Merge branch 'main' of https://github.com/mastodon/mastodon into features/main

2023-12-29 09:54:22 +00:00 · 2023-12-29 09:54:22 +00:00 · 6bd375adab
commit 6bd375adab
parent e92b6ffbce 60f143e41f
1394 changed files with 48704 additions and 31498 deletions
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -4,11 +4,7 @@ FROM mcr.microsoft.com/devcontainers/ruby:1-3.2-bullseye
 # Install Rails
 # RUN gem install rails webdrivers
-# Default value to allow debug server to serve content over GitHub Codespace's port forwarding service
+ARG NODE_VERSION="20"
 # The value is a comma-separated list of allowed domains
 ENV RAILS_DEVELOPMENT_HOSTS=".githubpreview.dev,.preview.app.github.dev,.app.github.dev"
 ARG NODE_VERSION="16"
 RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
 # [Optional] Uncomment this section to install additional OS packages.
@ -19,6 +15,6 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
 RUN gem install foreman
 # [Optional] Uncomment this line to install global node packages.
-RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g yarn" 2>&1
+RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && corepack enable" 2>&1
 COPY welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt
--- a/.devcontainer/codespaces/devcontainer.json
+++ b/.devcontainer/codespaces/devcontainer.json
@ -0,0 +1,49 @@
 {
  "name": "Mastodon on GitHub Codespaces",
  "dockerComposeFile": "../docker-compose.yml",
  "service": "app",
  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
  "features": {
    "ghcr.io/devcontainers/features/sshd:1": {}
  },
  "runServices": ["app", "db", "redis"],
  "forwardPorts": [3000, 4000],
  "portsAttributes": {
    "3000": {
      "label": "web",
      "onAutoForward": "notify"
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent"
    }
  },
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "remoteEnv": {
    "LOCAL_DOMAIN": "${localEnv:CODESPACE_NAME}-3000.app.github.dev",
    "LOCAL_HTTPS": "true",
    "STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
    "DISABLE_FORGERY_REQUEST_PROTECTION": "true",
    "ES_ENABLED": "",
    "LIBRE_TRANSLATE_ENDPOINT": ""
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
  "postCreateCommand": ".devcontainer/post-create.sh",
  "waitFor": "postCreateCommand",
  "customizations": {
    "vscode": {
      "settings": {},
      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
    }
  }
 }
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -1,5 +1,5 @@
 {
-  "name": "Mastodon",
+  "name": "Mastodon on local machine",
  "dockerComposeFile": "docker-compose.yml",
  "service": "app",
  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
@ -8,13 +8,23 @@
    "ghcr.io/devcontainers/features/sshd:1": {}
  },
  "runServices": ["app", "db", "redis"],
  "forwardPorts": [3000, 4000],
-  "containerEnv": {
+  "portsAttributes": {
-    "ES_ENABLED": "",
+    "3000": {
-    "LIBRE_TRANSLATE_ENDPOINT": ""
+      "label": "web",
      "onAutoForward": "notify",
      "requireLocalPort": true
    },
    "4000": {
      "label": "stream",
      "onAutoForward": "silent",
      "requireLocalPort": true
    }
  },
  "otherPortsAttributes": {
    "onAutoForward": "silent"
  },
  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@ -25,6 +25,7 @@ services:
    command: sleep infinity
    ports:
      - '127.0.0.1:3000:3000'
      - '127.0.0.1:3035:3035'
      - '127.0.0.1:4000:4000'
    networks:
      - external_network
@ -69,7 +70,7 @@ services:
        hard: -1
  libretranslate:
-    image: libretranslate/libretranslate:v1.3.11
+    image: libretranslate/libretranslate:v1.5.2
    restart: unless-stopped
    volumes:
      - lt-data:/home/libretranslate/.local
--- a/.devcontainer/post-create.sh
+++ b/.devcontainer/post-create.sh
@ -11,7 +11,8 @@ bundle install
 git checkout -- Gemfile.lock
 # Fetch Javascript dependencies
-yarn --frozen-lockfile
+corepack prepare
 yarn install --immutable
 # [re]create, migrate, and seed the test database
 RAILS_ENV=test ./bin/rails db:setup
--- a/.dockerignore
+++ b/.dockerignore
@ -8,6 +8,7 @@
 public/system
 public/assets
 public/packs
 public/packs-test
 node_modules
 neo4j
 vendor/bundle
--- a/.env.test
+++ b/.env.test
@ -1,5 +1,5 @@
-# Node.js
+# In test, compile the NodeJS code as if we are in production
-NODE_ENV=tests
+NODE_ENV=production
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
--- a/.env.vagrant
+++ b/.env.vagrant
@ -2,3 +2,7 @@ VAGRANT=true
 LOCAL_DOMAIN=mastodon.local
 BIND=0.0.0.0
 DB_HOST=/var/run/postgresql/
 ES_ENABLED=true
 ES_HOST=localhost
 ES_PORT=9200
--- a/.eslintrc.js
+++ b/.eslintrc.js
@ -9,7 +9,6 @@ module.exports = {
    'plugin:import/recommended',
    'plugin:promise/recommended',
    'plugin:jsdoc/recommended',
    'plugin:prettier/recommended',
  ],
  env: {
@ -63,7 +62,9 @@ module.exports = {
    'consistent-return': 'error',
    'dot-notation': 'error',
    eqeqeq: ['error', 'always', { 'null': 'ignore' }],
    'indent': ['error', 2],
    'jsx-quotes': ['error', 'prefer-single'],
    'semi': ['error', 'always'],
    'no-case-declarations': 'off',
    'no-catch-shadow': 'error',
    'no-console': [
@ -235,7 +236,7 @@ module.exports = {
          },
          // Common React utilities
          {
-            pattern: '{classnames,react-helmet,react-router-dom}',
+            pattern: '{classnames,react-helmet,react-router,react-router-dom}',
            group: 'external',
            position: 'before',
          },
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -1,3 +0,0 @@
 patreon: mastodon
 open_collective: mastodon
 custom: https://sponsor.joinmastodon.org
--- a/.github/actions/setup-javascript/action.yml
+++ b/.github/actions/setup-javascript/action.yml
@ -0,0 +1,42 @@
 name: 'Setup Javascript'
 description: 'Setup a Javascript environment ready to run the Mastodon code'
 inputs:
  onlyProduction:
    description: Only install production dependencies
    default: 'false'
 runs:
  using: 'composite'
  steps:
    - name: Set up Node.js
      uses: actions/setup-node@v3
      with:
        node-version-file: '.nvmrc'
    # The following is needed because we can not use `cache: true` for `setup-node`, as it does not support Corepack yet and mess up with the cache location if ran after Node is installed
    - name: Enable corepack
      shell: bash
      run: corepack enable
    - name: Get yarn cache directory path
      id: yarn-cache-dir-path
      shell: bash
      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
    - uses: actions/cache@v3
      id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
      with:
        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
        key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
        restore-keys: |
          ${{ runner.os }}-yarn-
    - name: Install all yarn packages
      shell: bash
      run: yarn install --immutable
      if: inputs.onlyProduction == 'false'
    - name: Install all production yarn packages
      shell: bash
      run: yarn workspaces focus --production
      if: inputs.onlyProduction != 'false'
--- a/.github/actions/setup-ruby/action.yml
+++ b/.github/actions/setup-ruby/action.yml
@ -0,0 +1,23 @@
 name: 'Setup RUby'
 description: 'Setup a Ruby environment ready to run the Mastodon code'
 inputs:
  ruby-version:
    description: The Ruby version to install
    default: '.ruby-version'
  additional-system-dependencies:
    description: 'Additional packages to install'
 runs:
  using: 'composite'
  steps:
    - name: Install system dependencies
      shell: bash
      run: |
        sudo apt-get update
        sudo apt-get install -y libicu-dev libidn11-dev ${{ inputs.additional-system-dependencies }}
    - name: Set up Ruby
      uses: ruby/setup-ruby@v1
      with:
        ruby-version: ${{ inputs.ruby-version }}
        bundler-cache: true
--- a/.github/codecov.yml
+++ b/.github/codecov.yml
@ -0,0 +1,13 @@
 coverage:
  status:
    project:
      default:
        # Github status check is not blocking
        informational: true
    patch:
      default:
        # Github status check is not blocking
        informational: true
 comment:
  # Only write a comment in PR if there are changes
  require_changes: true
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@ -3,7 +3,6 @@
  extends: [
    'config:recommended',
    ':labels(dependencies)',
    ':maintainLockFilesMonthly', // update non-direct dependencies monthly
    ':prConcurrentLimitNone', // Remove limit for open PRs at any time.
    ':prHourlyLimit2', // Rate limit PR creation to a maximum of two per hour.
  ],
@ -13,6 +12,7 @@
  // If we do not want a package to be grouped with others, we need to set its groupName
  // to `null` after any other rule set it to something.
  dependencyDashboardHeader: 'This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. Before approving any upgrade: read the description and comments in the [`renovate.json5` file](https://github.com/mastodon/mastodon/blob/main/.github/renovate.json5).',
  postUpdateOptions: ['yarnDedupeHighest'],
  packageRules: [
    {
      // Require Dependency Dashboard Approval for major version bumps of these node packages
--- a/.github/workflows/build-container-image.yml
+++ b/.github/workflows/build-container-image.yml
@ -4,11 +4,16 @@ on:
      platforms:
        required: true
        type: string
      cache:
        type: boolean
        default: true
      use_native_arm64_builder:
        type: boolean
      push_to_images:
        type: string
-      version_suffix:
+      version_prerelease:
        type: string
      version_metadata:
        type: string
      flavor:
        type: string
@ -22,12 +27,12 @@ jobs:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
-      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-qemu-action@v3
        if: contains(inputs.platforms, 'linux/arm64') && !inputs.use_native_arm64_builder
-      - uses: docker/setup-buildx-action@v2
+      - uses: docker/setup-buildx-action@v3
        id: buildx
        if: ${{ !(inputs.use_native_arm64_builder && contains(inputs.platforms, 'linux/arm64')) }}
@ -36,7 +41,7 @@ jobs:
        run: |
          docker run --rm -d --name buildkitd -p 1234:1234 --privileged moby/buildkit:latest --addr tcp://0.0.0.0:1234
-      - uses: docker/setup-buildx-action@v2
+      - uses: docker/setup-buildx-action@v3
        id: buildx-native
        if: inputs.use_native_arm64_builder && contains(inputs.platforms, 'linux/arm64')
        with:
@ -56,39 +61,39 @@ jobs:
      - name: Log in to Docker Hub
        if: contains(inputs.push_to_images, 'tootsuite')
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Log in to the Github Container registry
        if: contains(inputs.push_to_images, 'ghcr.io')
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
-      - uses: docker/metadata-action@v4
+      - uses: docker/metadata-action@v5
        id: meta
        if: ${{ inputs.push_to_images != '' }}
        with:
          images: ${{ inputs.push_to_images }}
          # Only tag with latest when ran against the latest stable branch
          # This needs to be updated after each minor version release
          flavor: ${{ inputs.flavor }}
          tags: ${{ inputs.tags }}
          labels: ${{ inputs.labels }}
-      - uses: docker/build-push-action@v4
+      - uses: docker/build-push-action@v5
        with:
          context: .
-          build-args: MASTODON_VERSION_SUFFIX=${{ inputs.version_suffix }}
+          build-args: |
            MASTODON_VERSION_PRERELEASE=${{ inputs.version_prerelease }}
            MASTODON_VERSION_METADATA=${{ inputs.version_metadata }}
          platforms: ${{ inputs.platforms }}
          provenance: false
          builder: ${{ steps.buildx.outputs.name || steps.buildx-native.outputs.name }}
          push: ${{ inputs.push_to_images != '' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
+          cache-from: ${{ inputs.cache && 'type=gha' || '' }}
-          cache-to: type=gha,mode=max
+          cache-to: ${{ inputs.cache && 'type=gha,mode=max' || '' }}
--- a/.github/workflows/build-nightly.yml
+++ b/.github/workflows/build-nightly.yml
@ -11,14 +11,15 @@ permissions:
 jobs:
  compute-suffix:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    steps:
      - id: version_vars
        env:
          TZ: Etc/UTC
        run: |
-          echo mastodon_version_suffix=nightly-$(date +'%Y-%m-%d')>> $GITHUB_OUTPUT
+          echo mastodon_version_prerelease=nightly.$(date +'%Y-%m-%d')>> $GITHUB_OUTPUT
    outputs:
-      suffix: ${{ steps.version_vars.outputs.mastodon_version_suffix }}
+      prerelease: ${{ steps.version_vars.outputs.mastodon_version_prerelease }}
  build-image:
    needs: compute-suffix
@ -26,11 +27,11 @@ jobs:
    with:
      platforms: linux/amd64,linux/arm64
      use_native_arm64_builder: true
      cache: false
      push_to_images: |
        tootsuite/mastodon
        ghcr.io/mastodon/mastodon
-      # The `+` is important here, result will be v4.1.2+nightly-2022-03-05
+      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
      version_suffix: +${{ needs.compute-suffix.outputs.suffix }}
      labels: |
        org.opencontainers.image.description=Nightly build image used for testing purposes
      flavor: |
@ -38,5 +39,5 @@ jobs:
      tags: |
        type=raw,value=edge
        type=raw,value=nightly
-        type=schedule,pattern=${{ needs.compute-suffix.outputs.suffix }}
+        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
    secrets: inherit
--- a/.github/workflows/build-push-pr.yml
+++ b/.github/workflows/build-push-pr.yml
@ -18,12 +18,12 @@ jobs:
    steps:
      # Repository needs to be cloned so `git rev-parse` below works
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      - id: version_vars
        run: |
-          echo mastodon_version_suffix=+pr-${{ github.event.pull_request.number }}-$(git rev-parse --short HEAD) >> $GITHUB_OUTPUT
+          echo mastodon_version_metadata=pr-${{ github.event.pull_request.number }}-$(git rev-parse --short HEAD) >> $GITHUB_OUTPUT
    outputs:
-      suffix: ${{ steps.version_vars.outputs.mastodon_version_suffix }}
+      metadata: ${{ steps.version_vars.outputs.mastodon_version_metadata }}
  build-image:
    needs: compute-suffix
@ -33,7 +33,7 @@ jobs:
      use_native_arm64_builder: true
      push_to_images: |
        ghcr.io/mastodon/mastodon
-      version_suffix: ${{ needs.compute-suffix.outputs.suffix }}
+      version_metadata: ${{ needs.compute-suffix.outputs.metadata }}
      flavor: |
        latest=auto
      tags: |
--- a/.github/workflows/build-releases.yml
+++ b/.github/workflows/build-releases.yml
@ -17,8 +17,12 @@ jobs:
      push_to_images: |
        tootsuite/mastodon
        ghcr.io/mastodon/mastodon
      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
      cache: false
      # Only tag with latest when ran against the latest stable branch
      # This needs to be updated after each minor version release
      flavor: |
-        latest=${{ startsWith(github.ref, 'refs/tags/v4.1.') }}
+        latest=${{ startsWith(github.ref, 'refs/tags/v4.2.') }}
      tags: |
        type=pep440,pattern={{raw}}
        type=pep440,pattern=v{{major}}.{{minor}}
--- a/.github/workflows/bundler-audit.yml
+++ b/.github/workflows/bundler-audit.yml
@ -25,16 +25,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Install native Ruby dependencies
+      - name: Set up Ruby environment
-        run: sudo apt-get install -y libicu-dev libidn11-dev
+        uses: ./.github/actions/setup-ruby
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Run bundler-audit
        run: bundle exec bundler-audit
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@ -17,27 +17,13 @@ jobs:
    runs-on: ubuntu-22.04
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
-      - name: Install system dependencies
+      - name: Set up Ruby environment
-        run: |
+        uses: ./.github/actions/setup-ruby
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
-      - name: Set up Ruby
+      - name: Set up Javascript environment
-        uses: ruby/setup-ruby@v1
+        uses: ./.github/actions/setup-javascript
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Check for missing strings in English JSON
        run: |
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -27,7 +27,7 @@ jobs:
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
--- a/.github/workflows/crowdin-download.yml
+++ b/.github/workflows/crowdin-download.yml
@ -11,10 +11,11 @@ permissions:
 jobs:
  download-translations:
    runs-on: ubuntu-latest
    if: github.repository == 'mastodon/mastodon'
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      - name: Increase Git http.postBuffer
        # This is needed due to a bug in Ubuntu's cURL version?
@ -43,14 +44,8 @@ jobs:
        run: sudo chown -R runner:docker .
