fix merge conflict due to "toot" in locale

2023-02-19 19:31:59 +00:00 · 2023-02-19 19:31:59 +00:00 · 6dcb18ea80
parent 1799d5474d 4c68189d2b
commit 6dcb18ea80
1761 changed files with 61560 additions and 23323 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -1,8 +1,8 @@
 version: 2.1
 orbs:
-  ruby: circleci/ruby@1.4.1
+  ruby: circleci/ruby@2.0.0
-  node: circleci/node@5.0.1
+  node: circleci/node@5.0.3
 executors:
  default:
@ -19,11 +19,11 @@ executors:
          DB_USER: root
          DISABLE_SIMPLECOV: true
          RAILS_ENV: test
-      - image: cimg/postgres:14.0
+      - image: cimg/postgres:14.5
        environment:
          POSTGRES_USER: root
          POSTGRES_HOST_AUTH_METHOD: trust
-      - image: cimg/redis:6.2
+      - image: cimg/redis:7.0
 commands:
  install-system-dependencies:
@ -45,7 +45,7 @@ commands:
            bundle config without 'development production'
          name: Set bundler settings
      - ruby/install-deps:
-          bundler-version: '2.3.8'
+          bundler-version: '2.3.26'
          key: ruby<< parameters.ruby-version >>-gems-v1
  wait-db:
    steps:
@ -68,7 +68,9 @@ jobs:
          cache-version: v1
          pkg-manager: yarn
      - run:
-          command: ./bin/rails assets:precompile
+          command: |
            export NODE_OPTIONS=--openssl-legacy-provider
            ./bin/rails assets:precompile
          name: Precompile assets
      - persist_to_workspace:
          paths:
@ -219,5 +221,5 @@ workflows:
          pkg-manager: yarn
          requires:
            - build
-          version: lts
+          version: '16.19'
          yarn-run: test:jest
--- a/.deepsource.toml
+++ b/.deepsource.toml
@ -1,23 +0,0 @@
 version = 1
 test_patterns = ["app/javascript/mastodon/**/__tests__/**"]
 exclude_patterns = [
    "db/migrate/**",
    "db/post_migrate/**"
 ]
 [[analyzers]]
 name = "ruby"
 enabled = true
 [[analyzers]]
 name = "javascript"
 enabled = true
  [analyzers.meta]
  environment = [
    "browser",
    "jest",
    "nodejs"
  ]
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -9,7 +9,7 @@ FROM mcr.microsoft.com/vscode/devcontainers/ruby:${VARIANT}
 # The value is a comma-separated list of allowed domains
 ENV RAILS_DEVELOPMENT_HOSTS=".githubpreview.dev"
-# [Choice] Node.js version: lts/*, 16, 14, 12, 10
+# [Choice] Node.js version: lts/*, 18, 16, 14
 ARG NODE_VERSION="lts/*"
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -2,7 +2,7 @@
  "name": "Mastodon",
  "dockerComposeFile": "docker-compose.yml",
  "service": "app",
-  "workspaceFolder": "/workspaces/mastodon",
+  "workspaceFolder": "/mastodon",
  // Set *default* container specific settings.json values on container create.
  "settings": {},
@ -15,12 +15,18 @@
    "webben.browserslist"
  ],
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {
      "version": "latest"
    }
  },
  // Use 'forwardPorts' to make a list of ports inside the container available locally.
  // This can be used to network with other containers or the host.
  "forwardPorts": [3000, 4000],
  // Use 'postCreateCommand' to run commands after the container is created.
-  "postCreateCommand": "bundle install --path vendor/bundle && yarn install && git checkout -- Gemfile.lock && ./bin/rails db:setup",
+  "postCreateCommand": ".devcontainer/post-create.sh",
  // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
  "remoteUser": "vscode"
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@ -11,9 +11,9 @@ services:
        # Use -bullseye variants on local arm64/Apple Silicon.
        VARIANT: '3.0-bullseye'
        # Optional Node.js version to install
-        NODE_VERSION: '14'
+        NODE_VERSION: '16'
    volumes:
-      - ..:/workspaces/mastodon:cached
+      - ..:/mastodon:cached
    environment:
      RAILS_ENV: development
      NODE_ENV: development
--- a/.devcontainer/post-create.sh
+++ b/.devcontainer/post-create.sh
@ -0,0 +1,21 @@
 #!/bin/bash
 set -e # Fail the whole script on first error
 # Fetch Ruby gem dependencies
 bundle install --path vendor/bundle --with='development test'
 # Fetch Javascript dependencies
 yarn install
 # Make Gemfile.lock pristine again
 git checkout -- Gemfile.lock
 # [re]create, migrate, and seed the test database
 RAILS_ENV=test ./bin/rails db:setup
 # Precompile assets for development
 RAILS_ENV=development ./bin/rails assets:precompile
 # Precompile assets for test
 RAILS_ENV=test NODE_ENV=tests ./bin/rails assets:precompile
--- a/.editorconfig
+++ b/.editorconfig
@ -10,3 +10,4 @@ insert_final_newline = true
 charset = utf-8
 indent_style = space
 indent_size = 2
 trim_trailing_whitespace = true
--- a/.env.production.sample
+++ b/.env.production.sample
@ -103,7 +103,7 @@ VAPID_PUBLIC_KEY=
 # Sending mail
 # ------------
-SMTP_SERVER=smtp.mailgun.org
+SMTP_SERVER=
 SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -1,6 +1,13 @@
 module.exports = {
  root: true,
  extends: [
    'eslint:recommended',
    'plugin:react/recommended',
    'plugin:jsx-a11y/recommended',
    'plugin:import/recommended',
  ],
  env: {
    browser: true,
    node: true,
@ -64,8 +71,8 @@ module.exports = {
    eqeqeq: 'error',
    indent: ['warn', 2],
    'jsx-quotes': ['error', 'prefer-single'],
    'no-case-declarations': 'off',
    'no-catch-shadow': 'error',
    'no-cond-assign': 'error',
    'no-console': [
      'warn',
      {
@ -75,18 +82,14 @@ module.exports = {
        ],
      },
    ],
-    'no-fallthrough': 'error',
+    'no-empty': 'off',
    'no-irregular-whitespace': 'error',
    'no-mixed-spaces-and-tabs': 'warn',
    'no-nested-ternary': 'warn',
    'no-restricted-properties': [
      'error',
      { property: 'substring', message: 'Use .slice instead of .substring.' },
      { property: 'substr', message: 'Use .slice instead of .substr.' },
    ],
    'no-self-assign': 'off',
    'no-trailing-spaces': 'warn',
    'no-undef': 'error',
    'no-unreachable': 'error',
    'no-unused-expressions': 'error',
    'no-unused-vars': [
      'error',
@ -105,61 +108,47 @@ module.exports = {
    ],
    quotes: ['error', 'single'],
    semi: 'error',
    strict: 'off',
    'valid-typeof': 'error',
    'react/jsx-boolean-value': 'error',
    'react/jsx-closing-bracket-location': ['error', 'line-aligned'],
    'react/jsx-curly-spacing': 'error',
    'react/display-name': 'off',
    'react/jsx-equals-spacing': 'error',
    'react/jsx-first-prop-new-line': ['error', 'multiline-multiprop'],
    'react/jsx-indent': ['error', 2],
    'react/jsx-no-bind': 'error',
-    'react/jsx-no-duplicate-props': 'error',
+    'react/jsx-no-target-blank': 'off',
    'react/jsx-no-undef': 'error',
    'react/jsx-tag-spacing': 'error',
    'react/jsx-uses-react': 'error',
    'react/jsx-uses-vars': 'error',
    'react/jsx-wrap-multilines': 'error',
-    'react/no-multi-comp': 'off',
+    'react/no-deprecated': 'off',
-    'react/no-string-refs': 'error',
+    'react/no-unknown-property': 'off',
    'react/prop-types': 'error',
    'react/self-closing-comp': 'error',
    // recommended values found in https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/main/src/index.js
    'jsx-a11y/accessible-emoji': 'warn',
-    'jsx-a11y/alt-text': 'warn',
+    'jsx-a11y/click-events-have-key-events': 'off',
-    'jsx-a11y/anchor-has-content': 'warn',
+    'jsx-a11y/label-has-associated-control': 'off',
-    'jsx-a11y/anchor-is-valid': [
+    'jsx-a11y/media-has-caption': 'off',
-      'warn',
+    'jsx-a11y/no-autofocus': 'off',
-      {
+    // recommended rule is:
-        components: [
+    // 'jsx-a11y/no-interactive-element-to-noninteractive-role': [
-          'Link',
+    //   'error',
-          'NavLink',
+    //   {
-        ],
+    //     tr: ['none', 'presentation'],
-        specialLink: [
+    //     canvas: ['img'],
-          'to',
+    //   },
-        ],
+    // ],
-        aspect: [
+    'jsx-a11y/no-interactive-element-to-noninteractive-role': 'off',
-          'noHref',
+    // recommended rule is:
-          'invalidHref',
+    // 'jsx-a11y/no-noninteractive-element-interactions': [
-          'preferButton',
+    //   'error',
-        ],
+    //   {
-      },
+    //     body: ['onError', 'onLoad'],
-    ],
+    //     iframe: ['onError', 'onLoad'],
-    'jsx-a11y/aria-activedescendant-has-tabindex': 'warn',
+    //     img: ['onError', 'onLoad'],
-    'jsx-a11y/aria-props': 'warn',
+    //   },
-    'jsx-a11y/aria-proptypes': 'warn',
+    // ],
    'jsx-a11y/aria-role': 'warn',
    'jsx-a11y/aria-unsupported-elements': 'warn',
    'jsx-a11y/heading-has-content': 'warn',
    'jsx-a11y/html-has-lang': 'warn',
    'jsx-a11y/iframe-has-title': 'warn',
    'jsx-a11y/img-redundant-alt': 'warn',
    'jsx-a11y/interactive-supports-focus': 'warn',
    'jsx-a11y/label-has-for': 'off',
    'jsx-a11y/mouse-events-have-key-events': 'warn',
    'jsx-a11y/no-access-key': 'warn',
    'jsx-a11y/no-distracting-elements': 'warn',
    'jsx-a11y/no-noninteractive-element-interactions': [
      'warn',
      {
@ -168,8 +157,18 @@ module.exports = {
        ],
      },
    ],
    // recommended rule is:
    // 'jsx-a11y/no-noninteractive-tabindex': [
    //   'error',
    //   {
    //     tags: [],
    //     roles: ['tabpanel'],
    //     allowExpressionValues: true,
    //   },
    // ],
    'jsx-a11y/no-noninteractive-tabindex': 'off',
    'jsx-a11y/no-onchange': 'warn',
-    'jsx-a11y/no-redundant-roles': 'warn',
+    // recommended is full 'error'
    'jsx-a11y/no-static-element-interactions': [
      'warn',
      {
@ -178,11 +177,8 @@ module.exports = {
        ],
      },
    ],
    'jsx-a11y/role-has-required-aria-props': 'warn',
    'jsx-a11y/role-supports-aria-props': 'off',
    'jsx-a11y/scope': 'warn',
    'jsx-a11y/tabindex-no-positive': 'warn',
    // See https://github.com/import-js/eslint-plugin-import/blob/main/config/recommended.js
    'import/extensions': [
      'error',
      'always',
@ -201,7 +197,6 @@ module.exports = {
        ],
      },
    ],
    'import/no-unresolved': 'error',
    'import/no-webpack-loader-syntax': 'error',
    'promise/catch-or-return': [
--- a/.github/ISSUE_TEMPLATE/1.bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1.bug_report.yml
@ -1,6 +1,6 @@
 name: Bug Report
 description: If something isn't working as expected
-labels: bug
+labels: [bug]
 body:
  - type: markdown
    attributes:
--- a/.github/ISSUE_TEMPLATE/2.feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/2.feature_request.yml
@ -1,6 +1,6 @@
 name: Feature Request
 description: I have a suggestion
-labels: suggestion
+labels: [suggestion]
 body:
  - type: markdown
    attributes:
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@ -4,8 +4,6 @@ on:
  push:
    branches:
      - 'main'
    tags:
      - '*'
  pull_request:
    paths:
      - .github/workflows/build-image.yml
@ -17,8 +15,14 @@ permissions:
 jobs:
  build-image:
    runs-on: ubuntu-latest
    concurrency:
      group: ${{ github.ref }}
      cancel-in-progress: true
    steps:
      - uses: actions/checkout@v3
      - uses: hadolint/hadolint-action@v3.1.0
      - uses: docker/setup-qemu-action@v2
      - uses: docker/setup-buildx-action@v2
      - uses: docker/login-action@v2
@ -31,18 +35,17 @@ jobs:
        id: meta
        with:
          images: ghcr.io/${{ github.repository_owner }}/mastodon
          flavor: |
            latest=auto
          tags: |
            type=raw,value=latest,enable={{is_default_branch}}
            type=edge,branch=main
-            type=pep440,pattern={{raw}}
+            type=sha,prefix=,format=long
-            type=pep440,pattern=v{{major}}.{{minor}}
+      - uses: docker/build-push-action@v4
            type=ref,event=pr
      - uses: docker/build-push-action@v3
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          provenance: false
          builder: ${{ steps.buildx.outputs.name }}
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
-          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/mastodon:edge
+          cache-from: type=gha
-          cache-to: type=inline
+          cache-to: type=gha,mode=max
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@ -25,12 +25,12 @@ jobs:
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
-          ruby-version: '3.0'
+          ruby-version: .ruby-version
          bundler-cache: true
      - name: Check locale file normalization
        run: bundle exec i18n-tasks check-normalized
      - name: Check for unused strings
-        run: bundle exec i18n-tasks unused -l en
+        run: bundle exec i18n-tasks unused
      - name: Check for wrong string interpolations
        run: bundle exec i18n-tasks check-consistent-interpolations
      - name: Check that all required locale files exist
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -0,0 +1,62 @@
 name: 'CodeQL'
 on:
  push:
    branches: ['main']
  pull_request:
    # The branches below must be a subset of the branches above
    branches: ['main']
  schedule:
    - cron: '22 6 * * 1'
 jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: ['javascript', 'ruby']
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v2
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
          # By default, queries listed here will override any specified in a config file.
          # Prefix the list here with "+" to use these queries and those in the config file.
          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
          # queries: security-extended,security-and-quality
      # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
        uses: github/codeql-action/autobuild@v2
      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
      #   If the Autobuild fails above, remove it and uncomment the following three lines.
      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
      # - run: |
      #   echo "Run, Build Application using script"
      #   ./location_of_script_within_repo/buildscript.sh
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/lint-css.yml
+++ b/.github/workflows/lint-css.yml
@ -0,0 +1,48 @@
 name: CSS Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - uses: xt0rted/stylelint-problem-matcher@v1
      - run: echo "::add-matcher::.github/stylelint-matcher.json"
      - name: Stylelint
        run: yarn test:lint:sass
--- a/.github/workflows/lint-js.yml
+++ b/.github/workflows/lint-js.yml
@ -0,0 +1,40 @@
 name: JavaScript Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '.github/workflows/lint-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '.github/workflows/lint-js.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: ESLint
        run: yarn test:lint:js
--- a/.github/workflows/lint-json.yml
+++ b/.github/workflows/lint-json.yml
@ -0,0 +1,40 @@
 name: JSON Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn prettier --check "**/*.json"
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@ -0,0 +1,41 @@
 name: Ruby Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'Gemfile*'
      - '.rubocop.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.rubocop.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: actions/checkout@v3
        with:
          fetch-depth: 0
      - name: Set-up RuboCop Problem Mathcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
      - name: Run rubocop
        uses: github/super-linter@v4
        env:
          DEFAULT_BRANCH: main
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          LINTER_RULES_PATH: .
          RUBY_CONFIG_FILE: .rubocop.yml
          VALIDATE_ALL_CODEBASE: false
          VALIDATE_RUBY: true
--- a/.github/workflows/lint-yml.yml
+++ b/.github/workflows/lint-yml.yml
@ -0,0 +1,42 @@
 name: YML Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn prettier --check "**/*.{yml,yaml}"
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@ -1,83 +0,0 @@
 ---
 #################################
 #################################
 ## Super Linter GitHub Actions ##
 #################################
 #################################
 name: Lint Code Base
 #
 # Documentation:
 # https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
 #
 #############################
 # Start the job on all push #
 #############################
 on:
  push:
    branches-ignore: [main]
    # Remove the line above to run when pushing to master
  pull_request:
    branches: [main]
 ###############
 # Set the Job #
 ###############
 permissions:
  checks: write
  contents: read
  pull-requests: write
  statuses: write
 jobs:
  build:
    # Name the Job
    name: Lint Code Base
    # Set the agent to run on
    runs-on: ubuntu-latest
    ##################
    # Load all steps #
    ##################
    steps:
      ##########################
      # Checkout the code base #
      ##########################
      - name: Checkout Code
        uses: actions/checkout@v3
        with:
          # Full git history is needed to get a proper list of changed files within `super-linter`
          fetch-depth: 0
      - name: Set-up Node.js
        uses: actions/setup-node@v3
        with:
          node-version: 16.x
          cache: yarn
      - name: Install dependencies
        run: yarn install --frozen-lockfile
      - name: Set-up RuboCop Problem Mathcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
      - name: Set-up Stylelint Problem Matcher
        uses: xt0rted/stylelint-problem-matcher@v1
      # https://github.com/xt0rted/stylelint-problem-matcher/issues/360
      - run: echo "::add-matcher::.github/stylelint-matcher.json" 
      ################################
      # Run Linter against code base #
      ################################
      - name: Lint Code Base
        uses: github/super-linter@v4
        env:
          CSS_FILE_NAME: stylelint.config.js
          DEFAULT_BRANCH: main
          NO_COLOR: 1 # https://github.com/xt0rted/stylelint-problem-matcher/issues/360
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          JAVASCRIPT_ES_CONFIG_FILE: .eslintrc.js
          LINTER_RULES_PATH: .
          RUBY_CONFIG_FILE: .rubocop.yml
          VALIDATE_ALL_CODEBASE: false
          VALIDATE_CSS: true
          VALIDATE_JAVASCRIPT_ES: true
          VALIDATE_RUBY: true
--- a/.github/workflows/rebase-needed.yml
+++ b/.github/workflows/rebase-needed.yml
@ -0,0 +1,17 @@
 name: PR Needs Rebase
 on:
  push:
  pull_request_target:
    types: [synchronize]
 jobs:
  label-rebase-needed:
    runs-on: ubuntu-latest
    steps:
      - name: Check for merge conflicts
        uses: eps1lon/actions-label-merge-conflict@releases/2.x
        with:
          dirtyLabel: 'rebase needed :construction:'
          repoToken: '${{ secrets.GITHUB_TOKEN }}'
          commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
--- a/.github/workflows/test-chart.yml
+++ b/.github/workflows/test-chart.yml
@ -1,138 +0,0 @@
 # This is a GitHub workflow defining a set of jobs with a set of steps.
 # ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
 #
 name: Test chart
 on:
  pull_request:
    paths:
      - "chart/**"
      - "!**.md"
      - ".github/workflows/test-chart.yml"
  push:
    paths:
      - "chart/**"
      - "!**.md"
      - ".github/workflows/test-chart.yml"
    branches-ignore:
      - "dependabot/**"
  workflow_dispatch:
 permissions:
  contents: read
 defaults:
  run:
    working-directory: chart
 jobs:
  lint-templates:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-python@v4
        with:
          python-version: "3.x"
      - name: Install dependencies (yamllint)
        run: pip install yamllint
      - run: helm dependency update
      - name: helm lint
        run: |
          helm lint . \
              --values dev-values.yaml
      - name: helm template
        run: |
          helm template . \
              --values dev-values.yaml \
              --output-dir rendered-templates
      - name: yamllint (only on templates we manage)
        run: |
          rm -rf rendered-templates/mastodon/charts
          yamllint rendered-templates \
            --config-data "{rules: {indentation: {spaces: 2}, line-length: disable}}"
  # This job helps us validate that rendered templates are valid k8s resources
  # against a k8s api-server, via "helm template --validate", but also that a
  # basic configuration can be used to successfully startup mastodon.
  #
  test-install:
    runs-on: ubuntu-22.04
    timeout-minutes: 15
    strategy:
      fail-fast: false
      matrix:
        include:
          # k3s-channel reference: https://update.k3s.io/v1-release/channels
          - k3s-channel: latest
          - k3s-channel: stable
          # This represents the oldest configuration we test against.
          #
          # The k8s version chosen is based on the oldest still supported k8s
          # version among two managed k8s services, GKE, EKS.
          # - GKE: https://endoflife.date/google-kubernetes-engine
          # - EKS: https://endoflife.date/amazon-eks
          #
          # The helm client's version can influence what helper functions is
          # available for use in the templates, currently we need v3.6.0 or
          # higher.
          #
          - k3s-channel: v1.21
            helm-version: v3.6.0
    steps:
      - uses: actions/checkout@v3
      # This action starts a k8s cluster with NetworkPolicy enforcement and
      # installs both kubectl and helm.
      #
      # ref: https://github.com/jupyterhub/action-k3s-helm#readme
      #
      - uses: jupyterhub/action-k3s-helm@v3
        with:
          k3s-channel: ${{ matrix.k3s-channel }}
          helm-version: ${{ matrix.helm-version }}
          metrics-enabled: false
          traefik-enabled: false
          docker-enabled: false
      - run: helm dependency update
      # Validate rendered helm templates against the k8s api-server
      - name: helm template --validate
        run: |
          helm template --validate mastodon . \
              --values dev-values.yaml
      - name: helm install
        run: |
          helm install mastodon . \
              --values dev-values.yaml \
              --timeout 10m
      # This actions provides a report about the state of the k8s cluster,
      # providing logs etc on anything that has failed and workloads marked as
      # important.
      #
      # ref: https://github.com/jupyterhub/action-k8s-namespace-report#readme
      #
      - name: Kubernetes namespace report
        uses: jupyterhub/action-k8s-namespace-report@v1
        if: always()
        with:
          important-workloads: >-
            deploy/mastodon-sidekiq
            deploy/mastodon-streaming
            deploy/mastodon-web
            job/mastodon-assets-precompile
            job/mastodon-chewy-upgrade
            job/mastodon-create-admin
            job/mastodon-db-migrate
--- a/.gitignore
+++ b/.gitignore
@ -44,12 +44,6 @@
 /redis
 /elasticsearch
 # ignore Helm charts
 /chart/*.tgz
 # ignore Helm dependency charts
 /chart/charts/*.tgz
 # Ignore Apple files
 .DS_Store
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-14
+16.19
--- a/.prettierignore
+++ b/.prettierignore
@ -44,9 +44,6 @@
 /redis
 /elasticsearch
 # ignore Helm dependency charts
 /chart/charts/*.tgz
 # Ignore Apple files
 .DS_Store
@ -67,12 +64,25 @@ yarn-debug.log
 # Ignore Docker option files
 docker-compose.override.yml
 # Ignore Helm files
 /chart
 # Ignore emoji map file
 /app/javascript/mastodon/features/emoji/emoji_map.json
 # Ignore locale files
 /app/javascript/mastodon/locales
 /config/locales
 # Ignore vendored CSS reset
 app/javascript/styles/mastodon/reset.scss
 # Ignore glitch-soc emoji map file
 /app/javascript/flavours/glitch/features/emoji/emoji_map.json
 # Ignore glitch-soc locale files
 /app/javascript/flavours/glitch/locales
 /config/locales-glitch
 # Ignore glitch-soc vendored CSS reset
 app/javascript/flavours/glitch/styles/reset.scss
 # Ignore win95 theme
 app/javascript/styles/win95.scss
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -1,12 +1,18 @@
 require:
  - rubocop-rails
  - rubocop-rspec
  - rubocop-performance
 AllCops:
-  TargetRubyVersion: 2.5
+  TargetRubyVersion: 2.7
-  NewCops: disable
+  DisplayCopNames: true
  DisplayStyleGuide: true
  ExtraDetails: true
  UseCache: true
  CacheRootDirectory: tmp
  NewCops: enable
  Exclude:
-    - 'spec/**/*'
+    - db/schema.rb
    - 'db/**/*'
    - 'app/views/**/*'
    - 'config/**/*'
    - 'bin/*'
@ -67,15 +73,57 @@ Lint/UselessAccessModifier:
    - class_methods
 Metrics/AbcSize:
-  Max: 115
+  Max: 34 # RuboCop default 17
  Exclude:
-    - 'lib/mastodon/*_cli.rb'
+    - 'lib/**/*cli*.rb'
    - db/*migrate/**/*
    - lib/paperclip/color_extractor.rb
    - app/workers/scheduler/follow_recommendations_scheduler.rb
    - app/services/activitypub/fetch*_service.rb
    - lib/paperclip/**/*
  CountRepeatedAttributes: false
  AllowedMethods:
    - update_media_attachments!
