Bump version to 2.7.4

Fixes #10177

.browserslistrc

@@ -1,7 +0,0 @@
-[production]
-defaults
-not IE 11
-not dead
-
-[development]
-supports es6-module

.buildpacks

@@ -1,3 +1,4 @@
 https://github.com/heroku/heroku-buildpack-apt
 https://github.com/Scalingo/ffmpeg-buildpack
+https://github.com/Scalingo/nodejs-buildpack
 https://github.com/Scalingo/ruby-buildpack

.bundler-audit.yml

@@ -1,6 +0,0 @@
----
-ignore:
-  # devise-two-factor advisory about brute-forcing TOTP
-  # We have rate-limits on authentication endpoints in place (including second
-  # factor verification) since Mastodon v3.2.0
-  - CVE-2024-0227

.circleci/config.yml

@@ -0,0 +1,217 @@
+version: 2
+
+aliases:
+  - &defaults
+    docker:
+      - image: circleci/ruby:2.6.0-stretch-node
+        environment: &ruby_environment
+          BUNDLE_APP_CONFIG: ./.bundle/
+          DB_HOST: localhost
+          DB_USER: root
+          RAILS_ENV: test
+          PARALLEL_TEST_PROCESSORS: 4
+          ALLOW_NOPAM: true
+          CONTINUOUS_INTEGRATION: true
+          DISABLE_SIMPLECOV: true
+          PAM_ENABLED: true
+          PAM_DEFAULT_SERVICE: pam_test
+          PAM_CONTROLLED_SERVICE: pam_test_controlled
+    working_directory: ~/projects/mastodon/
+
+  - &attach_workspace
+    attach_workspace:
+      at: ~/projects/
+
+  - &persist_to_workspace
+    persist_to_workspace:
+      root: ~/projects/
+      paths:
+        - ./mastodon/
+
+  - &restore_ruby_dependencies
+    restore_cache:
+      keys:
+        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
+        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-
+        - v2-ruby-dependencies-
+
+  - &install_steps
+    steps:
+      - checkout
+      - *attach_workspace
+
+      - restore_cache:
+          keys:
+            - v1-node-dependencies-{{ checksum "yarn.lock" }}
+            - v1-node-dependencies-
+      - run: yarn install --frozen-lockfile
+      - save_cache:
+          key: v1-node-dependencies-{{ checksum "yarn.lock" }}
+          paths:
+            - ./node_modules/
+
+      - *persist_to_workspace
+
+  - &install_system_dependencies
+      run:
+        name: Install system dependencies
+        command: |
+          sudo apt-get update
+          sudo apt-get install -y libicu-dev libidn11-dev libprotobuf-dev protobuf-compiler
+
+  - &install_ruby_dependencies
+      steps:
+        - *attach_workspace
+
+        - *install_system_dependencies
+
+        - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
+        - *restore_ruby_dependencies
+        - run: bundle install --clean --jobs 16 --path ./vendor/bundle/ --retry 3 --with pam_authentication --without development production && bundle clean
+        - save_cache:
+            key: v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
+            paths:
+              - ./.bundle/
+              - ./vendor/bundle/
+        - persist_to_workspace:
+            root: ~/projects/
+            paths:
+                - ./mastodon/.bundle/
+                - ./mastodon/vendor/bundle/
+
+  - &test_steps
+      steps:
+        - *attach_workspace
+
+        - *install_system_dependencies
+        - run: sudo apt-get install -y ffmpeg
+
+        - run:
+            name: Prepare Tests
+            command: ./bin/rails parallel:create parallel:load_schema parallel:prepare
+        - run:
+            name: Run Tests
+            command: ./bin/retry bundle exec parallel_test ./spec/ --group-by filesize --type rspec
+
+jobs:
+  install:
+    <<: *defaults
+    <<: *install_steps
+
+  install-ruby2.6:
+    <<: *defaults
+    <<: *install_ruby_dependencies
+
+  install-ruby2.5:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.5.3-stretch-node
+        environment: *ruby_environment
+    <<: *install_ruby_dependencies
+
+  install-ruby2.4:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.4.5-stretch-node
+        environment: *ruby_environment
+    <<: *install_ruby_dependencies
+
+  build:
+    <<: *defaults
+    steps:
+      - *attach_workspace
+      - *install_system_dependencies
+      - run: ./bin/rails assets:precompile
+      - persist_to_workspace:
+          root: ~/projects/
+          paths:
+              - ./mastodon/public/assets
+              - ./mastodon/public/packs-test/
+
+  test-ruby2.6:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.6.0-stretch-node
+        environment: *ruby_environment
+      - image: circleci/postgres:10.6-alpine
+        environment:
+          POSTGRES_USER: root
+      - image: circleci/redis:5.0.3-alpine3.8
+    <<: *test_steps
+
+  test-ruby2.5:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.5.3-stretch-node
+        environment: *ruby_environment
+      - image: circleci/postgres:10.6-alpine
+        environment:
+          POSTGRES_USER: root
+      - image: circleci/redis:4.0.12-alpine
+    <<: *test_steps
+
+  test-ruby2.4:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.4.5-stretch-node
+        environment: *ruby_environment
+      - image: circleci/postgres:10.6-alpine
+        environment:
+          POSTGRES_USER: root
+      - image: circleci/redis:4.0.12-alpine
+    <<: *test_steps
+
+  test-webui:
+    <<: *defaults
+    docker:
+      - image: circleci/node:8.15.0-stretch
+    steps:
+      - *attach_workspace
+      - run: ./bin/retry yarn test:jest
+
+  check-i18n:
+    <<: *defaults
+    steps:
+      - *attach_workspace
+      - run: bundle exec i18n-tasks check-normalized
+      - run: bundle exec i18n-tasks unused
+      - run: bundle exec i18n-tasks missing -t plural
+      - run: bundle exec i18n-tasks check-consistent-interpolations
+
+workflows:
+  version: 2
+  build-and-test:
+    jobs:
+      - install
+      - install-ruby2.6:
+          requires:
+            - install
+      - install-ruby2.5:
+          requires:
+            - install
+            - install-ruby2.6
+      - install-ruby2.4:
+          requires:
+            - install
+            - install-ruby2.6
+      - build:
+          requires:
+            - install-ruby2.6
+      - test-ruby2.6:
+          requires:
+            - install-ruby2.6
+            - build
+      - test-ruby2.5:
+          requires:
+            - install-ruby2.5
+            - build
+      - test-ruby2.4:
+          requires:
+            - install-ruby2.4
+            - build
+      - test-webui:
+          requires:
+            - install
+      - check-i18n:
+          requires:
+            - install-ruby2.6

.codeclimate.yml

@@ -0,0 +1,38 @@
+version: "2"
+checks:
+  argument-count:
+    enabled: false
+  complex-logic:
+    enabled: false
+  file-lines:
+    enabled: false
+  method-complexity:
+    enabled: false
+  method-count:
+    enabled: false
+  method-lines:
+    enabled: false
+  nested-control-flow:
+    enabled: false
+  return-statements:
+    enabled: false
+  similar-code:
+    enabled: false
+  identical-code:
+    enabled: false
+plugins:
+  brakeman:
+    enabled: true
+  bundler-audit:
+    enabled: true
+  eslint:
+    enabled: true
+    channel: eslint-5
+  rubocop:
+    enabled: true
+    channel: rubocop-0-54
+  scss-lint:
+    enabled: true
+exclude_patterns:
+- spec/
+- vendor/asset

.devcontainer/Dockerfile

@@ -1,20 +0,0 @@
-# For details, see https://github.com/devcontainers/images/tree/main/src/ruby
-FROM mcr.microsoft.com/devcontainers/ruby:1-3.2-bullseye
-
-# Install Rails
-# RUN gem install rails webdrivers
-
-ARG NODE_VERSION="16"
-RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
-
-# [Optional] Uncomment this section to install additional OS packages.
-RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
-    && apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg imagemagick libpam-dev
-
-# [Optional] Uncomment this line to install additional gems.
-RUN gem install foreman
-
-# [Optional] Uncomment this line to install global node packages.
-RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g yarn" 2>&1
-
-COPY welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt

.devcontainer/codespaces/devcontainer.json

@@ -1,49 +0,0 @@
-{
-  "name": "Mastodon on GitHub Codespaces",
-  "dockerComposeFile": "../docker-compose.yml",
-  "service": "app",
-  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
-
-  "features": {
-    "ghcr.io/devcontainers/features/sshd:1": {}
-  },
-
-  "runServices": ["app", "db", "redis"],
-
-  "forwardPorts": [3000, 4000],
-
-  "portsAttributes": {
-    "3000": {
-      "label": "web",
-      "onAutoForward": "notify"
-    },
-    "4000": {
-      "label": "stream",
-      "onAutoForward": "silent"
-    }
-  },
-
-  "otherPortsAttributes": {
-    "onAutoForward": "silent"
-  },
-
-  "remoteEnv": {
-    "LOCAL_DOMAIN": "${localEnv:CODESPACE_NAME}-3000.app.github.dev",
-    "LOCAL_HTTPS": "true",
-    "STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
-    "DISABLE_FORGERY_REQUEST_PROTECTION": "true",
-    "ES_ENABLED": "",
-    "LIBRE_TRANSLATE_ENDPOINT": ""
-  },
-
-  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
-  "postCreateCommand": ".devcontainer/post-create.sh",
-  "waitFor": "postCreateCommand",
-
-  "customizations": {
-    "vscode": {
-      "settings": {},
-      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
-    }
-  }
-}

.devcontainer/devcontainer.json

@@ -1,40 +0,0 @@
-{
-  "name": "Mastodon on local machine",
-  "dockerComposeFile": "docker-compose.yml",
-  "service": "app",
-  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
-
-  "features": {
-    "ghcr.io/devcontainers/features/sshd:1": {}
-  },
-
-  "forwardPorts": [3000, 4000],
-
-  "portsAttributes": {
-    "3000": {
-      "label": "web",
-      "onAutoForward": "notify",
-      "requireLocalPort": true
-    },
-    "4000": {
-      "label": "stream",
-      "onAutoForward": "silent",
-      "requireLocalPort": true
-    }
-  },
-
-  "otherPortsAttributes": {
-    "onAutoForward": "silent"
-  },
-
-  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
-  "postCreateCommand": ".devcontainer/post-create.sh",
-  "waitFor": "postCreateCommand",
-
-  "customizations": {
-    "vscode": {
-      "settings": {},
-      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
-    }
-  }
-}

.devcontainer/docker-compose.yml

@@ -1,90 +0,0 @@
-version: '3'
-
-services:
-  app:
-    build:
-      context: .
-      dockerfile: Dockerfile
-    volumes:
-      - ../..:/workspaces:cached
-    environment:
-      RAILS_ENV: development
-      NODE_ENV: development
-      BIND: 0.0.0.0
-      REDIS_HOST: redis
-      REDIS_PORT: '6379'
-      DB_HOST: db
-      DB_USER: postgres
-      DB_PASS: postgres
-      DB_PORT: '5432'
-      ES_ENABLED: 'true'
-      ES_HOST: es
-      ES_PORT: '9200'
-      LIBRE_TRANSLATE_ENDPOINT: http://libretranslate:5000
-    # Overrides default command so things don't shut down after the process ends.
-    command: sleep infinity
-    ports:
-      - '127.0.0.1:3000:3000'
-      - '127.0.0.1:3035:3035'
-      - '127.0.0.1:4000:4000'
-    networks:
-      - external_network
-      - internal_network
-
-  db:
-    image: postgres:14-alpine
-    restart: unless-stopped
-    volumes:
-      - postgres-data:/var/lib/postgresql/data
-    environment:
-      POSTGRES_USER: postgres
-      POSTGRES_DB: postgres
-      POSTGRES_PASSWORD: postgres
-      POSTGRES_HOST_AUTH_METHOD: trust
-    networks:
-      - internal_network
-
-  redis:
-    image: redis:7-alpine
-    restart: unless-stopped
-    volumes:
-      - redis-data:/data
-    networks:
-      - internal_network
-
-  es:
-    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
-    restart: unless-stopped
-    environment:
-      ES_JAVA_OPTS: -Xms512m -Xmx512m
-      cluster.name: es-mastodon
-      discovery.type: single-node
-      bootstrap.memory_lock: 'true'
-    volumes:
-      - es-data:/usr/share/elasticsearch/data
-    networks:
-      - internal_network
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-
-  libretranslate:
-    image: libretranslate/libretranslate:v1.3.11
-    restart: unless-stopped
-    volumes:
-      - lt-data:/home/libretranslate/.local
-    networks:
-      - external_network
-      - internal_network
-
-volumes:
-  postgres-data:
-  redis-data:
-  es-data:
-  lt-data:
-
-networks:
-  external_network:
-  internal_network:
-    internal: true

.devcontainer/post-create.sh

@@ -1,26 +0,0 @@
-#!/bin/bash
-
-set -e # Fail the whole script on first error
-
-# Fetch Ruby gem dependencies
-bundle config path 'vendor/bundle'
-bundle config with 'development test'
-bundle install
-
-# Make Gemfile.lock pristine again
-git checkout -- Gemfile.lock
-
-# Fetch Javascript dependencies
-yarn --frozen-lockfile
-
-# [re]create, migrate, and seed the test database
-RAILS_ENV=test ./bin/rails db:setup
-
-# [re]create, migrate, and seed the development database
-RAILS_ENV=development ./bin/rails db:setup
-
-# Precompile assets for development
-RAILS_ENV=development ./bin/rails assets:precompile
-
-# Precompile assets for test
-RAILS_ENV=test NODE_ENV=tests ./bin/rails assets:precompile

.devcontainer/welcome-message.txt

@@ -1,8 +0,0 @@
-👋 Welcome to "Mastodon" in GitHub Codespaces!
-
-🛠️  Your environment is fully setup with all the required software.
-
-🔍 To explore VS Code to its fullest, search using the Command Palette (Cmd/Ctrl + Shift + P or F1).
-
-📝 Edit away, run your app as usual, and we'll automatically make it available for you to access.
-

.dockerignore

@@ -1,10 +1,6 @@
 .bundle
 .env
 .env.*
-.git
-.gitattributes
-.gitignore
-.github
 public/system
 public/assets
 public/packs
@@ -15,7 +11,5 @@ vendor/bundle
 *.swp
 *~
 postgres
-postgres14
 redis
 elasticsearch
-chart

.editorconfig

@@ -10,4 +10,3 @@ insert_final_newline = true
 charset = utf-8
 indent_style = space
 indent_size = 2
-trim_trailing_whitespace = true

.env.nanobox

@@ -0,0 +1,226 @@
+# Service dependencies
+# You may set REDIS_URL instead for more advanced options
+REDIS_HOST=$DATA_REDIS_HOST
+REDIS_PORT=6379
+# REDIS_DB=0
+
+# You may set DATABASE_URL instead for more advanced options
+DB_HOST=$DATA_DB_HOST
+DB_USER=$DATA_DB_USER
+DB_NAME=gonano
+DB_PASS=$DATA_DB_PASS
+DB_PORT=5432
+
+DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano
+
+# Optional ElasticSearch configuration
+ES_ENABLED=true
+ES_HOST=$DATA_ELASTIC_HOST
+ES_PORT=9200
+
+# Optimizations
+LD_PRELOAD=/data/lib/libjemalloc.so
+
+# ImageMagick optimizations
+MAGICK_TEMPORARY_PATH=/app/tmp
+MAGICK_MEMORY_LIMIT=128MiB
+MAGICK_MAP_LIMIT=64MiB
+MAGICK_TIME_LIMIT=15
+MAGICK_AREA_LIMIT=16MP
+MAGICK_WIDTH_LIMIT=8KP
+MAGICK_HEIGHT_LIMIT=8KP
+
+# Federation
+# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
+# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
+LOCAL_DOMAIN=${APP_NAME}.nanoapp.io
+
+# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
+
+# Use this only if you need to run mastodon on a different domain than the one used for federation.
+# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
+# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
+# WEB_DOMAIN=mastodon.example.com
+
+# Use this if you want to have several aliases handler@example1.com
+# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
+# be added. Comma separated values
+# ALTERNATE_DOMAINS=example1.com,example2.com
+
+# Application secrets
+# Generate each with the `rake secret` task (`nanobox run bundle exec rake secret`)
+SECRET_KEY_BASE=$SECRET_KEY_BASE
+OTP_SECRET=$OTP_SECRET
+
+# VAPID keys (used for push notifications)
+# You can generate the keys using the following command (first is the private key, second is the public one)
+# You should only generate this once per instance. If you later decide to change it, all push subscription will
+# be invalidated, requiring the users to access the website again to resubscribe.
+#
+# Generate with `rake mastodon:webpush:generate_vapid_key` task (`nanobox run bundle exec rake mastodon:webpush:generate_vapid_key`)
+#
+# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
+VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
+VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY
+
+# Registrations
+# Single user mode will disable registrations and redirect frontpage to the first profile
+# SINGLE_USER_MODE=true
+# Prevent registrations with following e-mail domains
+# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
+# Only allow registrations with the following e-mail domains
+# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
+
+# Optionally change default language
+# DEFAULT_LOCALE=de
+
+# E-mail configuration
+# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
+# If you want to use an SMTP server without authentication (e.g local Postfix relay)
+# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
+# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
+SMTP_SERVER=$SMTP_SERVER
+SMTP_PORT=587
+SMTP_LOGIN=$SMTP_LOGIN
+SMTP_PASSWORD=$SMTP_PASSWORD
+SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
+#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
+#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
+#SMTP_AUTH_METHOD=plain
+#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
+#SMTP_OPENSSL_VERIFY_MODE=peer
+#SMTP_ENABLE_STARTTLS_AUTO=true
+#SMTP_TLS=true
+
+# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
+# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
+# PAPERCLIP_ROOT_URL=/system
+
+# Optional asset host for multi-server setups
+# CDN_HOST=https://assets.example.com
+
+# S3 (optional)
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=http
+# S3_HOSTNAME=192.168.1.123:9000
+
+# S3 (Minio Config (optional) Please check Minio instance for details)
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=https
+# S3_HOSTNAME=
+# S3_ENDPOINT=
+# S3_SIGNATURE_VERSION=
+
+# Swift (optional)
+# SWIFT_ENABLED=true
+# SWIFT_USERNAME=
+# For Keystone V3, the value for SWIFT_TENANT should be the project name
+# SWIFT_TENANT=
+# SWIFT_PASSWORD=
+# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
+# issues with token rate-limiting during high load.
+# SWIFT_AUTH_URL=
+# SWIFT_CONTAINER=
+# SWIFT_OBJECT_URL=
+# SWIFT_REGION=
+# Defaults to 'default'
+# SWIFT_DOMAIN_NAME=
+# Defaults to 60 seconds. Set to 0 to disable
+# SWIFT_CACHE_TTL=
+
+# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
+# S3_ALIAS_HOST=
+
+# Streaming API integration
+# STREAMING_API_BASE_URL=
+
+# Advanced settings
+# If you need to use pgBouncer, you need to disable prepared statements:
+# PREPARED_STATEMENTS=false
+
+# Cluster number setting for streaming API server.
+# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
+# STREAMING_CLUSTER_NUM=1
+
+# Docker mastodon user
+# If you use Docker, you may want to assign UID/GID manually.
+# UID=1000
+# GID=1000
+
+# LDAP authentication (optional)
+# LDAP_ENABLED=true
+# LDAP_HOST=localhost
+# LDAP_PORT=389
+# LDAP_METHOD=simple_tls
+# LDAP_BASE=
+# LDAP_BIND_DN=
+# LDAP_PASSWORD=
+# LDAP_UID=cn
+
+# PAM authentication (optional)
+# PAM authentication uses for the email generation the "email" pam variable
+# and optional as fallback PAM_DEFAULT_SUFFIX
+# The pam environment variable "email" is provided by:
+# https://github.com/devkral/pam_email_extractor
+# PAM_ENABLED=true
+# Fallback Suffix for email address generation (nil by default)
+# PAM_DEFAULT_SUFFIX=pam
+# Name of the pam service (pam "auth" section is evaluated)
+# PAM_DEFAULT_SERVICE=rpam
+# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
+# PAM_CONTROLLED_SERVICE=rpam
+
+# Global OAuth settings (optional) :
+# If you have only one strategy, you may want to enable this
+# OAUTH_REDIRECT_AT_SIGN_IN=true
+
+# Optional CAS authentication (cf. omniauth-cas) :
+# CAS_ENABLED=true
+# CAS_URL=https://sso.myserver.com/
+# CAS_HOST=sso.myserver.com/
+# CAS_PORT=443
+# CAS_SSL=true
+# CAS_VALIDATE_URL=
+# CAS_CALLBACK_URL=
+# CAS_LOGOUT_URL=
+# CAS_LOGIN_URL=
+# CAS_UID_FIELD='user'
+# CAS_CA_PATH=
+# CAS_DISABLE_SSL_VERIFICATION=false
+# CAS_UID_KEY='user'
+# CAS_NAME_KEY='name'
+# CAS_EMAIL_KEY='email'
+# CAS_NICKNAME_KEY='nickname'
+# CAS_FIRST_NAME_KEY='firstname'
+# CAS_LAST_NAME_KEY='lastname'
+# CAS_LOCATION_KEY='location'
+# CAS_IMAGE_KEY='image'
+# CAS_PHONE_KEY='phone'
+
+# Optional SAML authentication (cf. omniauth-saml)
+# SAML_ENABLED=true
+# SAML_ACS_URL=
+# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
+# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
+# SAML_IDP_CERT=
+# SAML_IDP_CERT_FINGERPRINT=
+# SAML_NAME_IDENTIFIER_FORMAT=
+# SAML_CERT=
+# SAML_PRIVATE_KEY=
+# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
+# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
+# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
+# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
+# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.5.4.42"
+# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=

.env.production.sample

@@ -1,77 +1,232 @@
-# This is a sample configuration file. You can generate your configuration
-# with the `rake mastodon:setup` interactive setup wizard, but to customize
-# your setup even further, you'll need to edit it manually. This sample does
-# not demonstrate all available configuration options. Please look at
-# https://docs.joinmastodon.org/admin/config/ for the full documentation.
-
-# Note that this file accepts slightly different syntax depending on whether
-# you are using `docker-compose` or not. In particular, if you use
-# `docker-compose`, the value of each declared variable will be taken verbatim,
-# including surrounding quotes.
-# See: https://github.com/mastodon/mastodon/issues/16895
-
-# Federation
-# ----------
-# This identifies your server and cannot be changed safely later
-# ----------
-LOCAL_DOMAIN=example.com
-
-# Redis
-# -----
-REDIS_HOST=localhost
+# Service dependencies
+# You may set REDIS_URL instead for more advanced options
+# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
+REDIS_HOST=redis
 REDIS_PORT=6379
-
-# PostgreSQL
-# ----------
-DB_HOST=/var/run/postgresql
-DB_USER=mastodon
-DB_NAME=mastodon_production
+# You may set DATABASE_URL instead for more advanced options
+DB_HOST=db
+DB_USER=postgres
+DB_NAME=postgres
 DB_PASS=
 DB_PORT=5432
+# Optional ElasticSearch configuration
+# ES_ENABLED=true
+# ES_HOST=es
+# ES_PORT=9200
 
-# Elasticsearch (optional)
-# ------------------------
-ES_ENABLED=true
-ES_HOST=localhost
-ES_PORT=9200
-# Authentication for ES (optional)
-ES_USER=elastic
-ES_PASS=password
+# Federation
+# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
+# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
+LOCAL_DOMAIN=example.com
 
-# Secrets
-# -------
-# Make sure to use `rake secret` to generate secrets
-# -------
+# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
+
+# Use this only if you need to run mastodon on a different domain than the one used for federation.
+# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
+# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
+# WEB_DOMAIN=mastodon.example.com
+
+# Use this if you want to have several aliases handler@example1.com
+# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
+# be added. Comma separated values
+# ALTERNATE_DOMAINS=example1.com,example2.com
+
+# Application secrets
+# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
 SECRET_KEY_BASE=
 OTP_SECRET=
 
-# Web Push
-# --------
-# Generate with `rake mastodon:webpush:generate_vapid_key`
-# --------
+# VAPID keys (used for push notifications
+# You can generate the keys using the following command (first is the private key, second is the public one)
+# You should only generate this once per instance. If you later decide to change it, all push subscription will
+# be invalidated, requiring the users to access the website again to resubscribe.
+#
+# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
+#
+# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
 VAPID_PRIVATE_KEY=
 VAPID_PUBLIC_KEY=
 
-# Sending mail
-# ------------
-SMTP_SERVER=
+# Registrations
+# Single user mode will disable registrations and redirect frontpage to the first profile
+# SINGLE_USER_MODE=true
+# Prevent registrations with following e-mail domains
+# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
+# Only allow registrations with the following e-mail domains
+# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
+
+# Optionally change default language
+# DEFAULT_LOCALE=de
+
+# E-mail configuration
+# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
+# If you want to use an SMTP server without authentication (e.g local Postfix relay)
+# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
+# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
+SMTP_SERVER=smtp.mailgun.org
 SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
 SMTP_FROM_ADDRESS=notifications@example.com
+#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
+#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
+#SMTP_AUTH_METHOD=plain
+#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
+#SMTP_OPENSSL_VERIFY_MODE=peer
+#SMTP_ENABLE_STARTTLS_AUTO=true
+#SMTP_TLS=true
 
-# File storage (optional)
-# -----------------------
-S3_ENABLED=true
-S3_BUCKET=files.example.com
-AWS_ACCESS_KEY_ID=
-AWS_SECRET_ACCESS_KEY=
-S3_ALIAS_HOST=files.example.com
+# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
+# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
+# PAPERCLIP_ROOT_URL=/system
 
-# IP and session retention
-# -----------------------
-# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
-# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
-# -----------------------
-IP_RETENTION_PERIOD=31556952
-SESSION_RETENTION_PERIOD=31556952
+# Optional asset host for multi-server setups
+# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
+# if WEB_DOMAIN is not set. For example, the server may have the
+# following header field:
+# Access-Control-Allow-Origin: https://example.com/
+# CDN_HOST=https://assets.example.com
+
+# S3 (optional)
+# The attachment host must allow cross origin request from WEB_DOMAIN or
+# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
+# following header field:
+# Access-Control-Allow-Origin: https://192.168.1.123:9000/
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=http
+# S3_HOSTNAME=192.168.1.123:9000
+
+# S3 (Minio Config (optional) Please check Minio instance for details)
+# The attachment host must allow cross origin request - see the description
+# above.
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=https
+# S3_HOSTNAME=
+# S3_ENDPOINT=
+# S3_SIGNATURE_VERSION=
+
+# Swift (optional)
+# The attachment host must allow cross origin request - see the description
+# above.
+# SWIFT_ENABLED=true
+# SWIFT_USERNAME=
+# For Keystone V3, the value for SWIFT_TENANT should be the project name
+# SWIFT_TENANT=
+# SWIFT_PASSWORD=
+# Some OpenStack V3 providers require PROJECT_ID (optional)
+# SWIFT_PROJECT_ID=
+# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
+# issues with token rate-limiting during high load.
+# SWIFT_AUTH_URL=
+# SWIFT_CONTAINER=
+# SWIFT_OBJECT_URL=
+# SWIFT_REGION=
+# Defaults to 'default'
+# SWIFT_DOMAIN_NAME=
+# Defaults to 60 seconds. Set to 0 to disable
+# SWIFT_CACHE_TTL=
+
+# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
+# S3_ALIAS_HOST=
+
+# Streaming API integration
+# STREAMING_API_BASE_URL=
+
+# Advanced settings
+# If you need to use pgBouncer, you need to disable prepared statements:
+# PREPARED_STATEMENTS=false
+
+# Cluster number setting for streaming API server.
+# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
+STREAMING_CLUSTER_NUM=1
+
+# Docker mastodon user
+# If you use Docker, you may want to assign UID/GID manually.
+# UID=1000
+# GID=1000
+
+# LDAP authentication (optional)
+# LDAP_ENABLED=true
+# LDAP_HOST=localhost
+# LDAP_PORT=389
+# LDAP_METHOD=simple_tls
+# LDAP_BASE=
+# LDAP_BIND_DN=
+# LDAP_PASSWORD=
+# LDAP_UID=cn
+# LDAP_SEARCH_FILTER="%{uid}=%{email}"
+
+# PAM authentication (optional)
+# PAM authentication uses for the email generation the "email" pam variable
+# and optional as fallback PAM_DEFAULT_SUFFIX
+# The pam environment variable "email" is provided by:
+# https://github.com/devkral/pam_email_extractor
+# PAM_ENABLED=true
+# Fallback email domain for email address generation (LOCAL_DOMAIN by default)
+# PAM_EMAIL_DOMAIN=example.com
+# Name of the pam service (pam "auth" section is evaluated)
+# PAM_DEFAULT_SERVICE=rpam
+# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
+# PAM_CONTROLLED_SERVICE=rpam
+
+# Global OAuth settings (optional) :
+# If you have only one strategy, you may want to enable this
+# OAUTH_REDIRECT_AT_SIGN_IN=true
+
+# Optional CAS authentication (cf. omniauth-cas) :
+# CAS_ENABLED=true
+# CAS_URL=https://sso.myserver.com/
+# CAS_HOST=sso.myserver.com/
+# CAS_PORT=443
+# CAS_SSL=true
+# CAS_VALIDATE_URL=
+# CAS_CALLBACK_URL=
+# CAS_LOGOUT_URL=
+# CAS_LOGIN_URL=
+# CAS_UID_FIELD='user'
+# CAS_CA_PATH=
+# CAS_DISABLE_SSL_VERIFICATION=false
+# CAS_UID_KEY='user'
+# CAS_NAME_KEY='name'
+# CAS_EMAIL_KEY='email'
+# CAS_NICKNAME_KEY='nickname'
+# CAS_FIRST_NAME_KEY='firstname'
+# CAS_LAST_NAME_KEY='lastname'
+# CAS_LOCATION_KEY='location'
+# CAS_IMAGE_KEY='image'
+# CAS_PHONE_KEY='phone'
+
+# Optional SAML authentication (cf. omniauth-saml)
+# SAML_ENABLED=true
+# SAML_ACS_URL=
+# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
+# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
+# SAML_IDP_CERT=
+# SAML_IDP_CERT_FINGERPRINT=
+# SAML_NAME_IDENTIFIER_FORMAT=
+# SAML_CERT=
+# SAML_PRIVATE_KEY=
+# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
+# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
+# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
+# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
+# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
+# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42"
+# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4"
+# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
+
+# Use HTTP proxy for outgoing request (optional)
+# http_proxy=http://gateway.local:8118
+# Access control for hidden service.
+# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true

