chore: update URL to git

Merge tag 'v4.2.12' of https://github.com/mastodon/mastodon into paravielfalt-4.2
Bump version to v4.2.12 (#31491 )
2024-08-26 21:34:24 +02:00 · 2024-08-25 21:57:28 +02:00 · 2024-08-19 11:13:45 +02:00 · 2024-08-19 09:52:32 +02:00 · 2024-08-16 12:30:59 +02:00 · 2024-08-16 12:30:59 +02:00
1944 changed files with 46940 additions and 37839 deletions
--- a/.bundler-audit.yml
+++ b/.bundler-audit.yml
@ -1,3 +1,6 @@
 ---
 ignore:
-  - CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications
+  # devise-two-factor advisory about brute-forcing TOTP
  # We have rate-limits on authentication endpoints in place (including second
  # factor verification) since Mastodon v3.2.0
  - CVE-2024-0227
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -1,13 +1,9 @@
 # For details, see https://github.com/devcontainers/images/tree/main/src/ruby
-FROM mcr.microsoft.com/devcontainers/ruby:0-3.2-bullseye
+FROM mcr.microsoft.com/devcontainers/ruby:1-3.2-bullseye
 # Install Rails
 # RUN gem install rails webdrivers
 # Default value to allow debug server to serve content over GitHub Codespace's port forwarding service
 # The value is a comma-separated list of allowed domains
 ENV RAILS_DEVELOPMENT_HOSTS=".githubpreview.dev,.preview.app.github.dev,.app.github.dev"
 ARG NODE_VERSION="16"
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
--- a/.devcontainer/codespaces/devcontainer.json
+++ b/.devcontainer/codespaces/devcontainer.json
@ -0,0 +1,49 @@
 {
  "name": "Mastodon on GitHub Codespaces",
  "dockerComposeFile": "../docker-compose.yml",
  "service": "app",
  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {}
  },
  "runServices": ["app", "db", "redis"],
  "forwardPorts": [3000, 4000],
  "portsAttributes": {
    "3000": {
      "label": "web",
      "onAutoForward": "notify"
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent"
    }
  },
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "remoteEnv": {
    "LOCAL_DOMAIN": "${localEnv:CODESPACE_NAME}-3000.app.github.dev",
    "LOCAL_HTTPS": "true",
    "STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
    "DISABLE_FORGERY_REQUEST_PROTECTION": "true",
    "ES_ENABLED": "",
    "LIBRE_TRANSLATE_ENDPOINT": ""
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
  "postCreateCommand": ".devcontainer/post-create.sh",
  "waitFor": "postCreateCommand",
  "customizations": {
    "vscode": {
      "settings": {},
      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
    }
  }
 }
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -1,31 +1,39 @@
 // For more details, see https://aka.ms/devcontainer.json.
 {
-  "name": "Mastodon",
+  "name": "Mastodon on local machine",
  "dockerComposeFile": "docker-compose.yml",
  "service": "app",
  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
  // Features to add to the dev container. More info: https://containers.dev/features.
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {}
  },
  // Use 'forwardPorts' to make a list of ports inside the container available locally.
  // This can be used to network with other containers or the host.
  "forwardPorts": [3000, 4000],
-  // Use 'postCreateCommand' to run commands after the container is created.
+  "portsAttributes": {
    "3000": {
      "label": "web",
      "onAutoForward": "notify",
      "requireLocalPort": true
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent",
      "requireLocalPort": true
    }
  },
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
  "postCreateCommand": ".devcontainer/post-create.sh",
  "waitFor": "postCreateCommand",
  // Configure tool-specific properties.
  "customizations": {
    // Configure properties specific to VS Code.
    "vscode": {
      // Set *default* container specific settings.json values on container create.
      "settings": {},
      // Add the IDs of extensions you want installed when the container is created.
      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
    }
  }
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@ -25,6 +25,7 @@ services:
    command: sleep infinity
    ports:
      - '127.0.0.1:3000:3000'
      - '127.0.0.1:3035:3035'
      - '127.0.0.1:4000:4000'
    networks:
      - external_network
@ -69,7 +70,7 @@ services:
        hard: -1
  libretranslate:
-    image: libretranslate/libretranslate:v1.3.10
+    image: libretranslate/libretranslate:v1.3.11
    restart: unless-stopped
    volumes:
      - lt-data:/home/libretranslate/.local
--- a/.env.vagrant
+++ b/.env.vagrant
@ -2,3 +2,7 @@ VAGRANT=true
 LOCAL_DOMAIN=mastodon.local
 BIND=0.0.0.0
 DB_HOST=/var/run/postgresql/
 ES_ENABLED=true
 ES_HOST=localhost
 ES_PORT=9200
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -325,8 +325,8 @@ module.exports = {
      extends: [
        'eslint:recommended',
-        'plugin:@typescript-eslint/recommended',
+        'plugin:@typescript-eslint/strict-type-checked',
-        'plugin:@typescript-eslint/recommended-requiring-type-checking',
+        'plugin:@typescript-eslint/stylistic-type-checked',
        'plugin:react/recommended',
        'plugin:react-hooks/recommended',
        'plugin:jsx-a11y/recommended',
@ -338,7 +338,7 @@ module.exports = {
      ],
      parserOptions: {
-        project: './tsconfig.json',
+        project: true,
        tsconfigRootDir: __dirname,
      },
@ -348,6 +348,7 @@ module.exports = {
        '@typescript-eslint/consistent-type-definitions': ['warn', 'interface'],
        '@typescript-eslint/consistent-type-exports': 'error',
        '@typescript-eslint/consistent-type-imports': 'error',
        "@typescript-eslint/prefer-nullish-coalescing": ['error', {ignorePrimitives: {boolean: true}}],
        'jsdoc/require-jsdoc': 'off',
--- a/.gitea/workflows/build.yml
+++ b/.gitea/workflows/build.yml
@ -0,0 +1,29 @@
 ---
 name: Build Image for Deployment
 on:
  push:
    tags:
      - '**pvz**'
  workflow_dispatch:
 jobs:
  build:
    runs-on: ubuntu-latest
    container: ghcr.io/catthehacker/ubuntu:act-22.04
    steps:
      - uses: actions/checkout@v4
      - uses: docker/setup-buildx-action@v3
      - name: Login to gitea container registry
        uses: docker/login-action@v3
        with:
          registry: git.wir-sind-auch-menschen.de
          username: alice-bot
          password: ${{ secrets.GT_TOKEN }}
      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: git.wir-sind-auch-menschen.de/paravielfalt/mastodon:${{ gitea.ref_name }}
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,3 +0,0 @@
 patreon: mastodon
 open_collective: mastodon
 custom: https://sponsor.joinmastodon.org
--- a/.github/ISSUE_TEMPLATE/1.bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1.bug_report.yml
@ -1,56 +0,0 @@
 name: Bug Report
 description: If something isn't working as expected
 labels: [bug]
 body:
  - type: markdown
    attributes:
      value: |
        Make sure that you are submitting a new bug that was not previously reported or already fixed.
        Please use a concise and distinct title for the issue.
  - type: textarea
    attributes:
      label: Steps to reproduce the problem
      description: What were you trying to do?
      value: |
        1.
        2.
        3.
        ...
    validations:
      required: true
  - type: input
    attributes:
      label: Expected behaviour
      description: What should have happened?
    validations:
      required: true
  - type: input
    attributes:
      label: Actual behaviour
      description: What happened?
    validations:
      required: true
  - type: textarea
    attributes:
      label: Detailed description
    validations:
      required: false
  - type: textarea
    attributes:
      label: Specifications
      description: |
        What version or commit hash of Mastodon did you find this bug in?
        If a front-end issue, what browser and operating systems were you using?
      placeholder: |
        Mastodon 3.5.3 (or Edge)
        Ruby 2.7.6 (or v3.1.2)
        Node.js 16.18.0
        Google Chrome 106.0.5249.119
        Firefox 105.0.3
        etc...
    validations:
      required: true
--- a/.github/ISSUE_TEMPLATE/2.feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/2.feature_request.yml
@ -1,22 +0,0 @@
 name: Feature Request
 description: I have a suggestion
 labels: [suggestion]
 body:
  - type: markdown
    attributes:
      value: |
        Please use a concise and distinct title for the issue.
        Consider: Could it be implemented as a 3rd party app using the REST API instead?
  - type: textarea
    attributes:
      label: Pitch
      description: Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before.
    validations:
      required: true
  - type: textarea
    attributes:
      label: Motivation
      description: Why do you think this feature is needed? Who would benefit from it?
    validations:
      required: true
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -1,5 +0,0 @@
 blank_issues_enabled: false
 contact_links:
  - name: GitHub Discussions
    url: https://github.com/mastodon/mastodon/discussions
    about: Please ask and answer questions here.
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@ -1,114 +0,0 @@
 {
  $schema: 'https://docs.renovatebot.com/renovate-schema.json',
  extends: [
    'config:base',
    ':dependencyDashboard',
    ':labels(dependencies)',
    ':maintainLockFilesMonthly', // update non-direct dependencies monthly
    ':prConcurrentLimit10', // only 10 open PRs at the same time
  ],
  stabilityDays: 3, // Wait 3 days after the package has been published before upgrading it
  // packageRules order is important, they are applied from top to bottom and are merged,
  // so for example grouping rules needs to be at the bottom
  packageRules: [
    {
      // Ignore major version bumps for these node packages
      matchManagers: ['npm'],
      matchPackageNames: [
        '@rails/ujs', // Needs to match the major Rails version
        'tesseract.js', // Requires code changes
        'react-hotkeys', // Requires code changes
        // Requires Webpacker upgrade or replacement
        '@types/webpack',
        'babel-loader',
        'compression-webpack-plugin',
        'css-loader',
        'imports-loader',
        'mini-css-extract-plugin',
        'postcss-loader',
        'sass-loader',
        'terser-webpack-plugin',
        'webpack',
        'webpack-assets-manifest',
        'webpack-bundle-analyzer',
        'webpack-dev-server',
        'webpack-cli',
        // react-router: Requires manual upgrade
        'history',
        'react-router-dom',
      ],
      matchUpdateTypes: ['major'],
      enabled: false,
    },
    {
      // Ignore major version bumps for these Ruby packages
      matchManagers: ['bundler'],
      matchPackageNames: [
        'sprockets', // Requires manual upgrade https://github.com/rails/sprockets/blob/master/UPGRADING.md#guide-to-upgrading-from-sprockets-3x-to-4x
        'strong_migrations', // Requires manual upgrade
        'sidekiq', // Requires manual upgrade
        'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version
        'redis', // Requires manual upgrade and sync with Sidekiq version
        'fog-openstack', // TODO: was ignored in https://github.com/mastodon/mastodon/pull/13964
        // Needs major Rails version bump
        'rack',
        'rails',
        'rails-i18n',
      ],
      matchUpdateTypes: ['major'],
      enabled: false,
    },
    {
      // Update Github Actions and Docker images weekly
      matchManagers: ['github-actions', 'dockerfile', 'docker-compose'],
      extends: ['schedule:weekly'],
    },
    {
      // Ignore major & minor bumps for the ruby image, this needs to be synced with .ruby-version
      matchManagers: ['dockerfile'],
      matchPackageNames: ['moritzheiber/ruby-jemalloc'],
      matchUpdateTypes: ['minor', 'major'],
      enabled: false,
    },
    {
      // Ignore major bump for the node image, this needs to be synced with .nvmrc
      matchManagers: ['dockerfile'],
      matchPackageNames: ['node'],
      matchUpdateTypes: ['major'],
      enabled: false,
    },
    {
      // Ignore major postgres bumps in the docker-compose file, as those break dev environments
      matchManagers: ['docker-compose'],
      matchPackageNames: ['postgres'],
      matchUpdateTypes: ['major'],
      enabled: false,
    },
    {
      // Update devDependencies every week, with one grouped PR
      matchDepTypes: 'devDependencies',
      matchUpdateTypes: ['patch', 'minor'],
      excludePackageNames: [
        'typescript', // Typescript has many changes in minor versions, needs to be checked every time
      ],
      groupName: 'devDependencies (non-major)',
      extends: ['schedule:weekly'],
    },
    {
      // Update @types/* packages every week, with one grouped PR
      matchPackagePrefixes: '@types/',
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'DefinitelyTyped types (non-major)',
      extends: ['schedule:weekly'],
      addLabels: ['typescript'],
    },
    // Add labels depending on package manager
    { matchManagers: ['npm', 'nvm'], addLabels: ['javascript'] },
    { matchManagers: ['bundler', 'ruby-version'], addLabels: ['ruby'] },
    { matchManagers: ['docker-compose', 'dockerfile'], addLabels: ['docker'] },
    { matchManagers: ['github-actions'], addLabels: ['github_actions'] },
  ],
 }
--- a/.github/stale.yml
+++ b/.github/stale.yml
@ -1,10 +0,0 @@
 daysUntilStale: 120
 daysUntilClose: 7
 exemptLabels:
  - security
 staleLabel: wontfix
 markComment: >
  This issue has been automatically marked as stale because it has not had
  recent activity. It will be closed if no further activity occurs. Thank you
  for your contributions.
 only: pulls
--- a/.github/stylelint-matcher.json
+++ b/.github/stylelint-matcher.json
@ -1,21 +0,0 @@
 {
  "problemMatcher": [
    {
      "owner": "stylelint",
      "pattern": [
        {
          "regexp": "^([^\\s].*)$",
          "file": 1
        },
        {
          "regexp": "^\\s+((\\d+):(\\d+))?\\s+(✖|×)\\s+(.*)\\s{2,}(.*)$",
          "line": 2,
          "column": 3,
          "message": 5,
          "code": 6,
          "loop": true
        }
      ]
    }
  ]
 }
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@ -1,77 +0,0 @@
 name: Build container image
 on:
  workflow_dispatch:
  push:
    branches:
      - 'main'
    tags:
      - '*'
  pull_request:
    paths:
      - .github/workflows/build-image.yml
      - Dockerfile
 permissions:
  contents: read
  packages: write
 jobs:
  build-image:
    runs-on: ubuntu-latest
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}
      cancel-in-progress: true
    steps:
      - uses: actions/checkout@v3
      - uses: hadolint/hadolint-action@v3.1.0
      - uses: docker/setup-qemu-action@v2
      - uses: docker/setup-buildx-action@v2
      - name: Log in to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
        if: github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request'
      - name: Log in to the Github Container registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
        if: github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request'
      - uses: docker/metadata-action@v4
        id: meta
        with:
          images: |
            tootsuite/mastodon
            ghcr.io/mastodon/mastodon
          flavor: |
            latest=auto
          tags: |
            type=edge,branch=main
            type=pep440,pattern={{raw}}
            type=pep440,pattern=v{{major}}.{{minor}}
            type=ref,event=pr
      - name: Generate version suffix
        id: version_vars
        if: github.repository == 'mastodon/mastodon' && github.event_name == 'push' && github.ref_name == 'main'
        run: |
          echo mastodon_version_suffix=+edge-$(git rev-parse --short HEAD) >> $GITHUB_OUTPUT
      - uses: docker/build-push-action@v4
        with:
          context: .
          build-args: MASTODON_VERSION_SUFFIX=${{ steps.version_vars.outputs.mastodon_version_suffix }}
          platforms: linux/amd64,linux/arm64
          provenance: false
          builder: ${{ steps.buildx.outputs.name }}
          push: ${{ github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
--- a/.github/workflows/build-nightly.yml
+++ b/.github/workflows/build-nightly.yml
@ -1,60 +0,0 @@
 name: Build nightly container image
 on:
  workflow_dispatch:
  schedule:
    - cron: '0 2 * * *' # run at 2 AM UTC
 permissions:
  contents: read
  packages: write
 jobs:
  build-nightly-image:
    runs-on: ubuntu-latest
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}
      cancel-in-progress: true
    steps:
      - uses: actions/checkout@v3
      - uses: hadolint/hadolint-action@v3.1.0
      - uses: docker/setup-qemu-action@v2
      - uses: docker/setup-buildx-action@v2
      - name: Log in to the Github Container registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - uses: docker/metadata-action@v4
        id: meta
        with:
          images: |
            ghcr.io/mastodon/mastodon
          flavor: |
            latest=auto
          tags: |
            type=raw,value=nightly
            type=schedule,pattern=nightly-{{date 'YYYY-MM-DD' tz='Etc/UTC'}}
          labels: |
            org.opencontainers.image.description=Nightly build image used for testing purposes
      - name: Generate version suffix
        id: version_vars
        run: |
          echo mastodon_version_suffix=+nightly-$(date +'%Y%m%d') >> $GITHUB_OUTPUT
      - uses: docker/build-push-action@v4
        with:
          context: .
          build-args: MASTODON_VERSION_SUFFIX=${{ steps.version_vars.outputs.mastodon_version_suffix }}
          platforms: linux/amd64,linux/arm64
          provenance: false
          builder: ${{ steps.buildx.outputs.name }}
          push: ${{ github.repository == 'mastodon/mastodon' && github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@ -1,62 +0,0 @@
 name: Check i18n
 on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
 env:
  RAILS_ENV: test
 permissions:
  contents: read
 jobs:
  check-i18n:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v3
      - name: Install system dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Check for missing strings in English JSON
        run: |
          yarn i18n:extract --throws
          git diff --exit-code
      - name: Check locale file normalization
        run: bundle exec i18n-tasks check-normalized
      - name: Check for unused strings
        run: bundle exec i18n-tasks unused
      - name: Check for missing strings in English YML
        run: |
          bundle exec i18n-tasks add-missing -l en
          git diff --exit-code
      - name: Check for wrong string interpolations
        run: bundle exec i18n-tasks check-consistent-interpolations
      - name: Check that all required locale files exist
        run: bundle exec rake repo:check_locales_files
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -1,62 +0,0 @@
 name: 'CodeQL'
 on:
  push:
    branches: ['main']
  pull_request:
    # The branches below must be a subset of the branches above
    branches: ['main']
  schedule:
    - cron: '22 6 * * 1'
 jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: ['javascript', 'ruby']
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v2
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
          # By default, queries listed here will override any specified in a config file.
          # Prefix the list here with "+" to use these queries and those in the config file.
          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
          # queries: security-extended,security-and-quality
      # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
        uses: github/codeql-action/autobuild@v2
      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
      #   If the Autobuild fails above, remove it and uncomment the following three lines.
      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
      # - run: |
      #   echo "Run, Build Application using script"
      #   ./location_of_script_within_repo/buildscript.sh
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v2
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/haml-lint-problem-matcher.json
+++ b/.github/workflows/haml-lint-problem-matcher.json
@ -1,17 +0,0 @@
 {
  "problemMatcher": [
    {
      "owner": "haml-lint",
      "severity": "warning",
      "pattern": [
        {
          "regexp": "^(.*):(\\d+)\\s\\[W]\\s(.*):\\s(.*)$",
          "file": 1,
          "line": 2,
          "code": 3,
          "message": 4
        }
      ]
    }
  ]
 }
--- a/.github/workflows/lint-css.yml
+++ b/.github/workflows/lint-css.yml
@ -1,52 +0,0 @@
 name: CSS Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
      - '**/*.scss'
      - '.github/workflows/lint-css.yml'
      - '.github/stylelint-matcher.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - uses: xt0rted/stylelint-problem-matcher@v1
      - run: echo "::add-matcher::.github/stylelint-matcher.json"
      - name: Stylelint
        run: yarn lint:sass
--- a/.github/workflows/lint-haml.yml
+++ b/.github/workflows/lint-haml.yml
@ -1,47 +0,0 @@
 name: Haml Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - '.github/workflows/haml-lint-problem-matcher.json'
      - '.github/workflows/lint-haml.yml'
      - '.haml-lint*.yml'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '**/*.haml'
      - 'Gemfile*'
  pull_request:
    paths:
      - '.github/workflows/haml-lint-problem-matcher.json'
      - '.github/workflows/lint-haml.yml'
      - '.haml-lint*.yml'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '**/*.haml'
      - 'Gemfile*'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Run haml-lint
        run: |
          echo "::add-matcher::.github/workflows/haml-lint-problem-matcher.json"
          bundle exec haml-lint
--- a/.github/workflows/lint-js.yml
+++ b/.github/workflows/lint-js.yml
@ -1,55 +0,0 @@
 name: JavaScript Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - 'tsconfig.json'
      - '.nvmrc'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '.github/workflows/lint-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - 'tsconfig.json'
      - '.nvmrc'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '.github/workflows/lint-js.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: ESLint
        run: yarn lint:js --max-warnings 0
      - name: Typecheck
        run: yarn typecheck
--- a/.github/workflows/lint-json.yml
+++ b/.github/workflows/lint-json.yml
@ -1,44 +0,0 @@
 name: JSON Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:json
--- a/.github/workflows/lint-md.yml
+++ b/.github/workflows/lint-md.yml
@ -1,44 +0,0 @@
 name: Markdown Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - '.github/workflows/lint-md.yml'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.md'
      - '!AUTHORS.md'
      - 'package.json'
      - 'yarn.lock'
  pull_request:
    paths:
      - '.github/workflows/lint-md.yml'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.md'
      - '!AUTHORS.md'
      - 'package.json'
      - 'yarn.lock'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:md
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@ -1,50 +0,0 @@
 name: Ruby Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '.bundler-audit.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '.bundler-audit.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Set-up RuboCop Problem Matcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
      - name: Run rubocop
        run: bundle exec rubocop
      - name: Run bundler-audit
        run: bundle exec bundler-audit
--- a/.github/workflows/lint-yml.yml
+++ b/.github/workflows/lint-yml.yml
@ -1,46 +0,0 @@
 name: YML Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:yml
--- a/.github/workflows/rebase-needed.yml
+++ b/.github/workflows/rebase-needed.yml
@ -1,36 +0,0 @@
 name: PR Needs Rebase
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
      - 'l10n_main'
  pull_request_target:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
      - 'l10n_main'
    types: [synchronize]
 permissions:
  pull-requests: write
 jobs:
  label-rebase-needed:
    runs-on: ubuntu-latest
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}
      cancel-in-progress: true
    steps:
      - name: Check for merge conflicts
        uses: eps1lon/actions-label-merge-conflict@releases/2.x
        with:
          dirtyLabel: 'rebase needed :construction:'
          repoToken: '${{ secrets.GITHUB_TOKEN }}'
          commentOnClean: This pull request has resolved merge conflicts and is ready for review.
          commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
          retryMax: 10
          continueOnMissingPermissions: false
--- a/.github/workflows/test-js.yml
+++ b/.github/workflows/test-js.yml
@ -1,48 +0,0 @@
 name: JavaScript Testing
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '**/*.snap'
      - '.github/workflows/test-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '**/*.snap'
      - '.github/workflows/test-js.yml'
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Jest testing
        run: yarn jest --reporters github-actions summary
--- a/.github/workflows/test-migrations-one-step.yml
+++ b/.github/workflows/test-migrations-one-step.yml
@ -1,111 +0,0 @@
 name: Test one step migrations
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
  pull_request:
 jobs:
  pre_job:
    runs-on: ubuntu-latest
    outputs:
      should_skip: ${{ steps.skip_check.outputs.should_skip }}
    steps:
      - id: skip_check
        uses: fkirc/skip-duplicate-actions@v5
        with:
          paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-one-step.yml", "lib/tasks/tests.rake"]'
  test:
    runs-on: ubuntu-latest
    needs: pre_job
    if: needs.pre_job.outputs.should_skip != 'true'
    strategy:
      fail-fast: false
      matrix:
        postgres:
          - 14-alpine
          - 15-alpine
    services:
      postgres:
        image: postgres:${{ matrix.postgres}}
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
    env:
      CONTINUOUS_INTEGRATION: true
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_CLEAN: true
      BUNDLE_FROZEN: true
      BUNDLE_WITHOUT: 'development production'
      BUNDLE_JOBS: 3
      BUNDLE_RETRY: 3
    steps:
      - uses: actions/checkout@v3
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Create database
        run: './bin/rails db:create'
      - name: Run migrations up to v2.0.0
        run: './bin/rails db:migrate VERSION=20171010025614'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2'
      - name: Run migrations up to v2.4.0
        run: './bin/rails db:migrate VERSION=20180514140000'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4'
      - name: Run migrations up to v2.4.3
        run: './bin/rails db:migrate VERSION=20180707154237'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4_3'
      - name: Run all remaining migrations
        run: './bin/rails db:migrate'
      - name: Check migration result
        run: './bin/rails tests:migrations:check_database'
--- a/.github/workflows/test-migrations-two-step.yml
+++ b/.github/workflows/test-migrations-two-step.yml
@ -1,119 +0,0 @@
 name: Test two step migrations
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
  pull_request:
 jobs:
  pre_job:
    runs-on: ubuntu-latest
    outputs:
      should_skip: ${{ steps.skip_check.outputs.should_skip }}
    steps:
      - id: skip_check
        uses: fkirc/skip-duplicate-actions@v5
        with:
          paths: '["Gemfile*", ".ruby-version", "**/*.rb", ".github/workflows/test-migrations-two-step.yml", "lib/tasks/tests.rake"]'
  test:
    runs-on: ubuntu-latest
    needs: pre_job
    if: needs.pre_job.outputs.should_skip != 'true'
    strategy:
      fail-fast: false
      matrix:
        postgres:
          - 14-alpine
          - 15-alpine
    services:
      postgres:
        image: postgres:${{ matrix.postgres}}
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
    env:
      CONTINUOUS_INTEGRATION: true
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_CLEAN: true
      BUNDLE_FROZEN: true
      BUNDLE_WITHOUT: 'development production'
      BUNDLE_JOBS: 3
      BUNDLE_RETRY: 3
    steps:
      - uses: actions/checkout@v3
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Create database
        run: './bin/rails db:create'
      - name: Run migrations up to v2.0.0
        run: './bin/rails db:migrate VERSION=20171010025614'
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2'
      - name: Run pre-deployment migrations up to v2.4.0
        run: './bin/rails db:migrate VERSION=20180514140000'
        env:
          SKIP_POST_DEPLOYMENT_MIGRATIONS: true
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4'
      - name: Run migrations up to v2.4.3
        run: './bin/rails db:migrate VERSION=20180707154237'
        env:
          SKIP_POST_DEPLOYMENT_MIGRATIONS: true
      - name: Populate database with test data
        run: './bin/rails tests:migrations:populate_v2_4_3'
      - name: Run all remaining pre-deployment migrations
        run: './bin/rails db:migrate'
        env:
          SKIP_POST_DEPLOYMENT_MIGRATIONS: true
      - name: Run all post-deployment migrations
        run: './bin/rails db:migrate'
      - name: Check migration result
        run: './bin/rails tests:migrations:check_database'
--- a/.github/workflows/test-ruby.yml
+++ b/.github/workflows/test-ruby.yml
@ -1,151 +0,0 @@
 name: Ruby Testing
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
      - 'renovate/**'
  pull_request:
 env:
  BUNDLE_CLEAN: true
  BUNDLE_FROZEN: true
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: true
      matrix:
        mode:
          - production
          - test
    env:
      RAILS_ENV: ${{ matrix.mode }}
      BUNDLE_WITH: ${{ matrix.mode }}
      OTP_SECRET: precompile_placeholder
      SECRET_KEY_BASE: precompile_placeholder
    steps:
      - uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - run: yarn --frozen-lockfile --production
      - name: Precompile assets
        # Previously had set this, but it's not supported
        # export NODE_OPTIONS=--openssl-legacy-provider
        run: |-
          ./bin/rails assets:precompile
      - uses: actions/upload-artifact@v3
        if: matrix.mode == 'test'
        with:
          path: |-
            ./public/assets
            ./public/packs-test
          name: ${{ github.sha }}
          retention-days: 0
  test:
    runs-on: ubuntu-latest
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      ALLOW_NOPAM: true
      PAM_ENABLED: true
      PAM_DEFAULT_SERVICE: pam_test
      PAM_CONTROLLED_SERVICE: pam_test_controlled
      BUNDLE_WITH: 'pam_authentication test'
      CI_JOBS: ${{ matrix.ci_job }}/4
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.0'
          - '3.1'
          - '.ruby-version'
        ci_job:
          - 1
          - 2
          - 3
          - 4
    steps:
      - uses: actions/checkout@v3
      - uses: actions/download-artifact@v3
        with:
          path: './public'
          name: ${{ github.sha }}
      - name: Update package index
        run: sudo apt-get update
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Install additional system dependencies
        run: sudo apt-get install -y ffmpeg imagemagick libpam-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby-version}}
          bundler-cache: true
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
      - run: bundle exec rake rspec_chunked
--- a/.haml-lint_todo.yml
+++ b/.haml-lint_todo.yml
@ -1,73 +1,23 @@
 # This configuration was generated by
 # `haml-lint --auto-gen-config`
-# on 2023-03-15 00:55:01 -0400 using Haml-Lint version 0.45.0.