    - account_link_to
    - attempt_oembed
    - build_crutches
    - calculate_scores
    - cc
    - dump_actor!
    - filter_from_home?
    - hydrate
    - import_bookmarks!
    - import_relationships!
    - initialize
    - link_to_mention
    - log_target
    - matches_time_window?
    - parse_metadata
    - perform_statuses_search!
    - privatize_media_attachments!
    - process_update
    - publish_media_attachments!
    - remotable_attachment
    - render_initial_state
    - render_with_cache
    - searchable_by
    - self.cached_filters_for
    - set_fetchable_attributes!
    - signed_request_actor
    - statuses_to_delete
    - update_poll!
 Metrics/BlockLength:
  Max: 55
  Exclude:
    - 'lib/tasks/**/*'
    - 'lib/mastodon/*_cli.rb'
  CountComments: false
  CountAsOne: [array, heredoc]
  AllowedMethods:
    - task
    - namespace
    - class_methods
    - included
 Metrics/BlockNesting:
  Max: 3
@ -85,34 +133,144 @@ Metrics/BlockNesting:
 Metrics/ClassLength:
  CountComments: false
  Max: 500
  CountAsOne: [array, heredoc]
  Exclude:
    - 'lib/mastodon/*_cli.rb'
 Metrics/CyclomaticComplexity:
-  Max: 25
+  Max: 12
  Exclude:
-    - 'lib/mastodon/*_cli.rb'
+    - lib/mastodon/*cli*.rb
    - db/*migrate/**/*
  AllowedMethods:
    - attempt_oembed
    - blocked?
    - build_crutches
    - calculate_scores
    - cc
    - discover_endpoint!
    - filter_from_home?
    - hydrate
    - klass
    - link_to_mention
    - log_target
    - matches_time_window?
    - patch_for_forwarding!
    - preprocess_attributes!
    - process_update
    - remotable_attachment
    - scan_text!
    - self.cached_filters_for
    - set_fetchable_attributes!
    - setup_redis_env_url
    - update_media_attachments!
 Layout/LineLength:
  Max: 140 # RuboCop default 120
  AllowHeredoc: true
  AllowURI: true
-  Enabled: false
+  IgnoreCopDirectives: true
  AllowedPatterns:
    # Allow comments to be long lines
    - !ruby/regexp / \# .*$/
    - !ruby/regexp /^\# .*$/
  Exclude:
    - lib/**/*cli*.rb
    - db/*migrate/**/*
    - db/seeds/**/*
 Metrics/MethodLength:
  CountComments: false
-  Max: 65
+  CountAsOne: [array, heredoc]
  Max: 25 # RuboCop default 10
  Exclude:
    - 'lib/mastodon/*_cli.rb'
  AllowedMethods:
    - account_link_to
    - attempt_oembed
    - body_with_limit
    - build_crutches
    - cached_filters_for
    - calculate_scores
    - check_webfinger!
    - clean_feeds!
    - collection_items
    - collection_presenter
    - copy_account_notes!
    - deduplicate_accounts!
    - deduplicate_conversations!
    - deduplicate_local_accounts!
    - deduplicate_statuses!
    - deduplicate_tags!
    - deduplicate_users!
    - discover_endpoint!
    - extract_extra_uris_with_indices
    - extract_hashtags_with_indices
    - extract_mentions_or_lists_with_indices
    - filter_from_home?
    - from_elasticsearch
    - handle_explicit_update!
    - handle_mark_as_sensitive!
    - hsl_to_rgb
    - import_bookmarks!
    - import_domain_blocks!
    - import_relationships!
    - ldap_options
    - matches_time_window?
    - outbox_presenter
    - pam_get_user
    - parallelize_with_progress
    - parse_and_transform
    - patch_for_forwarding!
    - populate_home
    - post_process_style
    - preload_cache_collection_target_statuses
    - privatize_media_attachments!
    - provides_callback_for
    - publish_media_attachments!
    - relevant_account_timestamp
    - remotable_attachment
    - rgb_to_hsl
    - rss_status_content_format
    - set_fetchable_attributes!
    - setup_redis_env_url
    - signed_request_actor
    - to_preview_card_attributes
    - upgrade_storage_filesystem
    - upgrade_storage_s3
    - user_settings_params
    - hydrate
    - cc
    - self_destruct
 Metrics/ModuleLength:
  CountComments: false
  Max: 200
  CountAsOne: [array, heredoc]
 Metrics/ParameterLists:
-  Max: 5
+  Max: 5 # RuboCop default 5
-  CountKeywordArgs: true
+  CountKeywordArgs: true # RuboCop default true
  MaxOptionalParameters: 3 # RuboCop default 3
  Exclude:
    - app/models/concerns/account_interactions.rb
    - app/services/activitypub/fetch_remote_account_service.rb
    - app/services/activitypub/fetch_remote_actor_service.rb
 Metrics/PerceivedComplexity:
-  Max: 25
+  Max: 16 # RuboCop default 8
  AllowedMethods:
    - attempt_oembed
    - build_crutches
    - calculate_scores
    - deduplicate_users!
    - discover_endpoint!
    - filter_from_home?
    - hydrate
    - patch_for_forwarding!
    - process_update
    - remove_orphans
    - update_media_attachments!
 Naming/MemoizedInstanceVariableName:
  Enabled: false
@ -243,6 +401,10 @@ Style/HashTransformKeys:
 Style/HashTransformValues:
  Enabled: false
 Style/HashSyntax:
  Enabled: true
  EnforcedStyle: ruby19_no_mixed_keys
 Style/IfUnlessModifier:
  Enabled: false
@ -263,9 +425,6 @@ Style/PercentLiteralDelimiters:
 Style/PerlBackrefs:
  AutoCorrect: false
 Style/RedundantAssignment:
  Enabled: false
 Style/RedundantFetchBlock:
  Enabled: true
@ -288,7 +447,7 @@ Style/RegexpLiteral:
  Enabled: false
 Style/RescueStandardError:
-  Enabled: false
+  Enabled: true
 Style/SignalException:
  Enabled: false
@ -307,3 +466,14 @@ Style/TrailingCommaInHashLiteral:
 Style/UnpackFirst:
  Enabled: false
 RSpec/ScatteredSetup:
  Enabled: false
 RSpec/ImplicitExpect:
  Enabled: false
 RSpec/NamedSubject:
  Enabled: false
 RSpec/DescribeClass:
  Enabled: false
 RSpec/LetSetup:
  Enabled: false
--- a/.ruby-version
+++ b/.ruby-version
@ -1 +1 @@
-3.0.4
+3.0.5
--- a/22
+++ b/22
@ -1,26 +1,4 @@
 ffmpeg
 libicu[0-9][0-9]
 libicu-dev
 libidn12
 libidn-dev
 libpq-dev
 libxdamage1
 libxfixes3
 zlib1g-dev
 libcairo2
 libcroco3
 libdatrie1
 libgdk-pixbuf2.0-0
 libgraphite2-3
 libharfbuzz0b
 libpango-1.0-0
 libpangocairo-1.0-0
 libpangoft2-1.0-0
 libpixman-1-0
 librsvg2-2
 libthai-data
 libthai0
 libvpx[5-9]
 libxcb-render0
 libxcb-shm0
 libxrender1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,6 +3,228 @@ Changelog
 All notable changes to this project will be documented in this file.
 ## [4.1.0] - 2023-02-10
 ### Added
 - **Add support for importing/exporting server-wide domain blocks** ([enbylenore](https://github.com/mastodon/mastodon/pull/20597), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/21471), [dariusk](https://github.com/mastodon/mastodon/pull/22803), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/21470))
 - **Add listing of followed hashtags** ([connorshea](https://github.com/mastodon/mastodon/pull/21773))
 - **Add support for editing media description and focus point of already-sent posts** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20878))
  - Previously, you could add and remove attachments, but not edit media description of already-attached media
  - REST API changes:
    - `PUT /api/v1/statuses/:id` now takes an extra `media_attributes[]` array parameter with the `id` of the updated media and their updated `description`, `focus`, and `thumbnail`
 - **Add follow request banner on account header** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20785))
  - REST API changes:
    - `Relationship` entities have an extra `requested_by` boolean attribute representing whether the represented user has requested to follow you
 - **Add confirmation screen when handling reports** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22375), [Gargron](https://github.com/mastodon/mastodon/pull/23156), [tribela](https://github.com/mastodon/mastodon/pull/23178))
 - Add option to make the landing page be `/about` even when trends are enabled ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20808))
 - Add `noindex` setting back to the admin interface ([prplecake](https://github.com/mastodon/mastodon/pull/22205))
 - Add instance peers API endpoint toggle back to the admin interface ([dariusk](https://github.com/mastodon/mastodon/pull/22810))
 - Add instance activity API endpoint toggle back to the admin interface ([dariusk](https://github.com/mastodon/mastodon/pull/22833))
 - Add setting for status page URL ([Gargron](https://github.com/mastodon/mastodon/pull/23390), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23499))
  - REST API changes:
    - Add `configuration.urls.status` attribute to the object returned by `GET /api/v1/instance`
 - Add `account.approved` webhook ([Saiv46](https://github.com/mastodon/mastodon/pull/22938))
 - Add 12 hours option to polls ([Pleclown](https://github.com/mastodon/mastodon/pull/21131))
 - Add dropdown menu item to open admin interface for remote domains ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21895))
 - Add `--remove-headers`, `--prune-profiles` and `--include-follows` flags to `tootctl media remove` ([evanphilip](https://github.com/mastodon/mastodon/pull/22149))
 - Add `--email` and `--dry-run` options to `tootctl accounts delete` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22328))
 - Add `tootctl accounts migrate` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22330))
 - Add `tootctl accounts prune` ([tribela](https://github.com/mastodon/mastodon/pull/18397))
 - Add `tootctl domains purge` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22063))
 - Add `SIDEKIQ_CONCURRENCY` environment variable ([muffinista](https://github.com/mastodon/mastodon/pull/19589))
 - Add `DB_POOL` environment variable support for streaming server ([Gargron](https://github.com/mastodon/mastodon/pull/23470))
 - Add `MIN_THREADS` environment variable to set minimum Puma threads ([jimeh](https://github.com/mastodon/mastodon/pull/21048))
 - Add explanation text to log-in page ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20946))
 - Add user profile OpenGraph tag on post pages ([bramus](https://github.com/mastodon/mastodon/pull/21423))
 - Add maskable icon support for Android ([workeffortwaste](https://github.com/mastodon/mastodon/pull/20904))
 - Add Belarusian to supported languages ([Mixaill](https://github.com/mastodon/mastodon/pull/22022))
 - Add Western Frisian to supported languages ([ykzts](https://github.com/mastodon/mastodon/pull/18602))
 - Add Montenegrin to the language picker ([ayefries](https://github.com/mastodon/mastodon/pull/21013))
 - Add Southern Sami and Lule Sami to the language picker ([Jullan-M](https://github.com/mastodon/mastodon/pull/21262))
 - Add logging for Rails cache timeouts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21667))
 - Add color highlight for active hashtag “follow” button ([MFTabriz](https://github.com/mastodon/mastodon/pull/21629))
 - Add brotli compression to `assets:precompile` ([Izorkin](https://github.com/mastodon/mastodon/pull/19025))
 - Add “disabled” account filter to the `/admin/accounts` UI ([tribela](https://github.com/mastodon/mastodon/pull/21282))
 - Add transparency to modal background for accessibility ([edent](https://github.com/mastodon/mastodon/pull/18081))
 - Add `lang` attribute to image description textarea and poll option field ([c960657](https://github.com/mastodon/mastodon/pull/23293))
 - Add `spellcheck` attribute to Content Warning and poll option input fields ([c960657](https://github.com/mastodon/mastodon/pull/23395))
 - Add `title` attribute to video elements in media attachments ([bramus](https://github.com/mastodon/mastodon/pull/21420))
 - Add left and right margins to emojis ([dsblank](https://github.com/mastodon/mastodon/pull/20464))
 - Add `roles` attribute to `Account` entities in REST API ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23255), [tribela](https://github.com/mastodon/mastodon/pull/23428))
 - Add `reading:autoplay:gifs` to `/api/v1/preferences` ([j-f1](https://github.com/mastodon/mastodon/pull/22706))
 - Add `hide_collections` parameter to `/api/v1/accounts/credentials` ([CarlSchwan](https://github.com/mastodon/mastodon/pull/22790))
 - Add `policy` attribute to web push subscription objects in REST API at `/api/v1/push/subscriptions` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23210))
 - Add metrics endpoint to streaming API ([Gargron](https://github.com/mastodon/mastodon/pull/23388), [Gargron](https://github.com/mastodon/mastodon/pull/23469))
 - Add more specific error messages to HTTP signature verification ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21617))
 - Add Storj DCS to cloud object storage options in the `mastodon:setup` rake task ([jtolio](https://github.com/mastodon/mastodon/pull/21929))
 - Add checkmark symbol in the checkbox for sensitive media ([sidp](https://github.com/mastodon/mastodon/pull/22795))
 - Add missing accessibility attributes to logout link in modals ([kytta](https://github.com/mastodon/mastodon/pull/22549))
 - Add missing accessibility attributes to “Hide image” button in `MediaGallery` ([hs4man21](https://github.com/mastodon/mastodon/pull/22513))
 - Add missing accessibility attributes to hide content warning field when disabled ([hs4man21](https://github.com/mastodon/mastodon/pull/22568))
 - Add `aria-hidden` to footer circle dividers to improve accessibility ([hs4man21](https://github.com/mastodon/mastodon/pull/22576))
 - Add `lang` attribute to compose form inputs ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23240))
 ### Changed
 - **Ensure exact match is the first result in hashtag searches** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21315))
 - Change account search to return followed accounts first ([dariusk](https://github.com/mastodon/mastodon/pull/22956))
 - Change batch account suspension to create a strike ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20897))
 - Change default reply language to match the default language when replying to a translated post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22272))
 - Change misleading wording about waitlists ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20850))
 - Increase width of the unread notification border ([connorshea](https://github.com/mastodon/mastodon/pull/21692))
 - Change new post notification button on profiles to make it more apparent when it is enabled ([tribela](https://github.com/mastodon/mastodon/pull/22541))
 - Change trending tags admin interface to always show batch action controls ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23013))
 - Change wording of some OAuth scope descriptions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22491))
 - Change wording of admin report handling actions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18388))
 - Change confirm prompts for relationships management ([tribela](https://github.com/mastodon/mastodon/pull/19411))
 - Change language surrounding disability in prompts for media descriptions ([hs4man21](https://github.com/mastodon/mastodon/pull/20923))
 - Change confusing wording in the sign in banner ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22490))
 - Change `POST /settings/applications/:id` to regenerate token on scopes change ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23359))
 - Change account moderation notes to make links clickable ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22553))
 - Change link previews for statuses to never use avatar as fallback ([Gargron](https://github.com/mastodon/mastodon/pull/23376))
 - Change email address input to be read-only for logged-in users when requesting a new confirmation e-mail ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23247))
 - Change notifications per page from 15 to 40 in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/23348))
 - Change number of stored items in home feed from 400 to 800 ([Gargron](https://github.com/mastodon/mastodon/pull/23349))
 - Change API rate limits from 300/5min per user to 1500/5min per user, 300/5min per app ([Gargron](https://github.com/mastodon/mastodon/pull/23347))
 - Save avatar or header correctly even if the other one fails ([tribela](https://github.com/mastodon/mastodon/pull/18465))
 - Change `referrer-policy` to `same-origin` application-wide ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23014), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23037))
 - Add 'private' to `Cache-Control`, match Rails expectations ([daxtens](https://github.com/mastodon/mastodon/pull/20608))
 - Make the button that expands the compose form differentiable from the button that publishes a post ([Tak](https://github.com/mastodon/mastodon/pull/20864))
 - Change automatic post deletion configuration to be accessible to moved users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20774))
 - Make tag following idempotent ([trwnh](https://github.com/mastodon/mastodon/pull/20860), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/21285))
 - Use buildx functions for faster builds ([inductor](https://github.com/mastodon/mastodon/pull/20692))
 - Split off Dockerfile components for faster builds ([moritzheiber](https://github.com/mastodon/mastodon/pull/20933), [ineffyble](https://github.com/mastodon/mastodon/pull/20948), [BtbN](https://github.com/mastodon/mastodon/pull/21028))
 - Change last occurrence of “silence” to “limit” in UI text ([cincodenada](https://github.com/mastodon/mastodon/pull/20637))
 - Change “hide toot” to “hide post” ([seanthegeek](https://github.com/mastodon/mastodon/pull/22385))
 - Don't allow URLs that contain non-normalized paths to be verified ([dgl](https://github.com/mastodon/mastodon/pull/20999))
 - Change the “Trending now” header to be a link to the Explore page ([connorshea](https://github.com/mastodon/mastodon/pull/21759))
 - Change PostgreSQL connection timeout from 2 minutes to 15 seconds ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21790))
 - Make handle more easily selectable on profile page ([cadars](https://github.com/mastodon/mastodon/pull/21479))
 - Allow admins to refresh remotely-suspended accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22327))
 - Change dropdown menu to contain “Copy link to post” even for non-public posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21316))
 - Allow adding relays in secure mode and limited federation mode ([ineffyble](https://github.com/mastodon/mastodon/pull/22324))
 - Change timestamps to be displayed using the user's timezone throughout the moderation interface ([FrancisMurillo](https://github.com/mastodon/mastodon/pull/21878), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/22555))
 - Change CSP directives on API to be tight and concise ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20960))
 - Change web UI to not autofocus the compose form ([raboof](https://github.com/mastodon/mastodon/pull/16517), [Akkiesoft](https://github.com/mastodon/mastodon/pull/23094))
 - Change idempotency key handling for posting when database access is slow ([lambda](https://github.com/mastodon/mastodon/pull/21840))
 - Change remote media files to be downloaded outside of transactions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21796))
 - Improve contrast of charts in “poll has ended” notifications ([j-f1](https://github.com/mastodon/mastodon/pull/22575))
 - Change OEmbed detection and validation to be somewhat more lenient ([ineffyble](https://github.com/mastodon/mastodon/pull/22533))
 - Widen ElasticSearch version detection to not display a warning for OpenSearch ([VyrCossont](https://github.com/mastodon/mastodon/pull/22422), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23064))
 - Change link verification to allow pages larger than 1MB as long as the link is in the first 1MB ([untitaker](https://github.com/mastodon/mastodon/pull/22879))
 - Update default Node.js version to Node.js 16 ([ineffyble](https://github.com/mastodon/mastodon/pull/22223), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/22342))
 ### Removed
 - Officially remove support for Ruby 2.6 ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21477))
 - Remove `object-fit` polyfill used for old versions of Microsoft Edge ([shuuji3](https://github.com/mastodon/mastodon/pull/22693))
 - Remove `intersection-observer` polyfill for old Safari support ([shuuji3](https://github.com/mastodon/mastodon/pull/23284))
 - Remove empty `title` tag from mailer layout ([nametoolong](https://github.com/mastodon/mastodon/pull/23078))
 - Remove post count and last posts from ActivityPub representation of hashtag collections ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23460))
 ### Fixed
 - **Fix changing domain block severity not undoing individual account effects** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22135))
 - Fix suspension worker crashing on S3-compatible setups without ACL support ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22487))
 - Fix possible race conditions when suspending/unsuspending accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22363))
 - Fix being stuck in edit mode when deleting the edited posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22126))
 - Fix attached media uploads not being cleared when replying to a post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23504))
 - Fix filters not being applied to some notification types ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23211))
 - Fix incorrect link in push notifications for some event types ([elizabeth-dev](https://github.com/mastodon/mastodon/pull/23286))