.env.test

@@ -1,5 +1,5 @@
 # Node.js
-NODE_ENV=tests
+NODE_ENV=test
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true

.env.vagrant

@@ -1,8 +1,2 @@
 VAGRANT=true
 LOCAL_DOMAIN=mastodon.local
-BIND=0.0.0.0
-DB_HOST=/var/run/postgresql/
-
-ES_ENABLED=true
-ES_HOST=localhost
-ES_PORT=9200

.eslintrc.js

@@ -1,71 +1,66 @@
 module.exports = {
   root: true,
 
-  extends: [
-    'eslint:recommended',
-    'plugin:react/recommended',
-    'plugin:react-hooks/recommended',
-    'plugin:jsx-a11y/recommended',
-    'plugin:import/recommended',
-    'plugin:promise/recommended',
-    'plugin:jsdoc/recommended',
-    'plugin:prettier/recommended',
-  ],
-
   env: {
     browser: true,
     node: true,
     es6: true,
+    jest: true,
   },
 
   globals: {
     ATTACHMENT_HOST: false,
   },
 
-  parser: '@typescript-eslint/parser',
+  parser: 'babel-eslint',
 
   plugins: [
     'react',
     'jsx-a11y',
     'import',
     'promise',
-    '@typescript-eslint',
-    'formatjs',
   ],
 
   parserOptions: {
     sourceType: 'module',
     ecmaFeatures: {
+      experimentalObjectRestSpread: true,
       jsx: true,
     },
-    ecmaVersion: 2021,
-    requireConfigFile: false,
-    babelOptions: {
-      configFile: false,
-      presets: ['@babel/react', '@babel/env'],
-    },
+    ecmaVersion: 2018,
   },
 
   settings: {
     react: {
       version: 'detect',
     },
+    'import/extensions': [
+      '.js',
+    ],
     'import/ignore': [
       'node_modules',
       '\\.(css|scss|json)$',
     ],
-    'import/resolver': {
-      typescript: {},
-    },
   },
 
   rules: {
+    'brace-style': 'warn',
+    'comma-dangle': ['error', 'always-multiline'],
+    'comma-spacing': [
+      'warn',
+      {
+        before: false,
+        after: true,
+      },
+    ],
+    'comma-style': ['warn', 'last'],
     'consistent-return': 'error',
     'dot-notation': 'error',
-    eqeqeq: ['error', 'always', { 'null': 'ignore' }],
+    eqeqeq: 'error',
+    indent: ['warn', 2],
     'jsx-quotes': ['error', 'prefer-single'],
-    'no-case-declarations': 'off',
     'no-catch-shadow': 'error',
+    'no-cond-assign': 'error',
     'no-console': [
       'warn',
       {
@@ -75,75 +70,86 @@ module.exports = {
         ],
       },
     ],
-    'no-empty': 'off',
-    'no-restricted-properties': [
-      'error',
-      { property: 'substring', message: 'Use .slice instead of .substring.' },
-      { property: 'substr', message: 'Use .slice instead of .substr.' },
-    ],
-    'no-restricted-syntax': [
-      'error',
-      {
-        // eslint-disable-next-line no-restricted-syntax
-        selector: 'Literal[value=/•/], JSXText[value=/•/]',
-        // eslint-disable-next-line no-restricted-syntax
-        message: "Use '·' (middle dot) instead of '•' (bullet)",
-      },
-    ],
-    'no-self-assign': 'off',
+    'no-fallthrough': 'error',
+    'no-irregular-whitespace': 'error',
+    'no-mixed-spaces-and-tabs': 'warn',
+    'no-nested-ternary': 'warn',
+    'no-trailing-spaces': 'warn',
+    'no-undef': 'error',
+    'no-unreachable': 'error',
     'no-unused-expressions': 'error',
-    'no-unused-vars': 'off',
-    '@typescript-eslint/no-unused-vars': [
+    'no-unused-vars': [
       'error',
       {
         vars: 'all',
         args: 'after-used',
-        destructuredArrayIgnorePattern: '^_',
         ignoreRestSiblings: true,
       },
     ],
+    'object-curly-spacing': ['error', 'always'],
+    'padded-blocks': [
+      'error',
+      {
+        classes: 'always',
+      },
+    ],
+    quotes: ['error', 'single'],
+    semi: 'error',
+    strict: 'off',
     'valid-typeof': 'error',
 
-    'react/jsx-filename-extension': ['error', { extensions: ['.jsx', 'tsx'] }],
     'react/jsx-boolean-value': 'error',
-    'react/display-name': 'off',
-    'react/jsx-fragments': ['error', 'syntax'],
+    'react/jsx-closing-bracket-location': ['error', 'line-aligned'],
+    'react/jsx-curly-spacing': 'error',
     'react/jsx-equals-spacing': 'error',
+    'react/jsx-first-prop-new-line': ['error', 'multiline-multiprop'],
+    'react/jsx-indent': ['error', 2],
     'react/jsx-no-bind': 'error',
-    'react/jsx-no-useless-fragment': 'error',
-    'react/jsx-no-target-blank': 'off',
+    'react/jsx-no-duplicate-props': 'error',
+    'react/jsx-no-undef': 'error',
     'react/jsx-tag-spacing': 'error',
-    'react/jsx-uses-react': 'off', // not needed with new JSX transform
+    'react/jsx-uses-react': 'error',
+    'react/jsx-uses-vars': 'error',
     'react/jsx-wrap-multilines': 'error',
-    'react/no-deprecated': 'off',
-    'react/no-unknown-property': 'off',
-    'react/react-in-jsx-scope': 'off', // not needed with new JSX transform
+    'react/no-multi-comp': 'off',
+    'react/no-string-refs': 'error',
+    'react/prop-types': 'error',
     'react/self-closing-comp': 'error',
 
-    // recommended values found in https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/main/src/index.js
     'jsx-a11y/accessible-emoji': 'warn',
-    'jsx-a11y/click-events-have-key-events': 'off',
-    'jsx-a11y/label-has-associated-control': 'off',
-    'jsx-a11y/media-has-caption': 'off',
-    'jsx-a11y/no-autofocus': 'off',
-    // recommended rule is:
-    // 'jsx-a11y/no-interactive-element-to-noninteractive-role': [
-    //   'error',
-    //   {
-    //     tr: ['none', 'presentation'],
-    //     canvas: ['img'],
-    //   },
-    // ],
-    'jsx-a11y/no-interactive-element-to-noninteractive-role': 'off',
-    // recommended rule is:
-    // 'jsx-a11y/no-noninteractive-element-interactions': [
-    //   'error',
-    //   {
-    //     body: ['onError', 'onLoad'],
-    //     iframe: ['onError', 'onLoad'],
-    //     img: ['onError', 'onLoad'],
-    //   },
-    // ],
+    'jsx-a11y/alt-text': 'warn',
+    'jsx-a11y/anchor-has-content': 'warn',
+    'jsx-a11y/anchor-is-valid': [
+      'warn',
+      {
+        components: [
+          'Link',
+          'NavLink',
+        ],
+        specialLink: [
+          'to',
+        ],
+        aspect: [
+          'noHref',
+          'invalidHref',
+          'preferButton',
+        ],
+      },
+    ],
+    'jsx-a11y/aria-activedescendant-has-tabindex': 'warn',
+    'jsx-a11y/aria-props': 'warn',
+    'jsx-a11y/aria-proptypes': 'warn',
+    'jsx-a11y/aria-role': 'warn',
+    'jsx-a11y/aria-unsupported-elements': 'warn',
+    'jsx-a11y/heading-has-content': 'warn',
+    'jsx-a11y/html-has-lang': 'warn',
+    'jsx-a11y/iframe-has-title': 'warn',
+    'jsx-a11y/img-redundant-alt': 'warn',
+    'jsx-a11y/interactive-supports-focus': 'warn',
+    'jsx-a11y/label-has-for': 'off',
+    'jsx-a11y/mouse-events-have-key-events': 'warn',
+    'jsx-a11y/no-access-key': 'warn',
+    'jsx-a11y/no-distracting-elements': 'warn',
     'jsx-a11y/no-noninteractive-element-interactions': [
       'warn',
       {
@@ -152,18 +158,8 @@ module.exports = {
         ],
       },
     ],
-    // recommended rule is:
-    // 'jsx-a11y/no-noninteractive-tabindex': [
-    //   'error',
-    //   {
-    //     tags: [],
-    //     roles: ['tabpanel'],
-    //     allowExpressionValues: true,
-    //   },
-    // ],
-    'jsx-a11y/no-noninteractive-tabindex': 'off',
     'jsx-a11y/no-onchange': 'warn',
-    // recommended is full 'error'
+    'jsx-a11y/no-redundant-roles': 'warn',
     'jsx-a11y/no-static-element-interactions': [
       'warn',
       {
@@ -172,213 +168,32 @@ module.exports = {
         ],
       },
     ],
+    'jsx-a11y/role-has-required-aria-props': 'warn',
+    'jsx-a11y/role-supports-aria-props': 'off',
+    'jsx-a11y/scope': 'warn',
+    'jsx-a11y/tabindex-no-positive': 'warn',
 
-    // See https://github.com/import-js/eslint-plugin-import/blob/main/config/recommended.js
     'import/extensions': [
       'error',
       'always',
       {
         js: 'never',
-        jsx: 'never',
-        mjs: 'never',
-        ts: 'never',
-        tsx: 'never',
       },
     ],
-    'import/first': 'error',
     'import/newline-after-import': 'error',
-    'import/no-anonymous-default-export': 'error',
     'import/no-extraneous-dependencies': [
       'error',
       {
         devDependencies: [
           'config/webpack/**',
-          'app/javascript/mastodon/performance.js',
           'app/javascript/mastodon/test_setup.js',
           'app/javascript/**/__tests__/**',
         ],
       },
     ],
-    'import/no-amd': 'error',
-    'import/no-commonjs': 'error',
-    'import/no-import-module-exports': 'error',
-    'import/no-relative-packages': 'error',
-    'import/no-self-import': 'error',
-    'import/no-useless-path-segments': 'error',
+    'import/no-unresolved': 'error',
     'import/no-webpack-loader-syntax': 'error',
 
-    'import/order': [
-      'error',
-      {
-        alphabetize: { order: 'asc' },
-        'newlines-between': 'always',
-        groups: [
-          'builtin',
-          'external',
-          'internal',
-          'parent',
-          ['index', 'sibling'],
-          'object',
-        ],
-        pathGroups: [
-          // React core packages
-          {
-            pattern: '{react,react-dom,react-dom/client,prop-types}',
-            group: 'builtin',
-            position: 'after',
-          },
-          // I18n
-          {
-            pattern: '{react-intl,intl-messageformat}',
-            group: 'builtin',
-            position: 'after',
-          },
-          // Common React utilities
-          {
-            pattern: '{classnames,react-helmet,react-router-dom}',
-            group: 'external',
-            position: 'before',
-          },
-          // Immutable / Redux / data store
-          {
-            pattern: '{immutable,react-redux,react-immutable-proptypes,react-immutable-pure-component,reselect}',
-            group: 'external',
-            position: 'before',
-          },
-          // Internal packages
-          {
-            pattern: '{mastodon/**}',
-            group: 'internal',
-            position: 'after',
-          },
-        ],
-        pathGroupsExcludedImportTypes: [],
-      },
-    ],
-
-    'promise/always-return': 'off',
-    'promise/catch-or-return': [
-      'error',
-      {
-        allowFinally: true,
-      },
-    ],
-    'promise/no-callback-in-promise': 'off',
-    'promise/no-nesting': 'off',
-    'promise/no-promise-in-callback': 'off',
-
-    'formatjs/blocklist-elements': 'error',
-    'formatjs/enforce-default-message': ['error', 'literal'],
-    'formatjs/enforce-description': 'off', // description values not currently used
-    'formatjs/enforce-id': 'off', // Explicit IDs are used in the project
-    'formatjs/enforce-placeholders': 'off', // Issues in short_number.jsx
-    'formatjs/enforce-plural-rules': 'error',
-    'formatjs/no-camel-case': 'off', // disabledAccount is only non-conforming
-    'formatjs/no-complex-selectors': 'error',
-    'formatjs/no-emoji': 'error',
-    'formatjs/no-id': 'off', // IDs are used for translation keys
-    'formatjs/no-invalid-icu': 'error',
-    'formatjs/no-literal-string-in-jsx': 'off', // Should be looked at, but mainly flagging punctuation outside of strings
-    'formatjs/no-multiple-plurals': 'off', // Only used by hashtag.jsx
-    'formatjs/no-multiple-whitespaces': 'error',
-    'formatjs/no-offset': 'error',
-    'formatjs/no-useless-message': 'error',
-    'formatjs/prefer-formatted-message': 'error',
-    'formatjs/prefer-pound-in-plural': 'error',
-
-    'jsdoc/check-types': 'off',
-    'jsdoc/no-undefined-types': 'off',
-    'jsdoc/require-jsdoc': 'off',
-    'jsdoc/require-param-description': 'off',
-    'jsdoc/require-property-description': 'off',
-    'jsdoc/require-returns-description': 'off',
-    'jsdoc/require-returns': 'off',
+    'promise/catch-or-return': 'error',
   },
-
-  overrides: [
-    {
-      files: [
-        '*.config.js',
-        '.*rc.js',
-        'ide-helper.js',
-        'config/webpack/**/*',
-        'config/formatjs-formatter.js',
-      ],
-
-      env: {
-        commonjs: true,
-      },
-
-      parserOptions: {
-        sourceType: 'script',
-      },
-
-      rules: {
-        'import/no-commonjs': 'off',
-      },
-    },
-    {
-      files: [
-        '**/*.ts',
-        '**/*.tsx',
-      ],
-
-      extends: [
-        'eslint:recommended',
-        'plugin:@typescript-eslint/strict-type-checked',
-        'plugin:@typescript-eslint/stylistic-type-checked',
-        'plugin:react/recommended',
-        'plugin:react-hooks/recommended',
-        'plugin:jsx-a11y/recommended',
-        'plugin:import/recommended',
-        'plugin:import/typescript',
-        'plugin:promise/recommended',
-        'plugin:jsdoc/recommended-typescript',
-        'plugin:prettier/recommended',
-      ],
-
-      parserOptions: {
-        project: true,
-        tsconfigRootDir: __dirname,
-      },
-
-      rules: {
-        'import/consistent-type-specifier-style': ['error', 'prefer-top-level'],
-
-        '@typescript-eslint/consistent-type-definitions': ['warn', 'interface'],
-        '@typescript-eslint/consistent-type-exports': 'error',
-        '@typescript-eslint/consistent-type-imports': 'error',
-        "@typescript-eslint/prefer-nullish-coalescing": ['error', {ignorePrimitives: {boolean: true}}],
-
-        'jsdoc/require-jsdoc': 'off',
-
-        // Those rules set stricter rules for TS files
-        // to enforce better practices when converting from JS
-        'import/no-default-export': 'warn',
-        'react/prefer-stateless-function': 'warn',
-        'react/function-component-definition': ['error', { namedComponents: 'arrow-function' }],
-        'react/jsx-uses-react': 'off', // not needed with new JSX transform
-        'react/react-in-jsx-scope': 'off', // not needed with new JSX transform
-        'react/prop-types': 'off',
-      },
-    },
-    {
-      files: [
-        '**/__tests__/*.js',
-        '**/__tests__/*.jsx',
-      ],
-
-      env: {
-        jest: true,
-      },
-    },
-    {
-      files: [
-        'streaming/**/*',
-      ],
-      rules: {
-        'import/no-commonjs': 'off',
-      },
-    },
-  ],
 };

.gitea/workflows/build.yml

@@ -1,29 +0,0 @@
----
-name: Build Image for Deployment
-on:
-  push:
-    tags:
-      - '**pvz**'
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    container: ghcr.io/catthehacker/ubuntu:act-22.04
-    steps:
-      - uses: actions/checkout@v4
-      - uses: docker/setup-buildx-action@v3
-
-      - name: Login to gitea container registry
-        uses: docker/login-action@v3
-        with:
-          registry: git.wir-sind-auch-menschen.de
-          username: alice-bot
-          password: ${{ secrets.GT_TOKEN }}
-
-      - name: Build and push
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          push: true
-          tags: git.wir-sind-auch-menschen.de/paravielfalt/mastodon:${{ gitea.ref_name }}

.github/CODEOWNERS

@@ -0,0 +1,32 @@
+# CODEOWNERS for tootsuite/mastodon
+
+# Translators
+# To add translator, copy these lines, replace `fr` with appropriate language code and replace `@żelipapą` with user's GitHub nickname preceded by `@` sign or e-mail address.
+# /app/javascript/mastodon/locales/fr.json @żelipapą
+# /app/views/user_mailer/*.fr.html.erb @żelipapą
+# /app/views/user_mailer/*.fr.text.erb @żelipapą
+# /config/locales/*.fr.yml @żelipapą
+# /config/locales/fr.yml @żelipapą
+
+# Polish
+/app/javascript/mastodon/locales/pl.json @m4sk1n
+/app/views/user_mailer/*.pl.html.erb @m4sk1n
+/app/views/user_mailer/*.pl.text.erb @m4sk1n
+/config/locales/*.pl.yml @m4sk1n
+/config/locales/pl.yml @m4sk1n
+
+# French
+/app/javascript/mastodon/locales/fr.json @aldarone
+/app/javascript/mastodon/locales/whitelist_fr.json @aldarone
+/app/views/user_mailer/*.fr.html.erb @aldarone
+/app/views/user_mailer/*.fr.text.erb @aldarone
+/config/locales/*.fr.yml @aldarone
+/config/locales/fr.yml @aldarone
+
+# Dutch
+/app/javascript/mastodon/locales/nl.json @jeroenpraat
+/app/javascript/mastodon/locales/whitelist_nl.json @jeroenpraat
+/app/views/user_mailer/*.nl.html.erb @jeroenpraat
+/app/views/user_mailer/*.nl.text.erb @jeroenpraat
+/config/locales/*.nl.yml @jeroenpraat
+/config/locales/nl.yml @jeroenpraat

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,27 @@
+---
+name: Bug Report
+about: If something isn't working as expected
+
+---
+
+<!-- Make sure that you are submitting a new bug that was not previously reported or already fixed -->
+
+<!-- Please use a concise and distinct title for the issue -->
+
+### Expected behaviour
+
+<!-- What should have happened? -->
+
+### Actual behaviour
+
+<!-- What happened? -->
+
+### Steps to reproduce the problem
+
+<!-- What were you trying to do? -->
+
+### Specifications
+
+<!-- What version or commit hash of Mastodon did you find this bug in? -->
+
+<!-- If a front-end issue, what browser and operating systems were you using? -->

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,17 @@
+---
+name: Feature Request
+about: I have a suggestion
+
+---
+
+<!-- Please use a concise and distinct title for the issue -->
+
+<!-- Consider: Could it be implemented as a 3rd party app using the REST API instead? -->
+
+### Pitch
+
+<!-- Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before -->
+
+### Motivation
+
+<!-- Why do you think this feature is needed? Who would benefit from it? -->

.github/ISSUE_TEMPLATE/support.md

@@ -0,0 +1,10 @@
+---
+name: Support
+about: Ask for help with your deployment
+
+---
+
+We primarily use GitHub as a bug and feature tracker. For usage questions, troubleshooting of deployments and other individual technical assistance, please use one of the resources below:
+
+- https://discourse.joinmastodon.org
+- #mastodon on irc.freenode.net

.gitignore

@@ -13,36 +13,33 @@
 /db/*.sqlite3-journal
 
 # Ignore all logfiles and tempfiles.
-.eslintcache
 /log/*
 !/log/.keep
 /tmp
-/coverage
-/public/system
-/public/assets
-/public/packs
-/public/packs-test
+coverage
+public/system
+public/assets
+public/packs
+public/packs-test
 .env
 .env.production
-.env.development
-/node_modules/
-/build/
+node_modules/
+build/
 
 # Ignore Vagrant files
 .vagrant/
 
 # Ignore Capistrano customizations
-/config/deploy/*
+config/deploy/*
 
 # Ignore IDE files
 .vscode/
 .idea/
 
 # Ignore postgres + redis + elasticsearch volume optionally created by docker-compose
-/postgres
-/postgres14
-/redis
-/elasticsearch
+postgres
+redis
+elasticsearch
 
 # Ignore Apple files
 .DS_Store
@@ -58,8 +55,6 @@ npm-debug.log
 yarn-error.log
 yarn-debug.log
 
-# Ignore vagrant log files
-*-cloudimg-console.log
-
 # Ignore Docker option files
 docker-compose.override.yml
+

.haml-lint.yml

@@ -1,14 +1,108 @@
-inherits_from: .haml-lint_todo.yml
+# Whether to ignore frontmatter at the beginning of HAML documents for
+# frameworks such as Jekyll/Middleman
+skip_frontmatter: false
 
 exclude:
   - 'vendor/**/*'
-  - lib/templates/haml/scaffold/_form.html.haml
-
-require:
-  - ./lib/linter/haml_middle_dot.rb
+  - 'spec/**/*'
+  - 'lib/templates/**/*'
+  - 'app/views/kaminari/**/*'
 
 linters:
   AltText:
+    enabled: false
+
+  ClassAttributeWithStaticValue:
     enabled: true
-  MiddleDot:
+
+  ClassesBeforeIds:
+    enabled: true
+
+  ConsecutiveComments:
+    enabled: true
+
+  ConsecutiveSilentScripts:
+    enabled: true
+    max_consecutive: 2
+
+  EmptyObjectReference:
+    enabled: true
+
+  EmptyScript:
+    enabled: true
+
+  FinalNewline:
+    enabled: true
+    present: true
+
+  HtmlAttributes:
+    enabled: true
+
+  ImplicitDiv:
+    enabled: true
+
+  LeadingCommentSpace:
+    enabled: true
+
+  LineLength:
+    enabled: false
+    max: 80
+
+  MultilinePipe:
+    enabled: true
+
+  MultilineScript:
+    enabled: true
+
+  ObjectReferenceAttributes:
+    enabled: true
+
+  RuboCop:
+    enabled: true
+    # These cops are incredibly noisy when it comes to HAML templates, so we
+    # ignore them.
+    ignored_cops:
+      - Lint/BlockAlignment
+      - Lint/EndAlignment
+      - Lint/Void
+      - Metrics/BlockLength
+      - Metrics/LineLength
+      - Style/AlignParameters
+      - Style/BlockNesting
+      - Style/ElseAlignment
+      - Style/EndOfLine
+      - Style/FileName
+      - Style/FinalNewline
+      - Style/FrozenStringLiteralComment
+      - Style/IfUnlessModifier
+      - Style/IndentationWidth
+      - Style/Next
+      - Style/TrailingBlankLines
+      - Style/TrailingWhitespace
+      - Style/WhileUntilModifier
+
+  RubyComments:
+    enabled: true
+
+  SpaceBeforeScript:
+    enabled: true
+
+  SpaceInsideHashAttributes:
+    enabled: true
+    style: space
+
+  Indentation:
+    enabled: true
+    character: space # or tab
+
+  TagName:
+    enabled: true
+
+  TrailingWhitespace:
+    enabled: true
+
+  UnnecessaryInterpolation:
+    enabled: true
+
+  UnnecessaryStringOutput:
     enabled: true

.haml-lint_todo.yml

@@ -1,47 +0,0 @@
-# This configuration was generated by
-# `haml-lint --auto-gen-config`
-# on 2023-07-20 09:47:50 -0400 using Haml-Lint version 0.48.0.
-# The point is for the user to remove these configuration records
-# one by one as the lints are removed from the code base.
-# Note that changes in the inspected code, or installation of new
-# versions of Haml-Lint, may require this file to be generated again.
-
-linters:
-  # Offense count: 951
-  LineLength:
-    enabled: false
-
-  # Offense count: 22
-  UnnecessaryStringOutput:
-    enabled: false
-
-  # Offense count: 57
-  RuboCop:
-    enabled: false
-
-  # Offense count: 3
-  ViewLength:
-    exclude:
-      - 'app/views/admin/accounts/show.html.haml'
-      - 'app/views/admin/reports/show.html.haml'
-      - 'app/views/disputes/strikes/show.html.haml'
-
-  # Offense count: 32
-  InstanceVariables:
-    exclude:
-      - 'app/views/admin/reports/_actions.html.haml'
-      - 'app/views/admin/roles/_form.html.haml'
-      - 'app/views/admin/webhooks/_form.html.haml'
-      - 'app/views/auth/registrations/_status.html.haml'
-      - 'app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml'
-      - 'app/views/authorize_interactions/_post_follow_actions.html.haml'
-      - 'app/views/invites/_form.html.haml'
-      - 'app/views/relationships/_account.html.haml'
-      - 'app/views/shared/_og.html.haml'
-
-  # Offense count: 3
-  IdNames:
-    exclude:
-      - 'app/views/authorize_interactions/error.html.haml'
-      - 'app/views/oauth/authorizations/error.html.haml'
-      - 'app/views/shared/_error_messages.html.haml'

.husky/pre-commit

@@ -1,4 +0,0 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
-
-yarn lint-staged

.nvmrc

@@ -1 +1 @@
-20.7
+8

.prettierignore

@@ -1,78 +0,0 @@
-# See https://help.github.com/articles/ignoring-files for more about ignoring files.
-#
-# If you find yourself ignoring temporary files generated by your text editor
-# or operating system, you probably want to add a global ignore instead:
-#   git config --global core.excludesfile '~/.gitignore_global'
-
-# Ignore bundler config and downloaded libraries.
-/.bundle
-/vendor/bundle
-
-# Ignore the default SQLite database.
-/db/*.sqlite3
-/db/*.sqlite3-journal
-
-# Ignore all logfiles and tempfiles.
-.eslintcache
-/log/*
-!/log/.keep
-/tmp
-/coverage
-/public/system
-/public/assets
-/public/packs
-/public/packs-test
-.env
-.env.production
-.env.development
-/node_modules/
-/build/
-
-# Ignore Vagrant files
-.vagrant/
-
-# Ignore Capistrano customizations
-/config/deploy/*
-
-# Ignore IDE files
-.vscode/
-.idea/
-
-# Ignore postgres + redis + elasticsearch volume optionally created by docker-compose
-/postgres
-/postgres14
-/redis
-/elasticsearch
-
-# Ignore Apple files
-.DS_Store
-
-# Ignore vim files
-*~
-*.swp
-
-# Ignore log files
-*.log
-
-# Ignore Docker option files
-docker-compose.override.yml
-
-# Ignore emoji map file
-/app/javascript/mastodon/features/emoji/emoji_map.json
-
-# Ignore locale files
-/app/javascript/mastodon/locales/*.json
-/config/locales
-
-# Ignore vendored CSS reset
-app/javascript/styles/mastodon/reset.scss
-
-# Ignore Javascript pending https://github.com/mastodon/mastodon/pull/23631
-*.js
-*.jsx
-
-# Ignore HTML till cleaned and included in CI
-*.html
-
-# Ignore the generated AUTHORS.md
-AUTHORS.md

.prettierrc.js

@@ -1,4 +0,0 @@
-module.exports = {
-  singleQuote: true,
-  jsxSingleQuote: true
-}

.profile

@@ -1 +1 @@
-LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio:/app/.apt/usr/lib/x86_64-linux-gnu/openblas-pthread
+LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio

.rubocop.yml

@@ -1,202 +1,126 @@
-# Can be removed once all rules are addressed or moved to this file as documented overrides
-inherit_from: .rubocop_todo.yml
-
-# Used for merging with exclude lists with .rubocop_todo.yml
-inherit_mode:
-  merge:
-    - Exclude
-
-require:
-  - rubocop-rails
-  - rubocop-rspec
-  - rubocop-performance
-  - rubocop-capybara
-  - ./lib/linter/rubocop_middle_dot
-
 AllCops:
-  TargetRubyVersion: 3.0 # Set to minimum supported version of CI
-  DisplayCopNames: true
-  DisplayStyleGuide: true
-  ExtraDetails: true
-  UseCache: true
-  CacheRootDirectory: tmp
-  NewCops: enable # Opt-in to newly added rules
+  TargetRubyVersion: 2.3
   Exclude:
-    - db/schema.rb
-    - 'bin/*'
-    - 'node_modules/**/*'
-    - 'Vagrantfile'
-    - 'vendor/**/*'
-    - 'lib/json_ld/*' # Generated files
-    - 'lib/templates/**/*'
+  - 'spec/**/*'
+  - 'db/**/*'
+  - 'app/views/**/*'
+  - 'config/**/*'
+  - 'bin/*'
+  - 'Rakefile'
+  - 'node_modules/**/*'
+  - 'Vagrantfile'
+  - 'vendor/**/*'
+  - 'lib/json_ld/*'
+  - 'lib/templates/**/*'
 
-# Reason: Prefer Hashes without extreme indentation
-# https://docs.rubocop.org/rubocop/cops_layout.html#layoutfirsthashelementindentation
-Layout/FirstHashElementIndentation:
-  EnforcedStyle: consistent
-
-# Reason: Currently disabled in .rubocop_todo.yml
-# https://docs.rubocop.org/rubocop/cops_layout.html#layoutlinelength
-Layout/LineLength:
-  Max: 320 # Default of 120 causes a duplicate entry in generated todo file
-
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_lint.html#lintuselessaccessmodifier
-Lint/UselessAccessModifier:
-  ContextCreatingMethods:
-    - class_methods
-
-## Disable most Metrics/*Length cops
-# Reason: those are often triggered and force significant refactors when this happend
-#         but the team feel they are not really improving the code quality.
-
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsblocklength
-Metrics/BlockLength:
+Bundler/OrderedGems:
   Enabled: false
 
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsclasslength
-Metrics/ClassLength:
+Layout/AccessModifierIndentation:
+  EnforcedStyle: indent
+
+Layout/EmptyLineAfterMagicComment:
   Enabled: false
 
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsmethodlength
-Metrics/MethodLength:
-  Enabled: false
+Layout/SpaceInsideHashLiteralBraces:
+  EnforcedStyle: space
 
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsmodulelength
-Metrics/ModuleLength:
-  Enabled: false
-
-## End Disable Metrics/*Length cops
-
-# Reason: Currently disabled in .rubocop_todo.yml
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsabcsize
 Metrics/AbcSize:
-  Exclude:
-    - 'lib/mastodon/cli/*.rb'
-    - db/*migrate/**/*
+  Max: 100
+
+Metrics/BlockLength:
+  Max: 35
+  Exclude:
+    - 'lib/tasks/**/*'
 
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsblocknesting
 Metrics/BlockNesting:
-  Exclude:
-    - 'lib/mastodon/cli/*.rb'
+  Max: 3
+
+Metrics/ClassLength:
+  CountComments: false
+  Max: 300
 
-# Reason: Currently disabled in .rubocop_todo.yml
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricscyclomaticcomplexity
 Metrics/CyclomaticComplexity:
-  Exclude:
-    - lib/mastodon/cli/*.rb
-    - db/*migrate/**/*
+  Max: 25
+
+Metrics/LineLength:
+  AllowURI: true
+  Enabled: false
+
+Metrics/MethodLength:
+  CountComments: false
+  Max: 55
+
+Metrics/ModuleLength:
+  CountComments: false
+  Max: 200
 
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_metrics.html#metricsparameterlists
 Metrics/ParameterLists:
-  CountKeywordArgs: false
+  Max: 5
+  CountKeywordArgs: true
 
-# Reason: Prevailing style is argument file paths
-# https://docs.rubocop.org/rubocop-rails/cops_rails.html#railsfilepath
-Rails/FilePath:
-  EnforcedStyle: arguments
+Metrics/PerceivedComplexity:
+  Max: 20
+
+Naming/MemoizedInstanceVariableName:
+  Enabled: false
+
+Rails:
+  Enabled: true
+
+Rails/HasAndBelongsToMany:
+  Enabled: false
+
+Rails/SkipsModelValidations:
+  Enabled: false
 
-# Reason: Prevailing style uses numeric status codes, matches RSpec/Rails/HttpStatus
-# https://docs.rubocop.org/rubocop-rails/cops_rails.html#railshttpstatus
 Rails/HttpStatus:
-  EnforcedStyle: numeric
+  Enabled: false
 
-# Reason: Allowed in `tootctl` CLI code and in boot ENV checker
-# https://docs.rubocop.org/rubocop-rails/cops_rails.html#railsexit
 Rails/Exit:
   Exclude:
-    - 'config/boot.rb'
-    - 'lib/mastodon/cli/*.rb'
+    - 'lib/mastodon/*'
+    - 'lib/cli'
 
-# Reason: Some single letter camel case files shouldn't be split
-# https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecfilepath
-RSpec/FilePath:
-  CustomTransform:
-    ActivityPub: activitypub # Ignore the snake_case due to the amount of files to rename
-    DeepL: deepl
-    FetchOEmbedService: fetch_oembed_service
-    JsonLdHelper: jsonld_helper
-    OEmbedController: oembed_controller
-    OStatus: ostatus
-    NodeInfoController: nodeinfo_controller # NodeInfo isn't snake_cased for any of the instances
-  Exclude:
-    - 'spec/config/initializers/rack_attack_spec.rb' # namespaces usually have separate folder
-    - 'spec/lib/sanitize_config_spec.rb' # namespaces usually have separate folder
-
-# Reason:
-# https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecnamedsubject
-RSpec/NamedSubject:
-  EnforcedStyle: named_only
-
-# Reason: Prevailing style choice
-# https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecnottonot
-RSpec/NotToNot:
-  EnforcedStyle: to_not
-
-# Reason: Prevailing style uses numeric status codes, matches Rails/HttpStatus
-# https://docs.rubocop.org/rubocop-rspec/cops_rspec_rails.html#rspecrailshttpstatus
-RSpec/Rails/HttpStatus:
-  EnforcedStyle: numeric
-
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_style.html#styleclassandmodulechildren
 Style/ClassAndModuleChildren:
   Enabled: false
 
-# Reason: Classes mostly self-document with their names
-# https://docs.rubocop.org/rubocop/cops_style.html#styledocumentation
+Style/CollectionMethods:
+  Enabled: true
+  PreferredMethods:
+    find_all: 'select'
+
 Style/Documentation:
   Enabled: false
 
-# Reason: Enforce modern Ruby style
-# https://docs.rubocop.org/rubocop/cops_style.html#stylehashsyntax
-Style/HashSyntax:
-  EnforcedStyle: ruby19_no_mixed_keys
+Style/DoubleNegation:
+  Enabled: true
 
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_style.html#stylenumericliterals
-Style/NumericLiterals:
-  AllowedPatterns:
-    - \d{4}_\d{2}_\d{2}_\d{6} # For DB migration date version number readability
+Style/FrozenStringLiteralComment:
+  Enabled: true
+
+Style/GuardClause:
+  Enabled: false
+
+Style/Lambda:
+  Enabled: false
 
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_style.html#stylepercentliteraldelimiters
 Style/PercentLiteralDelimiters:
   PreferredDelimiters:
     '%i': '()'
     '%w': '()'
 
-# Reason: Prefer less indentation in conditional assignments
-# https://docs.rubocop.org/rubocop/cops_style.html#styleredundantbegin
-Style/RedundantBegin:
+Style/PerlBackrefs:
+  AutoCorrect: false
+
+Style/RegexpLiteral:
   Enabled: false
 
-# Reason: Overridden to reduce implicit StandardError rescues
-# https://docs.rubocop.org/rubocop/cops_style.html#stylerescuestandarderror
-Style/RescueStandardError:
-  EnforcedStyle: implicit
-
-# Reason: Simplify some spec layouts
-# https://docs.rubocop.org/rubocop/cops_style.html#stylesemicolon
-Style/Semicolon:
-  AllowAsExpressionSeparator: true
-
-# Reason: Originally disabled for CodeClimate, and no config consensus has been found
-# https://docs.rubocop.org/rubocop/cops_style.html#stylesymbolarray
 Style/SymbolArray:
   Enabled: false
 
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_style.html#styletrailingcommainarrayliteral
 Style/TrailingCommaInArrayLiteral:
   EnforcedStyleForMultiline: 'comma'
 
-# Reason:
-# https://docs.rubocop.org/rubocop/cops_style.html#styletrailingcommainhashliteral
 Style/TrailingCommaInHashLiteral:
   EnforcedStyleForMultiline: 'comma'
-
-Style/MiddleDot:
-  Enabled: true

.rubocop_todo.yml

@@ -1,842 +0,0 @@
-# This configuration was generated by
-# `rubocop --auto-gen-config --auto-gen-only-exclude --no-exclude-limit --no-offense-counts --no-auto-gen-timestamp`
-# using RuboCop version 1.56.1.
-# The point is for the user to remove these configuration records
-# one by one as the offenses are removed from the code base.
-# Note that changes in the inspected code, or installation of new
-# versions of RuboCop, may require this file to be generated again.
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: TreatCommentsAsGroupSeparators, ConsiderPunctuation, Include.
-# Include: **/*.gemfile, **/Gemfile, **/gems.rb
-Bundler/OrderedGems:
-  Exclude:
-    - 'Gemfile'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle, IndentationWidth.
-# SupportedStyles: with_first_argument, with_fixed_indentation
-Layout/ArgumentAlignment:
-  Exclude:
-    - 'config/initializers/cors.rb'
-    - 'config/initializers/session_store.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
-# SupportedHashRocketStyles: key, separator, table
-# SupportedColonStyles: key, separator, table
-# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
-Layout/HashAlignment:
-  Exclude:
-    - 'config/environments/production.rb'
-    - 'config/initializers/rack_attack.rb'
-    - 'config/routes.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowDoxygenCommentStyle, AllowGemfileRubyComment.
-Layout/LeadingCommentSpace:
-  Exclude:
-    - 'config/application.rb'
-    - 'config/initializers/3_omniauth.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
-# URISchemes: http, https
-Layout/LineLength:
-  Exclude:
-    - 'app/models/account.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: require_no_space, require_space
-Layout/SpaceInLambdaLiteral:
-  Exclude:
-    - 'config/environments/production.rb'
-    - 'config/initializers/content_security_policy.rb'
-
-# Configuration parameters: AllowComments, AllowEmptyLambdas.
-Lint/EmptyBlock:
-  Exclude:
-    - 'spec/controllers/api/v2/search_controller_spec.rb'
-    - 'spec/fabricators/access_token_fabricator.rb'
-    - 'spec/fabricators/conversation_fabricator.rb'
-    - 'spec/fabricators/system_key_fabricator.rb'
-    - 'spec/lib/activitypub/adapter_spec.rb'
-    - 'spec/models/user_role_spec.rb'
-
-Lint/NonLocalExitFromIterator:
-  Exclude:
-    - 'app/helpers/jsonld_helper.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Lint/OrAssignmentToConstant:
-  Exclude:
-    - 'lib/sanitize_ext/sanitize_config.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
-Lint/UnusedBlockArgument:
-  Exclude:
-    - 'config/initializers/content_security_policy.rb'
-    - 'config/initializers/doorkeeper.rb'
-    - 'config/initializers/paperclip.rb'
-    - 'config/initializers/simple_form.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Lint/UselessAssignment:
-  Exclude:
-    - 'app/services/activitypub/process_status_update_service.rb'
-    - 'config/initializers/3_omniauth.rb'
-    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
-    - 'db/post_migrate/20190511152737_remove_suspended_silenced_account_fields.rb'
-    - 'spec/controllers/api/v1/favourites_controller_spec.rb'
-    - 'spec/controllers/concerns/account_controller_concern_spec.rb'
-    - 'spec/helpers/jsonld_helper_spec.rb'
-    - 'spec/models/account_spec.rb'
-    - 'spec/models/domain_block_spec.rb'
-    - 'spec/models/status_spec.rb'
-    - 'spec/models/user_spec.rb'
-    - 'spec/models/webauthn_credentials_spec.rb'
-    - 'spec/services/account_search_service_spec.rb'
-    - 'spec/services/post_status_service_spec.rb'
-    - 'spec/services/precompute_feed_service_spec.rb'
-    - 'spec/services/resolve_url_service_spec.rb'
-    - 'spec/views/statuses/show.html.haml_spec.rb'
-
-# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
-Metrics/AbcSize:
-  Max: 144
-
-# Configuration parameters: CountBlocks, Max.
-Metrics/BlockNesting:
-  Exclude:
-    - 'lib/tasks/mastodon.rake'
-
-# Configuration parameters: AllowedMethods, AllowedPatterns.
-Metrics/CyclomaticComplexity:
-  Max: 25
-
-# Configuration parameters: AllowedMethods, AllowedPatterns.
-Metrics/PerceivedComplexity:
-  Max: 27
-
-# Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
-# SupportedStyles: snake_case, normalcase, non_integer
-# AllowedIdentifiers: capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
-Naming/VariableNumber:
-  Exclude:
-    - 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
-    - 'db/migrate/20180514140000_revert_index_change_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
-    - 'db/migrate/20190820003045_update_statuses_index.rb'
-    - 'db/migrate/20190823221802_add_local_index_to_statuses.rb'
-    - 'db/migrate/20200119112504_add_public_index_to_statuses.rb'
-    - 'spec/models/account_spec.rb'
-    - 'spec/models/domain_block_spec.rb'
-    - 'spec/models/user_spec.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: SafeMultiline.
-Performance/DeletePrefix:
-  Exclude:
-    - 'app/models/featured_tag.rb'
-
-Performance/MapMethodChain:
-  Exclude:
-    - 'app/models/feed.rb'
-    - 'lib/mastodon/cli/maintenance.rb'
-    - 'spec/services/bulk_import_service_spec.rb'
-    - 'spec/services/import_service_spec.rb'
-
-RSpec/AnyInstance:
-  Exclude:
-    - 'spec/controllers/activitypub/inboxes_controller_spec.rb'
-    - 'spec/controllers/admin/accounts_controller_spec.rb'
-    - 'spec/controllers/admin/resets_controller_spec.rb'
-    - 'spec/controllers/admin/settings/branding_controller_spec.rb'
-    - 'spec/controllers/api/v1/media_controller_spec.rb'
-    - 'spec/controllers/auth/sessions_controller_spec.rb'
-    - 'spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb'
-    - 'spec/controllers/settings/two_factor_authentication/recovery_codes_controller_spec.rb'
-    - 'spec/lib/request_spec.rb'
-    - 'spec/lib/status_filter_spec.rb'
-    - 'spec/models/account_spec.rb'
-    - 'spec/models/setting_spec.rb'
-    - 'spec/services/activitypub/process_collection_service_spec.rb'
-    - 'spec/validators/follow_limit_validator_spec.rb'
-    - 'spec/workers/activitypub/delivery_worker_spec.rb'
-    - 'spec/workers/web/push_notification_worker_spec.rb'
-
-# Configuration parameters: CountAsOne.
-RSpec/ExampleLength:
-  Max: 22
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: implicit, each, example
-RSpec/HookArgument:
-  Exclude:
-    - 'spec/controllers/api/v1/streaming_controller_spec.rb'
-    - 'spec/controllers/well_known/webfinger_controller_spec.rb'
-    - 'spec/helpers/instance_helper_spec.rb'
-    - 'spec/models/user_spec.rb'
-    - 'spec/rails_helper.rb'
-    - 'spec/serializers/activitypub/note_serializer_spec.rb'
-    - 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
-    - 'spec/services/import_service_spec.rb'
-
-# Configuration parameters: AssignmentOnly.
-RSpec/InstanceVariable:
-  Exclude:
-    - 'spec/controllers/api/v1/streaming_controller_spec.rb'
-    - 'spec/controllers/auth/confirmations_controller_spec.rb'
-    - 'spec/controllers/auth/passwords_controller_spec.rb'
-    - 'spec/controllers/auth/sessions_controller_spec.rb'
-    - 'spec/controllers/concerns/export_controller_concern_spec.rb'
-    - 'spec/controllers/home_controller_spec.rb'
-    - 'spec/controllers/settings/two_factor_authentication/webauthn_credentials_controller_spec.rb'
-    - 'spec/controllers/statuses_cleanup_controller_spec.rb'
-    - 'spec/models/concerns/account_finder_concern_spec.rb'
-    - 'spec/models/concerns/account_interactions_spec.rb'
-    - 'spec/models/public_feed_spec.rb'
-    - 'spec/serializers/activitypub/note_serializer_spec.rb'
-    - 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
-    - 'spec/services/remove_status_service_spec.rb'
-    - 'spec/services/search_service_spec.rb'
-    - 'spec/services/unblock_domain_service_spec.rb'
-
-RSpec/LetSetup:
-  Exclude:
-    - 'spec/controllers/admin/accounts_controller_spec.rb'
-    - 'spec/controllers/admin/action_logs_controller_spec.rb'
-    - 'spec/controllers/admin/instances_controller_spec.rb'
-    - 'spec/controllers/admin/reports/actions_controller_spec.rb'
-    - 'spec/controllers/admin/statuses_controller_spec.rb'
-    - 'spec/controllers/api/v1/accounts/statuses_controller_spec.rb'
-    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
-    - 'spec/controllers/api/v1/filters_controller_spec.rb'
-    - 'spec/controllers/api/v1/followed_tags_controller_spec.rb'
-    - 'spec/controllers/api/v2/admin/accounts_controller_spec.rb'
-    - 'spec/controllers/api/v2/filters/keywords_controller_spec.rb'
-    - 'spec/controllers/api/v2/filters/statuses_controller_spec.rb'
-    - 'spec/controllers/auth/confirmations_controller_spec.rb'
-    - 'spec/controllers/auth/passwords_controller_spec.rb'
-    - 'spec/controllers/auth/sessions_controller_spec.rb'
-    - 'spec/controllers/follower_accounts_controller_spec.rb'
-    - 'spec/controllers/following_accounts_controller_spec.rb'
-    - 'spec/controllers/oauth/authorized_applications_controller_spec.rb'
-    - 'spec/controllers/oauth/tokens_controller_spec.rb'
-    - 'spec/controllers/settings/imports_controller_spec.rb'
-    - 'spec/lib/activitypub/activity/delete_spec.rb'
-    - 'spec/lib/vacuum/applications_vacuum_spec.rb'
-    - 'spec/lib/vacuum/preview_cards_vacuum_spec.rb'
-    - 'spec/models/account_spec.rb'
-    - 'spec/models/account_statuses_cleanup_policy_spec.rb'
-    - 'spec/models/canonical_email_block_spec.rb'
-    - 'spec/models/status_spec.rb'
-    - 'spec/models/user_spec.rb'
-    - 'spec/services/account_statuses_cleanup_service_spec.rb'
-    - 'spec/services/activitypub/fetch_featured_collection_service_spec.rb'
-    - 'spec/services/activitypub/fetch_remote_status_service_spec.rb'
-    - 'spec/services/activitypub/process_account_service_spec.rb'
-    - 'spec/services/activitypub/process_collection_service_spec.rb'
-    - 'spec/services/batched_remove_status_service_spec.rb'
-    - 'spec/services/block_domain_service_spec.rb'
-    - 'spec/services/bulk_import_service_spec.rb'
-    - 'spec/services/delete_account_service_spec.rb'
-    - 'spec/services/import_service_spec.rb'
-    - 'spec/services/notify_service_spec.rb'
-    - 'spec/services/remove_status_service_spec.rb'
-    - 'spec/services/report_service_spec.rb'
-    - 'spec/services/resolve_account_service_spec.rb'
-    - 'spec/services/suspend_account_service_spec.rb'
-    - 'spec/services/unallow_domain_service_spec.rb'
-    - 'spec/services/unsuspend_account_service_spec.rb'
-    - 'spec/workers/scheduler/user_cleanup_scheduler_spec.rb'
-
-RSpec/MessageChain:
-  Exclude:
-    - 'spec/controllers/api/v1/media_controller_spec.rb'
-    - 'spec/models/concerns/remotable_spec.rb'
-    - 'spec/models/session_activation_spec.rb'
-    - 'spec/models/setting_spec.rb'
-
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: have_received, receive
-RSpec/MessageSpies:
-  Exclude:
-    - 'spec/controllers/admin/accounts_controller_spec.rb'
-    - 'spec/helpers/admin/account_moderation_notes_helper_spec.rb'
-    - 'spec/lib/webfinger_resource_spec.rb'
-    - 'spec/models/admin/account_action_spec.rb'
-    - 'spec/models/concerns/remotable_spec.rb'
-    - 'spec/models/follow_request_spec.rb'
-    - 'spec/models/identity_spec.rb'
-    - 'spec/models/session_activation_spec.rb'
-    - 'spec/models/setting_spec.rb'
-    - 'spec/services/activitypub/fetch_replies_service_spec.rb'
-    - 'spec/services/activitypub/process_collection_service_spec.rb'
-    - 'spec/spec_helper.rb'
-    - 'spec/validators/status_length_validator_spec.rb'
-
-RSpec/MultipleExpectations:
-  Max: 8
-
-# Configuration parameters: AllowSubject.
-RSpec/MultipleMemoizedHelpers:
-  Max: 21
-
-# Configuration parameters: AllowedGroups.
-RSpec/NestedGroups:
-  Max: 6
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/ApplicationController:
-  Exclude:
-    - 'app/controllers/health_controller.rb'
-
-# Configuration parameters: Include.
-# Include: db/**/*.rb
-Rails/CreateTableWithTimestamps:
-  Exclude:
-    - 'db/migrate/20170508230434_create_conversation_mutes.rb'
-    - 'db/migrate/20170823162448_create_status_pins.rb'
-    - 'db/migrate/20171116161857_create_list_accounts.rb'
-    - 'db/migrate/20180929222014_create_account_conversations.rb'
-    - 'db/migrate/20181007025445_create_pghero_space_stats.rb'
-    - 'db/migrate/20190103124649_create_scheduled_statuses.rb'
-    - 'db/migrate/20220824233535_create_status_trends.rb'
-    - 'db/migrate/20221006061337_create_preview_card_trends.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: Severity.
-Rails/DuplicateAssociation:
-  Exclude:
-    - 'app/serializers/activitypub/collection_serializer.rb'
-    - 'app/serializers/activitypub/note_serializer.rb'
-
-# Configuration parameters: Include.
-# Include: app/models/**/*.rb
-Rails/HasAndBelongsToMany:
-  Exclude:
-    - 'app/models/concerns/account_associations.rb'
-    - 'app/models/preview_card.rb'
-    - 'app/models/status.rb'
-    - 'app/models/tag.rb'
-
-# Configuration parameters: Include.
-# Include: app/models/**/*.rb
-Rails/HasManyOrHasOneDependent:
-  Exclude:
-    - 'app/models/concerns/account_counters.rb'
-    - 'app/models/conversation.rb'
-    - 'app/models/custom_emoji.rb'
-    - 'app/models/custom_emoji_category.rb'
-    - 'app/models/domain_block.rb'
-    - 'app/models/invite.rb'
-    - 'app/models/status.rb'
-    - 'app/models/user.rb'
-    - 'app/models/web/push_subscription.rb'
-
-Rails/I18nLocaleTexts:
-  Exclude:
-    - 'lib/tasks/mastodon.rake'
-    - 'spec/helpers/flashes_helper_spec.rb'
-
-# Configuration parameters: Include.
-# Include: app/controllers/**/*.rb, app/mailers/**/*.rb
-Rails/LexicallyScopedActionFilter:
-  Exclude:
-    - 'app/controllers/auth/passwords_controller.rb'
-    - 'app/controllers/auth/registrations_controller.rb'
-    - 'app/controllers/auth/sessions_controller.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Rails/NegateInclude:
-  Exclude:
-    - 'app/controllers/concerns/signature_verification.rb'
-    - 'app/helpers/jsonld_helper.rb'
-    - 'app/lib/activitypub/activity/create.rb'
-    - 'app/lib/activitypub/activity/move.rb'
-    - 'app/lib/feed_manager.rb'
-    - 'app/lib/link_details_extractor.rb'
-    - 'app/models/concerns/attachmentable.rb'
-    - 'app/models/concerns/remotable.rb'
-    - 'app/models/custom_filter.rb'
-    - 'app/services/activitypub/process_status_update_service.rb'
-    - 'app/services/fetch_link_card_service.rb'
-    - 'app/services/search_service.rb'
-    - 'app/workers/web/push_notification_worker.rb'
-    - 'lib/paperclip/color_extractor.rb'
-
-Rails/OutputSafety:
-  Exclude:
-    - 'config/initializers/simple_form.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: Include.
-# Include: **/Rakefile, **/*.rake
-Rails/RakeEnvironment:
-  Exclude:
-    - 'lib/tasks/auto_annotate_models.rake'
-    - 'lib/tasks/db.rake'
-    - 'lib/tasks/emojis.rake'
-    - 'lib/tasks/mastodon.rake'
-    - 'lib/tasks/repo.rake'
-    - 'lib/tasks/statistics.rake'
-
-# Configuration parameters: Include.
-# Include: db/**/*.rb
-Rails/ReversibleMigration:
-  Exclude:
-    - 'db/migrate/20160223164502_make_uris_nullable_in_statuses.rb'
-    - 'db/migrate/20161122163057_remove_unneeded_indexes.rb'
-    - 'db/migrate/20170205175257_remove_devices.rb'
-    - 'db/migrate/20170322143850_change_primary_key_to_bigint_on_statuses.rb'
-    - 'db/migrate/20170520145338_change_language_filter_to_opt_out.rb'
-    - 'db/migrate/20170609145826_remove_default_language_from_statuses.rb'
-    - 'db/migrate/20170711225116_fix_null_booleans.rb'
-    - 'db/migrate/20171129172043_add_index_on_stream_entries.rb'
-    - 'db/migrate/20171212195226_remove_duplicate_indexes_in_lists.rb'
-    - 'db/migrate/20171226094803_more_faster_index_on_notifications.rb'
-    - 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
-    - 'db/migrate/20180617162849_remove_unused_indexes.rb'
-    - 'db/migrate/20220827195229_change_canonical_email_blocks_nullable.rb'
-
-# Configuration parameters: ForbiddenMethods, AllowedMethods.
-# ForbiddenMethods: decrement!, decrement_counter, increment!, increment_counter, insert, insert!, insert_all, insert_all!, toggle!, touch, touch_all, update_all, update_attribute, update_column, update_columns, update_counters, upsert, upsert_all
-Rails/SkipsModelValidations:
-  Exclude:
-    - 'app/controllers/admin/invites_controller.rb'
-    - 'app/controllers/concerns/session_tracking_concern.rb'
-    - 'app/models/concerns/account_merging.rb'
-    - 'app/models/concerns/expireable.rb'
-    - 'app/models/status.rb'
-    - 'app/models/trends/links.rb'
-    - 'app/models/trends/preview_card_batch.rb'
-    - 'app/models/trends/preview_card_provider_batch.rb'
-    - 'app/models/trends/status_batch.rb'
-    - 'app/models/trends/statuses.rb'
-    - 'app/models/trends/tag_batch.rb'
-    - 'app/models/trends/tags.rb'
-    - 'app/models/user.rb'
-    - 'app/services/activitypub/process_status_update_service.rb'
-    - 'app/services/approve_appeal_service.rb'
-    - 'app/services/block_domain_service.rb'
-    - 'app/services/delete_account_service.rb'
-    - 'app/services/process_mentions_service.rb'
-    - 'app/services/unallow_domain_service.rb'
-    - 'app/services/unblock_domain_service.rb'
-    - 'app/services/update_status_service.rb'
-    - 'app/workers/activitypub/post_upgrade_worker.rb'
-    - 'app/workers/move_worker.rb'
-    - 'app/workers/scheduler/ip_cleanup_scheduler.rb'
-    - 'app/workers/scheduler/scheduled_statuses_scheduler.rb'
-    - 'db/migrate/20161203164520_add_from_account_id_to_notifications.rb'
-    - 'db/migrate/20170105224407_add_shortcode_to_media_attachments.rb'
-    - 'db/migrate/20170209184350_add_reply_to_statuses.rb'
-    - 'db/migrate/20170304202101_add_type_to_media_attachments.rb'
-    - 'db/migrate/20180528141303_fix_accounts_unique_index.rb'
-    - 'db/migrate/20180609104432_migrate_web_push_subscriptions2.rb'
-    - 'db/migrate/20181207011115_downcase_custom_emoji_domains.rb'
-    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
-    - 'db/migrate/20191007013357_update_pt_locales.rb'
-    - 'db/migrate/20220316233212_update_kurdish_locales.rb'
-    - 'db/post_migrate/20190511152737_remove_suspended_silenced_account_fields.rb'
-    - 'db/post_migrate/20200917193528_migrate_notifications_type.rb'
-    - 'db/post_migrate/20201017234926_fill_account_suspension_origin.rb'
-    - 'db/post_migrate/20220617202502_migrate_roles.rb'
-    - 'db/post_migrate/20221101190723_backfill_admin_action_logs.rb'
-    - 'db/post_migrate/20221206114142_backfill_admin_action_logs_again.rb'
-    - 'lib/mastodon/cli/accounts.rb'
-    - 'lib/mastodon/cli/main.rb'
-    - 'lib/mastodon/cli/maintenance.rb'
-    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
-    - 'spec/lib/activitypub/activity/follow_spec.rb'
-    - 'spec/services/follow_service_spec.rb'
-    - 'spec/services/update_account_service_spec.rb'
-
-# Configuration parameters: Include.
-# Include: db/**/*.rb
-Rails/ThreeStateBooleanColumn:
-  Exclude:
-    - 'db/migrate/20160325130944_add_admin_to_users.rb'
-    - 'db/migrate/20161123093447_add_sensitive_to_statuses.rb'
-    - 'db/migrate/20170123203248_add_reject_media_to_domain_blocks.rb'
-    - 'db/migrate/20170127165745_add_devise_two_factor_to_users.rb'
-    - 'db/migrate/20170209184350_add_reply_to_statuses.rb'
-    - 'db/migrate/20170330163835_create_imports.rb'
-    - 'db/migrate/20170905165803_add_local_to_statuses.rb'
-    - 'db/migrate/20181203021853_add_discoverable_to_accounts.rb'
-    - 'db/migrate/20190509164208_add_by_moderator_to_tombstone.rb'
-    - 'db/migrate/20190805123746_add_capabilities_to_tags.rb'
-    - 'db/migrate/20191212163405_add_hide_collections_to_accounts.rb'
-    - 'db/migrate/20200309150742_add_forwarded_to_reports.rb'
-    - 'db/migrate/20210609202149_create_login_activities.rb'
-    - 'db/migrate/20210621221010_add_skip_sign_in_token_to_users.rb'
-    - 'db/migrate/20211031031021_create_preview_card_providers.rb'
-    - 'db/migrate/20211115032527_add_trendable_to_preview_cards.rb'
-    - 'db/migrate/20220202200743_add_trendable_to_accounts.rb'
-    - 'db/migrate/20220202200926_add_trendable_to_statuses.rb'
-    - 'db/migrate/20220303000827_add_ordered_media_attachment_ids_to_status_edits.rb'
-
-# Configuration parameters: Include.
-# Include: app/models/**/*.rb
-Rails/UniqueValidationWithoutIndex:
-  Exclude:
-    - 'app/models/account_alias.rb'
-    - 'app/models/custom_filter_status.rb'
-    - 'app/models/identity.rb'
-    - 'app/models/webauthn_credential.rb'
-
-# Configuration parameters: Include.
-# Include: app/models/**/*.rb
-Rails/UnusedIgnoredColumns:
-  Exclude:
-    - 'app/models/account.rb'
-    - 'app/models/account_stat.rb'
-    - 'app/models/admin/action_log.rb'
-    - 'app/models/custom_filter.rb'
-    - 'app/models/email_domain_block.rb'
-    - 'app/models/report.rb'
-    - 'app/models/status_edit.rb'
-    - 'app/models/user.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: exists, where
-Rails/WhereExists:
-  Exclude:
-    - 'app/controllers/activitypub/inboxes_controller.rb'
-    - 'app/controllers/admin/email_domain_blocks_controller.rb'
-    - 'app/controllers/auth/registrations_controller.rb'
-    - 'app/lib/activitypub/activity/create.rb'
-    - 'app/lib/delivery_failure_tracker.rb'
-    - 'app/lib/feed_manager.rb'
-    - 'app/lib/status_cache_hydrator.rb'
-    - 'app/lib/suspicious_sign_in_detector.rb'
-    - 'app/models/concerns/account_interactions.rb'
-    - 'app/models/featured_tag.rb'
-    - 'app/models/poll.rb'
-    - 'app/models/session_activation.rb'
-    - 'app/models/status.rb'
-    - 'app/models/user.rb'
-    - 'app/policies/status_policy.rb'
-    - 'app/serializers/rest/announcement_serializer.rb'
-    - 'app/serializers/rest/tag_serializer.rb'
-    - 'app/services/activitypub/fetch_remote_status_service.rb'
-    - 'app/services/app_sign_up_service.rb'
-    - 'app/services/vote_service.rb'
-    - 'app/validators/reaction_validator.rb'
-    - 'app/validators/vote_validator.rb'
-    - 'app/workers/move_worker.rb'
-    - 'db/migrate/20190529143559_preserve_old_layout_for_existing_users.rb'
-    - 'lib/tasks/tests.rake'
-    - 'spec/models/account_spec.rb'
-    - 'spec/services/activitypub/process_collection_service_spec.rb'
-    - 'spec/services/purge_domain_service_spec.rb'
-    - 'spec/services/unallow_domain_service_spec.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowOnConstant, AllowOnSelfClass.
-Style/CaseEquality:
-  Exclude:
-    - 'config/initializers/trusted_proxies.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowedMethods, AllowedPatterns.
-# AllowedMethods: ==, equal?, eql?
-Style/ClassEqualityComparison:
-  Exclude:
-    - 'app/helpers/jsonld_helper.rb'
-    - 'app/serializers/activitypub/outbox_serializer.rb'
-
-Style/ClassVars:
-  Exclude:
-    - 'config/initializers/devise.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Style/CombinableLoops:
-  Exclude:
-    - 'app/models/form/custom_emoji_batch.rb'
-    - 'app/models/form/ip_block_batch.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowedVars.
-Style/FetchEnvVar:
-  Exclude:
-    - 'app/lib/redis_configuration.rb'
-    - 'app/lib/translation_service.rb'
-    - 'config/environments/development.rb'
-    - 'config/environments/production.rb'
-    - 'config/initializers/2_limited_federation_mode.rb'
-    - 'config/initializers/3_omniauth.rb'
-    - 'config/initializers/blacklists.rb'
-    - 'config/initializers/cache_buster.rb'
-    - 'config/initializers/content_security_policy.rb'
-    - 'config/initializers/devise.rb'
-    - 'config/initializers/paperclip.rb'
-    - 'config/initializers/vapid.rb'
-    - 'lib/mastodon/premailer_webpack_strategy.rb'
-    - 'lib/mastodon/redis_config.rb'
-    - 'lib/tasks/repo.rake'
-    - 'spec/features/profile_spec.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle, MaxUnannotatedPlaceholdersAllowed, AllowedMethods, AllowedPatterns.
-# SupportedStyles: annotated, template, unannotated
-# AllowedMethods: redirect
-Style/FormatStringToken:
-  Exclude:
-    - 'app/models/privacy_policy.rb'
-    - 'config/initializers/devise.rb'
-    - 'lib/paperclip/color_extractor.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Style/GlobalStdStream:
-  Exclude:
-    - 'config/boot.rb'
-    - 'config/environments/development.rb'
-    - 'config/environments/production.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: MinBodyLength, AllowConsecutiveConditionals.
-Style/GuardClause:
-  Exclude:
-    - 'app/controllers/admin/confirmations_controller.rb'
-    - 'app/controllers/auth/confirmations_controller.rb'
-    - 'app/controllers/auth/passwords_controller.rb'
-    - 'app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb'
-    - 'app/lib/activitypub/activity/block.rb'
-    - 'app/lib/request.rb'
-    - 'app/lib/request_pool.rb'
-    - 'app/lib/webfinger.rb'
-    - 'app/lib/webfinger_resource.rb'
-    - 'app/models/concerns/account_counters.rb'
-    - 'app/models/concerns/ldap_authenticable.rb'
-    - 'app/models/tag.rb'
-    - 'app/models/user.rb'
-    - 'app/services/fan_out_on_write_service.rb'
-    - 'app/services/post_status_service.rb'
-    - 'app/services/process_hashtags_service.rb'
-    - 'app/workers/move_worker.rb'
-    - 'app/workers/redownload_avatar_worker.rb'
-    - 'app/workers/redownload_header_worker.rb'
-    - 'app/workers/redownload_media_worker.rb'
-    - 'app/workers/remote_account_refresh_worker.rb'
-    - 'config/initializers/devise.rb'
-    - 'db/migrate/20170901141119_truncate_preview_cards.rb'
-    - 'db/post_migrate/20220704024901_migrate_settings_to_user_roles.rb'
-    - 'lib/devise/two_factor_ldap_authenticatable.rb'
-    - 'lib/devise/two_factor_pam_authenticatable.rb'
-    - 'lib/mastodon/cli/accounts.rb'
-    - 'lib/mastodon/cli/maintenance.rb'
-    - 'lib/mastodon/cli/media.rb'
-    - 'lib/paperclip/attachment_extensions.rb'
-    - 'lib/tasks/repo.rake'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: braces, no_braces
-Style/HashAsLastArrayItem:
-  Exclude:
-    - 'app/controllers/admin/statuses_controller.rb'
-    - 'app/controllers/api/v1/statuses_controller.rb'
-    - 'app/models/concerns/account_counters.rb'
-    - 'app/models/concerns/status_threading_concern.rb'
-    - 'app/models/status.rb'
-    - 'app/services/batched_remove_status_service.rb'
-    - 'app/services/notify_service.rb'
-    - 'db/migrate/20181024224956_migrate_account_conversations.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Style/HashTransformValues:
-  Exclude:
-    - 'app/serializers/rest/web_push_subscription_serializer.rb'
-    - 'app/services/import_service.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-Style/IfUnlessModifier:
-  Exclude:
-    - 'config/environments/production.rb'
-    - 'config/initializers/devise.rb'
-    - 'config/initializers/ffmpeg.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: InverseMethods, InverseBlocks.
-Style/InverseMethods:
-  Exclude:
-    - 'app/models/custom_filter.rb'
-    - 'app/services/update_account_service.rb'
-    - 'spec/controllers/activitypub/replies_controller_spec.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: line_count_dependent, lambda, literal
-Style/Lambda:
-  Exclude:
-    - 'config/initializers/simple_form.rb'
-    - 'config/routes.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Style/MapToHash:
-  Exclude:
-    - 'app/models/status.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: literals, strict
-Style/MutableConstant:
-  Exclude:
-    - 'app/models/tag.rb'
-    - 'app/services/delete_account_service.rb'
-    - 'lib/mastodon/migration_warning.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-Style/NilLambda:
-  Exclude:
-    - 'config/initializers/paperclip.rb'
-
-# Configuration parameters: AllowedMethods.
-# AllowedMethods: respond_to_missing?
-Style/OptionalBooleanParameter:
-  Exclude:
-    - 'app/helpers/admin/account_moderation_notes_helper.rb'
-    - 'app/helpers/jsonld_helper.rb'
-    - 'app/lib/admin/system_check/message.rb'
-    - 'app/lib/request.rb'
-    - 'app/lib/webfinger.rb'
-    - 'app/services/block_domain_service.rb'
-    - 'app/services/fetch_resource_service.rb'
-    - 'app/workers/domain_block_worker.rb'
-    - 'app/workers/unfollow_follow_worker.rb'
-    - 'lib/mastodon/redis_config.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: PreferredDelimiters.
-Style/PercentLiteralDelimiters:
-  Exclude:
-    - 'config/deploy.rb'
-    - 'config/initializers/doorkeeper.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: short, verbose
-Style/PreferredHashMethods:
-  Exclude:
-    - 'config/initializers/paperclip.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-Style/RedundantConstantBase:
-  Exclude:
-    - 'config/environments/production.rb'
-    - 'config/initializers/sidekiq.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: SafeForConstants.
-Style/RedundantFetchBlock:
-  Exclude:
-    - 'config/initializers/1_hosts.rb'
-    - 'config/initializers/chewy.rb'
-    - 'config/initializers/devise.rb'
-    - 'config/initializers/paperclip.rb'
-    - 'config/puma.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowMultipleReturnValues.
-Style/RedundantReturn:
-  Exclude:
-    - 'app/controllers/api/v1/directories_controller.rb'
-    - 'app/controllers/auth/confirmations_controller.rb'
-    - 'app/lib/ostatus/tag_manager.rb'
-    - 'app/models/form/import.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: ConvertCodeThatCanStartToReturnNil, AllowedMethods, MaxChainLength.
-# AllowedMethods: present?, blank?, presence, try, try!
-Style/SafeNavigation:
-  Exclude:
-    - 'app/models/concerns/account_finder_concern.rb'
-    - 'app/models/status.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: only_raise, only_fail, semantic
-Style/SignalException:
-  Exclude:
-    - 'lib/devise/two_factor_ldap_authenticatable.rb'
-    - 'lib/devise/two_factor_pam_authenticatable.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-Style/SingleArgumentDig:
-  Exclude:
-    - 'lib/webpacker/manifest_extensions.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle.
-# SupportedStyles: require_parentheses, require_no_parentheses
-Style/StabbyLambdaParentheses:
-  Exclude:
-    - 'config/environments/production.rb'
-    - 'config/initializers/content_security_policy.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-Style/StderrPuts:
-  Exclude:
-    - 'config/boot.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: Mode.
-Style/StringConcatenation:
-  Exclude:
-    - 'config/initializers/paperclip.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle, ConsistentQuotesInMultiline.
-# SupportedStyles: single_quotes, double_quotes
-Style/StringLiterals:
-  Exclude:
-    - 'config/environments/production.rb'
-    - 'config/initializers/backtrace_silencers.rb'
-    - 'config/initializers/http_client_proxy.rb'
-    - 'config/initializers/rack_attack.rb'
-    - 'config/initializers/webauthn.rb'
-    - 'config/routes.rb'
-
-# This cop supports unsafe autocorrection (--autocorrect-all).
-# Configuration parameters: AllowMethodsWithArguments, AllowedMethods, AllowedPatterns, AllowComments.
-# AllowedMethods: define_method, mail, respond_to
-Style/SymbolProc:
-  Exclude:
-    - 'config/initializers/3_omniauth.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle, AllowSafeAssignment.
-# SupportedStyles: require_parentheses, require_no_parentheses, require_parentheses_when_complex
-Style/TernaryParentheses:
-  Exclude:
-    - 'config/environments/development.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyleForMultiline.
-# SupportedStylesForMultiline: comma, consistent_comma, no_comma
-Style/TrailingCommaInArguments:
-  Exclude:
-    - 'config/initializers/paperclip.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyleForMultiline.
-# SupportedStylesForMultiline: comma, consistent_comma, no_comma
-Style/TrailingCommaInHashLiteral:
-  Exclude:
-    - 'config/environments/production.rb'
-    - 'config/environments/test.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle, MinSize, WordRegex.
-# SupportedStyles: percent, brackets
-Style/WordArray:
-  Exclude:
-    - 'app/helpers/languages_helper.rb'
-    - 'config/initializers/cors.rb'
-    - 'spec/controllers/settings/imports_controller_spec.rb'
-    - 'spec/models/form/import_spec.rb'