+# on 2023-07-20 09:47:50 -0400 using Haml-Lint version 0.48.0.
 # The point is for the user to remove these configuration records
 # one by one as the lints are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of Haml-Lint, may require this file to be generated again.
 linters:
-  # Offense count: 63
+  # Offense count: 951
  RuboCop:
    exclude:
      - 'app/views/accounts/_og.html.haml'
      - 'app/views/admin/account_warnings/_account_warning.html.haml'
      - 'app/views/admin/accounts/index.html.haml'
      - 'app/views/admin/accounts/show.html.haml'
      - 'app/views/admin/announcements/edit.html.haml'
      - 'app/views/admin/announcements/new.html.haml'
      - 'app/views/admin/disputes/appeals/_appeal.html.haml'
      - 'app/views/admin/domain_blocks/edit.html.haml'
      - 'app/views/admin/domain_blocks/new.html.haml'
      - 'app/views/admin/ip_blocks/new.html.haml'
      - 'app/views/admin/reports/actions/preview.html.haml'
      - 'app/views/admin/reports/index.html.haml'
      - 'app/views/admin/reports/show.html.haml'
      - 'app/views/admin/roles/_form.html.haml'
      - 'app/views/admin/settings/about/show.html.haml'
      - 'app/views/admin/settings/appearance/show.html.haml'
      - 'app/views/admin/settings/registrations/show.html.haml'
      - 'app/views/admin/statuses/show.html.haml'
      - 'app/views/auth/registrations/new.html.haml'
      - 'app/views/disputes/strikes/show.html.haml'
      - 'app/views/filters/_filter_fields.html.haml'
      - 'app/views/invites/_form.html.haml'
      - 'app/views/layouts/application.html.haml'
      - 'app/views/layouts/error.html.haml'
      - 'app/views/notification_mailer/_status.html.haml'
      - 'app/views/settings/applications/_fields.html.haml'
      - 'app/views/settings/imports/show.html.haml'
      - 'app/views/settings/preferences/appearance/show.html.haml'
      - 'app/views/settings/preferences/other/show.html.haml'
      - 'app/views/statuses/_detailed_status.html.haml'
      - 'app/views/statuses/_poll.html.haml'
      - 'app/views/statuses/show.html.haml'
      - 'app/views/statuses_cleanup/show.html.haml'
      - 'app/views/user_mailer/warning.html.haml'
  # Offense count: 913
  LineLength:
    enabled: false
  # Offense count: 22
  UnnecessaryStringOutput:
-    exclude:
+    enabled: false
-      - 'app/views/accounts/show.html.haml'
+
-      - 'app/views/admin/custom_emojis/_custom_emoji.html.haml'
+  # Offense count: 57
-      - 'app/views/admin/relays/_relay.html.haml'
+  RuboCop:
-      - 'app/views/admin/rules/_rule.html.haml'
+    enabled: false
      - 'app/views/admin/statuses/index.html.haml'
      - 'app/views/auth/registrations/_sessions.html.haml'
      - 'app/views/disputes/strikes/show.html.haml'
      - 'app/views/notification_mailer/_status.html.haml'
      - 'app/views/settings/two_factor_authentication_methods/index.html.haml'
      - 'app/views/statuses/_detailed_status.html.haml'
      - 'app/views/statuses/_poll.html.haml'
      - 'app/views/statuses/_simple_status.html.haml'
      - 'app/views/user_mailer/suspicious_sign_in.html.haml'
      - 'app/views/user_mailer/webauthn_credential_added.html.haml'
      - 'app/views/user_mailer/webauthn_credential_deleted.html.haml'
      - 'app/views/user_mailer/welcome.html.haml'
  # Offense count: 3
  ViewLength:
@ -76,27 +26,18 @@ linters:
      - 'app/views/admin/reports/show.html.haml'
      - 'app/views/disputes/strikes/show.html.haml'
-  # Offense count: 41
+  # Offense count: 32
  InstanceVariables:
    exclude:
      - 'app/views/admin/reports/_actions.html.haml'
      - 'app/views/admin/roles/_form.html.haml'
      - 'app/views/admin/webhooks/_form.html.haml'
      - 'app/views/auth/registrations/_sessions.html.haml'
      - 'app/views/auth/registrations/_status.html.haml'
      - 'app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml'
      - 'app/views/authorize_interactions/_post_follow_actions.html.haml'
      - 'app/views/invites/_form.html.haml'
      - 'app/views/relationships/_account.html.haml'
      - 'app/views/shared/_og.html.haml'
      - 'app/views/statuses/_status.html.haml'
  # Offense count: 6
  ConsecutiveSilentScripts:
    exclude:
      - 'app/views/admin/settings/shared/_links.html.haml'
      - 'app/views/settings/login_activities/_login_activity.html.haml'
      - 'app/views/statuses/_poll.html.haml'
  # Offense count: 3
  IdNames:
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-16.20
+20.7
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -24,7 +24,6 @@ AllCops:
  Exclude:
    - db/schema.rb
    - 'bin/*'
    - 'Rakefile'
    - 'node_modules/**/*'
    - 'Vagrantfile'
    - 'vendor/**/*'
@ -39,14 +38,7 @@ Layout/FirstHashElementIndentation:
 # Reason: Currently disabled in .rubocop_todo.yml
 # https://docs.rubocop.org/rubocop/cops_layout.html#layoutlinelength
 Layout/LineLength:
-  AllowedPatterns:
+  Max: 320 # Default of 120 causes a duplicate entry in generated todo file
    # Allow comments to be long lines
    - !ruby/regexp / \# .*$/
    - !ruby/regexp /^\# .*$/
  Exclude:
    - 'lib/mastodon/cli/*.rb'
    - db/*migrate/**/*
    - db/seeds/**/*
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_lint.html#lintuselessaccessmodifier
@ -132,12 +124,6 @@ RSpec/FilePath:
  Exclude:
    - 'spec/config/initializers/rack_attack_spec.rb' # namespaces usually have separate folder
    - 'spec/lib/sanitize_config_spec.rb' # namespaces usually have separate folder
    - 'spec/controllers/concerns/account_controller_concern_spec.rb' # Concerns describe ApplicationController and don't fit naming
    - 'spec/controllers/concerns/export_controller_concern_spec.rb'
    - 'spec/controllers/concerns/localized_spec.rb'
    - 'spec/controllers/concerns/rate_limit_headers_spec.rb'
    - 'spec/controllers/concerns/signature_verification_spec.rb'
    - 'spec/controllers/concerns/user_tracking_concern_spec.rb'
 # Reason:
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecnamedsubject
@ -192,6 +178,11 @@ Style/RedundantBegin:
 Style/RescueStandardError:
  EnforcedStyle: implicit
 # Reason: Simplify some spec layouts
 # https://docs.rubocop.org/rubocop/cops_style.html#stylesemicolon
 Style/Semicolon:
  AllowAsExpressionSeparator: true
 # Reason: Originally disabled for CodeClimate, and no config consensus has been found
 # https://docs.rubocop.org/rubocop/cops_style.html#stylesymbolarray
 Style/SymbolArray:
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --no-exclude-limit --no-offense-counts --no-auto-gen-timestamp`
-# using RuboCop version 1.50.2.
+# using RuboCop version 1.56.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@ -28,7 +28,6 @@ Layout/ArgumentAlignment:
 # SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
 Layout/HashAlignment:
  Exclude:
    - 'config/boot.rb'
    - 'config/environments/production.rb'
    - 'config/initializers/rack_attack.rb'
    - 'config/routes.rb'
@ -38,7 +37,14 @@ Layout/HashAlignment:
 Layout/LeadingCommentSpace:
  Exclude:
    - 'config/application.rb'
-    - 'config/initializers/omniauth.rb'
+    - 'config/initializers/3_omniauth.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
 # URISchemes: http, https
 Layout/LineLength:
  Exclude:
    - 'app/models/account.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
@ -48,19 +54,6 @@ Layout/SpaceInLambdaLiteral:
    - 'config/environments/production.rb'
    - 'config/initializers/content_security_policy.rb'
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Lint/AmbiguousBlockAssociation:
  Exclude:
    - 'spec/controllers/admin/account_moderation_notes_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/otp_authentication_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/webauthn_credentials_controller_spec.rb'
    - 'spec/services/activitypub/process_status_update_service_spec.rb'
    - 'spec/services/post_status_service_spec.rb'
    - 'spec/services/suspend_account_service_spec.rb'
    - 'spec/services/unsuspend_account_service_spec.rb'
    - 'spec/workers/scheduler/accounts_statuses_cleanup_scheduler_spec.rb'
 # Configuration parameters: AllowComments, AllowEmptyLambdas.
 Lint/EmptyBlock:
  Exclude:
@ -68,38 +61,8 @@ Lint/EmptyBlock:
    - 'spec/fabricators/access_token_fabricator.rb'
    - 'spec/fabricators/conversation_fabricator.rb'
    - 'spec/fabricators/system_key_fabricator.rb'
    - 'spec/helpers/admin/action_logs_helper_spec.rb'
    - 'spec/lib/activitypub/adapter_spec.rb'
    - 'spec/models/account_alias_spec.rb'
    - 'spec/models/account_deletion_request_spec.rb'
    - 'spec/models/account_moderation_note_spec.rb'
    - 'spec/models/announcement_mute_spec.rb'
    - 'spec/models/announcement_reaction_spec.rb'
    - 'spec/models/announcement_spec.rb'
    - 'spec/models/backup_spec.rb'
    - 'spec/models/conversation_mute_spec.rb'
    - 'spec/models/custom_filter_keyword_spec.rb'
    - 'spec/models/custom_filter_spec.rb'
    - 'spec/models/device_spec.rb'
    - 'spec/models/encrypted_message_spec.rb'
    - 'spec/models/featured_tag_spec.rb'
    - 'spec/models/follow_recommendation_suppression_spec.rb'
    - 'spec/models/list_account_spec.rb'
    - 'spec/models/list_spec.rb'
    - 'spec/models/login_activity_spec.rb'
    - 'spec/models/mute_spec.rb'
    - 'spec/models/preview_card_spec.rb'
    - 'spec/models/preview_card_trend_spec.rb'
    - 'spec/models/relay_spec.rb'
    - 'spec/models/scheduled_status_spec.rb'
    - 'spec/models/status_stat_spec.rb'
    - 'spec/models/status_trend_spec.rb'
    - 'spec/models/system_key_spec.rb'
    - 'spec/models/tag_follow_spec.rb'
    - 'spec/models/unavailable_domain_spec.rb'
    - 'spec/models/user_invite_request_spec.rb'
    - 'spec/models/user_role_spec.rb'
    - 'spec/models/web/setting_spec.rb'
 Lint/NonLocalExitFromIterator:
  Exclude:
@ -110,11 +73,6 @@ Lint/OrAssignmentToConstant:
  Exclude:
    - 'lib/sanitize_ext/sanitize_config.rb'
 # This cop supports safe autocorrection (--autocorrect).
 Lint/SendWithMixinArgument:
  Exclude:
    - 'config/application.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
 Lint/UnusedBlockArgument:
@ -124,13 +82,13 @@ Lint/UnusedBlockArgument:
    - 'config/initializers/paperclip.rb'
    - 'config/initializers/simple_form.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Lint/UselessAssignment:
  Exclude:
    - 'app/services/activitypub/process_status_update_service.rb'
-    - 'config/initializers/omniauth.rb'
+    - 'config/initializers/3_omniauth.rb'
    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
    - 'db/post_migrate/20190511152737_remove_suspended_silenced_account_fields.rb'
    - 'spec/controllers/api/v1/bookmarks_controller_spec.rb'
    - 'spec/controllers/api/v1/favourites_controller_spec.rb'
    - 'spec/controllers/concerns/account_controller_concern_spec.rb'
    - 'spec/helpers/jsonld_helper_spec.rb'
@ -145,14 +103,9 @@ Lint/UselessAssignment:
    - 'spec/services/resolve_url_service_spec.rb'
    - 'spec/views/statuses/show.html.haml_spec.rb'
 # Configuration parameters: CheckForMethodsWithNoSideEffects.
 Lint/Void:
  Exclude:
    - 'spec/services/resolve_account_service_spec.rb'
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
-  Max: 150
+  Max: 144
 # Configuration parameters: CountBlocks, Max.
 Metrics/BlockNesting:
@ -165,30 +118,7 @@ Metrics/CyclomaticComplexity:
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/PerceivedComplexity:
-  Max: 28
+  Max: 27
 Naming/AccessorMethodName:
  Exclude:
    - 'app/controllers/auth/sessions_controller.rb'
 # Configuration parameters: ExpectMatchingDefinition, CheckDefinitionPathHierarchy, CheckDefinitionPathHierarchyRoots, Regex, IgnoreExecutableScripts, AllowedAcronyms.
 # CheckDefinitionPathHierarchyRoots: lib, spec, test, src
 # AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS
 Naming/FileName:
  Exclude:
    - 'config/locales/sr-Latn.rb'
 # Configuration parameters: EnforcedStyleForLeadingUnderscores.
 # SupportedStylesForLeadingUnderscores: disallowed, required, optional
 Naming/MemoizedInstanceVariableName:
  Exclude:
    - 'app/controllers/api/v1/bookmarks_controller.rb'
    - 'app/controllers/api/v1/favourites_controller.rb'
    - 'app/controllers/concerns/rate_limit_headers.rb'
    - 'app/lib/activitypub/activity.rb'
    - 'app/services/resolve_url_service.rb'
    - 'app/services/search_service.rb'
    - 'config/initializers/rack_attack.rb'
 # Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
 # SupportedStyles: snake_case, normalcase, non_integer
@ -200,22 +130,22 @@ Naming/VariableNumber:
    - 'db/migrate/20190820003045_update_statuses_index.rb'
    - 'db/migrate/20190823221802_add_local_index_to_statuses.rb'
    - 'db/migrate/20200119112504_add_public_index_to_statuses.rb'
    - 'spec/controllers/activitypub/followers_synchronizations_controller_spec.rb'
    - 'spec/lib/feed_manager_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/concerns/account_interactions_spec.rb'
    - 'spec/models/custom_emoji_filter_spec.rb'
    - 'spec/models/domain_block_spec.rb'
    - 'spec/models/user_spec.rb'
    - 'spec/services/activitypub/fetch_featured_collection_service_spec.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
-Performance/UnfreezeString:
+# Configuration parameters: SafeMultiline.
 Performance/DeletePrefix:
  Exclude:
-    - 'app/lib/rss/builder.rb'
+    - 'app/models/featured_tag.rb'
-    - 'app/lib/text_formatter.rb'
+
-    - 'app/validators/status_length_validator.rb'
+Performance/MapMethodChain:
-    - 'lib/tasks/mastodon.rake'
+  Exclude:
    - 'app/models/feed.rb'
    - 'lib/mastodon/cli/maintenance.rb'
    - 'spec/services/bulk_import_service_spec.rb'
    - 'spec/services/import_service_spec.rb'
 RSpec/AnyInstance:
  Exclude:
@ -232,46 +162,10 @@ RSpec/AnyInstance:
    - 'spec/models/account_spec.rb'
    - 'spec/models/setting_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/validators/blacklisted_email_validator_spec.rb'
    - 'spec/validators/follow_limit_validator_spec.rb'
    - 'spec/workers/activitypub/delivery_worker_spec.rb'
    - 'spec/workers/web/push_notification_worker_spec.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 RSpec/EmptyExampleGroup:
  Exclude:
    - 'spec/helpers/admin/action_logs_helper_spec.rb'
    - 'spec/models/account_alias_spec.rb'
    - 'spec/models/account_deletion_request_spec.rb'
    - 'spec/models/account_moderation_note_spec.rb'
    - 'spec/models/announcement_mute_spec.rb'
    - 'spec/models/announcement_reaction_spec.rb'
    - 'spec/models/announcement_spec.rb'
    - 'spec/models/backup_spec.rb'
    - 'spec/models/conversation_mute_spec.rb'
    - 'spec/models/custom_filter_keyword_spec.rb'
    - 'spec/models/custom_filter_spec.rb'
    - 'spec/models/device_spec.rb'
    - 'spec/models/encrypted_message_spec.rb'
    - 'spec/models/featured_tag_spec.rb'
    - 'spec/models/follow_recommendation_suppression_spec.rb'
    - 'spec/models/list_account_spec.rb'
    - 'spec/models/list_spec.rb'
    - 'spec/models/login_activity_spec.rb'
    - 'spec/models/mute_spec.rb'
    - 'spec/models/preview_card_spec.rb'
    - 'spec/models/preview_card_trend_spec.rb'
    - 'spec/models/relay_spec.rb'
    - 'spec/models/scheduled_status_spec.rb'
    - 'spec/models/status_stat_spec.rb'
    - 'spec/models/status_trend_spec.rb'
    - 'spec/models/system_key_spec.rb'
    - 'spec/models/tag_follow_spec.rb'
    - 'spec/models/unavailable_domain_spec.rb'
    - 'spec/models/user_invite_request_spec.rb'
    - 'spec/models/web/setting_spec.rb'
    - 'spec/services/unmute_service_spec.rb'
 # Configuration parameters: CountAsOne.
 RSpec/ExampleLength:
  Max: 22
@ -289,7 +183,6 @@ RSpec/HookArgument:
    - 'spec/serializers/activitypub/note_serializer_spec.rb'
    - 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
    - 'spec/services/import_service_spec.rb'
    - 'spec/spec_helper.rb'
 # Configuration parameters: AssignmentOnly.
 RSpec/InstanceVariable:
@ -320,15 +213,11 @@ RSpec/LetSetup:
    - 'spec/controllers/admin/statuses_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/statuses_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/domain_allows_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/domain_blocks_controller_spec.rb'
    - 'spec/controllers/api/v1/filters_controller_spec.rb'
    - 'spec/controllers/api/v1/followed_tags_controller_spec.rb'
    - 'spec/controllers/api/v1/tags_controller_spec.rb'
    - 'spec/controllers/api/v2/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/keywords_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/statuses_controller_spec.rb'
    - 'spec/controllers/api/v2/filters_controller_spec.rb'
    - 'spec/controllers/auth/confirmations_controller_spec.rb'
    - 'spec/controllers/auth/passwords_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
@ -338,6 +227,7 @@ RSpec/LetSetup:
    - 'spec/controllers/oauth/tokens_controller_spec.rb'
    - 'spec/controllers/settings/imports_controller_spec.rb'
    - 'spec/lib/activitypub/activity/delete_spec.rb'
    - 'spec/lib/vacuum/applications_vacuum_spec.rb'
    - 'spec/lib/vacuum/preview_cards_vacuum_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/account_statuses_cleanup_policy_spec.rb'
@ -361,7 +251,6 @@ RSpec/LetSetup:
    - 'spec/services/suspend_account_service_spec.rb'
    - 'spec/services/unallow_domain_service_spec.rb'
    - 'spec/services/unsuspend_account_service_spec.rb'
    - 'spec/workers/scheduler/accounts_statuses_cleanup_scheduler_spec.rb'
    - 'spec/workers/scheduler/user_cleanup_scheduler_spec.rb'
 RSpec/MessageChain:
@ -376,11 +265,7 @@ RSpec/MessageChain:
 RSpec/MessageSpies:
  Exclude:
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/base_controller_spec.rb'
    - 'spec/controllers/auth/registrations_controller_spec.rb'
    - 'spec/helpers/admin/account_moderation_notes_helper_spec.rb'
    - 'spec/helpers/application_helper_spec.rb'
    - 'spec/lib/status_finder_spec.rb'
    - 'spec/lib/webfinger_resource_spec.rb'
    - 'spec/models/admin/account_action_spec.rb'
    - 'spec/models/concerns/remotable_spec.rb'
@ -394,7 +279,7 @@ RSpec/MessageSpies:
    - 'spec/validators/status_length_validator_spec.rb'
 RSpec/MultipleExpectations:
-  Max: 19
+  Max: 8
 # Configuration parameters: AllowSubject.
 RSpec/MultipleMemoizedHelpers:
@ -404,133 +289,13 @@ RSpec/MultipleMemoizedHelpers:
 RSpec/NestedGroups:
  Max: 6
 RSpec/PendingWithoutReason:
  Exclude:
    - 'spec/models/account_spec.rb'
 RSpec/StubbedMock:
  Exclude:
    - 'spec/controllers/api/base_controller_spec.rb'
    - 'spec/controllers/api/v1/media_controller_spec.rb'
    - 'spec/controllers/auth/registrations_controller_spec.rb'
    - 'spec/helpers/application_helper_spec.rb'
    - 'spec/lib/status_filter_spec.rb'
    - 'spec/lib/status_finder_spec.rb'
    - 'spec/lib/webfinger_resource_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
 RSpec/SubjectDeclaration:
  Exclude:
    - 'spec/controllers/admin/domain_blocks_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/domain_blocks_controller_spec.rb'
    - 'spec/models/account_migration_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/relationship_filter_spec.rb'
    - 'spec/models/user_role_spec.rb'
    - 'spec/policies/account_moderation_note_policy_spec.rb'
    - 'spec/policies/account_policy_spec.rb'
    - 'spec/policies/backup_policy_spec.rb'
    - 'spec/policies/custom_emoji_policy_spec.rb'
    - 'spec/policies/domain_block_policy_spec.rb'
    - 'spec/policies/email_domain_block_policy_spec.rb'
    - 'spec/policies/instance_policy_spec.rb'
    - 'spec/policies/invite_policy_spec.rb'
    - 'spec/policies/relay_policy_spec.rb'
    - 'spec/policies/report_note_policy_spec.rb'
    - 'spec/policies/report_policy_spec.rb'
    - 'spec/policies/settings_policy_spec.rb'
    - 'spec/policies/tag_policy_spec.rb'
    - 'spec/policies/user_policy_spec.rb'
    - 'spec/services/activitypub/process_account_service_spec.rb'
 RSpec/SubjectStub:
  Exclude:
    - 'spec/services/unallow_domain_service_spec.rb'
    - 'spec/validators/blacklisted_email_validator_spec.rb'
 # Configuration parameters: IgnoreNameless, IgnoreSymbolicNames.
 RSpec/VerifiedDoubles:
  Exclude:
    - 'spec/controllers/admin/change_emails_controller_spec.rb'
    - 'spec/controllers/admin/confirmations_controller_spec.rb'
    - 'spec/controllers/admin/disputes/appeals_controller_spec.rb'
    - 'spec/controllers/admin/domain_allows_controller_spec.rb'
    - 'spec/controllers/admin/domain_blocks_controller_spec.rb'
    - 'spec/controllers/api/v1/reports_controller_spec.rb'
    - 'spec/controllers/api/web/embeds_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
    - 'spec/controllers/disputes/appeals_controller_spec.rb'
    - 'spec/helpers/statuses_helper_spec.rb'
    - 'spec/lib/suspicious_sign_in_detector_spec.rb'
    - 'spec/models/account/field_spec.rb'
    - 'spec/models/session_activation_spec.rb'
    - 'spec/models/setting_spec.rb'
    - 'spec/services/account_search_service_spec.rb'
    - 'spec/services/post_status_service_spec.rb'
    - 'spec/services/search_service_spec.rb'
    - 'spec/validators/blacklisted_email_validator_spec.rb'
    - 'spec/validators/disallowed_hashtags_validator_spec.rb'
    - 'spec/validators/email_mx_validator_spec.rb'
    - 'spec/validators/follow_limit_validator_spec.rb'
    - 'spec/validators/note_length_validator_spec.rb'
    - 'spec/validators/poll_validator_spec.rb'
    - 'spec/validators/status_length_validator_spec.rb'
    - 'spec/validators/status_pin_validator_spec.rb'
    - 'spec/validators/unique_username_validator_spec.rb'
    - 'spec/validators/unreserved_username_validator_spec.rb'
    - 'spec/validators/url_validator_spec.rb'
    - 'spec/views/statuses/show.html.haml_spec.rb'
    - 'spec/workers/activitypub/processing_worker_spec.rb'
    - 'spec/workers/admin/domain_purge_worker_spec.rb'
    - 'spec/workers/domain_block_worker_spec.rb'
    - 'spec/workers/domain_clear_media_worker_spec.rb'
    - 'spec/workers/feed_insert_worker_spec.rb'
    - 'spec/workers/regeneration_worker_spec.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Rails/ApplicationController:
  Exclude:
    - 'app/controllers/health_controller.rb'
 # Configuration parameters: Database, Include.
 # SupportedDatabases: mysql, postgresql
 # Include: db/migrate/*.rb
 Rails/BulkChangeTable:
  Exclude:
    - 'db/migrate/20160222143943_add_profile_fields_to_accounts.rb'
    - 'db/migrate/20160223162837_add_metadata_to_statuses.rb'
    - 'db/migrate/20160305115639_add_devise_to_users.rb'
    - 'db/migrate/20160314164231_add_owner_to_application.rb'
    - 'db/migrate/20160926213048_remove_owner_from_application.rb'
    - 'db/migrate/20161003142332_add_confirmable_to_users.rb'
    - 'db/migrate/20170112154826_migrate_settings.rb'
    - 'db/migrate/20170127165745_add_devise_two_factor_to_users.rb'
    - 'db/migrate/20170322143850_change_primary_key_to_bigint_on_statuses.rb'
    - 'db/migrate/20170330021336_add_counter_caches.rb'
    - 'db/migrate/20170425202925_add_oembed_to_preview_cards.rb'
    - 'db/migrate/20170427011934_re_add_owner_to_application.rb'
    - 'db/migrate/20170520145338_change_language_filter_to_opt_out.rb'
    - 'db/migrate/20170624134742_add_description_to_session_activations.rb'
    - 'db/migrate/20170718211102_add_activitypub_to_accounts.rb'
    - 'db/migrate/20171006142024_add_uri_to_custom_emojis.rb'
    - 'db/migrate/20180812123222_change_relays_enabled.rb'
    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
    - 'db/migrate/20190805123746_add_capabilities_to_tags.rb'
    - 'db/migrate/20190807135426_add_comments_to_domain_blocks.rb'
    - 'db/migrate/20190815225426_add_last_status_at_to_tags.rb'
    - 'db/migrate/20190901035623_add_max_score_to_tags.rb'
    - 'db/migrate/20200417125749_add_storage_schema_version.rb'
    - 'db/migrate/20200608113046_add_sign_in_token_to_users.rb'
    - 'db/migrate/20211112011713_add_language_to_preview_cards.rb'
    - 'db/migrate/20211231080958_add_category_to_reports.rb'
    - 'db/migrate/20220202200743_add_trendable_to_accounts.rb'
    - 'db/migrate/20220224010024_add_ips_to_email_domain_blocks.rb'
    - 'db/migrate/20220227041951_add_last_used_at_to_oauth_access_tokens.rb'
    - 'db/migrate/20220303000827_add_ordered_media_attachment_ids_to_status_edits.rb'
    - 'db/migrate/20220824164433_add_human_identifier_to_admin_action_logs.rb'