      # This is needed to run the normalize step
-      - name: Install native Ruby dependencies
+      - name: Set up Ruby environment
-        run: sudo apt-get install -y libicu-dev libidn11-dev
+        uses: ./.github/actions/setup-ruby
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Run i18n normalize task
        run: bundle exec i18n-tasks normalize
--- a/.github/workflows/crowdin-upload.yml
+++ b/.github/workflows/crowdin-upload.yml
@ -20,7 +20,7 @@ jobs:
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      - name: crowdin action
        uses: crowdin/github-action@v1
--- a/.github/workflows/lint-css.yml
+++ b/.github/workflows/lint-css.yml
@ -33,16 +33,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Set up Node.js
+      - name: Set up Javascript environment
-        uses: actions/setup-node@v3
+        uses: ./.github/actions/setup-javascript
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - uses: xt0rted/stylelint-problem-matcher@v1
--- a/.github/workflows/lint-haml.yml
+++ b/.github/workflows/lint-haml.yml
@ -28,18 +28,10 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Install native Ruby dependencies
+      - name: Set up Ruby environment
-        run: |
+        uses: ./.github/actions/setup-ruby
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Run haml-lint
        run: |
--- a/.github/workflows/lint-js.yml
+++ b/.github/workflows/lint-js.yml
@ -37,16 +37,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Set up Node.js
+      - name: Set up Javascript environment
-        uses: actions/setup-node@v3
+        uses: ./.github/actions/setup-javascript
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: ESLint
        run: yarn lint:js --max-warnings 0
--- a/.github/workflows/lint-json.yml
+++ b/.github/workflows/lint-json.yml
@ -29,16 +29,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Set up Node.js
+      - name: Set up Javascript environment
-        uses: actions/setup-node@v3
+        uses: ./.github/actions/setup-javascript
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:json
--- a/.github/workflows/lint-md.yml
+++ b/.github/workflows/lint-md.yml
@ -29,16 +29,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Set up Node.js
+      - name: Set up Javascript environment
-        uses: actions/setup-node@v3
+        uses: ./.github/actions/setup-javascript
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:md
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@ -29,16 +29,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Install native Ruby dependencies
+      - name: Set up Ruby environment
-        run: sudo apt-get install -y libicu-dev libidn11-dev
+        uses: ./.github/actions/setup-ruby
      - name: Set up Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Set-up RuboCop Problem Matcher
        uses: r7kamura/rubocop-problem-matchers-action@v1
--- a/.github/workflows/lint-yml.yml
+++ b/.github/workflows/lint-yml.yml
@ -31,16 +31,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Set up Node.js
+      - name: Set up Javascript environment
-        uses: actions/setup-node@v3
+        uses: ./.github/actions/setup-javascript
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Prettier
        run: yarn lint:yml
--- a/.github/workflows/test-js.yml
+++ b/.github/workflows/test-js.yml
@ -33,16 +33,10 @@ jobs:
    steps:
      - name: Clone repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
-      - name: Set up Node.js
+      - name: Set up Javascript environment
-        uses: actions/setup-node@v3
+        uses: ./.github/actions/setup-javascript
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install all yarn packages
        run: yarn --frozen-lockfile
      - name: Jest testing
        run: yarn jest --reporters github-actions summary
--- a/.github/workflows/test-migrations-one-step.yml
+++ b/.github/workflows/test-migrations-one-step.yml
@ -70,18 +70,10 @@ jobs:
      BUNDLE_RETRY: 3
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
-      - name: Install native Ruby dependencies
+      - name: Set up Ruby environment
-        run: |
+        uses: ./.github/actions/setup-ruby
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Create database
        run: './bin/rails db:create'
--- a/.github/workflows/test-migrations-two-step.yml
+++ b/.github/workflows/test-migrations-two-step.yml
@ -69,18 +69,10 @@ jobs:
      BUNDLE_RETRY: 3
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
-      - name: Install native Ruby dependencies
+      - name: Set up Ruby environment
-        run: |
+        uses: ./.github/actions/setup-ruby
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - name: Create database
        run: './bin/rails db:create'
--- a/.github/workflows/test-ruby.yml
+++ b/.github/workflows/test-ruby.yml
@ -32,38 +32,31 @@ jobs:
      SECRET_KEY_BASE: precompile_placeholder
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
-      - name: Set up Node.js
+      - name: Set up Ruby environment
-        uses: actions/setup-node@v3
+        uses: ./.github/actions/setup-ruby
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
        with:
-          cache: yarn
+          onlyProduction: 'true'
          node-version-file: '.nvmrc'
      - name: Install native Ruby dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libicu-dev libidn11-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: .ruby-version
          bundler-cache: true
      - run: yarn --frozen-lockfile --production
      - name: Precompile assets
        # Previously had set this, but it's not supported
        # export NODE_OPTIONS=--openssl-legacy-provider
        run: |-
          ./bin/rails assets:precompile
      - name: Archive asset artifacts
        run: |
          tar --exclude={"*.br","*.gz"} -zcf artifacts.tar.gz public/assets public/packs*
      - uses: actions/upload-artifact@v3
        if: matrix.mode == 'test'
        with:
          path: |-
-            ./public/assets
+            ./artifacts.tar.gz
            ./public/packs-test
          name: ${{ github.sha }}
          retention-days: 0
@ -101,7 +94,7 @@ jobs:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
-      DISABLE_SIMPLECOV: true
+      DISABLE_SIMPLECOV: ${{ matrix.ruby-version != '.ruby-version' }}
      RAILS_ENV: test
      ALLOW_NOPAM: true
      PAM_ENABLED: true
@ -112,7 +105,7 @@ jobs:
      SAML_ENABLED: true
      CAS_ENABLED: true
      BUNDLE_WITH: 'pam_authentication test'
-      CI_JOBS: ${{ matrix.ci_job }}/4
+      GITHUB_RSPEC: ${{ matrix.ruby-version == '.ruby-version' && github.event.pull_request && 'true' }}
    strategy:
      fail-fast: false
@ -121,38 +114,34 @@ jobs:
          - '3.0'
          - '3.1'
          - '.ruby-version'
        ci_job:
          - 1
          - 2
          - 3
          - 4
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v3
        with:
-          path: './public'
+          path: './'
          name: ${{ github.sha }}
-      - name: Update package index
+      - name: Expand archived asset artifacts
-        run: sudo apt-get update
+        run: |
          tar xvzf artifacts.tar.gz
-      - name: Install native Ruby dependencies
+      - name: Set up Ruby environment
-        run: sudo apt-get install -y libicu-dev libidn11-dev
+        uses: ./.github/actions/setup-ruby
      - name: Install additional system dependencies
        run: sudo apt-get install -y ffmpeg imagemagick libpam-dev
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby-version}}
-          bundler-cache: true
+          additional-system-dependencies: ffmpeg imagemagick libpam-dev
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
-      - run: bundle exec rake rspec_chunked
+      - run: bin/rspec
      - name: Upload coverage reports to Codecov
        if: matrix.ruby-version == '.ruby-version'
        uses: codecov/codecov-action@v3
        with:
          files: coverage/lcov/mastodon.lcov
  test-e2e:
    name: End to End testing
@ -202,35 +191,21 @@ jobs:
          - '.ruby-version'
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v3
        with:
          path: './public'
          name: ${{ github.sha }}
-      - name: Update package index
+      - name: Set up Ruby environment
-        run: sudo apt-get update
+        uses: ./.github/actions/setup-ruby
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          cache: yarn
          node-version-file: '.nvmrc'
      - name: Install native Ruby dependencies
        run: sudo apt-get install -y libicu-dev libidn11-dev
      - name: Install additional system dependencies
        run: sudo apt-get install -y ffmpeg imagemagick
      - name: Set up bundler cache
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: ${{ matrix.ruby-version}}
-          bundler-cache: true
+          additional-system-dependencies: ffmpeg imagemagick
-      - run: yarn --frozen-lockfile
+      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
@ -250,3 +225,107 @@ jobs:
        with:
          name: e2e-screenshots
          path: tmp/screenshots/
  test-search:
    name: Elastic Search integration testing
    runs-on: ubuntu-latest
    needs:
      - build
    services:
      postgres:
        image: postgres:14-alpine
        env:
          POSTGRES_PASSWORD: postgres
          POSTGRES_USER: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 5432:5432
      redis:
        image: redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
        ports:
          - 6379:6379
      search:
        image: ${{ matrix.search-image }}
        env:
          discovery.type: single-node
          xpack.security.enabled: false
        options: >-
          --health-cmd "curl http://localhost:9200/_cluster/health"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 10
        ports:
          - 9200:9200
    env:
      DB_HOST: localhost
      DB_USER: postgres
      DB_PASS: postgres
      DISABLE_SIMPLECOV: true
      RAILS_ENV: test
      BUNDLE_WITH: test
      ES_ENABLED: true
      ES_HOST: localhost
      ES_PORT: 9200
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - '3.0'
          - '3.1'
          - '.ruby-version'
        search-image:
          - docker.elastic.co/elasticsearch/elasticsearch:7.17.13
        include:
          - ruby-version: '.ruby-version'
            search-image: docker.elastic.co/elasticsearch/elasticsearch:8.10.2
    steps:
      - uses: actions/checkout@v4
      - uses: actions/download-artifact@v3
        with:
          path: './public'
          name: ${{ github.sha }}
      - name: Set up Ruby environment
        uses: ./.github/actions/setup-ruby
        with:
          ruby-version: ${{ matrix.ruby-version}}
          additional-system-dependencies: ffmpeg imagemagick
      - name: Set up Javascript environment
        uses: ./.github/actions/setup-javascript
      - name: Load database schema
        run: './bin/rails db:create db:schema:load db:seed'
      - run: bin/rspec --tag search
      - name: Archive logs
        uses: actions/upload-artifact@v3
        if: failure()
        with:
          name: test-search-logs-${{ matrix.ruby-version }}
          path: log/
      - name: Archive test screenshots
        uses: actions/upload-artifact@v3
        if: failure()
        with:
          name: test-search-screenshots
          path: tmp/screenshots/
--- a/.gitignore
+++ b/.gitignore
@ -31,9 +31,6 @@
 # Ignore Vagrant files
 .vagrant/
 # Ignore Capistrano customizations
 /config/deploy/*
 # Ignore IDE files
 .vscode/
 .idea/
@ -58,6 +55,15 @@ npm-debug.log
 yarn-error.log
 yarn-debug.log
 # From https://yarnpkg.com/getting-started/qa#which-files-should-be-gitignored
 .pnp.*
 .yarn/*
 !.yarn/patches
 !.yarn/plugins
 !.yarn/releases
 !.yarn/sdks
 !.yarn/versions
 # Ignore vagrant log files
 *-cloudimg-console.log
--- a/.haml-lint.yml
+++ b/.haml-lint.yml
@ -12,3 +12,5 @@ linters:
    enabled: true
  MiddleDot:
    enabled: true
  LineLength:
    max: 320
--- a/.haml-lint_todo.yml
+++ b/.haml-lint_todo.yml
@ -1,47 +1,33 @@
 # This configuration was generated by
 # `haml-lint --auto-gen-config`
-# on 2023-07-20 09:47:50 -0400 using Haml-Lint version 0.48.0.
+# on 2023-10-26 09:32:34 -0400 using Haml-Lint version 0.51.0.
 # The point is for the user to remove these configuration records
 # one by one as the lints are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of Haml-Lint, may require this file to be generated again.
 linters:
-  # Offense count: 951
+  # Offense count: 16
  LineLength:
    enabled: false
  # Offense count: 22
  UnnecessaryStringOutput:
    enabled: false
  # Offense count: 57
  RuboCop:
    enabled: false
  # Offense count: 3
  ViewLength:
    exclude:
-      - 'app/views/admin/accounts/show.html.haml'
+      - 'app/views/admin/account_actions/new.html.haml'
-      - 'app/views/admin/reports/show.html.haml'
+      - 'app/views/admin/accounts/index.html.haml'
-      - 'app/views/disputes/strikes/show.html.haml'
+      - 'app/views/admin/ip_blocks/new.html.haml'
  # Offense count: 32
  InstanceVariables:
    exclude:
      - 'app/views/admin/reports/_actions.html.haml'
      - 'app/views/admin/roles/_form.html.haml'
-      - 'app/views/admin/webhooks/_form.html.haml'
+      - 'app/views/admin/settings/discovery/show.html.haml'
-      - 'app/views/auth/registrations/_status.html.haml'
+      - 'app/views/auth/registrations/edit.html.haml'
-      - 'app/views/auth/sessions/two_factor/_otp_authentication_form.html.haml'
+      - 'app/views/auth/registrations/new.html.haml'
-      - 'app/views/authorize_interactions/_post_follow_actions.html.haml'
+      - 'app/views/filters/_filter_fields.html.haml'
-      - 'app/views/invites/_form.html.haml'
+      - 'app/views/media/player.html.haml'
-      - 'app/views/relationships/_account.html.haml'
+      - 'app/views/settings/applications/_fields.html.haml'
-      - 'app/views/shared/_og.html.haml'
+      - 'app/views/settings/imports/index.html.haml'
      - 'app/views/settings/preferences/appearance/show.html.haml'
      - 'app/views/settings/preferences/notifications/show.html.haml'
      - 'app/views/settings/preferences/other/show.html.haml'
-  # Offense count: 3
+  # Offense count: 9
-  IdNames:
+  RuboCop:
    exclude:
-      - 'app/views/authorize_interactions/error.html.haml'
+      - 'app/views/admin/accounts/_buttons.html.haml'
-      - 'app/views/oauth/authorizations/error.html.haml'
+      - 'app/views/admin/accounts/_local_account.html.haml'
-      - 'app/views/shared/_error_messages.html.haml'
+      - 'app/views/admin/roles/_form.html.haml'
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-16.20
+20.9
--- a/.prettierignore
+++ b/.prettierignore
@ -31,9 +31,6 @@
 # Ignore Vagrant files
 .vagrant/
 # Ignore Capistrano customizations
 /config/deploy/*
 # Ignore IDE files
 .vscode/
 .idea/
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -27,7 +27,8 @@ AllCops:
    - 'node_modules/**/*'
    - 'Vagrantfile'
    - 'vendor/**/*'
-    - 'lib/json_ld/*' # Generated files
+    - 'config/initializers/json_ld*' # Generated files
    - 'lib/mastodon/migration_helpers.rb' # Vendored from GitLab
    - 'lib/templates/**/*'
 # Reason: Prefer Hashes without extreme indentation
@ -75,12 +76,6 @@ Metrics/AbcSize:
    - 'lib/mastodon/cli/*.rb'
    - db/*migrate/**/*
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricsblocknesting
 Metrics/BlockNesting:
  Exclude:
    - 'lib/mastodon/cli/*.rb'
 # Reason: Currently disabled in .rubocop_todo.yml
 # https://docs.rubocop.org/rubocop/cops_metrics.html#metricscyclomaticcomplexity
 Metrics/CyclomaticComplexity:
@ -114,16 +109,11 @@ Rails/Exit:
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecfilepath
 RSpec/FilePath:
  CustomTransform:
-    ActivityPub: activitypub # Ignore the snake_case due to the amount of files to rename
+    ActivityPub: activitypub
    DeepL: deepl
    FetchOEmbedService: fetch_oembed_service
    JsonLdHelper: jsonld_helper
    OEmbedController: oembed_controller
    OStatus: ostatus
    NodeInfoController: nodeinfo_controller # NodeInfo isn't snake_cased for any of the instances
  Exclude:
    - 'spec/config/initializers/rack_attack_spec.rb' # namespaces usually have separate folder
    - 'spec/lib/sanitize_config_spec.rb' # namespaces usually have separate folder
 # Reason:
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecnamedsubject
@ -140,6 +130,16 @@ RSpec/NotToNot:
 RSpec/Rails/HttpStatus:
  EnforcedStyle: numeric
 # Reason: Match overrides from Rspec/FilePath rule above
 # https://docs.rubocop.org/rubocop-rspec/cops_rspec.html#rspecspecfilepathformat
 RSpec/SpecFilePathFormat:
  CustomTransform:
    ActivityPub: activitypub
    DeepL: deepl
    FetchOEmbedService: fetch_oembed_service
    OEmbedController: oembed_controller
    OStatus: ostatus
 # Reason:
 # https://docs.rubocop.org/rubocop/cops_style.html#styleclassandmodulechildren
 Style/ClassAndModuleChildren:
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --no-exclude-limit --no-offense-counts --no-auto-gen-timestamp`
-# using RuboCop version 1.56.1.
