Merge commit 'b1a584d252f4df4c2a1a9400d6588b4f36768216' into glitch-soc/merge-4.3

Conflicts:
- `app/lib/feed_manager.rb`:
  Not a real conflict, but glitch-soc has an extra `populate_direct_feed` method.
  Added upstream's code.
  In addition, upstream changed how notifications from follow subscriptions were
  handled, refactoring this file in the process.
  Ported upstream's changes.
- `app/services/precompute_feed_service.rb`:
  Not a real conflict, glitch-soc has extra code for the direct feed.
  Added upstream's new code for populating lists.
- `app/validators/poll_options_validator.rb`:
  Upstream split `PollValidator` in two, and glitch-soc had local changes to
  make the options configurable.
  Refactored as upstream did, keeping glitch-soc's configurable limits.
- `app/workers/feed_insert_worker.rb`:
  Upstream changed how notifications from follow subscriptions were handled,
  refactoring this file in the process.
  Conflict is due to glitch-soc having an extra timeline type (direct).
  Ported upstream's changes.

.env.production.sample

@@ -78,7 +78,7 @@ OTP_SECRET=
 # Must be available (and set to same values) for all server processes
 # These are private/secret values, do not share outside hosting environment
 # Use `bin/rails db:encryption:init` to generate fresh secrets
-# Do not change these secrets once in use, as this would cause data loss and other issues
+# Do NOT change these secrets once in use, as this would cause data loss and other issues
 # ------------------
 # ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=
 # ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=