 # Configuration parameters: Include.
-# Include: db/migrate/*.rb
+# Include: db/**/*.rb
 Rails/CreateTableWithTimestamps:
  Exclude:
    - 'db/migrate/20170508230434_create_conversation_mutes.rb'
@ -597,7 +362,6 @@ Rails/NegateInclude:
    - 'app/models/concerns/attachmentable.rb'
    - 'app/models/concerns/remotable.rb'
    - 'app/models/custom_filter.rb'
    - 'app/models/webhook.rb'
    - 'app/services/activitypub/process_status_update_service.rb'
    - 'app/services/fetch_link_card_service.rb'
    - 'app/services/search_service.rb'
@ -767,11 +531,8 @@ Rails/WhereExists:
    - 'app/workers/move_worker.rb'
    - 'db/migrate/20190529143559_preserve_old_layout_for_existing_users.rb'
    - 'lib/tasks/tests.rake'
    - 'spec/controllers/api/v1/accounts/notes_controller_spec.rb'
    - 'spec/controllers/api/v1/tags_controller_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/services/post_status_service_spec.rb'
    - 'spec/services/purge_domain_service_spec.rb'
    - 'spec/services/unallow_domain_service_spec.rb'
@ -793,6 +554,7 @@ Style/ClassVars:
  Exclude:
    - 'config/initializers/devise.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/CombinableLoops:
  Exclude:
    - 'app/models/form/custom_emoji_batch.rb'
@ -806,12 +568,12 @@ Style/FetchEnvVar:
    - 'app/lib/translation_service.rb'
    - 'config/environments/development.rb'
    - 'config/environments/production.rb'
-    - 'config/initializers/2_whitelist_mode.rb'
+    - 'config/initializers/2_limited_federation_mode.rb'
    - 'config/initializers/3_omniauth.rb'
    - 'config/initializers/blacklists.rb'
    - 'config/initializers/cache_buster.rb'
    - 'config/initializers/content_security_policy.rb'
    - 'config/initializers/devise.rb'
    - 'config/initializers/omniauth.rb'
    - 'config/initializers/paperclip.rb'
    - 'config/initializers/vapid.rb'
    - 'lib/mastodon/premailer_webpack_strategy.rb'
@ -829,406 +591,6 @@ Style/FormatStringToken:
    - 'config/initializers/devise.rb'
    - 'lib/paperclip/color_extractor.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: always, always_true, never
 Style/FrozenStringLiteralComment:
  Exclude:
    - 'app/views/accounts/show.rss.ruby'
    - 'app/views/tags/show.rss.ruby'
    - 'app/views/well_known/host_meta/show.xml.ruby'
    - 'config/application.rb'
    - 'config/boot.rb'
    - 'config/environment.rb'
    - 'config/environments/development.rb'
    - 'config/environments/production.rb'
    - 'config/environments/test.rb'
    - 'config/initializers/0_post_deployment_migrations.rb'
    - 'config/initializers/active_model_serializers.rb'
    - 'config/initializers/application_controller_renderer.rb'
    - 'config/initializers/assets.rb'
    - 'config/initializers/backtrace_silencers.rb'
    - 'config/initializers/cache_logging.rb'
    - 'config/initializers/chewy.rb'
    - 'config/initializers/content_security_policy.rb'
    - 'config/initializers/cookies_serializer.rb'
    - 'config/initializers/cors.rb'
    - 'config/initializers/devise.rb'
    - 'config/initializers/doorkeeper.rb'
    - 'config/initializers/fast_blank.rb'
    - 'config/initializers/ffmpeg.rb'
    - 'config/initializers/filter_parameter_logging.rb'
    - 'config/initializers/http_client_proxy.rb'
    - 'config/initializers/httplog.rb'
    - 'config/initializers/inflections.rb'
    - 'config/initializers/mail_delivery_job.rb'
    - 'config/initializers/makara.rb'
    - 'config/initializers/mime_types.rb'
    - 'config/initializers/oj.rb'
    - 'config/initializers/omniauth.rb'
    - 'config/initializers/open_uri_redirection.rb'
    - 'config/initializers/permissions_policy.rb'
    - 'config/initializers/pghero.rb'
    - 'config/initializers/preload_link_headers.rb'
    - 'config/initializers/premailer_rails.rb'
    - 'config/initializers/rack_attack_logging.rb'
    - 'config/initializers/redis.rb'
    - 'config/initializers/session_store.rb'
    - 'config/initializers/simple_form.rb'
    - 'config/initializers/stoplight.rb'
    - 'config/initializers/trusted_proxies.rb'
    - 'config/initializers/twitter_regex.rb'
    - 'config/initializers/webauthn.rb'
    - 'config/initializers/wrap_parameters.rb'
    - 'config/locales/sr-Latn.rb'
    - 'config/locales/sr.rb'
    - 'config/puma.rb'
    - 'db/migrate/20160220174730_create_accounts.rb'
    - 'db/migrate/20160220211917_create_statuses.rb'
    - 'db/migrate/20160221003140_create_users.rb'
    - 'db/migrate/20160221003621_create_follows.rb'
    - 'db/migrate/20160222122600_create_stream_entries.rb'
    - 'db/migrate/20160222143943_add_profile_fields_to_accounts.rb'
    - 'db/migrate/20160223162837_add_metadata_to_statuses.rb'
    - 'db/migrate/20160223164502_make_uris_nullable_in_statuses.rb'
    - 'db/migrate/20160223165723_add_url_to_statuses.rb'
    - 'db/migrate/20160223165855_add_url_to_accounts.rb'
    - 'db/migrate/20160223171800_create_favourites.rb'
    - 'db/migrate/20160224223247_create_mentions.rb'
    - 'db/migrate/20160227230233_add_attachment_avatar_to_accounts.rb'
    - 'db/migrate/20160305115639_add_devise_to_users.rb'
    - 'db/migrate/20160306172223_create_doorkeeper_tables.rb'
    - 'db/migrate/20160312193225_add_attachment_header_to_accounts.rb'
    - 'db/migrate/20160314164231_add_owner_to_application.rb'
    - 'db/migrate/20160316103650_add_missing_indices.rb'
    - 'db/migrate/20160322193748_add_avatar_remote_url_to_accounts.rb'
    - 'db/migrate/20160325130944_add_admin_to_users.rb'
    - 'db/migrate/20160826155805_add_superapp_to_oauth_applications.rb'
    - 'db/migrate/20160905150353_create_media_attachments.rb'
    - 'db/migrate/20160919221059_add_subscription_expires_at_to_accounts.rb'
    - 'db/migrate/20160920003904_remove_verify_token_from_accounts.rb'
    - 'db/migrate/20160926213048_remove_owner_from_application.rb'
    - 'db/migrate/20161003142332_add_confirmable_to_users.rb'
    - 'db/migrate/20161003145426_create_blocks.rb'
    - 'db/migrate/20161006213403_rails_settings_migration.rb'
    - 'db/migrate/20161009120834_create_domain_blocks.rb'
    - 'db/migrate/20161027172456_add_silenced_to_accounts.rb'
    - 'db/migrate/20161104173623_create_tags.rb'
    - 'db/migrate/20161105130633_create_statuses_tags_join_table.rb'
    - 'db/migrate/20161116162355_add_locale_to_users.rb'
    - 'db/migrate/20161119211120_create_notifications.rb'
    - 'db/migrate/20161122163057_remove_unneeded_indexes.rb'
    - 'db/migrate/20161123093447_add_sensitive_to_statuses.rb'
    - 'db/migrate/20161128103007_create_subscriptions.rb'
    - 'db/migrate/20161130142058_add_last_successful_delivery_at_to_subscriptions.rb'
    - 'db/migrate/20161130185319_add_visibility_to_statuses.rb'
    - 'db/migrate/20161202132159_add_in_reply_to_account_id_to_statuses.rb'
    - 'db/migrate/20161203164520_add_from_account_id_to_notifications.rb'
    - 'db/migrate/20161205214545_add_suspended_to_accounts.rb'
    - 'db/migrate/20161221152630_add_hidden_to_stream_entries.rb'
    - 'db/migrate/20161222201034_add_locked_to_accounts.rb'
    - 'db/migrate/20161222204147_create_follow_requests.rb'
    - 'db/migrate/20170105224407_add_shortcode_to_media_attachments.rb'
    - 'db/migrate/20170109120109_create_web_settings.rb'
    - 'db/migrate/20170112154826_migrate_settings.rb'
    - 'db/migrate/20170114194937_add_application_to_statuses.rb'
    - 'db/migrate/20170114203041_add_website_to_oauth_application.rb'
    - 'db/migrate/20170119214911_create_preview_cards.rb'
    - 'db/migrate/20170123162658_add_severity_to_domain_blocks.rb'
    - 'db/migrate/20170123203248_add_reject_media_to_domain_blocks.rb'
    - 'db/migrate/20170125145934_add_spoiler_text_to_statuses.rb'
    - 'db/migrate/20170127165745_add_devise_two_factor_to_users.rb'
    - 'db/migrate/20170205175257_remove_devices.rb'
    - 'db/migrate/20170209184350_add_reply_to_statuses.rb'
    - 'db/migrate/20170214110202_create_reports.rb'
    - 'db/migrate/20170217012631_add_reblog_of_id_foreign_key_to_statuses.rb'
    - 'db/migrate/20170301222600_create_mutes.rb'
    - 'db/migrate/20170303212857_add_last_emailed_at_to_users.rb'
    - 'db/migrate/20170304202101_add_type_to_media_attachments.rb'
    - 'db/migrate/20170317193015_add_search_index_to_accounts.rb'
    - 'db/migrate/20170318214217_add_header_remote_url_to_accounts.rb'
    - 'db/migrate/20170322021028_add_lowercase_index_to_accounts.rb'
    - 'db/migrate/20170322143850_change_primary_key_to_bigint_on_statuses.rb'
    - 'db/migrate/20170322162804_add_search_index_to_tags.rb'
    - 'db/migrate/20170330021336_add_counter_caches.rb'
    - 'db/migrate/20170330163835_create_imports.rb'
    - 'db/migrate/20170330164118_add_attachment_data_to_imports.rb'
    - 'db/migrate/20170403172249_add_action_taken_by_account_id_to_reports.rb'
    - 'db/migrate/20170405112956_add_index_on_mentions_status_id.rb'
    - 'db/migrate/20170406215816_add_notifications_and_favourites_indices.rb'
    - 'db/migrate/20170409170753_add_last_webfingered_at_to_accounts.rb'
    - 'db/migrate/20170414080609_add_devise_two_factor_backupable_to_users.rb'
    - 'db/migrate/20170414132105_add_language_to_statuses.rb'
    - 'db/migrate/20170418160728_add_indexes_to_reports_for_accounts.rb'
    - 'db/migrate/20170423005413_add_allowed_languages_to_user.rb'
    - 'db/migrate/20170424003227_create_account_domain_blocks.rb'
    - 'db/migrate/20170424112722_add_status_id_index_to_statuses_tags.rb'
    - 'db/migrate/20170425131920_add_media_attachment_meta.rb'
    - 'db/migrate/20170425202925_add_oembed_to_preview_cards.rb'
    - 'db/migrate/20170427011934_re_add_owner_to_application.rb'
    - 'db/migrate/20170506235850_create_conversations.rb'
    - 'db/migrate/20170507000211_add_conversation_id_to_statuses.rb'
    - 'db/migrate/20170507141759_optimize_index_subscriptions.rb'
    - 'db/migrate/20170508230434_create_conversation_mutes.rb'
    - 'db/migrate/20170516072309_add_index_accounts_on_uri.rb'
    - 'db/migrate/20170520145338_change_language_filter_to_opt_out.rb'
    - 'db/migrate/20170601210557_add_index_on_media_attachments_account_id.rb'
    - 'db/migrate/20170604144747_add_foreign_keys_for_accounts.rb'
    - 'db/migrate/20170606113804_change_tag_search_index_to_btree.rb'
    - 'db/migrate/20170609145826_remove_default_language_from_statuses.rb'
    - 'db/migrate/20170610000000_add_statuses_index_on_account_id_id.rb'
    - 'db/migrate/20170623152212_create_session_activations.rb'
    - 'db/migrate/20170624134742_add_description_to_session_activations.rb'
    - 'db/migrate/20170625140443_add_access_token_id_to_session_activations.rb'
    - 'db/migrate/20170711225116_fix_null_booleans.rb'
    - 'db/migrate/20170713112503_make_tag_search_case_insensitive.rb'
    - 'db/migrate/20170713175513_create_web_push_subscriptions.rb'
    - 'db/migrate/20170713190709_add_web_push_subscription_to_session_activations.rb'
    - 'db/migrate/20170714184731_add_domain_to_subscriptions.rb'
    - 'db/migrate/20170716191202_add_hide_notifications_to_mute.rb'
    - 'db/migrate/20170718211102_add_activitypub_to_accounts.rb'
    - 'db/migrate/20170720000000_add_index_favourites_on_account_id_and_id.rb'
    - 'db/migrate/20170823162448_create_status_pins.rb'
    - 'db/migrate/20170824103029_add_timestamps_to_status_pins.rb'
    - 'db/migrate/20170829215220_remove_status_pins_account_index.rb'
    - 'db/migrate/20170901141119_truncate_preview_cards.rb'
    - 'db/migrate/20170901142658_create_join_table_preview_cards_statuses.rb'
    - 'db/migrate/20170905044538_add_index_id_account_id_activity_type_on_notifications.rb'
    - 'db/migrate/20170905165803_add_local_to_statuses.rb'
    - 'db/migrate/20170913000752_create_site_uploads.rb'
    - 'db/migrate/20170917153509_create_custom_emojis.rb'
    - 'db/migrate/20170918125918_ids_to_bigints.rb'
    - 'db/migrate/20170920024819_status_ids_to_timestamp_ids.rb'
    - 'db/migrate/20170920032311_fix_reblogs_in_feeds.rb'
    - 'db/migrate/20170924022025_ids_to_bigints2.rb'
    - 'db/migrate/20170927215609_add_description_to_media_attachments.rb'
    - 'db/migrate/20170928082043_create_email_domain_blocks.rb'
    - 'db/migrate/20171005102658_create_account_moderation_notes.rb'
    - 'db/migrate/20171005171936_add_disabled_to_custom_emojis.rb'
    - 'db/migrate/20171006142024_add_uri_to_custom_emojis.rb'
    - 'db/migrate/20171010023049_add_foreign_key_to_account_moderation_notes.rb'
    - 'db/migrate/20171010025614_change_accounts_nonnullable_in_account_moderation_notes.rb'
    - 'db/migrate/20171020084748_add_visible_in_picker_to_custom_emoji.rb'
    - 'db/migrate/20171028221157_add_reblogs_to_follows.rb'
    - 'db/migrate/20171107143332_add_memorial_to_accounts.rb'
    - 'db/migrate/20171107143624_add_disabled_to_users.rb'
    - 'db/migrate/20171109012327_add_moderator_to_accounts.rb'
    - 'db/migrate/20171114080328_add_index_domain_to_email_domain_blocks.rb'
    - 'db/migrate/20171114231651_create_lists.rb'
    - 'db/migrate/20171116161857_create_list_accounts.rb'
    - 'db/migrate/20171118012443_add_moved_to_account_id_to_accounts.rb'
    - 'db/migrate/20171119172437_create_admin_action_logs.rb'
    - 'db/migrate/20171122120436_add_index_account_and_reblog_of_id_to_statuses.rb'
    - 'db/migrate/20171125024930_create_invites.rb'
    - 'db/migrate/20171125031751_add_invite_id_to_users.rb'
    - 'db/migrate/20171125185353_add_index_reblog_of_id_and_account_to_statuses.rb'
    - 'db/migrate/20171125190735_remove_old_reblog_index_on_statuses.rb'
    - 'db/migrate/20171129172043_add_index_on_stream_entries.rb'
    - 'db/migrate/20171130000000_add_embed_url_to_preview_cards.rb'
    - 'db/migrate/20171201000000_change_account_id_nonnullable_in_lists.rb'
    - 'db/migrate/20171212195226_remove_duplicate_indexes_in_lists.rb'
    - 'db/migrate/20171226094803_more_faster_index_on_notifications.rb'
    - 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
    - 'db/migrate/20180109143959_add_remember_token_to_users.rb'
    - 'db/migrate/20180204034416_create_identities.rb'
    - 'db/migrate/20180206000000_change_user_id_nonnullable.rb'
    - 'db/migrate/20180211015820_create_backups.rb'
    - 'db/migrate/20180304013859_add_featured_collection_url_to_accounts.rb'
    - 'db/migrate/20180310000000_change_columns_in_notifications_nonnullable.rb'
    - 'db/migrate/20180402031200_add_assigned_account_id_to_reports.rb'
    - 'db/migrate/20180402040909_create_report_notes.rb'
    - 'db/migrate/20180410204633_add_fields_to_accounts.rb'
    - 'db/migrate/20180416210259_add_uri_to_relationships.rb'
    - 'db/migrate/20180506221944_add_actor_type_to_accounts.rb'
    - 'db/migrate/20180510214435_add_access_token_id_to_web_push_subscriptions.rb'
    - 'db/migrate/20180510230049_migrate_web_push_subscriptions.rb'
    - 'db/migrate/20180528141303_fix_accounts_unique_index.rb'
    - 'db/migrate/20180608213548_reject_following_blocked_users.rb'
    - 'db/migrate/20180609104432_migrate_web_push_subscriptions2.rb'
    - 'db/migrate/20180615122121_add_autofollow_to_invites.rb'
    - 'db/migrate/20180616192031_add_chosen_languages_to_users.rb'
    - 'db/migrate/20180617162849_remove_unused_indexes.rb'
    - 'db/migrate/20180628181026_create_custom_filters.rb'
    - 'db/migrate/20180707154237_add_whole_word_to_custom_filter.rb'
    - 'db/migrate/20180711152640_create_relays.rb'
    - 'db/migrate/20180808175627_create_account_pins.rb'
    - 'db/migrate/20180812123222_change_relays_enabled.rb'
    - 'db/migrate/20180812162710_create_status_stats.rb'
    - 'db/migrate/20180812173710_copy_status_stats.rb'
    - 'db/migrate/20180814171349_add_confidential_to_doorkeeper_application.rb'
    - 'db/migrate/20180831171112_create_bookmarks.rb'
    - 'db/migrate/20180929222014_create_account_conversations.rb'
    - 'db/migrate/20181007025445_create_pghero_space_stats.rb'
    - 'db/migrate/20181010141500_add_silent_to_mentions.rb'
    - 'db/migrate/20181017170937_add_reject_reports_to_domain_blocks.rb'
    - 'db/migrate/20181018205649_add_unread_to_account_conversations.rb'
    - 'db/migrate/20181024224956_migrate_account_conversations.rb'
    - 'db/migrate/20181026034033_remove_faux_remote_account_duplicates.rb'
    - 'db/migrate/20181116165755_create_account_stats.rb'
    - 'db/migrate/20181116173541_copy_account_stats.rb'
    - 'db/migrate/20181127130500_identity_id_to_bigint.rb'
    - 'db/migrate/20181127165847_add_show_replies_to_lists.rb'
    - 'db/migrate/20181203003808_create_accounts_tags_join_table.rb'
    - 'db/migrate/20181203021853_add_discoverable_to_accounts.rb'
    - 'db/migrate/20181204193439_add_last_status_at_to_account_stats.rb'
    - 'db/migrate/20181204215309_create_account_tag_stats.rb'
    - 'db/migrate/20181207011115_downcase_custom_emoji_domains.rb'
    - 'db/migrate/20181213184704_create_account_warnings.rb'
    - 'db/migrate/20181213185533_create_account_warning_presets.rb'
    - 'db/migrate/20181219235220_add_created_by_application_id_to_users.rb'
    - 'db/migrate/20181226021420_add_also_known_as_to_accounts.rb'
    - 'db/migrate/20190103124649_create_scheduled_statuses.rb'
    - 'db/migrate/20190103124754_add_scheduled_status_id_to_media_attachments.rb'
    - 'db/migrate/20190117114553_create_tombstones.rb'
    - 'db/migrate/20190201012802_add_overwrite_to_imports.rb'
    - 'db/migrate/20190203180359_create_featured_tags.rb'
    - 'db/migrate/20190225031541_create_polls.rb'
    - 'db/migrate/20190225031625_create_poll_votes.rb'
    - 'db/migrate/20190226003449_add_poll_id_to_statuses.rb'
    - 'db/migrate/20190304152020_add_uri_to_poll_votes.rb'
    - 'db/migrate/20190306145741_add_lock_version_to_polls.rb'
    - 'db/migrate/20190307234537_add_approved_to_users.rb'
    - 'db/migrate/20190314181829_migrate_open_registrations_setting.rb'
    - 'db/migrate/20190316190352_create_account_identity_proofs.rb'
    - 'db/migrate/20190317135723_add_uri_to_reports.rb'
    - 'db/migrate/20190403141604_add_comment_to_invites.rb'
    - 'db/migrate/20190409054914_create_user_invite_requests.rb'
    - 'db/migrate/20190420025523_add_blurhash_to_media_attachments.rb'
    - 'db/migrate/20190509164208_add_by_moderator_to_tombstone.rb'
    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
    - 'db/migrate/20190529143559_preserve_old_layout_for_existing_users.rb'
    - 'db/migrate/20190627222225_create_custom_emoji_categories.rb'
    - 'db/migrate/20190627222826_add_category_id_to_custom_emojis.rb'
    - 'db/migrate/20190701022101_add_trust_level_to_accounts.rb'
    - 'db/migrate/20190705002136_create_domain_allows.rb'
    - 'db/migrate/20190715164535_add_instance_actor.rb'
    - 'db/migrate/20190726175042_add_case_insensitive_index_to_tags.rb'
    - 'db/migrate/20190729185330_add_score_to_tags.rb'
    - 'db/migrate/20190805123746_add_capabilities_to_tags.rb'
    - 'db/migrate/20190807135426_add_comments_to_domain_blocks.rb'
    - 'db/migrate/20190815225426_add_last_status_at_to_tags.rb'
    - 'db/migrate/20190819134503_add_deleted_at_to_statuses.rb'
    - 'db/migrate/20190820003045_update_statuses_index.rb'
    - 'db/migrate/20190823221802_add_local_index_to_statuses.rb'
    - 'db/migrate/20190901035623_add_max_score_to_tags.rb'
    - 'db/migrate/20190904222339_create_markers.rb'
    - 'db/migrate/20190914202517_create_account_migrations.rb'
    - 'db/migrate/20190915194355_create_account_aliases.rb'
    - 'db/migrate/20190927232842_add_voters_count_to_polls.rb'
    - 'db/migrate/20191001213028_add_lock_version_to_account_stats.rb'
    - 'db/migrate/20191007013357_update_pt_locales.rb'
    - 'db/migrate/20191031163205_change_list_account_follow_nullable.rb'
    - 'db/migrate/20191212003415_increase_backup_size.rb'
    - 'db/migrate/20191212163405_add_hide_collections_to_accounts.rb'
    - 'db/migrate/20191218153258_create_announcements.rb'
    - 'db/migrate/20200113125135_create_announcement_mutes.rb'
    - 'db/migrate/20200114113335_create_announcement_reactions.rb'
    - 'db/migrate/20200119112504_add_public_index_to_statuses.rb'
    - 'db/migrate/20200126203551_add_published_at_to_announcements.rb'
    - 'db/migrate/20200306035625_add_processing_to_media_attachments.rb'
    - 'db/migrate/20200309150742_add_forwarded_to_reports.rb'
    - 'db/migrate/20200312144258_add_title_to_account_warning_presets.rb'
    - 'db/migrate/20200312162302_add_status_ids_to_announcements.rb'
    - 'db/migrate/20200312185443_add_parent_id_to_email_domain_blocks.rb'
    - 'db/migrate/20200317021758_add_expires_at_to_mutes.rb'
    - 'db/migrate/20200407201300_create_unavailable_domains.rb'
    - 'db/migrate/20200407202420_migrate_unavailable_inboxes.rb'
    - 'db/migrate/20200417125749_add_storage_schema_version.rb'
    - 'db/migrate/20200508212852_reset_unique_jobs_locks.rb'
    - 'db/migrate/20200510110808_reset_web_app_secret.rb'
    - 'db/migrate/20200510181721_remove_duplicated_indexes_pghero.rb'
    - 'db/migrate/20200516180352_create_devices.rb'
    - 'db/migrate/20200516183822_create_one_time_keys.rb'
    - 'db/migrate/20200518083523_create_encrypted_messages.rb'
    - 'db/migrate/20200521180606_encrypted_message_ids_to_timestamp_ids.rb'
    - 'db/migrate/20200529214050_add_devices_url_to_accounts.rb'
    - 'db/migrate/20200601222558_create_system_keys.rb'
    - 'db/migrate/20200605155027_add_blurhash_to_preview_cards.rb'
    - 'db/migrate/20200608113046_add_sign_in_token_to_users.rb'
    - 'db/migrate/20200614002136_add_sensitized_to_accounts.rb'
    - 'db/migrate/20200620164023_add_fixed_lowercase_index_to_accounts.rb'
    - 'db/migrate/20200622213645_media_attachment_ids_to_timestamp_ids.rb'
    - 'db/migrate/20200627125810_add_thumbnail_columns_to_media_attachments.rb'
    - 'db/migrate/20200628133322_create_account_notes.rb'
    - 'db/migrate/20200630190240_create_webauthn_credentials.rb'
    - 'db/migrate/20200630190544_add_webauthn_id_to_users.rb'
    - 'db/migrate/20200908193330_create_account_deletion_requests.rb'
    - 'db/migrate/20200917192924_add_notify_to_follows.rb'
    - 'db/migrate/20200917193034_add_type_to_notifications.rb'
    - 'db/migrate/20200917222316_add_index_notifications_on_type.rb'
    - 'db/migrate/20201008202037_create_ip_blocks.rb'
    - 'db/migrate/20201008220312_add_sign_up_ip_to_users.rb'
    - 'db/migrate/20201017233919_add_suspension_origin_to_accounts.rb'
    - 'db/migrate/20201206004238_create_instances.rb'
    - 'db/migrate/20201218054746_add_obfuscate_to_domain_blocks.rb'
    - 'db/migrate/20210221045109_create_rules.rb'
    - 'db/migrate/20210306164523_account_ids_to_timestamp_ids.rb'
    - 'db/migrate/20210322164601_create_account_summaries.rb'
    - 'db/migrate/20210323114347_create_follow_recommendations.rb'
    - 'db/migrate/20210324171613_create_follow_recommendation_suppressions.rb'
    - 'db/migrate/20210416200740_create_canonical_email_blocks.rb'
    - 'db/migrate/20210421121431_add_case_insensitive_btree_index_to_tags.rb'
    - 'db/migrate/20210425135952_add_index_on_media_attachments_account_id_status_id.rb'
    - 'db/migrate/20210505174616_update_follow_recommendations_to_version_2.rb'
    - 'db/migrate/20210609202149_create_login_activities.rb'
    - 'db/migrate/20210616214526_create_user_ips.rb'
    - 'db/migrate/20210621221010_add_skip_sign_in_token_to_users.rb'
    - 'db/migrate/20210630000137_fix_canonical_email_blocks_foreign_key.rb'
    - 'db/migrate/20210722120340_create_account_statuses_cleanup_policies.rb'
    - 'db/migrate/20210904215403_add_edited_at_to_statuses.rb'
    - 'db/migrate/20210908220918_create_status_edits.rb'
    - 'db/migrate/20211031031021_create_preview_card_providers.rb'
    - 'db/migrate/20211112011713_add_language_to_preview_cards.rb'
    - 'db/migrate/20211115032527_add_trendable_to_preview_cards.rb'
    - 'db/migrate/20211123212714_add_link_type_to_preview_cards.rb'
    - 'db/migrate/20211213040746_update_account_summaries_to_version_2.rb'
    - 'db/migrate/20211231080958_add_category_to_reports.rb'
    - 'db/migrate/20220105163928_remove_mentions_status_id_index.rb'
    - 'db/migrate/20220115125126_add_report_id_to_account_warnings.rb'
    - 'db/migrate/20220115125341_fix_account_warning_actions.rb'
    - 'db/migrate/20220116202951_add_deleted_at_index_on_statuses.rb'
    - 'db/migrate/20220124141035_create_appeals.rb'
    - 'db/migrate/20220202200743_add_trendable_to_accounts.rb'
    - 'db/migrate/20220202200926_add_trendable_to_statuses.rb'
    - 'db/migrate/20220210153119_add_overruled_at_to_account_warnings.rb'
    - 'db/migrate/20220224010024_add_ips_to_email_domain_blocks.rb'
    - 'db/migrate/20220227041951_add_last_used_at_to_oauth_access_tokens.rb'
    - 'db/migrate/20220302232632_add_ordered_media_attachment_ids_to_statuses.rb'
    - 'db/migrate/20220303000827_add_ordered_media_attachment_ids_to_status_edits.rb'
    - 'db/migrate/20220304195405_migrate_hide_network_preference.rb'
    - 'db/migrate/20220307094650_fix_featured_tags_constraints.rb'
    - 'db/migrate/20220309213005_fix_reblog_deleted_at.rb'
    - 'db/migrate/20220316233212_update_kurdish_locales.rb'
    - 'db/migrate/20220428112511_add_index_statuses_on_account_id.rb'
    - 'db/migrate/20220428112727_add_index_statuses_pins_on_status_id.rb'
    - 'db/migrate/20220428114454_add_index_reports_on_assigned_account_id.rb'
    - 'db/migrate/20220428114902_add_index_reports_on_action_taken_by_account_id.rb'
    - 'db/migrate/20220606044941_create_webhooks.rb'
    - 'db/migrate/20220611210335_create_user_roles.rb'
    - 'db/migrate/20220611212541_add_role_id_to_users.rb'
    - 'db/migrate/20220710102457_add_display_name_to_tags.rb'
    - 'db/migrate/20220714171049_create_tag_follows.rb'
    - 'db/migrate/20220824164433_add_human_identifier_to_admin_action_logs.rb'
    - 'db/migrate/20220824233535_create_status_trends.rb'
    - 'db/migrate/20220827195229_change_canonical_email_blocks_nullable.rb'
    - 'db/migrate/20220829192633_add_languages_to_follows.rb'
    - 'db/migrate/20220829192658_add_languages_to_follow_requests.rb'
    - 'db/migrate/20221006061337_create_preview_card_trends.rb'
    - 'db/migrate/20221012181003_add_blurhash_to_site_uploads.rb'
    - 'db/migrate/20221021055441_add_index_featured_tags_on_account_id_and_tag_id.rb'
    - 'db/migrate/20221025171544_add_index_ip_blocks_on_ip.rb'
    - 'db/migrate/20221104133904_add_name_to_featured_tags.rb'
    - 'db/post_migrate/20190519130537_remove_boosts_widening_audience.rb'
    - 'db/post_migrate/20210308133107_remove_subscription_expires_at_from_accounts.rb'
    - 'db/post_migrate/20220118183123_remove_rememberable_from_users.rb'
    - 'db/seeds/01_web_app.rb'
    - 'db/seeds/02_instance_actor.rb'
    - 'db/seeds/03_roles.rb'
    - 'db/seeds/04_admin.rb'
    - 'lib/rails/engine_extensions.rb'
    - 'lib/tasks/branding.rake'
    - 'spec/fabricators_spec.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/GlobalStdStream:
  Exclude:
@ -1327,7 +689,6 @@ Style/MutableConstant:
  Exclude:
    - 'app/models/tag.rb'
    - 'app/services/delete_account_service.rb'
    - 'config/initializers/twitter_regex.rb'
    - 'lib/mastodon/migration_warning.rb'
 # This cop supports safe autocorrection (--autocorrect).
@ -1369,8 +730,6 @@ Style/RedundantConstantBase:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/sidekiq.rb'
    - 'config/locales/sr-Latn.rb'
    - 'config/locales/sr.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: SafeForConstants.
