Cascade mute/block destruction to notes (#193)

Some database systems can make better use of an index if the index
columns are ordered left-to-right in increasing specificity.  I'm not
sure if Postgres is one of those databases, but it also makes sense to
me to read an index as "ordered by type and then ID".

.babelrc

@@ -4,7 +4,6 @@
     [
       "env",
       {
-        "exclude": ["transform-async-to-generator", "transform-regenerator"],
         "loose": true,
         "modules": false,
         "targets": {

.circleci/config.yml

@@ -1,193 +0,0 @@
-version: 2
-
-aliases:
-  - &defaults
-    docker:
-      - image: circleci/ruby:2.5.1-stretch-node
-        environment: &ruby_environment
-          BUNDLE_APP_CONFIG: ./.bundle/
-          DB_HOST: localhost
-          DB_USER: root
-          RAILS_ENV: test
-          PARALLEL_TEST_PROCESSORS: 4
-          ALLOW_NOPAM: true
-          CONTINUOUS_INTEGRATION: true
-          DISABLE_SIMPLECOV: true
-    working_directory: ~/projects/mastodon/
-
-  - &attach_workspace
-    attach_workspace:
-      at: ~/projects/
-
-  - &persist_to_workspace
-    persist_to_workspace:
-      root: ~/projects/
-      paths:
-        - ./mastodon/
-
-  - &restore_ruby_dependencies
-    restore_cache:
-      keys:
-        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
-        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-
-        - v2-ruby-dependencies-
-
-  - &install_steps
-    steps:
-      - checkout
-      - *attach_workspace
-
-      - restore_cache:
-          keys:
-            - v1-node-dependencies-{{ checksum "yarn.lock" }}
-            - v1-node-dependencies-
-      - run: yarn install --frozen-lockfile
-      - save_cache:
-          key: v1-node-dependencies-{{ checksum "yarn.lock" }}
-          paths:
-            - ./node_modules/
-
-      - *persist_to_workspace
-
-  - &install_system_dependencies
-      run:
-        name: Install system dependencies
-        command: |
-          sudo apt-get update
-          sudo apt-get install -y libicu-dev libidn11-dev libprotobuf-dev protobuf-compiler
-
-  - &install_ruby_dependencies
-      steps:
-        - *attach_workspace
-
-        - *install_system_dependencies
-
-        - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
-        - *restore_ruby_dependencies
-        - run: bundle install --clean --jobs 16 --path ./vendor/bundle/ --retry 3 --with pam_authentication --without development production
-        - save_cache:
-            key: v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
-            paths:
-              - ./.bundle/
-              - ./vendor/bundle/
-
-  - &test_steps
-      steps:
-        - *attach_workspace
-
-        - *install_system_dependencies
-        - run: sudo apt-get install -y ffmpeg
-
-        - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
-        - *restore_ruby_dependencies
-
-        - restore_cache:
-            keys:
-              - precompiled-assets-{{ .Branch }}-{{ .Revision }}
-              - precompiled-assets-{{ .Branch }}-
-              - precompiled-assets-
-
-        - run:
-            name: Prepare Tests
-            command: ./bin/rails parallel:create parallel:load_schema parallel:prepare
-        - run:
-            name: Run Tests
-            command: ./bin/retry bundle exec parallel_test ./spec/ --group-by filesize --type rspec
-
-jobs:
-  install:
-    <<: *defaults
-    <<: *install_steps
-
-  install-ruby2.5:
-    <<: *defaults
-    <<: *install_ruby_dependencies
-
-  install-ruby2.4:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.4.4-stretch-node
-        environment: *ruby_environment
-    <<: *install_ruby_dependencies
-
-  build:
-    <<: *defaults
-    steps:
-      - *attach_workspace
-      - *install_system_dependencies
-      - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
-      - *restore_ruby_dependencies
-      - run: ./bin/rails assets:precompile
-      - save_cache:
-          key: precompiled-assets-{{ .Branch }}-{{ .Revision }}
-          paths:
-            - ./public/assets
-            - ./public/packs-test/
-
-  test-ruby2.5:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.5.1-stretch-node
-        environment: *ruby_environment
-      - image: circleci/postgres:10.3-alpine
-        environment:
-          POSTGRES_USER: root
-      - image: circleci/redis:4.0.9-alpine
-    <<: *test_steps
-
-  test-ruby2.4:
-    <<: *defaults
-    docker:
-      - image: circleci/ruby:2.4.4-stretch-node
-        environment: *ruby_environment
-      - image: circleci/postgres:10.3-alpine
-        environment:
-          POSTGRES_USER: root
-      - image: circleci/redis:4.0.9-alpine
-    <<: *test_steps
-
-  test-webui:
-    <<: *defaults
-    docker:
-      - image: circleci/node:8.11.1-stretch
-    steps:
-      - *attach_workspace
-      - run: ./bin/retry yarn test:jest
-
-  check-i18n:
-    <<: *defaults
-    steps:
-      - *attach_workspace
-      - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
-      - *restore_ruby_dependencies
-      - run: bundle exec i18n-tasks check-normalized
-      - run: bundle exec i18n-tasks unused
-
-workflows:
-  version: 2
-  build-and-test:
-    jobs:
-      - install
-      - install-ruby2.5:
-          requires:
-            - install
-      - install-ruby2.4:
-          requires:
-            - install
-      - build:
-          requires:
-            - install-ruby2.5
-      - test-ruby2.5:
-          requires:
-            - install-ruby2.5
-            - build
-      - test-ruby2.4:
-          requires:
-            - install-ruby2.4
-            - build
-      - test-webui:
-          requires:
-            - install
-      - check-i18n:
-          requires:
-            - install-ruby2.5

.codeclimate.yml

@@ -30,7 +30,6 @@ plugins:
     channel: eslint-4
   rubocop:
     enabled: true
-    channel: rubocop-0-54
   scss-lint:
     enabled: true
 exclude_patterns:

.dockerignore

@@ -11,4 +11,3 @@ vendor/bundle
 *~
 postgres
 redis
-elasticsearch

.env.nanobox

@@ -13,29 +13,11 @@ DB_PORT=5432
 
 DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano
 
-# Optional ElasticSearch configuration
-ES_ENABLED=true
-ES_HOST=$DATA_ELASTIC_HOST
-ES_PORT=9200
-
-# Optimizations
-LD_PRELOAD=/data/lib/libjemalloc.so
-
-# ImageMagick optimizations
-MAGICK_TEMPORARY_PATH=/app/tmp
-MAGICK_MEMORY_LIMIT=128MiB
-MAGICK_MAP_LIMIT=64MiB
-MAGICK_TIME_LIMIT=15
-MAGICK_AREA_LIMIT=16MP
-MAGICK_WIDTH_LIMIT=8KP
-MAGICK_HEIGHT_LIMIT=8KP
-
 # Federation
-# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
+# Note: Changing LOCAL_DOMAIN or LOCAL_HTTPS at a later time will cause unwanted side effects.
 # LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
 LOCAL_DOMAIN=${APP_NAME}.nanoapp.io
-
+LOCAL_HTTPS=false
-# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
 
 # Use this only if you need to run mastodon on a different domain than the one used for federation.
 # You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
@@ -49,6 +31,7 @@ LOCAL_DOMAIN=${APP_NAME}.nanoapp.io
 
 # Application secrets
 # Generate each with the `rake secret` task (`nanobox run bundle exec rake secret`)
+PAPERCLIP_SECRET=$PAPERCLIP_SECRET
 SECRET_KEY_BASE=$SECRET_KEY_BASE
 OTP_SECRET=$OTP_SECRET
 
@@ -148,79 +131,9 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 
 # Cluster number setting for streaming API server.
 # If you comment out following line, cluster number will be `numOfCpuCores - 1`.
-# STREAMING_CLUSTER_NUM=1
+STREAMING_CLUSTER_NUM=1
 
 # Docker mastodon user
 # If you use Docker, you may want to assign UID/GID manually.
 # UID=1000
 # GID=1000
-
-# LDAP authentication (optional)
-# LDAP_ENABLED=true
-# LDAP_HOST=localhost
-# LDAP_PORT=389
-# LDAP_METHOD=simple_tls
-# LDAP_BASE=
-# LDAP_BIND_DN=
-# LDAP_PASSWORD=
-# LDAP_UID=cn
-
-# PAM authentication (optional)
-# PAM authentication uses for the email generation the "email" pam variable
-# and optional as fallback PAM_DEFAULT_SUFFIX
-# The pam environment variable "email" is provided by:
-# https://github.com/devkral/pam_email_extractor
-# PAM_ENABLED=true
-# Fallback Suffix for email address generation (nil by default)
-# PAM_DEFAULT_SUFFIX=pam
-# Name of the pam service (pam "auth" section is evaluated)
-# PAM_DEFAULT_SERVICE=rpam
-# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
-# PAM_CONTROLLED_SERVICE=rpam
-
-# Global OAuth settings (optional) :
-# If you have only one strategy, you may want to enable this
-# OAUTH_REDIRECT_AT_SIGN_IN=true
-
-# Optional CAS authentication (cf. omniauth-cas) :
-# CAS_ENABLED=true
-# CAS_URL=https://sso.myserver.com/
-# CAS_HOST=sso.myserver.com/
-# CAS_PORT=443
-# CAS_SSL=true
-# CAS_VALIDATE_URL=
-# CAS_CALLBACK_URL=
-# CAS_LOGOUT_URL=
-# CAS_LOGIN_URL=
-# CAS_UID_FIELD='user'
-# CAS_CA_PATH=
-# CAS_DISABLE_SSL_VERIFICATION=false
-# CAS_UID_KEY='user'
-# CAS_NAME_KEY='name'
-# CAS_EMAIL_KEY='email'
-# CAS_NICKNAME_KEY='nickname'
-# CAS_FIRST_NAME_KEY='firstname'
-# CAS_LAST_NAME_KEY='lastname'
-# CAS_LOCATION_KEY='location'
-# CAS_IMAGE_KEY='image'
-# CAS_PHONE_KEY='phone'
-
-# Optional SAML authentication (cf. omniauth-saml)
-# SAML_ENABLED=true
-# SAML_ACS_URL=
-# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
-# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
-# SAML_IDP_CERT=
-# SAML_IDP_CERT_FINGERPRINT=
-# SAML_NAME_IDENTIFIER_FORMAT=
-# SAML_CERT=
-# SAML_PRIVATE_KEY=
-# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
-# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
-# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
-# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
-# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
-# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.5.4.42"
-# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
-# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
-# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=

.env.production.sample

@@ -9,15 +9,11 @@ DB_USER=postgres
 DB_NAME=postgres
 DB_PASS=
 DB_PORT=5432
-# Optional ElasticSearch configuration
-# ES_ENABLED=true
-# ES_HOST=es
-# ES_PORT=9200
 
 # Federation
 # Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
 # LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
-LOCAL_DOMAIN=example.com
+LOCAL_DOMAIN=example.com 
 
 # Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
 
@@ -33,6 +29,7 @@ LOCAL_DOMAIN=example.com
 
 # Application secrets
 # Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
+PAPERCLIP_SECRET=
 SECRET_KEY_BASE=
 OTP_SECRET=
 
@@ -61,7 +58,7 @@ VAPID_PUBLIC_KEY=
 # E-mail configuration
 # Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
 # If you want to use an SMTP server without authentication (e.g local Postfix relay)
-# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
+# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and 
 # *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
 SMTP_SERVER=smtp.mailgun.org
 SMTP_PORT=587
@@ -81,17 +78,9 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # PAPERCLIP_ROOT_URL=/system
 
 # Optional asset host for multi-server setups
-# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
-# if WEB_DOMAIN is not set. For example, the server may have the
-# following header field:
-# Access-Control-Allow-Origin: https://example.com/
 # CDN_HOST=https://assets.example.com
 
 # S3 (optional)
-# The attachment host must allow cross origin request from WEB_DOMAIN or
-# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
-# following header field:
-# Access-Control-Allow-Origin: https://192.168.1.123:9000/
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
@@ -101,8 +90,6 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # S3_HOSTNAME=192.168.1.123:9000
 
 # S3 (Minio Config (optional) Please check Minio instance for details)
-# The attachment host must allow cross origin request - see the description
-# above.
 # S3_ENABLED=true
 # S3_BUCKET=
 # AWS_ACCESS_KEY_ID=
@@ -114,15 +101,11 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # S3_SIGNATURE_VERSION=
 
 # Swift (optional)
-# The attachment host must allow cross origin request - see the description
-# above.
 # SWIFT_ENABLED=true
 # SWIFT_USERNAME=
 # For Keystone V3, the value for SWIFT_TENANT should be the project name
 # SWIFT_TENANT=
 # SWIFT_PASSWORD=
-# Some OpenStack V3 providers require PROJECT_ID (optional)
-# SWIFT_PROJECT_ID=
 # Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
 # issues with token rate-limiting during high load.
 # SWIFT_AUTH_URL=
@@ -152,85 +135,6 @@ STREAMING_CLUSTER_NUM=1
 # If you use Docker, you may want to assign UID/GID manually.
 # UID=1000
 # GID=1000
- 
+
 # Maximum allowed character count
 # MAX_TOOT_CHARS=500
-
-# LDAP authentication (optional)
-# LDAP_ENABLED=true
-# LDAP_HOST=localhost
-# LDAP_PORT=389
-# LDAP_METHOD=simple_tls
-# LDAP_BASE=
-# LDAP_BIND_DN=
-# LDAP_PASSWORD=
-# LDAP_UID=cn
-
-# PAM authentication (optional)
-# PAM authentication uses for the email generation the "email" pam variable
-# and optional as fallback PAM_DEFAULT_SUFFIX
-# The pam environment variable "email" is provided by:
-# https://github.com/devkral/pam_email_extractor
-# PAM_ENABLED=true
-# Fallback email domain for email address generation (LOCAL_DOMAIN by default)
-# PAM_EMAIL_DOMAIN=example.com
-# Name of the pam service (pam "auth" section is evaluated)
-# PAM_DEFAULT_SERVICE=rpam
-# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
-# PAM_CONTROLLED_SERVICE=rpam
-
-# Global OAuth settings (optional) :
-# If you have only one strategy, you may want to enable this
-# OAUTH_REDIRECT_AT_SIGN_IN=true
-
-# Optional CAS authentication (cf. omniauth-cas) :
-# CAS_ENABLED=true
-# CAS_URL=https://sso.myserver.com/
-# CAS_HOST=sso.myserver.com/
-# CAS_PORT=443
-# CAS_SSL=true
-# CAS_VALIDATE_URL=
-# CAS_CALLBACK_URL=
-# CAS_LOGOUT_URL=
-# CAS_LOGIN_URL=
-# CAS_UID_FIELD='user'
-# CAS_CA_PATH=
-# CAS_DISABLE_SSL_VERIFICATION=false
-# CAS_UID_KEY='user'
-# CAS_NAME_KEY='name'
-# CAS_EMAIL_KEY='email'
-# CAS_NICKNAME_KEY='nickname'
-# CAS_FIRST_NAME_KEY='firstname'
-# CAS_LAST_NAME_KEY='lastname'
-# CAS_LOCATION_KEY='location'
-# CAS_IMAGE_KEY='image'
-# CAS_PHONE_KEY='phone'
-
-# Optional SAML authentication (cf. omniauth-saml)
-# SAML_ENABLED=true
-# SAML_ACS_URL=
-# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
-# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
-# SAML_IDP_CERT=
-# SAML_IDP_CERT_FINGERPRINT=
-# SAML_NAME_IDENTIFIER_FORMAT=
-# SAML_CERT=
-# SAML_PRIVATE_KEY=
-# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
-# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
-# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
-# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
-# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
-# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
-# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42"
-# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4"
-# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
-# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
-# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
-
-# Use HTTP proxy for outgoing request (optional)
-# http_proxy=http://gateway.local:8118
-# Access control for hidden service.
-# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
-# If you use transparent proxy to access to hidden service, uncomment following for skipping private address check.
-# HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY=true

.env.test

@@ -1,9 +1,4 @@
-# Node.js
-NODE_ENV=test
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
-# test pam authentication
+OTP_SECRET=100c7faeef00caa29242f6b04156742bf76065771fd4117990c4282b8748ff3d99f8fdae97c982ab5bd2e6756a159121377cce4421f4a8ecd2d67bd7749a3fb4
-PAM_ENABLED=true
-PAM_DEFAULT_SERVICE=pam_test
-PAM_CONTROLLED_SERVICE=pam_test_controlled

.eslintrc.yml

@@ -7,16 +7,12 @@ env:
   es6: true
   jest: true
 
-globals:
-  ATTACHMENT_HOST: false
-
 parser: babel-eslint
 
 plugins:
 - react
 - jsx-a11y
 - import
-- promise
 
 parserOptions:
   sourceType: module
@@ -118,23 +114,13 @@ rules:
   jsx-a11y/accessible-emoji: warn
   jsx-a11y/alt-text: warn
   jsx-a11y/anchor-has-content: warn
-  jsx-a11y/anchor-is-valid:
-  - warn
-  - components:
-    - Link
-    - NavLink
-    specialLink:
-    - to
-    aspect:
-    - noHref
-    - invalidHref
-    - preferButton
   jsx-a11y/aria-activedescendant-has-tabindex: warn
   jsx-a11y/aria-props: warn
   jsx-a11y/aria-proptypes: warn
   jsx-a11y/aria-role: warn
   jsx-a11y/aria-unsupported-elements: warn
   jsx-a11y/heading-has-content: warn
+  jsx-a11y/href-no-hash: warn
   jsx-a11y/html-has-lang: warn
   jsx-a11y/iframe-has-title: warn
   jsx-a11y/img-redundant-alt: warn
@@ -171,5 +157,3 @@ rules:
     - "app/javascript/**/__tests__/**"
   import/no-unresolved: error
   import/no-webpack-loader-syntax: error
-
-  promise/catch-or-return: error

.github/ISSUE_TEMPLATE.md

@@ -1,9 +1,3 @@
----
-name: Bug Report
-about: Create a report to help us improve
-
----
-
 [Issue text goes here].
 
 * * * *

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,11 +0,0 @@
----
-name: Feature Request
-about: Suggest an idea for this project
-
----
-
-[Issue text goes here].
-
-* * * *
-
-- [ ] I searched or browsed the repo’s other issues to ensure this is not a duplicate.

