[WIP] Initial status work

.env.nanobox

@@ -35,17 +35,6 @@ PAPERCLIP_SECRET=$PAPERCLIP_SECRET
 SECRET_KEY_BASE=$SECRET_KEY_BASE
 OTP_SECRET=$OTP_SECRET
 
-# VAPID keys (used for push notifications)
-# You can generate the keys using the following command (first is the private key, second is the public one)
-# You should only generate this once per instance. If you later decide to change it, all push subscription will
-# be invalidated, requiring the users to access the website again to resubscribe.
-#
-# Generate with `rake mastodon:webpush:generate_vapid_key` task (`nanobox run bundle exec rake mastodon:webpush:generate_vapid_key`)
-#
-# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
-VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
-VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY
-
 # Registrations
 # Single user mode will disable registrations and redirect frontpage to the first profile
 # SINGLE_USER_MODE=true
@@ -73,7 +62,7 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 #SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
 #SMTP_OPENSSL_VERIFY_MODE=peer
 #SMTP_ENABLE_STARTTLS_AUTO=true
-#SMTP_TLS=true
+
 
 # Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
 # PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
@@ -102,23 +91,6 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
 # S3_ENDPOINT=
 # S3_SIGNATURE_VERSION=
 
-# Swift (optional)
-# SWIFT_ENABLED=true
-# SWIFT_USERNAME=
-# For Keystone V3, the value for SWIFT_TENANT should be the project name
-# SWIFT_TENANT=
-# SWIFT_PASSWORD=
-# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
-# issues with token rate-limiting during high load.
-# SWIFT_AUTH_URL=
-# SWIFT_CONTAINER=
-# SWIFT_OBJECT_URL=
-# SWIFT_REGION=
-# Defaults to 'default'
-# SWIFT_DOMAIN_NAME=
-# Defaults to 60 seconds. Set to 0 to disable
-# SWIFT_CACHE_TTL=
-
 # Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
 # S3_CLOUDFRONT_HOST=
 

.env.production.sample

@@ -1,6 +1,5 @@
 # Service dependencies
 # You may set REDIS_URL instead for more advanced options
-# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
 REDIS_HOST=redis
 REDIS_PORT=6379
 # You may set DATABASE_URL instead for more advanced options
@@ -27,7 +26,7 @@ LOCAL_HTTPS=true
 # ALTERNATE_DOMAINS=example1.com,example2.com
 
 # Application secrets
-# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
+# Generate each with the `rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
 PAPERCLIP_SECRET=
 SECRET_KEY_BASE=
 OTP_SECRET=
@@ -37,7 +36,7 @@ OTP_SECRET=
 # You should only generate this once per instance. If you later decide to change it, all push subscription will
 # be invalidated, requiring the users to access the website again to resubscribe.
 #
-# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
+# Generate with `rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
 #
 # For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
 VAPID_PRIVATE_KEY=
@@ -99,23 +98,6 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # S3_ENDPOINT=
 # S3_SIGNATURE_VERSION=
 
-# Swift (optional)
-# SWIFT_ENABLED=true
-# SWIFT_USERNAME=
-# For Keystone V3, the value for SWIFT_TENANT should be the project name
-# SWIFT_TENANT=
-# SWIFT_PASSWORD=
-# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
-# issues with token rate-limiting during high load.
-# SWIFT_AUTH_URL=
-# SWIFT_CONTAINER=
-# SWIFT_OBJECT_URL=
-# SWIFT_REGION=
-# Defaults to 'default'
-# SWIFT_DOMAIN_NAME=
-# Defaults to 60 seconds. Set to 0 to disable
-# SWIFT_CACHE_TTL=
-
 # Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
 # S3_CLOUDFRONT_HOST=
 

.eslintrc.yml

@@ -5,14 +5,12 @@ env:
   browser: true
   node: true
   es6: true
-  jest: true
 
 parser: babel-eslint
 
 plugins:
 - react
 - jsx-a11y
-- import
 
 parserOptions:
   sourceType: module
@@ -23,19 +21,8 @@ parserOptions:
     modules: true
     spread: true
 