@ -1382,6 +741,15 @@ Style/RedundantFetchBlock:
    - 'config/initializers/paperclip.rb'
    - 'config/puma.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMultipleReturnValues.
 Style/RedundantReturn:
  Exclude:
    - 'app/controllers/api/v1/directories_controller.rb'
    - 'app/controllers/auth/confirmations_controller.rb'
    - 'app/lib/ostatus/tag_manager.rb'
    - 'app/models/form/import.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: ConvertCodeThatCanStartToReturnNil, AllowedMethods, MaxChainLength.
 # AllowedMethods: present?, blank?, presence, try, try!
@ -1390,13 +758,6 @@ Style/SafeNavigation:
    - 'app/models/concerns/account_finder_concern.rb'
    - 'app/models/status.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowAsExpressionSeparator.
 Style/Semicolon:
  Exclude:
    - 'spec/services/activitypub/process_status_update_service_spec.rb'
    - 'spec/validators/blacklisted_email_validator_spec.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: only_raise, only_fail, semantic
@ -1410,21 +771,6 @@ Style/SingleArgumentDig:
  Exclude:
    - 'lib/webpacker/manifest_extensions.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
  Exclude:
    - 'app/lib/emoji_formatter.rb'
    - 'app/lib/text_formatter.rb'
    - 'app/models/account_alias.rb'
    - 'app/models/domain_block.rb'
    - 'app/models/email_domain_block.rb'
    - 'app/models/preview_card_provider.rb'
    - 'app/validators/status_length_validator.rb'
    - 'db/migrate/20190726175042_add_case_insensitive_index_to_tags.rb'
    - 'lib/active_record/batches.rb'
    - 'lib/mastodon/premailer_webpack_strategy.rb'
    - 'lib/tasks/repo.rake'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: require_parentheses, require_no_parentheses
@ -1461,7 +807,7 @@ Style/StringLiterals:
 # AllowedMethods: define_method, mail, respond_to
 Style/SymbolProc:
  Exclude:
-    - 'config/initializers/omniauth.rb'
+    - 'config/initializers/3_omniauth.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, AllowSafeAssignment.
@ -1494,9 +840,3 @@ Style/WordArray:
    - 'config/initializers/cors.rb'
    - 'spec/controllers/settings/imports_controller_spec.rb'
    - 'spec/models/form/import_spec.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
 # URISchemes: http, https
 Layout/LineLength:
  Max: 701
--- a/.ruby-version
+++ b/.ruby-version
@ -1 +1 @@
-3.2.2
+3.2.3
--- a/AUTHORS.md
+++ b/AUTHORS.md
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,6 +2,670 @@
 All notable changes to this project will be documented in this file.
 ## [4.2.12] - 2024-08-19
 ### Fixed
 - Fix broken notifications for mentions from local moderators ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31484))
 ## [4.2.11] - 2024-08-16
 ### Added
 - Add support for incoming `<s>` tag ([mediaformat](https://github.com/mastodon/mastodon/pull/31375))
 ### Changed
 - Change logic of block/mute bypass for mentions from moderators to only apply to visible roles with moderation powers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31271))
 ### Fixed
 - Fix incorrect rate limit on PUT requests ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31356))
 - Fix presence of `ß` in adjacent word preventing mention and hashtag matching ([adamniedzielski](https://github.com/mastodon/mastodon/pull/31122))
 - Fix processing of webfinger responses with multiple `self` links ([adamniedzielski](https://github.com/mastodon/mastodon/pull/31110))
 - Fix duplicate `orderedItems` in user archive's `outbox.json` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31099))
 - Fix click event handling when clicking outside of an open dropdown menu ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31251))
 - Fix status processing failing halfway when a remote post has a malformed `replies` attribute ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/31246))
 - Fix `--verbose` option of `tootctl media remove`, which was previously erroneously removed ([mjankowski](https://github.com/mastodon/mastodon/pull/30536))
 - Fix division by zero on some video/GIF files ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30600))
 - Fix Web UI trying to save user settings despite being logged out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30324))
 - Fix hashtag regexp matching some link anchors ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30190))
 - Fix local account search on LDAP login being case-sensitive ([raucao](https://github.com/mastodon/mastodon/pull/30113))
 - Fix development environment admin account not being auto-approved ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29958))
 - Fix report reason selector in moderation interface not unselecting rules when changing category ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29026))
 - Fix already-invalid reports failing to resolve ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29027))
 - Fix OCR when using S3/CDN for assets ([vmstan](https://github.com/mastodon/mastodon/pull/28551))
 - Fix error when encountering malformed `Tag` objects from Kbin ([ShadowJonathan](https://github.com/mastodon/mastodon/pull/28235))
 - Fix not all allowed image formats showing in file picker when uploading custom emoji ([june128](https://github.com/mastodon/mastodon/pull/28076))
 - Fix search popout listing unusable search options when logged out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27918))
 - Fix processing of featured collections lacking an `items` attribute ([tribela](https://github.com/mastodon/mastodon/pull/27581))
 - Fix `mastodon:stats` decoration of stats rake task ([mjankowski](https://github.com/mastodon/mastodon/pull/31104))
 ## [4.2.10] - 2024-07-04
 ### Security
 - Fix incorrect permission checking on multiple API endpoints ([GHSA-58x8-3qxw-6hm7](https://github.com/mastodon/mastodon/security/advisories/GHSA-58x8-3qxw-6hm7))
 - Fix incorrect authorship checking when processing some activities (CVE-2024-37903, [GHSA-xjvf-fm67-4qc3](https://github.com/mastodon/mastodon/security/advisories/GHSA-xjvf-fm67-4qc3))
 - Fix ongoing streaming sessions not being invalidated when application tokens get revoked ([GHSA-vp5r-5pgw-jwqx](https://github.com/mastodon/mastodon/security/advisories/GHSA-vp5r-5pgw-jwqx))
 - Update dependencies
 ### Added
 - Add yarn version specification to avoid confusion with Yarn 3 and Yarn 4
 ### Changed
 - Change preview cards generation to skip unusually long URLs ([oneiros](https://github.com/mastodon/mastodon/pull/30854))
 - Change search modifiers to be case-insensitive ([Gargron](https://github.com/mastodon/mastodon/pull/30865))
 - Change `STATSD_ADDR` handling to emit a warning rather than crashing if the address is unreachable ([timothyjrogers](https://github.com/mastodon/mastodon/pull/30691))
 - Change PWA start URL from `/home` to `/` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27377))
 ### Removed
 - Removed dependency on `posix-spawn` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18559))
 ### Fixed
 - Fix scheduled statuses scheduled in less than 5 minutes being immediately published ([danielmbrasil](https://github.com/mastodon/mastodon/pull/30584))
 - Fix encoding detection for link cards ([oneiros](https://github.com/mastodon/mastodon/pull/30780))
 - Fix `/admin/accounts/:account_id/statuses/:id` for edited posts with media attachments ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30819))
 - Fix duplicate `@context` attribute in user archive export ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30653))
 ## [4.2.9] - 2024-05-30
 ### Security
 - Update dependencies
 - Fix private mention filtering ([GHSA-5fq7-3p3j-9vrf](https://github.com/mastodon/mastodon/security/advisories/GHSA-5fq7-3p3j-9vrf))
 - Fix password change endpoint not being rate-limited ([GHSA-q3rg-xx5v-4mxh](https://github.com/mastodon/mastodon/security/advisories/GHSA-q3rg-xx5v-4mxh))
 - Add hardening around rate-limit bypass ([GHSA-c2r5-cfqr-c553](https://github.com/mastodon/mastodon/security/advisories/GHSA-c2r5-cfqr-c553))
 ### Added
 - Add rate-limit on OAuth application registration ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/30316))
 - Add fallback redirection when getting a webfinger query `WEB_DOMAIN@WEB_DOMAIN` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28592))
 - Add `digest` attribute to `Admin::DomainBlock` entity in REST API ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/29092))
 ### Removed
 - Remove superfluous application-level caching in some controllers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29862))
 - Remove aggressive OAuth application vacuuming ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/30316))
 ### Fixed
 - Fix leaking Elasticsearch connections in Sidekiq processes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30450))
 - Fix language of remote posts not being recognized when using unusual casing ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30403))
 - Fix off-by-one in `tootctl media` commands ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30306))
 - Fix removal of allowed domains (in `LIMITED_FEDERATION_MODE`) not being recorded in the audit log ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/30125))
 - Fix not being able to block a subdomain of an already-blocked domain through the API ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30119))
 - Fix `Idempotency-Key` being ignored when scheduling a post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30084))
 - Fix crash when supplying the `FFMPEG_BINARY` environment variable ([timothyjrogers](https://github.com/mastodon/mastodon/pull/30022))
 - Fix improper email address validation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29838))
 - Fix results/query in `api/v1/featured_tags/suggestions` ([mjankowski](https://github.com/mastodon/mastodon/pull/29597))
 - Fix unblocking internationalized domain names under certain conditions ([tribela](https://github.com/mastodon/mastodon/pull/29530))
 - Fix admin account created by `mastodon:setup` not being auto-approved ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29379))
 - Fix reference to non-existent var in CLI maintenance command ([mjankowski](https://github.com/mastodon/mastodon/pull/28363))
 ## [4.2.8] - 2024-02-23
 ### Added
 - Add hourly task to automatically require approval for new registrations in the absence of moderators ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29318), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/29355))
  In order to prevent future abandoned Mastodon servers from being used for spam, harassment and other malicious activity, Mastodon will now automatically switch new user registrations to require moderator approval whenever they are left open and no activity (including non-moderation actions from apps) from any logged-in user with permission to access moderation reports has been detected in a full week.
  When this happens, users with the permission to change server settings will receive an email notification.
  This feature is disabled when `EMAIL_DOMAIN_ALLOWLIST` is used, and can also be disabled with `DISABLE_AUTOMATIC_SWITCHING_TO_APPROVED_REGISTRATIONS=true`.
 ### Changed
 - Change registrations to be closed by default on new installations ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29280))
  If you are running a server and never changed your registrations mode from the default, updating will automatically close your registrations.
  Simply re-enable them through the administration interface or using `tootctl settings registrations open` if you want to enable them again.
 ### Fixed
 - Fix processing of remote ActivityPub actors making use of `Link` objects as `Image` `url` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29335))
 - Fix link verifications when page size exceeds 1MB ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29358))
 ## [4.2.7] - 2024-02-16
 ### Fixed
 - Fix OmniAuth tests and edge cases in error handling ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29201), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/29207))
 - Fix new installs by upgrading to the latest release of the `nsa` gem, instead of a no longer existing commit ([mjankowski](https://github.com/mastodon/mastodon/pull/29065))
 ### Security
 - Fix insufficient checking of remote posts ([GHSA-jhrq-qvrm-qr36](https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36))
 ## [4.2.6] - 2024-02-14
 ### Security
 - Update the `sidekiq-unique-jobs` dependency (see [GHSA-cmh9-rx85-xj38](https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38))
  In addition, we have disabled the web interface for `sidekiq-unique-jobs` out of caution.
  If you need it, you can re-enable it by setting `ENABLE_SIDEKIQ_UNIQUE_JOBS_UI=true`.
  If you only need to clear all locks, you can now use `bundle exec rake sidekiq_unique_jobs:delete_all_locks`.
 - Update the `nokogiri` dependency (see [GHSA-xc9x-jj77-9p9j](https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xc9x-jj77-9p9j))
 - Disable administrative Doorkeeper routes ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/29187))
 - Fix ongoing streaming sessions not being invalidated when applications get deleted in some cases ([GHSA-7w3c-p9j8-mq3x](https://github.com/mastodon/mastodon/security/advisories/GHSA-7w3c-p9j8-mq3x))
  In some rare cases, the streaming server was not notified of access tokens revocation on application deletion.
 - Change external authentication behavior to never reattach a new identity to an existing user by default ([GHSA-vm39-j3vx-pch3](https://github.com/mastodon/mastodon/security/advisories/GHSA-vm39-j3vx-pch3))
  Up until now, Mastodon has allowed new identities from external authentication providers to attach to an existing local user based on their verified e-mail address.
  This allowed upgrading users from a database-stored password to an external authentication provider, or move from one authentication provider to another.
  However, this behavior may be unexpected, and means that when multiple authentication providers are configured, the overall security would be that of the least secure authentication provider.
  For these reasons, this behavior is now locked under the `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH` environment variable.
  In addition, regardless of this environment variable, Mastodon will refuse to attach two identities from the same authentication provider to the same account.
 ## [4.2.5] - 2024-02-01
 ### Security
 - Fix insufficient origin validation (CVE-2024-23832, [GHSA-3fjr-858r-92rw](https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw))
 ## [4.2.4] - 2024-01-24
 ### Fixed
 - Fix error when processing remote files with unusually long names ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28823))
 - Fix processing of compacted single-item JSON-LD collections ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28816))
 - Retry 401 errors on replies fetching ([ShadowJonathan](https://github.com/mastodon/mastodon/pull/28788))
 - Fix `RecordNotUnique` errors in LinkCrawlWorker ([tribela](https://github.com/mastodon/mastodon/pull/28748))
 - Fix Mastodon not correctly processing HTTP Signatures with query strings ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28443), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/28476))
 - Fix potential redirection loop of streaming endpoint ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28665))
 - Fix streaming API redirection ignoring the port of `streaming_api_base_url` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28558))
 - Fix error when processing link preview with an array as `inLanguage` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28252))
 - Fix unsupported time zone or locale preventing sign-up ([Gargron](https://github.com/mastodon/mastodon/pull/28035))
 - Fix "Hide these posts from home" list setting not refreshing when switching lists ([brianholley](https://github.com/mastodon/mastodon/pull/27763))
 - Fix missing background behind dismissable banner in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/27479))
 - Fix line wrapping of language selection button with long locale codes ([gunchleoc](https://github.com/mastodon/mastodon/pull/27100), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27127))
 - Fix `Undo Announce` activity not being sent to non-follower authors ([MitarashiDango](https://github.com/mastodon/mastodon/pull/18482))
 - Fix N+1s because of association preloaders not actually getting called ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28339))
 - Fix empty column explainer getting cropped under certain conditions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28337))
 - Fix `LinkCrawlWorker` error when encountering empty OEmbed response ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28268))
 - Fix call to inefficient `delete_matched` cache method in domain blocks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28367))
 ### Security
 - Add rate-limit of TOTP authentication attempts at controller level ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/28801))
 ## [4.2.3] - 2023-12-05
 ### Fixed
 - Fix dependency on `json-canonicalization` version that has been made unavailable since last release
 ## [4.2.2] - 2023-12-04
 ### Changed
 - Change dismissed banners to be stored server-side ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27055))
 - Change GIF max matrix size error to explicitly mention GIF files ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27927))
 - Change `Follow` activities delivery to bypass availability check ([ShadowJonathan](https://github.com/mastodon/mastodon/pull/27586))
 - Change single-column navigation notice to be displayed outside of the logo container ([renchap](https://github.com/mastodon/mastodon/pull/27462), [renchap](https://github.com/mastodon/mastodon/pull/27476))
 - Change Content-Security-Policy to be tighter on media paths ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26889))
 - Change post language code to include country code when relevant ([gunchleoc](https://github.com/mastodon/mastodon/pull/27099), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27207))
 ### Fixed
 - Fix upper border radius of onboarding columns ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27890))
 - Fix incoming status creation date not being restricted to standard ISO8601 ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27655), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/28081))
 - Fix some posts from threads received out-of-order sometimes not being inserted into timelines ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27653))
 - Fix posts from force-sensitized accounts being able to trend ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27620))
 - Fix error when trying to delete already-deleted file with OpenStack Swift ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27569))
 - Fix batch attachment deletion when using OpenStack Swift ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27554))
 - Fix processing LDSigned activities from actors with unknown public keys ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27474))
 - Fix error and incorrect URLs in `/api/v1/accounts/:id/featured_tags` for remote accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27459))
 - Fix report processing notice not mentioning the report number when performing a custom action ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27442))
 - Fix handling of `inLanguage` attribute in preview card processing ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27423))
 - Fix own posts being removed from home timeline when unfollowing a used hashtag ([kmycode](https://github.com/mastodon/mastodon/pull/27391))
 - Fix some link anchors being recognized as hashtags ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27271), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27584))
 - Fix format-dependent redirects being cached regardless of requested format ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27634))
 ## [4.2.1] - 2023-10-10
 ### Added
 - Add redirection on `/deck` URLs for logged-out users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27128))
 - Add support for v4.2.0 migrations to `tootctl maintenance fix-duplicates` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27147))
 ### Changed
 - Change some worker lock TTLs to be shorter-lived ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27246))
 - Change user archive export allowed period from 7 days to 6 days ([suddjian](https://github.com/mastodon/mastodon/pull/27200))
 ### Fixed
 - Fix duplicate reports being sent when reporting some remote posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27355))
 - Fix clicking on already-opened thread post scrolling to the top of the thread ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27331), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27338), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27350))
 - Fix some remote posts getting truncated ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27307))
 - Fix some cases of infinite scroll code trying to fetch inaccessible posts in a loop ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27286))
 - Fix `Vary` headers not being set on some redirects ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27272))
 - Fix mentions being matched in some URL query strings ([mjankowski](https://github.com/mastodon/mastodon/pull/25656))
 - Fix unexpected linebreak in version string in the Web UI ([vmstan](https://github.com/mastodon/mastodon/pull/26986))
 - Fix double scroll bars in some columns in advanced interface ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27187))
 - Fix boosts of local users being filtered in account timelines ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27204))
 - Fix multiple instances of the trend refresh scheduler sometimes running at once ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27253))
 - Fix importer returning negative row estimates ([jgillich](https://github.com/mastodon/mastodon/pull/27258))
 - Fix incorrectly keeping outdated update notices absent from the API endpoint ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27021))
 - Fix import progress not updating on certain failures ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27247))
 - Fix websocket connections being incorrectly decremented twice on errors ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/27238))
 - Fix explore prompt appearing because of posts being received out of order ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27211))
 - Fix explore prompt sometimes showing up when the home TL is loading ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27062))
 - Fix link handling of mentions in user profiles when logged out ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27185))
 - Fix filtering audit log for entries about disabling 2FA ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27186))
 - Fix notification toasts not respecting reduce-motion ([c960657](https://github.com/mastodon/mastodon/pull/27178))
 - Fix retention dashboard not displaying correct month ([vmstan](https://github.com/mastodon/mastodon/pull/27180))
 - Fix tIME chunk not being properly removed from PNG uploads ([TheEssem](https://github.com/mastodon/mastodon/pull/27111))
 - Fix division by zero in video in bitrate computation code ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27129))
 - Fix inefficient queries in “Follows and followers” as well as several admin pages ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27116), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27306))
 - Fix ActiveRecord using two connection pools when no replica is defined ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27061))
 - Fix the search documentation URL in system checks ([renchap](https://github.com/mastodon/mastodon/pull/27036))
 ## [4.2.0] - 2023-09-21
 The following changelog entries focus on changes visible to users, administrators, client developers or federated software developers, but there has also been a lot of code modernization, refactoring, and tooling work, in particular by [@danielmbrasil](https://github.com/danielmbrasil), [@mjankowski](https://github.com/mjankowski), [@nschonni](https://github.com/nschonni), [@renchap](https://github.com/renchap), and [@takayamaki](https://github.com/takayamaki).
 ### Added
 - **Add full-text search of opted-in public posts and rework search operators** ([Gargron](https://github.com/mastodon/mastodon/pull/26485), [jsgoldstein](https://github.com/mastodon/mastodon/pull/26344), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26657), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26650), [jsgoldstein](https://github.com/mastodon/mastodon/pull/26659), [Gargron](https://github.com/mastodon/mastodon/pull/26660), [Gargron](https://github.com/mastodon/mastodon/pull/26663), [Gargron](https://github.com/mastodon/mastodon/pull/26688), [Gargron](https://github.com/mastodon/mastodon/pull/26689), [Gargron](https://github.com/mastodon/mastodon/pull/26686), [Gargron](https://github.com/mastodon/mastodon/pull/26687), [Gargron](https://github.com/mastodon/mastodon/pull/26692), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26697), [Gargron](https://github.com/mastodon/mastodon/pull/26699), [Gargron](https://github.com/mastodon/mastodon/pull/26701), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26710), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26739), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26754), [Gargron](https://github.com/mastodon/mastodon/pull/26662), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26755), [Gargron](https://github.com/mastodon/mastodon/pull/26781), [Gargron](https://github.com/mastodon/mastodon/pull/26782), [Gargron](https://github.com/mastodon/mastodon/pull/26760), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26756), [Gargron](https://github.com/mastodon/mastodon/pull/26784), [Gargron](https://github.com/mastodon/mastodon/pull/26807), [Gargron](https://github.com/mastodon/mastodon/pull/26835), [Gargron](https://github.com/mastodon/mastodon/pull/26847), [Gargron](https://github.com/mastodon/mastodon/pull/26834), [arbolitoloco1](https://github.com/mastodon/mastodon/pull/26893), [tribela](https://github.com/mastodon/mastodon/pull/26896), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26927), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26959), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27014))
  This introduces a new `public_statuses` Elasticsearch index for public posts by users who have opted in to their posts being searchable (`toot#indexable` flag).
  This also revisits the other indexes to provide more useful indexing, and adds new search operators such as `from:me`, `before:2022-11-01`, `after:2022-11-01`, `during:2022-11-01`, `language:fr`, `has:poll`, or `in:library` (for searching only in posts you have written or interacted with).
  Results are now ordered chronologically.
 - **Add admin notifications for new Mastodon versions** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26582))
  This is done by querying `https://api.joinmastodon.org/update-check` every 30 minutes in a background job.
  That URL can be changed using the `UPDATE_CHECK_URL` environment variable, and the feature outright disabled by setting that variable to an empty string (`UPDATE_CHECK_URL=`).
 - **Add “Privacy and reach” tab in profile settings** ([Gargron](https://github.com/mastodon/mastodon/pull/26484), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26508))
  This reorganized scattered privacy and reach settings to a single place, as well as improve their wording.
 - **Add display of out-of-band hashtags in the web interface** ([Gargron](https://github.com/mastodon/mastodon/pull/26492), [arbolitoloco1](https://github.com/mastodon/mastodon/pull/26497), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26506), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26525), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26606), [Gargron](https://github.com/mastodon/mastodon/pull/26666), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26960))
 - **Add role badges to the web interface** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25649), [Gargron](https://github.com/mastodon/mastodon/pull/26281))
 - **Add ability to pick domains to forward reports to using the `forward_to_domains` parameter in `POST /api/v1/reports`** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25866), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26636))
  The `forward_to_domains` REST API parameter is a list of strings. If it is empty or omitted, the previous behavior is maintained.
  The `forward` parameter still needs to be set for `forward_to_domains` to be taken into account.
  The forwarded-to domains can only include that of the original author and people being replied to.
 - **Add forwarding of reported replies to servers being replied to** ([Gargron](https://github.com/mastodon/mastodon/pull/25341), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26189))
 - Add `ONE_CLICK_SSO_LOGIN` environment variable to directly link to the Single-Sign On provider if there is only one sign up method available ([CSDUMMI](https://github.com/mastodon/mastodon/pull/26083), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26368), [CSDUMMI](https://github.com/mastodon/mastodon/pull/26857), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26901))
 - **Add webhook templating** ([Gargron](https://github.com/mastodon/mastodon/pull/23289))
 - **Add webhooks for local `status.created`, `status.updated`, `account.updated` and `report.updated`** ([VyrCossont](https://github.com/mastodon/mastodon/pull/24133), [VyrCossont](https://github.com/mastodon/mastodon/pull/24243), [VyrCossont](https://github.com/mastodon/mastodon/pull/24211))
 - **Add exclusive lists** ([dariusk, necropolina](https://github.com/mastodon/mastodon/pull/22048), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25324))
 - **Add a confirmation screen when suspending a domain** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25144), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25603))
 - **Add support for importing lists** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25203), [mgmn](https://github.com/mastodon/mastodon/pull/26120), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26372))
 - **Add optional hCaptcha support** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25019), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25057), [Gargron](https://github.com/mastodon/mastodon/pull/25395), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26388))
 - **Add lines to threads in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/24549), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24677), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24696), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24711), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24714), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24713), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24715), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24800), [teeerevor](https://github.com/mastodon/mastodon/pull/25706), [renchap](https://github.com/mastodon/mastodon/pull/25807))
 - **Add new onboarding flow to web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/24619), [Gargron](https://github.com/mastodon/mastodon/pull/24646), [Gargron](https://github.com/mastodon/mastodon/pull/24705), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24872), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/24883), [Gargron](https://github.com/mastodon/mastodon/pull/24954), [stevenjlm](https://github.com/mastodon/mastodon/pull/24959), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25010), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25275), [Gargron](https://github.com/mastodon/mastodon/pull/25559), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25561))
 - **Add auto-refresh of accounts we get new messages/edits of** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26510))
 - **Add Elasticsearch cluster health check and indexes mismatch check to dashboard** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26448), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26605), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26658))
 - Add `hide_collections`, `discoverable` and `indexable` attributes to credentials API ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26998))
 - Add `S3_ENABLE_CHECKSUM_MODE` environment variable to enable checksum verification on compatible S3-providers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26435))
 - Add admin API for managing tags ([rrgeorge](https://github.com/mastodon/mastodon/pull/26872))
 - Add a link to hashtag timelines from the Trending hashtags moderation interface ([gunchleoc](https://github.com/mastodon/mastodon/pull/26724))
 - Add timezone to datetimes in e-mails ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26822))
 - Add `authorized_fetch` server setting in addition to env var ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25798), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26958))
 - Add avatar image to webfinger responses ([tvler](https://github.com/mastodon/mastodon/pull/26558))
 - Add debug logging on signature verification failure ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26637), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26812))
 - Add explicit error messages when DeepL quota is exceeded ([lutoma](https://github.com/mastodon/mastodon/pull/26704))
 - Add Elasticsearch/OpenSearch version to “Software” in admin dashboard ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26652))
 - Add `data-nosnippet` attribute to remote posts and local posts with `noindex` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26648))
 - Add support for federating `memorial` attribute ([rrgeorge](https://github.com/mastodon/mastodon/pull/26583))
 - Add Cherokee and Kalmyk to languages dropdown ([gunchleoc](https://github.com/mastodon/mastodon/pull/26012), [gunchleoc](https://github.com/mastodon/mastodon/pull/26013))
 - Add `DELETE /api/v1/profile/avatar` and `DELETE /api/v1/profile/header` to the REST API ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25124), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26573))
 - Add `ES_PRESET` option to customize numbers of shards and replicas ([Gargron](https://github.com/mastodon/mastodon/pull/26483), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26489))
  This can have a value of `single_node_cluster` (default), `small_cluster` (uses one replica) or `large_cluster` (uses one replica and a higher number of shards).
