Update README.md

Better reflection of Chinwag's brand image
2024-09-28 10:48:39 +10:00
4788 changed files with 137184 additions and 245835 deletions
--- a/.browserslistrc
+++ b/.browserslistrc
@ -1,10 +1,7 @@
 [production]
 defaults
-> 0.2%
+not IE 11
 firefox >= 78
 ios >= 15.6
 not dead
 not OperaMini all
 [development]
 supports es6-module
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@ -0,0 +1,39 @@
 version: '2'
 checks:
  argument-count:
    enabled: false
  complex-logic:
    enabled: false
  file-lines:
    enabled: false
  method-complexity:
    enabled: false
  method-count:
    enabled: false
  method-lines:
    enabled: false
  nested-control-flow:
    enabled: false
  return-statements:
    enabled: false
  similar-code:
    enabled: false
  identical-code:
    enabled: false
 plugins:
  brakeman:
    enabled: true
  bundler-audit:
    enabled: true
  eslint:
    enabled: false
  rubocop:
    enabled: false
  sass-lint:
    enabled: false
 exclude_patterns:
  - spec/
  - vendor/asset/
  - app/javascript/mastodon/locales/**/*.json
  - config/locales/**/*.yml
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -1,18 +1,24 @@
-# For details, see https://github.com/devcontainers/images/tree/main/src/ruby
+# [Choice] Ruby version (use -bullseye variants on local arm64/Apple Silicon): 3, 3.1, 3.0, 2, 2.7, 2.6, 3-bullseye, 3.1-bullseye, 3.0-bullseye, 2-bullseye, 2.7-bullseye, 2.6-bullseye, 3-buster, 3.1-buster, 3.0-buster, 2-buster, 2.7-buster, 2.6-buster
-FROM mcr.microsoft.com/devcontainers/ruby:1-3.3-bookworm
+ARG VARIANT=3.1-bullseye
 FROM mcr.microsoft.com/vscode/devcontainers/ruby:${VARIANT}
-# Install node version from .nvmrc
+# Install Rails
-WORKDIR /app
+# RUN gem install rails webdrivers
 COPY .nvmrc .
 RUN /bin/bash --login -i -c "nvm install"
-# Install additional OS packages
+# Default value to allow debug server to serve content over GitHub Codespace's port forwarding service
-RUN apt-get update && \
+# The value is a comma-separated list of allowed domains
-    export DEBIAN_FRONTEND=noninteractive && \
+ENV RAILS_DEVELOPMENT_HOSTS=".githubpreview.dev"
    apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg imagemagick libvips42 libpam-dev
-# Disable download prompt for Corepack
+# [Choice] Node.js version: lts/*, 18, 16, 14
-ENV COREPACK_ENABLE_DOWNLOAD_PROMPT=0
+ARG NODE_VERSION="lts/*"
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
-# Move welcome message to where VS Code expects it
+# [Optional] Uncomment this section to install additional OS packages.
-COPY .devcontainer/welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt
+RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
    && apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg imagemagick libpam-dev
 # [Optional] Uncomment this line to install additional gems.
 RUN gem install foreman
 # [Optional] Uncomment this line to install global node packages.
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g yarn" 2>&1
--- a/.devcontainer/codespaces/devcontainer.json
+++ b/.devcontainer/codespaces/devcontainer.json
@ -1,51 +0,0 @@
 {
  "name": "Mastodon on GitHub Codespaces",
  "dockerComposeFile": "../compose.yaml",
  "service": "app",
  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {}
  },
  "runServices": ["app", "db", "redis"],
  "forwardPorts": [3000, 4000],
  "portsAttributes": {
    "3000": {
      "label": "web",
      "onAutoForward": "notify"
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent"
    }
  },
  "remoteUser": "root",
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "remoteEnv": {
    "LOCAL_DOMAIN": "${localEnv:CODESPACE_NAME}-3000.app.github.dev",
    "LOCAL_HTTPS": "true",
    "STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
    "DISABLE_FORGERY_REQUEST_PROTECTION": "true",
    "ES_ENABLED": "",
    "LIBRE_TRANSLATE_ENDPOINT": ""
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
  "postCreateCommand": "bin/setup",
  "waitFor": "postCreateCommand",
  "customizations": {
    "vscode": {
      "settings": {},
      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
    }
  }
 }
--- a/.devcontainer/compose.yaml
+++ b/.devcontainer/compose.yaml
@ -1,89 +0,0 @@
 services:
  app:
    working_dir: /workspaces/mastodon/
    build:
      context: ..
      dockerfile: .devcontainer/Dockerfile
    volumes:
      - ..:/workspaces/mastodon:cached
    environment:
      RAILS_ENV: development
      NODE_ENV: development
      BIND: 0.0.0.0
      REDIS_HOST: redis
      REDIS_PORT: '6379'
      DB_HOST: db
      DB_USER: postgres
      DB_PASS: postgres
      DB_PORT: '5432'
      ES_ENABLED: 'true'
      ES_HOST: es
      ES_PORT: '9200'
      LIBRE_TRANSLATE_ENDPOINT: http://libretranslate:5000
    # Overrides default command so things don't shut down after the process ends.
    command: sleep infinity
    ports:
      - '127.0.0.1:3000:3000'
      - '127.0.0.1:3035:3035'
      - '127.0.0.1:4000:4000'
    networks:
      - external_network
      - internal_network
  db:
    image: postgres:14-alpine
    restart: unless-stopped
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: postgres
      POSTGRES_DB: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_HOST_AUTH_METHOD: trust
    networks:
      - internal_network
  redis:
    image: redis:7-alpine
    restart: unless-stopped
    volumes:
      - redis-data:/data
    networks:
      - internal_network
  es:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
    restart: unless-stopped
    environment:
      ES_JAVA_OPTS: -Xms512m -Xmx512m
      cluster.name: es-mastodon
      discovery.type: single-node
      bootstrap.memory_lock: 'true'
    volumes:
      - es-data:/usr/share/elasticsearch/data
    networks:
      - internal_network
    ulimits:
      memlock:
        soft: -1
        hard: -1
  libretranslate:
    image: libretranslate/libretranslate:v1.6.1
    restart: unless-stopped
    volumes:
      - lt-data:/home/libretranslate/.local
    networks:
      - external_network
      - internal_network
 volumes:
  postgres-data:
  redis-data:
  es-data:
  lt-data:
 networks:
  external_network:
  internal_network:
    internal: true
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -1,42 +1,33 @@
 {
-  "name": "Mastodon on local machine",
+  "name": "Mastodon",
-  "dockerComposeFile": "compose.yaml",
+  "dockerComposeFile": "docker-compose.yml",
  "service": "app",
-  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
+  "workspaceFolder": "/mastodon",
  // Set *default* container specific settings.json values on container create.
  "settings": {},
  // Add the IDs of extensions you want installed when the container is created.
  "extensions": [
    "EditorConfig.EditorConfig",
    "dbaeumer.vscode-eslint",
    "rebornix.Ruby",
    "webben.browserslist"
  ],
  "features": {
-    "ghcr.io/devcontainers/features/sshd:1": {}
+    "ghcr.io/devcontainers/features/sshd:1": {
      "version": "latest"
    }
  },
  // Use 'forwardPorts' to make a list of ports inside the container available locally.
  // This can be used to network with other containers or the host.
  "forwardPorts": [3000, 4000],
-  "portsAttributes": {
+  // Use 'postCreateCommand' to run commands after the container is created.
-    "3000": {
+  "postCreateCommand": ".devcontainer/post-create.sh",
      "label": "web",
      "onAutoForward": "notify",
      "requireLocalPort": true
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent",
      "requireLocalPort": true
    }
  },
-  "remoteUser": "root",
+  // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
-
+  "remoteUser": "vscode"
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
  "postCreateCommand": "bin/setup",
  "waitFor": "postCreateCommand",
  "customizations": {
    "vscode": {
      "settings": {},
      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
    }
  }
 }
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@ -0,0 +1,90 @@
 version: '3'
 services:
  app:
    build:
      context: .
      dockerfile: Dockerfile
      args:
        # Update 'VARIANT' to pick a version of Ruby: 3, 3.1, 3.0, 2, 2.7, 2.6
        # Append -bullseye or -buster to pin to an OS version.
        # Use -bullseye variants on local arm64/Apple Silicon.
        VARIANT: '3.0-bullseye'
        # Optional Node.js version to install
        NODE_VERSION: '16'
    volumes:
      - ..:/mastodon:cached
    environment:
      RAILS_ENV: development
      NODE_ENV: development
      REDIS_HOST: redis
      REDIS_PORT: '6379'
      DB_HOST: db
      DB_USER: postgres
      DB_PASS: postgres
      DB_PORT: '5432'
      ES_ENABLED: 'true'
      ES_HOST: es
      ES_PORT: '9200'
      LIBRE_TRANSLATE_ENDPOINT: http://libretranslate:5000
    # Overrides default command so things don't shut down after the process ends.
    command: sleep infinity
    networks:
      - external_network
      - internal_network
    user: vscode
  db:
    image: postgres:14-alpine
    restart: unless-stopped
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: postgres
      POSTGRES_DB: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_HOST_AUTH_METHOD: trust
    networks:
      - internal_network
  redis:
    image: redis:6-alpine
    restart: unless-stopped
    volumes:
      - redis-data:/data
    networks:
      - internal_network
  es:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
    restart: unless-stopped
    environment:
      ES_JAVA_OPTS: -Xms512m -Xmx512m
      cluster.name: es-mastodon
      discovery.type: single-node
      bootstrap.memory_lock: 'true'
    volumes:
      - es-data:/usr/share/elasticsearch/data
    networks:
      - internal_network
    ulimits:
      memlock:
        soft: -1
        hard: -1
  libretranslate:
    image: libretranslate/libretranslate:v1.2.9
    restart: unless-stopped
    networks:
      - internal_network
 volumes:
  postgres-data:
  redis-data:
  es-data:
 networks:
  external_network:
  internal_network:
    internal: true
--- a/.devcontainer/post-create.sh
+++ b/.devcontainer/post-create.sh
@ -0,0 +1,21 @@
 #!/bin/bash
 set -e # Fail the whole script on first error
 # Fetch Ruby gem dependencies
 bundle install --path vendor/bundle --with='development test'
 # Fetch Javascript dependencies
 yarn install
 # Make Gemfile.lock pristine again
 git checkout -- Gemfile.lock
 # [re]create, migrate, and seed the test database
 RAILS_ENV=test ./bin/rails db:setup
 # Precompile assets for development
 RAILS_ENV=development ./bin/rails assets:precompile
 # Precompile assets for test
 RAILS_ENV=test NODE_ENV=tests ./bin/rails assets:precompile
--- a/.devcontainer/welcome-message.txt
+++ b/.devcontainer/welcome-message.txt
@ -1,7 +0,0 @@
 👋 Welcome to your Mastodon Dev Container!
 🛠️ Your environment is fully setup with all the required software.
 💥 Run `bin/dev` to start the application processes.
 🥼 Run `RAILS_ENV=test bin/rails assets:precompile && RAILS_ENV=test bin/rspec` to run the test suite.
--- a/.dockerignore
+++ b/.dockerignore
@ -8,7 +8,6 @@
 public/system
 public/assets
 public/packs
 public/packs-test
 node_modules
 neo4j
 vendor/bundle
--- a/.editorconfig
+++ b/.editorconfig
@ -10,4 +10,3 @@ insert_final_newline = true
 charset = utf-8
 indent_style = space
 indent_size = 2
 trim_trailing_whitespace = true
--- a/.env.development
+++ b/.env.development
@ -1,4 +0,0 @@
 # Required by ActiveRecord encryption feature
 ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=fkSxKD2bF396kdQbrP1EJ7WbU7ZgNokR
 ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=r0hvVmzBVsjxC7AMlwhOzmtc36ZCOS1E
 ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=PhdFyyfy5xJ7WVd2lWBpcPScRQHzRTNr
--- a/.env.production.sample
+++ b/.env.production.sample
@ -1,5 +1,5 @@
 # This is a sample configuration file. You can generate your configuration
-# with the `bundle exec rails mastodon:setup` interactive setup wizard, but to customize
+# with the `rake mastodon:setup` interactive setup wizard, but to customize
 # your setup even further, you'll need to edit it manually. This sample does
 # not demonstrate all available configuration options. Please look at
 # https://docs.joinmastodon.org/admin/config/ for the full documentation.
@ -40,25 +40,14 @@ ES_PASS=password
 # Secrets
 # -------
-# Make sure to use `bundle exec rails secret` to generate secrets
+# Make sure to use `rake secret` to generate secrets
 # -------
 SECRET_KEY_BASE=
 OTP_SECRET=
 # Encryption secrets
 # ------------------
 # Must be available (and set to same values) for all server processes
 # These are private/secret values, do not share outside hosting environment
 # Use `bin/rails db:encryption:init` to generate fresh secrets
 # Do not change these secrets once in use, as this would cause data loss and other issues
 # ------------------
 # ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=
 # ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=
 # ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=
 # Web Push
 # --------
-# Generate with `bundle exec rails mastodon:webpush:generate_vapid_key`
+# Generate with `rake mastodon:webpush:generate_vapid_key`
 # --------
 VAPID_PRIVATE_KEY=
 VAPID_PUBLIC_KEY=
--- a/.env.test
+++ b/.env.test
@ -1,11 +1,5 @@
-# In test, compile the NodeJS code as if we are in production
+# Node.js
-NODE_ENV=production
+NODE_ENV=tests
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
 # Secret values required by ActiveRecord encryption feature
 # Use `bin/rails db:encryption:init` to generate fresh secrets
 ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=test_determinist_key_DO_NOT_USE_IN_PRODUCTION
 ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=test_salt_DO_NOT_USE_IN_PRODUCTION
 ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=test_primary_key_DO_NOT_USE_IN_PRODUCTION
--- a/.env.vagrant
+++ b/.env.vagrant
@ -2,7 +2,3 @@ VAGRANT=true
 LOCAL_DOMAIN=mastodon.local
 BIND=0.0.0.0
 DB_HOST=/var/run/postgresql/
 ES_ENABLED=true
 ES_HOST=localhost
 ES_PORT=9200
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -1,69 +1,75 @@
-// @ts-check
+module.exports = {
 const { defineConfig } = require('eslint-define-config');
 module.exports = defineConfig({
  root: true,
  extends: [
    'eslint:recommended',
    'plugin:react/recommended',
    'plugin:react-hooks/recommended',
    'plugin:jsx-a11y/recommended',
    'plugin:import/recommended',
    'plugin:promise/recommended',
    'plugin:jsdoc/recommended',
  ],
  env: {
    browser: true,
    node: true,
    es6: true,
    jest: true,
  },
-  parser: '@typescript-eslint/parser',
+  globals: {
    ATTACHMENT_HOST: false,
  },
  parser: '@babel/eslint-parser',
  plugins: [
    'react',
    'jsx-a11y',
    'import',
    'promise',
    '@typescript-eslint',
    'formatjs',
  ],
  parserOptions: {
    sourceType: 'module',
    ecmaFeatures: {
      experimentalObjectRestSpread: true,
      jsx: true,
    },
    ecmaVersion: 2021,
    requireConfigFile: false,
    babelOptions: {
      configFile: false,
      presets: ['@babel/react', '@babel/env'],
    },
  },
  settings: {
    react: {
      version: 'detect',
    },
    'import/extensions': [
      '.js',
    ],
    'import/ignore': [
      'node_modules',
      '\\.(css|scss|json)$',
    ],
    'import/resolver': {
-      typescript: {},
+      node: {
        paths: ['app/javascript'],
      },
    },
  },
  rules: {
    'brace-style': 'warn',
    'comma-dangle': ['error', 'always-multiline'],
    'comma-spacing': [
      'warn',
      {
        before: false,
        after: true,
      },
    ],
    'comma-style': ['warn', 'last'],
    'consistent-return': 'error',
    'dot-notation': 'error',
-    eqeqeq: ['error', 'always', { 'null': 'ignore' }],
+    eqeqeq: 'error',
-    'indent': ['error', 2],
+    indent: ['warn', 2],
    'jsx-quotes': ['error', 'prefer-single'],
    'semi': ['error', 'always'],
    'no-case-declarations': 'off',
    'no-catch-shadow': 'error',
    'no-console': [
@ -75,49 +81,52 @@ module.exports = defineConfig({
        ],
      },
    ],
-    'no-empty': ['error', { "allowEmptyCatch": true }],
+    'no-empty': 'off',
    'no-restricted-properties': [
      'error',
      { property: 'substring', message: 'Use .slice instead of .substring.' },
      { property: 'substr', message: 'Use .slice instead of .substr.' },
    ],
-    'no-restricted-syntax': [
+    'no-self-assign': 'off',
-      'error',
+    'no-trailing-spaces': 'warn',
      {
        // eslint-disable-next-line no-restricted-syntax
        selector: 'Literal[value=/•/], JSXText[value=/•/]',
        // eslint-disable-next-line no-restricted-syntax
        message: "Use '·' (middle dot) instead of '•' (bullet)",
      },
    ],
    'no-unused-expressions': 'error',
-    'no-unused-vars': 'off',
+    'no-unused-vars': [
    '@typescript-eslint/no-unused-vars': [
      'error',
      {
        vars: 'all',
        args: 'after-used',
        destructuredArrayIgnorePattern: '^_',
        ignoreRestSiblings: true,
      },
    ],
    'no-useless-escape': 'off',
    'object-curly-spacing': ['error', 'always'],
    'padded-blocks': [
      'error',
      {
        classes: 'always',
      },
    ],
    quotes: ['error', 'single'],
    semi: 'error',
    'valid-typeof': 'error',
    'react/jsx-filename-extension': ['error', { extensions: ['.jsx', 'tsx'] }],
    'react/jsx-boolean-value': 'error',
    'react/jsx-closing-bracket-location': ['error', 'line-aligned'],
    'react/jsx-curly-spacing': 'error',
    'react/display-name': 'off',
    'react/jsx-fragments': ['error', 'syntax'],
    'react/jsx-equals-spacing': 'error',
    'react/jsx-first-prop-new-line': ['error', 'multiline-multiprop'],
    'react/jsx-indent': ['error', 2],
    'react/jsx-no-bind': 'error',
    'react/jsx-no-useless-fragment': 'error',
    'react/jsx-no-target-blank': 'off',
    'react/jsx-tag-spacing': 'error',
    'react/jsx-uses-react': 'off', // not needed with new JSX transform
    'react/jsx-wrap-multilines': 'error',
-    'react/react-in-jsx-scope': 'off', // not needed with new JSX transform
+    'react/no-deprecated': 'off',
    'react/no-unknown-property': 'off',
    'react/self-closing-comp': 'error',
-    // recommended values found in https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/v6.8.0/src/index.js#L46
+    // recommended values found in https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/blob/main/src/index.js
    'jsx-a11y/accessible-emoji': 'warn',
    'jsx-a11y/click-events-have-key-events': 'off',
    'jsx-a11y/label-has-associated-control': 'off',
    'jsx-a11y/media-has-caption': 'off',
@ -132,6 +141,23 @@ module.exports = defineConfig({
    // ],
    'jsx-a11y/no-interactive-element-to-noninteractive-role': 'off',
    // recommended rule is:
    // 'jsx-a11y/no-noninteractive-element-interactions': [
    //   'error',
    //   {
    //     body: ['onError', 'onLoad'],
    //     iframe: ['onError', 'onLoad'],
    //     img: ['onError', 'onLoad'],
    //   },
    // ],
    'jsx-a11y/no-noninteractive-element-interactions': [
      'warn',
      {
        handlers: [
          'onClick',
        ],
      },
    ],
    // recommended rule is:
    // 'jsx-a11y/no-noninteractive-tabindex': [
    //   'error',
    //   {
@ -141,6 +167,7 @@ module.exports = defineConfig({
    //   },
    // ],
    'jsx-a11y/no-noninteractive-tabindex': 'off',
    'jsx-a11y/no-onchange': 'warn',
    // recommended is full 'error'
    'jsx-a11y/no-static-element-interactions': [
      'warn',
@ -151,218 +178,32 @@ module.exports = defineConfig({
      },
    ],
    // See https://github.com/import-js/eslint-plugin-import/blob/v2.29.1/config/recommended.js
    'import/extensions': [
      'error',
      'always',
      {
        js: 'never',
        jsx: 'never',
        mjs: 'never',
        ts: 'never',
        tsx: 'never',
      },
    ],
    'import/first': 'error',
    'import/newline-after-import': 'error',
    'import/no-anonymous-default-export': 'error',
    'import/no-extraneous-dependencies': [
      'error',
      {
        devDependencies: [
          '.eslintrc.js',
          'config/webpack/**',
          'app/javascript/mastodon/performance.js',
          'app/javascript/mastodon/test_setup.js',
          'app/javascript/**/__tests__/**',
        ],
      },
    ],
-    'import/no-amd': 'error',
+    'import/no-unresolved': 'error',
    'import/no-commonjs': 'error',
    'import/no-import-module-exports': 'error',
    'import/no-relative-packages': 'error',
    'import/no-self-import': 'error',
    'import/no-useless-path-segments': 'error',
    'import/no-webpack-loader-syntax': 'error',
    'import/order': [
      'error',
      {
        alphabetize: { order: 'asc' },
        'newlines-between': 'always',
        groups: [
          'builtin',
          'external',
          'internal',
          'parent',
          ['index', 'sibling'],
          'object',
        ],
        pathGroups: [
          // React core packages
          {
            pattern: '{react,react-dom,react-dom/client,prop-types}',
            group: 'builtin',
            position: 'after',
          },
          // I18n
          {
            pattern: '{react-intl,intl-messageformat}',
            group: 'builtin',
            position: 'after',
          },
          // Common React utilities
          {
            pattern: '{classnames,react-helmet,react-router,react-router-dom}',
            group: 'external',
            position: 'before',
          },
          // Immutable / Redux / data store
          {
            pattern: '{immutable,@reduxjs/toolkit,react-redux,react-immutable-proptypes,react-immutable-pure-component}',
            group: 'external',
            position: 'before',
          },
          // Internal packages
          {
            pattern: '{mastodon/**}',
            group: 'internal',
            position: 'after',
          },
        ],
        pathGroupsExcludedImportTypes: [],
      },
    ],
    'promise/always-return': 'off',
    'promise/catch-or-return': [
      'error',
      {
        allowFinally: true,
      },
    ],
    'promise/no-callback-in-promise': 'off',
    'promise/no-nesting': 'off',
    'promise/no-promise-in-callback': 'off',
    'formatjs/blocklist-elements': 'error',
    'formatjs/enforce-default-message': ['error', 'literal'],
    'formatjs/enforce-description': 'off', // description values not currently used
    'formatjs/enforce-id': 'off', // Explicit IDs are used in the project
    'formatjs/enforce-placeholders': 'off', // Issues in short_number.jsx
    'formatjs/enforce-plural-rules': 'error',
    'formatjs/no-camel-case': 'off', // disabledAccount is only non-conforming
    'formatjs/no-complex-selectors': 'error',
    'formatjs/no-emoji': 'error',
    'formatjs/no-id': 'off', // IDs are used for translation keys
    'formatjs/no-invalid-icu': 'error',
    'formatjs/no-literal-string-in-jsx': 'off', // Should be looked at, but mainly flagging punctuation outside of strings
    'formatjs/no-multiple-whitespaces': 'error',
    'formatjs/no-offset': 'error',
    'formatjs/no-useless-message': 'error',
    'formatjs/prefer-formatted-message': 'error',
    'formatjs/prefer-pound-in-plural': 'error',
    'jsdoc/check-types': 'off',
    'jsdoc/no-undefined-types': 'off',
    'jsdoc/require-jsdoc': 'off',
    'jsdoc/require-param-description': 'off',
    'jsdoc/require-property-description': 'off',
    'jsdoc/require-returns-description': 'off',
    'jsdoc/require-returns': 'off',
  },
-
+};
  overrides: [
    {
      files: [
        '.eslintrc.js',
        '*.config.js',
        '.*rc.js',
        'ide-helper.js',
        'config/webpack/**/*',
        'config/formatjs-formatter.js',
      ],
      env: {
        commonjs: true,
      },
      parserOptions: {
        sourceType: 'script',
      },
      rules: {
        'import/no-commonjs': 'off',
      },
    },
    {
      files: [
        '**/*.ts',
        '**/*.tsx',
      ],
      extends: [
        'eslint:recommended',
        'plugin:@typescript-eslint/strict-type-checked',
        'plugin:@typescript-eslint/stylistic-type-checked',
        'plugin:react/recommended',
        'plugin:react-hooks/recommended',
        'plugin:jsx-a11y/recommended',
        'plugin:import/recommended',
        'plugin:import/typescript',
        'plugin:promise/recommended',
        'plugin:jsdoc/recommended-typescript',
      ],
      parserOptions: {
        projectService: true,
        tsconfigRootDir: __dirname,
      },
      rules: {
        // Disable formatting rules that have been enabled in the base config
        'indent': 'off',
        // This is not needed as we use noImplicitReturns, which handles this in addition to understanding types
        'consistent-return': 'off',
        'import/consistent-type-specifier-style': ['error', 'prefer-top-level'],
        '@typescript-eslint/consistent-type-definitions': ['warn', 'interface'],
        '@typescript-eslint/consistent-type-exports': 'error',
        '@typescript-eslint/consistent-type-imports': 'error',
        "@typescript-eslint/prefer-nullish-coalescing": ['error', { ignorePrimitives: { boolean: true } }],
        "@typescript-eslint/no-restricted-imports": [
          "warn",
          {
            "name": "react-redux",
            "importNames": ["useSelector", "useDispatch"],
            "message": "Use typed hooks `useAppDispatch` and `useAppSelector` instead."