.ruby-gemset

@@ -1 +0,0 @@
-mastodon

.ruby-version

@@ -1 +1 @@
-3.2.3
+2.6.0

.scss-lint.yml

@@ -0,0 +1,264 @@
+# Linter Documentation:
+# https://github.com/brigade/scss-lint/blob/v0.42.2/lib/scss_lint/linter/README.md
+
+scss_files: 'app/javascript/styles/**/*.scss'
+
+exclude:
+  - app/javascript/styles/reset.scss
+
+linters:
+  # Reports when you use improper spacing around ! (the "bang") in !default,
+  # !global, !important, and !optional flags.
+  BangFormat:
+    enabled: false
+
+  # Whether or not to prefer `border: 0` over `border: none`.
+  BorderZero:
+    enabled: false
+
+  # Reports when you define a rule set using a selector with chained classes
+  # (a.k.a. adjoining classes).
+  ChainedClasses:
+    enabled: false
+
+  # Prefer hexadecimal color codes over color keywords.
+  # (e.g. `color: green` is a color keyword)
+  ColorKeyword:
+    enabled: false
+
+  # Prefer color literals (keywords or hexadecimal codes) to be used only in
+  # variable declarations. They should be referred to via variables everywhere
+  # else.
+  ColorVariable:
+    enabled: true
+
+  # Which form of comments to prefer in CSS.
+  Comment:
+    enabled: false
+
+  # Reports @debug statements (which you probably left behind accidentally).
+  DebugStatement:
+    enabled: false
+
+  # Rule sets should be ordered as follows:
+  # - @extend declarations
+  # - @include declarations without inner @content
+  # - properties, @include declarations with inner @content
+  # - nested rule sets.
+  DeclarationOrder:
+    enabled: false
+
+  # `scss-lint:disable` control comments should be preceded by a comment
+  # explaining why these linters are being disabled for this file.
+  # See https://github.com/brigade/scss-lint#disabling-linters-via-source for
+  # more information.
+  DisableLinterReason:
+    enabled: true
+
+  # Reports when you define the same property twice in a single rule set.
+  DuplicateProperty:
+    enabled: false
+
+  # Separate rule, function, and mixin declarations with empty lines.
+  EmptyLineBetweenBlocks:
+    enabled: true
+
+  # Reports when you have an empty rule set.
+  EmptyRule:
+    enabled: true
+
+  # Reports when you have an @extend directive.
+  ExtendDirective:
+    enabled: false
+
+  # Files should always have a final newline. This results in better diffs
+  # when adding lines to the file, since SCM systems such as git won't
+  # think that you touched the last line.
+  FinalNewline:
+    enabled: false
+
+  # HEX colors should use three-character values where possible.
+  HexLength:
+    enabled: false
+
+  # HEX color values should use lower-case colors to differentiate between
+  # letters and numbers, e.g. `#E3E3E3` vs. `#e3e3e3`.
+  HexNotation:
+    enabled: true
+
+  # Avoid using ID selectors.
+  IdSelector:
+    enabled: false
+
+  # The basenames of @imported SCSS partials should not begin with an
+  # underscore and should not include the filename extension.
+  ImportPath:
+    enabled: false
+
+  # Avoid using !important in properties. It is usually indicative of a
+  # misunderstanding of CSS specificity and can lead to brittle code.
+  ImportantRule:
+    enabled: false
+
+  # Indentation should always be done in increments of 2 spaces.
+  Indentation:
+    enabled: true
+    width: 2
+
+  # Don't write leading zeros for numeric values with a decimal point.
+  LeadingZero:
+    enabled: false
+
+  # Reports when you define the same selector twice in a single sheet.
+  MergeableSelector:
+    enabled: false
+
+  # Functions, mixins, variables, and placeholders should be declared
+  # with all lowercase letters and hyphens instead of underscores.
+  NameFormat:
+    enabled: false
+
+  # Avoid nesting selectors too deeply.
+  NestingDepth:
+    enabled: false
+
+  # Always use placeholder selectors in @extend.
+  PlaceholderInExtend:
+    enabled: false
+
+  # Sort properties in a strict order.
+  PropertySortOrder:
+    enabled: false
+
+  # Reports when you use an unknown or disabled CSS property
+  # (ignoring vendor-prefixed properties).
+  PropertySpelling:
+    enabled: false
+
+  # Configure which units are allowed for property values.
+  PropertyUnits:
+    enabled: false
+
+  # Pseudo-elements, like ::before, and ::first-letter, should be declared
+  # with two colons. Pseudo-classes, like :hover and :first-child, should
+  # be declared with one colon.
+  PseudoElement:
+    enabled: true
+
+  # Avoid qualifying elements in selectors (also known as "tag-qualifying").
+  QualifyingElement:
+    enabled: false
+
+  # Don't write selectors with a depth of applicability greater than 3.
+  SelectorDepth:
+    enabled: false
+
+  # Selectors should always use hyphenated-lowercase, rather than camelCase or
+  # snake_case.
+  SelectorFormat:
+    enabled: false
+    convention: hyphenated_lowercase
+
+  # Prefer the shortest shorthand form possible for properties that support it.
+  Shorthand:
+    enabled: true
+
+  # Each property should have its own line, except in the special case of
+  # single line rulesets.
+  SingleLinePerProperty:
+    enabled: true
+    allow_single_line_rule_sets: true
+
+  # Split selectors onto separate lines after each comma, and have each
+  # individual selector occupy a single line.
+  SingleLinePerSelector:
+    enabled: true
+
+  # Commas in lists should be followed by a space.
+  SpaceAfterComma:
+    enabled: false
+
+  # Properties should be formatted with a single space separating the colon
+  # from the property's value.
+  SpaceAfterPropertyColon:
+    enabled: true
+
+  # Properties should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterPropertyName:
+    enabled: true
+
+  # Variables should be formatted with a single space separating the colon
+  # from the variable's value.
+  SpaceAfterVariableColon:
+    enabled: true
+
+  # Variables should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterVariableName:
+    enabled: false
+
+  # Operators should be formatted with a single space on both sides of an
+  # infix operator.
+  SpaceAroundOperator:
+    enabled: true
+
+  # Opening braces should be preceded by a single space.
+  SpaceBeforeBrace:
+    enabled: true
+
+  # Parentheses should not be padded with spaces.
+  SpaceBetweenParens:
+    enabled: false
+
+  # Enforces that string literals should be written with a consistent form
+  # of quotes (single or double).
+  StringQuotes:
+    enabled: false
+
+  # Property values, @extend, @include, and @import directives, and variable
+  # declarations should always end with a semicolon.
+  TrailingSemicolon:
+    enabled: true
+
+  # Reports lines containing trailing whitespace.
+  TrailingWhitespace:
+    enabled: true
+
+  # Don't write trailing zeros for numeric values with a decimal point.
+  TrailingZero:
+    enabled: false
+
+  # Don't use the `all` keyword to specify transition properties.
+  TransitionAll:
+    enabled: false
+
+  # Numeric values should not contain unnecessary fractional portions.
+  UnnecessaryMantissa:
+    enabled: false
+
+  # Do not use parent selector references (&) when they would otherwise
+  # be unnecessary.
+  UnnecessaryParentReference:
+    enabled: false
+
+  # URLs should be valid and not contain protocols or domain names.
+  UrlFormat:
+    enabled: true
+
+  # URLs should always be enclosed within quotes.
+  UrlQuotes:
+    enabled: true
+
+  # Properties, like color and font, are easier to read and maintain
+  # when defined using variables rather than literals.
+  VariableForProperty:
+    enabled: false
+
+  # Avoid vendor prefixes. Or rather: don't write them yourself.
+  VendorPrefix:
+    enabled: false
+
+  # Omit length units on zero values, e.g. `0px` vs. `0`.
+  ZeroUnit:
+    enabled: true

.yarnclean

@@ -43,7 +43,4 @@ Gruntfile.js
 
 # for specific ignore
 !.svgo.yml
-!sass-lint/**/*.yml
 
-# breaks lint-staged or generally anything using https://github.com/eemeli/yaml/issues/384
-!**/yaml/dist/**/doc

Aptfile

@@ -1,5 +1,29 @@
 ffmpeg
-libopenblas0-pthread
+libicu[0-9][0-9]
+libicu-dev
+libidn11
+libidn11-dev
 libpq-dev
+libprotobuf-dev
+libssl-dev
 libxdamage1
 libxfixes3
+protobuf-compiler
+zlib1g-dev
+libcairo2
+libcroco3
+libdatrie1
+libgdk-pixbuf2.0-0
+libgraphite2-3
+libharfbuzz0b
+libpango-1.0-0
+libpangocairo-1.0-0
+libpangoft2-1.0-0
+libpixman-1-0
+librsvg2-2
+libthai-data
+libthai0
+libvpx5
+libxcb-render0
+libxcb-shm0
+libxrender1

CODE_OF_CONDUCT.md

@@ -2,131 +2,45 @@
 
 ## Our Pledge
 
-We as members, contributors, and leaders pledge to make participation in our
-community a harassment-free experience for everyone, regardless of age, body
-size, visible or invisible disability, ethnicity, sex characteristics, gender
-identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, caste, color, religion, or sexual
-identity and orientation.
-
-We pledge to act and interact in ways that contribute to an open, welcoming,
-diverse, inclusive, and healthy community.
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
 
 ## Our Standards
 
-Examples of behavior that contributes to a positive environment for our
-community include:
+Examples of behavior that contributes to creating a positive environment include:
 
-- Demonstrating empathy and kindness toward other people
-- Being respectful of differing opinions, viewpoints, and experiences
-- Giving and gracefully accepting constructive feedback
-- Accepting responsibility and apologizing to those affected by our mistakes,
-  and learning from the experience
-- Focusing on what is best not just for us as individuals, but for the overall
-  community
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
 
-Examples of unacceptable behavior include:
+Examples of unacceptable behavior by participants include:
 
-- The use of sexualized language or imagery, and sexual attention or advances of
-  any kind
-- Trolling, insulting or derogatory comments, and personal or political attacks
-- Public or private harassment
-- Publishing others' private information, such as a physical or email address,
-  without their explicit permission
-- Other conduct which could reasonably be considered inappropriate in a
-  professional setting
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
 
-## Enforcement Responsibilities
+## Our Responsibilities
 
-Community leaders are responsible for clarifying and enforcing our standards of
-acceptable behavior and will take appropriate and fair corrective action in
-response to any behavior that they deem inappropriate, threatening, offensive,
-or harmful.
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
 
-Community leaders have the right and responsibility to remove, edit, or reject
-comments, commits, code, wiki edits, issues, and other contributions that are
-not aligned to this Code of Conduct, and will communicate reasons for moderation
-decisions when appropriate.
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
 
 ## Scope
 
-This Code of Conduct applies within all community spaces, and also applies when
-an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
-posting via an official social media account, or acting as an appointed
-representative at an online or offline event.
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
 
 ## Enforcement
 
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported to the community leaders responsible for enforcement at
-[hello@joinmastodon.org](mailto:hello@joinmastodon.org).
-All complaints will be reviewed and investigated promptly and fairly.
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at eugen@zeonfederated.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
 
-All community leaders are obligated to respect the privacy and security of the
-reporter of any incident.
-
-## Enforcement Guidelines
-
-Community leaders will follow these Community Impact Guidelines in determining
-the consequences for any action they deem in violation of this Code of Conduct:
-
-### 1. Correction
-
-**Community Impact**: Use of inappropriate language or other behavior deemed
-unprofessional or unwelcome in the community.
-
-**Consequence**: A private, written warning from community leaders, providing
-clarity around the nature of the violation and an explanation of why the
-behavior was inappropriate. A public apology may be requested.
-
-### 2. Warning
-
-**Community Impact**: A violation through a single incident or series of
-actions.
-
-**Consequence**: A warning with consequences for continued behavior. No
-interaction with the people involved, including unsolicited interaction with
-those enforcing the Code of Conduct, for a specified period of time. This
-includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or permanent
-ban.
-
-### 3. Temporary Ban
-
-**Community Impact**: A serious violation of community standards, including
-sustained inappropriate behavior.
-
-**Consequence**: A temporary ban from any sort of interaction or public
-communication with the community for a specified period of time. No public or
-private interaction with the people involved, including unsolicited interaction
-with those enforcing the Code of Conduct, is allowed during this period.
-Violating these terms may lead to a permanent ban.
-
-### 4. Permanent Ban
-
-**Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior, harassment of an
-individual, or aggression toward or disparagement of classes of individuals.
-
-**Consequence**: A permanent ban from any sort of public interaction within the
-community.
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
 
 ## Attribution
 
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.1, available at
-[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
 
-Community Impact Guidelines were inspired by
-[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
-
-For answers to common questions about this code of conduct, see the FAQ at
-[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
-[https://www.contributor-covenant.org/translations][translations].
-
-[homepage]: https://www.contributor-covenant.org
-[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
-[Mozilla CoC]: https://github.com/mozilla/diversity
-[FAQ]: https://www.contributor-covenant.org/faq
-[translations]: https://www.contributor-covenant.org/translations
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

CONTRIBUTING.md

@@ -1,4 +1,5 @@
-# Contributing
+Contributing
+============
 
 Thank you for considering contributing to Mastodon 🐘
 
@@ -13,27 +14,19 @@ If your contributions are accepted into Mastodon, you can request to be paid thr
 
 ## Bug reports
 
-Bug reports and feature suggestions must use descriptive and concise titles and be submitted to [GitHub Issues](https://github.com/mastodon/mastodon/issues). Please use the search function to make sure that you are not submitting duplicates, and that a similar report or request has not already been resolved or rejected.
+Bug reports and feature suggestions can be submitted to [GitHub Issues](https://github.com/tootsuite/mastodon/issues). Please make sure that you are not submitting duplicates, and that a similar report or request has not already been resolved or rejected in the past using the search function. Please also use descriptive, concise titles.
 
 ## Translations
 
-You can submit translations via [Crowdin](https://crowdin.com/project/mastodon). They are periodically merged into the codebase.
+You can submit translations via [Weblate](https://weblate.joinmastodon.org/). They are periodically merged into the codebase.
 