 - Add `CACHE_BUSTER_HTTP_METHOD` environment variable ([renchap](https://github.com/mastodon/mastodon/pull/26528), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26542))
 - Add support for `DB_PASS` when using `DATABASE_URL` ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26295))
 - Add `GET /api/v1/instance/languages` to REST API ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24443))
 - Add primary key to `preview_cards_statuses` join table ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25243), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26384), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26447), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26737), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26979))
 - Add client-side timeout on resend confirmation button ([Gargron](https://github.com/mastodon/mastodon/pull/26300))
 - Add published date and author to news on the explore screen in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26155))
 - Add `lang` attribute to various UI components ([c960657](https://github.com/mastodon/mastodon/pull/23869), [c960657](https://github.com/mastodon/mastodon/pull/23891), [c960657](https://github.com/mastodon/mastodon/pull/26111), [c960657](https://github.com/mastodon/mastodon/pull/26149))
 - Add stricter protocol fields validation for accounts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25937))
 - Add support for Azure blob storage ([mistydemeo](https://github.com/mastodon/mastodon/pull/23607), [mistydemeo](https://github.com/mastodon/mastodon/pull/26080))
 - Add toast with option to open post after publishing in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25564), [Signez](https://github.com/mastodon/mastodon/pull/25919), [Gargron](https://github.com/mastodon/mastodon/pull/26664))
 - Add canonical link tags in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25715))
 - Add button to see results for polls in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25726))
 - Add at-symbol prepended to mention span title ([forsamori](https://github.com/mastodon/mastodon/pull/25684))
 - Add users index on `unconfirmed_email` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25672), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25702))
 - Add superapp index on `oauth_applications` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25670))
 - Add index to backups on `user_id` column ([mjankowski](https://github.com/mastodon/mastodon/pull/25647))
 - Add onboarding prompt when home feed too slow in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25267), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25556), [Gargron](https://github.com/mastodon/mastodon/pull/25579), [renchap](https://github.com/mastodon/mastodon/pull/25580), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25581), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25617), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25917), [Gargron](https://github.com/mastodon/mastodon/pull/26829), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26935))
 - Add `POST /api/v1/conversations/:id/unread` API endpoint to mark a conversation as unread ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25509))
 - Add `translate="no"` to outgoing mentions and links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25524))
 - Add unsubscribe link and headers to e-mails ([Gargron](https://github.com/mastodon/mastodon/pull/25378), [c960657](https://github.com/mastodon/mastodon/pull/26085))
 - Add logging of websocket send errors ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25280))
 - Add time zone preference ([Gargron](https://github.com/mastodon/mastodon/pull/25342), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26025))
 - Add `legal` as report category ([Gargron](https://github.com/mastodon/mastodon/pull/23941), [renchap](https://github.com/mastodon/mastodon/pull/25400), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26509))
 - Add `data-nosnippet` so Google doesn't use trending posts in snippets for `/` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25279))
 - Add card with who invited you to join when displaying rules on sign-up ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23475))
 - Add missing primary keys to `accounts_tags` and `statuses_tags` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25210))
 - Add support for custom sign-up URLs ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25014), [renchap](https://github.com/mastodon/mastodon/pull/25108), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25190), [mgmn](https://github.com/mastodon/mastodon/pull/25531))
  This is set using `SSO_ACCOUNT_SIGN_UP` and reflected in the REST API by adding `registrations.sign_up_url` to the `/api/v2/instance` endpoint.
 - Add polling and automatic redirection to `/start` on email confirmation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25013))
 - Add ability to block sign-ups from IP using the CLI ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24870))
 - Add ALT badges to media that has alternative text in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24782), [c960657](https://github.com/mastodon/mastodon/pull/26166)
 - Add ability to include accounts with pending follow requests in lists ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/19727), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24810))
 - Add trend management to admin API ([rrgeorge](https://github.com/mastodon/mastodon/pull/24257))
  - `POST /api/v1/admin/trends/statuses/:id/approve`
  - `POST /api/v1/admin/trends/statuses/:id/reject`
  - `POST /api/v1/admin/trends/links/:id/approve`
  - `POST /api/v1/admin/trends/links/:id/reject`
  - `POST /api/v1/admin/trends/tags/:id/approve`
  - `POST /api/v1/admin/trends/tags/:id/reject`
  - `GET /api/v1/admin/trends/links/publishers`
  - `POST /api/v1/admin/trends/links/publishers/:id/approve`
  - `POST /api/v1/admin/trends/links/publishers/:id/reject`
 - Add user handle to notification mail recipient address ([HeitorMC](https://github.com/mastodon/mastodon/pull/24240))
 - Add progress indicator to sign-up flow ([Gargron](https://github.com/mastodon/mastodon/pull/24545))
 - Add client-side validation for taken username in sign-up form ([Gargron](https://github.com/mastodon/mastodon/pull/24546))
 - Add `--approve` option to `tootctl accounts create` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24533))
 - Add “In Memoriam” banner back to profiles ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23591), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23614))
  This adds the `memorial` attribute to the `Account` REST API entity.
 - Add colour to follow button when hashtag is being followed ([c960657](https://github.com/mastodon/mastodon/pull/24361))
 - Add further explanations to the profile link verification instructions ([drzax](https://github.com/mastodon/mastodon/pull/19723))
 - Add a link to Identity provider's account settings from the account settings ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24100), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24628))
 - Add support for streaming server to connect to postgres with self-signed certs through the `sslmode` URL parameter ([ramuuns](https://github.com/mastodon/mastodon/pull/21431))
 - Add support for specifying S3 storage classes through the `S3_STORAGE_CLASS` environment variable ([hyl](https://github.com/mastodon/mastodon/pull/22480))
 - Add support for incoming rich text ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23913))
 - Add support for Ruby 3.2 ([tenderlove](https://github.com/mastodon/mastodon/pull/22928), [casperisfine](https://github.com/mastodon/mastodon/pull/24142), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24202), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26934))
 - Add API parameter to safeguard unexpected mentions in new posts ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/18350))
 ### Changed
 - **Change hashtags to be displayed separately when they are the last line of a post** ([renchap](https://github.com/mastodon/mastodon/pull/26499), [renchap](https://github.com/mastodon/mastodon/pull/26614), [renchap](https://github.com/mastodon/mastodon/pull/26615))
 - **Change reblogs to be excluded from "Posts and replies" tab in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/26302))
 - **Change interaction modal in web interface** ([Gargron, ClearlyClaire](https://github.com/mastodon/mastodon/pull/26075), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26269), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26268), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26267), [mgmn](https://github.com/mastodon/mastodon/pull/26459), [tribela](https://github.com/mastodon/mastodon/pull/26461), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26593), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26795))
 - **Change design of link previews in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/26136), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26151), [Gargron](https://github.com/mastodon/mastodon/pull/26153), [Gargron](https://github.com/mastodon/mastodon/pull/26250), [Gargron](https://github.com/mastodon/mastodon/pull/26287), [Gargron](https://github.com/mastodon/mastodon/pull/26286), [c960657](https://github.com/mastodon/mastodon/pull/26184))
 - **Change "direct message" nomenclature to "private mention" in web UI** ([Gargron](https://github.com/mastodon/mastodon/pull/24248))
 - **Change translation feature to cover Content Warnings, poll options and media descriptions** ([c960657](https://github.com/mastodon/mastodon/pull/24175), [S-H-GAMELINKS](https://github.com/mastodon/mastodon/pull/25251), [c960657](https://github.com/mastodon/mastodon/pull/26168), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26452))
 - **Change account search to match by text when opted-in** ([jsgoldstein](https://github.com/mastodon/mastodon/pull/25599), [Gargron](https://github.com/mastodon/mastodon/pull/26378))
 - **Change import feature to be clearer, less error-prone and more reliable** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21054), [mgmn](https://github.com/mastodon/mastodon/pull/24874))
 - **Change local and federated timelines to be tabs of a single “Live feeds” column** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25641), [Gargron](https://github.com/mastodon/mastodon/pull/25683), [mgmn](https://github.com/mastodon/mastodon/pull/25694), [Plastikmensch](https://github.com/mastodon/mastodon/pull/26247), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26633))
 - **Change user archive export to be faster and more reliable, and export `.zip` archives instead of `.tar.gz` ones** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23360), [TheEssem](https://github.com/mastodon/mastodon/pull/25034))
 - **Change `mastodon-streaming` systemd unit files to be templated** ([e-nomem](https://github.com/mastodon/mastodon/pull/24751))
 - **Change `statsd` integration to disable sidekiq metrics by default** ([mjankowski](https://github.com/mastodon/mastodon/pull/25265), [mjankowski](https://github.com/mastodon/mastodon/pull/25336), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26310))
  This deprecates `statsd` support and disables the sidekiq integration unless `STATSD_SIDEKIQ` is set to `true`.
  This is because the `nsa` gem is unmaintained, and its sidekiq integration is known to add very significant overhead.
  Later versions of Mastodon will have other ways to get the same metrics.
 - **Change replica support to native Rails adapter** ([krainboltgreene](https://github.com/mastodon/mastodon/pull/25693), [Gargron](https://github.com/mastodon/mastodon/pull/25849), [Gargron](https://github.com/mastodon/mastodon/pull/25874), [Gargron](https://github.com/mastodon/mastodon/pull/25851), [Gargron](https://github.com/mastodon/mastodon/pull/25977), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26074), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26326), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26386), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26856))
  This is a breaking change, dropping `makara` support, and requiring you to update your database configuration if you are using replicas.
  To tell Mastodon to use a read replica, you can either set the `REPLICA_DB_NAME` environment variable (along with `REPLICA_DB_USER`, `REPLICA_DB_PASS`, `REPLICA_DB_HOST`, and `REPLICA_DB_PORT`, if they differ from the primary database), or the `REPLICA_DATABASE_URL` environment variable if your configuration is based on `DATABASE_URL`.
 - Change DCT method used for JPEG encoding to float ([electroCutie](https://github.com/mastodon/mastodon/pull/26675))
 - Change from `node-redis` to `ioredis` for streaming ([gmemstr](https://github.com/mastodon/mastodon/pull/26581))
 - Change private statuses index to index without crutches ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26713))
 - Change video compression parameters ([Gargron](https://github.com/mastodon/mastodon/pull/26631), [Gargron](https://github.com/mastodon/mastodon/pull/26745), [Gargron](https://github.com/mastodon/mastodon/pull/26766), [Gargron](https://github.com/mastodon/mastodon/pull/26970))
 - Change admin e-mail notification settings to be their own settings group ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26596))
 - Change opacity of the delete icon in the search field to be more visible ([AntoninDelFabbro](https://github.com/mastodon/mastodon/pull/26449))
 - Change Account Search to prioritize username over display name ([jsgoldstein](https://github.com/mastodon/mastodon/pull/26623))
 - Change follow recommendation materialized view to be faster in most cases ([renchap, ClearlyClaire](https://github.com/mastodon/mastodon/pull/26545))
 - Change `robots.txt` to block GPTBot ([Foritus](https://github.com/mastodon/mastodon/pull/26396))
 - Change header of hashtag timelines in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26362), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26416))
 - Change streaming `/metrics` to include additional metrics ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26299), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26945))
 - Change indexing frequency from 5 minutes to 1 minute, add locks to schedulers ([Gargron](https://github.com/mastodon/mastodon/pull/26304))
 - Change column link to add a better keyboard focus indicator ([teeerevor](https://github.com/mastodon/mastodon/pull/26278))
 - Change poll form element colors to fit with the rest of the ui ([teeerevor](https://github.com/mastodon/mastodon/pull/26139), [teeerevor](https://github.com/mastodon/mastodon/pull/26162), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26164))
 - Change 'favourite' to 'favorite' for American English ([marekr](https://github.com/mastodon/mastodon/pull/24667), [gunchleoc](https://github.com/mastodon/mastodon/pull/26009), [nabijaczleweli](https://github.com/mastodon/mastodon/pull/26109))
 - Change ActivityStreams representation of suspended accounts to not use a blank `name` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25276))
 - Change focus UI for keyboard only input ([teeerevor](https://github.com/mastodon/mastodon/pull/25935), [Gargron](https://github.com/mastodon/mastodon/pull/26125), [Gargron](https://github.com/mastodon/mastodon/pull/26767))
 - Change thread view to scroll to the selected post rather than the post being replied to ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24685))
 - Change links in multi-column mode so tabs are open in single-column mode ([Signez](https://github.com/mastodon/mastodon/pull/25893), [Signez](https://github.com/mastodon/mastodon/pull/26070), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25973), [Signez](https://github.com/mastodon/mastodon/pull/26019), [Signez](https://github.com/mastodon/mastodon/pull/26759))
 - Change searching with `#` to include account index ([jsgoldstein](https://github.com/mastodon/mastodon/pull/25638))
 - Change label and design of sensitive and unavailable media in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25712), [Gargron](https://github.com/mastodon/mastodon/pull/26135), [Gargron](https://github.com/mastodon/mastodon/pull/26330))
 - Change button colors to increase hover/focus contrast and consistency ([teeerevor](https://github.com/mastodon/mastodon/pull/25677), [Gargron](https://github.com/mastodon/mastodon/pull/25679))
 - Change dropdown icon above compose form from ellipsis to bars in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25661))
 - Change header backgrounds to use fewer different colors in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25577))
 - Change files to be deleted in batches instead of one-by-one ([Gargron](https://github.com/mastodon/mastodon/pull/23302), [S-H-GAMELINKS](https://github.com/mastodon/mastodon/pull/25586), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25587))
 - Change emoji picker icon ([iparr](https://github.com/mastodon/mastodon/pull/25479))
 - Change edit profile page ([Gargron](https://github.com/mastodon/mastodon/pull/25413), [c960657](https://github.com/mastodon/mastodon/pull/26538))
 - Change "bot" label to "automated" ([Gargron](https://github.com/mastodon/mastodon/pull/25356))
 - Change design of dropdowns in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25107))
 - Change wording of “Content cache retention period” setting to highlight destructive implications ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23261))
 - Change autolinking to allow carets in URL search params ([renchap](https://github.com/mastodon/mastodon/pull/25216))
 - Change share action from being in action bar to being in dropdown in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25105))
 - Change sessions to be ordered from most-recent to least-recently updated ([frankieroberto](https://github.com/mastodon/mastodon/pull/25005))
 - Change vacuum scheduler to also delete expired tokens and unused application records ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24868), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24871))
 - Change "Sign in" to "Login" ([Gargron](https://github.com/mastodon/mastodon/pull/24942))
 - Change domain suspensions to also be checked before trying to fetch unknown remote resources ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24535))
 - Change media components to use aspect-ratio rather than compute height themselves ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24686), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24943), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26801))
 - Change logo version in header based on screen size in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24707))
 - Change label from "For you" to "People" on explore screen in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24706))
 - Change logged-out WebUI HTML pages to be cached for a few seconds ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24708))
 - Change unauthenticated responses to be cached in REST API ([Gargron](https://github.com/mastodon/mastodon/pull/24348), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24662), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24665))
 - Change HTTP caching logic ([Gargron](https://github.com/mastodon/mastodon/pull/24347), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24604))
 - Change hashtags and mentions in bios to open in-app in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24643))
 - Change styling of the recommended accounts to allow bio to be more visible ([chike00](https://github.com/mastodon/mastodon/pull/24480))
 - Change account search in moderation interface to allow searching by username including the leading `@` ([HeitorMC](https://github.com/mastodon/mastodon/pull/24242))
 - Change all components to use the same error page in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24512))
 - Change search pop-out in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24305))
 - Change user settings to be stored in a more optimal way ([Gargron](https://github.com/mastodon/mastodon/pull/23630), [c960657](https://github.com/mastodon/mastodon/pull/24321), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24453), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24460), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24558), [Gargron](https://github.com/mastodon/mastodon/pull/24761), [Gargron](https://github.com/mastodon/mastodon/pull/24783), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25508), [jsgoldstein](https://github.com/mastodon/mastodon/pull/25340), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26884), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/27012))
 - Change media upload limits and remove client-side resizing ([Gargron](https://github.com/mastodon/mastodon/pull/23726))
 - Change design of account rows in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24247), [Gargron](https://github.com/mastodon/mastodon/pull/24343), [Gargron](https://github.com/mastodon/mastodon/pull/24956), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25131))
 - Change log-out to use Single Logout when using external log-in through OIDC ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24020))
 - Change sidekiq-bulk's batch size from 10,000 to 1,000 jobs in one Redis call ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24034))
 - Change translation to only be offered for supported languages ([c960657](https://github.com/mastodon/mastodon/pull/23879), [c960657](https://github.com/mastodon/mastodon/pull/24037))
  This adds the `/api/v1/instance/translation_languages` REST API endpoint that returns an object with the supported translation language pairs in the form:
  ```json
  {
    "fr": ["en", "de"]
  }
  ```
  (where `fr` is a supported source language and `en` and `de` or supported output language when translating a `fr` string)
 - Change compose form checkbox to native input with `appearance: none` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/22949))
 - Change posts' clickable area to be larger ([c960657](https://github.com/mastodon/mastodon/pull/23621))
 - Change `followed_by` link to `location=all` if account is local on /admin/accounts/:id page ([tribela](https://github.com/mastodon/mastodon/pull/23467))
 ### Removed
 - **Remove support for Node.js 14** ([renchap](https://github.com/mastodon/mastodon/pull/25198))
 - **Remove support for Ruby 2.7** ([nschonni](https://github.com/mastodon/mastodon/pull/24237))
 - **Remove clustering from streaming API** ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/24655))
 - **Remove anonymous access to the streaming API** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23989))
 - Remove obfuscation of reply count in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26768))
 - Remove `kmr` from language selection, as it was a duplicate for `ku` ([gunchleoc](https://github.com/mastodon/mastodon/pull/26014), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26787))
 - Remove 16:9 cropping from web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26132))
 - Remove back button from bookmarks, favourites and lists screens in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26126))
 - Remove display name input from sign-up form ([Gargron](https://github.com/mastodon/mastodon/pull/24704))
 - Remove `tai` locale ([c960657](https://github.com/mastodon/mastodon/pull/23880))
 - Remove empty Kushubian (csb) local files ([nschonni](https://github.com/mastodon/mastodon/pull/24151))
 - Remove `Permissions-Policy` header from all responses ([Gargron](https://github.com/mastodon/mastodon/pull/24124))
 ### Fixed
 - **Fix filters not being applying in the explore page** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25887))
 - **Fix being unable to load past a full page of filtered posts in Home timeline** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24930))
 - **Fix log-in flow when involving both OAuth and external authentication** ([CSDUMMI](https://github.com/mastodon/mastodon/pull/24073))
 - **Fix broken links in account gallery** ([c960657](https://github.com/mastodon/mastodon/pull/24218))
 - **Fix migration handler not updating lists** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24808))
 - Fix crash when viewing a moderation appeal and the moderator account has been deleted ([xrobau](https://github.com/mastodon/mastodon/pull/25900))
 - Fix error in Web UI when server rules cannot be fetched ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26957))
 - Fix paragraph margins resulting in irregular read-more cut-off in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26828))
 - Fix notification permissions being requested immediately after login ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26472))
 - Fix performances of profile directory ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26840), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26842))
 - Fix mute button and volume slider feeling disconnected in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26827), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26860))
 - Fix “Scoped order is ignored, it's forced to be batch order.” warnings ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26793))
 - Fix blocked domain appearing in account feeds ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26823))
 - Fix invalid `Content-Type` header for WebP images ([c960657](https://github.com/mastodon/mastodon/pull/26773))
 - Fix minor inefficiencies in `tootctl search deploy` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26721))
 - Fix filter form in profiles directory overflowing instead of wrapping ([arbolitoloco1](https://github.com/mastodon/mastodon/pull/26682))
 - Fix sign up steps progress layout in right-to-left locales ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26728))
 - Fix bug with “favorited by” and “reblogged by“ view on posts only showing up to 40 items ([timothyjrogers](https://github.com/mastodon/mastodon/pull/26577), [timothyjrogers](https://github.com/mastodon/mastodon/pull/26574))
 - Fix bad search type heuristic ([Gargron](https://github.com/mastodon/mastodon/pull/26673))
 - Fix not being able to negate prefix clauses in search ([Gargron](https://github.com/mastodon/mastodon/pull/26672))
 - Fix timeout on invalid set of exclusionary parameters in `/api/v1/timelines/public` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/26239))
 - Fix adding column with default value taking longer on Postgres >= 11 ([Gargron](https://github.com/mastodon/mastodon/pull/26375))
 - Fix light theme select option for hashtags ([teeerevor](https://github.com/mastodon/mastodon/pull/26311))
 - Fix AVIF attachments ([c960657](https://github.com/mastodon/mastodon/pull/26264))
 - Fix incorrect URL normalization when fetching remote resources ([c960657](https://github.com/mastodon/mastodon/pull/26219), [c960657](https://github.com/mastodon/mastodon/pull/26285))
 - Fix being unable to filter posts for individual Chinese languages ([gunchleoc](https://github.com/mastodon/mastodon/pull/26066))
 - Fix preview card sometimes linking to 4xx error pages ([c960657](https://github.com/mastodon/mastodon/pull/26200))
 - Fix emoji picker button scrolling with textarea content in single-column view ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25304))
 - Fix missing border on error screen in light theme in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/26152))
 - Fix UI overlap with the loupe icon in the Explore Tab ([gol-cha](https://github.com/mastodon/mastodon/pull/26113))
 - Fix unexpected redirection to `/explore` after sign-in ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26143))
 - Fix `/api/v1/statuses/:id/unfavourite` and `/api/v1/statuses/:id/unreblog` returning non-updated counts ([c960657](https://github.com/mastodon/mastodon/pull/24365))
 - Fix clicking the “Back” button sometimes leading out of Mastodon ([c960657](https://github.com/mastodon/mastodon/pull/23953), [CSFlorin](https://github.com/mastodon/mastodon/pull/24835), [S-H-GAMELINKS](https://github.com/mastodon/mastodon/pull/24867), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25281))
 - Fix processing of `null` ActivityPub activities ([tribela](https://github.com/mastodon/mastodon/pull/26021))
 - Fix hashtag posts not being removed from home feed on hashtag unfollow ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26028))
 - Fix for "follows you" indicator in light web UI not readable ([vmstan](https://github.com/mastodon/mastodon/pull/25993))
 - Fix incorrect line break between icon and number of reposts & favourites ([edent](https://github.com/mastodon/mastodon/pull/26004))
 - Fix sounds not being loaded from assets host ([Signez](https://github.com/mastodon/mastodon/pull/25931))
 - Fix buttons showing inconsistent styles ([teeerevor](https://github.com/mastodon/mastodon/pull/25903), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25965), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26341), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/26482))
 - Fix trend calculation working on too many items at a time ([Gargron](https://github.com/mastodon/mastodon/pull/25835))
 - Fix dropdowns being disabled for logged out users in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25714), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25964))
 - Fix explore page being inaccessible when opted-out of trends in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25716))
 - Fix re-activated accounts possibly getting deleted by `AccountDeletionWorker` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25711))
 - Fix `/api/v2/search` not working with following query param ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25681))
 - Fix inefficient query when requesting a new confirmation email from a logged-in account ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25669))
 - Fix unnecessary concurrent calls to `/api/*/instance` in web UI ([mgmn](https://github.com/mastodon/mastodon/pull/25663))
 - Fix resolving local URL for remote content ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25637))
 - Fix search not being easily findable on smaller screens in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25576), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25631))
 - Fix j/k keyboard shortcuts on some status lists ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25554))
 - Fix missing validation on `default_privacy` setting ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25513))
 - Fix incorrect pagination headers in `/api/v2/admin/accounts` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25477))
 - Fix non-interactive upload container being given a `button` role and tabIndex ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25462))
 - Fix always redirecting to onboarding in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/25396))
 - Fix inconsistent use of middle dot (·) instead of bullet (•) to separate items ([j-f1](https://github.com/mastodon/mastodon/pull/25248))
 - Fix spacing of middle dots in the detailed status meta section ([j-f1](https://github.com/mastodon/mastodon/pull/25247))
 - Fix prev/next buttons color in media viewer ([renchap](https://github.com/mastodon/mastodon/pull/25231))
 - Fix email addresses not being properly updated in `tootctl maintenance fix-duplicates` ([mjankowski](https://github.com/mastodon/mastodon/pull/25118))
 - Fix unicode surrogate pairs sometimes being broken in page title ([eai04191](https://github.com/mastodon/mastodon/pull/25148))
 - Fix various inefficient queries against account domains ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25126))
 - Fix video player offering to expand in a lightbox when it's in an `iframe` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25067))
 - Fix post embed previews ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25071))
 - Fix inadequate error handling in several API controllers when given invalid parameters ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24947), [danielmbrasil](https://github.com/mastodon/mastodon/pull/24958), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25063), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25072), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25386), [danielmbrasil](https://github.com/mastodon/mastodon/pull/25595))
 - Fix uncaught `ActiveRecord::StatementInvalid` in Mastodon::IpBlocksCLI ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24861))
 - Fix various edge cases with local moves ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24812))
 - Fix `tootctl accounts cull` crashing when encountering a domain resolving to a private address ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23378))
 - Fix `tootctl accounts approve --number N` not aproving the N earliest registrations ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24605))
 - Fix being unable to clear media description when editing posts ([c960657](https://github.com/mastodon/mastodon/pull/24720))
 - Fix unavailable translations not falling back to English ([mgmn](https://github.com/mastodon/mastodon/pull/24727))
 - Fix anonymous visitors getting a session cookie on first visit ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24584), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24650), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24664))
 - Fix cutting off first letter of hashtag links sometimes in web UI ([Gargron](https://github.com/mastodon/mastodon/pull/24623))
 - Fix crash in `tootctl accounts create --reattach --force` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24557), [danielmbrasil](https://github.com/mastodon/mastodon/pull/24680))
 - Fix characters being emojified even when using Variation Selector 15 (text) ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/20949), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24615))
 - Fix uncaught ActiveRecord::StatementInvalid exception in `Mastodon::AccountsCLI#approve` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24590))
 - Fix email confirmation skip option in `tootctl accounts modify USERNAME --email EMAIL --confirm` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24578))
 - Fix tooltip for dates without time ([c960657](https://github.com/mastodon/mastodon/pull/24244))
 - Fix missing loading spinner and loading more on scroll in Private Mentions column ([c960657](https://github.com/mastodon/mastodon/pull/24446))
 - Fix account header image missing from `/settings/profile` on narrow screens ([c960657](https://github.com/mastodon/mastodon/pull/24433))
 - Fix height of announcements not being updated when using reduced animations ([c960657](https://github.com/mastodon/mastodon/pull/24354))
 - Fix inconsistent radius in advanced interface drawer ([thislight](https://github.com/mastodon/mastodon/pull/24407))
 - Fix loading more trending posts on scroll in the advanced interface ([OmmyZhang](https://github.com/mastodon/mastodon/pull/24314))
 - Fix poll ending notification for edited polls ([c960657](https://github.com/mastodon/mastodon/pull/24311))
 - Fix max width of media in `/about` and `/privacy-policy` ([mgmn](https://github.com/mastodon/mastodon/pull/24180))
 - Fix streaming API not being usable without `DATABASE_URL` ([Gargron](https://github.com/mastodon/mastodon/pull/23960))
 - Fix external authentication not running onboarding code for new users ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23458))
 ## [4.1.8] - 2023-09-19
 ### Fixed
 - Fix post edits not being forwarded as expected ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26936))
 - Fix moderator rights inconsistencies ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26729))
 - Fix crash when encountering invalid URL ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26814))
 - Fix cached posts including stale stats ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26409))
 - Fix uploading of video files for which `ffprobe` reports `0/0` average framerate ([NicolaiSoeborg](https://github.com/mastodon/mastodon/pull/26500))
 - Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough ([yufushiro](https://github.com/mastodon/mastodon/pull/26608))
 ### Security
 - Fix missing HTML sanitization in translation API (CVE-2023-42452, [GHSA-2693-xr3m-jhqr](https://github.com/mastodon/mastodon/security/advisories/GHSA-2693-xr3m-jhqr))
 - Fix incorrect domain name normalization (CVE-2023-42451, [GHSA-v3xf-c9qf-j667](https://github.com/mastodon/mastodon/security/advisories/GHSA-v3xf-c9qf-j667))
 ## [4.1.7] - 2023-09-05
 ### Changed
 - Change remote report processing to accept reports with long comments, but truncate them ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25028))
 ### Fixed
 - **Fix blocking subdomains of an already-blocked domain** ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26392))
 - Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled ([danielmbrasil](https://github.com/mastodon/mastodon/pull/26237))
 - Fix inefficiencies in `PlainTextFormatter` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26727))
 ## [4.1.6] - 2023-07-31
 ### Fixed
 - Fix memory leak in streaming server ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26228))
 - Fix wrong filters sometimes applying in streaming ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26159), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/26213), [renchap](https://github.com/mastodon/mastodon/pull/26233))
 - Fix incorrect connect timeout in outgoing requests ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26116))
 ## [4.1.5] - 2023-07-21
 ### Added
 - Add check preventing Sidekiq workers from running with Makara configured ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25850))
 ### Changed
 - Change request timeout handling to use a longer deadline ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26055))
 ### Fixed
 - Fix moderation interface for remote instances with a .zip TLD ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25885))
 - Fix remote accounts being possibly persisted to database with incomplete protocol values ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25886))
 - Fix trending publishers table not rendering correctly on narrow screens ([vmstan](https://github.com/mastodon/mastodon/pull/25945))
 ### Security
 - Fix CSP headers being unintentionally wide ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/26105))
 ## [4.1.4] - 2023-07-07
 ### Fixed
 - Fix branding:generate_app_icons failing because of disallowed ICO coder ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25794))
 - Fix crash in admin interface when viewing a remote user with verified links ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25796))
 - Fix processing of media files with unusual names ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25788))
 ## [4.1.3] - 2023-07-06
 ### Added
 - Add fallback redirection when getting a webfinger query `LOCAL_DOMAIN@LOCAL_DOMAIN` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/23600))
 ### Changed
 - Change OpenGraph-based embeds to allow fullscreen ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25058))
 - Change AccessTokensVacuum to also delete expired tokens ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24868))
 - Change profile updates to be sent to recently-mentioned servers ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24852))
 - Change automatic post deletion thresholds and load detection ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24614))
 - Change `/api/v1/statuses/:id/history` to always return at least one item ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25510))
 - Change auto-linking to allow carets in URL query params ([renchap](https://github.com/mastodon/mastodon/pull/25216))
 ### Removed
 - Remove invalid `X-Frame-Options: ALLOWALL` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25070))
 ### Fixed
 - Fix wrong view being displayed when a webhook fails validation ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25464))
 - Fix soft-deleted post cleanup scheduler overwhelming the streaming server ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25519))
 - Fix incorrect pagination headers in `/api/v2/admin/accounts` ([danielmbrasil](https://github.com/mastodon/mastodon/pull/25477))
 - Fix multiple inefficiencies in automatic post cleanup worker ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24607), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24785), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/24840))
 - Fix performance of streaming by parsing message JSON once ([ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25278), [ThisIsMissEm](https://github.com/mastodon/mastodon/pull/25361))
 - Fix CSP headers when `S3_ALIAS_HOST` includes a path component ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25273))
 - Fix `tootctl accounts approve --number N` not approving N earliest registrations ([danielmbrasil](https://github.com/mastodon/mastodon/pull/24605))
 - Fix reports not being closed when performing batch suspensions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24988))
 - Fix being able to vote on your own polls ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25015))
 - Fix race condition when reblogging a status ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25016))
 - Fix “Authorized applications” inefficiently and incorrectly getting last use date ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25060))
 - Fix “Authorized applications” crashing when listing apps with certain admin API scopes ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25713))
 - Fix multiple N+1s in ConversationsController ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25134), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25399), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/25499))
 - Fix user archive takeouts when using OpenStack Swift ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/24431))
 - Fix searching for remote content by URL not working under certain conditions ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25637))
 - Fix inefficiencies in indexing content for search ([VyrCossont](https://github.com/mastodon/mastodon/pull/24285), [VyrCossont](https://github.com/mastodon/mastodon/pull/24342))
 ### Security
 - Add finer permission requirements for managing webhooks ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25463))
 - Update dependencies
 - Add hardening headers for user-uploaded files ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/25756))
 - Fix verified links possibly hiding important parts of the URL (CVE-2023-36462)
 - Fix timeout handling of outbound HTTP requests (CVE-2023-36461)
 - Fix arbitrary file creation through media processing (CVE-2023-36460)
 - Fix possible XSS in preview cards (CVE-2023-36459)
 ## [4.1.2] - 2023-04-04
 ### Fixed
@ -87,7 +751,7 @@ All notable changes to this project will be documented in this file.