+# using RuboCop version 1.57.2.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@ -13,32 +13,6 @@ Bundler/OrderedGems:
  Exclude:
    - 'Gemfile'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, IndentationWidth.
 # SupportedStyles: with_first_argument, with_fixed_indentation
 Layout/ArgumentAlignment:
  Exclude:
    - 'config/initializers/cors.rb'
    - 'config/initializers/session_store.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
 # SupportedHashRocketStyles: key, separator, table
 # SupportedColonStyles: key, separator, table
 # SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
 Layout/HashAlignment:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/rack_attack.rb'
    - 'config/routes.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowDoxygenCommentStyle, AllowGemfileRubyComment.
 Layout/LeadingCommentSpace:
  Exclude:
    - 'config/application.rb'
    - 'config/initializers/omniauth.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
 # URISchemes: http, https
@ -46,63 +20,10 @@ Layout/LineLength:
  Exclude:
    - 'app/models/account.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: require_no_space, require_space
 Layout/SpaceInLambdaLiteral:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/content_security_policy.rb'
 # Configuration parameters: AllowComments, AllowEmptyLambdas.
 Lint/EmptyBlock:
  Exclude:
    - 'spec/controllers/api/v2/search_controller_spec.rb'
    - 'spec/fabricators/access_token_fabricator.rb'
    - 'spec/fabricators/conversation_fabricator.rb'
    - 'spec/fabricators/system_key_fabricator.rb'
    - 'spec/lib/activitypub/adapter_spec.rb'
    - 'spec/models/user_role_spec.rb'
 Lint/NonLocalExitFromIterator:
  Exclude:
    - 'app/helpers/jsonld_helper.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Lint/OrAssignmentToConstant:
  Exclude:
    - 'lib/sanitize_ext/sanitize_config.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
 Lint/UnusedBlockArgument:
  Exclude:
    - 'config/initializers/content_security_policy.rb'
    - 'config/initializers/doorkeeper.rb'
    - 'config/initializers/paperclip.rb'
    - 'config/initializers/simple_form.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Lint/UselessAssignment:
  Exclude:
    - 'app/services/activitypub/process_status_update_service.rb'
    - 'config/initializers/omniauth.rb'
    - 'db/migrate/20190511134027_add_silenced_at_suspended_at_to_accounts.rb'
    - 'db/post_migrate/20190511152737_remove_suspended_silenced_account_fields.rb'
    - 'spec/controllers/api/v1/favourites_controller_spec.rb'
    - 'spec/controllers/concerns/account_controller_concern_spec.rb'
    - 'spec/helpers/jsonld_helper_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/domain_block_spec.rb'
    - 'spec/models/status_spec.rb'
    - 'spec/models/user_spec.rb'
    - 'spec/models/webauthn_credentials_spec.rb'
    - 'spec/services/account_search_service_spec.rb'
    - 'spec/services/post_status_service_spec.rb'
    - 'spec/services/precompute_feed_service_spec.rb'
    - 'spec/services/resolve_url_service_spec.rb'
    - 'spec/views/statuses/show.html.haml_spec.rb'
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
  Max: 144
@ -120,101 +41,14 @@ Metrics/CyclomaticComplexity:
 Metrics/PerceivedComplexity:
  Max: 27
 # Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
 # SupportedStyles: snake_case, normalcase, non_integer
 # AllowedIdentifiers: capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
 Naming/VariableNumber:
  Exclude:
    - 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
    - 'db/migrate/20180514140000_revert_index_change_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
    - 'db/migrate/20190820003045_update_statuses_index.rb'
    - 'db/migrate/20190823221802_add_local_index_to_statuses.rb'
    - 'db/migrate/20200119112504_add_public_index_to_statuses.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/domain_block_spec.rb'
    - 'spec/models/user_spec.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: SafeMultiline.
 Performance/DeletePrefix:
  Exclude:
    - 'app/models/featured_tag.rb'
 Performance/MapMethodChain:
  Exclude:
    - 'app/models/feed.rb'
    - 'lib/mastodon/cli/maintenance.rb'
    - 'spec/services/bulk_import_service_spec.rb'
    - 'spec/services/import_service_spec.rb'
 RSpec/AnyInstance:
  Exclude:
    - 'spec/controllers/activitypub/inboxes_controller_spec.rb'
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/controllers/admin/resets_controller_spec.rb'
    - 'spec/controllers/admin/settings/branding_controller_spec.rb'
    - 'spec/controllers/api/v1/media_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/recovery_codes_controller_spec.rb'
    - 'spec/lib/request_spec.rb'
    - 'spec/lib/status_filter_spec.rb'
    - 'spec/models/account_spec.rb'
    - 'spec/models/setting_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/validators/follow_limit_validator_spec.rb'
    - 'spec/workers/activitypub/delivery_worker_spec.rb'
    - 'spec/workers/web/push_notification_worker_spec.rb'
 # Configuration parameters: CountAsOne.
 RSpec/ExampleLength:
  Max: 22
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: implicit, each, example
 RSpec/HookArgument:
  Exclude:
    - 'spec/controllers/api/v1/streaming_controller_spec.rb'
    - 'spec/controllers/well_known/webfinger_controller_spec.rb'
    - 'spec/helpers/instance_helper_spec.rb'
    - 'spec/models/user_spec.rb'
    - 'spec/rails_helper.rb'
    - 'spec/serializers/activitypub/note_serializer_spec.rb'
    - 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
    - 'spec/services/import_service_spec.rb'
 # Configuration parameters: AssignmentOnly.
 RSpec/InstanceVariable:
  Exclude:
    - 'spec/controllers/api/v1/streaming_controller_spec.rb'
    - 'spec/controllers/auth/confirmations_controller_spec.rb'
    - 'spec/controllers/auth/passwords_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
    - 'spec/controllers/concerns/export_controller_concern_spec.rb'
    - 'spec/controllers/home_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/webauthn_credentials_controller_spec.rb'
    - 'spec/controllers/statuses_cleanup_controller_spec.rb'
    - 'spec/models/concerns/account_finder_concern_spec.rb'
    - 'spec/models/concerns/account_interactions_spec.rb'
    - 'spec/models/public_feed_spec.rb'
    - 'spec/serializers/activitypub/note_serializer_spec.rb'
    - 'spec/serializers/activitypub/update_poll_serializer_spec.rb'
    - 'spec/services/remove_status_service_spec.rb'
    - 'spec/services/search_service_spec.rb'
    - 'spec/services/unblock_domain_service_spec.rb'
 RSpec/LetSetup:
  Exclude:
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/controllers/admin/action_logs_controller_spec.rb'
    - 'spec/controllers/admin/instances_controller_spec.rb'
    - 'spec/controllers/admin/reports/actions_controller_spec.rb'
    - 'spec/controllers/admin/statuses_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/statuses_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/filters_controller_spec.rb'
    - 'spec/controllers/api/v1/followed_tags_controller_spec.rb'
    - 'spec/controllers/api/v2/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/keywords_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/statuses_controller_spec.rb'
@ -253,31 +87,6 @@ RSpec/LetSetup:
    - 'spec/services/unsuspend_account_service_spec.rb'
    - 'spec/workers/scheduler/user_cleanup_scheduler_spec.rb'
 RSpec/MessageChain:
  Exclude:
    - 'spec/controllers/api/v1/media_controller_spec.rb'
    - 'spec/models/concerns/remotable_spec.rb'
    - 'spec/models/session_activation_spec.rb'
    - 'spec/models/setting_spec.rb'
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: have_received, receive
 RSpec/MessageSpies:
  Exclude:
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/helpers/admin/account_moderation_notes_helper_spec.rb'
    - 'spec/lib/webfinger_resource_spec.rb'
    - 'spec/models/admin/account_action_spec.rb'
    - 'spec/models/concerns/remotable_spec.rb'
    - 'spec/models/follow_request_spec.rb'
    - 'spec/models/identity_spec.rb'
    - 'spec/models/session_activation_spec.rb'
    - 'spec/models/setting_spec.rb'
    - 'spec/services/activitypub/fetch_replies_service_spec.rb'
    - 'spec/services/activitypub/process_collection_service_spec.rb'
    - 'spec/spec_helper.rb'
    - 'spec/validators/status_length_validator_spec.rb'
 RSpec/MultipleExpectations:
  Max: 8
@ -289,35 +98,11 @@ RSpec/MultipleMemoizedHelpers:
 RSpec/NestedGroups:
  Max: 6
 RSpec/PendingWithoutReason:
  Exclude:
    - 'spec/models/account_spec.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Rails/ApplicationController:
  Exclude:
    - 'app/controllers/health_controller.rb'
 # Configuration parameters: Include.
 # Include: db/**/*.rb
 Rails/CreateTableWithTimestamps:
  Exclude:
    - 'db/migrate/20170508230434_create_conversation_mutes.rb'
    - 'db/migrate/20170823162448_create_status_pins.rb'
    - 'db/migrate/20171116161857_create_list_accounts.rb'
    - 'db/migrate/20180929222014_create_account_conversations.rb'
    - 'db/migrate/20181007025445_create_pghero_space_stats.rb'
    - 'db/migrate/20190103124649_create_scheduled_statuses.rb'
    - 'db/migrate/20220824233535_create_status_trends.rb'
    - 'db/migrate/20221006061337_create_preview_card_trends.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: Severity.
 Rails/DuplicateAssociation:
  Exclude:
    - 'app/serializers/activitypub/collection_serializer.rb'
    - 'app/serializers/activitypub/note_serializer.rb'
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
 Rails/HasAndBelongsToMany:
@ -341,18 +126,12 @@ Rails/HasManyOrHasOneDependent:
    - 'app/models/user.rb'
    - 'app/models/web/push_subscription.rb'
 Rails/I18nLocaleTexts:
  Exclude:
    - 'lib/tasks/mastodon.rake'
    - 'spec/helpers/flashes_helper_spec.rb'
 # Configuration parameters: Include.
 # Include: app/controllers/**/*.rb, app/mailers/**/*.rb
 Rails/LexicallyScopedActionFilter:
  Exclude:
    - 'app/controllers/auth/passwords_controller.rb'
    - 'app/controllers/auth/registrations_controller.rb'
    - 'app/controllers/auth/sessions_controller.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Rails/NegateInclude:
@ -368,7 +147,6 @@ Rails/NegateInclude:
    - 'app/models/custom_filter.rb'
    - 'app/services/activitypub/process_status_update_service.rb'
    - 'app/services/fetch_link_card_service.rb'
    - 'app/services/search_service.rb'
    - 'app/workers/web/push_notification_worker.rb'
    - 'lib/paperclip/color_extractor.rb'
@ -388,24 +166,6 @@ Rails/RakeEnvironment:
    - 'lib/tasks/repo.rake'
    - 'lib/tasks/statistics.rake'
 # Configuration parameters: Include.
 # Include: db/**/*.rb
 Rails/ReversibleMigration:
  Exclude:
    - 'db/migrate/20160223164502_make_uris_nullable_in_statuses.rb'
    - 'db/migrate/20161122163057_remove_unneeded_indexes.rb'
    - 'db/migrate/20170205175257_remove_devices.rb'
    - 'db/migrate/20170322143850_change_primary_key_to_bigint_on_statuses.rb'
    - 'db/migrate/20170520145338_change_language_filter_to_opt_out.rb'
    - 'db/migrate/20170609145826_remove_default_language_from_statuses.rb'
    - 'db/migrate/20170711225116_fix_null_booleans.rb'
    - 'db/migrate/20171129172043_add_index_on_stream_entries.rb'
    - 'db/migrate/20171212195226_remove_duplicate_indexes_in_lists.rb'
    - 'db/migrate/20171226094803_more_faster_index_on_notifications.rb'
    - 'db/migrate/20180106000232_add_index_on_statuses_for_api_v1_accounts_account_id_statuses.rb'
    - 'db/migrate/20180617162849_remove_unused_indexes.rb'
    - 'db/migrate/20220827195229_change_canonical_email_blocks_nullable.rb'
 # Configuration parameters: ForbiddenMethods, AllowedMethods.
 # ForbiddenMethods: decrement!, decrement_counter, increment!, increment_counter, insert, insert!, insert_all, insert_all!, toggle!, touch, touch_all, update_all, update_attribute, update_column, update_columns, update_counters, upsert, upsert_all
 Rails/SkipsModelValidations:
@ -452,37 +212,11 @@ Rails/SkipsModelValidations:
    - 'db/post_migrate/20221101190723_backfill_admin_action_logs.rb'
    - 'db/post_migrate/20221206114142_backfill_admin_action_logs_again.rb'
    - 'lib/mastodon/cli/accounts.rb'
    - 'lib/mastodon/cli/main.rb'
    - 'lib/mastodon/cli/maintenance.rb'
    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
    - 'spec/lib/activitypub/activity/follow_spec.rb'
    - 'spec/services/follow_service_spec.rb'
    - 'spec/services/update_account_service_spec.rb'
 # Configuration parameters: Include.
 # Include: db/**/*.rb
 Rails/ThreeStateBooleanColumn:
  Exclude:
    - 'db/migrate/20160325130944_add_admin_to_users.rb'
    - 'db/migrate/20161123093447_add_sensitive_to_statuses.rb'
    - 'db/migrate/20170123203248_add_reject_media_to_domain_blocks.rb'
    - 'db/migrate/20170127165745_add_devise_two_factor_to_users.rb'
    - 'db/migrate/20170209184350_add_reply_to_statuses.rb'
    - 'db/migrate/20170330163835_create_imports.rb'
    - 'db/migrate/20170905165803_add_local_to_statuses.rb'
    - 'db/migrate/20181203021853_add_discoverable_to_accounts.rb'
    - 'db/migrate/20190509164208_add_by_moderator_to_tombstone.rb'
    - 'db/migrate/20190805123746_add_capabilities_to_tags.rb'
    - 'db/migrate/20191212163405_add_hide_collections_to_accounts.rb'
    - 'db/migrate/20200309150742_add_forwarded_to_reports.rb'
    - 'db/migrate/20210609202149_create_login_activities.rb'
    - 'db/migrate/20210621221010_add_skip_sign_in_token_to_users.rb'
    - 'db/migrate/20211031031021_create_preview_card_providers.rb'
    - 'db/migrate/20211115032527_add_trendable_to_preview_cards.rb'
    - 'db/migrate/20220202200743_add_trendable_to_accounts.rb'
    - 'db/migrate/20220202200926_add_trendable_to_statuses.rb'
    - 'db/migrate/20220303000827_add_ordered_media_attachment_ids_to_status_edits.rb'
 # Configuration parameters: Include.
 # Include: app/models/**/*.rb
 Rails/UniqueValidationWithoutIndex:
@ -546,7 +280,7 @@ Style/CaseEquality:
  Exclude:
    - 'config/initializers/trusted_proxies.rb'
-# This cop supports safe autocorrection (--autocorrect).
+# This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 # AllowedMethods: ==, equal?, eql?
 Style/ClassEqualityComparison:
@ -558,12 +292,6 @@ Style/ClassVars:
  Exclude:
    - 'config/initializers/devise.rb'
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/CombinableLoops:
  Exclude:
    - 'app/models/form/custom_emoji_batch.rb'
    - 'app/models/form/ip_block_batch.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowedVars.