 - Fix some performance issues with `/admin/instances` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21907))
 - Fix some pre-4.0 admin audit logs ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22091))
 - Fix moderation audit log items for warnings having incorrect links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23242))
 - Fix account activation being sometimes triggered before email confirmation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23245))
 - Fix missing OAuth scopes for admin APIs ([trwnh](https://github.com/mastodon/mastodon/pull/20918), [trwnh](https://github.com/mastodon/mastodon/pull/20979))
 - Fix voter count not being cleared when a poll is reset ([afontenot](https://github.com/mastodon/mastodon/pull/21700))
 - Fix attachments of edited posts not being fetched ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21565))
 - Fix irreversible and whole_word parameters handling in `/api/v1/filters` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21988))
 - Fix 500 error when marking posts as sensitive while some of them are deleted ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22134))
 - Fix expanded posts not always being scrolled into view ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21797))
 - Fix not being able to scroll the remote interaction modal on small screens ([xendke](https://github.com/mastodon/mastodon/pull/21763))
 - Fix not being able to scroll in post history modal ([cadars](https://github.com/mastodon/mastodon/pull/23396))
 - Fix audio player volume control on Safari ([minacle](https://github.com/mastodon/mastodon/pull/23187))
 - Fix disappearing “Explore” tabs on Safari ([nyura](https://github.com/mastodon/mastodon/pull/20917), [ykzts](https://github.com/mastodon/mastodon/pull/20982))
 - Fix wrong padding in RTL layout ([Gargron](https://github.com/mastodon/mastodon/pull/23157))
 - Fix drag & drop upload area display in single-column mode ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23217))
 - Fix being unable to get a single EmailDomainBlock from the admin API ([trwnh](https://github.com/mastodon/mastodon/pull/20846))
 - Fix admin-set follow recommandations being case-sensitive ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23500))
 - Fix unserialized `role` on account entities in admin API ([Gargron](https://github.com/mastodon/mastodon/pull/23290))
 - Fix pagination of followed tags ([trwnh](https://github.com/mastodon/mastodon/pull/20861))
 - Fix dropdown menu positions when scrolling ([sidp](https://github.com/mastodon/mastodon/pull/22916), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23062))
 - Fix email with empty domain name labels passing validation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23246))
 - Fix mysterious registration failure when “Require a reason to join” is set with open registrations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22127))
 - Fix attachment rendering of edited posts in OpenGraph ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22270))
 - Fix invalid/empty RSS feed link on account pages ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20772))
 - Fix error in `VerifyLinkService` when processing links with no href ([joshuap](https://github.com/mastodon/mastodon/pull/20741))
 - Fix error in `VerifyLinkService` when processing links with invalid URLs ([untitaker](https://github.com/mastodon/mastodon/pull/23204))
 - Fix media uploads with FFmpeg 5 ([dead10ck](https://github.com/mastodon/mastodon/pull/21191))
 - Fix sensitive flag not being set when replying to a post with a content warning under certain conditions ([kedamaDQ](https://github.com/mastodon/mastodon/pull/21724))
 - Fix misleading message briefly showing up when loading follow requests under some conditions ([c960657](https://github.com/mastodon/mastodon/pull/23386))
 - Fix “Share @:user's profile” profile menu item not working ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21490))
 - Fix crash and incorrect behavior in `tootctl domains crawl` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/19004))
 - Fix autoplay on iOS ([jamesadney](https://github.com/mastodon/mastodon/pull/21422))
 - Fix user clean-up scheduler crash when an unconfirmed account has a moderation note ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23318))
 - Fix spaces not being stripped in admin account search ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21324))
 - Fix spaces not being stripped when adding relays ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22655))
 - Fix infinite loading spinner instead of soft 404 for non-existing remote accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21303))
 - Fix minor visual issue with the top border of verified account fields ([j-f1](https://github.com/mastodon/mastodon/pull/22006))
 - Fix pending account approval and rejection not being recorded in the admin audit log ([FrancisMurillo](https://github.com/mastodon/mastodon/pull/22088))
 - Fix “Sign up” button with closed registrations not opening modal on mobile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22060))
 - Fix UI header overflowing on mobile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21783))
 - Fix 500 error when trying to migrate to an invalid address ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21462))
 - Fix crash when trying to fetch unobtainable avatar of user using external authentication ([lochiiconnectivity](https://github.com/mastodon/mastodon/pull/22462))
 - Fix processing error on incoming malformed JSON-LD under some situations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23416))
 - Fix potential duplicate posts in Explore tab ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22121))
 - Fix deprecation warning in `tootctl accounts rotate` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22120))
 - Fix styling of featured tags in light theme ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23252))
 - Fix missing style in warning and strike cards ([AtelierSnek](https://github.com/mastodon/mastodon/pull/22177), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/22302))
 - Fix wasteful request to `/api/v1/custom_emojis` when not logged in ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22326))
 - Fix replies sometimes being delivered to user-blocked domains ([tribela](https://github.com/mastodon/mastodon/pull/22117))
 - Fix admin dashboard crash when using some ElasticSearch replacements ([cortices](https://github.com/mastodon/mastodon/pull/21006))
 - Fix profile avatar being slightly offset into left border ([RiedleroD](https://github.com/mastodon/mastodon/pull/20994))
 - Fix N+1 queries in `NotificationsController` ([nametoolong](https://github.com/mastodon/mastodon/pull/21202))
 - Fix being unable to react to announcements with the keycap number sign emoji ([kescherCode](https://github.com/mastodon/mastodon/pull/22231))
 - Fix height computation of post embeds ([hodgesmr](https://github.com/mastodon/mastodon/pull/22141))
 - Fix accessibility issue of the search bar due to hidden placeholder ([alexstine](https://github.com/mastodon/mastodon/pull/21275))
 - Fix layout change handler not being removed due to a typo ([nschonni](https://github.com/mastodon/mastodon/pull/21829))
 - Fix typo in the default `S3_HOSTNAME` used in the `mastodon:setup` rake task ([danp](https://github.com/mastodon/mastodon/pull/19932))
 - Fix the top action bar appearing in the multi-column layout ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20943))
 - Fix inability to use local LibreTranslate without setting `ALLOWED_PRIVATE_ADDRESSES` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21926))
 - Fix punycoded local domains not being prettified in initial state ([Tritlo](https://github.com/mastodon/mastodon/pull/21440))
 - Fix CSP violation warning by removing inline CSS from SVG logo ([luxiaba](https://github.com/mastodon/mastodon/pull/20814))
 - Fix margin for search field on medium window size ([minacle](https://github.com/mastodon/mastodon/pull/21606))
 - Fix search popout scrolling with the page in single-column mode ([rgroothuijsen](https://github.com/mastodon/mastodon/pull/16463))
 - Fix minor post cache hydration discrepancy ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/19879))
 - Fix `・` detection in hashtags ([parthoghosh24](https://github.com/mastodon/mastodon/pull/22888))
 - Fix hashtag follows bypassing user blocks ([tribela](https://github.com/mastodon/mastodon/pull/22849))
 - Fix moved accounts being incorrectly redirected to account settings when trying to view a remote profile ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22497))
 - Fix site upload validations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22479))
 - Fix “Add new domain block” button using last submitted search value instead of the current one ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22485))
 - Fix misleading hashtag warning when posting with “Followers only” or “Mentioned people only” visibility ([n0toose](https://github.com/mastodon/mastodon/pull/22827))
 - Fix embedded posts with videos grabbing focus ([Akkiesoft](https://github.com/mastodon/mastodon/pull/22778))
 - Fix `$` not being escaped in `.env.production` files generated by the `mastodon:setup` rake task ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23012), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23072))
 - Fix sanitizer parsing link text as HTML when stripping unsupported links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22558))
 - Fix `scheduled_at` input not using `datetime-local` when editing announcements ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21896))
 - Fix REST API serializer for `Account` not including `moved` when the moved account has itself moved ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22483))
 - Fix `/api/v1/admin/trends/tags` using wrong serializer ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18943))
 - Fix situations in which instance actor can be set to a Mastodon-incompatible name ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22307))
 ### Security
 - Add `form-action` CSP directive ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20781), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/20958), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/20962))
 - Fix unbounded recursion in account discovery ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22025))
 - Revoke all authorized applications on password reset ([FrancisMurillo](https://github.com/mastodon/mastodon/pull/21325))
 - Fix unbounded recursion in post discovery ([ClearlyClaire,nametoolong](https://github.com/mastodon/mastodon/pull/23506))
 ## [4.0.2] - 2022-11-15
 ### Fixed
 - Fix wrong color on mentions hidden behind content warning in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/20724))
 - Fix filters from other users being used in the streaming service ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20719))
 - Fix `unsafe-eval` being used when `wasm-unsafe-eval` is enough in Content Security Policy ([Gargron](https://github.com/mastodon/mastodon/pull/20729), [prplecake](https://github.com/mastodon/mastodon/pull/20606))
 ## [4.0.1] - 2022-11-14
 ### Fixed
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@ -40,7 +40,7 @@ Project maintainers who do not follow or enforce the Code of Conduct in good fai
 ## Attribution
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [https://contributor-covenant.org/version/1/4][version]
-[homepage]: http://contributor-covenant.org
+[homepage]: https://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
+[version]: https://contributor-covenant.org/version/1/4/
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -6,6 +6,12 @@ Here are some guidelines, and ways you can help.
 >   (This document is a bit of a work-in-progress, so please bear with us.
 >   If you don't see what you're looking for here, please don't hesitate to reach out!)
 ## Translations
 You can submit glitch-soc-specific translations via [Crowdin](https://crowdin.com/project/glitch-soc). They are periodically merged into the codebase.
 [![Crowdin](https://badges.crowdin.net/glitch-soc/localized.svg)](https://crowdin.com/project/glitch-soc)
 ##  Planning  ##
 Right now a lot of the planning for this project takes place in our development Discord, or through GitHub Issues and Projects.
--- a/170
+++ b/170
@ -1,121 +1,99 @@
-FROM ubuntu:20.04 as build-dep
+# syntax=docker/dockerfile:1.4
 # This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
 ARG NODE_VERSION="16.19-bullseye-slim"
-# Use bash for the shell
+FROM ghcr.io/moritzheiber/ruby-jemalloc:3.0.5-slim as ruby
-SHELL ["/bin/bash", "-c"]
+FROM node:${NODE_VERSION} as build
 RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
-# Install Node v16 (LTS)
+COPY --link --from=ruby /opt/ruby /opt/ruby
 ENV NODE_VER="16.17.1"
 RUN ARCH= && \
    dpkgArch="$(dpkg --print-architecture)" && \
  case "${dpkgArch##*-}" in \
    amd64) ARCH='x64';; \
    ppc64el) ARCH='ppc64le';; \
    s390x) ARCH='s390x';; \
    arm64) ARCH='arm64';; \
    armhf) ARCH='armv7l';; \
    i386) ARCH='x86';; \
    *) echo "unsupported architecture"; exit 1 ;; \
  esac && \
    echo "Etc/UTC" > /etc/localtime && \
 	apt-get update && \
 	apt-get install -y --no-install-recommends ca-certificates wget python3 apt-utils && \
 	cd ~ && \
 	wget -q https://nodejs.org/download/release/v$NODE_VER/node-v$NODE_VER-linux-$ARCH.tar.gz && \
 	tar xf node-v$NODE_VER-linux-$ARCH.tar.gz && \
 	rm node-v$NODE_VER-linux-$ARCH.tar.gz && \
 	mv node-v$NODE_VER-linux-$ARCH /opt/node
-# Install Ruby 3.0
+ENV DEBIAN_FRONTEND="noninteractive" \
-ENV RUBY_VER="3.0.4"
+    PATH="${PATH}:/opt/ruby/bin"
 RUN apt-get update && \
  apt-get install -y --no-install-recommends build-essential \
    bison libyaml-dev libgdbm-dev libreadline-dev libjemalloc-dev \
 		libncurses5-dev libffi-dev zlib1g-dev libssl-dev && \
 	cd ~ && \
 	wget https://cache.ruby-lang.org/pub/ruby/${RUBY_VER%.*}/ruby-$RUBY_VER.tar.gz && \
 	tar xf ruby-$RUBY_VER.tar.gz && \
 	cd ruby-$RUBY_VER && \
 	./configure --prefix=/opt/ruby \
 	  --with-jemalloc \
 	  --with-shared \
 	  --disable-install-doc && \
 	make -j"$(nproc)" > /dev/null && \
 	make install && \
 	rm -rf ../ruby-$RUBY_VER.tar.gz ../ruby-$RUBY_VER
-ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin"
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN npm install -g npm@latest && \
 	npm install -g yarn && \
 	gem install bundler && \
 	apt-get update && \
 	apt-get install -y --no-install-recommends git libicu-dev libidn11-dev \
 	libpq-dev shared-mime-info
 WORKDIR /opt/mastodon
 COPY Gemfile* package.json yarn.lock /opt/mastodon/
-RUN cd /opt/mastodon && \
+# hadolint ignore=DL3008
-  bundle config set --local deployment 'true' && \
+RUN apt-get update && \
-  bundle config set --local without 'development test' && \
+    apt-get install -y --no-install-recommends build-essential \
-  bundle config set silence_root_warning true && \
+        ca-certificates \
-	bundle install -j"$(nproc)" && \
+        git \
-	yarn install --pure-lockfile
+        libicu-dev \
        libidn11-dev \
        libpq-dev \
        libjemalloc-dev \
        zlib1g-dev \
        libgdbm-dev \
        libgmp-dev \
        libssl-dev \
        libyaml-0-2 \
        ca-certificates \
        libreadline8 \
        python3 \
        shared-mime-info && \
    bundle config set --local deployment 'true' && \
    bundle config set --local without 'development test' && \
    bundle config set silence_root_warning true && \
    bundle install -j"$(nproc)" && \
    yarn install --pure-lockfile --network-timeout 600000 && \
    yarn cache clean
-FROM ubuntu:20.04
+FROM node:${NODE_VERSION}
-# Copy over all the langs needed for runtime
+ARG UID="991"
-COPY --from=build-dep /opt/node /opt/node
+ARG GID="991"
 COPY --from=build-dep /opt/ruby /opt/ruby
-# Add more PATHs to the PATH
+COPY --link --from=ruby /opt/ruby /opt/ruby
 ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin:/opt/mastodon/bin"
 # Create the mastodon user
 ARG UID=991
 ARG GID=991
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN apt-get update && \
 	echo "Etc/UTC" > /etc/localtime && \
 	apt-get install -y --no-install-recommends whois wget && \
 	addgroup --gid $GID mastodon && \
 	useradd -m -u $UID -g $GID -d /opt/mastodon mastodon && \
 	echo "mastodon:$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24 | mkpasswd -s -m sha-256)" | chpasswd && \
 	rm -rf /var/lib/apt/lists/*
-# Install mastodon runtime deps
+ENV DEBIAN_FRONTEND="noninteractive" \
-RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
+    PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
-RUN apt-get update && \
+
-  apt-get -y --no-install-recommends install \
+# Ignoreing these here since we don't want to pin any versions and the Debian image removes apt-get content after use
-	  libssl1.1 libpq5 imagemagick ffmpeg libjemalloc2 \
+# hadolint ignore=DL3008,DL3009
-	  libicu66 libidn11 libyaml-0-2 \
+RUN apt-get update && \
-	  file ca-certificates tzdata libreadline8 gcc tini apt-utils && \
+    echo "Etc/UTC" > /etc/localtime && \
-	ln -s /opt/mastodon /mastodon && \
+    groupadd -g "${GID}" mastodon && \
-	gem install bundler && \
+    useradd -l -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \
-	rm -rf /var/cache && \
+    apt-get -y --no-install-recommends install whois \
-	rm -rf /var/lib/apt/lists/*
+        wget \
        procps \
        libssl1.1 \
        libpq5 \
        imagemagick \
        ffmpeg \
        libjemalloc2 \
        libicu67 \
        libidn11 \
        libyaml-0-2 \
        file \
        ca-certificates \
        tzdata \
        libreadline8 \
        tini && \
    ln -s /opt/mastodon /mastodon
 # Note: no, cleaning here since Debian does this automatically
 # See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
 # Copy over mastodon source, and dependencies from building, and set permissions
 COPY --chown=mastodon:mastodon . /opt/mastodon
-COPY --from=build-dep --chown=mastodon:mastodon /opt/mastodon /opt/mastodon
+COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
-# Run mastodon services in prod mode
+ENV RAILS_ENV="production" \
-ENV RAILS_ENV="production"
+    NODE_ENV="production" \
-ENV NODE_ENV="production"
+    RAILS_SERVE_STATIC_FILES="true" \
-
+    BIND="0.0.0.0"
 # Tell rails to serve static files
 ENV RAILS_SERVE_STATIC_FILES="true"
 ENV BIND="0.0.0.0"
 # Set the run user
 USER mastodon
 WORKDIR /opt/mastodon
 # Precompile assets
-RUN cd ~ && \
+RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile
 	OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \
 	yarn cache clean
 # Set the work dir and the container entry point
 WORKDIR /opt/mastodon
 ENTRYPOINT ["/usr/bin/tini", "--"]
 EXPOSE 3000 4000
--- a/63
+++ b/63
@ -1,32 +1,32 @@
 # frozen_string_literal: true
 source 'https://rubygems.org'
-ruby '>= 2.6.0', '< 3.1.0'
+ruby '>= 2.7.0', '< 3.1.0'
-gem 'pkg-config', '~> 1.4'
+gem 'pkg-config', '~> 1.5'
 gem 'rexml', '~> 3.2'
 gem 'puma', '~> 5.6'
 gem 'rails', '~> 6.1.7'
 gem 'sprockets', '~> 3.7.2'
 gem 'thor', '~> 1.2'
-gem 'rack', '~> 2.2.4'
+gem 'rack', '~> 2.2.6'
-gem 'hamlit-rails', '~> 0.2'
+gem 'haml-rails', '~>2.0'
 gem 'pg', '~> 1.4'
 gem 'makara', '~> 0.5'
-gem 'pghero', '~> 2.8'
+gem 'pghero'
 gem 'dotenv-rails', '~> 2.8'
-gem 'aws-sdk-s3', '~> 1.114', require: false
+gem 'aws-sdk-s3', '~> 1.119', require: false
-gem 'fog-core', '<= 2.1.0'
+gem 'fog-core', '<= 2.4.0'
 gem 'fog-openstack', '~> 0.3', require: false
 gem 'kt-paperclip', '~> 7.1'
 gem 'blurhash', '~> 0.1'
 gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.8'
-gem 'bootsnap', '~> 1.13.0', require: false
+gem 'bootsnap', '~> 1.16.0', require: false
 gem 'browser'
 gem 'charlock_holmes', '~> 0.7.7'
 gem 'chewy', '~> 7.2'
@ -40,7 +40,7 @@ end
 gem 'net-ldap', '~> 0.17'
 gem 'omniauth-cas', '~> 2.0'
 gem 'omniauth-saml', '~> 1.10'
-gem 'gitlab-omniauth-openid-connect', '~>0.10.0', require: 'omniauth_openid_connect'
+gem 'omniauth_openid_connect', '~> 0.6.0'
 gem 'omniauth', '~> 1.9'
 gem 'omniauth-rails_csrf_protection', '~> 0.1'
@ -51,42 +51,43 @@ gem 'ed25519', '~> 1.3'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'hiredis', '~> 0.6'
-gem 'redis-namespace', '~> 1.9'
+gem 'redis-namespace', '~> 1.10'
 gem 'htmlentities', '~> 4.3'
 gem 'http', '~> 5.1'
 gem 'http_accept_language', '~> 2.1'
-gem 'httplog', '~> 1.6.0'
+gem 'httplog', '~> 1.6.2'
 gem 'idn-ruby', require: 'idn'
 gem 'kaminari', '~> 1.2'
 gem 'link_header', '~> 0.0'
 gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar'
-gem 'nokogiri', '~> 1.13'
+gem 'nokogiri', '~> 1.14'
 gem 'nsa', '~> 0.2'
 gem 'oj', '~> 3.13'
 gem 'ox', '~> 2.14'
 gem 'parslet'
 gem 'posix-spawn'
-gem 'pundit', '~> 2.2'
+gem 'public_suffix', '~> 5.0'
 gem 'pundit', '~> 2.3'
 gem 'premailer-rails'
 gem 'rack-attack', '~> 6.6'
 gem 'rack-cors', '~> 1.1', require: 'rack/cors'
 gem 'rails-i18n', '~> 6.0'
 gem 'rails-settings-cached', '~> 0.6'
-gem 'redcarpet', '~> 3.5'