 - Add instance activity API endpoint toggle back to the admin interface ([dariusk](https://github.com/mastodon/mastodon/pull/22833))
 - Add setting for status page URL ([Gargron](https://github.com/mastodon/mastodon/pull/23390), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/23499))
  - REST API changes:
-    - Add `configuration.urls.status` attribute to the object returned by `GET /api/v1/instance`
+    - Add `configuration.urls.status` attribute to the object returned by `GET /api/v2/instance`
 - Add `account.approved` webhook ([Saiv46](https://github.com/mastodon/mastodon/pull/22938))
 - Add 12 hours option to polls ([Pleclown](https://github.com/mastodon/mastodon/pull/21131))
 - Add dropdown menu item to open admin interface for remote domains ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/21895))
--- a/23
+++ b/23
@ -1,8 +1,8 @@
 # syntax=docker/dockerfile:1.4
-# This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
+# This needs to be bookworm-slim because the Ruby image is built on bookworm-slim
-ARG NODE_VERSION="16.20-bullseye-slim"
+ARG NODE_VERSION="20.6-bookworm-slim"
-FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.2-slim as ruby
+FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.3-slim as ruby
 FROM node:${NODE_VERSION} as build
 COPY --link --from=ruby /opt/ruby /opt/ruby
@ -17,10 +17,11 @@ COPY Gemfile* package.json yarn.lock /opt/mastodon/
 # hadolint ignore=DL3008
 RUN apt-get update && \
    apt-get -yq dist-upgrade && \
    apt-get install -y --no-install-recommends build-essential \
        git \
        libicu-dev \
-        libidn11-dev \
+        libidn-dev \
        libpq-dev \
        libjemalloc-dev \
        zlib1g-dev \
@ -42,8 +43,8 @@ RUN apt-get update && \
 FROM node:${NODE_VERSION}
 # Use those args to specify your own version flags & suffixes
-ARG MASTODON_VERSION_FLAGS=""
+ARG MASTODON_VERSION_PRERELEASE=""
-ARG MASTODON_VERSION_SUFFIX=""
+ARG MASTODON_VERSION_METADATA=""
 ARG UID="991"
 ARG GID="991"
@ -64,13 +65,13 @@ RUN apt-get update && \
    apt-get -y --no-install-recommends install whois \
        wget \
        procps \
-        libssl1.1 \
+        libssl3 \
        libpq5 \
        imagemagick \
        ffmpeg \
        libjemalloc2 \
-        libicu67 \
+        libicu72 \
-        libidn11 \
+        libidn12 \
        libyaml-0-2 \
        file \
        ca-certificates \
@ -89,8 +90,8 @@ ENV RAILS_ENV="production" \
    NODE_ENV="production" \
    RAILS_SERVE_STATIC_FILES="true" \
    BIND="0.0.0.0" \
-    MASTODON_VERSION_FLAGS="${MASTODON_VERSION_FLAGS}" \
+    MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
-    MASTODON_VERSION_SUFFIX="${MASTODON_VERSION_SUFFIX}"
+    MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}"
 # Set the run user
 USER mastodon
--- a/FEDERATION.md
+++ b/FEDERATION.md
@ -27,4 +27,5 @@ More information on HTTP Signatures, as well as examples, can be found here: htt
 - Linked-Data Signatures: https://docs.joinmastodon.org/spec/security/#ld
 - Bearcaps: https://docs.joinmastodon.org/spec/bearcaps/
- Followers collection synchronization: https://git.activitypub.dev/ActivityPubDev/Fediverse-Enhancement-Proposals/src/branch/main/feps/fep-8fcf.md
+- Followers collection synchronization: https://codeberg.org/fediverse/fep/src/branch/main/fep/8fcf/fep-8fcf.md
 - Search indexing consent for actors: https://codeberg.org/fediverse/fep/src/branch/main/fep/5feb/fep-5feb.md
--- a/43
+++ b/43
@ -3,17 +3,14 @@
 source 'https://rubygems.org'
 ruby '>= 3.0.0'
 gem 'pkg-config', '~> 1.5'
 gem 'puma', '~> 6.3'
-gem 'rails', '~> 6.1.7'
+gem 'rails', '~> 7.0'
 gem 'sprockets', '~> 3.7.2'
 gem 'thor', '~> 1.2'
 gem 'rack', '~> 2.2.7'
 gem 'haml-rails', '~>2.0'
 gem 'pg', '~> 1.5'
 gem 'makara', '~> 0.5'
 gem 'pghero'
 gem 'dotenv-rails', '~> 2.8'
@ -21,6 +18,7 @@ gem 'aws-sdk-s3', '~> 1.123', require: false
 gem 'fog-core', '<= 2.4.0'
 gem 'fog-openstack', '~> 0.3', require: false
 gem 'kt-paperclip', '~> 7.2'
 gem 'md-paperclip-azure', '~> 2.2', require: false
 gem 'blurhash', '~> 0.1'
 gem 'active_model_serializers', '~> 0.10'
@ -37,11 +35,14 @@ group :pam_authentication, optional: true do
 end
 gem 'net-ldap', '~> 0.18'
-gem 'omniauth-cas', '~> 2.0'
+
-gem 'omniauth-saml', '~> 1.10'
+# TODO: Point back at released omniauth-cas gem when PR merged
 # https://github.com/dlindahl/omniauth-cas/pull/68
 gem 'omniauth-cas', github: 'stanhu/omniauth-cas', ref: '4211e6d05941b4a981f9a36b49ec166cecd0e271'
 gem 'omniauth-saml', '~> 2.0'
 gem 'omniauth_openid_connect', '~> 0.6.1'
-gem 'omniauth', '~> 1.9'
+gem 'omniauth', '~> 2.0'
-gem 'omniauth-rails_csrf_protection', '~> 0.1'
+gem 'omniauth-rails_csrf_protection', '~> 1.0'
 gem 'color_diff', '~> 0.1'
 gem 'discard', '~> 1.2'
@ -58,18 +59,18 @@ gem 'httplog', '~> 1.6.2'
 gem 'idn-ruby', require: 'idn'
 gem 'kaminari', '~> 1.2'
 gem 'link_header', '~> 0.0'
-gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar'
+gem 'mime-types', '~> 3.5.0', require: 'mime/types/columnar'
 gem 'nokogiri', '~> 1.15'
 gem 'nsa'
 gem 'oj', '~> 3.14'
 gem 'ox', '~> 2.14'
 gem 'parslet'
 gem 'posix-spawn'
 gem 'public_suffix', '~> 5.0'
 gem 'pundit', '~> 2.3'
 gem 'premailer-rails'
 gem 'rack-attack', '~> 6.6'
 gem 'rack-cors', '~> 2.0', require: 'rack/cors'
-gem 'rails-i18n', '~> 6.0'
+gem 'rails-i18n', '~> 7.0'
 gem 'rails-settings-cached', '~> 0.6', git: 'https://github.com/mastodon/rails-settings-cached.git', branch: 'v0.6.6-aliases-true'
 gem 'redcarpet', '~> 3.6'
 gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
@ -101,9 +102,6 @@ gem 'rdf-normalize', '~> 0.5'
 gem 'private_address_check', '~> 0.5'
 group :test do
  # RSpec runner for rails
  gem 'rspec-rails', '~> 6.0'
  # Used to split testing into chunks in CI
  gem 'rspec_chunked', '~> 0.6'
@ -111,10 +109,14 @@ group :test do
  gem 'fuubar', '~> 2.5'
  # Extra RSpec extenion methods and helpers for sidekiq
-  gem 'rspec-sidekiq', '~> 3.1'
+  gem 'rspec-sidekiq', '~> 4.0'
  # Browser integration testing
  gem 'capybara', '~> 3.39'
  gem 'selenium-webdriver'
  # Used to reset the database between system tests
  gem 'database_cleaner-active_record'
  # Used to mock environment variables
  gem 'climate_control', '~> 0.2'
@ -161,7 +163,7 @@ group :development do
  gem 'letter_opener_web', '~> 2.0'
  # Security analysis CLI tools
-  gem 'brakeman', '~> 5.4', require: false
+  gem 'brakeman', '~> 6.0', require: false
  gem 'bundler-audit', '~> 0.9', require: false
  # Linter CLI for HAML files
@ -175,10 +177,17 @@ group :development do
  # Validate missing i18n keys
  gem 'i18n-tasks', '~> 1.0', require: false
 end
 group :development, :test do
  # Profiling tools
  gem 'memory_profiler', require: false
  gem 'ruby-prof', require: false
  gem 'stackprof', require: false
  gem 'test-prof'
  # RSpec runner for rails
  gem 'rspec-rails', '~> 6.0'
 end
 group :production do
@ -194,3 +203,5 @@ gem 'net-http', '~> 0.3.2'
 gem 'rubyzip', '~> 2.3'
 gem 'hcaptcha', '~> 7.1'
 gem 'mail', '~> 2.8'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -15,43 +15,60 @@ GIT
    rails-settings-cached (0.6.6)
      rails (>= 4.2.0)
 GIT
  remote: https://github.com/stanhu/omniauth-cas.git
  revision: 4211e6d05941b4a981f9a36b49ec166cecd0e271
  ref: 4211e6d05941b4a981f9a36b49ec166cecd0e271
  specs:
    omniauth-cas (2.0.0)
      addressable (~> 2.3)
      nokogiri (~> 1.5)
      omniauth (>= 1.2, < 3)
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (6.1.7.3)
+    actioncable (7.0.8.4)
-      actionpack (= 6.1.7.3)
+      actionpack (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.7.3)
+    actionmailbox (7.0.8.4)
-      actionpack (= 6.1.7.3)
+      actionpack (= 7.0.8.4)
-      activejob (= 6.1.7.3)
+      activejob (= 7.0.8.4)
-      activerecord (= 6.1.7.3)
+      activerecord (= 7.0.8.4)
-      activestorage (= 6.1.7.3)
+      activestorage (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      mail (>= 2.7.1)
-    actionmailer (6.1.7.3)
+      net-imap
-      actionpack (= 6.1.7.3)
+      net-pop
-      actionview (= 6.1.7.3)
+      net-smtp
-      activejob (= 6.1.7.3)
+    actionmailer (7.0.8.4)
-      activesupport (= 6.1.7.3)
+      actionpack (= 7.0.8.4)
      actionview (= 7.0.8.4)
      activejob (= 7.0.8.4)
      activesupport (= 7.0.8.4)
      mail (~> 2.5, >= 2.5.4)
      net-imap
      net-pop
      net-smtp
      rails-dom-testing (~> 2.0)
-    actionpack (6.1.7.3)
+    actionpack (7.0.8.4)
-      actionview (= 6.1.7.3)
+      actionview (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
-      rack (~> 2.0, >= 2.0.9)
+      rack (~> 2.0, >= 2.2.4)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.7.3)
+    actiontext (7.0.8.4)
-      actionpack (= 6.1.7.3)
+      actionpack (= 7.0.8.4)
-      activerecord (= 6.1.7.3)
+      activerecord (= 7.0.8.4)
-      activestorage (= 6.1.7.3)
+      activestorage (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      globalid (>= 0.6.0)
      nokogiri (>= 1.8.5)
-    actionview (6.1.7.3)
+    actionview (7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      builder (~> 3.1)
      erubi (~> 1.4)
      rails-dom-testing (~> 2.0)
@ -61,28 +78,27 @@ GEM
      activemodel (>= 4.1, < 7.1)
      case_transform (>= 0.2)
      jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
-    activejob (6.1.7.3)
+    activejob (7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      globalid (>= 0.3.6)
-    activemodel (6.1.7.3)
+    activemodel (7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
-    activerecord (6.1.7.3)
+    activerecord (7.0.8.4)
-      activemodel (= 6.1.7.3)
+      activemodel (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
-    activestorage (6.1.7.3)
+    activestorage (7.0.8.4)
-      actionpack (= 6.1.7.3)
+      actionpack (= 7.0.8.4)
-      activejob (= 6.1.7.3)
+      activejob (= 7.0.8.4)
-      activerecord (= 6.1.7.3)
+      activerecord (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      marcel (~> 1.0)
      mini_mime (>= 1.1.0)
-    activesupport (6.1.7.3)
+    activesupport (7.0.8.4)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
      tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
+    addressable (2.8.5)
    addressable (2.8.4)
      public_suffix (>= 2.0.2, < 6.0)
    aes_key_wrap (1.1.0)
    airbrussh (1.4.1)
@ -97,26 +113,36 @@ GEM
    attr_required (1.0.1)
    awrence (1.2.1)
    aws-eventstream (1.2.0)
-    aws-partitions (1.772.0)
+    aws-partitions (1.809.0)
-    aws-sdk-core (3.174.0)
+    aws-sdk-core (3.181.0)
      aws-eventstream (~> 1, >= 1.0.2)
      aws-partitions (~> 1, >= 1.651.0)
      aws-sigv4 (~> 1.5)
      jmespath (~> 1, >= 1.6.1)
-    aws-sdk-kms (1.65.0)
+    aws-sdk-kms (1.71.0)
-      aws-sdk-core (~> 3, >= 3.174.0)
+      aws-sdk-core (~> 3, >= 3.177.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.123.0)
+    aws-sdk-s3 (1.133.0)
-      aws-sdk-core (~> 3, >= 3.174.0)
+      aws-sdk-core (~> 3, >= 3.181.0)
      aws-sdk-kms (~> 1)
-      aws-sigv4 (~> 1.4)
+      aws-sigv4 (~> 1.6)
-    aws-sigv4 (1.5.2)
+    aws-sigv4 (1.6.0)
      aws-eventstream (~> 1, >= 1.0.2)
    azure-storage-blob (2.0.3)
      azure-storage-common (~> 2.0)
      nokogiri (~> 1, >= 1.10.8)
    azure-storage-common (2.0.4)
      faraday (~> 1.0)
      faraday_middleware (~> 1.0, >= 1.0.0.rc1)
      net-http-persistent (~> 4.0)
      nokogiri (~> 1, >= 1.10.8)
    base64 (0.1.1)
    bcp47_spec (0.2.1)
    bcrypt (3.1.18)
-    better_errors (2.9.1)
+    better_errors (2.10.1)
      coderay (>= 1.0.0)
      erubi (>= 1.0.0)
      rack (>= 0.9.0)
      rouge (>= 1.0.0)
    better_html (2.0.1)
      actionview (>= 6.0)
      activesupport (>= 6.0)
@ -130,7 +156,7 @@ GEM
    blurhash (0.1.7)
    bootsnap (1.16.0)
      msgpack (~> 1.2)
-    brakeman (5.4.1)
+    brakeman (6.0.1)
    browser (5.3.1)
    brpoplpush-redis_script (0.1.3)
      concurrent-ruby (~> 1.0, >= 1.0.5)
@ -146,7 +172,7 @@ GEM
      sshkit (>= 1.9.0)
    capistrano-bundler (2.1.0)
      capistrano (~> 3.1)
-    capistrano-rails (1.6.2)
+    capistrano-rails (1.6.3)
      capistrano (~> 3.1)
      capistrano-bundler (>= 1.1, < 3)
    capistrano-rbenv (2.2.0)
@ -154,7 +180,7 @@ GEM
      sshkit (~> 1.3)
    capistrano-yarn (2.0.2)
      capistrano (~> 3.0)
-    capybara (3.39.1)
+    capybara (3.39.2)
      addressable
      matrix
      mini_mime (>= 0.1.3)
@ -165,18 +191,17 @@ GEM
      xpath (~> 3.2)
    case_transform (0.2)
      activesupport
-    cbor (0.5.9.6)
+    cbor (0.5.9.8)
-    charlock_holmes (0.7.7)
+    charlock_holmes (0.7.8)
-    chewy (7.3.2)
+    chewy (7.3.4)
      activesupport (>= 5.2)
      elasticsearch (>= 7.12.0, < 7.14.0)
      elasticsearch-dsl
    chunky_png (1.4.0)
    climate_control (0.2.0)
    cocoon (1.2.15)
    coderay (1.1.3)
    color_diff (0.1)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.2.3)
    connection_pool (2.4.1)
    cose (1.3.0)
      cbor (~> 0.5.9)
@ -186,7 +211,11 @@ GEM
    crass (1.0.6)
    css_parser (1.14.0)
      addressable
-    date (3.3.3)
+    database_cleaner-active_record (2.1.0)
      activerecord (>= 5.a)
      database_cleaner-core (~> 2.0.0)
    database_cleaner-core (2.0.1)
    date (3.3.4)
    debug_inspector (1.1.0)
    devise (4.9.2)
      bcrypt (~> 3.0)
@ -229,9 +258,9 @@ GEM
    erubi (1.12.0)
    et-orbi (1.2.7)
      tzinfo
-    excon (0.99.0)
+    excon (0.100.0)
    fabrication (2.30.0)
-    faker (3.2.0)
+    faker (3.2.1)
      i18n (>= 1.8.11, < 2)
    faraday (1.10.3)
      faraday-em_http (~> 1.0)
@ -256,8 +285,10 @@ GEM
    faraday-patron (1.0.0)
    faraday-rack (1.0.0)
    faraday-retry (1.0.3)
    faraday_middleware (1.2.0)
      faraday (~> 1.0)
    fast_blank (1.0.1)
-    fastimage (2.2.7)
+    fastimage (2.3.1)
    ffi (1.15.5)
    ffi-compiler (1.0.1)
      ffi (>= 1.0.0)
@ -283,7 +314,7 @@ GEM
      ruby-progressbar (~> 1.4)
    globalid (1.1.0)
      activesupport (>= 5.0)
-    haml (6.1.1)
+    haml (6.1.2)
      temple (>= 0.8.2)
      thor
      tilt
@ -292,11 +323,11 @@ GEM
      activesupport (>= 5.1)
      haml (>= 4.0.6)
      railties (>= 5.1)
-    haml_lint (0.45.0)
+    haml_lint (0.50.0)
      haml (>= 4.0, < 6.2)
      parallel (~> 1.10)
      rainbow
-      rubocop (>= 0.50.0)
+      rubocop (>= 1.0)
      sysexits (~> 1.1)
    hashdiff (1.0.1)
    hashie (5.0.0)
@ -319,7 +350,7 @@ GEM
    httplog (1.6.2)
      rack (>= 2.0)
      rainbow (>= 2.0.0)
-    i18n (1.13.0)
+    i18n (1.14.5)
      concurrent-ruby (~> 1.0)
    i18n-tasks (1.0.12)
      activesupport (>= 4.0.2)
@ -336,26 +367,26 @@ GEM
    ipaddress (0.8.3)
    jmespath (1.6.2)
    json (2.6.3)
-    json-canonicalization (0.3.2)
+    json-canonicalization (1.0.0)
-    json-jwt (1.15.3)
+    json-jwt (1.15.3.1)
      activesupport (>= 4.2)
      aes_key_wrap
      bindata
      httpclient
-    json-ld (3.2.5)
+    json-ld (3.3.1)
      htmlentities (~> 4.3)
-      json-canonicalization (~> 0.3, >= 0.3.2)
+      json-canonicalization (~> 1.0)
      link_header (~> 0.0, >= 0.0.8)
      multi_json (~> 1.15)
      rack (>= 2.2, < 4)
-      rdf (~> 3.2, >= 3.2.10)
+      rdf (~> 3.3)
    json-ld-preloaded (3.2.2)
      json-ld (~> 3.2)
      rdf (~> 3.2)
    json-schema (4.0.0)
      addressable (>= 2.8)
    jsonapi-renderer (0.2.2)
-    jwt (2.7.0)
+    jwt (2.7.1)
    kaminari (1.2.2)
      activesupport (>= 4.1.0)
      kaminari-actionview (= 1.2.2)
@ -368,12 +399,13 @@ GEM
      activerecord
      kaminari-core (= 1.2.2)
    kaminari-core (1.2.2)
-    kt-paperclip (7.2.0)
+    kt-paperclip (7.2.1)
      activemodel (>= 4.2.0)
      activesupport (>= 4.2.0)
      marcel (~> 1.0.1)
      mime-types
      terrapin (~> 0.6.0)
    language_server-protocol (3.17.0.3)
    launchy (2.5.2)
      addressable (~> 2.8)
    letter_opener (1.8.1)
@ -387,12 +419,12 @@ GEM
    llhttp-ffi (0.4.0)
      ffi-compiler (~> 1.0)
      rake (~> 13.0)
-    lograge (0.12.0)
+    lograge (0.13.0)
      actionpack (>= 4)
      activesupport (>= 4)
      railties (>= 4)
      request_store (~> 1.0)
-    loofah (2.21.3)
+    loofah (2.21.4)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
    mail (2.8.1)
@ -400,56 +432,62 @@ GEM
      net-imap
      net-pop
      net-smtp
-    makara (0.5.1)
+    marcel (1.0.4)
      activerecord (>= 5.2.0)
    marcel (1.0.2)
    mario-redis-lock (1.2.1)
      redis (>= 3.0.5)
    matrix (0.4.2)
    md-paperclip-azure (2.2.0)
      addressable (~> 2.5)
      azure-storage-blob (~> 2.0.1)
      hashie (~> 5.0)
    memory_profiler (1.0.1)
    method_source (1.0.0)
-    mime-types (3.4.1)
+    mime-types (3.5.1)
      mime-types-data (~> 3.2015)
-    mime-types-data (3.2023.0218.1)
+    mime-types-data (3.2023.0808)
-    mini_mime (1.1.2)
+    mini_mime (1.1.5)
-    mini_portile2 (2.8.2)
+    mini_portile2 (2.8.7)
-    minitest (5.18.0)
+    minitest (5.19.0)
-    msgpack (1.7.0)
+    msgpack (1.7.1)
    multi_json (1.15.0)
    multipart-post (2.3.0)
    net-http (0.3.2)
      uri
-    net-imap (0.3.4)
+    net-http-persistent (4.0.2)
      connection_pool (~> 2.2)
    net-imap (0.3.7)
      date
      net-protocol
    net-ldap (0.18.0)
    net-pop (0.1.2)
      net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
      timeout
    net-scp (4.0.0)
      net-ssh (>= 2.6.5, < 8.0.0)
-    net-smtp (0.3.3)
+    net-smtp (0.3.4)
      net-protocol
    net-ssh (7.1.0)
-    nio4r (2.5.9)
+    nio4r (2.7.3)
-    nokogiri (1.15.2)
+    nokogiri (1.16.6)
      mini_portile2 (~> 2.8.2)
      racc (~> 1.4)
-    oj (3.14.3)
+    nsa (0.3.0)
-    omniauth (1.9.2)
+      activesupport (>= 4.2, < 7.2)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      sidekiq (>= 3.5)
      statsd-ruby (~> 1.4, >= 1.4.0)
    oj (3.16.1)
    omniauth (2.1.1)
      hashie (>= 3.4.6)
-      rack (>= 1.6.2, < 3)
+      rack (>= 2.2.3)
-    omniauth-cas (2.0.0)
+      rack-protection
-      addressable (~> 2.3)
+    omniauth-rails_csrf_protection (1.0.1)
      nokogiri (~> 1.5)
      omniauth (~> 1.2)
    omniauth-rails_csrf_protection (0.1.2)
      actionpack (>= 4.2)
-      omniauth (>= 1.3.1)
+      omniauth (~> 2.0)
-    omniauth-saml (1.10.3)
+    omniauth-saml (2.1.0)
-      omniauth (~> 1.3, >= 1.3.2)
+      omniauth (~> 2.0)
-      ruby-saml (~> 1.9)
+      ruby-saml (~> 1.12)
    omniauth_openid_connect (0.6.1)
      omniauth (>= 1.9, < 3)
      openid_connect (~> 1.1)
@ -468,18 +506,17 @@ GEM
    openssl-signature_algorithm (1.3.0)
      openssl (> 2.0)
    orm_adapter (0.5.0)
-    ox (2.14.16)
+    ox (2.14.17)
    parallel (1.23.0)
-    parser (3.2.2.1)
+    parser (3.2.2.3)
      ast (~> 2.4.1)
      racc
    parslet (2.0.0)
    pastel (0.8.0)
      tty-color (~> 0.5)
-    pg (1.5.3)
+    pg (1.5.5)
-    pghero (3.3.3)
+    pghero (3.3.4)
      activerecord (>= 6)
    pkg-config (1.5.1)
    posix-spawn (0.3.15)
    premailer (1.21.0)
      addressable
      css_parser (>= 1.12.0)
@ -489,17 +526,17 @@ GEM
      net-smtp
      premailer (~> 1.7, >= 1.7.9)
    private_address_check (0.5.0)
-    public_suffix (5.0.1)
+    public_suffix (5.0.3)
-    puma (6.3.0)
+    puma (6.4.2)
      nio4r (~> 2.0)
    pundit (2.3.0)
      activesupport (>= 3.0.0)
    raabro (1.4.0)
-    racc (1.6.2)
+    racc (1.7.3)
-    rack (2.2.7)
+    rack (2.2.9)
-    rack-attack (6.6.1)
+    rack-attack (6.7.0)
-      rack (>= 1.0, < 3)
+      rack (>= 1.0, < 4)
-    rack-cors (2.0.1)
+    rack-cors (2.0.2)
      rack (>= 2.0.0)
    rack-oauth2 (1.21.3)
      activesupport
@ -507,64 +544,70 @@ GEM
      httpclient
      json-jwt (>= 1.11.0)
      rack (>= 2.1.0)
    rack-protection (3.0.5)
      rack
    rack-proxy (0.7.6)
      rack
    rack-test (2.1.0)
      rack (>= 1.3)
-    rails (6.1.7.3)
+    rails (7.0.8.4)
-      actioncable (= 6.1.7.3)
+      actioncable (= 7.0.8.4)
-      actionmailbox (= 6.1.7.3)
+      actionmailbox (= 7.0.8.4)
-      actionmailer (= 6.1.7.3)
+      actionmailer (= 7.0.8.4)
-      actionpack (= 6.1.7.3)
+      actionpack (= 7.0.8.4)
-      actiontext (= 6.1.7.3)
+      actiontext (= 7.0.8.4)
-      actionview (= 6.1.7.3)
+      actionview (= 7.0.8.4)
-      activejob (= 6.1.7.3)
+      activejob (= 7.0.8.4)
-      activemodel (= 6.1.7.3)
+      activemodel (= 7.0.8.4)
-      activerecord (= 6.1.7.3)
+      activerecord (= 7.0.8.4)
-      activestorage (= 6.1.7.3)
+      activestorage (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      bundler (>= 1.15.0)
-      railties (= 6.1.7.3)
+      railties (= 7.0.8.4)
      sprockets-rails (>= 2.0.0)
    rails-controller-testing (1.0.5)
      actionpack (>= 5.0.1.rc1)
      actionview (>= 5.0.1.rc1)
      activesupport (>= 5.0.1.rc1)
-    rails-dom-testing (2.0.3)
+    rails-dom-testing (2.1.1)
-      activesupport (>= 4.2.0)
+      activesupport (>= 5.0.0)
      minitest
      nokogiri (>= 1.6)
    rails-html-sanitizer (1.6.0)
      loofah (~> 2.21)
      nokogiri (~> 1.14)
-    rails-i18n (6.0.0)
+    rails-i18n (7.0.7)
      i18n (>= 0.7, < 2)
-      railties (>= 6.0.0, < 7)
+      railties (>= 6.0.0, < 8)
-    railties (6.1.7.3)
+    railties (7.0.8.4)
-      actionpack (= 6.1.7.3)
+      actionpack (= 7.0.8.4)
-      activesupport (= 6.1.7.3)
+      activesupport (= 7.0.8.4)
      method_source
      rake (>= 12.2)
      thor (~> 1.0)
      zeitwerk (~> 2.5)
    rainbow (3.1.1)
    rake (13.0.6)
-    rdf (3.2.10)
+    rdf (3.3.1)
      bcp47_spec (~> 0.2)
      link_header (~> 0.0, >= 0.0.8)
-    rdf-normalize (0.5.1)
+    rdf-normalize (0.6.1)
      rdf (~> 3.2)
    redcarpet (3.6.0)
    redis (4.8.1)
-    redis-namespace (1.10.0)
+    redis-namespace (1.11.0)
      redis (>= 4)
    redlock (1.3.2)
      redis (>= 3.0.0, < 6.0)
-    regexp_parser (2.8.0)
+    regexp_parser (2.8.1)
    request_store (1.5.1)
      rack (>= 1.4)
    responders (3.1.0)
      actionpack (>= 5.2)
      railties (>= 5.2)
-    rexml (3.2.5)
+    rexml (3.3.5)
-    rotp (6.2.2)
+      strscan
    rotp (6.3.0)
    rouge (4.1.2)
    rpam2 (4.0.2)
    rqrcode (2.2.0)
      chunky_png (~> 1.0)
@ -586,53 +629,65 @@ GEM
      rspec-expectations (~> 3.12)
      rspec-mocks (~> 3.12)
      rspec-support (~> 3.12)
-    rspec-sidekiq (3.1.0)
+    rspec-sidekiq (4.0.1)
-      rspec-core (~> 3.0, >= 3.0.0)
+      rspec-core (~> 3.0)
-      sidekiq (>= 2.4.0)
+      rspec-expectations (~> 3.0)
-    rspec-support (3.12.0)
+      rspec-mocks (~> 3.0)
      sidekiq (>= 5, < 8)
    rspec-support (3.12.1)
    rspec_chunked (0.6)
-    rubocop (1.51.0)
+    rubocop (1.56.3)
      base64 (~> 0.1.1)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
      parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.2.2.3)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 1.8, < 3.0)
      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      rubocop-ast (>= 1.28.1, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.1)
+    rubocop-ast (1.29.0)
      parser (>= 3.2.1.0)
    rubocop-capybara (2.18.0)
      rubocop (~> 1.41)
-    rubocop-performance (1.18.0)
+    rubocop-factory_bot (2.23.1)
      rubocop (~> 1.33)
    rubocop-performance (1.19.0)
      rubocop (>= 1.7.0, < 2.0)
      rubocop-ast (>= 0.4.0)