.gitignore

@@ -36,10 +36,9 @@ config/deploy/*
 .vscode/
 .idea/
 
-# Ignore postgres + redis + elasticsearch volume optionally created by docker-compose
+# Ignore postgres + redis volume optionally created by docker-compose
 postgres
 redis
-elasticsearch
 
 # Ignore Apple files
 .DS_Store

.rubocop.yml

@@ -107,8 +107,5 @@ Style/RegexpLiteral:
 Style/SymbolArray:
   Enabled: false
 
-Style/TrailingCommaInArrayLiteral:
+Style/TrailingCommaInLiteral:
-  EnforcedStyleForMultiline: 'comma'
-
-Style/TrailingCommaInHashLiteral:
   EnforcedStyleForMultiline: 'comma'

.ruby-version

@@ -1 +1 @@
-2.5.1
+2.5.0

.travis.yml

@@ -3,10 +3,10 @@ cache:
   bundler: true
   yarn: true
   directories:
-    - node_modules
+  - node_modules
-    - public/assets
+  - public/assets
-    - public/packs-test
+  - public/packs-test
-    - tmp/cache/babel-loader
+  - tmp/cache/babel-loader
 dist: trusty
 sudo: false
 
@@ -18,43 +18,41 @@ env:
     - LOCAL_DOMAIN=cb6e6126.ngrok.io
     - LOCAL_HTTPS=true
     - RAILS_ENV=test
+    - NOKOGIRI_USE_SYSTEM_LIBRARIES=true
     - PARALLEL_TEST_PROCESSORS=2
-    - ALLOW_NOPAM=true
+    - "PATH=$HOME:$PATH"
 
 addons:
   postgresql: 9.4
   apt:
     sources:
-      - trusty-media
+    - trusty-media
-      - sourceline: deb https://dl.yarnpkg.com/debian/ stable main
+    - sourceline: deb https://dl.yarnpkg.com/debian/ stable main
-        key_url: https://dl.yarnpkg.com/debian/pubkey.gpg
+      key_url: https://dl.yarnpkg.com/debian/pubkey.gpg
     packages:
-      - ffmpeg
+    - ffmpeg
-      - libicu-dev
+    - libicu-dev
-      - libprotobuf-dev
+    - libprotobuf-dev
-      - protobuf-compiler
+    - protobuf-compiler
-      - yarn
+    - yarn
 
 rvm:
-  - 2.4.3
+  - 2.4.2
-  - 2.5.1
+  - 2.5.0
 
 services:
   - redis-server
 
 install:
   - nvm install
-  - bundle install --path=vendor/bundle --with pam_authentication --without development production --retry=3 --jobs=16
+  - bundle install --path=vendor/bundle --without development production --retry=3 --jobs=16
   - yarn install
 
-# https://github.com/travis-ci/travis-ci/issues/9333
-before_install:
-  - gem install bundler
-
 before_script:
-  - travis_wait ./bin/rails parallel:create parallel:load_schema parallel:prepare assets:precompile
+  - ./bin/rails parallel:create parallel:load_schema parallel:prepare assets:precompile
+  - ln -s /usr/bin/x86_64-linux-gnu-g++-6 "$HOME/g++"
 
 script:
   - travis_retry bundle exec parallel_test spec/ --group-by filesize --type rspec
-  - yarn run test:jest
+  - yarn test
   - bundle exec i18n-tasks check-normalized && bundle exec i18n-tasks unused

AUTHORS.md

@@ -1,450 +0,0 @@
-Mastodon is available on [GitHub](https://github.com/tootsuite/mastodon)
-and provided thanks to the work of the following contributors:
-
-* [Gargron](https://github.com/Gargron)
-* [ykzts](https://github.com/ykzts)
-* [mjankowski](https://github.com/mjankowski)
-* [akihikodaki](https://github.com/akihikodaki)
-* [unarist](https://github.com/unarist)
-* [yiskah](https://github.com/yiskah)
-* [m4sk1n](https://github.com/m4sk1n)
-* [nolanlawson](https://github.com/nolanlawson)
-* [sorin-davidoi](https://github.com/sorin-davidoi)
-* [abcang](https://github.com/abcang)
-* [ThibG](https://github.com/ThibG)
-* [lynlynlynx](https://github.com/lynlynlynx)
-* [alpaca-tc](https://github.com/alpaca-tc)
-* [nclm](https://github.com/nclm)
-* [ineffyble](https://github.com/ineffyble)
-* [jeroenpraat](https://github.com/jeroenpraat)
-* [blackle](https://github.com/blackle)
-* [Quent-in](https://github.com/Quent-in)
-* [JantsoP](https://github.com/JantsoP)
-* [nullkal](https://github.com/nullkal)
-* [yookoala](https://github.com/yookoala)
-* [ysksn](https://github.com/ysksn)
-* [ashfurrow](https://github.com/ashfurrow)
-* [eramdam](https://github.com/eramdam)
-* [mayaeh](https://github.com/mayaeh)
-* [zunda](https://github.com/zunda)
-* [ticky](https://github.com/ticky)
-* [masarakki](https://github.com/masarakki)
-* [Wonderfall](https://github.com/Wonderfall)
-* [matteoaquila](https://github.com/matteoaquila)
-* [rkarabut](https://github.com/rkarabut)
-* [stephenburgess8](https://github.com/stephenburgess8)
-* [Kjwon15](https://github.com/Kjwon15)
-* [Artoria2e5](https://github.com/Artoria2e5)
-* [yukimochi](https://github.com/yukimochi)
-* [marrus-sh](https://github.com/marrus-sh)
-* [krainboltgreene](https://github.com/krainboltgreene)
-* [renatolond](https://github.com/renatolond)
-* [BoFFire](https://github.com/BoFFire)
-* [clworld](https://github.com/clworld)
-* [danhunsaker](https://github.com/danhunsaker)
-* [patf](https://github.com/patf)
-* [Quenty31](https://github.com/Quenty31)
-* [MitarashiDango](https://github.com/MitarashiDango)
-* [Aldarone](https://github.com/Aldarone)
-* [JeanGauthier](https://github.com/JeanGauthier)
-* [kschaper](https://github.com/kschaper)
-* [takayamaki](https://github.com/takayamaki)
-* [adbelle](https://github.com/adbelle)
-* [evanminto](https://github.com/evanminto)
-* [mabkenar](https://github.com/mabkenar)
-* [MightyPork](https://github.com/MightyPork)
-* [beatrix-bitrot](https://github.com/beatrix-bitrot)
-* [yhirano55](https://github.com/yhirano55)
-* [camponez](https://github.com/camponez)
-* [aschmitz](https://github.com/aschmitz)
-* [fpiesche](https://github.com/fpiesche)
-* [gandaro](https://github.com/gandaro)
-* [johnsudaar](https://github.com/johnsudaar)
-* [trebmuh](https://github.com/trebmuh)
-* [Sylvhem](https://github.com/Sylvhem)
-* [lindwurm](https://github.com/lindwurm)
-* [voidsatisfaction](https://github.com/voidsatisfaction)
-* [neetshin](https://github.com/neetshin)
-* [valentin2105](https://github.com/valentin2105)
-* [hikari-no-yume](https://github.com/hikari-no-yume)
-* [Angristan](https://github.com/Angristan)
-* [seefood](https://github.com/seefood)
-* [jackjennings](https://github.com/jackjennings)
-* [hcmiya](https://github.com/hcmiya)
-* [nightpool](https://github.com/nightpool)
-* [salvadorpla](https://github.com/salvadorpla)
-* [expenses](https://github.com/expenses)
-* [walf443](https://github.com/walf443)
-* [JoelQ](https://github.com/JoelQ)
-* [mistydemeo](https://github.com/mistydemeo)
-* [dunn](https://github.com/dunn)
-* [xqus](https://github.com/xqus)
-* [pfm-eyesightjp](https://github.com/pfm-eyesightjp)
-* [fakenine](https://github.com/fakenine)
-* [tsuwatch](https://github.com/tsuwatch)
-* [victorhck](https://github.com/victorhck)
-* [puckipedia](https://github.com/puckipedia)
-* [contraexemplo](https://github.com/contraexemplo)
-* [kazu9su](https://github.com/kazu9su)
-* [Komic](https://github.com/Komic)
-* [diomed](https://github.com/diomed)
-* [rainyday](https://github.com/rainyday)
-* [kadiix](https://github.com/kadiix)
-* [kodacs](https://github.com/kodacs)
-* [ProgVal](https://github.com/ProgVal)
-* [sterdev](https://github.com/sterdev)
-* [TheKinrar](https://github.com/TheKinrar)
-* [AA4ch1](https://github.com/AA4ch1)
-* [alexgleason](https://github.com/alexgleason)
-* [cpytel](https://github.com/cpytel)
-* [northerner](https://github.com/northerner)
-* [hnrysmth](https://github.com/hnrysmth)
-* [hugogameiro](https://github.com/hugogameiro)
-* [JohnD28](https://github.com/JohnD28)
-* [znz](https://github.com/znz)
-* [Naouak](https://github.com/Naouak)
-* [rtucker](https://github.com/rtucker)
-* [reneklacan](https://github.com/reneklacan)
-* [KScl](https://github.com/KScl)
-* [SerCom-KC](https://github.com/SerCom-KC)
-* [tcitworld](https://github.com/tcitworld)
-* [geta6](https://github.com/geta6)
-* [goofy-bz](https://github.com/goofy-bz)
-* [happycoloredbanana](https://github.com/happycoloredbanana)
-* [leopku](https://github.com/leopku)
-* [SansPseudoFix](https://github.com/SansPseudoFix)
-* [tomfhowe](https://github.com/tomfhowe)
-* [noraworld](https://github.com/noraworld)
-* [fvh-P](https://github.com/fvh-P)
-* [178inaba](https://github.com/178inaba)
-* [devkral](https://github.com/devkral)
-* [alyssais](https://github.com/alyssais)
-* [kodnaplakal](https://github.com/kodnaplakal)
-* [stalker314314](https://github.com/stalker314314)
-* [huertanix](https://github.com/huertanix)
-* [genesixx](https://github.com/genesixx)
-* [fhemberger](https://github.com/fhemberger)
-* [halkeye](https://github.com/halkeye)
-* [treby](https://github.com/treby)
-* [d6rkaiz](https://github.com/d6rkaiz)
-* [jpdevries](https://github.com/jpdevries)
-* [rndm-stranger](https://github.com/rndm-stranger)
-* [saper](https://github.com/saper)
-* [nevillepark](https://github.com/nevillepark)
-* [ornithocoder](https://github.com/ornithocoder)
-* [pierreozoux](https://github.com/pierreozoux)
-* [ramlmn](https://github.com/ramlmn)
-* [harukasan](https://github.com/harukasan)
-* [stamak](https://github.com/stamak)
-* [Eychics](https://github.com/Eychics)
-* [thor-the-norseman](https://github.com/thor-the-norseman)
-* [0x70b1a5](https://github.com/0x70b1a5)
-* [gled-rs](https://github.com/gled-rs)
-* [R0ckweb](https://github.com/R0ckweb)
-* [esetomo](https://github.com/esetomo)
-* [foxiehkins](https://github.com/foxiehkins)
-* [sdukhovni](https://github.com/sdukhovni)
-* [unsmell](https://github.com/unsmell)
-* [chriswmartin](https://github.com/chriswmartin)
-* [vahnj](https://github.com/vahnj)
-* [ikuradon](https://github.com/ikuradon)
-* [AndreLewin](https://github.com/AndreLewin)
-* [redtachyons](https://github.com/redtachyons)
-* [thurloat](https://github.com/thurloat)
-* [aaribaud](https://github.com/aaribaud)
-* [estuans](https://github.com/estuans)
-* [dissolve](https://github.com/dissolve)
-* [PurpleBooth](https://github.com/PurpleBooth)
-* [bradurani](https://github.com/bradurani)
-* [wavebeem](https://github.com/wavebeem)
-* [bruwalfas](https://github.com/bruwalfas)
-* [foxsan48](https://github.com/foxsan48)
-* [wchristian](https://github.com/wchristian)
-* [muffinista](https://github.com/muffinista)
-* [cdutson](https://github.com/cdutson)
-* [farlistener](https://github.com/farlistener)
-* [DavidLibeau](https://github.com/DavidLibeau)
-* [SirCmpwn](https://github.com/SirCmpwn)
-* [MasterGroosha](https://github.com/MasterGroosha)
-* [Fjoerfoks](https://github.com/Fjoerfoks)
-* [fmauNeko](https://github.com/fmauNeko)
-* [gloaec](https://github.com/gloaec)
-* [greysteil](https://github.com/greysteil)
-* [unstabler](https://github.com/unstabler)
-* [potato4d](https://github.com/potato4d)
-* [h-izumi](https://github.com/h-izumi)
-* [ErikXXon](https://github.com/ErikXXon)
-* [ian-kelling](https://github.com/ian-kelling)
-* [foozmeat](https://github.com/foozmeat)
-* [jasonrhodes](https://github.com/jasonrhodes)
-* [asm](https://github.com/asm)
-* [jviide](https://github.com/jviide)
-* [crakaC](https://github.com/crakaC)
-* [tkbky](https://github.com/tkbky)
-* [Kazhnuz](https://github.com/Kazhnuz)
-* [alimony](https://github.com/alimony)
-* [mig5](https://github.com/mig5)
-* [ndarville](https://github.com/ndarville)
-* [Abzol](https://github.com/Abzol)
-* [xPaw](https://github.com/xPaw)
-* [raymestalez](https://github.com/raymestalez)
-* [sim6](https://github.com/sim6)
-* [ekiru](https://github.com/ekiru)
-* [Technowix](https://github.com/Technowix)
-* [ThomasLeister](https://github.com/ThomasLeister)
-* [mcat-ee](https://github.com/mcat-ee)
-* [tototoshi](https://github.com/tototoshi)
-* [VirtuBox](https://github.com/VirtuBox)
-* [kaniini](https://github.com/kaniini)
-* [vayan](https://github.com/vayan)
-* [yannicka](https://github.com/yannicka)
-* [ikasoumen](https://github.com/ikasoumen)
-* [zacanger](https://github.com/zacanger)
-* [amazedkoumei](https://github.com/amazedkoumei)
-* [anon5r](https://github.com/anon5r)
-* [codl](https://github.com/codl)
-* [barzamin](https://github.com/barzamin)
-* [fhalna](https://github.com/fhalna)
-* [haoyayoi](https://github.com/haoyayoi)
-* [ik11235](https://github.com/ik11235)
-* [kawax](https://github.com/kawax)
-* [007lva](https://github.com/007lva)
-* [matsurai25](https://github.com/matsurai25)
-* [mecab](https://github.com/mecab)
-* [nicobz25](https://github.com/nicobz25)
-* [oliverkeeble](https://github.com/oliverkeeble)
-* [pinfort](https://github.com/pinfort)
-* [rbaumert](https://github.com/rbaumert)
-* [usagi-f](https://github.com/usagi-f)
-* [vidarlee](https://github.com/vidarlee)
-* [vjackson725](https://github.com/vjackson725)
-* [wxcafe](https://github.com/wxcafe)
-* [rinsuki](https://github.com/rinsuki)
-* [cygnan](https://github.com/cygnan)
-* [Awea](https://github.com/Awea)
-* [halcy](https://github.com/halcy)
-* [bounshi](https://github.com/bounshi)
-* [8398a7](https://github.com/8398a7)
-* [857b](https://github.com/857b)
-* [unascribed](https://github.com/unascribed)
-* [Aguay-val](https://github.com/Aguay-val)
-* [knu](https://github.com/knu)
-* [alxrcs](https://github.com/alxrcs)
-* [console-cowboy](https://github.com/console-cowboy)
-* [pointlessone](https://github.com/pointlessone)
-* [a2](https://github.com/a2)
-* [0xa](https://github.com/0xa)
-* [virtualpain](https://github.com/virtualpain)
-* [sapphirus](https://github.com/sapphirus)
-* [amandavisconti](https://github.com/amandavisconti)
-* [ameliavoncat](https://github.com/ameliavoncat)
-* [ilpianista](https://github.com/ilpianista)
-* [andydrop](https://github.com/andydrop)
-* [schas002](https://github.com/schas002)
-* [jumbosushi](https://github.com/jumbosushi)
-* [ayumin](https://github.com/ayumin)
-* [BaptisteGelez](https://github.com/BaptisteGelez)
-* [bzg](https://github.com/bzg)
-* [benediktg](https://github.com/benediktg)
-* [blakebarnett](https://github.com/blakebarnett)
-* [bradj](https://github.com/bradj)
-* [brycied00d](https://github.com/brycied00d)
-* [carlosjs23](https://github.com/carlosjs23)
-* [cgxxx](https://github.com/cgxxx)
-* [chrisheninger](https://github.com/chrisheninger)
-* [chris-martin](https://github.com/chris-martin)
-* [DoubleMalt](https://github.com/DoubleMalt)
-* [Moosh-be](https://github.com/Moosh-be)
-* [Motoma](https://github.com/Motoma)
-* [chriswk](https://github.com/chriswk)
-* [csu](https://github.com/csu)
-* [kklleemm](https://github.com/kklleemm)
-* [monsterpit-daggertooth](https://github.com/monsterpit-daggertooth)
-* [watilde](https://github.com/watilde)
-* [daprice](https://github.com/daprice)
-* [dar5hak](https://github.com/dar5hak)
-* [kant](https://github.com/kant)
-* [singingwolfboy](https://github.com/singingwolfboy)
-* [davidcelis](https://github.com/davidcelis)
-* [yipdw](https://github.com/yipdw)
-* [debanshuk](https://github.com/debanshuk)
-* [dblandin](https://github.com/dblandin)
-* [aranaur](https://github.com/aranaur)
-* [d3vgru](https://github.com/d3vgru)
-* [Elizafox](https://github.com/Elizafox)
-* [ericblade](https://github.com/ericblade)
-* [mikoim](https://github.com/mikoim)
-* [siuying](https://github.com/siuying)
-* [hattori6789](https://github.com/hattori6789)
-* [algernon](https://github.com/algernon)
-* [Fastbyte01](https://github.com/Fastbyte01)
-* [myfreeweb](https://github.com/myfreeweb)
-* [gfaivre](https://github.com/gfaivre)
-* [Fiaxhs](https://github.com/Fiaxhs)
-* [reedcourty](https://github.com/reedcourty)
-* [anneau](https://github.com/anneau)
-* [HellPie](https://github.com/HellPie)
-* [Habu-Kagumba](https://github.com/Habu-Kagumba)
-* [hinaloe](https://github.com/hinaloe)
-* [suzukaze](https://github.com/suzukaze)
-* [Hiromi-Kai](https://github.com/Hiromi-Kai)
-* [musashino205](https://github.com/musashino205)
-* [iwaim](https://github.com/iwaim)
-* [valrus](https://github.com/valrus)
-* [IMcD23](https://github.com/IMcD23)
-* [yi0713](https://github.com/yi0713)
-* [immae](https://github.com/immae)
-* [iblech](https://github.com/iblech)
-* [jack-michaud](https://github.com/jack-michaud)
-* [Floppy](https://github.com/Floppy)
-* [loomchild](https://github.com/loomchild)
-* [docjkl](https://github.com/docjkl)
-* [TrollDecker](https://github.com/TrollDecker)
-* [jmontane](https://github.com/jmontane)
-* [jonathanklee](https://github.com/jonathanklee)
-* [jguerder](https://github.com/jguerder)
-* [Jehops](https://github.com/Jehops)
-* [joshuap](https://github.com/joshuap)
-* [Tiwy57](https://github.com/Tiwy57)
-* [xuv](https://github.com/xuv)
-* [Jnsll](https://github.com/Jnsll)
-* [j0k3r](https://github.com/j0k3r)
-* [KEINOS](https://github.com/KEINOS)
-* [futoase](https://github.com/futoase)
-* [abjectio](https://github.com/abjectio)
-* [mkody](https://github.com/mkody)
-* [connyduck](https://github.com/connyduck)
-* [k0ta0uchi](https://github.com/k0ta0uchi)
-* [KrzysiekJ](https://github.com/KrzysiekJ)
-* [leowzukw](https://github.com/leowzukw)
-* [lmorchard](https://github.com/lmorchard)
-* [cacheflow](https://github.com/cacheflow)
-* [ldidry](https://github.com/ldidry)
-* [jemus42](https://github.com/jemus42)
-* [lfuelling](https://github.com/lfuelling)
-* [Grabacr07](https://github.com/Grabacr07)
-* [mistermantas](https://github.com/mistermantas)
-* [wirehack7](https://github.com/wirehack7)
-* [marvinkopf](https://github.com/marvinkopf)
-* [otsune](https://github.com/otsune)
-* [m-blc](https://github.com/m-blc)
-* [matt-auckland](https://github.com/matt-auckland)
-* [mattjmattj](https://github.com/mattjmattj)
-* [mtparet](https://github.com/mtparet)
-* [maximeborges](https://github.com/maximeborges)
-* [minacle](https://github.com/minacle)
-* [michaeljdeeb](https://github.com/michaeljdeeb)
-* [Themimitoof](https://github.com/Themimitoof)
-* [cyweo](https://github.com/cyweo)
-* [M1dgard](https://github.com/M1dgard)
-* [mike-burns](https://github.com/mike-burns)
-* [verymilan](https://github.com/verymilan)
-* [milmazz](https://github.com/milmazz)
-* [Mnkai](https://github.com/Mnkai)
-* [mitchhentges](https://github.com/mitchhentges)
-* [moritzheiber](https://github.com/moritzheiber)
-* [mouse-reeve](https://github.com/mouse-reeve)
-* [lae](https://github.com/lae)
-* [Nanamachi](https://github.com/Nanamachi)
-* [ngerakines](https://github.com/ngerakines)
-* [vonneudeck](https://github.com/vonneudeck)
-* [Ninetailed](https://github.com/Ninetailed)
-* [k24](https://github.com/k24)
-* [noiob](https://github.com/noiob)
-* [kwaio](https://github.com/kwaio)
-* [norayr](https://github.com/norayr)
-* [joyeusenoelle](https://github.com/joyeusenoelle)
-* [OlivierNicole](https://github.com/OlivierNicole)
-* [Otakan951](https://github.com/Otakan951)
-* [fahy](https://github.com/fahy)
-* [Pangoraw](https://github.com/Pangoraw)
-* [pwoolcoc](https://github.com/pwoolcoc)
-* [peterkeen](https://github.com/peterkeen)
-* [petzah](https://github.com/petzah)
-* [ignisf](https://github.com/ignisf)
-* [rfwatson](https://github.com/rfwatson)
-* [rfreebern](https://github.com/rfreebern)
-* [sylph01](https://github.com/sylph01)
-* [staticsafe](https://github.com/staticsafe)
-* [snwh](https://github.com/snwh)
-* [skoji](https://github.com/skoji)
-* [ScienJus](https://github.com/ScienJus)
-* [larkinscott](https://github.com/larkinscott)
-* [imolein](https://github.com/imolein)
-* [blinry](https://github.com/blinry)
-* [Noiwex](https://github.com/Noiwex)
-* [yuki764](https://github.com/yuki764)
-* [shnjp](https://github.com/shnjp)
-* [ernix](https://github.com/ernix)
-* [rosylilly](https://github.com/rosylilly)
-* [shouko](https://github.com/shouko)
-* [sossii](https://github.com/sossii)
-* [StefOfficiel](https://github.com/StefOfficiel)
-* [svetlik](https://github.com/svetlik)
-* [dereckson](https://github.com/dereckson)
-* [theboss](https://github.com/theboss)
-* [takp](https://github.com/takp)
-* [tkusano](https://github.com/tkusano)
-* [TheInventrix](https://github.com/TheInventrix)
-* [shug0](https://github.com/shug0)
-* [Fortyseven](https://github.com/Fortyseven)
-* [tobypinder](https://github.com/tobypinder)
-* [tomosm](https://github.com/tomosm)
-* [TomoyaShibata](https://github.com/TomoyaShibata)
-* [TrashMacNugget](https://github.com/TrashMacNugget)
-* [treyssatvincent](https://github.com/treyssatvincent)
-* [optikfluffel](https://github.com/optikfluffel)
-* [vmincev](https://github.com/vmincev)
-* [waldyrious](https://github.com/waldyrious)
-* [tahnok](https://github.com/tahnok)
-* [YDrogen](https://github.com/YDrogen)
-* [YOSHIOKAEiichiro](https://github.com/YOSHIOKAEiichiro)
-* [S-YOU](https://github.com/S-YOU)
-* [YaQ00](https://github.com/YaQ00)
-* [yanakend](https://github.com/yanakend)
-* [orzFly](https://github.com/orzFly)
-* [chansuke](https://github.com/chansuke)
-* [yuntan](https://github.com/yuntan)
-* [LogicalDash](https://github.com/LogicalDash)
-* [ZiiX](https://github.com/ZiiX)
-* [benklop](https://github.com/benklop)
-* [caasi](https://github.com/caasi)
-* [caesarologia](https://github.com/caesarologia)
-* [chrolis](https://github.com/chrolis)
-* [cormojs](https://github.com/cormojs)
-* [cpsdqs](https://github.com/cpsdqs)
-* [d0p1s4m4](https://github.com/d0p1s4m4)
-* [evilny0](https://github.com/evilny0)
-* [febrezo](https://github.com/febrezo)
-* [fsubal](https://github.com/fsubal)
-* [dikky1218](https://github.com/dikky1218)
-* [gentarok](https://github.com/gentarok)
-* [hakoai](https://github.com/hakoai)
-* [chaosbunker](https://github.com/chaosbunker)
-* [isati](https://github.com/isati)
-* [jkap](https://github.com/jkap)
-* [jirayudech](https://github.com/jirayudech)
-* [jukper](https://github.com/jukper)
-* [karlyeurl](https://github.com/karlyeurl)
-* [kedamaDQ](https://github.com/kedamaDQ)
-* [kuro5hin](https://github.com/kuro5hin)
-* [maxypy](https://github.com/maxypy)
-* [marcus-herrmann](https://github.com/marcus-herrmann)
-* [mshrtkch](https://github.com/mshrtkch)
-* [muan](https://github.com/muan)
-* [rch850](https://github.com/rch850)
-* [roikale](https://github.com/roikale)
-* [rysiekpl](https://github.com/rysiekpl)
-* [saturday06](https://github.com/saturday06)
-* [scriptjunkie](https://github.com/scriptjunkie)
-* [seekr](https://github.com/seekr)
-* [syui](https://github.com/syui)
-* [tackeyy](https://github.com/tackeyy)
-* [tmyt](https://github.com/tmyt)
-* [utam0k](https://github.com/utam0k)
-* [vpzomtrrfrt](https://github.com/vpzomtrrfrt)
-* [walfie](https://github.com/walfie)
-* [y-temp4](https://github.com/y-temp4)
-* [ymmtmdk](https://github.com/ymmtmdk)
-
-This document is provided for informational purposes only. Since it is only updated once per release, the version you are looking at may be currently out of date. To see the full list of contributors, consider looking at the [git history](https://github.com/tootsuite/mastodon/graphs/contributors) instead.