          }
        ],
        "@typescript-eslint/restrict-template-expressions": ['warn', { allowNumber: true }],
        'jsdoc/require-jsdoc': 'off',
        // Those rules set stricter rules for TS files
        // to enforce better practices when converting from JS
        'import/no-default-export': 'warn',
        'react/prefer-stateless-function': 'warn',
        'react/function-component-definition': ['error', { namedComponents: 'arrow-function' }],
        'react/jsx-uses-react': 'off', // not needed with new JSX transform
        'react/react-in-jsx-scope': 'off', // not needed with new JSX transform
        'react/prop-types': 'off',
      },
    },
    {
      files: [
        '**/__tests__/*.js',
        '**/__tests__/*.jsx',
      ],
      env: {
        jest: true,
      },
    }
  ],
 });
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -0,0 +1,3 @@
 patreon: mastodon
 open_collective: mastodon
 custom: https://sponsor.joinmastodon.org
--- a/.github/ISSUE_TEMPLATE/1.bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1.bug_report.yml
@ -0,0 +1,56 @@
 name: Bug Report
 description: If something isn't working as expected
 labels: [bug]
 body:
  - type: markdown
    attributes:
      value: |
        Make sure that you are submitting a new bug that was not previously reported or already fixed.
        Please use a concise and distinct title for the issue.
  - type: textarea
    attributes:
      label: Steps to reproduce the problem
      description: What were you trying to do?
      value: |
        1.
        2.
        3.
        ...
    validations:
      required: true
  - type: input
    attributes:
      label: Expected behaviour
      description: What should have happened?
    validations:
      required: true
  - type: input
    attributes:
      label: Actual behaviour
      description: What happened?
    validations:
      required: true
  - type: textarea
    attributes:
      label: Detailed description
    validations:
      required: false
  - type: textarea
    attributes:
      label: Specifications
      description: |
        What version or commit hash of Mastodon did you find this bug in?
        If a front-end issue, what browser and operating systems were you using?
      placeholder: |
        Mastodon 3.5.3 (or Edge)
        Ruby 2.7.6 (or v3.1.2)
        Node.js 16.18.0
        Google Chrome 106.0.5249.119
        Firefox 105.0.3
        etc...
    validations:
      required: true
--- a/.github/ISSUE_TEMPLATE/1.web_bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1.web_bug_report.yml
@ -1,76 +0,0 @@
 name: Bug Report (Web Interface)
 description: If you are using Mastodon's web interface and something is not working as expected
 labels: [bug, 'status/to triage', 'area/web interface']
 body:
  - type: markdown
    attributes:
      value: |
        Make sure that you are submitting a new bug that was not previously reported or already fixed.
        Please use a concise and distinct title for the issue.
  - type: textarea
    attributes:
      label: Steps to reproduce the problem
      description: What were you trying to do?
      value: |
        1.
        2.
        3.
        ...
    validations:
      required: true
  - type: input
    attributes:
      label: Expected behaviour
      description: What should have happened?
    validations:
      required: true
  - type: input
    attributes:
      label: Actual behaviour
      description: What happened?
    validations:
      required: true
  - type: textarea
    attributes:
      label: Detailed description
    validations:
      required: false
  - type: input
    attributes:
      label: Mastodon instance
      description: The address of the Mastodon instance where you experienced the issue
      placeholder: mastodon.social
    validations:
      required: true
  - type: input
    attributes:
      label: Mastodon version
      description: |
        This is displayed at the bottom of the About page, eg. `v4.1.2+nightly-20230627`
      placeholder: v4.1.2
    validations:
      required: true
  - type: input
    attributes:
      label: Browser name and version
      description: |
        What browser are you using when getting this bug? Please specify the version as well.
      placeholder: Firefox 105.0.3
    validations:
      required: true
  - type: input
    attributes:
      label: Operating system
      description: |
        What OS are you running? Please specify the version as well.
      placeholder: macOS 13.4.1
    validations:
      required: true
  - type: textarea
    attributes:
      label: Technical details
      description: |
        Any additional technical details you may have. This can include the full error log, inspector's output…
    validations:
      required: false
--- a/.github/ISSUE_TEMPLATE/2.feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/2.feature_request.yml
--- a/.github/ISSUE_TEMPLATE/2.server_bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/2.server_bug_report.yml
@ -1,65 +0,0 @@
 name: Bug Report (server / API)
 description: |
  If something is not working as expected, but is not from using the web interface.
 labels: [bug, 'status/to triage']
 body:
  - type: markdown
    attributes:
      value: |
        Make sure that you are submitting a new bug that was not previously reported or already fixed.
        Please use a concise and distinct title for the issue.
  - type: textarea
    attributes:
      label: Steps to reproduce the problem
      description: What were you trying to do?
      value: |
        1.
        2.
        3.
        ...
    validations:
      required: true
  - type: input
    attributes:
      label: Expected behaviour
      description: What should have happened?
    validations:
      required: true
  - type: input
    attributes:
      label: Actual behaviour
      description: What happened?
    validations:
      required: true
  - type: textarea
    attributes:
      label: Detailed description
    validations:
      required: false
  - type: input
    attributes:
      label: Mastodon instance
      description: The address of the Mastodon instance where you experienced the issue
      placeholder: mastodon.social
    validations:
      required: false
  - type: input
    attributes:
      label: Mastodon version
      description: |
        This is displayed at the bottom of the About page, eg. `v4.1.2+nightly-20230627`
      placeholder: v4.1.2
    validations:
      required: false
  - type: textarea
    attributes:
      label: Technical details
      description: |
        Any additional technical details you may have, like logs or error traces
      value: |
        If this is happening on your own Mastodon server, please fill out those:
        - Ruby version: (from `ruby --version`, eg. v3.1.2)
        - Node.js version: (from `node --version`, eg. v18.16.0)
    validations:
      required: false
--- a/.github/actions/setup-javascript/action.yml
+++ b/.github/actions/setup-javascript/action.yml
@ -1,42 +0,0 @@
 name: 'Setup Javascript'
 description: 'Setup a Javascript environment ready to run the Mastodon code'
 inputs:
  onlyProduction:
    description: Only install production dependencies
    default: 'false'
 runs:
  using: 'composite'
  steps:
    - name: Set up Node.js
      uses: actions/setup-node@v4
      with:
        node-version-file: '.nvmrc'
    # The following is needed because we can not use `cache: true` for `setup-node`, as it does not support Corepack yet and mess up with the cache location if ran after Node is installed
    - name: Enable corepack
      shell: bash
      run: corepack enable
    - name: Get yarn cache directory path
      id: yarn-cache-dir-path
      shell: bash
      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
    - uses: actions/cache@v4
      id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
      with:
        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
        key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
        restore-keys: |
          ${{ runner.os }}-yarn-
    - name: Install all yarn packages
      shell: bash
      run: yarn install --immutable
      if: inputs.onlyProduction == 'false'
    - name: Install all production yarn packages
      shell: bash
      run: yarn workspaces focus --production
      if: inputs.onlyProduction != 'false'
--- a/.github/actions/setup-ruby/action.yml
+++ b/.github/actions/setup-ruby/action.yml
@ -1,23 +0,0 @@
 name: 'Setup RUby'
 description: 'Setup a Ruby environment ready to run the Mastodon code'
 inputs:
  ruby-version:
    description: The Ruby version to install
    default: '.ruby-version'
  additional-system-dependencies:
    description: 'Additional packages to install'
 runs:
  using: 'composite'
  steps:
    - name: Install system dependencies
      shell: bash
      run: |
        sudo apt-get update
        sudo apt-get install -y libicu-dev libidn11-dev libvips42 ${{ inputs.additional-system-dependencies }}
    - name: Set up Ruby
      uses: ruby/setup-ruby@v1
      with:
        ruby-version: ${{ inputs.ruby-version }}
        bundler-cache: true
--- a/.github/codecov.yml
+++ b/.github/codecov.yml
@ -1,13 +0,0 @@
 comment: false # Do not leave PR comments
 coverage:
  status:
    project:
      default:
        # GitHub status check is not blocking
        informational: true
    patch:
      default:
        # GitHub status check is not blocking
        informational: true
 github_checks:
  annotations: false
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,30 @@
 # To get started with Dependabot version updates, you'll need to specify which
 # package ecosystems to update and where the package manifests are located.
 # Please see the documentation for all configuration options:
 # https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
 version: 2
 updates:
  - package-ecosystem: npm
    directory: '/'
    schedule:
      interval: weekly
    open-pull-requests-limit: 99
    allow:
      - dependency-type: direct
  - package-ecosystem: bundler
    directory: '/'
    schedule:
      interval: weekly
    open-pull-requests-limit: 99
    allow:
      - dependency-type: direct
  - package-ecosystem: github-actions
    directory: '/'
    schedule:
      interval: weekly
    open-pull-requests-limit: 99
    allow:
      - dependency-type: direct
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@ -1,158 +0,0 @@
 {
  $schema: 'https://docs.renovatebot.com/renovate-schema.json',
  extends: [
    'config:recommended',
    'customManagers:dockerfileVersions',
    ':labels(dependencies)',
    ':prConcurrentLimitNone', // Remove limit for open PRs at any time.
    ':prHourlyLimit2', // Rate limit PR creation to a maximum of two per hour.
  ],
  rebaseWhen: 'conflicted',
  minimumReleaseAge: '3', // Wait 3 days after the package has been published before upgrading it
  // packageRules order is important, they are applied from top to bottom and are merged,
  // meaning the most important ones must be at the bottom, for example grouping rules
  // If we do not want a package to be grouped with others, we need to set its groupName
  // to `null` after any other rule set it to something.
  dependencyDashboardHeader: 'This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. Before approving any upgrade: read the description and comments in the [`renovate.json5` file](https://github.com/mastodon/mastodon/blob/main/.github/renovate.json5).',
  postUpdateOptions: ['yarnDedupeHighest'],
  packageRules: [
    {
      // Require Dependency Dashboard Approval for major version bumps of these node packages
      matchManagers: ['npm'],
      matchPackageNames: [
        'tesseract.js', // Requires code changes
        'react-hotkeys', // Requires code changes
        // Requires Webpacker upgrade or replacement
        '@svgr/webpack',
        '@types/webpack',
        'babel-loader',
        'compression-webpack-plugin',
        'css-loader',
        'imports-loader',
        'mini-css-extract-plugin',
        'postcss-loader',
        'sass-loader',
        'terser-webpack-plugin',
        'webpack',
        'webpack-assets-manifest',
        'webpack-bundle-analyzer',
        'webpack-dev-server',
        'webpack-cli',
        // react-router: Requires manual upgrade
        'history',
        'react-router-dom',
      ],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Require Dependency Dashboard Approval for major version bumps of these Ruby packages
      matchManagers: ['bundler'],
      matchPackageNames: [
        'rack', // Needs to be synced with Rails version
        'strong_migrations', // Requires manual upgrade
        'sidekiq', // Requires manual upgrade
        'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version
        'redis', // Requires manual upgrade and sync with Sidekiq version
      ],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Update GitHub Actions and Docker images weekly
      matchManagers: ['github-actions', 'dockerfile', 'docker-compose'],
      extends: ['schedule:weekly'],
    },
    {
      // Require Dependency Dashboard Approval for major & minor bumps for the ruby image, this needs to be synced with .ruby-version
      matchManagers: ['dockerfile'],
      matchPackageNames: ['moritzheiber/ruby-jemalloc'],
      matchUpdateTypes: ['minor', 'major'],
      dependencyDashboardApproval: true,
    },
    {
      // Require Dependency Dashboard Approval for major bumps for the node image, this needs to be synced with .nvmrc
      matchManagers: ['dockerfile'],
      matchPackageNames: ['node'],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Require Dependency Dashboard Approval for major postgres bumps in the docker-compose file, as those break dev environments
      matchManagers: ['docker-compose'],
      matchPackageNames: ['postgres'],
      matchUpdateTypes: ['major'],
      dependencyDashboardApproval: true,
    },
    {
      // Update devDependencies every week, with one grouped PR
      matchManagers: ['npm'],
      matchDepTypes: 'devDependencies',
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'devDependencies (non-major)',
      extends: ['schedule:weekly'],
    },
    {
      // Group all eslint-related packages with `eslint` in the same PR
      matchManagers: ['npm'],
      matchPackageNames: ['eslint', 'eslint-*', '@typescript-eslint/*'],
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'eslint (non-major)',
    },
    {
      // Group actions/*-artifact in the same PR
      matchManagers: ['github-actions'],
      matchPackageNames: [
        'actions/download-artifact',
        'actions/upload-artifact',
      ],
      matchUpdateTypes: ['major'],
      groupName: 'artifact actions (major)',
    },
    {
      // Update @types/* packages every week, with one grouped PR
      matchManagers: ['npm'],
      matchPackageNames: '@types/*',
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'DefinitelyTyped types (non-major)',
      extends: ['schedule:weekly'],
      addLabels: ['typescript'],
    },
    {
      // We want those packages to always have their own PR
      matchManagers: ['npm'],
      matchPackageNames: [
        'typescript', // Typescript has code-impacting changes in minor versions
      ],
      groupName: null, // We dont want them to belong to any group
    },
    {
      // Group all RuboCop packages with `rubocop` in the same PR
      matchManagers: ['bundler'],
      matchPackageNames: ['rubocop', 'rubocop-*'],
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'RuboCop (non-major)',
    },
    {
      // Group all RSpec packages with `rspec` in the same PR
      matchManagers: ['bundler'],
      matchPackageNames: ['rspec', 'rspec-*'],
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'RSpec (non-major)',
    },
    {
      // Group all opentelemetry-ruby packages in the same PR
      matchManagers: ['bundler'],
      matchPackageNames: ['opentelemetry-*'],
      matchUpdateTypes: ['patch', 'minor'],
      groupName: 'opentelemetry-ruby (non-major)',
    },
    // Add labels depending on package manager
    { matchManagers: ['npm', 'nvm'], addLabels: ['javascript'] },
    { matchManagers: ['bundler', 'ruby-version'], addLabels: ['ruby'] },
    { matchManagers: ['docker-compose', 'dockerfile'], addLabels: ['docker'] },
    { matchManagers: ['github-actions'], addLabels: ['github_actions'] },
  ],
 }
--- a/.github/stylelint-matcher.json
+++ b/.github/stylelint-matcher.json
@ -0,0 +1,21 @@
 {
  "problemMatcher": [
    {
      "owner": "stylelint",
      "pattern": [
        {
          "regexp": "^([^\\s].*)$",
          "file": 1
        },
        {
          "regexp": "^\\s+((\\d+):(\\d+))?\\s+(✖|×)\\s+(.*)\\s{2,}(.*)$",
          "line": 2,
          "column": 3,
          "message": 5,
          "code": 6,
          "loop": true
        }
      ]
    }
  ]
 }
--- a/.github/workflows/build-container-image.yml
+++ b/.github/workflows/build-container-image.yml
@ -11,30 +11,24 @@ on:
        type: boolean
      push_to_images:
        type: string
      version_prerelease:
        type: string
      version_metadata:
        type: string
      flavor:
        type: string
      tags:
        type: string
      labels:
        type: string
      file_to_build:
        type: string
 jobs:
  build-image:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
-      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-qemu-action@v2
        if: contains(inputs.platforms, 'linux/arm64') && !inputs.use_native_arm64_builder
-      - uses: docker/setup-buildx-action@v3
+      - uses: docker/setup-buildx-action@v2
        id: buildx
        if: ${{ !(inputs.use_native_arm64_builder && contains(inputs.platforms, 'linux/arm64')) }}
@ -43,7 +37,7 @@ jobs:
        run: |
          docker run --rm -d --name buildkitd -p 1234:1234 --privileged moby/buildkit:latest --addr tcp://0.0.0.0:1234
-      - uses: docker/setup-buildx-action@v3
+      - uses: docker/setup-buildx-action@v2
        id: buildx-native
        if: inputs.use_native_arm64_builder && contains(inputs.platforms, 'linux/arm64')
        with:
@ -63,20 +57,20 @@ jobs:
      - name: Log in to Docker Hub
        if: contains(inputs.push_to_images, 'tootsuite')
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Log in to the GitHub Container registry
+      - name: Log in to the Github Container registry
        if: contains(inputs.push_to_images, 'ghcr.io')
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
-      - uses: docker/metadata-action@v5
+      - uses: docker/metadata-action@v4
        id: meta
        if: ${{ inputs.push_to_images != '' }}
        with:
@ -85,13 +79,9 @@ jobs:
          tags: ${{ inputs.tags }}
          labels: ${{ inputs.labels }}
-      - uses: docker/build-push-action@v6
+      - uses: docker/build-push-action@v4
        with:
          context: .