 Style/FetchEnvVar:
@ -573,11 +301,10 @@ Style/FetchEnvVar:
    - 'config/environments/development.rb'
    - 'config/environments/production.rb'
    - 'config/initializers/2_limited_federation_mode.rb'
    - 'config/initializers/3_omniauth.rb'
    - 'config/initializers/blacklists.rb'
    - 'config/initializers/cache_buster.rb'
    - 'config/initializers/content_security_policy.rb'
    - 'config/initializers/devise.rb'
    - 'config/initializers/omniauth.rb'
    - 'config/initializers/paperclip.rb'
    - 'config/initializers/vapid.rb'
    - 'lib/mastodon/premailer_webpack_strategy.rb'
@ -760,7 +487,6 @@ Style/RedundantReturn:
 Style/SafeNavigation:
  Exclude:
    - 'app/models/concerns/account_finder_concern.rb'
    - 'app/models/status.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
@ -775,14 +501,6 @@ Style/SingleArgumentDig:
  Exclude:
    - 'lib/webpacker/manifest_extensions.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: require_parentheses, require_no_parentheses
 Style/StabbyLambdaParentheses:
  Exclude:
    - 'config/environments/production.rb'
    - 'config/initializers/content_security_policy.rb'
 # This cop supports safe autocorrection (--autocorrect).
 Style/StderrPuts:
  Exclude:
@ -811,7 +529,7 @@ Style/StringLiterals:
 # AllowedMethods: define_method, mail, respond_to
 Style/SymbolProc:
  Exclude:
-    - 'config/initializers/omniauth.rb'
+    - 'config/initializers/3_omniauth.rb'
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, AllowSafeAssignment.
@ -841,6 +559,3 @@ Style/TrailingCommaInHashLiteral:
 Style/WordArray:
  Exclude:
    - 'app/helpers/languages_helper.rb'
    - 'config/initializers/cors.rb'
    - 'spec/controllers/settings/imports_controller_spec.rb'
    - 'spec/models/form/import_spec.rb'
--- a/.simplecov
+++ b/.simplecov
@ -0,0 +1,22 @@
 # frozen_string_literal: true
 if ENV['CI']
  require 'simplecov-lcov'
  SimpleCov::Formatter::LcovFormatter.config.report_with_single_file = true
  SimpleCov.formatter = SimpleCov::Formatter::LcovFormatter
 else
  SimpleCov.formatter = SimpleCov::Formatter::HTMLFormatter
 end
 SimpleCov.start 'rails' do
  enable_coverage :branch
  add_filter 'lib/linter'
  add_group 'Libraries', 'lib'
  add_group 'Policies', 'app/policies'
  add_group 'Presenters', 'app/presenters'
  add_group 'Serializers', 'app/serializers'
  add_group 'Services', 'app/services'
  add_group 'Validators', 'app/validators'
 end
--- a/.watchmanconfig
+++ b/.watchmanconfig
@ -0,0 +1,3 @@
 {
  "ignore_dirs": ["node_modules/", "public/"]
 }
--- a/.yarn/.gitkeep
+++ b/.yarn/.gitkeep
--- a/.yarn/patches/babel-plugin-lodash-npm-3.3.4-c7161075b6.patch
+++ b/.yarn/patches/babel-plugin-lodash-npm-3.3.4-c7161075b6.patch
@ -0,0 +1,13 @@
 diff --git a/lib/index.js b/lib/index.js
 index 16ed6be8be8f555cc99096c2ff60954b42dc313d..d009c069770d066ad0db7ad02de1ea473a29334e 100644
 --- a/lib/index.js
 +++ b/lib/index.js
@@ -99,7 +99,7 @@ function lodash(_ref) {
         var node = _ref3;
 -        if ((0, _types.isModuleDeclaration)(node)) {
 +        if ((0, _types.isImportDeclaration)(node)  || (0, _types.isExportDeclaration)(node)) {
           isModule = true;
           break;
         }
--- a/.yarn/patches/compression-webpack-plugin-npm-6.1.1-3a2a65987e.patch
+++ b/.yarn/patches/compression-webpack-plugin-npm-6.1.1-3a2a65987e.patch
@ -0,0 +1,22 @@
 diff --git a/dist/index.js b/dist/index.js
 index 57e375592d984e9a429bcd9f800fa2d15cd662e4..0c47d96df3608e23adfd77d887a8f72abbd501c0 100644
 --- a/dist/index.js
 +++ b/dist/index.js
@@ -5,7 +5,7 @@ Object.defineProperty(exports, "__esModule", {
 });
 exports.default = void 0;
 -var _crypto = _interopRequireDefault(require("crypto"));
 +var _createHash = _interopRequireDefault(require("webpack/lib/util/createHash"));
 var _path = _interopRequireDefault(require("path"));
@@ -227,7 +227,7 @@ class CompressionPlugin {
             originalAlgorithm: this.options.algorithm,
             compressionOptions: this.options.compressionOptions,
             name,
 -            contentHash: _crypto.default.createHash("md4").update(input).digest("hex")
 +            contentHash: _createHash.default("md4").update(input).digest("hex")
           };
         } else {
           cacheData.name = (0, _serializeJavascript.default)({
--- a/.yarnclean
+++ b/.yarnclean
@ -1,49 +0,0 @@
 # test directories
 __tests__
 test
 tests
 powered-test
 # asset directories
 docs
 doc
 website
 images
 # assets
 # examples
 example
 examples
 # code coverage directories
 coverage
 .nyc_output
 # build scripts
 Makefile
 Gulpfile.js
 Gruntfile.js
 # configs
 .tern-project
 .gitattributes
 .editorconfig
 .*ignore
 .eslintrc
 .jshintrc
 .flowconfig
 .documentup.json
 .yarn-metadata.json
 .*.yml
 *.yml
 # misc
 *.gz
 *.md
 # for specific ignore
 !.svgo.yml
 !sass-lint/**/*.yml
 # breaks lint-staged or generally anything using https://github.com/eemeli/yaml/issues/384
 !**/yaml/dist/**/doc
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@ -0,0 +1 @@
 nodeLinker: node-modules
--- a/AUTHORS.md
+++ b/AUTHORS.md
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/15
+++ b/15
@ -1,15 +0,0 @@
 # frozen_string_literal: true
 require 'capistrano/setup'
 require 'capistrano/deploy'
 require 'capistrano/scm/git'
 install_plugin Capistrano::SCM::Git
 require 'capistrano/rbenv'
 require 'capistrano/bundler'
 require 'capistrano/yarn'
 require 'capistrano/rails/assets'
 require 'capistrano/rails/migrations'
 Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }
--- a/38
+++ b/38
@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1.4
-# This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
+# This needs to be bookworm-slim because the Ruby image is built on bookworm-slim
-ARG NODE_VERSION="16.20-bullseye-slim"
+ARG NODE_VERSION="20.9-bookworm-slim"
 FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.2-slim as ruby
 FROM node:${NODE_VERSION} as build
@ -13,21 +13,21 @@ ENV DEBIAN_FRONTEND="noninteractive" \
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 WORKDIR /opt/mastodon
 COPY Gemfile* package.json yarn.lock /opt/mastodon/
 # hadolint ignore=DL3008
 RUN apt-get update && \
    apt-get -yq dist-upgrade && \
    apt-get install -y --no-install-recommends build-essential \
        git \
        libicu-dev \
-        libidn11-dev \
+        libidn-dev \
        libpq-dev \
        libjemalloc-dev \
        zlib1g-dev \
        libgdbm-dev \
        libgmp-dev \
        libssl-dev \
-        libyaml-0-2 \
+        libyaml-dev \
        ca-certificates \
        libreadline8 \
        python3 \
@ -35,15 +35,22 @@ RUN apt-get update && \
    bundle config set --local deployment 'true' && \
    bundle config set --local without 'development test' && \
    bundle config set silence_root_warning true && \
-    bundle install -j"$(nproc)" && \
+    corepack enable
-    yarn install --pure-lockfile --production --network-timeout 600000 && \
+
 COPY Gemfile* package.json yarn.lock .yarnrc.yml /opt/mastodon/
 COPY streaming/package.json /opt/mastodon/streaming/
 COPY .yarn /opt/mastodon/.yarn
 RUN bundle install -j"$(nproc)"
 RUN yarn workspaces focus --all --production && \
    yarn cache clean
 FROM node:${NODE_VERSION}
 # Use those args to specify your own version flags & suffixes
-ARG MASTODON_VERSION_FLAGS=""
+ARG MASTODON_VERSION_PRERELEASE=""
-ARG MASTODON_VERSION_SUFFIX=""
+ARG MASTODON_VERSION_METADATA=""
 ARG UID="991"
 ARG GID="991"
@ -64,20 +71,21 @@ RUN apt-get update && \
    apt-get -y --no-install-recommends install whois \
        wget \
        procps \
-        libssl1.1 \
+        libssl3 \
        libpq5 \
        imagemagick \
        ffmpeg \
        libjemalloc2 \
-        libicu67 \
+        libicu72 \
-        libidn11 \
+        libidn12 \
        libyaml-0-2 \
        file \
        ca-certificates \
        tzdata \
        libreadline8 \
        tini && \
-    ln -s /opt/mastodon /mastodon
+    ln -s /opt/mastodon /mastodon && \
    corepack enable
 # Note: no, cleaning here since Debian does this automatically
 # See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
@ -89,8 +97,8 @@ ENV RAILS_ENV="production" \
    NODE_ENV="production" \
    RAILS_SERVE_STATIC_FILES="true" \
    BIND="0.0.0.0" \
-    MASTODON_VERSION_FLAGS="${MASTODON_VERSION_FLAGS}" \
+    MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
-    MASTODON_VERSION_SUFFIX="${MASTODON_VERSION_SUFFIX}"
+    MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}"
 # Set the run user
 USER mastodon
--- a/FEDERATION.md
+++ b/FEDERATION.md
@ -27,4 +27,5 @@ More information on HTTP Signatures, as well as examples, can be found here: htt
 - Linked-Data Signatures: https://docs.joinmastodon.org/spec/security/#ld
 - Bearcaps: https://docs.joinmastodon.org/spec/bearcaps/
- Followers collection synchronization: https://git.activitypub.dev/ActivityPubDev/Fediverse-Enhancement-Proposals/src/branch/main/feps/fep-8fcf.md
+- Followers collection synchronization: https://codeberg.org/fediverse/fep/src/branch/main/fep/8fcf/fep-8fcf.md
 - Search indexing consent for actors: https://codeberg.org/fediverse/fep/src/branch/main/fep/5feb/fep-5feb.md
--- a/26
+++ b/26
@ -4,7 +4,7 @@ source 'https://rubygems.org'
 ruby '>= 3.0.0'
 gem 'puma', '~> 6.3'
-gem 'rails', '~> 7.0'
+gem 'rails', '~> 7.1.1'
 gem 'sprockets', '~> 3.7.2'
 gem 'thor', '~> 1.2'
 gem 'rack', '~> 2.2.7'
@ -16,14 +16,14 @@ gem 'dotenv-rails', '~> 2.8'
 gem 'aws-sdk-s3', '~> 1.123', require: false
 gem 'fog-core', '<= 2.4.0'
-gem 'fog-openstack', '~> 0.3', require: false
+gem 'fog-openstack', '~> 1.0', require: false
 gem 'kt-paperclip', '~> 7.2'
 gem 'md-paperclip-azure', '~> 2.2', require: false
 gem 'blurhash', '~> 0.1'
 gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.8'
-gem 'bootsnap', '~> 1.16.0', require: false
+gem 'bootsnap', '~> 1.17.0', require: false
 gem 'browser'
 gem 'charlock_holmes', '~> 0.7.7'
 gem 'chewy', '~> 7.3'
@ -88,7 +88,7 @@ gem 'simple-navigation', '~> 4.4'
 gem 'simple_form', '~> 5.2'
 gem 'sprockets-rails', '~> 3.4', require: 'sprockets/railtie'
 gem 'stoplight', '~> 3.0.1'
-gem 'strong_migrations', '~> 0.8'
+gem 'strong_migrations', '1.6.4'
 gem 'tty-prompt', '~> 0.23', require: false
 gem 'twitter-text', '~> 3.1.0'
 gem 'tzinfo-data', '~> 1.2023'
@ -103,14 +103,17 @@ gem 'rdf-normalize', '~> 0.5'
 gem 'private_address_check', '~> 0.5'
 group :test do
-  # Used to split testing into chunks in CI
+  # Adds RSpec Error/Warning annotations to GitHub PRs on the Files tab
-  gem 'rspec_chunked', '~> 0.6'
+  gem 'rspec-github', '~> 2.4', require: false
  # RSpec progress bar formatter
  gem 'fuubar', '~> 2.5'
  # RSpec helpers for email specs
  gem 'email_spec'
  # Extra RSpec extenion methods and helpers for sidekiq
-  gem 'rspec-sidekiq', '~> 3.1'
+  gem 'rspec-sidekiq', '~> 4.0'
  # Browser integration testing
  gem 'capybara', '~> 3.39'
@ -139,6 +142,7 @@ group :test do
  # Coverage formatter for RSpec test if DISABLE_SIMPLECOV is false
  gem 'simplecov', '~> 0.22', require: false
  gem 'simplecov-lcov', '~> 0.8', require: false
  # Stub web requests for specs
  gem 'webmock', '~> 3.18'
@ -170,12 +174,6 @@ group :development do
  # Linter CLI for HAML files
  gem 'haml_lint', require: false
  # Deployment automation
  gem 'capistrano', '~> 3.17'
  gem 'capistrano-rails', '~> 1.6'
  gem 'capistrano-rbenv', '~> 2.2'
  gem 'capistrano-yarn', '~> 2.0'
  # Validate missing i18n keys
  gem 'i18n-tasks', '~> 1.0', require: false
 end
@ -200,7 +198,7 @@ gem 'connection_pool', require: false
 gem 'xorcist', '~> 1.1'
 gem 'cocoon', '~> 1.2'
-gem 'net-http', '~> 0.3.2'
+gem 'net-http', '~> 0.4.0'
 gem 'rubyzip', '~> 2.3'
 gem 'hcaptcha', '~> 7.1'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -39,81 +39,88 @@ GIT
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (7.0.7)
+    actioncable (7.1.2)
-      actionpack (= 7.0.7)
+      actionpack (= 7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.7)
+      zeitwerk (~> 2.6)
-      actionpack (= 7.0.7)
+    actionmailbox (7.1.2)
-      activejob (= 7.0.7)
+      actionpack (= 7.1.2)
-      activerecord (= 7.0.7)
+      activejob (= 7.1.2)
-      activestorage (= 7.0.7)
+      activerecord (= 7.1.2)
-      activesupport (= 7.0.7)
+      activestorage (= 7.1.2)
      activesupport (= 7.1.2)
      mail (>= 2.7.1)
      net-imap
      net-pop
      net-smtp
-    actionmailer (7.0.7)
+    actionmailer (7.1.2)
-      actionpack (= 7.0.7)
+      actionpack (= 7.1.2)
-      actionview (= 7.0.7)
+      actionview (= 7.1.2)
-      activejob (= 7.0.7)
+      activejob (= 7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
      mail (~> 2.5, >= 2.5.4)
      net-imap
      net-pop
      net-smtp
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-    actionpack (7.0.7)
+    actionpack (7.1.2)
-      actionview (= 7.0.7)
+      actionview (= 7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
-      rack (~> 2.0, >= 2.2.4)
+      nokogiri (>= 1.8.5)
      racc
      rack (>= 2.2.4)
      rack-session (>= 1.0.1)
      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    actiontext (7.0.7)
+    actiontext (7.1.2)
-      actionpack (= 7.0.7)
+      actionpack (= 7.1.2)
-      activerecord (= 7.0.7)
+      activerecord (= 7.1.2)
-      activestorage (= 7.0.7)
+      activestorage (= 7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
      globalid (>= 0.6.0)
      nokogiri (>= 1.8.5)
-    actionview (7.0.7)
+    actionview (7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
      builder (~> 3.1)
-      erubi (~> 1.4)
+      erubi (~> 1.11)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    active_model_serializers (0.10.13)
+    active_model_serializers (0.10.14)
-      actionpack (>= 4.1, < 7.1)
+      actionpack (>= 4.1)
-      activemodel (>= 4.1, < 7.1)
+      activemodel (>= 4.1)
      case_transform (>= 0.2)
      jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
-    activejob (7.0.7)
+    activejob (7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
      globalid (>= 0.3.6)
-    activemodel (7.0.7)
+    activemodel (7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
-    activerecord (7.0.7)
+    activerecord (7.1.2)
-      activemodel (= 7.0.7)
+      activemodel (= 7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
-    activestorage (7.0.7)
+      timeout (>= 0.4.0)
-      actionpack (= 7.0.7)
+    activestorage (7.1.2)
-      activejob (= 7.0.7)
+      actionpack (= 7.1.2)
-      activerecord (= 7.0.7)
+      activejob (= 7.1.2)
-      activesupport (= 7.0.7)
+      activerecord (= 7.1.2)
      activesupport (= 7.1.2)
      marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
+    activesupport (7.1.2)
-    activesupport (7.0.7)
+      base64
      bigdecimal
      concurrent-ruby (~> 1.0, >= 1.0.2)
      connection_pool (>= 2.2.5)
      drb
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
      mutex_m
      tzinfo (~> 2.0)
-    addressable (2.8.4)
+    addressable (2.8.5)
      public_suffix (>= 2.0.2, < 6.0)
    aes_key_wrap (1.1.0)
    airbrussh (1.4.1)
      sshkit (>= 1.6.1, != 1.7.0)
    android_key_attestation (0.3.0)
    annotate (3.2.0)
      activerecord (>= 3.2, < 8.0)
@ -124,8 +131,8 @@ GEM
    attr_required (1.0.1)
    awrence (1.2.1)
    aws-eventstream (1.2.0)
-    aws-partitions (1.793.0)
+    aws-partitions (1.828.0)
-    aws-sdk-core (3.180.3)
+    aws-sdk-core (3.183.1)
      aws-eventstream (~> 1, >= 1.0.2)
      aws-partitions (~> 1, >= 1.651.0)
      aws-sigv4 (~> 1.5)
@ -133,8 +140,8 @@ GEM
    aws-sdk-kms (1.71.0)
      aws-sdk-core (~> 3, >= 3.177.0)
      aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.132.1)
+    aws-sdk-s3 (1.136.0)
-      aws-sdk-core (~> 3, >= 3.179.0)
+      aws-sdk-core (~> 3, >= 3.181.0)
      aws-sdk-kms (~> 1)
      aws-sigv4 (~> 1.6)
    aws-sigv4 (1.6.0)
@ -148,23 +155,25 @@ GEM
      net-http-persistent (~> 4.0)
      nokogiri (~> 1, >= 1.10.8)
    base64 (0.1.1)
-    bcrypt (3.1.18)
+    bcp47_spec (0.2.1)
    bcrypt (3.1.19)
    better_errors (2.10.1)
      erubi (>= 1.0.0)
      rack (>= 0.9.0)
      rouge (>= 1.0.0)
-    better_html (2.0.1)
+    better_html (2.0.2)
      actionview (>= 6.0)
      activesupport (>= 6.0)
      ast (~> 2.0)
      erubi (~> 1.4)
      parser (>= 2.4)
      smart_properties
    bigdecimal (3.1.4)
    bindata (2.4.15)
    binding_of_caller (1.0.0)
      debug_inspector (>= 0.0.1)
    blurhash (0.1.7)
-    bootsnap (1.16.0)
+    bootsnap (1.17.0)
      msgpack (~> 1.2)
    brakeman (6.0.1)
    browser (5.3.1)
@ -175,21 +184,6 @@ GEM
    bundler-audit (0.9.1)
      bundler (>= 1.2.0, < 3)
      thor (~> 1.0)
    capistrano (3.17.3)
      airbrussh (>= 1.0.0)
      i18n
      rake (>= 10.0.0)
      sshkit (>= 1.9.0)
    capistrano-bundler (2.1.0)
      capistrano (~> 3.1)
    capistrano-rails (1.6.3)
      capistrano (~> 3.1)
      capistrano-bundler (>= 1.1, < 3)
    capistrano-rbenv (2.2.0)
      capistrano (~> 3.1)
      sshkit (~> 1.3)
    capistrano-yarn (2.0.2)
      capistrano (~> 3.0)
    capybara (3.39.2)
      addressable
      matrix
@ -203,7 +197,7 @@ GEM
      activesupport
    cbor (0.5.9.6)
    charlock_holmes (0.7.7)
-    chewy (7.3.3)
+    chewy (7.3.4)
      activesupport (>= 5.2)
      elasticsearch (>= 7.12.0, < 7.14.0)
      elasticsearch-dsl
@ -225,25 +219,25 @@ GEM
      activerecord (>= 5.a)
      database_cleaner-core (~> 2.0.0)
    database_cleaner-core (2.0.1)
-    date (3.3.3)
+    date (3.3.4)
    debug_inspector (1.1.0)
-    devise (4.9.2)
+    devise (4.9.3)
      bcrypt (~> 3.0)
      orm_adapter (~> 0.1)
      railties (>= 4.1.0)
      responders
      warden (~> 1.2.3)
-    devise-two-factor (4.1.0)
+    devise-two-factor (4.1.1)
-      activesupport (< 7.1)
+      activesupport (~> 7.0)
      attr_encrypted (>= 1.3, < 5, != 2)
      devise (~> 4.0)
-      railties (< 7.1)
+      railties (~> 7.0)
      rotp (~> 6.0)
    devise_pam_authenticatable2 (9.2.0)
      devise (>= 4.0.0)
      rpam2 (~> 4.0)
    diff-lcs (1.5.0)
-    discard (1.2.1)
+    discard (1.3.0)
      activerecord (>= 4.2, < 8)
    docile (1.4.0)
    domain_name (0.5.20190701)
@ -254,6 +248,8 @@ GEM
    dotenv-rails (2.8.1)
      dotenv (= 2.8.1)
      railties (>= 3.2)
    drb (2.1.1)
      ruby2_keywords
    ed25519 (1.3.0)
    elasticsearch (7.13.3)
      elasticsearch-api (= 7.13.3)
@ -264,13 +260,17 @@ GEM
    elasticsearch-transport (7.13.3)
      faraday (~> 1)
      multi_json
    email_spec (2.2.2)
      htmlentities (~> 4.3.3)
      launchy (~> 2.1)
      mail (~> 2.7)
    encryptor (3.0.0)
    erubi (1.12.0)
    et-orbi (1.2.7)
      tzinfo
-    excon (0.100.0)
+    excon (0.104.0)
    fabrication (2.30.0)
-    faker (3.2.1)
+    faker (3.2.2)
      i18n (>= 1.8.11, < 2)
    faraday (1.10.3)
      faraday-em_http (~> 1.0)
@ -303,28 +303,27 @@ GEM
    ffi-compiler (1.0.1)
      ffi (>= 1.0.0)
      rake
-    fog-core (2.1.0)
+    fog-core (2.3.0)
      builder
-      excon (~> 0.58)
+      excon (~> 0.71)
-      formatador (~> 0.2)
+      formatador (>= 0.2, < 2.0)
      mime-types
    fog-json (1.2.0)
      fog-core
      multi_json (~> 1.10)
-    fog-openstack (0.3.10)
+    fog-openstack (1.1.0)
-      fog-core (>= 1.45, <= 2.1.0)
+      fog-core (~> 2.1)
      fog-json (>= 1.0)
-      ipaddress (>= 0.8)
+    formatador (1.1.0)
    formatador (0.3.0)
    fugit (1.8.1)
      et-orbi (~> 1, >= 1.2.7)
      raabro (~> 1.4)
    fuubar (2.5.1)
      rspec-core (~> 3.0)
      ruby-progressbar (~> 1.4)
-    globalid (1.1.0)
+    globalid (1.2.1)
-      activesupport (>= 5.0)
+      activesupport (>= 6.1)
-    haml (6.1.1)
+    haml (6.2.0)
      temple (>= 0.8.2)
      thor
      tilt
@ -333,8 +332,8 @@ GEM
      activesupport (>= 5.1)
      haml (>= 4.0.6)
      railties (>= 5.1)
-    haml_lint (0.49.3)
+    haml_lint (0.51.0)
-      haml (>= 4.0, < 6.2)
+      haml (>= 4.0)
      parallel (~> 1.10)
      rainbow
      rubocop (>= 1.0)
@ -362,19 +361,22 @@ GEM
      rainbow (>= 2.0.0)
    i18n (1.14.1)
      concurrent-ruby (~> 1.0)
-    i18n-tasks (1.0.12)
+    i18n-tasks (1.0.13)
      activesupport (>= 4.0.2)
      ast (>= 2.1.0)
      better_html (>= 1.0, < 3.0)
      erubi
      highline (>= 2.0.0)
      i18n
-      parser (>= 2.2.3.0)
+      parser (>= 3.2.2.1)
      rails-i18n
      rainbow (>= 2.2.2, < 4.0)
      terminal-table (>= 1.5.1)
    idn-ruby (0.1.5)
-    ipaddress (0.8.3)
+    io-console (0.6.0)
    irb (1.8.3)
      rdoc
      reline (>= 0.3.8)
    jmespath (1.6.2)
    json (2.6.3)
    json-canonicalization (0.3.2)
@ -383,17 +385,17 @@ GEM
      aes_key_wrap
      bindata
      httpclient
-    json-ld (3.2.5)
+    json-ld (3.3.0)
      htmlentities (~> 4.3)
      json-canonicalization (~> 0.3, >= 0.3.2)
      link_header (~> 0.0, >= 0.0.8)
      multi_json (~> 1.15)
      rack (>= 2.2, < 4)
-      rdf (~> 3.2, >= 3.2.10)
+      rdf (~> 3.3)
-    json-ld-preloaded (3.2.2)
+    json-ld-preloaded (3.3.0)
-      json-ld (~> 3.2)
+      json-ld (~> 3.3)
-      rdf (~> 3.2)
+      rdf (~> 3.3)
-    json-schema (4.0.0)
+    json-schema (4.1.1)
      addressable (>= 2.8)
    jsonapi-renderer (0.2.2)
    jwt (2.7.1)
@ -409,7 +411,7 @@ GEM
      activerecord
      kaminari-core (= 1.2.2)
    kaminari-core (1.2.2)
-    kt-paperclip (7.2.0)
+    kt-paperclip (7.2.1)
      activemodel (>= 4.2.0)
      activesupport (>= 4.2.0)
      marcel (~> 1.0.1)
@ -429,12 +431,12 @@ GEM
    llhttp-ffi (0.4.0)
      ffi-compiler (~> 1.0)
      rake (~> 13.0)
-    lograge (0.13.0)
+    lograge (0.14.0)
      actionpack (>= 4)
      activesupport (>= 4)
      railties (>= 4)
      request_store (~> 1.0)
-    loofah (2.21.3)
+    loofah (2.21.4)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
    mail (2.8.1)
@ -451,38 +453,35 @@ GEM
      azure-storage-blob (~> 2.0.1)
      hashie (~> 5.0)
    memory_profiler (1.0.1)
-    method_source (1.0.0)
+    mime-types (3.5.1)
    mime-types (3.5.0)
      mime-types-data (~> 3.2015)
-    mime-types-data (3.2023.0808)
+    mime-types-data (3.2023.1003)
    mini_mime (1.1.5)
-    mini_portile2 (2.8.4)
+    mini_portile2 (2.8.5)
-    minitest (5.19.0)
+    minitest (5.20.0)
-    msgpack (1.7.1)
+    msgpack (1.7.2)
    multi_json (1.15.0)
    multipart-post (2.3.0)
-    net-http (0.3.2)
+    mutex_m (0.1.2)
    net-http (0.4.0)
      uri
    net-http-persistent (4.0.2)
      connection_pool (~> 2.2)
-    net-imap (0.3.7)
+    net-imap (0.4.4)
      date
      net-protocol
    net-ldap (0.18.0)
    net-pop (0.1.2)
      net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
      timeout
-    net-scp (4.0.0)
+    net-smtp (0.4.0)
      net-ssh (>= 2.6.5, < 8.0.0)
    net-smtp (0.3.3)
      net-protocol
    net-ssh (7.1.0)
    nio4r (2.5.9)
    nokogiri (1.15.4)
      mini_portile2 (~> 2.8.2)
      racc (~> 1.4)
-    oj (3.15.0)
+    oj (3.16.1)
    omniauth (2.1.1)
      hashie (>= 3.4.6)
      rack (>= 2.2.3)
@ -513,14 +512,14 @@ GEM
    orm_adapter (0.5.0)
    ox (2.14.17)
    parallel (1.23.0)
-    parser (3.2.2.3)
+    parser (3.2.2.4)
      ast (~> 2.4.1)
      racc
    parslet (2.0.0)
    pastel (0.8.0)
      tty-color (~> 0.5)
-    pg (1.5.3)
+    pg (1.5.4)
-    pghero (3.3.3)
+    pghero (3.3.4)
      activerecord (>= 6)
    posix-spawn (0.3.15)
    premailer (1.21.0)
@ -532,13 +531,15 @@ GEM
      net-smtp
      premailer (~> 1.7, >= 1.7.9)
    private_address_check (0.5.0)
    psych (5.1.1.1)
      stringio
    public_suffix (5.0.3)
-    puma (6.3.1)
+    puma (6.4.0)
      nio4r (~> 2.0)
-    pundit (2.3.0)
+    pundit (2.3.1)
      activesupport (>= 3.0.0)
    raabro (1.4.0)
-    racc (1.7.1)
+    racc (1.7.3)
    rack (2.2.8)
    rack-attack (6.7.0)
      rack (>= 1.0, < 4)
@ -554,63 +555,74 @@ GEM
      rack
    rack-proxy (0.7.6)
      rack
    rack-session (1.0.1)
      rack (< 3)
    rack-test (2.1.0)
      rack (>= 1.3)
-    rails (7.0.7)
+    rackup (1.0.0)
-      actioncable (= 7.0.7)
+      rack (< 3)
-      actionmailbox (= 7.0.7)
+      webrick
-      actionmailer (= 7.0.7)
+    rails (7.1.2)
-      actionpack (= 7.0.7)
+      actioncable (= 7.1.2)
-      actiontext (= 7.0.7)
+      actionmailbox (= 7.1.2)
-      actionview (= 7.0.7)
+      actionmailer (= 7.1.2)
-      activejob (= 7.0.7)
+      actionpack (= 7.1.2)
-      activemodel (= 7.0.7)
+      actiontext (= 7.1.2)
-      activerecord (= 7.0.7)
+      actionview (= 7.1.2)
-      activestorage (= 7.0.7)
+      activejob (= 7.1.2)
-      activesupport (= 7.0.7)
+      activemodel (= 7.1.2)
      activerecord (= 7.1.2)
      activestorage (= 7.1.2)
      activesupport (= 7.1.2)
      bundler (>= 1.15.0)
-      railties (= 7.0.7)
+      railties (= 7.1.2)
    rails-controller-testing (1.0.5)
      actionpack (>= 5.0.1.rc1)
      actionview (>= 5.0.1.rc1)
      activesupport (>= 5.0.1.rc1)
-    rails-dom-testing (2.1.1)
+    rails-dom-testing (2.2.0)
      activesupport (>= 5.0.0)
      minitest
      nokogiri (>= 1.6)
    rails-html-sanitizer (1.6.0)
      loofah (~> 2.21)
      nokogiri (~> 1.14)
-    rails-i18n (7.0.7)
+    rails-i18n (7.0.8)
      i18n (>= 0.7, < 2)
      railties (>= 6.0.0, < 8)
-    railties (7.0.7)
+    railties (7.1.2)
-      actionpack (= 7.0.7)
+      actionpack (= 7.1.2)
-      activesupport (= 7.0.7)
+      activesupport (= 7.1.2)
-      method_source
+      irb
      rackup (>= 1.0.0)
      rake (>= 12.2)