CONTRIBUTING.md

@@ -83,9 +83,4 @@ It is expected that you have a working development environment set up (see back-
 
 If the JavaScript or CSS assets won't compile due to a syntax error, it's a good sign that the pull request isn't ready for submission yet.
 
-## Translate
-
-You can contribute to translating Mastodon via Weblate at [weblate.joinmastodon.org](https://weblate.joinmastodon.org/).
-[![Mastodon translation statistics by language](https://weblate.joinmastodon.org/widgets/mastodon/-/multi-auto.svg)](https://weblate.joinmastodon.org/)
-
 </blockquote>

Dockerfile

@@ -1,12 +1,10 @@
-FROM ruby:2.4.4-alpine3.6
+FROM ruby:2.5.0-alpine3.7
 
 LABEL maintainer="https://github.com/tootsuite/mastodon" \
-      description="Your self-hosted, globally interconnected microblogging community"
+      description="A GNU Social-compatible microblogging server"
 
-ARG UID=991
+ENV UID=991 GID=991 \
-ARG GID=991
+    RAILS_SERVE_STATIC_FILES=true \
-
-ENV RAILS_SERVE_STATIC_FILES=true \
     RAILS_ENV=production NODE_ENV=production
 
 ARG YARN_VERSION=1.3.2
@@ -40,6 +38,7 @@ RUN apk -U upgrade \
     nodejs \
     nodejs-npm \
     protobuf \
+    su-exec \
     tini \
     tzdata \
  && update-ca-certificates \
@@ -72,17 +71,12 @@ RUN bundle config build.nokogiri --with-iconv-lib=/usr/local/lib --with-iconv-in
  && yarn --pure-lockfile \
  && yarn cache clean
 
-RUN addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon \
- && mkdir -p /mastodon/public/system /mastodon/public/assets /mastodon/public/packs \
- && chown -R mastodon:mastodon /mastodon/public
-
 COPY . /mastodon
 
-RUN chown -R mastodon:mastodon /mastodon
+COPY docker_entrypoint.sh /usr/local/bin/run
+
+RUN chmod +x /usr/local/bin/run
 
 VOLUME /mastodon/public/system /mastodon/public/assets /mastodon/public/packs
 
-USER mastodon
+ENTRYPOINT ["/usr/local/bin/run"]
-
-ENV LD_PRELOAD=/lib/stack-fix.so
-ENTRYPOINT ["/sbin/tini", "--"]

Gemfile

@@ -3,120 +3,99 @@
 source 'https://rubygems.org'
 ruby '>= 2.3.0', '< 2.6.0'
 
-gem 'pkg-config', '~> 1.3'
+gem 'pkg-config', '~> 1.2'
 
-gem 'puma', '~> 3.11'
+gem 'puma', '~> 3.10'
-gem 'rails', '~> 5.2.0'
+gem 'rails', '~> 5.1.4'
+gem 'uglifier', '~> 3.2'
 
 gem 'hamlit-rails', '~> 0.2'
-gem 'pg', '~> 1.0'
+gem 'pg', '~> 0.20'
-gem 'pghero', '~> 2.1'
+gem 'pghero', '~> 1.7'
-gem 'dotenv-rails', '~> 2.2', '< 2.3'
+gem 'dotenv-rails', '~> 2.2'
 
-gem 'aws-sdk-s3', '~> 1.9', require: false
+gem 'aws-sdk', '~> 2.10', require: false
 gem 'fog-core', '~> 1.45'
-gem 'fog-local', '~> 0.5', require: false
+gem 'fog-local', '~> 0.4', require: false
 gem 'fog-openstack', '~> 0.1', require: false
-gem 'paperclip', '~> 6.0'
+gem 'paperclip', '~> 5.1'
 gem 'paperclip-av-transcoder', '~> 0.6'
-gem 'streamio-ffmpeg', '~> 3.0'
+gem 'posix-spawn'
 
 gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.5'
-gem 'bootsnap', '~> 1.3'
+gem 'bootsnap'
 gem 'browser'
-gem 'charlock_holmes', '~> 0.7.6'
+gem 'charlock_holmes', '~> 0.7.5'
 gem 'iso-639'
-gem 'chewy', '~> 5.0'
 gem 'cld3', '~> 3.2.0'
 gem 'devise', '~> 4.4'
 gem 'devise-two-factor', '~> 3.0'
-
+gem 'doorkeeper', '~> 4.2'
-group :pam_authentication, optional: true do
-  gem 'devise_pam_authenticatable2', '~> 9.1'
-end
-
-gem 'net-ldap', '~> 0.10'
-gem 'omniauth-cas', '~> 1.1'
-gem 'omniauth-saml', '~> 1.10'
-gem 'omniauth', '~> 1.2'
-
-gem 'doorkeeper', '~> 4.2', '< 4.3'
 gem 'fast_blank', '~> 1.0'
-gem 'fastimage'
 gem 'goldfinger', '~> 2.1'
 gem 'hiredis', '~> 0.6'
 gem 'redis-namespace', '~> 1.5'
-gem 'html2text'
 gem 'htmlentities', '~> 4.3'
-gem 'http', '~> 3.2'
+gem 'http', '~> 3.0'
 gem 'http_accept_language', '~> 2.1'
-gem 'http_parser.rb', '~> 0.6', git: 'https://github.com/tmm1/http_parser.rb', ref: '54b17ba8c7d8d20a16dfc65d1775241833219cf2'
+gem 'httplog', '~> 0.99'
-gem 'httplog', '~> 1.0'
 gem 'idn-ruby', require: 'idn'
 gem 'kaminari', '~> 1.1'
 gem 'link_header', '~> 0.0'
-gem 'mime-types', '~> 3.1', require: 'mime/types/columnar'
+gem 'mime-types', '~> 3.1'
 gem 'nokogiri', '~> 1.8'
 gem 'nsa', '~> 0.2'
-gem 'oj', '~> 3.5'
+gem 'oj', '~> 3.3'
 gem 'ostatus2', '~> 2.0'
-gem 'ox', '~> 2.9'
+gem 'ox', '~> 2.8'
-gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
 gem 'pundit', '~> 1.1'
 gem 'premailer-rails'
-gem 'rack-attack', '~> 5.2'
+gem 'rack-attack', '~> 5.0'
-gem 'rack-cors', '~> 1.0', require: 'rack/cors'
+gem 'rack-cors', '~> 0.4', require: 'rack/cors'
 gem 'rack-timeout', '~> 0.4'
-gem 'rails-i18n', '~> 5.1'
+gem 'rails-i18n', '~> 5.0'
 gem 'rails-settings-cached', '~> 0.6'
-gem 'redis', '~> 4.0', require: ['redis', 'redis/connection/hiredis']
+gem 'redis', '~> 3.3', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 0.10'
+gem 'ruby-oembed', '~> 0.12', require: 'oembed'
 gem 'ruby-progressbar', '~> 1.4'
-gem 'sanitize', '~> 4.6'
+gem 'sanitize', '~> 4.4'
-gem 'sidekiq', '~> 5.1'
+gem 'sidekiq', '~> 5.0'
-gem 'sidekiq-scheduler', '~> 2.2'
+gem 'sidekiq-scheduler', '~> 2.1'
 gem 'sidekiq-unique-jobs', '~> 5.0'
 gem 'sidekiq-bulk', '~>0.1.1'
 gem 'simple-navigation', '~> 4.0'
-gem 'simple_form', '~> 4.0'
+gem 'simple_form', '~> 3.4'
 gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie'
-gem 'stoplight', '~> 2.1.3'
+gem 'strong_migrations'
-gem 'strong_migrations', '~> 0.2'
-gem 'tty-command', '~> 0.8', require: false
-gem 'tty-prompt', '~> 0.16', require: false
 gem 'twitter-text', '~> 1.14'
-gem 'tzinfo-data', '~> 1.2018'
+gem 'tzinfo-data', '~> 1.2017'
-gem 'webpacker', '~> 3.4'
+gem 'webpacker', '~> 3.0'
 gem 'webpush'
 
-gem 'json-ld', '~> 2.2'
+gem 'json-ld-preloaded', '~> 2.2.1'
-gem 'rdf-normalize', '~> 0.3'
+gem 'rdf-normalize', '~> 0.3.1'
 
 group :development, :test do
-  gem 'fabrication', '~> 2.20'
+  gem 'fabrication', '~> 2.18'
   gem 'fuubar', '~> 2.2'
   gem 'i18n-tasks', '~> 0.9', require: false
-  gem 'pry-byebug', '~> 3.6'
   gem 'pry-rails', '~> 0.3'
   gem 'rspec-rails', '~> 3.7'
 end
 
-group :production, :test do
-  gem 'private_address_check', '~> 0.4.1'
-end
-
 group :test do
-  gem 'capybara', '~> 2.18'
+  gem 'capybara', '~> 2.15'
   gem 'climate_control', '~> 0.2'
-  gem 'faker', '~> 1.8'
+  gem 'faker', '~> 1.7'
   gem 'microformats', '~> 4.0'
   gem 'rails-controller-testing', '~> 1.0'
   gem 'rspec-sidekiq', '~> 3.0'
-  gem 'simplecov', '~> 0.16', require: false
+  gem 'simplecov', '~> 0.14', require: false
-  gem 'webmock', '~> 3.3'
+  gem 'webmock', '~> 3.0'
-  gem 'parallel_tests', '~> 2.21'
+  gem 'parallel_tests', '~> 2.17'
 end
 
 group :development do
@@ -124,25 +103,21 @@ group :development do
   gem 'annotate', '~> 2.7'
   gem 'better_errors', '~> 2.4'
   gem 'binding_of_caller', '~> 0.7'
-  gem 'bullet', '~> 5.7'
+  gem 'bullet', '~> 5.5'
   gem 'letter_opener', '~> 1.4'
   gem 'letter_opener_web', '~> 1.3'
-  gem 'memory_profiler'
+  gem 'rubocop', require: false
-  gem 'rubocop', '~> 0.55', require: false
+  gem 'brakeman', '~> 4.0', require: false
-  gem 'brakeman', '~> 4.2', require: false
   gem 'bundler-audit', '~> 0.6', require: false
-  gem 'scss_lint', '~> 0.57', require: false
+  gem 'scss_lint', '~> 0.55', require: false
 
   gem 'capistrano', '~> 3.10'
   gem 'capistrano-rails', '~> 1.3'
   gem 'capistrano-rbenv', '~> 2.1'
   gem 'capistrano-yarn', '~> 2.0'
-
-  gem 'derailed_benchmarks'
-  gem 'stackprof'
 end
 
 group :production do
-  gem 'lograge', '~> 0.10'
+  gem 'lograge', '~> 0.7'
   gem 'redis-rails', '~> 5.0'
 end