+gem 'redcarpet', '~> 3.6'
 gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 2.1'
 gem 'ruby-progressbar', '~> 1.11'
 gem 'sanitize', '~> 6.0'
-gem 'scenic', '~> 1.6'
+gem 'scenic', '~> 1.7'
 gem 'sidekiq', '~> 6.5'
-gem 'sidekiq-scheduler', '~> 4.0'
+gem 'sidekiq-scheduler', '~> 5.0'
 gem 'sidekiq-unique-jobs', '~> 7.1'
 gem 'sidekiq-bulk', '~> 0.2.0'
 gem 'simple-navigation', '~> 4.4'
-gem 'simple_form', '~> 5.1'
+gem 'simple_form', '~> 5.2'
 gem 'sprockets-rails', '~> 3.4', require: 'sprockets/railtie'
-gem 'stoplight', '~> 3.0.0'
+gem 'stoplight', '~> 3.0.1'
 gem 'strong_migrations', '~> 0.7'
 gem 'tty-prompt', '~> 0.23', require: false
 gem 'twitter-text', '~> 3.1.0'
@ -106,6 +107,10 @@ group :development, :test do
  gem 'pry-byebug', '~> 3.10'
  gem 'pry-rails', '~> 0.3'
  gem 'rspec-rails', '~> 5.1'
  gem 'rubocop-performance', require: false
  gem 'rubocop-rails', require: false
  gem 'rubocop-rspec', require: false
  gem 'rubocop', require: false
 end
 group :production, :test do
@ -113,16 +118,16 @@ group :production, :test do
 end
 group :test do
-  gem 'capybara', '~> 3.37'
+  gem 'capybara', '~> 3.38'
  gem 'climate_control', '~> 0.2'
-  gem 'faker', '~> 2.23'
+  gem 'faker', '~> 3.1'
-  gem 'microformats', '~> 4.4'
+  gem 'json-schema', '~> 3.0'
  gem 'rails-controller-testing', '~> 1.0'
  gem 'rspec-sidekiq', '~> 3.1'
  gem 'simplecov', '~> 0.21', require: false
  gem 'webmock', '~> 3.18'
  gem 'rspec_junit_formatter', '~> 0.6'
  gem 'rack-test', '~> 2.0'
  gem 'rails-controller-testing', '~> 1.0'
  gem 'rspec_junit_formatter', '~> 0.6'
  gem 'rspec-sidekiq', '~> 3.1'
  gem 'simplecov', '~> 0.22', require: false
  gem 'webmock', '~> 3.18'
 end
 group :development do
@ -134,9 +139,7 @@ group :development do
  gem 'letter_opener', '~> 1.8'
  gem 'letter_opener_web', '~> 2.0'
  gem 'memory_profiler'
-  gem 'rubocop', '~> 1.30', require: false
+  gem 'brakeman', '~> 5.4', require: false
  gem 'rubocop-rails', '~> 2.15', require: false
  gem 'brakeman', '~> 5.3', require: false
  gem 'bundler-audit', '~> 0.9', require: false
  gem 'capistrano', '~> 3.17'
@ -157,3 +160,5 @@ gem 'xorcist', '~> 1.1'
 gem 'hcaptcha', '~> 7.1'
 gem 'cocoon', '~> 1.2'
 gem 'net-http', '~> 0.3.2'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -10,40 +10,40 @@ GIT
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (6.1.7)
+    actioncable (6.1.7.2)
-      actionpack (= 6.1.7)
+      actionpack (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.7)
+    actionmailbox (6.1.7.2)
-      actionpack (= 6.1.7)
+      actionpack (= 6.1.7.2)
-      activejob (= 6.1.7)
+      activejob (= 6.1.7.2)
-      activerecord (= 6.1.7)
+      activerecord (= 6.1.7.2)
-      activestorage (= 6.1.7)
+      activestorage (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      mail (>= 2.7.1)
-    actionmailer (6.1.7)
+    actionmailer (6.1.7.2)
-      actionpack (= 6.1.7)
+      actionpack (= 6.1.7.2)
-      actionview (= 6.1.7)
+      actionview (= 6.1.7.2)
-      activejob (= 6.1.7)
+      activejob (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      mail (~> 2.5, >= 2.5.4)
      rails-dom-testing (~> 2.0)
-    actionpack (6.1.7)
+    actionpack (6.1.7.2)
-      actionview (= 6.1.7)
+      actionview (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      rack (~> 2.0, >= 2.0.9)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.7)
+    actiontext (6.1.7.2)
-      actionpack (= 6.1.7)
+      actionpack (= 6.1.7.2)
-      activerecord (= 6.1.7)
+      activerecord (= 6.1.7.2)
-      activestorage (= 6.1.7)
+      activestorage (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      nokogiri (>= 1.8.5)
-    actionview (6.1.7)
+    actionview (6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      builder (~> 3.1)
      erubi (~> 1.4)
      rails-dom-testing (~> 2.0)
@ -54,22 +54,22 @@ GEM
      case_transform (>= 0.2)
      jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
    active_record_query_trace (1.8)
-    activejob (6.1.7)
+    activejob (6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      globalid (>= 0.3.6)
-    activemodel (6.1.7)
+    activemodel (6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
-    activerecord (6.1.7)
+    activerecord (6.1.7.2)
-      activemodel (= 6.1.7)
+      activemodel (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
-    activestorage (6.1.7)
+    activestorage (6.1.7.2)
-      actionpack (= 6.1.7)
+      actionpack (= 6.1.7.2)
-      activejob (= 6.1.7)
+      activejob (= 6.1.7.2)
-      activerecord (= 6.1.7)
+      activerecord (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      marcel (~> 1.0)
      mini_mime (>= 1.1.0)
-    activesupport (6.1.7)
+    activesupport (6.1.7.2)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
@ -90,20 +90,20 @@ GEM
    attr_required (1.0.1)
    awrence (1.2.1)
    aws-eventstream (1.2.0)
-    aws-partitions (1.587.0)
+    aws-partitions (1.701.0)
-    aws-sdk-core (3.130.2)
+    aws-sdk-core (3.170.0)
      aws-eventstream (~> 1, >= 1.0.2)
-      aws-partitions (~> 1, >= 1.525.0)
+      aws-partitions (~> 1, >= 1.651.0)
      aws-sigv4 (~> 1.5)
      jmespath (~> 1, >= 1.6.1)
    aws-sdk-kms (1.62.0)
      aws-sdk-core (~> 3, >= 3.165.0)
      aws-sigv4 (~> 1.1)
-      jmespath (~> 1.0)
+    aws-sdk-s3 (1.119.0)
-    aws-sdk-kms (1.56.0)
+      aws-sdk-core (~> 3, >= 3.165.0)
      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sigv4 (~> 1.1)
    aws-sdk-s3 (1.114.0)
      aws-sdk-core (~> 3, >= 3.127.0)
      aws-sdk-kms (~> 1)
      aws-sigv4 (~> 1.4)
-    aws-sigv4 (1.5.0)
+    aws-sigv4 (1.5.2)
      aws-eventstream (~> 1, >= 1.0.2)
    bcrypt (3.1.17)
    better_errors (2.9.1)
@ -117,20 +117,19 @@ GEM
      erubi (~> 1.4)
      parser (>= 2.4)
      smart_properties
-    bindata (2.4.10)
+    bindata (2.4.14)
    binding_of_caller (1.0.0)
      debug_inspector (>= 0.0.1)
-    blurhash (0.1.6)
+    blurhash (0.1.7)
-      ffi (~> 1.14)
+    bootsnap (1.16.0)
    bootsnap (1.13.0)
      msgpack (~> 1.2)
-    brakeman (5.3.1)
+    brakeman (5.4.0)
    browser (4.2.0)
-    brpoplpush-redis_script (0.1.2)
+    brpoplpush-redis_script (0.1.3)
      concurrent-ruby (~> 1.0, >= 1.0.5)
-      redis (>= 1.0, <= 5.0)
+      redis (>= 1.0, < 6)
    builder (3.2.4)
-    bullet (7.0.3)
+    bullet (7.0.7)
      activesupport (>= 3.0.0)
      uniform_notifier (~> 1.11)
    bundler-audit (0.9.1)
@ -152,7 +151,7 @@ GEM
      sshkit (~> 1.3)
    capistrano-yarn (2.0.2)
      capistrano (~> 3.0)
-    capybara (3.37.1)
+    capybara (3.38.0)
      addressable
      matrix
      mini_mime (>= 0.1.3)
@ -165,7 +164,7 @@ GEM
      activesupport
    cbor (0.5.9.6)
    charlock_holmes (0.7.7)
-    chewy (7.2.4)
+    chewy (7.2.7)
      activesupport (>= 5.2)
      elasticsearch (>= 7.12.0, < 7.14.0)
      elasticsearch-dsl
@ -174,7 +173,7 @@ GEM
    cocoon (1.2.15)
    coderay (1.1.3)
    color_diff (0.1)
-    concurrent-ruby (1.1.10)
+    concurrent-ruby (1.2.0)
    connection_pool (2.3.0)
    cose (1.2.1)
      cbor (~> 0.5.9)
@ -182,8 +181,9 @@ GEM
    crack (0.4.5)
      rexml
    crass (1.0.6)
-    css_parser (1.7.1)
+    css_parser (1.12.0)
      addressable
    date (3.3.3)
    debug_inspector (1.0.0)
    devise (4.8.1)
      bcrypt (~> 3.0)
@ -203,10 +203,10 @@ GEM
    diff-lcs (1.5.0)
    discard (1.2.1)
      activerecord (>= 4.2, < 8)
-    docile (1.3.4)
+    docile (1.4.0)
    domain_name (0.5.20190701)
      unf (>= 0.0.5, < 1.0.0)
-    doorkeeper (5.6.0)
+    doorkeeper (5.6.4)
      railties (>= 5)
    dotenv (2.8.1)
    dotenv-rails (2.8.1)
@ -223,14 +223,14 @@ GEM
      faraday (~> 1)
      multi_json
    encryptor (3.0.0)
-    erubi (1.11.0)
+    erubi (1.12.0)
    et-orbi (1.2.7)
      tzinfo
-    excon (0.76.0)
+    excon (0.95.0)
    fabrication (2.30.0)
-    faker (2.23.0)
+    faker (3.1.1)
      i18n (>= 1.8.11, < 2)
-    faraday (1.9.3)
+    faraday (1.10.3)
      faraday-em_http (~> 1.0)
      faraday-em_synchrony (~> 1.0)
      faraday-excon (~> 1.1)
@ -246,8 +246,8 @@ GEM
    faraday-em_synchrony (1.0.0)
    faraday-excon (1.1.0)
    faraday-httpclient (1.0.1)
-    faraday-multipart (1.0.3)
+    faraday-multipart (1.0.4)
-      multipart-post (>= 1.2, < 3)
+      multipart-post (~> 2)
    faraday-net_http (1.0.1)
    faraday-net_http_persistent (1.2.0)
    faraday-patron (1.0.0)
@ -271,28 +271,24 @@ GEM
      fog-core (>= 1.45, <= 2.1.0)
      fog-json (>= 1.0)
      ipaddress (>= 0.8)
-    formatador (0.2.5)
+    formatador (0.3.0)
-    fugit (1.7.1)
+    fugit (1.8.1)
      et-orbi (~> 1, >= 1.2.7)
      raabro (~> 1.4)
    fuubar (2.5.1)
      rspec-core (~> 3.0)
      ruby-progressbar (~> 1.4)
-    gitlab-omniauth-openid-connect (0.10.0)
+    globalid (1.1.0)
      addressable (~> 2.7)
      omniauth (>= 1.9, < 3)
      openid_connect (~> 1.2)
    globalid (1.0.0)
      activesupport (>= 5.0)
-    hamlit (2.13.0)
+    haml (6.1.1)
      temple (>= 0.8.2)
      thor
      tilt
-    hamlit-rails (0.2.3)
+    haml-rails (2.1.0)
-      actionpack (>= 4.0.1)
+      actionpack (>= 5.1)
-      activesupport (>= 4.0.1)
+      activesupport (>= 5.1)
-      hamlit (>= 1.2.0)
+      haml (>= 4.0.6)
-      railties (>= 4.0.1)
+      railties (>= 5.1)
    hashdiff (1.0.1)
    hashie (5.0.0)
    hcaptcha (7.1.0)
@ -301,7 +297,7 @@ GEM
    hiredis (0.6.3)
    hkdf (0.3.0)
    htmlentities (4.3.4)
-    http (5.1.0)
+    http (5.1.1)
      addressable (~> 2.8)
      http-cookie (~> 1.0)
      http-form_data (~> 2.2)
@ -311,7 +307,7 @@ GEM
    http-form_data (2.3.0)
    http_accept_language (2.1.1)
    httpclient (2.8.3)
-    httplog (1.6.0)
+    httplog (1.6.2)
      rack (>= 2.0)
      rainbow (>= 2.0.0)
    i18n (1.12.0)
@ -327,15 +323,16 @@ GEM
      rails-i18n
      rainbow (>= 2.2.2, < 4.0)
      terminal-table (>= 1.5.1)
-    idn-ruby (0.1.4)
+    idn-ruby (0.1.5)
    ipaddress (0.8.3)
-    jmespath (1.6.1)
+    jmespath (1.6.2)
-    json (2.6.2)
+    json (2.6.3)
    json-canonicalization (0.3.0)
-    json-jwt (1.13.0)
+    json-jwt (1.15.3)
      activesupport (>= 4.2)
      aes_key_wrap
      bindata
      httpclient
    json-ld (3.2.3)
      htmlentities (~> 4.3)
      json-canonicalization (~> 0.3)
@ -343,11 +340,13 @@ GEM
      multi_json (~> 1.15)
      rack (~> 2.2)
      rdf (~> 3.2, >= 3.2.9)
-    json-ld-preloaded (3.2.0)
+    json-ld-preloaded (3.2.2)
      json-ld (~> 3.2)
      rdf (~> 3.2)
    json-schema (3.0.0)
      addressable (>= 2.8)
    jsonapi-renderer (0.2.2)
-    jwt (2.4.1)
+    jwt (2.5.0)
    kaminari (1.2.2)
      activesupport (>= 4.1.0)
      kaminari-actionview (= 1.2.2)
@ -384,37 +383,48 @@ GEM
      activesupport (>= 4)
      railties (>= 4)
      request_store (~> 1.0)
-    loofah (2.19.0)
+    loofah (2.19.1)
      crass (~> 1.0.2)
      nokogiri (>= 1.5.9)
-    mail (2.7.1)
+    mail (2.8.0.1)
      mini_mime (>= 0.1.1)
      net-imap
      net-pop
      net-smtp
    makara (0.5.1)
      activerecord (>= 5.2.0)
    marcel (1.0.2)
    mario-redis-lock (1.2.1)
      redis (>= 3.0.5)
    matrix (0.4.2)
-    memory_profiler (1.0.0)
+    memory_profiler (1.0.1)
    method_source (1.0.0)
    microformats (4.4.1)
      json (~> 2.2)
      nokogiri (~> 1.10)
    mime-types (3.4.1)
      mime-types-data (~> 3.2015)
    mime-types-data (3.2022.0105)
    mini_mime (1.1.2)
-    mini_portile2 (2.8.0)
+    mini_portile2 (2.8.1)
-    minitest (5.16.3)
+    minitest (5.17.0)
-    msgpack (1.5.4)
+    msgpack (1.6.0)
    multi_json (1.15.0)
-    multipart-post (2.1.1)
+    multipart-post (2.3.0)
    net-http (0.3.2)
      uri
    net-imap (0.3.4)
      date
      net-protocol
    net-ldap (0.17.1)
    net-pop (0.1.2)
      net-protocol
    net-protocol (0.2.1)
      timeout
    net-scp (4.0.0.rc1)
      net-ssh (>= 2.6.5, < 8.0.0)
    net-smtp (0.3.3)
      net-protocol
    net-ssh (7.0.1)
    nio4r (2.5.8)
-    nokogiri (1.13.8)
+    nokogiri (1.14.1)
      mini_portile2 (~> 2.8.0)
      racc (~> 1.4)
    nsa (0.2.8)
@ -422,7 +432,7 @@ GEM
      concurrent-ruby (~> 1.0, >= 1.0.2)
      sidekiq (>= 3.5)
      statsd-ruby (~> 1.4, >= 1.4.0)
-    oj (3.13.21)
+    oj (3.13.23)
    omniauth (1.9.2)
      hashie (>= 3.4.6)
      rack (>= 1.6.2, < 3)
@ -436,38 +446,43 @@ GEM
    omniauth-saml (1.10.3)
      omniauth (~> 1.3, >= 1.3.2)
      ruby-saml (~> 1.9)
-    openid_connect (1.3.0)
+    omniauth_openid_connect (0.6.0)
      omniauth (>= 1.9, < 3)
      openid_connect (~> 1.1)
    openid_connect (1.4.2)
      activemodel
      attr_required (>= 1.0.0)
-      json-jwt (>= 1.5.0)
+      json-jwt (>= 1.15.0)
-      rack-oauth2 (>= 1.6.1)
+      net-smtp
-      swd (>= 1.0.0)
+      rack-oauth2 (~> 1.21)
      swd (~> 1.3)
      tzinfo
      validate_email
      validate_url
-      webfinger (>= 1.0.1)
+      webfinger (~> 1.2)
    openssl (3.0.0)
    openssl-signature_algorithm (1.2.1)
      openssl (> 2.0, < 3.1)
    orm_adapter (0.5.0)
-    ox (2.14.11)
+    ox (2.14.14)
    parallel (1.22.1)
-    parser (3.1.2.1)
+    parser (3.2.1.0)
      ast (~> 2.4.1)
    parslet (2.0.0)
    pastel (0.8.0)
      tty-color (~> 0.5)
-    pg (1.4.3)
+    pg (1.4.5)
-    pghero (2.8.3)
+    pghero (3.1.0)
-      activerecord (>= 5)
+      activerecord (>= 6)
-    pkg-config (1.4.9)
+    pkg-config (1.5.1)
    posix-spawn (0.3.15)
-    premailer (1.14.2)
+    premailer (1.18.0)
      addressable
-      css_parser (>= 1.6.0)
+      css_parser (>= 1.12.0)
      htmlentities (>= 4.0.0)
-    premailer-rails (1.11.1)
+    premailer-rails (1.12.0)
      actionmailer (>= 3)
      net-smtp
      premailer (~> 1.7, >= 1.7.9)
    private_address_check (0.5.0)
    pry (0.14.1)
@ -478,42 +493,42 @@ GEM
      pry (>= 0.13, < 0.15)
    pry-rails (0.3.9)
      pry (>= 0.10.4)
-    public_suffix (5.0.0)
+    public_suffix (5.0.1)
    puma (5.6.5)
      nio4r (~> 2.0)
-    pundit (2.2.0)
+    pundit (2.3.0)
      activesupport (>= 3.0.0)
    raabro (1.4.0)
-    racc (1.6.0)
+    racc (1.6.2)
-    rack (2.2.4)
+    rack (2.2.6.2)
    rack-attack (6.6.1)
      rack (>= 1.0, < 3)
    rack-cors (1.1.1)
      rack (>= 2.0.0)
-    rack-oauth2 (1.19.0)
+    rack-oauth2 (1.21.3)
      activesupport
      attr_required
      httpclient
      json-jwt (>= 1.11.0)
      rack (>= 2.1.0)
-    rack-proxy (0.7.0)
+    rack-proxy (0.7.6)
      rack
    rack-test (2.0.2)
      rack (>= 1.3)
-    rails (6.1.7)
+    rails (6.1.7.2)
-      actioncable (= 6.1.7)
+      actioncable (= 6.1.7.2)
-      actionmailbox (= 6.1.7)
+      actionmailbox (= 6.1.7.2)
-      actionmailer (= 6.1.7)
+      actionmailer (= 6.1.7.2)
-      actionpack (= 6.1.7)
+      actionpack (= 6.1.7.2)
-      actiontext (= 6.1.7)
+      actiontext (= 6.1.7.2)
-      actionview (= 6.1.7)
+      actionview (= 6.1.7.2)
-      activejob (= 6.1.7)
+      activejob (= 6.1.7.2)
-      activemodel (= 6.1.7)
+      activemodel (= 6.1.7.2)
-      activerecord (= 6.1.7)
+      activerecord (= 6.1.7.2)
-      activestorage (= 6.1.7)
+      activestorage (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      bundler (>= 1.15.0)
-      railties (= 6.1.7)
+      railties (= 6.1.7.2)
      sprockets-rails (>= 2.0.0)
    rails-controller-testing (1.0.5)
      actionpack (>= 5.0.1.rc1)
@ -522,16 +537,16 @@ GEM
    rails-dom-testing (2.0.3)
      activesupport (>= 4.2.0)
      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.4.3)
+    rails-html-sanitizer (1.5.0)
-      loofah (~> 2.3)
+      loofah (~> 2.19, >= 2.19.1)
    rails-i18n (6.0.0)
      i18n (>= 0.7, < 2)
      railties (>= 6.0.0, < 7)
    rails-settings-cached (0.6.6)
      rails (>= 4.2.0)
-    railties (6.1.7)
+    railties (6.1.7.2)
-      actionpack (= 6.1.7)
+      actionpack (= 6.1.7.2)
-      activesupport (= 6.1.7)
+      activesupport (= 6.1.7.2)
      method_source
      rake (>= 12.2)
      thor (~> 1.0)
@ -539,13 +554,15 @@ GEM
    rake (13.0.6)
    rdf (3.2.9)
      link_header (~> 0.0, >= 0.0.8)
-    rdf-normalize (0.5.0)
+    rdf-normalize (0.5.1)
      rdf (~> 3.2)
-    redcarpet (3.5.1)
+    redcarpet (3.6.0)
    redis (4.5.1)
-    redis-namespace (1.9.0)
+    redis-namespace (1.10.0)
      redis (>= 4)
-    regexp_parser (2.5.0)
+    redlock (1.3.2)
      redis (>= 3.0.0, < 6.0)
    regexp_parser (2.7.0)
    request_store (1.5.1)
      rack (>= 1.4)
    responders (3.0.1)
@ -580,21 +597,30 @@ GEM
    rspec-support (3.11.1)
    rspec_junit_formatter (0.6.0)
      rspec-core (>= 2, < 4, != 2.12.0)
-    rubocop (1.30.1)
+    rubocop (1.45.1)
      json (~> 2.3)
      parallel (~> 1.10)
-      parser (>= 3.1.0.0)
+      parser (>= 3.2.0.0)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 1.8, < 3.0)
      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.18.0, < 2.0)
+      rubocop-ast (>= 1.24.1, < 2.0)
      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
+      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.18.0)
+    rubocop-ast (1.24.1)
      parser (>= 3.1.1.0)
-    rubocop-rails (2.15.0)
+    rubocop-capybara (2.17.0)
      rubocop (~> 1.41)
    rubocop-performance (1.16.0)
      rubocop (>= 1.7.0, < 2.0)
      rubocop-ast (>= 0.4.0)
    rubocop-rails (2.17.4)
      activesupport (>= 4.2.0)
      rack (>= 1.1)
-      rubocop (>= 1.7.0, < 2.0)
+      rubocop (>= 1.33.0, < 2.0)
    rubocop-rspec (2.18.1)
      rubocop (~> 1.33)
      rubocop-capybara (~> 2.17)
    ruby-progressbar (1.11.0)
    ruby-saml (1.13.0)
      nokogiri (>= 1.10.5)
@ -604,40 +630,40 @@ GEM
      fugit (~> 1.1, >= 1.1.6)
    safety_net_attestation (0.4.0)
      jwt (~> 2.0)
-    sanitize (6.0.0)
+    sanitize (6.0.1)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
-    scenic (1.6.0)
+    scenic (1.7.0)
      activerecord (>= 4.0.0)
      railties (>= 4.0.0)
    semantic_range (3.0.0)
-    sidekiq (6.5.7)
+    sidekiq (6.5.8)
-      connection_pool (>= 2.2.5)
+      connection_pool (>= 2.2.5, < 3)
      rack (~> 2.0)
      redis (>= 4.5.0, < 5)
    sidekiq-bulk (0.2.0)
      sidekiq
-    sidekiq-scheduler (4.0.3)
+    sidekiq-scheduler (5.0.1)
      redis (>= 4.2.0)
      rufus-scheduler (~> 3.2)
-      sidekiq (>= 4, < 7)
+      sidekiq (>= 4, < 8)
      tilt (>= 1.4.0)
-    sidekiq-unique-jobs (7.1.27)
+    sidekiq-unique-jobs (7.1.29)
      brpoplpush-redis_script (> 0.1.1, <= 2.0.0)
      concurrent-ruby (~> 1.0, >= 1.0.5)
-      sidekiq (>= 5.0, < 8.0)
+      redis (< 5.0)
      sidekiq (>= 5.0, < 7.0)
      thor (>= 0.20, < 3.0)
    simple-navigation (4.4.0)
      activesupport (>= 2.3.2)
-    simple_form (5.1.0)
+    simple_form (5.2.0)
      actionpack (>= 5.2)
      activemodel (>= 5.2)
-    simplecov (0.21.2)
+    simplecov (0.22.0)
      docile (~> 1.1)
      simplecov-html (~> 0.11)
      simplecov_json_formatter (~> 0.1)
    simplecov-html (0.12.3)
-    simplecov_json_formatter (0.1.2)
+    simplecov_json_formatter (0.1.4)
    smart_properties (1.17.0)
    sprockets (3.7.2)
      concurrent-ruby (~> 1.0)
@ -649,22 +675,24 @@ GEM
    sshkit (1.21.2)
      net-scp (>= 1.1.2)
      net-ssh (>= 2.8.0)
-    stackprof (0.2.22)
+    stackprof (0.2.23)
    statsd-ruby (1.5.0)
-    stoplight (3.0.0)
+    stoplight (3.0.1)
      redlock (~> 1.0)
    strong_migrations (0.7.9)
      activerecord (>= 5)
    swd (1.3.0)
      activesupport (>= 3)
      attr_required (>= 0.0.5)
      httpclient (>= 2.4)
-    temple (0.8.2)
+    temple (0.10.0)
    terminal-table (3.0.2)
      unicode-display_width (>= 1.1.1, < 3)
    terrapin (0.6.0)
      climate_control (>= 0.0.3, < 1.0)
    thor (1.2.1)
    tilt (2.0.11)
    timeout (0.3.1)
    tpm-key_attestation (0.11.0)
      bindata (~> 2.4)
      openssl (> 2.0, < 3.1)
@ -682,15 +710,16 @@ GEM
    twitter-text (3.1.0)
      idn-ruby
      unf (~> 0.1.0)
-    tzinfo (2.0.5)
+    tzinfo (2.0.6)
      concurrent-ruby (~> 1.0)
-    tzinfo-data (1.2022.4)
+    tzinfo-data (1.2022.7)
      tzinfo (>= 1.0.0)
    unf (0.1.4)
      unf_ext
    unf_ext (0.0.8.2)
-    unicode-display_width (2.3.0)
+    unicode-display_width (2.4.2)
    uniform_notifier (1.16.0)
    uri (0.12.0)
    validate_email (0.1.6)
      activemodel (>= 3.0)
      mail (>= 2.2.5)
@ -715,7 +744,7 @@ GEM
      addressable (>= 2.8.0)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
-    webpacker (5.4.3)
+    webpacker (5.4.4)
      activesupport (>= 5.2)
      rack-proxy (>= 0.6.1)
      railties (>= 5.2)
@ -727,7 +756,7 @@ GEM
    xorcist (1.1.3)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    zeitwerk (2.6.0)
+    zeitwerk (2.6.7)
 PLATFORMS
  ruby
@ -737,12 +766,12 @@ DEPENDENCIES
  active_record_query_trace (~> 1.8)
  addressable (~> 2.8)
  annotate (~> 3.2)
-  aws-sdk-s3 (~> 1.114)
+  aws-sdk-s3 (~> 1.119)
  better_errors (~> 2.9)
  binding_of_caller (~> 1.0)
  blurhash (~> 0.1)
-  bootsnap (~> 1.13.0)
+  bootsnap (~> 1.16.0)
-  brakeman (~> 5.3)
+  brakeman (~> 5.4)
  browser
  bullet (~> 7.0)
  bundler-audit (~> 0.9)
@ -750,7 +779,7 @@ DEPENDENCIES
  capistrano-rails (~> 1.6)
  capistrano-rbenv (~> 2.2)
  capistrano-yarn (~> 2.0)
-  capybara (~> 3.37)
+  capybara (~> 3.38)
  charlock_holmes (~> 0.7.7)
  chewy (~> 7.2)
  climate_control (~> 0.2)
@ -766,24 +795,24 @@ DEPENDENCIES
  dotenv-rails (~> 2.8)