          file: ${{ inputs.file_to_build }}
          build-args: |
            MASTODON_VERSION_PRERELEASE=${{ inputs.version_prerelease }}
            MASTODON_VERSION_METADATA=${{ inputs.version_metadata }}
          platforms: ${{ inputs.platforms }}
          provenance: false
          builder: ${{ steps.buildx.outputs.name || steps.buildx-native.outputs.name }}
--- a/.github/workflows/build-nightly.yml
+++ b/.github/workflows/build-nightly.yml
@ -1,66 +0,0 @@
 name: Build nightly container image
 on:
  workflow_dispatch:
  schedule:
    - cron: '0 2 * * *' # run at 2 AM UTC
 permissions:
  contents: read
  packages: write
 jobs:
  compute-suffix:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    steps:
      - id: version_vars
        env:
          TZ: Etc/UTC
        run: |
          echo mastodon_version_prerelease=nightly.$(date +'%Y-%m-%d')>> $GITHUB_OUTPUT
    outputs:
      prerelease: ${{ steps.version_vars.outputs.mastodon_version_prerelease }}
  build-image:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      cache: false
      push_to_images: |
        tootsuite/mastodon
        ghcr.io/mastodon/mastodon
      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
      labels: |
        org.opencontainers.image.description=Nightly build image used for testing purposes
      flavor: |
        latest=auto
      tags: |
        type=raw,value=edge
        type=raw,value=nightly
        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
    secrets: inherit
  build-image-streaming:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: streaming/Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      cache: false
      push_to_images: |
        tootsuite/mastodon-streaming
        ghcr.io/mastodon/mastodon-streaming
      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
      labels: |
        org.opencontainers.image.description=Nightly build image used for testing purposes
      flavor: |
        latest=auto
      tags: |
        type=raw,value=edge
        type=raw,value=nightly
        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
    secrets: inherit
--- a/.github/workflows/build-push-pr.yml
+++ b/.github/workflows/build-push-pr.yml
@ -1,62 +0,0 @@
 name: Build container image for PR
 on:
  pull_request:
    types: [labeled, synchronize, reopened, ready_for_review, opened]
 permissions:
  contents: read
  packages: write
 jobs:
  compute-suffix:
    runs-on: ubuntu-latest
    # This is only allowed to run if:
    # - the PR branch is in the `mastodon/mastodon` repository
    # - the PR is not a draft
    # - the PR has the "build-image" label
    if: ${{ github.event.pull_request.head.repo.full_name == github.repository && !github.event.pull_request.draft && contains(github.event.pull_request.labels.*.name, 'build-image') }}
    steps:
      # Repository needs to be cloned so `git rev-parse` below works
      - name: Clone repository
        uses: actions/checkout@v4
      - id: version_vars
        run: |
          echo mastodon_version_metadata=pr-${{ github.event.pull_request.number }}-$(git rev-parse --short ${{github.event.pull_request.head.sha}}) >> $GITHUB_OUTPUT
          echo mastodon_short_sha=$(git rev-parse --short ${{github.event.pull_request.head.sha}}) >> $GITHUB_OUTPUT
    outputs:
      metadata: ${{ steps.version_vars.outputs.mastodon_version_metadata }}
      short_sha: ${{ steps.version_vars.outputs.mastodon_short_sha }}
  build-image:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      push_to_images: |
        ghcr.io/mastodon/mastodon
      version_metadata: ${{ needs.compute-suffix.outputs.metadata }}
      flavor: |
        latest=auto
      tags: |
        type=ref,event=pr
        type=ref,event=pr,suffix=-${{ needs.compute-suffix.outputs.short_sha }}
    secrets: inherit
  build-image-streaming:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: streaming/Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      push_to_images: |
        ghcr.io/mastodon/mastodon-streaming
      version_metadata: ${{ needs.compute-suffix.outputs.metadata }}
      flavor: |
        latest=auto
      tags: |
        type=ref,event=pr
        type=ref,event=pr,suffix=-${{ needs.compute-suffix.outputs.short_sha }}
    secrets: inherit
--- a/.github/workflows/build-releases.yml
+++ b/.github/workflows/build-releases.yml
@ -12,7 +12,6 @@ jobs:
  build-image:
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      push_to_images: |
@ -20,31 +19,8 @@ jobs:
        ghcr.io/mastodon/mastodon
      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
      cache: false
      # Only tag with latest when ran against the latest stable branch
      # This needs to be updated after each minor version release
      flavor: |
-        latest=${{ startsWith(github.ref, 'refs/tags/v4.3.') }}
+        latest=false
      tags: |
        type=pep440,pattern={{raw}}
        type=pep440,pattern=v{{major}}.{{minor}}
    secrets: inherit
  build-image-streaming:
    if: startsWith(github.ref, 'refs/tags/v4.3.')
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: streaming/Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      push_to_images: |
        tootsuite/mastodon-streaming
        ghcr.io/mastodon/mastodon-streaming
      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
      cache: false
      # Only tag with latest when ran against the latest stable branch
      # This needs to be updated after each minor version release
      flavor: |
        latest=${{ startsWith(github.ref, 'refs/tags/v4.3.') }}
      tags: |
        type=pep440,pattern={{raw}}
        type=pep440,pattern=v{{major}}.{{minor}}
--- a/.github/workflows/build-security.yml
+++ b/.github/workflows/build-security.yml
@ -1,64 +0,0 @@
 name: Build security nightly container image
 on:
  workflow_dispatch:
 permissions:
  contents: read
  packages: write
 jobs:
  compute-suffix:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    steps:
      - id: version_vars
        env:
          TZ: Etc/UTC
        run: |
          echo mastodon_version_prerelease=nightly.$(date --date='next day' +'%Y-%m-%d')-security>> $GITHUB_OUTPUT
    outputs:
      prerelease: ${{ steps.version_vars.outputs.mastodon_version_prerelease }}
  build-image:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      cache: false
      push_to_images: |
        tootsuite/mastodon
        ghcr.io/mastodon/mastodon
      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
      labels: |
        org.opencontainers.image.description=Nightly build image used for testing purposes
      flavor: |
        latest=auto
      tags: |
        type=raw,value=edge
        type=raw,value=nightly
        type=raw,value=${{ needs.compute-suffix.outputs.prerelease }}
    secrets: inherit
  build-image-streaming:
    needs: compute-suffix
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: streaming/Dockerfile
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      cache: false
      push_to_images: |
        tootsuite/mastodon-streaming
        ghcr.io/mastodon/mastodon-streaming
      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
      labels: |
        org.opencontainers.image.description=Nightly build image used for testing purposes
      flavor: |
        latest=auto
      tags: |
        type=raw,value=edge
        type=raw,value=nightly
        type=raw,value=${{ needs.compute-suffix.outputs.prerelease }}
    secrets: inherit
--- a/.github/workflows/bundler-audit.yml
+++ b/.github/workflows/bundler-audit.yml
@ -1,39 +0,0 @@
 name: Bundler Audit
 on:
  merge_group:
  push:
    branches:
      - 'main'
      - 'stable-*'
    paths:
      - 'Gemfile*'
      - '.ruby-version'
      - '.github/workflows/bundler-audit.yml'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.ruby-version'
      - '.github/workflows/bundler-audit.yml'
  schedule:
    - cron: '0 5 * * 1'
 jobs:
  security:
    runs-on: ubuntu-latest
    env:
      BUNDLE_ONLY: development
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          bundler-cache: true
      - name: Run bundler-audit
        run: bundle exec bundler-audit check --update
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@ -2,13 +2,9 @@ name: Check i18n
 on:
  push:
-    branches:
+    branches: [main]
      - 'main'
      - 'stable-*'
  pull_request:
-    branches:
+    branches: [main]
      - 'main'
      - 'stable-*'
 env:
  RAILS_ENV: test
@ -18,35 +14,24 @@ permissions:
 jobs:
  check-i18n:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
-
+      - name: Install system dependencies
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
      - name: Check for missing strings in English JSON
        run: |
-          yarn i18n:extract --throws
+          sudo apt-get update
-          git diff --exit-code
+          sudo apt-get install -y libicu-dev libidn11-dev
-
+      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Check locale file normalization
        run: bundle exec i18n-tasks check-normalized
      - name: Check for unused strings
        run: bundle exec i18n-tasks unused
      - name: Check for missing strings in English YML
        run: |
          bundle exec i18n-tasks add-missing -l en
          git diff --exit-code
      - name: Check for wrong string interpolations
        run: bundle exec i18n-tasks check-consistent-interpolations
      - name: Check that all required locale files exist
        run: bundle exec rake repo:check_locales_files
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -1,15 +1,11 @@
 name: 'CodeQL'
 on:
  merge_group:
  push:
-    branches:
+    branches: ['main']
      - 'main'
      - 'stable-*'
  pull_request:
-    branches:
+    # The branches below must be a subset of the branches above
-      - 'main'
+    branches: ['main']
      - 'stable-*'
  schedule:
    - cron: '22 6 * * 1'
@ -31,11 +27,11 @@ jobs:
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v2
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
@ -48,7 +44,7 @@ jobs:
      # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)
      - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@v2
      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@ -61,6 +57,6 @@ jobs:
      #   ./location_of_script_within_repo/buildscript.sh
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v2
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/crowdin-download-stable.yml
+++ b/.github/workflows/crowdin-download-stable.yml
@ -1,69 +0,0 @@
 name: Crowdin / Download translations (stable branches)
 on:
  workflow_dispatch:
 permissions:
  contents: write
  pull-requests: write
 jobs:
  download-translations-stable:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Increase Git http.postBuffer
        # This is needed due to a bug in Ubuntu's cURL version?
        # See https://github.com/orgs/community/discussions/55820
        run: |
          git config --global http.version HTTP/1.1
          git config --global http.postBuffer 157286400
      # Download the translation files from Crowdin
      - name: crowdin action
        uses: crowdin/github-action@v2
        with:
          upload_sources: false
          upload_translations: false
          download_translations: true
          crowdin_branch_name: ${{ github.base_ref || github.ref_name }}
          push_translations: false
          create_pull_request: false
        env:
          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
      # As the files are extracted from a Docker container, they belong to root:root
      # We need to fix this before the next steps
      - name: Fix file permissions
        run: sudo chown -R runner:docker .
      # This is needed to run the normalize step
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
      - name: Run i18n normalize task
        run: bundle exec i18n-tasks normalize
      # Create or update the pull request
      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v7.0.5
        with:
          commit-message: 'New Crowdin translations'
          title: 'New Crowdin Translations for ${{ github.base_ref || github.ref_name }} (automated)'
          author: 'GitHub Actions <noreply@github.com>'
          body: |
            New Crowdin translations, automated with GitHub Actions
            See `.github/workflows/crowdin-download.yml`
            This PR will be updated every day with new translations.
            Due to a limitation in GitHub Actions, checks are not running on this PR without manual action.
            If you want to run the checks, then close and re-open it.
          branch: i18n/crowdin/translations-${{ github.base_ref || github.ref_name }}
          base: ${{ github.base_ref || github.ref_name }}
          labels: i18n
--- a/.github/workflows/crowdin-download.yml
+++ b/.github/workflows/crowdin-download.yml
@ -1,71 +0,0 @@
 name: Crowdin / Download translations
 on:
  schedule:
    - cron: '17 4 * * *' # Every day
  workflow_dispatch:
 permissions:
  contents: write
  pull-requests: write
 jobs:
  download-translations:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Increase Git http.postBuffer
        # This is needed due to a bug in Ubuntu's cURL version?
        # See https://github.com/orgs/community/discussions/55820
        run: |
          git config --global http.version HTTP/1.1
          git config --global http.postBuffer 157286400
      # Download the translation files from Crowdin
      - name: crowdin action
        uses: crowdin/github-action@v2
        with:
          upload_sources: false
          upload_translations: false
          download_translations: true
          crowdin_branch_name: main
          push_translations: false
          create_pull_request: false
        env:
          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
      # As the files are extracted from a Docker container, they belong to root:root
      # We need to fix this before the next steps
      - name: Fix file permissions
        run: sudo chown -R runner:docker .
      # This is needed to run the normalize step
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
      - name: Run i18n normalize task
        run: bundle exec i18n-tasks normalize
      # Create or update the pull request
      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v7.0.5
        with:
          commit-message: 'New Crowdin translations'
          title: 'New Crowdin Translations (automated)'
          author: 'GitHub Actions <noreply@github.com>'
          body: |
            New Crowdin translations, automated with GitHub Actions
            See `.github/workflows/crowdin-download.yml`
            This PR will be updated every day with new translations.
            Due to a limitation in GitHub Actions, checks are not running on this PR without manual action.
            If you want to run the checks, then close and re-open it.
          branch: i18n/crowdin/translations
          base: main
          labels: i18n
--- a/.github/workflows/crowdin-upload.yml
+++ b/.github/workflows/crowdin-upload.yml
@ -1,37 +0,0 @@
 name: Crowdin / Upload translations
 on:
  push:
    branches:
      - 'main'
      - 'stable-*'
    paths:
      - crowdin.yml
      - app/javascript/mastodon/locales/en.json
      - config/locales/en.yml
      - config/locales/simple_form.en.yml
      - config/locales/activerecord.en.yml
      - config/locales/devise.en.yml
      - config/locales/doorkeeper.en.yml
      - .github/workflows/crowdin-upload.yml
 jobs:
  upload-translations:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: crowdin action
        uses: crowdin/github-action@v2
        with:
          upload_sources: true
          upload_translations: false
          download_translations: false
          crowdin_branch_name: ${{ github.base_ref || github.ref_name }}
        env:
          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
--- a/.github/workflows/format-check.yml
+++ b/.github/workflows/format-check.yml
@ -1,22 +0,0 @@
 name: Check formatting
 on:
  merge_group:
  push:
    branches:
      - 'main'
      - 'stable-*'
  pull_request:
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
      - name: Check formatting with Prettier
        run: yarn format:check
--- a/.github/workflows/haml-lint-problem-matcher.json
+++ b/.github/workflows/haml-lint-problem-matcher.json
@ -1,17 +0,0 @@
 {
  "problemMatcher": [
    {
      "owner": "haml-lint",
      "severity": "warning",
      "pattern": [
        {
          "regexp": "^(.*):(\\d+)\\s\\[W]\\s(.*):\\s(.*)$",
          "file": 1,
          "line": 2,
          "code": 3,
          "message": 4
        }
      ]
    }
  ]
 }
--- a/.github/workflows/lint-css.yml
+++ b/.github/workflows/lint-css.yml
@ -1,14 +1,11 @@
 name: CSS Linting
 on:
  merge_group:
  push:
-    branches:
+    branches-ignore:
-      - 'main'
+      - 'dependabot/**'
      - 'stable-*'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
@ -20,7 +17,6 @@ on:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '.prettier*'
      - 'stylelint.config.js'
      - '**/*.css'
@ -34,10 +30,19 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
-      - name: Set up Javascript environment
+      - name: Set up Node.js
-        uses: ./.github/actions/setup-javascript
+        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - uses: xt0rted/stylelint-problem-matcher@v1
      - run: echo "::add-matcher::.github/stylelint-matcher.json"
      - name: Stylelint
-        run: yarn lint:css -f github
+        run: yarn test:lint:sass
--- a/.github/workflows/lint-haml.yml
+++ b/.github/workflows/lint-haml.yml
@ -1,46 +0,0 @@
 name: Haml Linting
 on:
  merge_group:
  push:
    branches:
      - 'main'
      - 'stable-*'
    paths:
      - '.github/workflows/haml-lint-problem-matcher.json'
      - '.github/workflows/lint-haml.yml'
      - '.haml-lint*.yml'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '**/*.haml'
      - 'Gemfile*'
  pull_request:
    paths:
      - '.github/workflows/haml-lint-problem-matcher.json'
      - '.github/workflows/lint-haml.yml'
      - '.haml-lint*.yml'
      - '.rubocop*.yml'
      - '.ruby-version'
      - '**/*.haml'
      - 'Gemfile*'
 jobs:
  lint:
    runs-on: ubuntu-latest
    env:
      BUNDLE_ONLY: development
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          bundler-cache: true
      - name: Run haml-lint
        run: |
          echo "::add-matcher::.github/workflows/haml-lint-problem-matcher.json"
          bundle exec haml-lint --reporter github
--- a/.github/workflows/lint-js.yml
+++ b/.github/workflows/lint-js.yml
@ -1,35 +1,23 @@
 name: JavaScript Linting
 on:
  merge_group:
  push:
-    branches:
+    branches-ignore:
-      - 'main'
+      - 'dependabot/**'
      - 'stable-*'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - 'tsconfig.json'
      - '.nvmrc'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '.github/workflows/lint-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - 'tsconfig.json'
      - '.nvmrc'
      - '.prettier*'
      - '.eslint*'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '.github/workflows/lint-js.yml'
 jobs:
@ -38,13 +26,15 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
-      - name: Set up Javascript environment
+      - name: Set up Node.js
-        uses: ./.github/actions/setup-javascript
+        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: ESLint
-        run: yarn lint:js --max-warnings 0
+        run: yarn test:lint:js
      - name: Typecheck
        run: yarn typecheck
--- a/.github/workflows/lint-json.yml
+++ b/.github/workflows/lint-json.yml
@ -0,0 +1,40 @@
 name: JSON Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.json'
      - '.github/workflows/lint-json.yml'
      - '!app/javascript/mastodon/locales/*.json'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn prettier --check "**/*.json"
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@ -1,51 +0,0 @@
 name: Ruby Linting
 on:
  merge_group:
  push:
    branches:
      - 'main'
      - 'stable-*'
    paths:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
      - 'config/brakeman.ignore'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
      - 'config/brakeman.ignore'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    env:
      BUNDLE_ONLY: development
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          bundler-cache: true
      - name: Set-up RuboCop Problem Matcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
      - name: Run rubocop
        run: bin/rubocop
      - name: Run brakeman
        if: always() # Run both checks, even if the first failed
        run: bin/brakeman
--- a/.github/workflows/lint-yml.yml
+++ b/.github/workflows/lint-yml.yml
@ -0,0 +1,42 @@
 name: YML Linting
 on:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.prettier*'
      - '**/*.yaml'
      - '**/*.yml'
      - '.github/workflows/lint-yml.yml'
      - '!config/locales/*.yml'
 jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn prettier --check "**/*.{yml,yaml}"
--- a/.github/workflows/rebase-needed.yml
+++ b/.github/workflows/rebase-needed.yml
@ -1,28 +1,17 @@
 name: PR Needs Rebase
 on:
-  schedule:
+  push:
-    - cron: '0 * * * *'
+  pull_request_target:
-
+    types: [synchronize]
 permissions:
  pull-requests: write
 jobs:
  label-rebase-needed:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}
      cancel-in-progress: true
    steps:
      - name: Check for merge conflicts
-        uses: eps1lon/actions-label-merge-conflict@v3
+        uses: eps1lon/actions-label-merge-conflict@releases/2.x
        with:
          dirtyLabel: 'rebase needed :construction:'
          repoToken: '${{ secrets.GITHUB_TOKEN }}'
          commentOnClean: This pull request has resolved merge conflicts and is ready for review.
          commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
          retryMax: 30
          continueOnMissingPermissions: false
--- a/.github/workflows/test-image-build.yml
+++ b/.github/workflows/test-image-build.yml
@ -1,13 +1,6 @@
 name: Test container image build
 on:
  pull_request:
    paths:
      - .github/workflows/build-nightly.yml
      - .github/workflows/build-push-pr.yml
      - .github/workflows/build-releases.yml
      - .github/workflows/test-image-build.yml
      - Dockerfile
      - streaming/Dockerfile
 permissions:
  contents: read
@ -19,17 +12,4 @@ jobs:
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: Dockerfile
      platforms: linux/amd64 # Testing only on native platform so it is performant
      cache: true
  build-image-streaming:
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}-streaming
      cancel-in-progress: true
    uses: ./.github/workflows/build-container-image.yml
    with:
      file_to_build: streaming/Dockerfile
      platforms: linux/amd64 # Testing only on native platform so it is performant
      cache: true
--- a/.github/workflows/test-js.yml
+++ b/.github/workflows/test-js.yml
@ -1,43 +0,0 @@
 name: JavaScript Testing
 on:
  merge_group:
  push:
    branches:
      - 'main'
      - 'stable-*'
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '**/*.snap'
      - '.github/workflows/test-js.yml'
  pull_request:
    paths:
      - 'package.json'
      - 'yarn.lock'
      - '.nvmrc'
      - '**/*.js'
      - '**/*.jsx'
      - '**/*.ts'
      - '**/*.tsx'
      - '**/*.snap'
      - '.github/workflows/test-js.yml'
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
        uses: actions/checkout@v4
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
      - name: JavaScript testing
        run: yarn jest --reporters github-actions summary
--- a/.github/workflows/test-migrations.yml
+++ b/.github/workflows/test-migrations.yml
@ -1,95 +0,0 @@
 name: Historical data migration test
 on:
  merge_group:
  push:
    branches:
      - 'main'
      - 'stable-*'
    paths:
      - 'Gemfile*'
      - '.ruby-version'
      - '**/*.rb'
      - '.github/workflows/test-migrations.yml'
      - 'lib/tasks/tests.rake'
  pull_request:
    paths:
      - 'Gemfile*'
      - '.ruby-version'
      - '**/*.rb'
      - '.github/workflows/test-migrations.yml'
      - 'lib/tasks/tests.rake'
 jobs:
  test:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        postgres:
          - 14-alpine
          - 15-alpine
          - 16-alpine
          - 17-alpine
    services:
      postgres:
        image: postgres:${{ matrix.postgres}}
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 6379:6379
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_CLEAN: true
      BUNDLE_FROZEN: true
      BUNDLE_WITHOUT: 'development:production'
      BUNDLE_JOBS: 3
      BUNDLE_RETRY: 3
    steps:
      - uses: actions/checkout@v4
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
      - name: Test "one step migration" flow
        run: |
          bin/rails db:drop
          bin/rails db:create
          bin/rails tests:migrations:prepare_database
          bin/rails db:migrate
          bin/rails tests:migrations:check_database
      - name: Test "two step migration" flow
        run: |
          bin/rails db:drop
          bin/rails db:create
          SKIP_POST_DEPLOYMENT_MIGRATIONS=true bin/rails tests:migrations:prepare_database
          SKIP_POST_DEPLOYMENT_MIGRATIONS=true bin/rails db:migrate
          bin/rails db:migrate
          bin/rails tests:migrations:check_database
--- a/.github/workflows/test-ruby.yml
+++ b/.github/workflows/test-ruby.yml
@ -1,11 +1,10 @@
 name: Ruby Testing
 on:
  merge_group:
  push:
-    branches:
+    branches-ignore:
-      - 'main'
+      - 'dependabot/**'
-      - 'stable-*'
+      - 'renovate/**'
  pull_request:
 env:
@ -29,47 +28,42 @@ jobs:
    env:
      RAILS_ENV: ${{ matrix.mode }}
      BUNDLE_WITH: ${{ matrix.mode }}
-      SECRET_KEY_BASE_DUMMY: 1
+      OTP_SECRET: precompile_placeholder
      SECRET_KEY_BASE: precompile_placeholder
    steps:
      - uses: actions/checkout@v4
-      - name: Set up Ruby environment
+      - name: Set up Node.js
-        uses: ./.github/actions/setup-ruby
+        uses: actions/setup-node@v3
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
        with:
-          onlyProduction: 'true'
+          cache: yarn
          node-version-file: '.nvmrc'
-      - name: Cache assets from compilation
+      - name: Install native Ruby dependencies
        uses: actions/cache@v4
        with:
          path: |
            public/assets
            public/packs
            public/packs-test
            tmp/cache/webpacker
          key: ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
          restore-keys: |
            ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
            ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}
            ${{ matrix.mode }}-assets-main
            ${{ matrix.mode }}-assets
      - name: Precompile assets
        run: |-
          bin/rails assets:precompile
      - name: Archive asset artifacts
        run: |
-          tar --exclude={"*.br","*.gz"} -zcf artifacts.tar.gz public/assets public/packs*
+          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
-      - uses: actions/upload-artifact@v4
+      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - run: yarn --frozen-lockfile --production
      - name: Precompile assets
        # Previously had set this, but it's not supported
        # export NODE_OPTIONS=--openssl-legacy-provider
        run: |-
          ./bin/rails assets:precompile
      - uses: actions/upload-artifact@v3
        if: matrix.mode == 'test'
        with:
          path: |-
-            ./artifacts.tar.gz
+            ./public/assets
            ./public/packs-test
          name: ${{ github.sha }}
          retention-days: 0
@ -87,9 +81,9 @@ jobs:
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
-          --health-interval 10ms
+          --health-interval 10s
-          --health-timeout 3s
+          --health-timeout 5s
-          --health-retries 50
+          --health-retries 5
        ports:
          - 5432:5432
@ -97,9 +91,9 @@ jobs:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
-          --health-interval 10ms
+          --health-interval 10s
-          --health-timeout 3s
+          --health-timeout 5s
-          --health-retries 50
+          --health-retries 5
        ports:
          - 6379:6379
@ -107,7 +101,7 @@ jobs:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
-      DISABLE_SIMPLECOV: ${{ matrix.ruby-version != '.ruby-version' }}
+      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      ALLOW_NOPAM: true
      PAM_ENABLED: true
@ -118,353 +112,42 @@ jobs:
      SAML_ENABLED: true
      CAS_ENABLED: true
      BUNDLE_WITH: 'pam_authentication test'
-      GITHUB_RSPEC: ${{ matrix.ruby-version == '.ruby-version' && github.event.pull_request && 'true' }}
+      CI_JOBS: ${{ matrix.ci_job }}/4
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.1'
          - '3.2'
          - '.ruby-version'
        ci_job:
          - 1
          - 2
          - 3
          - 4
    steps:
      - uses: actions/checkout@v4
-      - uses: actions/download-artifact@v4
+      - uses: actions/download-artifact@v3
        with:
-          path: './'
+          path: './public'
          name: ${{ github.sha }}
-      - name: Expand archived asset artifacts
+      - name: Update package index
-        run: |
+        run: sudo apt-get update
          tar xvzf artifacts.tar.gz
-      - name: Set up Ruby environment
+      - name: Install native Ruby dependencies
-        uses: ./.github/actions/setup-ruby
+        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Install additional system dependencies
        run: sudo apt-get install -y ffmpeg imagemagick libpam-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby-version}}
-          additional-system-dependencies: ffmpeg imagemagick libpam-dev
+          bundler-cache: true
      - name: Load database schema
        run: |
          bin/rails db:setup
          bin/flatware fan bin/rails db:test:prepare
      - name: Cache RSpec persistence file
        uses: actions/cache@v4
        with:
          path: |
            tmp/rspec/examples.txt
          key: rspec-persistence-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
          restore-keys: |
            rspec-persistence-${{ github.head_ref || github.ref_name }}-${{ github.sha }}-${{ matrix.ruby-version }}
            rspec-persistence-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
            rspec-persistence-${{ github.head_ref || github.ref_name }}
            rspec-persistence-main
            rspec-persistence
      - run: bin/flatware rspec -r ./spec/flatware_helper.rb
      - name: Upload coverage reports to Codecov
        if: matrix.ruby-version == '.ruby-version'
        uses: codecov/codecov-action@v4
        with:
          files: coverage/lcov/*.lcov
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
  test-libvips:
    name: Libvips tests
    runs-on: ubuntu-24.04
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 6379:6379
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: ${{ matrix.ruby-version != '.ruby-version' }}
      RAILS_ENV: test
      ALLOW_NOPAM: true
      PAM_ENABLED: true
      PAM_DEFAULT_SERVICE: pam_test
      PAM_CONTROLLED_SERVICE: pam_test_controlled
      OIDC_ENABLED: true
      OIDC_SCOPE: read
      SAML_ENABLED: true
      CAS_ENABLED: true
      BUNDLE_WITH: 'pam_authentication test'
      GITHUB_RSPEC: ${{ matrix.ruby-version == '.ruby-version' && github.event.pull_request && 'true' }}
      MASTODON_USE_LIBVIPS: true
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.1'
          - '3.2'
          - '.ruby-version'
    steps:
      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v4
        with:
          path: './'
          name: ${{ github.sha }}
      - name: Expand archived asset artifacts
        run: |
          tar xvzf artifacts.tar.gz
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
        with:
          ruby-version: ${{ matrix.ruby-version}}
          additional-system-dependencies: ffmpeg libpam-dev
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
-      - run: bin/rspec --tag attachment_processing
+      - run: bin/rspec
      - name: Upload coverage reports to Codecov
        if: matrix.ruby-version == '.ruby-version'
        uses: codecov/codecov-action@v4
        with:
          files: coverage/lcov/mastodon.lcov
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
  test-e2e:
    name: End to End testing
    runs-on: ubuntu-latest
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 6379:6379
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_WITH: test
      LOCAL_DOMAIN: localhost:3000
      LOCAL_HTTPS: false
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.1'
          - '3.2'
          - '.ruby-version'
    steps:
      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v4
        with:
          path: './'
          name: ${{ github.sha }}
      - name: Expand archived asset artifacts
        run: |
          tar xvzf artifacts.tar.gz
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
        with:
          ruby-version: ${{ matrix.ruby-version}}
          additional-system-dependencies: ffmpeg imagemagick
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
      - run: bin/rspec spec/system --tag streaming --tag js
      - name: Archive logs
        uses: actions/upload-artifact@v4
        if: failure()
        with:
          name: e2e-logs-${{ matrix.ruby-version }}
          path: log/
      - name: Archive test screenshots
        uses: actions/upload-artifact@v4
        if: failure()
        with:
          name: e2e-screenshots
          path: tmp/capybara/
  test-search:
    name: Elastic Search integration testing
    runs-on: ubuntu-latest
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10ms
          --health-timeout 3s
          --health-retries 50
        ports:
          - 6379:6379
      elasticsearch:
        image: ${{ contains(matrix.search-image, 'elasticsearch') && matrix.search-image || '' }}
        env:
          discovery.type: single-node
          xpack.security.enabled: false
        options: >-
          --health-cmd "curl http://localhost:9200/_cluster/health"
          --health-interval 2s
          --health-timeout 3s
          --health-retries 50
        ports:
          - 9200:9200
      opensearch:
        image: ${{ contains(matrix.search-image, 'opensearch') && matrix.search-image || '' }}
        env:
          discovery.type: single-node
          DISABLE_INSTALL_DEMO_CONFIG: true
          DISABLE_SECURITY_PLUGIN: true
        options: >-
          --health-cmd "curl http://localhost:9200/_cluster/health"
          --health-interval 2s
          --health-timeout 3s
          --health-retries 50
        ports:
          - 9200:9200
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_WITH: test
      ES_ENABLED: true
      ES_HOST: localhost
      ES_PORT: 9200
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.1'
          - '3.2'
          - '.ruby-version'
        search-image:
          - docker.elastic.co/elasticsearch/elasticsearch:7.17.13
        include:
          - ruby-version: '.ruby-version'
            search-image: docker.elastic.co/elasticsearch/elasticsearch:8.10.2
          - ruby-version: '.ruby-version'
            search-image: opensearchproject/opensearch:2
    steps:
      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v4
        with:
          path: './'
          name: ${{ github.sha }}
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
        with:
          ruby-version: ${{ matrix.ruby-version}}
          additional-system-dependencies: ffmpeg imagemagick
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
      - run: bin/rspec --tag search
      - name: Archive logs
        uses: actions/upload-artifact@v4
        if: failure()
        with:
          name: test-search-logs-${{ matrix.ruby-version }}
          path: log/
      - name: Archive test screenshots
        uses: actions/upload-artifact@v4
        if: failure()
        with:
          name: test-search-screenshots
          path: tmp/capybara/
--- a/.gitignore
+++ b/.gitignore
@ -24,12 +24,16 @@
 /public/packs-test
 .env
 .env.production
 .env.development
 /node_modules/
 /build/
 # Ignore Vagrant files
 .vagrant/
 # Ignore Capistrano customizations
 /config/deploy/*
 # Ignore IDE files
 .vscode/
 .idea/
@ -54,23 +58,8 @@ npm-debug.log
 yarn-error.log
 yarn-debug.log
 # From https://yarnpkg.com/getting-started/qa#which-files-should-be-gitignored
 .pnp.*
 .yarn/*
 !.yarn/patches
 !.yarn/plugins
 !.yarn/releases
 !.yarn/sdks
 !.yarn/versions
 # Ignore vagrant log files
 *-cloudimg-console.log
 # Ignore Docker option files
 docker-compose.override.yml
 # Ignore dotenv .local files
 .env*.local
 # Ignore local-only rspec configuration
 .rspec-local
--- a/.haml-lint.yml
+++ b/.haml-lint.yml
@ -1,15 +1,108 @@
 # Whether to ignore frontmatter at the beginning of HAML documents for
 # frameworks such as Jekyll/Middleman
 skip_frontmatter: false
 exclude:
  - 'vendor/**/*'
-
+  - 'spec/**/*'
-require:
+  - 'lib/templates/**/*'
-  - ./lib/linter/haml_middle_dot.rb
+  - 'app/views/kaminari/**/*'
 linters:
  AltText:
    enabled: false
  ClassAttributeWithStaticValue:
    enabled: true
-  MiddleDot:
+
  ClassesBeforeIds:
    enabled: true
  ConsecutiveComments:
    enabled: true
  ConsecutiveSilentScripts:
    enabled: true
    max_consecutive: 2
  EmptyObjectReference:
    enabled: true
  EmptyScript:
    enabled: true
  FinalNewline:
    enabled: true
    present: true
  HtmlAttributes:
    enabled: true
  ImplicitDiv:
    enabled: true
  LeadingCommentSpace:
    enabled: true
  LineLength:
-    max: 300
+    enabled: false
-  ViewLength:
+    max: 80
-    max: 200 # Override default value of 100 inherited from rubocop
+
  MultilinePipe:
    enabled: true
  MultilineScript:
    enabled: true
  ObjectReferenceAttributes:
    enabled: true
  RuboCop:
    enabled: true
    # These cops are incredibly noisy when it comes to HAML templates, so we
    # ignore them.
    ignored_cops:
      - Lint/BlockAlignment
      - Lint/EndAlignment
      - Lint/Void
      - Metrics/BlockLength
      - Metrics/LineLength
      - Style/AlignParameters
      - Style/BlockNesting
      - Style/ElseAlignment
      - Style/EndOfLine
      - Style/FileName
      - Style/FinalNewline
      - Style/FrozenStringLiteralComment
      - Style/IfUnlessModifier
      - Style/IndentationWidth
      - Style/Next
      - Style/TrailingBlankLines
      - Style/TrailingWhitespace
      - Style/WhileUntilModifier
  RubyComments:
    enabled: true
  SpaceBeforeScript:
    enabled: true
  SpaceInsideHashAttributes:
    enabled: true
    style: space
  Indentation:
    enabled: true
    character: space # or tab
  TagName:
    enabled: true
  TrailingWhitespace:
    enabled: true
  UnnecessaryInterpolation:
    enabled: true
  UnnecessaryStringOutput:
    enabled: true
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@ -1 +0,0 @@
 yarn lint-staged
--- a/.nanoignore
+++ b/.nanoignore
@ -0,0 +1,19 @@
 .DS_Store
 .git/
 .gitignore
 .bundle/
 .cache/
 config/deploy/*
 coverage
 docs/
 .env
 log/*.log
 neo4j/
 node_modules/
 public/assets/
 public/system/
 spec/
 tmp/
 .vagrant/
 vendor/bundle/
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-20.17
+16
--- a/.prettierignore
+++ b/.prettierignore
@ -31,6 +31,9 @@
 # Ignore Vagrant files
 .vagrant/
 # Ignore Capistrano customizations
 /config/deploy/*
 # Ignore IDE files
 .vscode/
 .idea/
@ -48,38 +51,22 @@
 *~
 *.swp
-# Ignore log files
+# Ignore npm debug log
-*.log
+npm-debug.log
 # Ignore yarn log files
 yarn-error.log
 yarn-debug.log
 # Ignore vagrant log files
 *-cloudimg-console.log
 # Ignore Docker option files
 docker-compose.override.yml
 # Ignore public
 /public/assets
 /public/emoji
 /public/packs
 /public/packs-test
 /public/system
 # Ignore emoji map file
 /app/javascript/mastodon/features/emoji/emoji_map.json
 # Ignore locale files
-/app/javascript/mastodon/locales/*.json
+/app/javascript/mastodon/locales
 /config/locales
 # Ignore vendored CSS reset
 app/javascript/styles/mastodon/reset.scss
 # Ignore Javascript pending https://github.com/mastodon/mastodon/pull/23631
 *.js
 *.jsx
 # Ignore HTML till cleaned and included in CI
 *.html
 # Ignore the generated AUTHORS.md
 AUTHORS.md
 # Process a few selected JS files
 !lint-staged.config.js
--- a/.prettierrc.js
+++ b/.prettierrc.js
@ -1,4 +1,3 @@
 module.exports = {
-  singleQuote: true,
+  singleQuote: true
  jsxSingleQuote: true
 }
--- a/.profile
+++ b/.profile
@ -0,0 +1 @@
 LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio
--- a/.rspec
+++ b/.rspec
@ -1,2 +1,3 @@
 --color
 --require spec_helper
 --format Fuubar
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -1,34 +1,479 @@
 ---
 AllCops:
  CacheRootDirectory: tmp
  DisplayStyleGuide: true
  Exclude:
    - Vagrantfile
    - config/initializers/json_ld*
    - lib/mastodon/migration_helpers.rb
  ExtraDetails: true
  NewCops: enable
  TargetRubyVersion: 3.1 # Oldest supported ruby version
 inherit_from:
  - .rubocop/layout.yml
  - .rubocop/metrics.yml
  - .rubocop/naming.yml
  - .rubocop/rails.yml
  - .rubocop/rspec_rails.yml
  - .rubocop/rspec.yml
  - .rubocop/style.yml
  - .rubocop/custom.yml
  - .rubocop_todo.yml
  - .rubocop/strict.yml
 inherit_mode:
  merge:
    - Exclude
 require:
  - rubocop-rails
  - rubocop-rspec
  - rubocop-rspec_rails
  - rubocop-performance
-  - rubocop-capybara
+
 AllCops:
  TargetRubyVersion: 2.7
  DisplayCopNames: true
  DisplayStyleGuide: true
  ExtraDetails: true
  UseCache: true
  CacheRootDirectory: tmp
  NewCops: enable
  Exclude:
    - db/schema.rb
    - 'app/views/**/*'
    - 'config/**/*'
    - 'bin/*'
    - 'Rakefile'
    - 'node_modules/**/*'
    - 'Vagrantfile'
    - 'vendor/**/*'
    - 'lib/json_ld/*'
    - 'lib/templates/**/*'
 Bundler/OrderedGems:
  Enabled: false
 Layout/AccessModifierIndentation:
  EnforcedStyle: indent
 Layout/EmptyLineAfterMagicComment:
  Enabled: false
 Layout/EmptyLineAfterGuardClause:
  Enabled: false
 Layout/EmptyLineBetweenDefs:
  AllowAdjacentOneLineDefs: true
 Layout/EmptyLinesAroundAttributeAccessor:
  Enabled: true
 Layout/FirstHashElementIndentation:
  EnforcedStyle: consistent
 Layout/HashAlignment:
  Enabled: false
 Layout/SpaceAroundMethodCallOperator:
  Enabled: true
 Layout/SpaceInsideHashLiteralBraces:
  EnforcedStyle: space
 Lint/DeprecatedOpenSSLConstant:
  Enabled: true
 Lint/DuplicateElsifCondition:
  Enabled: true
 Lint/MixedRegexpCaptureTypes:
  Enabled: true
 Lint/RaiseException:
  Enabled: true
 Lint/StructNewOverride:
  Enabled: true
 Lint/UselessAccessModifier:
  ContextCreatingMethods:
    - class_methods
 Metrics/AbcSize:
  Max: 34 # RuboCop default 17
  Exclude:
    - 'lib/**/*cli*.rb'
    - db/*migrate/**/*
    - lib/paperclip/color_extractor.rb
    - app/workers/scheduler/follow_recommendations_scheduler.rb
    - app/services/activitypub/fetch*_service.rb
    - lib/paperclip/**/*
  CountRepeatedAttributes: false
  AllowedMethods:
    - update_media_attachments!