-    rubocop-rails (2.19.1)
+    rubocop-rails (2.20.2)
      activesupport (>= 4.2.0)
      rack (>= 1.1)
      rubocop (>= 1.33.0, < 2.0)
-    rubocop-rspec (2.19.0)
+    rubocop-rspec (2.23.2)
      rubocop (~> 1.33)
      rubocop-capybara (~> 2.17)
      rubocop-factory_bot (~> 2.22)
    ruby-prof (1.6.3)
    ruby-progressbar (1.13.0)
-    ruby-saml (1.13.0)
+    ruby-saml (1.15.0)
-      nokogiri (>= 1.10.5)
+      nokogiri (>= 1.13.10)
      rexml
    ruby2_keywords (0.0.5)
    rubyzip (2.3.2)
-    rufus-scheduler (3.8.2)
+    rufus-scheduler (3.9.1)
      fugit (~> 1.1, >= 1.1.6)
    safety_net_attestation (0.4.0)
      jwt (~> 2.0)
-    sanitize (6.0.1)
+    sanitize (6.0.2)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
    scenic (1.7.0)
      activerecord (>= 4.0.0)
      railties (>= 4.0.0)
    selenium-webdriver (4.11.0)
      rexml (~> 3.2, >= 3.2.5)
      rubyzip (>= 1.2.2, < 3.0)
      websocket (~> 1.0)
    semantic_range (3.0.0)
-    sidekiq (6.5.9)
+    sidekiq (6.5.12)
      connection_pool (>= 2.2.5, < 3)
      rack (~> 2.0)
      redis (>= 4.5.0, < 5)
@ -642,7 +697,7 @@ GEM
      rufus-scheduler (~> 3.2)
      sidekiq (>= 6, < 8)
      tilt (>= 1.4.0)
-    sidekiq-unique-jobs (7.1.29)
+    sidekiq-unique-jobs (7.1.33)
      brpoplpush-redis_script (> 0.1.1, <= 2.0.0)
      concurrent-ruby (~> 1.0, >= 1.0.5)
      redis (< 5.0)
@ -667,27 +722,30 @@ GEM
      actionpack (>= 5.2)
      activesupport (>= 5.2)
      sprockets (>= 3.0.0)
-    sshkit (1.21.4)
+    sshkit (1.21.5)
      net-scp (>= 1.1.2)
      net-ssh (>= 2.8.0)
    stackprof (0.2.25)
-    stoplight (3.0.1)
+    statsd-ruby (1.5.0)
    stoplight (3.0.2)
      redlock (~> 1.0)
    strong_migrations (0.8.0)
      activerecord (>= 5.2)
    strscan (3.1.0)
    swd (1.3.0)
      activesupport (>= 3)
      attr_required (>= 0.0.5)
      httpclient (>= 2.4)
    sysexits (1.2.0)
-    temple (0.10.0)
+    temple (0.10.2)
    terminal-table (3.0.2)
      unicode-display_width (>= 1.1.1, < 3)
    terrapin (0.6.0)
      climate_control (>= 0.0.3, < 1.0)
-    thor (1.2.2)
+    test-prof (1.2.3)
-    tilt (2.1.0)
+    thor (1.3.1)
-    timeout (0.3.2)
+    tilt (2.2.0)
    timeout (0.4.1)
    tpm-key_attestation (0.12.0)
      bindata (~> 2.4)
      openssl (> 2.0)
@ -713,7 +771,7 @@ GEM
      unf_ext
    unf_ext (0.0.8.2)
    unicode-display_width (2.4.2)
-    uri (0.12.1)
+    uri (0.12.2)
    validate_email (0.1.6)
      activemodel (>= 3.0)
      mail (>= 2.2.5)
@ -734,7 +792,7 @@ GEM
    webfinger (1.2.0)
      activesupport
      httpclient (>= 2.4)
-    webmock (3.18.1)
+    webmock (3.19.1)
      addressable (>= 2.8.0)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
@ -743,14 +801,15 @@ GEM
      rack-proxy (>= 0.6.1)
      railties (>= 5.2)
      semantic_range (>= 2.3.0)
-    websocket-driver (0.7.5)
+    websocket (1.2.9)
    websocket-driver (0.7.6)
      websocket-extensions (>= 0.1.0)
    websocket-extensions (0.1.5)
    wisper (2.0.1)
    xorcist (1.1.3)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    zeitwerk (2.6.8)
+    zeitwerk (2.6.16)
 PLATFORMS
  ruby
@ -764,7 +823,7 @@ DEPENDENCIES
  binding_of_caller (~> 1.0)
  blurhash (~> 0.1)
  bootsnap (~> 1.16.0)
-  brakeman (~> 5.4)
+  brakeman (~> 6.0)
  browser
  bundler-audit (~> 0.9)
  capistrano (~> 3.17)
@ -779,6 +838,7 @@ DEPENDENCIES
  color_diff (~> 0.1)
  concurrent-ruby
  connection_pool
  database_cleaner-active_record
  devise (~> 4.9)
  devise-two-factor (~> 4.1)
  devise_pam_authenticatable2 (~> 9.2)
@ -812,25 +872,25 @@ DEPENDENCIES
  letter_opener_web (~> 2.0)
  link_header (~> 0.0)
  lograge (~> 0.12)
-  makara (~> 0.5)
+  mail (~> 2.8)
  mario-redis-lock (~> 1.2)
  md-paperclip-azure (~> 2.2)
  memory_profiler
-  mime-types (~> 3.4.1)
+  mime-types (~> 3.5.0)
  net-http (~> 0.3.2)
  net-ldap (~> 0.18)
  nokogiri (~> 1.15)
  nsa
  oj (~> 3.14)
-  omniauth (~> 1.9)
+  omniauth (~> 2.0)
-  omniauth-cas (~> 2.0)
+  omniauth-cas!
-  omniauth-rails_csrf_protection (~> 0.1)
+  omniauth-rails_csrf_protection (~> 1.0)
-  omniauth-saml (~> 1.10)
+  omniauth-saml (~> 2.0)
  omniauth_openid_connect (~> 0.6.1)
  ox (~> 2.14)
  parslet
  pg (~> 1.5)
  pghero
  pkg-config (~> 1.5)
  posix-spawn
  premailer-rails
  private_address_check (~> 0.5)
  public_suffix (~> 5.0)
@ -840,9 +900,9 @@ DEPENDENCIES
  rack-attack (~> 6.6)
  rack-cors (~> 2.0)
  rack-test (~> 2.1)
-  rails (~> 6.1.7)
+  rails (~> 7.0)
  rails-controller-testing (~> 1.0)
-  rails-i18n (~> 6.0)
+  rails-i18n (~> 7.0)
  rails-settings-cached (~> 0.6)!
  rdf-normalize (~> 0.5)
  redcarpet (~> 3.6)
@ -850,17 +910,19 @@ DEPENDENCIES
  redis-namespace (~> 1.10)
  rqrcode (~> 2.2)
  rspec-rails (~> 6.0)
-  rspec-sidekiq (~> 3.1)
+  rspec-sidekiq (~> 4.0)
  rspec_chunked (~> 0.6)
  rubocop
  rubocop-capybara
  rubocop-performance
  rubocop-rails
  rubocop-rspec
  ruby-prof
  ruby-progressbar (~> 1.13)
  rubyzip (~> 2.3)
  sanitize (~> 6.0)
  scenic (~> 1.7)
  selenium-webdriver
  sidekiq (~> 6.5)
  sidekiq-bulk (~> 0.2.0)
  sidekiq-scheduler (~> 5.0)
@ -873,6 +935,7 @@ DEPENDENCIES
  stackprof
  stoplight (~> 3.0.1)
  strong_migrations (~> 0.8)
  test-prof
  thor (~> 1.2)
  tty-prompt (~> 0.23)
  twitter-text (~> 3.1.0)
@ -882,3 +945,9 @@ DEPENDENCIES
  webpacker (~> 5.4)
  webpush!
  xorcist (~> 1.1)
 RUBY VERSION
   ruby 3.2.2p53
 BUNDLED WITH
   2.4.13
--- a/Procfile.dev
+++ b/Procfile.dev
@ -1,4 +1,4 @@
 web: env PORT=3000 RAILS_ENV=development bundle exec puma -C config/puma.rb
 sidekiq: env PORT=3000 RAILS_ENV=development bundle exec sidekiq
 stream: env PORT=4000 yarn run start
-webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0
+webpack: bin/webpack-dev-server
--- a/README.md
+++ b/README.md
@ -1,111 +1,23 @@
-<h1><picture>
+# Mastodon - Paravielfalt Edition
  <source media="(prefers-color-scheme: dark)" srcset="./lib/assets/wordmark.dark.png?raw=true">
  <source media="(prefers-color-scheme: light)" srcset="./lib/assets/wordmark.light.png?raw=true">
  <img alt="Mastodon" src="./lib/assets/wordmark.light.png?raw=true" height="34">
 </picture></h1>
-[![GitHub release](https://img.shields.io/github/release/mastodon/mastodon.svg)][releases]
+Dieses Repository enthält den Quellcode für [paravielfalt.zone](https://paravielfalt.zone).
 [![Ruby Testing](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml/badge.svg)](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml)
 [![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)][crowdin]
-[releases]: https://github.com/mastodon/mastodon/releases
+Die Instanz basiert auf Mastodon und ist vom offiziellen Quellcode-Repository geforkt: <https://github.com/mastodon/mastodon>.
 [crowdin]: https://crowdin.com/project/mastodon
-Mastodon is a **free, open-source social network server** based on ActivityPub where users can follow friends and discover new ones. On Mastodon, users can publish anything they want: links, pictures, text, video. All Mastodon servers are interoperable as a federated network (users on one server can seamlessly communicate with users from another one, including non-Mastodon software that implements ActivityPub!)
+## Änderungsübersicht
-Click below to **learn more** in a video:
+Gegenüber der Mastodon-Standardinstallation gibt es folgende Änderungen.
-[![Screenshot](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/ezgif-2-60f1b00403.gif)][youtube_demo]
+- Zeichenlimit von 500 auf 1500 Zeichen erhöht
-[youtube_demo]: https://www.youtube.com/watch?v=IPSbNdBmWKE
+[Vollständige Liste aller Änderungen](https://git.wir-sind-auch-menschen.de/paravielfalt/mastodon/compare/stable-4.1...paravielfalt-4.1).
-## Navigation
+## Neue Version bauen
- [Project homepage 🐘](https://joinmastodon.org)
+```sh
- [Support the development via Patreon][patreon]
+git tag v4.2.0-pvz$(date '+%y%m%d%H%M')
- [View sponsors](https://joinmastodon.org/sponsors)
+```
 - [Blog](https://blog.joinmastodon.org)
 - [Documentation](https://docs.joinmastodon.org)
 - [Roadmap](https://joinmastodon.org/roadmap)
 - [Official Docker image](https://github.com/mastodon/mastodon/pkgs/container/mastodon)
 - [Browse Mastodon servers](https://joinmastodon.org/communities)
 - [Browse Mastodon apps](https://joinmastodon.org/apps)
-[patreon]: https://www.patreon.com/mastodon
+```sh
-
+git push --tag
-## Features
+```
 <img src="/app/javascript/images/elephant_ui_working.svg?raw=true" align="right" width="30%" />
 ### No vendor lock-in: Fully interoperable with any conforming platform
 It doesn't have to be Mastodon; whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
 ### Real-time, chronological timeline updates
 Updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
 ### Media attachments like images and short videos
 Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos loop continuously!
 ### Safety and moderation tools
 Mastodon includes private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
 ### OAuth2 and a straightforward REST API
 Mastodon acts as an OAuth2 provider, so 3rd party apps can use the REST and Streaming APIs. This results in a rich app ecosystem with a lot of choices!
 ## Deployment
 ### Tech stack:
 - **Ruby on Rails** powers the REST API and other web pages
 - **React.js** and Redux are used for the dynamic parts of the interface
 - **Node.js** powers the streaming API
 ### Requirements:
 - **PostgreSQL** 9.5+
 - **Redis** 4+
 - **Ruby** 2.7+
 - **Node.js** 14+
 The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. For Helm charts, reference the [mastodon/chart repository](https://github.com/mastodon/chart). The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
 A **Vagrant** configuration is included for development purposes. To use it, complete following steps:
 - Install Vagrant and Virtualbox
 - Install the `vagrant-hostsupdater` plugin: `vagrant plugin install vagrant-hostsupdater`
 - Run `vagrant up`
 - Run `vagrant ssh -c "cd /vagrant && foreman start"`
 - Open `http://mastodon.local` in your browser
 ### Getting Started with GitHub Codespaces
 To get started, create a codespace for this repository by clicking this 👇
 [![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://github.com/codespaces/new?hide_repo_select=true&ref=main&repo=52281283)
 A codespace will open in a web-based version of Visual Studio Code. The [dev container](.devcontainer/devcontainer.json) is fully configured with software needed for this project.
 **Note**: Dev containers is an open spec which is supported by [GitHub Codespaces](https://github.com/codespaces) and [other tools](https://containers.dev/supporting).
 ## Contributing
 Mastodon is **free, open-source software** licensed under **AGPLv3**.
 You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository or submit translations using Crowdin. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
 **IRC channel**: #mastodon on irc.libera.chat
 ## License
 Copyright (C) 2016-2022 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
--- a/4
+++ b/4
@ -1,6 +1,8 @@
 # frozen_string_literal: true
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-require File.expand_path('../config/application', __FILE__)
+require File.expand_path('config/application', __dir__)
 Rails.application.load_tasks
--- a/SECURITY.md
+++ b/SECURITY.md
@ -1,8 +1,11 @@
 # Security Policy
-If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can reach us at <security@joinmastodon.org>.
+If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can either:
-You should _not_ report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
+- open a [Github security issue on the Mastodon project](https://github.com/mastodon/mastodon/security/advisories/new)
 - reach us at <security@joinmastodon.org>
 You should _not_ report such issues on public GitHub issues or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
 ## Scope
@ -12,7 +15,6 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through
 | Version | Supported |
 | ------- | --------- |
 | 4.2.x   | Yes       |
 | 4.1.x   | Yes       |
-| 4.0.x   | Yes       |
+| < 4.1   | No        |
 | 3.5.x   | Yes       |
 | < 3.5   | No        |
--- a/44
+++ b/44
@ -60,6 +60,38 @@ sudo usermod -a -G rvm $USER
 SCRIPT
 $provisionElasticsearch = <<SCRIPT
 # Install Elastic Search
 sudo apt install openjdk-17-jre-headless -y
 sudo wget -O /usr/share/keyrings/elasticsearch.asc https://artifacts.elastic.co/GPG-KEY-elasticsearch
 sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
 sudo apt update
 sudo apt install elasticsearch -y
 sudo systemctl daemon-reload
 sudo systemctl enable --now elasticsearch
 echo 'path.data: /var/lib/elasticsearch
 path.logs: /var/log/elasticsearch
 network.host: 0.0.0.0
 http.port: 9200
 discovery.seed_hosts: ["localhost"]
 cluster.initial_master_nodes: ["node-1"]
 xpack.security.enabled: false' > /etc/elasticsearch/elasticsearch.yml
 sudo systemctl restart elasticsearch
 # Install Kibana
 sudo apt install kibana -y
 sudo systemctl enable --now kibana
 echo 'server.host: "0.0.0.0"
 elasticsearch.hosts: ["http://localhost:9200"]' > /etc/kibana/kibana.yml
 sudo systemctl restart kibana
 SCRIPT
 $provisionB = <<SCRIPT
 source "/etc/profile.d/rvm.sh"
@ -102,10 +134,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.provider :virtualbox do |vb|
    vb.name = "mastodon"
-    vb.customize ["modifyvm", :id, "--memory", "2048"]
+    vb.customize ["modifyvm", :id, "--memory", "8192"]
-    # Increase the number of CPUs. Uncomment and adjust to
+    vb.customize ["modifyvm", :id, "--cpus", "3"]
    # increase performance
    # vb.customize ["modifyvm", :id, "--cpus", "3"]
    # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
    # https://github.com/mitchellh/vagrant/issues/1172
@ -141,9 +171,15 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.network :forwarded_port, guest: 3000, host: 3000
  config.vm.network :forwarded_port, guest: 4000, host: 4000
  config.vm.network :forwarded_port, guest: 8080, host: 8080
  config.vm.network :forwarded_port, guest: 9200, host: 9200
  config.vm.network :forwarded_port, guest: 9300, host: 9300
  config.vm.network :forwarded_port, guest: 9243, host: 9243
  config.vm.network :forwarded_port, guest: 5601, host: 5601
  # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
  config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
  # Run with elevated privileges for Elasticsearch installation
  config.vm.provision :shell, inline: $provisionElasticsearch, privileged: true
  config.vm.provision :shell, inline: $provisionB, privileged: false
  config.vm.post_up_message = <<MESSAGE
--- a/app/chewy/accounts_index.rb
+++ b/app/chewy/accounts_index.rb
@ -1,10 +1,42 @@
 # frozen_string_literal: true
 class AccountsIndex < Chewy::Index
-  settings index: { refresh_interval: '30s' }, analysis: {
+  include DatetimeClampingConcern
  settings index: index_preset(refresh_interval: '30s'), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
-      content: {
+      natural: {
-        tokenizer: 'whitespace',
+        tokenizer: 'standard',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      verbatim: {
        tokenizer: 'standard',
        filter: %w(lowercase asciifolding cjk_width),
      },
@ -26,18 +58,13 @@ class AccountsIndex < Chewy::Index
  index_scope ::Account.searchable.includes(:account_stat)
  root date_detection: false do
-    field :id, type: 'long'
+    field(:id, type: 'long')
-
+    field(:following_count, type: 'long')
-    field :display_name, type: 'text', analyzer: 'content' do
+    field(:followers_count, type: 'long')
-      field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
+    field(:properties, type: 'keyword', value: ->(account) { account.searchable_properties })
-    end
+    field(:last_status_at, type: 'date', value: ->(account) { clamp_date(account.last_status_at || account.created_at) })
-
+    field(:display_name, type: 'text', analyzer: 'verbatim') { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
-    field :acct, type: 'text', analyzer: 'content', value: ->(account) { [account.username, account.domain].compact.join('@') } do
+    field(:username, type: 'text', analyzer: 'verbatim', value: ->(account) { [account.username, account.domain].compact.join('@') }) { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
-      field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
+    field(:text, type: 'text', analyzer: 'verbatim', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
    end
    field :following_count, type: 'long', value: ->(account) { account.following_count }
    field :followers_count, type: 'long', value: ->(account) { account.followers_count }
    field :last_status_at, type: 'date', value: ->(account) { account.last_status_at || account.created_at }
  end
 end
--- a/app/chewy/concerns/datetime_clamping_concern.rb
+++ b/app/chewy/concerns/datetime_clamping_concern.rb
@ -0,0 +1,14 @@
 # frozen_string_literal: true
 module DatetimeClampingConcern
  extend ActiveSupport::Concern
  MIN_ISO8601_DATETIME = '0000-01-01T00:00:00Z'.to_datetime.freeze
  MAX_ISO8601_DATETIME = '9999-12-31T23:59:59Z'.to_datetime.freeze
  class_methods do
    def clamp_date(datetime)
      datetime.clamp(MIN_ISO8601_DATETIME, MAX_ISO8601_DATETIME)
    end
  end
 end
--- a/app/chewy/instances_index.rb
+++ b/app/chewy/instances_index.rb
@ -0,0 +1,12 @@
 # frozen_string_literal: true
 class InstancesIndex < Chewy::Index
  settings index: index_preset(refresh_interval: '30s')
  index_scope ::Instance.searchable
  root date_detection: false do
    field :domain, type: 'text', index_prefixes: { min_chars: 1, max_chars: 5 }
    field :accounts_count, type: 'long'
  end
 end
--- a/app/chewy/public_statuses_index.rb
+++ b/app/chewy/public_statuses_index.rb
@ -0,0 +1,69 @@
 # frozen_string_literal: true
 class PublicStatusesIndex < Chewy::Index
  include DatetimeClampingConcern
  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
        tokenizer: 'standard',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
  index_scope ::Status.unscoped
                      .kept
                      .indexable
                      .includes(:media_attachments, :preloadable_poll, :preview_cards, :tags)
  root date_detection: false do
    field(:id, type: 'long')
    field(:account_id, type: 'long')
    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
    field(:tags, type: 'text', analyzer: 'hashtag', value: ->(status) { status.tags.map(&:display_name) })
    field(:language, type: 'keyword')
    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
  end
 end
--- a/app/chewy/statuses_index.rb
+++ b/app/chewy/statuses_index.rb
@ -1,75 +1,67 @@
 # frozen_string_literal: true
 class StatusesIndex < Chewy::Index
-  include FormattingHelper
+  include DatetimeClampingConcern
-  settings index: { refresh_interval: '30s' }, analysis: {
+  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
-      content: {
+      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
        tokenizer: 'standard',
        filter: %w(
          english_possessive_stemmer
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
-  # We do not use delete_if option here because it would call a method that we
+  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preview_cards, :local_mentioned, :local_favorited, :local_reblogged, :local_bookmarked, :tags, preloadable_poll: :local_voters), delete_if: ->(status) { status.searchable_by.empty? }
  # expect to be called with crutches without crutches, causing n+1 queries
  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preloadable_poll)
  crutch :mentions do |collection|
    data = ::Mention.where(status_id: collection.map(&:id)).where(account: Account.local, silent: false).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :favourites do |collection|
    data = ::Favourite.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :reblogs do |collection|
    data = ::Status.where(reblog_of_id: collection.map(&:id)).where(account: Account.local).pluck(:reblog_of_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :bookmarks do |collection|
    data = ::Bookmark.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :votes do |collection|
    data = ::PollVote.joins(:poll).where(poll: { status_id: collection.map(&:id) }).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  root date_detection: false do
-    field :id, type: 'long'
+    field(:id, type: 'long')
-    field :account_id, type: 'long'
+    field(:account_id, type: 'long')
-
+    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
-    field :text, type: 'text', value: ->(status) { status.searchable_text } do
+    field(:tags, type: 'text', analyzer: 'hashtag',  value: ->(status) { status.tags.map(&:display_name) })
-      field :stemmed, type: 'text', analyzer: 'content'
+    field(:searchable_by, type: 'long', value: ->(status) { status.searchable_by })
-    end
+    field(:language, type: 'keyword')
-
+    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
-    field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
+    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
  end
 end
--- a/app/chewy/tags_index.rb
+++ b/app/chewy/tags_index.rb
@ -1,16 +1,27 @@
 # frozen_string_literal: true
 class TagsIndex < Chewy::Index
-  settings index: { refresh_interval: '30s' }, analysis: {
+  include DatetimeClampingConcern
  settings index: index_preset(refresh_interval: '30s'), analysis: {
    analyzer: {
      content: {
        tokenizer: 'keyword',
-        filter: %w(lowercase asciifolding cjk_width),
+        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
      edge_ngram: {
        tokenizer: 'edge_ngram',
-        filter: %w(lowercase asciifolding cjk_width),
+        filter: %w(
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
@ -30,12 +41,9 @@ class TagsIndex < Chewy::Index
  end
  root date_detection: false do
-    field :name, type: 'text', analyzer: 'content' do
+    field(:name, type: 'text', analyzer: 'content', value: :display_name) { field(:edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content') }
-      field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
+    field(:reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? })
-    end
+    field(:usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts })
-
+    field(:last_status_at, type: 'date', value: ->(tag) { clamp_date(tag.last_status_at || tag.created_at) })
    field :reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? }
    field :usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts }
    field :last_status_at, type: 'date', value: ->(tag) { tag.last_status_at || tag.created_at }
  end
 end
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@ -12,7 +12,7 @@ class AccountsController < ApplicationController
  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
  skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?
  def show
    respond_to do |format|
--- a/app/controllers/admin/account_actions_controller.rb
+++ b/app/controllers/admin/account_actions_controller.rb
@ -21,7 +21,7 @@ module Admin
      account_action.save!
      if account_action.with_report?