  ed25519 (~> 1.3)
  fabrication (~> 2.30)
-  faker (~> 2.23)
+  faker (~> 3.1)
  fast_blank (~> 1.0)
  fastimage
-  fog-core (<= 2.1.0)
+  fog-core (<= 2.4.0)
  fog-openstack (~> 0.3)
  fuubar (~> 2.5)
-  gitlab-omniauth-openid-connect (~> 0.10.0)
+  haml-rails (~> 2.0)
  hamlit-rails (~> 0.2)
  hcaptcha (~> 7.1)
  hiredis (~> 0.6)
  htmlentities (~> 4.3)
  http (~> 5.1)
  http_accept_language (~> 2.1)
-  httplog (~> 1.6.0)
+  httplog (~> 1.6.2)
  i18n-tasks (~> 1.0)
  idn-ruby
  json-ld
  json-ld-preloaded (~> 3.2)
  json-schema (~> 3.0)
  kaminari (~> 1.2)
  kt-paperclip (~> 7.1)
  letter_opener (~> 1.8)
@ -793,29 +822,31 @@ DEPENDENCIES
  makara (~> 0.5)
  mario-redis-lock (~> 1.2)
  memory_profiler
  microformats (~> 4.4)
  mime-types (~> 3.4.1)
  net-http (~> 0.3.2)
  net-ldap (~> 0.17)
-  nokogiri (~> 1.13)
+  nokogiri (~> 1.14)
  nsa (~> 0.2)
  oj (~> 3.13)
  omniauth (~> 1.9)
  omniauth-cas (~> 2.0)
  omniauth-rails_csrf_protection (~> 0.1)
  omniauth-saml (~> 1.10)
  omniauth_openid_connect (~> 0.6.0)
  ox (~> 2.14)
  parslet
  pg (~> 1.4)
-  pghero (~> 2.8)
+  pghero
-  pkg-config (~> 1.4)
+  pkg-config (~> 1.5)
  posix-spawn
  premailer-rails
  private_address_check (~> 0.5)
  pry-byebug (~> 3.10)
  pry-rails (~> 0.3)
  public_suffix (~> 5.0)
  puma (~> 5.6)
-  pundit (~> 2.2)
+  pundit (~> 2.3)
-  rack (~> 2.2.4)
+  rack (~> 2.2.6)
  rack-attack (~> 6.6)
  rack-cors (~> 1.1)
  rack-test (~> 2.0)
@ -824,30 +855,32 @@ DEPENDENCIES
  rails-i18n (~> 6.0)
  rails-settings-cached (~> 0.6)
  rdf-normalize (~> 0.5)
-  redcarpet (~> 3.5)
+  redcarpet (~> 3.6)
  redis (~> 4.5)
-  redis-namespace (~> 1.9)
+  redis-namespace (~> 1.10)
  rexml (~> 3.2)
  rqrcode (~> 2.1)
  rspec-rails (~> 5.1)
  rspec-sidekiq (~> 3.1)
  rspec_junit_formatter (~> 0.6)
-  rubocop (~> 1.30)
+  rubocop
-  rubocop-rails (~> 2.15)
+  rubocop-performance
  rubocop-rails
  rubocop-rspec
  ruby-progressbar (~> 1.11)
  sanitize (~> 6.0)
-  scenic (~> 1.6)
+  scenic (~> 1.7)
  sidekiq (~> 6.5)
  sidekiq-bulk (~> 0.2.0)
-  sidekiq-scheduler (~> 4.0)
+  sidekiq-scheduler (~> 5.0)
  sidekiq-unique-jobs (~> 7.1)
  simple-navigation (~> 4.4)
-  simple_form (~> 5.1)
+  simple_form (~> 5.2)
-  simplecov (~> 0.21)
+  simplecov (~> 0.22)
  sprockets (~> 3.7.2)
  sprockets-rails (~> 3.4)
  stackprof
-  stoplight (~> 3.0.0)
+  stoplight (~> 3.0.1)
  strong_migrations (~> 0.7)
  thor (~> 1.2)
  tty-prompt (~> 0.23)
--- a/SECURITY.md
+++ b/SECURITY.md
@ -11,7 +11,8 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through
 ## Supported Versions
 | Version | Supported |
-| ------- | ----------|
+| ------- | --------- |
 | 4.1.x   | Yes       |
 | 4.0.x   | Yes       |
 | 3.5.x   | Yes       |
 | < 3.5   | No        |
--- a/71
+++ b/71
@ -3,16 +3,14 @@
 ENV["PORT"] ||= "3000"
-$provision = <<SCRIPT
+$provisionA = <<SCRIPT
 cd /vagrant # This is where the host folder/repo is mounted
 # Add the yarn repo + yarn repo keys
 curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 sudo apt-add-repository 'deb https://dl.yarnpkg.com/debian/ stable main'
 # Add repo for NodeJS
-curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -
+curl -sL https://deb.nodesource.com/setup_16.x | sudo bash -
 # Add firewall rule to redirect 80 to PORT and save
 sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port #{ENV["PORT"]}
@ -33,32 +31,56 @@ sudo apt-get install \
  redis-tools \
  postgresql \
  postgresql-contrib \
  yarn \
  libicu-dev \
  libidn11-dev \
-  libreadline-dev \
+  libreadline6-dev \
-  libpam0g-dev \
+  autoconf \
  bison \
  build-essential \
  ffmpeg \
  file \
  gcc \
  libffi-dev \
  libgdbm-dev \
  libjemalloc-dev \
  libncurses5-dev \
  libprotobuf-dev \
  libssl-dev \
  libyaml-dev \
  pkg-config \
  protobuf-compiler \
  zlib1g-dev \
  -y
 # Install rvm
-read RUBY_VERSION < .ruby-version
+sudo apt-add-repository -y ppa:rael-gc/rvm
 sudo apt-get install rvm -y
-curl -sSL https://rvm.io/mpapis.asc | gpg --import
+sudo usermod -a -G rvm $USER
 curl -sSL https://rvm.io/pkuczynski.asc | gpg --import
-curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer | bash -s stable --ruby=$RUBY_VERSION
+SCRIPT
-source /home/vagrant/.rvm/scripts/rvm
+
 $provisionB = <<SCRIPT
 source "/etc/profile.d/rvm.sh"
 # Install Ruby
-rvm reinstall ruby-$RUBY_VERSION --disable-binary
+read RUBY_VERSION < /vagrant/.ruby-version
 rvm install ruby-$RUBY_VERSION --disable-binary
 # Configure database
 sudo -u postgres createuser -U postgres vagrant -s
 sudo -u postgres createdb -U postgres mastodon_development
-# Install gems and node modules
+cd /vagrant # This is where the host folder/repo is mounted
 # Install gems
 gem install bundler foreman
 bundle install
 # Install node modules
 sudo corepack enable
 yarn set version classic
 yarn install
 # Build Mastodon
@ -72,18 +94,11 @@ echo 'export $(cat "/vagrant/.env.vagrant" | xargs)' >> ~/.bash_profile
 SCRIPT
 $start = <<SCRIPT
 echo 'To start server'
 echo '  $ vagrant ssh -c "cd /vagrant && foreman start"'
 SCRIPT
 VAGRANTFILE_API_VERSION = "2"
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-  config.vm.box = "ubuntu/bionic64"
+  config.vm.box = "ubuntu/focal64"
  config.vm.provider :virtualbox do |vb|
    vb.name = "mastodon"
@ -100,7 +115,6 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
    # Use "virtio" network interfaces for better performance.
    vb.customize ["modifyvm", :id, "--nictype1", "virtio"]
    vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
  end
  # This uses the vagrant-hostsupdater plugin, and lets you
@ -118,7 +132,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  end
  if config.vm.networks.any? { |type, options| type == :private_network }
-    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'actimeo=1']
+    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'actimeo=1']
  else
    config.vm.synced_folder ".", "/vagrant"
  end
@ -129,9 +143,12 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.network :forwarded_port, guest: 8080, host: 8080
  # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
-  config.vm.provision :shell, inline: $provision, privileged: false
+  config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
  config.vm.provision :shell, inline: $provisionB, privileged: false
-  # Start up script, runs on every 'vagrant up'
+  config.vm.post_up_message = <<MESSAGE
-  config.vm.provision :shell, inline: $start, run: 'always', privileged: false
+To start server
  $ vagrant ssh -c "cd /vagrant && foreman start"
 MESSAGE
 end
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@ -17,6 +17,8 @@ class AccountsController < ApplicationController
    respond_to do |format|
      format.html do
        expires_in 0, public: true unless user_signed_in?
        @rss_url = rss_url
      end
      format.rss do
--- a/app/controllers/admin/account_actions_controller.rb
+++ b/app/controllers/admin/account_actions_controller.rb
@ -21,7 +21,7 @@ module Admin
      account_action.save!
      if account_action.with_report?
-        redirect_to admin_reports_path
+        redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: params[:report_id])
      else
        redirect_to admin_account_path(@account.id)
      end
--- a/app/controllers/admin/accounts_controller.rb
+++ b/app/controllers/admin/accounts_controller.rb
@ -55,12 +55,14 @@ module Admin
    def approve
      authorize @account.user, :approve?
      @account.user.approve!
      log_action :approve, @account.user
      redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.approved_msg', username: @account.acct)
    end
    def reject
      authorize @account.user, :reject?
      DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
      log_action :reject, @account.user
      redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.rejected_msg', username: @account.acct)
    end
--- a/app/controllers/admin/domain_blocks_controller.rb
+++ b/app/controllers/admin/domain_blocks_controller.rb
@ -9,9 +9,9 @@ module Admin
      @form = Form::DomainBlockBatch.new(form_domain_block_batch_params.merge(current_account: current_account, action: action_from_button))
      @form.save
    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.email_domain_blocks.no_domain_block_selected')
+      flash[:alert] = I18n.t('admin.domain_blocks.no_domain_block_selected')
    rescue Mastodon::NotPermittedError
-      flash[:alert] = I18n.t('admin.domain_blocks.created_msg')
+      flash[:alert] = I18n.t('admin.domain_blocks.not_permitted')
    else
      redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
    end
@ -55,12 +55,8 @@ module Admin
    def update
      authorize :domain_block, :update?
-      @domain_block.update(update_params)
+      if @domain_block.update(update_params)
-
+        DomainBlockWorker.perform_async(@domain_block.id, @domain_block.severity_previously_changed?)
      severity_changed = @domain_block.severity_changed?
      if @domain_block.save
        DomainBlockWorker.perform_async(@domain_block.id, severity_changed)
        log_action :update, @domain_block
        redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
      else
--- a/app/controllers/admin/email_domain_blocks_controller.rb
+++ b/app/controllers/admin/email_domain_blocks_controller.rb
@ -19,7 +19,7 @@ module Admin
    rescue ActionController::ParameterMissing
      flash[:alert] = I18n.t('admin.email_domain_blocks.no_email_domain_block_selected')
    rescue Mastodon::NotPermittedError
-      flash[:alert] = I18n.t('admin.custom_emojis.not_permitted')
+      flash[:alert] = I18n.t('admin.email_domain_blocks.not_permitted')
    ensure
      redirect_to admin_email_domain_blocks_path
    end
--- a/app/controllers/admin/export_domain_allows_controller.rb
+++ b/app/controllers/admin/export_domain_allows_controller.rb
@ -8,8 +8,6 @@ module Admin
    before_action :set_dummy_import!, only: [:new]
    ROWS_PROCESSING_LIMIT = 20_000
    def new
      authorize :domain_allow, :create?
    end
@ -23,9 +21,9 @@ module Admin
      authorize :domain_allow, :create?
      begin
        @import = Admin::Import.new(import_params)
-        parse_import_data!(export_headers)
+        return render :new unless @import.validate
-        @data.take(ROWS_PROCESSING_LIMIT).each do |row|
+        @import.csv_rows.each do |row|
          domain = row['#domain'].strip
          next if DomainAllow.allowed?(domain)
--- a/app/controllers/admin/export_domain_blocks_controller.rb
+++ b/app/controllers/admin/export_domain_blocks_controller.rb
@ -8,8 +8,6 @@ module Admin
    before_action :set_dummy_import!, only: [:new]
    ROWS_PROCESSING_LIMIT = 20_000
    def new
      authorize :domain_block, :create?
    end
@ -23,24 +21,32 @@ module Admin
      authorize :domain_block, :create?
      @import = Admin::Import.new(import_params)
-      parse_import_data!(export_headers)
+      return render :new unless @import.validate
      @global_private_comment = I18n.t('admin.export_domain_blocks.import.private_comment_template', source: @import.data_file_name, date: I18n.l(Time.now.utc))
      @form = Form::DomainBlockBatch.new
-      @domain_blocks = @data.take(ROWS_PROCESSING_LIMIT).filter_map do |row|
+      @domain_blocks = @import.csv_rows.filter_map do |row|
        domain = row['#domain'].strip
        next if DomainBlock.rule_for(domain).present?
        domain_block = DomainBlock.new(domain: domain,
-                                       severity: row['#severity'].strip,
+                                       severity: row.fetch('#severity', :suspend),
-                                       reject_media: row['#reject_media'].strip,
+                                       reject_media: row.fetch('#reject_media', false),
-                                       reject_reports: row['#reject_reports'].strip,
+                                       reject_reports: row.fetch('#reject_reports', false),
                                       private_comment: @global_private_comment,
-                                       public_comment: row['#public_comment']&.strip,
+                                       public_comment: row['#public_comment'],
-                                       obfuscate: row['#obfuscate'].strip)
+                                       obfuscate: row.fetch('#obfuscate', false))
-        domain_block if domain_block.valid?
+        if domain_block.invalid?
          flash.now[:alert] = I18n.t('admin.export_domain_blocks.invalid_domain_block', error: domain_block.errors.full_messages.join(', '))
          next
        end
        domain_block
      rescue ArgumentError => e
        flash.now[:alert] = I18n.t('admin.export_domain_blocks.invalid_domain_block', error: e.message)
        next
      end
      @warning_domains = Instance.where(domain: @domain_blocks.map(&:domain)).where('EXISTS (SELECT 1 FROM follows JOIN accounts ON follows.account_id = accounts.id OR follows.target_account_id = accounts.id WHERE accounts.domain = instances.domain)').pluck(:domain)
--- a/app/controllers/admin/instances_controller.rb
+++ b/app/controllers/admin/instances_controller.rb
@ -49,7 +49,7 @@ module Admin
    private
    def set_instance
-      @instance = Instance.find(params[:id])
+      @instance = Instance.find(TagManager.instance.normalize_domain(params[:id]&.strip))
    end
    def set_instances
@ -57,7 +57,7 @@ module Admin
    end
    def preload_delivery_failures!
-      warning_domains_map = DeliveryFailureTracker.warning_domains_map
+      warning_domains_map = DeliveryFailureTracker.warning_domains_map(@instances.map(&:domain))
      @instances.each do |instance|
        instance.failure_days = warning_domains_map[instance.domain]
--- a/app/controllers/admin/relays_controller.rb
+++ b/app/controllers/admin/relays_controller.rb
@ -3,7 +3,7 @@
 module Admin
  class RelaysController < BaseController
    before_action :set_relay, except: [:index, :new, :create]
-    before_action :require_signatures_enabled!, only: [:new, :create, :enable]
+    before_action :warn_signatures_not_enabled!, only: [:new, :create, :enable]
    def index
      authorize :relay, :update?
@ -56,8 +56,8 @@ module Admin
      params.require(:relay).permit(:inbox_url)
    end
-    def require_signatures_enabled!
+    def warn_signatures_not_enabled!
-      redirect_to admin_relays_path, alert: I18n.t('admin.relays.signatures_not_enabled') if authorized_fetch_mode?
+      flash.now[:error] = I18n.t('admin.relays.signatures_not_enabled') if authorized_fetch_mode?
    end
  end
 end
--- a/app/controllers/admin/reports/actions_controller.rb
+++ b/app/controllers/admin/reports/actions_controller.rb
@ -3,6 +3,11 @@
 class Admin::Reports::ActionsController < Admin::BaseController
  before_action :set_report
  def preview
    authorize @report, :show?
    @moderation_action = action_from_button
  end
  def create
    authorize @report, :show?
@ -13,7 +18,8 @@ class Admin::Reports::ActionsController < Admin::BaseController
        status_ids: @report.status_ids,
        current_account: current_account,
        report_id: @report.id,
-        send_email_notification: !@report.spam?
+        send_email_notification: !@report.spam?,
        text: params[:text]
      )
      status_batch_action.save!
@ -23,13 +29,16 @@ class Admin::Reports::ActionsController < Admin::BaseController
        report_id: @report.id,
        target_account: @report.target_account,
        current_account: current_account,
-        send_email_notification: !@report.spam?
+        send_email_notification: !@report.spam?,
        text: params[:text]
      )
      account_action.save!
    else
      return redirect_to admin_report_path(@report), alert: I18n.t('admin.reports.unknown_action_msg', action: action_from_button)
    end
-    redirect_to admin_reports_path
+    redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: @report.id)
  end
  private
@ -47,6 +56,8 @@ class Admin::Reports::ActionsController < Admin::BaseController
      'silence'
    elsif params[:suspend]
      'suspend'
    elsif params[:moderation_action]
      params[:moderation_action]
    end
  end
 end
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -16,6 +16,26 @@ class Api::BaseController < ApplicationController
  protect_from_forgery with: :null_session
  content_security_policy do |p|
    # Set every directive that does not have a fallback
    p.default_src :none
    p.frame_ancestors :none
    p.form_action :none
    # Disable every directive with a fallback to cut on response size
    p.base_uri false
    p.font_src false
    p.img_src false
    p.style_src false
    p.media_src false
    p.frame_src false
    p.manifest_src false
    p.connect_src false
    p.script_src false
    p.child_src false
    p.worker_src false
  end
  rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
    render json: { error: e.to_s }, status: 422
  end
@ -129,7 +149,7 @@ class Api::BaseController < ApplicationController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
+    response.headers['Cache-Control'] = 'private, no-store'
  end
  def disallow_unauthenticated_api_access?
--- a/app/controllers/api/v1/accounts/credentials_controller.rb
+++ b/app/controllers/api/v1/accounts/credentials_controller.rb
@ -21,7 +21,17 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
  private
  def account_params
-    params.permit(:display_name, :note, :avatar, :header, :locked, :bot, :discoverable, fields_attributes: [:name, :value])
+    params.permit(
      :display_name,
      :note,
      :avatar,
      :header,
      :locked,
      :bot,
      :discoverable,
      :hide_collections,
      fields_attributes: [:name, :value]
    )
  end
  def user_settings_params
--- a/app/controllers/api/v1/admin/accounts_controller.rb
+++ b/app/controllers/api/v1/admin/accounts_controller.rb
@ -54,12 +54,14 @@ class Api::V1::Admin::AccountsController < Api::BaseController
  def approve
    authorize @account.user, :approve?
    @account.user.approve!
    log_action :approve, @account.user
    render json: @account, serializer: REST::Admin::AccountSerializer
  end
  def reject
    authorize @account.user, :reject?
    DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
    log_action :reject, @account.user
    render_empty
  end
--- a/app/controllers/api/v1/admin/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/admin/domain_blocks_controller.rb
@ -40,10 +40,8 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
  def update
    authorize @domain_block, :update?
-    @domain_block.update(domain_block_params)
+    @domain_block.update!(domain_block_params)
-    severity_changed = @domain_block.severity_changed?
+    DomainBlockWorker.perform_async(@domain_block.id, @domain_block.severity_previously_changed?)
    @domain_block.save!
    DomainBlockWorker.perform_async(@domain_block.id, severity_changed)
    log_action :update, @domain_block
    render json: @domain_block, serializer: REST::Admin::DomainBlockSerializer
  end
--- a/app/controllers/api/v1/admin/trends/tags_controller.rb
+++ b/app/controllers/api/v1/admin/trends/tags_controller.rb
@ -3,6 +3,14 @@
 class Api::V1::Admin::Trends::TagsController < Api::V1::Trends::TagsController
  before_action -> { authorize_if_got_token! :'admin:read' }
  def index
    if current_user&.can?(:manage_taxonomies)
      render json: @tags, each_serializer: REST::Admin::TagSerializer
    else
      super
    end
  end
  private
  def enabled?
--- a/app/controllers/api/v1/filters_controller.rb
+++ b/app/controllers/api/v1/filters_controller.rb
@ -13,7 +13,7 @@ class Api::V1::FiltersController < Api::BaseController
  def create
    ApplicationRecord.transaction do
-      filter_category = current_account.custom_filters.create!(resource_params)
+      filter_category = current_account.custom_filters.create!(filter_params)
      @filter = filter_category.keywords.create!(keyword_params)
    end
@ -52,11 +52,11 @@ class Api::V1::FiltersController < Api::BaseController
  end
  def resource_params
-    params.permit(:phrase, :expires_in, :irreversible, context: [])
+    params.permit(:phrase, :expires_in, :irreversible, :whole_word, context: [])
  end
  def filter_params
-    resource_params.slice(:expires_in, :irreversible, :context)
+    resource_params.slice(:phrase, :expires_in, :irreversible, :context)
  end
  def keyword_params
--- a/app/controllers/api/v1/followed_tags_controller.rb
+++ b/app/controllers/api/v1/followed_tags_controller.rb
@ -3,11 +3,11 @@
 class Api::V1::FollowedTagsController < Api::BaseController
  TAGS_LIMIT = 100
-  before_action -> { doorkeeper_authorize! :follow, :read, :'read:follows' }, except: :show
+  before_action -> { doorkeeper_authorize! :follow, :read, :'read:follows' }
  before_action :require_user!
  before_action :set_results
-  after_action :insert_pagination_headers, only: :show
+  after_action :insert_pagination_headers
  def index
    render json: @results.map(&:tag), each_serializer: REST::TagSerializer, relationships: TagRelationshipsPresenter.new(@results.map(&:tag), current_user&.account_id)
@ -43,7 +43,7 @@ class Api::V1::FollowedTagsController < Api::BaseController
  end
  def records_continue?