-settings:
-  import/extensions:
-  - .js
-  import/ignore:
-  - node_modules
-  - \\.(css|scss|json)$
-  import/resolver:
-    node:
-      moduleDirectory:
-        - node_modules
-        - app/javascript
-
 rules:
+
   brace-style: warn
   comma-dangle:
   - error
@@ -62,7 +49,6 @@ rules:
   - warn
   - allow:
     - error
-    - warn
   no-fallthrough: error
   no-irregular-whitespace: error
   no-mixed-spaces-and-tabs: warn
@@ -138,17 +124,3 @@ rules:
   jsx-a11y/role-supports-aria-props: off
   jsx-a11y/scope: warn
   jsx-a11y/tabindex-no-positive: warn
-
-  import/extensions:
-  - error
-  - always
-  - js: never
-  import/newline-after-import: error
-  import/no-extraneous-dependencies:
-  - error
-  - devDependencies:
-    - "config/webpack/**"
-    - "app/javascript/mastodon/test_setup.js"
-    - "app/javascript/**/__tests__/**"
-  import/no-unresolved: error
-  import/no-webpack-loader-syntax: error

.gitmodules

@@ -1,3 +0,0 @@
-[submodule "app/javascript/themes/mastodon-go"]
-	path = app/javascript/themes/mastodon-go
-	url = https://github.com/marrus-sh/mastodon-go

.rubocop.yml

@@ -10,7 +10,6 @@ AllCops:
   - 'node_modules/**/*'
   - 'Vagrantfile'
   - 'vendor/**/*'
-  - 'lib/json_ld/*'
 
 Bundler/OrderedGems:
   Enabled: false

.ruby-version

@@ -1 +1 @@
-2.4.2
+2.4.1

.travis.yml

@@ -26,16 +26,18 @@ addons:
   postgresql: 9.4
   apt:
     sources:
+    - ubuntu-toolchain-r-test
     - trusty-media
     packages:
     - ffmpeg
+    - g++-6
     - libprotobuf-dev
     - protobuf-compiler
     - libicu-dev
 
 rvm:
   - 2.3.4
-  - 2.4.2
+  - 2.4.1
 
 services:
   - redis-server
@@ -53,5 +55,5 @@ before_script:
 
 script:
   - travis_retry bundle exec parallel_test spec/ --group-by filesize --type rspec
-  - yarn test
+  - npm test
-  - bundle exec i18n-tasks check-normalized && bundle exec i18n-tasks unused
+  - bundle exec i18n-tasks unused

.yarnclean

@@ -1,46 +0,0 @@
-# test directories
-__tests__
-test
-tests
-powered-test
-
-# asset directories
-docs
-doc
-website
-images
-# assets
-
-# examples
-example
-examples
-
-# code coverage directories
-coverage
-.nyc_output
-
-# build scripts
-Makefile
-Gulpfile.js
-Gruntfile.js
-
-# configs
-.tern-project
-.gitattributes
-.editorconfig
-.*ignore
-.eslintrc
-.jshintrc
-.flowconfig
-.documentup.json
-.yarn-metadata.json
-.*.yml
-*.yml
-
-# misc
-*.gz
-*.md
-
-# for specific ignore
-!.svgo.yml
-

Aptfile

@@ -1,5 +1,4 @@
 ffmpeg
-libicu[0-9][0-9]
 libicu-dev
 libidn11
 libidn11-dev

CODEOWNERS

@@ -1,32 +0,0 @@
-# CODEOWNERS for tootsuite/mastodon
-
-# Translators
-# To add translator, copy these lines, replace `fr` with appropriate language code and replace `@żelipapą` with user's GitHub nickname preceded by `@` sign or e-mail address.
-# /app/javascript/mastodon/locales/fr.json @żelipapą
-# /app/views/user_mailer/*.fr.html.erb @żelipapą
-# /app/views/user_mailer/*.fr.text.erb @żelipapą
-# /config/locales/*.fr.yml @żelipapą
-# /config/locales/fr.yml @żelipapą
-
-# Polish
-/app/javascript/mastodon/locales/pl.json @m4sk1n
-/app/views/user_mailer/*.pl.html.erb @m4sk1n
-/app/views/user_mailer/*.pl.text.erb @m4sk1n
-/config/locales/*.pl.yml @m4sk1n
-/config/locales/pl.yml @m4sk1n
-
-# French
-/app/javascript/mastodon/locales/fr.json @aldarone
-/app/javascript/mastodon/locales/whitelist_fr.json @aldarone
-/app/views/user_mailer/*.fr.html.erb @aldarone
-/app/views/user_mailer/*.fr.text.erb @aldarone
-/config/locales/*.fr.yml @aldarone
-/config/locales/fr.yml @aldarone
-
-# Dutch
-/app/javascript/mastodon/locales/nl.json @jeroenpraat
-/app/javascript/mastodon/locales/whitelist_nl.json @jeroenpraat
-/app/views/user_mailer/*.nl.html.erb @jeroenpraat
-/app/views/user_mailer/*.nl.text.erb @jeroenpraat
-/config/locales/*.nl.yml @jeroenpraat
-/config/locales/nl.yml @jeroenpraat