-        redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: params[:report_id])
+        redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: resource_params[:report_id])
      else
        redirect_to admin_account_path(@account.id)
      end
--- a/app/controllers/admin/dashboard_controller.rb
+++ b/app/controllers/admin/dashboard_controller.rb
@ -14,15 +14,5 @@ module Admin
      @pending_tags_count    = Tag.pending_review.count
      @pending_appeals_count = Appeal.pending.count
    end
    private
    def redis_info
      @redis_info ||= if redis.is_a?(Redis::Namespace)
                        redis.redis.info
                      else
                        redis.info
                      end
    end
  end
 end
--- a/app/controllers/admin/domain_allows_controller.rb
+++ b/app/controllers/admin/domain_allows_controller.rb
@ -25,6 +25,8 @@ class Admin::DomainAllowsController < Admin::BaseController
  def destroy
    authorize @domain_allow, :destroy?
    UnallowDomainService.new.call(@domain_allow)
    log_action :destroy, @domain_allow
    redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.destroyed_msg')
  end
--- a/app/controllers/admin/domain_blocks_controller.rb
+++ b/app/controllers/admin/domain_blocks_controller.rb
@ -40,7 +40,7 @@ module Admin
      end
      # Allow transparently upgrading a domain block
-      if existing_domain_block.present?
+      if existing_domain_block.present? && existing_domain_block.domain == TagManager.instance.normalize_domain(@domain_block.domain.strip)
        @domain_block = existing_domain_block
        @domain_block.assign_attributes(resource_params)
      end
--- a/app/controllers/admin/instances_controller.rb
+++ b/app/controllers/admin/instances_controller.rb
@ -65,7 +65,7 @@ module Admin
    end
    def filtered_instances
-      InstanceFilter.new(whitelist_mode? ? { allowed: true } : filter_params).results
+      InstanceFilter.new(limited_federation_mode? ? { allowed: true } : filter_params).results
    end
    def filter_params
--- a/app/controllers/admin/software_updates_controller.rb
+++ b/app/controllers/admin/software_updates_controller.rb
@ -0,0 +1,18 @@
 # frozen_string_literal: true
 module Admin
  class SoftwareUpdatesController < BaseController
    before_action :check_enabled!
    def index
      authorize :software_update, :index?
      @software_updates = SoftwareUpdate.all.sort_by(&:gem_version)
    end
    private
    def check_enabled!
      not_found unless SoftwareUpdate.check_enabled?
    end
  end
 end
--- a/app/controllers/admin/webhooks_controller.rb
+++ b/app/controllers/admin/webhooks_controller.rb
@ -28,6 +28,7 @@ module Admin
      authorize :webhook, :create?
      @webhook = Webhook.new(resource_params)
      @webhook.current_account = current_account
      if @webhook.save
        redirect_to admin_webhook_path(@webhook)
@ -39,10 +40,12 @@ module Admin
    def update
      authorize @webhook, :update?
      @webhook.current_account = current_account
      if @webhook.update(resource_params)
        redirect_to admin_webhook_path(@webhook)
      else
-        render :show
+        render :edit
      end
    end
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -8,7 +8,7 @@ class Api::BaseController < ApplicationController
  include AccessTokenTrackingConcern
  include ApiCachingConcern
-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?
  before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
  before_action :require_not_suspended!
@ -150,7 +150,7 @@ class Api::BaseController < ApplicationController
  end
  def disallow_unauthenticated_api_access?
-    ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.whitelist_mode
+    ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.limited_federation_mode
  end
  private
--- a/app/controllers/api/v1/accounts/credentials_controller.rb
+++ b/app/controllers/api/v1/accounts/credentials_controller.rb
@ -30,6 +30,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
      :bot,
      :discoverable,
      :hide_collections,
      :indexable,
      fields_attributes: [:name, :value]
    )
  end
--- a/app/controllers/api/v1/accounts/notes_controller.rb
+++ b/app/controllers/api/v1/accounts/notes_controller.rb
@ -25,6 +25,6 @@ class Api::V1::Accounts::NotesController < Api::BaseController
  end
  def relationships_presenter
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
+    AccountRelationshipsPresenter.new([@account], current_user.account_id)
  end
 end
--- a/app/controllers/api/v1/accounts/pins_controller.rb
+++ b/app/controllers/api/v1/accounts/pins_controller.rb
@ -25,6 +25,6 @@ class Api::V1::Accounts::PinsController < Api::BaseController
  end
  def relationships_presenter
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
+    AccountRelationshipsPresenter.new([@account], current_user.account_id)
  end
 end
--- a/app/controllers/api/v1/accounts/relationships_controller.rb
+++ b/app/controllers/api/v1/accounts/relationships_controller.rb
@ -5,11 +5,10 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
  before_action :require_user!
  def index
-    accounts = Account.without_suspended.where(id: account_ids).select('id')
+    @accounts = Account.without_suspended.where(id: account_ids).select(:id, :domain).to_a
    # .where doesn't guarantee that our results are in the same order
    # we requested them, so return the "right" order to the requestor.
-    @accounts = accounts.index_by(&:id).values_at(*account_ids).compact
+    render json: @accounts.index_by(&:id).values_at(*account_ids).compact, each_serializer: REST::RelationshipSerializer, relationships: relationships
    render json: @accounts, each_serializer: REST::RelationshipSerializer, relationships: relationships
  end
  private
--- a/app/controllers/api/v1/accounts_controller.rb
+++ b/app/controllers/api/v1/accounts_controller.rb
@ -86,11 +86,11 @@ class Api::V1::AccountsController < Api::BaseController
  end
  def relationships(**options)
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id, **options)
+    AccountRelationshipsPresenter.new([@account], current_user.account_id, **options)
  end
  def account_params
-    params.permit(:username, :email, :password, :agreement, :locale, :reason)
+    params.permit(:username, :email, :password, :agreement, :locale, :reason, :time_zone)
  end
  def check_enabled_registrations
--- a/app/controllers/api/v1/admin/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/admin/domain_blocks_controller.rb
@ -29,10 +29,11 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
  def create
    authorize :domain_block, :create?
    @domain_block = DomainBlock.new(resource_params)
    existing_domain_block = resource_params[:domain].present? ? DomainBlock.rule_for(resource_params[:domain]) : nil
-    return render json: existing_domain_block, serializer: REST::Admin::ExistingDomainBlockErrorSerializer, status: 422 if existing_domain_block.present?
+    return render json: existing_domain_block, serializer: REST::Admin::ExistingDomainBlockErrorSerializer, status: 422 if conflicts_with_existing_block?(@domain_block, existing_domain_block)
-    @domain_block = DomainBlock.create!(resource_params)
+    @domain_block.save!
    DomainBlockWorker.perform_async(@domain_block.id)
    log_action :create, @domain_block
    render json: @domain_block, serializer: REST::Admin::DomainBlockSerializer
@ -55,6 +56,10 @@ class Api::V1::Admin::DomainBlocksController < Api::BaseController
  private
  def conflicts_with_existing_block?(domain_block, existing_domain_block)
    existing_domain_block.present? && (existing_domain_block.domain == TagManager.instance.normalize_domain(domain_block.domain) || !domain_block.stricter_than?(existing_domain_block))
  end
  def set_domain_blocks
    @domain_blocks = filtered_domain_blocks.order(id: :desc).to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
  end
--- a/app/controllers/api/v1/admin/tags_controller.rb
+++ b/app/controllers/api/v1/admin/tags_controller.rb
@ -0,0 +1,74 @@
 # frozen_string_literal: true
 class Api::V1::Admin::TagsController < Api::BaseController
  include Authorization
  before_action -> { authorize_if_got_token! :'admin:read' }, only: [:index, :show]
  before_action -> { authorize_if_got_token! :'admin:write' }, only: :update
  before_action :set_tags, only: :index
  before_action :set_tag, except: :index
  after_action :insert_pagination_headers, only: :index
  after_action :verify_authorized
  LIMIT = 100
  PAGINATION_PARAMS = %i(limit).freeze
  def index
    authorize :tag, :index?
    render json: @tags, each_serializer: REST::Admin::TagSerializer
  end
  def show
    authorize @tag, :show?
    render json: @tag, serializer: REST::Admin::TagSerializer
  end
  def update
    authorize @tag, :update?
    @tag.update!(tag_params.merge(reviewed_at: Time.now.utc))
    render json: @tag, serializer: REST::Admin::TagSerializer
  end
  private
  def set_tag
    @tag = Tag.find(params[:id])
  end
  def set_tags
    @tags = Tag.all.to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
  end
  def tag_params
    params.permit(:display_name, :trendable, :usable, :listable)
  end
  def insert_pagination_headers
    set_pagination_headers(next_path, prev_path)
  end
  def next_path
    api_v1_admin_tags_url(pagination_params(max_id: pagination_max_id)) if records_continue?
  end
  def prev_path
    api_v1_admin_tags_url(pagination_params(min_id: pagination_since_id)) unless @tags.empty?
  end
  def pagination_max_id
    @tags.last.id
  end
  def pagination_since_id
    @tags.first.id
  end
  def records_continue?
    @tags.size == limit_param(LIMIT)
  end
  def pagination_params(core_params)
    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/bookmarks_controller.rb
+++ b/app/controllers/api/v1/bookmarks_controller.rb
@ -21,7 +21,7 @@ class Api::V1::BookmarksController < Api::BaseController
  end
  def results
-    @_results ||= account_bookmarks.joins(:status).eager_load(:status).to_a_paginated_by_id(
+    @results ||= account_bookmarks.joins(:status).eager_load(:status).to_a_paginated_by_id(
      limit_param(DEFAULT_STATUSES_LIMIT),
      params_slice(:max_id, :since_id, :min_id)
    )
--- a/app/controllers/api/v1/conversations_controller.rb
+++ b/app/controllers/api/v1/conversations_controller.rb
@ -19,6 +19,11 @@ class Api::V1::ConversationsController < Api::BaseController
    render json: @conversation, serializer: REST::ConversationSerializer
  end
  def unread
    @conversation.update!(unread: true)
    render json: @conversation, serializer: REST::ConversationSerializer
  end
  def destroy
    @conversation.destroy!
    render_empty
@ -45,7 +50,7 @@ class Api::V1::ConversationsController < Api::BaseController
                           },
                         ]
                       )
-                       .to_a_paginated_by_id(limit_param(LIMIT), **params_slice(:max_id, :since_id, :min_id))
+                       .to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
  end
  def insert_pagination_headers
--- a/app/controllers/api/v1/directories_controller.rb
+++ b/app/controllers/api/v1/directories_controller.rb
@ -16,16 +16,42 @@ class Api::V1::DirectoriesController < Api::BaseController
  end
  def set_accounts
-    @accounts = accounts_scope.offset(params[:offset]).limit(limit_param(DEFAULT_ACCOUNTS_LIMIT))
+    with_read_replica do
      @accounts = accounts_scope.offset(params[:offset]).limit(limit_param(DEFAULT_ACCOUNTS_LIMIT))
    end
  end
  def accounts_scope
    Account.discoverable.tap do |scope|
-      scope.merge!(Account.local)                                          if truthy_param?(:local)
+      scope.merge!(account_order_scope)
-      scope.merge!(Account.by_recent_status)                               if params[:order].blank? || params[:order] == 'active'
+      scope.merge!(local_account_scope) if local_accounts?
-      scope.merge!(Account.order(id: :desc))                               if params[:order] == 'new'
+      scope.merge!(account_exclusion_scope) if current_account
-      scope.merge!(Account.not_excluded_by_account(current_account))       if current_account
+      scope.merge!(account_domain_block_scope) if current_account && !local_accounts?
      scope.merge!(Account.not_domain_blocked_by_account(current_account)) if current_account && !truthy_param?(:local)
    end
  end
  def local_accounts?
    truthy_param?(:local)
  end
  def account_order_scope
    case params[:order]
    when 'new'
      Account.order(id: :desc)
    when 'active', nil
      Account.by_recent_status
    end
  end
  def local_account_scope
    Account.local
  end
  def account_exclusion_scope
    Account.not_excluded_by_account(current_account)
  end
  def account_domain_block_scope
    Account.not_domain_blocked_by_account(current_account)
  end
 end
--- a/app/controllers/api/v1/emails/confirmations_controller.rb
+++ b/app/controllers/api/v1/emails/confirmations_controller.rb
@ -5,6 +5,7 @@ class Api::V1::Emails::ConfirmationsController < Api::BaseController
  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }, except: :check
  before_action :require_user_owned_by_application!, except: :check
  before_action :require_user_not_confirmed!, except: :check
  before_action :require_authenticated_user!, only: :check
  def create
    current_user.update!(email: params[:email]) if params.key?(:email)
--- a/app/controllers/api/v1/favourites_controller.rb
+++ b/app/controllers/api/v1/favourites_controller.rb
@ -21,7 +21,7 @@ class Api::V1::FavouritesController < Api::BaseController
  end
  def results
-    @_results ||= account_favourites.joins(:status).eager_load(:status).to_a_paginated_by_id(
+    @results ||= account_favourites.joins(:status).eager_load(:status).to_a_paginated_by_id(
      limit_param(DEFAULT_STATUSES_LIMIT),
      params_slice(:max_id, :since_id, :min_id)
    )
--- a/app/controllers/api/v1/featured_tags/suggestions_controller.rb
+++ b/app/controllers/api/v1/featured_tags/suggestions_controller.rb
@ -12,6 +12,10 @@ class Api::V1::FeaturedTags::SuggestionsController < Api::BaseController
  private
  def set_recently_used_tags
-    @recently_used_tags = Tag.recently_used(current_account).where.not(id: current_account.featured_tags).limit(10)
+    @recently_used_tags = Tag.recently_used(current_account).where.not(id: featured_tag_ids).limit(10)
  end
  def featured_tag_ids
    current_account.featured_tags.pluck(:tag_id)
  end
 end
--- a/app/controllers/api/v1/follow_requests_controller.rb
+++ b/app/controllers/api/v1/follow_requests_controller.rb
@ -25,11 +25,11 @@ class Api::V1::FollowRequestsController < Api::BaseController
  private
  def account
-    Account.find(params[:id])
+    @account ||= Account.find(params[:id])
  end
  def relationships(**options)
-    AccountRelationshipsPresenter.new([params[:id]], current_user.account_id, **options)
+    AccountRelationshipsPresenter.new([account], current_user.account_id, **options)
  end
  def load_accounts
--- a/app/controllers/api/v1/instances/activity_controller.rb
+++ b/app/controllers/api/v1/instances/activity_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Instances::ActivityController < Api::BaseController
  before_action :require_enabled_api!
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  vary_by ''
@ -33,6 +33,6 @@ class Api::V1::Instances::ActivityController < Api::BaseController
  end
  def require_enabled_api!
-    head 404 unless Setting.activity_api_enabled && !whitelist_mode?
+    head 404 unless Setting.activity_api_enabled && !limited_federation_mode?
  end
 end
--- a/app/controllers/api/v1/instances/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/instances/domain_blocks_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true
 class Api::V1::Instances::DomainBlocksController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  before_action :require_enabled_api!
  before_action :set_domain_blocks
--- a/app/controllers/api/v1/instances/extended_descriptions_controller.rb
+++ b/app/controllers/api/v1/instances/extended_descriptions_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true
 class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  before_action :set_extended_description
@ -10,7 +10,7 @@ class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController
  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end
  def show
--- a/app/controllers/api/v1/instances/languages_controller.rb
+++ b/app/controllers/api/v1/instances/languages_controller.rb
@ -0,0 +1,21 @@
 # frozen_string_literal: true
 class Api::V1::Instances::LanguagesController < Api::BaseController
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  before_action :set_languages
  vary_by ''
  def show
    cache_even_if_authenticated!
    render json: @languages, each_serializer: REST::LanguageSerializer
  end
  private
  def set_languages
    @languages = LanguagesHelper::SUPPORTED_LOCALES.keys.map { |code| LanguagePresenter.new(code) }
  end
 end
--- a/app/controllers/api/v1/instances/peers_controller.rb
+++ b/app/controllers/api/v1/instances/peers_controller.rb
@ -3,24 +3,24 @@
 class Api::V1::Instances::PeersController < Api::BaseController
  before_action :require_enabled_api!
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  vary_by ''
  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end
  def index
    cache_even_if_authenticated!
-    render_with_cache(expires_in: 1.day) { Instance.where.not(domain: DomainBlock.select(:domain)).pluck(:domain) }
+    render_with_cache(expires_in: 1.day) { Instance.searchable.pluck(:domain) }
  end
  private
  def require_enabled_api!
-    head 404 unless Setting.peers_api_enabled && !whitelist_mode?
+    head 404 unless Setting.peers_api_enabled && !limited_federation_mode?
  end
 end
--- a/app/controllers/api/v1/instances/privacy_policies_controller.rb
+++ b/app/controllers/api/v1/instances/privacy_policies_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true
 class Api::V1::Instances::PrivacyPoliciesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  before_action :set_privacy_policy
--- a/app/controllers/api/v1/instances/rules_controller.rb
+++ b/app/controllers/api/v1/instances/rules_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true
 class Api::V1::Instances::RulesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  before_action :set_rules
@ -10,7 +10,7 @@ class Api::V1::Instances::RulesController < Api::BaseController
  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end
  def index
--- a/app/controllers/api/v1/instances/translation_languages_controller.rb
+++ b/app/controllers/api/v1/instances/translation_languages_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true
 class Api::V1::Instances::TranslationLanguagesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  before_action :set_languages
--- a/app/controllers/api/v1/instances_controller.rb
+++ b/app/controllers/api/v1/instances_controller.rb
@ -1,14 +1,14 @@
 # frozen_string_literal: true
 class Api::V1::InstancesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  vary_by ''
  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end
  def show
--- a/app/controllers/api/v1/markers_controller.rb
+++ b/app/controllers/api/v1/markers_controller.rb
@ -7,7 +7,10 @@ class Api::V1::MarkersController < Api::BaseController
  before_action :require_user!
  def index
-    @markers = current_user.markers.where(timeline: Array(params[:timeline])).index_by(&:timeline)
+    with_read_replica do
      @markers = current_user.markers.where(timeline: Array(params[:timeline])).index_by(&:timeline)
    end
    render json: serialize_map(@markers)
  end
--- a/app/controllers/api/v1/notifications_controller.rb
+++ b/app/controllers/api/v1/notifications_controller.rb
@ -9,8 +9,12 @@ class Api::V1::NotificationsController < Api::BaseController
  DEFAULT_NOTIFICATIONS_LIMIT = 40
  def index
-    @notifications = load_notifications
+    with_read_replica do
-    render json: @notifications, each_serializer: REST::NotificationSerializer, relationships: StatusRelationshipsPresenter.new(target_statuses_from_notifications, current_user&.account_id)
+      @notifications = load_notifications
      @relationships = StatusRelationshipsPresenter.new(target_statuses_from_notifications, current_user&.account_id)
    end
    render json: @notifications, each_serializer: REST::NotificationSerializer, relationships: @relationships
  end
  def show
--- a/app/controllers/api/v1/peers/search_controller.rb
+++ b/app/controllers/api/v1/peers/search_controller.rb
@ -0,0 +1,47 @@
 # frozen_string_literal: true
 class Api::V1::Peers::SearchController < Api::BaseController
  before_action :require_enabled_api!
  before_action :set_domains
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  vary_by ''
  def index
    cache_even_if_authenticated!
    render json: @domains
  end
  private
  def require_enabled_api!
    head 404 unless Setting.peers_api_enabled && !limited_federation_mode?
  end
  def set_domains
    return if params[:q].blank?
    if Chewy.enabled?
      @domains = InstancesIndex.query(function_score: {
        query: {
          prefix: {
            domain: TagManager.instance.normalize_domain(params[:q].strip),
          },
        },
        field_value_factor: {
          field: 'accounts_count',
          modifier: 'log2p',
        },
      }).limit(10).pluck(:domain)
    else
      domain = params[:q].strip
      domain = TagManager.instance.normalize_domain(domain)
      @domains = Instance.searchable.where(Instance.arel_table[:domain].matches("#{Instance.sanitize_sql_like(domain)}%", false, true)).limit(10).pluck(:domain)
    end
  rescue Addressable::URI::InvalidURIError
    @domains = []
  end
 end
--- a/app/controllers/api/v1/profile/avatars_controller.rb
+++ b/app/controllers/api/v1/profile/avatars_controller.rb
@ -0,0 +1,13 @@
 # frozen_string_literal: true
 class Api::V1::Profile::AvatarsController < Api::BaseController
  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
  before_action :require_user!
  def destroy
    @account = current_account
    UpdateAccountService.new.call(@account, { avatar: nil }, raise_error: true)
    ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
    render json: @account, serializer: REST::CredentialAccountSerializer
  end
 end
--- a/app/controllers/api/v1/profile/headers_controller.rb
+++ b/app/controllers/api/v1/profile/headers_controller.rb
@ -0,0 +1,13 @@
 # frozen_string_literal: true
 class Api::V1::Profile::HeadersController < Api::BaseController
  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
  before_action :require_user!
  def destroy
    @account = current_account
    UpdateAccountService.new.call(@account, { header: nil }, raise_error: true)
    ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
    render json: @account, serializer: REST::CredentialAccountSerializer
  end
 end
--- a/app/controllers/api/v1/reports_controller.rb
+++ b/app/controllers/api/v1/reports_controller.rb
@ -23,6 +23,6 @@ class Api::V1::ReportsController < Api::BaseController
  end
  def report_params
-    params.permit(:account_id, :comment, :category, :forward, status_ids: [], rule_ids: [])
+    params.permit(:account_id, :comment, :category, :forward, forward_to_domains: [], status_ids: [], rule_ids: [])
  end
 end
--- a/app/controllers/api/v1/scheduled_statuses_controller.rb
+++ b/app/controllers/api/v1/scheduled_statuses_controller.rb
@ -6,6 +6,7 @@ class Api::V1::ScheduledStatusesController < Api::BaseController
  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }, except: [:update, :destroy]
  before_action -> { doorkeeper_authorize! :write, :'write:statuses' }, only: [:update, :destroy]
  before_action :require_user!
  before_action :set_statuses, only: :index
  before_action :set_status, except: :index
--- a/app/controllers/api/v1/statuses/favourites_controller.rb
+++ b/app/controllers/api/v1/statuses/favourites_controller.rb
@ -17,13 +17,16 @@ class Api::V1::Statuses::FavouritesController < Api::BaseController
    if fav
      @status = fav.status
      count = [@status.favourites_count - 1, 0].max
      UnfavouriteWorker.perform_async(current_account.id, @status.id)
    else
      @status = Status.find(params[:status_id])
      count = @status.favourites_count
      authorize @status, :show?
    end
-    render json: @status, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, favourites_map: { @status.id => false })
+    relationships = StatusRelationshipsPresenter.new([@status], current_account.id, favourites_map: { @status.id => false }, attributes_map: { @status.id => { favourites_count: count } })
    render json: @status, serializer: REST::StatusSerializer, relationships: relationships
  rescue Mastodon::NotPermittedError
    not_found
  end
--- a/app/controllers/api/v1/statuses/histories_controller.rb
+++ b/app/controllers/api/v1/statuses/histories_controller.rb
@ -8,11 +8,15 @@ class Api::V1::Statuses::HistoriesController < Api::BaseController
  def show
    cache_if_unauthenticated!
-    render json: @status.edits.includes(:account, status: [:account]), each_serializer: REST::StatusEditSerializer
+    render json: status_edits, each_serializer: REST::StatusEditSerializer
  end
  private
  def status_edits
    @status.edits.includes(:account, status: [:account]).to_a.presence || [@status.build_snapshot(at_time: @status.edited_at || @status.created_at)]
  end
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
--- a/app/controllers/api/v1/statuses/reblogs_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogs_controller.rb
@ -24,15 +24,18 @@ class Api::V1::Statuses::ReblogsController < Api::BaseController
    if @status
      authorize @status, :unreblog?
      @reblog = @status.reblog
      count = [@reblog.reblogs_count - 1, 0].max
      @status.discard
      RemovalWorker.perform_async(@status.id)
      @reblog = @status.reblog
    else
      @reblog = Status.find(params[:status_id])
      count = @reblog.reblogs_count
      authorize @reblog, :show?
    end
-    render json: @reblog, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_account.id, reblogs_map: { @reblog.id => false })
+    relationships = StatusRelationshipsPresenter.new([@status], current_account.id, reblogs_map: { @reblog.id => false }, attributes_map: { @reblog.id => { reblogs_count: count } })
    render json: @reblog, serializer: REST::StatusSerializer, relationships: relationships
  rescue Mastodon::NotPermittedError
    not_found
  end
--- a/app/controllers/api/v1/statuses/translations_controller.rb
+++ b/app/controllers/api/v1/statuses/translations_controller.rb
@ -4,11 +4,20 @@ class Api::V1::Statuses::TranslationsController < Api::BaseController
  include Authorization
  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
  before_action :require_user!
  before_action :set_status
  before_action :set_translation
  rescue_from TranslationService::NotConfiguredError, with: :not_found
-  rescue_from TranslationService::UnexpectedResponseError, TranslationService::QuotaExceededError, TranslationService::TooManyRequestsError, with: :service_unavailable
+  rescue_from TranslationService::UnexpectedResponseError, with: :service_unavailable
  rescue_from TranslationService::QuotaExceededError do
    render json: { error: I18n.t('translation.errors.quota_exceeded') }, status: 503
  end
  rescue_from TranslationService::TooManyRequestsError do
    render json: { error: I18n.t('translation.errors.too_many_requests') }, status: 503
  end
  def create
    render json: @translation, serializer: REST::TranslationSerializer
--- a/app/controllers/api/v1/streaming_controller.rb
+++ b/app/controllers/api/v1/streaming_controller.rb
@ -2,7 +2,7 @@
 class Api::V1::StreamingController < Api::BaseController
  def index
-    if Rails.configuration.x.streaming_api_base_url == request.host
+    if same_host?
      not_found
    else
      redirect_to streaming_api_url, status: 301, allow_other_host: true
@ -11,9 +11,16 @@ class Api::V1::StreamingController < Api::BaseController
  private
  def same_host?
    base_url = Addressable::URI.parse(Rails.configuration.x.streaming_api_base_url)
    request.host == base_url.host && request.port == (base_url.port || 80)
  end
  def streaming_api_url
    Addressable::URI.parse(request.url).tap do |uri|
-      uri.host = Addressable::URI.parse(Rails.configuration.x.streaming_api_base_url).host
+      base_url = Addressable::URI.parse(Rails.configuration.x.streaming_api_base_url)
      uri.host = base_url.host
      uri.port = base_url.port
    end.to_s
  end
 end
--- a/app/controllers/api/v1/tags_controller.rb
+++ b/app/controllers/api/v1/tags_controller.rb
@ -19,6 +19,7 @@ class Api::V1::TagsController < Api::BaseController
  def unfollow
    TagFollow.find_by(account: current_account, tag: @tag)&.destroy!
    TagUnmergeWorker.perform_async(@tag.id, current_account.id)
    render json: @tag, serializer: REST::TagSerializer
  end
--- a/app/controllers/api/v1/timelines/home_controller.rb
+++ b/app/controllers/api/v1/timelines/home_controller.rb
@ -6,11 +6,14 @@ class Api::V1::Timelines::HomeController < Api::BaseController
  after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
  def show
-    @statuses = load_statuses
+    with_read_replica do
      @statuses = load_statuses
      @relationships = StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
    end
    render json: @statuses,
           each_serializer: REST::StatusSerializer,
-           relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id),
+           relationships: @relationships,
           status: account_home_feed.regenerating? ? 206 : 200
  end
--- a/Show more
+++ b/Show more