    - account_link_to
    - attempt_oembed
    - build_crutches
    - calculate_scores
    - cc
    - dump_actor!
    - filter_from_home?
    - hydrate
    - import_bookmarks!
    - import_relationships!
    - initialize
    - link_to_mention
    - log_target
    - matches_time_window?
    - parse_metadata
    - perform_statuses_search!
    - privatize_media_attachments!
    - process_update
    - publish_media_attachments!
    - remotable_attachment
    - render_initial_state
    - render_with_cache
    - searchable_by
    - self.cached_filters_for
    - set_fetchable_attributes!
    - signed_request_actor
    - statuses_to_delete
    - update_poll!
 Metrics/BlockLength:
  Max: 55
  Exclude:
    - 'lib/mastodon/*_cli.rb'
  CountComments: false
  CountAsOne: [array, heredoc]
  AllowedMethods:
    - task
    - namespace
    - class_methods
    - included
 Metrics/BlockNesting:
  Max: 3
  Exclude:
    - 'lib/mastodon/*_cli.rb'
 Metrics/ClassLength:
  CountComments: false
  Max: 500
  CountAsOne: [array, heredoc]
  Exclude:
    - 'lib/mastodon/*_cli.rb'
 Metrics/CyclomaticComplexity:
  Max: 12
  Exclude:
    - lib/mastodon/*cli*.rb
    - db/*migrate/**/*
  AllowedMethods:
    - attempt_oembed
    - blocked?
    - build_crutches
    - calculate_scores
    - cc
    - discover_endpoint!
    - filter_from_home?
    - hydrate
    - klass
    - link_to_mention
    - log_target
    - matches_time_window?
    - patch_for_forwarding!
    - preprocess_attributes!
    - process_update
    - remotable_attachment
    - scan_text!
    - self.cached_filters_for
    - set_fetchable_attributes!
    - setup_redis_env_url
    - update_media_attachments!
 Layout/LineLength:
  Max: 140 # RuboCop default 120
  AllowHeredoc: true
  AllowURI: true
  IgnoreCopDirectives: true
  AllowedPatterns:
    # Allow comments to be long lines
    - !ruby/regexp / \# .*$/
    - !ruby/regexp /^\# .*$/
  Exclude:
    - lib/**/*cli*.rb
    - db/*migrate/**/*
    - db/seeds/**/*
 Metrics/MethodLength:
  CountComments: false
  CountAsOne: [array, heredoc]
  Max: 25 # RuboCop default 10
  Exclude:
    - 'lib/mastodon/*_cli.rb'
  AllowedMethods:
    - account_link_to
    - attempt_oembed
    - body_with_limit
    - build_crutches
    - cached_filters_for
    - calculate_scores
    - check_webfinger!
    - clean_feeds!
    - collection_items
    - collection_presenter
    - copy_account_notes!
    - deduplicate_accounts!
    - deduplicate_conversations!
    - deduplicate_local_accounts!
    - deduplicate_statuses!
    - deduplicate_tags!
    - deduplicate_users!
    - discover_endpoint!
    - extract_extra_uris_with_indices
    - extract_hashtags_with_indices
    - extract_mentions_or_lists_with_indices
    - filter_from_home?
    - from_elasticsearch
    - handle_explicit_update!
    - handle_mark_as_sensitive!
    - hsl_to_rgb
    - import_bookmarks!
    - import_domain_blocks!
    - import_relationships!
    - ldap_options
    - matches_time_window?
    - outbox_presenter
    - pam_get_user
    - parallelize_with_progress
    - parse_and_transform
    - patch_for_forwarding!
    - populate_home
    - post_process_style
    - preload_cache_collection_target_statuses
    - privatize_media_attachments!
    - provides_callback_for
    - publish_media_attachments!
    - relevant_account_timestamp
    - remotable_attachment
    - rgb_to_hsl
    - rss_status_content_format
    - set_fetchable_attributes!
    - setup_redis_env_url
    - signed_request_actor
    - to_preview_card_attributes
    - upgrade_storage_filesystem
    - upgrade_storage_s3
    - user_settings_params
    - hydrate
    - cc
    - self_destruct
 Metrics/ModuleLength:
  CountComments: false
  Max: 200
  CountAsOne: [array, heredoc]
 Metrics/ParameterLists:
  Max: 5 # RuboCop default 5
  CountKeywordArgs: true # RuboCop default true
  MaxOptionalParameters: 3 # RuboCop default 3
  Exclude:
    - app/models/concerns/account_interactions.rb
    - app/services/activitypub/fetch_remote_account_service.rb
    - app/services/activitypub/fetch_remote_actor_service.rb
 Metrics/PerceivedComplexity:
  Max: 16 # RuboCop default 8
  AllowedMethods:
    - attempt_oembed
    - build_crutches
    - calculate_scores
    - deduplicate_users!
    - discover_endpoint!
    - filter_from_home?
    - hydrate
    - patch_for_forwarding!
    - process_update
    - remove_orphans
    - update_media_attachments!
 Naming/MemoizedInstanceVariableName:
  Enabled: false
 Naming/MethodParameterName:
  Enabled: true
 Rails:
  Enabled: true
 Rails/ApplicationController:
  Enabled: false
  Exclude:
    - 'app/controllers/well_known/**/*.rb'
 Rails/BelongsTo:
  Enabled: false
 Rails/ContentTag:
  Enabled: false
 Rails/EnumHash:
  Enabled: false
 Rails/Exit:
  Exclude:
    - 'lib/mastodon/*'
    - 'lib/cli.rb'
 Rails/FilePath:
  Enabled: false
 Rails/HasAndBelongsToMany:
  Enabled: false
 Rails/HasManyOrHasOneDependent:
  Enabled: false
 Rails/HelperInstanceVariable:
  Enabled: false
 Rails/HttpStatus:
  Enabled: false
 Rails/IndexBy:
  Enabled: false
 Rails/InverseOf:
  Enabled: false
 Rails/LexicallyScopedActionFilter:
  Enabled: false
 Rails/OutputSafety:
  Enabled: true
 Rails/RakeEnvironment:
  Enabled: false
 Rails/RedundantForeignKey:
  Enabled: false
 Rails/SkipsModelValidations:
  Enabled: false
 Rails/UniqueValidationWithoutIndex:
  Enabled: false
 Style/AccessorGrouping:
  Enabled: true
 Style/AccessModifierDeclarations:
  Enabled: false
 Style/ArrayCoercion:
  Enabled: true
 Style/BisectedAttrAccessor:
  Enabled: true
 Style/CaseLikeIf:
  Enabled: false
 Style/ClassAndModuleChildren:
  Enabled: false
 Style/CollectionMethods:
  Enabled: true
  PreferredMethods:
    find_all: 'select'
 Style/Documentation:
  Enabled: false
 Style/DoubleNegation:
  Enabled: true
 Style/ExpandPathArguments:
  Enabled: false
 Style/ExponentialNotation:
  Enabled: true
 Style/FormatString:
  Enabled: false
 Style/FormatStringToken:
  Enabled: false
 Style/FrozenStringLiteralComment:
  Enabled: true
 Style/GuardClause:
  Enabled: false
 Style/HashAsLastArrayItem:
  Enabled: false
 Style/HashEachMethods:
  Enabled: true
 Style/HashLikeCase:
  Enabled: true
 Style/HashTransformKeys:
  Enabled: true
 Style/HashTransformValues:
  Enabled: false
 Style/HashSyntax:
  Enabled: true
  EnforcedStyle: ruby19_no_mixed_keys
 Style/IfUnlessModifier:
  Enabled: false
 Style/InverseMethods:
  Enabled: false
 Style/Lambda:
  Enabled: false
 Style/MutableConstant:
  Enabled: false
 Style/PercentLiteralDelimiters:
  PreferredDelimiters:
    '%i': '()'
    '%w': '()'
 Style/PerlBackrefs:
  AutoCorrect: false
 Style/RedundantFetchBlock:
  Enabled: true
 Style/RedundantFileExtensionInRequire:
  Enabled: true
 Style/RedundantRegexpCharacterClass:
  Enabled: false
 Style/RedundantRegexpEscape:
  Enabled: false
 Style/RedundantReturn:
  Enabled: true
 Style/RedundantBegin:
  Enabled: false
 Style/RegexpLiteral:
  Enabled: false
 Style/RescueStandardError:
  Enabled: true
 Style/SignalException:
  Enabled: false
 Style/SlicingWithRange:
  Enabled: true
 Style/SymbolArray:
  Enabled: false
 Style/TrailingCommaInArrayLiteral:
  EnforcedStyleForMultiline: 'comma'
 Style/TrailingCommaInHashLiteral:
  EnforcedStyleForMultiline: 'comma'
 Style/UnpackFirst:
  Enabled: false
 RSpec/ScatteredSetup:
  Enabled: false
 RSpec/ImplicitExpect:
  Enabled: false
 RSpec/NamedSubject:
  Enabled: false
 RSpec/DescribeClass:
  Enabled: false
 RSpec/LetSetup:
  Enabled: false
--- a/.rubocop/custom.yml
+++ b/.rubocop/custom.yml
@ -1,6 +0,0 @@
 ---
 require:
  - ../lib/linter/rubocop_middle_dot
 Style/MiddleDot:
  Enabled: true
--- a/.rubocop/layout.yml
+++ b/.rubocop/layout.yml
@ -1,6 +0,0 @@
 ---
 Layout/FirstHashElementIndentation:
  EnforcedStyle: consistent
 Layout/LineLength:
  Max: 300 # Default of 120 causes a duplicate entry in generated todo file
--- a/.rubocop/metrics.yml
+++ b/.rubocop/metrics.yml
@ -1,23 +0,0 @@
 ---
 Metrics/AbcSize:
  Exclude:
    - lib/mastodon/cli/*.rb
 Metrics/BlockLength:
  Enabled: false
 Metrics/ClassLength:
  Enabled: false
 Metrics/CyclomaticComplexity:
  Exclude:
    - lib/mastodon/cli/*.rb
 Metrics/MethodLength:
  Enabled: false
 Metrics/ModuleLength:
  Enabled: false
 Metrics/ParameterLists:
  CountKeywordArgs: false
--- a/.rubocop/naming.yml
+++ b/.rubocop/naming.yml
@ -1,3 +0,0 @@
 ---
 Naming/BlockForwarding:
  EnforcedStyle: explicit
--- a/.rubocop/rails.yml
+++ b/.rubocop/rails.yml
@ -1,23 +0,0 @@
 ---
 Rails/BulkChangeTable:
  Enabled: false # Conflicts with strong_migrations features
 Rails/FilePath:
  EnforcedStyle: arguments
 Rails/HttpStatus:
  EnforcedStyle: numeric
 Rails/NegateInclude:
  Enabled: false
 Rails/RakeEnvironment:
  Exclude: # Tasks are doing local work which do not need full env loaded
    - lib/tasks/auto_annotate_models.rake
    - lib/tasks/emojis.rake
    - lib/tasks/mastodon.rake
    - lib/tasks/repo.rake
    - lib/tasks/statistics.rake
 Rails/SkipsModelValidations:
  Enabled: false
--- a/.rubocop/rspec.yml
+++ b/.rubocop/rspec.yml
@ -1,27 +0,0 @@
 ---
 RSpec/ExampleLength:
  CountAsOne: ['array', 'heredoc', 'method_call']
  Max: 20 # Override default of 5
 RSpec/MultipleExpectations:
  Max: 10 # Overrides default of 1
 RSpec/MultipleMemoizedHelpers:
  Max: 20 # Overrides default of 5
 RSpec/NamedSubject:
  EnforcedStyle: named_only
 RSpec/NestedGroups:
  Max: 10 # Overrides default of 3
 RSpec/NotToNot:
  EnforcedStyle: to_not
 RSpec/SpecFilePathFormat:
  CustomTransform:
    ActivityPub: activitypub
    DeepL: deepl
    FetchOEmbedService: fetch_oembed_service
    OEmbedController: oembed_controller
    OStatus: ostatus
--- a/.rubocop/rspec_rails.yml
+++ b/.rubocop/rspec_rails.yml
@ -1,3 +0,0 @@
 ---
 RSpecRails/HttpStatus:
  EnforcedStyle: numeric
--- a/.rubocop/strict.yml
+++ b/.rubocop/strict.yml
@ -1,24 +0,0 @@
 Lint/Debugger: # Remove any `binding.pry`
  Enabled: true
  Exclude: []
 RSpec/Focus: # Require full spec run on CI
  Enabled: true
  Exclude: []
 Rails/Output: # Remove any `puts` debugging
  inherit_mode:
    merge:
      - Include
  Enabled: true
  Exclude: []
  Include:
    - spec/**/*.rb
 Rails/FindEach: # Using `each` could impact performance, use `find_each`
  Enabled: true
  Exclude: []
 Rails/UniqBeforePluck: # Require `uniq.pluck` and not `pluck.uniq`
  Enabled: true
  Exclude: []
--- a/.rubocop/style.yml
+++ b/.rubocop/style.yml
@ -1,47 +0,0 @@
 ---
 Style/ClassAndModuleChildren:
  Enabled: false
 Style/Documentation:
  Enabled: false
 Style/FormatStringToken:
  AllowedMethods:
    - redirect_with_vary # Route redirects are not token-formatted
  inherit_mode:
    merge:
      - AllowedMethods
 Style/HashAsLastArrayItem:
  Enabled: false
 Style/HashSyntax:
  EnforcedShorthandSyntax: either
  EnforcedStyle: ruby19_no_mixed_keys
 Style/NumericLiterals:
  AllowedPatterns:
    - \d{4}_\d{2}_\d{2}_\d{6}
 Style/PercentLiteralDelimiters:
  PreferredDelimiters:
    '%i': ()
    '%w': ()
 Style/RedundantBegin:
  Enabled: false
 Style/RedundantFetchBlock:
  Enabled: false
 Style/RescueStandardError:
  EnforcedStyle: implicit
 Style/SymbolArray:
  Enabled: false
 Style/TrailingCommaInArrayLiteral:
  EnforcedStyleForMultiline: comma
 Style/TrailingCommaInHashLiteral:
  EnforcedStyleForMultiline: comma
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@ -1,113 +0,0 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --no-offense-counts --no-auto-gen-timestamp`
 # using RuboCop version 1.66.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 Lint/NonLocalExitFromIterator:
  Exclude:
    - 'app/helpers/jsonld_helper.rb'
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
  Max: 82
 # Configuration parameters: CountBlocks, CountModifierForms, Max.
 Metrics/BlockNesting:
  Exclude:
    - 'lib/tasks/mastodon.rake'
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/CyclomaticComplexity:
  Max: 25
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/PerceivedComplexity:
  Max: 27
 Rails/OutputSafety:
  Exclude:
    - 'config/initializers/simple_form.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowedVars.
 Style/FetchEnvVar:
  Exclude:
    - 'app/lib/translation_service.rb'
    - 'config/environments/production.rb'
    - 'config/initializers/2_limited_federation_mode.rb'
    - 'config/initializers/3_omniauth.rb'
    - 'config/initializers/cache_buster.rb'
    - 'config/initializers/devise.rb'
    - 'config/initializers/paperclip.rb'
    - 'config/initializers/vapid.rb'
    - 'lib/tasks/repo.rake'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, MaxUnannotatedPlaceholdersAllowed, AllowedMethods, AllowedPatterns.
 # SupportedStyles: annotated, template, unannotated
 # AllowedMethods: redirect
 Style/FormatStringToken:
  Exclude:
    - 'config/initializers/devise.rb'
    - 'lib/paperclip/color_extractor.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: MinBodyLength, AllowConsecutiveConditionals.
 Style/GuardClause:
  Enabled: false
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/HashTransformValues:
  Exclude:
    - 'app/serializers/rest/web_push_subscription_serializer.rb'
    - 'app/services/import_service.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/MapToHash:
  Exclude:
    - 'app/models/status.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: literals, strict
 Style/MutableConstant:
  Exclude:
    - 'app/models/tag.rb'
    - 'app/services/delete_account_service.rb'
    - 'lib/mastodon/migration_warning.rb'
 # Configuration parameters: AllowedMethods.
 # AllowedMethods: respond_to_missing?
 Style/OptionalBooleanParameter:
  Exclude:
    - 'app/helpers/jsonld_helper.rb'
    - 'app/lib/admin/system_check/message.rb'
    - 'app/lib/request.rb'
    - 'app/lib/webfinger.rb'
    - 'app/services/block_domain_service.rb'
    - 'app/services/fetch_resource_service.rb'
    - 'app/workers/domain_block_worker.rb'
    - 'app/workers/unfollow_follow_worker.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: short, verbose
 Style/PreferredHashMethods:
  Exclude:
    - 'config/initializers/paperclip.rb'
 # This cop supports safe autocorrection (--autocorrect).
 Style/RedundantConstantBase:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/sidekiq.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: WordRegex.
 # SupportedStyles: percent, brackets
 Style/WordArray:
  EnforcedStyle: percent
  MinSize: 3
--- a/.ruby-version
+++ b/.ruby-version
@ -1 +1 @@
-3.3.5
+3.0.6
--- a/.watchmanconfig
+++ b/.watchmanconfig
@ -1,3 +0,0 @@
 {
  "ignore_dirs": ["node_modules/", "public/"]
 }
--- a/.yarn/.gitkeep
+++ b/.yarn/.gitkeep
--- a/.yarn/patches/babel-plugin-lodash-npm-3.3.4-c7161075b6.patch
+++ b/.yarn/patches/babel-plugin-lodash-npm-3.3.4-c7161075b6.patch
@ -1,13 +0,0 @@
 diff --git a/lib/index.js b/lib/index.js
 index 16ed6be8be8f555cc99096c2ff60954b42dc313d..d009c069770d066ad0db7ad02de1ea473a29334e 100644
 --- a/lib/index.js
 +++ b/lib/index.js
@@ -99,7 +99,7 @@ function lodash(_ref) {
         var node = _ref3;
 -        if ((0, _types.isModuleDeclaration)(node)) {
 +        if ((0, _types.isImportDeclaration)(node)  || (0, _types.isExportDeclaration)(node)) {
           isModule = true;
           break;
         }
--- a/.yarnclean
+++ b/.yarnclean
@ -0,0 +1,46 @@
 # test directories
 __tests__
 test
 tests
 powered-test
 # asset directories
 docs
 doc
 website
 images
 # assets
 # examples
 example
 examples
 # code coverage directories
 coverage
 .nyc_output
 # build scripts
 Makefile
 Gulpfile.js
 Gruntfile.js
 # configs
 .tern-project
 .gitattributes
 .editorconfig
 .*ignore
 .eslintrc
 .jshintrc
 .flowconfig
 .documentup.json
 .yarn-metadata.json
 .*.yml
 *.yml
 # misc
 *.gz
 *.md
 # for specific ignore
 !.svgo.yml
 !sass-lint/**/*.yml
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@ -1 +0,0 @@
 nodeLinker: node-modules
--- a/AUTHORS.md
+++ b/AUTHORS.md
--- a/9
+++ b/9
@ -1,5 +1,4 @@
-libidn12
+ffmpeg
-# for idn-ruby on heroku-24 stack
+libpq-dev
-
+libxdamage1
-# use https://github.com/heroku/heroku-buildpack-activestorage-preview
+libxfixes3
 # in place for ffmpeg and its dependent packages to reduce slag size
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@ -2,131 +2,45 @@
 ## Our Pledge
-We as members, contributors, and leaders pledge to make participation in our
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
 community a harassment-free experience for everyone, regardless of age, body
 size, visible or invisible disability, ethnicity, sex characteristics, gender
 identity and expression, level of experience, education, socio-economic status,
 nationality, personal appearance, race, caste, color, religion, or sexual
 identity and orientation.
 We pledge to act and interact in ways that contribute to an open, welcoming,
 diverse, inclusive, and healthy community.