Gemfile.lock

@@ -1,39 +1,25 @@
-GIT
-  remote: https://github.com/rtomayko/posix-spawn
-  revision: 58465d2e213991f8afb13b984854a49fcdcc980c
-  ref: 58465d2e213991f8afb13b984854a49fcdcc980c
-  specs:
-    posix-spawn (0.3.13)
-
-GIT
-  remote: https://github.com/tmm1/http_parser.rb
-  revision: 54b17ba8c7d8d20a16dfc65d1775241833219cf2
-  ref: 54b17ba8c7d8d20a16dfc65d1775241833219cf2
-  specs:
-    http_parser.rb (0.6.1)
-
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.2.0)
+    actioncable (5.1.4)
-      actionpack (= 5.2.0)
+      actionpack (= 5.1.4)
       nio4r (~> 2.0)
-      websocket-driver (>= 0.6.1)
+      websocket-driver (~> 0.6.1)
-    actionmailer (5.2.0)
+    actionmailer (5.1.4)
-      actionpack (= 5.2.0)
+      actionpack (= 5.1.4)
-      actionview (= 5.2.0)
+      actionview (= 5.1.4)
-      activejob (= 5.2.0)
+      activejob (= 5.1.4)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.2.0)
+    actionpack (5.1.4)
-      actionview (= 5.2.0)
+      actionview (= 5.1.4)
-      activesupport (= 5.2.0)
+      activesupport (= 5.1.4)
       rack (~> 2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.2.0)
+    actionview (5.1.4)
-      activesupport (= 5.2.0)
+      activesupport (= 5.1.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -44,71 +30,60 @@ GEM
       case_transform (>= 0.2)
       jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
     active_record_query_trace (1.5.4)
-    activejob (5.2.0)
+    activejob (5.1.4)
-      activesupport (= 5.2.0)
+      activesupport (= 5.1.4)
       globalid (>= 0.3.6)
-    activemodel (5.2.0)
+    activemodel (5.1.4)
-      activesupport (= 5.2.0)
+      activesupport (= 5.1.4)
-    activerecord (5.2.0)
+    activerecord (5.1.4)
-      activemodel (= 5.2.0)
+      activemodel (= 5.1.4)
-      activesupport (= 5.2.0)
+      activesupport (= 5.1.4)
-      arel (>= 9.0)
+      arel (~> 8.0)
-    activestorage (5.2.0)
+    activesupport (5.1.4)
-      actionpack (= 5.2.0)
-      activerecord (= 5.2.0)
-      marcel (~> 0.3.1)
-    activesupport (5.2.0)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
+      i18n (~> 0.7)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     addressable (2.5.2)
       public_suffix (>= 2.0.2, < 4.0)
     airbrussh (1.3.0)
       sshkit (>= 1.6.1, != 1.7.0)
-    annotate (2.7.3)
+    annotate (2.7.2)
       activerecord (>= 3.2, < 6.0)
       rake (>= 10.4, < 13.0)
-    arel (9.0.0)
+    arel (8.0.0)
-    ast (2.4.0)
+    ast (2.3.0)
-    attr_encrypted (3.1.0)
+    attr_encrypted (3.0.3)
       encryptor (~> 3.0.0)
     av (0.9.0)
       cocaine (~> 0.5.3)
-    aws-partitions (1.80.0)
+    aws-sdk (2.10.100)
-    aws-sdk-core (3.19.0)
+      aws-sdk-resources (= 2.10.100)
-      aws-partitions (~> 1.0)
+    aws-sdk-core (2.10.100)
       aws-sigv4 (~> 1.0)
       jmespath (~> 1.0)
-    aws-sdk-kms (1.5.0)
+    aws-sdk-resources (2.10.100)
-      aws-sdk-core (~> 3)
+      aws-sdk-core (= 2.10.100)
-      aws-sigv4 (~> 1.0)
-    aws-sdk-s3 (1.9.1)
-      aws-sdk-core (~> 3)
-      aws-sdk-kms (~> 1)
-      aws-sigv4 (~> 1.0)
     aws-sigv4 (1.0.2)
     bcrypt (3.1.11)
-    benchmark-ips (2.7.2)
     better_errors (2.4.0)
       coderay (>= 1.0.0)
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
     binding_of_caller (0.8.0)
       debug_inspector (>= 0.0.1)
-    bootsnap (1.3.0)
+    bootsnap (1.1.5)
       msgpack (~> 1.0)
-    brakeman (4.2.1)
+    brakeman (4.0.1)
-    browser (2.5.3)
+    browser (2.5.2)
     builder (3.2.3)
-    bullet (5.7.5)
+    bullet (5.6.1)
       activesupport (>= 3.0.0)
-      uniform_notifier (~> 1.11.0)
+      uniform_notifier (~> 1.10.0)
     bundler-audit (0.6.0)
       bundler (~> 1.2)
       thor (~> 0.18)
-    byebug (10.0.2)
+    capistrano (3.10.0)
-    capistrano (3.10.2)
       airbrussh (>= 1.0.0)
       i18n
       rake (>= 10.0.0)
@@ -124,21 +99,17 @@ GEM
       sshkit (~> 1.3)
     capistrano-yarn (2.0.2)
       capistrano (~> 3.0)
-    capybara (2.18.0)
+    capybara (2.16.1)
       addressable
       mini_mime (>= 0.1.3)
       nokogiri (>= 1.3.3)
       rack (>= 1.0.0)
       rack-test (>= 0.5.4)
-      xpath (>= 2.0, < 4.0)
+      xpath (~> 2.0)
     case_transform (0.2)
       activesupport
-    charlock_holmes (0.7.6)
+    charlock_holmes (0.7.5)
-    chewy (5.0.0)
+    chunky_png (1.3.8)
-      activesupport (>= 4.0)
-      elasticsearch (>= 2.0.0)
-      elasticsearch-dsl
-    chunky_png (1.3.10)
     cld3 (3.2.2)
       ffi (>= 1.1.0, < 1.10.0)
     climate_control (0.2.0)
@@ -150,69 +121,47 @@ GEM
     connection_pool (2.2.1)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
-    crass (1.0.4)
+    crass (1.0.3)
     css_parser (1.6.0)
       addressable
     debug_inspector (0.0.3)
-    derailed_benchmarks (1.3.4)
+    devise (4.4.0)
-      benchmark-ips (~> 2)
-      get_process_mem (~> 0)
-      heapy (~> 0)
-      memory_profiler (~> 0)
-      rack (>= 1)
-      rake (> 10, < 13)
-      thor (~> 0.19)
-    devise (4.4.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 6.0)
+      railties (>= 4.1.0, < 5.2)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (3.0.3)
+    devise-two-factor (3.0.2)
-      activesupport (< 5.3)
+      activesupport (< 5.2)
       attr_encrypted (>= 1.3, < 4, != 2)
       devise (~> 4.0)
-      railties (< 5.3)
+      railties (< 5.2)
       rotp (~> 2.0)
-    devise_pam_authenticatable2 (9.1.0)
-      devise (>= 4.0.0)
-      rpam2 (~> 4.0)
     diff-lcs (1.3)
-    docile (1.3.0)
+    docile (1.1.5)
-    domain_name (0.5.20180417)
+    domain_name (0.5.20170404)
       unf (>= 0.0.5, < 1.0.0)
     doorkeeper (4.2.6)
       railties (>= 4.2)
-    dotenv (2.2.2)
+    dotenv (2.2.1)
-    dotenv-rails (2.2.2)
+    dotenv-rails (2.2.1)
-      dotenv (= 2.2.2)
+      dotenv (= 2.2.1)
-      railties (>= 3.2, < 6.0)
+      railties (>= 3.2, < 5.2)
-    easy_translate (0.5.1)
+    easy_translate (0.5.0)
+      json
       thread
       thread_safe
-    elasticsearch (6.0.2)
-      elasticsearch-api (= 6.0.2)
-      elasticsearch-transport (= 6.0.2)
-    elasticsearch-api (6.0.2)
-      multi_json
-    elasticsearch-dsl (0.1.5)
-    elasticsearch-transport (6.0.2)
-      faraday
-      multi_json
     encryptor (3.0.0)
-    equatable (0.5.0)
+    erubi (1.7.0)
-    erubi (1.7.1)
+    et-orbi (1.0.8)
-    et-orbi (1.1.0)
       tzinfo
-    excon (0.62.0)
+    excon (0.59.0)
-    fabrication (2.20.1)
+    execjs (2.7.0)
-    faker (1.8.7)
+    fabrication (2.18.0)
-      i18n (>= 0.7)
+    faker (1.8.4)
-    faraday (0.15.0)
+      i18n (~> 0.5)
-      multipart-post (>= 1.2, < 3)
     fast_blank (1.0.0)
-    fastimage (2.1.1)
+    ffi (1.9.18)
-    ffi (1.9.23)
     fog-core (1.45.0)
       builder
       excon (~> 0.58)
@@ -220,17 +169,16 @@ GEM
     fog-json (1.0.2)
       fog-core (~> 1.0)
       multi_json (~> 1.10)
-    fog-local (0.5.0)
+    fog-local (0.4.0)
-      fog-core (>= 1.27, < 3.0)
+      fog-core (~> 1.27)
-    fog-openstack (0.1.25)
+    fog-openstack (0.1.22)
-      fog-core (~> 1.40)
+      fog-core (>= 1.40)
       fog-json (>= 1.0)
       ipaddress (>= 0.8)
     formatador (0.2.5)
-    fuubar (2.3.1)
+    fuubar (2.2.0)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
-    get_process_mem (0.2.1)
     globalid (0.4.1)
       activesupport (>= 4.2.0)
     goldfinger (2.1.0)
@@ -238,7 +186,7 @@ GEM
       http (~> 3.0)
       nokogiri (~> 1.8)
       oj (~> 3.0)
-    hamlit (2.8.8)
+    hamlit (2.8.5)
       temple (>= 0.8.0)
       thor
       tilt
@@ -250,47 +198,47 @@ GEM
     hamster (3.0.0)
       concurrent-ruby (~> 1.0)
     hashdiff (0.3.7)
-    hashie (3.5.7)
-    heapy (0.1.3)
     highline (1.7.10)
     hiredis (0.6.1)
-    hitimes (1.2.6)
     hkdf (0.3.0)
-    html2text (0.2.1)
-      nokogiri (~> 1.6)
     htmlentities (4.3.4)
-    http (3.2.0)
+    http (3.0.0)
       addressable (~> 2.3)
       http-cookie (~> 1.0)
-      http-form_data (~> 2.0)
+      http-form_data (>= 2.0.0.pre.pre2, < 3)
       http_parser.rb (~> 0.6.0)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    http-form_data (2.1.0)
+    http-form_data (2.0.0)
     http_accept_language (2.1.1)
-    httplog (1.0.2)
+    http_parser.rb (0.6.0)
-      colorize (~> 0.8)
+    httplog (0.99.7)
-      rack (>= 1.0)
+      colorize
-    i18n (1.0.1)
+      rack
+    i18n (0.9.1)
       concurrent-ruby (~> 1.0)
-    i18n-tasks (0.9.21)
+    i18n-tasks (0.9.19)
       activesupport (>= 4.0.2)
       ast (>= 2.1.0)
-      easy_translate (>= 0.5.1)
+      easy_translate (>= 0.5.0)
       erubi
       highline (>= 1.7.3)
       i18n
       parser (>= 2.2.3.0)
-      rainbow (>= 2.2.2, < 4.0)
+      rainbow (~> 2.2)
       terminal-table (>= 1.5.1)
     idn-ruby (0.1.0)
     ipaddress (0.8.3)
     iso-639 (0.2.8)
-    jmespath (1.4.0)
+    jmespath (1.3.1)
     json (2.1.0)
-    json-ld (2.2.1)
+    json-ld (2.1.7)
       multi_json (~> 1.12)
-      rdf (>= 2.2.8, < 4.0)
+      rdf (~> 2.2, >= 2.2.8)
+    json-ld-preloaded (2.2.2)
+      json-ld (~> 2.1, >= 2.1.5)
+      multi_json (~> 1.11)
+      rdf (~> 2.2)
     jsonapi-renderer (0.2.0)
     jwt (2.1.0)
     kaminari (1.1.1)
@@ -307,28 +255,25 @@ GEM
     kaminari-core (1.1.1)
     launchy (2.4.3)
       addressable (~> 2.3)
-    letter_opener (1.6.0)
+    letter_opener (1.4.1)
       launchy (~> 2.2)
-    letter_opener_web (1.3.4)
+    letter_opener_web (1.3.1)
       actionmailer (>= 3.2)
       letter_opener (~> 1.0)
       railties (>= 3.2)
     link_header (0.0.8)
-    lograge (0.10.0)
+    lograge (0.7.1)
-      actionpack (>= 4)
+      actionpack (>= 4, < 5.2)
-      activesupport (>= 4)
+      activesupport (>= 4, < 5.2)
-      railties (>= 4)
+      railties (>= 4, < 5.2)
       request_store (~> 1.0)
-    loofah (2.2.2)
+    loofah (2.1.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.0)
       mini_mime (>= 0.1.1)
-    marcel (0.3.2)
+    mario-redis-lock (1.2.0)
-      mimemagic (~> 0.3.2)
+      redis (~> 3, >= 3.0.5)
-    mario-redis-lock (1.2.1)
-      redis (>= 3.0.5)
-    memory_profiler (0.9.10)
     method_source (0.9.0)
     microformats (4.0.7)
       json
@@ -339,107 +284,87 @@ GEM
     mimemagic (0.3.2)
     mini_mime (1.0.0)
     mini_portile2 (2.3.0)
-    minitest (5.11.3)
+    minitest (5.10.3)
-    msgpack (1.2.4)
+    msgpack (1.1.0)
-    multi_json (1.13.1)
+    multi_json (1.12.2)
-    multipart-post (2.0.0)
-    necromancer (0.4.0)
-    net-ldap (0.16.1)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
     net-ssh (4.2.0)
-    nio4r (2.3.0)
+    nio4r (2.1.0)
-    nokogiri (1.8.2)
+    nokogiri (1.8.1)
       mini_portile2 (~> 2.3.0)
-    nokogumbo (1.5.0)
+    nokogumbo (1.4.13)
       nokogiri
     nsa (0.2.4)
       activesupport (>= 4.2, < 6)
       concurrent-ruby (~> 1.0.0)
       sidekiq (>= 3.5.0)
       statsd-ruby (~> 1.2.0)
-    oj (3.5.1)
+    oj (3.3.10)
-    omniauth (1.8.1)
-      hashie (>= 3.4.6, < 3.6.0)
-      rack (>= 1.6.2, < 3)
-    omniauth-cas (1.1.1)
-      addressable (~> 2.3)
-      nokogiri (~> 1.5)
-      omniauth (~> 1.2)
-    omniauth-saml (1.10.0)
-      omniauth (~> 1.3, >= 1.3.2)
-      ruby-saml (~> 1.7)
     orm_adapter (0.5.0)
     ostatus2 (2.0.3)
       addressable (~> 2.5)
       http (~> 3.0)
       nokogiri (~> 1.8)
-    ox (2.9.2)
+    ox (2.8.2)
-    paperclip (6.0.0)
+    paperclip (5.1.0)
       activemodel (>= 4.2.0)
       activesupport (>= 4.2.0)
+      cocaine (~> 0.5.5)
       mime-types
       mimemagic (~> 0.3.0)
-      terrapin (~> 0.6.0)
     paperclip-av-transcoder (0.6.4)
       av (~> 0.9.0)
       paperclip (>= 2.5.2)
-    parallel (1.12.1)
+    parallel (1.12.0)
-    parallel_tests (2.21.3)
+    parallel_tests (2.19.0)
       parallel
-    parser (2.5.1.0)
+    parser (2.4.0.2)
-      ast (~> 2.4.0)
+      ast (~> 2.3)
-    pastel (0.7.2)
+    pg (0.21.0)
-      equatable (~> 0.5.0)
+    pghero (1.7.0)
-      tty-color (~> 0.4.0)
-    pg (1.0.0)
-    pghero (2.1.0)
       activerecord
-    pkg-config (1.3.0)
+    pkg-config (1.2.8)
+    posix-spawn (0.3.13)
     powerpack (0.1.1)
     premailer (1.11.1)
       addressable
       css_parser (>= 1.6.0)
       htmlentities (>= 4.0.0)
-    premailer-rails (1.10.2)
+    premailer-rails (1.10.1)
       actionmailer (>= 3, < 6)
       premailer (~> 1.7, >= 1.7.9)
-    private_address_check (0.4.1)
     pry (0.11.3)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
-    pry-byebug (3.6.0)
-      byebug (~> 10.0)
-      pry (~> 0.10)
     pry-rails (0.3.6)
       pry (>= 0.10.4)
-    public_suffix (3.0.2)
+    public_suffix (3.0.1)
-    puma (3.11.4)
+    puma (3.11.0)
     pundit (1.1.0)
       activesupport (>= 3.0.0)
-    rack (2.0.4)
+    rack (2.0.3)
-    rack-attack (5.2.0)
+    rack-attack (5.0.1)
       rack
-    rack-cors (1.0.2)
+    rack-cors (0.4.1)
-    rack-protection (2.0.1)
+    rack-protection (2.0.0)
       rack
-    rack-proxy (0.6.4)
+    rack-proxy (0.6.2)
       rack
-    rack-test (1.0.0)
+    rack-test (0.8.2)
       rack (>= 1.0, < 3)
     rack-timeout (0.4.2)
-    rails (5.2.0)
+    rails (5.1.4)
-      actioncable (= 5.2.0)
+      actioncable (= 5.1.4)
-      actionmailer (= 5.2.0)
+      actionmailer (= 5.1.4)
-      actionpack (= 5.2.0)
+      actionpack (= 5.1.4)
-      actionview (= 5.2.0)
+      actionview (= 5.1.4)
-      activejob (= 5.2.0)
+      activejob (= 5.1.4)
-      activemodel (= 5.2.0)
+      activemodel (= 5.1.4)
-      activerecord (= 5.2.0)
+      activerecord (= 5.1.4)
-      activestorage (= 5.2.0)
+      activesupport (= 5.1.4)
-      activesupport (= 5.2.0)
       bundler (>= 1.3.0)
-      railties (= 5.2.0)
+      railties (= 5.1.4)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.2)
       actionpack (~> 5.x, >= 5.0.1)
@@ -448,30 +373,31 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.4)
+    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.2, >= 2.2.2)
+      loofah (~> 2.0)
-    rails-i18n (5.1.1)
+    rails-i18n (5.0.4)
-      i18n (>= 0.7, < 2)
+      i18n (~> 0.7)
-      railties (>= 5.0, < 6)
+      railties (~> 5.0)
     rails-settings-cached (0.6.6)
       rails (>= 4.2.0)
-    railties (5.2.0)
+    railties (5.1.4)
-      actionpack (= 5.2.0)
+      actionpack (= 5.1.4)
-      activesupport (= 5.2.0)
+      activesupport (= 5.1.4)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rainbow (3.0.0)
+    rainbow (2.2.2)
-    rake (12.3.1)
+      rake
-    rb-fsevent (0.10.3)
+    rake (12.3.0)
+    rb-fsevent (0.10.2)
     rb-inotify (0.9.10)
       ffi (>= 0.5.0, < 2)
-    rdf (3.0.2)
+    rdf (2.2.12)
       hamster (~> 3.0)
       link_header (~> 0.0, >= 0.0.8)
-    rdf-normalize (0.3.3)
+    rdf-normalize (0.3.2)
-      rdf (>= 2.2, < 4.0)
+      rdf (~> 2.0)
-    redis (4.0.1)
+    redis (3.3.5)
     redis-actionpack (5.0.2)
       actionpack (>= 4.0, < 6)
       redis-rack (>= 1, < 3)
@@ -481,25 +407,23 @@ GEM
       redis-store (>= 1.3, < 2)
     redis-namespace (1.6.0)
       redis (>= 3.0.4)
-    redis-rack (2.0.4)
+    redis-rack (2.0.3)
       rack (>= 1.5, < 3)
       redis-store (>= 1.2, < 2)
     redis-rails (5.0.2)
       redis-actionpack (>= 5.0, < 6)
       redis-activesupport (>= 5.0, < 6)
       redis-store (>= 1.2, < 2)
-    redis-store (1.5.0)
+    redis-store (1.4.1)
       redis (>= 2.2, < 5)
-    request_store (1.4.1)
+    request_store (1.3.2)
-      rack (>= 1.4)
     responders (2.4.0)
       actionpack (>= 4.2.0, < 5.3)
       railties (>= 4.2.0, < 5.3)
     rotp (2.1.2)
-    rpam2 (4.0.2)
     rqrcode (0.10.1)
       chunky_png (~> 1.0)
-    rspec-core (3.7.1)
+    rspec-core (3.7.0)
       rspec-support (~> 3.7.0)
     rspec-expectations (3.7.0)
       diff-lcs (>= 1.2.0, < 2.0)
@@ -518,41 +442,40 @@ GEM
     rspec-sidekiq (3.0.3)
       rspec-core (~> 3.0, >= 3.0.0)
       sidekiq (>= 2.4.0)
-    rspec-support (3.7.1)
+    rspec-support (3.7.0)
-    rubocop (0.55.0)
+    rubocop (0.51.0)
       parallel (~> 1.10)
-      parser (>= 2.5)
+      parser (>= 2.3.3.1, < 3.0)
       powerpack (~> 0.1)
-      rainbow (>= 2.2.2, < 4.0)
+      rainbow (>= 2.2.2, < 3.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (~> 1.0, >= 1.0.1)
+    ruby-oembed (0.12.0)
     ruby-progressbar (1.9.0)
-    ruby-saml (1.7.2)
-      nokogiri (>= 1.5.10)
     rufus-scheduler (3.4.2)
       et-orbi (~> 1.0)
     safe_yaml (1.0.4)
-    sanitize (4.6.4)
+    sanitize (4.5.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.4.4)
-      nokogumbo (~> 1.4)
+      nokogumbo (~> 1.4.1)
-    sass (3.5.6)
+    sass (3.5.3)
       sass-listen (~> 4.0.0)
     sass-listen (4.0.0)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
-    scss_lint (0.57.0)
+    scss_lint (0.56.0)
       rake (>= 0.9, < 13)
-      sass (~> 3.5.5)
+      sass (~> 3.5.3)
-    sidekiq (5.1.3)
+    sidekiq (5.0.5)
       concurrent-ruby (~> 1.0)
       connection_pool (~> 2.2, >= 2.2.0)
       rack-protection (>= 1.5.0)
-      redis (>= 3.3.5, < 5)
+      redis (>= 3.3.4, < 5)
     sidekiq-bulk (0.1.1)
       activesupport
       sidekiq
-    sidekiq-scheduler (2.2.1)
+    sidekiq-scheduler (2.1.10)
       redis (>= 3, < 5)
       rufus-scheduler (~> 3.2)
       sidekiq (>= 3)
@@ -562,11 +485,11 @@ GEM
       thor (~> 0)
     simple-navigation (4.0.5)
       activesupport (>= 2.3.2)
-    simple_form (4.0.0)
+    simple_form (3.5.0)
-      actionpack (> 4)
+      actionpack (> 4, < 5.2)
-      activemodel (> 4)
+      activemodel (> 4, < 5.2)
-    simplecov (0.16.1)
+    simplecov (0.15.1)
-      docile (~> 1.1)
+      docile (~> 1.1.0)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
@@ -577,72 +500,50 @@ GEM
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    sshkit (1.16.0)
+    sshkit (1.15.1)
       net-scp (>= 1.1.2)
       net-ssh (>= 2.8.0)
-    stackprof (0.2.11)
     statsd-ruby (1.2.1)
-    stoplight (2.1.3)
+    strong_migrations (0.1.9)
-    streamio-ffmpeg (3.0.2)
-      multi_json (~> 1.8)
-    strong_migrations (0.2.2)
       activerecord (>= 3.2.0)
     temple (0.8.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
-    terrapin (0.6.0)
-      climate_control (>= 0.0.3, < 1.0)
     thor (0.20.0)
     thread (0.2.2)
     thread_safe (0.3.6)
     tilt (2.0.8)
-    timers (4.1.2)
-      hitimes
-    tty-color (0.4.2)
-    tty-command (0.8.0)
-      pastel (~> 0.7.0)
-    tty-cursor (0.5.0)
-    tty-prompt (0.16.0)
-      necromancer (~> 0.4.0)
-      pastel (~> 0.7.0)
-      timers (~> 4.0)
-      tty-cursor (~> 0.5.0)
-      tty-reader (~> 0.2.0)
-    tty-reader (0.2.0)
-      tty-cursor (~> 0.5.0)
-      tty-screen (~> 0.6.4)
-      wisper (~> 2.0.0)
-    tty-screen (0.6.4)
     twitter-text (1.14.7)
       unf (~> 0.1.0)
-    tzinfo (1.2.5)
+    tzinfo (1.2.4)
       thread_safe (~> 0.1)
-    tzinfo-data (1.2018.4)
+    tzinfo-data (1.2017.3)
       tzinfo (>= 1.0.0)
+    uglifier (3.2.0)
+      execjs (>= 0.3.0, < 3)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.5)
+    unf_ext (0.0.7.4)
-    unicode-display_width (1.3.2)
+    unicode-display_width (1.3.0)
-    uniform_notifier (1.11.0)
+    uniform_notifier (1.10.0)
     warden (1.2.7)
       rack (>= 1.0)
-    webmock (3.3.0)
+    webmock (3.1.1)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff
-    webpacker (3.4.3)
+    webpacker (3.0.2)
       activesupport (>= 4.2)
       rack-proxy (>= 0.6.1)
       railties (>= 4.2)
     webpush (0.3.3)
       hkdf (~> 0.2)
       jwt (~> 2.0)
-    websocket-driver (0.7.0)
+    websocket-driver (0.6.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.3)
-    wisper (2.0.0)
+    xpath (2.1.0)
-    xpath (3.0.0)
+      nokogiri (~> 1.3)
-      nokogiri (~> 1.8)
 
 PLATFORMS
   ruby
@@ -652,117 +553,101 @@ DEPENDENCIES
   active_record_query_trace (~> 1.5)
   addressable (~> 2.5)
   annotate (~> 2.7)
-  aws-sdk-s3 (~> 1.9)
+  aws-sdk (~> 2.10)
   better_errors (~> 2.4)
   binding_of_caller (~> 0.7)
-  bootsnap (~> 1.3)
+  bootsnap
-  brakeman (~> 4.2)
+  brakeman (~> 4.0)
   browser
-  bullet (~> 5.7)
+  bullet (~> 5.5)
   bundler-audit (~> 0.6)
   capistrano (~> 3.10)
   capistrano-rails (~> 1.3)
   capistrano-rbenv (~> 2.1)
   capistrano-yarn (~> 2.0)
-  capybara (~> 2.18)
+  capybara (~> 2.15)
-  charlock_holmes (~> 0.7.6)
+  charlock_holmes (~> 0.7.5)
-  chewy (~> 5.0)
   cld3 (~> 3.2.0)
   climate_control (~> 0.2)
-  derailed_benchmarks
   devise (~> 4.4)
   devise-two-factor (~> 3.0)
-  devise_pam_authenticatable2 (~> 9.1)
+  doorkeeper (~> 4.2)
-  doorkeeper (~> 4.2, < 4.3)
+  dotenv-rails (~> 2.2)
-  dotenv-rails (~> 2.2, < 2.3)
+  fabrication (~> 2.18)
-  fabrication (~> 2.20)
+  faker (~> 1.7)
-  faker (~> 1.8)
   fast_blank (~> 1.0)
-  fastimage
   fog-core (~> 1.45)
-  fog-local (~> 0.5)
+  fog-local (~> 0.4)
   fog-openstack (~> 0.1)
   fuubar (~> 2.2)
   goldfinger (~> 2.1)
   hamlit-rails (~> 0.2)
   hiredis (~> 0.6)
-  html2text
   htmlentities (~> 4.3)
-  http (~> 3.2)
+  http (~> 3.0)
   http_accept_language (~> 2.1)
-  http_parser.rb (~> 0.6)!
+  httplog (~> 0.99)
-  httplog (~> 1.0)
   i18n-tasks (~> 0.9)
   idn-ruby
   iso-639
-  json-ld (~> 2.2)
+  json-ld-preloaded (~> 2.2.1)
   kaminari (~> 1.1)
   letter_opener (~> 1.4)
   letter_opener_web (~> 1.3)
   link_header (~> 0.0)
-  lograge (~> 0.10)
+  lograge (~> 0.7)
   mario-redis-lock (~> 1.2)
-  memory_profiler
   microformats (~> 4.0)
   mime-types (~> 3.1)
-  net-ldap (~> 0.10)
   nokogiri (~> 1.8)
   nsa (~> 0.2)
-  oj (~> 3.5)
+  oj (~> 3.3)
-  omniauth (~> 1.2)
-  omniauth-cas (~> 1.1)
-  omniauth-saml (~> 1.10)
   ostatus2 (~> 2.0)
-  ox (~> 2.9)
+  ox (~> 2.8)
-  paperclip (~> 6.0)
+  paperclip (~> 5.1)
   paperclip-av-transcoder (~> 0.6)
-  parallel_tests (~> 2.21)
+  parallel_tests (~> 2.17)
-  pg (~> 1.0)
+  pg (~> 0.20)
-  pghero (~> 2.1)
+  pghero (~> 1.7)
-  pkg-config (~> 1.3)
+  pkg-config (~> 1.2)
-  posix-spawn!
+  posix-spawn
   premailer-rails
-  private_address_check (~> 0.4.1)
-  pry-byebug (~> 3.6)
   pry-rails (~> 0.3)
-  puma (~> 3.11)
+  puma (~> 3.10)
   pundit (~> 1.1)
-  rack-attack (~> 5.2)
+  rack-attack (~> 5.0)
-  rack-cors (~> 1.0)
+  rack-cors (~> 0.4)
   rack-timeout (~> 0.4)
-  rails (~> 5.2.0)
+  rails (~> 5.1.4)
   rails-controller-testing (~> 1.0)
-  rails-i18n (~> 5.1)
+  rails-i18n (~> 5.0)
   rails-settings-cached (~> 0.6)
-  rdf-normalize (~> 0.3)
+  rdf-normalize (~> 0.3.1)
-  redis (~> 4.0)
+  redis (~> 3.3)
   redis-namespace (~> 1.5)
   redis-rails (~> 5.0)
   rqrcode (~> 0.10)
   rspec-rails (~> 3.7)
   rspec-sidekiq (~> 3.0)
-  rubocop (~> 0.55)
+  rubocop
+  ruby-oembed (~> 0.12)
   ruby-progressbar (~> 1.4)
-  sanitize (~> 4.6)
+  sanitize (~> 4.4)
-  scss_lint (~> 0.57)
+  scss_lint (~> 0.55)
-  sidekiq (~> 5.1)
+  sidekiq (~> 5.0)
   sidekiq-bulk (~> 0.1.1)
-  sidekiq-scheduler (~> 2.2)
+  sidekiq-scheduler (~> 2.1)
   sidekiq-unique-jobs (~> 5.0)
   simple-navigation (~> 4.0)
-  simple_form (~> 4.0)
+  simple_form (~> 3.4)
-  simplecov (~> 0.16)
+  simplecov (~> 0.14)
   sprockets-rails (~> 3.2)
-  stackprof
+  strong_migrations
-  stoplight (~> 2.1.3)
-  streamio-ffmpeg (~> 3.0)
-  strong_migrations (~> 0.2)
-  tty-command (~> 0.8)
-  tty-prompt (~> 0.16)
   twitter-text (~> 1.14)
-  tzinfo-data (~> 1.2018)
+  tzinfo-data (~> 1.2017)
-  webmock (~> 3.3)
+  uglifier (~> 3.2)
-  webpacker (~> 3.4)
+  webmock (~> 3.0)
+  webpacker (~> 3.0)
   webpush
 
 RUBY VERSION

Procfile.dev

@@ -1,4 +1,4 @@
-web: env PORT=3000 bundle exec puma -C config/puma.rb
+web: PORT=3000 bundle exec puma -C config/puma.rb
-sidekiq: env PORT=3000 bundle exec sidekiq
+sidekiq: PORT=3000 bundle exec sidekiq
-stream: env PORT=4000 yarn run start
+stream: PORT=4000 yarn run start
 webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0

Vagrantfile

@@ -39,7 +39,6 @@ sudo apt-get install \
   libidn11-dev \
   libprotobuf-dev \
   libreadline-dev \
-  libpam0g-dev \
   -y
 
 # Install rvm
@@ -49,7 +48,7 @@ curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-instal
 source /home/vagrant/.rvm/scripts/rvm
 
 # Install Ruby
-rvm reinstall ruby-$RUBY_VERSION --disable-binary
+rvm install ruby-$RUBY_VERSION
 
 # Configure database
 sudo -u postgres createuser -U postgres vagrant -s

app/chewy/statuses_index.rb

@@ -1,61 +0,0 @@
-# frozen_string_literal: true
-
-class StatusesIndex < Chewy::Index
-  settings index: { refresh_interval: '15m' }, analysis: {
-    filter: {
-      english_stop: {
-        type: 'stop',
-        stopwords: '_english_',
-      },
-      english_stemmer: {
-        type: 'stemmer',
-        language: 'english',
-      },
-      english_possessive_stemmer: {
-        type: 'stemmer',
-        language: 'possessive_english',
-      },
-    },
-    analyzer: {
-      content: {
-        tokenizer: 'uax_url_email',
-        filter: %w(
-          english_possessive_stemmer
-          lowercase
-          asciifolding
-          cjk_width
-          english_stop
-          english_stemmer
-        ),
-      },
-    },
-  }
-
-  define_type ::Status.without_reblogs do
-    crutch :mentions do |collection|
-      data = ::Mention.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
-      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
-    end
-
-    crutch :favourites do |collection|
-      data = ::Favourite.where(status_id: collection.map(&:id)).pluck(:status_id, :account_id)
-      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
-    end
-
-    crutch :reblogs do |collection|
-      data = ::Status.where(reblog_of_id: collection.map(&:id)).pluck(:reblog_of_id, :account_id)
-      data.each.with_object({}) { |(id, name), result| (result[id] ||= []).push(name) }
-    end
-
-    root date_detection: false do
-      field :account_id, type: 'long'
-
-      field :text, type: 'text', value: ->(status) { [status.spoiler_text, Formatter.instance.plaintext(status)].join("\n\n") } do
-        field :stemmed, type: 'text', analyzer: 'content'
-      end
-
-      field :searchable_by, type: 'long', value: ->(status, crutches) { status.searchable_by(crutches) }
-      field :created_at, type: 'date'
-    end
-  end
-end

app/controllers/about_controller.rb

@@ -36,7 +36,7 @@ class AboutController < ApplicationController
 
   def initial_state_params
     {
-      settings: { known_fediverse: Setting.show_known_fediverse_at_about_page },
+      settings: {},
       token: current_session&.token,
     }
   end

app/controllers/accounts_controller.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 class AccountsController < ApplicationController
-  PAGE_SIZE = 20
-
   include AccountControllerConcern
 
   before_action :set_cache_headers
@@ -19,25 +17,16 @@ class AccountsController < ApplicationController
         end
 
         @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses?
-        @statuses        = filtered_status_page(params)
+        @statuses        = filtered_statuses.paginate_by_max_id(20, params[:max_id], params[:since_id])
         @statuses        = cache_collection(@statuses, Status)
-
+        @next_url        = next_url unless @statuses.empty?
-        unless @statuses.empty?
-          @older_url = older_url if @statuses.last.id > filtered_statuses.last.id
-          @newer_url = newer_url if @statuses.first.id < filtered_statuses.first.id
-        end
       end
 
       format.atom do
-        @entries = @account.stream_entries.where(hidden: false).with_includes.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id])
+        @entries = @account.stream_entries.where(hidden: false).with_includes.paginate_by_max_id(20, params[:max_id], params[:since_id])
         render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, @entries.reject { |entry| entry.status.nil? }))
       end
 
-      format.rss do
-        @statuses = cache_collection(default_statuses.without_reblogs.without_replies.limit(PAGE_SIZE), Status)
-        render xml: RSS::AccountSerializer.render(@account, @statuses)
-      end
-
       format.json do
         skip_session!
 
@@ -81,22 +70,13 @@ class AccountsController < ApplicationController
     @account = Account.find_local!(params[:username])
   end
 
-  def older_url
+  def next_url
-    ::Rails.logger.info("older: max_id #{@statuses.last.id}, url #{pagination_url(max_id: @statuses.last.id)}")
-    pagination_url(max_id: @statuses.last.id)
-  end
-
-  def newer_url
-    pagination_url(min_id: @statuses.first.id)
-  end
-
-  def pagination_url(max_id: nil, min_id: nil)
     if media_requested?
-      short_account_media_url(@account, max_id: max_id, min_id: min_id)
+      short_account_media_url(@account, max_id: @statuses.last.id)
     elsif replies_requested?
-      short_account_with_replies_url(@account, max_id: max_id, min_id: min_id)
+      short_account_with_replies_url(@account, max_id: @statuses.last.id)
     else
-      short_account_url(@account, max_id: max_id, min_id: min_id)
+      short_account_url(@account, max_id: @statuses.last.id)
     end
   end
 
@@ -107,12 +87,4 @@ class AccountsController < ApplicationController
   def replies_requested?
     request.path.ends_with?('/with_replies')
   end
-
-  def filtered_status_page(params)
-    if params[:min_id].present?
-      filtered_statuses.paginate_by_min_id(PAGE_SIZE, params[:min_id]).reverse
-    else
-      filtered_statuses.paginate_by_max_id(PAGE_SIZE, params[:max_id], params[:since_id]).to_a
-    end
-  end
 end

app/controllers/activitypub/collections_controller.rb

@@ -1,57 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::CollectionsController < Api::BaseController
-  include SignatureVerification
-
-  before_action :set_account
-  before_action :set_size
-  before_action :set_statuses
-
-  def show
-    render json: collection_presenter,
-           serializer: ActivityPub::CollectionSerializer,
-           adapter: ActivityPub::Adapter,
-           content_type: 'application/activity+json',
-           skip_activities: true
-  end
-
-  private
-
-  def set_account
-    @account = Account.find_local!(params[:account_username])
-  end
-
-  def set_statuses
-    @statuses = scope_for_collection
-    @statuses = cache_collection(@statuses, Status)
-  end
-
-  def set_size
-    case params[:id]
-    when 'featured'
-      @account.pinned_statuses.count
-    else
-      raise ActiveRecord::NotFound
-    end
-  end
-
-  def scope_for_collection
-    case params[:id]
-    when 'featured'
-      @account.statuses.permitted_for(@account, signed_request_account).tap do |scope|
-        scope.merge!(@account.pinned_statuses)
-      end
-    else
-      raise ActiveRecord::NotFound
-    end
-  end
-
-  def collection_presenter
-    ActivityPub::CollectionPresenter.new(
-      id: account_collection_url(@account, params[:id]),
-      type: :ordered,
-      size: @size,
-      items: @statuses
-    )
-  end
-end

app/controllers/activitypub/inboxes_controller.rb

@@ -11,7 +11,7 @@ class ActivityPub::InboxesController < Api::BaseController
       process_payload
       head 202
     else
-      render plain: signature_verification_failure_reason, status: 401
+      [signature_verification_failure_reason, 401]
     end
   end
 

app/controllers/activitypub/outboxes_controller.rb

@@ -1,15 +1,13 @@
 # frozen_string_literal: true
 
 class ActivityPub::OutboxesController < Api::BaseController
-  LIMIT = 20
-
-  include SignatureVerification
-
   before_action :set_account
-  before_action :set_statuses
 
   def show
-    render json: outbox_presenter, serializer: ActivityPub::OutboxSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
+    @statuses = @account.statuses.permitted_for(@account, current_account).paginate_by_max_id(20, params[:max_id], params[:since_id])
+    @statuses = cache_collection(@statuses, Status)
+
+    render json: outbox_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
   end
 
   private
@@ -19,47 +17,11 @@ class ActivityPub::OutboxesController < Api::BaseController
   end
 
   def outbox_presenter
-    if page_requested?
+    ActivityPub::CollectionPresenter.new(
-      ActivityPub::CollectionPresenter.new(
+      id: account_outbox_url(@account),
-        id: account_outbox_url(@account, page_params),
+      type: :ordered,
-        type: :ordered,
+      size: @account.statuses_count,
-        part_of: account_outbox_url(@account),
+      items: @statuses
-        prev: prev_page,
+    )
-        next: next_page,
-        items: @statuses
-      )
-    else
-      ActivityPub::CollectionPresenter.new(
-        id: account_outbox_url(@account),
-        type: :ordered,
-        size: @account.statuses_count,
-        first: account_outbox_url(@account, page: true),
-        last: account_outbox_url(@account, page: true, min_id: 0)
-      )
-    end
-  end
-
-  def next_page
-    account_outbox_url(@account, page: true, max_id: @statuses.last.id) if @statuses.size == LIMIT
-  end
-
-  def prev_page
-    account_outbox_url(@account, page: true, min_id: @statuses.first.id) unless @statuses.empty?
-  end
-
-  def set_statuses
-    return unless page_requested?
-
-    @statuses = @account.statuses.permitted_for(@account, signed_request_account)
-    @statuses = params[:min_id].present? ? @statuses.paginate_by_min_id(LIMIT, params[:min_id]).reverse : @statuses.paginate_by_max_id(LIMIT, params[:max_id])
-    @statuses = cache_collection(@statuses, Status)
-  end
-
-  def page_requested?
-    params[:page] == 'true'
-  end
-
-  def page_params
-    { page: true, max_id: params[:max_id], min_id: params[:min_id] }.compact
   end
 end

app/controllers/admin/accounts_controller.rb

@@ -2,7 +2,7 @@
 
 module Admin
   class AccountsController < BaseController
-    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :remove_avatar, :enable, :disable, :memorialize]
+    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :enable, :disable, :memorialize]
     before_action :require_remote_account!, only: [:subscribe, :unsubscribe, :redownload]
     before_action :require_local_account!, only: [:enable, :disable, :memorialize]
 