-    @results.size == limit_param(TAG_LIMIT)
+    @results.size == limit_param(TAGS_LIMIT)
  end
  def pagination_params(core_params)
--- a/app/controllers/api/v1/notifications_controller.rb
+++ b/app/controllers/api/v1/notifications_controller.rb
@ -6,7 +6,7 @@ class Api::V1::NotificationsController < Api::BaseController
  before_action :require_user!
  after_action :insert_pagination_headers, only: :index
-  DEFAULT_NOTIFICATIONS_LIMIT = 15
+  DEFAULT_NOTIFICATIONS_LIMIT = 40
  def index
    @notifications = load_notifications
@ -40,7 +40,7 @@ class Api::V1::NotificationsController < Api::BaseController
  private
  def load_notifications
-    notifications = browserable_account_notifications.includes(from_account: :account_stat).to_a_paginated_by_id(
+    notifications = browserable_account_notifications.includes(from_account: [:account_stat, :user]).to_a_paginated_by_id(
      limit_param(DEFAULT_NOTIFICATIONS_LIMIT),
      params_slice(:max_id, :since_id, :min_id)
    )
--- a/app/controllers/api/v1/statuses_controller.rb
+++ b/app/controllers/api/v1/statuses_controller.rb
@ -64,11 +64,18 @@ class Api::V1::StatusesController < Api::BaseController
      application: doorkeeper_token.application,
      poll: status_params[:poll],
      content_type: status_params[:content_type],
      allowed_mentions: status_params[:allowed_mentions],
      idempotency: request.headers['Idempotency-Key'],
      with_rate_limit: true
    )
    render json: @status, serializer: @status.is_a?(ScheduledStatus) ? REST::ScheduledStatusSerializer : REST::StatusSerializer
  rescue PostStatusService::UnexpectedMentionsError => e
    unexpected_accounts = ActiveModel::Serializer::CollectionSerializer.new(
      e.accounts,
      serializer: REST::AccountSerializer
    )
    render json: { error: e.message, unexpected_accounts: unexpected_accounts }, status: 422
  end
  def update
@ -80,6 +87,7 @@ class Api::V1::StatusesController < Api::BaseController
      current_account.id,
      text: status_params[:status],
      media_ids: status_params[:media_ids],
      media_attributes: status_params[:media_attributes],
      sensitive: status_params[:sensitive],
      language: status_params[:language],
      spoiler_text: status_params[:spoiler_text],
@ -130,7 +138,14 @@ class Api::V1::StatusesController < Api::BaseController
      :language,
      :scheduled_at,
      :content_type,
      allowed_mentions: [],
      media_ids: [],
      media_attributes: [
        :id,
        :thumbnail,
        :description,
        :focus,
      ],
      poll: [
        :multiple,
        :hide_totals,
--- a/app/controllers/api/v1/streaming_controller.rb
+++ b/app/controllers/api/v1/streaming_controller.rb
@ -2,10 +2,10 @@
 class Api::V1::StreamingController < Api::BaseController
  def index
-    if Rails.configuration.x.streaming_api_base_url != request.host
+    if Rails.configuration.x.streaming_api_base_url == request.host
      redirect_to streaming_api_url, status: 301
    else
      not_found
    else
      redirect_to streaming_api_url, status: 301
    end
  end
--- a/app/controllers/api/v1/tags_controller.rb
+++ b/app/controllers/api/v1/tags_controller.rb
@ -12,7 +12,7 @@ class Api::V1::TagsController < Api::BaseController
  end
  def follow
-    TagFollow.create!(tag: @tag, account: current_account, rate_limit: true)
+    TagFollow.create_with(rate_limit: true).find_or_create_by!(tag: @tag, account: current_account)
    render json: @tag, serializer: REST::TagSerializer
  end
--- a/app/controllers/auth/passwords_controller.rb
+++ b/app/controllers/auth/passwords_controller.rb
@ -11,6 +11,8 @@ class Auth::PasswordsController < Devise::PasswordsController
    super do |resource|
      if resource.errors.empty?
        resource.session_activations.destroy_all
        resource.revoke_access!
      end
    end
  end
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@ -57,8 +57,8 @@ class Auth::RegistrationsController < Devise::RegistrationsController
  end
  def configure_sign_up_params
-    devise_parameter_sanitizer.permit(:sign_up) do |u|
+    devise_parameter_sanitizer.permit(:sign_up) do |user_params|
-      u.permit({ account_attributes: [:username, :display_name], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code, :agreement, :website, :confirm_password)
+      user_params.permit({ account_attributes: [:username, :display_name], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code, :agreement, :website, :confirm_password)
    end
  end
@ -159,6 +159,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
+    response.headers['Cache-Control'] = 'private, no-store'
  end
 end
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -15,6 +15,10 @@ class Auth::SessionsController < Devise::SessionsController
  before_action :set_instance_presenter, only: [:new]
  before_action :set_body_classes
  content_security_policy only: :new do |p|
    p.form_action(false)
  end
  def check_suspicious!
    user = find_user
    @login_is_suspicious = suspicious_sign_in?(user) unless user.nil?
--- a/app/controllers/concerns/admin_export_controller_concern.rb
+++ b/app/controllers/concerns/admin_export_controller_concern.rb
@ -26,14 +26,4 @@ module AdminExportControllerConcern
  def import_params
    params.require(:admin_import).permit(:data)
  end
  def import_data
    Paperclip.io_adapters.for(@import.data).read
  end
  def parse_import_data!(default_headers)
    data = CSV.parse(import_data, headers: true)
    data = CSV.parse(import_data, headers: default_headers) unless data.headers&.first&.strip&.include?(default_headers[0])
    @data = data.reject(&:blank?)
  end
 end
--- a/app/controllers/concerns/rate_limit_headers.rb
+++ b/app/controllers/concerns/rate_limit_headers.rb
@ -58,7 +58,7 @@ module RateLimitHeaders
  end
  def api_throttle_data
-    most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_, v| v[:limit] - v[:count] }
+    most_limited_type, = request.env['rack.attack.throttle_data'].min_by { |_key, value| value[:limit] - value[:count] }
    request.env['rack.attack.throttle_data'][most_limited_type]
  end
--- a/app/controllers/concerns/signature_verification.rb
+++ b/app/controllers/concerns/signature_verification.rb
@ -28,8 +28,8 @@ module SignatureVerification
  end
  class SignatureParamsTransformer < Parslet::Transform
-    rule(params: subtree(:p)) do
+    rule(params: subtree(:param)) do
-      (p.is_a?(Array) ? p : [p]).each_with_object({}) { |(key, val), h| h[key] = val }
+      (param.is_a?(Array) ? param : [param]).each_with_object({}) { |(key, value), hash| hash[key] = value }
    end
    rule(param: { key: simple(:key), value: simple(:val) }) do
@ -46,11 +46,11 @@ module SignatureVerification
  end
  def require_account_signature!
-    render plain: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_account
+    render json: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_account
  end
  def require_actor_signature!
-    render plain: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_actor
+    render json: signature_verification_failure_reason, status: signature_verification_failure_code unless signed_request_actor
  end
  def signed_request?
@ -97,11 +97,11 @@ module SignatureVerification
    actor = stoplight_wrap_request { actor_refresh_key!(actor) }
-    raise SignatureVerificationError, "Public key not found for key #{signature_params['keyId']}" if actor.nil?
+    raise SignatureVerificationError, "Could not refresh public key #{signature_params['keyId']}" if actor.nil?
    return actor unless verify_signature(actor, signature, compare_signed_string).nil?
-    fail_with! "Verification failed for #{actor.to_log_human_identifier} #{actor.uri} using rsa-sha256 (RSASSA-PKCS1-v1_5 with SHA-256)"
+    fail_with! "Verification failed for #{actor.to_log_human_identifier} #{actor.uri} using rsa-sha256 (RSASSA-PKCS1-v1_5 with SHA-256)", signed_string: compare_signed_string, signature: signature_params['signature']
  rescue SignatureVerificationError => e
    fail_with! e.message
  rescue HTTP::Error, OpenSSL::SSL::SSLError => e
@ -118,8 +118,8 @@ module SignatureVerification
  private
-  def fail_with!(message)
+  def fail_with!(message, **options)
-    @signature_verification_failure_reason = message
+    @signature_verification_failure_reason = { error: message }.merge(options)
    @signed_request_actor = nil
  end
@ -209,8 +209,8 @@ module SignatureVerification
      end
      expires_time = Time.at(signature_params['expires'].to_i).utc if signature_params['expires'].present?
-    rescue ArgumentError
+    rescue ArgumentError => e
-      return false
+      raise SignatureVerificationError, "Invalid Date header: #{e.message}"
    end
    expires_time ||= created_time + 5.minutes unless created_time.nil?
@ -227,7 +227,7 @@ module SignatureVerification
  end
  def to_header_name(name)
-    name.split(/-/).map(&:capitalize).join('-')
+    name.split('-').map(&:capitalize).join('-')
  end
  def missing_required_signature_parameters?
--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@ -4,22 +4,17 @@ module WebAppControllerConcern
  extend ActiveSupport::Concern
  included do
    prepend_before_action :redirect_unauthenticated_to_permalinks!
    before_action :set_pack
    before_action :redirect_unauthenticated_to_permalinks!
    before_action :set_app_body_class
    before_action :set_referrer_policy_header
  end
  def set_app_body_class
    @body_classes = 'app-body'
  end
  def set_referrer_policy_header
    response.headers['Referrer-Policy'] = 'origin'
  end
  def redirect_unauthenticated_to_permalinks!
-    return if user_signed_in?
+    return if user_signed_in? # NOTE: Different from upstream because we allow moved users to log in
    redirect_path = PermalinkRedirector.new(request.path).redirect_path
--- a/app/controllers/follower_accounts_controller.rb
+++ b/app/controllers/follower_accounts_controller.rb
@ -63,7 +63,7 @@ class FollowerAccountsController < ApplicationController
    if page_requested?
      ActivityPub::CollectionPresenter.new(
        id: account_followers_url(@account, page: params.fetch(:page, 1)),
-        items: follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.account) },
+        items: follows.map { |follow| ActivityPub::TagManager.instance.uri_for(follow.account) },
        part_of: account_followers_url(@account),
        next: next_page_url,
        prev: prev_page_url,
--- a/app/controllers/following_accounts_controller.rb
+++ b/app/controllers/following_accounts_controller.rb
@ -66,7 +66,7 @@ class FollowingAccountsController < ApplicationController
        id: account_following_index_url(@account, page: params.fetch(:page, 1)),
        type: :ordered,
        size: @account.following_count,
-        items: follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.target_account) },
+        items: follows.map { |follow| ActivityPub::TagManager.instance.uri_for(follow.target_account) },
        part_of: account_following_index_url(@account),
        next: next_page_url,
        prev: prev_page_url
--- a/app/controllers/media_controller.rb
+++ b/app/controllers/media_controller.rb
@ -13,8 +13,8 @@ class MediaController < ApplicationController
  before_action :allow_iframing, only: :player
  before_action :set_pack, only: :player
-  content_security_policy only: :player do |p|
+  content_security_policy only: :player do |policy|
-    p.frame_ancestors(false)
+    policy.frame_ancestors(false)
  end
  def show
--- a/app/controllers/oauth/authorizations_controller.rb
+++ b/app/controllers/oauth/authorizations_controller.rb
@ -8,6 +8,10 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
  before_action :set_pack
  before_action :set_cache_headers
  content_security_policy do |p|
    p.form_action(false)
  end
  include Localized
  private
@ -35,6 +39,6 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
+    response.headers['Cache-Control'] = 'private, no-store'
  end
 end
--- a/app/controllers/settings/applications_controller.rb
+++ b/app/controllers/settings/applications_controller.rb
@ -29,7 +29,13 @@ class Settings::ApplicationsController < Settings::BaseController
  def update
    if @application.update(application_params)
-      redirect_to settings_applications_path, notice: I18n.t('generic.changes_saved_msg')
+      if @application.scopes_previously_changed?
        @access_token = current_user.token_for_app(@application)
        @access_token.destroy
        redirect_to settings_application_path(@application), notice: I18n.t('applications.token_regenerated')
      else
        redirect_to settings_application_path(@application), notice: I18n.t('generic.changes_saved_msg')
      end
    else
      render :show
    end
--- a/app/controllers/settings/base_controller.rb
+++ b/app/controllers/settings/base_controller.rb
@ -19,7 +19,7 @@ class Settings::BaseController < ApplicationController
  end
  def set_cache_headers
-    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
+    response.headers['Cache-Control'] = 'private, no-store'
  end
  def require_not_suspended!
--- a/app/controllers/statuses_cleanup_controller.rb
+++ b/app/controllers/statuses_cleanup_controller.rb
@ -20,6 +20,10 @@ class StatusesCleanupController < ApplicationController
    # Do nothing
  end
  def require_functional!
    redirect_to edit_user_registration_path unless current_user.functional_or_moved?
  end
  private
  def set_pack
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@ -17,8 +17,8 @@ class StatusesController < ApplicationController
  skip_around_action :set_locale, if: -> { request.format == :json }
  skip_before_action :require_functional!, only: [:show, :embed], unless: :whitelist_mode?
-  content_security_policy only: :embed do |p|
+  content_security_policy only: :embed do |policy|
-    p.frame_ancestors(false)
+    policy.frame_ancestors(false)
  end
  def show
--- a/app/controllers/tags_controller.rb
+++ b/app/controllers/tags_controller.rb
@ -11,7 +11,7 @@ class TagsController < ApplicationController
  before_action :authenticate_user!, if: :whitelist_mode?
  before_action :set_local
  before_action :set_tag
-  before_action :set_statuses
+  before_action :set_statuses, if: -> { request.format == :rss }
  before_action :set_instance_presenter
  skip_before_action :require_functional!, unless: :whitelist_mode?
@ -44,12 +44,7 @@ class TagsController < ApplicationController
  end
  def set_statuses
-    case request.format&.to_sym
+    @statuses = cache_collection(TagFeed.new(@tag, nil, local: @local).get(limit_param), Status)
    when :json
      @statuses = cache_collection(TagFeed.new(@tag, current_account, local: @local).get(PAGE_SIZE, params[:max_id], params[:since_id], params[:min_id]), Status)
    when :rss
      @statuses = cache_collection(TagFeed.new(@tag, nil, local: @local).get(limit_param), Status)
    end
  end
  def set_instance_presenter
@ -64,8 +59,6 @@ class TagsController < ApplicationController
    ActivityPub::CollectionPresenter.new(
      id: tag_url(@tag),
      type: :ordered,
      size: @tag.statuses.count,
      items: @statuses.map { |s| ActivityPub::TagManager.instance.uri_for(s) }
    )
  end
 end
--- a/app/helpers/admin/action_logs_helper.rb
+++ b/app/helpers/admin/action_logs_helper.rb
@ -20,7 +20,7 @@ module Admin::ActionLogsHelper
    when 'Status'
      link_to log.human_identifier, log.permalink
    when 'AccountWarning'
-      link_to log.human_identifier, admin_account_path(log.target_id)
+      link_to log.human_identifier, disputes_strike_path(log.target_id)
    when 'Announcement'
      link_to truncate(log.human_identifier), edit_admin_announcement_path(log.target_id)
    when 'IpBlock', 'Instance', 'CustomEmoji'
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -67,7 +67,7 @@ module ApplicationHelper
  def link_to_login(name = nil, html_options = nil, &block)
    target = new_user_session_path
-    html_options = name if block_given?
+    html_options = name if block
    if omniauth_only? && Devise.mappings[:user].omniauthable? && User.omniauth_providers.size == 1
      target = omniauth_authorize_path(:user, User.omniauth_providers[0])
@ -75,7 +75,7 @@ module ApplicationHelper
      html_options[:method] = :post
    end
-    if block_given?
+    if block
      link_to(target, html_options, &block)
    else
      link_to(name, target, html_options)
--- a/app/helpers/email_helper.rb
+++ b/app/helpers/email_helper.rb
@ -7,7 +7,7 @@ module EmailHelper
  def email_to_canonical_email(str)
    username, domain = str.downcase.split('@', 2)
-    username, = username.gsub('.', '').split('+', 2)
+    username, = username.delete('.').split('+', 2)
    "#{username}@#{domain}"
  end
--- a/app/helpers/formatting_helper.rb
+++ b/app/helpers/formatting_helper.rb
@ -23,19 +23,28 @@ module FormattingHelper
    before_html = begin
      if status.spoiler_text?
-        "<p><strong>#{I18n.t('rss.content_warning', locale: available_locale_or_nil(status.language) || I18n.default_locale)}</strong> #{h(status.spoiler_text)}</p><hr />"
+        tag.p do
-      else
+          tag.strong do
-        ''
+            I18n.t('rss.content_warning', locale: available_locale_or_nil(status.language) || I18n.default_locale)
          end
          status.spoiler_text
        end + tag.hr
      end
-    end.html_safe # rubocop:disable Rails/OutputSafety
+    end
    after_html = begin
      if status.preloadable_poll
-        "<p>#{status.preloadable_poll.options.map { |o| "<input type=#{status.preloadable_poll.multiple? ? 'checkbox' : 'radio'} disabled /> #{h(o)}" }.join('<br />')}</p>"
+        tag.p do
-      else
+          safe_join(
-        ''
+            status.preloadable_poll.options.map do |o|
              tag.send(status.preloadable_poll.multiple? ? 'checkbox' : 'radio', o, disabled: true)
            end,
            tag.br
          )
        end
      end
-    end.html_safe # rubocop:disable Rails/OutputSafety
+    end
    prerender_custom_emojis(
      safe_join([before_html, html, after_html]),
--- a/app/helpers/jsonld_helper.rb
+++ b/app/helpers/jsonld_helper.rb
@ -213,7 +213,7 @@ module JsonLdHelper
    end
  end
-  def load_jsonld_context(url, _options = {}, &_block)
+  def load_jsonld_context(url, _options = {}, &block)
    json = Rails.cache.fetch("jsonld:context:#{url}", expires_in: 30.days, raw: true) do
      request = Request.new(:get, url)
      request.add_headers('Accept' => 'application/ld+json')
@ -226,6 +226,6 @@ module JsonLdHelper
    doc = JSON::LD::API::RemoteDocument.new(json, documentUrl: url)
-    block_given? ? yield(doc) : doc
+    block ? yield(doc) : doc
  end
 end
--- a/app/helpers/languages_helper.rb
+++ b/app/helpers/languages_helper.rb
@ -190,12 +190,17 @@ module LanguagesHelper
  ISO_639_3 = {
    ast: ['Asturian', 'Asturianu'].freeze,
    ckb: ['Sorani (Kurdish)', 'سۆرانی'].freeze,
    cnr: ['Montenegrin', 'crnogorski'].freeze,
    jbo: ['Lojban', 'la .lojban.'].freeze,
    kab: ['Kabyle', 'Taqbaylit'].freeze,
    kmr: ['Kurmanji (Kurdish)', 'Kurmancî'].freeze,
    ldn: ['Láadan', 'Láadan'].freeze,
    lfn: ['Lingua Franca Nova', 'lingua franca nova'].freeze,
    sco: ['Scots', 'Scots'].freeze,
    sma: ['Southern Sami', 'Åarjelsaemien Gïele'].freeze,
    smj: ['Lule Sami', 'Julevsámegiella'].freeze,
    szl: ['Silesian', 'ślůnsko godka'].freeze,
    tai: ['Tai', 'ภาษาไท or ภาษาไต'].freeze,
    tok: ['Toki Pona', 'toki pona'].freeze,
    zba: ['Balaibalan', 'باليبلن'].freeze,
    zgh: ['Standard Moroccan Tamazight', 'ⵜⴰⵎⴰⵣⵉⵖⵜ'].freeze,
@ -207,8 +212,10 @@ module LanguagesHelper
  # names, but for some translations, we need the names of the
  # regional variants specifically
  REGIONAL_LOCALE_NAMES = {
    'en-GB': 'English (British)',
    'es-AR': 'Español (Argentina)',
    'es-MX': 'Español (México)',
    'fr-QC': 'Français (Canadien)',
    'pt-BR': 'Português (Brasil)',
    'pt-PT': 'Português (Portugal)',
    'sr-Latn': 'Srpski (latinica)',
--- a/app/helpers/statuses_helper.rb
+++ b/app/helpers/statuses_helper.rb
@ -21,7 +21,7 @@ module StatusesHelper
  def media_summary(status)
    attachments = { image: 0, video: 0, audio: 0 }
-    status.media_attachments.each do |media|
+    status.ordered_media_attachments.each do |media|
      if media.video?
        attachments[:video] += 1
      elsif media.audio?