 ## Our Standards
-Examples of behavior that contributes to a positive environment for our
+Examples of behavior that contributes to creating a positive environment include:
 community include:
- Demonstrating empathy and kindness toward other people
+* Using welcoming and inclusive language
- Being respectful of differing opinions, viewpoints, and experiences
+* Being respectful of differing viewpoints and experiences
- Giving and gracefully accepting constructive feedback
+* Gracefully accepting constructive criticism
- Accepting responsibility and apologizing to those affected by our mistakes,
+* Focusing on what is best for the community
-  and learning from the experience
+* Showing empathy towards other community members
 - Focusing on what is best not just for us as individuals, but for the overall
  community
-Examples of unacceptable behavior include:
+Examples of unacceptable behavior by participants include:
- The use of sexualized language or imagery, and sexual attention or advances of
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
-  any kind
+* Trolling, insulting/derogatory comments, and personal or political attacks
- Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
- Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
- Publishing others' private information, such as a physical or email address,
+* Other conduct which could reasonably be considered inappropriate in a professional setting
  without their explicit permission
 - Other conduct which could reasonably be considered inappropriate in a
  professional setting
-## Enforcement Responsibilities
+## Our Responsibilities
-Community leaders are responsible for clarifying and enforcing our standards of
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
 acceptable behavior and will take appropriate and fair corrective action in
 response to any behavior that they deem inappropriate, threatening, offensive,
 or harmful.
-Community leaders have the right and responsibility to remove, edit, or reject
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
 comments, commits, code, wiki edits, issues, and other contributions that are
 not aligned to this Code of Conduct, and will communicate reasons for moderation
 decisions when appropriate.
 ## Scope
-This Code of Conduct applies within all community spaces, and also applies when
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
 an individual is officially representing the community in public spaces.
 Examples of representing our community include using an official e-mail address,
 posting via an official social media account, or acting as an appointed
 representative at an online or offline event.
 ## Enforcement
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at eugen@zeonfederated.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
 reported to the community leaders responsible for enforcement at
 [hello@joinmastodon.org](mailto:hello@joinmastodon.org).
 All complaints will be reviewed and investigated promptly and fairly.
-All community leaders are obligated to respect the privacy and security of the
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
 reporter of any incident.
 ## Enforcement Guidelines
 Community leaders will follow these Community Impact Guidelines in determining
 the consequences for any action they deem in violation of this Code of Conduct:
 ### 1. Correction
 **Community Impact**: Use of inappropriate language or other behavior deemed
 unprofessional or unwelcome in the community.
 **Consequence**: A private, written warning from community leaders, providing
 clarity around the nature of the violation and an explanation of why the
 behavior was inappropriate. A public apology may be requested.
 ### 2. Warning
 **Community Impact**: A violation through a single incident or series of
 actions.
 **Consequence**: A warning with consequences for continued behavior. No
 interaction with the people involved, including unsolicited interaction with
 those enforcing the Code of Conduct, for a specified period of time. This
 includes avoiding interactions in community spaces as well as external channels
 like social media. Violating these terms may lead to a temporary or permanent
 ban.
 ### 3. Temporary Ban
 **Community Impact**: A serious violation of community standards, including
 sustained inappropriate behavior.
 **Consequence**: A temporary ban from any sort of interaction or public
 communication with the community for a specified period of time. No public or
 private interaction with the people involved, including unsolicited interaction
 with those enforcing the Code of Conduct, is allowed during this period.
 Violating these terms may lead to a permanent ban.
 ### 4. Permanent Ban
 **Community Impact**: Demonstrating a pattern of violation of community
 standards, including sustained inappropriate behavior, harassment of an
 individual, or aggression toward or disparagement of classes of individuals.
 **Consequence**: A permanent ban from any sort of public interaction within the
 community.
 ## Attribution
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [https://contributor-covenant.org/version/1/4][version]
 version 2.1, available at
 [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
-Community Impact Guidelines were inspired by
+[homepage]: https://contributor-covenant.org
-[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+[version]: https://contributor-covenant.org/version/1/4/
 For answers to common questions about this code of conduct, see the FAQ at
 [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
 [https://www.contributor-covenant.org/translations][translations].
 [homepage]: https://www.contributor-covenant.org
 [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
 [Mozilla CoC]: https://github.com/mozilla/diversity
 [FAQ]: https://www.contributor-covenant.org/faq
 [translations]: https://www.contributor-covenant.org/translations
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,4 +1,5 @@
-# Contributing
+Contributing
 ============
 Thank you for considering contributing to Mastodon 🐘
@ -11,15 +12,6 @@ You can contribute in the following ways:
 If your contributions are accepted into Mastodon, you can request to be paid through [our OpenCollective](https://opencollective.com/mastodon).
 Please review the org-level [contribution guidelines] for high-level acceptance
 criteria guidance.
 [contribution guidelines]: https://github.com/mastodon/.github/blob/main/CONTRIBUTING.md
 ## API Changes and Additions
 Please note that any changes or additions made to the API should have an accompanying pull request on [our documentation repository](https://github.com/mastodon/documentation).
 ## Bug reports
 Bug reports and feature suggestions must use descriptive and concise titles and be submitted to [GitHub Issues](https://github.com/mastodon/mastodon/issues). Please use the search function to make sure that you are not submitting duplicates, and that a similar report or request has not already been resolved or rejected.
@ -36,9 +28,9 @@ You can submit translations via [Crowdin](https://crowdin.com/project/mastodon).
 Example:
-| Not ideal                            | Better                                                        |
+|Not ideal|Better|
-| ------------------------------------ | ------------------------------------------------------------- |
+|---|----|
-| Fixed NoMethodError in RemovalWorker | Fix nil error when removing statuses caused by race condition |
+|Fixed NoMethodError in RemovalWorker|Fix nil error when removing statuses caused by race condition|
 It is not always possible to phrase every change in such a manner, but it is desired.
@ -50,6 +42,8 @@ It is not always possible to phrase every change in such a manner, but it is des
 - Code style rules (rubocop, eslint)
 - Normalization of locale files (i18n-tasks)
 **Note**: You may need to log in and authorise the GitHub account your fork of this repository belongs to with CircleCI to enable some of the automated checks to run.
 ## Documentation
 The [Mastodon documentation](https://docs.joinmastodon.org) is a statically generated site. You can [submit merge requests to mastodon/documentation](https://github.com/mastodon/documentation).
--- a/14
+++ b/14
@ -0,0 +1,14 @@
 # frozen_string_literal: true
 require 'capistrano/setup'
 require 'capistrano/deploy'
 require 'capistrano/scm/git'
 install_plugin Capistrano::SCM::Git
 require 'capistrano/rbenv'
 require 'capistrano/bundler'
 require 'capistrano/yarn'
 require 'capistrano/rails/assets'
 require 'capistrano/rails/migrations'
 Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }
--- a/480
+++ b/480
@ -1,410 +1,100 @@
-# syntax=docker/dockerfile:1.9
+# syntax=docker/dockerfile:1.4
 # This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
 ARG NODE_VERSION="16.18.1-bullseye-slim"
-# This file is designed for production server deployment, not local development work
+FROM ghcr.io/moritzheiber/ruby-jemalloc:3.0.6-slim as ruby
-# For a containerized local dev environment, see: https://github.com/mastodon/mastodon/blob/main/README.md#docker
+FROM node:${NODE_VERSION} as build
-# Please see https://docs.docker.com/engine/reference/builder for information about
+COPY --link --from=ruby /opt/ruby /opt/ruby
 # the extended buildx capabilities used in this file.
 # Make sure multiarch TARGETPLATFORM is available for interpolation
 # See: https://docs.docker.com/build/building/multi-platform/
 ARG TARGETPLATFORM=${TARGETPLATFORM}
 ARG BUILDPLATFORM=${BUILDPLATFORM}
-# Ruby image to use for base image, change with [--build-arg RUBY_VERSION="3.3.x"]
+ENV DEBIAN_FRONTEND="noninteractive" \
-# renovate: datasource=docker depName=docker.io/ruby
+    PATH="${PATH}:/opt/ruby/bin"
 ARG RUBY_VERSION="3.3.5"
 # # Node version to use in base image, change with [--build-arg NODE_MAJOR_VERSION="20"]
 # renovate: datasource=node-version depName=node
 ARG NODE_MAJOR_VERSION="20"
 # Debian image to use for base image, change with [--build-arg DEBIAN_VERSION="bookworm"]
 ARG DEBIAN_VERSION="bookworm"
 # Node image to use for base image based on combined variables (ex: 20-bookworm-slim)
 FROM docker.io/node:${NODE_MAJOR_VERSION}-${DEBIAN_VERSION}-slim AS node
 # Ruby image to use for base image based on combined variables (ex: 3.3.x-slim-bookworm)
 FROM docker.io/ruby:${RUBY_VERSION}-slim-${DEBIAN_VERSION} AS ruby
-# Resulting version string is vX.X.X-MASTODON_VERSION_PRERELEASE+MASTODON_VERSION_METADATA
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-# Example: v4.3.0-nightly.2023.11.09+pr-123456
+
-# Overwrite existence of 'alpha.X' in version.rb [--build-arg MASTODON_VERSION_PRERELEASE="nightly.2023.11.09"]
+WORKDIR /opt/mastodon
-ARG MASTODON_VERSION_PRERELEASE=""
+COPY Gemfile* package.json yarn.lock /opt/mastodon/
-# Append build metadata or fork information to version.rb [--build-arg MASTODON_VERSION_METADATA="pr-123456"]
+
-ARG MASTODON_VERSION_METADATA=""
+# hadolint ignore=DL3008
 RUN apt-get update && \
    apt-get -yq dist-upgrade && \
    apt-get install -y --no-install-recommends build-essential \
        ca-certificates \
        git \
        libicu-dev \
        libidn11-dev \
        libpq-dev \
        libjemalloc-dev \
        zlib1g-dev \
        libgdbm-dev \
        libgmp-dev \
        libssl-dev \
        libyaml-0-2 \
        ca-certificates \
        libreadline8 \
        python3 \
        shared-mime-info && \
    bundle config set --local deployment 'true' && \
    bundle config set --local without 'development test' && \
    bundle config set silence_root_warning true && \
    bundle install -j"$(nproc)" && \
    yarn install --pure-lockfile --network-timeout 600000
 FROM node:${NODE_VERSION}
 # Allow Ruby on Rails to serve static files
 # See: https://docs.joinmastodon.org/admin/config/#rails_serve_static_files
 ARG RAILS_SERVE_STATIC_FILES="true"
 # Allow to use YJIT compiler
 # See: https://github.com/ruby/ruby/blob/v3_2_4/doc/yjit/yjit.md
 ARG RUBY_YJIT_ENABLE="1"
 # Timezone used by the Docker container and runtime, change with [--build-arg TZ=Europe/Berlin]
 ARG TZ="Etc/UTC"
 # Linux UID (user id) for the mastodon user, change with [--build-arg UID=1234]
 ARG UID="991"
 # Linux GID (group id) for the mastodon user, change with [--build-arg GID=1234]
 ARG GID="991"
-# Apply Mastodon build options based on options above
+COPY --link --from=ruby /opt/ruby /opt/ruby
 ENV \
 # Apply Mastodon version information
  MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
  MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}" \
 # Apply Mastodon static files and YJIT options
  RAILS_SERVE_STATIC_FILES=${RAILS_SERVE_STATIC_FILES} \
  RUBY_YJIT_ENABLE=${RUBY_YJIT_ENABLE} \
 # Apply timezone
  TZ=${TZ}
-ENV \
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-# Configure the IP to bind Mastodon to when serving traffic
+
-  BIND="0.0.0.0" \
+ENV DEBIAN_FRONTEND="noninteractive" \
-# Use production settings for Yarn, Node and related nodejs based tools
+    PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
 # Ignoreing these here since we don't want to pin any versions and the Debian image removes apt-get content after use
 # hadolint ignore=DL3008,DL3009
 RUN apt-get update && \
    echo "Etc/UTC" > /etc/localtime && \
    groupadd -g "${GID}" mastodon && \
    useradd -l -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \
    apt-get -y --no-install-recommends install whois \
        wget \
        procps \
        libssl1.1 \
        libpq5 \
        imagemagick \
        ffmpeg \
        libjemalloc2 \
        libicu67 \
        libidn11 \
        libyaml-0-2 \
        file \
        ca-certificates \
        tzdata \
        libreadline8 \
        tini && \
    ln -s /opt/mastodon /mastodon
 # Note: no, cleaning here since Debian does this automatically
 # See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
 COPY --chown=mastodon:mastodon . /opt/mastodon
 COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
 ENV RAILS_ENV="production" \
    NODE_ENV="production" \
-# Use production settings for Ruby on Rails
+    RAILS_SERVE_STATIC_FILES="true" \
-  RAILS_ENV="production" \
+    BIND="0.0.0.0"
 # Add Ruby and Mastodon installation to the PATH
  DEBIAN_FRONTEND="noninteractive" \
  PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin" \
 # Optimize jemalloc 5.x performance
  MALLOC_CONF="narenas:2,background_thread:true,thp:never,dirty_decay_ms:1000,muzzy_decay_ms:0" \
 # Enable libvips, should not be changed
  MASTODON_USE_LIBVIPS=true \
 # Sidekiq will touch tmp/sidekiq_process_has_started_and_will_begin_processing_jobs to indicate it is ready. This can be used for a readiness check in Kubernetes
  MASTODON_SIDEKIQ_READY_FILENAME=sidekiq_process_has_started_and_will_begin_processing_jobs
-# Set default shell used for running commands
+# Set the run user
-SHELL ["/bin/bash", "-o", "pipefail", "-o", "errexit", "-c"]
+USER mastodon
 ARG TARGETPLATFORM
 RUN echo "Target platform is $TARGETPLATFORM"
 RUN \
 # Remove automatic apt cache Docker cleanup scripts
  rm -f /etc/apt/apt.conf.d/docker-clean; \
 # Sets timezone
  echo "${TZ}" > /etc/localtime; \
 # Creates mastodon user/group and sets home directory
  groupadd -g "${GID}" mastodon; \
  useradd -l -u "${UID}" -g "${GID}" -m -d /opt/mastodon mastodon; \
 # Creates /mastodon symlink to /opt/mastodon
  ln -s /opt/mastodon /mastodon;
 # Set /opt/mastodon as working directory
 WORKDIR /opt/mastodon
-# hadolint ignore=DL3008,DL3005
+# Precompile assets
-RUN \
+RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \
-# Mount Apt cache and lib directories from Docker buildx caches
+    yarn cache clean
 --mount=type=cache,id=apt-cache-${TARGETPLATFORM},target=/var/cache/apt,sharing=locked \
 --mount=type=cache,id=apt-lib-${TARGETPLATFORM},target=/var/lib/apt,sharing=locked \
 # Apt update & upgrade to check for security updates to Debian image
  apt-get update; \
  apt-get dist-upgrade -yq; \
 # Install jemalloc, curl and other necessary components
  apt-get install -y --no-install-recommends \
    curl \
    file \
    libjemalloc2 \
    patchelf \
    procps \
    tini \
    tzdata \
    wget \
  ; \
 # Patch Ruby to use jemalloc
  patchelf --add-needed libjemalloc.so.2 /usr/local/bin/ruby; \
 # Discard patchelf after use
  apt-get purge -y \
    patchelf \
  ;
-# Create temporary build layer from base image
+# Set the work dir and the container entry point
 FROM ruby AS build
 # Copy Node package configuration files into working directory
 COPY package.json yarn.lock .yarnrc.yml /opt/mastodon/
 COPY .yarn /opt/mastodon/.yarn
 COPY --from=node /usr/local/bin /usr/local/bin
 COPY --from=node /usr/local/lib /usr/local/lib
 ARG TARGETPLATFORM
 # hadolint ignore=DL3008
 RUN \
 # Mount Apt cache and lib directories from Docker buildx caches
 --mount=type=cache,id=apt-cache-${TARGETPLATFORM},target=/var/cache/apt,sharing=locked \
 --mount=type=cache,id=apt-lib-${TARGETPLATFORM},target=/var/lib/apt,sharing=locked \
 # Install build tools and bundler dependencies from APT
  apt-get install -y --no-install-recommends \
    autoconf \
    automake \
    build-essential \
    cmake \
    git \
    libgdbm-dev \
    libglib2.0-dev \
    libgmp-dev \
    libicu-dev \
    libidn-dev \
    libpq-dev \
    libssl-dev \
    libtool \
    meson \
    nasm \
    pkg-config \
    shared-mime-info \
    xz-utils \
 	# libvips components
    libcgif-dev \
    libexif-dev \
    libexpat1-dev \
    libgirepository1.0-dev \
    libheif-dev \
    libimagequant-dev \
    libjpeg62-turbo-dev \
    liblcms2-dev \
    liborc-dev \
    libspng-dev \
    libtiff-dev \
    libwebp-dev \
  # ffmpeg components
    libdav1d-dev \
    liblzma-dev \
    libmp3lame-dev \
    libopus-dev \
    libsnappy-dev \
    libvorbis-dev \
    libvpx-dev \
    libx264-dev \
    libx265-dev \
  ;
 RUN \
 # Configure Corepack
  rm /usr/local/bin/yarn*; \
  corepack enable; \
  corepack prepare --activate;
 # Create temporary libvips specific build layer from build layer
 FROM build AS libvips
 # libvips version to compile, change with [--build-arg VIPS_VERSION="8.15.2"]
 # renovate: datasource=github-releases depName=libvips packageName=libvips/libvips
 ARG VIPS_VERSION=8.15.3
 # libvips download URL, change with [--build-arg VIPS_URL="https://github.com/libvips/libvips/releases/download"]
 ARG VIPS_URL=https://github.com/libvips/libvips/releases/download
 WORKDIR /usr/local/libvips/src
 # Download and extract libvips source code
 ADD ${VIPS_URL}/v${VIPS_VERSION}/vips-${VIPS_VERSION}.tar.xz /usr/local/libvips/src/
 RUN tar xf vips-${VIPS_VERSION}.tar.xz;
 WORKDIR /usr/local/libvips/src/vips-${VIPS_VERSION}
 # Configure and compile libvips
 RUN \
  meson setup build --prefix /usr/local/libvips --libdir=lib -Ddeprecated=false -Dintrospection=disabled -Dmodules=disabled -Dexamples=false; \
  cd build; \
  ninja; \
  ninja install;
 # Create temporary ffmpeg specific build layer from build layer
 FROM build AS ffmpeg
 # ffmpeg version to compile, change with [--build-arg FFMPEG_VERSION="7.0.x"]
 # renovate: datasource=repology depName=ffmpeg packageName=openpkg_current/ffmpeg
 ARG FFMPEG_VERSION=7.0.2
 # ffmpeg download URL, change with [--build-arg FFMPEG_URL="https://ffmpeg.org/releases"]
 ARG FFMPEG_URL=https://ffmpeg.org/releases
 WORKDIR /usr/local/ffmpeg/src
 # Download and extract ffmpeg source code
 ADD ${FFMPEG_URL}/ffmpeg-${FFMPEG_VERSION}.tar.xz /usr/local/ffmpeg/src/
 RUN tar xf ffmpeg-${FFMPEG_VERSION}.tar.xz;
 WORKDIR /usr/local/ffmpeg/src/ffmpeg-${FFMPEG_VERSION}
 # Configure and compile ffmpeg
 RUN \
  ./configure \
    --prefix=/usr/local/ffmpeg \
    --toolchain=hardened \
    --disable-debug \
    --disable-devices \
    --disable-doc \
    --disable-ffplay \
    --disable-network \
    --disable-static \
    --enable-ffmpeg \
    --enable-ffprobe \
    --enable-gpl \
    --enable-libdav1d \
    --enable-libmp3lame \
    --enable-libopus \
    --enable-libsnappy \
    --enable-libvorbis \
    --enable-libvpx \
    --enable-libwebp \
    --enable-libx264 \
    --enable-libx265 \
    --enable-shared \
    --enable-version3 \
  ; \
  make -j$(nproc); \
  make install;
 # Create temporary bundler specific build layer from build layer
 FROM build AS bundler
 ARG TARGETPLATFORM
 # Copy Gemfile config into working directory
 COPY Gemfile* /opt/mastodon/
 RUN \
 # Mount Ruby Gem caches
 --mount=type=cache,id=gem-cache-${TARGETPLATFORM},target=/usr/local/bundle/cache/,sharing=locked \
 # Configure bundle to prevent changes to Gemfile and Gemfile.lock
  bundle config set --global frozen "true"; \
 # Configure bundle to not cache downloaded Gems
  bundle config set --global cache_all "false"; \
 # Configure bundle to only process production Gems
  bundle config set --local without "development test"; \
 # Configure bundle to not warn about root user
  bundle config set silence_root_warning "true"; \
 # Download and install required Gems
  bundle install -j"$(nproc)";
 # Create temporary node specific build layer from build layer
 FROM build AS yarn
 ARG TARGETPLATFORM
 # Copy Node package configuration files into working directory
 COPY package.json yarn.lock .yarnrc.yml /opt/mastodon/
 COPY streaming/package.json /opt/mastodon/streaming/
 COPY .yarn /opt/mastodon/.yarn
 # hadolint ignore=DL3008
 RUN \
 --mount=type=cache,id=corepack-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/corepack,sharing=locked \
 --mount=type=cache,id=yarn-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/yarn,sharing=locked \
 # Install Node packages
  yarn workspaces focus --production @mastodon/mastodon;
 # Create temporary assets build layer from build layer
 FROM build AS precompiler
 # Copy Mastodon sources into precompiler layer
 COPY . /opt/mastodon/
 # Copy bundler and node packages from build layer to container
 COPY --from=yarn /opt/mastodon /opt/mastodon/
 COPY --from=bundler /opt/mastodon /opt/mastodon/
 COPY --from=bundler /usr/local/bundle/ /usr/local/bundle/
 # Copy libvips components to layer for precompiler
 COPY --from=libvips /usr/local/libvips/bin /usr/local/bin
 COPY --from=libvips /usr/local/libvips/lib /usr/local/lib
 ARG TARGETPLATFORM
 RUN \
  ldconfig; \
 # Use Ruby on Rails to create Mastodon assets
  SECRET_KEY_BASE_DUMMY=1 \
  bundle exec rails assets:precompile; \
 # Cleanup temporary files
  rm -fr /opt/mastodon/tmp;
 # Prep final Mastodon Ruby layer
 FROM ruby AS mastodon
 ARG TARGETPLATFORM
 # hadolint ignore=DL3008
 RUN \
 # Mount Apt cache and lib directories from Docker buildx caches
 --mount=type=cache,id=apt-cache-${TARGETPLATFORM},target=/var/cache/apt,sharing=locked \
 --mount=type=cache,id=apt-lib-${TARGETPLATFORM},target=/var/lib/apt,sharing=locked \
 # Mount Corepack and Yarn caches from Docker buildx caches
 --mount=type=cache,id=corepack-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/corepack,sharing=locked \
 --mount=type=cache,id=yarn-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/yarn,sharing=locked \
 # Apt update install non-dev versions of necessary components
  apt-get install -y --no-install-recommends \
    libexpat1 \
    libglib2.0-0 \
    libicu72 \
    libidn12 \
    libpq5 \
    libreadline8 \
    libssl3 \
    libyaml-0-2 \
  # libvips components
    libcgif0 \
    libexif12 \
    libheif1 \
    libimagequant0 \
    libjpeg62-turbo \
    liblcms2-2 \
    liborc-0.4-0 \
    libspng0 \
    libtiff6 \
    libwebp7 \
    libwebpdemux2 \
    libwebpmux3 \
  # ffmpeg components
    libdav1d6 \
    libmp3lame0 \
    libopencore-amrnb0 \
    libopencore-amrwb0 \
    libopus0 \
    libsnappy1v5 \
    libtheora0 \
    libvorbis0a \
    libvorbisenc2 \
    libvorbisfile3 \
    libvpx7 \
    libx264-164 \
    libx265-199 \
  ;
 # Copy Mastodon sources into final layer
 COPY . /opt/mastodon/
 # Copy compiled assets to layer
 COPY --from=precompiler /opt/mastodon/public/packs /opt/mastodon/public/packs
 COPY --from=precompiler /opt/mastodon/public/assets /opt/mastodon/public/assets
 # Copy bundler components to layer
 COPY --from=bundler /usr/local/bundle/ /usr/local/bundle/
 # Copy libvips components to layer
 COPY --from=libvips /usr/local/libvips/bin /usr/local/bin
 COPY --from=libvips /usr/local/libvips/lib /usr/local/lib
 # Copy ffpmeg components to layer
 COPY --from=ffmpeg /usr/local/ffmpeg/bin /usr/local/bin
 COPY --from=ffmpeg /usr/local/ffmpeg/lib /usr/local/lib
 RUN \
  ldconfig; \
 # Smoketest media processors
  vips -v; \
  ffmpeg -version; \
  ffprobe -version;
 RUN \
  # Precompile bootsnap code for faster Rails startup
  bundle exec bootsnap precompile --gemfile app/ lib/;
 RUN \
 # Pre-create and chown system volume to Mastodon user
  mkdir -p /opt/mastodon/public/system; \
  chown mastodon:mastodon /opt/mastodon/public/system; \
 # Set Mastodon user as owner of tmp folder
  chown -R mastodon:mastodon /opt/mastodon/tmp;
 # Set the running user for resulting container
 USER mastodon
 # Expose default Puma ports
 EXPOSE 3000
 # Set container tini as default entry point
 ENTRYPOINT ["/usr/bin/tini", "--"]
 EXPOSE 3000 4000
--- a/FEDERATION.md
+++ b/FEDERATION.md
@ -1,35 +1,19 @@
-# Federation
+## ActivityPub federation in Mastodon
 ## Supported federation protocols and standards
 - [ActivityPub](https://www.w3.org/TR/activitypub/) (Server-to-Server)
 - [WebFinger](https://webfinger.net/)
 - [Http Signatures](https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures)
 - [NodeInfo](https://nodeinfo.diaspora.software/)
 ## Supported FEPs
 - [FEP-67ff: FEDERATION.md](https://codeberg.org/fediverse/fep/src/branch/main/fep/67ff/fep-67ff.md)
 - [FEP-f1d5: NodeInfo in Fediverse Software](https://codeberg.org/fediverse/fep/src/branch/main/fep/f1d5/fep-f1d5.md)
 - [FEP-8fcf: Followers collection synchronization across servers](https://codeberg.org/fediverse/fep/src/branch/main/fep/8fcf/fep-8fcf.md)
 - [FEP-5feb: Search indexing consent for actors](https://codeberg.org/fediverse/fep/src/branch/main/fep/5feb/fep-5feb.md)
 ## ActivityPub in Mastodon
 Mastodon largely follows the ActivityPub server-to-server specification but it makes uses of some non-standard extensions, some of which are required for interacting with Mastodon at all.