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)](https://crowdin.com/project/mastodon)
+[![Mastodon translation statistics by language](https://weblate.joinmastodon.org/widgets/mastodon/-/multi-auto.svg)](https://weblate.joinmastodon.org/)
 
 ## Pull requests
 
-**Please use clean, concise titles for your pull requests.** Unless the pull request is about refactoring code, updating dependencies or other internal tasks, assume that the person reading the pull request title is not a programmer or Mastodon developer, but instead a Mastodon user or server administrator, and **try to describe your change or fix from their perspective**. We use commit squashing, so the final commit in the main branch will carry the title of the pull request, and commits from the main branch are fed into the changelog. The changelog is separated into [keepachangelog.com categories](https://keepachangelog.com/en/1.0.0/), and while that spec does not prescribe how the entries ought to be named, for easier sorting, start your pull request titles using one of the verbs "Add", "Change", "Deprecate", "Remove", or "Fix" (present tense).
+Please use clean, concise titles for your pull requests. We use commit squashing, so the final commit in the master branch will carry the title of the pull request.
 
-Example:
-
-| Not ideal                            | Better                                                        |
-| ------------------------------------ | ------------------------------------------------------------- |
-| Fixed NoMethodError in RemovalWorker | Fix nil error when removing statuses caused by race condition |
-
-It is not always possible to phrase every change in such a manner, but it is desired.
-
-**The smaller the set of changes in the pull request is, the quicker it can be reviewed and merged.** Splitting tasks into multiple smaller pull requests is often preferable.
+The smaller the set of changes in the pull request is, the quicker it can be reviewed and merged. Splitting tasks into multiple smaller pull requests is often preferable.
 
 **Pull requests that do not pass automated checks may not be reviewed**. In particular, you need to keep in mind:
 
@@ -43,4 +36,4 @@ It is not always possible to phrase every change in such a manner, but it is des
 
 ## Documentation
 
-The [Mastodon documentation](https://docs.joinmastodon.org) is a statically generated site. You can [submit merge requests to mastodon/documentation](https://github.com/mastodon/documentation).
+The [Mastodon documentation](https://docs.joinmastodon.org) is a statically generated site. You can [submit merge requests to mastodon/docs](https://source.joinmastodon.org/mastodon/docs).

Capfile

@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-
 require 'capistrano/setup'
 require 'capistrano/deploy'
 require 'capistrano/scm/git'

Dockerfile

@@ -1,105 +1,90 @@
-# syntax=docker/dockerfile:1.4
-# This needs to be bookworm-slim because the Ruby image is built on bookworm-slim
-ARG NODE_VERSION="20.6-bookworm-slim"
+FROM node:8.15-alpine as node
+FROM ruby:2.6-alpine3.8
 
-FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.3-slim as ruby
-FROM node:${NODE_VERSION} as build
+LABEL maintainer="https://github.com/tootsuite/mastodon" \
+      description="Your self-hosted, globally interconnected microblogging community"
 
-COPY --link --from=ruby /opt/ruby /opt/ruby
+ARG UID=991
+ARG GID=991
 
-ENV DEBIAN_FRONTEND="noninteractive" \
-    PATH="${PATH}:/opt/ruby/bin"
+ENV PATH=/mastodon/bin:$PATH \
+    RAILS_SERVE_STATIC_FILES=true \
+    RAILS_ENV=production \
+    NODE_ENV=production
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+ARG LIBICONV_VERSION=1.15
+ARG LIBICONV_DOWNLOAD_SHA256=ccf536620a45458d26ba83887a983b96827001e92a13847b45e4925cc8913178
 
-WORKDIR /opt/mastodon
-COPY Gemfile* package.json yarn.lock /opt/mastodon/
-
-# hadolint ignore=DL3008
-RUN apt-get update && \
-    apt-get -yq dist-upgrade && \
-    apt-get install -y --no-install-recommends build-essential \
-        git \
-        libicu-dev \
-        libidn-dev \
-        libpq-dev \
-        libjemalloc-dev \
-        zlib1g-dev \
-        libgdbm-dev \
-        libgmp-dev \
-        libssl-dev \
-        libyaml-0-2 \
-        ca-certificates \
-        libreadline8 \
-        python3 \
-        shared-mime-info && \
-    bundle config set --local deployment 'true' && \
-    bundle config set --local without 'development test' && \
-    bundle config set silence_root_warning true && \
-    bundle install -j"$(nproc)" && \
-    yarn install --pure-lockfile --production --network-timeout 600000 && \
-    yarn cache clean
-
-FROM node:${NODE_VERSION}
-
-# Use those args to specify your own version flags & suffixes
-ARG MASTODON_VERSION_PRERELEASE=""
-ARG MASTODON_VERSION_METADATA=""
-
-ARG UID="991"
-ARG GID="991"
-
-COPY --link --from=ruby /opt/ruby /opt/ruby
-
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-ENV DEBIAN_FRONTEND="noninteractive" \
-    PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
-
-# Ignoring these here since we don't want to pin any versions and the Debian image removes apt-get content after use
-# hadolint ignore=DL3008,DL3009
-RUN apt-get update && \
-    echo "Etc/UTC" > /etc/localtime && \
-    groupadd -g "${GID}" mastodon && \
-    useradd -l -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \
-    apt-get -y --no-install-recommends install whois \
-        wget \
-        procps \
-        libssl3 \
-        libpq5 \
-        imagemagick \
-        ffmpeg \
-        libjemalloc2 \
-        libicu72 \
-        libidn12 \
-        libyaml-0-2 \
-        file \
-        ca-certificates \
-        tzdata \
-        libreadline8 \
-        tini && \
-    ln -s /opt/mastodon /mastodon
-
-# Note: no, cleaning here since Debian does this automatically
-# See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
-
-COPY --chown=mastodon:mastodon . /opt/mastodon
-COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
-
-ENV RAILS_ENV="production" \
-    NODE_ENV="production" \
-    RAILS_SERVE_STATIC_FILES="true" \
-    BIND="0.0.0.0" \
-    MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
-    MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}"
-
-# Set the run user
-USER mastodon
-WORKDIR /opt/mastodon
-
-# Precompile assets
-RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile
-
-# Set the work dir and the container entry point
-ENTRYPOINT ["/usr/bin/tini", "--"]
 EXPOSE 3000 4000
+
+WORKDIR /mastodon
+
+COPY --from=node /usr/local/bin/node /usr/local/bin/node
+COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
+COPY --from=node /usr/local/bin/npm /usr/local/bin/npm
+COPY --from=node /opt/yarn-* /opt/yarn
+
+RUN apk -U upgrade \
+ && apk add -t build-dependencies \
+    build-base \
+    icu-dev \
+    libidn-dev \
+    libressl \
+    libtool \
+    libxml2-dev \
+    libxslt-dev \
+    postgresql-dev \
+    protobuf-dev \
+    python \
+ && apk add \
+    ca-certificates \
+    ffmpeg \
+    file \
+    git \
+    icu-libs \
+    imagemagick \
+    libidn \
+    libpq \
+    libxml2 \
+    libxslt \
+    protobuf \
+    tini \
+    tzdata \
+ && update-ca-certificates \
+ && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
+ && ln -s /opt/yarn/bin/yarnpkg /usr/local/bin/yarnpkg \
+ && mkdir -p /tmp/src /opt \
+ && wget -O libiconv.tar.gz "https://ftp.gnu.org/pub/gnu/libiconv/libiconv-$LIBICONV_VERSION.tar.gz" \
+ && echo "$LIBICONV_DOWNLOAD_SHA256 *libiconv.tar.gz" | sha256sum -c - \
+ && tar -xzf libiconv.tar.gz -C /tmp/src \
+ && rm libiconv.tar.gz \
+ && cd /tmp/src/libiconv-$LIBICONV_VERSION \
+ && ./configure --prefix=/usr/local \
+ && make -j$(getconf _NPROCESSORS_ONLN)\
+ && make install \
+ && libtool --finish /usr/local/lib \
+ && cd /mastodon \
+ && rm -rf /tmp/* /var/cache/apk/*
+
+COPY Gemfile Gemfile.lock package.json yarn.lock .yarnclean /mastodon/
+
+RUN bundle config build.nokogiri --use-system-libraries --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
+ && bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without test development \
+ && yarn install --pure-lockfile --ignore-engines \
+ && yarn cache clean
+
+RUN addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon \
+ && mkdir -p /mastodon/public/system /mastodon/public/assets /mastodon/public/packs \
+ && chown -R mastodon:mastodon /mastodon/public
+
+COPY . /mastodon
+
+RUN chown -R mastodon:mastodon /mastodon
+
+VOLUME /mastodon/public/system
+
+USER mastodon
+
+RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile
+
+ENTRYPOINT ["/sbin/tini", "--"]

FEDERATION.md

@@ -1,31 +0,0 @@
-## ActivityPub federation in Mastodon
-
-Mastodon largely follows the ActivityPub server-to-server specification but it makes uses of some non-standard extensions, some of which are required for interacting with Mastodon at all.
-
-Supported vocabulary: https://docs.joinmastodon.org/spec/activitypub/
-
-### Required extensions
-
-#### Webfinger
-
-In Mastodon, users are identified by a `username` and `domain` pair (e.g., `Gargron@mastodon.social`).
-This is used both for discovery and for unambiguously mentioning users across the fediverse. Furthermore, this is part of Mastodon's database design from its very beginnings.
-
-As a result, Mastodon requires that each ActivityPub actor uniquely maps back to an `acct:` URI that can be resolved via WebFinger.
-
-More information and examples are available at: https://docs.joinmastodon.org/spec/webfinger/
-
-#### HTTP Signatures
-
-In order to authenticate activities, Mastodon relies on HTTP Signatures, signing every `POST` and `GET` request to other ActivityPub implementations on behalf of the user authoring an activity (for `POST` requests) or an actor representing the Mastodon server itself (for most `GET` requests).
-
-Mastodon requires all `POST` requests to be signed, and MAY require `GET` requests to be signed, depending on the configuration of the Mastodon server.
-
-More information on HTTP Signatures, as well as examples, can be found here: https://docs.joinmastodon.org/spec/security/#http
-
-### Optional extensions
-
-- Linked-Data Signatures: https://docs.joinmastodon.org/spec/security/#ld
-- Bearcaps: https://docs.joinmastodon.org/spec/bearcaps/
-- Followers collection synchronization: https://codeberg.org/fediverse/fep/src/branch/main/fep/8fcf/fep-8fcf.md
-- Search indexing consent for actors: https://codeberg.org/fediverse/fep/src/branch/main/fep/5feb/fep-5feb.md

Gemfile

@@ -1,207 +1,149 @@
 # frozen_string_literal: true
 
 source 'https://rubygems.org'
-ruby '>= 3.0.0'
+ruby '>= 2.4.0', '< 2.7.0'
 
-gem 'puma', '~> 6.3'
-gem 'rails', '~> 7.0'
-gem 'sprockets', '~> 3.7.2'
-gem 'thor', '~> 1.2'
-gem 'rack', '~> 2.2.7'
+gem 'pkg-config', '~> 1.3'
 
-gem 'haml-rails', '~>2.0'
-gem 'pg', '~> 1.5'
-gem 'pghero'
-gem 'dotenv-rails', '~> 2.8'
+gem 'puma', '~> 3.12'
+gem 'rails', '~> 5.2.2'
+gem 'thor', '~> 0.20'
 
-gem 'aws-sdk-s3', '~> 1.123', require: false
-gem 'fog-core', '<= 2.4.0'
+gem 'hamlit-rails', '~> 0.2'
+gem 'pg', '~> 1.1'
+gem 'makara', '~> 0.4'
+gem 'pghero', '~> 2.2'
+gem 'dotenv-rails', '~> 2.6'
+
+gem 'aws-sdk-s3', '~> 1.30', require: false
+gem 'fog-core', '<= 2.1.0'
 gem 'fog-openstack', '~> 0.3', require: false
-gem 'kt-paperclip', '~> 7.2'
-gem 'md-paperclip-azure', '~> 2.2', require: false
-gem 'blurhash', '~> 0.1'
+gem 'paperclip', '~> 6.0'
+gem 'paperclip-av-transcoder', '~> 0.6'
+gem 'streamio-ffmpeg', '~> 3.0'
 
 gem 'active_model_serializers', '~> 0.10'
-gem 'addressable', '~> 2.8'
-gem 'bootsnap', '~> 1.16.0', require: false
+gem 'addressable', '~> 2.6'
+gem 'bootsnap', '~> 1.3', require: false
 gem 'browser'
-gem 'charlock_holmes', '~> 0.7.7'
-gem 'chewy', '~> 7.3'
-gem 'devise', '~> 4.9'
-gem 'devise-two-factor', '~> 4.1'
+gem 'charlock_holmes', '~> 0.7.6'
+gem 'iso-639'
+gem 'chewy', '~> 5.0'
+gem 'cld3', '~> 3.2.3'
+gem 'devise', '~> 4.5'
+gem 'devise-two-factor', '~> 3.0'
 
 group :pam_authentication, optional: true do
   gem 'devise_pam_authenticatable2', '~> 9.2'
 end
 
-gem 'net-ldap', '~> 0.18'
+gem 'net-ldap', '~> 0.10'
+gem 'omniauth-cas', '~> 1.1'
+gem 'omniauth-saml', '~> 1.10'
+gem 'omniauth', '~> 1.9'
 
-# TODO: Point back at released omniauth-cas gem when PR merged
-# https://github.com/dlindahl/omniauth-cas/pull/68
-gem 'omniauth-cas', github: 'stanhu/omniauth-cas', ref: '4211e6d05941b4a981f9a36b49ec166cecd0e271'
-gem 'omniauth-saml', '~> 2.0'
-gem 'omniauth_openid_connect', '~> 0.6.1'
-gem 'omniauth', '~> 2.0'
-gem 'omniauth-rails_csrf_protection', '~> 1.0'
-
-gem 'color_diff', '~> 0.1'
-gem 'discard', '~> 1.2'
-gem 'doorkeeper', '~> 5.6'
-gem 'ed25519', '~> 1.3'
+gem 'doorkeeper', '~> 5.0'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
+gem 'goldfinger', '~> 2.1'
 gem 'hiredis', '~> 0.6'
-gem 'redis-namespace', '~> 1.10'
+gem 'redis-namespace', '~> 1.5'
 gem 'htmlentities', '~> 4.3'
-gem 'http', '~> 5.1'
+gem 'http', '~> 3.3'
 gem 'http_accept_language', '~> 2.1'
-gem 'httplog', '~> 1.6.2'
+gem 'http_parser.rb', '~> 0.6', git: 'https://github.com/tmm1/http_parser.rb', ref: '54b17ba8c7d8d20a16dfc65d1775241833219cf2'
+gem 'httplog', '~> 1.2'
 gem 'idn-ruby', require: 'idn'
-gem 'kaminari', '~> 1.2'
+gem 'kaminari', '~> 1.1'
 gem 'link_header', '~> 0.0'
-gem 'mime-types', '~> 3.5.0', require: 'mime/types/columnar'
-gem 'nokogiri', '~> 1.15'
-gem 'nsa'
-gem 'oj', '~> 3.14'
-gem 'ox', '~> 2.14'
-gem 'parslet'
-gem 'public_suffix', '~> 5.0'
-gem 'pundit', '~> 2.3'
+gem 'mime-types', '~> 3.2', require: 'mime/types/columnar'
+gem 'nokogiri', '~> 1.10'
+gem 'nsa', '~> 0.2'
+gem 'oj', '~> 3.7'
+gem 'ostatus2', '~> 2.0'
+gem 'ox', '~> 2.10'
+gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
+gem 'pundit', '~> 2.0'
 gem 'premailer-rails'
-gem 'rack-attack', '~> 6.6'
-gem 'rack-cors', '~> 2.0', require: 'rack/cors'
-gem 'rails-i18n', '~> 7.0'
-gem 'rails-settings-cached', '~> 0.6', git: 'https://github.com/mastodon/rails-settings-cached.git', branch: 'v0.6.6-aliases-true'
-gem 'redcarpet', '~> 3.6'
-gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
+gem 'rack-attack', '~> 5.4'
+gem 'rack-cors', '~> 1.0', require: 'rack/cors'
+gem 'rails-i18n', '~> 5.1'
+gem 'rails-settings-cached', '~> 0.6'
+gem 'redis', '~> 4.1', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
-gem 'rqrcode', '~> 2.2'
-gem 'ruby-progressbar', '~> 1.13'
-gem 'sanitize', '~> 6.0'
-gem 'scenic', '~> 1.7'
-gem 'sidekiq', '~> 6.5'
-gem 'sidekiq-scheduler', '~> 5.0'
-gem 'sidekiq-unique-jobs', '~> 7.1'
-gem 'sidekiq-bulk', '~> 0.2.0'
-gem 'simple-navigation', '~> 4.4'
-gem 'simple_form', '~> 5.2'
-gem 'sprockets-rails', '~> 3.4', require: 'sprockets/railtie'
-gem 'stoplight', '~> 3.0.1'
-gem 'strong_migrations', '~> 0.8'
-gem 'tty-prompt', '~> 0.23', require: false
-gem 'twitter-text', '~> 3.1.0'
-gem 'tzinfo-data', '~> 1.2023'
-gem 'webpacker', '~> 5.4'
-gem 'webpush', github: 'ClearlyClaire/webpush', ref: 'f14a4d52e201128b1b00245d11b6de80d6cfdcd9'
-gem 'webauthn', '~> 3.0'
+gem 'rqrcode', '~> 0.10'
+gem 'sanitize', '~> 5.0'
+gem 'sidekiq', '~> 5.2'
+gem 'sidekiq-scheduler', '~> 3.0'
+gem 'sidekiq-unique-jobs', '~> 6.0'
+gem 'sidekiq-bulk', '~>0.2.0'
+gem 'simple-navigation', '~> 4.0'
+gem 'simple_form', '~> 4.1'
+gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie'
+gem 'stoplight', '~> 2.1.3'
+gem 'strong_migrations', '~> 0.3'
+gem 'tty-command', '~> 0.8', require: false
+gem 'tty-prompt', '~> 0.18', require: false
+gem 'twitter-text', '~> 1.14'
+gem 'tzinfo-data', '~> 1.2018'
+gem 'webpacker', '~> 3.5'
+gem 'webpush'
 
-gem 'json-ld'
-gem 'json-ld-preloaded', '~> 3.2'
-gem 'rdf-normalize', '~> 0.5'
+gem 'json-ld', '~> 3.0'
+gem 'json-ld-preloaded', '~> 3.0'
+gem 'rdf-normalize', '~> 0.3'
 
-gem 'private_address_check', '~> 0.5'
+group :development, :test do
+  gem 'fabrication', '~> 2.20'
+  gem 'fuubar', '~> 2.3'
+  gem 'i18n-tasks', '~> 0.9', require: false
+  gem 'pry-byebug', '~> 3.6'
+  gem 'pry-rails', '~> 0.3'
+  gem 'rspec-rails', '~> 3.8'
+end
+
+group :production, :test do
+  gem 'private_address_check', '~> 0.5'
+end
 
 group :test do
-  # Used to split testing into chunks in CI
-  gem 'rspec_chunked', '~> 0.6'
-
-  # RSpec progress bar formatter
-  gem 'fuubar', '~> 2.5'
-
-  # Extra RSpec extenion methods and helpers for sidekiq
-  gem 'rspec-sidekiq', '~> 4.0'
-
-  # Browser integration testing
-  gem 'capybara', '~> 3.39'
-  gem 'selenium-webdriver'
-
-  # Used to reset the database between system tests
-  gem 'database_cleaner-active_record'
-
-  # Used to mock environment variables
+  gem 'capybara', '~> 3.12'
   gem 'climate_control', '~> 0.2'
-
-  # Generating fake data for specs
-  gem 'faker', '~> 3.2'
-
-  # Generate test objects for specs
-  gem 'fabrication', '~> 2.30'
-
-  # Add back helpers functions removed in Rails 5.1
+  gem 'faker', '~> 1.9'
+  gem 'microformats', '~> 4.0'
   gem 'rails-controller-testing', '~> 1.0'
-
-  # Validate schemas in specs
-  gem 'json-schema', '~> 4.0'
-
-  # Test harness fo rack components
-  gem 'rack-test', '~> 2.1'
-
-  # Coverage formatter for RSpec test if DISABLE_SIMPLECOV is false
-  gem 'simplecov', '~> 0.22', require: false
-
-  # Stub web requests for specs
-  gem 'webmock', '~> 3.18'
+  gem 'rspec-sidekiq', '~> 3.0'
+  gem 'simplecov', '~> 0.16', require: false
+  gem 'webmock', '~> 3.5'
+  gem 'parallel_tests', '~> 2.27'
 end
 
 group :development do
-  # Code linting CLI and plugins
-  gem 'rubocop', require: false
-  gem 'rubocop-capybara', require: false
-  gem 'rubocop-performance', require: false
-  gem 'rubocop-rails', require: false
-  gem 'rubocop-rspec', require: false
+  gem 'active_record_query_trace', '~> 1.5'
+  gem 'annotate', '~> 2.7'
+  gem 'better_errors', '~> 2.5'
+  gem 'binding_of_caller', '~> 0.7'
+  gem 'bullet', '~> 5.9'
+  gem 'letter_opener', '~> 1.7'
+  gem 'letter_opener_web', '~> 1.3'
+  gem 'memory_profiler'
+  gem 'rubocop', '~> 0.63', require: false
+  gem 'brakeman', '~> 4.4', require: false
+  gem 'bundler-audit', '~> 0.6', require: false
+  gem 'scss_lint', '~> 0.57', require: false
 
-  # Annotates modules with schema
-  gem 'annotate', '~> 3.2'
-
-  # Enhanced error message pages for development
-  gem 'better_errors', '~> 2.9'
-  gem 'binding_of_caller', '~> 1.0'
-
-  # Preview mail in the browser
-  gem 'letter_opener', '~> 1.8'
-  gem 'letter_opener_web', '~> 2.0'
-
-  # Security analysis CLI tools
-  gem 'brakeman', '~> 6.0', require: false
-  gem 'bundler-audit', '~> 0.9', require: false
-
-  # Linter CLI for HAML files
-  gem 'haml_lint', require: false
-
-  # Deployment automation
-  gem 'capistrano', '~> 3.17'
-  gem 'capistrano-rails', '~> 1.6'
-  gem 'capistrano-rbenv', '~> 2.2'
+  gem 'capistrano', '~> 3.11'
+  gem 'capistrano-rails', '~> 1.4'
+  gem 'capistrano-rbenv', '~> 2.1'
   gem 'capistrano-yarn', '~> 2.0'
 
-  # Validate missing i18n keys
-  gem 'i18n-tasks', '~> 1.0', require: false
-end
-
-group :development, :test do
-  # Profiling tools
-  gem 'memory_profiler', require: false
-  gem 'ruby-prof', require: false
-  gem 'stackprof', require: false
-  gem 'test-prof'
-
-  # RSpec runner for rails
-  gem 'rspec-rails', '~> 6.0'
+  gem 'derailed_benchmarks'
+  gem 'stackprof'
 end
 
 group :production do
-  gem 'lograge', '~> 0.12'
+  gem 'lograge', '~> 0.10'
+  gem 'redis-rails', '~> 5.0'
 end
 
 gem 'concurrent-ruby', require: false
-gem 'connection_pool', require: false
-gem 'xorcist', '~> 1.1'
-gem 'cocoon', '~> 1.2'
-
-gem 'net-http', '~> 0.3.2'
-gem 'rubyzip', '~> 2.3'
-
-gem 'hcaptcha', '~> 7.1'
-
-gem 'mail', '~> 2.8'

Procfile

@@ -1,14 +1,2 @@
-web: bin/heroku-web
+web: bundle exec puma -C config/puma.rb
 worker: bundle exec sidekiq
-
-# For the streaming API, you need a separate app that shares Postgres and Redis:
-#
-# heroku create
-# heroku buildpacks:add heroku/nodejs
-# heroku config:set RUN_STREAMING=true
-# heroku addons:attach <main-app>::DATABASE
-# heroku addons:attach <main-app>::REDIS
-#
-# and let the main app use the separate app:
-#
-# heroku config:set STREAMING_API_BASE_URL=wss://<streaming-app>.herokuapp.com -a <main-app>

Procfile.dev

@@ -1,4 +1,4 @@
-web: env PORT=3000 RAILS_ENV=development bundle exec puma -C config/puma.rb
-sidekiq: env PORT=3000 RAILS_ENV=development bundle exec sidekiq
+web: env PORT=3000 bundle exec puma -C config/puma.rb
+sidekiq: env PORT=3000 bundle exec sidekiq
 stream: env PORT=4000 yarn run start
-webpack: bin/webpack-dev-server
+webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0

README.md

@@ -1,23 +1,95 @@
-# Mastodon - Paravielfalt Edition
+![Mastodon](https://i.imgur.com/NhZc40l.png)
+========
 
-Dieses Repository enthält den Quellcode für [paravielfalt.zone](https://paravielfalt.zone).
+[![GitHub release](https://img.shields.io/github/release/tootsuite/mastodon.svg)][releases]
+[![Build Status](https://img.shields.io/circleci/project/github/tootsuite/mastodon.svg)][circleci]
+[![Code Climate](https://img.shields.io/codeclimate/maintainability/tootsuite/mastodon.svg)][code_climate]
+[![Translation status](https://weblate.joinmastodon.org/widgets/mastodon/-/svg-badge.svg)][weblate]
+[![Docker Pulls](https://img.shields.io/docker/pulls/tootsuite/mastodon.svg)][docker]
 
-Die Instanz basiert auf Mastodon und ist vom offiziellen Quellcode-Repository geforkt: <https://github.com/mastodon/mastodon>.
+[releases]: https://github.com/tootsuite/mastodon/releases
+[circleci]: https://circleci.com/gh/tootsuite/mastodon
+[code_climate]: https://codeclimate.com/github/tootsuite/mastodon
+[weblate]: https://weblate.joinmastodon.org/engage/mastodon/
+[docker]: https://hub.docker.com/r/tootsuite/mastodon/
 
-## Änderungsübersicht
+Mastodon is a **free, open-source social network server** based on ActivityPub. Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. All servers of Mastodon are interoperable as a federated network, i.e. users on one server can seamlessly communicate with users from another one. This includes non-Mastodon software that also implements ActivityPub!
 
-Gegenüber der Mastodon-Standardinstallation gibt es folgende Änderungen.
+Click below to **learn more** in a video:
 
-- Zeichenlimit von 500 auf 1500 Zeichen erhöht
+[![Screenshot](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/ezgif-2-60f1b00403.gif)][youtube_demo]
 
-[Vollständige Liste aller Änderungen](https://git.wir-sind-auch-menschen.de/paravielfalt/mastodon/compare/stable-4.1...paravielfalt-4.1).
+[youtube_demo]: https://www.youtube.com/watch?v=IPSbNdBmWKE
 
-## Neue Version bauen
+## Navigation
 
-```sh
-git tag v4.2.0-pvz$(date '+%y%m%d%H%M')
-```
+- [Project homepage 🐘](https://joinmastodon.org)
+- [Support the development via Patreon][patreon]
+- [View sponsors](https://joinmastodon.org/sponsors)
+- [Blog](https://blog.joinmastodon.org)
+- [Documentation](https://docs.joinmastodon.org)
+- [Browse Mastodon servers](https://joinmastodon.org/#getting-started)
+- [Browse Mastodon apps](https://joinmastodon.org/apps)
 
-```sh
-git push --tag
-```
+[patreon]: https://www.patreon.com/mastodon
+
+## Features
+
+<img src="https://docs.joinmastodon.org/elephant.svg" align="right" width="30%" />
+
+**No vendor lock-in: Fully interoperable with any conforming platform**
+
+It doesn't have to be Mastodon, whatever implements ActivityPub is part of the social network! [Learn more](https://blog.joinmastodon.org/2018/06/why-activitypub-is-the-future/)
+
+**Real-time, chronological timeline updates**
+
+See the updates of people you're following appear in real-time in the UI via WebSockets. There's a firehose view as well!
+
+**Media attachments like images and short videos**
+
+Upload and view images and WebM/MP4 videos attached to the updates. Videos with no audio track are treated like GIFs; normal videos are looped - like vines!
+
+**Safety and moderation tools**
+
+Private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
+
+**OAuth2 and a straightforward REST API**
+
+Mastodon acts as an OAuth2 provider so 3rd party apps can use the REST and Streaming APIs, resulting in a rich app ecosystem with a lot of choice!
+
+## Deployment
+
+**Tech stack:**
+
+- **Ruby on Rails** powers the REST API and other web pages
+- **React.js** and Redux are used for the dynamic parts of the interface
+- **Node.js** powers the streaming API
+
+**Requirements:**
+
+- **PostgreSQL** 9.5+
+- **Redis**
+- **Ruby** 2.4+
+- **Node.js** 8+
+
+The repository includes deployment configurations for **Docker and docker-compose**, but also a few specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. The [**stand-alone** installation guide](https://docs.joinmastodon.org/administration/installation/) is available in the documentation.
+
+A **Vagrant** configuration is included for development purposes.
+
+## Contributing
+
+Mastodon is **free, open source software** licensed under **AGPLv3**.
+
+You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository, or submit translations using Weblate. To get started, take a look at [CONTRIBUTING.md](CONTRIBUTING.md). If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
+
+**IRC channel**: #mastodon on irc.freenode.net
+
+## License
+
+Copyright (C) 2016-2019 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
+
+This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.

