add attribution info to scss

Witches.town theme as of 2.3.3
Fix UniqueUsernameValidator comparison
2018-04-02 19:30:05 -07:00 · 2018-04-02 19:25:50 -07:00 · 2018-03-27 02:14:05 +02:00
4248 changed files with 20150 additions and 66390 deletions
--- a/.babelrc
+++ b/.babelrc
@ -0,0 +1,66 @@
+{
+  "presets": [
+    "react",
+    [
+      "env",
+      {
+        "exclude": ["transform-async-to-generator", "transform-regenerator"],
+        "loose": true,
+        "modules": false,
+        "targets": {
+          "browsers": ["last 2 versions", "IE >= 11", "iOS >= 9"]
+        }
+      }
+    ]
+  ],
+  "plugins": [
+    "syntax-dynamic-import",
+    ["transform-object-rest-spread", { "useBuiltIns": true }],
+    "transform-decorators-legacy",
+    "transform-class-properties",
+    [
+      "react-intl",
+      {
+        "messagesDir": "./build/messages"
+      }
+    ],
+    "preval"
+  ],
+  "env": {
+    "development": {
+      "plugins": [
+        "transform-react-jsx-source",
+        "transform-react-jsx-self"
+      ]
+    },
+    "production": {
+      "plugins": [
+        "lodash",
+        [
+          "transform-react-remove-prop-types",
+          {
+            "mode": "remove",
+            "removeImport": true,
+            "additionalLibraries": [
+              "react-immutable-proptypes"
+            ]
+          }
+        ],
+        "transform-react-inline-elements",
+        [
+          "transform-runtime",
+          {
+            "helpers": true,
+            "polyfill": false,
+            "regenerator": false
+          }
+        ]
+      ]
+    },
+    "test": {
+      "plugins": [
+        "transform-es2015-modules-commonjs"
+      ]
+    }
+  }
+}
--- a/.buildpacks
+++ b/.buildpacks
@ -1,4 +1,3 @@
 https://github.com/heroku/heroku-buildpack-apt
-https://github.com/Scalingo/ffmpeg-buildpack
 https://github.com/Scalingo/nodejs-buildpack
 https://github.com/Scalingo/ruby-buildpack
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -1,217 +0,0 @@
-version: 2
-
-aliases:
-  - &defaults
-    docker:
-      - image: circleci/ruby:2.5.1-stretch-node
-        environment: &ruby_environment
-          BUNDLE_APP_CONFIG: ./.bundle/
-          DB_HOST: localhost
-          DB_USER: root
-          RAILS_ENV: test
-          PARALLEL_TEST_PROCESSORS: 4
-          ALLOW_NOPAM: true
-          CONTINUOUS_INTEGRATION: true
-          DISABLE_SIMPLECOV: true
-          PAM_ENABLED: true
-          PAM_DEFAULT_SERVICE: pam_test
-          PAM_CONTROLLED_SERVICE: pam_test_controlled
-    working_directory: ~/projects/mastodon/
-
-  - &attach_workspace
-    attach_workspace:
-      at: ~/projects/
-
-  - &persist_to_workspace
-    persist_to_workspace:
-      root: ~/projects/
-      paths:
-        - ./mastodon/
-
-  - &restore_ruby_dependencies
-    restore_cache:
-      keys:
-        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
-        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-
-        - v2-ruby-dependencies-
-
-  - &install_steps
-    steps:
-      - checkout
-      - *attach_workspace
-
-      - restore_cache:
-          keys:
-            - v1-node-dependencies-{{ checksum "yarn.lock" }}
-            - v1-node-dependencies-
-      - run: yarn install --frozen-lockfile
-      - save_cache:
-          key: v1-node-dependencies-{{ checksum "yarn.lock" }}
-          paths:
-            - ./node_modules/
-
-      - *persist_to_workspace
-
-  - &install_system_dependencies
-      run:
-        name: Install system dependencies
-        command: |
-          sudo apt-get update
-          sudo apt-get install -y libicu-dev libidn11-dev libprotobuf-dev protobuf-compiler
-
-  - &install_ruby_dependencies
-      steps:
-        - *attach_workspace
-
-        - *install_system_dependencies
-
-        - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
-        - *restore_ruby_dependencies
-        - run: bundle install --clean --jobs 16 --path ./vendor/bundle/ --retry 3 --with pam_authentication --without development production && bundle clean
-        - save_cache:
-            key: v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
-            paths:
-              - ./.bundle/
-              - ./vendor/bundle/
-        - persist_to_workspace:
-            root: ~/projects/
-            paths:
-                - ./mastodon/.bundle/
-                - ./mastodon/vendor/bundle/
-
-  - &test_steps
-      steps:
-        - *attach_workspace
-
-        - *install_system_dependencies
-        - run: sudo apt-get install -y ffmpeg
-
-        - run:
-            name: Prepare Tests
-            command: ./bin/rails parallel:create parallel:load_schema parallel:prepare
-        - run:
-            name: Run Tests
-            command: ./bin/retry bundle exec parallel_test ./spec/ --group-by filesize --type rspec
-
-jobs:
-  install:
-    <<: *defaults
-    <<: *install_steps
-
-  install-ruby2.5:
-    <<: *defaults
-    <<: *install_ruby_dependencies
-
-  install-ruby2.4:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.4.4-stretch-node
-        environment: *ruby_environment
-    <<: *install_ruby_dependencies
-
-  install-ruby2.3:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.3.7-stretch-node
-        environment: *ruby_environment
-    <<: *install_ruby_dependencies
-
-  build:
-    <<: *defaults
-    steps:
-      - *attach_workspace
-      - *install_system_dependencies
-      - run: ./bin/rails assets:precompile
-      - persist_to_workspace:
-          root: ~/projects/
-          paths:
-              - ./mastodon/public/assets
-              - ./mastodon/public/packs-test/
-
-  test-ruby2.5:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.5.1-stretch-node
-        environment: *ruby_environment
-      - image: circleci/postgres:10.3-alpine
-        environment:
-          POSTGRES_USER: root
-      - image: circleci/redis:4.0.9-alpine
-    <<: *test_steps
-
-  test-ruby2.4:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.4.4-stretch-node
-        environment: *ruby_environment
-      - image: circleci/postgres:10.3-alpine
-        environment:
-          POSTGRES_USER: root
-      - image: circleci/redis:4.0.9-alpine
-    <<: *test_steps
-
-  test-ruby2.3:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.3.7-stretch-node
-        environment: *ruby_environment
-      - image: circleci/postgres:10.3-alpine
-        environment:
-          POSTGRES_USER: root
-      - image: circleci/redis:4.0.9-alpine
-    <<: *test_steps
-
-  test-webui:
-    <<: *defaults
-    docker:
-      - image: circleci/node:8.11.1-stretch
-    steps:
-      - *attach_workspace
-      - run: ./bin/retry yarn test:jest
-
-  check-i18n:
-    <<: *defaults
-    steps:
-      - *attach_workspace
-      - run: bundle exec i18n-tasks check-normalized
-      - run: bundle exec i18n-tasks unused
-      - run: bundle exec i18n-tasks missing -t plural
-      - run: bundle exec i18n-tasks check-consistent-interpolations
-
-workflows:
-  version: 2
-  build-and-test:
-    jobs:
-      - install
-      - install-ruby2.5:
-          requires:
-            - install
-      - install-ruby2.4:
-          requires:
-            - install
-            - install-ruby2.5
-      - install-ruby2.3:
-          requires:
-            - install
-            - install-ruby2.5
-      - build:
-          requires:
-            - install-ruby2.5
-      - test-ruby2.5:
-          requires:
-            - install-ruby2.5
-            - build
-      - test-ruby2.4:
-          requires:
-            - install-ruby2.4
-            - build
-      - test-ruby2.3:
-          requires:
-            - install-ruby2.3
-            - build
-      - test-webui:
-          requires:
-            - install
-      - check-i18n:
-          requires:
-            - install-ruby2.5
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@ -30,7 +30,6 @@ plugins:
    channel: eslint-4
  rubocop:
    enabled: true
-    channel: rubocop-0-54
  scss-lint:
    enabled: true
 exclude_patterns:
--- a/.dockerignore
+++ b/.dockerignore
@ -1,4 +1,3 @@
-.bundle
 .env
 .env.*
 public/system
@ -12,4 +11,3 @@ vendor/bundle
 *~
 postgres
 redis
-elasticsearch
--- a/.env.nanobox
+++ b/.env.nanobox
@ -14,9 +14,9 @@ DB_PORT=5432
 DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano

 # Optional ElasticSearch configuration
-ES_ENABLED=true
-ES_HOST=$DATA_ELASTIC_HOST
-ES_PORT=9200
+# ES_ENABLED=true
+# ES_HOST=localhost
+# ES_PORT=9200

 # Optimizations
 LD_PRELOAD=/data/lib/libjemalloc.so
@ -136,8 +136,8 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 # Defaults to 60 seconds. Set to 0 to disable
 # SWIFT_CACHE_TTL=

-# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
-# S3_ALIAS_HOST=
+# Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
+# S3_CLOUDFRONT_HOST=

 # Streaming API integration
 # STREAMING_API_BASE_URL=
--- a/.env.production.sample
+++ b/.env.production.sample
@ -81,17 +81,9 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # PAPERCLIP_ROOT_URL=/system

 # Optional asset host for multi-server setups
-# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
-# if WEB_DOMAIN is not set. For example, the server may have the
-# following header field:
-# Access-Control-Allow-Origin: https://example.com/
 # CDN_HOST=https://assets.example.com

 # S3 (optional)
-# The attachment host must allow cross origin request from WEB_DOMAIN or
-# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
-# following header field:
-# Access-Control-Allow-Origin: https://192.168.1.123:9000/
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
@ -101,8 +93,6 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # S3_HOSTNAME=192.168.1.123:9000

 # S3 (Minio Config (optional) Please check Minio instance for details)
-# The attachment host must allow cross origin request - see the description
-# above.
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
@ -114,15 +104,11 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # S3_SIGNATURE_VERSION=

 # Swift (optional)
-# The attachment host must allow cross origin request - see the description
-# above.
 # SWIFT_ENABLED=true
 # SWIFT_USERNAME=
 # For Keystone V3, the value for SWIFT_TENANT should be the project name
 # SWIFT_TENANT=
 # SWIFT_PASSWORD=
-# Some OpenStack V3 providers require PROJECT_ID (optional)
-# SWIFT_PROJECT_ID=
 # Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
 # issues with token rate-limiting during high load.
 # SWIFT_AUTH_URL=
@ -134,8 +120,8 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # Defaults to 60 seconds. Set to 0 to disable
 # SWIFT_CACHE_TTL=

-# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
-# S3_ALIAS_HOST=
+# Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
+# S3_CLOUDFRONT_HOST=

 # Streaming API integration
 # STREAMING_API_BASE_URL=
@ -162,7 +148,6 @@ STREAMING_CLUSTER_NUM=1
 # LDAP_BIND_DN=
 # LDAP_PASSWORD=
 # LDAP_UID=cn
-# LDAP_SEARCH_FILTER="%{uid}=%{email}"

 # PAM authentication (optional)
 # PAM authentication uses for the email generation the "email" pam variable
@ -225,8 +210,3 @@ STREAMING_CLUSTER_NUM=1
 # SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
 # SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
-
-# Use HTTP proxy for outgoing request (optional)
-# http_proxy=http://gateway.local:8118
-# Access control for hidden service.
-# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
--- a/.env.test
+++ b/.env.test
@ -1,5 +1,3 @@
-# Node.js
-NODE_ENV=test
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
--- a/.env.vagrant
+++ b/.env.vagrant
@ -1,2 +1,2 @@
 VAGRANT=true
-LOCAL_DOMAIN=mastodon.local
+LOCAL_DOMAIN=mastodon.dev
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@ -7,16 +7,12 @@ env:
  es6: true
  jest: true

-globals:
-  ATTACHMENT_HOST: false
-
 parser: babel-eslint

 plugins:
 - react
 - jsx-a11y
 - import
- promise

 parserOptions:
  sourceType: module
@ -113,23 +109,13 @@ rules:
  jsx-a11y/accessible-emoji: warn
  jsx-a11y/alt-text: warn
  jsx-a11y/anchor-has-content: warn
-  jsx-a11y/anchor-is-valid:
-  - warn
-  - components:
-    - Link
-    - NavLink
-    specialLink:
-    - to
-    aspect:
-    - noHref
-    - invalidHref
-    - preferButton
  jsx-a11y/aria-activedescendant-has-tabindex: warn
  jsx-a11y/aria-props: warn
  jsx-a11y/aria-proptypes: warn
  jsx-a11y/aria-role: warn
  jsx-a11y/aria-unsupported-elements: warn
  jsx-a11y/heading-has-content: warn
+  jsx-a11y/href-no-hash: warn
  jsx-a11y/html-has-lang: warn
  jsx-a11y/iframe-has-title: warn
  jsx-a11y/img-redundant-alt: warn
@ -166,5 +152,3 @@ rules:
    - "app/javascript/**/__tests__/**"
  import/no-unresolved: error
  import/no-webpack-loader-syntax: error
-
-  promise/catch-or-return: error
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@ -0,0 +1,6 @@
+[Issue text goes here].
+
+* * * *
+
+- [ ] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
+- [ ] This bug happens on a [tagged release](https://github.com/tootsuite/mastodon/releases) and not on `master` (If you're a user, don't worry about this).
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -1,27 +0,0 @@
---
-name: Bug Report
-about: If something isn't working as expected
-
---
-
-<!-- Make sure that you are submitting a new bug that was not previously reported or already fixed -->
-
-<!-- Please use a concise and distinct title for the issue -->
-
-### Expected behaviour
-
-<!-- What should have happened? -->
-
-### Actual behaviour
-
-<!-- What happened? -->
-
-### Steps to reproduce the problem
-
-<!-- What were you trying to do? -->
-
-### Specifications
-
-<!-- What version or commit hash of Mastodon did you find this bug in? -->
-
-<!-- If a front-end issue, what browser and operating systems were you using? -->
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@ -1,17 +0,0 @@
---
-name: Feature Request
-about: I have a suggestion
-
---
-
-<!-- Please use a concise and distinct title for the issue -->
-
-<!-- Consider: Could it be implemented as a 3rd party app using the REST API instead? -->
-
-### Pitch
-
-<!-- Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before -->
-
-### Motivation
-
-<!-- Why do you think this feature is needed? Who would benefit from it? -->
--- a/.github/ISSUE_TEMPLATE/support.md
+++ b/.github/ISSUE_TEMPLATE/support.md
@ -1,10 +0,0 @@
---
-name: Support
-about: Ask for help with your deployment
-
---
-
-We primarily use GitHub as a bug and feature tracker. For usage questions, troubleshooting of deployments and other individual technical assistance, please use one of the resources below:
-
- https://discourse.joinmastodon.org
- #mastodon on irc.freenode.net
--- a/.gitignore
+++ b/.gitignore
@ -36,10 +36,9 @@ config/deploy/*
 .vscode/
 .idea/

-# Ignore postgres + redis + elasticsearch volume optionally created by docker-compose
+# Ignore postgres + redis volume optionally created by docker-compose
 postgres
 redis
-elasticsearch

 # Ignore Apple files
 .DS_Store
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-8
+6
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -11,7 +11,6 @@ AllCops:
  - 'Vagrantfile'
  - 'vendor/**/*'
  - 'lib/json_ld/*'
-  - 'lib/templates/**/*'

 Bundler/OrderedGems:
  Enabled: false
@ -62,9 +61,6 @@ Metrics/ParameterLists:
 Metrics/PerceivedComplexity:
  Max: 20

-Naming/MemoizedInstanceVariableName:
-  Enabled: false
-
 Rails:
  Enabled: true

@ -74,14 +70,6 @@ Rails/HasAndBelongsToMany:
 Rails/SkipsModelValidations:
  Enabled: false

-Rails/HttpStatus:
-  Enabled: false
-
-Rails/Exit:
-  Exclude:
-    - 'lib/mastodon/*'
-    - 'lib/cli'
-
 Style/ClassAndModuleChildren:
  Enabled: false

@ -119,8 +107,5 @@ Style/RegexpLiteral:
 Style/SymbolArray:
  Enabled: false

-Style/TrailingCommaInArrayLiteral:
-  EnforcedStyleForMultiline: 'comma'
-
-Style/TrailingCommaInHashLiteral:
+Style/TrailingCommaInLiteral:
  EnforcedStyleForMultiline: 'comma'
--- a/.ruby-version
+++ b/.ruby-version
@ -1 +1 @@
-2.5.3
+2.5.0
--- a/.travis.yml
+++ b/.travis.yml
@ -0,0 +1,59 @@
+language: ruby
+cache:
+  bundler: true
+  yarn: true
+  directories:
+    - node_modules
+    - public/assets
+    - public/packs-test
+    - tmp/cache/babel-loader
+dist: trusty
+sudo: false
+branches:
+  only:
+    - master
+
+notifications:
+  email: false
+
+env:
+  global:
+    - LOCAL_DOMAIN=cb6e6126.ngrok.io
+    - LOCAL_HTTPS=true
+    - RAILS_ENV=test
+    - NOKOGIRI_USE_SYSTEM_LIBRARIES=true
+    - PARALLEL_TEST_PROCESSORS=2
+
+addons:
+  postgresql: 9.4
+  apt:
+    sources:
+      - trusty-media
+      - sourceline: deb https://dl.yarnpkg.com/debian/ stable main
+        key_url: https://dl.yarnpkg.com/debian/pubkey.gpg
+    packages:
+      - ffmpeg
+      - libicu-dev
+      - libprotobuf-dev
+      - protobuf-compiler
+      - yarn
+
+rvm:
+  - 2.4.2
+  - 2.5.0
+
+services:
+  - redis-server
+
+install:
+  - nvm install
+  - bundle install --path=vendor/bundle --without development production --retry=3 --jobs=16
+  - yarn install
+
+before_script:
+  - ./bin/rails parallel:create parallel:load_schema parallel:prepare assets:precompile
+
+script:
+  - travis_retry bundle exec parallel_test spec/ --group-by filesize --type rspec
+  - yarn run test:jest
+  - bundle exec i18n-tasks check-normalized && bundle exec i18n-tasks unused
--- a/AUTHORS.md
+++ b/AUTHORS.md
@ -3,85 +3,76 @@ and provided thanks to the work of the following contributors:

 * [Gargron](https://github.com/Gargron)
 * [ykzts](https://github.com/ykzts)
-* [akihikodaki](https://github.com/akihikodaki)
 * [mjankowski](https://github.com/mjankowski)
-* [ThibG](https://github.com/ThibG)
+* [akihikodaki](https://github.com/akihikodaki)
 * [unarist](https://github.com/unarist)
-* [m4sk1n](https://github.com/m4sk1n)
 * [yiskah](https://github.com/yiskah)
+* [m4sk1n](https://github.com/m4sk1n)
 * [nolanlawson](https://github.com/nolanlawson)
 * [sorin-davidoi](https://github.com/sorin-davidoi)
 * [abcang](https://github.com/abcang)
+* [ThibG](https://github.com/ThibG)
 * [lynlynlynx](https://github.com/lynlynlynx)
-* [dependabot[bot]](https://github.com/apps/dependabot)
 * [alpaca-tc](https://github.com/alpaca-tc)
 * [nclm](https://github.com/nclm)
 * [ineffyble](https://github.com/ineffyble)
-* [renatolond](https://github.com/renatolond)
 * [jeroenpraat](https://github.com/jeroenpraat)
-* [mayaeh](https://github.com/mayaeh)
 * [blackle](https://github.com/blackle)
 * [Quent-in](https://github.com/Quent-in)
 * [JantsoP](https://github.com/JantsoP)
 * [nullkal](https://github.com/nullkal)
 * [yookoala](https://github.com/yookoala)
-* [mabkenar](https://github.com/mabkenar)
 * [ysksn](https://github.com/ysksn)
-* [shuheiktgw](https://github.com/shuheiktgw)
 * [ashfurrow](https://github.com/ashfurrow)
-* [Kjwon15](https://github.com/Kjwon15)
-* [zunda](https://github.com/zunda)
 * [eramdam](https://github.com/eramdam)
-* [masarakki](https://github.com/masarakki)
-* [takayamaki](https://github.com/takayamaki)
+* [mayaeh](https://github.com/mayaeh)
+* [zunda](https://github.com/zunda)
 * [ticky](https://github.com/ticky)
-* [Quenty31](https://github.com/Quenty31)
-* [danhunsaker](https://github.com/danhunsaker)
-* [ThisIsMissEm](https://github.com/ThisIsMissEm)
-* [hcmiya](https://github.com/hcmiya)
-* [stephenburgess8](https://github.com/stephenburgess8)
+* [masarakki](https://github.com/masarakki)
 * [Wonderfall](https://github.com/Wonderfall)
 * [matteoaquila](https://github.com/matteoaquila)
 * [rkarabut](https://github.com/rkarabut)
-* [yukimochi](https://github.com/yukimochi)
+* [stephenburgess8](https://github.com/stephenburgess8)
+* [Kjwon15](https://github.com/Kjwon15)
 * [Artoria2e5](https://github.com/Artoria2e5)
+* [yukimochi](https://github.com/yukimochi)
 * [marrus-sh](https://github.com/marrus-sh)
 * [krainboltgreene](https://github.com/krainboltgreene)
-* [patf](https://github.com/patf)
-* [Aldarone](https://github.com/Aldarone)
+* [renatolond](https://github.com/renatolond)
 * [BoFFire](https://github.com/BoFFire)
 * [clworld](https://github.com/clworld)
-* [dracos](https://github.com/dracos)
-* [SerCom_KC](mailto:sercom-kc@users.noreply.github.com)
-* [Sylvhem](https://github.com/Sylvhem)
-* [nightpool](https://github.com/nightpool)
-* [MasterGroosha](https://github.com/MasterGroosha)
+* [danhunsaker](https://github.com/danhunsaker)
+* [patf](https://github.com/patf)
+* [Quenty31](https://github.com/Quenty31)
+* [MitarashiDango](https://github.com/MitarashiDango)
+* [Aldarone](https://github.com/Aldarone)
 * [JeanGauthier](https://github.com/JeanGauthier)
 * [kschaper](https://github.com/kschaper)
-* [MaciekBaron](https://github.com/MaciekBaron)
-* [MitarashiDango](mailto:mitarashidango@users.noreply.github.com)
-* [beatrix-bitrot](https://github.com/beatrix-bitrot)
+* [takayamaki](https://github.com/takayamaki)
 * [adbelle](https://github.com/adbelle)
 * [evanminto](https://github.com/evanminto)
+* [mabkenar](https://github.com/mabkenar)
 * [MightyPork](https://github.com/MightyPork)
+* [beatrix-bitrot](https://github.com/beatrix-bitrot)
 * [yhirano55](https://github.com/yhirano55)
 * [camponez](https://github.com/camponez)
-* [SerCom-KC](https://github.com/SerCom-KC)
 * [aschmitz](https://github.com/aschmitz)
-* [devkral](https://github.com/devkral)
 * [fpiesche](https://github.com/fpiesche)
 * [gandaro](https://github.com/gandaro)
 * [johnsudaar](https://github.com/johnsudaar)
 * [trebmuh](https://github.com/trebmuh)
-* [Rakib Hasan](mailto:rmhasan@gmail.com)
+* [Sylvhem](https://github.com/Sylvhem)
 * [lindwurm](https://github.com/lindwurm)
-* [victorhck](mailto:victorhck@geeko.site)
 * [voidsatisfaction](https://github.com/voidsatisfaction)
+* [neetshin](https://github.com/neetshin)
+* [valentin2105](https://github.com/valentin2105)
 * [hikari-no-yume](https://github.com/hikari-no-yume)
-* [angristan](https://github.com/angristan)
+* [Angristan](https://github.com/Angristan)
 * [seefood](https://github.com/seefood)
 * [jackjennings](https://github.com/jackjennings)
-* [spla](mailto:spla@mastodont.cat)
+* [hcmiya](https://github.com/hcmiya)
+* [nightpool](https://github.com/nightpool)
+* [salvadorpla](https://github.com/salvadorpla)
 * [expenses](https://github.com/expenses)
 * [walf443](https://github.com/walf443)
 * [JoelQ](https://github.com/JoelQ)
@ -93,93 +84,74 @@ and provided thanks to the work of the following contributors:
 * [tsuwatch](https://github.com/tsuwatch)
 * [victorhck](https://github.com/victorhck)
 * [puckipedia](https://github.com/puckipedia)
-* [fvh-P](https://github.com/fvh-P)
 * [contraexemplo](https://github.com/contraexemplo)
-* [hugogameiro](https://github.com/hugogameiro)
 * [kazu9su](https://github.com/kazu9su)
 * [Komic](https://github.com/Komic)
 * [diomed](https://github.com/diomed)
-* [ariasuni](https://github.com/ariasuni)
-* [Neetshin](mailto:neetshin@neetsh.in)
 * [rainyday](https://github.com/rainyday)
-* [ProgVal](https://github.com/ProgVal)
-* [valentin2105](https://github.com/valentin2105)
-* [yuntan](https://github.com/yuntan)
-* [ashleyhull-versent](https://github.com/ashleyhull-versent)
-* [goofy-bz](mailto:goofy@babelzilla.org)
 * [kadiix](https://github.com/kadiix)
 * [kodacs](https://github.com/kodacs)
-* [rtucker](https://github.com/rtucker)
-* [KScl](https://github.com/KScl)
+* [ProgVal](https://github.com/ProgVal)
 * [sterdev](https://github.com/sterdev)
 * [TheKinrar](https://github.com/TheKinrar)
 * [AA4ch1](https://github.com/AA4ch1)
 * [alexgleason](https://github.com/alexgleason)
 * [cpytel](https://github.com/cpytel)
 * [northerner](https://github.com/northerner)
-* [fhemberger](https://github.com/fhemberger)
-* [greysteil](https://github.com/greysteil)
 * [hnrysmth](https://github.com/hnrysmth)
-* [d6rkaiz](https://github.com/d6rkaiz)
-* [JMendyk](https://github.com/JMendyk)
+* [hugogameiro](https://github.com/hugogameiro)
 * [JohnD28](https://github.com/JohnD28)
 * [znz](https://github.com/znz)
 * [Naouak](https://github.com/Naouak)
+* [rtucker](https://github.com/rtucker)
 * [reneklacan](https://github.com/reneklacan)
-* [ekiru](https://github.com/ekiru)
+* [KScl](https://github.com/KScl)
+* [SerCom-KC](https://github.com/SerCom-KC)
 * [tcitworld](https://github.com/tcitworld)
 * [geta6](https://github.com/geta6)
+* [goofy-bz](https://github.com/goofy-bz)
 * [happycoloredbanana](https://github.com/happycoloredbanana)
-* [kedamaDQ](https://github.com/kedamaDQ)
 * [leopku](https://github.com/leopku)
 * [SansPseudoFix](https://github.com/SansPseudoFix)
 * [tomfhowe](https://github.com/tomfhowe)
 * [noraworld](https://github.com/noraworld)
-* [theboss](https://github.com/theboss)
+* [fvh-P](https://github.com/fvh-P)
 * [178inaba](https://github.com/178inaba)
+* [devkral](https://github.com/devkral)
 * [alyssais](https://github.com/alyssais)
 * [kodnaplakal](https://github.com/kodnaplakal)
 * [stalker314314](https://github.com/stalker314314)
 * [huertanix](https://github.com/huertanix)
 * [genesixx](https://github.com/genesixx)
+* [fhemberger](https://github.com/fhemberger)
 * [halkeye](https://github.com/halkeye)
-* [hinaloe](https://github.com/hinaloe)
 * [treby](https://github.com/treby)
-* [Reverite](https://github.com/Reverite)
+* [d6rkaiz](https://github.com/d6rkaiz)
 * [jpdevries](https://github.com/jpdevries)
-* [H-C-F](https://github.com/H-C-F)
-* [Kurtis Rainbolt-Greene](mailto:me@kurtisrainboltgreene.name)
+* [rndm-stranger](https://github.com/rndm-stranger)
 * [saper](https://github.com/saper)
 * [nevillepark](https://github.com/nevillepark)
 * [ornithocoder](https://github.com/ornithocoder)
 * [pierreozoux](https://github.com/pierreozoux)
-* [qguv](https://github.com/qguv)
-* [Ram Lmn](mailto:ramlmn@users.noreply.github.com)
+* [ramlmn](https://github.com/ramlmn)
 * [harukasan](https://github.com/harukasan)
 * [stamak](https://github.com/stamak)
-* [Technowix](mailto:technowix@users.noreply.github.com)
 * [Eychics](https://github.com/Eychics)
-* [Thor Harald Johansen](mailto:thj@thj.no)
+* [thor-the-norseman](https://github.com/thor-the-norseman)
 * [0x70b1a5](https://github.com/0x70b1a5)
 * [gled-rs](https://github.com/gled-rs)
-* [Valentin_NC](mailto:valentin.ouvrard@nautile.sarl)
 * [R0ckweb](https://github.com/R0ckweb)
-* [caasi](https://github.com/caasi)
 * [esetomo](https://github.com/esetomo)
 * [foxiehkins](https://github.com/foxiehkins)
-* [hoodie](mailto:hoodiekitten@outlook.com)
-* [luzi82](https://github.com/luzi82)
-* [duxovni](https://github.com/duxovni)
+* [sdukhovni](https://github.com/sdukhovni)
 * [unsmell](https://github.com/unsmell)
 * [chriswmartin](https://github.com/chriswmartin)
 * [vahnj](https://github.com/vahnj)
 * [ikuradon](https://github.com/ikuradon)
 * [AndreLewin](https://github.com/AndreLewin)
-* [rinsuki](https://github.com/rinsuki)
 * [redtachyons](https://github.com/redtachyons)
 * [thurloat](https://github.com/thurloat)
 * [aaribaud](https://github.com/aaribaud)
-* [Andrew](mailto:andrewlchronister@gmail.com)
 * [estuans](https://github.com/estuans)
 * [dissolve](https://github.com/dissolve)
 * [PurpleBooth](https://github.com/PurpleBooth)
@ -193,46 +165,36 @@ and provided thanks to the work of the following contributors:
 * [farlistener](https://github.com/farlistener)
 * [DavidLibeau](https://github.com/DavidLibeau)
 * [SirCmpwn](https://github.com/SirCmpwn)
+* [MasterGroosha](https://github.com/MasterGroosha)
 * [Fjoerfoks](https://github.com/Fjoerfoks)
 * [fmauNeko](https://github.com/fmauNeko)
 * [gloaec](https://github.com/gloaec)
-* [Gomasy](https://github.com/Gomasy)
+* [greysteil](https://github.com/greysteil)
 * [unstabler](https://github.com/unstabler)
 * [potato4d](https://github.com/potato4d)
 * [h-izumi](https://github.com/h-izumi)
 * [ErikXXon](https://github.com/ErikXXon)
 * [ian-kelling](https://github.com/ian-kelling)
-* [immae](https://github.com/immae)
 * [foozmeat](https://github.com/foozmeat)
 * [jasonrhodes](https://github.com/jasonrhodes)
-* [Jason Snell](mailto:jason@newrelic.com)
+* [asm](https://github.com/asm)
 * [jviide](https://github.com/jviide)
 * [crakaC](https://github.com/crakaC)
 * [tkbky](https://github.com/tkbky)
-* [Kaylee](mailto:kaylee@codethat.sucks)
 * [Kazhnuz](https://github.com/Kazhnuz)
-* [connyduck](https://github.com/connyduck)
-* [Lindsey Bieda](mailto:lindseyb@users.noreply.github.com)
-* [Lorenz Diener](mailto:halcyon@icosahedron.website)
 * [alimony](https://github.com/alimony)
 * [mig5](https://github.com/mig5)
 * [ndarville](https://github.com/ndarville)
 * [Abzol](https://github.com/Abzol)
-* [pwoolcoc](https://github.com/pwoolcoc)
 * [xPaw](https://github.com/xPaw)
-* [petzah](https://github.com/petzah)
-* [ignisf](https://github.com/ignisf)
 * [raymestalez](https://github.com/raymestalez)
-* [sascha-sl](https://github.com/sascha-sl)
-* [u1-liquid](https://github.com/u1-liquid)
 * [sim6](https://github.com/sim6)
-* [stemid](https://github.com/stemid)
+* [ekiru](https://github.com/ekiru)
+* [Technowix](https://github.com/Technowix)
 * [ThomasLeister](https://github.com/ThomasLeister)
 * [mcat-ee](https://github.com/mcat-ee)
 * [tototoshi](https://github.com/tototoshi)
-* [TrashMacNugget](https://github.com/TrashMacNugget)
 * [VirtuBox](https://github.com/VirtuBox)
-* [Vladyslav](mailto:vaden@tuta.io)
 * [kaniini](https://github.com/kaniini)
 * [vayan](https://github.com/vayan)
 * [yannicka](https://github.com/yannicka)
@ -240,12 +202,7 @@ and provided thanks to the work of the following contributors:
 * [zacanger](https://github.com/zacanger)
 * [amazedkoumei](https://github.com/amazedkoumei)
 * [anon5r](https://github.com/anon5r)
-* [aus-social](https://github.com/aus-social)
-* [imbsky](https://github.com/imbsky)
-* [bsky](mailto:me@imbsky.net)
-* [chr-1x](https://github.com/chr-1x)
 * [codl](https://github.com/codl)
-* [cpsdqs](https://github.com/cpsdqs)
 * [barzamin](https://github.com/barzamin)
 * [fhalna](https://github.com/fhalna)
 * [haoyayoi](https://github.com/haoyayoi)
@ -258,55 +215,42 @@ and provided thanks to the work of the following contributors:
 * [oliverkeeble](https://github.com/oliverkeeble)
 * [pinfort](https://github.com/pinfort)
 * [rbaumert](https://github.com/rbaumert)
-* [rhoio](https://github.com/rhoio)
-* [trwnh](https://github.com/trwnh)
 * [usagi-f](https://github.com/usagi-f)
 * [vidarlee](https://github.com/vidarlee)
 * [vjackson725](https://github.com/vjackson725)
 * [wxcafe](https://github.com/wxcafe)
-* [新都心(Neet Shin)](mailto:nucx@dio-vox.com)
+* [rinsuki](https://github.com/rinsuki)
 * [cygnan](https://github.com/cygnan)
 * [Awea](https://github.com/Awea)
 * [halcy](https://github.com/halcy)
-* [naaaaaaaaaaaf](https://github.com/naaaaaaaaaaaf)
-* [NecroTechno](https://github.com/NecroTechno)
+* [bounshi](https://github.com/bounshi)
 * [8398a7](https://github.com/8398a7)
 * [857b](https://github.com/857b)
-* [insom](https://github.com/insom)
-* [Aditoo17](https://github.com/Aditoo17)
 * [unascribed](https://github.com/unascribed)
 * [Aguay-val](https://github.com/Aguay-val)
-* [Akihiko Odaki](mailto:nekomanma@pixiv.co.jp)
 * [knu](https://github.com/knu)
-* [h3poteto](https://github.com/h3poteto)
-* [unleashed](https://github.com/unleashed)
 * [alxrcs](https://github.com/alxrcs)
 * [console-cowboy](https://github.com/console-cowboy)
 * [pointlessone](https://github.com/pointlessone)
 * [a2](https://github.com/a2)
 * [0xa](https://github.com/0xa)
-* [palindromordnilap](https://github.com/palindromordnilap)
 * [virtualpain](https://github.com/virtualpain)
 * [sapphirus](https://github.com/sapphirus)
 * [amandavisconti](https://github.com/amandavisconti)
 * [ameliavoncat](https://github.com/ameliavoncat)
 * [ilpianista](https://github.com/ilpianista)
-* [Andreas Drop](mailto:andy@remline.de)
-* [andi1984](https://github.com/andi1984)
+* [andydrop](https://github.com/andydrop)
 * [schas002](https://github.com/schas002)
-* [abackstrom](https://github.com/abackstrom)
 * [jumbosushi](https://github.com/jumbosushi)
 * [ayumin](https://github.com/ayumin)
 * [BaptisteGelez](https://github.com/BaptisteGelez)
 * [bzg](https://github.com/bzg)
-* [BenLubar](https://github.com/BenLubar)
 * [benediktg](https://github.com/benediktg)
 * [blakebarnett](https://github.com/blakebarnett)
 * [bradj](https://github.com/bradj)
 * [brycied00d](https://github.com/brycied00d)
 * [carlosjs23](https://github.com/carlosjs23)
 * [cgxxx](https://github.com/cgxxx)
-* [kibitan](https://github.com/kibitan)
 * [chrisheninger](https://github.com/chrisheninger)
 * [chris-martin](https://github.com/chris-martin)
 * [DoubleMalt](https://github.com/DoubleMalt)
@ -315,33 +259,22 @@ and provided thanks to the work of the following contributors:
 * [chriswk](https://github.com/chriswk)
 * [csu](https://github.com/csu)
 * [kklleemm](https://github.com/kklleemm)
-* [colindean](https://github.com/colindean)
-* [dachinat](https://github.com/dachinat)
-* [multiple-creatures](https://github.com/multiple-creatures)
+* [monsterpit-daggertooth](https://github.com/monsterpit-daggertooth)
 * [watilde](https://github.com/watilde)
 * [daprice](https://github.com/daprice)
 * [dar5hak](https://github.com/dar5hak)
 * [kant](https://github.com/kant)
-* [maxolasersquad](https://github.com/maxolasersquad)
 * [singingwolfboy](https://github.com/singingwolfboy)
 * [davidcelis](https://github.com/davidcelis)
-* [davefp](https://github.com/davefp)
 * [yipdw](https://github.com/yipdw)
 * [debanshuk](https://github.com/debanshuk)
-* [Derek Lewis](mailto:derekcecillewis@gmail.com)
 * [dblandin](https://github.com/dblandin)
-* [Drew Gates](mailto:aranaur@users.noreply.github.com)
-* [dtschust](https://github.com/dtschust)
-* [Dryusdan](https://github.com/Dryusdan)
-* [eai04191](https://github.com/eai04191)
+* [aranaur](https://github.com/aranaur)
 * [d3vgru](https://github.com/d3vgru)
 * [Elizafox](https://github.com/Elizafox)
 * [ericblade](https://github.com/ericblade)
 * [mikoim](https://github.com/mikoim)
-* [espenronnevik](https://github.com/espenronnevik)
-* [Finariel](https://github.com/Finariel)
 * [siuying](https://github.com/siuying)
-* [GenbuHase](https://github.com/GenbuHase)
 * [hattori6789](https://github.com/hattori6789)
 * [algernon](https://github.com/algernon)
 * [Fastbyte01](https://github.com/Fastbyte01)
@ -350,62 +283,52 @@ and provided thanks to the work of the following contributors:
 * [Fiaxhs](https://github.com/Fiaxhs)
 * [reedcourty](https://github.com/reedcourty)
 * [anneau](https://github.com/anneau)
-* [lanodan](https://github.com/lanodan)
-* [Harmon758](https://github.com/Harmon758)
 * [HellPie](https://github.com/HellPie)
 * [Habu-Kagumba](https://github.com/Habu-Kagumba)
+* [hinaloe](https://github.com/hinaloe)
 * [suzukaze](https://github.com/suzukaze)
 * [Hiromi-Kai](https://github.com/Hiromi-Kai)
-* [hishamhm](https://github.com/hishamhm)
 * [musashino205](https://github.com/musashino205)
 * [iwaim](https://github.com/iwaim)
 * [valrus](https://github.com/valrus)
 * [IMcD23](https://github.com/IMcD23)
 * [yi0713](https://github.com/yi0713)
+* [immae](https://github.com/immae)
 * [iblech](https://github.com/iblech)
-* [usbsnowcrash](https://github.com/usbsnowcrash)
 * [jack-michaud](https://github.com/jack-michaud)
 * [Floppy](https://github.com/Floppy)
 * [loomchild](https://github.com/loomchild)
-* [jenkr55](https://github.com/jenkr55)
-* [press5](https://github.com/press5)
+* [docjkl](https://github.com/docjkl)
 * [TrollDecker](https://github.com/TrollDecker)
 * [jmontane](https://github.com/jmontane)
 * [jonathanklee](https://github.com/jonathanklee)
 * [jguerder](https://github.com/jguerder)
 * [Jehops](https://github.com/Jehops)
 * [joshuap](https://github.com/joshuap)
-* [YuleZ](https://github.com/YuleZ)
 * [Tiwy57](https://github.com/Tiwy57)
 * [xuv](https://github.com/xuv)
 * [Jnsll](https://github.com/Jnsll)
 * [j0k3r](https://github.com/j0k3r)
 * [KEINOS](https://github.com/KEINOS)
 * [futoase](https://github.com/futoase)
-* [Pneumaticat](https://github.com/Pneumaticat)
-* [Kit Redgrave](mailto:qwertyitis@gmail.com)
-* [Knut Erik](mailto:abjectio@users.noreply.github.com)
+* [abjectio](https://github.com/abjectio)
 * [mkody](https://github.com/mkody)
+* [connyduck](https://github.com/connyduck)
 * [k0ta0uchi](https://github.com/k0ta0uchi)
 * [KrzysiekJ](https://github.com/KrzysiekJ)
 * [leowzukw](https://github.com/leowzukw)
 * [lmorchard](https://github.com/lmorchard)
-* [Tak](https://github.com/Tak)
 * [cacheflow](https://github.com/cacheflow)
 * [ldidry](https://github.com/ldidry)
 * [jemus42](https://github.com/jemus42)
 * [lfuelling](https://github.com/lfuelling)
 * [Grabacr07](https://github.com/Grabacr07)
 * [mistermantas](https://github.com/mistermantas)
-* [mareklach](https://github.com/mareklach)
 * [wirehack7](https://github.com/wirehack7)
-* [martymcguire](https://github.com/martymcguire)
 * [marvinkopf](https://github.com/marvinkopf)
 * [otsune](https://github.com/otsune)
-* [Mathias B](mailto:10813340+mathias-b@users.noreply.github.com)
+* [m-blc](https://github.com/m-blc)
 * [matt-auckland](https://github.com/matt-auckland)
-* [webroo](https://github.com/webroo)
-* [matthiasbeyer](https://github.com/matthiasbeyer)
 * [mattjmattj](https://github.com/mattjmattj)
 * [mtparet](https://github.com/mtparet)
 * [maximeborges](https://github.com/maximeborges)
@ -413,20 +336,16 @@ and provided thanks to the work of the following contributors:
 * [michaeljdeeb](https://github.com/michaeljdeeb)
 * [Themimitoof](https://github.com/Themimitoof)
 * [cyweo](https://github.com/cyweo)
-* [Midgard](mailto:m1dgard@users.noreply.github.com)
+* [M1dgard](https://github.com/M1dgard)
 * [mike-burns](https://github.com/mike-burns)
 * [verymilan](https://github.com/verymilan)
 * [milmazz](https://github.com/milmazz)
-* [premist](https://github.com/premist)
 * [Mnkai](https://github.com/Mnkai)
 * [mitchhentges](https://github.com/mitchhentges)
 * [moritzheiber](https://github.com/moritzheiber)
 * [mouse-reeve](https://github.com/mouse-reeve)
-* [Mozinet-fr](https://github.com/Mozinet-fr)
 * [lae](https://github.com/lae)
 * [Nanamachi](https://github.com/Nanamachi)
-* [orinthe](https://github.com/orinthe)
-* [Dar13](https://github.com/Dar13)
 * [ngerakines](https://github.com/ngerakines)
 * [vonneudeck](https://github.com/vonneudeck)
 * [Ninetailed](https://github.com/Ninetailed)
@ -436,23 +355,18 @@ and provided thanks to the work of the following contributors:
 * [norayr](https://github.com/norayr)
 * [joyeusenoelle](https://github.com/joyeusenoelle)
 * [OlivierNicole](https://github.com/OlivierNicole)
-* [noppa](https://github.com/noppa)
 * [Otakan951](https://github.com/Otakan951)
 * [fahy](https://github.com/fahy)
-* [PatrickRWells](https://github.com/PatrickRWells)
 * [Pangoraw](https://github.com/Pangoraw)
+* [pwoolcoc](https://github.com/pwoolcoc)
 * [peterkeen](https://github.com/peterkeen)
-* [pgate](https://github.com/pgate)
-* [remram44](https://github.com/remram44)
-* [retokromer](https://github.com/retokromer)
+* [petzah](https://github.com/petzah)
+* [ignisf](https://github.com/ignisf)
 * [rfwatson](https://github.com/rfwatson)
 * [rfreebern](https://github.com/rfreebern)
-* [Ryan Wade](mailto:ryan.wade@protonmail.com)
 * [sylph01](https://github.com/sylph01)
-* [S-H-GAMELINKS](https://github.com/S-H-GAMELINKS)
 * [staticsafe](https://github.com/staticsafe)
 * [snwh](https://github.com/snwh)
-* [sts10](https://github.com/sts10)
 * [skoji](https://github.com/skoji)
 * [ScienJus](https://github.com/ScienJus)
 * [larkinscott](https://github.com/larkinscott)
@ -464,103 +378,73 @@ and provided thanks to the work of the following contributors:
 * [ernix](https://github.com/ernix)
 * [rosylilly](https://github.com/rosylilly)
 * [shouko](https://github.com/shouko)
-* [Sina Mashek](mailto:sina@mashek.xyz)
 * [sossii](https://github.com/sossii)
-* [Spanky](mailto:2788886+spankyworks@users.noreply.github.com)
-* [StefOfficiel](mailto:pichard.stephane@free.fr)
-* [Svetlozar Todorov](mailto:svetlik@users.noreply.github.com)
-* [Sébastien Santoro](mailto:dereckson@espace-win.org)
-* [Tad Thorley](mailto:phaedryx@users.noreply.github.com)
-* [Takayoshi Nishida](mailto:takayoshi.nishida@gmail.com)
-* [Takayuki KUSANO](mailto:github@tkusano.jp)
-* [TakesxiSximada](mailto:takesxi.sximada@gmail.com)
-* [TheInventrix](mailto:theinventrix@users.noreply.github.com)
-* [Thomas Alberola](mailto:thomas@needacoffee.fr)
-* [Toby Deshane](mailto:fortyseven@users.noreply.github.com)
-* [Toby Pinder](mailto:gigitrix@gmail.com)
-* [Tomonori Murakami](mailto:crosslife777@gmail.com)
-* [TomoyaShibata](mailto:wind.of.hometown@gmail.com)
-* [Treyssat-Vincent Nino](mailto:treyssatvincent@users.noreply.github.com)
-* [Udo Kramer](mailto:optik@fluffel.io)
-* [Una](mailto:una@unascribed.com)
-* [Ushitora Anqou](mailto:ushitora_anqou@yahoo.co.jp)
-* [Valentin Lorentz](mailto:progval+git@progval.net)
-* [Vladimir Mincev](mailto:vladimir@canicinteractive.com)
-* [Waldir Pimenta](mailto:waldyrious@gmail.com)
-* [Wesley Ellis](mailto:tahnok@gmail.com)
-* [Wiktor](mailto:wiktor@metacode.biz)
-* [Wonderfall](mailto:wonderfall@schrodinger.io)
-* [YDrogen](mailto:ydrogen45@gmail.com)
-* [YMHuang](mailto:ymhuang@fmbase.tw)
-* [YOSHIOKA Eiichiro](mailto:yoshioka.eiichiro@gmail.com)
-* [YOU](mailto:stackexchange.you@gmail.com)
-* [YaQ](mailto:i_k_o_m_a_7@yahoo.co.jp)
-* [Yanaken](mailto:yanakend@gmail.com)
-* [Yann Klis](mailto:yann.klis@gmail.com)
-* [Yeechan Lu](mailto:wz.bluesnow@gmail.com)
-* [Yusuke Abe](mailto:moonset20@gmail.com)
-* [Zachary Spector](mailto:logicaldash@gmail.com)
-* [ZiiX](mailto:ziix@users.noreply.github.com)
-* [asria-jp](mailto:is@alicematic.com)
-* [ava](mailto:vladooku@users.noreply.github.com)
-* [benklop](mailto:benklop@gmail.com)
-* [bsky](mailto:git@imbsky.net)
-* [caesarologia](mailto:lopesgemelli.1@gmail.com)
-* [cbayerlein](mailto:c.bayerlein@gmail.com)
-* [chrolis](mailto:chrolis@users.noreply.github.com)
-* [cormo](mailto:cormorant2+github@gmail.com)
-* [d0p1](mailto:dopi-sama@hush.com)
-* [evilny0](mailto:evilny0@moomoocamp.net)
-* [febrezo](mailto:felixbrezo@gmail.com)
-* [fsubal](mailto:fsubal@users.noreply.github.com)
-* [fusshi-](mailto:dikky1218@users.noreply.github.com)
-* [gentaro](mailto:gentaroooo@gmail.com)
-* [hakoai](mailto:hk--76@qa2.so-net.ne.jp)
-* [haosbvnker](mailto:github@chaosbunker.com)
-* [isati](mailto:phil@juchnowi.cz)
-* [jacob](mailto:jacobherringtondeveloper@gmail.com)
-* [jenn kaplan](mailto:me@jkap.io)
-* [jirayudech](mailto:jirayudech@gmail.com)
-* [jooops](mailto:joops@autistici.org)
-* [jukper](mailto:jukkaperanto@gmail.com)
-* [jumoru](mailto:jumoru@mailbox.org)
-* [karlyeurl](mailto:karl.yeurl@gmail.com)
-* [kedama](mailto:32974885+kedamadq@users.noreply.github.com)
-* [kuro5hin](mailto:rusty@kuro5hin.org)
-* [luzpaz](mailto:luzpaz@users.noreply.github.com)
-* [maxypy](mailto:maxime@mpigou.fr)
-* [mhe](mailto:mail@marcus-herrmann.com)
-* [mimikun](mailto:dzdzble_effort_311@outlook.jp)
-* [mshrtkch](mailto:mshrtkch@users.noreply.github.com)
-* [muan](mailto:muan@github.com)
-* [neetshin](mailto:neetshin@neetsh.in)
-* [nightpool](mailto:nightpool@users.noreply.github.com)
-* [rch850](mailto:rich850@gmail.com)
-* [roikale](mailto:roikale@users.noreply.github.com)
-* [rysiekpl](mailto:rysiek@hackerspace.pl)
-* [saturday06](mailto:dyob@lunaport.net)
-* [scriptjunkie](mailto:scriptjunkie@scriptjunkie.us)
-* [seekr](mailto:mario.drs@gmail.com)
-* [sundevour](mailto:31990469+sundevour@users.noreply.github.com)
-* [syui](mailto:syui@users.noreply.github.com)
-* [tackeyy](mailto:mailto.takita.yusuke@gmail.com)
-* [tateisu](mailto:tateisu@gmail.com)
-* [tmyt](mailto:shigure@refy.net)
-* [trevDev()](mailto:trev@trevdev.ca)
-* [utam0k](mailto:k0ma@utam0k.jp)
-* [vpzomtrrfrt](mailto:vpzomtrrfrt@gmail.com)
-* [walfie](mailto:walfington@gmail.com)
-* [y-temp4](mailto:y.temp4@gmail.com)
-* [ymmtmdk](mailto:ymmtmdk@gmail.com)
-* [yoshipc](mailto:yoooo@yoshipc.net)
-* [Özcan Zafer AYAN](mailto:ozcanzaferayan@gmail.com)
-* [ばん](mailto:detteiu0321@gmail.com)
-* [みたらしだんご](mailto:mitarashidango@users.noreply.github.com)
-* [りんすき](mailto:6533808+rinsuki@users.noreply.github.com)
-* [ヨイツの賢狼ホロ | 3rd style](mailto:horo@yoitsu.moe)
-* [猫吸血鬼ディフリス / 猫ロキP](mailto:deflis@gmail.com)
-* [艮 鮟鱇](mailto:ushitora_anqou@yahoo.co.jp)
-* [西小倉宏信](mailto:nishiko@mindia.jp)
-* [雨宮美羽](mailto:k737566@gmail.com)
+* [StefOfficiel](https://github.com/StefOfficiel)
+* [svetlik](https://github.com/svetlik)
+* [dereckson](https://github.com/dereckson)
+* [theboss](https://github.com/theboss)
+* [takp](https://github.com/takp)
+* [tkusano](https://github.com/tkusano)
+* [TheInventrix](https://github.com/TheInventrix)
+* [shug0](https://github.com/shug0)
+* [Fortyseven](https://github.com/Fortyseven)
+* [tobypinder](https://github.com/tobypinder)
+* [tomosm](https://github.com/tomosm)
+* [TomoyaShibata](https://github.com/TomoyaShibata)
+* [TrashMacNugget](https://github.com/TrashMacNugget)
+* [treyssatvincent](https://github.com/treyssatvincent)
+* [optikfluffel](https://github.com/optikfluffel)
+* [vmincev](https://github.com/vmincev)
+* [waldyrious](https://github.com/waldyrious)
+* [tahnok](https://github.com/tahnok)
+* [YDrogen](https://github.com/YDrogen)
+* [YOSHIOKAEiichiro](https://github.com/YOSHIOKAEiichiro)
+* [S-YOU](https://github.com/S-YOU)
+* [YaQ00](https://github.com/YaQ00)
+* [yanakend](https://github.com/yanakend)
+* [orzFly](https://github.com/orzFly)
+* [chansuke](https://github.com/chansuke)
+* [yuntan](https://github.com/yuntan)
+* [LogicalDash](https://github.com/LogicalDash)
+* [ZiiX](https://github.com/ZiiX)
+* [benklop](https://github.com/benklop)
+* [caasi](https://github.com/caasi)
+* [caesarologia](https://github.com/caesarologia)
+* [chrolis](https://github.com/chrolis)
+* [cormojs](https://github.com/cormojs)
+* [cpsdqs](https://github.com/cpsdqs)
+* [d0p1s4m4](https://github.com/d0p1s4m4)
+* [evilny0](https://github.com/evilny0)
+* [febrezo](https://github.com/febrezo)
+* [fsubal](https://github.com/fsubal)
+* [dikky1218](https://github.com/dikky1218)
+* [gentarok](https://github.com/gentarok)
+* [hakoai](https://github.com/hakoai)
+* [chaosbunker](https://github.com/chaosbunker)
+* [isati](https://github.com/isati)
+* [jkap](https://github.com/jkap)
+* [jirayudech](https://github.com/jirayudech)
+* [jukper](https://github.com/jukper)
+* [karlyeurl](https://github.com/karlyeurl)
+* [kedamaDQ](https://github.com/kedamaDQ)
+* [kuro5hin](https://github.com/kuro5hin)
+* [maxypy](https://github.com/maxypy)
+* [marcus-herrmann](https://github.com/marcus-herrmann)
+* [mshrtkch](https://github.com/mshrtkch)
+* [muan](https://github.com/muan)
+* [rch850](https://github.com/rch850)
+* [roikale](https://github.com/roikale)
+* [rysiekpl](https://github.com/rysiekpl)
+* [saturday06](https://github.com/saturday06)
+* [scriptjunkie](https://github.com/scriptjunkie)
+* [seekr](https://github.com/seekr)
+* [syui](https://github.com/syui)
+* [tackeyy](https://github.com/tackeyy)
+* [tmyt](https://github.com/tmyt)
+* [utam0k](https://github.com/utam0k)
+* [vpzomtrrfrt](https://github.com/vpzomtrrfrt)
+* [walfie](https://github.com/walfie)
+* [y-temp4](https://github.com/y-temp4)
+* [ymmtmdk](https://github.com/ymmtmdk)