-      thor (~> 1.0)
+      thor (~> 1.0, >= 1.2.2)
-      zeitwerk (~> 2.5)
+      zeitwerk (~> 2.6)
    rainbow (3.1.1)
    rake (13.0.6)
-    rdf (3.2.11)
+    rdf (3.3.1)
      bcp47_spec (~> 0.2)
      link_header (~> 0.0, >= 0.0.8)
    rdf-normalize (0.6.1)
      rdf (~> 3.2)
    rdoc (6.5.0)
      psych (>= 4.0.0)
    redcarpet (3.6.0)
    redis (4.8.1)
    redis-namespace (1.11.0)
      redis (>= 4)
    redlock (1.3.2)
      redis (>= 3.0.0, < 6.0)
-    regexp_parser (2.8.1)
+    regexp_parser (2.8.2)
    reline (0.3.9)
      io-console (~> 0.5)
    request_store (1.5.1)
      rack (>= 1.4)
-    responders (3.1.0)
+    responders (3.1.1)
      actionpack (>= 5.2)
      railties (>= 5.2)
    rexml (3.2.6)
-    rotp (6.2.2)
+    rotp (6.3.0)
    rouge (4.1.2)
    rpam2 (4.0.2)
    rqrcode (2.2.0)
@ -622,7 +634,9 @@ GEM
    rspec-expectations (3.12.3)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+    rspec-github (2.4.0)
      rspec-core (~> 3.0)
    rspec-mocks (3.12.6)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.12.0)
    rspec-rails (6.0.3)
@ -633,38 +647,38 @@ GEM
      rspec-expectations (~> 3.12)
      rspec-mocks (~> 3.12)
      rspec-support (~> 3.12)
-    rspec-sidekiq (3.1.0)
+    rspec-sidekiq (4.1.0)
-      rspec-core (~> 3.0, >= 3.0.0)
+      rspec-core (~> 3.0)
-      sidekiq (>= 2.4.0)
+      rspec-expectations (~> 3.0)
-    rspec-support (3.12.0)
+      rspec-mocks (~> 3.0)
-    rspec_chunked (0.6)
+      sidekiq (>= 5, < 8)
-    rubocop (1.56.1)
+    rspec-support (3.12.1)
-      base64 (~> 0.1.1)
+    rubocop (1.57.2)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
      parallel (~> 1.10)
-      parser (>= 3.2.2.3)
+      parser (>= 3.2.2.4)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 1.8, < 3.0)
      rexml (>= 3.2.5, < 4.0)
      rubocop-ast (>= 1.28.1, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.29.0)
+    rubocop-ast (1.30.0)
      parser (>= 3.2.1.0)
-    rubocop-capybara (2.18.0)
+    rubocop-capybara (2.19.0)
      rubocop (~> 1.41)
-    rubocop-factory_bot (2.23.1)
+    rubocop-factory_bot (2.24.0)
      rubocop (~> 1.33)
-    rubocop-performance (1.19.0)
+    rubocop-performance (1.19.1)
      rubocop (>= 1.7.0, < 2.0)
      rubocop-ast (>= 0.4.0)
-    rubocop-rails (2.20.2)
+    rubocop-rails (2.22.1)
      activesupport (>= 4.2.0)
      rack (>= 1.1)
      rubocop (>= 1.33.0, < 2.0)
-    rubocop-rspec (2.23.2)
+    rubocop-rspec (2.25.0)
-      rubocop (~> 1.33)
+      rubocop (~> 1.40)
      rubocop-capybara (~> 2.17)
      rubocop-factory_bot (~> 2.22)
    ruby-prof (1.6.3)
@ -678,18 +692,18 @@ GEM
      fugit (~> 1.1, >= 1.1.6)
    safety_net_attestation (0.4.0)
      jwt (~> 2.0)
-    sanitize (6.0.2)
+    sanitize (6.1.0)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
    scenic (1.7.0)
      activerecord (>= 4.0.0)
      railties (>= 4.0.0)
-    selenium-webdriver (4.11.0)
+    selenium-webdriver (4.15.0)
      rexml (~> 3.2, >= 3.2.5)
      rubyzip (>= 1.2.2, < 3.0)
      websocket (~> 1.0)
    semantic_range (3.0.0)
-    sidekiq (6.5.9)
+    sidekiq (6.5.12)
      connection_pool (>= 2.2.5, < 3)
      rack (~> 2.0)
      redis (>= 4.5.0, < 5)
@ -699,7 +713,7 @@ GEM
      rufus-scheduler (~> 3.2)
      sidekiq (>= 6, < 8)
      tilt (>= 1.4.0)
-    sidekiq-unique-jobs (7.1.29)
+    sidekiq-unique-jobs (7.1.30)
      brpoplpush-redis_script (> 0.1.1, <= 2.0.0)
      concurrent-ruby (~> 1.0, >= 1.0.5)
      redis (< 5.0)
@ -707,7 +721,7 @@ GEM
      thor (>= 0.20, < 3.0)
    simple-navigation (4.4.0)
      activesupport (>= 2.3.2)
-    simple_form (5.2.0)
+    simple_form (5.3.0)
      actionpack (>= 5.2)
      activemodel (>= 5.2)
    simplecov (0.22.0)
@ -715,6 +729,7 @@ GEM
      simplecov-html (~> 0.11)
      simplecov_json_formatter (~> 0.1)
    simplecov-html (0.12.3)
    simplecov-lcov (0.8.0)
    simplecov_json_formatter (0.1.4)
    smart_properties (1.17.0)
    sprockets (3.7.2)
@ -724,14 +739,12 @@ GEM
      actionpack (>= 5.2)
      activesupport (>= 5.2)
      sprockets (>= 3.0.0)
    sshkit (1.21.5)
      net-scp (>= 1.1.2)
      net-ssh (>= 2.8.0)
    stackprof (0.2.25)
    statsd-ruby (1.5.0)
-    stoplight (3.0.1)
+    stoplight (3.0.2)
      redlock (~> 1.0)
-    strong_migrations (0.8.0)
+    stringio (3.0.9)
    strong_migrations (1.6.4)
      activerecord (>= 5.2)
    swd (1.3.0)
      activesupport (>= 3)
@ -743,10 +756,10 @@ GEM
      unicode-display_width (>= 1.1.1, < 3)
    terrapin (0.6.0)
      climate_control (>= 0.0.3, < 1.0)
-    test-prof (1.2.2)
+    test-prof (1.2.3)
-    thor (1.2.2)
+    thor (1.3.0)
-    tilt (2.2.0)
+    tilt (2.3.0)
-    timeout (0.4.0)
+    timeout (0.4.1)
    tpm-key_attestation (0.12.0)
      bindata (~> 2.4)
      openssl (> 2.0)
@ -771,7 +784,7 @@ GEM
    unf (0.1.4)
      unf_ext
    unf_ext (0.0.8.2)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.5.0)
    uri (0.12.2)
    validate_email (0.1.6)
      activemodel (>= 3.0)
@ -793,7 +806,7 @@ GEM
    webfinger (1.2.0)
      activesupport
      httpclient (>= 2.4)
-    webmock (3.18.1)
+    webmock (3.19.1)
      addressable (>= 2.8.0)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
@ -802,7 +815,8 @@ GEM
      rack-proxy (>= 0.6.1)
      railties (>= 5.2)
      semantic_range (>= 2.3.0)
-    websocket (1.2.9)
+    webrick (1.8.1)
    websocket (1.2.10)
    websocket-driver (0.7.6)
      websocket-extensions (>= 0.1.0)
    websocket-extensions (0.1.5)
@ -810,7 +824,7 @@ GEM
    xorcist (1.1.3)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    zeitwerk (2.6.11)
+    zeitwerk (2.6.12)
 PLATFORMS
  ruby
@ -823,14 +837,10 @@ DEPENDENCIES
  better_errors (~> 2.9)
  binding_of_caller (~> 1.0)
  blurhash (~> 0.1)
-  bootsnap (~> 1.16.0)
+  bootsnap (~> 1.17.0)
  brakeman (~> 6.0)
  browser
  bundler-audit (~> 0.9)
  capistrano (~> 3.17)
  capistrano-rails (~> 1.6)
  capistrano-rbenv (~> 2.2)
  capistrano-yarn (~> 2.0)
  capybara (~> 3.39)
  charlock_holmes (~> 0.7.7)
  chewy (~> 7.3)
@ -847,12 +857,13 @@ DEPENDENCIES
  doorkeeper (~> 5.6)
  dotenv-rails (~> 2.8)
  ed25519 (~> 1.3)
  email_spec
  fabrication (~> 2.30)
  faker (~> 3.2)
  fast_blank (~> 1.0)
  fastimage
  fog-core (<= 2.4.0)
-  fog-openstack (~> 0.3)
+  fog-openstack (~> 1.0)
  fuubar (~> 2.5)
  haml-rails (~> 2.0)
  haml_lint
@ -877,7 +888,7 @@ DEPENDENCIES
  md-paperclip-azure (~> 2.2)
  memory_profiler
  mime-types (~> 3.5.0)
-  net-http (~> 0.3.2)
+  net-http (~> 0.4.0)
  net-ldap (~> 0.18)
  nokogiri (~> 1.15)
  nsa!
@ -901,7 +912,7 @@ DEPENDENCIES
  rack-attack (~> 6.6)
  rack-cors (~> 2.0)
  rack-test (~> 2.1)
-  rails (~> 7.0)
+  rails (~> 7.1.1)
  rails-controller-testing (~> 1.0)
  rails-i18n (~> 7.0)
  rails-settings-cached (~> 0.6)!
@ -910,9 +921,9 @@ DEPENDENCIES
  redis (~> 4.5)
  redis-namespace (~> 1.10)
  rqrcode (~> 2.2)
  rspec-github (~> 2.4)
  rspec-rails (~> 6.0)
-  rspec-sidekiq (~> 3.1)
+  rspec-sidekiq (~> 4.0)
  rspec_chunked (~> 0.6)
  rubocop
  rubocop-capybara
  rubocop-performance
@ -931,11 +942,12 @@ DEPENDENCIES
  simple-navigation (~> 4.4)
  simple_form (~> 5.2)
  simplecov (~> 0.22)
  simplecov-lcov (~> 0.8)
  sprockets (~> 3.7.2)
  sprockets-rails (~> 3.4)
  stackprof
  stoplight (~> 3.0.1)
-  strong_migrations (~> 0.8)
+  strong_migrations (= 1.6.4)
  test-prof
  thor (~> 1.2)
  tty-prompt (~> 0.23)
@ -951,4 +963,4 @@ RUBY VERSION
   ruby 3.2.2p53
 BUNDLED WITH
-   2.4.13
+   2.4.20
--- a/Procfile.dev
+++ b/Procfile.dev
@ -1,4 +1,4 @@
 web: env PORT=3000 RAILS_ENV=development bundle exec puma -C config/puma.rb
 sidekiq: env PORT=3000 RAILS_ENV=development bundle exec sidekiq
-stream: env PORT=4000 yarn run start
+stream: env PORT=4000 yarn workspace @mastodon/streaming start
-webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0
+webpack: bin/webpack-dev-server
--- a/README.md
+++ b/README.md
@ -59,21 +59,25 @@ Mastodon acts as an OAuth2 provider, so 3rd party apps can use the REST and Stre
 ## Deployment
-### Tech stack:
+### Tech stack
 - **Ruby on Rails** powers the REST API and other web pages
 - **React.js** and Redux are used for the dynamic parts of the interface
 - **Node.js** powers the streaming API
-### Requirements:
+### Requirements
- **PostgreSQL** 9.5+
+- **PostgreSQL** 12+
 - **Redis** 4+
 - **Ruby** 2.7+
- **Node.js** 14+
+- **Node.js** 16+
 The repository includes deployment configurations for **Docker and docker-compose** as well as specific platforms like **Heroku**, **Scalingo**, and **Nanobox**. For Helm charts, reference the [mastodon/chart repository](https://github.com/mastodon/chart). The [**standalone** installation guide](https://docs.joinmastodon.org/admin/install/) is available in the documentation.
 ## Development
 ### Vagrant
 A **Vagrant** configuration is included for development purposes. To use it, complete the following steps:
 - Install Vagrant and Virtualbox
@ -82,27 +86,41 @@ A **Vagrant** configuration is included for development purposes. To use it, com
 - Run `vagrant ssh -c "cd /vagrant && foreman start"`
 - Open `http://mastodon.local` in your browser
 ### MacOS
 To set up **MacOS** for native development, complete the following steps:
- Install the latest stable Ruby version (use a ruby version manager for easy installation and management of ruby versions)
+- Install the latest stable Ruby version (use a Ruby version manager for easy installation and management of Ruby versions)
 - Run `brew install postgresql@14`
 - Run `brew install redis`
 - Run `brew install imagemagick`
 - Install Foreman or a similar tool (such as [overmind](https://github.com/DarthSim/overmind)) to handle multiple process launching.
 - Navigate to Mastodon's root directory and run `brew install nvm` then `nvm use` to use the version from .nvmrc
- Run `corepack enable && yarn set version classic`
+- Run `corepack enable && corepack prepare`
 - Run `bundle exec rails db:setup` (optionally prepend `RAILS_ENV=development` to target the dev environment)
 - Finally, run `overmind start -f Procfile.dev`
-### Getting Started with GitHub Codespaces
+### Docker
-To get started, create a codespace for this repository by clicking this 👇
+For development with **Docker**, complete the following steps:
-[![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://github.com/codespaces/new?hide_repo_select=true&ref=main&repo=52281283)
+- Install Docker Desktop
 - Run `docker compose -f .devcontainer/docker-compose.yml up -d`
 - Run `docker compose -f .devcontainer/docker-compose.yml exec app .devcontainer/post-create.sh`
 - Finally, run `docker compose -f .devcontainer/docker-compose.yml exec app foreman start -f Procfile.dev`
-A codespace will open in a web-based version of Visual Studio Code. The [dev container](.devcontainer/devcontainer.json) is fully configured with the software needed for this project.
+If you are using an IDE with [support for the Development Container specification](https://containers.dev/supporting), it will run the above `docker compose` commands automatically. For **Visual Studio Code** this requires the [Dev Container extension](https://containers.dev/supporting#dev-containers).
-**Note**: Dev containers are an open spec that is supported by [GitHub Codespaces](https://github.com/codespaces) and [other tools](https://containers.dev/supporting).
+### GitHub Codespaces
 To get you coding in just a few minutes, GitHub Codespaces provides a web-based version of Visual Studio Code and a cloud-hosted development environment fully configured with the software needed for this project..
 - Click this button to create a new codespace:<br>
  [![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://github.com/codespaces/new?hide_repo_select=true&ref=main&repo=52281283&devcontainer_path=.devcontainer%2Fcodespaces%2Fdevcontainer.json)
 - Wait for the environment to build. This will take a few minutes.
 - When the editor is ready, run `foreman start -f Procfile.dev` in the terminal.
 - After a few seconds, a popup will appear with a button labeled _Open in Browser_. This will open Mastodon.
 - On the _Ports_ tab, right click on the “stream” row and select _Port visibility_ → _Public_.
 ## Contributing
@ -114,7 +132,7 @@ You can open issues for bugs you've found or features you think are missing. You
 ## License
-Copyright (C) 2016-2022 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
+Copyright (C) 2016-2023 Eugen Rochko & other Mastodon contributors (see [AUTHORS.md](AUTHORS.md))
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
--- a/SECURITY.md
+++ b/SECURITY.md
@ -1,8 +1,11 @@
 # Security Policy
-If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can reach us at <security@joinmastodon.org>.