- [Supported ActivityPub vocabulary](https://docs.joinmastodon.org/spec/activitypub/)
+Supported vocabulary: https://docs.joinmastodon.org/spec/activitypub/
 ### Required extensions
-#### WebFinger
+#### Webfinger
 In Mastodon, users are identified by a `username` and `domain` pair (e.g., `Gargron@mastodon.social`).
 This is used both for discovery and for unambiguously mentioning users across the fediverse. Furthermore, this is part of Mastodon's database design from its very beginnings.
 As a result, Mastodon requires that each ActivityPub actor uniquely maps back to an `acct:` URI that can be resolved via WebFinger.
- [WebFinger information and examples](https://docs.joinmastodon.org/spec/webfinger/)
+More information and examples are available at: https://docs.joinmastodon.org/spec/webfinger/
 #### HTTP Signatures
@ -37,13 +21,10 @@ In order to authenticate activities, Mastodon relies on HTTP Signatures, signing
 Mastodon requires all `POST` requests to be signed, and MAY require `GET` requests to be signed, depending on the configuration of the Mastodon server.
- [HTTP Signatures information and examples](https://docs.joinmastodon.org/spec/security/#http)
+More information on HTTP Signatures, as well as examples, can be found here: https://docs.joinmastodon.org/spec/security/#http
 ### Optional extensions
- [Linked-Data Signatures](https://docs.joinmastodon.org/spec/security/#ld)
+- Linked-Data Signatures: https://docs.joinmastodon.org/spec/security/#ld
- [Bearcaps](https://docs.joinmastodon.org/spec/bearcaps/)
+- Bearcaps: https://docs.joinmastodon.org/spec/bearcaps/
-
+- Followers collection synchronization: https://git.activitypub.dev/ActivityPubDev/Fediverse-Enhancement-Proposals/src/branch/main/feps/fep-8fcf.md
 ### Additional documentation
 - [Mastodon documentation](https://docs.joinmastodon.org/)
--- a/235
+++ b/235
@ -1,228 +1,161 @@
 # frozen_string_literal: true
 source 'https://rubygems.org'
-ruby '>= 3.1.0'
+ruby '>= 2.7.0', '< 3.1.0'
-gem 'propshaft'
+gem 'pkg-config', '~> 1.5'
-gem 'puma', '~> 6.3'
+gem 'rexml', '~> 3.2'
-gem 'rack', '~> 2.2.7'
+
-gem 'rails', '~> 7.1.1'
+gem 'puma', '~> 5.6'
 gem 'rails', '~> 6.1.7'
 gem 'sprockets', '~> 3.7.2'
 gem 'thor', '~> 1.2'
 gem 'rack', '~> 2.2.6'
-gem 'dotenv'
+gem 'hamlit-rails', '~> 0.2'
-gem 'haml-rails', '~>2.0'
+gem 'pg', '~> 1.4'
-gem 'pg', '~> 1.5'
+gem 'makara', '~> 0.5'
 gem 'pghero'
 gem 'dotenv-rails', '~> 2.8'
-gem 'aws-sdk-s3', '~> 1.123', require: false
+gem 'aws-sdk-s3', '~> 1.119', require: false
 gem 'fog-core', '<= 2.4.0'
 gem 'fog-openstack', '~> 0.3', require: false
 gem 'kt-paperclip', '~> 7.1'
 gem 'blurhash', '~> 0.1'
 gem 'fog-core', '<= 2.5.0'
 gem 'fog-openstack', '~> 1.0', require: false
 gem 'kt-paperclip', '~> 7.2'
 gem 'md-paperclip-azure', '~> 2.2', require: false
 gem 'ruby-vips', '~> 2.2', require: false
 gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.8'
-gem 'bootsnap', '~> 1.18.0', require: false
+gem 'bootsnap', '~> 1.16.0', require: false
-gem 'browser', '< 6' # https://github.com/fnando/browser/issues/543
+gem 'browser'
 gem 'charlock_holmes', '~> 0.7.7'
-gem 'chewy', '~> 7.3'
+gem 'chewy', '~> 7.2'
-gem 'devise', '~> 4.9'
+gem 'devise', '~> 4.8'
-gem 'devise-two-factor'
+gem 'devise-two-factor', '~> 4.0'
 group :pam_authentication, optional: true do
  gem 'devise_pam_authenticatable2', '~> 9.2'
 end
-gem 'net-ldap', '~> 0.18'
+gem 'net-ldap', '~> 0.17'
-
+gem 'omniauth-cas', '~> 2.0'
-gem 'omniauth', '~> 2.0'
+gem 'omniauth-saml', '~> 1.10'
-gem 'omniauth-cas', '~> 3.0.0.beta.1'
+gem 'gitlab-omniauth-openid-connect', '~>0.10.1', require: 'omniauth_openid_connect'
-gem 'omniauth_openid_connect', '~> 0.6.1'
+gem 'omniauth', '~> 1.9'
-gem 'omniauth-rails_csrf_protection', '~> 1.0'
+gem 'omniauth-rails_csrf_protection', '~> 0.1'
 gem 'omniauth-saml', '~> 2.0'
 gem 'color_diff', '~> 0.1'
 gem 'csv', '~> 3.2'
 gem 'discard', '~> 1.2'
 gem 'doorkeeper', '~> 5.6'
 gem 'ed25519', '~> 1.3'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'hiredis', '~> 0.6'
 gem 'redis-namespace', '~> 1.10'
 gem 'htmlentities', '~> 4.3'
-gem 'http', '~> 5.2.0'
+gem 'http', '~> 5.1'
 gem 'http_accept_language', '~> 2.1'
-gem 'httplog', '~> 1.7.0'
+gem 'httplog', '~> 1.6.2'
 gem 'i18n'
 gem 'idn-ruby', require: 'idn'
 gem 'inline_svg'
 gem 'irb', '~> 1.8'
 gem 'kaminari', '~> 1.2'
 gem 'link_header', '~> 0.0'
-gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
+gem 'mime-types', '~> 3.4.1', require: 'mime/types/columnar'
-gem 'mime-types', '~> 3.5.0', require: 'mime/types/columnar'
+gem 'nokogiri', '~> 1.14'
-gem 'nokogiri', '~> 1.15'
+gem 'nsa', '~> 0.2'
-gem 'oj', '~> 3.14'
+gem 'oj', '~> 3.13'
 gem 'ox', '~> 2.14'
 gem 'parslet'
-gem 'premailer-rails'
+gem 'posix-spawn'
-gem 'public_suffix', '~> 6.0'
+gem 'public_suffix', '~> 5.0'
 gem 'pundit', '~> 2.3'
 gem 'premailer-rails'
 gem 'rack-attack', '~> 6.6'
-gem 'rack-cors', '~> 2.0', require: 'rack/cors'
+gem 'rack-cors', '~> 1.1', require: 'rack/cors'
-gem 'rails-i18n', '~> 7.0'
+gem 'rails-i18n', '~> 6.0'
 gem 'rails-settings-cached', '~> 0.6'
 gem 'redcarpet', '~> 3.6'
 gem 'redis', '~> 4.5', require: ['redis', 'redis/connection/hiredis']
-gem 'redis-namespace', '~> 1.10'
+gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
-gem 'rqrcode', '~> 2.2'
+gem 'rqrcode', '~> 2.1'
-gem 'ruby-progressbar', '~> 1.13'
+gem 'ruby-progressbar', '~> 1.11'
 gem 'sanitize', '~> 6.0'
 gem 'scenic', '~> 1.7'
 gem 'sidekiq', '~> 6.5'
-gem 'sidekiq-bulk', '~> 0.2.0'
+gem 'sidekiq-scheduler', '~> 4.0'
 gem 'sidekiq-scheduler', '~> 5.0'
 gem 'sidekiq-unique-jobs', '~> 7.1'
-gem 'simple_form', '~> 5.2'
+gem 'sidekiq-bulk', '~> 0.2.0'
 gem 'simple-navigation', '~> 4.4'
-gem 'stoplight', '~> 4.1'
+gem 'simple_form', '~> 5.2'
-gem 'strong_migrations'
+gem 'sprockets-rails', '~> 3.4', require: 'sprockets/railtie'
 gem 'stoplight', '~> 3.0.1'
 gem 'strong_migrations', '~> 0.7'
 gem 'tty-prompt', '~> 0.23', require: false
 gem 'twitter-text', '~> 3.1.0'
-gem 'tzinfo-data', '~> 1.2023'
+gem 'tzinfo-data', '~> 1.2022'
 gem 'webauthn', '~> 3.0'
 gem 'webpacker', '~> 5.4'
 gem 'webpush', github: 'ClearlyClaire/webpush', ref: 'f14a4d52e201128b1b00245d11b6de80d6cfdcd9'
 gem 'webauthn', '~> 2.5'
 gem 'json-ld'
 gem 'json-ld-preloaded', '~> 3.2'
 gem 'rdf-normalize', '~> 0.5'
-gem 'opentelemetry-api', '~> 1.4.0'
+group :development, :test do
  gem 'fabrication', '~> 2.30'
  gem 'fuubar', '~> 2.5'
  gem 'i18n-tasks', '~> 1.0', require: false
  gem 'pry-byebug', '~> 3.10'
  gem 'pry-rails', '~> 0.3'
  gem 'rspec-rails', '~> 5.1'
  gem 'rubocop-performance', require: false
  gem 'rubocop-rails', require: false
  gem 'rubocop-rspec', require: false
  gem 'rubocop', require: false
 end
-group :opentelemetry do
+group :production, :test do
-  gem 'opentelemetry-exporter-otlp', '~> 0.29.0', require: false
+  gem 'private_address_check', '~> 0.5'
  gem 'opentelemetry-instrumentation-active_job', '~> 0.7.1', require: false
  gem 'opentelemetry-instrumentation-active_model_serializers', '~> 0.20.1', require: false
  gem 'opentelemetry-instrumentation-concurrent_ruby', '~> 0.21.2', require: false
  gem 'opentelemetry-instrumentation-excon', '~> 0.22.0', require: false
  gem 'opentelemetry-instrumentation-faraday', '~> 0.24.1', require: false
  gem 'opentelemetry-instrumentation-http', '~> 0.23.2', require: false
  gem 'opentelemetry-instrumentation-http_client', '~> 0.22.3', require: false
  gem 'opentelemetry-instrumentation-net_http', '~> 0.22.4', require: false
  gem 'opentelemetry-instrumentation-pg', '~> 0.29.0', require: false
  gem 'opentelemetry-instrumentation-rack', '~> 0.24.1', require: false
  gem 'opentelemetry-instrumentation-rails', '~> 0.31.0', require: false
  gem 'opentelemetry-instrumentation-redis', '~> 0.25.3', require: false
  gem 'opentelemetry-instrumentation-sidekiq', '~> 0.25.2', require: false
  gem 'opentelemetry-sdk', '~> 1.4', require: false
 end
 group :test do
-  # Enable usage of all available CPUs/cores during spec runs
+  gem 'capybara', '~> 3.38'
-  gem 'flatware-rspec'
+  gem 'climate_control', '~> 0.2'
-
+  gem 'faker', '~> 3.1'
-  # Adds RSpec Error/Warning annotations to GitHub PRs on the Files tab
+  gem 'json-schema', '~> 3.0'
-  gem 'rspec-github', '~> 2.4', require: false
+  gem 'rack-test', '~> 2.0'  
  # RSpec helpers for email specs
  gem 'email_spec'
  # Extra RSpec extension methods and helpers for sidekiq
  gem 'rspec-sidekiq', '~> 5.0'
  # Browser integration testing
  gem 'capybara', '~> 3.39'
  gem 'selenium-webdriver'
  # Used to reset the database between system tests
  gem 'database_cleaner-active_record'
  # Used to mock environment variables
  gem 'climate_control'
  # Add back helpers functions removed in Rails 5.1
  gem 'rails-controller-testing', '~> 1.0'
-
+  gem 'rspec_junit_formatter', '~> 0.6'
-  # Validate schemas in specs
+  gem 'rspec-sidekiq', '~> 3.1'
  gem 'json-schema', '~> 5.0'
  # Test harness fo rack components
  gem 'rack-test', '~> 2.1'
  gem 'shoulda-matchers'
  # Coverage formatter for RSpec test if DISABLE_SIMPLECOV is false
  gem 'simplecov', '~> 0.22', require: false
  gem 'simplecov-lcov', '~> 0.8', require: false
  # Stub web requests for specs
  gem 'webmock', '~> 3.18'
 end
 group :development do
-  # Code linting CLI and plugins
+  gem 'active_record_query_trace', '~> 1.8'
  gem 'rubocop', require: false
  gem 'rubocop-capybara', require: false
  gem 'rubocop-performance', require: false
  gem 'rubocop-rails', require: false
  gem 'rubocop-rspec', require: false
  gem 'rubocop-rspec_rails', require: false
  # Annotates modules with schema
  gem 'annotate', '~> 3.2'
  # Enhanced error message pages for development
  gem 'better_errors', '~> 2.9'
  gem 'binding_of_caller', '~> 1.0'
-
+  gem 'bullet', '~> 7.0'
  # Preview mail in the browser
  gem 'letter_opener', '~> 1.8'
-  gem 'letter_opener_web', '~> 3.0'
+  gem 'letter_opener_web', '~> 2.0'
-
+  gem 'memory_profiler'
-  # Security analysis CLI tools
+  gem 'brakeman', '~> 5.4', require: false
  gem 'brakeman', '~> 6.0', require: false
  gem 'bundler-audit', '~> 0.9', require: false
-  # Linter CLI for HAML files
+  gem 'capistrano', '~> 3.17'
-  gem 'haml_lint', require: false
+  gem 'capistrano-rails', '~> 1.6'
  gem 'capistrano-rbenv', '~> 2.2'
  gem 'capistrano-yarn', '~> 2.0'
-  # Validate missing i18n keys
+  gem 'stackprof'
  gem 'i18n-tasks', '~> 1.0', require: false
 end
 group :development, :test do
  # Interactive Debugging tools
  gem 'debug', '~> 1.8'
  # Generate fake data values
  gem 'faker', '~> 3.2'
  # Generate factory objects
  gem 'fabrication', '~> 2.30'
  # Profiling tools
  gem 'memory_profiler', require: false
  gem 'ruby-prof', require: false
  gem 'stackprof', require: false
  gem 'test-prof'
  # RSpec runner for rails
  gem 'rspec-rails', '~> 7.0'
 end
 group :production do
  gem 'lograge', '~> 0.12'
 end
 gem 'cocoon', '~> 1.2'
 gem 'concurrent-ruby', require: false
 gem 'connection_pool', require: false
 gem 'xorcist', '~> 1.1'
-
+gem 'cocoon', '~> 1.2'
 gem 'net-http', '~> 0.4.0'
 gem 'rubyzip', '~> 2.3'
 gem 'hcaptcha', '~> 7.1'
 gem 'mail', '~> 2.8'
--- a/Gemfile.lock
+++ b/Gemfile.lock
--- a/2
+++ b/2
@ -11,4 +11,4 @@ worker: bundle exec sidekiq
 #
 # and let the main app use the separate app:
 #
-# heroku config:set STREAMING_API_BASE_URL=wss://<streaming-app-random>.herokuapp.com -a <main-app>
+# heroku config:set STREAMING_API_BASE_URL=wss://<streaming-app>.herokuapp.com -a <main-app>
--- a/Procfile.dev
+++ b/Procfile.dev
@ -1,4 +1,4 @@
 web: env PORT=3000 RAILS_ENV=development bundle exec puma -C config/puma.rb
 sidekiq: env PORT=3000 RAILS_ENV=development bundle exec sidekiq
-stream: env PORT=4000 yarn workspace @mastodon/streaming start
+stream: env PORT=4000 yarn run start
-webpack: bin/webpack-dev-server
+webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0
--- a/README.md
+++ b/README.md
@ -5,31 +5,39 @@
 </picture></h1>
 [![GitHub release](https://img.shields.io/github/release/mastodon/mastodon.svg)][releases]
-[![Ruby Testing](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml/badge.svg)](https://github.com/mastodon/mastodon/actions/workflows/test-ruby.yml)
+[![Build Status](https://img.shields.io/circleci/project/github/mastodon/mastodon.svg)][circleci]
 [![Code Climate](https://img.shields.io/codeclimate/maintainability/mastodon/mastodon.svg)][code_climate]
 [![Crowdin](https://d322cqt584bo4o.cloudfront.net/mastodon/localized.svg)][crowdin]
 [releases]: https://github.com/mastodon/mastodon/releases
 [circleci]: https://circleci.com/gh/mastodon/mastodon
 [code_climate]: https://codeclimate.com/github/mastodon/mastodon
 [crowdin]: https://crowdin.com/project/mastodon
-Chinwag is a **free, open-source social network server** based on ActivityPub where users can follow friends and discover new ones. Via Chinwag, users can publish anything they want: links, pictures, text, and video. Chinwag servers can interoperate as a federated network (users on one server can seamlessly communicate with users from another one, including software such as Mastodon that implements ActivityPub!)