 This document is provided for informational purposes only. Since it is only updated once per release, the version you are looking at may be currently out of date. To see the full list of contributors, consider looking at the [git history](https://github.com/tootsuite/mastodon/graphs/contributors) instead.
--- a/19
+++ b/19
@ -5,25 +5,6 @@ libidn11
 libidn11-dev
 libpq-dev
 libprotobuf-dev
-libssl-dev
 libxdamage1
 libxfixes3
 protobuf-compiler
-zlib1g-dev
-libcairo2
-libcroco3
-libdatrie1
-libgdk-pixbuf2.0-0
-libgraphite2-3
-libharfbuzz0b
-libpango-1.0-0
-libpangocairo-1.0-0
-libpangoft2-1.0-0
-libpixman-1-0
-librsvg2-2
-libthai-data
-libthai0
-libvpx5
-libxcb-render0
-libxcb-shm0
-libxrender1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,134 +0,0 @@
-Changelog
-=========
-
-All notable changes to this project will be documented in this file.
-
-## [2.6.1] - 2018-10-30
-### Fixed
-
- Fix resolving resources by URL not working due to a regression in #9132 (#9171)
- Fix reducer error in web UI when a conversation has no last status (#9173)
-
-## [2.6.0] - 2018-10-30
-### Added
-
- Add link ownership verification (#8703)
- Add conversations API (#8832)
- Add limit for the number of people that can be followed from one account (#8807)
- Add admin setting to customize mascot (#8766)
- Add support for more granular ActivityPub audiences from other software, i.e. circles (#8950, #9093, #9150)
- Add option to block all reports from a domain (#8830)
- Add user preference to always expand toots marked with content warnings (#8762)
- Add user preference to always hide all media (#8569)
- Add `force_login` param to OAuth authorize page (#8655)
- Add `tootctl accounts backup` (#8642, #8811)
- Add `tootctl accounts create` (#8642, #8811)
- Add `tootctl accounts cull` (#8642, #8811)
- Add `tootctl accounts delete` (#8642, #8811)
- Add `tootctl accounts modify` (#8642, #8811)
- Add `tootctl accounts refresh` (#8642, #8811)
- Add `tootctl feeds build` (#8642, #8811)
- Add `tootctl feeds clear` (#8642, #8811)
- Add `tootctl settings registrations open` (#8642, #8811)
- Add `tootctl settings registrations close` (#8642, #8811)
- Add `min_id` param to REST API to support backwards pagination (#8736)
- Add a confirmation dialog when hitting reply and the compose box isn't empty (#8893)
- Add PostgreSQL disk space growth tracking in PGHero (#8906)
- Add button for disabling local account to report quick actions bar (#9024)
- Add Czech language (#8594)
- Add `same-site` (`lax`) attribute to cookies (#8626)
- Add support for styled scrollbars in Firefox Nightly (#8653)
- Add highlight to the active tab in web UI profiles (#8673)
- Add auto-focus for comment textarea in report modal (#8689)
- Add auto-focus for emoji picker's search field (#8688)
- Add nginx and systemd templates to `dist/` directory (#8770)
- Add support for `/.well-known/change-password` (#8828)
- Add option to override FFMPEG binary path (#8855)
- Add `dns-prefetch` tag when using different host for assets or uploads (#8942)
- Add `description` meta tag (#8941)
- Add `Content-Security-Policy` header (#8957)
- Add cache for the instance info API (#8765)
- Add suggested follows to search screen in mobile layout (#9010)
- Add CORS header to `/.well-known/*` routes (#9083)
- Add `card` attribute to statuses returned from REST API (#9120)
- Add in-stream link preview (#9120)
- Add support for ActivityPub `Page` objects (#9121)
-
-### Changed
-
- Change forms design (#8703)
- Change reports overview to group by target account (#8674)
- Change web UI to show "read more" link on overly long in-stream statuses (#8205)
- Change design of direct messages column (#8832, #9022)
- Change home timelines to exclude DMs (#8940)
- Change list timelines to exclude all replies (#8683)
- Change admin accounts UI default sort to most recent (#8813)
- Change documentation URL in the UI (#8898)
- Change style of success and failure messages (#8973)
- Change DM filtering to always allow DMs from staff (#8993)
- Change recommended Ruby version to 2.5.3 (#9003)
- Change docker-compose default to persist volumes in current directory (#9055)
- Change character counters on edit profile page to input length limit (#9100)
- Change notification filtering to always let through messages from staff (#9152)
- Change "hide boosts from user" function also hiding notifications about boosts (#9147)
- Change CSS `detailed-status__wrapper` class actually wrap the detailed status (#8547)
-
-### Deprecated
-
- `GET /api/v1/timelines/direct` → `GET /api/v1/conversations` (#8832)
- `POST /api/v1/notifications/dismiss` → `POST /api/v1/notifications/:id/dismiss` (#8905)
- `GET /api/v1/statuses/:id/card` → `card` attributed included in status (#9120)
-
-### Removed
-
- Remove "on this device" label in column push settings (#8704)
- Remove rake tasks in favour of tootctl commands (#8675)
-
-### Fixed
-
- Fix remote statuses using instance's default locale if no language given (#8861)
- Fix streaming API not exiting when port or socket is unavailable (#9023)
- Fix network calls being performed in database transaction in ActivityPub handler (#8951)
- Fix dropdown arrow position (#8637)
- Fix first element of dropdowns being focused even if not using keyboard (#8679)
- Fix tootctl requiring `bundle exec` invocation (#8619)
- Fix public pages not using animation preference for avatars (#8614)
- Fix OEmbed/OpenGraph cards not understanding relative URLs (#8669)
- Fix some dark emojis not having a white outline (#8597)
- Fix media description not being displayed in various media modals (#8678)
- Fix generated URLs of desktop notifications missing base URL (#8758)
- Fix RTL styles (#8764, #8767, #8823, #8897, #9005, #9007, #9018, #9021, #9145, #9146)
- Fix crash in streaming API when tag param missing (#8955)
- Fix hotkeys not working when no element is focused (#8998)
- Fix some hotkeys not working on detailed status view (#9006)
- Fix og:url on status pages (#9047)
- Fix upload option buttons only being visible on hover (#9074)
- Fix tootctl not returning exit code 1 on wrong arguments (#9094)
- Fix preview cards for appearing for profiles mentioned in toot (#6934, #9158)
- Fix local accounts sometimes being duplicated as faux-remote (#9109)
- Fix emoji search when the shortcode has multiple separators (#9124)
- Fix dropdowns sometimes being partially obscured by other elements (#9126)
- Fix cache not updating when reply/boost/favourite counters or media sensitivity update (#9119)
- Fix empty display name precedence over username in web UI (#9163)
- Fix td instead of th in sessions table header (#9162)
- Fix handling of content types with profile (#9132)
-
-## [2.5.2] - 2018-10-12
-### Security
-
- Fix XSS vulnerability (#8959)
-
-## [2.5.1] - 2018-10-07
-### Fixed
-
- Fix database migrations for PostgreSQL below 9.5 (#8903)
- Fix class autoloading issue in ActivityPub Create handler (#8820)
- Fix cache statistics not being sent via statsd when statsd enabled (#8831)
- Bump puma from 3.11.4 to 3.12.0 (#8883)
-
-### Security
-
- Fix some local images not having their EXIF metadata stripped on upload (#8714)
- Fix being able to enable a disabled relay via ActivityPub Accept handler (#8864)
- Bump nokogiri from 1.8.4 to 1.8.5 (#8881)
- Fix being able to report statuses not belonging to the reported account (#8916)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,37 +1,51 @@
-Contributing
+CONTRIBUTING
 ============

