]
 
-[releases]: https://github.com/tootsuite/mastodon/releases
 [circleci]: https://circleci.com/gh/tootsuite/mastodon
 [code_climate]: https://codeclimate.com/github/tootsuite/mastodon
-[crowdin]: https://crowdin.com/project/mastodon
-[docker]: https://hub.docker.com/r/tootsuite/mastodon/
+[weblate]: https://weblate.joinmastodon.org/engage/mastodon/
 
-Mastodon is a **free, open-source social network server** based on ActivityPub. Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. All servers of Mastodon are interoperable as a federated network, i.e. users on one server can seamlessly communicate with users from another one. This includes non-Mastodon software that also implements ActivityPub!
+Mastodon is a **free, open-source social network server** based on **open web protocols** like ActivityPub and OStatus. The social focus of the project is a viable decentralized alternative to commercial social media silos that returns the control of the content distribution channels to the people. The technical focus of the project is a good user interface, a clean REST API for 3rd party apps and robust anti-abuse tools.
 
-Click below to **learn more** in a video:
+Click on the screenshot below to watch a demo of the UI:
 
-[![Screenshot](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/ezgif-2-60f1b00403.gif)][youtube_demo]
+[![Screenshot](https://i.imgur.com/qrNOiSp.png)][youtube_demo]
 
 [youtube_demo]: https://www.youtube.com/watch?v=IPSbNdBmWKE
 
-## Navigation
+**Ruby on Rails** is used for the back-end, while **React.js** and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided.
 
-- [Project homepage 🐘](https://joinmastodon.org)
-- [Support the development via Patreon][patreon]
-- [View sponsors](https://joinmastodon.org/sponsors)
-- [Blog](https://blog.joinmastodon.org)
-- [Documentation](https://docs.joinmastodon.org)
-- [Browse Mastodon servers](https://joinmastodon.org/#getting-started)
-- [Browse Mastodon apps](https://joinmastodon.org/apps)
+If you would like, you can [support the development of this project on Patreon][patreon].
 
 [patreon]: https://www.patreon.com/mastodon
 
-## Features
+---
 
-<img src="https://docs.joinmastodon.org/elephant.svg" align="right" width="30%" />
+## Resources
+
+- [Quick start guide](https://blog.joinmastodon.org/2018/08/mastodon-quick-start-guide/)
+- [Find Twitter friends on Mastodon](https://bridge.joinmastodon.org)
+- [API overview](https://github.com/tootsuite/documentation/blob/master/Using-the-API/API.md)
+- [Documentation](https://github.com/tootsuite/documentation)
+- [List of servers](https://joinmastodon.org/#getting-started)
+- [List of apps](https://joinmastodon.org/apps)
+- [List of sponsors](https://joinmastodon.org/sponsors)
+
+## Features
 
 **No vendor lock-in: Fully interoperable with any conforming platform**
 
-It doesn't have to be Mastodon, whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
+It doesn't have to be Mastodon, whatever implements ActivityPub or OStatus is part of the social network!
 
-**Real-time, chronological timeline updates**
+**Real-time timeline updates**
 
 See the updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
 
+**Federated thread resolving**
+
+If someone you follow replies to a user unknown to the server, the server fetches the full thread so you can view it without leaving the UI
+
 **Media attachments like images and short videos**
 
 Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos are looped - like vines!
 
-**Safety and moderation tools**
-
-Private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
-
 **OAuth2 and a straightforward REST API**
 
-Mastodon acts as an OAuth2 provider so 3rd party apps can use the REST and Streaming APIs, resulting in a rich app ecosystem with a lot of choices!
+Mastodon acts as an OAuth2 provider so 3rd party apps can use the API
+
+**Fast response times**
+
+Mastodon tries to be as fast and responsive as possible, so all long-running tasks are delegated to background processing
+
+**Deployable via Docker**
+
+You don't need to mess with dependencies and configuration if you want to try Mastodon, if you have Docker and Docker Compose the deployment is extremely easy
+
+---
+
+## Development
+
+Please follow the [development guide](https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Development-guide.md) from the documentation repository.
 
 ## Deployment
 
-**Tech stack:**
-
-- **Ruby on Rails** powers the REST API and other web pages
-- **React.js** and Redux are used for the dynamic parts of the interface
-- **Node.js** powers the streaming API
-
-**Requirements:**
-
-- **PostgreSQL** 9.5+
-- **Redis**
-- **Ruby** 2.4+
-- **Node.js** 8+
-
-The repository includes deployment configurations for **Docker and docker-compose**, but also a few specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. The [**stand-alone** installation guide](https://docs.joinmastodon.org/administration/installation/) is available in the documentation.
-
-A **Vagrant** configuration is included for development purposes.
+There are guides in the documentation repository for [deploying on various platforms](https://github.com/tootsuite/documentation#running-mastodon).
 
 ## Contributing
 
-Mastodon is **free, open source software** licensed under **AGPLv3**.
-
-You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository, or submit translations using Weblate. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
+You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository. [Here are the guidelines for code contributions](CONTRIBUTING.md)
 
 **IRC channel**: #mastodon on irc.freenode.net
 
 ## License
 
-Copyright (C) 2016-2019 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
+Copyright (C) 2016-2018 Eugen Rochko & other Mastodon contributors (see AUTHORS.md)
 
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
 
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
 
 You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+---
+
+## Extra credits
+
+The elephant friend illustrations are created by [Dopatwo](https://mastodon.social/@dopatwo)

Vagrantfile

@@ -44,18 +44,7 @@ sudo apt-get install \
 
 # Install rvm
 read RUBY_VERSION < .ruby-version
-
-gpg_command="gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB"
-$($gpg_command)
-if [ $? -ne 0 ];then
-  echo "GPG command failed, This prevented RVM from installing."
-  echo "Retrying once..." && $($gpg_command)
-  if [ $? -ne 0 ];then
-    echo "GPG failed for the second time, please ensure network connectivity."
-    echo "Exiting..." && exit 1
-  fi
-fi
-
+gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
 curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer | bash -s stable --ruby=$RUBY_VERSION
 source /home/vagrant/.rvm/scripts/rvm
 
@@ -96,9 +85,6 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
   config.vm.provider :virtualbox do |vb|
     vb.name = "mastodon"
     vb.customize ["modifyvm", :id, "--memory", "2048"]
-    # Increase the number of CPUs. Uncomment and adjust to
-    # increase performance
-    # vb.customize ["modifyvm", :id, "--cpus", "3"]
 
     # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
     # https://github.com/mitchellh/vagrant/issues/1172
@@ -111,22 +97,19 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
 
   end
 
+  config.vm.hostname = "mastodon.dev"
+
   # This uses the vagrant-hostsupdater plugin, and lets you
-  # access the development site at http://mastodon.local.
-  # If you change it, also change it in .env.vagrant before provisioning
-  # the vagrant server to update the development build.
-  #
+  # access the development site at http://mastodon.dev.
   # To install:
   #   $ vagrant plugin install vagrant-hostsupdater
-  config.vm.hostname = "mastodon.local"
-
   if defined?(VagrantPlugins::HostsUpdater)
     config.vm.network :private_network, ip: "192.168.42.42", nictype: "virtio"
     config.hostsupdater.remove_on_suspend = false
   end
 
   if config.vm.networks.any? { |type, options| type == :private_network }
-    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'actimeo=1']
+    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp']
   else
     config.vm.synced_folder ".", "/vagrant"
   end

app.json

@@ -13,6 +13,15 @@
       "description": "The domain that your Mastodon instance will run on (this can be appname.herokuapp.com or a custom domain)",
       "required": true
     },
+    "LOCAL_HTTPS": {
+      "description": "Will your domain support HTTPS? (Automatic for herokuapp, requires manual configuration for custom domains)",
+      "value": "false",
+      "required": true
+    },
+    "PAPERCLIP_SECRET": {
+      "description": "The secret key for storing media files",
+      "generator": "secret"
+    },
     "SECRET_KEY_BASE": {
       "description": "The secret key base",
       "generator": "secret"

app/chewy/accounts_index.rb

@@ -1,43 +0,0 @@
-# frozen_string_literal: true
-
-class AccountsIndex < Chewy::Index
-  settings index: { refresh_interval: '5m' }, analysis: {
-    analyzer: {
-      content: {
-        tokenizer: 'whitespace',
-        filter: %w(lowercase asciifolding cjk_width),
-      },
-
-      edge_ngram: {
-        tokenizer: 'edge_ngram',
-        filter: %w(lowercase asciifolding cjk_width),
-      },
-    },
-
-    tokenizer: {
-      edge_ngram: {
-        type: 'edge_ngram',
-        min_gram: 1,
-        max_gram: 15,
-      },
-    },
-  }
-
-  define_type ::Account.searchable.includes(:account_stat), delete_if: ->(account) { account.destroyed? || !account.searchable? } do
-    root date_detection: false do
-      field :id, type: 'long'
-
-      field :display_name, type: 'text', analyzer: 'content' do
-        field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
-      end
-
-      field :acct, type: 'text', analyzer: 'content', value: ->(account) { [account.username, account.domain].compact.join('@') } do
-        field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
-      end
-
-      field :following_count, type: 'long', value: ->(account) { account.following.local.count }
-      field :followers_count, type: 'long', value: ->(account) { account.followers.local.count }
-      field :last_status_at, type: 'date', value: ->(account) { account.last_status_at || account.created_at }
-    end
-  end
-end

app/chewy/statuses_index.rb

@@ -31,31 +31,31 @@ class StatusesIndex < Chewy::Index
     },
   }
 
-  define_type ::Status.unscoped.kept.without_reblogs.includes(:media_attachments), delete_if: ->(status) { status.searchable_by.empty? } do
+  define_type ::Status.unscoped.without_reblogs do
     crutch :mentions do |collection|
-      data = ::Mention.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
+      data = ::Mention.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
       data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
     end
 
     crutch :favourites do |collection|
-      data = ::Favourite.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
+      data = ::Favourite.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
       data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
     end
 
     crutch :reblogs do |collection|
-      data = ::Status.where(reblog_of_id: collection.map(&:id)).where(account: Account.local).pluck(:reblog_of_id, :account_id)
+      data = ::Status.where(reblog_of_id: collection.map(&:id)).pluck(:reblog_of_id, :account_id)
       data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
     end
 
     root date_detection: false do
-      field :id, type: 'long'
       field :account_id, type: 'long'
 
-      field :text, type: 'text', value: ->(status) { [status.spoiler_text, Formatter.instance.plaintext(status)].concat(status.media_attachments.map(&:description)).concat(status.preloadable_poll ? status.preloadable_poll.options : []).join("\n\n") } do
+      field :text, type: 'text', value: ->(status) { [status.spoiler_text, Formatter.instance.plaintext(status)].join("\n\n") } do
         field :stemmed, type: 'text', analyzer: 'content'
       end
 
       field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
+      field :created_at, type: 'date'
     end
   end
 end

app/chewy/tags_index.rb

@@ -1,37 +0,0 @@
-# frozen_string_literal: true
-
-class TagsIndex < Chewy::Index
-  settings index: { refresh_interval: '15m' }, analysis: {
-    analyzer: {
-      content: {
-        tokenizer: 'keyword',
-        filter: %w(lowercase asciifolding cjk_width),
-      },
-
-      edge_ngram: {
-        tokenizer: 'edge_ngram',
-        filter: %w(lowercase asciifolding cjk_width),
-      },
-    },
-
-    tokenizer: {
-      edge_ngram: {
-        type: 'edge_ngram',
-        min_gram: 2,
-        max_gram: 15,
-      },
-    },
-  }
-
-  define_type ::Tag.listable, delete_if: ->(tag) { tag.destroyed? || !tag.listable? } do
-    root date_detection: false do
-      field :name, type: 'text', analyzer: 'content' do
-        field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
-      end
-
-      field :reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? }
-      field :usage, type: 'long', value: ->(tag) { tag.history.reduce(0) { |total, day| total + day[:accounts].to_i } }
-      field :last_status_at, type: 'date', value: ->(tag) { tag.last_status_at || tag.created_at }
-    end
-  end
-end

app/controllers/about_controller.rb

@@ -1,64 +1,42 @@
 # frozen_string_literal: true
 
 class AboutController < ApplicationController
-  layout 'public'
+  before_action :set_body_classes
+  before_action :set_instance_presenter, only: [:show, :more, :terms]
 
-  before_action :require_open_federation!, only: [:show, :more]
-  before_action :set_body_classes, only: :show
-  before_action :set_instance_presenter
-  before_action :set_expires_in, only: [:show, :more, :terms]
-
-  skip_before_action :require_functional!, only: [:more, :terms]
-
-  def show; end
-
-  def more
-    flash.now[:notice] = I18n.t('about.instance_actor_flash') if params[:instance_actor]
-
-    toc_generator = TOCGenerator.new(@instance_presenter.site_extended_description)
-
-    @contents          = toc_generator.html
-    @table_of_contents = toc_generator.toc
-    @blocks            = DomainBlock.with_user_facing_limitations.by_severity if display_blocks?
+  def show
+    serializable_resource = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(initial_state_params), serializer: InitialStateSerializer)
+    @initial_state_json   = serializable_resource.to_json
   end
 
-  def terms; end
+  def more
+    render layout: 'public'
+  end
 
-  helper_method :display_blocks?
-  helper_method :display_blocks_rationale?
-  helper_method :public_fetch_mode?
-  helper_method :new_user
+  def terms
+    render layout: 'public'
+  end
 
   private
 
-  def require_open_federation!
-    not_found if whitelist_mode?
-  end
-
-  def display_blocks?
-    Setting.show_domain_blocks == 'all' || (Setting.show_domain_blocks == 'users' && user_signed_in?)
-  end
-
-  def display_blocks_rationale?
-    Setting.show_domain_blocks_rationale == 'all' || (Setting.show_domain_blocks_rationale == 'users' && user_signed_in?)
-  end
-
   def new_user
-    User.new.tap do |user|
-      user.build_account
-      user.build_invite_request
-    end
+    User.new.tap(&:build_account)
   end
 
+  helper_method :new_user
+
   def set_instance_presenter
     @instance_presenter = InstancePresenter.new
   end
 
   def set_body_classes
-    @hide_navbar = true
+    @body_classes = 'with-modals'
   end
 
-  def set_expires_in
-    expires_in 0, public: true
+  def initial_state_params
+    {
+      settings: { known_fediverse: Setting.show_known_fediverse_at_about_page },
+      token: current_session&.token,
+    }
   end
 end

app/controllers/accounts_controller.rb

@@ -4,22 +4,15 @@ class AccountsController < ApplicationController
   PAGE_SIZE = 20
 
   include AccountControllerConcern
-  include SignatureAuthentication
 
   before_action :set_cache_headers
-  before_action :set_body_classes
-
-  skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format) }
-  skip_before_action :require_functional!
 
   def show
     respond_to do |format|
       format.html do
-        expires_in 0, public: true unless user_signed_in?
-
+        @body_classes      = 'with-modals'
         @pinned_statuses   = []
         @endorsed_accounts = @account.endorsed_accounts.to_a.sample(4)
-        @featured_hashtags = @account.featured_tags.order(statuses_count: :desc)
 
         if current_account && @account.blocking?(current_account)
           @statuses = []
@@ -29,7 +22,6 @@ class AccountsController < ApplicationController
         @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses?
         @statuses        = filtered_status_page(params)
         @statuses        = cache_collection(@statuses, Status)
-        @rss_url         = rss_url
 
         unless @statuses.empty?
           @older_url = older_url if @statuses.last.id > filtered_statuses.last.id
@@ -37,34 +29,34 @@ class AccountsController < ApplicationController
         end
       end
 
-      format.rss do
-        expires_in 1.minute, public: true
+      format.atom do
+        @entries = @account.stream_entries.where(hidden: false).with_includes.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id])
+        render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, @entries.reject { |entry| entry.status.nil? }))
+      end
 
-        @statuses = filtered_statuses.without_reblogs.without_replies.limit(PAGE_SIZE)
-        @statuses = cache_collection(@statuses, Status)
-        render xml: RSS::AccountSerializer.render(@account, @statuses, params[:tag])
+      format.rss do
+        @statuses = cache_collection(default_statuses.without_reblogs.without_replies.limit(PAGE_SIZE), Status)
+        render xml: RSS::AccountSerializer.render(@account, @statuses)
       end
 
       format.json do
-        expires_in 3.minutes, public: !(authorized_fetch_mode? && signed_request_account.present?)
-        render_with_cache json: @account, content_type: 'application/activity+json', serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter, fields: restrict_fields_to
+        skip_session!
+
+        render_cached_json(['activitypub', 'actor', @account], content_type: 'application/activity+json') do
+          ActiveModelSerializers::SerializableResource.new(@account, serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter)
+        end
       end
     end
   end
 
   private
 
-  def set_body_classes
-    @body_classes = 'with-modals'
-  end
-
   def show_pinned_statuses?
-    [replies_requested?, media_requested?, tag_requested?, params[:max_id].present?, params[:min_id].present?].none?
+    [replies_requested?, media_requested?, params[:max_id].present?, params[:min_id].present?].none?
   end
 
   def filtered_statuses
     default_statuses.tap do |statuses|
-      statuses.merge!(hashtag_scope)    if tag_requested?
       statuses.merge!(only_media_scope) if media_requested?
       statuses.merge!(no_replies_scope) unless replies_requested?
     end
@@ -86,29 +78,12 @@ class AccountsController < ApplicationController
     Status.without_replies
   end
 
-  def hashtag_scope
-    tag = Tag.find_normalized(params[:tag])
-
-    if tag
-      Status.tagged_with(tag.id)
-    else
-      Status.none
-    end
-  end
-
-  def username_param
-    params[:username]
-  end
-
-  def rss_url
-    if tag_requested?
-      short_account_tag_url(@account, params[:tag], format: 'rss')
-    else
-      short_account_url(@account, format: 'rss')
-    end
+  def set_account
+    @account = Account.find_local!(params[:username])
   end
 
   def older_url
+    ::Rails.logger.info("older: max_id #{@statuses.last.id}, url #{pagination_url(max_id: @statuses.last.id)}")
     pagination_url(max_id: @statuses.last.id)
   end
 
@@ -117,9 +92,7 @@ class AccountsController < ApplicationController
   end
 
   def pagination_url(max_id: nil, min_id: nil)
-    if tag_requested?
-      short_account_tag_url(@account, params[:tag], max_id: max_id, min_id: min_id)
-    elsif media_requested?
+    if media_requested?
       short_account_media_url(@account, max_id: max_id, min_id: min_id)
     elsif replies_requested?
       short_account_with_replies_url(@account, max_id: max_id, min_id: min_id)
@@ -129,15 +102,11 @@ class AccountsController < ApplicationController
   end
 
   def media_requested?
-    request.path.ends_with?('/media') && !tag_requested?
+    request.path.ends_with?('/media')
   end
 
   def replies_requested?
-    request.path.ends_with?('/with_replies') && !tag_requested?
-  end
-
-  def tag_requested?
-    request.path.split('.').first.ends_with?(Addressable::URI.parse("/tagged/#{params[:tag]}").normalize)
+    request.path.ends_with?('/with_replies')
   end
 
   def filtered_status_page(params)
@@ -147,12 +116,4 @@ class AccountsController < ApplicationController
       filtered_statuses.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id]).to_a
     end
   end
-
-  def restrict_fields_to
-    if signed_request_account.present? || public_fetch_mode?
-      # Return all fields
-    else
-      %i(id type preferred_username inbox public_key endpoints)
-    end
-  end
 end

app/controllers/activitypub/base_controller.rb

@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::BaseController < Api::BaseController
-  skip_before_action :require_authenticated_user!
-
-  private
-
-  def set_cache_headers
-    response.headers['Vary'] = 'Signature' if authorized_fetch_mode?
-  end
-end

app/controllers/activitypub/collections_controller.rb

@@ -1,21 +1,26 @@
 # frozen_string_literal: true
 
-class ActivityPub::CollectionsController < ActivityPub::BaseController
+class ActivityPub::CollectionsController < Api::BaseController
   include SignatureVerification
-  include AccountOwnedConcern
 
-  before_action :require_signature!, if: :authorized_fetch_mode?
+  before_action :set_account
   before_action :set_size
   before_action :set_statuses
-  before_action :set_cache_headers
 
   def show
-    expires_in 3.minutes, public: public_fetch_mode?
-    render_with_cache json: collection_presenter, content_type: 'application/activity+json', serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, skip_activities: true
+    render json: collection_presenter,
+           serializer: ActivityPub::CollectionSerializer,
+           adapter: ActivityPub::Adapter,
+           content_type: 'application/activity+json',
+           skip_activities: true
   end
 
   private
 
+  def set_account
+    @account = Account.find_local!(params[:account_username])
+  end
+
   def set_statuses
     @statuses = scope_for_collection
     @statuses = cache_collection(@statuses, Status)
@@ -26,18 +31,18 @@ class ActivityPub::CollectionsController < ActivityPub::BaseController
     when 'featured'
       @account.pinned_statuses.count
     else
-      raise ActiveRecord::RecordNotFound
+      raise ActiveRecord::NotFound
     end
   end
 
   def scope_for_collection
     case params[:id]
     when 'featured'
-      return Status.none if @account.blocking?(signed_request_account)
-
-      @account.pinned_statuses
+      @account.statuses.permitted_for(@account, signed_request_account).tap do |scope|
+        scope.merge!(@account.pinned_statuses)
+      end
     else
-      raise ActiveRecord::RecordNotFound
+      raise ActiveRecord::NotFound
     end
   end
 

app/controllers/activitypub/inboxes_controller.rb

@@ -1,45 +1,28 @@
 # frozen_string_literal: true
 
-class ActivityPub::InboxesController < ActivityPub::BaseController
+class ActivityPub::InboxesController < Api::BaseController
   include SignatureVerification
-  include JsonLdHelper
-  include AccountOwnedConcern
 
-  before_action :skip_unknown_actor_delete
-  before_action :require_signature!
+  before_action :set_account
 
   def create
-    upgrade_account
-    process_payload
-    head 202
+    if signed_request_account
+      upgrade_account
+      process_payload
+      head 202
+    else
+      render plain: signature_verification_failure_reason, status: 401
+    end
   end
 
   private
 
-  def skip_unknown_actor_delete
-    head 202 if unknown_deleted_account?
-  end
-
-  def unknown_deleted_account?
-    json = Oj.load(body, mode: :strict)
-    json.is_a?(Hash) && json['type'] == 'Delete' && json['actor'].present? && json['actor'] == value_or_id(json['object']) && !Account.where(uri: json['actor']).exists?
-  rescue Oj::ParseError
-    false
-  end
-
-  def account_required?
-    params[:account_username].present?
+  def set_account
+    @account = Account.find_local!(params[:account_username]) if params[:account_username]
   end
 
   def body
-    return @body if defined?(@body)
-
-    @body = request.body.read
-    @body.force_encoding('UTF-8') if @body.present?
-
-    request.body.rewind if request.body.respond_to?(:rewind)
-
-    @body
+    @body ||= request.body.read
   end
 
   def upgrade_account
@@ -48,10 +31,11 @@ class ActivityPub::InboxesController < ActivityPub::BaseController
       ResolveAccountWorker.perform_async(signed_request_account.acct)
     end
 
+    Pubsubhubbub::UnsubscribeWorker.perform_async(signed_request_account.id) if signed_request_account.subscribed?
     DeliveryFailureTracker.track_inverse_success!(signed_request_account)
   end
 
   def process_payload
-    ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body, @account&.id)
+    ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'))
   end
 end

app/controllers/activitypub/outboxes_controller.rb

@@ -1,22 +1,23 @@
 # frozen_string_literal: true
 
-class ActivityPub::OutboxesController < ActivityPub::BaseController
+class ActivityPub::OutboxesController < Api::BaseController
   LIMIT = 20
 
   include SignatureVerification
-  include AccountOwnedConcern
 
-  before_action :require_signature!, if: :authorized_fetch_mode?
+  before_action :set_account
   before_action :set_statuses
-  before_action :set_cache_headers
 
   def show
-    expires_in(page_requested? ? 0 : 3.minutes, public: public_fetch_mode?)
     render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
   end
 
   private
 
+  def set_account
+    @account = Account.find_local!(params[:account_username])
+  end
+
   def outbox_presenter
     if page_requested?
       ActivityPub::CollectionPresenter.new(

app/controllers/activitypub/replies_controller.rb

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::RepliesController < ActivityPub::BaseController
-  include SignatureAuthentication
-  include Authorization
-  include AccountOwnedConcern
-
-  DESCENDANTS_LIMIT = 60
-
-  before_action :require_signature!, if: :authorized_fetch_mode?
-  before_action :set_status
-  before_action :set_cache_headers
-  before_action :set_replies
-
-  def index
-    expires_in 0, public: public_fetch_mode?
-    render json: replies_collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json', skip_activities: true
-  end
-
-  private
-
-  def set_status
-    @status = @account.statuses.find(params[:status_id])
-    authorize @status, :show?
-  rescue Mastodon::NotPermittedError
-    raise ActiveRecord::RecordNotFound
-  end
-
-  def set_replies
-    @replies = page_params[:only_other_accounts] ? Status.where.not(account_id: @account.id) : @account.statuses
-    @replies = @replies.where(in_reply_to_id: @status.id, visibility: [:public, :unlisted])
-    @replies = @replies.paginate_by_min_id(DESCENDANTS_LIMIT, params[:min_id])
-  end
-
-  def replies_collection_presenter
-    page = ActivityPub::CollectionPresenter.new(
-      id: account_status_replies_url(@account, @status, page_params),
-      type: :unordered,
-      part_of: account_status_replies_url(@account, @status),
-      next: next_page,
-      items: @replies.map { |status| status.local ? status : status.uri }
-    )
-
-    return page if page_requested?
-
-    ActivityPub::CollectionPresenter.new(
-      id: account_status_replies_url(@account, @status),
-      type: :unordered,
-      first: page
-    )
-  end
-
-  def page_requested?
-    params[:page] == 'true'
-  end
-
-  def next_page
-    only_other_accounts = !(@replies&.last&.account_id == @account.id && @replies.size == DESCENDANTS_LIMIT)
-    account_status_replies_url(
-      @account,
-      @status,
-      page: true,
-      min_id: only_other_accounts && !page_params[:only_other_accounts] ? nil : @replies&.last&.id,
-      only_other_accounts: only_other_accounts
-    )
-  end
-
-  def page_params
-    params_slice(:only_other_accounts, :min_id).merge(page: true)
-  end
-end

app/controllers/admin/account_actions_controller.rb

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class AccountActionsController < BaseController
-    before_action :set_account
-
-    def new
-      @account_action  = Admin::AccountAction.new(type: params[:type], report_id: params[:report_id], send_email_notification: true, include_statuses: true)
-      @warning_presets = AccountWarningPreset.all
-    end
-
-    def create
-      account_action                 = Admin::AccountAction.new(resource_params)
-      account_action.target_account  = @account
-      account_action.current_account = current_account
-
-      account_action.save!
-
-      if account_action.with_report?
-        redirect_to admin_reports_path
-      else
-        redirect_to admin_account_path(@account.id)
-      end
-    end
-
-    private
-
-    def set_account
-      @account = Account.find(params[:account_id])
-    end
-
-    def resource_params
-      params.require(:admin_account_action).permit(:type, :report_id, :warning_preset_id, :text, :send_email_notification, :include_statuses)
-    end
-  end
-end

app/controllers/admin/account_moderation_notes_controller.rb

@@ -14,7 +14,6 @@ module Admin
       else
         @account          = @account_moderation_note.target_account
         @moderation_notes = @account.targeted_moderation_notes.latest
-        @warnings         = @account.targeted_account_warnings.latest.custom
 
         render template: 'admin/accounts/show'
       end

app/controllers/admin/accounts_controller.rb

@@ -2,9 +2,9 @@
 
 module Admin
   class AccountsController < BaseController
-    before_action :set_account, only: [:show, :redownload, :remove_avatar, :remove_header, :enable, :unsilence, :unsuspend, :memorialize, :approve, :reject]
-    before_action :require_remote_account!, only: [:redownload]
-    before_action :require_local_account!, only: [:enable, :memorialize, :approve, :reject]
+    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :remove_avatar, :enable, :disable, :memorialize]
+    before_action :require_remote_account!, only: [:subscribe, :unsubscribe, :redownload]
+    before_action :require_local_account!, only: [:enable, :disable, :memorialize]
 
     def index
       authorize :account, :index?
@@ -13,10 +13,20 @@ module Admin
 
     def show
       authorize @account, :show?
-
       @account_moderation_note = current_account.account_moderation_notes.new(target_account: @account)
-      @moderation_notes        = @account.targeted_moderation_notes.latest
-      @warnings                = @account.targeted_account_warnings.latest.custom
+      @moderation_notes = @account.targeted_moderation_notes.latest
+    end
+
+    def subscribe
+      authorize @account, :subscribe?
+      Pubsubhubbub::SubscribeWorker.perform_async(@account.id)
+      redirect_to admin_account_path(@account.id)
+    end
+
+    def unsubscribe
+      authorize @account, :unsubscribe?
+      Pubsubhubbub::UnsubscribeWorker.perform_async(@account.id)
+      redirect_to admin_account_path(@account.id)
     end
 
     def memorialize
@@ -33,37 +43,19 @@ module Admin
       redirect_to admin_account_path(@account.id)
     end
 
-    def approve
-      authorize @account.user, :approve?
-      @account.user.approve!
-      redirect_to admin_pending_accounts_path
-    end
-
-    def reject
-      authorize @account.user, :reject?
-      SuspendAccountService.new.call(@account, reserve_email: false, reserve_username: false)
-      redirect_to admin_pending_accounts_path
-    end
-
-    def unsilence
-      authorize @account, :unsilence?
-      @account.unsilence!
-      log_action :unsilence, @account
-      redirect_to admin_account_path(@account.id)
-    end
-
-    def unsuspend
-      authorize @account, :unsuspend?
-      @account.unsuspend!
-      log_action :unsuspend, @account
+    def disable
+      authorize @account.user, :disable?
+      @account.user.disable!
+      log_action :disable, @account.user
       redirect_to admin_account_path(@account.id)
     end
 
     def redownload
       authorize @account, :redownload?
 
-      @account.update!(last_webfingered_at: nil)
-      ResolveAccountService.new.call(@account)
+      @account.reset_avatar!
+      @account.reset_header!
+      @account.save!
 
       redirect_to admin_account_path(@account.id)
     end
@@ -79,17 +71,6 @@ module Admin
       redirect_to admin_account_path(@account.id)
     end
 
-    def remove_header
-      authorize @account, :remove_header?
-
-      @account.header = nil
-      @account.save!
-
-      log_action :remove_header, @account.user
-
-      redirect_to admin_account_path(@account.id)
-    end
-
     private
 
     def set_account
@@ -113,10 +94,8 @@ module Admin
         :local,
         :remote,
         :by_domain,
-        :active,
-        :pending,
-        :disabled,
         :silenced,
+        :recent,
         :suspended,
         :username,
         :display_name,

app/controllers/admin/base_controller.rb

@@ -5,19 +5,8 @@ module Admin
     include Authorization
     include AccountableConcern
 
-    layout 'admin'
-
     before_action :require_staff!
-    before_action :set_body_classes
 
-    private
-
-    def set_body_classes
-      @body_classes = 'admin'
-    end
-
-    def set_user
-      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
-    end
+    layout 'admin'
   end
 end

app/controllers/admin/confirmations_controller.rb

@@ -25,6 +25,10 @@ module Admin
 
     private
 
+    def set_user
+      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
+    end
+
     def check_confirmation
       if @user.confirmed?
         flash[:error] = I18n.t('admin.accounts.resend_confirmation.already_confirmed')

app/controllers/admin/custom_emojis_controller.rb

@@ -2,20 +2,16 @@
 
 module Admin
   class CustomEmojisController < BaseController
-    include ObfuscateFilename
-
-    obfuscate_filename [:custom_emoji, :image]
+    before_action :set_custom_emoji, except: [:index, :new, :create]
+    before_action :set_filter_params
 
     def index
       authorize :custom_emoji, :index?
-
       @custom_emojis = filtered_custom_emojis.eager_load(:local_counterpart).page(params[:page])
-      @form          = Form::CustomEmojiBatch.new
     end
 
     def new
       authorize :custom_emoji, :create?
-
       @custom_emoji = CustomEmoji.new
     end
 
@@ -32,17 +28,69 @@ module Admin
       end
     end
 
-    def batch
-      @form = Form::CustomEmojiBatch.new(form_custom_emoji_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.accounts.no_account_selected')
-    ensure
-      redirect_to admin_custom_emojis_path(filter_params)
+    def update
+      authorize @custom_emoji, :update?
+
+      if @custom_emoji.update(resource_params)
+        log_action :update, @custom_emoji
+        flash[:notice] = I18n.t('admin.custom_emojis.updated_msg')
+      else
+        flash[:alert] =  I18n.t('admin.custom_emojis.update_failed_msg')
+      end
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def destroy
+      authorize @custom_emoji, :destroy?
+      @custom_emoji.destroy!
+      log_action :destroy, @custom_emoji
+      flash[:notice] = I18n.t('admin.custom_emojis.destroyed_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def copy
+      authorize @custom_emoji, :copy?
+
+      emoji = CustomEmoji.find_or_initialize_by(domain: nil,
+                                                shortcode: @custom_emoji.shortcode)
+      emoji.image = @custom_emoji.image
+
+      if emoji.save
+        log_action :create, emoji
+        flash[:notice] = I18n.t('admin.custom_emojis.copied_msg')
+      else
+        flash[:alert] = I18n.t('admin.custom_emojis.copy_failed_msg')
+      end
+
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def enable
+      authorize @custom_emoji, :enable?
+      @custom_emoji.update!(disabled: false)
+      log_action :enable, @custom_emoji
+      flash[:notice] = I18n.t('admin.custom_emojis.enabled_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def disable
+      authorize @custom_emoji, :disable?
+      @custom_emoji.update!(disabled: true)
+      log_action :disable, @custom_emoji
+      flash[:notice] = I18n.t('admin.custom_emojis.disabled_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
     end
 
     private
 
+    def set_custom_emoji
+      @custom_emoji = CustomEmoji.find(params[:id])
+    end
+
+    def set_filter_params
+      @filter_params = filter_params.to_hash.symbolize_keys
+    end
+
     def resource_params
       params.require(:custom_emoji).permit(:shortcode, :image, :visible_in_picker)
     end
@@ -52,29 +100,12 @@ module Admin
     end
 
     def filter_params
-      params.slice(:local, :remote, :by_domain, :shortcode, :page).permit(:local, :remote, :by_domain, :shortcode, :page)
-    end
-
-    def action_from_button
-      if params[:update]
-        'update'
-      elsif params[:list]
-        'list'
-      elsif params[:unlist]
-        'unlist'
-      elsif params[:enable]
-        'enable'
-      elsif params[:disable]
-        'disable'
-      elsif params[:copy]
-        'copy'
-      elsif params[:delete]
-        'delete'
-      end
-    end
-
-    def form_custom_emoji_batch_params
-      params.require(:form_custom_emoji_batch).permit(:action, :category_id, :category_name, custom_emoji_ids: [])
+      params.permit(
+        :local,
+        :remote,
+        :by_domain,
+        :shortcode
+      )
     end
   end
 end

app/controllers/admin/dashboard_controller.rb

@@ -5,13 +5,12 @@ module Admin
   class DashboardController < BaseController
     def index
       @users_count           = User.count
-      @pending_users_count   = User.pending.count
       @registrations_week    = Redis.current.get("activity:accounts:local:#{current_week}") || 0
       @logins_week           = Redis.current.pfcount("activity:logins:#{current_week}")
       @interactions_week     = Redis.current.get("activity:interactions:#{current_week}") || 0
       @relay_enabled         = Relay.enabled.exists?
       @single_user_mode      = Rails.configuration.x.single_user_mode
-      @registrations_enabled = Setting.registrations_mode != 'none'
+      @registrations_enabled = Setting.open_registrations
       @deletions_enabled     = Setting.open_deletion
       @invites_enabled       = Setting.min_invite_role == 'user'
       @search_enabled        = Chewy.enabled?
@@ -20,7 +19,7 @@ module Admin
       @redis_version         = redis_info['redis_version']
       @reports_count         = Report.unresolved.count
       @queue_backlog         = Sidekiq::Stats.new.enqueued
-      @recent_users          = User.confirmed.recent.includes(:account).limit(8)
+      @recent_users          = User.confirmed.recent.includes(:account).limit(4)
       @database_size         = ActiveRecord::Base.connection.execute('SELECT pg_database_size(current_database())').first['pg_database_size']
       @redis_size            = redis_info['used_memory']
       @ldap_enabled          = ENV['LDAP_ENABLED'] == 'true'
@@ -28,14 +27,7 @@ module Admin
       @saml_enabled          = ENV['SAML_ENABLED'] == 'true'
       @pam_enabled           = ENV['PAM_ENABLED'] == 'true'
       @hidden_service        = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true'
-      @trending_hashtags     = TrendingTags.get(10, filtered: false)
-      @pending_tags_count    = Tag.pending_review.count
-      @authorized_fetch      = authorized_fetch_mode?
-      @whitelist_enabled     = whitelist_mode?
-      @profile_directory     = Setting.profile_directory
-      @timeline_preview      = Setting.timeline_preview
-      @spam_check_enabled    = Setting.spam_check_enabled
-      @trends_enabled        = Setting.trends
+      @trending_hashtags     = TrendingTags.get(7)
     end
 
     private
@@ -45,13 +37,7 @@ module Admin
     end
 
     def redis_info
-      @redis_info ||= begin
-        if Redis.current.is_a?(Redis::Namespace)
-          Redis.current.redis.info
-        else
-          Redis.current.info
-        end
-      end
+      @redis_info ||= Redis.current.info
     end
   end
 end

app/controllers/admin/domain_allows_controller.rb

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-class Admin::DomainAllowsController < Admin::BaseController
-  before_action :set_domain_allow, only: [:destroy]
-
-  def new
-    authorize :domain_allow, :create?
-
-    @domain_allow = DomainAllow.new(domain: params[:_domain])
-  end
-
-  def create
-    authorize :domain_allow, :create?
-
-    @domain_allow = DomainAllow.new(resource_params)
-
-    if @domain_allow.save
-      log_action :create, @domain_allow
-      redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.created_msg')
-    else
-      render :new
-    end
-  end
-
-  def destroy
-    authorize @domain_allow, :destroy?
-    UnallowDomainService.new.call(@domain_allow)
-    redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.destroyed_msg')
-  end
-
-  private
-
-  def set_domain_allow
-    @domain_allow = DomainAllow.find(params[:id])
-  end
-
-  def resource_params
-    params.require(:domain_allow).permit(:domain)
-  end
-end

app/controllers/admin/domain_blocks_controller.rb

@@ -2,56 +2,29 @@
 
 module Admin
   class DomainBlocksController < BaseController
-    before_action :set_domain_block, only: [:show, :destroy, :edit, :update]
+    before_action :set_domain_block, only: [:show, :destroy]
+
+    def index
+      authorize :domain_block, :index?
+      @domain_blocks = DomainBlock.page(params[:page])
+    end
 
     def new
       authorize :domain_block, :create?
-      @domain_block = DomainBlock.new(domain: params[:_domain])
-    end
-
-    def edit
-      authorize :domain_block, :create?
+      @domain_block = DomainBlock.new
     end
 
     def create
       authorize :domain_block, :create?
 
       @domain_block = DomainBlock.new(resource_params)
-      existing_domain_block = resource_params[:domain].present? ? DomainBlock.rule_for(resource_params[:domain]) : nil
-
-      if existing_domain_block.present? && !@domain_block.stricter_than?(existing_domain_block)
-        @domain_block.save
-        flash.now[:alert] = I18n.t('admin.domain_blocks.existing_domain_block_html', name: existing_domain_block.domain, unblock_url: admin_domain_block_path(existing_domain_block)).html_safe # rubocop:disable Rails/OutputSafety
-        @domain_block.errors[:domain].clear
-        render :new
-      else
-        if existing_domain_block.present?
-          @domain_block = existing_domain_block
-          @domain_block.update(resource_params)
-        end
-        if @domain_block.save
-          DomainBlockWorker.perform_async(@domain_block.id)
-          log_action :create, @domain_block
-          redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
-        else
-          render :new
-        end
-      end
-    end
-
-    def update
-      authorize :domain_block, :create?
-
-      @domain_block.update(update_params)
-
-      severity_changed = @domain_block.severity_changed?
 
       if @domain_block.save
-        DomainBlockWorker.perform_async(@domain_block.id, severity_changed)
+        DomainBlockWorker.perform_async(@domain_block.id)
         log_action :create, @domain_block
-        redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
+        redirect_to admin_domain_blocks_path, notice: I18n.t('admin.domain_blocks.created_msg')
       else
-        render :edit
+        render :new
       end
     end
 
@@ -61,9 +34,9 @@ module Admin
 
     def destroy
       authorize @domain_block, :destroy?
-      UnblockDomainService.new.call(@domain_block)
+      UnblockDomainService.new.call(@domain_block, retroactive_unblock?)
       log_action :destroy, @domain_block
-      redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.destroyed_msg')
+      redirect_to admin_domain_blocks_path, notice: I18n.t('admin.domain_blocks.destroyed_msg')
     end
 
     private
@@ -72,12 +45,12 @@ module Admin
       @domain_block = DomainBlock.find(params[:id])
     end
 
-    def update_params
-      params.require(:domain_block).permit(:severity, :reject_media, :reject_reports, :private_comment, :public_comment)
+    def resource_params
+      params.require(:domain_block).permit(:domain, :severity, :reject_media, :retroactive)
     end
 
-    def resource_params
-      params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment)
+    def retroactive_unblock?
+      ActiveRecord::Type.lookup(:boolean).cast(resource_params[:retroactive])
     end
   end
 end

app/controllers/admin/followers_controller.rb

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class FollowersController < BaseController
-    before_action :set_account
-
-    PER_PAGE = 40
-
-    def index
-      authorize :account, :index?
-      @followers = @account.followers.local.recent.page(params[:page]).per(PER_PAGE)
-    end
-
-    def set_account
-      @account = Account.find(params[:account_id])
-    end
-  end
-end

app/controllers/admin/instances_controller.rb

@@ -2,53 +2,22 @@
 
 module Admin
   class InstancesController < BaseController
-    before_action :set_domain_block, only: :show
-    before_action :set_domain_allow, only: :show
-    before_action :set_instance, only: :show
-
     def index
       authorize :instance, :index?
-
       @instances = ordered_instances
     end
 
-    def show
-      authorize :instance, :show?
-
-      @following_count = Follow.where(account: Account.where(domain: params[:id])).count
-      @followers_count = Follow.where(target_account: Account.where(domain: params[:id])).count
-      @reports_count   = Report.where(target_account: Account.where(domain: params[:id])).count
-      @blocks_count    = Block.where(target_account: Account.where(domain: params[:id])).count
-      @available       = DeliveryFailureTracker.available?(Account.select(:shared_inbox_url).where(domain: params[:id]).first&.shared_inbox_url)
-      @media_storage   = MediaAttachment.where(account: Account.where(domain: params[:id])).sum(:file_file_size)
-      @private_comment = @domain_block&.private_comment
-      @public_comment  = @domain_block&.public_comment
+    def resubscribe
+      authorize :instance, :resubscribe?
+      params.require(:by_domain)
+      Pubsubhubbub::SubscribeWorker.push_bulk(subscribeable_accounts.pluck(:id))
+      redirect_to admin_instances_path
     end
 
     private
 
-    def set_domain_block
-      @domain_block = DomainBlock.rule_for(params[:id])
-    end
-
-    def set_domain_allow
-      @domain_allow = DomainAllow.rule_for(params[:id])
-    end
-
-    def set_instance
-      resource   = Account.by_domain_accounts.find_by(domain: params[:id])
-      resource ||= @domain_block
-      resource ||= @domain_allow
-
-      if resource
-        @instance = Instance.new(resource)
-      else
-        not_found
-      end
-    end
-
     def filtered_instances
-      InstanceFilter.new(whitelist_mode? ? { allowed: true } : filter_params).results
+      InstanceFilter.new(filter_params).results
     end
 
     def paginated_instances
@@ -58,11 +27,17 @@ module Admin
     helper_method :paginated_instances
 
     def ordered_instances
-      paginated_instances.map { |resource| Instance.new(resource) }
+      paginated_instances.map { |account| Instance.new(account) }
+    end
+
+    def subscribeable_accounts
+      Account.with_followers.remote.where(domain: params[:by_domain])
     end
 
     def filter_params
-      params.permit(:limited, :by_domain)
+      params.permit(
+        :domain_name
+      )
     end
   end
 end

app/controllers/admin/pending_accounts_controller.rb

@@ -1,52 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class PendingAccountsController < BaseController
-    before_action :set_accounts, only: :index
-
-    def index
-      @form = Form::AccountBatch.new
-    end
-
-    def batch
-      @form = Form::AccountBatch.new(form_account_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.accounts.no_account_selected')
-    ensure
-      redirect_to admin_pending_accounts_path(current_params)
-    end
-
-    def approve_all
-      Form::AccountBatch.new(current_account: current_account, account_ids: User.pending.pluck(:account_id), action: 'approve').save
-      redirect_to admin_pending_accounts_path(current_params)
-    end
-
-    def reject_all
-      Form::AccountBatch.new(current_account: current_account, account_ids: User.pending.pluck(:account_id), action: 'reject').save
-      redirect_to admin_pending_accounts_path(current_params)
-    end
-
-    private
-
-    def set_accounts
-      @accounts = Account.joins(:user).merge(User.pending.recent).includes(user: :invite_request).page(params[:page])
-    end
-
-    def form_account_batch_params
-      params.require(:form_account_batch).permit(:action, account_ids: [])
-    end
-
-    def action_from_button
-      if params[:approve]
-        'approve'
-      elsif params[:reject]
-        'reject'
-      end
-    end
-
-    def current_params
-      params.slice(:page).permit(:page)
-    end
-  end
-end

app/controllers/admin/relays_controller.rb

@@ -3,7 +3,6 @@
 module Admin
   class RelaysController < BaseController
     before_action :set_relay, except: [:index, :new, :create]
-    before_action :require_signatures_enabled!, only: [:new, :create, :enable]
 
     def index
       authorize :relay, :update?
@@ -12,7 +11,7 @@ module Admin
 
     def new
       authorize :relay, :update?
-      @relay = Relay.new
+      @relay = Relay.new(inbox_url: Relay::PRESET_RELAY)
     end
 
     def create
@@ -55,9 +54,5 @@ module Admin
     def resource_params
       params.require(:relay).permit(:inbox_url)
     end
-
-    def require_signatures_enabled!
-      redirect_to admin_relays_path, alert: I18n.t('admin.relays.signatures_not_enabled') if authorized_fetch_mode?
-    end
   end
 end

app/controllers/admin/report_notes_controller.rb

@@ -5,10 +5,10 @@ module Admin
     before_action :set_report_note, only: [:destroy]
 
     def create
-      authorize :report_note, :create?
+      authorize ReportNote, :create?
 
       @report_note = current_account.report_notes.new(resource_params)
-      @report      = @report_note.report
+      @report = @report_note.report
 
       if @report_note.save
         if params[:create_and_resolve]
@@ -26,8 +26,9 @@ module Admin
 
         redirect_to admin_report_path(@report), notice: I18n.t('admin.report_notes.created_msg')
       else
-        @report_notes = (@report.notes.latest + @report.history + @report.target_account.targeted_account_warnings.latest.custom).sort_by(&:created_at)
-        @form         = Form::StatusBatch.new
+        @report_notes = @report.notes.latest
+        @report_history = @report.history
+        @form = Form::StatusBatch.new
 
         render template: 'admin/reports/show'
       end

app/controllers/admin/reported_statuses_controller.rb

@@ -10,10 +10,6 @@ module Admin
       @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account, action: action_from_button))
       flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save
 
-      redirect_to admin_report_path(@report)
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.statuses.no_status_selected')
-
       redirect_to admin_report_path(@report)
     end
 

app/controllers/admin/reports_controller.rb

@@ -13,42 +13,66 @@ module Admin
       authorize @report, :show?
 
       @report_note  = @report.notes.new
-      @report_notes = (@report.notes.latest + @report.history + @report.target_account.targeted_account_warnings.latest.custom).sort_by(&:created_at)
+      @report_notes = (@report.notes.latest + @report.history).sort_by(&:created_at)
       @form         = Form::StatusBatch.new
     end
 
-    def assign_to_self
+    def update
       authorize @report, :update?
-      @report.update!(assigned_account_id: current_account.id)
-      log_action :assigned_to_self, @report
-      redirect_to admin_report_path(@report)
-    end
+      process_report
 
-    def unassign
-      authorize @report, :update?
-      @report.update!(assigned_account_id: nil)
-      log_action :unassigned, @report
-      redirect_to admin_report_path(@report)
-    end
-
-    def reopen
-      authorize @report, :update?
-      @report.unresolve!
-      log_action :reopen, @report
-      redirect_to admin_report_path(@report)
-    end
-
-    def resolve
-      authorize @report, :update?
-      @report.resolve!(current_account)
-      log_action :resolve, @report
-      redirect_to admin_reports_path, notice: I18n.t('admin.reports.resolved_msg')
+      if @report.action_taken?
+        redirect_to admin_reports_path, notice: I18n.t('admin.reports.resolved_msg')
+      else
+        redirect_to admin_report_path(@report)
+      end
     end
 
     private
 
+    def process_report
+      case params[:outcome].to_s
+      when 'assign_to_self'
+        @report.update!(assigned_account_id: current_account.id)
+        log_action :assigned_to_self, @report
+      when 'unassign'
+        @report.update!(assigned_account_id: nil)
+        log_action :unassigned, @report
+      when 'reopen'
+        @report.unresolve!
+        log_action :reopen, @report
+      when 'resolve'
+        @report.resolve!(current_account)
+        log_action :resolve, @report
+      when 'silence'
+        @report.resolve!(current_account)
+        @report.target_account.update!(silenced: true)
+
+        log_action :resolve, @report
+        log_action :silence, @report.target_account
+
+        resolve_all_target_account_reports
+      else
+        raise ActiveRecord::RecordNotFound
+      end
+      @report.reload
+    end
+
+    def resolve_all_target_account_reports
+      unresolved_reports_for_target_account.update_all(action_taken: true, action_taken_by_account_id: current_account.id)
+    end
+
+    def unresolved_reports_for_target_account
+      Report.where(
+        target_account: @report.target_account
+      ).unresolved
+    end
+
     def filtered_reports
-      ReportFilter.new(filter_params).results.order(id: :desc).includes(:account, :target_account)
+      ReportFilter.new(filter_params).results.order(id: :desc).includes(
+        :account,
+        :target_account
+      )
     end
 
     def filter_params

app/controllers/admin/resets_controller.rb

@@ -10,5 +10,11 @@ module Admin
       log_action :reset_password, @user
       redirect_to admin_accounts_path
     end
+
+    private
+
+    def set_user
+      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
+    end
   end
 end

app/controllers/admin/roles_controller.rb

@@ -17,5 +17,11 @@ module Admin
       log_action :demote, @user
       redirect_to admin_account_path(@user.account_id)
     end
+
+    private
+
+    def set_user
+      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
+    end
   end
 end

app/controllers/admin/settings_controller.rb

@@ -2,29 +2,81 @@
 
 module Admin
   class SettingsController < BaseController
+    ADMIN_SETTINGS = %w(
+      site_contact_username
+      site_contact_email
+      site_title
+      site_short_description
+      site_description
+      site_extended_description
+      site_terms
+      open_registrations
+      closed_registrations_message
+      open_deletion
+      timeline_preview
+      show_staff_badge
+      bootstrap_timeline_accounts
+      theme
+      thumbnail
+      hero
+      min_invite_role
+      activity_api_enabled
+      peers_api_enabled
+      show_known_fediverse_at_about_page
+      preview_sensitive_media
+      custom_css
+    ).freeze
+
+    BOOLEAN_SETTINGS = %w(
+      open_registrations
+      open_deletion
+      timeline_preview
+      show_staff_badge
+      activity_api_enabled
+      peers_api_enabled
+      show_known_fediverse_at_about_page
+      preview_sensitive_media
+    ).freeze
+
+    UPLOAD_SETTINGS = %w(
+      thumbnail
+      hero
+    ).freeze
+
     def edit
       authorize :settings, :show?
-
       @admin_settings = Form::AdminSettings.new
     end
 
     def update
       authorize :settings, :update?
 
-      @admin_settings = Form::AdminSettings.new(settings_params)
-
-      if @admin_settings.save
-        flash[:notice] = I18n.t('generic.changes_saved_msg')
-        redirect_to edit_admin_settings_path
-      else
-        render :edit
+      settings_params.each do |key, value|
+        if UPLOAD_SETTINGS.include?(key)
+          upload = SiteUpload.where(var: key).first_or_initialize(var: key)
+          upload.update(file: value)
+        else
+          setting = Setting.where(var: key).first_or_initialize(var: key)
+          setting.update(value: value_for_update(key, value))
+        end
       end
+
+      flash[:notice] = I18n.t('generic.changes_saved_msg')
+      redirect_to edit_admin_settings_path
     end
 
     private
 
     def settings_params
-      params.require(:form_admin_settings).permit(*Form::AdminSettings::KEYS)
+      params.require(:form_admin_settings).permit(ADMIN_SETTINGS)
+    end
+
+    def value_for_update(key, value)
+      if BOOLEAN_SETTINGS.include?(key)
+        value == '1'
+      else
+        value
+      end
     end
   end
 end

app/controllers/admin/silences_controller.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Admin
+  class SilencesController < BaseController
+    before_action :set_account
+
+    def create
+      authorize @account, :silence?
+      @account.update!(silenced: true)
+      log_action :silence, @account
+      redirect_to admin_accounts_path
+    end
+
+    def destroy
+      authorize @account, :unsilence?
+      @account.update!(silenced: false)
+      log_action :unsilence, @account
+      redirect_to admin_accounts_path
+    end
+
+    private
+
+    def set_account
+      @account = Account.find(params[:account_id])
+    end
+  end
+end

app/controllers/admin/statuses_controller.rb

@@ -22,15 +22,6 @@ module Admin
       @form     = Form::StatusBatch.new
     end
 
-    def show
-      authorize :status, :index?
-
-      @statuses = @account.statuses.where(id: params[:id])
-      authorize @statuses.first, :show?
-
-      @form = Form::StatusBatch.new
-    end
-
     def create
       authorize :status, :update?
 

app/controllers/admin/suspensions_controller.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+module Admin
+  class SuspensionsController < BaseController
+    before_action :set_account
+
+    def new
+      @suspension = Form::AdminSuspensionConfirmation.new(report_id: params[:report_id])
+    end
+
+    def create
+      authorize @account, :suspend?
+
+      @suspension = Form::AdminSuspensionConfirmation.new(suspension_params)
+
+      if suspension_params[:acct] == @account.acct
+        resolve_report! if suspension_params[:report_id].present?
+        perform_suspend!
+        mark_reports_resolved!
+        redirect_to admin_accounts_path
+      else
+        flash.now[:alert] = I18n.t('admin.suspensions.bad_acct_msg')
+        render :new
+      end
+    end
+
+    def destroy
+      authorize @account, :unsuspend?
+      @account.unsuspend!
+      log_action :unsuspend, @account
+      redirect_to admin_accounts_path
+    end
+
+    private
+
+    def set_account
+      @account = Account.find(params[:account_id])
+    end
+
+    def suspension_params
+      params.require(:form_admin_suspension_confirmation).permit(:acct, :report_id)
+    end
+
+    def resolve_report!
+      report = Report.find(suspension_params[:report_id])
+      report.resolve!(current_account)
+      log_action :resolve, report
+    end
+
+    def perform_suspend!
+      @account.suspend!
+      Admin::SuspensionWorker.perform_async(@account.id)
+      log_action :suspend, @account
+    end
+
+    def mark_reports_resolved!
+      Report.where(target_account: @account).unresolved.update_all(action_taken: true, action_taken_by_account_id: current_account.id)
+    end
+  end
+end

app/controllers/admin/tags_controller.rb

@@ -1,103 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class TagsController < BaseController
-    before_action :set_tag, except: [:index, :batch, :approve_all, :reject_all]
-    before_action :set_usage_by_domain, except: [:index, :batch, :approve_all, :reject_all]
-    before_action :set_counters, except: [:index, :batch, :approve_all, :reject_all]
-
-    def index
-      authorize :tag, :index?
-
-      @tags = filtered_tags.page(params[:page])
-      @form = Form::TagBatch.new
-    end
-
-    def batch
-      @form = Form::TagBatch.new(form_tag_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.accounts.no_account_selected')
-    ensure
-      redirect_to admin_tags_path(filter_params)
-    end
-
-    def approve_all
-      Form::TagBatch.new(current_account: current_account, tag_ids: Tag.pending_review.pluck(:id), action: 'approve').save
-      redirect_to admin_tags_path(filter_params)
-    end
-
-    def reject_all
-      Form::TagBatch.new(current_account: current_account, tag_ids: Tag.pending_review.pluck(:id), action: 'reject').save
-      redirect_to admin_tags_path(filter_params)
-    end
-
-    def show
-      authorize @tag, :show?
-    end
-
-    def update
-      authorize @tag, :update?
-
-      if @tag.update(tag_params.merge(reviewed_at: Time.now.utc))
-        redirect_to admin_tag_path(@tag.id), notice: I18n.t('admin.tags.updated_msg')
-      else
-        render :show
-      end
-    end
-
-    private
-
-    def set_tag
-      @tag = Tag.find(params[:id])
-    end
-
-    def set_usage_by_domain
-      @usage_by_domain = @tag.statuses
-                             .with_public_visibility
-                             .excluding_silenced_accounts
-                             .where(Status.arel_table[:id].gteq(Mastodon::Snowflake.id_at(Time.now.utc.beginning_of_day)))
-                             .joins(:account)
-                             .group('accounts.domain')
-                             .reorder('statuses_count desc')
-                             .pluck('accounts.domain, count(*) AS statuses_count')
-    end
-
-    def set_counters
-      @accounts_today = @tag.history.first[:accounts]
-      @accounts_week  = Redis.current.pfcount(*current_week_days.map { |day| "activity:tags:#{@tag.id}:#{day}:accounts" })
-    end
-
-    def filtered_tags
-      TagFilter.new(filter_params).results
-    end
-
-    def filter_params
-      params.slice(:directory, :reviewed, :unreviewed, :pending_review, :page, :popular, :active, :name).permit(:directory, :reviewed, :unreviewed, :pending_review, :page, :popular, :active, :name)
-    end
-
-    def tag_params
-      params.require(:tag).permit(:name, :trendable, :usable, :listable)
-    end
-
-    def current_week_days
-      now = Time.now.utc.beginning_of_day.to_date
-
-      (Date.commercial(now.cwyear, now.cweek)..now).map do |date|
-        date.to_time(:utc).beginning_of_day.to_i
-      end
-    end
-
-    def form_tag_batch_params
-      params.require(:form_tag_batch).permit(:action, tag_ids: [])
-    end
-
-    def action_from_button
-      if params[:approve]
-        'approve'
-      elsif params[:reject]
-        'reject'
-      end
-    end
-  end
-end

app/controllers/admin/two_factor_authentications_controller.rb

@@ -2,19 +2,18 @@
 
 module Admin
   class TwoFactorAuthenticationsController < BaseController
-    before_action :set_target_user
+    before_action :set_user
 
     def destroy
       authorize @user, :disable_2fa?
       @user.disable_two_factor!
       log_action :disable_2fa, @user
-      UserMailer.two_factor_disabled(@user).deliver_later!
       redirect_to admin_accounts_path
     end
 
     private
 
-    def set_target_user
+    def set_user
       @user = User.find(params[:user_id])
     end
   end

app/controllers/admin/warning_presets_controller.rb

@@ -1,58 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class WarningPresetsController < BaseController
-    before_action :set_warning_preset, except: [:index, :create]
-
-    def index
-      authorize :account_warning_preset, :index?
-
-      @warning_presets = AccountWarningPreset.all
-      @warning_preset  = AccountWarningPreset.new
-    end
-
-    def create
-      authorize :account_warning_preset, :create?
-
-      @warning_preset = AccountWarningPreset.new(warning_preset_params)
-
-      if @warning_preset.save
-        redirect_to admin_warning_presets_path
-      else
-        @warning_presets = AccountWarningPreset.all
-        render :index
-      end
-    end
-
-    def edit
-      authorize @warning_preset, :update?
-    end
-
-    def update
-      authorize @warning_preset, :update?
-
-      if @warning_preset.update(warning_preset_params)
-        redirect_to admin_warning_presets_path
-      else
-        render :edit
-      end
-    end
-
-    def destroy
-      authorize @warning_preset, :destroy?
-
-      @warning_preset.destroy!
-      redirect_to admin_warning_presets_path
-    end
-
-    private
-
-    def set_warning_preset
-      @warning_preset = AccountWarningPreset.find(params[:id])
-    end
-
-    def warning_preset_params
-      params.require(:account_warning_preset).permit(:text)
-    end
-  end
-end

app/controllers/api/base_controller.rb

@@ -7,15 +7,10 @@ class Api::BaseController < ApplicationController
   include RateLimitHeaders
 
   skip_before_action :store_current_location
-  skip_before_action :require_functional!
-
-  before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
-  before_action :set_cache_headers
+  skip_before_action :check_user_permissions
 
   protect_from_forgery with: :null_session
 
-  skip_around_action :set_locale
-
   rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
     render json: { error: e.to_s }, status: 422
   end
@@ -36,14 +31,6 @@ class Api::BaseController < ApplicationController
     render json: { error: 'This action is not allowed' }, status: 403
   end
 
-  rescue_from Mastodon::RaceConditionError do
-    render json: { error: 'There was a temporary problem serving your request, please try again' }, status: 503
-  end
-
-  rescue_from ActionController::ParameterMissing do |e|
-    render json: { error: e.to_s }, status: 400
-  end
-
   def doorkeeper_unauthorized_render_options(error: nil)
     { json: { error: (error.try(:description) || 'Not authorized') } }
   end
@@ -66,8 +53,8 @@ class Api::BaseController < ApplicationController
     [params[:limit].to_i.abs, default_limit * 2].min
   end
 
-  def params_slice(*keys)
-    params.slice(*keys).permit(*keys)
+  def truthy_param?(key)
+    ActiveModel::Type::Boolean.new.cast(params[key])
   end
 
   def current_resource_owner
@@ -80,21 +67,13 @@ class Api::BaseController < ApplicationController
     nil
   end
 
-  def require_authenticated_user!
-    render json: { error: 'This API requires an authenticated user' }, status: 401 unless current_user
-  end
-
   def require_user!
-    if !current_user
-      render json: { error: 'This method requires an authenticated user' }, status: 422
-    elsif current_user.disabled?
-      render json: { error: 'Your login is currently disabled' }, status: 403
-    elsif !current_user.confirmed?
-      render json: { error: 'Your login is missing a confirmed e-mail address' }, status: 403
-    elsif !current_user.approved?
-      render json: { error: 'Your login is currently pending approval' }, status: 403
-    else
+    if current_user && !current_user.disabled?
       set_user_activity
+    elsif current_user
+      render json: { error: 'Your login is currently disabled' }, status: 403
+    else
+      render json: { error: 'This method requires an authenticated user' }, status: 422
     end
   end
 
@@ -105,12 +84,4 @@ class Api::BaseController < ApplicationController
   def authorize_if_got_token!(*scopes)
     doorkeeper_authorize!(*scopes) if doorkeeper_token
   end
-
-  def set_cache_headers
-    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
-  end
-
-  def disallow_unauthenticated_api_access?
-    authorized_fetch_mode?
-  end
 end

app/controllers/api/proofs_controller.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-class Api::ProofsController < Api::BaseController
-  include AccountOwnedConcern
-
-  before_action :set_provider
-
-  def index
-    render json: @account, serializer: @provider.serializer_class
-  end
-
-  private
-
-  def set_provider
-    @provider = ProofProvider.find(params[:provider]) || raise(ActiveRecord::RecordNotFound)
-  end
-
-  def username_param
-    params[:username]
-  end
-end

app/controllers/api/push_controller.rb

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+class Api::PushController < Api::BaseController
+  include SignatureVerification
+
+  def update
+    response, status = process_push_request
+    render plain: response, status: status
+  end
+
+  private
+
+  def process_push_request
+    case hub_mode
+    when 'subscribe'
+      Pubsubhubbub::SubscribeService.new.call(account_from_topic, hub_callback, hub_secret, hub_lease_seconds, verified_domain)
+    when 'unsubscribe'
+      Pubsubhubbub::UnsubscribeService.new.call(account_from_topic, hub_callback)
+    else
+      ["Unknown mode: #{hub_mode}", 422]
+    end
+  end
+
+  def hub_mode
+    params['hub.mode']
+  end
+
+  def hub_topic
+    params['hub.topic']
+  end
+
+  def hub_callback
+    params['hub.callback']
+  end
+
+  def hub_lease_seconds
+    params['hub.lease_seconds']
+  end
+
+  def hub_secret
+    params['hub.secret']
+  end
+
+  def account_from_topic
+    if hub_topic.present? && local_domain? && account_feed_path?
+      Account.find_local(hub_topic_params[:username])
+    end
+  end
+
+  def hub_topic_params
+    @_hub_topic_params ||= Rails.application.routes.recognize_path(hub_topic_uri.path)
+  end
+
+  def hub_topic_uri
+    @_hub_topic_uri ||= Addressable::URI.parse(hub_topic).normalize
+  end
+
+  def local_domain?
+    TagManager.instance.web_domain?(hub_topic_domain)
+  end
+
+  def verified_domain
+    return signed_request_account.domain if signed_request_account
+  end
+
+  def hub_topic_domain
+    hub_topic_uri.host + (hub_topic_uri.port ? ":#{hub_topic_uri.port}" : '')
+  end
+
+  def account_feed_path?
+    hub_topic_params[:controller] == 'accounts' && hub_topic_params[:action] == 'show' && hub_topic_params[:format] == 'atom'
+  end
+end

app/controllers/api/salmon_controller.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+class Api::SalmonController < Api::BaseController
+  include SignatureVerification
+
+  before_action :set_account
+  respond_to :txt
+
+  def update
+    if verify_payload?
+      process_salmon
+      head 202
+    elsif payload.present?
+      render plain: signature_verification_failure_reason, status: 401
+    else
+      head 400
+    end
+  end
+
+  private
+
+  def set_account
+    @account = Account.find(params[:id])
+  end
+
+  def payload
+    @_payload ||= request.body.read
+  end
+
+  def verify_payload?
+    payload.present? && VerifySalmonService.new.call(payload)
+  end
+
+  def process_salmon
+    SalmonWorker.perform_async(@account.id, payload.force_encoding('UTF-8'))
+  end
+end

app/controllers/api/subscriptions_controller.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+class Api::SubscriptionsController < Api::BaseController
+  before_action :set_account
+  respond_to :txt
+
+  def show
+    if subscription.valid?(params['hub.topic'])
+      @account.update(subscription_expires_at: future_expires)
+      render plain: encoded_challenge, status: 200
+    else
+      head 404
+    end
+  end
+
+  def update
+    if subscription.verify(body, request.headers['HTTP_X_HUB_SIGNATURE'])
+      ProcessingWorker.perform_async(@account.id, body.force_encoding('UTF-8'))
+    end
+
+    head 200
+  end
+
+  private
+
+  def subscription
+    @_subscription ||= @account.subscription(
+      api_subscription_url(@account.id)
+    )
+  end
+
+  def body
+    @_body ||= request.body.read
+  end
+
+  def encoded_challenge
+    HTMLEntities.new.encode(params['hub.challenge'])
+  end
+
+  def future_expires
+    Time.now.utc + lease_seconds_or_default
+  end
+
+  def lease_seconds_or_default
+    (params['hub.lease_seconds'] || 1.day).to_i.seconds
+  end
+
+  def set_account
+    @account = Account.find(params[:id])
+  end
+end

app/controllers/api/v1/accounts/credentials_controller.rb

@@ -21,7 +21,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   private
 
   def account_params
-    params.permit(:display_name, :note, :avatar, :header, :locked, :bot, :discoverable, fields_attributes: [:name, :value])
+    params.permit(:display_name, :note, :avatar, :header, :locked, :bot, fields_attributes: [:name, :value])
   end
 
   def user_settings_params

app/controllers/api/v1/accounts/follower_accounts_controller.rb

@@ -19,17 +19,13 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
   end
 
   def load_accounts
-    return [] if hide_results?
+    return [] if @account.user_hides_network? && current_account.id != @account.id
 
     default_accounts.merge(paginated_follows).to_a
   end
 
-  def hide_results?
-    (@account.user_hides_network? && current_account.id != @account.id) || (current_account && @account.blocking?(current_account))
-  end
-
   def default_accounts
-    Account.includes(:active_relationships, :account_stat).references(:active_relationships)
+    Account.includes(:active_relationships).references(:active_relationships)
   end
 
   def paginated_follows

app/controllers/api/v1/accounts/following_accounts_controller.rb

@@ -19,17 +19,13 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
   end
 
   def load_accounts
-    return [] if hide_results?
+    return [] if @account.user_hides_network? && current_account.id != @account.id
 
     default_accounts.merge(paginated_follows).to_a
   end
 
-  def hide_results?
-    (@account.user_hides_network? && current_account.id != @account.id) || (current_account && @account.blocking?(current_account))
-  end
-
   def default_accounts
-    Account.includes(:passive_relationships, :account_stat).references(:passive_relationships)
+    Account.includes(:passive_relationships).references(:passive_relationships)
   end
 
   def paginated_follows

app/controllers/api/v1/accounts/identity_proofs_controller.rb

@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Accounts::IdentityProofsController < Api::BaseController
-  before_action :require_user!
-  before_action :set_account
-
-  respond_to :json
-
-  def index
-    @proofs = @account.identity_proofs.active
-    render json: @proofs, each_serializer: REST::IdentityProofSerializer
-  end
-
-  private
-
-  def set_account
-    @account = Account.find(params[:account_id])
-  end
-end

app/controllers/api/v1/accounts/search_controller.rb

@@ -16,11 +16,10 @@ class Api::V1::Accounts::SearchController < Api::BaseController
   def account_search
     AccountSearchService.new.call(
       params[:q],
+      limit_param(DEFAULT_ACCOUNTS_LIMIT),
       current_account,
-      limit: limit_param(DEFAULT_ACCOUNTS_LIMIT),
       resolve: truthy_param?(:resolve),
-      following: truthy_param?(:following),
-      offset: params[:offset]
+      following: truthy_param?(:following)
     )
   end
 end

app/controllers/api/v1/accounts/statuses_controller.rb

@@ -1,10 +1,9 @@
 # frozen_string_literal: true
 
 class Api::V1::Accounts::StatusesController < Api::BaseController
-  before_action -> { authorize_if_got_token! :read, :'read:statuses' }
+  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
   before_action :set_account
-
-  after_action :insert_pagination_headers, unless: -> { truthy_param?(:pinned) }
+  after_action :insert_pagination_headers
 
   respond_to :json
 
@@ -29,13 +28,16 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
 
   def account_statuses
     statuses = truthy_param?(:pinned) ? pinned_scope : permitted_account_statuses
+    statuses = statuses.paginate_by_max_id(
+      limit_param(DEFAULT_STATUSES_LIMIT),
+      params[:max_id],
+      params[:since_id]
+    )
 
     statuses.merge!(only_media_scope) if truthy_param?(:only_media)
     statuses.merge!(no_replies_scope) if truthy_param?(:exclude_replies)
-    statuses.merge!(no_reblogs_scope) if truthy_param?(:exclude_reblogs)
-    statuses.merge!(hashtag_scope)    if params[:tagged].present?
 