CODE_OF_CONDUCT.md

@@ -1,46 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at eugen@zeonfederated.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.4.2-alpine3.6
+FROM ruby:2.4.1-alpine
 
 LABEL maintainer="https://github.com/tootsuite/mastodon" \
       description="A GNU Social-compatible microblogging server"
@@ -7,8 +7,6 @@ ENV UID=991 GID=991 \
     RAILS_SERVE_STATIC_FILES=true \
     RAILS_ENV=production NODE_ENV=production
 
-ARG YARN_VERSION=1.1.0
-ARG YARN_DOWNLOAD_SHA256=171c1f9ee93c488c0d774ac6e9c72649047c3f896277d88d0f805266519430f3
 ARG LIBICONV_VERSION=1.15
 ARG LIBICONV_DOWNLOAD_SHA256=ccf536620a45458d26ba83887a983b96827001e92a13847b45e4925cc8913178
 
@@ -16,12 +14,13 @@ EXPOSE 3000 4000
 
 WORKDIR /mastodon
 
-RUN apk -U upgrade \
+RUN echo "@edge https://nl.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories \
+ && echo "@edge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \
+ && apk -U upgrade \
  && apk add -t build-dependencies \
     build-base \
     icu-dev \
     libidn-dev \
-    libressl \
     libtool \
     postgresql-dev \
     protobuf-dev \
@@ -32,24 +31,19 @@ RUN apk -U upgrade \
     file \
     git \
     icu-libs \
-    imagemagick \
+    imagemagick@edge \
     libidn \
     libpq \
-    nodejs \
+    nodejs-npm@edge \
-    nodejs-npm \
+    nodejs@edge \
     protobuf \
     su-exec \
     tini \
+    yarn@edge \
  && update-ca-certificates \
- && mkdir -p /tmp/src /opt \
- && wget -O yarn.tar.gz "https://github.com/yarnpkg/yarn/releases/download/v$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
- && echo "$YARN_DOWNLOAD_SHA256 *yarn.tar.gz" | sha256sum -c - \
- && tar -xzf yarn.tar.gz -C /tmp/src \
- && rm yarn.tar.gz \
- && mv /tmp/src/yarn-v$YARN_VERSION /opt/yarn \
- && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
  && wget -O libiconv.tar.gz "http://ftp.gnu.org/pub/gnu/libiconv/libiconv-$LIBICONV_VERSION.tar.gz" \
  && echo "$LIBICONV_DOWNLOAD_SHA256 *libiconv.tar.gz" | sha256sum -c - \
+ && mkdir -p /tmp/src \
  && tar -xzf libiconv.tar.gz -C /tmp/src \
  && rm libiconv.tar.gz \
  && cd /tmp/src/libiconv-$LIBICONV_VERSION \
@@ -60,12 +54,11 @@ RUN apk -U upgrade \
  && cd /mastodon \
  && rm -rf /tmp/* /var/cache/apk/*
 
-COPY Gemfile Gemfile.lock package.json yarn.lock .yarnclean /mastodon/
+COPY Gemfile Gemfile.lock package.json yarn.lock /mastodon/
 
 RUN bundle config build.nokogiri --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
  && bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without test development \
- && yarn --pure-lockfile \
+ && yarn --ignore-optional --pure-lockfile
- && yarn cache clean
 
 COPY . /mastodon
 

Gemfile

@@ -5,8 +5,8 @@ ruby '>= 2.3.0', '< 2.5.0'
 
 gem 'pkg-config', '~> 1.2'
 