-Thank you for considering contributing to Mastodon 🐘 
+There are three ways in which you can contribute to this repository:

-You can contribute in the following ways:
+1. By improving the documentation
+2. By working on the back-end application
+3. By working on the front-end application

- Finding and reporting bugs
- Translating the Mastodon interface into various languages
- Contributing code to Mastodon by fixing bugs or implementing features
- Improving the documentation
+Choosing what to work on in a large open source project is not easy. The list of [GitHub issues](https://github.com/tootsuite/mastodon/issues) may provide some ideas, but not every feature request has been greenlit. Likewise, not every change or feature that resolves a personal itch will be merged into the main repository. Some communication ahead of time may be wise. If your addition creates a new feature or setting, or otherwise changes how things work in some substantial way, please remember to submit a correlating pull request to document your changes in the [documentation](http://github.com/tootsuite/documentation).

-## Bug reports
+Below are the guidelines for working on pull requests:

-Bug reports and feature suggestions can be submitted to [GitHub Issues](https://github.com/tootsuite/mastodon/issues). Please make sure that you are not submitting duplicates, and that a similar report or request has not already been resolved or rejected in the past using the search function. Please also use descriptive, concise titles.
+## General

-## Translations
-
-You can submit translations via [Weblate](https://weblate.joinmastodon.org/). They are periodically merged into the codebase.
-
-[![Mastodon translation statistics by language](https://weblate.joinmastodon.org/widgets/mastodon/-/multi-auto.svg)](https://weblate.joinmastodon.org/)
-
-## Pull requests
-
-Please use clean, concise titles for your pull requests. We use commit squashing, so the final commit in the master branch will carry the title of the pull request.
-
-The smaller the set of changes in the pull request is, the quicker it can be reviewed and merged. Splitting tasks into multiple smaller pull requests is often preferable.
-
-**Pull requests that do not pass automated checks may not be reviewed**. In particular, you need to keep in mind:
-
- Unit and integration tests (rspec, jest)
- Code style rules (rubocop, eslint)
- Normalization of locale files (i18n-tasks)
+- 2 spaces indentation

 ## Documentation

-The [Mastodon documentation](https://docs.joinmastodon.org) is a statically generated site. You can [submit merge requests to mastodon/docs](https://source.joinmastodon.org/mastodon/docs).
+- No spelling mistakes
+- No orthographic mistakes
+- No Markdown syntax errors
+
+## Requirements
+
+- Ruby
+- Node.js
+- PostgreSQL
+- Redis
+- Nginx (optional)
+
+## Back-end application
+
+It is expected that you have a working development environment set up. The development environment includes [rubocop](https://github.com/bbatsov/rubocop), which checks your Ruby code for compliance with our style guide and best practices. Sublime Text, likely like other editors, has a [Rubocop plugin](https://github.com/pderichs/sublime_rubocop) that runs checks on files as you edit them. The codebase also has a test suite.
+
+* The codebase is not perfect, at the time of writing, but it is expected that you do not introduce new code style violations
+* The rspec test suite must pass
+* To the extent that it is possible, verify your changes. In the best case, by adding new tests to the test suite. At the very least, by running the server or console and checking it manually
+* If you are introducing new strings to the user interface, they must be using localization methods
+
+If your code has syntax errors that won't let it run, it's a good sign that the pull request isn't ready for submission yet.
+
+## Front-end application
+
+It is expected that you have a working development environment set up (see back-end application section). This project includes an ESLint configuration file, with which you can lint your changes.
+
+* Avoid grave ESLint violations
+* Verify that your changes work
+* If you are introducing new strings, they must be using localization methods
+
+If the JavaScript or CSS assets won't compile due to a syntax error, it's a good sign that the pull request isn't ready for submission yet.
--- a/32
+++ b/32
@ -1,5 +1,4 @@
-FROM node:8.12.0-alpine as node
-FROM ruby:2.4.5-alpine3.8
+FROM ruby:2.4.3-alpine3.6

 LABEL maintainer="https://github.com/tootsuite/mastodon" \
      description="Your self-hosted, globally interconnected microblogging community"
@ -7,11 +6,11 @@ LABEL maintainer="https://github.com/tootsuite/mastodon" \
 ARG UID=991
 ARG GID=991

-ENV PATH=/mastodon/bin:$PATH \
-    RAILS_SERVE_STATIC_FILES=true \
-    RAILS_ENV=production \
-    NODE_ENV=production
+ENV RAILS_SERVE_STATIC_FILES=true \
+    RAILS_ENV=production NODE_ENV=production

+ARG YARN_VERSION=1.3.2
+ARG YARN_DOWNLOAD_SHA256=6cfe82e530ef0837212f13e45c1565ba53f5199eec2527b85ecbcd88bf26821d
 ARG LIBICONV_VERSION=1.15
 ARG LIBICONV_DOWNLOAD_SHA256=ccf536620a45458d26ba83887a983b96827001e92a13847b45e4925cc8913178

@ -19,11 +18,6 @@ EXPOSE 3000 4000

 WORKDIR /mastodon

-COPY --from=node /usr/local/bin/node /usr/local/bin/node
-COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
-COPY --from=node /usr/local/bin/npm /usr/local/bin/npm
-COPY --from=node /opt/yarn-* /opt/yarn
-
 RUN apk -U upgrade \
 && apk add -t build-dependencies \
    build-base \
@ -43,13 +37,19 @@ RUN apk -U upgrade \
    imagemagick \
    libidn \
    libpq \
+    nodejs \
+    nodejs-npm \
    protobuf \
    tini \
    tzdata \
 && update-ca-certificates \
- && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
- && ln -s /opt/yarn/bin/yarnpkg /usr/local/bin/yarnpkg \
 && mkdir -p /tmp/src /opt \
+ && wget -O yarn.tar.gz "https://github.com/yarnpkg/yarn/releases/download/v$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
+ && echo "$YARN_DOWNLOAD_SHA256 *yarn.tar.gz" | sha256sum -c - \
+ && tar -xzf yarn.tar.gz -C /tmp/src \
+ && rm yarn.tar.gz \
+ && mv /tmp/src/yarn-v$YARN_VERSION /opt/yarn \
+ && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
 && wget -O libiconv.tar.gz "https://ftp.gnu.org/pub/gnu/libiconv/libiconv-$LIBICONV_VERSION.tar.gz" \
 && echo "$LIBICONV_DOWNLOAD_SHA256 *libiconv.tar.gz" | sha256sum -c - \
 && tar -xzf libiconv.tar.gz -C /tmp/src \
@ -66,7 +66,7 @@ COPY Gemfile Gemfile.lock package.json yarn.lock .yarnclean /mastodon/

 RUN bundle config build.nokogiri --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
 && bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without test development \
- && yarn install --pure-lockfile --ignore-engines \
+ && yarn --pure-lockfile \
 && yarn cache clean

 RUN addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon \
@ -77,10 +77,8 @@ COPY . /mastodon

 RUN chown -R mastodon:mastodon /mastodon

-VOLUME /mastodon/public/system
+VOLUME /mastodon/public/system /mastodon/public/assets /mastodon/public/packs

 USER mastodon

-RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile
-
 ENTRYPOINT ["/sbin/tini", "--"]
--- a/120
+++ b/120
@ -3,144 +3,138 @@
 source 'https://rubygems.org'
 ruby '>= 2.3.0', '< 2.6.0'

-gem 'pkg-config', '~> 1.3'
+gem 'pkg-config', '~> 1.2'

-gem 'puma', '~> 3.12'
-gem 'rails', '~> 5.2.1'
-gem 'thor', '~> 0.20'
+gem 'puma', '~> 3.10'
+gem 'rails', '~> 5.1.4'

 gem 'hamlit-rails', '~> 0.2'
-gem 'pg', '~> 1.1'
-gem 'makara', '~> 0.4'
-gem 'pghero', '~> 2.2'
-gem 'dotenv-rails', '~> 2.5'
+gem 'pg', '~> 0.20'
+gem 'pghero', '~> 1.7'
+gem 'dotenv-rails', '~> 2.2'

-gem 'aws-sdk-s3', '~> 1.23', require: false
-gem 'fog-core', '<= 2.1.0'
-gem 'fog-openstack', '~> 0.3', require: false
-gem 'paperclip', '~> 6.0'
+gem 'aws-sdk', '~> 2.10', require: false
+gem 'fog-core', '~> 1.45'
+gem 'fog-local', '~> 0.4', require: false
+gem 'fog-openstack', '~> 0.1', require: false
+gem 'paperclip', '~> 5.1'
 gem 'paperclip-av-transcoder', '~> 0.6'
 gem 'streamio-ffmpeg', '~> 3.0'

 gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.5'
-gem 'bootsnap', '~> 1.3', require: false
+gem 'bootsnap'
 gem 'browser'
-gem 'charlock_holmes', '~> 0.7.6'
+gem 'charlock_holmes', '~> 0.7.5'
 gem 'iso-639'
 gem 'chewy', '~> 5.0'
 gem 'cld3', '~> 3.2.0'
-gem 'devise', '~> 4.5'
+gem 'devise', '~> 4.4'
 gem 'devise-two-factor', '~> 3.0'

 group :pam_authentication, optional: true do
-  gem 'devise_pam_authenticatable2', '~> 9.2'
+  gem 'devise_pam_authenticatable2', '~> 9.0'
 end
-
 gem 'net-ldap', '~> 0.10'
 gem 'omniauth-cas', '~> 1.1'
 gem 'omniauth-saml', '~> 1.10'
 gem 'omniauth', '~> 1.2'

-gem 'doorkeeper', '~> 5.0'
+gem 'doorkeeper', '~> 4.2'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'goldfinger', '~> 2.1'
 gem 'hiredis', '~> 0.6'
 gem 'redis-namespace', '~> 1.5'
 gem 'htmlentities', '~> 4.3'
-gem 'http', '~> 3.3'
+gem 'http', '~> 3.0'
 gem 'http_accept_language', '~> 2.1'
-gem 'http_parser.rb', '~> 0.6', git: 'https://github.com/tmm1/http_parser.rb', ref: '54b17ba8c7d8d20a16dfc65d1775241833219cf2'
-gem 'httplog', '~> 1.1'
+gem 'httplog', '~> 0.99'
 gem 'idn-ruby', require: 'idn'
 gem 'kaminari', '~> 1.1'
 gem 'link_header', '~> 0.0'
-gem 'mime-types', '~> 3.2', require: 'mime/types/columnar'
+gem 'mime-types', '~> 3.1'
 gem 'nokogiri', '~> 1.8'
 gem 'nsa', '~> 0.2'
-gem 'oj', '~> 3.7'
+gem 'oj', '~> 3.3'
 gem 'ostatus2', '~> 2.0'
-gem 'ox', '~> 2.10'
-gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
-gem 'pundit', '~> 2.0'
+gem 'ox', '~> 2.8'
+gem 'pundit', '~> 1.1'
 gem 'premailer-rails'
-gem 'rack-attack', '~> 5.4'
-gem 'rack-cors', '~> 1.0', require: 'rack/cors'
-gem 'rails-i18n', '~> 5.1'
+gem 'rack-attack', '~> 5.0'
+gem 'rack-cors', '~> 0.4', require: 'rack/cors'
+gem 'rack-timeout', '~> 0.4'
+gem 'rails-i18n', '~> 5.0'
 gem 'rails-settings-cached', '~> 0.6'
-gem 'redis', '~> 4.0', require: ['redis', 'redis/connection/hiredis']
+gem 'redis', '~> 3.3', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 0.10'
-gem 'sanitize', '~> 5.0'
-gem 'sidekiq', '~> 5.2'
-gem 'sidekiq-scheduler', '~> 3.0'
+gem 'ruby-oembed', '~> 0.12', require: 'oembed'
+gem 'ruby-progressbar', '~> 1.4'
+gem 'sanitize', '~> 4.6.4'
+gem 'sidekiq', '~> 5.0'
+gem 'sidekiq-scheduler', '~> 2.1'
 gem 'sidekiq-unique-jobs', '~> 5.0'
 gem 'sidekiq-bulk', '~>0.1.1'
 gem 'simple-navigation', '~> 4.0'
-gem 'simple_form', '~> 4.0'
+gem 'simple_form', '~> 3.4'
 gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie'
-gem 'stoplight', '~> 2.1.3'
-gem 'strong_migrations', '~> 0.3'
-gem 'tty-command', '~> 0.8', require: false
-gem 'tty-prompt', '~> 0.17', require: false
+gem 'strong_migrations'
+gem 'tty-command'
+gem 'tty-prompt'
 gem 'twitter-text', '~> 1.14'
-gem 'tzinfo-data', '~> 1.2018'
-gem 'webpacker', '~> 3.5'
+gem 'tzinfo-data', '~> 1.2017'
+gem 'webpacker', '~> 3.0'
 gem 'webpush'

-gem 'json-ld', '~> 2.2'
-gem 'rdf-normalize', '~> 0.3'
+gem 'json-ld-preloaded', '~> 2.2.1'
+gem 'rdf-normalize', '~> 0.3.1'

 group :development, :test do
-  gem 'fabrication', '~> 2.20'
-  gem 'fuubar', '~> 2.3'
+  gem 'fabrication', '~> 2.18'
+  gem 'fuubar', '~> 2.2'
  gem 'i18n-tasks', '~> 0.9', require: false
-  gem 'pry-byebug', '~> 3.6'
  gem 'pry-rails', '~> 0.3'
-  gem 'rspec-rails', '~> 3.8'
+  gem 'rspec-rails', '~> 3.7'
 end

 group :production, :test do
-  gem 'private_address_check', '~> 0.5'
+  gem 'private_address_check', '~> 0.4.1'
 end

 group :test do
-  gem 'capybara', '~> 3.10'
+  gem 'capybara', '~> 2.15'
  gem 'climate_control', '~> 0.2'
-  gem 'faker', '~> 1.9'
+  gem 'faker', '~> 1.7'
  gem 'microformats', '~> 4.0'
  gem 'rails-controller-testing', '~> 1.0'
  gem 'rspec-sidekiq', '~> 3.0'
-  gem 'simplecov', '~> 0.16', require: false
-  gem 'webmock', '~> 3.4'
-  gem 'parallel_tests', '~> 2.26'
+  gem 'simplecov', '~> 0.14', require: false
+  gem 'webmock', '~> 3.0'
+  gem 'parallel_tests', '~> 2.17'
 end

 group :development do
  gem 'active_record_query_trace', '~> 1.5'
  gem 'annotate', '~> 2.7'
-  gem 'better_errors', '~> 2.5'
+  gem 'better_errors', '~> 2.4'
  gem 'binding_of_caller', '~> 0.7'
-  gem 'bullet', '~> 5.7'
+  gem 'bullet', '~> 5.5'
  gem 'letter_opener', '~> 1.4'
  gem 'letter_opener_web', '~> 1.3'
  gem 'memory_profiler'
-  gem 'rubocop', '~> 0.60', require: false
-  gem 'brakeman', '~> 4.3', require: false
+  gem 'rubocop', require: false
+  gem 'brakeman', '~> 4.0', require: false
  gem 'bundler-audit', '~> 0.6', require: false
-  gem 'scss_lint', '~> 0.57', require: false
+  gem 'scss_lint', '~> 0.55', require: false

-  gem 'capistrano', '~> 3.11'
-  gem 'capistrano-rails', '~> 1.4'
+  gem 'capistrano', '~> 3.10'
+  gem 'capistrano-rails', '~> 1.3'
  gem 'capistrano-rbenv', '~> 2.1'
  gem 'capistrano-yarn', '~> 2.0'
-
-  gem 'derailed_benchmarks'
-  gem 'stackprof'
 end

 group :production do
-  gem 'lograge', '~> 0.10'
+  gem 'lograge', '~> 0.7'
  gem 'redis-rails', '~> 5.0'
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
--- a/README.md
+++ b/README.md
@ -1,95 +1,96 @@
 ![Mastodon](https://i.imgur.com/NhZc40l.png)
 ========

-[![GitHub release](https://img.shields.io/github/release/tootsuite/mastodon.svg)][releases]
-[![Build Status](https://img.shields.io/circleci/project/github/tootsuite/mastodon.svg)][circleci]
+[![Build Status](https://img.shields.io/travis/tootsuite/mastodon.svg)][travis]
 [![Code Climate](https://img.shields.io/codeclimate/maintainability/tootsuite/mastodon.svg)][code_climate]
-[![Translation status](https://weblate.joinmastodon.org/widgets/mastodon/-/svg-badge.svg)][weblate]
-[![Docker Pulls](https://img.shields.io/docker/pulls/tootsuite/mastodon.svg)][docker]

-[releases]: https://github.com/tootsuite/mastodon/releases
-[circleci]: https://circleci.com/gh/tootsuite/mastodon
+[travis]: https://travis-ci.org/tootsuite/mastodon
 [code_climate]: https://codeclimate.com/github/tootsuite/mastodon
-[weblate]: https://weblate.joinmastodon.org/engage/mastodon/
-[docker]: https://hub.docker.com/r/tootsuite/mastodon/

-Mastodon is a **free, open-source social network server** based on ActivityPub. Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. All servers of Mastodon are interoperable as a federated network, i.e. users on one server can seamlessly communicate with users from another one. This includes non-Mastodon software that also implements ActivityPub!
+Mastodon is a **free, open-source social network server** based on **open web protocols** like ActivityPub and OStatus. The social focus of the project is a viable decentralized alternative to commercial social media silos that returns the control of the content distribution channels to the people. The technical focus of the project is a good user interface, a clean REST API for 3rd party apps and robust anti-abuse tools.