-    statuses.paginate_by_id(limit_param(DEFAULT_STATUSES_LIMIT), params_slice(:max_id, :since_id, :min_id))
+    statuses
   end
 
   def permitted_account_statuses
@@ -51,14 +53,12 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
     # Also, Avoid getting slow by not narrowing down by `statuses.account_id`.
     # When narrowing down by `statuses.account_id`, `index_statuses_20180106` will be used
     # and the table will be joined by `Merge Semi Join`, so the query will be slow.
-    @account.statuses.joins(:media_attachments).merge(@account.media_attachments).permitted_for(@account, current_account)
-            .paginate_by_max_id(limit_param(DEFAULT_STATUSES_LIMIT), params[:max_id], params[:since_id])
-            .reorder(id: :desc).distinct(:id).pluck(:id)
+    Status.joins(:media_attachments).merge(@account.media_attachments).permitted_for(@account, current_account)
+          .paginate_by_max_id(limit_param(DEFAULT_STATUSES_LIMIT), params[:max_id], params[:since_id])
+          .reorder(id: :desc).distinct(:id).pluck(:id)
   end
 
   def pinned_scope
-    return Status.none if @account.blocking?(current_account)
-
     @account.pinned_statuses
   end
 
@@ -66,20 +66,6 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
     Status.without_replies
   end
 
-  def no_reblogs_scope
-    Status.without_reblogs
-  end
-
-  def hashtag_scope
-    tag = Tag.find_normalized(params[:tagged])
-
-    if tag
-      Status.tagged_with(tag.id)
-    else
-      Status.none
-    end
-  end
-
   def pagination_params(core_params)
     params.slice(:limit, :only_media, :exclude_replies).permit(:limit, :only_media, :exclude_replies).merge(core_params)
   end
@@ -96,7 +82,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
 
   def prev_path
     unless @statuses.empty?
-      api_v1_account_statuses_url pagination_params(min_id: pagination_since_id)
+      api_v1_account_statuses_url pagination_params(since_id: pagination_since_id)
     end
   end
 

app/controllers/api/v1/accounts_controller.rb

@@ -1,18 +1,14 @@
 # frozen_string_literal: true
 
 class Api::V1::AccountsController < Api::BaseController
-  before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:create, :follow, :unfollow, :block, :unblock, :mute, :unmute]
+  before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
   before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, only: [:follow, :unfollow]
   before_action -> { doorkeeper_authorize! :follow, :'write:mutes' }, only: [:mute, :unmute]
   before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, only: [:block, :unblock]
-  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:create]
 
-  before_action :require_user!, except: [:show, :create]
-  before_action :set_account, except: [:create]
+  before_action :require_user!, except: [:show]
+  before_action :set_account
   before_action :check_account_suspension, only: [:show]
-  before_action :check_enabled_registrations, only: [:create]
-
-  skip_before_action :require_authenticated_user!, only: :create
 
   respond_to :json
 
@@ -20,20 +16,10 @@ class Api::V1::AccountsController < Api::BaseController
     render json: @account, serializer: REST::AccountSerializer
   end
 
-  def create
-    token    = AppSignUpService.new.call(doorkeeper_token.application, account_params)
-    response = Doorkeeper::OAuth::TokenResponse.new(token)
-
-    headers.merge!(response.headers)
-
-    self.response_body = Oj.dump(response.body)
-    self.status        = response.status
-  end
-
   def follow
-    FollowService.new.call(current_user.account, @account, reblogs: truthy_param?(:reblogs))
+    FollowService.new.call(current_user.account, @account.acct, reblogs: truthy_param?(:reblogs))
 
-    options = @account.locked? || current_user.account.silenced? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } }
+    options = @account.locked? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } }
 
     render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships(options)
   end
@@ -76,16 +62,4 @@ class Api::V1::AccountsController < Api::BaseController
   def check_account_suspension
     gone if @account.suspended?
   end
-
-  def account_params
-    params.permit(:username, :email, :password, :agreement, :locale, :reason)
-  end
-
-  def check_enabled_registrations
-    forbidden if single_user_mode? || !allowed_registrations?
-  end
-
-  def allowed_registrations?
-    Setting.registrations_mode != 'none'
-  end
 end

app/controllers/api/v1/admin/account_actions_controller.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Admin::AccountActionsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :'admin:write', :'admin:write:accounts' }
-  before_action :require_staff!
-  before_action :set_account
-
-  def create
-    account_action                 = Admin::AccountAction.new(resource_params)
-    account_action.target_account  = @account
-    account_action.current_account = current_account
-    account_action.save!
-
-    render_empty
-  end
-
-  private
-
-  def set_account
-    @account = Account.find(params[:account_id])
-  end
-
-  def resource_params
-    params.permit(
-      :type,
-      :report_id,
-      :warning_preset_id,
-      :text,
-      :send_email_notification
-    )
-  end
-end

app/controllers/api/v1/admin/accounts_controller.rb

@@ -1,128 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Admin::AccountsController < Api::BaseController
-  include Authorization
-  include AccountableConcern
-
-  LIMIT = 100
-
-  before_action -> { doorkeeper_authorize! :'admin:read', :'admin:read:accounts' }, only: [:index, :show]
-  before_action -> { doorkeeper_authorize! :'admin:write', :'admin:write:accounts' }, except: [:index, :show]
-  before_action :require_staff!
-  before_action :set_accounts, only: :index
-  before_action :set_account, except: :index
-  before_action :require_local_account!, only: [:enable, :approve, :reject]
-
-  after_action :insert_pagination_headers, only: :index
-
-  FILTER_PARAMS = %i(
-    local
-    remote
-    by_domain
-    active
-    pending
-    disabled
-    silenced
-    suspended
-    username
-    display_name
-    email
-    ip
-    staff
-  ).freeze
-
-  PAGINATION_PARAMS = (%i(limit) + FILTER_PARAMS).freeze
-
-  def index
-    authorize :account, :index?
-    render json: @accounts, each_serializer: REST::Admin::AccountSerializer
-  end
-
-  def show
-    authorize @account, :show?
-    render json: @account, serializer: REST::Admin::AccountSerializer
-  end
-
-  def enable
-    authorize @account.user, :enable?
-    @account.user.enable!
-    log_action :enable, @account.user
-    render json: @account, serializer: REST::Admin::AccountSerializer
-  end
-
-  def approve
-    authorize @account.user, :approve?
-    @account.user.approve!
-    render json: @account, serializer: REST::Admin::AccountSerializer
-  end
-
-  def reject
-    authorize @account.user, :reject?
-    SuspendAccountService.new.call(@account, reserve_email: false, reserve_username: false)
-    render json: @account, serializer: REST::Admin::AccountSerializer
-  end
-
-  def unsilence
-    authorize @account, :unsilence?
-    @account.unsilence!
-    log_action :unsilence, @account
-    render json: @account, serializer: REST::Admin::AccountSerializer
-  end
-
-  def unsuspend
-    authorize @account, :unsuspend?
-    @account.unsuspend!
-    log_action :unsuspend, @account
-    render json: @account, serializer: REST::Admin::AccountSerializer
-  end
-
-  private
-
-  def set_accounts
-    @accounts = filtered_accounts.order(id: :desc).includes(user: [:invite_request, :invite]).paginate_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
-  end
-
-  def set_account
-    @account = Account.find(params[:id])
-  end
-
-  def filtered_accounts
-    AccountFilter.new(filter_params).results
-  end
-
-  def filter_params
-    params.permit(*FILTER_PARAMS)
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def next_path
-    api_v1_admin_accounts_url(pagination_params(max_id: pagination_max_id)) if records_continue?
-  end
-
-  def prev_path
-    api_v1_admin_accounts_url(pagination_params(min_id: pagination_since_id)) unless @accounts.empty?
-  end
-
-  def pagination_max_id
-    @accounts.last.id
-  end
-
-  def pagination_since_id
-    @accounts.first.id
-  end
-
-  def records_continue?
-    @accounts.size == limit_param(LIMIT)
-  end
-
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
-
-  def require_local_account!
-    forbidden unless @account.local? && @account.user.present?
-  end
-end

app/controllers/api/v1/admin/reports_controller.rb

@@ -1,108 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Admin::ReportsController < Api::BaseController
-  include Authorization
-  include AccountableConcern
-
-  LIMIT = 100
-
-  before_action -> { doorkeeper_authorize! :'admin:read', :'admin:read:reports' }, only: [:index, :show]
-  before_action -> { doorkeeper_authorize! :'admin:write', :'admin:write:reports' }, except: [:index, :show]
-  before_action :require_staff!
-  before_action :set_reports, only: :index
-  before_action :set_report, except: :index
-
-  after_action :insert_pagination_headers, only: :index
-
-  FILTER_PARAMS = %i(
-    resolved
-    account_id
-    target_account_id
-  ).freeze
-
-  PAGINATION_PARAMS = (%i(limit) + FILTER_PARAMS).freeze
-
-  def index
-    authorize :report, :index?
-    render json: @reports, each_serializer: REST::Admin::ReportSerializer
-  end
-
-  def show
-    authorize @report, :show?
-    render json: @report, serializer: REST::Admin::ReportSerializer
-  end
-
-  def assign_to_self
-    authorize @report, :update?
-    @report.update!(assigned_account_id: current_account.id)
-    log_action :assigned_to_self, @report
-    render json: @report, serializer: REST::Admin::ReportSerializer
-  end
-
-  def unassign
-    authorize @report, :update?
-    @report.update!(assigned_account_id: nil)
-    log_action :unassigned, @report
-    render json: @report, serializer: REST::Admin::ReportSerializer
-  end
-
-  def reopen
-    authorize @report, :update?
-    @report.unresolve!
-    log_action :reopen, @report
-    render json: @report, serializer: REST::Admin::ReportSerializer
-  end
-
-  def resolve
-    authorize @report, :update?
-    @report.resolve!(current_account)
-    log_action :resolve, @report
-    render json: @report, serializer: REST::Admin::ReportSerializer
-  end
-
-  private
-
-  def set_reports
-    @reports = filtered_reports.order(id: :desc).with_accounts.paginate_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
-  end
-
-  def set_report
-    @report = Report.find(params[:id])
-  end
-
-  def filtered_reports
-    ReportFilter.new(filter_params).results
-  end
-
-  def filter_params
-    params.permit(*FILTER_PARAMS)
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def next_path
-    api_v1_admin_reports_url(pagination_params(max_id: pagination_max_id)) if records_continue?
-  end
-
-  def prev_path
-    api_v1_admin_reports_url(pagination_params(min_id: pagination_since_id)) unless @reports.empty?
-  end
-
-  def pagination_max_id
-    @reports.last.id
-  end
-
-  def pagination_since_id
-    @reports.first.id
-  end
-
-  def records_continue?
-    @reports.size == limit_param(LIMIT)
-  end
-
-  def pagination_params(core_params)
-    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
-  end
-end

app/controllers/api/v1/apps/credentials_controller.rb

@@ -6,6 +6,6 @@ class Api::V1::Apps::CredentialsController < Api::BaseController
   respond_to :json
 
   def show
-    render json: doorkeeper_token.application, serializer: REST::ApplicationSerializer, fields: %i(name website vapid_key)
+    render json: doorkeeper_token.application, serializer: REST::StatusSerializer::ApplicationSerializer
   end
 end

app/controllers/api/v1/apps_controller.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 class Api::V1::AppsController < Api::BaseController
-  skip_before_action :require_authenticated_user!
-
   def create
     @app = Doorkeeper::Application.create!(application_options)
     render json: @app, serializer: REST::ApplicationSerializer

app/controllers/api/v1/blocks_controller.rb

@@ -19,7 +19,7 @@ class Api::V1::BlocksController < Api::BaseController
   end
 
   def paginated_blocks
-    @paginated_blocks ||= Block.eager_load(target_account: :account_stat)
+    @paginated_blocks ||= Block.eager_load(:target_account)
                                .where(account: current_account)
                                .paginate_by_max_id(
                                  limit_param(DEFAULT_ACCOUNTS_LIMIT),

app/controllers/api/v1/conversations_controller.rb

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::ConversationsController < Api::BaseController
-  LIMIT = 20
-
-  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: :index
-  before_action -> { doorkeeper_authorize! :write, :'write:conversations' }, except: :index
-  before_action :require_user!
-  before_action :set_conversation, except: :index
-  after_action :insert_pagination_headers, only: :index
-
-  respond_to :json
-
-  def index
-    @conversations = paginated_conversations
-    render json: @conversations, each_serializer: REST::ConversationSerializer
-  end
-
-  def read
-    @conversation.update!(unread: false)
-    render json: @conversation, serializer: REST::ConversationSerializer
-  end
-
-  def destroy
-    @conversation.destroy!
-    render_empty
-  end
-
-  private
-
-  def set_conversation
-    @conversation = AccountConversation.where(account: current_account).find(params[:id])
-  end
-
-  def paginated_conversations
-    AccountConversation.where(account: current_account)
-                       .paginate_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def next_path
-    if records_continue?
-      api_v1_conversations_url pagination_params(max_id: pagination_max_id)
-    end
-  end
-
-  def prev_path
-    unless @conversations.empty?
-      api_v1_conversations_url pagination_params(min_id: pagination_since_id)
-    end
-  end
-
-  def pagination_max_id
-    @conversations.last.last_status_id
-  end
-
-  def pagination_since_id
-    @conversations.first.last_status_id
-  end
-
-  def records_continue?
-    @conversations.size == limit_param(LIMIT)
-  end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-end

app/controllers/api/v1/custom_emojis_controller.rb

@@ -3,10 +3,7 @@
 class Api::V1::CustomEmojisController < Api::BaseController
   respond_to :json
 