--- a/app/javascript/core/admin.js
+++ b/app/javascript/core/admin.js
@ -194,7 +194,7 @@ ready(() => {
  }
  document.querySelector('a#add-instance-button')?.addEventListener('click', (e) => {
-    const domain = document.getElementById('by_domain')?.value;
+    const domain = document.querySelector('input[type="text"]#by_domain')?.value;
    if (domain) {
      const url = new URL(event.target.href);
--- a/app/javascript/core/embed.js
+++ b/app/javascript/core/embed.js
@ -15,7 +15,7 @@ window.addEventListener('message', e => {
      id: data.id,
      height: document.getElementsByTagName('html')[0].scrollHeight,
    }, '*');
-  };
+  }
  if (['interactive', 'complete'].includes(document.readyState)) {
    setEmbedHeight();
--- a/app/javascript/core/settings.js
+++ b/app/javascript/core/settings.js
@ -2,7 +2,9 @@
 import 'packs/public-path';
 import escapeTextContentForBrowser from 'escape-html';
 const { delegate } = require('@rails/ujs');
 import emojify from '../mastodon/features/emoji/emoji';
 delegate(document, '#account_display_name', 'input', ({ target }) => {
@ -65,7 +67,7 @@ delegate(document, '.input-copy button', 'click', ({ target }) => {
      input.blur();
      target.parentNode.classList.add('copied');
-    setTimeout(() => {
+      setTimeout(() => {
        target.parentNode.classList.remove('copied');
      }, 700);
    }
--- a/app/javascript/flavours/glitch/actions/account_notes.js
+++ b/app/javascript/flavours/glitch/actions/account_notes.js
@ -21,27 +21,27 @@ export function submitAccountNote() {
      dispatch(submitAccountNoteSuccess(response.data));
    }).catch(error => dispatch(submitAccountNoteFail(error)));
  };
-};
+}
 export function submitAccountNoteRequest() {
  return {
    type: ACCOUNT_NOTE_SUBMIT_REQUEST,
  };
-};
+}
 export function submitAccountNoteSuccess(relationship) {
  return {
    type: ACCOUNT_NOTE_SUBMIT_SUCCESS,
    relationship,
  };
-};
+}
 export function submitAccountNoteFail(error) {
  return {
    type: ACCOUNT_NOTE_SUBMIT_FAIL,
    error,
  };
-};
+}
 export function initEditAccountNote(account) {
  return (dispatch, getState) => {
@ -53,17 +53,17 @@ export function initEditAccountNote(account) {
      comment,
    });
  };
-};
+}
 export function cancelAccountNote() {
  return {
    type: ACCOUNT_NOTE_CANCEL,
  };
-};
+}
 export function changeAccountNoteComment(comment) {
  return {
    type: ACCOUNT_NOTE_CHANGE_COMMENT,
    comment,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/accounts.js
+++ b/app/javascript/flavours/glitch/actions/accounts.js
@ -108,7 +108,7 @@ export function fetchAccount(id) {
      dispatch(fetchAccountFail(id, error));
    });
  };
-};
+}
 export const lookupAccount = acct => (dispatch, getState) => {
  dispatch(lookupAccountRequest(acct));
@ -143,13 +143,13 @@ export function fetchAccountRequest(id) {
    type: ACCOUNT_FETCH_REQUEST,
    id,
  };
-};
+}
 export function fetchAccountSuccess() {
  return {
    type: ACCOUNT_FETCH_SUCCESS,
  };
-};
+}
 export function fetchAccountFail(id, error) {
  return {
@ -158,7 +158,7 @@ export function fetchAccountFail(id, error) {
    error,
    skipAlert: true,
  };
-};
+}
 export function followAccount(id, options = { reblogs: true }) {
  return (dispatch, getState) => {
@ -173,7 +173,7 @@ export function followAccount(id, options = { reblogs: true }) {
      dispatch(followAccountFail(error, locked));
    });
  };
-};
+}
 export function unfollowAccount(id) {
  return (dispatch, getState) => {
@ -185,7 +185,7 @@ export function unfollowAccount(id) {
      dispatch(unfollowAccountFail(error));
    });
  };
-};
+}
 export function followAccountRequest(id, locked) {
  return {
@ -194,7 +194,7 @@ export function followAccountRequest(id, locked) {
    locked,
    skipLoading: true,
  };
-};
+}
 export function followAccountSuccess(relationship, alreadyFollowing) {
  return {
@ -203,7 +203,7 @@ export function followAccountSuccess(relationship, alreadyFollowing) {
    alreadyFollowing,
    skipLoading: true,
  };
-};
+}
 export function followAccountFail(error, locked) {
  return {
@ -212,7 +212,7 @@ export function followAccountFail(error, locked) {
    locked,
    skipLoading: true,
  };
-};
+}
 export function unfollowAccountRequest(id) {
  return {
@ -220,7 +220,7 @@ export function unfollowAccountRequest(id) {
    id,
    skipLoading: true,
  };
-};
+}
 export function unfollowAccountSuccess(relationship, statuses) {
  return {
@ -229,7 +229,7 @@ export function unfollowAccountSuccess(relationship, statuses) {
    statuses,
    skipLoading: true,
  };
-};
+}
 export function unfollowAccountFail(error) {
  return {
@ -237,7 +237,7 @@ export function unfollowAccountFail(error) {
    error,
    skipLoading: true,
  };
-};
+}
 export function blockAccount(id) {
  return (dispatch, getState) => {
@ -250,7 +250,7 @@ export function blockAccount(id) {
      dispatch(blockAccountFail(id, error));
    });
  };
-};
+}
 export function unblockAccount(id) {
  return (dispatch, getState) => {
@ -262,14 +262,14 @@ export function unblockAccount(id) {
      dispatch(unblockAccountFail(id, error));
    });
  };
-};
+}
 export function blockAccountRequest(id) {
  return {
    type: ACCOUNT_BLOCK_REQUEST,
    id,
  };
-};
+}
 export function blockAccountSuccess(relationship, statuses) {
  return {
@ -277,35 +277,35 @@ export function blockAccountSuccess(relationship, statuses) {
    relationship,
    statuses,
  };
-};
+}
 export function blockAccountFail(error) {
  return {
    type: ACCOUNT_BLOCK_FAIL,
    error,
  };
-};
+}
 export function unblockAccountRequest(id) {
  return {
    type: ACCOUNT_UNBLOCK_REQUEST,
    id,
  };
-};
+}
 export function unblockAccountSuccess(relationship) {
  return {
    type: ACCOUNT_UNBLOCK_SUCCESS,
    relationship,
  };
-};
+}
 export function unblockAccountFail(error) {
  return {
    type: ACCOUNT_UNBLOCK_FAIL,
    error,
  };
-};
+}
 export function muteAccount(id, notifications, duration=0) {
@ -319,7 +319,7 @@ export function muteAccount(id, notifications, duration=0) {
      dispatch(muteAccountFail(id, error));
    });
  };
-};
+}
 export function unmuteAccount(id) {
  return (dispatch, getState) => {
@ -331,14 +331,14 @@ export function unmuteAccount(id) {
      dispatch(unmuteAccountFail(id, error));
    });
  };
-};
+}
 export function muteAccountRequest(id) {
  return {
    type: ACCOUNT_MUTE_REQUEST,
    id,
  };
-};
+}
 export function muteAccountSuccess(relationship, statuses) {
  return {
@ -346,35 +346,35 @@ export function muteAccountSuccess(relationship, statuses) {
    relationship,
    statuses,
  };
-};
+}
 export function muteAccountFail(error) {
  return {
    type: ACCOUNT_MUTE_FAIL,
    error,
  };
-};
+}
 export function unmuteAccountRequest(id) {
  return {
    type: ACCOUNT_UNMUTE_REQUEST,
    id,
  };
-};
+}
 export function unmuteAccountSuccess(relationship) {
  return {
    type: ACCOUNT_UNMUTE_SUCCESS,
    relationship,
  };
-};
+}
 export function unmuteAccountFail(error) {
  return {
    type: ACCOUNT_UNMUTE_FAIL,
    error,
  };
-};
+}
 export function fetchFollowers(id) {
@ -391,14 +391,14 @@ export function fetchFollowers(id) {
      dispatch(fetchFollowersFail(id, error));
    });
  };
-};
+}
 export function fetchFollowersRequest(id) {
  return {
    type: FOLLOWERS_FETCH_REQUEST,
    id,
  };
-};
+}
 export function fetchFollowersSuccess(id, accounts, next) {
  return {
@ -407,7 +407,7 @@ export function fetchFollowersSuccess(id, accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function fetchFollowersFail(id, error) {
  return {
@ -416,7 +416,7 @@ export function fetchFollowersFail(id, error) {
    error,
    skipNotFound: true,
  };
-};
+}
 export function expandFollowers(id) {
  return (dispatch, getState) => {
@ -438,14 +438,14 @@ export function expandFollowers(id) {
      dispatch(expandFollowersFail(id, error));
    });
  };
-};
+}
 export function expandFollowersRequest(id) {
  return {
    type: FOLLOWERS_EXPAND_REQUEST,
    id,
  };
-};
+}
 export function expandFollowersSuccess(id, accounts, next) {
  return {
@ -454,7 +454,7 @@ export function expandFollowersSuccess(id, accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function expandFollowersFail(id, error) {
  return {
@ -462,7 +462,7 @@ export function expandFollowersFail(id, error) {
    id,
    error,
  };
-};
+}
 export function fetchFollowing(id) {
  return (dispatch, getState) => {
@ -478,14 +478,14 @@ export function fetchFollowing(id) {
      dispatch(fetchFollowingFail(id, error));
    });
  };
-};
+}
 export function fetchFollowingRequest(id) {
  return {
    type: FOLLOWING_FETCH_REQUEST,
    id,
  };
-};
+}
 export function fetchFollowingSuccess(id, accounts, next) {
  return {
@ -494,7 +494,7 @@ export function fetchFollowingSuccess(id, accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function fetchFollowingFail(id, error) {
  return {
@ -503,7 +503,7 @@ export function fetchFollowingFail(id, error) {
    error,
    skipNotFound: true,
  };
-};
+}
 export function expandFollowing(id) {
  return (dispatch, getState) => {
@ -525,14 +525,14 @@ export function expandFollowing(id) {
      dispatch(expandFollowingFail(id, error));
    });
  };
-};
+}
 export function expandFollowingRequest(id) {
  return {
    type: FOLLOWING_EXPAND_REQUEST,
    id,
  };
-};
+}
 export function expandFollowingSuccess(id, accounts, next) {
  return {
@ -541,7 +541,7 @@ export function expandFollowingSuccess(id, accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function expandFollowingFail(id, error) {
  return {
@ -549,7 +549,7 @@ export function expandFollowingFail(id, error) {
    id,
    error,
  };
-};
+}
 export function fetchRelationships(accountIds) {
  return (dispatch, getState) => {
@ -570,7 +570,7 @@ export function fetchRelationships(accountIds) {
      dispatch(fetchRelationshipsFail(error));
    });
  };
-};
+}
 export function fetchRelationshipsRequest(ids) {
  return {
@ -578,7 +578,7 @@ export function fetchRelationshipsRequest(ids) {
    ids,
    skipLoading: true,
  };
-};
+}
 export function fetchRelationshipsSuccess(relationships) {
  return {
@ -586,7 +586,7 @@ export function fetchRelationshipsSuccess(relationships) {
    relationships,
    skipLoading: true,
  };
-};
+}
 export function fetchRelationshipsFail(error) {
  return {
@ -595,7 +595,7 @@ export function fetchRelationshipsFail(error) {
    skipLoading: true,
    skipNotFound: true,
  };
-};
+}
 export function fetchFollowRequests() {
  return (dispatch, getState) => {
@ -607,13 +607,13 @@ export function fetchFollowRequests() {
      dispatch(fetchFollowRequestsSuccess(response.data, next ? next.uri : null));
    }).catch(error => dispatch(fetchFollowRequestsFail(error)));
  };
-};
+}
 export function fetchFollowRequestsRequest() {
  return {
    type: FOLLOW_REQUESTS_FETCH_REQUEST,
  };
-};
+}
 export function fetchFollowRequestsSuccess(accounts, next) {
  return {
@ -621,14 +621,14 @@ export function fetchFollowRequestsSuccess(accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function fetchFollowRequestsFail(error) {
  return {
    type: FOLLOW_REQUESTS_FETCH_FAIL,
    error,
  };
-};
+}
 export function expandFollowRequests() {
  return (dispatch, getState) => {
@ -646,13 +646,13 @@ export function expandFollowRequests() {
      dispatch(expandFollowRequestsSuccess(response.data, next ? next.uri : null));
    }).catch(error => dispatch(expandFollowRequestsFail(error)));
  };
-};
+}
 export function expandFollowRequestsRequest() {
  return {
    type: FOLLOW_REQUESTS_EXPAND_REQUEST,
  };
-};
+}
 export function expandFollowRequestsSuccess(accounts, next) {
  return {
@ -660,14 +660,14 @@ export function expandFollowRequestsSuccess(accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function expandFollowRequestsFail(error) {
  return {
    type: FOLLOW_REQUESTS_EXPAND_FAIL,
    error,
  };
-};
+}
 export function authorizeFollowRequest(id) {
  return (dispatch, getState) => {
@ -678,21 +678,21 @@ export function authorizeFollowRequest(id) {
      .then(() => dispatch(authorizeFollowRequestSuccess(id)))
      .catch(error => dispatch(authorizeFollowRequestFail(id, error)));
  };
-};
+}
 export function authorizeFollowRequestRequest(id) {
  return {
    type: FOLLOW_REQUEST_AUTHORIZE_REQUEST,
    id,
  };
-};
+}
 export function authorizeFollowRequestSuccess(id) {
  return {
    type: FOLLOW_REQUEST_AUTHORIZE_SUCCESS,
    id,
  };
-};
+}
 export function authorizeFollowRequestFail(id, error) {
  return {
@ -700,7 +700,7 @@ export function authorizeFollowRequestFail(id, error) {
    id,
    error,
  };
-};
+}
 export function rejectFollowRequest(id) {
@ -712,21 +712,21 @@ export function rejectFollowRequest(id) {
      .then(() => dispatch(rejectFollowRequestSuccess(id)))
      .catch(error => dispatch(rejectFollowRequestFail(id, error)));
  };
-};
+}
 export function rejectFollowRequestRequest(id) {
  return {
    type: FOLLOW_REQUEST_REJECT_REQUEST,
    id,
  };
-};
+}
 export function rejectFollowRequestSuccess(id) {
  return {
    type: FOLLOW_REQUEST_REJECT_SUCCESS,
    id,
  };
-};
+}
 export function rejectFollowRequestFail(id, error) {
  return {
@ -734,7 +734,7 @@ export function rejectFollowRequestFail(id, error) {
    id,
    error,
  };
-};
+}
 export function pinAccount(id) {
  return (dispatch, getState) => {
@ -746,7 +746,7 @@ export function pinAccount(id) {
      dispatch(pinAccountFail(error));
    });
  };
-};
+}
 export function unpinAccount(id) {
  return (dispatch, getState) => {
@ -758,49 +758,49 @@ export function unpinAccount(id) {
      dispatch(unpinAccountFail(error));
    });
  };
-};
+}
 export function pinAccountRequest(id) {
  return {
    type: ACCOUNT_PIN_REQUEST,
    id,
  };
-};
+}
 export function pinAccountSuccess(relationship) {
  return {
    type: ACCOUNT_PIN_SUCCESS,
    relationship,
  };
-};
+}
 export function pinAccountFail(error) {
  return {
    type: ACCOUNT_PIN_FAIL,
    error,
  };
-};
+}
 export function unpinAccountRequest(id) {
  return {
    type: ACCOUNT_UNPIN_REQUEST,
    id,
  };
-};
+}
 export function unpinAccountSuccess(relationship) {
  return {
    type: ACCOUNT_UNPIN_SUCCESS,
    relationship,
  };
-};
+}
 export function unpinAccountFail(error) {
  return {
    type: ACCOUNT_UNPIN_FAIL,
    error,
  };
-};
+}
 export const revealAccount = id => ({
  type: ACCOUNT_REVEAL,
@ -811,18 +811,18 @@ export function fetchPinnedAccounts() {
  return (dispatch, getState) => {
    dispatch(fetchPinnedAccountsRequest());
-    api(getState).get(`/api/v1/endorsements`, { params: { limit: 0 } }).then(response => {
+    api(getState).get('/api/v1/endorsements', { params: { limit: 0 } }).then(response => {
      dispatch(importFetchedAccounts(response.data));
      dispatch(fetchPinnedAccountsSuccess(response.data));
    }).catch(err => dispatch(fetchPinnedAccountsFail(err)));
  };
-};
+}
 export function fetchPinnedAccountsRequest() {
  return {
    type: PINNED_ACCOUNTS_FETCH_REQUEST,
  };
-};
+}
 export function fetchPinnedAccountsSuccess(accounts, next) {
  return {
@ -830,14 +830,14 @@ export function fetchPinnedAccountsSuccess(accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function fetchPinnedAccountsFail(error) {
  return {
    type: PINNED_ACCOUNTS_FETCH_FAIL,
    error,
  };
-};
+}
 export function fetchPinnedAccountsSuggestions(q) {
  return (dispatch, getState) => {
@ -853,7 +853,7 @@ export function fetchPinnedAccountsSuggestions(q) {
      dispatch(fetchPinnedAccountsSuggestionsReady(q, response.data));
    });
  };
-};
+}
 export function fetchPinnedAccountsSuggestionsReady(query, accounts) {
  return {
@ -861,24 +861,24 @@ export function fetchPinnedAccountsSuggestionsReady(query, accounts) {
    query,
    accounts,
  };
-};
+}
 export function clearPinnedAccountsSuggestions() {
  return {
    type: PINNED_ACCOUNTS_EDITOR_SUGGESTIONS_CLEAR,
  };
-};
+}
 export function changePinnedAccountsSuggestions(value) {
  return {
    type: PINNED_ACCOUNTS_EDITOR_SUGGESTIONS_CHANGE,
    value,
-  }
+  };
-};
+}
 export function resetPinnedAccountsEditor() {
  return {
    type: PINNED_ACCOUNTS_EDITOR_RESET,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/alerts.js
+++ b/app/javascript/flavours/glitch/actions/alerts.js
@ -17,13 +17,13 @@ export function dismissAlert(alert) {
    type: ALERT_DISMISS,
    alert,
  };
-};
+}
 export function clearAlert() {
  return {
    type: ALERT_CLEAR,
  };
-};
+}
 export function showAlert(title = messages.unexpectedTitle, message = messages.unexpectedMessage, message_values = undefined) {
  return {
@ -32,7 +32,7 @@ export function showAlert(title = messages.unexpectedTitle, message = messages.u
    message,
    message_values,
  };
-};
+}
 export function showAlertForError(error, skipNotFound = false) {
  if (error.response) {
--- a/app/javascript/flavours/glitch/actions/announcements.js
+++ b/app/javascript/flavours/glitch/actions/announcements.js
@ -102,7 +102,7 @@ export const addReaction = (announcementId, name) => (dispatch, getState) => {
    dispatch(addReactionRequest(announcementId, name, alreadyAdded));
  }
-  api(getState).put(`/api/v1/announcements/${announcementId}/reactions/${name}`).then(() => {
+  api(getState).put(`/api/v1/announcements/${announcementId}/reactions/${encodeURIComponent(name)}`).then(() => {
    dispatch(addReactionSuccess(announcementId, name, alreadyAdded));
  }).catch(err => {
    if (!alreadyAdded) {
@ -136,7 +136,7 @@ export const addReactionFail = (announcementId, name, error) => ({
 export const removeReaction = (announcementId, name) => (dispatch, getState) => {
  dispatch(removeReactionRequest(announcementId, name));
-  api(getState).delete(`/api/v1/announcements/${announcementId}/reactions/${name}`).then(() => {
+  api(getState).delete(`/api/v1/announcements/${announcementId}/reactions/${encodeURIComponent(name)}`).then(() => {
    dispatch(removeReactionSuccess(announcementId, name));
  }).catch(err => {
    dispatch(removeReactionFail(announcementId, name, err));
--- a/app/javascript/flavours/glitch/actions/blocks.js
+++ b/app/javascript/flavours/glitch/actions/blocks.js
@ -24,13 +24,13 @@ export function fetchBlocks() {
      dispatch(fetchRelationships(response.data.map(item => item.id)));
    }).catch(error => dispatch(fetchBlocksFail(error)));
  };
-};
+}
 export function fetchBlocksRequest() {
  return {
    type: BLOCKS_FETCH_REQUEST,
  };
-};
+}
 export function fetchBlocksSuccess(accounts, next) {
  return {
@ -38,14 +38,14 @@ export function fetchBlocksSuccess(accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function fetchBlocksFail(error) {
  return {
    type: BLOCKS_FETCH_FAIL,
    error,
  };
-};
+}
 export function expandBlocks() {
  return (dispatch, getState) => {
@ -64,13 +64,13 @@ export function expandBlocks() {
      dispatch(fetchRelationships(response.data.map(item => item.id)));
    }).catch(error => dispatch(expandBlocksFail(error)));
  };
-};
+}
 export function expandBlocksRequest() {
  return {
    type: BLOCKS_EXPAND_REQUEST,
  };
-};
+}
 export function expandBlocksSuccess(accounts, next) {
  return {
@ -78,14 +78,14 @@ export function expandBlocksSuccess(accounts, next) {
    accounts,
    next,
  };
-};
+}
 export function expandBlocksFail(error) {
  return {
    type: BLOCKS_EXPAND_FAIL,
    error,
  };
-};
+}
 export function initBlockModal(account) {
  return dispatch => {
--- a/app/javascript/flavours/glitch/actions/bookmarks.js
+++ b/app/javascript/flavours/glitch/actions/bookmarks.js
@ -25,13 +25,13 @@ export function fetchBookmarkedStatuses() {
      dispatch(fetchBookmarkedStatusesFail(error));
    });
  };
-};
+}
 export function fetchBookmarkedStatusesRequest() {
  return {
    type: BOOKMARKED_STATUSES_FETCH_REQUEST,
  };
-};
+}
 export function fetchBookmarkedStatusesSuccess(statuses, next) {
  return {
@ -39,14 +39,14 @@ export function fetchBookmarkedStatusesSuccess(statuses, next) {
    statuses,
    next,
  };
-};
+}
 export function fetchBookmarkedStatusesFail(error) {
  return {
    type: BOOKMARKED_STATUSES_FETCH_FAIL,
    error,
  };
-};
+}
 export function expandBookmarkedStatuses() {
  return (dispatch, getState) => {
@ -66,13 +66,13 @@ export function expandBookmarkedStatuses() {
      dispatch(expandBookmarkedStatusesFail(error));
    });
  };
-};
+}
 export function expandBookmarkedStatusesRequest() {
  return {
    type: BOOKMARKED_STATUSES_EXPAND_REQUEST,
  };
-};
+}
 export function expandBookmarkedStatusesSuccess(statuses, next) {
  return {
@ -80,11 +80,11 @@ export function expandBookmarkedStatusesSuccess(statuses, next) {
    statuses,
    next,
  };
-};
+}
 export function expandBookmarkedStatusesFail(error) {
  return {
    type: BOOKMARKED_STATUSES_EXPAND_FAIL,
    error,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/boosts.js
+++ b/app/javascript/flavours/glitch/actions/boosts.js
@ -11,7 +11,7 @@ export function initBoostModal(props) {
    dispatch({
      type: BOOSTS_INIT_MODAL,
-      privacy
+      privacy,
    });
    dispatch(openModal('BOOST', props));
--- a/app/javascript/flavours/glitch/actions/columns.js
+++ b/app/javascript/flavours/glitch/actions/columns.js
@ -15,7 +15,7 @@ export function addColumn(id, params) {
    dispatch(saveSettings());
  };
-};
+}
 export function removeColumn(uuid) {
  return dispatch => {
@ -26,7 +26,7 @@ export function removeColumn(uuid) {
    dispatch(saveSettings());
  };
-};
+}
 export function moveColumn(uuid, direction) {
  return dispatch => {
@ -38,7 +38,7 @@ export function moveColumn(uuid, direction) {
    dispatch(saveSettings());
  };
-};
+}
 export function changeColumnParams(uuid, path, value) {
  return dispatch => {
--- a/app/javascript/flavours/glitch/actions/compose.js
+++ b/app/javascript/flavours/glitch/actions/compose.js
@ -93,27 +93,28 @@ export const ensureComposeIsVisible = (getState, routerHistory) => {
  }
 };
-export function setComposeToStatus(status, text, spoiler_text) {
+export function setComposeToStatus(status, text, spoiler_text, content_type) {
  return{
    type: COMPOSE_SET_STATUS,
    status,
    text,
    spoiler_text,
    content_type,
  };
-};
+}
 export function changeCompose(text) {
  return {
    type: COMPOSE_CHANGE,
    text: text,
  };
-};
+}
 export function cycleElefriendCompose() {
  return {
    type: COMPOSE_CYCLE_ELEFRIEND,
  };
-};
+}
 export function replyCompose(status, routerHistory) {
  return (dispatch, getState) => {
@ -126,19 +127,19 @@ export function replyCompose(status, routerHistory) {
    ensureComposeIsVisible(getState, routerHistory);
  };
-};
+}
 export function cancelReplyCompose() {
  return {
    type: COMPOSE_REPLY_CANCEL,
  };
-};
+}
 export function resetCompose() {
  return {
    type: COMPOSE_RESET,
  };
-};
+}
 export function mentionCompose(account, routerHistory) {
  return (dispatch, getState) => {
@ -149,7 +150,7 @@ export function mentionCompose(account, routerHistory) {
    ensureComposeIsVisible(getState, routerHistory);
  };
-};
+}
 export function directCompose(account, routerHistory) {
  return (dispatch, getState) => {
@ -160,7 +161,7 @@ export function directCompose(account, routerHistory) {
    ensureComposeIsVisible(getState, routerHistory);
  };
-};
+}
 export function submitCompose(routerHistory) {
  return function (dispatch, getState) {
@ -180,6 +181,18 @@ export function submitCompose(routerHistory) {
    dispatch(submitComposeRequest());
    // If we're editing a post with media attachments, those have not
    // necessarily been changed on the server. Do it now in the same
    // API call.
    let media_attributes;
    if (statusId !== null) {
      media_attributes = media.map(item => ({
        id: item.get('id'),
        description: item.get('description'),
        focus: item.get('focus'),
      }));
    }
    api(getState).request({
      url: statusId === null ? '/api/v1/statuses' : `/api/v1/statuses/${statusId}`,
      method: statusId === null ? 'post' : 'put',
@ -188,6 +201,7 @@ export function submitCompose(routerHistory) {
        content_type: getState().getIn(['compose', 'content_type']),
        in_reply_to_id: getState().getIn(['compose', 'in_reply_to'], null),
        media_ids: media.map(item => item.get('id')),
        media_attributes,
        sensitive: getState().getIn(['compose', 'sensitive']) || (spoilerText.length > 0 && media.size !== 0),
        spoiler_text: spoilerText,
        visibility: getState().getIn(['compose', 'privacy']),
@ -243,34 +257,34 @@ export function submitCompose(routerHistory) {
      dispatch(submitComposeFail(error));
    });
  };
-};
+}
 export function submitComposeRequest() {
  return {
    type: COMPOSE_SUBMIT_REQUEST,
  };
-};
+}
 export function submitComposeSuccess(status) {
  return {
    type: COMPOSE_SUBMIT_SUCCESS,
    status: status,
  };
-};
+}
 export function submitComposeFail(error) {
  return {
    type: COMPOSE_SUBMIT_FAIL,
    error: error,
  };
-};
+}
 export function doodleSet(options) {
  return {
    type: COMPOSE_DOODLE_SET,
    options: options,
  };
-};
+}
 export function uploadCompose(files) {
  return function (dispatch, getState) {
@ -333,9 +347,9 @@ export function uploadCompose(files) {
          }
        });
      }).catch(error => dispatch(uploadComposeFail(error)));
-    };
+    }
  };
-};
+}
 export const uploadComposeProcessing = () => ({
  type: COMPOSE_UPLOAD_PROCESSING,
@ -393,14 +407,14 @@ export function initMediaEditModal(id) {
    dispatch(openModal('FOCAL_POINT', { id }));
  };
-};
+}
 export function onChangeMediaDescription(description) {
  return {
    type: COMPOSE_CHANGE_MEDIA_DESCRIPTION,
    description,
  };
-};
+}
 export function onChangeMediaFocus(focusX, focusY) {
  return {
@ -408,34 +422,55 @@ export function onChangeMediaFocus(focusX, focusY) {
    focusX,
    focusY,
  };
-};
+}
 export function changeUploadCompose(id, params) {
  return (dispatch, getState) => {
    dispatch(changeUploadComposeRequest());
-    api(getState).put(`/api/v1/media/${id}`, params).then(response => {
+    let media = getState().getIn(['compose', 'media_attachments']).find((item) => item.get('id') === id);
-      dispatch(changeUploadComposeSuccess(response.data));
+
-    }).catch(error => {
+    // Editing already-attached media is deferred to editing the post itself.