-Click below to **learn more** in a video:
+Click on the screenshot below to watch a demo of the UI:

-[![Screenshot](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/ezgif-2-60f1b00403.gif)][youtube_demo]
+[![Screenshot](https://i.imgur.com/pG3Nnz3.jpg)][youtube_demo]

-[youtube_demo]: https://www.youtube.com/watch?v=IPSbNdBmWKE
+[youtube_demo]: https://www.youtube.com/watch?v=YO1jQ8_rAMU

-## Navigation 
+**Ruby on Rails** is used for the back-end, while **React.js** and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided.

- [Project homepage 🐘](https://joinmastodon.org)
- [Support the development via Patreon][patreon]
- [View sponsors](https://joinmastodon.org/sponsors)
- [Blog](https://blog.joinmastodon.org)
- [Documentation](https://docs.joinmastodon.org)
- [Browse Mastodon servers](https://joinmastodon.org/#getting-started)
- [Browse Mastodon apps](https://joinmastodon.org/apps)
+If you would like, you can [support the development of this project on Patreon][patreon] or [Liberapay][liberapay]. Alternatively, you can donate to this BTC address: `17j2g7vpgHhLuXhN4bueZFCvdxxieyRVWd`

-[patreon]: https://www.patreon.com/mastodon
+[patreon]: https://www.patreon.com/user?u=619786
+[liberapay]: https://liberapay.com/Mastodon/
+
+---
+
+## Resources
+
+- [Frequently Asked Questions](https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/FAQ.md)
+- [Use this tool to find Twitter friends on Mastodon](https://bridge.joinmastodon.org)
+- [API overview](https://github.com/tootsuite/documentation/blob/master/Using-the-API/API.md)
+- [List of Mastodon instances](https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/List-of-Mastodon-instances.md)
+- [List of apps](https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/Apps.md)
+- [List of sponsors](https://joinmastodon.org/sponsors)

 ## Features

-<img src="https://docs.joinmastodon.org/elephant.svg" align="right" width="30%" />
-
 **No vendor lock-in: Fully interoperable with any conforming platform**

-It doesn't have to be Mastodon, whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
+It doesn't have to be Mastodon, whatever implements ActivityPub or OStatus is part of the social network!

-**Real-time, chronological timeline updates**
+**Real-time timeline updates**

 See the updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!

+**Federated thread resolving**
+
+If someone you follow replies to a user unknown to the server, the server fetches the full thread so you can view it without leaving the UI
+
 **Media attachments like images and short videos**

 Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos are looped - like vines!

-**Safety and moderation tools**
-
-Private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
-
 **OAuth2 and a straightforward REST API**

-Mastodon acts as an OAuth2 provider so 3rd party apps can use the REST and Streaming APIs, resulting in a rich app ecosystem with a lot of choice!
+Mastodon acts as an OAuth2 provider so 3rd party apps can use the API
+
+**Fast response times**
+
+Mastodon tries to be as fast and responsive as possible, so all long-running tasks are delegated to background processing
+
+**Deployable via Docker**
+
+You don't need to mess with dependencies and configuration if you want to try Mastodon, if you have Docker and Docker Compose the deployment is extremely easy
+
+---
+
+## Development
+
+Please follow the [development guide](https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Development-guide.md) from the documentation repository.

 ## Deployment

-**Tech stack:**
-
- **Ruby on Rails** powers the REST API and other web pages
- **React.js** and Redux are used for the dynamic parts of the interface
- **Node.js** powers the streaming API
-
-**Requirements:**
-
- **PostgreSQL** 9.5+
- **Redis**
- **Ruby** 2.4+
- **Node.js** 8+
-
-The repository includes deployment configurations for **Docker and docker-compose**, but also a few specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. The [**stand-alone** installation guide](https://docs.joinmastodon.org/administration/installation/) is available in the documentation.
-
-A **Vagrant** configuration is included for development purposes.
+There are guides in the documentation repository for [deploying on various platforms](https://github.com/tootsuite/documentation#running-mastodon).

 ## Contributing

-Mastodon is **free, open source software** licensed under **AGPLv3**.
-
-You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository, or submit translations using Weblate. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md)
+You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository. [Here are the guidelines for code contributions](CONTRIBUTING.md)

 **IRC channel**: #mastodon on irc.freenode.net

 ## License

-Copyright (C) 2016-2018 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
+Copyright (C) 2016-2018 Eugen Rochko & other Mastodon contributors (see AUTHORS.md)

 This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

 You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+---
+
+## Extra credits
+
+The elephant friend illustrations are created by [Dopatwo](https://mastodon.social/@dopatwo)
--- a/16
+++ b/16
@ -12,7 +12,7 @@ curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 sudo apt-add-repository 'deb https://dl.yarnpkg.com/debian/ stable main'

 # Add repo for NodeJS
-curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -
+curl -sL https://deb.nodesource.com/setup_6.x | sudo bash -

 # Add firewall rule to redirect 80 to PORT and save
 sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port #{ENV["PORT"]}
@ -85,9 +85,6 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.provider :virtualbox do |vb|
    vb.name = "mastodon"
    vb.customize ["modifyvm", :id, "--memory", "2048"]
-    # Increase the number of CPUs. Uncomment and adjust to
-    # increase performance
-    # vb.customize ["modifyvm", :id, "--cpus", "3"]

    # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
    # https://github.com/mitchellh/vagrant/issues/1172
@ -100,22 +97,19 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|

  end

+  config.vm.hostname = "mastodon.dev"
+
  # This uses the vagrant-hostsupdater plugin, and lets you
-  # access the development site at http://mastodon.local.
-  # If you change it, also change it in .env.vagrant before provisioning
-  # the vagrant server to update the development build.
-  #
+  # access the development site at http://mastodon.dev.
  # To install:
  #   $ vagrant plugin install vagrant-hostsupdater
-  config.vm.hostname = "mastodon.local"
-
  if defined?(VagrantPlugins::HostsUpdater)
    config.vm.network :private_network, ip: "192.168.42.42", nictype: "virtio"
    config.hostsupdater.remove_on_suspend = false
  end

  if config.vm.networks.any? { |type, options| type == :private_network }
-    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'actimeo=1']
+    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp']
  else
    config.vm.synced_folder ".", "/vagrant"
  end
--- a/app/chewy/statuses_index.rb
+++ b/app/chewy/statuses_index.rb
@ -31,7 +31,7 @@ class StatusesIndex < Chewy::Index
    },
  }

-  define_type ::Status.unscoped.without_reblogs do
+  define_type ::Status.without_reblogs do
    crutch :mentions do |collection|
      data = ::Mention.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
--- a/app/controllers/about_controller.rb
+++ b/app/controllers/about_controller.rb
@ -9,13 +9,9 @@ class AboutController < ApplicationController
    @initial_state_json   = serializable_resource.to_json
  end

-  def more
-    render layout: 'public'
-  end
+  def more; end

-  def terms
-    render layout: 'public'
-  end
+  def terms; end

  private

@ -30,7 +26,7 @@ class AboutController < ApplicationController
  end

  def set_body_classes
-    @body_classes = 'with-modals'
+    @body_classes = 'about-body'
  end

  def initial_state_params
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@ -10,9 +10,7 @@ class AccountsController < ApplicationController
  def show
    respond_to do |format|
      format.html do
-        @body_classes      = 'with-modals'
-        @pinned_statuses   = []
-        @endorsed_accounts = @account.endorsed_accounts.to_a.sample(4)
+        @pinned_statuses = []

        if current_account && @account.blocking?(current_account)
          @statuses = []
@ -22,10 +20,9 @@ class AccountsController < ApplicationController
        @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses?
        @statuses        = filtered_status_page(params)
        @statuses        = cache_collection(@statuses, Status)
-
        unless @statuses.empty?
-          @older_url = older_url if @statuses.last.id > filtered_statuses.last.id
-          @newer_url = newer_url if @statuses.first.id < filtered_statuses.first.id
+          @older_url        = older_url if @statuses.last.id > filtered_statuses.last.id
+          @newer_url        = newer_url if @statuses.first.id < filtered_statuses.first.id
        end
      end

@ -34,15 +31,10 @@ class AccountsController < ApplicationController
        render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, @entries.reject { |entry| entry.status.nil? }))
      end

-      format.rss do
-        @statuses = cache_collection(default_statuses.without_reblogs.without_replies.limit(PAGE_SIZE), Status)
-        render xml: RSS::AccountSerializer.render(@account, @statuses)
-      end
-
      format.json do
        skip_session!

-        render_cached_json(['activitypub', 'actor', @account], content_type: 'application/activity+json') do
+        render_cached_json(['activitypub', 'actor', @account.cache_key], content_type: 'application/activity+json') do
          ActiveModelSerializers::SerializableResource.new(@account, serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter)
        end
      end
@ -52,7 +44,7 @@ class AccountsController < ApplicationController
  private

  def show_pinned_statuses?
-    [replies_requested?, media_requested?, params[:max_id].present?, params[:min_id].present?].none?
+    [replies_requested?, media_requested?, params[:max_id].present?, params[:since_id].present?].none?
  end

  def filtered_statuses
--- a/app/controllers/activitypub/collections_controller.rb
+++ b/app/controllers/activitypub/collections_controller.rb
@ -22,7 +22,7 @@ class ActivityPub::CollectionsController < Api::BaseController
  end

  def set_statuses
-    @statuses = scope_for_collection
+    @statuses = scope_for_collection.paginate_by_max_id(20, params[:max_id], params[:since_id])
    @statuses = cache_collection(@statuses, Status)
  end

--- a/app/controllers/activitypub/inboxes_controller.rb
+++ b/app/controllers/activitypub/inboxes_controller.rb
@ -36,6 +36,6 @@ class ActivityPub::InboxesController < Api::BaseController
  end

  def process_payload
-    ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'), @account&.id)
+    ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'))
  end
 end
--- a/app/controllers/activitypub/outboxes_controller.rb
+++ b/app/controllers/activitypub/outboxes_controller.rb
@ -1,14 +1,14 @@
 # frozen_string_literal: true

 class ActivityPub::OutboxesController < Api::BaseController
-  LIMIT = 20
-
  include SignatureVerification

  before_action :set_account
-  before_action :set_statuses

  def show
+    @statuses = @account.statuses.permitted_for(@account, signed_request_account).paginate_by_max_id(20, params[:max_id], params[:since_id])
+    @statuses = cache_collection(@statuses, Status)
+
    render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
  end

@ -19,47 +19,11 @@ class ActivityPub::OutboxesController < Api::BaseController
  end

  def outbox_presenter
-    if page_requested?
-      ActivityPub::CollectionPresenter.new(
-        id: account_outbox_url(@account, page_params),
-        type: :ordered,
-        part_of: account_outbox_url(@account),
-        prev: prev_page,
-        next: next_page,
-        items: @statuses
-      )
-    else
-      ActivityPub::CollectionPresenter.new(
-        id: account_outbox_url(@account),
-        type: :ordered,
-        size: @account.statuses_count,
-        first: account_outbox_url(@account, page: true),
-        last: account_outbox_url(@account, page: true, min_id: 0)
-      )
-    end
-  end
-
-  def next_page
-    account_outbox_url(@account, page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
-  end
-
-  def prev_page
-    account_outbox_url(@account, page: true, min_id: @statuses.first.id) unless @statuses.empty?
-  end
-
-  def set_statuses
-    return unless page_requested?
-
-    @statuses = @account.statuses.permitted_for(@account, signed_request_account)
-    @statuses = params[:min_id].present? ? @statuses.paginate_by_min_id(LIMIT, params[:min_id]).reverse : @statuses.paginate_by_max_id(LIMIT, params[:max_id])
-    @statuses = cache_collection(@statuses, Status)
-  end
-
-  def page_requested?
-    params[:page] == 'true'
-  end
-
-  def page_params
-    { page: true, max_id: params[:max_id], min_id: params[:min_id] }.compact
+    ActivityPub::CollectionPresenter.new(
+      id: account_outbox_url(@account),
+      type: :ordered,
+      size: @account.statuses_count,
+      items: @statuses
+    )
  end
 end
--- a/app/controllers/admin/accounts_controller.rb
+++ b/app/controllers/admin/accounts_controller.rb
@ -2,7 +2,7 @@

 module Admin
  class AccountsController < BaseController
-    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :remove_avatar, :enable, :disable, :memorialize]
+    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :enable, :disable, :memorialize]
    before_action :require_remote_account!, only: [:subscribe, :unsubscribe, :redownload]
    before_action :require_local_account!, only: [:enable, :disable, :memorialize]

@ -60,17 +60,6 @@ module Admin
      redirect_to admin_account_path(@account.id)
    end

-    def remove_avatar
-      authorize @account, :remove_avatar?
-
-      @account.avatar = nil
-      @account.save!
-
-      log_action :remove_avatar, @account.user
-
-      redirect_to admin_account_path(@account.id)
-    end
-
    private

    def set_account
@ -95,7 +84,7 @@ module Admin
        :remote,
        :by_domain,
        :silenced,
-        :alphabetic,
+        :recent,
        :suspended,
        :username,
        :display_name,
--- a/app/controllers/admin/base_controller.rb
+++ b/app/controllers/admin/base_controller.rb
@ -5,15 +5,8 @@ module Admin
    include Authorization
    include AccountableConcern

-    layout 'admin'
-
    before_action :require_staff!
-    before_action :set_body_classes

-    private
-
-    def set_body_classes
-      @body_classes = 'admin'
-    end
+    layout 'admin'
  end
 end
--- a/app/controllers/admin/change_emails_controller.rb
+++ b/app/controllers/admin/change_emails_controller.rb
@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class ChangeEmailsController < BaseController
-    before_action :set_account
-    before_action :require_local_account!
-
-    def show
-      authorize @user, :change_email?
-    end
-
-    def update
-      authorize @user, :change_email?
-
-      new_email = resource_params.fetch(:unconfirmed_email)
-
-      if new_email != @user.email
-        @user.update!(
-          unconfirmed_email: new_email,
-          # Regenerate the confirmation token:
-          confirmation_token: nil
-        )
-
-        log_action :change_email, @user
-
-        @user.send_confirmation_instructions
-      end
-
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.change_email.changed_msg')
-    end
-
-    private
-
-    def set_account
-      @account = Account.find(params[:account_id])
-      @user = @account.user
-    end
-
-    def require_local_account!
-      redirect_to admin_account_path(@account.id) unless @account.local? && @account.user.present?
-    end
-
-    def resource_params
-      params.require(:user).permit(
-        :unconfirmed_email
-      )
-    end
-  end
-end
--- a/app/controllers/admin/confirmations_controller.rb
+++ b/app/controllers/admin/confirmations_controller.rb
@ -3,7 +3,6 @@
 module Admin
  class ConfirmationsController < BaseController
    before_action :set_user
-    before_action :check_confirmation, only: [:resend]

    def create
      authorize @user, :confirm?
@ -12,28 +11,10 @@ module Admin
      redirect_to admin_accounts_path
    end

-    def resend
-      authorize @user, :confirm?
-
-      @user.resend_confirmation_instructions
-
-      log_action :confirm, @user
-
-      flash[:notice] = I18n.t('admin.accounts.resend_confirmation.success')
-      redirect_to admin_accounts_path
-    end
-
    private

    def set_user
      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
    end
-
-    def check_confirmation
-      if @user.confirmed?
-        flash[:error] = I18n.t('admin.accounts.resend_confirmation.already_confirmed')
-        redirect_to admin_accounts_path
-      end
-    end
  end
 end
--- a/app/controllers/admin/dashboard_controller.rb
+++ b/app/controllers/admin/dashboard_controller.rb
@ -1,43 +0,0 @@
-# frozen_string_literal: true
-require 'sidekiq/api'
-
-module Admin
-  class DashboardController < BaseController
-    def index
-      @users_count           = User.count
-      @registrations_week    = Redis.current.get("activity:accounts:local:#{current_week}") || 0
-      @logins_week           = Redis.current.pfcount("activity:logins:#{current_week}")
-      @interactions_week     = Redis.current.get("activity:interactions:#{current_week}") || 0
-      @relay_enabled         = Relay.enabled.exists?
-      @single_user_mode      = Rails.configuration.x.single_user_mode
-      @registrations_enabled = Setting.open_registrations
-      @deletions_enabled     = Setting.open_deletion
-      @invites_enabled       = Setting.min_invite_role == 'user'
-      @search_enabled        = Chewy.enabled?
-      @version               = Mastodon::Version.to_s
-      @database_version      = ActiveRecord::Base.connection.execute('SELECT VERSION()').first['version'].match(/\A(?:PostgreSQL |)([^\s]+).*\z/)[1]
-      @redis_version         = redis_info['redis_version']
-      @reports_count         = Report.unresolved.count
-      @queue_backlog         = Sidekiq::Stats.new.enqueued
-      @recent_users          = User.confirmed.recent.includes(:account).limit(4)
-      @database_size         = ActiveRecord::Base.connection.execute('SELECT pg_database_size(current_database())').first['pg_database_size']
-      @redis_size            = redis_info['used_memory']
-      @ldap_enabled          = ENV['LDAP_ENABLED'] == 'true'
-      @cas_enabled           = ENV['CAS_ENABLED'] == 'true'
-      @saml_enabled          = ENV['SAML_ENABLED'] == 'true'
-      @pam_enabled           = ENV['PAM_ENABLED'] == 'true'
-      @hidden_service        = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true'
-      @trending_hashtags     = TrendingTags.get(7)
-    end
-
-    private
-
-    def current_week
-      @current_week ||= Time.now.utc.to_date.cweek
-    end
-
-    def redis_info
-      @redis_info ||= Redis.current.info
-    end
-  end
-end
--- a/app/controllers/admin/domain_blocks_controller.rb
+++ b/app/controllers/admin/domain_blocks_controller.rb
@ -46,7 +46,7 @@ module Admin
    end

    def resource_params
-      params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :retroactive)
+      params.require(:domain_block).permit(:domain, :severity, :reject_media, :retroactive)
    end

    def retroactive_unblock?
--- a/app/controllers/admin/invites_controller.rb
+++ b/app/controllers/admin/invites_controller.rb
@ -30,12 +30,6 @@ module Admin
      redirect_to admin_invites_path
    end

-    def deactivate_all
-      authorize :invite, :deactivate_all?
-      Invite.available.in_batches.update_all(expires_at: Time.now.utc)
-      redirect_to admin_invites_path
-    end
-
    private

    def resource_params
--- a/app/controllers/admin/relays_controller.rb
+++ b/app/controllers/admin/relays_controller.rb
@ -1,58 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class RelaysController < BaseController
-    before_action :set_relay, except: [:index, :new, :create]
-
-    def index
-      authorize :relay, :update?
-      @relays = Relay.all
-    end
-
-    def new
-      authorize :relay, :update?
-      @relay = Relay.new(inbox_url: Relay::PRESET_RELAY)
-    end
-
-    def create
-      authorize :relay, :update?
-
-      @relay = Relay.new(resource_params)
-
-      if @relay.save
-        @relay.enable!
-        redirect_to admin_relays_path
-      else
-        render action: :new
-      end
-    end
-
-    def destroy
-      authorize :relay, :update?
-      @relay.destroy
-      redirect_to admin_relays_path
-    end
-
-    def enable
-      authorize :relay, :update?
-      @relay.enable!
-      redirect_to admin_relays_path
-    end
-
-    def disable
-      authorize :relay, :update?
-      @relay.disable!
-      redirect_to admin_relays_path
-    end
-
-    private
-
-    def set_relay
-      @relay = Relay.find(params[:id])
-    end
-
-    def resource_params
-      params.require(:relay).permit(:inbox_url)
-    end
-  end
-end
--- a/app/controllers/admin/report_notes_controller.rb
+++ b/app/controllers/admin/report_notes_controller.rb
@ -1,56 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class ReportNotesController < BaseController
-    before_action :set_report_note, only: [:destroy]
-
-    def create
-      authorize ReportNote, :create?
-
-      @report_note = current_account.report_notes.new(resource_params)
-      @report = @report_note.report
-
-      if @report_note.save
-        if params[:create_and_resolve]
-          @report.resolve!(current_account)
-          log_action :resolve, @report
-
-          redirect_to admin_reports_path, notice: I18n.t('admin.reports.resolved_msg')
-          return
-        end
-
-        if params[:create_and_unresolve]
-          @report.unresolve!
-          log_action :reopen, @report
-        end
-
-        redirect_to admin_report_path(@report), notice: I18n.t('admin.report_notes.created_msg')
-      else
-        @report_notes = @report.notes.latest
-        @report_history = @report.history
-        @form = Form::StatusBatch.new
-
-        render template: 'admin/reports/show'
-      end
-    end
-
-    def destroy
-      authorize @report_note, :destroy?
-      @report_note.destroy!
-      redirect_to admin_report_path(@report_note.report_id), notice: I18n.t('admin.report_notes.destroyed_msg')
-    end
-
-    private
-
-    def resource_params
-      params.require(:report_note).permit(
-        :content,
-        :report_id
-      )
-    end
-
-    def set_report_note
-      @report_note = ReportNote.find(params[:id])
-    end
-  end
-end
--- a/app/controllers/admin/reported_statuses_controller.rb
+++ b/app/controllers/admin/reported_statuses_controller.rb
@ -3,16 +3,31 @@
 module Admin
  class ReportedStatusesController < BaseController
    before_action :set_report
+    before_action :set_status, only: [:update, :destroy]

    def create
      authorize :status, :update?