-  skip_before_action :set_cache_headers
-
   def index
-    expires_in 3.minutes, public: true
-    render_with_cache(each_serializer: REST::CustomEmojiSerializer) { CustomEmoji.listed.includes(:category) }
+    render json: CustomEmoji.local.where(disabled: false), each_serializer: REST::CustomEmojiSerializer
   end
 end

app/controllers/api/v1/directories_controller.rb

@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::DirectoriesController < Api::BaseController
-  before_action :require_enabled!
-  before_action :set_accounts
-
-  def show
-    render json: @accounts, each_serializer: REST::AccountSerializer
-  end
-
-  private
-
-  def require_enabled!
-    return not_found unless Setting.profile_directory
-  end
-
-  def set_accounts
-    @accounts = accounts_scope.offset(params[:offset]).limit(limit_param(DEFAULT_ACCOUNTS_LIMIT))
-  end
-
-  def accounts_scope
-    Account.discoverable.tap do |scope|
-      scope.merge!(Account.local)                                          if truthy_param?(:local)
-      scope.merge!(Account.by_recent_status)                               if params[:order].blank? || params[:order] == 'active'
-      scope.merge!(Account.order(id: :desc))                               if params[:order] == 'new'
-      scope.merge!(Account.not_excluded_by_account(current_account))       if current_account
-      scope.merge!(Account.not_domain_blocked_by_account(current_account)) if current_account && !truthy_param?(:local)
-    end
-  end
-end

app/controllers/api/v1/endorsements_controller.rb

@@ -27,7 +27,7 @@ class Api::V1::EndorsementsController < Api::BaseController
   end
 
   def endorsed_accounts
-    current_account.endorsed_accounts.includes(:account_stat)
+    current_account.endorsed_accounts
   end
 
   def insert_pagination_headers

app/controllers/api/v1/favourites_controller.rb

@@ -26,9 +26,10 @@ class Api::V1::FavouritesController < Api::BaseController
   end
 
   def results
-    @_results ||= account_favourites.paginate_by_id(
+    @_results ||= account_favourites.paginate_by_max_id(
       limit_param(DEFAULT_STATUSES_LIMIT),
-      params_slice(:max_id, :since_id, :min_id)
+      params[:max_id],
+      params[:since_id]
     )
   end
 
@@ -48,7 +49,7 @@ class Api::V1::FavouritesController < Api::BaseController
 
   def prev_path
     unless results.empty?
-      api_v1_favourites_url pagination_params(min_id: pagination_since_id)
+      api_v1_favourites_url pagination_params(since_id: pagination_since_id)
     end
   end
 

app/controllers/api/v1/featured_tags/suggestions_controller.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::FeaturedTags::SuggestionsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }, only: :index
-
-  before_action :require_user!
-  before_action :set_most_used_tags, only: :index
-
-  respond_to :json
-
-  def index
-    render json: @most_used_tags, each_serializer: REST::TagSerializer
-  end
-
-  private
-
-  def set_most_used_tags
-    @most_used_tags = Tag.most_used(current_account).where.not(id: current_account.featured_tags).limit(10)
-  end
-end

app/controllers/api/v1/featured_tags_controller.rb

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::FeaturedTagsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }, only: :index
-  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, except: :index
-
-  before_action :require_user!
-  before_action :set_featured_tags, only: :index
-  before_action :set_featured_tag, except: [:index, :create]
-
-  def index
-    render json: @featured_tags, each_serializer: REST::FeaturedTagSerializer
-  end
-
-  def create
-    @featured_tag = current_account.featured_tags.new(featured_tag_params)
-    @featured_tag.reset_data
-    @featured_tag.save!
-    render json: @featured_tag, serializer: REST::FeaturedTagSerializer
-  end
-
-  def destroy
-    @featured_tag.destroy!
-    render_empty
-  end
-
-  private
-
-  def set_featured_tag
-    @featured_tag = current_account.featured_tags.find(params[:id])
-  end
-
-  def set_featured_tags
-    @featured_tags = current_account.featured_tags.order(statuses_count: :desc)
-  end
-
-  def featured_tag_params
-    params.permit(:name)
-  end
-end

app/controllers/api/v1/follow_requests_controller.rb

@@ -14,12 +14,12 @@ class Api::V1::FollowRequestsController < Api::BaseController
   def authorize
     AuthorizeFollowService.new.call(account, current_account)
     NotifyService.new.call(current_account, Follow.find_by(account: account, target_account: current_account))
-    render json: account, serializer: REST::RelationshipSerializer, relationships: relationships
+    render_empty
   end
 
   def reject
     RejectFollowService.new.call(account, current_account)
-    render json: account, serializer: REST::RelationshipSerializer, relationships: relationships
+    render_empty
   end
 
   private
@@ -28,16 +28,12 @@ class Api::V1::FollowRequestsController < Api::BaseController
     Account.find(params[:id])
   end
 
-  def relationships(**options)
-    AccountRelationshipsPresenter.new([params[:id]], current_user.account_id, options)
-  end
-
   def load_accounts
     default_accounts.merge(paginated_follow_requests).to_a
   end
 
   def default_accounts
-    Account.includes(:follow_requests, :account_stat).references(:follow_requests)
+    Account.includes(:follow_requests).references(:follow_requests)
   end
 
   def paginated_follow_requests

app/controllers/api/v1/follows_controller.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+class Api::V1::FollowsController < Api::BaseController
+  before_action -> { doorkeeper_authorize! :follow, :'write:follows' }
+  before_action :require_user!
+
+  respond_to :json
+
+  def create
+    raise ActiveRecord::RecordNotFound if follow_params[:uri].blank?
+
+    @account = FollowService.new.call(current_user.account, target_uri).try(:target_account)
+
+    if @account.nil?
+      username, domain = target_uri.split('@')
+      @account         = Account.find_remote!(username, domain)
+    end
+
+    render json: @account, serializer: REST::AccountSerializer
+  end
+
+  private
+
+  def target_uri
+    follow_params[:uri].strip.gsub(/\A@/, '')
+  end
+
+  def follow_params
+    params.permit(:uri)
+  end
+end

app/controllers/api/v1/instances/activity_controller.rb

@@ -3,14 +3,10 @@
 class Api::V1::Instances::ActivityController < Api::BaseController
   before_action :require_enabled_api!
 
-  skip_before_action :set_cache_headers
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
-
   respond_to :json
 
   def show
-    expires_in 1.day, public: true
-    render_with_cache json: :activity, expires_in: 1.day
+    render_cached_json('api:v1:instances:activity:show', expires_in: 1.day) { activity }
   end
 
   private
@@ -35,6 +31,6 @@ class Api::V1::Instances::ActivityController < Api::BaseController
   end
 
   def require_enabled_api!
-    head 404 unless Setting.activity_api_enabled && !whitelist_mode?
+    head 404 unless Setting.activity_api_enabled
   end
 end

app/controllers/api/v1/instances/peers_controller.rb

@@ -3,19 +3,15 @@
 class Api::V1::Instances::PeersController < Api::BaseController
   before_action :require_enabled_api!
 
-  skip_before_action :set_cache_headers
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
-
   respond_to :json
 
   def index
-    expires_in 1.day, public: true
-    render_with_cache(expires_in: 1.day) { Account.remote.domains }
+    render_cached_json('api:v1:instances:peers:index', expires_in: 1.day) { Account.remote.domains }
   end
 
   private
 
   def require_enabled_api!
-    head 404 unless Setting.peers_api_enabled && !whitelist_mode?
+    head 404 unless Setting.peers_api_enabled
   end
 end

app/controllers/api/v1/instances_controller.rb

@@ -3,11 +3,7 @@
 class Api::V1::InstancesController < Api::BaseController
   respond_to :json
 
-  skip_before_action :set_cache_headers
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
-
   def show
-    expires_in 3.minutes, public: true
-    render_with_cache json: {}, serializer: REST::InstanceSerializer, root: 'instance'
+    render json: {}, serializer: REST::InstanceSerializer
   end
 end

app/controllers/api/v1/lists/accounts_controller.rb

@@ -37,9 +37,9 @@ class Api::V1::Lists::AccountsController < Api::BaseController
 
   def load_accounts
     if unlimited?
-      @list.accounts.includes(:account_stat).all
+      @list.accounts.all
     else
-      @list.accounts.includes(:account_stat).paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
+      @list.accounts.paginate_by_max_id(limit_param(DEFAULT_ACCOUNTS_LIMIT), params[:max_id], params[:since_id])
     end
   end
 

app/controllers/api/v1/markers_controller.rb

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::MarkersController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: [:index]
-  before_action -> { doorkeeper_authorize! :write, :'write:statuses' }, except: [:index]
-
-  before_action :require_user!
-
-  def index
-    @markers = current_user.markers.where(timeline: Array(params[:timeline])).each_with_object({}) { |marker, h| h[marker.timeline] = marker }
-    render json: serialize_map(@markers)
-  end
-
-  def create
-    Marker.transaction do
-      @markers = {}
-
-      resource_params.each_pair do |timeline, timeline_params|
-        @markers[timeline] = current_user.markers.find_or_initialize_by(timeline: timeline)
-        @markers[timeline].update!(timeline_params)
-      end
-    end
-
-    render json: serialize_map(@markers)
-  rescue ActiveRecord::StaleObjectError
-    render json: { error: 'Conflict during update, please try again' }, status: 409
-  end
-
-  private
-
-  def serialize_map(map)
-    serialized = {}
-
-    map.each_pair do |key, value|
-      serialized[key] = ActiveModelSerializers::SerializableResource.new(value, serializer: REST::MarkerSerializer).as_json
-    end
-
-    Oj.dump(serialized)
-  end
-
-  def resource_params
-    params.slice(*Marker::TIMELINES).permit(*Marker::TIMELINES.map { |timeline| { timeline.to_sym => [:last_read_id] } })
-  end
-end

app/controllers/api/v1/notifications_controller.rb

@@ -37,14 +37,15 @@ class Api::V1::NotificationsController < Api::BaseController
   end
 
   def paginated_notifications
-    browserable_account_notifications.paginate_by_id(
+    browserable_account_notifications.paginate_by_max_id(
       limit_param(DEFAULT_NOTIFICATIONS_LIMIT),
-      params_slice(:max_id, :since_id, :min_id)
+      params[:max_id],
+      params[:since_id]
     )
   end
 
   def browserable_account_notifications
-    current_account.notifications.browserable(exclude_types, from_account)
+    current_account.notifications.browserable(exclude_types)
   end
 
   def target_statuses_from_notifications
@@ -63,7 +64,7 @@ class Api::V1::NotificationsController < Api::BaseController
 
   def prev_path
     unless @notifications.empty?
-      api_v1_notifications_url pagination_params(min_id: pagination_since_id)
+      api_v1_notifications_url pagination_params(since_id: pagination_since_id)
     end
   end
 
@@ -81,10 +82,6 @@ class Api::V1::NotificationsController < Api::BaseController
     val
   end
 
-  def from_account
-    params[:account_id]
-  end
-
   def pagination_params(core_params)
     params.slice(:limit, :exclude_types).permit(:limit, exclude_types: []).merge(core_params)
   end