+If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can either:
-You should _not_ report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
+- open a [Github security issue on the Mastodon project](https://github.com/mastodon/mastodon/security/advisories/new)
 - reach us at <security@joinmastodon.org>
 You should _not_ report such issues on public GitHub issues or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
 ## Scope
@ -10,9 +13,10 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through
 ## Supported Versions
-| Version | Supported |
+| Version | Supported        |
-| ------- | --------- |
+| ------- | ---------------- |
-| 4.1.x   | Yes       |
+| 4.2.x   | Yes              |
-| 4.0.x   | Yes       |
+| 4.1.x   | Yes              |
-| 3.5.x   | Yes       |
+| 4.0.x   | No               |
-| < 3.5   | No        |
+| 3.5.x   | Until 2023-12-31 |
 | < 3.5   | No               |
--- a/48
+++ b/48
@ -60,6 +60,38 @@ sudo usermod -a -G rvm $USER
 SCRIPT
 $provisionElasticsearch = <<SCRIPT
 # Install Elastic Search
 sudo apt install openjdk-17-jre-headless -y
 sudo wget -O /usr/share/keyrings/elasticsearch.asc https://artifacts.elastic.co/GPG-KEY-elasticsearch
 sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
 sudo apt update
 sudo apt install elasticsearch -y
 sudo systemctl daemon-reload
 sudo systemctl enable --now elasticsearch
 echo 'path.data: /var/lib/elasticsearch
 path.logs: /var/log/elasticsearch
 network.host: 0.0.0.0
 http.port: 9200
 discovery.seed_hosts: ["localhost"]
 cluster.initial_master_nodes: ["node-1"]
 xpack.security.enabled: false' > /etc/elasticsearch/elasticsearch.yml
 sudo systemctl restart elasticsearch
 # Install Kibana
 sudo apt install kibana -y
 sudo systemctl enable --now kibana
 echo 'server.host: "0.0.0.0"
 elasticsearch.hosts: ["http://localhost:9200"]' > /etc/kibana/kibana.yml
 sudo systemctl restart kibana
 SCRIPT
 $provisionB = <<SCRIPT
 source "/etc/profile.d/rvm.sh"
@ -80,11 +112,11 @@ bundle install
 # Install node modules
 sudo corepack enable
-yarn set version classic
+corepack prepare
 yarn install
 # Build Mastodon
-export RAILS_ENV=development 
+export RAILS_ENV=development
 export $(cat ".env.vagrant" | xargs)
 bundle exec rails db:setup
@ -102,10 +134,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.provider :virtualbox do |vb|
    vb.name = "mastodon"
-    vb.customize ["modifyvm", :id, "--memory", "2048"]
+    vb.customize ["modifyvm", :id, "--memory", "8192"]
-    # Increase the number of CPUs. Uncomment and adjust to
+    vb.customize ["modifyvm", :id, "--cpus", "3"]
    # increase performance
    # vb.customize ["modifyvm", :id, "--cpus", "3"]
    # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
    # https://github.com/mitchellh/vagrant/issues/1172
@ -141,9 +171,15 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  config.vm.network :forwarded_port, guest: 3000, host: 3000
  config.vm.network :forwarded_port, guest: 4000, host: 4000
  config.vm.network :forwarded_port, guest: 8080, host: 8080
  config.vm.network :forwarded_port, guest: 9200, host: 9200
  config.vm.network :forwarded_port, guest: 9300, host: 9300
  config.vm.network :forwarded_port, guest: 9243, host: 9243
  config.vm.network :forwarded_port, guest: 5601, host: 5601
  # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
  config.vm.provision :shell, inline: $provisionA, privileged: false, reset: true
  # Run with elevated privileges for Elasticsearch installation
  config.vm.provision :shell, inline: $provisionElasticsearch, privileged: true
  config.vm.provision :shell, inline: $provisionB, privileged: false
  config.vm.post_up_message = <<MESSAGE
--- a/app/chewy/accounts_index.rb
+++ b/app/chewy/accounts_index.rb
@ -21,12 +21,13 @@ class AccountsIndex < Chewy::Index
    analyzer: {
      natural: {
-        tokenizer: 'uax_url_email',
+        tokenizer: 'standard',
        filter: %w(
          english_possessive_stemmer
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
@ -62,6 +63,6 @@ class AccountsIndex < Chewy::Index
    field(:last_status_at, type: 'date', value: ->(account) { account.last_status_at || account.created_at })
    field(:display_name, type: 'text', analyzer: 'verbatim') { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
    field(:username, type: 'text', analyzer: 'verbatim', value: ->(account) { [account.username, account.domain].compact.join('@') }) { field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'verbatim' }
-    field(:text, type: 'text', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
+    field(:text, type: 'text', analyzer: 'verbatim', value: ->(account) { account.searchable_text }) { field :stemmed, type: 'text', analyzer: 'natural' }
  end
 end
--- a/app/chewy/public_statuses_index.rb
+++ b/app/chewy/public_statuses_index.rb
@ -0,0 +1,67 @@
 # frozen_string_literal: true
 class PublicStatusesIndex < Chewy::Index
  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
        tokenizer: 'standard',
        filter: %w(
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
  index_scope ::Status.unscoped
                      .kept
                      .indexable
                      .includes(:media_attachments, :preloadable_poll, :tags, preview_cards_status: :preview_card)
  root date_detection: false do
    field(:id, type: 'long')
    field(:account_id, type: 'long')
    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
    field(:tags, type: 'text', analyzer: 'hashtag', value: ->(status) { status.tags.map(&:display_name) })
    field(:language, type: 'keyword')
    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
    field(:created_at, type: 'date')
  end
 end
--- a/app/chewy/statuses_index.rb
+++ b/app/chewy/statuses_index.rb
@ -1,75 +1,65 @@
 # frozen_string_literal: true
 class StatusesIndex < Chewy::Index
  include FormattingHelper
  settings index: index_preset(refresh_interval: '30s', number_of_shards: 5), analysis: {
    filter: {
      english_stop: {
        type: 'stop',
        stopwords: '_english_',
      },
      english_stemmer: {
        type: 'stemmer',
        language: 'english',
      },
      english_possessive_stemmer: {
        type: 'stemmer',
        language: 'possessive_english',
      },
    },
    analyzer: {
-      content: {
+      verbatim: {
        tokenizer: 'uax_url_email',
        filter: %w(lowercase),
      },
      content: {
        tokenizer: 'standard',
        filter: %w(
          english_possessive_stemmer
          lowercase
          asciifolding
          cjk_width
          elision
          english_possessive_stemmer
          english_stop
          english_stemmer
        ),
      },
      hashtag: {
        tokenizer: 'keyword',
        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
  }
-  # We do not use delete_if option here because it would call a method that we
+  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :local_mentioned, :local_favorited, :local_reblogged, :local_bookmarked, :tags, preview_cards_status: :preview_card, preloadable_poll: :local_voters), delete_if: ->(status) { status.searchable_by.empty? }
  # expect to be called with crutches without crutches, causing n+1 queries
  index_scope ::Status.unscoped.kept.without_reblogs.includes(:media_attachments, :preloadable_poll)
  crutch :mentions do |collection|
    data = ::Mention.where(status_id: collection.map(&:id)).where(account: Account.local, silent: false).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :favourites do |collection|
    data = ::Favourite.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :reblogs do |collection|
    data = ::Status.where(reblog_of_id: collection.map(&:id)).where(account: Account.local).pluck(:reblog_of_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :bookmarks do |collection|
    data = ::Bookmark.where(status_id: collection.map(&:id)).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  crutch :votes do |collection|
    data = ::PollVote.joins(:poll).where(poll: { status_id: collection.map(&:id) }).where(account: Account.local).pluck(:status_id, :account_id)
    data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
  end
  root date_detection: false do
-    field :id, type: 'long'
+    field(:id, type: 'long')
-    field :account_id, type: 'long'
+    field(:account_id, type: 'long')
-
+    field(:text, type: 'text', analyzer: 'verbatim', value: ->(status) { status.searchable_text }) { field(:stemmed, type: 'text', analyzer: 'content') }
-    field :text, type: 'text', value: ->(status) { status.searchable_text } do
+    field(:tags, type: 'text', analyzer: 'hashtag',  value: ->(status) { status.tags.map(&:display_name) })
-      field :stemmed, type: 'text', analyzer: 'content'
+    field(:searchable_by, type: 'long', value: ->(status) { status.searchable_by })
-    end
+    field(:language, type: 'keyword')
-
+    field(:properties, type: 'keyword', value: ->(status) { status.searchable_properties })
-    field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
+    field(:created_at, type: 'date')
  end
 end
--- a/app/chewy/tags_index.rb
+++ b/app/chewy/tags_index.rb
@ -5,12 +5,21 @@ class TagsIndex < Chewy::Index
    analyzer: {
      content: {
        tokenizer: 'keyword',
-        filter: %w(lowercase asciifolding cjk_width),
+        filter: %w(
          word_delimiter_graph
          lowercase
          asciifolding
          cjk_width
        ),
      },
      edge_ngram: {
        tokenizer: 'edge_ngram',
-        filter: %w(lowercase asciifolding cjk_width),
+        filter: %w(
          lowercase
          asciifolding
          cjk_width
        ),
      },
    },
@ -30,12 +39,9 @@ class TagsIndex < Chewy::Index
  end
  root date_detection: false do
-    field :name, type: 'text', analyzer: 'content' do
+    field(:name, type: 'text', analyzer: 'content', value: :display_name) { field(:edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content') }
-      field :edge_ngram, type: 'text', analyzer: 'edge_ngram', search_analyzer: 'content'
+    field(:reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? })
-    end
+    field(:usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts })
-
+    field(:last_status_at, type: 'date', value: ->(tag) { tag.last_status_at || tag.created_at })
    field :reviewed, type: 'boolean', value: ->(tag) { tag.reviewed? }
    field :usage, type: 'long', value: ->(tag, crutches) { tag.history.aggregate(crutches.time_period).accounts }
    field :last_status_at, type: 'date', value: ->(tag) { tag.last_status_at || tag.created_at }
  end
 end
--- a/app/controllers/about_controller.rb
+++ b/app/controllers/about_controller.rb
@ -5,15 +5,7 @@ class AboutController < ApplicationController
  skip_before_action :require_functional!
  before_action :set_instance_presenter
  def show
    expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
  end
  private
  def set_instance_presenter
    @instance_presenter = InstancePresenter.new
  end
 end
--- a/app/controllers/admin/account_actions_controller.rb
+++ b/app/controllers/admin/account_actions_controller.rb
@ -21,7 +21,7 @@ module Admin
      account_action.save!
      if account_action.with_report?
-        redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: params[:report_id])
+        redirect_to admin_reports_path, notice: I18n.t('admin.reports.processed_msg', id: resource_params[:report_id])
      else
        redirect_to admin_account_path(@account.id)
      end
--- a/app/controllers/admin/disputes/appeals_controller.rb
+++ b/app/controllers/admin/disputes/appeals_controller.rb
@ -20,7 +20,7 @@ class Admin::Disputes::AppealsController < Admin::BaseController
    authorize @appeal, :approve?
    log_action :reject, @appeal
    @appeal.reject!(current_account)
-    UserMailer.appeal_rejected(@appeal.account.user, @appeal)
+    UserMailer.appeal_rejected(@appeal.account.user, @appeal).deliver_later
    redirect_to disputes_strike_path(@appeal.strike)
  end
--- a/app/controllers/admin/domain_blocks_controller.rb
+++ b/app/controllers/admin/domain_blocks_controller.rb
@ -33,7 +33,7 @@ module Admin
      # Disallow accidentally downgrading a domain block
      if existing_domain_block.present? && !@domain_block.stricter_than?(existing_domain_block)
-        @domain_block.save
+        @domain_block.validate
        flash.now[:alert] = I18n.t('admin.domain_blocks.existing_domain_block_html', name: existing_domain_block.domain, unblock_url: admin_domain_block_path(existing_domain_block)).html_safe
        @domain_block.errors.delete(:domain)
        return render :new
--- a/app/controllers/admin/instances_controller.rb
+++ b/app/controllers/admin/instances_controller.rb
@ -49,7 +49,7 @@ module Admin
    private
    def set_instance
-      @instance = Instance.find(TagManager.instance.normalize_domain(params[:id]&.strip))
+      @instance = Instance.find_or_initialize_by(domain: TagManager.instance.normalize_domain(params[:id]&.strip))
    end
    def set_instances
--- a/app/controllers/admin/software_updates_controller.rb
+++ b/app/controllers/admin/software_updates_controller.rb
@ -0,0 +1,18 @@
 # frozen_string_literal: true
 module Admin
  class SoftwareUpdatesController < BaseController
    before_action :check_enabled!
    def index
      authorize :software_update, :index?
      @software_updates = SoftwareUpdate.all.sort_by(&:gem_version)
    end
    private
    def check_enabled!
      not_found unless SoftwareUpdate.check_enabled?
    end
  end
 end
--- a/app/controllers/admin/statuses_controller.rb
+++ b/app/controllers/admin/statuses_controller.rb
@ -31,6 +31,11 @@ module Admin
    private
    def batched_ordered_status_edits
      @status.edits.reorder(nil).includes(:account, status: [:account]).find_each(order: :asc)
    end
    helper_method :batched_ordered_status_edits
    def admin_status_batch_action_params
      params.require(:admin_status_batch_action).permit(status_ids: [])
    end
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -7,6 +7,7 @@ class Api::BaseController < ApplicationController
  include RateLimitHeaders
  include AccessTokenTrackingConcern
  include ApiCachingConcern
  include Api::ContentSecurityPolicy
  skip_before_action :require_functional!, unless: :limited_federation_mode?
@ -17,26 +18,6 @@ class Api::BaseController < ApplicationController
  protect_from_forgery with: :null_session
  content_security_policy do |p|
    # Set every directive that does not have a fallback
    p.default_src :none
    p.frame_ancestors :none
    p.form_action :none
    # Disable every directive with a fallback to cut on response size
    p.base_uri false
    p.font_src false
    p.img_src false
    p.style_src false
    p.media_src false
    p.frame_src false
    p.manifest_src false
    p.connect_src false
    p.script_src false
    p.child_src false
    p.worker_src false
  end
  rescue_from ActiveRecord::RecordInvalid, Mastodon::ValidationError do |e|
    render json: { error: e.to_s }, status: 422
  end
--- a/app/controllers/api/v1/accounts/credentials_controller.rb
+++ b/app/controllers/api/v1/accounts/credentials_controller.rb
@ -16,6 +16,8 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
    current_user.update(user_params) if user_params
    ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
    render json: @account, serializer: REST::CredentialAccountSerializer
  rescue ActiveRecord::RecordInvalid => e
    render json: ValidationErrorFormatter.new(e).as_json, status: 422
  end
  private
@ -30,6 +32,7 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
      :bot,
      :discoverable,
      :hide_collections,
      :indexable,
      fields_attributes: [:name, :value]
    )
  end
--- a/app/controllers/api/v1/accounts/relationships_controller.rb
+++ b/app/controllers/api/v1/accounts/relationships_controller.rb
@ -5,10 +5,11 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
  before_action :require_user!
  def index
-    accounts = Account.without_suspended.where(id: account_ids).select('id')
+    scope = Account.where(id: account_ids).select('id')
    scope.merge!(Account.without_suspended) unless truthy_param?(:with_suspended)
    # .where doesn't guarantee that our results are in the same order
    # we requested them, so return the "right" order to the requestor.
-    @accounts = accounts.index_by(&:id).values_at(*account_ids).compact
+    @accounts = scope.index_by(&:id).values_at(*account_ids).compact
    render json: @accounts, each_serializer: REST::RelationshipSerializer, relationships: relationships
  end
--- a/app/controllers/api/v1/accounts_controller.rb
+++ b/app/controllers/api/v1/accounts_controller.rb
@ -1,6 +1,8 @@
 # frozen_string_literal: true
 class Api::V1::AccountsController < Api::BaseController
  include RegistrationHelper
  before_action -> { authorize_if_got_token! :read, :'read:accounts' }, except: [:create, :follow, :unfollow, :remove_from_followers, :block, :unblock, :mute, :unmute]
  before_action -> { doorkeeper_authorize! :follow, :write, :'write:follows' }, only: [:follow, :unfollow, :remove_from_followers]
  before_action -> { doorkeeper_authorize! :follow, :write, :'write:mutes' }, only: [:mute, :unmute]
@ -90,18 +92,14 @@ class Api::V1::AccountsController < Api::BaseController
  end
  def account_params
-    params.permit(:username, :email, :password, :agreement, :locale, :reason, :time_zone)
+    params.permit(:username, :email, :password, :agreement, :locale, :reason, :time_zone, :invite_code)
  end
  def invite
    Invite.find_by(code: params[:invite_code]) if params[:invite_code].present?
  end
  def check_enabled_registrations
-    forbidden if single_user_mode? || omniauth_only? || !allowed_registrations?
+    forbidden unless allowed_registration?(request.remote_ip, invite)
  end
  def allowed_registrations?
    Setting.registrations_mode != 'none'
  end
  def omniauth_only?
    ENV['OMNIAUTH_ONLY'] == 'true'
  end
 end
--- a/app/controllers/api/v1/admin/tags_controller.rb
+++ b/app/controllers/api/v1/admin/tags_controller.rb
@ -0,0 +1,74 @@
 # frozen_string_literal: true
 class Api::V1::Admin::TagsController < Api::BaseController
  include Authorization
  before_action -> { authorize_if_got_token! :'admin:read' }, only: [:index, :show]
  before_action -> { authorize_if_got_token! :'admin:write' }, only: :update
  before_action :set_tags, only: :index
  before_action :set_tag, except: :index
  after_action :insert_pagination_headers, only: :index
  after_action :verify_authorized
  LIMIT = 100
  PAGINATION_PARAMS = %i(limit).freeze
  def index
    authorize :tag, :index?
    render json: @tags, each_serializer: REST::Admin::TagSerializer
  end
  def show
    authorize @tag, :show?
    render json: @tag, serializer: REST::Admin::TagSerializer
  end
  def update
    authorize @tag, :update?