-      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account, action: action_from_button))
+      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account))
      flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save

      redirect_to admin_report_path(@report)
    end

+    def update
+      authorize @status, :update?
+      @status.update!(status_params)
+      log_action :update, @status
+      redirect_to admin_report_path(@report)
+    end
+
+    def destroy
+      authorize @status, :destroy?
+      RemovalWorker.perform_async(@status.id)
+      log_action :destroy, @status
+      render json: @status
+    end
+
    private

    def status_params
@ -20,21 +35,15 @@ module Admin
    end

    def form_status_batch_params
-      params.require(:form_status_batch).permit(status_ids: [])
-    end
-
-    def action_from_button
-      if params[:nsfw_on]
-        'nsfw_on'
-      elsif params[:nsfw_off]
-        'nsfw_off'
-      elsif params[:delete]
-        'delete'
-      end
+      params.require(:form_status_batch).permit(:action, status_ids: [])
    end

    def set_report
      @report = Report.find(params[:report_id])
    end
+
+    def set_status
+      @status = @report.statuses.find(params[:id])
+    end
  end
 end
--- a/app/controllers/admin/reports_controller.rb
+++ b/app/controllers/admin/reports_controller.rb
@ -11,64 +11,45 @@ module Admin

    def show
      authorize @report, :show?
-
-      @report_note  = @report.notes.new
-      @report_notes = (@report.notes.latest + @report.history).sort_by(&:created_at)
-      @form         = Form::StatusBatch.new
+      @form = Form::StatusBatch.new
    end

    def update
      authorize @report, :update?
      process_report
-
-      if @report.action_taken?
-        redirect_to admin_reports_path, notice: I18n.t('admin.reports.resolved_msg')
-      else
-        redirect_to admin_report_path(@report)
-      end
+      redirect_to admin_report_path(@report)
    end

    private

    def process_report
      case params[:outcome].to_s
-      when 'assign_to_self'
-        @report.update!(assigned_account_id: current_account.id)
-        log_action :assigned_to_self, @report
-      when 'unassign'
-        @report.update!(assigned_account_id: nil)
-        log_action :unassigned, @report
-      when 'reopen'
-        @report.unresolve!
-        log_action :reopen, @report
      when 'resolve'
-        @report.resolve!(current_account)
+        @report.update!(action_taken_by_current_attributes)
        log_action :resolve, @report
-      when 'disable'
-        @report.resolve!(current_account)
-        @report.target_account.user.disable!
-
+      when 'suspend'
+        Admin::SuspensionWorker.perform_async(@report.target_account.id)
        log_action :resolve, @report
-        log_action :disable, @report.target_account.user
-
+        log_action :suspend, @report.target_account
        resolve_all_target_account_reports
      when 'silence'
-        @report.resolve!(current_account)
        @report.target_account.update!(silenced: true)
-
        log_action :resolve, @report
        log_action :silence, @report.target_account
-
        resolve_all_target_account_reports
      else
        raise ActiveRecord::RecordNotFound
      end
+    end

-      @report.reload
+    def action_taken_by_current_attributes
+      { action_taken: true, action_taken_by_account_id: current_account.id }
    end

    def resolve_all_target_account_reports
-      unresolved_reports_for_target_account.update_all(action_taken: true, action_taken_by_account_id: current_account.id)
+      unresolved_reports_for_target_account.update_all(
+        action_taken_by_current_attributes
+      )
    end

    def unresolved_reports_for_target_account
--- a/app/controllers/admin/settings_controller.rb
+++ b/app/controllers/admin/settings_controller.rb
@ -6,7 +6,6 @@ module Admin
      site_contact_username
      site_contact_email
      site_title
-      site_short_description
      site_description
      site_extended_description
      site_terms
@ -16,16 +15,12 @@ module Admin
      timeline_preview
      show_staff_badge
      bootstrap_timeline_accounts
-      theme
      thumbnail
      hero
-      mascot
      min_invite_role
      activity_api_enabled
      peers_api_enabled
      show_known_fediverse_at_about_page
-      preview_sensitive_media
-      custom_css
    ).freeze

    BOOLEAN_SETTINGS = %w(
@ -36,13 +31,11 @@ module Admin
      activity_api_enabled
      peers_api_enabled
      show_known_fediverse_at_about_page
-      preview_sensitive_media
    ).freeze

    UPLOAD_SETTINGS = %w(
      thumbnail
      hero
-      mascot
    ).freeze

    def edit
--- a/app/controllers/admin/statuses_controller.rb
+++ b/app/controllers/admin/statuses_controller.rb
@ -5,13 +5,14 @@ module Admin
    helper_method :current_params

    before_action :set_account
+    before_action :set_status, only: [:update, :destroy]

    PER_PAGE = 20

    def index
      authorize :status, :index?

-      @statuses = @account.statuses.where(visibility: [:public, :unlisted])
+      @statuses = @account.statuses

      if params[:media]
        account_media_status_ids = @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
@ -25,22 +26,40 @@ module Admin
    def create
      authorize :status, :update?

-      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account, action: action_from_button))
+      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account))
      flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save

-      redirect_to admin_account_statuses_path(@account.id, current_params)
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.statuses.no_status_selected')
-
      redirect_to admin_account_statuses_path(@account.id, current_params)
    end

+    def update
+      authorize @status, :update?
+      @status.update!(status_params)
+      log_action :update, @status
+      redirect_to admin_account_statuses_path(@account.id, current_params)
+    end
+
+    def destroy
+      authorize @status, :destroy?
+      RemovalWorker.perform_async(@status.id)
+      log_action :destroy, @status
+      render json: @status
+    end
+
    private

+    def status_params
+      params.require(:status).permit(:sensitive)
+    end
+
    def form_status_batch_params
      params.require(:form_status_batch).permit(:action, status_ids: [])
    end

+    def set_status
+      @status = @account.statuses.find(params[:id])
+    end
+
    def set_account
      @account = Account.find(params[:account_id])
    end
@ -53,15 +72,5 @@ module Admin
        page: page > 1 && page,
      }.select { |_, value| value.present? }
    end
-
-    def action_from_button
-      if params[:nsfw_on]
-        'nsfw_on'
-      elsif params[:nsfw_off]
-        'nsfw_off'
-      elsif params[:delete]
-        'delete'
-      end
-    end
  end
 end
--- a/app/controllers/admin/suspensions_controller.rb
+++ b/app/controllers/admin/suspensions_controller.rb
@ -4,24 +4,11 @@ module Admin
  class SuspensionsController < BaseController
    before_action :set_account

-    def new
-      @suspension = Form::AdminSuspensionConfirmation.new(report_id: params[:report_id])
-    end
-
    def create
      authorize @account, :suspend?
-
-      @suspension = Form::AdminSuspensionConfirmation.new(suspension_params)
-
-      if suspension_params[:acct] == @account.acct
-        resolve_report! if suspension_params[:report_id].present?
-        perform_suspend!
-        mark_reports_resolved!
-        redirect_to admin_accounts_path
-      else
-        flash.now[:alert] = I18n.t('admin.suspensions.bad_acct_msg')
-        render :new
-      end
+      Admin::SuspensionWorker.perform_async(@account.id)
+      log_action :suspend, @account
+      redirect_to admin_accounts_path
    end

    def destroy
@ -36,25 +23,5 @@ module Admin
    def set_account
      @account = Account.find(params[:account_id])
    end
-
-    def suspension_params
-      params.require(:form_admin_suspension_confirmation).permit(:acct, :report_id)
-    end
-
-    def resolve_report!
-      report = Report.find(suspension_params[:report_id])
-      report.resolve!(current_account)
-      log_action :resolve, report
-    end
-
-    def perform_suspend!
-      @account.suspend!
-      Admin::SuspensionWorker.perform_async(@account.id)
-      log_action :suspend, @account
-    end
-
-    def mark_reports_resolved!
-      Report.where(target_account: @account).unresolved.update_all(action_taken: true, action_taken_by_account_id: current_account.id)
-    end
  end
 end
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -7,8 +7,6 @@ class Api::BaseController < ApplicationController
  include RateLimitHeaders

  skip_before_action :store_current_location
-  skip_before_action :check_user_permissions
-
  protect_from_forgery with: :null_session

  rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
@ -53,8 +51,8 @@ class Api::BaseController < ApplicationController
    [params[:limit].to_i.abs, default_limit * 2].min
  end

-  def params_slice(*keys)
-    params.slice(*keys).permit(*keys)
+  def truthy_param?(key)
+    ActiveModel::Type::Boolean.new.cast(params[key])
  end

  def current_resource_owner
@ -68,10 +66,8 @@ class Api::BaseController < ApplicationController
  end

  def require_user!
-    if current_user && !current_user.disabled?
+    if current_user
      set_user_activity
-    elsif current_user
-      render json: { error: 'Your login is currently disabled' }, status: 403
    else
      render json: { error: 'This method requires an authenticated user' }, status: 422
    end
@ -80,8 +76,4 @@ class Api::BaseController < ApplicationController
  def render_empty
    render json: {}, status: 200
  end
-
-  def authorize_if_got_token!(*scopes)
-    doorkeeper_authorize!(*scopes) if doorkeeper_token
-  end
 end
--- a/app/controllers/api/v1/accounts/credentials_controller.rb
+++ b/app/controllers/api/v1/accounts/credentials_controller.rb
@ -1,8 +1,8 @@
 # frozen_string_literal: true

 class Api::V1::Accounts::CredentialsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }, except: [:update]
-  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, only: [:update]
+  before_action -> { doorkeeper_authorize! :read }, except: [:update]
+  before_action -> { doorkeeper_authorize! :write }, only: [:update]
  before_action :require_user!

  def show
@ -13,7 +13,6 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
  def update
    @account = current_account
    UpdateAccountService.new.call(@account, account_params, raise_error: true)
-    UserSettingsDecorator.new(current_user).update(user_settings_params) if user_settings_params
    ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
    render json: @account, serializer: REST::CredentialAccountSerializer
  end
@ -21,18 +20,6 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
  private

  def account_params
-    params.permit(:display_name, :note, :avatar, :header, :locked, :bot, fields_attributes: [:name, :value])
-  end
-
-  def user_settings_params
-    return nil unless params.key?(:source)
-
-    source_params = params.require(:source)
-
-    {
-      'setting_default_privacy' => source_params.fetch(:privacy, @account.user.setting_default_privacy),
-      'setting_default_sensitive' => source_params.fetch(:sensitive, @account.user.setting_default_sensitive),
-      'setting_default_language' => source_params.fetch(:language, @account.user.setting_default_language),
-    }
+    params.permit(:display_name, :note, :avatar, :header, :locked)
  end
 end
--- a/app/controllers/api/v1/accounts/follower_accounts_controller.rb
+++ b/app/controllers/api/v1/accounts/follower_accounts_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :set_account
  after_action :insert_pagination_headers

@ -19,8 +19,6 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
  end

  def load_accounts
-    return [] if @account.user_hides_network? && current_account.id != @account.id
-
    default_accounts.merge(paginated_follows).to_a
  end

@ -65,6 +63,6 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/accounts/following_accounts_controller.rb
+++ b/app/controllers/api/v1/accounts/following_accounts_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :set_account
  after_action :insert_pagination_headers

@ -19,8 +19,6 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
  end

  def load_accounts
-    return [] if @account.user_hides_network? && current_account.id != @account.id
-
    default_accounts.merge(paginated_follows).to_a
  end

@ -65,6 +63,6 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/accounts/lists_controller.rb
+++ b/app/controllers/api/v1/accounts/lists_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Accounts::ListsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:lists' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :require_user!
  before_action :set_account

--- a/app/controllers/api/v1/accounts/pins_controller.rb
+++ b/app/controllers/api/v1/accounts/pins_controller.rb
@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Accounts::PinsController < Api::BaseController
-  include Authorization
-
-  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
-  before_action :require_user!
-  before_action :set_account
-
-  respond_to :json
-
-  def create
-    AccountPin.create!(account: current_account, target_account: @account)
-    render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships_presenter
-  end
-
-  def destroy
-    pin = AccountPin.find_by(account: current_account, target_account: @account)
-    pin&.destroy!
-    render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships_presenter
-  end
-
-  private
-
-  def set_account
-    @account = Account.find(params[:account_id])
-  end
-
-  def relationships_presenter
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
-  end
-end
--- a/app/controllers/api/v1/accounts/relationships_controller.rb
+++ b/app/controllers/api/v1/accounts/relationships_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Accounts::RelationshipsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:follows' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :require_user!

  respond_to :json
--- a/app/controllers/api/v1/accounts/search_controller.rb
+++ b/app/controllers/api/v1/accounts/search_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Accounts::SearchController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :require_user!

  respond_to :json
--- a/app/controllers/api/v1/accounts/statuses_controller.rb
+++ b/app/controllers/api/v1/accounts/statuses_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Accounts::StatusesController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :set_account
  after_action :insert_pagination_headers

@ -27,16 +27,19 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
  end

  def account_statuses
-    statuses = truthy_param?(:pinned) ? pinned_scope : permitted_account_statuses
-    statuses = statuses.paginate_by_id(
+    default_statuses.tap do |statuses|
+      statuses.merge!(only_media_scope) if truthy_param?(:only_media)
+      statuses.merge!(pinned_scope) if truthy_param?(:pinned)
+      statuses.merge!(no_replies_scope) if truthy_param?(:exclude_replies)
+    end
+  end
+
+  def default_statuses
+    permitted_account_statuses.paginate_by_max_id(
      limit_param(DEFAULT_STATUSES_LIMIT),
-      params_slice(:max_id, :since_id, :min_id)
+      params[:max_id],
+      params[:since_id]
    )
-
-    statuses.merge!(only_media_scope) if truthy_param?(:only_media)
-    statuses.merge!(no_replies_scope) if truthy_param?(:exclude_replies)
-
-    statuses
  end

  def permitted_account_statuses
@ -66,7 +69,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit, :only_media, :exclude_replies).permit(:limit, :only_media, :exclude_replies).merge(core_params)
+    params.permit(:limit, :only_media, :exclude_replies).merge(core_params)
  end

  def insert_pagination_headers
@ -81,7 +84,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController

  def prev_path
    unless @statuses.empty?
-      api_v1_account_statuses_url pagination_params(min_id: pagination_since_id)
+      api_v1_account_statuses_url pagination_params(since_id: pagination_since_id)
    end
  end

--- a/app/controllers/api/v1/accounts_controller.rb
+++ b/app/controllers/api/v1/accounts_controller.rb
@ -1,14 +1,10 @@
 # frozen_string_literal: true

 class Api::V1::AccountsController < Api::BaseController
-  before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
-  before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, only: [:follow, :unfollow]
-  before_action -> { doorkeeper_authorize! :follow, :'write:mutes' }, only: [:mute, :unmute]
-  before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, only: [:block, :unblock]
-
+  before_action -> { doorkeeper_authorize! :read }, except: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
+  before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
  before_action :require_user!, except: [:show]
  before_action :set_account
-  before_action :check_account_suspension, only: [:show]

  respond_to :json

@ -58,8 +54,4 @@ class Api::V1::AccountsController < Api::BaseController
  def relationships(**options)
    AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
  end
-
-  def check_account_suspension
-    gone if @account.suspended?
-  end
 end
--- a/app/controllers/api/v1/blocks_controller.rb
+++ b/app/controllers/api/v1/blocks_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::BlocksController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :follow, :'read:blocks' }
+  before_action -> { doorkeeper_authorize! :follow }
  before_action :require_user!
  after_action :insert_pagination_headers

@ -57,6 +57,6 @@ class Api::V1::BlocksController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/conversations_controller.rb
+++ b/app/controllers/api/v1/conversations_controller.rb
@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::ConversationsController < Api::BaseController
-  LIMIT = 20
-
-  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: :index
-  before_action -> { doorkeeper_authorize! :write, :'write:conversations' }, except: :index
-  before_action :require_user!
-  before_action :set_conversation, except: :index
-  after_action :insert_pagination_headers, only: :index
-
-  respond_to :json
-
-  def index
-    @conversations = paginated_conversations
-    render json: @conversations, each_serializer: REST::ConversationSerializer
-  end
-
-  def read
-    @conversation.update!(unread: false)
-    render json: @conversation, serializer: REST::ConversationSerializer
-  end
-
-  def destroy
-    @conversation.destroy!
-    render_empty
-  end
-
-  private
-
-  def set_conversation
-    @conversation = AccountConversation.where(account: current_account).find(params[:id])
-  end
-
-  def paginated_conversations
-    AccountConversation.where(account: current_account)
-                       .paginate_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def next_path
-    if records_continue?
-      api_v1_conversations_url pagination_params(max_id: pagination_max_id)
-    end
-  end
-
-  def prev_path
-    unless @conversations.empty?
-      api_v1_conversations_url pagination_params(min_id: pagination_since_id)
-    end
-  end
-
-  def pagination_max_id
-    @conversations.last.last_status_id
-  end
-
-  def pagination_since_id
-    @conversations.first.last_status_id
-  end
-
-  def records_continue?
-    @conversations.size == limit_param(LIMIT)
-  end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-end
--- a/app/controllers/api/v1/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/domain_blocks_controller.rb
@ -3,8 +3,7 @@
 class Api::V1::DomainBlocksController < Api::BaseController
  BLOCK_LIMIT = 100

-  before_action -> { doorkeeper_authorize! :follow, :'read:blocks' }, only: :show
-  before_action -> { doorkeeper_authorize! :follow, :'write:blocks' }, except: :show
+  before_action -> { doorkeeper_authorize! :follow }
  before_action :require_user!
  after_action :insert_pagination_headers, only: :show