-gem 'puma', '~> 3.10'
+gem 'puma', '~> 3.8'
-gem 'rails', '~> 5.1.4'
+gem 'rails', '~> 5.1.0'
 gem 'uglifier', '~> 3.2'
 
 gem 'hamlit-rails', '~> 0.2'
@@ -14,10 +14,7 @@ gem 'pg', '~> 0.20'
 gem 'pghero', '~> 1.7'
 gem 'dotenv-rails', '~> 2.2'
 
-gem 'fog-aws', '~> 1.4', require: false
+gem 'aws-sdk', '~> 2.9'
-gem 'fog-core', '~> 1.45'
-gem 'fog-local', '~> 0.4', require: false
-gem 'fog-openstack', '~> 0.1', require: false
 gem 'paperclip', '~> 5.1'
 gem 'paperclip-av-transcoder', '~> 0.6'
 
@@ -25,9 +22,8 @@ gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.5'
 gem 'bootsnap'
 gem 'browser'
-gem 'charlock_holmes', '~> 0.7.5'
+gem 'charlock_holmes', '~> 0.7.3'
-gem 'iso-639'
+gem 'cld3', '~> 3.1'
-gem 'cld3', '~> 3.2.0'
 gem 'devise', '~> 4.2'
 gem 'devise-two-factor', '~> 3.0'
 gem 'doorkeeper', '~> 4.2'
@@ -40,14 +36,13 @@ gem 'http', '~> 2.2'
 gem 'http_accept_language', '~> 2.1'
 gem 'httplog', '~> 0.99'
 gem 'idn-ruby', require: 'idn'
-gem 'kaminari', '~> 1.1'
+gem 'kaminari', '~> 1.0'
 gem 'link_header', '~> 0.0'
 gem 'mime-types', '~> 3.1'
-gem 'nokogiri', '~> 1.8'
+gem 'nokogiri', '~> 1.7'
-gem 'nsa', '~> 0.2'
+gem 'oj', '~> 3.0'
-gem 'oj', '~> 3.3'
 gem 'ostatus2', '~> 2.0'
-gem 'ox', '~> 2.8'
+gem 'ox', '~> 2.5'
 gem 'pundit', '~> 1.1'
 gem 'rabl', '~> 0.13'
 gem 'rack-attack', '~> 5.0'
@@ -67,25 +62,22 @@ gem 'sidekiq-bulk', '~>0.1.1'
 gem 'simple-navigation', '~> 4.0'
 gem 'simple_form', '~> 3.4'
 gem 'sprockets-rails', '~> 3.2', require: 'sprockets/railtie'
-gem 'strong_migrations'
+gem 'statsd-instrument', '~> 2.1'
 gem 'twitter-text', '~> 1.14'
 gem 'tzinfo-data', '~> 1.2017'
-gem 'webpacker', '~> 3.0'
+gem 'webpacker', '~> 2.0'
 gem 'webpush'
 
-gem 'json-ld-preloaded', '~> 2.2.1'
-gem 'rdf-normalize', '~> 0.3.1'
-
 group :development, :test do
-  gem 'fabrication', '~> 2.18'
+  gem 'fabrication', '~> 2.16'
   gem 'fuubar', '~> 2.2'
   gem 'i18n-tasks', '~> 0.9', require: false
   gem 'pry-rails', '~> 0.3'
-  gem 'rspec-rails', '~> 3.7'
+  gem 'rspec-rails', '~> 3.6'
 end
 
 group :test do
-  gem 'capybara', '~> 2.15'
+  gem 'capybara', '~> 2.14'
   gem 'climate_control', '~> 0.2'
   gem 'faker', '~> 1.7'
   gem 'microformats', '~> 4.0'
@@ -93,29 +85,29 @@ group :test do
   gem 'rspec-sidekiq', '~> 3.0'
   gem 'simplecov', '~> 0.14', require: false
   gem 'webmock', '~> 3.0'
-  gem 'parallel_tests', '~> 2.17'
+  gem 'parallel_tests', '~> 2.14'
 end
 
 group :development do
   gem 'active_record_query_trace', '~> 1.5'
   gem 'annotate', '~> 2.7'
-  gem 'better_errors', '~> 2.4'
+  gem 'better_errors', '~> 2.1'
   gem 'binding_of_caller', '~> 0.7'
   gem 'bullet', '~> 5.5'
   gem 'letter_opener', '~> 1.4'
   gem 'letter_opener_web', '~> 1.3'
   gem 'rubocop', require: false
-  gem 'brakeman', '~> 4.0', require: false
+  gem 'brakeman', '~> 3.6', require: false
-  gem 'bundler-audit', '~> 0.6', require: false
+  gem 'bundler-audit', '~> 0.5', require: false
-  gem 'scss_lint', '~> 0.55', require: false
+  gem 'scss_lint', '~> 0.53', require: false
 
-  gem 'capistrano', '~> 3.10'
+  gem 'capistrano', '~> 3.8'
-  gem 'capistrano-rails', '~> 1.3'
+  gem 'capistrano-rails', '~> 1.2'
   gem 'capistrano-rbenv', '~> 2.1'
   gem 'capistrano-yarn', '~> 2.0'
 end
 
 group :production do
-  gem 'lograge', '~> 0.7'
+  gem 'lograge', '~> 0.5'
   gem 'redis-rails', '~> 5.0'
 end

Gemfile.lock

@@ -1,25 +1,25 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.1.4)
+    actioncable (5.1.3)
-      actionpack (= 5.1.4)
+      actionpack (= 5.1.3)
       nio4r (~> 2.0)
       websocket-driver (~> 0.6.1)
-    actionmailer (5.1.4)
+    actionmailer (5.1.3)
-      actionpack (= 5.1.4)
+      actionpack (= 5.1.3)
-      actionview (= 5.1.4)
+      actionview (= 5.1.3)
-      activejob (= 5.1.4)
+      activejob (= 5.1.3)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.1.4)
+    actionpack (5.1.3)
-      actionview (= 5.1.4)
+      actionview (= 5.1.3)
-      activesupport (= 5.1.4)
+      activesupport (= 5.1.3)
       rack (~> 2.0)
-      rack-test (>= 0.6.3)
+      rack-test (~> 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.1.4)
+    actionview (5.1.3)
-      activesupport (= 5.1.4)
+      activesupport (= 5.1.3)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -30,22 +30,22 @@ GEM
       case_transform (>= 0.2)
       jsonapi-renderer (>= 0.1.1.beta1, < 0.2)
     active_record_query_trace (1.5.4)
-    activejob (5.1.4)
+    activejob (5.1.3)
-      activesupport (= 5.1.4)
+      activesupport (= 5.1.3)
       globalid (>= 0.3.6)
-    activemodel (5.1.4)
+    activemodel (5.1.3)
-      activesupport (= 5.1.4)
+      activesupport (= 5.1.3)
-    activerecord (5.1.4)
+    activerecord (5.1.3)
-      activemodel (= 5.1.4)
+      activemodel (= 5.1.3)
-      activesupport (= 5.1.4)
+      activesupport (= 5.1.3)
       arel (~> 8.0)
-    activesupport (5.1.4)
+    activesupport (5.1.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (~> 0.7)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    addressable (2.5.2)
+    addressable (2.5.1)
-      public_suffix (>= 2.0.2, < 4.0)
+      public_suffix (~> 2.0, >= 2.0.2)
     airbrussh (1.3.0)
       sshkit (>= 1.6.1, != 1.7.0)
     annotate (2.7.2)
@@ -57,57 +57,65 @@ GEM
       encryptor (~> 3.0.0)
     av (0.9.0)
       cocaine (~> 0.5.3)
+    aws-sdk (2.10.21)
+      aws-sdk-resources (= 2.10.21)
+    aws-sdk-core (2.10.21)
+      aws-sigv4 (~> 1.0)
+      jmespath (~> 1.0)
+    aws-sdk-resources (2.10.21)
+      aws-sdk-core (= 2.10.21)
+    aws-sigv4 (1.0.1)
     bcrypt (3.1.11)
-    better_errors (2.4.0)
+    better_errors (2.1.1)
       coderay (>= 1.0.0)
-      erubi (>= 1.0.0)
+      erubis (>= 2.6.6)
       rack (>= 0.9.0)
-    binding_of_caller (0.7.3)
+    binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
-    bootsnap (1.1.5)
+    bootsnap (1.1.2)
       msgpack (~> 1.0)
-    brakeman (4.0.1)
+    brakeman (3.6.2)
-    browser (2.5.2)
+    browser (2.4.0)
     builder (3.2.3)
-    bullet (5.6.1)
+    bullet (5.5.1)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.10.0)
-    bundler-audit (0.6.0)