@@ -60,17 +60,6 @@ module Admin
       redirect_to admin_account_path(@account.id)
     end
 
-    def remove_avatar
-      authorize @account, :remove_avatar?
-
-      @account.avatar = nil
-      @account.save!
-
-      log_action :remove_avatar, @account.user
-
-      redirect_to admin_account_path(@account.id)
-    end
-
     private
 
     def set_account

app/controllers/admin/base_controller.rb

@@ -12,7 +12,6 @@ module Admin
 
     def set_pack
       use_pack 'admin'
-      use_pack 'public'
     end
   end
 end

app/controllers/admin/change_emails_controller.rb

@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class ChangeEmailsController < BaseController
-    before_action :set_account
-    before_action :require_local_account!
-
-    def show
-      authorize @user, :change_email?
-    end
-
-    def update
-      authorize @user, :change_email?
-
-      new_email = resource_params.fetch(:unconfirmed_email)
-
-      if new_email != @user.email
-        @user.update!(
-          unconfirmed_email: new_email,
-          # Regenerate the confirmation token:
-          confirmation_token: nil
-        )
-
-        log_action :change_email, @user
-
-        @user.send_confirmation_instructions
-      end
-
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.change_email.changed_msg')
-    end
-
-    private
-
-    def set_account
-      @account = Account.find(params[:account_id])
-      @user = @account.user
-    end
-
-    def require_local_account!
-      redirect_to admin_account_path(@account.id) unless @account.local? && @account.user.present?
-    end
-
-    def resource_params
-      params.require(:user).permit(
-        :unconfirmed_email
-      )
-    end
-  end
-end

app/controllers/admin/confirmations_controller.rb

@@ -3,7 +3,6 @@
 module Admin
   class ConfirmationsController < BaseController
     before_action :set_user
-    before_action :check_confirmation, only: [:resend]
 
     def create
       authorize @user, :confirm?
@@ -12,28 +11,10 @@ module Admin
       redirect_to admin_accounts_path
     end
 
-    def resend
-      authorize @user, :confirm?
-
-      @user.resend_confirmation_instructions
-
-      log_action :confirm, @user
-
-      flash[:notice] = I18n.t('admin.accounts.resend_confirmation.success')
-      redirect_to admin_accounts_path
-    end
-
     private
 
     def set_user
       @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
     end
-
-    def check_confirmation
-      if @user.confirmed?
-        flash[:error] = I18n.t('admin.accounts.resend_confirmation.already_confirmed')
-        redirect_to admin_accounts_path
-      end
-    end
   end
 end

app/controllers/admin/report_notes_controller.rb

@@ -1,56 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class ReportNotesController < BaseController
-    before_action :set_report_note, only: [:destroy]
-
-    def create
-      authorize ReportNote, :create?
-
-      @report_note = current_account.report_notes.new(resource_params)
-      @report = @report_note.report
-
-      if @report_note.save
-        if params[:create_and_resolve]
-          @report.resolve!(current_account)
-          log_action :resolve, @report
-
-          redirect_to admin_reports_path, notice: I18n.t('admin.reports.resolved_msg')
-          return
-        end
-
-        if params[:create_and_unresolve]
-          @report.unresolve!
-          log_action :reopen, @report
-        end
-
-        redirect_to admin_report_path(@report), notice: I18n.t('admin.report_notes.created_msg')
-      else
-        @report_notes = @report.notes.latest
-        @report_history = @report.history
-        @form = Form::StatusBatch.new
-
-        render template: 'admin/reports/show'
-      end
-    end
-
-    def destroy
-      authorize @report_note, :destroy?
-      @report_note.destroy!
-      redirect_to admin_report_path(@report_note.report_id), notice: I18n.t('admin.report_notes.destroyed_msg')
-    end
-
-    private
-
-    def resource_params
-      params.require(:report_note).permit(
-        :content,
-        :report_id
-      )
-    end
-
-    def set_report_note
-      @report_note = ReportNote.find(params[:id])
-    end
-  end
-end

app/controllers/admin/reported_statuses_controller.rb

@@ -3,16 +3,31 @@
 module Admin
   class ReportedStatusesController < BaseController
     before_action :set_report
+    before_action :set_status, only: [:update, :destroy]
 
     def create
       authorize :status, :update?
 
-      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account, action: action_from_button))
+      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account))
       flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save
 
       redirect_to admin_report_path(@report)
     end
 
+    def update
+      authorize @status, :update?
+      @status.update!(status_params)
+      log_action :update, @status
+      redirect_to admin_report_path(@report)
+    end
+
+    def destroy
+      authorize @status, :destroy?
+      RemovalWorker.perform_async(@status.id)
+      log_action :destroy, @status
+      render json: @status
+    end
+
     private
 
     def status_params
@@ -20,21 +35,15 @@ module Admin
     end
 
     def form_status_batch_params
-      params.require(:form_status_batch).permit(status_ids: [])
+      params.require(:form_status_batch).permit(:action, status_ids: [])
-    end
-
-    def action_from_button
-      if params[:nsfw_on]
-        'nsfw_on'
-      elsif params[:nsfw_off]
-        'nsfw_off'
-      elsif params[:delete]
-        'delete'
-      end
     end
 
     def set_report
       @report = Report.find(params[:report_id])
     end
+
+    def set_status
+      @status = @report.statuses.find(params[:id])
+    end
   end
 end

app/controllers/admin/reports_controller.rb

@@ -11,61 +11,45 @@ module Admin
 
     def show
       authorize @report, :show?
-
+      @form = Form::StatusBatch.new
-      @report_note  = @report.notes.new
-      @report_notes = (@report.notes.latest + @report.history).sort_by(&:created_at)
-      @form         = Form::StatusBatch.new
     end
 
     def update
       authorize @report, :update?
       process_report
-
+      redirect_to admin_report_path(@report)
-      if @report.action_taken?
-        redirect_to admin_reports_path, notice: I18n.t('admin.reports.resolved_msg')
-      else
-        redirect_to admin_report_path(@report)
-      end
     end
 
     private
 
     def process_report
       case params[:outcome].to_s
-      when 'assign_to_self'
-        @report.update!(assigned_account_id: current_account.id)
-        log_action :assigned_to_self, @report
-      when 'unassign'
-        @report.update!(assigned_account_id: nil)
-        log_action :unassigned, @report
-      when 'reopen'
-        @report.unresolve!
-        log_action :reopen, @report
       when 'resolve'
-        @report.resolve!(current_account)
+        @report.update!(action_taken_by_current_attributes)
         log_action :resolve, @report
       when 'suspend'
         Admin::SuspensionWorker.perform_async(@report.target_account.id)
-
         log_action :resolve, @report
         log_action :suspend, @report.target_account
-
         resolve_all_target_account_reports
       when 'silence'
         @report.target_account.update!(silenced: true)
-
         log_action :resolve, @report
         log_action :silence, @report.target_account
-
         resolve_all_target_account_reports
       else
         raise ActiveRecord::RecordNotFound
       end
-      @report.reload
+    end
+
+    def action_taken_by_current_attributes
+      { action_taken: true, action_taken_by_account_id: current_account.id }
     end
 
     def resolve_all_target_account_reports
-      unresolved_reports_for_target_account.update_all(action_taken: true, action_taken_by_account_id: current_account.id)
+      unresolved_reports_for_target_account.update_all(
+        action_taken_by_current_attributes
+      )
     end
 
     def unresolved_reports_for_target_account

app/controllers/admin/settings_controller.rb

@@ -16,11 +16,9 @@ module Admin
       show_staff_badge
       bootstrap_timeline_accounts
       thumbnail
-      hero
       min_invite_role
       activity_api_enabled
       peers_api_enabled
-      show_known_fediverse_at_about_page
     ).freeze
 
     BOOLEAN_SETTINGS = %w(
@@ -30,12 +28,10 @@ module Admin
       show_staff_badge
       activity_api_enabled
       peers_api_enabled
-      show_known_fediverse_at_about_page
     ).freeze
 
     UPLOAD_SETTINGS = %w(
       thumbnail
-      hero
     ).freeze
 
     def edit

app/controllers/admin/statuses_controller.rb

@@ -5,13 +5,14 @@ module Admin
     helper_method :current_params
 
     before_action :set_account
+    before_action :set_status, only: [:update, :destroy]
 
     PER_PAGE = 20
 
     def index
       authorize :status, :index?
 
-      @statuses = @account.statuses.where(visibility: [:public, :unlisted])
+      @statuses = @account.statuses
 
       if params[:media]
         account_media_status_ids = @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
@@ -25,18 +26,40 @@ module Admin
     def create
       authorize :status, :update?
 
-      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account, action: action_from_button))
+      @form         = Form::StatusBatch.new(form_status_batch_params.merge(current_account: current_account))
       flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save
 
       redirect_to admin_account_statuses_path(@account.id, current_params)
     end
 
+    def update
+      authorize @status, :update?
+      @status.update!(status_params)
+      log_action :update, @status
+      redirect_to admin_account_statuses_path(@account.id, current_params)
+    end
+
+    def destroy
+      authorize @status, :destroy?
+      RemovalWorker.perform_async(@status.id)
+      log_action :destroy, @status
+      render json: @status
+    end
+
     private
 
+    def status_params
+      params.require(:status).permit(:sensitive)
+    end
+
     def form_status_batch_params
       params.require(:form_status_batch).permit(:action, status_ids: [])
     end
 
+    def set_status
+      @status = @account.statuses.find(params[:id])
+    end
+
     def set_account
       @account = Account.find(params[:account_id])
     end
@@ -49,15 +72,5 @@ module Admin
         page: page > 1 && page,
       }.select { |_, value| value.present? }
     end
-
-    def action_from_button
-      if params[:nsfw_on]
-        'nsfw_on'
-      elsif params[:nsfw_off]
-        'nsfw_off'
-      elsif params[:delete]
-        'delete'
-      end
-    end
   end
 end

app/controllers/api/base_controller.rb

@@ -51,10 +51,6 @@ class Api::BaseController < ApplicationController
     [params[:limit].to_i.abs, default_limit * 2].min
   end
 
-  def truthy_param?(key)
-    ActiveModel::Type::Boolean.new.cast(params[key])
-  end
-
   def current_resource_owner
     @current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
   end
@@ -66,10 +62,8 @@ class Api::BaseController < ApplicationController
   end
 
   def require_user!
-    if current_user && !current_user.disabled?
+    if current_user
       set_user_activity
-    elsif current_user
-      render json: { error: 'Your login is currently disabled' }, status: 403
     else
       render json: { error: 'This method requires an authenticated user' }, status: 422
     end

app/controllers/api/salmon_controller.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 class Api::SalmonController < Api::BaseController
-  include SignatureVerification
-
   before_action :set_account
   respond_to :txt
 
@@ -11,7 +9,7 @@ class Api::SalmonController < Api::BaseController
       process_salmon
       head 202
     elsif payload.present?
-      render plain: signature_verification_failure_reason, status: 401
+      [signature_verification_failure_reason, 401]
     else
       head 400
     end

app/controllers/api/v1/accounts/credentials_controller.rb

@@ -13,7 +13,6 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   def update
     @account = current_account
     UpdateAccountService.new.call(@account, account_params, raise_error: true)
-    UserSettingsDecorator.new(current_user).update(user_settings_params) if user_settings_params
     ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
     render json: @account, serializer: REST::CredentialAccountSerializer
   end
@@ -21,17 +20,6 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   private
 
   def account_params
-    params.permit(:display_name, :note, :avatar, :header, :locked, :bot, fields_attributes: [:name, :value])
+    params.permit(:display_name, :note, :avatar, :header)
-  end
-
-  def user_settings_params
-    return nil unless params.key?(:source)
-
-    source_params = params.require(:source)
-
-    {
-      'setting_default_privacy' => source_params.fetch(:privacy, @account.user.setting_default_privacy),
-      'setting_default_sensitive' => source_params.fetch(:sensitive, @account.user.setting_default_sensitive),
-    }
   end
 end

app/controllers/api/v1/accounts/follower_accounts_controller.rb

@@ -19,8 +19,6 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
   end
 
   def load_accounts
-    return [] if @account.user_hides_network? && current_account.id != @account.id
-
     default_accounts.merge(paginated_follows).to_a
   end
 
@@ -65,6 +63,6 @@ class Api::V1::Accounts::FollowerAccountsController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/accounts/following_accounts_controller.rb

@@ -19,8 +19,6 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
   end
 
   def load_accounts
-    return [] if @account.user_hides_network? && current_account.id != @account.id
-
     default_accounts.merge(paginated_follows).to_a
   end
 
@@ -65,6 +63,6 @@ class Api::V1::Accounts::FollowingAccountsController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/accounts/relationships_controller.rb

@@ -10,7 +10,7 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
     accounts = Account.where(id: account_ids).select('id')
     # .where doesn't guarantee that our results are in the same order
     # we requested them, so return the "right" order to the requestor.
-    @accounts = accounts.index_by(&:id).values_at(*account_ids).compact
+    @accounts = accounts.index_by(&:id).values_at(*account_ids)
     render json: @accounts, each_serializer: REST::RelationshipSerializer, relationships: relationships
   end
 
@@ -21,6 +21,6 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
   end
 
   def account_ids
-    Array(params[:id]).map(&:to_i)
+    @_account_ids ||= Array(params[:id]).map(&:to_i)
   end
 end

app/controllers/api/v1/accounts/search_controller.rb

@@ -22,4 +22,8 @@ class Api::V1::Accounts::SearchController < Api::BaseController
       following: truthy_param?(:following)
     )
   end
+
+  def truthy_param?(key)
+    params[key] == 'true'
+  end
 end

app/controllers/api/v1/accounts/statuses_controller.rb

@@ -27,17 +27,19 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
   end
 
   def account_statuses
-    statuses = truthy_param?(:pinned) ? pinned_scope : permitted_account_statuses
+    default_statuses.tap do |statuses|
-    statuses = statuses.paginate_by_max_id(
+      statuses.merge!(only_media_scope) if params[:only_media]
+      statuses.merge!(pinned_scope) if params[:pinned]
+      statuses.merge!(no_replies_scope) if params[:exclude_replies]
+    end
+  end
+
+  def default_statuses
+    permitted_account_statuses.paginate_by_max_id(
       limit_param(DEFAULT_STATUSES_LIMIT),
       params[:max_id],
       params[:since_id]
     )
-
-    statuses.merge!(only_media_scope) if truthy_param?(:only_media)
-    statuses.merge!(no_replies_scope) if truthy_param?(:exclude_replies)
-
-    statuses
   end
 
   def permitted_account_statuses
@@ -49,13 +51,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
   end
 
   def account_media_status_ids
-    # `SELECT DISTINCT id, updated_at` is too slow, so pluck ids at first, and then select id, updated_at with ids.
+    @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
-    # Also, Avoid getting slow by not narrowing down by `statuses.account_id`.
-    # When narrowing down by `statuses.account_id`, `index_statuses_20180106` will be used
-    # and the table will be joined by `Merge Semi Join`, so the query will be slow.
-    Status.joins(:media_attachments).merge(@account.media_attachments).permitted_for(@account, current_account)
-          .paginate_by_max_id(limit_param(DEFAULT_STATUSES_LIMIT), params[:max_id], params[:since_id])
-          .reorder(id: :desc).distinct(:id).pluck(:id)
   end
 
   def pinned_scope
@@ -67,7 +63,7 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit, :only_media, :exclude_replies).permit(:limit, :only_media, :exclude_replies).merge(core_params)
+    params.permit(:limit, :only_media, :exclude_replies).merge(core_params)
   end
 
   def insert_pagination_headers

app/controllers/api/v1/accounts_controller.rb

@@ -5,7 +5,6 @@ class Api::V1::AccountsController < Api::BaseController
   before_action -> { doorkeeper_authorize! :follow }, only: [:follow, :unfollow, :block, :unblock, :mute, :unmute]
   before_action :require_user!, except: [:show]
   before_action :set_account
-  before_action :check_account_suspension, only: [:show]
 
   respond_to :json
 
@@ -14,20 +13,20 @@ class Api::V1::AccountsController < Api::BaseController
   end
 
   def follow
-    FollowService.new.call(current_user.account, @account.acct, reblogs: truthy_param?(:reblogs))
+    FollowService.new.call(current_user.account, @account.acct, reblogs: params[:reblogs])
 
-    options = @account.locked? ? {} : { following_map: { @account.id => { reblogs: truthy_param?(:reblogs) } }, requested_map: { @account.id => false } }
+    options = @account.locked? ? {} : { following_map: { @account.id => { reblogs: params[:reblogs] } }, requested_map: { @account.id => false } }
 
     render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships(options)
   end
 
   def block
-    BlockService.new.call(current_user.account, @account)
+    BlockService.new.call(current_user.account, @account, note: params[:note])
     render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
   end
 
   def mute
-    MuteService.new.call(current_user.account, @account, notifications: truthy_param?(:notifications))
+    MuteService.new.call(current_user.account, @account, notifications: params[:notifications], note: params[:note])
     render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
   end
 
@@ -55,8 +54,4 @@ class Api::V1::AccountsController < Api::BaseController
   def relationships(**options)
     AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
   end
-
-  def check_account_suspension
-    gone if @account.suspended?
-  end
 end

app/controllers/api/v1/blocks_controller.rb

@@ -57,6 +57,6 @@ class Api::V1::BlocksController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/bookmarks_controller.rb

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::BookmarksController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read }
-  before_action :require_user!
-  after_action :insert_pagination_headers
-
-  respond_to :json
-
-  def index
-    @statuses = load_statuses
-    render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
-  end
-
-  private
-
-  def load_statuses
-    cached_bookmarks
-  end
-
-  def cached_bookmarks
-    cache_collection(
-      Status.reorder(nil).joins(:bookmarks).merge(results),
-      Status
-    )
-  end
-
-  def results
-    @_results ||= account_bookmarks.paginate_by_max_id(
-      limit_param(DEFAULT_STATUSES_LIMIT),
-      params[:max_id],
-      params[:since_id]
-    )
-  end
-
-  def account_bookmarks
-    current_account.bookmarks
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def next_path
-    if records_continue?
-      api_v1_bookmarks_url pagination_params(max_id: pagination_max_id)
-    end
-  end
-
-  def prev_path
-    unless results.empty?
-      api_v1_bookmarks_url pagination_params(since_id: pagination_since_id)
-    end
-  end
-
-  def pagination_max_id
-    results.last.id
-  end
-
-  def pagination_since_id
-    results.first.id
-  end
-
-  def records_continue?
-    results.size == limit_param(DEFAULT_STATUSES_LIMIT)
-  end
-
-  def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
-  end
-end

app/controllers/api/v1/domain_blocks_controller.rb

@@ -15,8 +15,7 @@ class Api::V1::DomainBlocksController < Api::BaseController
   end
 
   def create
-    current_account.block_domain!(domain_block_params[:domain])
+    BlockDomainFromAccountService.new.call(current_account, domain_block_params[:domain])
-    AfterAccountDomainBlockWorker.perform_async(current_account.id, domain_block_params[:domain])
     render_empty
   end
 
@@ -68,7 +67,7 @@ class Api::V1::DomainBlocksController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 
   def domain_block_params

app/controllers/api/v1/favourites_controller.rb

@@ -66,6 +66,6 @@ class Api::V1::FavouritesController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/follow_requests_controller.rb

@@ -71,6 +71,6 @@ class Api::V1::FollowRequestsController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/lists/accounts_controller.rb

@@ -88,7 +88,7 @@ class Api::V1::Lists::AccountsController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 
   def unlimited?

app/controllers/api/v1/media_controller.rb

@@ -27,7 +27,7 @@ class Api::V1::MediaController < Api::BaseController
   private
 
   def media_params
-    params.permit(:file, :description, :focus)
+    params.permit(:file, :description)
   end
 
   def file_type_error

app/controllers/api/v1/mutes_controller.rb

@@ -76,6 +76,6 @@ class Api::V1::MutesController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/notifications_controller.rb

@@ -91,6 +91,6 @@ class Api::V1::NotificationsController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit, :exclude_types).permit(:limit, exclude_types: []).merge(core_params)
+    params.permit(:limit, exclude_types: []).merge(core_params)
   end
 end

app/controllers/api/v1/push/subscriptions_controller.rb

@@ -1,56 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Push::SubscriptionsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :push }
-  before_action :require_user!
-  before_action :set_web_push_subscription
-
-  def create
-    @web_subscription&.destroy!
-
-    @web_subscription = ::Web::PushSubscription.create!(
-      endpoint: subscription_params[:endpoint],
-      key_p256dh: subscription_params[:keys][:p256dh],
-      key_auth: subscription_params[:keys][:auth],
-      data: data_params,
-      user_id: current_user.id,
-      access_token_id: doorkeeper_token.id
-    )
-
-    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
-  end
-
-  def show
-    raise ActiveRecord::RecordNotFound if @web_subscription.nil?
-
-    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
-  end
-
-  def update
-    raise ActiveRecord::RecordNotFound if @web_subscription.nil?
-
-    @web_subscription.update!(data: data_params)
-
-    render json: @web_subscription, serializer: REST::WebPushSubscriptionSerializer
-  end
-
-  def destroy
-    @web_subscription&.destroy!
-    render_empty
-  end
-
-  private
-
-  def set_web_push_subscription
-    @web_subscription = ::Web::PushSubscription.find_by(access_token_id: doorkeeper_token.id)
-  end
-
-  def subscription_params
-    params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh])
-  end
-
-  def data_params
-    return {} if params[:data].blank?
-    params.require(:data).permit(alerts: [:follow, :favourite, :reblog, :mention])
-  end
-end

app/controllers/api/v1/reports_controller.rb

@@ -13,14 +13,14 @@ class Api::V1::ReportsController < Api::BaseController
   end
 
   def create
-    @report = ReportService.new.call(
+    @report = current_account.reports.create!(
-      current_account,
+      target_account: reported_account,
-      reported_account,
       status_ids: reported_status_ids,
-      comment: report_params[:comment],
+      comment: report_params[:comment]
-      forward: report_params[:forward]
     )
 
+    User.staff.includes(:account).each { |u| AdminMailer.new_report(u.account, @report).deliver_later }
+
     render json: @report, serializer: REST::ReportSerializer
   end
 
@@ -39,6 +39,6 @@ class Api::V1::ReportsController < Api::BaseController
   end
 
   def report_params
-    params.permit(:account_id, :comment, :forward, status_ids: [])
+    params.permit(:account_id, :comment, status_ids: [])
   end
 end

app/controllers/api/v1/search_controller.rb

@@ -33,8 +33,12 @@ class Api::V1::SearchController < Api::BaseController
     SearchService.new.call(
       params[:q],
       RESULTS_LIMIT,
-      truthy_param?(:resolve),
+      resolving_search?,
       current_account
     )
   end
+
+  def resolving_search?
+    params[:resolve] == 'true'
+  end
 end

app/controllers/api/v1/statuses/bookmarks_controller.rb

@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Statuses::BookmarksController < Api::BaseController
-  include Authorization
-
-  before_action -> { doorkeeper_authorize! :write }
-  before_action :require_user!
-
-  respond_to :json
-
-  def create
-    @status = bookmarked_status
-    render json: @status, serializer: REST::StatusSerializer
-  end
-
-  def destroy
-    @status = requested_status
-    @bookmarks_map = { @status.id => false }
-
-    bookmark = Bookmark.find_by!(account: current_user.account, status: @status)
-    bookmark.destroy!
-
-    render json: @status, serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new([@status], current_user&.account_id, bookmarks_map: @bookmarks_map)
-  end
-
-  private
-
-  def bookmarked_status
-    authorize_with current_user.account, requested_status, :show?
-
-    bookmark = Bookmark.find_or_create_by!(account: current_user.account, status: requested_status)
-
-    bookmark.status.reload
-  end
-
-  def requested_status
-    Status.find(params[:status_id])
-  end
-end

app/controllers/api/v1/statuses/favourited_by_accounts_controller.rb

@@ -77,6 +77,6 @@ class Api::V1::Statuses::FavouritedByAccountsController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/statuses/pins_controller.rb

@@ -11,18 +11,12 @@ class Api::V1::Statuses::PinsController < Api::BaseController
 
   def create
     StatusPin.create!(account: current_account, status: @status)
-    distribute_add_activity!
     render json: @status, serializer: REST::StatusSerializer
   end
 
   def destroy
     pin = StatusPin.find_by(account: current_account, status: @status)
-
+    pin&.destroy!
-    if pin
-      pin.destroy!
-      distribute_remove_activity!
-    end
-
     render json: @status, serializer: REST::StatusSerializer
   end
 
@@ -31,24 +25,4 @@ class Api::V1::Statuses::PinsController < Api::BaseController
   def set_status
     @status = Status.find(params[:status_id])
   end
-
-  def distribute_add_activity!
-    json = ActiveModelSerializers::SerializableResource.new(
-      @status,
-      serializer: ActivityPub::AddSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
-
-    ActivityPub::RawDistributionWorker.perform_async(Oj.dump(json), current_account.id)
-  end
-
-  def distribute_remove_activity!
-    json = ActiveModelSerializers::SerializableResource.new(
-      @status,
-      serializer: ActivityPub::RemoveSerializer,
-      adapter: ActivityPub::Adapter
-    ).as_json
-
-    ActivityPub::RawDistributionWorker.perform_async(Oj.dump(json), current_account.id)
-  end
 end

app/controllers/api/v1/statuses/reblogged_by_accounts_controller.rb

@@ -74,6 +74,6 @@ class Api::V1::Statuses::RebloggedByAccountsController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 end

app/controllers/api/v1/statuses_controller.rb

@@ -10,12 +10,6 @@ class Api::V1::StatusesController < Api::BaseController
 
   respond_to :json
 
-  # This API was originally unlimited, pagination cannot be introduced without
-  # breaking backwards-compatibility. Arbitrarily high number to cover most
-  # conversations as quasi-unlimited, it would be too much work to render more
-  # than this anyway
-  CONTEXT_LIMIT = 4_096
-
   def show
     cached  = Rails.cache.read(@status.cache_key)
     @status = cached unless cached.nil?
@@ -23,8 +17,8 @@ class Api::V1::StatusesController < Api::BaseController
   end
 
   def context
-    ancestors_results   = @status.in_reply_to_id.nil? ? [] : @status.ancestors(CONTEXT_LIMIT, current_account)
+    ancestors_results   = @status.in_reply_to_id.nil? ? [] : @status.ancestors(current_account)
-    descendants_results = @status.descendants(CONTEXT_LIMIT, current_account)
+    descendants_results = @status.descendants(current_account)
     loaded_ancestors    = cache_collection(ancestors_results, Status)
     loaded_descendants  = cache_collection(descendants_results, Status)
 
@@ -82,7 +76,7 @@ class Api::V1::StatusesController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 
   def authorize_if_got_token

app/controllers/api/v1/timelines/direct_controller.rb

@@ -23,18 +23,15 @@ class Api::V1::Timelines::DirectController < Api::BaseController
   end
 
   def direct_statuses
-    direct_timeline_statuses
+    direct_timeline_statuses.paginate_by_max_id(
+      limit_param(DEFAULT_STATUSES_LIMIT),
+      params[:max_id],
+      params[:since_id]
+    )
   end
 
   def direct_timeline_statuses
-    # this query requires built in pagination.
+    Status.as_direct_timeline(current_account)
-    Status.as_direct_timeline(
-      current_account,
-      limit_param(DEFAULT_STATUSES_LIMIT),
-      params[:max_id],
-      params[:since_id],
-      true # returns array of cache_ids object
-    )
   end
 
   def insert_pagination_headers

app/controllers/api/v1/timelines/home_controller.rb

@@ -43,7 +43,7 @@ class Api::V1::Timelines::HomeController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:local, :limit).permit(:local, :limit).merge(core_params)
+    params.permit(:local, :limit).merge(core_params)
   end
 
   def next_path

app/controllers/api/v1/timelines/list_controller.rb

@@ -45,7 +45,7 @@ class Api::V1::Timelines::ListController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:limit).permit(:limit).merge(core_params)
+    params.permit(:limit).merge(core_params)
   end
 
   def next_path

app/controllers/api/v1/timelines/public_controller.rb

@@ -21,23 +21,15 @@ class Api::V1::Timelines::PublicController < Api::BaseController
   end
 
   def public_statuses
-    statuses = public_timeline_statuses.paginate_by_max_id(
+    public_timeline_statuses.paginate_by_max_id(
       limit_param(DEFAULT_STATUSES_LIMIT),
       params[:max_id],
       params[:since_id]
     )
-
-    if truthy_param?(:only_media)
-      # `SELECT DISTINCT id, updated_at` is too slow, so pluck ids at first, and then select id, updated_at with ids.
-      status_ids = statuses.joins(:media_attachments).distinct(:id).pluck(:id)
-      statuses.where(id: status_ids)
-    else
-      statuses
-    end
   end
 
   def public_timeline_statuses
-    Status.as_public_timeline(current_account, truthy_param?(:local))
+    Status.as_public_timeline(current_account, params[:local])
   end
 
   def insert_pagination_headers
@@ -45,7 +37,7 @@ class Api::V1::Timelines::PublicController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:local, :limit, :only_media).permit(:local, :limit, :only_media).merge(core_params)
+    params.permit(:local, :limit).merge(core_params)
   end
 
   def next_path

app/controllers/api/v1/timelines/tag_controller.rb

@@ -29,24 +29,16 @@ class Api::V1::Timelines::TagController < Api::BaseController
     if @tag.nil?
       []
     else
-      statuses = tag_timeline_statuses.paginate_by_max_id(
+      tag_timeline_statuses.paginate_by_max_id(
         limit_param(DEFAULT_STATUSES_LIMIT),
         params[:max_id],
         params[:since_id]
       )
-
-      if truthy_param?(:only_media)
-        # `SELECT DISTINCT id, updated_at` is too slow, so pluck ids at first, and then select id, updated_at with ids.
-        status_ids = statuses.joins(:media_attachments).distinct(:id).pluck(:id)
-        statuses.where(id: status_ids)
-      else
-        statuses
-      end
     end
   end
 
   def tag_timeline_statuses
-    Status.as_tag_timeline(@tag, current_account, truthy_param?(:local))
+    Status.as_tag_timeline(@tag, current_account, params[:local])
   end
 
   def insert_pagination_headers
@@ -54,7 +46,7 @@ class Api::V1::Timelines::TagController < Api::BaseController
   end
 
   def pagination_params(core_params)
-    params.slice(:local, :limit, :only_media).permit(:local, :limit, :only_media).merge(core_params)
+    params.permit(:local, :limit).merge(core_params)
   end
 
   def next_path

app/controllers/api/v2/search_controller.rb

@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V2::SearchController < Api::V1::SearchController
-  def index
-    @search = Search.new(search)
-    render json: @search, serializer: REST::V2::SearchSerializer
-  end
-end

app/controllers/api/web/base_controller.rb

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class Api::Web::BaseController < Api::BaseController
-  protect_from_forgery with: :exception
-
-  rescue_from ActionController::InvalidAuthenticityToken do
-    render json: { error: "Can't verify CSRF token authenticity." }, status: 422
-  end
-end

app/controllers/api/web/embeds_controller.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class Api::Web::EmbedsController < Api::Web::BaseController
+class Api::Web::EmbedsController < Api::BaseController
   respond_to :json
 
   before_action :require_user!
@@ -9,12 +9,9 @@ class Api::Web::EmbedsController < Api::Web::BaseController
     status = StatusFinder.new(params[:url]).status
     render json: status, serializer: OEmbedSerializer, width: 400
   rescue ActiveRecord::RecordNotFound
-    oembed = FetchOEmbedService.new.call(params[:url])
+    oembed = OEmbed::Providers.get(params[:url])
-
+    render json: Oj.dump(oembed.fields)
-    if oembed
+  rescue OEmbed::NotFound
-      render json: oembed
+    render json: {}, status: :not_found
-    else
-      render json: {}, status: :not_found
-    end
   end
 end

app/controllers/api/web/push_subscriptions_controller.rb

@@ -1,11 +1,15 @@
 # frozen_string_literal: true
 
-class Api::Web::PushSubscriptionsController < Api::Web::BaseController
+class Api::Web::PushSubscriptionsController < Api::BaseController
   respond_to :json
 
   before_action :require_user!
+  protect_from_forgery with: :exception
 
   def create
+    params.require(:subscription).require(:endpoint)
+    params.require(:subscription).require(:keys).require([:auth, :p256dh])
+
     active_session = current_session
 
     unless active_session.web_push_subscription.nil?
@@ -25,38 +29,27 @@ class Api::Web::PushSubscriptionsController < Api::Web::BaseController
       },
     }
 
-    data.deep_merge!(data_params) if params[:data]
+    data.deep_merge!(params[:data]) if params[:data]
 
     web_subscription = ::Web::PushSubscription.create!(
-      endpoint: subscription_params[:endpoint],
+      endpoint: params[:subscription][:endpoint],
-      key_p256dh: subscription_params[:keys][:p256dh],
+      key_p256dh: params[:subscription][:keys][:p256dh],
-      key_auth: subscription_params[:keys][:auth],
+      key_auth: params[:subscription][:keys][:auth],
-      data: data,
+      data: data
-      user_id: active_session.user_id,
-      access_token_id: active_session.access_token_id
     )
 
     active_session.update!(web_push_subscription: web_subscription)
 
-    render json: web_subscription, serializer: REST::WebPushSubscriptionSerializer
+    render json: web_subscription.as_payload
   end
 
   def update
-    params.require([:id])
+    params.require([:id, :data])
 
     web_subscription = ::Web::PushSubscription.find(params[:id])
-    web_subscription.update!(data: data_params)
 
-    render json: web_subscription, serializer: REST::WebPushSubscriptionSerializer
+    web_subscription.update!(data: params[:data])
-  end
 
-  private
+    render json: web_subscription.as_payload
-
-  def subscription_params
-    @subscription_params ||= params.require(:subscription).permit(:endpoint, keys: [:auth, :p256dh])
-  end
-
-  def data_params
-    @data_params ||= params.require(:data).permit(alerts: [:follow, :favourite, :reblog, :mention])
   end
 end

app/controllers/api/web/settings_controller.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class Api::Web::SettingsController < Api::Web::BaseController
+class Api::Web::SettingsController < Api::BaseController
   respond_to :json
 
   before_action :require_user!

app/controllers/application_controller.rb

@@ -9,19 +9,16 @@ class ApplicationController < ActionController::Base
 
   include Localized
   include UserTrackingConcern
-  include SessionTrackingConcern
 
   helper_method :current_account
   helper_method :current_session
   helper_method :current_flavour
   helper_method :current_skin
   helper_method :single_user_mode?
-  helper_method :use_seamless_external_login?
 
   rescue_from ActionController::RoutingError, with: :not_found
   rescue_from ActiveRecord::RecordNotFound, with: :not_found
   rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity
-  rescue_from ActionController::UnknownFormat, with: :not_acceptable
   rescue_from Mastodon::NotPermittedError, with: :forbidden
 
   before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
@@ -38,15 +35,15 @@ class ApplicationController < ActionController::Base
   end
 
   def store_current_location
-    store_location_for(:user, request.url) unless request.format == :json
+    store_location_for(:user, request.url)
   end
 
   def require_admin!
-    forbidden unless current_user&.admin?
+    redirect_to root_path unless current_user&.admin?
   end
 
   def require_staff!
-    forbidden unless current_user&.staff?
+    redirect_to root_path unless current_user&.staff?
   end
 
   def check_suspension
@@ -144,18 +141,10 @@ class ApplicationController < ActionController::Base
     respond_with_error(422)
   end
 
-  def not_acceptable
-    respond_with_error(406)
-  end
-
   def single_user_mode?
     @single_user_mode ||= Rails.configuration.x.single_user_mode && Account.exists?
   end
 
-  def use_seamless_external_login?
-    Devise.pam_authentication || Devise.ldap_authentication
-  end
-
   def current_account
     @current_account ||= current_user.try(:account)
   end

app/controllers/auth/confirmations_controller.rb

@@ -3,7 +3,6 @@
 class Auth::ConfirmationsController < Devise::ConfirmationsController
   layout 'auth'
 
-  before_action :set_user, only: [:finish_signup]
   before_action :set_pack
 
   private
@@ -11,26 +10,4 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
   def set_pack
     use_pack 'auth'
   end
-
-  # GET/PATCH /users/:id/finish_signup
-  def finish_signup
-    return unless request.patch? && params[:user]
-    if @user.update(user_params)
-      @user.skip_reconfirmation!
-      sign_in(@user, bypass: true)
-      redirect_to root_path, notice: I18n.t('devise.confirmations.send_instructions')
-    else
-      @show_errors = true
-    end
-  end
-
-  private
-
-  def set_user
-    @user = current_user
-  end
-
-  def user_params
-    params.require(:user).permit(:email)
-  end
 end

app/controllers/auth/omniauth_callbacks_controller.rb

@@ -1,33 +0,0 @@
-# frozen_string_literal: true
-
-class Auth::OmniauthCallbacksController < Devise::OmniauthCallbacksController
-  skip_before_action :verify_authenticity_token
-
-  def self.provides_callback_for(provider)
-    provider_id = provider.to_s.chomp '_oauth2'
-
-    define_method provider do
-      @user = User.find_for_oauth(request.env['omniauth.auth'], current_user)
-
-      if @user.persisted?
-        sign_in_and_redirect @user, event: :authentication
-        set_flash_message(:notice, :success, kind: provider_id.capitalize) if is_navigational_format?
-      else
-        session["devise.#{provider}_data"] = request.env['omniauth.auth']
-        redirect_to new_user_registration_url
-      end
-    end
-  end
-
-  Devise.omniauth_configs.each_key do |provider|
-    provides_callback_for provider
-  end
-
-  def after_sign_in_path_for(resource)
-    if resource.email_verified?
-      root_path
-    else
-      finish_signup_path
-    end
-  end
-end

app/controllers/auth/registrations_controller.rb

@@ -15,11 +15,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
   protected
 
-  def update_resource(resource, params)
-    params[:password] = nil if Devise.pam_authentication && resource.encrypted_password.blank?
-    super
-  end
-
   def build_resource(hash = nil)
     super(hash)
 

app/controllers/auth/sessions_controller.rb

@@ -11,14 +11,6 @@ class Auth::SessionsController < Devise::SessionsController
   prepend_before_action :set_pack
   before_action :set_instance_presenter, only: [:new]
 
-  def new
-    Devise.omniauth_configs.each do |provider, config|
-      return redirect_to(omniauth_authorize_path(resource_name, provider)) if config.strategy.redirect_at_sign_in
-    end
-
-    super
-  end
-
   def create
     super do |resource|
       remember_me(resource)
@@ -37,11 +29,7 @@ class Auth::SessionsController < Devise::SessionsController
     if session[:otp_user_id]
       User.find(session[:otp_user_id])
     elsif user_params[:email]
-      if use_seamless_external_login? && Devise.check_at_sign && user_params[:email].index('@').nil?
+      User.find_for_authentication(email: user_params[:email])
-        User.joins(:account).find_by(accounts: { username: user_params[:email] })
-      else
-        User.find_for_authentication(email: user_params[:email])
-      end
     end
   end
 
@@ -59,14 +47,6 @@ class Auth::SessionsController < Devise::SessionsController
     end
   end
 
-  def after_sign_out_path_for(_resource_or_scope)
-    Devise.omniauth_configs.each_value do |config|
-      return root_path if config.strategy.redirect_at_sign_in
-    end
-
-    super
-  end
-
   def two_factor_enabled?
     find_user.try(:otp_required_for_login?)
   end

app/controllers/concerns/localized.rb

@@ -17,11 +17,11 @@ module Localized
   end
 
   def default_locale
-    if ENV['DEFAULT_LOCALE'].present?
+    request_locale || env_locale || I18n.default_locale
-      I18n.default_locale
+  end
-    else
+
-      request_locale || I18n.default_locale
+  def env_locale
-    end
+    ENV['DEFAULT_LOCALE']
   end
 
   def request_locale
@@ -29,14 +29,12 @@ module Localized
   end
 
   def preferred_locale
-    http_accept_language.preferred_language_from(available_locales)
+    http_accept_language.preferred_language_from([env_locale]) ||
+      http_accept_language.preferred_language_from(I18n.available_locales)
   end
 
   def compatible_locale
-    http_accept_language.compatible_language_from(available_locales)
+    http_accept_language.compatible_language_from([env_locale]) ||
-  end
+      http_accept_language.compatible_language_from(I18n.available_locales)
-
-  def available_locales
-    I18n.available_locales.reverse
   end
 end

app/controllers/concerns/remote_account_controller_concern.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-module RemoteAccountControllerConcern
-  extend ActiveSupport::Concern
-
-  included do
-    layout 'public'
-    before_action :set_account
-    before_action :check_account_suspension
-  end
-
-  private
-
-  def set_account
-    @account = Account.find_remote!(params[:acct])
-  end
-
-  def check_account_suspension
-    gone if @account.suspended?
-  end
-end

app/controllers/concerns/session_tracking_concern.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module SessionTrackingConcern
-  extend ActiveSupport::Concern
-
-  UPDATE_SIGN_IN_HOURS = 24
-
-  included do
-    before_action :set_session_activity
-  end
-
-  private
-
-  def set_session_activity
-    return unless session_needs_update?
-    current_session.touch
-  end
-
-  def session_needs_update?
-    !current_session.nil? && current_session.updated_at < UPDATE_SIGN_IN_HOURS.hours.ago
-  end
-end

app/controllers/concerns/signature_authentication.rb

@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-module SignatureAuthentication
-  extend ActiveSupport::Concern
-
-  include SignatureVerification
-
-  def current_account
-    super || signed_request_account
-  end
-end

app/controllers/concerns/signature_verification.rb

@@ -107,7 +107,9 @@ module SignatureVerification
 
   def incompatible_signature?(signature_params)
     signature_params['keyId'].blank? ||
-      signature_params['signature'].blank?
+      signature_params['signature'].blank? ||
+      signature_params['algorithm'].blank? ||
+      signature_params['algorithm'] != 'rsa-sha256'
   end
 
   def account_from_key_id(key_id)

app/controllers/follower_accounts_controller.rb

@@ -4,19 +4,14 @@ class FollowerAccountsController < ApplicationController
   include AccountControllerConcern
 
   def index
+    @follows = Follow.where(target_account: @account).recent.page(params[:page]).per(FOLLOW_PER_PAGE).preload(:account)
+
     respond_to do |format|
       format.html do
         use_pack 'public'
-
-        next if @account.user_hides_network?
-
-        follows
-        @relationships = AccountRelationshipsPresenter.new(follows.map(&:account_id), current_user.account_id) if user_signed_in?
       end
 
       format.json do
-        raise Mastodon::NotPermittedError if params[:page].present? && @account.user_hides_network?
-
         render json: collection_presenter,
                serializer: ActivityPub::CollectionSerializer,
                adapter: ActivityPub::Adapter,
@@ -27,31 +22,28 @@ class FollowerAccountsController < ApplicationController
 
   private
 
-  def follows
-    @follows ||= Follow.where(target_account: @account).recent.page(params[:page]).per(FOLLOW_PER_PAGE).preload(:account)
-  end
-
   def page_url(page)
     account_followers_url(@account, page: page) unless page.nil?
   end
 
   def collection_presenter
+    page = ActivityPub::CollectionPresenter.new(
+      id: account_followers_url(@account, page: params.fetch(:page, 1)),
+      type: :ordered,
+      size: @account.followers_count,
+      items: @follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.account) },
+      part_of: account_followers_url(@account),
+      next: page_url(@follows.next_page),
+      prev: page_url(@follows.prev_page)
+    )
     if params[:page].present?
-      ActivityPub::CollectionPresenter.new(
+      page
-        id: account_followers_url(@account, page: params.fetch(:page, 1)),
-        type: :ordered,
-        size: @account.followers_count,
-        items: follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.account) },
-        part_of: account_followers_url(@account),
-        next: page_url(follows.next_page),
-        prev: page_url(follows.prev_page)
-      )
     else
       ActivityPub::CollectionPresenter.new(
         id: account_followers_url(@account),
         type: :ordered,
         size: @account.followers_count,
-        first: page_url(1)
+        first: page
       )
     end
   end

app/controllers/following_accounts_controller.rb

@@ -4,19 +4,14 @@ class FollowingAccountsController < ApplicationController
   include AccountControllerConcern
 
   def index
+    @follows = Follow.where(account: @account).recent.page(params[:page]).per(FOLLOW_PER_PAGE).preload(:target_account)
+
     respond_to do |format|
       format.html do
         use_pack 'public'
-
-        next if @account.user_hides_network?
-
-        follows
-        @relationships = AccountRelationshipsPresenter.new(follows.map(&:target_account_id), current_user.account_id) if user_signed_in?
       end
 
       format.json do
-        raise Mastodon::NotPermittedError if params[:page].present? && @account.user_hides_network?
-
         render json: collection_presenter,
                serializer: ActivityPub::CollectionSerializer,
                adapter: ActivityPub::Adapter,
@@ -27,31 +22,28 @@ class FollowingAccountsController < ApplicationController
 
   private
 
-  def follows
-    @follows ||= Follow.where(account: @account).recent.page(params[:page]).per(FOLLOW_PER_PAGE).preload(:target_account)
-  end
-
   def page_url(page)
     account_following_index_url(@account, page: page) unless page.nil?
   end
 
   def collection_presenter
+    page = ActivityPub::CollectionPresenter.new(
+      id: account_following_index_url(@account, page: params.fetch(:page, 1)),
+      type: :ordered,
+      size: @account.following_count,
+      items: @follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.target_account) },
+      part_of: account_following_index_url(@account),
+      next: page_url(@follows.next_page),
+      prev: page_url(@follows.prev_page)
+    )
     if params[:page].present?
-      ActivityPub::CollectionPresenter.new(
+      page
-        id: account_following_index_url(@account, page: params.fetch(:page, 1)),
-        type: :ordered,
-        size: @account.following_count,
-        items: follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.target_account) },
-        part_of: account_following_index_url(@account),
-        next: page_url(follows.next_page),
-        prev: page_url(follows.prev_page)
-      )
     else
       ActivityPub::CollectionPresenter.new(
         id: account_following_index_url(@account),
         type: :ordered,
         size: @account.following_count,
-        first: page_url(1)
+        first: page
       )
     end
   end

app/controllers/home_controller.rb

@@ -2,9 +2,7 @@
 
 class HomeController < ApplicationController
   before_action :authenticate_user!
-
   before_action :set_pack
-  before_action :set_referrer_policy_header
   before_action :set_initial_state_json
 
   def index
@@ -37,8 +35,7 @@ class HomeController < ApplicationController
       end
     end
 
-    matches = request.path.match(%r{\A/web/timelines/tag/(?<tag>.+)\z})
+    redirect_to(default_redirect_path)
-    redirect_to(matches ? tag_path(CGI.unescape(matches[:tag])) : default_redirect_path)
   end
 
   def set_pack
@@ -69,8 +66,4 @@ class HomeController < ApplicationController
       about_path
     end
   end
-
-  def set_referrer_policy_header
-    response.headers['Referrer-Policy'] = 'origin'
-  end
 end

app/controllers/intents_controller.rb

@@ -1,10 +1,9 @@
 # frozen_string_literal: true
 
 class IntentsController < ApplicationController
-  before_action :check_uri
-  rescue_from Addressable::URI::InvalidURIError, with: :handle_invalid_uri
-
   def show
+    uri = Addressable::URI.parse(params[:uri])
+
     if uri.scheme == 'web+mastodon'
       case uri.host
       when 'follow'
@@ -16,18 +15,4 @@ class IntentsController < ApplicationController
 
     not_found
   end
-
-  private
-
-  def check_uri
-    not_found if uri.blank?
-  end
-
-  def handle_invalid_uri
-    not_found
-  end
-
-  def uri
-    @uri ||= Addressable::URI.parse(params[:uri])
-  end
 end

app/controllers/invites_controller.rb

@@ -11,7 +11,7 @@ class InvitesController < ApplicationController
   def index
     authorize :invite, :create?
 
-    @invites = invites
+    @invites = Invite.where(user: current_user)
     @invite  = Invite.new(expires_in: 1.day.to_i)
   end
 
@@ -24,13 +24,13 @@ class InvitesController < ApplicationController
     if @invite.save
       redirect_to invites_path
     else
-      @invites = invites
+      @invites = Invite.where(user: current_user)
       render :index
     end
   end
 
   def destroy
-    @invite = invites.find(params[:id])
+    @invite = Invite.where(user: current_user).find(params[:id])
     authorize @invite, :destroy?
     @invite.expire!
     redirect_to invites_path
@@ -42,10 +42,6 @@ class InvitesController < ApplicationController
     use_pack 'settings'
   end
 
-  def invites
-    Invite.where(user: current_user)
-  end
-
   def resource_params
     params.require(:invite).permit(:max_uses, :expires_in)
   end

app/controllers/media_controller.rb

@@ -3,26 +3,20 @@
 class MediaController < ApplicationController
   include Authorization
 
-  before_action :set_media_attachment
+  before_action :verify_permitted_status
-  before_action :verify_permitted_status!
 
   def show
-    redirect_to @media_attachment.file.url(:original)
+    redirect_to media_attachment.file.url(:original)
-  end
-
-  def player
-    @body_classes = 'player'
-    raise ActiveRecord::RecordNotFound unless @media_attachment.video? || @media_attachment.gifv?
   end
 
   private
 
-  def set_media_attachment
+  def media_attachment
-    @media_attachment = MediaAttachment.attached.find_by!(shortcode: params[:id] || params[:medium_id])
+    MediaAttachment.attached.find_by!(shortcode: params[:id])
   end
 
-  def verify_permitted_status!
+  def verify_permitted_status
-    authorize @media_attachment.status, :show?
+    authorize media_attachment.status, :show?
   rescue Mastodon::NotPermittedError
     # Reraise in order to get a 404 instead of a 403 error code
     raise ActiveRecord::RecordNotFound

app/controllers/media_proxy_controller.rb

@@ -8,8 +8,6 @@ class MediaProxyController < ApplicationController
       if lock.acquired?
         @media_attachment = MediaAttachment.remote.find(params[:id])
         redownload! if @media_attachment.needs_redownload? && !reject_media?
-      else
-        raise Mastodon::RaceConditionError
       end
     end
 

app/controllers/oauth/authorized_applications_controller.rb

@@ -9,11 +9,6 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
 
   include Localized
 
-  def destroy
-    Web::PushSubscription.unsubscribe_for(params[:id], current_resource_owner)
-    super
-  end
-
   private
 
   def store_current_location

app/controllers/oauth/tokens_controller.rb

@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-class Oauth::TokensController < Doorkeeper::TokensController
-  def revoke
-    unsubscribe_for_token if authorized? && token.accessible?
-    super
-  end
-
-  private
-
-  def unsubscribe_for_token
-    Web::PushSubscription.where(access_token_id: token.id).delete_all
-  end
-end

app/controllers/remote_unfollows.rb

@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-class RemoteUnfollowsController < ApplicationController
-  layout 'modal'
-
-  before_action :authenticate_user!
-  before_action :set_body_classes
-
-  def create
-    @account = unfollow_attempt.try(:target_account)
-
-    if @account.nil?
-      render :error
-    else
-      render :success
-    end
-  rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
-    render :error
-  end
-
-  private
-
-  def unfollow_attempt
-    username, domain = acct_without_prefix.split('@')
-    UnfollowService.new.call(current_account, Account.find_remote!(username, domain))
-  end
-
-  def acct_without_prefix
-    acct_params.gsub(/\Aacct:/, '')
-  end
-
-  def acct_params
-    params.fetch(:acct, '')
-  end
-
-  def set_body_classes
-    @body_classes = 'modal-layout'
-  end
-end

app/controllers/settings/applications_controller.rb

@@ -6,7 +6,7 @@ class Settings::ApplicationsController < Settings::BaseController
   before_action :prepare_scopes, only: [:create, :update]
 
   def index
-    @applications = current_user.applications.order(id: :desc).page(params[:page])
+    @applications = current_user.applications.page(params[:page])
   end
 
   def new

app/controllers/settings/exports_controller.rb

@@ -1,19 +1,7 @@
 # frozen_string_literal: true
 
 class Settings::ExportsController < Settings::BaseController
-  include Authorization
-
   def show
-    @export  = Export.new(current_account)
+    @export = Export.new(current_account)
-    @backups = current_user.backups
-  end
-
-  def create
-    authorize :backup, :create?
-
-    backup = current_user.backups.create!
-    BackupWorker.perform_async(backup.id)
-
-    redirect_to settings_export_path
   end
 end

app/controllers/settings/follower_domains_controller.rb

@@ -5,13 +5,13 @@ require 'sidekiq-bulk'
 class Settings::FollowerDomainsController < Settings::BaseController
   def show
     @account = current_account
-    @domains = current_account.followers.reorder(Arel.sql('MIN(follows.id) DESC')).group('accounts.domain').select('accounts.domain, count(accounts.id) as accounts_from_domain').page(params[:page]).per(10)
+    @domains = current_account.followers.reorder('MIN(follows.id) DESC').group('accounts.domain').select('accounts.domain, count(accounts.id) as accounts_from_domain').page(params[:page]).per(10)
   end
 
   def update
     domains = bulk_params[:select] || []
 
-    AfterAccountDomainBlockWorker.push_bulk(domains) do |domain|
+    SoftBlockDomainFollowersWorker.push_bulk(domains) do |domain|
       [current_account.id, domain]
     end
 

app/controllers/settings/keyword_mutes_controller.rb

@@ -52,7 +52,7 @@ class Settings::KeywordMutesController < Settings::BaseController
   end
 
   def keyword_mute_params
-    params.require(:keyword_mute).permit(:keyword, :whole_word, :apply_to_mentions)
+    params.require(:keyword_mute).permit(:keyword, :whole_word)
   end
 
   def paginated_keyword_mutes_for_account

app/controllers/settings/migrations_controller.rb

@@ -1,6 +1,10 @@
 # frozen_string_literal: true
 
-class Settings::MigrationsController < Settings::BaseController
+class Settings::MigrationsController < ApplicationController
+  layout 'admin'
+
+  before_action :authenticate_user!
+
   def show
     @migration = Form::Migration.new(account: current_account.moved_to_account)
   end

app/controllers/settings/preferences_controller.rb

@@ -36,11 +36,9 @@ class Settings::PreferencesController < Settings::BaseController
       :setting_favourite_modal,
       :setting_delete_modal,
       :setting_auto_play_gif,
-      :setting_display_sensitive_media,
       :setting_reduce_motion,
       :setting_system_font_ui,
       :setting_noindex,
-      :setting_hide_network,
       notification_emails: %i(follow follow_request reblog favourite mention digest),
       interactions: %i(must_be_follower must_be_following)
     )

app/controllers/settings/profiles_controller.rb

@@ -8,16 +8,13 @@ class Settings::ProfilesController < Settings::BaseController
   obfuscate_filename [:account, :avatar]
   obfuscate_filename [:account, :header]
 
-  def show
+  def show; end
-    @account.build_fields
-  end
 
   def update
     if UpdateAccountService.new.call(@account, account_params)
       ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
       redirect_to settings_profile_path, notice: I18n.t('generic.changes_saved_msg')
     else
-      @account.build_fields
       render :show
     end
   end
@@ -25,7 +22,7 @@ class Settings::ProfilesController < Settings::BaseController
   private
 
   def account_params
-    params.require(:account).permit(:display_name, :note, :avatar, :header, :locked, :bot, fields_attributes: [:name, :value])
+    params.require(:account).permit(:display_name, :note, :avatar, :header, :locked)
   end
 
   def set_account

app/controllers/shares_controller.rb

@@ -16,7 +16,6 @@ class SharesController < ApplicationController
 
   def initial_state_params
     text = [params[:title], params[:text], params[:url]].compact.join(' ')
-
     {
       settings: Web::Setting.find_by(user: current_user)&.data || {},
       push_subscription: current_account.user.web_push_subscription(current_session),