@ -16,8 +15,7 @@ class Api::V1::DomainBlocksController < Api::BaseController
  end

  def create
-    current_account.block_domain!(domain_block_params[:domain])
-    AfterAccountDomainBlockWorker.perform_async(current_account.id, domain_block_params[:domain])
+    BlockDomainFromAccountService.new.call(current_account, domain_block_params[:domain])
    render_empty
  end

@ -69,7 +67,7 @@ class Api::V1::DomainBlocksController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end

  def domain_block_params
--- a/app/controllers/api/v1/endorsements_controller.rb
+++ b/app/controllers/api/v1/endorsements_controller.rb
@ -1,72 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::EndorsementsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:accounts' }
-  before_action :require_user!
-  after_action :insert_pagination_headers
-
-  respond_to :json
-
-  def index
-    @accounts = load_accounts
-    render json: @accounts, each_serializer: REST::AccountSerializer
-  end
-
-  private
-
-  def load_accounts
-    if unlimited?
-      endorsed_accounts.all
-    else
-      endorsed_accounts.paginate_by_max_id(
-        limit_param(DEFAULT_ACCOUNTS_LIMIT),
-        params[:max_id],
-        params[:since_id]
-      )
-    end
-  end
-
-  def endorsed_accounts
-    current_account.endorsed_accounts
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def next_path
-    return if unlimited?
-
-    if records_continue?
-      api_v1_endorsements_url pagination_params(max_id: pagination_max_id)
-    end
-  end
-
-  def prev_path
-    return if unlimited?
-
-    unless @accounts.empty?
-      api_v1_endorsements_url pagination_params(since_id: pagination_since_id)
-    end
-  end
-
-  def pagination_max_id
-    @accounts.last.id
-  end
-
-  def pagination_since_id
-    @accounts.first.id
-  end
-
-  def records_continue?
-    @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
-  end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-
-  def unlimited?
-    params[:limit] == '0'
-  end
-end
--- a/app/controllers/api/v1/favourites_controller.rb
+++ b/app/controllers/api/v1/favourites_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::FavouritesController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:favourites' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :require_user!
  after_action :insert_pagination_headers

@ -26,9 +26,10 @@ class Api::V1::FavouritesController < Api::BaseController
  end

  def results
-    @_results ||= account_favourites.paginate_by_id(
+    @_results ||= account_favourites.paginate_by_max_id(
      limit_param(DEFAULT_STATUSES_LIMIT),
-      params_slice(:max_id, :since_id, :min_id)
+      params[:max_id],
+      params[:since_id]
    )
  end

@ -48,7 +49,7 @@ class Api::V1::FavouritesController < Api::BaseController

  def prev_path
    unless results.empty?
-      api_v1_favourites_url pagination_params(min_id: pagination_since_id)
+      api_v1_favourites_url pagination_params(since_id: pagination_since_id)
    end
  end

@ -65,6 +66,6 @@ class Api::V1::FavouritesController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/filters_controller.rb
+++ b/app/controllers/api/v1/filters_controller.rb
@ -1,48 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::FiltersController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:filters' }, only: [:index, :show]
-  before_action -> { doorkeeper_authorize! :write, :'write:filters' }, except: [:index, :show]
-  before_action :require_user!
-  before_action :set_filters, only: :index
-  before_action :set_filter, only: [:show, :update, :destroy]
-
-  respond_to :json
-
-  def index
-    render json: @filters, each_serializer: REST::FilterSerializer
-  end
-
-  def create
-    @filter = current_account.custom_filters.create!(resource_params)
-    render json: @filter, serializer: REST::FilterSerializer
-  end
-
-  def show
-    render json: @filter, serializer: REST::FilterSerializer
-  end
-
-  def update
-    @filter.update!(resource_params)
-    render json: @filter, serializer: REST::FilterSerializer
-  end
-
-  def destroy
-    @filter.destroy!
-    render_empty
-  end
-
-  private
-
-  def set_filters
-    @filters = current_account.custom_filters
-  end
-
-  def set_filter
-    @filter = current_account.custom_filters.find(params[:id])
-  end
-
-  def resource_params
-    params.permit(:phrase, :expires_in, :irreversible, :whole_word, context: [])
-  end
-end
--- a/app/controllers/api/v1/follow_requests_controller.rb
+++ b/app/controllers/api/v1/follow_requests_controller.rb
@ -1,8 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::FollowRequestsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :follow, :'read:follows' }, only: :index
-  before_action -> { doorkeeper_authorize! :follow, :'write:follows' }, except: :index
+  before_action -> { doorkeeper_authorize! :follow }
  before_action :require_user!
  after_action :insert_pagination_headers, only: :index

@ -13,7 +12,6 @@ class Api::V1::FollowRequestsController < Api::BaseController

  def authorize
    AuthorizeFollowService.new.call(account, current_account)
-    NotifyService.new.call(current_account, Follow.find_by(account: account, target_account: current_account))
    render_empty
  end

@ -73,6 +71,6 @@ class Api::V1::FollowRequestsController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/follows_controller.rb
+++ b/app/controllers/api/v1/follows_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::FollowsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :follow, :'write:follows' }
+  before_action -> { doorkeeper_authorize! :follow }
  before_action :require_user!

  respond_to :json
--- a/app/controllers/api/v1/instances_controller.rb
+++ b/app/controllers/api/v1/instances_controller.rb
@ -4,8 +4,6 @@ class Api::V1::InstancesController < Api::BaseController
  respond_to :json

  def show
-    render_cached_json('api:v1:instances', expires_in: 5.minutes) do
-      ActiveModelSerializers::SerializableResource.new({}, serializer: REST::InstanceSerializer)
-    end
+    render json: {}, serializer: REST::InstanceSerializer
  end
 end
--- a/app/controllers/api/v1/lists/accounts_controller.rb
+++ b/app/controllers/api/v1/lists/accounts_controller.rb
@ -1,8 +1,8 @@
 # frozen_string_literal: true

 class Api::V1::Lists::AccountsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:show]
-  before_action -> { doorkeeper_authorize! :write, :'write:lists' }, except: [:show]
+  before_action -> { doorkeeper_authorize! :read },    only: [:show]
+  before_action -> { doorkeeper_authorize! :write }, except: [:show]

  before_action :require_user!
  before_action :set_list
@ -88,7 +88,7 @@ class Api::V1::Lists::AccountsController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end

  def unlimited?
--- a/app/controllers/api/v1/lists_controller.rb
+++ b/app/controllers/api/v1/lists_controller.rb
@ -1,8 +1,8 @@
 # frozen_string_literal: true

 class Api::V1::ListsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:lists' }, only: [:index, :show]
-  before_action -> { doorkeeper_authorize! :write, :'write:lists' }, except: [:index, :show]
+  before_action -> { doorkeeper_authorize! :read },    only: [:index, :show]
+  before_action -> { doorkeeper_authorize! :write }, except: [:index, :show]

  before_action :require_user!
  before_action :set_list, except: [:index, :create]
--- a/app/controllers/api/v1/media_controller.rb
+++ b/app/controllers/api/v1/media_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::MediaController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :write, :'write:media' }
+  before_action -> { doorkeeper_authorize! :write }
  before_action :require_user!

  include ObfuscateFilename
--- a/app/controllers/api/v1/mutes_controller.rb
+++ b/app/controllers/api/v1/mutes_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::MutesController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :follow, :'read:mutes' }
+  before_action -> { doorkeeper_authorize! :follow }
  before_action :require_user!
  after_action :insert_pagination_headers

@ -15,17 +15,19 @@ class Api::V1::MutesController < Api::BaseController
  private

  def load_accounts
-    paginated_mutes.map(&:target_account)
+    default_accounts.merge(paginated_mutes).to_a
+  end
+
+  def default_accounts
+    Account.includes(:muted_by).references(:muted_by)
  end

  def paginated_mutes
-    @paginated_mutes ||= Mute.eager_load(:target_account)
-                             .where(account: current_account)
-                             .paginate_by_max_id(
-                               limit_param(DEFAULT_ACCOUNTS_LIMIT),
-                               params[:max_id],
-                               params[:since_id]
-                             )
+    Mute.where(account: current_account).paginate_by_max_id(
+      limit_param(DEFAULT_ACCOUNTS_LIMIT),
+      params[:max_id],
+      params[:since_id]
+    )
  end

  def insert_pagination_headers
@ -39,24 +41,24 @@ class Api::V1::MutesController < Api::BaseController
  end

  def prev_path
-    unless paginated_mutes.empty?
+    unless @accounts.empty?
      api_v1_mutes_url pagination_params(since_id: pagination_since_id)
    end
  end

  def pagination_max_id
-    paginated_mutes.last.id
+    @accounts.last.muted_by_ids.last
  end

  def pagination_since_id
-    paginated_mutes.first.id
+    @accounts.first.muted_by_ids.first
  end

  def records_continue?
-    paginated_mutes.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
+    @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/notifications_controller.rb
+++ b/app/controllers/api/v1/notifications_controller.rb
@ -1,8 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::NotificationsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:notifications' }, except: [:clear, :dismiss]
-  before_action -> { doorkeeper_authorize! :write, :'write:notifications' }, only: [:clear, :dismiss]
+  before_action -> { doorkeeper_authorize! :read }
  before_action :require_user!
  after_action :insert_pagination_headers, only: :index

@ -37,9 +36,10 @@ class Api::V1::NotificationsController < Api::BaseController
  end

  def paginated_notifications
-    browserable_account_notifications.paginate_by_id(
+    browserable_account_notifications.paginate_by_max_id(
      limit_param(DEFAULT_NOTIFICATIONS_LIMIT),
-      params_slice(:max_id, :since_id, :min_id)
+      params[:max_id],
+      params[:since_id]
    )
  end

@ -63,7 +63,7 @@ class Api::V1::NotificationsController < Api::BaseController

  def prev_path
    unless @notifications.empty?
-      api_v1_notifications_url pagination_params(min_id: pagination_since_id)
+      api_v1_notifications_url pagination_params(since_id: pagination_since_id)
    end
  end

@ -82,6 +82,6 @@ class Api::V1::NotificationsController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit, :exclude_types).permit(:limit, exclude_types: []).merge(core_params)
+    params.permit(:limit, exclude_types: []).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/push/subscriptions_controller.rb
+++ b/app/controllers/api/v1/push/subscriptions_controller.rb
@ -1,56 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Push::SubscriptionsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :push }
-  before_action :require_user!
-  before_action :set_web_push_subscription
-
-  def create
-    @web_subscription&.destroy!
-
-    @web_subscription = ::Web::PushSubscription.create!(
-      endpoint: subscription_params[:endpoint],
-      key_p256dh: subscription_params[:keys][:p256dh],
-      key_auth: subscription_params[:keys][:auth],
-      data: data_params,
-      user_id: current_user.id,
-      access_token_id: doorkeeper_token.id
-    )
-
-    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
-  end
-
-  def show
-    raise ActiveRecord::RecordNotFound if @web_subscription.nil?
-
-    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
-  end
-
-  def update
-    raise ActiveRecord::RecordNotFound if @web_subscription.nil?
-
-    @web_subscription.update!(data: data_params)
-
-    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
-  end
-
-  def destroy
-    @web_subscription&.destroy!
-    render_empty
-  end
-
-  private
-
-  def set_web_push_subscription
-    @web_subscription = ::Web::PushSubscription.find_by(access_token_id: doorkeeper_token.id)
-  end
-
-  def subscription_params
-    params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh])
-  end
-
-  def data_params
-    return {} if params[:data].blank?
-    params.require(:data).permit(alerts: [:follow, :favourite, :reblog, :mention])
-  end
-end
--- a/app/controllers/api/v1/reports_controller.rb
+++ b/app/controllers/api/v1/reports_controller.rb
@ -1,11 +1,17 @@
 # frozen_string_literal: true

 class Api::V1::ReportsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :write, :'write:reports' }, only: [:create]
+  before_action -> { doorkeeper_authorize! :read }, except: [:create]
+  before_action -> { doorkeeper_authorize! :write }, only:  [:create]
  before_action :require_user!

  respond_to :json

+  def index
+    @reports = current_account.reports
+    render json: @reports, each_serializer: REST::ReportSerializer
+  end
+
  def create
    @report = ReportService.new.call(
      current_account,
@ -21,7 +27,7 @@ class Api::V1::ReportsController < Api::BaseController
  private

  def reported_status_ids
-    reported_account.statuses.find(status_ids).pluck(:id)
+    Status.find(status_ids).pluck(:id)
  end

  def status_ids
--- a/app/controllers/api/v1/search_controller.rb
+++ b/app/controllers/api/v1/search_controller.rb
@ -5,7 +5,7 @@ class Api::V1::SearchController < Api::BaseController

  RESULTS_LIMIT = 5

-  before_action -> { doorkeeper_authorize! :read, :'read:search' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :require_user!

  respond_to :json
--- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
  include Authorization

-  before_action -> { authorize_if_got_token! :read, :'read:accounts' }
+  before_action :authorize_if_got_token
  before_action :set_status
  after_action :insert_pagination_headers

@ -71,7 +71,12 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
    raise ActiveRecord::RecordNotFound
  end

+  def authorize_if_got_token
+    request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
+    doorkeeper_authorize! :read if request_token
+  end
+
  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/statuses/favourites_controller.rb
+++ b/app/controllers/api/v1/statuses/favourites_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Statuses::FavouritesController < Api::BaseController
  include Authorization

-  before_action -> { doorkeeper_authorize! :write, :'write:favourites' }
+  before_action -> { doorkeeper_authorize! :write }
  before_action :require_user!

  respond_to :json
--- a/app/controllers/api/v1/statuses/mutes_controller.rb
+++ b/app/controllers/api/v1/statuses/mutes_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Statuses::MutesController < Api::BaseController
  include Authorization

-  before_action -> { doorkeeper_authorize! :write, :'write:mutes' }
+  before_action -> { doorkeeper_authorize! :write }
  before_action :require_user!
  before_action :set_status
  before_action :set_conversation
--- a/app/controllers/api/v1/statuses/pins_controller.rb
+++ b/app/controllers/api/v1/statuses/pins_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Statuses::PinsController < Api::BaseController
  include Authorization

-  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
+  before_action -> { doorkeeper_authorize! :write }
  before_action :require_user!
  before_action :set_status

@ -39,7 +39,7 @@ class Api::V1::Statuses::PinsController < Api::BaseController
      adapter: ActivityPub::Adapter
    ).as_json

-    ActivityPub::RawDistributionWorker.perform_async(Oj.dump(json), current_account.id)
+    ActivityPub::RawDistributionWorker.perform_async(Oj.dump(json), current_account)
  end

  def distribute_remove_activity!
@ -49,6 +49,6 @@ class Api::V1::Statuses::PinsController < Api::BaseController
      adapter: ActivityPub::Adapter
    ).as_json

-    ActivityPub::RawDistributionWorker.perform_async(Oj.dump(json), current_account.id)
+    ActivityPub::RawDistributionWorker.perform_async(Oj.dump(json), current_account)
  end
 end
--- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
  include Authorization

-  before_action -> { authorize_if_got_token! :read, :'read:accounts' }
+  before_action :authorize_if_got_token
  before_action :set_status
  after_action :insert_pagination_headers

@ -68,7 +68,12 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
    raise ActiveRecord::RecordNotFound
  end

+  def authorize_if_got_token
+    request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
+    doorkeeper_authorize! :read if request_token
+  end
+
  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/statuses/reblogs_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogs_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Statuses::ReblogsController < Api::BaseController
  include Authorization

-  before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
+  before_action -> { doorkeeper_authorize! :write }
  before_action :require_user!

  respond_to :json
--- a/app/controllers/api/v1/statuses_controller.rb
+++ b/app/controllers/api/v1/statuses_controller.rb
@ -3,27 +3,22 @@
 class Api::V1::StatusesController < Api::BaseController
  include Authorization

-  before_action -> { authorize_if_got_token! :read, :'read:statuses' }, except: [:create, :destroy]
-  before_action -> { doorkeeper_authorize! :write, :'write:statuses' }, only:   [:create, :destroy]
+  before_action :authorize_if_got_token, except:            [:create, :destroy]
+  before_action -> { doorkeeper_authorize! :write }, only:  [:create, :destroy]
  before_action :require_user!, except:  [:show, :context, :card]
  before_action :set_status, only:       [:show, :context, :card]

  respond_to :json

-  # This API was originally unlimited, pagination cannot be introduced without
-  # breaking backwards-compatibility. Arbitrarily high number to cover most
-  # conversations as quasi-unlimited, it would be too much work to render more
-  # than this anyway
-  CONTEXT_LIMIT = 4_096
-
  def show
-    @status = cache_collection([@status], Status).first
+    cached  = Rails.cache.read(@status.cache_key)
+    @status = cached unless cached.nil?
    render json: @status, serializer: REST::StatusSerializer
  end

  def context
-    ancestors_results   = @status.in_reply_to_id.nil? ? [] : @status.ancestors(CONTEXT_LIMIT, current_account)
-    descendants_results = @status.descendants(CONTEXT_LIMIT, current_account)
+    ancestors_results   = @status.in_reply_to_id.nil? ? [] : @status.ancestors(current_account)
+    descendants_results = @status.descendants(current_account)
    loaded_ancestors    = cache_collection(ancestors_results, Status)
    loaded_descendants  = cache_collection(descendants_results, Status)

@ -81,6 +76,11 @@ class Api::V1::StatusesController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
+  end
+
+  def authorize_if_got_token
+    request_token = Doorkeeper::OAuth::Token.from_request(request, *Doorkeeper.configuration.access_token_methods)
+    doorkeeper_authorize! :read if request_token
  end
 end
--- a/app/controllers/api/v1/suggestions_controller.rb
+++ b/app/controllers/api/v1/suggestions_controller.rb
@ -1,26 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::SuggestionsController < Api::BaseController
-  include Authorization
-
-  before_action -> { doorkeeper_authorize! :read }
-  before_action :require_user!
-  before_action :set_accounts
-
-  respond_to :json
-
-  def index
-    render json: @accounts, each_serializer: REST::AccountSerializer
-  end
-
-  def destroy
-    PotentialFriendshipTracker.remove(current_account.id, params[:id])
-    render_empty
-  end
-
-  private
-
-  def set_accounts
-    @accounts = PotentialFriendshipTracker.get(current_account.id, limit: limit_param(DEFAULT_ACCOUNTS_LIMIT))
-  end
-end
--- a/app/controllers/api/v1/timelines/direct_controller.rb
+++ b/app/controllers/api/v1/timelines/direct_controller.rb
@ -1,63 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Timelines::DirectController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: [:show]
-  before_action :require_user!, only: [:show]
-  after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
-
-  respond_to :json
-
-  def show
-    @statuses = load_statuses
-    render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
-  end
-
-  private
-
-  def load_statuses
-    cached_direct_statuses
-  end
-
-  def cached_direct_statuses
-    cache_collection direct_statuses, Status
-  end
-
-  def direct_statuses
-    direct_timeline_statuses
-  end
-
-  def direct_timeline_statuses
-    # this query requires built in pagination.
-    Status.as_direct_timeline(
-      current_account,
-      limit_param(DEFAULT_STATUSES_LIMIT),
-      params[:max_id],
-      params[:since_id],
-      true # returns array of cache_ids object
-    )
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def pagination_params(core_params)
-    params.permit(:local, :limit).merge(core_params)
-  end
-
-  def next_path
-    api_v1_timelines_direct_url pagination_params(max_id: pagination_max_id)
-  end
-
-  def prev_path
-    api_v1_timelines_direct_url pagination_params(since_id: pagination_since_id)
-  end
-
-  def pagination_max_id
-    @statuses.last.id
-  end
-
-  def pagination_since_id
-    @statuses.first.id
-  end
-end
--- a/app/controllers/api/v1/timelines/home_controller.rb
+++ b/app/controllers/api/v1/timelines/home_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Timelines::HomeController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, only: [:show]
+  before_action -> { doorkeeper_authorize! :read }, only: [:show]
  before_action :require_user!, only: [:show]
  after_action :insert_pagination_headers, unless: -> { @statuses.empty? }

@ -30,8 +30,7 @@ class Api::V1::Timelines::HomeController < Api::BaseController
    account_home_feed.get(
      limit_param(DEFAULT_STATUSES_LIMIT),
      params[:max_id],
-      params[:since_id],
-      params[:min_id]
+      params[:since_id]
    )
  end

@ -44,7 +43,7 @@ class Api::V1::Timelines::HomeController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:local, :limit).permit(:local, :limit).merge(core_params)
+    params.permit(:local, :limit).merge(core_params)
  end

  def next_path
@ -52,7 +51,7 @@ class Api::V1::Timelines::HomeController < Api::BaseController
  end

  def prev_path
-    api_v1_timelines_home_url pagination_params(min_id: pagination_since_id)
+    api_v1_timelines_home_url pagination_params(since_id: pagination_since_id)
  end

  def pagination_max_id
--- a/app/controllers/api/v1/timelines/list_controller.rb
+++ b/app/controllers/api/v1/timelines/list_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Timelines::ListController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read, :'read:lists' }
+  before_action -> { doorkeeper_authorize! :read }
  before_action :require_user!
  before_action :set_list
  before_action :set_statuses
@ -32,8 +32,7 @@ class Api::V1::Timelines::ListController < Api::BaseController
    list_feed.get(
      limit_param(DEFAULT_STATUSES_LIMIT),
      params[:max_id],
-      params[:since_id],
-      params[:min_id]
+      params[:since_id]
    )
  end

@ -46,7 +45,7 @@ class Api::V1::Timelines::ListController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
  end

  def next_path
@ -54,7 +53,7 @@ class Api::V1::Timelines::ListController < Api::BaseController
  end

  def prev_path
-    api_v1_timelines_list_url params[:id], pagination_params(min_id: pagination_since_id)
+    api_v1_timelines_list_url params[:id], pagination_params(since_id: pagination_since_id)
  end

  def pagination_max_id
--- a/app/controllers/api/v1/timelines/public_controller.rb
+++ b/app/controllers/api/v1/timelines/public_controller.rb
@ -21,9 +21,10 @@ class Api::V1::Timelines::PublicController < Api::BaseController
  end

  def public_statuses
-    statuses = public_timeline_statuses.paginate_by_id(
+    statuses = public_timeline_statuses.paginate_by_max_id(
      limit_param(DEFAULT_STATUSES_LIMIT),
-      params_slice(:max_id, :since_id, :min_id)
+      params[:max_id],
+      params[:since_id]
    )

    if truthy_param?(:only_media)
@ -44,7 +45,7 @@ class Api::V1::Timelines::PublicController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:local, :limit, :only_media).permit(:local, :limit, :only_media).merge(core_params)
+    params.permit(:local, :limit, :only_media).merge(core_params)
  end

  def next_path
@ -52,7 +53,7 @@ class Api::V1::Timelines::PublicController < Api::BaseController
  end

  def prev_path
-    api_v1_timelines_public_url pagination_params(min_id: pagination_since_id)
+    api_v1_timelines_public_url pagination_params(since_id: pagination_since_id)
  end

  def pagination_max_id
--- a/app/controllers/api/v1/timelines/tag_controller.rb
+++ b/app/controllers/api/v1/timelines/tag_controller.rb
@ -29,9 +29,10 @@ class Api::V1::Timelines::TagController < Api::BaseController
    if @tag.nil?
      []
    else
-      statuses = tag_timeline_statuses.paginate_by_id(
+      statuses = tag_timeline_statuses.paginate_by_max_id(
        limit_param(DEFAULT_STATUSES_LIMIT),
-        params_slice(:max_id, :since_id, :min_id)
+        params[:max_id],
+        params[:since_id]
      )

      if truthy_param?(:only_media)
@ -53,7 +54,7 @@ class Api::V1::Timelines::TagController < Api::BaseController
  end

  def pagination_params(core_params)
-    params.slice(:local, :limit, :only_media).permit(:local, :limit, :only_media).merge(core_params)
+    params.permit(:local, :limit, :only_media).merge(core_params)
  end

  def next_path
@ -61,7 +62,7 @@ class Api::V1::Timelines::TagController < Api::BaseController
  end

  def prev_path
-    api_v1_timelines_tag_url params[:id], pagination_params(min_id: pagination_since_id)
+    api_v1_timelines_tag_url params[:id], pagination_params(since_id: pagination_since_id)
  end

  def pagination_max_id
--- a/app/controllers/api/v2/search_controller.rb
+++ b/app/controllers/api/v2/search_controller.rb
@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V2::SearchController < Api::V1::SearchController
-  def index
-    @search = Search.new(search)
-    render json: @search, serializer: REST::V2::SearchSerializer
-  end
-end
--- a/app/controllers/api/web/base_controller.rb
+++ b/app/controllers/api/web/base_controller.rb
@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class Api::Web::BaseController < Api::BaseController
-  protect_from_forgery with: :exception
-
-  rescue_from ActionController::InvalidAuthenticityToken do
-    render json: { error: "Can't verify CSRF token authenticity." }, status: 422
-  end
-end
--- a/app/controllers/api/web/embeds_controller.rb
+++ b/app/controllers/api/web/embeds_controller.rb
@ -1,6 +1,6 @@
 # frozen_string_literal: true

-class Api::Web::EmbedsController < Api::Web::BaseController
+class Api::Web::EmbedsController < Api::BaseController
  respond_to :json

  before_action :require_user!
@ -9,12 +9,9 @@ class Api::Web::EmbedsController < Api::Web::BaseController
    status = StatusFinder.new(params[:url]).status
    render json: status, serializer: OEmbedSerializer, width: 400
  rescue ActiveRecord::RecordNotFound
-    oembed = FetchOEmbedService.new.call(params[:url])
-
-    if oembed
-      render json: oembed
-    else
-      render json: {}, status: :not_found
-    end
+    oembed = OEmbed::Providers.get(params[:url])
+    render json: Oj.dump(oembed.fields)
+  rescue OEmbed::NotFound
+    render json: {}, status: :not_found
  end
 end
--- a/app/controllers/api/web/push_subscriptions_controller.rb
+++ b/app/controllers/api/web/push_subscriptions_controller.rb
@ -1,11 +1,15 @@
 # frozen_string_literal: true

-class Api::Web::PushSubscriptionsController < Api::Web::BaseController
+class Api::Web::PushSubscriptionsController < Api::BaseController
  respond_to :json

  before_action :require_user!
+  protect_from_forgery with: :exception

  def create
+    params.require(:subscription).require(:endpoint)
+    params.require(:subscription).require(:keys).require([:auth, :p256dh])
+
    active_session = current_session

    unless active_session.web_push_subscription.nil?
@ -25,38 +29,27 @@ class Api::Web::PushSubscriptionsController < Api::Web::BaseController
      },
    }

-    data.deep_merge!(data_params) if params[:data]
+    data.deep_merge!(params[:data]) if params[:data]

    web_subscription = ::Web::PushSubscription.create!(
-      endpoint: subscription_params[:endpoint],
-      key_p256dh: subscription_params[:keys][:p256dh],
-      key_auth: subscription_params[:keys][:auth],
-      data: data,
-      user_id: active_session.user_id,
-      access_token_id: active_session.access_token_id
+      endpoint: params[:subscription][:endpoint],
+      key_p256dh: params[:subscription][:keys][:p256dh],
+      key_auth: params[:subscription][:keys][:auth],
+      data: data
    )

    active_session.update!(web_push_subscription: web_subscription)

-    render json: web_subscription, serializer: REST::WebPushSubscriptionSerializer
+    render json: web_subscription.as_payload
  end

  def update
-    params.require([:id])
+    params.require([:id, :data])

    web_subscription = ::Web::PushSubscription.find(params[:id])
-    web_subscription.update!(data: data_params)

-    render json: web_subscription, serializer: REST::WebPushSubscriptionSerializer
-  end
+    web_subscription.update!(data: params[:data])

-  private
-
-  def subscription_params
-    @subscription_params ||= params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh])
-  end
-
-  def data_params
-    @data_params ||= params.require(:data).permit(alerts: [:follow, :favourite, :reblog, :mention])
+    render json: web_subscription.as_payload
  end
 end
--- a/app/controllers/api/web/settings_controller.rb
+++ b/app/controllers/api/web/settings_controller.rb
@ -1,6 +1,6 @@
 # frozen_string_literal: true

-class Api::Web::SettingsController < Api::Web::BaseController
+class Api::Web::SettingsController < Api::BaseController
  respond_to :json

  before_action :require_user!
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -9,7 +9,6 @@ class ApplicationController < ActionController::Base

  include Localized
  include UserTrackingConcern
-  include SessionTrackingConcern

  helper_method :current_account
  helper_method :current_session
@ -20,11 +19,10 @@ class ApplicationController < ActionController::Base
  rescue_from ActionController::RoutingError, with: :not_found
  rescue_from ActiveRecord::RecordNotFound, with: :not_found
  rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity
-  rescue_from ActionController::UnknownFormat, with: :not_acceptable
  rescue_from Mastodon::NotPermittedError, with: :forbidden

  before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
-  before_action :check_user_permissions, if: :user_signed_in?
+  before_action :check_suspension, if: :user_signed_in?

  def raise_not_found
    raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"
@ -41,15 +39,15 @@ class ApplicationController < ActionController::Base
  end

  def require_admin!
-    forbidden unless current_user&.admin?
+    redirect_to root_path unless current_user&.admin?
  end

  def require_staff!
-    forbidden unless current_user&.staff?
+    redirect_to root_path unless current_user&.staff?
  end

-  def check_user_permissions
-    forbidden if current_user.disabled? || current_user.account.suspended?
+  def check_suspension
+    forbidden if current_user.account.suspended?
  end

  def after_sign_out_path_for(_resource_or_scope)
@ -58,10 +56,6 @@ class ApplicationController < ActionController::Base

  protected

-  def truthy_param?(key)
-    ActiveModel::Type::Boolean.new.cast(params[key])
-  end
-
  def forbidden
    respond_with_error(403)
  end
@ -78,10 +72,6 @@ class ApplicationController < ActionController::Base
    respond_with_error(422)
  end

-  def not_acceptable
-    respond_with_error(406)
-  end
-
  def single_user_mode?
    @single_user_mode ||= Rails.configuration.x.single_user_mode && Account.exists?
  end
@ -99,7 +89,7 @@ class ApplicationController < ActionController::Base
  end

  def current_theme
-    return Setting.theme unless Themes.instance.names.include? current_user&.setting_theme
+    return Setting.default_settings['theme'] unless Themes.instance.names.include? current_user&.setting_theme
    current_user.setting_theme
  end

@ -107,8 +97,12 @@ class ApplicationController < ActionController::Base
    return raw unless klass.respond_to?(:with_includes)

    raw                    = raw.cache_ids.to_a if raw.is_a?(ActiveRecord::Relation)
-    cached_keys_with_value = Rails.cache.read_multi(*raw).transform_keys(&:id)
-    uncached_ids           = raw.map(&:id) - cached_keys_with_value.keys
+    uncached_ids           = []
+    cached_keys_with_value = Rails.cache.read_multi(*raw.map(&:cache_key))
+
+    raw.each do |item|
+      uncached_ids << item.id unless cached_keys_with_value.key?(item.cache_key)
+    end

    klass.reload_stale_associations!(cached_keys_with_value.values) if klass.respond_to?(:reload_stale_associations!)

@ -116,17 +110,16 @@ class ApplicationController < ActionController::Base
      uncached = klass.where(id: uncached_ids).with_includes.map { |item| [item.id, item] }.to_h

      uncached.each_value do |item|
-        Rails.cache.write(item, item)
+        Rails.cache.write(item.cache_key, item)
      end
    end

-    raw.map { |item| cached_keys_with_value[item.id] || uncached[item.id] }.compact
+    raw.map { |item| cached_keys_with_value[item.cache_key] || uncached[item.id] }.compact
  end

  def respond_with_error(code)
    respond_to do |format|
      format.any  { head code }
-
      format.html do
        set_locale
        render "errors/#{code}", layout: 'error', status: code
@ -136,6 +129,7 @@ class ApplicationController < ActionController::Base

  def render_cached_json(cache_key, **options)
    options[:expires_in] ||= 3.minutes
+    cache_key              = cache_key.join(':') if cache_key.is_a?(Enumerable)
    cache_public           = options.key?(:public) ? options.delete(:public) : true
    content_type           = options.delete(:content_type) || 'application/json'

--- a/app/controllers/auth/confirmations_controller.rb
+++ b/app/controllers/auth/confirmations_controller.rb
@ -3,7 +3,6 @@
 class Auth::ConfirmationsController < Devise::ConfirmationsController
  layout 'auth'

-  before_action :set_body_classes
  before_action :set_user, only: [:finish_signup]

  # GET/PATCH /users/:id/finish_signup
@ -11,7 +10,7 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
    return unless request.patch? && params[:user]
    if @user.update(user_params)
      @user.skip_reconfirmation!
-      bypass_sign_in(@user)
+      sign_in(@user, bypass: true)
      redirect_to root_path, notice: I18n.t('devise.confirmations.send_instructions')
    else
      @show_errors = true
@ -24,10 +23,6 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
    @user = current_user
  end

-  def set_body_classes
-    @body_classes = 'lighter'
-  end
-
  def user_params
    params.require(:user).permit(:email)
  end
--- a/app/controllers/auth/passwords_controller.rb
+++ b/app/controllers/auth/passwords_controller.rb
@ -2,7 +2,6 @@

 class Auth::PasswordsController < Devise::PasswordsController
  before_action :check_validity_of_reset_password_token, only: :edit
-  before_action :set_body_classes

  layout 'auth'

@ -15,10 +14,6 @@ class Auth::PasswordsController < Devise::PasswordsController
    end
  end

-  def set_body_classes
-    @body_classes = 'lighter'
-  end
-
  def reset_password_token_is_valid?
    resource_class.with_reset_password_token(params[:reset_password_token]).present?
  end
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@ -3,12 +3,10 @@
 class Auth::RegistrationsController < Devise::RegistrationsController
  layout :determine_layout

-  before_action :set_invite, only: [:new, :create]
  before_action :check_enabled_registrations, only: [:new, :create]
  before_action :configure_sign_up_params, only: [:create]
  before_action :set_sessions, only: [:edit, :update]
  before_action :set_instance_presenter, only: [:new, :create, :update]
-  before_action :set_body_classes, only: [:new, :create, :edit, :update]

  def destroy
    not_found
@ -40,16 +38,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
    new_user_session_path
  end

-  def after_sign_in_path_for(_resource)
-    set_invite
-
-    if @invite&.autofollow?
-      short_account_path(@invite.user.account)
-    else
-      super
-    end
-  end
-
  def after_inactive_sign_up_path_for(_resource)
    new_user_session_path
  end
@ -63,7 +51,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
  end

  def allowed_registrations?
-    Setting.open_registrations || @invite&.valid_for_use?
+    Setting.open_registrations || (invite_code.present? && Invite.find_by(code: invite_code)&.valid_for_use?)
  end

  def invite_code
@ -80,14 +68,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
    @instance_presenter = InstancePresenter.new
  end

-  def set_body_classes
-    @body_classes = %w(edit update).include?(action_name) ? 'admin' : 'lighter'
-  end
-
-  def set_invite
-    @invite = invite_code.present? ? Invite.find_by(code: invite_code) : nil
-  end
-
  def determine_layout
    %w(edit update).include?(action_name) ? 'admin' : 'auth'
  end
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -6,10 +6,9 @@ class Auth::SessionsController < Devise::SessionsController
  layout 'auth'

  skip_before_action :require_no_authentication, only: [:create]
-  skip_before_action :check_user_permissions, only: [:destroy]
+  skip_before_action :check_suspension, only: [:destroy]
  prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create]
  before_action :set_instance_presenter, only: [:new]
-  before_action :set_body_classes

  def new
    Devise.omniauth_configs.each do |provider, config|
@ -27,10 +26,8 @@ class Auth::SessionsController < Devise::SessionsController
  end

  def destroy
-    tmp_stored_location = stored_location_for(:user)
    super
    flash.delete(:notice)
-    store_location_for(:user, tmp_stored_location) if continue_after?
  end

  protected
@ -112,10 +109,6 @@ class Auth::SessionsController < Devise::SessionsController
    @instance_presenter = InstancePresenter.new
  end

-  def set_body_classes
-    @body_classes = 'lighter'
-  end
-
  def home_paths(resource)
    paths = [about_path]
    if single_user_mode? && resource.is_a?(User)
@ -123,8 +116,4 @@ class Auth::SessionsController < Devise::SessionsController
    end
    paths
  end
-
-  def continue_after?
-    truthy_param?(:continue)
-  end
 end
--- a/app/controllers/authorize_follows_controller.rb
+++ b/app/controllers/authorize_follows_controller.rb
@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+class AuthorizeFollowsController < ApplicationController
+  layout 'modal'
+
+  before_action :authenticate_user!
+  before_action :set_body_classes
+
+  def show
+    @account = located_account || render(:error)
+  end
+
+  def create
+    @account = follow_attempt.try(:target_account)
+
+    if @account.nil?
+      render :error
+    else
+      render :success
+    end
+  rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
+    render :error
+  end
+
+  private
+
+  def follow_attempt
+    FollowService.new.call(current_account, acct_without_prefix)
+  end
+
+  def located_account
+    if acct_param_is_url?
+      account_from_remote_fetch
+    else
+      account_from_remote_follow
+    end
+  end
+
+  def account_from_remote_fetch
+    FetchRemoteAccountService.new.call(acct_without_prefix)
+  end
+
+  def account_from_remote_follow
+    ResolveAccountService.new.call(acct_without_prefix)
+  end
+
+  def acct_param_is_url?
+    parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
+  end
+
+  def parsed_uri
+    Addressable::URI.parse(acct_without_prefix).normalize
+  end
+
+  def acct_without_prefix
+    acct_params.gsub(/\Aacct:/, '')
+  end
+
+  def acct_params
+    params.fetch(:acct, '')
+  end
+
+  def set_body_classes
+    @body_classes = 'modal-layout'
+  end
+end
--- a/app/controllers/authorize_interactions_controller.rb
+++ b/app/controllers/authorize_interactions_controller.rb
@ -1,66 +0,0 @@
-# frozen_string_literal: true
-
-class AuthorizeInteractionsController < ApplicationController
-  include Authorization
-
-  layout 'modal'
-
-  before_action :authenticate_user!
-  before_action :set_body_classes
-  before_action :set_resource
-
-  def show
-    if @resource.is_a?(Account)
-      render :show
-    elsif @resource.is_a?(Status)
-      redirect_to web_url("statuses/#{@resource.id}")
-    else
-      render :error
-    end
-  end
-
-  def create
-    if @resource.is_a?(Account) && FollowService.new.call(current_account, @resource)
-      render :success
-    else
-      render :error
-    end
-  rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
-    render :error
-  end
-
-  private
-
-  def set_resource
-    @resource = located_resource || render(:error)
-    authorize(@resource, :show?) if @resource.is_a?(Status)
-  end
-
-  def located_resource
-    if uri_param_is_url?
-      ResolveURLService.new.call(uri_param)
-    else
-      account_from_remote_follow
-    end
-  end
-
-  def account_from_remote_follow
-    ResolveAccountService.new.call(uri_param)
-  end
-
-  def uri_param_is_url?
-    parsed_uri.path && %w(http https).include?(parsed_uri.scheme)
-  end
-
-  def parsed_uri
-    Addressable::URI.parse(uri_param).normalize
-  end
-
-  def uri_param
-    params[:uri] || params.fetch(:acct, '').gsub(/\Aacct:/, '')
-  end
-
-  def set_body_classes
-    @body_classes = 'modal-layout'
-  end
-end
--- a/Show More
+++ b/Show More
 @ -1 +1 @@
 .5.3
 .5.0