Rakefile

@@ -1,8 +1,6 @@
-# frozen_string_literal: true
-
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
 
-require File.expand_path('config/application', __dir__)
+require File.expand_path('../config/application', __FILE__)
 
 Rails.application.load_tasks

SECURITY.md

@@ -1,20 +0,0 @@
-# Security Policy
-
-If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can either:
-
-- open a [Github security issue on the Mastodon project](https://github.com/mastodon/mastodon/security/advisories/new)
-- reach us at <security@joinmastodon.org>
-
-You should _not_ report such issues on public GitHub issues or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
-
-## Scope
-
-A "vulnerability in Mastodon" is a vulnerability in the code distributed through our main source code repository on GitHub. Vulnerabilities that are specific to a given installation (e.g. misconfiguration) should be reported to the owner of that installation and not us.
-
-## Supported Versions
-
-| Version | Supported |
-| ------- | --------- |
-| 4.2.x   | Yes       |
-| 4.1.x   | Yes       |
-| < 4.1   | No        |

Vagrantfile

@@ -3,14 +3,16 @@
 
 ENV["PORT"] ||= "3000"
 
-$provisionA = <<SCRIPT
+$provision = <<SCRIPT
+
+cd /vagrant # This is where the host folder/repo is mounted
 
 # Add the yarn repo + yarn repo keys
 curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 sudo apt-add-repository 'deb https://dl.yarnpkg.com/debian/ stable main'
 
 # Add repo for NodeJS
-curl -sL https://deb.nodesource.com/setup_16.x | sudo bash -
+curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -
 
 # Add firewall rule to redirect 80 to PORT and save
 sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port #{ENV["PORT"]}
@@ -31,111 +33,61 @@ sudo apt-get install \
   redis-tools \
   postgresql \
   postgresql-contrib \
+  protobuf-compiler \
+  yarn \
   libicu-dev \
   libidn11-dev \
-  libreadline6-dev \
-  autoconf \
-  bison \
-  build-essential \
-  ffmpeg \
-  file \
-  gcc \
-  libffi-dev \
-  libgdbm-dev \
-  libjemalloc-dev \
-  libncurses5-dev \
   libprotobuf-dev \
-  libssl-dev \
-  libyaml-dev \
-  pkg-config \
-  protobuf-compiler \
-  zlib1g-dev \
+  libreadline-dev \
+  libpam0g-dev \
   -y
 
 # Install rvm
-sudo apt-add-repository -y ppa:rael-gc/rvm
-sudo apt-get install rvm -y
-
-sudo usermod -a -G rvm $USER
-
-SCRIPT
-
-$provisionElasticsearch = <<SCRIPT
-# Install Elastic Search
-sudo apt install openjdk-17-jre-headless -y
-sudo wget -O /usr/share/keyrings/elasticsearch.asc https://artifacts.elastic.co/GPG-KEY-elasticsearch
-sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
-sudo apt update
-sudo apt install elasticsearch -y
-
-sudo systemctl daemon-reload
-sudo systemctl enable --now elasticsearch
-
-echo 'path.data: /var/lib/elasticsearch
-path.logs: /var/log/elasticsearch
-network.host: 0.0.0.0
-http.port: 9200
-discovery.seed_hosts: ["localhost"]
-cluster.initial_master_nodes: ["node-1"]
-xpack.security.enabled: false' > /etc/elasticsearch/elasticsearch.yml
-
-sudo systemctl restart elasticsearch
-
-# Install Kibana
-sudo apt install kibana -y
-sudo systemctl enable --now kibana
-
-echo 'server.host: "0.0.0.0"
-elasticsearch.hosts: ["http://localhost:9200"]' > /etc/kibana/kibana.yml
-
-sudo systemctl restart kibana
-
-SCRIPT
-
-$provisionB = <<SCRIPT
-
-source "/etc/profile.d/rvm.sh"
+read RUBY_VERSION < .ruby-version
+gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
+curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer | bash -s stable --ruby=$RUBY_VERSION
+source /home/vagrant/.rvm/scripts/rvm
 
 # Install Ruby
-read RUBY_VERSION < /vagrant/.ruby-version
-rvm install ruby-$RUBY_VERSION --disable-binary
+rvm reinstall ruby-$RUBY_VERSION --disable-binary
 
 # Configure database
 sudo -u postgres createuser -U postgres vagrant -s
 sudo -u postgres createdb -U postgres mastodon_development
 
-cd /vagrant # This is where the host folder/repo is mounted
-
-# Install gems
+# Install gems and node modules
 gem install bundler foreman
 bundle install
-
-# Install node modules
-sudo corepack enable
-yarn set version classic
 yarn install
 
 # Build Mastodon
-export RAILS_ENV=development 
 export $(cat ".env.vagrant" | xargs)
 bundle exec rails db:setup
 
 # Configure automatic loading of environment variable
-echo 'export RAILS_ENV=development' >> ~/.bash_profile
 echo 'export $(cat "/vagrant/.env.vagrant" | xargs)' >> ~/.bash_profile
 
 SCRIPT
 
+$start = <<SCRIPT
+
+echo 'To start server'
+echo '  $ vagrant ssh -c "cd /vagrant && foreman start"'
+
+SCRIPT
+
 VAGRANTFILE_API_VERSION = "2"
 
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
 
-  config.vm.box = "ubuntu/focal64"
+  config.vm.box = "ubuntu/xenial64"
 
   config.vm.provider :virtualbox do |vb|
     vb.name = "mastodon"
-    vb.customize ["modifyvm", :id, "--memory", "8192"]
-    vb.customize ["modifyvm", :id, "--cpus", "3"]
+    vb.customize ["modifyvm", :id, "--memory", "2048"]
+    # Increase the number of CPUs. Uncomment and adjust to
+    # increase performance
+    # vb.customize ["modifyvm", :id, "--cpus", "3"]
 
     # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
     # https://github.com/mitchellh/vagrant/issues/1172
@@ -145,6 +97,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
     # Use "virtio" network interfaces for better performance.
     vb.customize ["modifyvm", :id, "--nictype1", "virtio"]
     vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
+
   end
 
   # This uses the vagrant-hostsupdater plugin, and lets you
@@ -162,7 +115,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
   end
 
   if config.vm.networks.any? { |type, options| type == :private_network }
-    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'actimeo=1']
+    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'actimeo=1']
   else
     config.vm.synced_folder ".", "/vagrant"
   end
@@ -171,20 +124,11 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
   config.vm.network :forwarded_port, guest: 3000, host: 3000
   config.vm.network :forwarded_port, guest: 4000, host: 4000
   config.vm.network :forwarded_port, guest: 8080, host: 8080
-  config.vm.network :forwarded_port, guest: 9200, host: 9200
-  config.vm.network :forwarded_port, guest: 9300, host: 9300
-  config.vm.network :forwarded_port, guest: 9243, host: 9243
-  config.vm.network :forwarded_port, guest: 5601, host: 5601
 
   # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
-  config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
-  # Run with elevated privileges for Elasticsearch installation
-  config.vm.provision :shell, inline: $provisionElasticsearch, privileged: true
-  config.vm.provision :shell, inline: $provisionB, privileged: false
+  config.vm.provision :shell, inline: $provision, privileged: false
 
-  config.vm.post_up_message = <<MESSAGE
-To start server
-  $ vagrant ssh -c "cd /vagrant && foreman start"
-MESSAGE
+  # Start up script, runs on every 'vagrant up'
+  config.vm.provision :shell, inline: $start, run: 'always', privileged: false
 
 end

app.json

@@ -1,8 +1,8 @@
 {
   "name": "Mastodon",
   "description": "A GNU Social-compatible microblogging server",
-  "repository": "https://github.com/mastodon/mastodon",
-  "logo": "https://github.com/mastodon.png",
+  "repository": "https://github.com/tootsuite/mastodon",
+  "logo": "https://github.com/tootsuite.png",
   "env": {
     "HEROKU": {
       "description": "Leave this as true",
@@ -13,6 +13,15 @@
       "description": "The domain that your Mastodon instance will run on (this can be appname.herokuapp.com or a custom domain)",
       "required": true
     },
+    "LOCAL_HTTPS": {
+      "description": "Will your domain support HTTPS? (Automatic for herokuapp, requires manual configuration for custom domains)",
+      "value": "false",
+      "required": true
+    },
+    "PAPERCLIP_SECRET": {
+      "description": "The secret key for storing media files",
+      "generator": "secret"
+    },
     "SECRET_KEY_BASE": {
       "description": "The secret key base",
       "generator": "secret"
@@ -79,13 +88,8 @@
       "description": "SMTP server certificate verification mode. Defaults is 'peer'.",
       "required": false
     },
-    "SMTP_ENABLE_STARTTLS": {
-      "description": "Enable STARTTLS? Default is 'auto'.",
-      "value": "auto",
-      "required": false
-    },
     "SMTP_ENABLE_STARTTLS_AUTO": {
-      "description": "Enable STARTTLS if SMTP server supports it? Deprecated by SMTP_ENABLE_STARTTLS.",
+      "description": "Enable STARTTLS if SMTP server supports it? Default is true.",
       "required": false
     }
   },
@@ -93,6 +97,9 @@
     {
       "url": "https://github.com/heroku/heroku-buildpack-apt"
     },
+    {
+      "url": "heroku/nodejs"
+    },
     {
       "url": "heroku/ruby"
     }
@@ -100,5 +107,8 @@
   "scripts": {
     "postdeploy": "bundle exec rails db:migrate && bundle exec rails db:seed"
   },
-  "addons": ["heroku-postgresql", "heroku-redis"]
+  "addons": [
+    "heroku-postgresql",
+    "heroku-redis"
+  ]
 }

app/chewy/accounts_index.rb

@@ -1,70 +0,0 @@
-# frozen_string_literal: true
-
-class AccountsIndex < Chewy::Index
-  include DatetimeClampingConcern
-
-  settings index: index_preset(refresh_interval: '30s'), analysis: {
-    filter: {
-      english_stop: {
-        type: 'stop',
-        stopwords: '_english_',
-      },
-
-      english_stemmer: {
-        type: 'stemmer',
-        language: 'english',
-      },
-
-      english_possessive_stemmer: {
-        type: 'stemmer',
-        language: 'possessive_english',
-      },
-    },
-
-    analyzer: {
-      natural: {
-        tokenizer: 'standard',
-        filter: %w(
-          lowercase
-          asciifolding
-          cjk_width
-          elision
-          english_possessive_stemmer
-          english_stop
-          english_stemmer
-        ),
-      },
-
-      verbatim: {
-        tokenizer: 'standard',
-        filter: %w(lowercase asciifolding cjk_width),
-      },
-
-      edge_ngram: {
-        tokenizer: 'edge_ngram',
-        filter: %w(lowercase asciifolding cjk_width),
-      },
-    },
-
-    tokenizer: {
-      edge_ngram: {
-        type: 'edge_ngram',
-        min_gram: 1,
-        max_gram: 15,
-      },
-    },
-  }
-
-  index_scope ::Account.searchable.includes(:account_stat)
-
-  root date_detection: false do
-    field(:id, type: 'long')
-    field(:following_count, type: 'long')
-    field(:followers_count, type: 'long')
-    field(:properties, type: 'keyword', value: ->(account) { account.searchable_properties })
-    field(:last_status_at, type: 'date', value: ->(account) { clamp_date(account.last_status_at || account.created_at) })
-    field(:display_name, type: 'text', analyzer: 'verbatim') { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
-    field(:username, type: 'text', analyzer: 'verbatim', value: ->(account) { [account.username, account.domain].compact.join('@') }) { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
-    field(:text, type: 'text', analyzer: 'verbatim', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
-  end
-end

app/chewy/concerns/datetime_clamping_concern.rb

@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-module DatetimeClampingConcern
-  extend ActiveSupport::Concern
-
-  MIN_ISO8601_DATETIME = '0000-01-01T00:00:00Z'.to_datetime.freeze
-  MAX_ISO8601_DATETIME = '9999-12-31T23:59:59Z'.to_datetime.freeze
-
-  class_methods do
-    def clamp_date(datetime)
-      datetime.clamp(MIN_ISO8601_DATETIME, MAX_ISO8601_DATETIME)
-    end
-  end
-end

app/chewy/instances_index.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-class InstancesIndex < Chewy::Index
-  settings index: index_preset(refresh_interval: '30s')
-
-  index_scope ::Instance.searchable
-
-  root date_detection: false do
-    field :domain, type: 'text', index_prefixes: { min_chars: 1, max_chars: 5 }
-    field :accounts_count, type: 'long'
-  end
-end

app/chewy/public_statuses_index.rb

@@ -1,69 +0,0 @@
-# frozen_string_literal: true
-
-class PublicStatusesIndex < Chewy::Index
-  include DatetimeClampingConcern
-
-  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
-    filter: {
-      english_stop: {
-        type: 'stop',
-        stopwords: '_english_',
-      },
-
-      english_stemmer: {
-        type: 'stemmer',
-        language: 'english',
-      },
-
-      english_possessive_stemmer: {
-        type: 'stemmer',
-        language: 'possessive_english',
-      },
-    },
-
-    analyzer: {
-      verbatim: {
-        tokenizer: 'uax_url_email',
-        filter: %w(lowercase),
-      },
-
-      content: {
-        tokenizer: 'standard',
-        filter: %w(
-          lowercase
-          asciifolding
-          cjk_width
-          elision
-          english_possessive_stemmer
-          english_stop
-          english_stemmer
-        ),
-      },
-
-      hashtag: {
-        tokenizer: 'keyword',
-        filter: %w(
-          word_delimiter_graph
-          lowercase
-          asciifolding
-          cjk_width
-        ),
-      },
-    },
-  }
-
-  index_scope ::Status.unscoped
-                      .kept
-                      .indexable
-                      .includes(:media_attachments, :preloadable_poll, :preview_cards, :tags)
-
-  root date_detection: false do
-    field(:id, type: 'long')
-    field(:account_id, type: 'long')
-    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
-    field(:tags, type: 'text', analyzer: 'hashtag', value: ->(status) { status.tags.map(&:display_name) })
-    field(:language, type: 'keyword')
-    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
-    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
-  end
-end

app/chewy/statuses_index.rb

@@ -1,67 +1,61 @@
 # frozen_string_literal: true
 
 class StatusesIndex < Chewy::Index
-  include DatetimeClampingConcern
-
-  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
+  settings index: { refresh_interval: '15m' }, analysis: {
     filter: {
       english_stop: {
         type: 'stop',
         stopwords: '_english_',
       },
-
       english_stemmer: {
         type: 'stemmer',
         language: 'english',
       },
-
       english_possessive_stemmer: {
         type: 'stemmer',
         language: 'possessive_english',
       },
     },
-
     analyzer: {
-      verbatim: {
-        tokenizer: 'uax_url_email',
-        filter: %w(lowercase),
-      },
-
       content: {
-        tokenizer: 'standard',
+        tokenizer: 'uax_url_email',
         filter: %w(
+          english_possessive_stemmer
           lowercase
           asciifolding
           cjk_width
-          elision
-          english_possessive_stemmer
           english_stop
           english_stemmer
         ),
       },
-
-      hashtag: {
-        tokenizer: 'keyword',
-        filter: %w(
-          word_delimiter_graph
-          lowercase
-          asciifolding
-          cjk_width
-        ),
-      },
     },
   }
 
-  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preview_cards, :local_mentioned, :local_favorited, :local_reblogged, :local_bookmarked, :tags, preloadable_poll: :local_voters), delete_if: ->(status) { status.searchable_by.empty? }
+  define_type ::Status.unscoped.without_reblogs.includes(:media_attachments) do
+    crutch :mentions do |collection|
+      data = ::Mention.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
+      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
+    end
 
-  root date_detection: false do
-    field(:id, type: 'long')
-    field(:account_id, type: 'long')
-    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
-    field(:tags, type: 'text', analyzer: 'hashtag',  value: ->(status) { status.tags.map(&:display_name) })
-    field(:searchable_by, type: 'long', value: ->(status) { status.searchable_by })
-    field(:language, type: 'keyword')
-    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
-    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
+    crutch :favourites do |collection|
+      data = ::Favourite.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
+      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
+    end
+
+    crutch :reblogs do |collection|
+      data = ::Status.where(reblog_of_id: collection.map(&:id)).pluck(:reblog_of_id, :account_id)
+      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
+    end
+
+    root date_detection: false do
+      field :account_id, type: 'long'
+
+      field :text, type: 'text', value: ->(status) { [status.spoiler_text, Formatter.instance.plaintext(status)].concat(status.media_attachments.map(&:description)).join("\n\n") } do
+        field :stemmed, type: 'text', analyzer: 'content'
+      end
+
+      field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
+      field :created_at, type: 'date'
+    end
   end
 end

app/chewy/tags_index.rb

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-class TagsIndex < Chewy::Index
-  include DatetimeClampingConcern
-
-  settings index: index_preset(refresh_interval: '30s'), analysis: {
-    analyzer: {
-      content: {
-        tokenizer: 'keyword',
-        filter: %w(
-          word_delimiter_graph
-          lowercase
-          asciifolding
-          cjk_width
-        ),
-      },
-
-      edge_ngram: {
-        tokenizer: 'edge_ngram',
-        filter: %w(
-          lowercase
-          asciifolding
-          cjk_width
-        ),
-      },
-    },
-
-    tokenizer: {
-      edge_ngram: {
-        type: 'edge_ngram',
-        min_gram: 2,
-        max_gram: 15,
-      },
-    },
-  }
-
-  index_scope ::Tag.listable
-
-  crutch :time_period do
-    7.days.ago.to_date..0.days.ago.to_date
-  end
-
-  root date_detection: false do
-    field(:name, type: 'text', analyzer: 'content', value: :display_name) { field(:edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content') }
-    field(:reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? })
-    field(:usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts })
-    field(:last_status_at, type: 'date', value: ->(tag) { clamp_date(tag.last_status_at || tag.created_at) })
-  end
-end

app/controllers/about_controller.rb

@@ -1,19 +1,42 @@
 # frozen_string_literal: true
 
 class AboutController < ApplicationController
-  include WebAppControllerConcern
-
-  skip_before_action :require_functional!
-
-  before_action :set_instance_presenter
+  before_action :set_body_classes
+  before_action :set_instance_presenter, only: [:show, :more, :terms]
 
   def show
-    expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
+    serializable_resource = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(initial_state_params), serializer: InitialStateSerializer)
+    @initial_state_json   = serializable_resource.to_json
+  end
+
+  def more
+    render layout: 'public'
+  end
+
+  def terms
+    render layout: 'public'
   end
 
   private
 
+  def new_user
+    User.new.tap(&:build_account)
+  end
+
+  helper_method :new_user
+
   def set_instance_presenter
     @instance_presenter = InstancePresenter.new
   end
+
+  def set_body_classes
+    @body_classes = 'with-modals'
+  end
+
+  def initial_state_params
+    {
+      settings: { known_fediverse: Setting.show_known_fediverse_at_about_page },
+      token: current_session&.token,
+    }
+  end
 end

app/controllers/account_follow_controller.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class AccountFollowController < ApplicationController
+  include AccountControllerConcern
+
+  before_action :authenticate_user!
+
+  def create
+    FollowService.new.call(current_user.account, @account.acct)
+    redirect_to account_path(@account)
+  end
+end

app/controllers/account_unfollow_controller.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class AccountUnfollowController < ApplicationController
+  include AccountControllerConcern
+
+  before_action :authenticate_user!
+
+  def create
+    UnfollowService.new.call(current_user.account, @account)
+    redirect_to account_path(@account)
+  end
+end

app/controllers/accounts_controller.rb

@@ -1,47 +1,62 @@
 # frozen_string_literal: true
 
 class AccountsController < ApplicationController
-  PAGE_SIZE     = 20
-  PAGE_SIZE_MAX = 200
+  PAGE_SIZE = 20
 
   include AccountControllerConcern
-  include SignatureAuthentication
 
-  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }
-
-  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
-
-  skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
-  skip_before_action :require_functional!, unless: :limited_federation_mode?
+  before_action :set_cache_headers
 
   def show
     respond_to do |format|
       format.html do
-        expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.hour) unless user_signed_in?
+        @body_classes      = 'with-modals'
+        @pinned_statuses   = []
+        @endorsed_accounts = @account.endorsed_accounts.to_a.sample(4)
 
-        @rss_url = rss_url
+        if current_account && @account.blocking?(current_account)
+          @statuses = []
+          return
+        end
+
+        @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses?
+        @statuses        = filtered_status_page(params)
+        @statuses        = cache_collection(@statuses, Status)
+
+        unless @statuses.empty?
+          @older_url = older_url if @statuses.last.id > filtered_statuses.last.id
+          @newer_url = newer_url if @statuses.first.id < filtered_statuses.first.id
+        end
+      end
+
+      format.atom do
+        @entries = @account.stream_entries.where(hidden: false).with_includes.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id])
+        render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, @entries.reject { |entry| entry.status.nil? }))
       end
 
       format.rss do
-        expires_in 1.minute, public: true
-
-        limit     = params[:limit].present? ? [params[:limit].to_i, PAGE_SIZE_MAX].min : PAGE_SIZE
-        @statuses = filtered_statuses.without_reblogs.limit(limit)
-        @statuses = cache_collection(@statuses, Status)
+        @statuses = cache_collection(default_statuses.without_reblogs.without_replies.limit(PAGE_SIZE), Status)
+        render xml: RSS::AccountSerializer.render(@account, @statuses)
       end
 
       format.json do
-        expires_in 3.minutes, public: !(authorized_fetch_mode? && signed_request_account.present?)
-        render_with_cache json: @account, content_type: 'application/activity+json', serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter
+        skip_session!
+
+        render_cached_json(['activitypub', 'actor', @account], content_type: 'application/activity+json') do
+          ActiveModelSerializers::SerializableResource.new(@account, serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter)
+        end
       end
     end
   end
 
   private
 
+  def show_pinned_statuses?
+    [replies_requested?, media_requested?, params[:max_id].present?, params[:min_id].present?].none?
+  end
+
   def filtered_statuses
     default_statuses.tap do |statuses|
-      statuses.merge!(hashtag_scope)    if tag_requested?
       statuses.merge!(only_media_scope) if media_requested?
       statuses.merge!(no_replies_scope) unless replies_requested?
     end
@@ -52,61 +67,53 @@ class AccountsController < ApplicationController
   end
 
   def only_media_scope
-    Status.joins(:media_attachments).merge(@account.media_attachments.reorder(nil)).group(:id)
+    Status.where(id: account_media_status_ids)
+  end
+
+  def account_media_status_ids
+    @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
   end
 
   def no_replies_scope
     Status.without_replies
   end
 
-  def hashtag_scope
-    tag = Tag.find_normalized(params[:tag])
+  def set_account
+    @account = Account.find_local!(params[:username])
+  end
 
-    if tag
-      Status.tagged_with(tag.id)
+  def older_url
+    ::Rails.logger.info("older: max_id #{@statuses.last.id}, url #{pagination_url(max_id: @statuses.last.id)}")
+    pagination_url(max_id: @statuses.last.id)
+  end
+
+  def newer_url
+    pagination_url(min_id: @statuses.first.id)
+  end
+
+  def pagination_url(max_id: nil, min_id: nil)
+    if media_requested?
+      short_account_media_url(@account, max_id: max_id, min_id: min_id)
+    elsif replies_requested?
+      short_account_with_replies_url(@account, max_id: max_id, min_id: min_id)
     else
-      Status.none
-    end
-  end
-
-  def username_param
-    params[:username]
-  end
-
-  def skip_temporary_suspension_response?
-    request.format == :json
-  end
-
-  def rss_url
-    if tag_requested?
-      short_account_tag_url(@account, params[:tag], format: 'rss')
-    else
-      short_account_url(@account, format: 'rss')
+      short_account_url(@account, max_id: max_id, min_id: min_id)
     end
   end
 
   def media_requested?
-    request.path.split('.').first.end_with?('/media') && !tag_requested?
+    request.path.ends_with?('/media')
   end
 
   def replies_requested?
-    request.path.split('.').first.end_with?('/with_replies') && !tag_requested?
+    request.path.ends_with?('/with_replies')
   end
 
-  def tag_requested?
-    request.path.split('.').first.end_with?(Addressable::URI.parse("/tagged/#{params[:tag]}").normalize)
-  end
-
-  def cached_filtered_status_page
-    cache_collection_paginated_by_id(
-      filtered_statuses,
-      Status,
-      PAGE_SIZE,
-      params_slice(:max_id, :min_id, :since_id)
-    )
-  end
-
-  def params_slice(*keys)
-    params.slice(*keys).permit(*keys)
+  def filtered_status_page(params)
+    if params[:min_id].present?
+      filtered_statuses.paginate_by_min_id(PAGE_SIZE, params[:min_id]).reverse
+    else
+      filtered_statuses.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id]).to_a
+    end
   end
 end

app/controllers/activitypub/base_controller.rb

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::BaseController < Api::BaseController
-  skip_before_action :require_authenticated_user!
-  skip_before_action :require_not_suspended!
-  skip_around_action :set_locale
-
-  private
-
-  def skip_temporary_suspension_response?
-    false
-  end
-end

app/controllers/activitypub/claims_controller.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::ClaimsController < ActivityPub::BaseController
-  include SignatureVerification
-  include AccountOwnedConcern
-
-  skip_before_action :authenticate_user!
-
-  before_action :require_account_signature!
-  before_action :set_claim_result
-
-  def create
-    render json: @claim_result, serializer: ActivityPub::OneTimeKeySerializer
-  end
-
-  private
-
-  def set_claim_result
-    @claim_result = ::Keys::ClaimService.new.call(@account.id, params[:id])
-  end
-end

app/controllers/activitypub/collections_controller.rb

@@ -1,75 +1,57 @@
 # frozen_string_literal: true
 
-class ActivityPub::CollectionsController < ActivityPub::BaseController
+class ActivityPub::CollectionsController < Api::BaseController
   include SignatureVerification
-  include AccountOwnedConcern
 
-  vary_by -> { 'Signature' if authorized_fetch_mode? }
-
-  before_action :require_account_signature!, if: :authorized_fetch_mode?
-  before_action :set_items
+  before_action :set_account
   before_action :set_size
-  before_action :set_type
+  before_action :set_statuses
 
   def show
-    expires_in 3.minutes, public: public_fetch_mode?
-    render_with_cache json: collection_presenter, content_type: 'application/activity+json', serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter
+    render json: collection_presenter,
+           serializer: ActivityPub::CollectionSerializer,
+           adapter: ActivityPub::Adapter,
+           content_type: 'application/activity+json',
+           skip_activities: true
   end
 
   private
 
-  def set_items
-    case params[:id]
-    when 'featured'
-      @items = for_signed_account { cache_collection(@account.pinned_statuses, Status) }
-      @items = @items.map { |item| item.distributable? ? item : ActivityPub::TagManager.instance.uri_for(item) }
-    when 'tags'
-      @items = for_signed_account { @account.featured_tags }
-    when 'devices'
-      @items = @account.devices
-    else
-      not_found
-    end
+  def set_account
+    @account = Account.find_local!(params[:account_username])
+  end
+
+  def set_statuses
+    @statuses = scope_for_collection
+    @statuses = cache_collection(@statuses, Status)
   end
 
   def set_size
     case params[:id]
-    when 'featured', 'devices', 'tags'
-      @size = @items.size
+    when 'featured'
+      @account.pinned_statuses.count
     else
-      not_found
+      raise ActiveRecord::RecordNotFound
     end
   end
 
-  def set_type
+  def scope_for_collection
     case params[:id]
     when 'featured'
-      @type = :ordered
-    when 'devices', 'tags'
-      @type = :unordered
+      @account.statuses.permitted_for(@account, signed_request_account).tap do |scope|
+        scope.merge!(@account.pinned_statuses)
+      end
     else
-      not_found
+      raise ActiveRecord::RecordNotFound
     end
   end
 
   def collection_presenter
     ActivityPub::CollectionPresenter.new(
       id: account_collection_url(@account, params[:id]),
-      type: @type,
+      type: :ordered,
       size: @size,
-      items: @items
+      items: @statuses
     )
   end
-
-  def for_signed_account
-    # Because in public fetch mode we cache the response, there would be no
-    # benefit from performing the check below, since a blocked account or domain
-    # would likely be served the cache from the reverse proxy anyway
-
-    if authorized_fetch_mode? && !signed_request_account.nil? && (@account.blocking?(signed_request_account) || (!signed_request_account.domain.nil? && @account.domain_blocking?(signed_request_account.domain)))
-      []
-    else
-      yield
-    end
-  end
 end

app/controllers/activitypub/followers_synchronizations_controller.rb

@@ -1,37 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::FollowersSynchronizationsController < ActivityPub::BaseController
-  include SignatureVerification
-  include AccountOwnedConcern
-
-  vary_by -> { 'Signature' if authorized_fetch_mode? }
-
-  before_action :require_account_signature!
-  before_action :set_items
-
-  def show
-    expires_in 0, public: false
-    render json: collection_presenter,
-           serializer: ActivityPub::CollectionSerializer,
-           adapter: ActivityPub::Adapter,
-           content_type: 'application/activity+json'
-  end
-
-  private
-
-  def uri_prefix
-    signed_request_account.uri[Account::URL_PREFIX_RE]
-  end
-
-  def set_items
-    @items = @account.followers.where(Account.arel_table[:uri].matches("#{Account.sanitize_sql_like(uri_prefix)}/%", false, true)).or(@account.followers.where(uri: uri_prefix)).pluck(:uri)
-  end
-
-  def collection_presenter
-    ActivityPub::CollectionPresenter.new(
-      id: account_followers_synchronization_url(@account),
-      type: :ordered,
-      items: @items
-    )
-  end
-end

app/controllers/activitypub/inboxes_controller.rb

@@ -1,76 +1,41 @@
 # frozen_string_literal: true
 
-class ActivityPub::InboxesController < ActivityPub::BaseController
+class ActivityPub::InboxesController < Api::BaseController
   include SignatureVerification
-  include JsonLdHelper
-  include AccountOwnedConcern
 
-  before_action :skip_unknown_actor_activity
-  before_action :require_actor_signature!
-  skip_before_action :authenticate_user!
+  before_action :set_account
 
   def create
-    upgrade_account
-    process_collection_synchronization
-    process_payload
-    head 202
+    if signed_request_account
+      upgrade_account
+      process_payload
+      head 202
+    else
+      render plain: signature_verification_failure_reason, status: 401
+    end
   end
 
   private
 
-  def skip_unknown_actor_activity
-    head 202 if unknown_affected_account?
-  end
-
-  def unknown_affected_account?
-    json = Oj.load(body, mode: :strict)
-    json.is_a?(Hash) && %w(Delete Update).include?(json['type']) && json['actor'].present? && json['actor'] == value_or_id(json['object']) && !Account.where(uri: json['actor']).exists?
-  rescue Oj::ParseError
-    false
-  end
-
-  def account_required?
-    params[:account_username].present?
-  end
-
-  def skip_temporary_suspension_response?
-    true
+  def set_account
+    @account = Account.find_local!(params[:account_username]) if params[:account_username]
   end
 
   def body
-    return @body if defined?(@body)
-
-    @body = request.body.read
-    @body.force_encoding('UTF-8') if @body.present?
-
-    request.body.rewind if request.body.respond_to?(:rewind)
-
-    @body
+    @body ||= request.body.read
   end
 
   def upgrade_account
-    if signed_request_account&.ostatus?
+    if signed_request_account.ostatus?
       signed_request_account.update(last_webfingered_at: nil)
       ResolveAccountWorker.perform_async(signed_request_account.acct)
     end
 
-    DeliveryFailureTracker.reset!(signed_request_actor.inbox_url)
-  end
-
-  def process_collection_synchronization
-    raw_params = request.headers['Collection-Synchronization']
-    return if raw_params.blank? || ENV['DISABLE_FOLLOWERS_SYNCHRONIZATION'] == 'true' || signed_request_account.nil?
-
-    # Re-using the syntax for signature parameters
-    tree   = SignatureParamsParser.new.parse(raw_params)
-    params = SignatureParamsTransformer.new.apply(tree)
-
-    ActivityPub::PrepareFollowersSynchronizationService.new.call(signed_request_account, params)
-  rescue Parslet::ParseFailed
-    Rails.logger.warn 'Error parsing Collection-Synchronization header'
+    Pubsubhubbub::UnsubscribeWorker.perform_async(signed_request_account.id) if signed_request_account.subscribed?
+    DeliveryFailureTracker.track_inverse_success!(signed_request_account)
   end
 
   def process_payload
-    ActivityPub::ProcessingWorker.perform_async(signed_request_actor.id, body, @account&.id, signed_request_actor.class.name)
+    ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'), @account&.id)
   end
 end

app/controllers/activitypub/outboxes_controller.rb

@@ -1,85 +1,65 @@
 # frozen_string_literal: true
 
-class ActivityPub::OutboxesController < ActivityPub::BaseController
+class ActivityPub::OutboxesController < Api::BaseController
   LIMIT = 20
 
   include SignatureVerification
-  include AccountOwnedConcern
 
-  vary_by -> { 'Signature' if authorized_fetch_mode? || page_requested? }
-
-  before_action :require_account_signature!, if: :authorized_fetch_mode?
+  before_action :set_account
   before_action :set_statuses
 
   def show
-    if page_requested?
-      expires_in(1.minute, public: public_fetch_mode? && signed_request_account.nil?)
-    else
-      expires_in(3.minutes, public: public_fetch_mode?)
-    end
-
     render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
   end
 
   private
 
+  def set_account
+    @account = Account.find_local!(params[:account_username])
+  end
+
   def outbox_presenter
     if page_requested?
       ActivityPub::CollectionPresenter.new(
-        id: outbox_url(**page_params),
+        id: account_outbox_url(@account, page_params),
         type: :ordered,
-        part_of: outbox_url,
+        part_of: account_outbox_url(@account),
         prev: prev_page,
         next: next_page,
         items: @statuses
       )
     else
       ActivityPub::CollectionPresenter.new(
-        id: outbox_url,
+        id: account_outbox_url(@account),
         type: :ordered,
         size: @account.statuses_count,
-        first: outbox_url(page: true),
-        last: outbox_url(page: true, min_id: 0)
+        first: account_outbox_url(@account, page: true),
+        last: account_outbox_url(@account, page: true, min_id: 0)
       )
     end
   end
 
-  def outbox_url(**kwargs)
-    if params[:account_username].present?
-      account_outbox_url(@account, **kwargs)
-    else
-      instance_actor_outbox_url(**kwargs)
-    end
-  end
-
   def next_page
-    outbox_url(page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
+    account_outbox_url(@account, page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
   end
 
   def prev_page
-    outbox_url(page: true, min_id: @statuses.first.id) unless @statuses.empty?
+    account_outbox_url(@account, page: true, min_id: @statuses.first.id) unless @statuses.empty?
   end
 
   def set_statuses
     return unless page_requested?
 
-    @statuses = cache_collection_paginated_by_id(
-      AccountStatusesFilter.new(@account, signed_request_account).results,
-      Status,
-      LIMIT,
-      params_slice(:max_id, :min_id, :since_id)
-    )
+    @statuses = @account.statuses.permitted_for(@account, signed_request_account)
+    @statuses = params[:min_id].present? ? @statuses.paginate_by_min_id(LIMIT, params[:min_id]).reverse : @statuses.paginate_by_max_id(LIMIT, params[:max_id])
+    @statuses = cache_collection(@statuses, Status)
   end
 
   def page_requested?
-    truthy_param?(:page)
+    params[:page] == 'true'
   end
 
   def page_params
     { page: true, max_id: params[:max_id], min_id: params[:min_id] }.compact
   end
-
-  def set_account
-    @account = params[:account_username].present? ? Account.find_local!(username_param) : Account.representative
-  end
 end

app/controllers/activitypub/replies_controller.rb

@@ -1,95 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::RepliesController < ActivityPub::BaseController
-  include SignatureVerification
-  include Authorization
-  include AccountOwnedConcern
-
-  DESCENDANTS_LIMIT = 60
-
-  vary_by -> { 'Signature' if authorized_fetch_mode? }
-
-  before_action :require_account_signature!, if: :authorized_fetch_mode?
-  before_action :set_status
-  before_action :set_replies
-
-  def index
-    expires_in 0, public: public_fetch_mode?
-    render json: replies_collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json', skip_activities: true
-  end
-
-  private
-
-  def pundit_user
-    signed_request_account
-  end
-
-  def set_status
-    @status = @account.statuses.find(params[:status_id])
-    authorize @status, :show?
-  rescue Mastodon::NotPermittedError
-    not_found
-  end
-
-  def set_replies
-    @replies = only_other_accounts? ? Status.where.not(account_id: @account.id).joins(:account).merge(Account.without_suspended) : @account.statuses
-    @replies = @replies.where(in_reply_to_id: @status.id, visibility: [:public, :unlisted])
-    @replies = @replies.paginate_by_min_id(DESCENDANTS_LIMIT, params[:min_id])
-  end
-
-  def replies_collection_presenter
-    page = ActivityPub::CollectionPresenter.new(
-      id: account_status_replies_url(@account, @status, page_params),
-      type: :unordered,
-      part_of: account_status_replies_url(@account, @status),
-      next: next_page,
-      items: @replies.map { |status| status.local? ? status : status.uri }
-    )
-
-    return page if page_requested?
-
-    ActivityPub::CollectionPresenter.new(
-      id: account_status_replies_url(@account, @status),
-      type: :unordered,
-      first: page
-    )
-  end
-
-  def page_requested?
-    truthy_param?(:page)
-  end
-
-  def only_other_accounts?
-    truthy_param?(:only_other_accounts)
-  end
-
-  def next_page
-    if only_other_accounts?
-      # Only consider remote accounts
-      return nil if @replies.size < DESCENDANTS_LIMIT
-
-      account_status_replies_url(
-        @account,
-        @status,
-        page: true,
-        min_id: @replies&.last&.id,
-        only_other_accounts: true
-      )
-    else
-      # For now, we're serving only self-replies, but next page might be other accounts
-      next_only_other_accounts = @replies&.last&.account_id != @account.id || @replies.size < DESCENDANTS_LIMIT
-
-      account_status_replies_url(
-        @account,
-        @status,
-        page: true,
-        min_id: next_only_other_accounts ? nil : @replies&.last&.id,
-        only_other_accounts: next_only_other_accounts
-      )
-    end
-  end
-
-  def page_params
-    params_slice(:only_other_accounts, :min_id).merge(page: true)
-  end
-end

app/controllers/admin/account_actions_controller.rb

@@ -5,15 +5,11 @@ module Admin
     before_action :set_account
 
     def new
-      authorize @account, :show?
-
-      @account_action  = Admin::AccountAction.new(type: params[:type], report_id: params[:report_id], send_email_notification: true, include_statuses: true)
+      @account_action  = Admin::AccountAction.new(type: params[:type], report_id: params[:report_id], send_email_notification: true)
       @warning_presets = AccountWarningPreset.all
     end
 
     def create
-      authorize @account, :show?
-
       account_action                 = Admin::AccountAction.new(resource_params)
       account_action.target_account  = @account
       account_action.current_account = current_account
@@ -21,7 +17,7 @@ module Admin
       account_action.save!
 
       if account_action.with_report?
-        redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: resource_params[:report_id])
+        redirect_to admin_reports_path
       else
         redirect_to admin_account_path(@account.id)
       end
@@ -34,7 +30,7 @@ module Admin
     end
 
     def resource_params
-      params.require(:admin_account_action).permit(:type, :report_id, :warning_preset_id, :text, :send_email_notification, :include_statuses)
+      params.require(:admin_account_action).permit(:type, :report_id, :warning_preset_id, :text, :send_email_notification)
     end
   end
 end

app/controllers/admin/account_moderation_notes_controller.rb

@@ -14,7 +14,7 @@ module Admin
       else
         @account          = @account_moderation_note.target_account
         @moderation_notes = @account.targeted_moderation_notes.latest
-        @warnings         = @account.strikes.custom.latest
+        @warnings         = @account.targeted_account_warnings.latest.custom
 
         render template: 'admin/accounts/show'
       end

app/controllers/admin/accounts_controller.rb

@@ -2,80 +2,46 @@
 
 module Admin
   class AccountsController < BaseController
-    before_action :set_account, except: [:index, :batch]
-    before_action :require_remote_account!, only: [:redownload]
-    before_action :require_local_account!, only: [:enable, :memorialize, :approve, :reject]
+    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :remove_avatar, :remove_header, :enable, :unsilence, :unsuspend, :memorialize]
+    before_action :require_remote_account!, only: [:subscribe, :unsubscribe, :redownload]
+    before_action :require_local_account!, only: [:enable, :memorialize]
 
     def index
       authorize :account, :index?
-
       @accounts = filtered_accounts.page(params[:page])
-      @form     = Form::AccountBatch.new
-    end
-
-    def batch
-      authorize :account, :index?
-
-      @form = Form::AccountBatch.new(form_account_batch_params)
-      @form.current_account = current_account
-      @form.action = action_from_button
-      @form.select_all_matching = params[:select_all_matching]
-      @form.query = filtered_accounts
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.accounts.no_account_selected')
-    ensure
-      redirect_to admin_accounts_path(filter_params)
     end
 
     def show
       authorize @account, :show?
 
-      @deletion_request        = @account.deletion_request
       @account_moderation_note = current_account.account_moderation_notes.new(target_account: @account)
       @moderation_notes        = @account.targeted_moderation_notes.latest
-      @warnings                = @account.strikes.includes(:target_account, :account, :appeal).latest
-      @domain_block            = DomainBlock.rule_for(@account.domain)
+      @warnings                = @account.targeted_account_warnings.latest.custom
+    end
+
+    def subscribe
+      authorize @account, :subscribe?
+      Pubsubhubbub::SubscribeWorker.perform_async(@account.id)
+      redirect_to admin_account_path(@account.id)
+    end
+
+    def unsubscribe
+      authorize @account, :unsubscribe?
+      Pubsubhubbub::UnsubscribeWorker.perform_async(@account.id)
+      redirect_to admin_account_path(@account.id)
     end
 
     def memorialize
       authorize @account, :memorialize?
       @account.memorialize!
       log_action :memorialize, @account
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.memorialized_msg', username: @account.acct)
+      redirect_to admin_account_path(@account.id)
     end
 
     def enable
       authorize @account.user, :enable?
       @account.user.enable!
       log_action :enable, @account.user
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.enabled_msg', username: @account.acct)
-    end
-
-    def approve
-      authorize @account.user, :approve?
-      @account.user.approve!
-      log_action :approve, @account.user
-      redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.approved_msg', username: @account.acct)
-    end
-
-    def reject
-      authorize @account.user, :reject?
-      DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
-      log_action :reject, @account.user
-      redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.rejected_msg', username: @account.acct)
-    end
-
-    def destroy
-      authorize @account, :destroy?
-      Admin::AccountDeletionWorker.perform_async(@account.id)
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.destroyed_msg', username: @account.acct)
-    end
-
-    def unsensitive
-      authorize @account, :unsensitive?
-      @account.unsensitize!
-      log_action :unsensitive, @account
       redirect_to admin_account_path(@account.id)
     end
 
@@ -83,15 +49,14 @@ module Admin
       authorize @account, :unsilence?
       @account.unsilence!
       log_action :unsilence, @account
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.unsilenced_msg', username: @account.acct)
+      redirect_to admin_account_path(@account.id)
     end
 
     def unsuspend
       authorize @account, :unsuspend?
       @account.unsuspend!
-      Admin::UnsuspensionWorker.perform_async(@account.id)
       log_action :unsuspend, @account
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.unsuspended_msg', username: @account.acct)
+      redirect_to admin_account_path(@account.id)
     end
 
     def redownload
@@ -100,7 +65,7 @@ module Admin
       @account.update!(last_webfingered_at: nil)
       ResolveAccountService.new.call(@account)
 
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.redownloaded_msg', username: @account.acct)
+      redirect_to admin_account_path(@account.id)
     end
 
     def remove_avatar
@@ -111,7 +76,7 @@ module Admin
 
       log_action :remove_avatar, @account.user
 
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_avatar_msg', username: @account.acct)
+      redirect_to admin_account_path(@account.id)
     end
 
     def remove_header
@@ -122,17 +87,7 @@ module Admin
 
       log_action :remove_header, @account.user
 
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_header_msg', username: @account.acct)
-    end
-
-    def unblock_email
-      authorize @account, :unblock_email?
-
-      CanonicalEmailBlock.where(reference_account: @account).delete_all
-
-      log_action :unblock_email, @account
-
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.unblocked_email_msg', username: @account.acct)
+      redirect_to admin_account_path(@account.id)
     end
 
     private
@@ -150,25 +105,23 @@ module Admin
     end
 
     def filtered_accounts
-      AccountFilter.new(filter_params.with_defaults(order: 'recent')).results
+      AccountFilter.new(filter_params).results
     end
 
     def filter_params
-      params.slice(:page, *AccountFilter::KEYS).permit(:page, *AccountFilter::KEYS)
-    end
-
-    def form_account_batch_params
-      params.require(:form_account_batch).permit(:action, account_ids: [])
-    end
-
-    def action_from_button
-      if params[:suspend]
-        'suspend'
-      elsif params[:approve]
-        'approve'
-      elsif params[:reject]
-        'reject'
-      end
+      params.permit(
+        :local,
+        :remote,
+        :by_domain,
+        :active,
+        :silenced,
+        :suspended,
+        :username,
+        :display_name,
+        :email,
+        :ip,
+        :staff
+      )
     end
   end
 end

app/controllers/admin/action_logs_controller.rb

@@ -2,21 +2,8 @@
 
 module Admin
   class ActionLogsController < BaseController
-    before_action :set_action_logs
-
     def index
-      authorize :audit_log, :index?
-      @auditable_accounts = Account.where(id: Admin::ActionLog.reorder(nil).select('distinct account_id')).select(:id, :username)
-    end
-
-    private
-
-    def set_action_logs
-      @action_logs = Admin::ActionLogFilter.new(filter_params).results.page(params[:page])
-    end
-
-    def filter_params
-      params.slice(:page, *Admin::ActionLogFilter::KEYS).permit(:page, *Admin::ActionLogFilter::KEYS)
+      @action_logs = Admin::ActionLog.page(params[:page])
     end
   end
 end

app/controllers/admin/announcements_controller.rb

@@ -1,88 +0,0 @@
-# frozen_string_literal: true
-
-class Admin::AnnouncementsController < Admin::BaseController
-  before_action :set_announcements, only: :index
-  before_action :set_announcement, except: [:index, :new, :create]
-
-  def index
-    authorize :announcement, :index?
-  end
-
-  def new
-    authorize :announcement, :create?
-
-    @announcement = Announcement.new
-  end
-
-  def edit
-    authorize :announcement, :update?
-  end
-
-  def create
-    authorize :announcement, :create?
-
-    @announcement = Announcement.new(resource_params)
-
-    if @announcement.save
-      PublishScheduledAnnouncementWorker.perform_async(@announcement.id) if @announcement.published?
-      log_action :create, @announcement
-      redirect_to admin_announcements_path, notice: @announcement.published? ? I18n.t('admin.announcements.published_msg') : I18n.t('admin.announcements.scheduled_msg')
-    else
-      render :new
-    end
-  end
-
-  def update
-    authorize :announcement, :update?
-
-    if @announcement.update(resource_params)
-      PublishScheduledAnnouncementWorker.perform_async(@announcement.id) if @announcement.published?
-      log_action :update, @announcement
-      redirect_to admin_announcements_path, notice: I18n.t('admin.announcements.updated_msg')
-    else
-      render :edit
-    end
-  end
-
-  def publish
-    authorize :announcement, :update?
-    @announcement.publish!
-    PublishScheduledAnnouncementWorker.perform_async(@announcement.id)
-    log_action :update, @announcement
-    redirect_to admin_announcements_path, notice: I18n.t('admin.announcements.published_msg')
-  end
-
-  def unpublish
-    authorize :announcement, :update?
-    @announcement.unpublish!
-    UnpublishAnnouncementWorker.perform_async(@announcement.id)
-    log_action :update, @announcement
-    redirect_to admin_announcements_path, notice: I18n.t('admin.announcements.unpublished_msg')
-  end
-
-  def destroy
-    authorize :announcement, :destroy?
-    @announcement.destroy!
-    UnpublishAnnouncementWorker.perform_async(@announcement.id) if @announcement.published?
-    log_action :destroy, @announcement
-    redirect_to admin_announcements_path, notice: I18n.t('admin.announcements.destroyed_msg')
-  end
-
-  private
-
-  def set_announcements
-    @announcements = AnnouncementFilter.new(filter_params).results.reverse_chronological.page(params[:page])
-  end
-
-  def set_announcement
-    @announcement = Announcement.find(params[:id])
-  end
-
-  def filter_params
-    params.slice(*AnnouncementFilter::KEYS).permit(*AnnouncementFilter::KEYS)
-  end
-
-  def resource_params
-    params.require(:announcement).permit(:text, :scheduled_at, :starts_at, :ends_at, :all_day)
-  end
-end

app/controllers/admin/base_controller.rb

@@ -7,10 +7,8 @@ module Admin
 
     layout 'admin'
 
+    before_action :require_staff!
     before_action :set_body_classes
-    before_action :set_cache_headers
-
-    after_action :verify_authorized
 
     private
 
@@ -18,10 +16,6 @@ module Admin
       @body_classes = 'admin'
     end
 
-    def set_cache_headers
-      response.cache_control.replace(private: true, no_store: true)
-    end
-
     def set_user
       @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
     end

app/controllers/admin/confirmations_controller.rb

@@ -17,7 +17,7 @@ module Admin
 
       @user.resend_confirmation_instructions
 
-      log_action :resend, @user
+      log_action :confirm, @user
 
       flash[:notice] = I18n.t('admin.accounts.resend_confirmation.success')
       redirect_to admin_accounts_path

app/controllers/admin/custom_emojis_controller.rb

@@ -2,16 +2,19 @@
 
 module Admin
   class CustomEmojisController < BaseController
+    before_action :set_custom_emoji, except: [:index, :new, :create]
+    before_action :set_filter_params
+
+    include ObfuscateFilename
+    obfuscate_filename [:custom_emoji, :image]
+
     def index
       authorize :custom_emoji, :index?
-
       @custom_emojis = filtered_custom_emojis.eager_load(:local_counterpart).page(params[:page])
-      @form          = Form::CustomEmojiBatch.new
     end
 
     def new
       authorize :custom_emoji, :create?
-
       @custom_emoji = CustomEmoji.new
     end
 
@@ -28,21 +31,69 @@ module Admin
       end
     end
 
-    def batch
-      authorize :custom_emoji, :index?
+    def update
+      authorize @custom_emoji, :update?
 
-      @form = Form::CustomEmojiBatch.new(form_custom_emoji_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.custom_emojis.no_emoji_selected')
-    rescue Mastodon::NotPermittedError
-      flash[:alert] = I18n.t('admin.custom_emojis.not_permitted')
-    ensure
-      redirect_to admin_custom_emojis_path(filter_params)
+      if @custom_emoji.update(resource_params)
+        log_action :update, @custom_emoji
+        flash[:notice] = I18n.t('admin.custom_emojis.updated_msg')
+      else
+        flash[:alert] =  I18n.t('admin.custom_emojis.update_failed_msg')
+      end
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def destroy
+      authorize @custom_emoji, :destroy?
+      @custom_emoji.destroy!
+      log_action :destroy, @custom_emoji
+      flash[:notice] = I18n.t('admin.custom_emojis.destroyed_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def copy
+      authorize @custom_emoji, :copy?
+
+      emoji = CustomEmoji.find_or_initialize_by(domain: nil,
+                                                shortcode: @custom_emoji.shortcode)
+      emoji.image = @custom_emoji.image
+
+      if emoji.save
+        log_action :create, emoji
+        flash[:notice] = I18n.t('admin.custom_emojis.copied_msg')
+      else
+        flash[:alert] = I18n.t('admin.custom_emojis.copy_failed_msg')
+      end
+
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def enable
+      authorize @custom_emoji, :enable?
+      @custom_emoji.update!(disabled: false)
+      log_action :enable, @custom_emoji
+      flash[:notice] = I18n.t('admin.custom_emojis.enabled_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
+    end
+
+    def disable
+      authorize @custom_emoji, :disable?
+      @custom_emoji.update!(disabled: true)
+      log_action :disable, @custom_emoji
+      flash[:notice] = I18n.t('admin.custom_emojis.disabled_msg')
+      redirect_to admin_custom_emojis_path(page: params[:page], **@filter_params)
     end
 
     private
 
+    def set_custom_emoji
+      @custom_emoji = CustomEmoji.find(params[:id])
+    end
+
+    def set_filter_params
+      @filter_params = filter_params.to_hash.symbolize_keys
+    end
+
     def resource_params
       params.require(:custom_emoji).permit(:shortcode, :image, :visible_in_picker)
     end
@@ -52,29 +103,12 @@ module Admin
     end
 
     def filter_params
-      params.slice(:page, *CustomEmojiFilter::KEYS).permit(:page, *CustomEmojiFilter::KEYS)
-    end
-
-    def action_from_button
-      if params[:update]
-        'update'
-      elsif params[:list]
-        'list'
-      elsif params[:unlist]
-        'unlist'
-      elsif params[:enable]
-        'enable'
-      elsif params[:disable]
-        'disable'
-      elsif params[:copy]
-        'copy'
-      elsif params[:delete]
-        'delete'
-      end
-    end
-
-    def form_custom_emoji_batch_params
-      params.require(:form_custom_emoji_batch).permit(:action, :category_id, :category_name, custom_emoji_ids: [])
+      params.permit(
+        :local,
+        :remote,
+        :by_domain,
+        :shortcode
+      )
     end
   end
 end

app/controllers/admin/dashboard_controller.rb

@@ -1,18 +1,44 @@
 # frozen_string_literal: true
+require 'sidekiq/api'
 
 module Admin
   class DashboardController < BaseController
-    include Redisable
-
     def index
-      authorize :dashboard, :index?
+      @users_count           = User.count
+      @registrations_week    = Redis.current.get("activity:accounts:local:#{current_week}") || 0
+      @logins_week           = Redis.current.pfcount("activity:logins:#{current_week}")
+      @interactions_week     = Redis.current.get("activity:interactions:#{current_week}") || 0
+      @relay_enabled         = Relay.enabled.exists?
+      @single_user_mode      = Rails.configuration.x.single_user_mode
+      @registrations_enabled = Setting.open_registrations
+      @deletions_enabled     = Setting.open_deletion
+      @invites_enabled       = Setting.min_invite_role == 'user'
+      @search_enabled        = Chewy.enabled?
+      @version               = Mastodon::Version.to_s
+      @database_version      = ActiveRecord::Base.connection.execute('SELECT VERSION()').first['version'].match(/\A(?:PostgreSQL |)([^\s]+).*\z/)[1]
+      @redis_version         = redis_info['redis_version']
+      @reports_count         = Report.unresolved.count
+      @queue_backlog         = Sidekiq::Stats.new.enqueued
+      @recent_users          = User.confirmed.recent.includes(:account).limit(4)
+      @database_size         = ActiveRecord::Base.connection.execute('SELECT pg_database_size(current_database())').first['pg_database_size']
+      @redis_size            = redis_info['used_memory']
+      @ldap_enabled          = ENV['LDAP_ENABLED'] == 'true'
+      @cas_enabled           = ENV['CAS_ENABLED'] == 'true'
+      @saml_enabled          = ENV['SAML_ENABLED'] == 'true'
+      @pam_enabled           = ENV['PAM_ENABLED'] == 'true'
+      @hidden_service        = ENV['ALLOW_ACCESS_TO_HIDDEN_SERVICE'] == 'true'
+      @trending_hashtags     = TrendingTags.get(7)
+      @profile_directory     = Setting.profile_directory
+    end
 
-      @system_checks         = Admin::SystemCheck.perform(current_user)
-      @time_period           = (29.days.ago.to_date...Time.now.utc.to_date)
-      @pending_users_count   = User.pending.count
-      @pending_reports_count = Report.unresolved.count
-      @pending_tags_count    = Tag.pending_review.count
-      @pending_appeals_count = Appeal.pending.count
+    private
+
+    def current_week
+      @current_week ||= Time.now.utc.to_date.cweek
+    end
+
+    def redis_info
+      @redis_info ||= Redis.current.info
     end
   end
 end

app/controllers/admin/disputes/appeals_controller.rb

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-class Admin::Disputes::AppealsController < Admin::BaseController
-  before_action :set_appeal, except: :index
-
-  def index
-    authorize :appeal, :index?
-
-    @appeals = filtered_appeals.page(params[:page])
-  end
-
-  def approve
-    authorize @appeal, :approve?
-    log_action :approve, @appeal
-    ApproveAppealService.new.call(@appeal, current_account)
-    redirect_to disputes_strike_path(@appeal.strike)
-  end
-
-  def reject
-    authorize @appeal, :approve?
-    log_action :reject, @appeal
-    @appeal.reject!(current_account)
-    UserMailer.appeal_rejected(@appeal.account.user, @appeal)
-    redirect_to disputes_strike_path(@appeal.strike)
-  end
-
-  private
-
-  def filtered_appeals
-    Admin::AppealFilter.new(filter_params.with_defaults(status: 'pending')).results.includes(strike: :account)
-  end
-
-  def filter_params
-    params.slice(:page, *Admin::AppealFilter::KEYS).permit(:page, *Admin::AppealFilter::KEYS)
-  end
-
-  def set_appeal
-    @appeal = Appeal.find(params[:id])
-  end
-end

app/controllers/admin/domain_allows_controller.rb

@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-
-class Admin::DomainAllowsController < Admin::BaseController
-  before_action :set_domain_allow, only: [:destroy]
-
-  def new
-    authorize :domain_allow, :create?
-
-    @domain_allow = DomainAllow.new(domain: params[:_domain])
-  end
-
-  def create
-    authorize :domain_allow, :create?
-
-    @domain_allow = DomainAllow.new(resource_params)
-
-    if @domain_allow.save
-      log_action :create, @domain_allow
-      redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.created_msg')
-    else
-      render :new
-    end
-  end
-
-  def destroy
-    authorize @domain_allow, :destroy?
-    UnallowDomainService.new.call(@domain_allow)
-    log_action :destroy, @domain_allow
-
-    redirect_to admin_instances_path, notice: I18n.t('admin.domain_allows.destroyed_msg')
-  end
-
-  private
-
-  def set_domain_allow
-    @domain_allow = DomainAllow.find(params[:id])
-  end
-
-  def resource_params
-    params.require(:domain_allow).permit(:domain)
-  end
-end

app/controllers/admin/domain_blocks_controller.rb

@@ -2,51 +2,17 @@
 
 module Admin
   class DomainBlocksController < BaseController
-    before_action :set_domain_block, only: [:destroy, :edit, :update]
-
-    def batch
-      authorize :domain_block, :create?
-      @form = Form::DomainBlockBatch.new(form_domain_block_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.domain_blocks.no_domain_block_selected')
-    rescue Mastodon::NotPermittedError
-      flash[:alert] = I18n.t('admin.domain_blocks.not_permitted')
-    else
-      redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
-    end
+    before_action :set_domain_block, only: [:show, :destroy]
 
     def new
       authorize :domain_block, :create?
       @domain_block = DomainBlock.new(domain: params[:_domain])
     end
 
-    def edit
-      authorize :domain_block, :create?
-    end
-
     def create
       authorize :domain_block, :create?
 
       @domain_block = DomainBlock.new(resource_params)
-      existing_domain_block = resource_params[:domain].present? ? DomainBlock.rule_for(resource_params[:domain]) : nil
-
-      # Disallow accidentally downgrading a domain block
-      if existing_domain_block.present? && !@domain_block.stricter_than?(existing_domain_block)
-        @domain_block.save
-        flash.now[:alert] = I18n.t('admin.domain_blocks.existing_domain_block_html', name: existing_domain_block.domain, unblock_url: admin_domain_block_path(existing_domain_block)).html_safe
-        @domain_block.errors.delete(:domain)
-        return render :new
-      end
-
-      # Allow transparently upgrading a domain block
-      if existing_domain_block.present? && existing_domain_block.domain == TagManager.instance.normalize_domain(@domain_block.domain.strip)
-        @domain_block = existing_domain_block
-        @domain_block.assign_attributes(resource_params)
-      end
-
-      # Require explicit confirmation when suspending
-      return render :confirm_suspension if requires_confirmation?
 
       if @domain_block.save
         DomainBlockWorker.perform_async(@domain_block.id)
@@ -57,26 +23,13 @@ module Admin
       end
     end
 
-    def update
-      authorize :domain_block, :update?
-
-      @domain_block.assign_attributes(update_params)
-
-      # Require explicit confirmation when suspending
-      return render :confirm_suspension if requires_confirmation?
-
-      if @domain_block.save
-        DomainBlockWorker.perform_async(@domain_block.id, @domain_block.severity_previously_changed?)
-        log_action :update, @domain_block
-        redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg')
-      else
-        render :edit
-      end
+    def show
+      authorize @domain_block, :show?
     end
 
     def destroy
       authorize @domain_block, :destroy?
-      UnblockDomainService.new.call(@domain_block)
+      UnblockDomainService.new.call(@domain_block, retroactive_unblock?)
       log_action :destroy, @domain_block
       redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.destroyed_msg')
     end
@@ -87,24 +40,12 @@ module Admin
       @domain_block = DomainBlock.find(params[:id])
     end
 
-    def update_params
-      params.require(:domain_block).permit(:severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate)
-    end
-
     def resource_params
-      params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate)
+      params.require(:domain_block).permit(:domain, :severity, :reject_media, :reject_reports, :retroactive)
     end
 
-    def form_domain_block_batch_params
-      params.require(:form_domain_block_batch).permit(domain_blocks_attributes: [:enabled, :domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate])
-    end
-
-    def action_from_button
-      'save' if params[:save]
-    end
-
-    def requires_confirmation?
-      @domain_block.valid? && (@domain_block.new_record? || @domain_block.severity_changed?) && @domain_block.severity.to_s == 'suspend' && !params[:confirm]
+    def retroactive_unblock?
+      ActiveRecord::Type.lookup(:boolean).cast(resource_params[:retroactive])
     end
   end
 end

app/controllers/admin/email_domain_blocks_controller.rb

@@ -2,29 +2,16 @@
 
 module Admin
   class EmailDomainBlocksController < BaseController
+    before_action :set_email_domain_block, only: [:show, :destroy]
+
     def index
       authorize :email_domain_block, :index?
-
-      @email_domain_blocks = EmailDomainBlock.where(parent_id: nil).includes(:children).order(id: :desc).page(params[:page])
-      @form                = Form::EmailDomainBlockBatch.new
-    end
-
-    def batch
-      authorize :email_domain_block, :index?
-
-      @form = Form::EmailDomainBlockBatch.new(form_email_domain_block_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.email_domain_blocks.no_email_domain_block_selected')
-    rescue Mastodon::NotPermittedError
-      flash[:alert] = I18n.t('admin.email_domain_blocks.not_permitted')
-    ensure
-      redirect_to admin_email_domain_blocks_path
+      @email_domain_blocks = EmailDomainBlock.page(params[:page])
     end
 
     def new
       authorize :email_domain_block, :create?
-      @email_domain_block = EmailDomainBlock.new(domain: params[:_domain])
+      @email_domain_block = EmailDomainBlock.new
     end
 
     def create
@@ -32,52 +19,29 @@ module Admin
 
       @email_domain_block = EmailDomainBlock.new(resource_params)
 
-      if action_from_button == 'save'
-        EmailDomainBlock.transaction do
-          @email_domain_block.save!
-          log_action :create, @email_domain_block
-
-          (@email_domain_block.other_domains || []).uniq.each do |domain|
-            next if EmailDomainBlock.where(domain: domain).exists?
-
-            other_email_domain_block = EmailDomainBlock.create!(domain: domain, parent: @email_domain_block)
-            log_action :create, other_email_domain_block
-          end
-        end
-
+      if @email_domain_block.save
+        log_action :create, @email_domain_block
         redirect_to admin_email_domain_blocks_path, notice: I18n.t('admin.email_domain_blocks.created_msg')
       else
-        set_resolved_records
         render :new
       end
-    rescue ActiveRecord::RecordInvalid
-      set_resolved_records
-      render :new
+    end
+
+    def destroy
+      authorize @email_domain_block, :destroy?
+      @email_domain_block.destroy!
+      log_action :destroy, @email_domain_block
+      redirect_to admin_email_domain_blocks_path, notice: I18n.t('admin.email_domain_blocks.destroyed_msg')
     end
 
     private
 
-    def set_resolved_records
-      Resolv::DNS.open do |dns|
-        dns.timeouts = 5
-        @resolved_records = dns.getresources(@email_domain_block.domain, Resolv::DNS::Resource::IN::MX).to_a
-      end
+    def set_email_domain_block
+      @email_domain_block = EmailDomainBlock.find(params[:id])
     end
 
     def resource_params
-      params.require(:email_domain_block).permit(:domain, other_domains: [])
-    end
-
-    def form_email_domain_block_batch_params
-      params.require(:form_email_domain_block_batch).permit(email_domain_block_ids: [])
-    end
-
-    def action_from_button
-      if params[:delete]
-        'delete'
-      elsif params[:save]
-        'save'
-      end
+      params.require(:email_domain_block).permit(:domain)
     end
   end
 end

app/controllers/admin/export_domain_allows_controller.rb

@@ -1,58 +0,0 @@
-# frozen_string_literal: true
-
-require 'csv'
-
-module Admin
-  class ExportDomainAllowsController < BaseController
-    include AdminExportControllerConcern
-
-    before_action :set_dummy_import!, only: [:new]
-
-    def new
-      authorize :domain_allow, :create?
-    end
-
-    def export
-      authorize :instance, :index?
-      send_export_file
-    end
-
-    def import
-      authorize :domain_allow, :create?
-      begin
-        @import = Admin::Import.new(import_params)
-        return render :new unless @import.validate
-
-        @import.csv_rows.each do |row|
-          domain = row['#domain'].strip
-          next if DomainAllow.allowed?(domain)
-
-          domain_allow = DomainAllow.new(domain: domain)
-          log_action :create, domain_allow if domain_allow.save
-        end
-        flash[:notice] = I18n.t('admin.domain_allows.created_msg')
-      rescue ActionController::ParameterMissing
-        flash[:error] = I18n.t('admin.export_domain_allows.no_file')
-      end
-      redirect_to admin_instances_path
-    end
-
-    private
-
-    def export_filename
-      'domain_allows.csv'
-    end
-
-    def export_headers
-      %w(#domain)
-    end
-
-    def export_data
-      CSV.generate(headers: export_headers, write_headers: true) do |content|
-        DomainAllow.allowed_domains.each do |instance|
-          content << [instance.domain]
-        end
-      end
-    end
-  end
-end

app/controllers/admin/export_domain_blocks_controller.rb

@@ -1,77 +0,0 @@
-# frozen_string_literal: true
-
-require 'csv'
-
-module Admin
-  class ExportDomainBlocksController < BaseController
-    include AdminExportControllerConcern
-
-    before_action :set_dummy_import!, only: [:new]
-
-    def new
-      authorize :domain_block, :create?
-    end
-
-    def export
-      authorize :instance, :index?
-      send_export_file
-    end
-
-    def import
-      authorize :domain_block, :create?
-
-      @import = Admin::Import.new(import_params)
-      return render :new unless @import.validate
-
-      @global_private_comment = I18n.t('admin.export_domain_blocks.import.private_comment_template', source: @import.data_file_name, date: I18n.l(Time.now.utc))
-
-      @form = Form::DomainBlockBatch.new
-      @domain_blocks = @import.csv_rows.filter_map do |row|
-        domain = row['#domain'].strip
-        next if DomainBlock.rule_for(domain).present?
-
-        domain_block = DomainBlock.new(domain: domain,
-                                       severity: row.fetch('#severity', :suspend),
-                                       reject_media: row.fetch('#reject_media', false),
-                                       reject_reports: row.fetch('#reject_reports', false),
-                                       private_comment: @global_private_comment,
-                                       public_comment: row['#public_comment'],
-                                       obfuscate: row.fetch('#obfuscate', false))
-
-        if domain_block.invalid?
-          flash.now[:alert] = I18n.t('admin.export_domain_blocks.invalid_domain_block', error: domain_block.errors.full_messages.join(', '))
-          next
-        end
-
-        domain_block
-      rescue ArgumentError => e
-        flash.now[:alert] = I18n.t('admin.export_domain_blocks.invalid_domain_block', error: e.message)
-        next
-      end
-
-      @warning_domains = Instance.where(domain: @domain_blocks.map(&:domain)).where('EXISTS (SELECT 1 FROM follows JOIN accounts ON follows.account_id = accounts.id OR follows.target_account_id = accounts.id WHERE accounts.domain = instances.domain)').pluck(:domain)
-    rescue ActionController::ParameterMissing
-      flash.now[:alert] = I18n.t('admin.export_domain_blocks.no_file')
-      set_dummy_import!
-      render :new
-    end
-
-    private
-
-    def export_filename
-      'domain_blocks.csv'
-    end
-
-    def export_headers
-      %w(#domain #severity #reject_media #reject_reports #public_comment #obfuscate)
-    end
-
-    def export_data
-      CSV.generate(headers: export_headers, write_headers: true) do |content|
-        DomainBlock.with_limitations.each do |instance|
-          content << [instance.domain, instance.severity, instance.reject_media, instance.reject_reports, instance.public_comment, instance.obfuscate]
-        end
-      end
-    end
-  end
-end

app/controllers/admin/follow_recommendations_controller.rb

@@ -1,55 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class FollowRecommendationsController < BaseController
-    before_action :set_language
-
-    def show
-      authorize :follow_recommendation, :show?
-
-      @form     = Form::AccountBatch.new
-      @accounts = filtered_follow_recommendations
-    end
-
-    def update
-      authorize :follow_recommendation, :show?
-
-      @form = Form::AccountBatch.new(form_account_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      # Do nothing
-    ensure
-      redirect_to admin_follow_recommendations_path(filter_params)
-    end
-
-    private
-
-    def set_language
-      @language = follow_recommendation_filter.language
-    end
-
-    def filtered_follow_recommendations
-      follow_recommendation_filter.results
-    end
-
-    def follow_recommendation_filter
-      @follow_recommendation_filter ||= FollowRecommendationFilter.new(filter_params)
-    end
-
-    def form_account_batch_params
-      params.require(:form_account_batch).permit(:action, account_ids: [])
-    end
-
-    def filter_params
-      params.slice(*FollowRecommendationFilter::KEYS).permit(*FollowRecommendationFilter::KEYS)
-    end
-
-    def action_from_button
-      if params[:suppress]
-        'suppress_follow_recommendation'
-      elsif params[:unsuppress]
-        'unsuppress_follow_recommendation'
-      end
-    end
-  end
-end

app/controllers/admin/followers_controller.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Admin
+  class FollowersController < BaseController
+    before_action :set_account
+
+    PER_PAGE = 40
+
+    def index
+      authorize :account, :index?
+      @followers = @account.followers.local.recent.page(params[:page]).per(PER_PAGE)
+    end
+
+    def set_account
+      @account = Account.find(params[:account_id])
+    end
+  end
+end

app/controllers/admin/instances_controller.rb

@@ -2,74 +2,43 @@
 
 module Admin
   class InstancesController < BaseController
-    before_action :set_instances, only: :index
-    before_action :set_instance, except: :index
-
     def index
       authorize :instance, :index?
-      preload_delivery_failures!
+
+      @instances = ordered_instances
     end
 
     def show
       authorize :instance, :show?
-      @time_period = (6.days.ago.to_date...Time.now.utc.to_date)
-    end
 
-    def destroy
-      authorize :instance, :destroy?
-      Admin::DomainPurgeWorker.perform_async(@instance.domain)
-      log_action :destroy, @instance
-      redirect_to admin_instances_path, notice: I18n.t('admin.instances.destroyed_msg', domain: @instance.domain)
-    end
-
-    def clear_delivery_errors
-      authorize :delivery, :clear_delivery_errors?
-      @instance.delivery_failure_tracker.clear_failures!
-      redirect_to admin_instance_path(@instance.domain)
-    end
-
-    def restart_delivery
-      authorize :delivery, :restart_delivery?
-
-      if @instance.unavailable?
-        @instance.delivery_failure_tracker.track_success!
-        log_action :destroy, @instance.unavailable_domain
-      end
-
-      redirect_to admin_instance_path(@instance.domain)
-    end
-
-    def stop_delivery
-      authorize :delivery, :stop_delivery?
-      unavailable_domain = UnavailableDomain.create!(domain: @instance.domain)
-      log_action :create, unavailable_domain
-      redirect_to admin_instance_path(@instance.domain)
+      @instance        = Instance.new(Account.by_domain_accounts.find_by(domain: params[:id]) || DomainBlock.find_by!(domain: params[:id]))
+      @following_count = Follow.where(account: Account.where(domain: params[:id])).count
+      @followers_count = Follow.where(target_account: Account.where(domain: params[:id])).count
+      @reports_count   = Report.where(target_account: Account.where(domain: params[:id])).count
+      @blocks_count    = Block.where(target_account: Account.where(domain: params[:id])).count
+      @available       = DeliveryFailureTracker.available?(Account.select(:shared_inbox_url).where(domain: params[:id]).first&.shared_inbox_url)
+      @media_storage   = MediaAttachment.where(account: Account.where(domain: params[:id])).sum(:file_file_size)
+      @domain_block    = DomainBlock.find_by(domain: params[:id])
     end
 
     private
 
-    def set_instance
-      @instance = Instance.find(TagManager.instance.normalize_domain(params[:id]&.strip))
-    end
-
-    def set_instances
-      @instances = filtered_instances.page(params[:page])
-    end
-
-    def preload_delivery_failures!
-      warning_domains_map = DeliveryFailureTracker.warning_domains_map(@instances.map(&:domain))
-
-      @instances.each do |instance|
-        instance.failure_days = warning_domains_map[instance.domain]
-      end
-    end
-
     def filtered_instances
-      InstanceFilter.new(limited_federation_mode? ? { allowed: true } : filter_params).results
+      InstanceFilter.new(filter_params).results
+    end
+
+    def paginated_instances
+      filtered_instances.page(params[:page])
+    end
+
+    helper_method :paginated_instances
+
+    def ordered_instances
+      paginated_instances.map { |resource| Instance.new(resource) }
     end
 
     def filter_params
-      params.slice(*InstanceFilter::KEYS).permit(*InstanceFilter::KEYS)
+      params.permit(:limited, :by_domain)
     end
   end
 end

app/controllers/admin/invites_controller.rb

@@ -47,7 +47,7 @@ module Admin
     end
 
     def filter_params
-      params.slice(*InviteFilter::KEYS).permit(*InviteFilter::KEYS)
+      params.permit(:available, :expired)
     end
   end
 end

app/controllers/admin/ip_blocks_controller.rb

@@ -1,58 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class IpBlocksController < BaseController
-    def index
-      authorize :ip_block, :index?
-
-      @ip_blocks = IpBlock.order(ip: :asc).page(params[:page])
-      @form      = Form::IpBlockBatch.new
-    end
-
-    def new
-      authorize :ip_block, :create?
-
-      @ip_block = IpBlock.new(ip: '', severity: :no_access, expires_in: 1.year)
-    end
-
-    def create
-      authorize :ip_block, :create?
-
-      @ip_block = IpBlock.new(resource_params)
-
-      if @ip_block.save
-        log_action :create, @ip_block
-        redirect_to admin_ip_blocks_path, notice: I18n.t('admin.ip_blocks.created_msg')
-      else
-        render :new
-      end
-    end
-
-    def batch
-      authorize :ip_block, :index?
-
-      @form = Form::IpBlockBatch.new(form_ip_block_batch_params.merge(current_account: current_account, action: action_from_button))
-      @form.save
-    rescue ActionController::ParameterMissing
-      flash[:alert] = I18n.t('admin.ip_blocks.no_ip_block_selected')
-    rescue Mastodon::NotPermittedError
-      flash[:alert] = I18n.t('admin.custom_emojis.not_permitted')
-    ensure
-      redirect_to admin_ip_blocks_path
-    end
-
-    private
-
-    def resource_params
-      params.require(:ip_block).permit(:ip, :severity, :comment, :expires_in)
-    end
-
-    def action_from_button
-      'delete' if params[:delete]
-    end
-
-    def form_ip_block_batch_params
-      params.require(:form_ip_block_batch).permit(ip_block_ids: [])
-    end
-  end
-end

app/controllers/admin/relationships_controller.rb

@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class RelationshipsController < BaseController
-    before_action :set_account
-
-    PER_PAGE = 40
-
-    def index
-      authorize @account, :show?
-
-      @accounts = RelationshipFilter.new(@account, filter_params).results.includes(:account_stat, user: [:ips, :invite_request]).page(params[:page]).per(PER_PAGE)
-      @form     = Form::AccountBatch.new
-    end
-
-    private
-
-    def set_account
-      @account = Account.find(params[:account_id])
-    end
-
-    def filter_params
-      params.slice(*RelationshipFilter::KEYS).permit(*RelationshipFilter::KEYS)
-    end
-  end
-end

app/controllers/admin/relays_controller.rb

@@ -3,7 +3,6 @@
 module Admin
   class RelaysController < BaseController
     before_action :set_relay, except: [:index, :new, :create]
-    before_action :warn_signatures_not_enabled!, only: [:new, :create, :enable]
 
     def index
       authorize :relay, :update?
@@ -12,7 +11,7 @@ module Admin
 
     def new
       authorize :relay, :update?
-      @relay = Relay.new
+      @relay = Relay.new(inbox_url: Relay::PRESET_RELAY)
     end
 
     def create
@@ -55,9 +54,5 @@ module Admin
     def resource_params
       params.require(:relay).permit(:inbox_url)
     end
-
-    def warn_signatures_not_enabled!
-      flash.now[:error] = I18n.t('admin.relays.signatures_not_enabled') if authorized_fetch_mode?
-    end
   end
 end

app/controllers/admin/report_notes_controller.rb

@@ -5,26 +5,30 @@ module Admin
     before_action :set_report_note, only: [:destroy]
 
     def create
-      authorize :report_note, :create?
+      authorize ReportNote, :create?
 
       @report_note = current_account.report_notes.new(resource_params)
-      @report      = @report_note.report
+      @report = @report_note.report
 
       if @report_note.save
         if params[:create_and_resolve]
           @report.resolve!(current_account)
           log_action :resolve, @report
-        elsif params[:create_and_unresolve]
+
+          redirect_to admin_reports_path, notice: I18n.t('admin.reports.resolved_msg')
+          return
+        end
+
+        if params[:create_and_unresolve]
           @report.unresolve!
           log_action :reopen, @report
         end
 
-        redirect_to after_create_redirect_path, notice: I18n.t('admin.report_notes.created_msg')
+        redirect_to admin_report_path(@report), notice: I18n.t('admin.report_notes.created_msg')
       else
-        @report_notes = @report.notes.includes(:account).order(id: :desc)
-        @action_logs  = @report.history.includes(:target)
-        @form         = Admin::StatusBatchAction.new
-        @statuses     = @report.statuses.with_includes
+        @report_notes = @report.notes.latest
+        @report_history = @report.history
+        @form = Form::StatusBatch.new
 
         render template: 'admin/reports/show'
       end
@@ -38,14 +42,6 @@ module Admin
 
     private
 
-    def after_create_redirect_path
-      if params[:create_and_resolve]
-        admin_reports_path
-      else
-        admin_report_path(@report)
-      end
-    end
-
     def resource_params
       params.require(:report_note).permit(
         :content,

app/controllers/admin/reported_statuses_controller.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module Admin
+  class ReportedStatusesController < BaseController
+    before_action :set_report
+
+    def create
+      authorize :status, :update?
+
+      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account, action: action_from_button))
+      flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save
+
+      redirect_to admin_report_path(@report)
+    rescue ActionController::ParameterMissing
+      flash[:alert] = I18n.t('admin.statuses.no_status_selected')
+
+      redirect_to admin_report_path(@report)
+    end
+
+    private
+
+    def status_params
+      params.require(:status).permit(:sensitive)
+    end
+
+    def form_status_batch_params
+      params.require(:form_status_batch).permit(status_ids: [])
+    end
+
+    def action_from_button
+      if params[:nsfw_on]
+        'nsfw_on'
+      elsif params[:nsfw_off]
+        'nsfw_off'
+      elsif params[:delete]
+        'delete'
+      end
+    end
+
+    def set_report
+      @report = Report.find(params[:report_id])
+    end
+  end
+end

app/controllers/admin/reports/actions_controller.rb

@@ -1,63 +0,0 @@
-# frozen_string_literal: true
-
-class Admin::Reports::ActionsController < Admin::BaseController
-  before_action :set_report
-
-  def preview
-    authorize @report, :show?
-    @moderation_action = action_from_button
-  end
-
-  def create
-    authorize @report, :show?
-
-    case action_from_button
-    when 'delete', 'mark_as_sensitive'
-      status_batch_action = Admin::StatusBatchAction.new(
-        type: action_from_button,
-        status_ids: @report.status_ids,
-        current_account: current_account,
-        report_id: @report.id,
-        send_email_notification: !@report.spam?,
-        text: params[:text]
-      )
-
-      status_batch_action.save!
-    when 'silence', 'suspend'
-      account_action = Admin::AccountAction.new(
-        type: action_from_button,
-        report_id: @report.id,
-        target_account: @report.target_account,
-        current_account: current_account,
-        send_email_notification: !@report.spam?,
-        text: params[:text]
-      )
-
-      account_action.save!
-    else
-      return redirect_to admin_report_path(@report), alert: I18n.t('admin.reports.unknown_action_msg', action: action_from_button)
-    end
-
-    redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: @report.id)
-  end
-
-  private
-
-  def set_report
-    @report = Report.find(params[:report_id])
-  end
-
-  def action_from_button
-    if params[:delete]
-      'delete'
-    elsif params[:mark_as_sensitive]
-      'mark_as_sensitive'
-    elsif params[:silence]
-      'silence'
-    elsif params[:suspend]
-      'suspend'
-    elsif params[:moderation_action]
-      params[:moderation_action]
-    end
-  end
-end

app/controllers/admin/reports_controller.rb

@@ -13,10 +13,8 @@ module Admin
       authorize @report, :show?
 
       @report_note  = @report.notes.new
-      @report_notes = @report.notes.includes(:account).order(id: :desc)
-      @action_logs  = @report.history.includes(:target)
-      @form         = Admin::StatusBatchAction.new
-      @statuses     = @report.statuses.with_includes
+      @report_notes = (@report.notes.latest + @report.history + @report.target_account.targeted_account_warnings.latest.custom).sort_by(&:created_at)
+      @form         = Form::StatusBatch.new
     end
 
     def assign_to_self
@@ -54,7 +52,11 @@ module Admin
     end
 
     def filter_params
-      params.slice(*ReportFilter::KEYS).permit(*ReportFilter::KEYS)
+      params.permit(
+        :account_id,
+        :resolved,
+        :target_account_id
+      )
     end
 
     def set_report

app/controllers/admin/resets_controller.rb

@@ -6,9 +6,9 @@ module Admin
 
     def create
       authorize @user, :reset_password?
-      @user.reset_password!
+      @user.send_reset_password_instructions
       log_action :reset_password, @user
-      redirect_to admin_account_path(@user.account_id)
+      redirect_to admin_accounts_path
     end
   end
 end

app/controllers/admin/roles_controller.rb

@@ -2,66 +2,20 @@
 
 module Admin
   class RolesController < BaseController
-    before_action :set_role, except: [:index, :new, :create]
+    before_action :set_user
 
-    def index
-      authorize :user_role, :index?
-
-      @roles = UserRole.order(position: :desc).page(params[:page])
+    def promote
+      authorize @user, :promote?
+      @user.promote!
+      log_action :promote, @user
+      redirect_to admin_account_path(@user.account_id)
     end
 
-    def new
-      authorize :user_role, :create?
-
-      @role = UserRole.new
-    end
-
-    def edit
-      authorize @role, :update?
-    end
-
-    def create
-      authorize :user_role, :create?
-
-      @role = UserRole.new(resource_params)
-      @role.current_account = current_account
-
-      if @role.save
-        log_action :create, @role
-        redirect_to admin_roles_path
-      else
-        render :new
-      end
-    end
-
-    def update
-      authorize @role, :update?
-
-      @role.current_account = current_account
-
-      if @role.update(resource_params)
-        log_action :update, @role
-        redirect_to admin_roles_path
-      else
-        render :edit
-      end
-    end
-
-    def destroy
-      authorize @role, :destroy?
-      @role.destroy!
-      log_action :destroy, @role
-      redirect_to admin_roles_path
-    end
-
-    private
-
-    def set_role
-      @role = UserRole.find(params[:id])
-    end
-
-    def resource_params
-      params.require(:user_role).permit(:name, :color, :highlighted, :position, permissions_as_keys: [])
+    def demote
+      authorize @user, :demote?
+      @user.demote!
+      log_action :demote, @user
+      redirect_to admin_account_path(@user.account_id)
     end
   end
 end

app/controllers/admin/rules_controller.rb

@@ -1,59 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class RulesController < BaseController
-    before_action :set_rule, except: [:index, :create]
-
-    def index
-      authorize :rule, :index?
-
-      @rules = Rule.ordered
-      @rule  = Rule.new
-    end
-
-    def edit
-      authorize @rule, :update?
-    end
-
-    def create
-      authorize :rule, :create?
-
-      @rule = Rule.new(resource_params)
-
-      if @rule.save
-        redirect_to admin_rules_path
-      else
-        @rules = Rule.ordered
-        render :index
-      end
-    end
-
-    def update
-      authorize @rule, :update?
-
-      if @rule.update(resource_params)
-        redirect_to admin_rules_path
-      else
-        render :edit
-      end
-    end
-
-    def destroy
-      authorize @rule, :destroy?
-
-      @rule.discard
-
-      redirect_to admin_rules_path
-    end
-
-    private
-
-    def set_rule
-      @rule = Rule.find(params[:id])
-    end
-
-    def resource_params
-      params.require(:rule).permit(:text, :priority)
-    end
-  end
-end