    @tag.update!(tag_params.merge(reviewed_at: Time.now.utc))
    render json: @tag, serializer: REST::Admin::TagSerializer
  end
  private
  def set_tag
    @tag = Tag.find(params[:id])
  end
  def set_tags
    @tags = Tag.all.to_a_paginated_by_id(limit_param(LIMIT), params_slice(:max_id, :since_id, :min_id))
  end
  def tag_params
    params.permit(:display_name, :trendable, :usable, :listable)
  end
  def insert_pagination_headers
    set_pagination_headers(next_path, prev_path)
  end
  def next_path
    api_v1_admin_tags_url(pagination_params(max_id: pagination_max_id)) if records_continue?
  end
  def prev_path
    api_v1_admin_tags_url(pagination_params(min_id: pagination_since_id)) unless @tags.empty?
  end
  def pagination_max_id
    @tags.last.id
  end
  def pagination_since_id
    @tags.first.id
  end
  def records_continue?
    @tags.size == limit_param(LIMIT)
  end
  def pagination_params(core_params)
    params.slice(*PAGINATION_PARAMS).permit(*PAGINATION_PARAMS).merge(core_params)
  end
 end
--- a/app/controllers/api/v1/apps/credentials_controller.rb
+++ b/app/controllers/api/v1/apps/credentials_controller.rb
@ -1,9 +1,9 @@
 # frozen_string_literal: true
 class Api::V1::Apps::CredentialsController < Api::BaseController
  before_action -> { doorkeeper_authorize! :read }
  def show
-    render json: doorkeeper_token.application, serializer: REST::ApplicationSerializer, fields: %i(name website vapid_key)
+    return doorkeeper_render_error unless valid_doorkeeper_token?
    render json: doorkeeper_token.application, serializer: REST::ApplicationSerializer, fields: %i(name website vapid_key client_id scopes)
  end
 end
--- a/app/controllers/api/v1/conversations_controller.rb
+++ b/app/controllers/api/v1/conversations_controller.rb
@ -41,10 +41,10 @@ class Api::V1::ConversationsController < Api::BaseController
                         account: :account_stat,
                         last_status: [
                           :media_attachments,
                           :preview_cards,
                           :status_stat,
                           :tags,
                           {
                             preview_cards_status: :preview_card,
                             active_mentions: [account: :account_stat],
                             account: :account_stat,
                           },
--- a/app/controllers/api/v1/directories_controller.rb
+++ b/app/controllers/api/v1/directories_controller.rb
@ -16,7 +16,9 @@ class Api::V1::DirectoriesController < Api::BaseController
  end
  def set_accounts
-    @accounts = accounts_scope.offset(params[:offset]).limit(limit_param(DEFAULT_ACCOUNTS_LIMIT))
+    with_read_replica do
      @accounts = accounts_scope.offset(params[:offset]).limit(limit_param(DEFAULT_ACCOUNTS_LIMIT))
    end
  end
  def accounts_scope
--- a/app/controllers/api/v1/instances/activity_controller.rb
+++ b/app/controllers/api/v1/instances/activity_controller.rb
@ -1,12 +1,8 @@
 # frozen_string_literal: true
-class Api::V1::Instances::ActivityController < Api::BaseController
+class Api::V1::Instances::ActivityController < Api::V1::Instances::BaseController
  before_action :require_enabled_api!
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  vary_by ''
  def show
    cache_even_if_authenticated!
    render_with_cache json: :activity, expires_in: 1.day
--- a/app/controllers/api/v1/instances/base_controller.rb
+++ b/app/controllers/api/v1/instances/base_controller.rb
@ -0,0 +1,8 @@
 # frozen_string_literal: true
 class Api::V1::Instances::BaseController < Api::BaseController
  skip_before_action :require_authenticated_user!,
                     unless: :limited_federation_mode?
  vary_by ''
 end
--- a/app/controllers/api/v1/instances/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/instances/domain_blocks_controller.rb
@ -1,8 +1,6 @@
 # frozen_string_literal: true
-class Api::V1::Instances::DomainBlocksController < Api::BaseController
+class Api::V1::Instances::DomainBlocksController < Api::V1::Instances::BaseController
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  before_action :require_enabled_api!
  before_action :set_domain_blocks
@ -15,7 +13,7 @@ class Api::V1::Instances::DomainBlocksController < Api::BaseController
      cache_if_unauthenticated!
    end
-    render json: @domain_blocks, each_serializer: REST::DomainBlockSerializer, with_comment: (Setting.show_domain_blocks_rationale == 'all' || (Setting.show_domain_blocks_rationale == 'users' && user_signed_in?))
+    render json: @domain_blocks, each_serializer: REST::DomainBlockSerializer, with_comment: show_rationale_in_response?
  end
  private
@ -27,4 +25,16 @@ class Api::V1::Instances::DomainBlocksController < Api::BaseController
  def set_domain_blocks
    @domain_blocks = DomainBlock.with_user_facing_limitations.by_severity
  end
  def show_rationale_in_response?
    always_show_rationale? || show_rationale_for_user?
  end
  def always_show_rationale?
    Setting.show_domain_blocks_rationale == 'all'
  end
  def show_rationale_for_user?
    Setting.show_domain_blocks_rationale == 'users' && user_signed_in?
  end
 end
--- a/app/controllers/api/v1/instances/extended_descriptions_controller.rb
+++ b/app/controllers/api/v1/instances/extended_descriptions_controller.rb
@ -1,13 +1,10 @@
 # frozen_string_literal: true
-class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController
+class Api::V1::Instances::ExtendedDescriptionsController < Api::V1::Instances::BaseController
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  before_action :set_extended_description
  vary_by ''
  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
    super if limited_federation_mode?
--- a/app/controllers/api/v1/instances/languages_controller.rb
+++ b/app/controllers/api/v1/instances/languages_controller.rb
@ -1,13 +1,10 @@
 # frozen_string_literal: true
-class Api::V1::Instances::LanguagesController < Api::BaseController
+class Api::V1::Instances::LanguagesController < Api::V1::Instances::BaseController
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  before_action :set_languages
  vary_by ''
  def show
    cache_even_if_authenticated!
    render json: @languages, each_serializer: REST::LanguageSerializer
--- a/app/controllers/api/v1/instances/peers_controller.rb
+++ b/app/controllers/api/v1/instances/peers_controller.rb
@ -1,13 +1,10 @@
 # frozen_string_literal: true
-class Api::V1::Instances::PeersController < Api::BaseController
+class Api::V1::Instances::PeersController < Api::V1::Instances::BaseController
  before_action :require_enabled_api!
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  vary_by ''
  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
    super if limited_federation_mode?
--- a/app/controllers/api/v1/instances/privacy_policies_controller.rb
+++ b/app/controllers/api/v1/instances/privacy_policies_controller.rb
@ -1,12 +1,8 @@
 # frozen_string_literal: true
-class Api::V1::Instances::PrivacyPoliciesController < Api::BaseController
+class Api::V1::Instances::PrivacyPoliciesController < Api::V1::Instances::BaseController
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  before_action :set_privacy_policy
  vary_by ''
  def show
    cache_even_if_authenticated!
    render json: @privacy_policy, serializer: REST::PrivacyPolicySerializer
--- a/app/controllers/api/v1/instances/rules_controller.rb
+++ b/app/controllers/api/v1/instances/rules_controller.rb
@ -1,13 +1,10 @@
 # frozen_string_literal: true
-class Api::V1::Instances::RulesController < Api::BaseController
+class Api::V1::Instances::RulesController < Api::V1::Instances::BaseController
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale
  before_action :set_rules
  vary_by ''
  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
    super if limited_federation_mode?
--- a/app/controllers/api/v1/instances/translation_languages_controller.rb
+++ b/app/controllers/api/v1/instances/translation_languages_controller.rb
@ -1,12 +1,8 @@
 # frozen_string_literal: true
-class Api::V1::Instances::TranslationLanguagesController < Api::BaseController
+class Api::V1::Instances::TranslationLanguagesController < Api::V1::Instances::BaseController
  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  before_action :set_languages
  vary_by ''
  def show
    cache_even_if_authenticated!
    render json: @languages
--- a/app/controllers/api/v1/invites_controller.rb
+++ b/app/controllers/api/v1/invites_controller.rb
@ -0,0 +1,30 @@
 # frozen_string_literal: true
 class Api::V1::InvitesController < Api::BaseController
  include RegistrationHelper
  skip_before_action :require_authenticated_user!
  skip_around_action :set_locale
  before_action :set_invite
  before_action :check_enabled_registrations!
  # Override `current_user` to avoid reading session cookies
  def current_user; end
  def show
    render json: { invite_code: params[:invite_code], instance_api_url: api_v2_instance_url }, status: 200
  end
  private
  def set_invite
    @invite = Invite.find_by!(code: params[:invite_code])
  end
  def check_enabled_registrations!
    return render json: { error: I18n.t('invites.invalid') }, status: 401 unless @invite.valid_for_use?
    raise Mastodon::NotPermittedError unless allowed_registration?(request.remote_ip, @invite)
  end
 end
--- a/app/controllers/api/v1/peers/search_controller.rb
+++ b/app/controllers/api/v1/peers/search_controller.rb
@ -41,5 +41,7 @@ class Api::V1::Peers::SearchController < Api::BaseController
      domain = TagManager.instance.normalize_domain(domain)
      @domains = Instance.searchable.where(Instance.arel_table[:domain].matches("#{Instance.sanitize_sql_like(domain)}%", false, true)).limit(10).pluck(:domain)
    end
  rescue Addressable::URI::InvalidURIError
    @domains = []
  end
 end
--- a/app/controllers/api/v1/statuses/base_controller.rb
+++ b/app/controllers/api/v1/statuses/base_controller.rb
@ -0,0 +1,16 @@
 # frozen_string_literal: true
 class Api::V1::Statuses::BaseController < Api::BaseController
  include Authorization
  before_action :set_status
  private
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
 end
--- a/app/controllers/api/v1/statuses/bookmarks_controller.rb
+++ b/app/controllers/api/v1/statuses/bookmarks_controller.rb
@ -1,11 +1,9 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::BookmarksController < Api::BaseController
+class Api::V1::Statuses::BookmarksController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { doorkeeper_authorize! :write, :'write:bookmarks' }
  before_action :require_user!
-  before_action :set_status, only: [:create]
+  skip_before_action :set_status, only: [:destroy]
  def create
    current_account.bookmarks.find_or_create_by!(account: current_account, status: @status)
@ -28,13 +26,4 @@ class Api::V1::Statuses::BookmarksController < Api::BaseController
  rescue Mastodon::NotPermittedError
    not_found
  end
  private
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
 end
--- a/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb
@ -1,10 +1,7 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
+class Api::V1::Statuses::FavouritedByAccountsController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { authorize_if_got_token! :read, :'read:accounts' }
  before_action :set_status
  after_action :insert_pagination_headers
  def index
@ -61,13 +58,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
    @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
  end
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
  def pagination_params(core_params)
    params.slice(:limit).permit(:limit).merge(core_params)
  end
--- a/app/controllers/api/v1/statuses/favourites_controller.rb
+++ b/app/controllers/api/v1/statuses/favourites_controller.rb
@ -1,11 +1,9 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::FavouritesController < Api::BaseController
+class Api::V1::Statuses::FavouritesController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { doorkeeper_authorize! :write, :'write:favourites' }
  before_action :require_user!
-  before_action :set_status, only: [:create]
+  skip_before_action :set_status, only: [:destroy]
  def create
    FavouriteService.new.call(current_account, @status)
@ -30,13 +28,4 @@ class Api::V1::Statuses::FavouritesController < Api::BaseController
  rescue Mastodon::NotPermittedError
    not_found
  end
  private
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
 end
--- a/app/controllers/api/v1/statuses/histories_controller.rb
+++ b/app/controllers/api/v1/statuses/histories_controller.rb
@ -1,10 +1,7 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::HistoriesController < Api::BaseController
+class Api::V1::Statuses::HistoriesController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { authorize_if_got_token! :read, :'read:statuses' }
  before_action :set_status
  def show
    cache_if_unauthenticated!
@ -16,11 +13,4 @@ class Api::V1::Statuses::HistoriesController < Api::BaseController
  def status_edits
    @status.edits.includes(:account, status: [:account]).to_a.presence || [@status.build_snapshot(at_time: @status.edited_at || @status.created_at)]
  end
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
 end
--- a/app/controllers/api/v1/statuses/mutes_controller.rb
+++ b/app/controllers/api/v1/statuses/mutes_controller.rb
@ -1,11 +1,8 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::MutesController < Api::BaseController
+class Api::V1::Statuses::MutesController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { doorkeeper_authorize! :write, :'write:mutes' }
  before_action :require_user!
  before_action :set_status
  before_action :set_conversation
  def create
@ -24,13 +21,6 @@ class Api::V1::Statuses::MutesController < Api::BaseController
  private
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
  def set_conversation
    @conversation = @status.conversation
    raise Mastodon::ValidationError if @conversation.nil?
--- a/app/controllers/api/v1/statuses/pins_controller.rb
+++ b/app/controllers/api/v1/statuses/pins_controller.rb
@ -1,11 +1,8 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::PinsController < Api::BaseController
+class Api::V1::Statuses::PinsController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { doorkeeper_authorize! :write, :'write:accounts' }
  before_action :require_user!
  before_action :set_status
  def create
    StatusPin.create!(account: current_account, status: @status)
@ -26,10 +23,6 @@ class Api::V1::Statuses::PinsController < Api::BaseController
  private
  def set_status
    @status = Status.find(params[:status_id])
  end
  def distribute_add_activity!
    json = ActiveModelSerializers::SerializableResource.new(
      @status,
--- a/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb
@ -1,10 +1,7 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
+class Api::V1::Statuses::RebloggedByAccountsController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { authorize_if_got_token! :read, :'read:accounts' }
  before_action :set_status
  after_action :insert_pagination_headers
  def index
@ -57,13 +54,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
    @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
  end
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
  def pagination_params(core_params)
    params.slice(:limit).permit(:limit).merge(core_params)
  end
--- a/app/controllers/api/v1/statuses/reblogs_controller.rb
+++ b/app/controllers/api/v1/statuses/reblogs_controller.rb
@ -1,13 +1,13 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::ReblogsController < Api::BaseController
+class Api::V1::Statuses::ReblogsController < Api::V1::Statuses::BaseController
  include Authorization
  include Redisable
  include Lockable
  before_action -> { doorkeeper_authorize! :write, :'write:statuses' }
  before_action :require_user!
  before_action :set_reblog, only: [:create]
  skip_before_action :set_status
  override_rate_limit_headers :create, family: :statuses
--- a/app/controllers/api/v1/statuses/sources_controller.rb
+++ b/app/controllers/api/v1/statuses/sources_controller.rb
@ -1,21 +1,9 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::SourcesController < Api::BaseController
+class Api::V1::Statuses::SourcesController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
  before_action :set_status
  def show
    render json: @status, serializer: REST::StatusSourceSerializer
  end
  private
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
 end
--- a/app/controllers/api/v1/statuses/translations_controller.rb
+++ b/app/controllers/api/v1/statuses/translations_controller.rb
@ -1,14 +1,19 @@
 # frozen_string_literal: true
-class Api::V1::Statuses::TranslationsController < Api::BaseController
+class Api::V1::Statuses::TranslationsController < Api::V1::Statuses::BaseController
  include Authorization
  before_action -> { doorkeeper_authorize! :read, :'read:statuses' }
  before_action :set_status
  before_action :set_translation
  rescue_from TranslationService::NotConfiguredError, with: :not_found
-  rescue_from TranslationService::UnexpectedResponseError, TranslationService::QuotaExceededError, TranslationService::TooManyRequestsError, with: :service_unavailable
+  rescue_from TranslationService::UnexpectedResponseError, with: :service_unavailable
  rescue_from TranslationService::QuotaExceededError do
    render json: { error: I18n.t('translation.errors.quota_exceeded') }, status: 503
  end
  rescue_from TranslationService::TooManyRequestsError do
    render json: { error: I18n.t('translation.errors.too_many_requests') }, status: 503
  end
  def create
    render json: @translation, serializer: REST::TranslationSerializer
@ -16,13 +21,6 @@ class Api::V1::Statuses::TranslationsController < Api::BaseController
  private
  def set_status
    @status = Status.find(params[:status_id])
    authorize @status, :show?
  rescue Mastodon::NotPermittedError
    not_found
  end
  def set_translation
    @translation = TranslateStatusService.new.call(@status, content_locale)
  end
--- a/Show More
+++ b/Show More