-      dispatch(changeUploadComposeFail(id, error));
+    // For simplicity's sake, fake an API reply.
-    });
+    if (media && !media.get('unattached')) {
      let { description, focus } = params;
      const data = media.toJS();
      if (description) {
        data.description = description;
      }
      if (focus) {
        focus = focus.split(',');
        data.meta = { focus: { x: parseFloat(focus[0]), y: parseFloat(focus[1]) } };
      }
      dispatch(changeUploadComposeSuccess(data, true));
    } else {
      api(getState).put(`/api/v1/media/${id}`, params).then(response => {
        dispatch(changeUploadComposeSuccess(response.data, false));
      }).catch(error => {
        dispatch(changeUploadComposeFail(id, error));
      });
    }
  };
-};
+}
 export function changeUploadComposeRequest() {
  return {
    type: COMPOSE_UPLOAD_CHANGE_REQUEST,
    skipLoading: true,
  };
-};
+}
-export function changeUploadComposeSuccess(media) {
+export function changeUploadComposeSuccess(media, attached) {
  return {
    type: COMPOSE_UPLOAD_CHANGE_SUCCESS,
    media: media,
    attached: attached,
    skipLoading: true,
  };
-};
+}
 export function changeUploadComposeFail(error) {
  return {
@ -443,14 +478,14 @@ export function changeUploadComposeFail(error) {
    error: error,
    skipLoading: true,
  };
-};
+}
 export function uploadComposeRequest() {
  return {
    type: COMPOSE_UPLOAD_REQUEST,
    skipLoading: true,
  };
-};
+}
 export function uploadComposeProgress(loaded, total) {
  return {
@ -458,7 +493,7 @@ export function uploadComposeProgress(loaded, total) {
    loaded: loaded,
    total: total,
  };
-};
+}
 export function uploadComposeSuccess(media, file) {
  return {
@ -467,7 +502,7 @@ export function uploadComposeSuccess(media, file) {
    file: file,
    skipLoading: true,
  };
-};
+}
 export function uploadComposeFail(error) {
  return {
@ -475,14 +510,14 @@ export function uploadComposeFail(error) {
    error: error,
    skipLoading: true,
  };
-};
+}
 export function undoUploadCompose(media_id) {
  return {
    type: COMPOSE_UPLOAD_UNDO,
    media_id: media_id,
  };
-};
+}
 export function clearComposeSuggestions() {
  if (fetchComposeSuggestionsAccountsController) {
@ -491,7 +526,7 @@ export function clearComposeSuggestions() {
  return {
    type: COMPOSE_SUGGESTIONS_CLEAR,
  };
-};
+}
 const fetchComposeSuggestionsAccounts = throttle((dispatch, getState, token) => {
  if (fetchComposeSuggestionsAccountsController) {
@ -568,7 +603,7 @@ export function fetchComposeSuggestions(token) {
      break;
    }
  };
-};
+}
 export function readyComposeSuggestionsEmojis(token, emojis) {
  return {
@ -576,7 +611,7 @@ export function readyComposeSuggestionsEmojis(token, emojis) {
    token,
    emojis,
  };
-};
+}
 export function readyComposeSuggestionsAccounts(token, accounts) {
  return {
@ -584,7 +619,7 @@ export function readyComposeSuggestionsAccounts(token, accounts) {
    token,
    accounts,
  };
-};
+}
 export const readyComposeSuggestionsTags = (token, tags) => ({
  type: COMPOSE_SUGGESTIONS_READY,
@ -624,7 +659,7 @@ export function selectComposeSuggestion(position, token, suggestion, path) {
      });
    }
  };
-};
+}
 export function updateSuggestionTags(token) {
  return {
@ -672,13 +707,13 @@ export function mountCompose() {
  return {
    type: COMPOSE_MOUNT,
  };
-};
+}
 export function unmountCompose() {
  return {
    type: COMPOSE_UNMOUNT,
  };
-};
+}
 export function changeComposeAdvancedOption(option, value) {
  return {
@ -692,7 +727,7 @@ export function changeComposeSensitivity() {
  return {
    type: COMPOSE_SENSITIVITY_CHANGE,
  };
-};
+}
 export const changeComposeLanguage = language => ({
  type: COMPOSE_LANGUAGE_CHANGE,
@ -703,28 +738,28 @@ export function changeComposeSpoilerness() {
  return {
    type: COMPOSE_SPOILERNESS_CHANGE,
  };
-};
+}
 export function changeComposeSpoilerText(text) {
  return {
    type: COMPOSE_SPOILER_TEXT_CHANGE,
    text,
  };
-};
+}
 export function changeComposeVisibility(value) {
  return {
    type: COMPOSE_VISIBILITY_CHANGE,
    value,
  };
-};
+}
 export function changeComposeContentType(value) {
  return {
    type: COMPOSE_CONTENT_TYPE_CHANGE,
    value,
  };
-};
+}
 export function insertEmojiCompose(position, emoji) {
  return {
@ -732,26 +767,26 @@ export function insertEmojiCompose(position, emoji) {
    position,
    emoji,
  };
-};
+}
 export function addPoll() {
  return {
    type: COMPOSE_POLL_ADD,
  };
-};
+}
 export function removePoll() {
  return {
    type: COMPOSE_POLL_REMOVE,
  };
-};
+}
 export function addPollOption(title) {
  return {
    type: COMPOSE_POLL_OPTION_ADD,
    title,
  };
-};
+}
 export function changePollOption(index, title) {
  return {
@ -759,14 +794,14 @@ export function changePollOption(index, title) {
    index,
    title,
  };
-};
+}
 export function removePollOption(index) {
  return {
    type: COMPOSE_POLL_OPTION_REMOVE,
    index,
  };
-};
+}
 export function changePollSettings(expiresIn, isMultiple) {
  return {
@ -774,4 +809,4 @@ export function changePollSettings(expiresIn, isMultiple) {
    expiresIn,
    isMultiple,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/custom_emojis.js
+++ b/app/javascript/flavours/glitch/actions/custom_emojis.js
@ -14,14 +14,14 @@ export function fetchCustomEmojis() {
      dispatch(fetchCustomEmojisFail(error));
    });
  };
-};
+}
 export function fetchCustomEmojisRequest() {
  return {
    type: CUSTOM_EMOJIS_FETCH_REQUEST,
    skipLoading: true,
  };
-};
+}
 export function fetchCustomEmojisSuccess(custom_emojis) {
  return {
@ -29,7 +29,7 @@ export function fetchCustomEmojisSuccess(custom_emojis) {
    custom_emojis,
    skipLoading: true,
  };
-};
+}
 export function fetchCustomEmojisFail(error) {
  return {
@ -37,4 +37,4 @@ export function fetchCustomEmojisFail(error) {
    error,
    skipLoading: true,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/domain_blocks.js
+++ b/app/javascript/flavours/glitch/actions/domain_blocks.js
@ -29,14 +29,14 @@ export function blockDomain(domain) {
      dispatch(blockDomainFail(domain, err));
    });
  };
-};
+}
 export function blockDomainRequest(domain) {
  return {
    type: DOMAIN_BLOCK_REQUEST,
    domain,
  };
-};
+}
 export function blockDomainSuccess(domain, accounts) {
  return {
@ -44,7 +44,7 @@ export function blockDomainSuccess(domain, accounts) {
    domain,
    accounts,
  };
-};
+}
 export function blockDomainFail(domain, error) {
  return {
@ -52,7 +52,7 @@ export function blockDomainFail(domain, error) {
    domain,
    error,
  };
-};
+}
 export function unblockDomain(domain) {
  return (dispatch, getState) => {
@ -66,14 +66,14 @@ export function unblockDomain(domain) {
      dispatch(unblockDomainFail(domain, err));
    });
  };
-};
+}
 export function unblockDomainRequest(domain) {
  return {
    type: DOMAIN_UNBLOCK_REQUEST,
    domain,
  };
-};
+}
 export function unblockDomainSuccess(domain, accounts) {
  return {
@ -81,7 +81,7 @@ export function unblockDomainSuccess(domain, accounts) {
    domain,
    accounts,
  };
-};
+}
 export function unblockDomainFail(domain, error) {
  return {
@ -89,7 +89,7 @@ export function unblockDomainFail(domain, error) {
    domain,
    error,
  };
-};
+}
 export function fetchDomainBlocks() {
  return (dispatch, getState) => {
@ -102,13 +102,13 @@ export function fetchDomainBlocks() {
      dispatch(fetchDomainBlocksFail(err));
    });
  };
-};
+}
 export function fetchDomainBlocksRequest() {
  return {
    type: DOMAIN_BLOCKS_FETCH_REQUEST,
  };
-};
+}
 export function fetchDomainBlocksSuccess(domains, next) {
  return {
@ -116,14 +116,14 @@ export function fetchDomainBlocksSuccess(domains, next) {
    domains,
    next,
  };
-};
+}
 export function fetchDomainBlocksFail(error) {
  return {
    type: DOMAIN_BLOCKS_FETCH_FAIL,
    error,
  };
-};
+}
 export function expandDomainBlocks() {
  return (dispatch, getState) => {
@ -142,13 +142,13 @@ export function expandDomainBlocks() {
      dispatch(expandDomainBlocksFail(err));
    });
  };
-};
+}
 export function expandDomainBlocksRequest() {
  return {
    type: DOMAIN_BLOCKS_EXPAND_REQUEST,
  };
-};
+}
 export function expandDomainBlocksSuccess(domains, next) {
  return {
@ -156,11 +156,11 @@ export function expandDomainBlocksSuccess(domains, next) {
    domains,
    next,
  };
-};
+}
 export function expandDomainBlocksFail(error) {
  return {
    type: DOMAIN_BLOCKS_EXPAND_FAIL,
    error,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/dropdown_menu.js
+++ b/app/javascript/flavours/glitch/actions/dropdown_menu.js
@ -1,8 +1,8 @@
 export const DROPDOWN_MENU_OPEN = 'DROPDOWN_MENU_OPEN';
 export const DROPDOWN_MENU_CLOSE = 'DROPDOWN_MENU_CLOSE';
-export function openDropdownMenu(id, placement, keyboard, scroll_key) {
+export function openDropdownMenu(id, keyboard, scroll_key) {
-  return { type: DROPDOWN_MENU_OPEN, id, placement, keyboard, scroll_key };
+  return { type: DROPDOWN_MENU_OPEN, id, keyboard, scroll_key };
 }
 export function closeDropdownMenu(id) {
--- a/app/javascript/flavours/glitch/actions/emojis.js
+++ b/app/javascript/flavours/glitch/actions/emojis.js
@ -11,4 +11,4 @@ export function useEmoji(emoji) {
    dispatch(saveSettings());
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/favourites.js
+++ b/app/javascript/flavours/glitch/actions/favourites.js
@ -25,14 +25,14 @@ export function fetchFavouritedStatuses() {
      dispatch(fetchFavouritedStatusesFail(error));
    });
  };
-};
+}
 export function fetchFavouritedStatusesRequest() {
  return {
    type: FAVOURITED_STATUSES_FETCH_REQUEST,
    skipLoading: true,
  };
-};
+}
 export function fetchFavouritedStatusesSuccess(statuses, next) {
  return {
@ -41,7 +41,7 @@ export function fetchFavouritedStatusesSuccess(statuses, next) {
    next,
    skipLoading: true,
  };
-};
+}
 export function fetchFavouritedStatusesFail(error) {
  return {
@ -49,7 +49,7 @@ export function fetchFavouritedStatusesFail(error) {
    error,
    skipLoading: true,
  };
-};
+}
 export function expandFavouritedStatuses() {
  return (dispatch, getState) => {
@ -69,13 +69,13 @@ export function expandFavouritedStatuses() {
      dispatch(expandFavouritedStatusesFail(error));
    });
  };
-};
+}
 export function expandFavouritedStatusesRequest() {
  return {
    type: FAVOURITED_STATUSES_EXPAND_REQUEST,
  };
-};
+}
 export function expandFavouritedStatusesSuccess(statuses, next) {
  return {
@ -83,11 +83,11 @@ export function expandFavouritedStatusesSuccess(statuses, next) {
    statuses,
    next,
  };
-};
+}
 export function expandFavouritedStatusesFail(error) {
  return {
    type: FAVOURITED_STATUSES_EXPAND_FAIL,
    error,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/height_cache.js
+++ b/app/javascript/flavours/glitch/actions/height_cache.js
@ -8,10 +8,10 @@ export function setHeight (key, id, height) {
    id,
    height,
  };
-};
+}
 export function clearHeight () {
  return {
    type: HEIGHT_CACHE_CLEAR,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/interactions.js
+++ b/app/javascript/flavours/glitch/actions/interactions.js
@ -54,7 +54,7 @@ export function reblog(status, visibility) {
      dispatch(reblogFail(status, error));
    });
  };
-};
+}
 export function unreblog(status) {
  return (dispatch, getState) => {
@ -67,21 +67,21 @@ export function unreblog(status) {
      dispatch(unreblogFail(status, error));
    });
  };
-};
+}
 export function reblogRequest(status) {
  return {
    type: REBLOG_REQUEST,
    status: status,
  };
-};
+}
 export function reblogSuccess(status) {
  return {
    type: REBLOG_SUCCESS,
    status: status,
  };
-};
+}
 export function reblogFail(status, error) {
  return {
@ -89,21 +89,21 @@ export function reblogFail(status, error) {
    status: status,
    error: error,
  };
-};
+}
 export function unreblogRequest(status) {
  return {
    type: UNREBLOG_REQUEST,
    status: status,
  };
-};
+}
 export function unreblogSuccess(status) {
  return {
    type: UNREBLOG_SUCCESS,
    status: status,
  };
-};
+}
 export function unreblogFail(status, error) {
  return {
@ -111,7 +111,7 @@ export function unreblogFail(status, error) {
    status: status,
    error: error,
  };
-};
+}
 export function favourite(status) {
  return function (dispatch, getState) {
@ -124,7 +124,7 @@ export function favourite(status) {
      dispatch(favouriteFail(status, error));
    });
  };
-};
+}
 export function unfavourite(status) {
  return (dispatch, getState) => {
@ -137,21 +137,21 @@ export function unfavourite(status) {
      dispatch(unfavouriteFail(status, error));
    });
  };
-};
+}
 export function favouriteRequest(status) {
  return {
    type: FAVOURITE_REQUEST,
    status: status,
  };
-};
+}
 export function favouriteSuccess(status) {
  return {
    type: FAVOURITE_SUCCESS,
    status: status,
  };
-};
+}
 export function favouriteFail(status, error) {
  return {
@ -159,21 +159,21 @@ export function favouriteFail(status, error) {
    status: status,
    error: error,
  };
-};
+}
 export function unfavouriteRequest(status) {
  return {
    type: UNFAVOURITE_REQUEST,
    status: status,
  };
-};
+}
 export function unfavouriteSuccess(status) {
  return {
    type: UNFAVOURITE_SUCCESS,
    status: status,
  };
-};
+}
 export function unfavouriteFail(status, error) {
  return {
@ -181,7 +181,7 @@ export function unfavouriteFail(status, error) {
    status: status,
    error: error,
  };
-};
+}
 export function bookmark(status) {
  return function (dispatch, getState) {
@ -194,7 +194,7 @@ export function bookmark(status) {
      dispatch(bookmarkFail(status, error));
    });
  };
-};
+}
 export function unbookmark(status) {
  return (dispatch, getState) => {
@ -207,21 +207,21 @@ export function unbookmark(status) {
      dispatch(unbookmarkFail(status, error));
    });
  };
-};
+}
 export function bookmarkRequest(status) {
  return {
    type: BOOKMARK_REQUEST,
    status: status,
  };
-};
+}
 export function bookmarkSuccess(status) {
  return {
    type: BOOKMARK_SUCCESS,
    status: status,
  };
-};
+}
 export function bookmarkFail(status, error) {
  return {
@ -229,21 +229,21 @@ export function bookmarkFail(status, error) {
    status: status,
    error: error,
  };
-};
+}
 export function unbookmarkRequest(status) {
  return {
    type: UNBOOKMARK_REQUEST,
    status: status,
  };
-};
+}
 export function unbookmarkSuccess(status) {
  return {
    type: UNBOOKMARK_SUCCESS,
    status: status,
  };
-};
+}
 export function unbookmarkFail(status, error) {
  return {
@ -251,7 +251,7 @@ export function unbookmarkFail(status, error) {
    status: status,
    error: error,
  };
-};
+}
 export function fetchReblogs(id) {
  return (dispatch, getState) => {
@ -264,14 +264,14 @@ export function fetchReblogs(id) {
      dispatch(fetchReblogsFail(id, error));
    });
  };
-};
+}
 export function fetchReblogsRequest(id) {
  return {
    type: REBLOGS_FETCH_REQUEST,
    id,
  };
-};
+}
 export function fetchReblogsSuccess(id, accounts) {
  return {
@ -279,14 +279,14 @@ export function fetchReblogsSuccess(id, accounts) {
    id,
    accounts,
  };
-};
+}
 export function fetchReblogsFail(id, error) {
  return {
    type: REBLOGS_FETCH_FAIL,
    error,
  };
-};
+}
 export function fetchFavourites(id) {
  return (dispatch, getState) => {
@ -299,14 +299,14 @@ export function fetchFavourites(id) {
      dispatch(fetchFavouritesFail(id, error));
    });
  };
-};
+}
 export function fetchFavouritesRequest(id) {
  return {
    type: FAVOURITES_FETCH_REQUEST,
    id,
  };
-};
+}
 export function fetchFavouritesSuccess(id, accounts) {
  return {
@ -314,14 +314,14 @@ export function fetchFavouritesSuccess(id, accounts) {
    id,
    accounts,
  };
-};
+}
 export function fetchFavouritesFail(id, error) {
  return {
    type: FAVOURITES_FETCH_FAIL,
    error,
  };
-};
+}
 export function pin(status) {
  return (dispatch, getState) => {
@ -334,21 +334,21 @@ export function pin(status) {
      dispatch(pinFail(status, error));
    });
  };
-};
+}
 export function pinRequest(status) {
  return {
    type: PIN_REQUEST,
    status,
  };
-};
+}
 export function pinSuccess(status) {
  return {
    type: PIN_SUCCESS,
    status,
  };
-};
+}
 export function pinFail(status, error) {
  return {
@ -356,7 +356,7 @@ export function pinFail(status, error) {
    status,
    error,
  };
-};
+}
 export function unpin (status) {
  return (dispatch, getState) => {
@ -369,21 +369,21 @@ export function unpin (status) {
      dispatch(unpinFail(status, error));
    });
  };
-};
+}
 export function unpinRequest(status) {
  return {
    type: UNPIN_REQUEST,
    status,
  };
-};
+}
 export function unpinSuccess(status) {
  return {
    type: UNPIN_SUCCESS,
    status,
  };
-};
+}
 export function unpinFail(status, error) {
  return {
@ -391,4 +391,4 @@ export function unpinFail(status, error) {
    status,
    error,
  };
-};
+}
--- a/app/javascript/flavours/glitch/actions/local_settings.js
+++ b/app/javascript/flavours/glitch/actions/local_settings.js
@ -33,14 +33,14 @@ export function checkDeprecatedLocalSettings() {
      }));
    }
  };
-};
+}
 export function clearDeprecatedLocalSettings() {
  return (dispatch) => {
    dispatch(deleteLocalSetting(['content_warnings', 'auto_unfold']));
    dispatch(deleteLocalSetting(['swipe_to_change_columns']));
  };
-};
+}
 export function changeLocalSetting(key, value) {
  return dispatch => {
@ -52,7 +52,7 @@ export function changeLocalSetting(key, value) {
    dispatch(saveLocalSettings());
  };
-};
+}
 export function deleteLocalSetting(key) {
  return dispatch => {
@ -63,7 +63,7 @@ export function deleteLocalSetting(key) {
    dispatch(saveLocalSettings());
  };
-};
+}
 //  __TODO :__
 //  Right now `saveLocalSettings()` doesn't keep track of which user
@ -74,4 +74,4 @@ export function saveLocalSettings() {
    const localSettings = getState().get('local_settings').toJS();
    localStorage.setItem('mastodon-settings', JSON.stringify(localSettings));
  };
-};
+}
--- a/Show More
+++ b/Show More