+Mastodon is a **free, open-source social network server** based on ActivityPub where users can follow friends and discover new ones. On Mastodon, users can publish anything they want: links, pictures, text, video. All Mastodon servers are interoperable as a federated network (users on one server can seamlessly communicate with users from another one, including non-Mastodon software that implements ActivityPub!)
 Click below to **learn more** in a video:
-[![Screenshot](https://cdn.chinwag.au/2024/10/Tangerine-Preview-1-1024x532.png)][youtube_demo]
+[![Screenshot](https://cdn.chinwag.au/2024/09/chinwag-social-ogthumbnail.png)][youtube_demo]
-[youtube_demo]: https://www.youtube.com/watch?v=ncP_OVVCGdo
+[youtube_demo]: https://youtu.be/ANUOiFqHV_c
 ## Navigation
- [Project homepage](https://chinwag.au)
+- [Project homepage 🐘](https://joinmastodon.org)
- [Support our projects](https://chinwag.au/support)
+- [Support the development via Patreon][patreon]
 - [View sponsors](https://joinmastodon.org/sponsors)
- [Blog](https://chinwag.au/news)
+- [Blog](https://blog.joinmastodon.org)
 - [Documentation](https://docs.joinmastodon.org)
 - [Official Docker image](https://github.com/mastodon/mastodon/pkgs/container/mastodon)
 - [Browse Mastodon servers](https://joinmastodon.org/communities)
 - [Browse Mastodon apps](https://joinmastodon.org/apps)
 [patreon]: https://www.patreon.com/mastodon
 ## Features
-<img src="app/javascript/images/cigarmanwoman.svg?raw=true" align="right" width="30%" />
+<img src="/app/javascript/images/elephant_ui_working.svg?raw=true" align="right" width="30%" />
 ### No vendor lock-in: Fully interoperable with any conforming platform
@ -45,7 +53,7 @@ Upload and view images and WebM/MP4 videos attached to the updates. Videos with
 ### Safety and moderation tools
-Mastodon includes private posts, locked accounts, phrase filtering, muting, blocking, and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
+Mastodon includes private posts, locked accounts, phrase filtering, muting, blocking and all sorts of other features, along with a reporting and moderation system. [Learn more](https://blog.joinmastodon.org/2018/07/cage-the-mastodon/)
 ### OAuth2 and a straightforward REST API
@ -53,79 +61,29 @@ Mastodon acts as an OAuth2 provider, so 3rd party apps can use the REST and Stre
 ## Deployment
-### Tech stack
+### Tech stack:
 - **Ruby on Rails** powers the REST API and other web pages
- **React.js** and **Redux** are used for the dynamic parts of the interface
+- **React.js** and Redux are used for the dynamic parts of the interface
 - **Node.js** powers the streaming API
-### Requirements
+### Requirements:
- **PostgreSQL** 12+
+- **PostgreSQL** 9.5+
 - **Redis** 4+
- **Ruby** 3.1+
+- **Ruby** 2.7+
- **Node.js** 18+
+- **Node.js** 14+
-The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, and **Scalingo**. For Helm charts, reference the [mastodon/chart repository](https://github.com/mastodon/chart). The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
+The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. For Helm charts, reference the [mastodon/chart repository](https://github.com/mastodon/chart). The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
-## Development
+A **Vagrant** configuration is included for development purposes. To use it, complete following steps:
 ### Vagrant
 A **Vagrant** configuration is included for development purposes. To use it, complete the following steps:
 - Install Vagrant and Virtualbox
 - Install the `vagrant-hostsupdater` plugin: `vagrant plugin install vagrant-hostsupdater`
 - Run `vagrant up`
- Run `vagrant ssh -c "cd /vagrant && bin/dev"`
+- Run `vagrant ssh -c "cd /vagrant && foreman start"`
 - Open `http://mastodon.local` in your browser
 ### macOS
 To set up **macOS** for native development, complete the following steps:
 - Install [Homebrew] and run `brew install postgresql@14 redis imagemagick
 libidn nvm` to install the required project dependencies
 - Use a Ruby version manager to activate the ruby in `.ruby-version` and run
  `nvm use` to activate the node version from `.nvmrc`
 - Run the `bin/setup` script, which will install the required ruby gems and node
  packages and prepare the database for local development
 - Finally, run the `bin/dev` script which will launch services via `overmind`
  (if installed) or `foreman`
 ### Docker
 For production hosting and deployment with **Docker**, use the `Dockerfile` and
 `docker-compose.yml` in the project root directory.
 For local development, install and launch [Docker], and run:
 ```shell
 docker compose -f .devcontainer/compose.yaml up -d
 docker compose -f .devcontainer/compose.yaml exec app bin/setup
 docker compose -f .devcontainer/compose.yaml exec app bin/dev
 ```
 ### Dev Containers
 Within IDEs that support the [Development Containers] specification, start the
 "Mastodon on local machine" container from the editor. The necessary `docker
 compose` commands to build and setup the container should run automatically. For
 **Visual Studio Code** this requires installing the [Dev Container extension].
 ### GitHub Codespaces
 [GitHub Codespaces] provides a web-based version of VS Code and a cloud hosted
 development environment configured with the software needed for this project.
 [![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)][codespace]
 - Click the button to create a new codespace, and confirm the options
 - Wait for the environment to build (takes a few minutes)
 - When the editor is ready, run `bin/dev` in the terminal
 - Wait for an _Open in Browser_ prompt. This will open Mastodon
 - On the _Ports_ tab "stream" setting change _Port visibility_ → _Public_
 ## Contributing
 Mastodon is **free, open-source software** licensed under **AGPLv3**.
@ -136,17 +94,10 @@ You can open issues for bugs you've found or features you think are missing. You
 ## License
-Copyright (C) 2016-2024 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
+Copyright (C) 2016-2022 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
 You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
 [codespace]: https://codespaces.new/mastodon/mastodon?quickstart=1&devcontainer_path=.devcontainer%2Fcodespaces%2Fdevcontainer.json
 [Dev Container extension]: https://containers.dev/supporting#dev-containers
 [Development Containers]: https://containers.dev/supporting
 [Docker]: https://docs.docker.com
 [GitHub Codespaces]: https://docs.github.com/en/codespaces
 [Homebrew]: https://brew.sh
--- a/4
+++ b/4
@ -1,8 +1,6 @@
 # frozen_string_literal: true
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-require File.expand_path('config/application', __dir__)
+require File.expand_path('../config/application', __FILE__)
 Rails.application.load_tasks
--- a/SECURITY.md
+++ b/SECURITY.md
@ -1,11 +1,8 @@
 # Security Policy
-If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can either:
+If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can reach us at <security@joinmastodon.org>.
- open a [GitHub security issue on the Mastodon project](https://github.com/mastodon/mastodon/security/advisories/new)
+You should *not* report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
 - reach us at <security@joinmastodon.org>
 You should _not_ report such issues on public GitHub issues or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
 ## Scope
@ -15,7 +12,6 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through
 | Version | Supported        |
 | ------- | ---------------- |
 | 4.3.x   | Yes              |
 | 4.2.x   | Yes              |
-| 4.1.x   | Until 2025-04-08 |
+| 4.1.x   | Yes              |
 | < 4.1   | No               |
--- a/61
+++ b/61
@ -10,11 +10,7 @@ curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 sudo apt-add-repository 'deb https://dl.yarnpkg.com/debian/ stable main'
 # Add repo for NodeJS
-sudo mkdir -p /etc/apt/keyrings
+curl -sL https://deb.nodesource.com/setup_16.x | sudo bash -
 curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
 NODE_MAJOR=20
 echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
 sudo apt-get update
 # Add firewall rule to redirect 80 to PORT and save
 sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port #{ENV["PORT"]}
@ -64,38 +60,6 @@ sudo usermod -a -G rvm $USER
 SCRIPT
 $provisionElasticsearch = <<SCRIPT
 # Install Elastic Search
 sudo apt install openjdk-17-jre-headless -y
 sudo wget -O /usr/share/keyrings/elasticsearch.asc https://artifacts.elastic.co/GPG-KEY-elasticsearch
 sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
 sudo apt update
 sudo apt install elasticsearch -y
 sudo systemctl daemon-reload
 sudo systemctl enable --now elasticsearch
 echo 'path.data: /var/lib/elasticsearch
 path.logs: /var/log/elasticsearch
 network.host: 0.0.0.0
 http.port: 9200
 discovery.seed_hosts: ["localhost"]
 cluster.initial_master_nodes: ["node-1"]
 xpack.security.enabled: false' > /etc/elasticsearch/elasticsearch.yml
 sudo systemctl restart elasticsearch
 # Install Kibana
 sudo apt install kibana -y
 sudo systemctl enable --now kibana
 echo 'server.host: "0.0.0.0"
 elasticsearch.hosts: ["http://localhost:9200"]' > /etc/kibana/kibana.yml
 sudo systemctl restart kibana
 SCRIPT
 $provisionB = <<SCRIPT
 source "/etc/profile.d/rvm.sh"
@ -116,7 +80,7 @@ bundle install
 # Install node modules
 sudo corepack enable
-corepack prepare
+yarn set version classic
 yarn install
 # Build Mastodon
@ -138,8 +102,10 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.provider :virtualbox do |vb|
    vb.name = "mastodon"
-    vb.customize ["modifyvm", :id, "--memory", "8192"]
+    vb.customize ["modifyvm", :id, "--memory", "2048"]
-    vb.customize ["modifyvm", :id, "--cpus", "3"]
+    # Increase the number of CPUs. Uncomment and adjust to
    # increase performance
    # vb.customize ["modifyvm", :id, "--cpus", "3"]
    # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
    # https://github.com/mitchellh/vagrant/issues/1172
@ -151,12 +117,6 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
    vb.customize ["modifyvm", :id, "--nictype2", "virtio"]
  end
  config.vm.provider :libvirt do |libvirt|
    libvirt.cpus = 3
    libvirt.memory = 8192
  end
  # This uses the vagrant-hostsupdater plugin, and lets you
  # access the development site at http://mastodon.local.
  # If you change it, also change it in .env.vagrant before provisioning
@ -179,23 +139,16 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  # Otherwise, you can access the site at http://localhost:3000 and http://localhost:4000 , http://localhost:8080
  config.vm.network :forwarded_port, guest: 3000, host: 3000
  config.vm.network :forwarded_port, guest: 3035, host: 3035
  config.vm.network :forwarded_port, guest: 4000, host: 4000
  config.vm.network :forwarded_port, guest: 8080, host: 8080
  config.vm.network :forwarded_port, guest: 9200, host: 9200
  config.vm.network :forwarded_port, guest: 9300, host: 9300
  config.vm.network :forwarded_port, guest: 9243, host: 9243
  config.vm.network :forwarded_port, guest: 5601, host: 5601
  # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
  config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
  # Run with elevated privileges for Elasticsearch installation
  config.vm.provision :shell, inline: $provisionElasticsearch, privileged: true
  config.vm.provision :shell, inline: $provisionB, privileged: false
  config.vm.post_up_message = <<MESSAGE
 To start server
-  $ vagrant ssh -c "cd /vagrant && bin/dev"
+  $ vagrant ssh -c "cd /vagrant && foreman start"
 MESSAGE
 end
--- a/app.json
+++ b/app.json
@ -90,15 +90,9 @@
    }
  },
  "buildpacks": [
    {
      "url": "https://github.com/heroku/heroku-buildpack-activestorage-preview"
    },
    {
      "url": "https://github.com/heroku/heroku-buildpack-apt"
    },
    {
      "url": "heroku/nodejs"
    },
    {
      "url": "heroku/ruby"
    }
@ -106,6 +100,5 @@
  "scripts": {
    "postdeploy": "bundle exec rails db:migrate && bundle exec rails db:seed"
  },
-  "addons": ["heroku-postgresql", "heroku-redis"],
+  "addons": ["heroku-postgresql", "heroku-redis"]
  "stack": "heroku-24"
 }
--- a/app/chewy/accounts_index.rb
+++ b/app/chewy/accounts_index.rb
@ -3,40 +3,10 @@
 class AccountsIndex < Chewy::Index
  include DatetimeClampingConcern
-  settings index: index_preset(refresh_interval: '30s'), analysis: {
+  settings index: { refresh_interval: '30s' }, analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
-      natural: {
+      content: {
-        tokenizer: 'standard',
+        tokenizer: 'whitespace',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      verbatim: {
        tokenizer: 'standard',
        filter: %w(lowercase asciifolding cjk_width),
      },
@ -58,13 +28,18 @@ class AccountsIndex < Chewy::Index
  index_scope ::Account.searchable.includes(:account_stat)
  root date_detection: false do
-    field(:id, type: 'long')
+    field :id, type: 'long'
-    field(:following_count, type: 'long')
+
-    field(:followers_count, type: 'long')
+    field :display_name, type: 'text', analyzer: 'content' do
-    field(:properties, type: 'keyword', value: ->(account) { account.searchable_properties })
+      field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
-    field(:last_status_at, type: 'date', value: ->(account) { clamp_date(account.last_status_at || account.created_at) })
+    end
-    field(:display_name, type: 'text', analyzer: 'verbatim') { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
+
-    field(:username, type: 'text', analyzer: 'verbatim', value: ->(account) { [account.username, account.domain].compact.join('@') }) { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
+    field :acct, type: 'text', analyzer: 'content', value: ->(account) { [account.username, account.domain].compact.join('@') } do
-    field(:text, type: 'text', analyzer: 'verbatim', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
+      field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
    end
    field :following_count, type: 'long', value: ->(account) { account.following_count }
    field :followers_count, type: 'long', value: ->(account) { account.followers_count }
    field :last_status_at, type: 'date', value: ->(account) { clamp_date(account.last_status_at || account.created_at) }
  end
 end
--- a/app/chewy/instances_index.rb
+++ b/app/chewy/instances_index.rb
@ -1,12 +0,0 @@
 # frozen_string_literal: true
 class InstancesIndex < Chewy::Index
  settings index: index_preset(refresh_interval: '30s')
  index_scope ::Instance.searchable
  root date_detection: false do
    field :domain, type: 'text', index_prefixes: { min_chars: 1, max_chars: 5 }
    field :accounts_count, type: 'long'
  end
 end
--- a/app/chewy/public_statuses_index.rb
+++ b/app/chewy/public_statuses_index.rb
@ -1,69 +0,0 @@
 # frozen_string_literal: true
 class PublicStatusesIndex < Chewy::Index
  include DatetimeClampingConcern
  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
        tokenizer: 'standard',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
  index_scope ::Status.unscoped
                      .kept
                      .indexable
                      .includes(:media_attachments, :preloadable_poll, :tags, preview_cards_status: :preview_card)
  root date_detection: false do
    field(:id, type: 'long')
    field(:account_id, type: 'long')
    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
    field(:tags, type: 'text', analyzer: 'hashtag', value: ->(status) { status.tags.map(&:display_name) })
    field(:language, type: 'keyword')
    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
  end
 end
--- a/app/chewy/statuses_index.rb
+++ b/app/chewy/statuses_index.rb
@ -1,67 +1,75 @@
 # frozen_string_literal: true
 class StatusesIndex < Chewy::Index
-  include DatetimeClampingConcern
+  include FormattingHelper
-  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
+  settings index: { refresh_interval: '30s' }, analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
-        tokenizer: 'standard',
+        tokenizer: 'uax_url_email',
        filter: %w(
          english_possessive_stemmer
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
-  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :local_mentioned, :local_favorited, :local_reblogged, :local_bookmarked, :tags, preview_cards_status: :preview_card, preloadable_poll: :local_voters), delete_if: ->(status) { status.searchable_by.empty? }
+  # We do not use delete_if option here because it would call a method that we
  # expect to be called with crutches without crutches, causing n+1 queries
  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preloadable_poll)
  crutch :mentions do |collection|
    data = ::Mention.where(status_id: collection.map(&:id)).where(account: Account.local, silent: false).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :favourites do |collection|
    data = ::Favourite.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :reblogs do |collection|
    data = ::Status.where(reblog_of_id: collection.map(&:id)).where(account: Account.local).pluck(:reblog_of_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :bookmarks do |collection|
    data = ::Bookmark.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :votes do |collection|
    data = ::PollVote.joins(:poll).where(poll: { status_id: collection.map(&:id) }).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  root date_detection: false do
-    field(:id, type: 'long')
+    field :id, type: 'long'
-    field(:account_id, type: 'long')
+    field :account_id, type: 'long'
-    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
+
-    field(:tags, type: 'text', analyzer: 'hashtag',  value: ->(status) { status.tags.map(&:display_name) })
+    field :text, type: 'text', value: ->(status) { status.searchable_text } do
-    field(:searchable_by, type: 'long', value: ->(status) { status.searchable_by })
+      field :stemmed, type: 'text', analyzer: 'content'
-    field(:language, type: 'keyword')
+    end
-    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
+
-    field(:created_at, type: 'date', value: ->(status) { clamp_date(status.created_at) })
+    field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
  end
 end
--- a/app/chewy/tags_index.rb
+++ b/app/chewy/tags_index.rb
@ -3,25 +3,16 @@
 class TagsIndex < Chewy::Index
  include DatetimeClampingConcern
-  settings index: index_preset(refresh_interval: '30s'), analysis: {
+  settings index: { refresh_interval: '30s' }, analysis: {
    analyzer: {
      content: {
        tokenizer: 'keyword',
-        filter: %w(
+        filter: %w(lowercase asciifolding cjk_width),
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
      edge_ngram: {
        tokenizer: 'edge_ngram',
-        filter: %w(
+        filter: %w(lowercase asciifolding cjk_width),
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
@ -41,9 +32,12 @@ class TagsIndex < Chewy::Index
  end
  root date_detection: false do
-    field(:name, type: 'text', analyzer: 'content', value: :display_name) { field(:edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content') }
+    field :name, type: 'text', analyzer: 'content' do
-    field(:reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? })
+      field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
-    field(:usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts })
+    end
-    field(:last_status_at, type: 'date', value: ->(tag) { clamp_date(tag.last_status_at || tag.created_at) })
+
    field :reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? }
    field :usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts }
    field :last_status_at, type: 'date', value: ->(tag) { clamp_date(tag.last_status_at || tag.created_at) }
  end
 end
--- a/app/controllers/about_controller.rb
+++ b/app/controllers/about_controller.rb
@ -5,7 +5,15 @@ class AboutController < ApplicationController
  skip_before_action :require_functional!
  before_action :set_instance_presenter
  def show
-    expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
+    expires_in 0, public: true unless user_signed_in?
  end
  private
  def set_instance_presenter
    @instance_presenter = InstancePresenter.new
  end
 end
--- a/Show more
+++ b/Show more
		`@ -0,0 +1 @@`
							`LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio`