Bump version to 1.4.0.2 (#3190)

Resolves #2780

.babelrc

@@ -1,7 +1,62 @@
 {
-  "presets": ["es2015", "react"],
+  "presets": [
+    "react",
+    [
+      "env",
+      {
+        "loose": true,
+        "modules": false,
+        "targets": {
+          "browsers": ["last 2 versions", "IE >= 11", "iOS >= 9"]
+        }
+      }
+    ]
+  ],
   "plugins": [
-    "transform-decorators-legacy",
-    "transform-object-rest-spread"
-  ]
+    "syntax-dynamic-import",
+    "transform-object-rest-spread",
+    "transform-class-properties",
+    [
+      "react-intl",
+      {
+        "messagesDir": "./build/messages"
+      }
+    ]
+  ],
+  "env": {
+    "development": {
+      "plugins": [
+        "transform-react-jsx-source",
+        "transform-react-jsx-self"
+      ]
+    },
+    "production": {
+      "plugins": [
+        "lodash",
+        [
+          "transform-react-remove-prop-types",
+          {
+            "mode": "remove",
+            "removeImport": true,
+            "additionalLibraries": [
+              "react-immutable-proptypes"
+            ]
+          }
+        ],
+        [
+          "transform-runtime",
+          {
+            "helpers": true,
+            "polyfill": false,
+            "regenerator": false
+          }
+        ]
+      ]
+    },
+    "test": {
+      "plugins": [
+        "transform-es2015-modules-commonjs"
+      ]
+    }
+  }
 }

.buildpacks

@@ -1,2 +1,3 @@
+https://github.com/heroku/heroku-buildpack-apt
 https://github.com/Scalingo/nodejs-buildpack
 https://github.com/Scalingo/ruby-buildpack

.codeclimate.yml

@@ -1,18 +1,21 @@
 engines:
- duplication:
-   enabled: true
-   config:
-     languages:
-     - ruby
-     - javascript
- rubocop:
-   enabled: true
- eslint:
-   enabled: true
+  brakeman:
+    enabled: true
+  bundler-audit:
+    enabled: true
+  duplication:
+    enabled: false
+  eslint:
+    enabled: true
+  rubocop:
+    enabled: true
+  scss-lint:
+    enabled: true
 ratings:
- paths:
- - "**.rb"
- - "**.js"
+  paths:
+  - "**.rb"
+  - "**.js"
+  - "**.scss"
 exclude_paths:
 - spec/
 - vendor/asset

.dockerignore

@@ -6,3 +6,8 @@ node_modules
 storybook
 neo4j
 vendor/bundle
+.DS_Store
+*.swp
+*~
+postgres
+redis

.editorconfig

@@ -0,0 +1,12 @@
+# EditorConfig is awesome: http://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+charset = utf-8
+indent_style = space
+indent_size = 2

.env.production.sample

@@ -1,6 +1,8 @@
 # Service dependencies
+# You may set REDIS_URL instead for more advanced options
 REDIS_HOST=redis
 REDIS_PORT=6379
+# You may set DATABASE_URL instead for more advanced options
 DB_HOST=db
 DB_USER=postgres
 DB_NAME=postgres
@@ -8,9 +10,16 @@ DB_PASS=
 DB_PORT=5432
 
 # Federation
-LOCAL_DOMAIN=example.com
+# Note: Changing LOCAL_DOMAIN or LOCAL_HTTPS at a later time will cause unwanted side effects.
+# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
+LOCAL_DOMAIN=example.com 
 LOCAL_HTTPS=true
 
+# Use this only if you need to run mastodon on a different domain than the one used for federation.
+# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
+# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
+# WEB_DOMAIN=mastodon.example.com
+
 # Application secrets
 # Generate each with the `rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
 PAPERCLIP_SECRET=
@@ -29,11 +38,26 @@ OTP_SECRET=
 # DEFAULT_LOCALE=de
 
 # E-mail configuration
+# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
+# If you want to use an SMTP server without authentication (e.g local Postfix relay)
+# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and 
+# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
 SMTP_SERVER=smtp.mailgun.org
 SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
 SMTP_FROM_ADDRESS=notifications@example.com
+#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
+#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
+#SMTP_AUTH_METHOD=plain
+#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
+#SMTP_OPENSSL_VERIFY_MODE=peer
+#SMTP_ENABLE_STARTTLS_AUTO=true
+
+
+# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
+# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
+# PAPERCLIP_ROOT_URL=/system
 
 # Optional asset host for multi-server setups
 # CDN_HOST=assets.example.com
@@ -56,9 +80,23 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # S3_PROTOCOL=https
 # S3_HOSTNAME=
 # S3_ENDPOINT=
+# S3_SIGNATURE_VERSION=
 
 # Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
 # S3_CLOUDFRONT_HOST=
 
 # Streaming API integration
 # STREAMING_API_BASE_URL=
+
+# Advanced settings
+# If you need to use pgBouncer, you need to disable prepared statements:
+# PREPARED_STATEMENTS=false
+
+# Cluster number setting for streaming API server.
+# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
+STREAMING_CLUSTER_NUM=1
+
+# Docker mastodon user
+# If you use Docker, you may want to assign UID/GID manually.
+# UID=1000
+# GID=1000

.env.test

@@ -1,3 +1,4 @@
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
+OTP_SECRET=100c7faeef00caa29242f6b04156742bf76065771fd4117990c4282b8748ff3d99f8fdae97c982ab5bd2e6756a159121377cce4421f4a8ecd2d67bd7749a3fb4

.eslintignore

@@ -0,0 +1,30 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-journal
+
+# Ignore all logfiles and tempfiles.
+/log/*
+!/log/.keep
+/tmp
+coverage
+public/system
+public/assets
+.env
+.env.production
+node_modules/
+neo4j/
+
+# Ignore Vagrant files
+.vagrant/
+
+# Ignore Capistrano customizations
+config/deploy/*

.eslintrc

@@ -1,51 +0,0 @@
-{
-  "env": {
-    "browser": true,
-    "node": false,
-    "es6": true
-  },
-
-  "parser": "babel-eslint",
-
-  "plugins": [
-    "react"
-  ],
-
-  "parserOptions": {
-    "sourceType": "module",
-
-    "ecmaFeatures": {
-      "arrowFunctions": true,
-      "jsx": true,
-      "destructuring": true,
-      "modules": true,
-      "spread": true
-    }
-  },
-
-  "rules": {
-    "no-cond-assign": 2,
-    "no-console": 1,
-    "no-irregular-whitespace": 2,
-    "no-unreachable": 2,
-    "valid-typeof": 2,
-    "consistent-return": 2,
-    "dot-notation": 2,
-    "eqeqeq": 2,
-    "no-fallthrough": 2,
-    "no-unused-expressions": 2,
-    "strict": 0,
-    "no-catch-shadow": 2,
-    "indent": [1, 2],
-    "brace-style": 1,
-    "comma-spacing": [1, {"before": false, "after": true}],
-    "comma-style": [1, "last"],
-    "no-mixed-spaces-and-tabs": 1,
-    "no-nested-ternary": 1,
-    "no-trailing-spaces": 1,
-    "react/wrap-multilines": 2,
-    "react/self-closing-comp": 2,
-    "react/prop-types": 2,
-    "react/no-multi-comp": 0
-  }
-}

.eslintrc.yml

@@ -0,0 +1,88 @@
+---
+env:
+  browser: true
+  node: false
+  es6: true
+
+parser: babel-eslint
+
+plugins:
+- react
+- jsx-a11y
+
+parserOptions:
+  sourceType: module
+  ecmaFeatures:
+    arrowFunctions: true
+    jsx: true
+    destructuring: true
+    modules: true
+    spread: true
+
+rules:
+
+  no-cond-assign: error
+  no-console: warn
+  no-irregular-whitespace: error
+  no-unreachable: error
+  valid-typeof: error
+  consistent-return: error
+  dot-notation: error
+  eqeqeq: error
+  no-fallthrough: error
+  no-unused-expressions: error
+  strict: off
+  no-catch-shadow: error
+  indent:
+  - warn
+  - 2
+  brace-style: warn
+  comma-spacing:
+  - warn
+  - before: false
+    after: true
+  comma-style:
+  - warn
+  - last
+  no-mixed-spaces-and-tabs: warn
+  no-nested-ternary: warn
+  no-trailing-spaces: warn
+  semi: error
+  padded-blocks:
+  - error
+  - classes: always
+  comma-dangle:
+  - error
+  - always-multiline
+
+  react/jsx-wrap-multilines: error
+  react/jsx-no-bind: error
+  react/self-closing-comp: error
+  react/prop-types: error
+  react/no-multi-comp: off
+
+  jsx-a11y/accessible-emoji: warn
+  jsx-a11y/anchor-has-content: warn
+  jsx-a11y/aria-activedescendant-has-tabindex: warn
+  jsx-a11y/aria-props: warn
+  jsx-a11y/aria-proptypes: warn
+  jsx-a11y/aria-role: warn
+  jsx-a11y/aria-unsupported-elements: warn
+  jsx-a11y/heading-has-content: warn
+  jsx-a11y/href-no-hash: warn
+  jsx-a11y/html-has-lang: warn
+  jsx-a11y/iframe-has-title: warn
+  jsx-a11y/img-has-alt: warn
+  jsx-a11y/img-redundant-alt: warn
+  jsx-a11y/label-has-for: warn
+  jsx-a11y/mouse-events-have-key-events: warn
+  jsx-a11y/no-access-key: warn
+  jsx-a11y/no-distracting-elements: warn
+  jsx-a11y/no-onchange: warn
+  jsx-a11y/no-redundant-roles: warn
+  jsx-a11y/onclick-has-focus: warn
+  jsx-a11y/onclick-has-role: warn
+  jsx-a11y/role-has-required-aria-props: warn
+  jsx-a11y/role-supports-aria-props: warn
+  jsx-a11y/scope: warn
+  jsx-a11y/tabindex-no-positive: warn

.foreman

@@ -0,0 +1 @@
+procfile: Procfile.dev

.gitignore

@@ -4,8 +4,9 @@
 # or operating system, you probably want to add a global ignore instead:
 #   git config --global core.excludesfile '~/.gitignore_global'
 
-# Ignore bundler config.
+# Ignore bundler config and downloaded libraries.
 /.bundle
+/vendor/bundle
 
 # Ignore the default SQLite database.
 /db/*.sqlite3
@@ -21,10 +22,38 @@ public/assets
 .env
 .env.production
 node_modules/
-neo4j/
+build/
 
 # Ignore Vagrant files
 .vagrant/
 
 # Ignore Capistrano customizations
 config/deploy/*
+
+# Ignore IDE files
+.vscode/
+
+# Ignore postgres + redis volume optionally created by docker-compose
+postgres
+redis
+
+# Ignore Apple files
+.DS_Store
+
+# Ignore vim files
+*~
+*.swp
+/public/packs
+/node_modules
+
+
+# Ignore npm debug log
+npm-debug.log
+
+# Ignore yarn log files
+yarn-error.log
+yarn-debug.log
+
+# Ignore Docker option files
+docker-compose.override.yml
+

.haml-lint.yml

@@ -0,0 +1,108 @@
+# Whether to ignore frontmatter at the beginning of HAML documents for
+# frameworks such as Jekyll/Middleman
+skip_frontmatter: false
+
+exclude:
+  - 'vendor/**/*'
+  - 'spec/**/*'
+  - 'lib/templates/**/*'
+  - 'app/views/kaminari/**/*'
+
+linters:
+  AltText:
+    enabled: false
+
+  ClassAttributeWithStaticValue:
+    enabled: true
+
+  ClassesBeforeIds:
+    enabled: true
+
+  ConsecutiveComments:
+    enabled: true
+
+  ConsecutiveSilentScripts:
+    enabled: true
+    max_consecutive: 2
+
+  EmptyObjectReference:
+    enabled: true
+
+  EmptyScript:
+    enabled: true
+
+  FinalNewline:
+    enabled: true
+    present: true
+
+  HtmlAttributes:
+    enabled: true
+
+  ImplicitDiv:
+    enabled: true
+
+  LeadingCommentSpace:
+    enabled: true
+
+  LineLength:
+    enabled: false
+    max: 80
+
+  MultilinePipe:
+    enabled: true
+
+  MultilineScript:
+    enabled: true
+
+  ObjectReferenceAttributes:
+    enabled: true
+
+  RuboCop:
+    enabled: true
+    # These cops are incredibly noisy when it comes to HAML templates, so we
+    # ignore them.
+    ignored_cops:
+      - Lint/BlockAlignment
+      - Lint/EndAlignment
+      - Lint/Void
+      - Metrics/BlockLength
+      - Metrics/LineLength
+      - Style/AlignParameters
+      - Style/BlockNesting
+      - Style/ElseAlignment
+      - Style/EndOfLine
+      - Style/FileName
+      - Style/FinalNewline
+      - Style/FrozenStringLiteralComment
+      - Style/IfUnlessModifier
+      - Style/IndentationWidth
+      - Style/Next
+      - Style/TrailingBlankLines
+      - Style/TrailingWhitespace
+      - Style/WhileUntilModifier
+
+  RubyComments:
+    enabled: true
+
+  SpaceBeforeScript:
+    enabled: true
+
+  SpaceInsideHashAttributes:
+    enabled: true
+    style: space
+
+  Indentation:
+    enabled: true
+    character: space # or tab
+
+  TagName:
+    enabled: true
+
+  TrailingWhitespace:
+    enabled: true
+
+  UnnecessaryInterpolation:
+    enabled: true
+
+  UnnecessaryStringOutput:
+    enabled: true

.nvmrc

@@ -1 +1 @@
-6.7.0
+6

.postcssrc.yml

@@ -0,0 +1,8 @@
+plugins:
+  postcss-smart-import: {}
+  precss: {}
+  autoprefixer:
+    browsers:
+      - last 2 versions
+      - IE >= 11
+      - iOS >= 9

.rubocop.yml

@@ -77,6 +77,9 @@ Style/Lambda:
 Rails/HasAndBelongsToMany:
   Enabled: false
 
+Bundler/OrderedGems:
+  Enabled: false
+
 AllCops:
   TargetRubyVersion: 2.3
   Exclude:
@@ -88,3 +91,4 @@ AllCops:
   - 'Rakefile'
   - 'node_modules/**/*'
   - 'Vagrantfile'
+  - 'vendor/**/*'

.ruby-version

@@ -1 +1 @@
-2.3.1
+2.4.1

.scss-lint.yml

@@ -0,0 +1,264 @@
+# Linter Documentation:
+# https://github.com/brigade/scss-lint/blob/v0.42.2/lib/scss_lint/linter/README.md
+
+scss_files: 'app/javascript/styles/**/*.scss'
+
+exclude:
+  - app/javascript/styles/reset.scss
+
+linters:
+  # Reports when you use improper spacing around ! (the "bang") in !default,
+  # !global, !important, and !optional flags.
+  BangFormat:
+    enabled: false
+
+  # Whether or not to prefer `border: 0` over `border: none`.
+  BorderZero:
+    enabled: false
+
+  # Reports when you define a rule set using a selector with chained classes
+  # (a.k.a. adjoining classes).
+  ChainedClasses:
+    enabled: false
+
+  # Prefer hexadecimal color codes over color keywords.
+  # (e.g. `color: green` is a color keyword)
+  ColorKeyword:
+    enabled: false
+
+  # Prefer color literals (keywords or hexadecimal codes) to be used only in
+  # variable declarations. They should be referred to via variables everywhere
+  # else.
+  ColorVariable:
+    enabled: true
+
+  # Which form of comments to prefer in CSS.
+  Comment:
+    enabled: false
+
+  # Reports @debug statements (which you probably left behind accidentally).
+  DebugStatement:
+    enabled: false
+
+  # Rule sets should be ordered as follows:
+  # - @extend declarations
+  # - @include declarations without inner @content
+  # - properties, @include declarations with inner @content
+  # - nested rule sets.
+  DeclarationOrder:
+    enabled: false
+
+  # `scss-lint:disable` control comments should be preceded by a comment
+  # explaining why these linters are being disabled for this file.
+  # See https://github.com/brigade/scss-lint#disabling-linters-via-source for
+  # more information.
+  DisableLinterReason:
+    enabled: true
+
+  # Reports when you define the same property twice in a single rule set.
+  DuplicateProperty:
+    enabled: false
+
+  # Separate rule, function, and mixin declarations with empty lines.
+  EmptyLineBetweenBlocks:
+    enabled: true
+
+  # Reports when you have an empty rule set.
+  EmptyRule:
+    enabled: true
+
+  # Reports when you have an @extend directive.
+  ExtendDirective:
+    enabled: false
+
+  # Files should always have a final newline. This results in better diffs
+  # when adding lines to the file, since SCM systems such as git won't
+  # think that you touched the last line.
+  FinalNewline:
+    enabled: false
+
+  # HEX colors should use three-character values where possible.
+  HexLength:
+    enabled: false
+
+  # HEX color values should use lower-case colors to differentiate between
+  # letters and numbers, e.g. `#E3E3E3` vs. `#e3e3e3`.
+  HexNotation:
+    enabled: true
+
+  # Avoid using ID selectors.
+  IdSelector:
+    enabled: false
+
+  # The basenames of @imported SCSS partials should not begin with an
+  # underscore and should not include the filename extension.
+  ImportPath:
+    enabled: false
+
+  # Avoid using !important in properties. It is usually indicative of a
+  # misunderstanding of CSS specificity and can lead to brittle code.
+  ImportantRule:
+    enabled: false
+
+  # Indentation should always be done in increments of 2 spaces.
+  Indentation:
+    enabled: true
+    width: 2
+
+  # Don't write leading zeros for numeric values with a decimal point.
+  LeadingZero:
+    enabled: false
+
+  # Reports when you define the same selector twice in a single sheet.
+  MergeableSelector:
+    enabled: false
+
+  # Functions, mixins, variables, and placeholders should be declared
+  # with all lowercase letters and hyphens instead of underscores.
+  NameFormat:
+    enabled: false
+
+  # Avoid nesting selectors too deeply.
+  NestingDepth:
+    enabled: false
+
+  # Always use placeholder selectors in @extend.
+  PlaceholderInExtend:
+    enabled: false
+
+  # Sort properties in a strict order.
+  PropertySortOrder:
+    enabled: false
+
+  # Reports when you use an unknown or disabled CSS property
+  # (ignoring vendor-prefixed properties).
+  PropertySpelling:
+    enabled: false
+
+  # Configure which units are allowed for property values.
+  PropertyUnits:
+    enabled: false
+
+  # Pseudo-elements, like ::before, and ::first-letter, should be declared
+  # with two colons. Pseudo-classes, like :hover and :first-child, should
+  # be declared with one colon.
+  PseudoElement:
+    enabled: true
+
+  # Avoid qualifying elements in selectors (also known as "tag-qualifying").
+  QualifyingElement:
+    enabled: false
+
+  # Don't write selectors with a depth of applicability greater than 3.
+  SelectorDepth:
+    enabled: false
+
+  # Selectors should always use hyphenated-lowercase, rather than camelCase or
+  # snake_case.
+  SelectorFormat:
+    enabled: false
+    convention: hyphenated_lowercase
+
+  # Prefer the shortest shorthand form possible for properties that support it.
+  Shorthand:
+    enabled: true
+
+  # Each property should have its own line, except in the special case of
+  # single line rulesets.
+  SingleLinePerProperty:
+    enabled: true
+    allow_single_line_rule_sets: true
+
+  # Split selectors onto separate lines after each comma, and have each
+  # individual selector occupy a single line.
+  SingleLinePerSelector:
+    enabled: true
+
+  # Commas in lists should be followed by a space.
+  SpaceAfterComma:
+    enabled: false
+
+  # Properties should be formatted with a single space separating the colon
+  # from the property's value.
+  SpaceAfterPropertyColon:
+    enabled: true
+
+  # Properties should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterPropertyName:
+    enabled: true
+
+  # Variables should be formatted with a single space separating the colon
+  # from the variable's value.
+  SpaceAfterVariableColon:
+    enabled: true
+
+  # Variables should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterVariableName:
+    enabled: false
+
+  # Operators should be formatted with a single space on both sides of an
+  # infix operator.
+  SpaceAroundOperator:
+    enabled: true
+
+  # Opening braces should be preceded by a single space.
+  SpaceBeforeBrace:
+    enabled: true
+
+  # Parentheses should not be padded with spaces.
+  SpaceBetweenParens:
+    enabled: false
+
+  # Enforces that string literals should be written with a consistent form
+  # of quotes (single or double).
+  StringQuotes:
+    enabled: false
+
+  # Property values, @extend, @include, and @import directives, and variable
+  # declarations should always end with a semicolon.
+  TrailingSemicolon:
+    enabled: true
+
+  # Reports lines containing trailing whitespace.
+  TrailingWhitespace:
+    enabled: true
+
+  # Don't write trailing zeros for numeric values with a decimal point.
+  TrailingZero:
+    enabled: false
+
+  # Don't use the `all` keyword to specify transition properties.
+  TransitionAll:
+    enabled: false
+
+  # Numeric values should not contain unnecessary fractional portions.
+  UnnecessaryMantissa:
+    enabled: false
+
+  # Do not use parent selector references (&) when they would otherwise
+  # be unnecessary.
+  UnnecessaryParentReference:
+    enabled: false
+
+  # URLs should be valid and not contain protocols or domain names.
+  UrlFormat:
+    enabled: true
+
+  # URLs should always be enclosed within quotes.
+  UrlQuotes:
+    enabled: true
+
+  # Properties, like color and font, are easier to read and maintain
+  # when defined using variables rather than literals.
+  VariableForProperty:
+    enabled: false
+
+  # Avoid vendor prefixes. Or rather: don't write them yourself.
+  VendorPrefix:
+    enabled: false
+
+  # Omit length units on zero values, e.g. `0px` vs. `0`.
+  ZeroUnit:
+    enabled: true

.travis.yml

@@ -1,42 +1,55 @@
 language: ruby
-cache: bundler
+cache:
+  bundler: true
+  yarn: true
+  directories:
+  - node_modules
+dist: trusty
+sudo: false
 
 notifications:
   email: false
 
 env:
-  matrix:
-    - TRAVIS_NODE_VERSION="4"
   global:
     - LOCAL_DOMAIN=cb6e6126.ngrok.io
     - LOCAL_HTTPS=true
     - RAILS_ENV=test
-    - CXX=g++-4.8
+    - NOKOGIRI_USE_SYSTEM_LIBRARIES=true
+    - PARALLEL_TEST_PROCESSORS=2
+    - "PATH=$HOME:$PATH"
+
 addons:
   postgresql: 9.4
+  apt:
+    sources:
+    - ubuntu-toolchain-r-test
+    - trusty-media
+    packages:
+    - ffmpeg
+    - g++-6
+    - libprotobuf-dev
+    - protobuf-compiler
 
 rvm:
-  - 2.3.1
+  - 2.3.4
+  - 2.4.1
 
 services:
   - redis-server
 
-bundler_args: --without development production --retry=3 --jobs=3
-
-before_install:
-  - sudo add-apt-repository -y ppa:ubuntu-toolchain-r/test
-  - sudo apt-get -qq update
-  - sudo apt-get -qq install g++-4.8
 install:
-  - nvm install $TRAVIS_NODE_VERSION
-  - npm install -g npm@3
+  - nvm install
   - npm install -g yarn
-  - bundle install
+  - bundle install --path=vendor/bundle --without development production --retry=3 --jobs=16
   - yarn install
 
 before_script:
-  - bundle exec rails db:create db:migrate
+  - bundle exec rake parallel:create parallel:load_schema parallel:prepare
+  - bundle exec rails assets:precompile
+  - ln -s /usr/bin/x86_64-linux-gnu-g++-6 "$HOME/g++"
 
 script:
-  - bundle exec rspec
+  - bundle exec parallel_test spec/ --group-by filesize --type rspec
   - npm test
+  - bundle exec i18n-tasks unused

Aptfile

@@ -0,0 +1,2 @@
+protobuf-compiler
+libprotobuf-dev

CONTRIBUTING.md

@@ -7,7 +7,7 @@ There are three ways in which you can contribute to this repository:
 2. By working on the back-end application
 3. By working on the front-end application
 
-Choosing what to work on in a large open source project is not easy. The list of GitHub issues may provide some ideas, but not every feature request has been greenlit. Likewise, not every change or feature that resolves a personal itch will be merged into the main repository. Some communication ahead of time may be wise.
+Choosing what to work on in a large open source project is not easy. The list of [GitHub issues](https://github.com/tootsuite/mastodon/issues) may provide some ideas, but not every feature request has been greenlit. Likewise, not every change or feature that resolves a personal itch will be merged into the main repository. Some communication ahead of time may be wise. If your addition creates a new feature or setting, or otherwise changes how things work in some substantial way, please remember to submit a correlating pull request to document your changes in the [documentation](http://github.com/tootsuite/documentation).
 
 Below are the guidelines for working on pull requests:
 
@@ -21,9 +21,17 @@ Below are the guidelines for working on pull requests:
 - No orthographic mistakes
 - No Markdown syntax errors
 
+## Requirements
+
+- Ruby
+- Node.js
+- PostgreSQL
+- Redis
+- Nginx (optional)
+
 ## Back-end application
 
-It is expected that you have a working development environment set up. The development environment includes rubocop, which checks your Ruby code for compliance with our style guide and best practices. Sublime Text, likely like other editors, has a Rubocop plugin that runs checks on files as you edit them. The codebase also has a test suite.
+It is expected that you have a working development environment set up. The development environment includes [rubocop](https://github.com/bbatsov/rubocop), which checks your Ruby code for compliance with our style guide and best practices. Sublime Text, likely like other editors, has a [Rubocop plugin](https://github.com/pderichs/sublime_rubocop) that runs checks on files as you edit them. The codebase also has a test suite.
 
 * The codebase is not perfect, at the time of writing, but it is expected that you do not introduce new code style violations
 * The rspec test suite must pass

Capfile

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'capistrano/setup'
 require 'capistrano/deploy'
 require 'capistrano/scm/git'
@@ -8,7 +9,6 @@ require 'capistrano/rbenv'
 require 'capistrano/bundler'
 require 'capistrano/yarn'
 require 'capistrano/rails/assets'
-require 'capistrano/faster_assets'
 require 'capistrano/rails/migrations'
 
 Dir.glob('lib/capistrano/tasks/*.rake').each { |r| import r }

Dockerfile

@@ -1,38 +1,54 @@
-FROM ruby:2.3.1-alpine
+FROM ruby:2.4.1-alpine
 
 LABEL maintainer="https://github.com/tootsuite/mastodon" \
       description="A GNU Social-compatible microblogging server"
 
-ENV RAILS_ENV=production \
-    NODE_ENV=production
+ENV UID=991 GID=991 \
+    RAILS_SERVE_STATIC_FILES=true \
+    RAILS_ENV=production NODE_ENV=production
 
 EXPOSE 3000 4000
 
 WORKDIR /mastodon
 
-COPY Gemfile Gemfile.lock package.json yarn.lock /mastodon/
-
-RUN BUILD_DEPS=" \
-    postgresql-dev \
+RUN echo "@edge https://nl.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories \
+ && apk -U upgrade \
+ && apk add -t build-dependencies \
+    build-base \
     libxml2-dev \
     libxslt-dev \
-    build-base" \
- && apk -U upgrade && apk add \
-    $BUILD_DEPS \
-    nodejs \
+    postgresql-dev \
+    protobuf-dev \
+    python \
+ && apk add \
+    ca-certificates \
+    ffmpeg \
+    file \
+    git \
+    imagemagick@edge \
     libpq \
     libxml2 \
     libxslt \
-    ffmpeg \
-    file \
-    imagemagick \
+    nodejs-npm@edge \
+    nodejs@edge \
+    protobuf \
+    su-exec \
+    tini \
  && npm install -g npm@3 && npm install -g yarn \
- && bundle install --deployment --without test development \
- && yarn \
- && npm cache clean \
- && apk del $BUILD_DEPS \
+ && update-ca-certificates \
  && rm -rf /tmp/* /var/cache/apk/*
 
+COPY Gemfile Gemfile.lock package.json yarn.lock /mastodon/
+
+RUN bundle install --deployment --without test development \
+ && yarn --ignore-optional --pure-lockfile
+
 COPY . /mastodon
 
-VOLUME /mastodon/public/system /mastodon/public/assets
+COPY docker_entrypoint.sh /usr/local/bin/run
+
+RUN chmod +x /usr/local/bin/run
+
+VOLUME /mastodon/public/system /mastodon/public/assets /mastodon/public/packs
+
+ENTRYPOINT ["/usr/local/bin/run"]

Gemfile

@@ -1,95 +1,103 @@
 # frozen_string_literal: true
 
 source 'https://rubygems.org'
-ruby '2.3.1'
+ruby '>= 2.3.0', '< 2.5.0'
 
-gem 'rails', '~> 5.0.2'
-gem 'sass-rails', '~> 5.0'
-gem 'uglifier', '>= 1.3.0'
-gem 'coffee-rails', '~> 4.1.0'
-gem 'jquery-rails'
-gem 'puma'
+gem 'pkg-config', '~> 1.2'
 
-gem 'hamlit-rails'
-gem 'pg'
-gem 'pghero'
-gem 'dotenv-rails'
-gem 'font-awesome-rails'
-gem 'best_in_place', '~> 3.0.1'
+gem 'puma', '~> 3.8'
+gem 'rails', '~> 5.0'
+gem 'uglifier', '~> 3.2'
 
+gem 'hamlit-rails', '~> 0.2'
+gem 'pg', '~> 0.20'
+gem 'pghero', '~> 1.7'
+gem 'dotenv-rails', '~> 2.2'
+
+gem 'aws-sdk', '~> 2.9'
 gem 'paperclip', '~> 5.1'
-gem 'paperclip-av-transcoder'
-gem 'aws-sdk', '>= 2.0'
+gem 'paperclip-av-transcoder', '~> 0.6'
 
-gem 'http'
-gem 'httplog'
-gem 'addressable'
-gem 'nokogiri'
-gem 'link_header'
-gem 'ostatus2'
-gem 'goldfinger'
-gem 'devise'
-gem 'devise-two-factor'
-gem 'doorkeeper'
-gem 'rabl'
-gem 'rqrcode'
-gem 'twitter-text'
-gem 'ox'
-gem 'oj'
-gem 'hiredis'
-gem 'redis', '~>3.2', require: ['redis', 'redis/connection/hiredis']
-gem 'fast_blank'
-gem 'htmlentities'
-gem 'simple_form'
-gem 'will_paginate'
-gem 'rack-attack'
-gem 'rack-cors', require: 'rack/cors'
-gem 'sidekiq'
-gem 'sidekiq-unique-jobs'
-gem 'rails-settings-cached'
-gem 'simple-navigation'
-gem 'statsd-instrument'
-gem 'ruby-oembed', require: 'oembed'
-gem 'rack-timeout'
-gem 'tzinfo-data'
-
-gem 'react-rails'
-gem 'browserify-rails'
-gem 'autoprefixer-rails'
+gem 'addressable', '~> 2.5'
+gem 'bootsnap'
+gem 'cld3', '~> 3.1'
+gem 'devise', '~> 4.2'
+gem 'devise-two-factor', '~> 3.0'
+gem 'doorkeeper', '~> 4.2'
+gem 'fast_blank', '~> 1.0'
+gem 'goldfinger', '~> 1.2'
+gem 'hiredis', '~> 0.6'
+gem 'redis-namespace', '~> 1.5'
+gem 'htmlentities', '~> 4.3'
+gem 'http', '~> 2.2'
+gem 'http_accept_language', '~> 2.1'
+gem 'httplog', '~> 0.99'
+gem 'kaminari', '~> 1.0'
+gem 'link_header', '~> 0.0'
+gem 'nokogiri', '~> 1.7'
+gem 'oj', '~> 3.0'
+gem 'ostatus2', '~> 2.0'
+gem 'ox', '~> 2.5'
+gem 'rabl', '~> 0.13'
+gem 'rack-attack', '~> 5.0'
+gem 'rack-cors', '~> 0.4', require: 'rack/cors'
+gem 'rack-timeout', '~> 0.4'
+gem 'rails-i18n', '~> 5.0'
+gem 'rails-settings-cached', '~> 0.6'
+gem 'redis', '~> 3.3', require: ['redis', 'redis/connection/hiredis']
+gem 'rqrcode', '~> 0.10'
+gem 'ruby-oembed', '~> 0.12', require: 'oembed'
+gem 'sanitize', '~> 4.4'
+gem 'sidekiq', '~> 5.0'
+gem 'sidekiq-scheduler', '~> 2.1'
+gem 'sidekiq-unique-jobs', '~> 5.0'
+gem 'simple-navigation', '~> 4.0'
+gem 'simple_form', '~> 3.4'
+gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie'
+gem 'statsd-instrument', '~> 2.1'
+gem 'twitter-text', '~> 1.14'
+gem 'tzinfo-data', '~> 1.2017'
+gem 'webpacker', '~> 1.2'
 
 group :development, :test do
-  gem 'rspec-rails'
-  gem 'pry-rails'
-  gem 'fuubar'
-  gem 'fabrication'
-  gem 'i18n-tasks', '~> 0.9.6'
+  gem 'fabrication', '~> 2.16'
+  gem 'fuubar', '~> 2.2'
+  gem 'i18n-tasks', '~> 0.9', require: false
+  gem 'pry-rails', '~> 0.3'
+  gem 'rspec-rails', '~> 3.6'
 end
 
 group :test do
-  gem 'faker'
-  gem 'rspec-sidekiq'
-  gem 'simplecov', require: false
-  gem 'webmock'
+  gem 'capybara', '~> 2.14'
+  gem 'faker', '~> 1.7'
+  gem 'microformats2', '~> 3.0'
+  gem 'rails-controller-testing', '~> 1.0'
+  gem 'rspec-sidekiq', '~> 3.0'
+  gem 'simplecov', '~> 0.14', require: false
+  gem 'webmock', '~> 3.0'
+  gem 'parallel_tests', '~> 2.14'
 end
 
 group :development do
-  gem 'rubocop', require: false
-  gem 'better_errors'
-  gem 'binding_of_caller'
-  gem 'letter_opener'
-  gem 'letter_opener_web'
-  gem 'bullet'
-  gem 'active_record_query_trace'
+  gem 'active_record_query_trace', '~> 1.5'
+  gem 'annotate', '~> 2.7'
+  gem 'better_errors', '~> 2.1'
+  gem 'binding_of_caller', '~> 0.7'
+  gem 'bullet', '~> 5.5'
+  gem 'letter_opener', '~> 1.4'
+  gem 'letter_opener_web', '~> 1.3'
+  gem 'rubocop', '~> 0.48', require: false
+  gem 'brakeman', '~> 3.6', require: false
+  gem 'bundler-audit', '~> 0.5', require: false
+  gem 'scss_lint', '~> 0.53', require: false
 
-  gem 'capistrano'
-  gem 'capistrano-rails'
-  gem 'capistrano-rbenv'
-  gem 'capistrano-yarn'
-  gem 'capistrano-faster-assets', '~> 1.0'
+  gem 'capistrano', '~> 3.8'
+  gem 'capistrano-rails', '~> 1.2'
+  gem 'capistrano-rbenv', '~> 2.1'
+  gem 'capistrano-yarn', '~> 2.0'
 end
 
 group :production do
-  gem 'rails_12factor'
-  gem 'redis-rails'
-  gem 'lograge'
+  gem 'lograge', '~> 0.5'
+  gem 'redis-rails', '~> 5.0'
 end

Gemfile.lock

@@ -1,128 +1,123 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.0.2)
-      actionpack (= 5.0.2)
+    actioncable (5.0.3)
+      actionpack (= 5.0.3)
       nio4r (>= 1.2, < 3.0)
       websocket-driver (~> 0.6.1)
-    actionmailer (5.0.2)
-      actionpack (= 5.0.2)
-      actionview (= 5.0.2)
-      activejob (= 5.0.2)
+    actionmailer (5.0.3)
+      actionpack (= 5.0.3)
+      actionview (= 5.0.3)
+      activejob (= 5.0.3)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.0.2)
-      actionview (= 5.0.2)
-      activesupport (= 5.0.2)
+    actionpack (5.0.3)
+      actionview (= 5.0.3)
+      activesupport (= 5.0.3)
       rack (~> 2.0)
       rack-test (~> 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.0.2)
-      activesupport (= 5.0.2)
+    actionview (5.0.3)
+      activesupport (= 5.0.3)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    active_record_query_trace (1.5.3)
-    activejob (5.0.2)
-      activesupport (= 5.0.2)
+    active_record_query_trace (1.5.4)
+    activejob (5.0.3)
+      activesupport (= 5.0.3)
       globalid (>= 0.3.6)
-    activemodel (5.0.2)
-      activesupport (= 5.0.2)
-    activerecord (5.0.2)
-      activemodel (= 5.0.2)
-      activesupport (= 5.0.2)
+    activemodel (5.0.3)
+      activesupport (= 5.0.3)
+    activerecord (5.0.3)
+      activemodel (= 5.0.3)
+      activesupport (= 5.0.3)
       arel (~> 7.0)
-    activesupport (5.0.2)
+    activesupport (5.0.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (~> 0.7)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    addressable (2.5.0)
+    addressable (2.5.1)
       public_suffix (~> 2.0, >= 2.0.2)
-    airbrussh (1.1.2)
+    airbrussh (1.2.0)
       sshkit (>= 1.6.1, != 1.7.0)
+    annotate (2.7.1)
+      activerecord (>= 3.2, < 6.0)
+      rake (>= 10.4, < 12.0)
     arel (7.1.4)
     ast (2.3.0)
     attr_encrypted (3.0.3)
       encryptor (~> 3.0.0)
-    autoprefixer-rails (6.5.0.2)
-      execjs
     av (0.9.0)
       cocaine (~> 0.5.3)
-    aws-sdk (2.6.28)
-      aws-sdk-resources (= 2.6.28)
-    aws-sdk-core (2.6.28)
+    aws-sdk (2.9.21)
+      aws-sdk-resources (= 2.9.21)
+    aws-sdk-core (2.9.21)
       aws-sigv4 (~> 1.0)
       jmespath (~> 1.0)
-    aws-sdk-resources (2.6.28)
-      aws-sdk-core (= 2.6.28)
+    aws-sdk-resources (2.9.21)
+      aws-sdk-core (= 2.9.21)
     aws-sigv4 (1.0.0)
-    babel-source (5.8.35)
-    babel-transpiler (0.7.0)
-      babel-source (>= 4.0, < 6)
-      execjs (~> 2.0)
     bcrypt (3.1.11)
-    best_in_place (3.0.3)
-      actionpack (>= 3.2)
-      railties (>= 3.2)
     better_errors (2.1.1)
       coderay (>= 1.0.0)
       erubis (>= 2.6.6)
       rack (>= 0.9.0)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
-    browserify-rails (4.1.0)
-      addressable (>= 2.4.0)
-      railties (>= 4.0.0, < 5.1)
-      sprockets (>= 3.6.0)
+    bootsnap (0.2.14)
+      msgpack (~> 1.0)
+    brakeman (3.6.1)
     builder (3.2.3)
-    bullet (5.3.0)
+    bullet (5.5.1)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.10.0)
-    capistrano (3.7.2)
+    bundler-audit (0.5.0)
+      bundler (~> 1.2)
+      thor (~> 0.18)
+    capistrano (3.8.1)
       airbrussh (>= 1.0.0)
-      capistrano-harrow
       i18n
       rake (>= 10.0.0)
       sshkit (>= 1.9.0)
     capistrano-bundler (1.2.0)
       capistrano (~> 3.1)
       sshkit (~> 1.2)
-    capistrano-faster-assets (1.0.2)
-      capistrano (>= 3.1)
-    capistrano-harrow (0.5.3)
-    capistrano-rails (1.2.2)
+    capistrano-rails (1.2.3)
       capistrano (~> 3.1)
       capistrano-bundler (~> 1.1)
-    capistrano-rbenv (2.1.0)
+    capistrano-rbenv (2.1.1)
       capistrano (~> 3.1)
       sshkit (~> 1.3)
     capistrano-yarn (2.0.2)
       capistrano (~> 3.0)
+    capybara (2.14.0)
+      addressable
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (~> 2.0)
     chunky_png (1.3.8)
-    climate_control (0.1.0)
+    cld3 (3.1.2)
+      ffi (>= 1.1.0, < 1.10.0)
+    climate_control (0.2.0)
     cocaine (0.5.8)
       climate_control (>= 0.0.3, < 1.0)
     coderay (1.1.1)
-    coffee-rails (4.1.1)
-      coffee-script (>= 2.2.0)
-      railties (>= 4.0.0, < 5.1.x)
-    coffee-script (2.4.1)
-      coffee-script-source
-      execjs
-    coffee-script-source (1.12.2)
     colorize (0.8.1)
     concurrent-ruby (1.0.5)
     connection_pool (2.2.1)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
-    debug_inspector (0.0.2)
-    devise (4.2.0)
+    crass (1.0.2)
+    debug_inspector (0.0.3)
+    devise (4.3.0)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.1)
+      railties (>= 4.1.0, < 5.2)
       responders
       warden (~> 1.2.3)
     devise-two-factor (3.0.0)
@@ -131,64 +126,67 @@ GEM
       devise (~> 4.0)
       railties
       rotp (~> 2.0)
-    diff-lcs (1.2.5)
+    diff-lcs (1.3)
     docile (1.1.5)
-    domain_name (0.5.20161129)
+    domain_name (0.5.20170404)
       unf (>= 0.0.5, < 1.0.0)
-    doorkeeper (4.2.0)
+    doorkeeper (4.2.5)
       railties (>= 4.2)
-    dotenv (2.1.1)
-    dotenv-rails (2.1.1)
-      dotenv (= 2.1.1)
-      railties (>= 4.0, < 5.1)
+    dotenv (2.2.1)
+    dotenv-rails (2.2.1)
+      dotenv (= 2.2.1)
+      railties (>= 3.2, < 5.2)
     easy_translate (0.5.0)
       json
       thread
       thread_safe
     encryptor (3.0.0)
     erubis (2.7.0)
+    et-orbi (1.0.4)
+      tzinfo
     execjs (2.7.0)
-    fabrication (2.15.2)
-    faker (1.6.6)
+    fabrication (2.16.1)
+    faker (1.7.3)
       i18n (~> 0.5)
     fast_blank (1.0.0)
-    font-awesome-rails (4.6.3.1)
-      railties (>= 3.2, < 5.1)
-    fuubar (2.1.1)
-      rspec (~> 3.0)
+    ffi (1.9.18)
+    fuubar (2.2.0)
+      rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
-    globalid (0.3.7)
-      activesupport (>= 4.1.0)
-    goldfinger (1.1.2)
+    globalid (0.4.0)
+      activesupport (>= 4.2.0)
+    goldfinger (1.2.0)
       addressable (~> 2.4)
       http (~> 2.0)
       nokogiri (~> 1.6)
-    hamlit (2.7.2)
-      temple (~> 0.7.6)
+    hamlit (2.8.1)
+      temple (>= 0.8.0)
       thor
       tilt
-    hamlit-rails (0.1.0)
+    hamlit-rails (0.2.0)
       actionpack (>= 4.0.1)
       activesupport (>= 4.0.1)
       hamlit (>= 1.2.0)
       railties (>= 4.0.1)
-    hashdiff (0.3.0)
+    hashdiff (0.3.4)
     highline (1.7.8)
     hiredis (0.6.1)
     htmlentities (4.3.4)
-    http (2.1.0)
+    http (2.2.2)
       addressable (~> 2.3)
       http-cookie (~> 1.0)
       http-form_data (~> 1.0.1)
       http_parser.rb (~> 0.6.0)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    http-form_data (1.0.1)
+    http-form_data (1.0.3)
+    http_accept_language (2.1.0)
     http_parser.rb (0.6.0)
-    httplog (0.3.2)
+    httplog (0.99.3)
       colorize
+      rack
     i18n (0.8.1)
-    i18n-tasks (0.9.6)
+    i18n-tasks (0.9.15)
       activesupport (>= 4.0.2)
       ast (>= 2.1.0)
       easy_translate (>= 0.5.0)
@@ -196,51 +194,68 @@ GEM
       highline (>= 1.7.3)
       i18n
       parser (>= 2.2.3.0)
-      term-ansicolor (>= 1.3.2)
+      rainbow (~> 2.2)
       terminal-table (>= 1.5.1)
     jmespath (1.3.1)
-    jquery-rails (4.1.1)
-      rails-dom-testing (>= 1, < 3)
-      railties (>= 4.2.0)
-      thor (>= 0.14, < 2.0)
-    json (1.8.3)
+    json (2.1.0)
+    kaminari (1.0.1)
+      activesupport (>= 4.1.0)
+      kaminari-actionview (= 1.0.1)
+      kaminari-activerecord (= 1.0.1)
+      kaminari-core (= 1.0.1)
+    kaminari-actionview (1.0.1)
+      actionview
+      kaminari-core (= 1.0.1)
+    kaminari-activerecord (1.0.1)
+      activerecord
+      kaminari-core (= 1.0.1)
+    kaminari-core (1.0.1)
     launchy (2.4.3)
       addressable (~> 2.3)
     letter_opener (1.4.1)
       launchy (~> 2.2)
-    letter_opener_web (1.3.0)
+    letter_opener_web (1.3.1)
       actionmailer (>= 3.2)
       letter_opener (~> 1.0)
       railties (>= 3.2)
     link_header (0.0.8)
-    lograge (0.4.1)
-      actionpack (>= 4, < 5.1)
-      activesupport (>= 4, < 5.1)
-      railties (>= 4, < 5.1)
+    lograge (0.5.1)
+      actionpack (>= 4, < 5.2)
+      activesupport (>= 4, < 5.2)
+      railties (>= 4, < 5.2)
     loofah (2.0.3)
       nokogiri (>= 1.5.9)
-    mail (2.6.4)
+    mail (2.6.5)
       mime-types (>= 1.16, < 4)
     method_source (0.8.2)
+    microformats2 (3.1.0)
+      json
+      nokogiri
     mime-types (3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
     mimemagic (0.3.2)
     mini_portile2 (2.1.0)
-    minitest (5.10.1)
+    minitest (5.10.2)
+    msgpack (1.1.0)
+    multi_json (1.12.1)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
-    net-ssh (4.0.1)
+    net-ssh (4.1.0)
     nio4r (2.0.0)
-    nokogiri (1.7.1)
+    nokogiri (1.7.2)
       mini_portile2 (~> 2.1.0)
-    oj (2.17.3)
+    nokogumbo (1.4.11)
+      nokogiri
+    oj (3.0.9)
+    openssl (2.0.3)
     orm_adapter (0.5.0)
-    ostatus2 (1.0.2)
+    ostatus2 (2.0.0)
       addressable (~> 2.4)
       http (~> 2.0)
       nokogiri (~> 1.6)
-    ox (2.4.11)
+      openssl (~> 2.0)
+    ox (2.5.0)
     paperclip (5.1.0)
       activemodel (>= 4.2.0)
       activesupport (>= 4.2.0)
@@ -250,150 +265,157 @@ GEM
     paperclip-av-transcoder (0.6.4)
       av (~> 0.9.0)
       paperclip (>= 2.5.2)
-    parser (2.3.1.2)
+    parallel (1.11.2)
+    parallel_tests (2.14.1)
+      parallel
+    parser (2.4.0.0)
       ast (~> 2.2)
-    pg (0.18.4)
-    pghero (1.6.2)
+    pg (0.20.0)
+    pghero (1.7.0)
       activerecord
+    pkg-config (1.2.0)
     powerpack (0.1.1)
     pry (0.10.4)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
-    pry-rails (0.3.4)
-      pry (>= 0.9.10)
-    public_suffix (2.0.4)
-    puma (3.6.0)
+    pry-rails (0.3.6)
+      pry (>= 0.10.4)
+    public_suffix (2.0.5)
+    puma (3.8.2)
     rabl (0.13.1)
       activesupport (>= 2.3.14)
-    rack (2.0.1)
+    rack (2.0.3)
     rack-attack (5.0.1)
       rack
-    rack-cors (0.4.0)
-    rack-protection (1.5.3)
+    rack-cors (0.4.1)
+    rack-protection (2.0.0)
       rack
     rack-test (0.6.3)
       rack (>= 1.0)
     rack-timeout (0.4.2)
-    rails (5.0.2)
-      actioncable (= 5.0.2)
-      actionmailer (= 5.0.2)
-      actionpack (= 5.0.2)
-      actionview (= 5.0.2)
-      activejob (= 5.0.2)
-      activemodel (= 5.0.2)
-      activerecord (= 5.0.2)
-      activesupport (= 5.0.2)
+    rails (5.0.3)
+      actioncable (= 5.0.3)
+      actionmailer (= 5.0.3)
+      actionpack (= 5.0.3)
+      actionview (= 5.0.3)
+      activejob (= 5.0.3)
+      activemodel (= 5.0.3)
+      activerecord (= 5.0.3)
+      activesupport (= 5.0.3)
       bundler (>= 1.3.0, < 2.0)
-      railties (= 5.0.2)
+      railties (= 5.0.3)
       sprockets-rails (>= 2.0.0)
-    rails-dom-testing (2.0.2)
-      activesupport (>= 4.2.0, < 6.0)
-      nokogiri (~> 1.6)
+    rails-controller-testing (1.0.2)
+      actionpack (~> 5.x, >= 5.0.1)
+      actionview (~> 5.x, >= 5.0.1)
+      activesupport (~> 5.x)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
+    rails-i18n (5.0.4)
+      i18n (~> 0.7)
+      railties (~> 5.0)
     rails-settings-cached (0.6.5)
       rails (>= 4.2.0)
-    rails_12factor (0.0.3)
-      rails_serve_static_assets
-      rails_stdout_logging
-    rails_serve_static_assets (0.0.5)
-    rails_stdout_logging (0.0.5)
-    railties (5.0.2)
-      actionpack (= 5.0.2)
-      activesupport (= 5.0.2)
+    railties (5.0.3)
+      actionpack (= 5.0.3)
+      activesupport (= 5.0.3)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rainbow (2.1.0)
-    rake (12.0.0)
-    react-rails (1.10.0)
-      babel-transpiler (>= 0.7.0)
-      coffee-script-source (~> 1.8)
-      connection_pool
-      execjs
-      railties (>= 3.2)
-      tilt
-    redis (3.3.2)
-    redis-actionpack (5.0.0)
-      actionpack (>= 4.0.0, < 6)
-      redis-rack (~> 2.0.0.pre)
-      redis-store (~> 1.2.0.pre)
-    redis-activesupport (5.0.1)
+    rainbow (2.2.2)
+      rake
+    rake (11.3.0)
+    redis (3.3.3)
+    redis-actionpack (5.0.1)
+      actionpack (>= 4.0, < 6)
+      redis-rack (>= 1, < 3)
+      redis-store (>= 1.1.0, < 1.4.0)
+    redis-activesupport (5.0.2)
       activesupport (>= 3, < 6)
-      redis-store (~> 1.2.0)
-    redis-rack (2.0.0)
-      rack (~> 2.0)
-      redis-store (~> 1.2.0)
-    redis-rails (5.0.1)
-      redis-actionpack (~> 5.0.0)
-      redis-activesupport (~> 5.0.0)
-      redis-store (~> 1.2.0)
-    redis-store (1.2.0)
+      redis-store (~> 1.3.0)
+    redis-namespace (1.5.3)
+      redis (~> 3.0, >= 3.0.4)
+    redis-rack (2.0.2)
+      rack (>= 1.5, < 3)
+      redis-store (>= 1.2, < 1.4)
+    redis-rails (5.0.2)
+      redis-actionpack (>= 5.0, < 6)
+      redis-activesupport (>= 5.0, < 6)
+      redis-store (>= 1.2, < 2)
+    redis-store (1.3.0)
       redis (>= 2.2)
-    responders (2.3.0)
-      railties (>= 4.2.0, < 5.1)
+    responders (2.4.0)
+      actionpack (>= 4.2.0, < 5.3)
+      railties (>= 4.2.0, < 5.3)
     rotp (2.1.2)
     rqrcode (0.10.1)
       chunky_png (~> 1.0)
-    rspec (3.5.0)
-      rspec-core (~> 3.5.0)
-      rspec-expectations (~> 3.5.0)
-      rspec-mocks (~> 3.5.0)
-    rspec-core (3.5.2)
-      rspec-support (~> 3.5.0)
-    rspec-expectations (3.5.0)
+    rspec-core (3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-expectations (3.6.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.5.0)
-    rspec-mocks (3.5.0)
+      rspec-support (~> 3.6.0)
+    rspec-mocks (3.6.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.5.0)
-    rspec-rails (3.5.1)
+      rspec-support (~> 3.6.0)
+    rspec-rails (3.6.0)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 3.5.0)
-      rspec-expectations (~> 3.5.0)
-      rspec-mocks (~> 3.5.0)
-      rspec-support (~> 3.5.0)
-    rspec-sidekiq (2.2.0)
-      rspec (~> 3.0, >= 3.0.0)
+      rspec-core (~> 3.6.0)
+      rspec-expectations (~> 3.6.0)
+      rspec-mocks (~> 3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-sidekiq (3.0.1)
+      rspec-core (~> 3.0, >= 3.0.0)
       sidekiq (>= 2.4.0)
-    rspec-support (3.5.0)
-    rubocop (0.42.0)
-      parser (>= 2.3.1.1, < 3.0)
+    rspec-support (3.6.0)
+    rubocop (0.48.1)
+      parser (>= 2.3.3.1, < 3.0)
       powerpack (~> 0.1)
       rainbow (>= 1.99.1, < 3.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (~> 1.0, >= 1.0.1)
-    ruby-oembed (0.10.1)
+    ruby-oembed (0.12.0)
     ruby-progressbar (1.8.1)
+    rufus-scheduler (3.4.0)
+      et-orbi (~> 1.0)
     safe_yaml (1.0.4)
-    sass (3.4.22)
-    sass-rails (5.0.6)
-      railties (>= 4.0.0, < 6)
-      sass (~> 3.1)
-      sprockets (>= 2.8, < 4.0)
-      sprockets-rails (>= 2.0, < 4.0)
-      tilt (>= 1.1, < 3)
-    sidekiq (4.2.7)
+    sanitize (4.4.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.4.4)
+      nokogumbo (~> 1.4.1)
+    sass (3.4.24)
+    scss_lint (0.53.0)
+      rake (>= 0.9, < 13)
+      sass (~> 3.4.20)
+    sidekiq (5.0.0)
       concurrent-ruby (~> 1.0)
       connection_pool (~> 2.2, >= 2.2.0)
       rack-protection (>= 1.5.0)
-      redis (~> 3.2, >= 3.2.1)
-    sidekiq-unique-jobs (4.0.18)
-      sidekiq (>= 2.6)
-      thor
-    simple-navigation (4.0.3)
+      redis (~> 3.3, >= 3.3.3)
+    sidekiq-scheduler (2.1.4)
+      redis (~> 3)
+      rufus-scheduler (~> 3.2)
+      sidekiq (>= 3)
+      tilt (>= 1.4.0)
+    sidekiq-unique-jobs (5.0.8)
+      sidekiq (>= 4.0, <= 6.0)
+      thor (~> 0)
+    simple-navigation (4.0.5)
       activesupport (>= 2.3.2)
-    simple_form (3.2.1)
-      actionpack (> 4, < 5.1)
-      activemodel (> 4, < 5.1)
-    simplecov (0.12.0)
+    simple_form (3.5.0)
+      actionpack (> 4, < 5.2)
+      activemodel (> 4, < 5.2)
+    simplecov (0.14.1)
       docile (~> 1.1.0)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.0)
+    simplecov-html (0.10.1)
     slop (3.6.0)
     sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
@@ -402,124 +424,134 @@ GEM
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    sshkit (1.11.5)
+    sshkit (1.13.1)
       net-scp (>= 1.1.2)
       net-ssh (>= 2.8.0)
     statsd-instrument (2.1.2)
-    temple (0.7.7)
-    term-ansicolor (1.4.0)
-      tins (~> 1.0)
-    terminal-table (1.7.0)
-      unicode-display_width (~> 1.1)
+    temple (0.8.0)
+    terminal-table (1.8.0)
+      unicode-display_width (~> 1.1, >= 1.1.1)
     thor (0.19.4)
     thread (0.2.2)
     thread_safe (0.3.6)
-    tilt (2.0.6)
-    tins (1.12.0)
+    tilt (2.0.7)
     twitter-text (1.14.5)
       unf (~> 0.1.0)
-    tzinfo (1.2.2)
+    tzinfo (1.2.3)
       thread_safe (~> 0.1)
     tzinfo-data (1.2017.2)
       tzinfo (>= 1.0.0)
-    uglifier (3.0.1)
+    uglifier (3.2.0)
       execjs (>= 0.3.0, < 3)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.2)
-    unicode-display_width (1.1.0)
+    unf_ext (0.0.7.4)
+    unicode-display_width (1.2.1)
     uniform_notifier (1.10.0)
-    warden (1.2.6)
+    warden (1.2.7)
       rack (>= 1.0)
-    webmock (2.1.0)
+    webmock (3.0.1)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff
+    webpacker (1.2)
+      activesupport (>= 4.2)
+      multi_json (~> 1.2)
+      railties (>= 4.2)
     websocket-driver (0.6.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.2)
-    will_paginate (3.1.0)
+    xpath (2.0.0)
+      nokogiri (~> 1.3)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  active_record_query_trace
-  addressable
-  autoprefixer-rails
-  aws-sdk (>= 2.0)
-  best_in_place (~> 3.0.1)
-  better_errors
-  binding_of_caller
-  browserify-rails
-  bullet
-  capistrano
-  capistrano-faster-assets (~> 1.0)
-  capistrano-rails
-  capistrano-rbenv
-  capistrano-yarn
-  coffee-rails (~> 4.1.0)
-  devise
-  devise-two-factor
-  doorkeeper
-  dotenv-rails
-  fabrication
-  faker
-  fast_blank
-  font-awesome-rails
-  fuubar
-  goldfinger
-  hamlit-rails
-  hiredis
-  htmlentities
-  http
-  httplog
-  i18n-tasks (~> 0.9.6)
-  jquery-rails
-  letter_opener
-  letter_opener_web
-  link_header
-  lograge
-  nokogiri
-  oj
-  ostatus2
-  ox
+  active_record_query_trace (~> 1.5)
+  addressable (~> 2.5)
+  annotate (~> 2.7)
+  aws-sdk (~> 2.9)
+  better_errors (~> 2.1)
+  binding_of_caller (~> 0.7)
+  bootsnap
+  brakeman (~> 3.6)
+  bullet (~> 5.5)
+  bundler-audit (~> 0.5)
+  capistrano (~> 3.8)
+  capistrano-rails (~> 1.2)
+  capistrano-rbenv (~> 2.1)
+  capistrano-yarn (~> 2.0)
+  capybara (~> 2.14)
+  cld3 (~> 3.1)
+  devise (~> 4.2)
+  devise-two-factor (~> 3.0)
+  doorkeeper (~> 4.2)
+  dotenv-rails (~> 2.2)
+  fabrication (~> 2.16)
+  faker (~> 1.7)
+  fast_blank (~> 1.0)
+  fuubar (~> 2.2)
+  goldfinger (~> 1.2)
+  hamlit-rails (~> 0.2)
+  hiredis (~> 0.6)
+  htmlentities (~> 4.3)
+  http (~> 2.2)
+  http_accept_language (~> 2.1)
+  httplog (~> 0.99)
+  i18n-tasks (~> 0.9)
+  kaminari (~> 1.0)
+  letter_opener (~> 1.4)
+  letter_opener_web (~> 1.3)
+  link_header (~> 0.0)
+  lograge (~> 0.5)
+  microformats2 (~> 3.0)
+  nokogiri (~> 1.7)
+  oj (~> 3.0)
+  ostatus2 (~> 2.0)
+  ox (~> 2.5)
   paperclip (~> 5.1)
-  paperclip-av-transcoder
-  pg
-  pghero
-  pry-rails
-  puma
-  rabl
-  rack-attack
-  rack-cors
-  rack-timeout
-  rails (~> 5.0.2)
-  rails-settings-cached
-  rails_12factor
-  react-rails
-  redis (~> 3.2)
-  redis-rails
-  rqrcode
-  rspec-rails
-  rspec-sidekiq
-  rubocop
-  ruby-oembed
-  sass-rails (~> 5.0)
-  sidekiq
-  sidekiq-unique-jobs
-  simple-navigation
-  simple_form
-  simplecov
-  statsd-instrument
-  twitter-text
-  tzinfo-data
-  uglifier (>= 1.3.0)
-  webmock
-  will_paginate
+  paperclip-av-transcoder (~> 0.6)
+  parallel_tests (~> 2.14)
+  pg (~> 0.20)
+  pghero (~> 1.7)
+  pkg-config (~> 1.2)
+  pry-rails (~> 0.3)
+  puma (~> 3.8)
+  rabl (~> 0.13)
+  rack-attack (~> 5.0)
+  rack-cors (~> 0.4)
+  rack-timeout (~> 0.4)
+  rails (~> 5.0)
+  rails-controller-testing (~> 1.0)
+  rails-i18n (~> 5.0)
+  rails-settings-cached (~> 0.6)
+  redis (~> 3.3)
+  redis-namespace (~> 1.5)
+  redis-rails (~> 5.0)
+  rqrcode (~> 0.10)
+  rspec-rails (~> 3.6)
+  rspec-sidekiq (~> 3.0)
+  rubocop (~> 0.48)
+  ruby-oembed (~> 0.12)
+  sanitize (~> 4.4)
+  scss_lint (~> 0.53)
+  sidekiq (~> 5.0)
+  sidekiq-scheduler (~> 2.1)
+  sidekiq-unique-jobs (~> 5.0)
+  simple-navigation (~> 4.0)
+  simple_form (~> 3.4)
+  simplecov (~> 0.14)
+  sprockets-rails (~> 3.2)
+  statsd-instrument (~> 2.1)
+  twitter-text (~> 1.14)
+  tzinfo-data (~> 1.2017)
+  uglifier (~> 3.2)
+  webmock (~> 3.0)
+  webpacker (~> 1.2)
 
 RUBY VERSION
-   ruby 2.3.1p112
+   ruby 2.4.1p111
 
 BUNDLED WITH
-   1.14.3
+   1.14.6

ISSUE_TEMPLATE.md

@@ -3,3 +3,4 @@
 * * * *
 
 - [ ] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
+- [ ] This bug happens on a [tagged release](https://github.com/tootsuite/mastodon/releases) and not on `master` (If you're a user, don't worry about this).

Procfile

@@ -1,2 +1,2 @@
 web: bundle exec puma -C config/puma.rb
-worker: bundle exec sidekiq -q default -q push -q pull -q mailers
+worker: bundle exec sidekiq

Procfile.dev

@@ -0,0 +1,4 @@
+web: PORT=3000 bundle exec puma -C config/puma.rb
+sidekiq: PORT=3000 bundle exec sidekiq
+stream: PORT=4000 yarn run start
+webpack: ./bin/webpack-dev-server --host 0.0.0.0

README.md

@@ -9,15 +9,15 @@ Mastodon
 
 Mastodon is a free, open-source social network server. A decentralized solution to commercial platforms, it avoids the risks of a single company monopolizing your communication. Anyone can run Mastodon and participate in the social network seamlessly.
 
-An alternative implementation of the GNU social project. Based on ActivityStreams, Webfinger, PubsubHubbub and Salmon.
+An alternative implementation of the GNU social project. Based on [ActivityStreams](https://en.wikipedia.org/wiki/Activity_Streams_(format)), [Webfinger](https://en.wikipedia.org/wiki/WebFinger), [PubsubHubbub](https://en.wikipedia.org/wiki/PubSubHubbub) and [Salmon](https://en.wikipedia.org/wiki/Salmon_(protocol)).
 
 Click on the screenshot to watch a demo of the UI:
 
-[![Screenshot](https://i.imgur.com/T2q5V65.png)][youtube_demo]
+[![Screenshot](http://puu.sh/vMcvm/290f459dd4.jpg)][youtube_demo]
 
 [youtube_demo]: https://www.youtube.com/watch?v=YO1jQ8_rAMU
 
-Focus of the project on a clean REST API and a good user interface. Ruby on Rails is used for the back-end, while React.js and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided.
+The project focus is a clean REST API and a good user interface. Ruby on Rails is used for the back-end, while React.js and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided.
 
 If you would like, you can [support the development of this project on Patreon][patreon]. Alternatively, you can donate to this BTC address: `17j2g7vpgHhLuXhN4bueZFCvdxxieyRVWd`
 
@@ -25,11 +25,11 @@ If you would like, you can [support the development of this project on Patreon][
 
 ## Resources
 
-- [List of Mastodon instances](docs/Using-Mastodon/List-of-Mastodon-instances.md)
+- [List of Mastodon instances](https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/List-of-Mastodon-instances.md)
 - [Use this tool to find Twitter friends on Mastodon](https://mastodon-bridge.herokuapp.com)
-- [API overview](docs/Using-the-API/API.md)
-- [Frequently Asked Questions](docs/Using-Mastodon/FAQ.md)
-- [List of apps](docs/Using-Mastodon/Apps.md)
+- [API overview](https://github.com/tootsuite/documentation/blob/master/Using-the-API/API.md)
+- [Frequently Asked Questions](https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/FAQ.md)
+- [List of apps](https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/Apps.md)
 
 ## Features
 
@@ -47,95 +47,14 @@ If you would like, you can [support the development of this project on Patreon][
   Mastodon tries to be as fast and responsive as possible, so all long-running tasks that can be delegated to background processing, are
 - **Deployable via Docker**
   You don't need to mess with dependencies and configuration if you want to try Mastodon, if you have Docker and Docker Compose the deployment is extremely easy
+  
+## Development
 
-## Configuration
+Please follow the [development guide](https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Development-guide.md) from the documentation repository.
 
-- `LOCAL_DOMAIN` should be the domain/hostname of your instance. This is **absolutely required** as it is used for generating unique IDs for everything federation-related
-- `LOCAL_HTTPS` set it to `true` if HTTPS works on your website. This is used to generate canonical URLs, which is also important when generating and parsing federation-related IDs
+## Deployment
 
-Consult the example configuration file, `.env.production.sample` for the full list. Among other things you need to set details for the SMTP server you are going to use.
-
-## Requirements
-
-- Ruby
-- Node.js
-- PostgreSQL
-- Redis
-- Nginx
-
-## Running with Docker and Docker-Compose
-
-[![](https://images.microbadger.com/badges/version/gargron/mastodon.svg)](https://microbadger.com/images/gargron/mastodon "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/gargron/mastodon.svg)](https://microbadger.com/images/gargron/mastodon "Get your own image badge on microbadger.com")
-
-The project now includes a `Dockerfile` and a `docker-compose.yml`. You need to turn `.env.production.sample` into `.env.production` with all the variables set before you can:
-
-    docker-compose build
-
-And finally
-
-    docker-compose up -d
-
-As usual, the first thing you would need to do would be to run migrations:
-
-    docker-compose run --rm web rails db:migrate
-
-And since the instance running in the container will be running in production mode, you need to pre-compile assets:
-
-    docker-compose run --rm web rails assets:precompile
-
-The container has two volumes, for the assets and for user uploads. The default docker-compose.yml maps them to the repository's `public/assets` and `public/system` directories, you may wish to put them somewhere else. Likewise, the PostgreSQL and Redis images have data containers that you may wish to map somewhere where you know how to find them and back them up.
-
-**Note**: The `--rm` option for docker-compose will remove the container that is created to run a one-off command after it completes. As data is stored in volumes it is not affected by that container clean-up.
-
-### Tasks
-
-- `rake mastodon:media:clear` removes uploads that have not been attached to any status after a while, you would want to run this from a periodic cronjob
-- `rake mastodon:push:clear` unsubscribes from PuSH notifications for remote users that have no local followers. You may not want to actually do that, to keep a fuller footprint of the fediverse or in case your users will soon re-follow
-- `rake mastodon:push:refresh` re-subscribes PuSH for expiring remote users, this should be run periodically from a cronjob and quite often as the expiration time depends on the particular hub of the remote user
-- `rake mastodon:feeds:clear_all` removes all timelines, which forces them to be re-built on the fly next time a user tries to fetch their home/mentions timeline. Only for troubleshooting
-- `rake mastodon:feeds:clear` removes timelines of users who haven't signed in lately, which allows to save RAM and improve message distribution. This is required to be run periodically so that when they login again the regeneration process will trigger
-
-Running any of these tasks via docker-compose would look like this:
-
-    docker-compose run --rm web rake mastodon:media:clear
-
-### Updating
-
-This approach makes updating to the latest version a real breeze.
-
-    git pull
-
-To pull down the updates, re-run
-
-    docker-compose build
-
-And finally,
-
-    docker-compose up -d
-
-Which will re-create the updated containers, leaving databases and data as is. Depending on what files have been updated, you might need to re-run migrations and asset compilation.
-
-## Deployment without Docker
-
-Docker is great for quickly trying out software, but it has its drawbacks too. If you prefer to run Mastodon without using Docker, refer to the [production guide](docs/Running-Mastodon/Production-guide.md) for examples, configuration and instructions.
-
-## Deployment on Scalingo
-
-[![Deploy on Scalingo](https://cdn.scalingo.com/deploy/button.svg)](https://my.scalingo.com/deploy?source=https://github.com/tootsuite/mastodon#master)
-
-[You can view a guide for deployment on Scalingo here.](docs/Running-Mastodon/Scalingo-guide.md)
-
-## Deployment on Heroku (experimental)
-
-[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
-
-Mastodon can theoretically run indefinitely on a free [Heroku](https://heroku.com) app. [You can view a guide for deployment on Heroku here.](docs/Running-Mastodon/Heroku-guide.md)
-
-## Development with Vagrant
-
-A quick way to get a development environment up and running is with Vagrant. You will need recent versions of [Vagrant](https://www.vagrantup.com/) and [VirtualBox](https://www.virtualbox.org/) installed.
-
-[You can find the guide for setting up a Vagrant development environment here.](docs/Running-Mastodon/Vagrant-guide.md)
+There are guides in the documentation repository for [deploying on various platforms](https://github.com/tootsuite/documentation#running-mastodon).
 
 ## Contributing
 

Vagrantfile

@@ -1,6 +1,8 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :
 
+ENV["PORT"] ||= "3000"
+
 $provision = <<SCRIPT
 
 cd /vagrant # This is where the host folder/repo is mounted
@@ -10,10 +12,10 @@ curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 sudo apt-add-repository 'deb https://dl.yarnpkg.com/debian/ stable main'
 
 # Add repo for NodeJS
-curl -sL https://deb.nodesource.com/setup_4.x | sudo bash -
+curl -sL https://deb.nodesource.com/setup_6.x | sudo bash -
 
-# Add firewall rule to redirect 80 to 3000 and save
-sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000
+# Add firewall rule to redirect 80 to PORT and save
+sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port #{ENV["PORT"]}
 echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
 echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
 sudo apt-get install iptables-persistent -y
@@ -31,47 +33,40 @@ sudo apt-get install \
   redis-tools \
   postgresql \
   postgresql-contrib \
+  protobuf-compiler \
   yarn \
+  libprotobuf-dev \
   libreadline-dev \
   -y
 
-# Install rbenv
-git clone https://github.com/rbenv/rbenv.git ~/.rbenv
-cd ~/.rbenv && src/configure && make -C src
-echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
-echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
-
-git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
-
-export PATH="$HOME/.rbenv/bin::$PATH"
-eval "$(rbenv init -)"
-
-echo "Compiling Ruby 2.3.1: warning, this takes a while!!!"
-rbenv install 2.3.1
-rbenv global 2.3.1
-
-cd /vagrant
+# Install rvm
+read RUBY_VERSION < .ruby-version
+gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
+curl -sSL https://get.rvm.io | bash -s stable --ruby=$RUBY_VERSION
+source /home/vagrant/.rvm/scripts/rvm
 
 # Configure database
 sudo -u postgres createuser -U postgres vagrant -s
 sudo -u postgres createdb -U postgres mastodon_development
 
 # Install gems and node modules
-gem install bundler
+gem install bundler foreman
 bundle install
 yarn install
 
 # Build Mastodon
+export $(cat ".env.vagrant" | xargs)
 bundle exec rails db:setup
-bundle exec rails assets:precompile
+
+# Configure automatic loading of environment variable
+echo 'export $(cat "/vagrant/.env.vagrant" | xargs)' >> ~/.bash_profile
 
 SCRIPT
 
 $start = <<SCRIPT
 
-cd /vagrant
-export $(cat ".env.vagrant" | xargs)
-rails s -d -b 0.0.0.0
+echo 'To start server'
+echo '  $ vagrant ssh -c "cd /vagrant && foreman start"'
 
 SCRIPT
 
@@ -83,7 +78,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
 
   config.vm.provider :virtualbox do |vb|
     vb.name = "mastodon"
-    vb.customize ["modifyvm", :id, "--memory", "1024"]
+    vb.customize ["modifyvm", :id, "--memory", "2048"]
 
     # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
     # https://github.com/mitchellh/vagrant/issues/1172
@@ -107,10 +102,16 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
     config.hostsupdater.remove_on_suspend = false
   end
 
-  config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp']
+  if config.vm.networks.any? { |type, options| type == :private_network }
+    config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp']
+  else
+    config.vm.synced_folder ".", "/vagrant"
+  end
 
-  # Otherwise, you can access the site at http://localhost:3000
-  config.vm.network :forwarded_port, guest: 80, host: 3000
+  # Otherwise, you can access the site at http://localhost:3000 and http://localhost:4000 , http://localhost:8080
+  config.vm.network :forwarded_port, guest: 3000, host: 3000
+  config.vm.network :forwarded_port, guest: 4000, host: 4000
+  config.vm.network :forwarded_port, guest: 8080, host: 8080
 
   # Full provisioning script, only runs on first 'vagrant up' or with 'vagrant provision'
   config.vm.provision :shell, inline: $provision, privileged: false

app.json

@@ -26,6 +26,10 @@
       "description": "The secret key base",
       "generator": "secret"
     },
+    "OTP_SECRET": {
+      "description": "One-time password secret",
+      "generator": "secret"
+    },
     "SINGLE_USER_MODE": {
       "description": "Should the instance run in single user mode? (Disable registrations, redirect to front page)",
       "value": "false",
@@ -75,9 +79,24 @@
     "SMTP_FROM_ADDRESS": {
       "description": "Address to send emails from",
       "required": false
+    },
+    "SMTP_AUTH_METHOD": {
+      "description": "Authentication method to use with SMTP server. Default is 'plain'.",
+      "required": false
+    },
+    "SMTP_OPENSSL_VERIFY_MODE": {
+      "description": "SMTP server certificate verification mode. Defaults is 'peer'.",
+      "required": false
+    },
+    "SMTP_ENABLE_STARTTLS_AUTO": {
+      "description": "Enable STARTTLS if SMTP server supports it? Default is true.",
+      "required": false
     }
   },
   "buildpacks": [
+    {
+      "url": "https://github.com/heroku/heroku-buildpack-apt"
+    },
     {
       "url": "heroku/nodejs"
     },