+    bundler-audit (0.5.0)
       bundler (~> 1.2)
       thor (~> 0.18)
-    capistrano (3.10.0)
+    capistrano (3.8.2)
       airbrussh (>= 1.0.0)
       i18n
       rake (>= 10.0.0)
       sshkit (>= 1.9.0)
-    capistrano-bundler (1.3.0)
+    capistrano-bundler (1.2.0)
       capistrano (~> 3.1)
       sshkit (~> 1.2)
     capistrano-rails (1.3.0)
       capistrano (~> 3.1)
       capistrano-bundler (~> 1.1)
-    capistrano-rbenv (2.1.2)
+    capistrano-rbenv (2.1.1)
       capistrano (~> 3.1)
       sshkit (~> 1.3)
     capistrano-yarn (2.0.2)
       capistrano (~> 3.0)
-    capybara (2.15.4)
+    capybara (2.14.4)
       addressable
-      mini_mime (>= 0.1.3)
+      mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
       rack (>= 1.0.0)
       rack-test (>= 0.5.4)
       xpath (~> 2.0)
     case_transform (0.2)
       activesupport
-    charlock_holmes (0.7.5)
+    charlock_holmes (0.7.3)
     chunky_png (1.3.8)
-    cld3 (3.2.1)
+    cld3 (3.1.3)
       ffi (>= 1.1.0, < 1.10.0)
     climate_control (0.2.0)
     cocaine (0.5.8)
       climate_control (>= 0.0.3, < 1.0)
-    coderay (1.1.2)
+    coderay (1.1.1)
     colorize (0.8.1)
     concurrent-ruby (1.0.5)
     connection_pool (2.2.1)
@@ -142,42 +150,20 @@ GEM
       thread
       thread_safe
     encryptor (3.0.0)
-    erubi (1.7.0)
+    erubi (1.6.1)
-    et-orbi (1.0.8)
+    erubis (2.7.0)
+    et-orbi (1.0.5)
       tzinfo
-    excon (0.59.0)
     execjs (2.7.0)
-    fabrication (2.18.0)
+    fabrication (2.16.2)
-    faker (1.8.4)
+    faker (1.7.3)
       i18n (~> 0.5)
     fast_blank (1.0.0)
     ffi (1.9.18)
-    fog-aws (1.4.1)
-      fog-core (~> 1.38)
-      fog-json (~> 1.0)
-      fog-xml (~> 0.1)
-      ipaddress (~> 0.8)
-    fog-core (1.45.0)
-      builder
-      excon (~> 0.58)
-      formatador (~> 0.2)
-    fog-json (1.0.2)
-      fog-core (~> 1.0)
-      multi_json (~> 1.10)
-    fog-local (0.4.0)
-      fog-core (~> 1.27)
-    fog-openstack (0.1.22)
-      fog-core (>= 1.40)
-      fog-json (>= 1.0)
-      ipaddress (>= 0.8)
-    fog-xml (0.1.3)
-      fog-core
-      nokogiri (>= 1.5.11, < 2.0.0)
-    formatador (0.2.5)
     fuubar (2.2.0)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
-    globalid (0.4.1)
+    globalid (0.4.0)
       activesupport (>= 4.2.0)
     goldfinger (2.0.1)
       addressable (~> 2.5)
@@ -193,9 +179,7 @@ GEM
       activesupport (>= 4.0.1)
       hamlit (>= 1.2.0)
       railties (>= 4.0.1)
-    hamster (3.0.0)
+    hashdiff (0.3.5)
-      concurrent-ruby (~> 1.0)
-    hashdiff (0.3.7)
     highline (1.7.8)
     hiredis (0.6.1)
     hkdf (0.3.0)
@@ -213,43 +197,34 @@ GEM
     httplog (0.99.7)
       colorize
       rack
-    i18n (0.9.0)
+    i18n (0.8.6)
-      concurrent-ruby (~> 1.0)
+    i18n-tasks (0.9.16)
-    i18n-tasks (0.9.18)
       activesupport (>= 4.0.2)
       ast (>= 2.1.0)
       easy_translate (>= 0.5.0)
-      erubi
+      erubis
       highline (>= 1.7.3)
       i18n
       parser (>= 2.2.3.0)
       rainbow (~> 2.2)
       terminal-table (>= 1.5.1)
     idn-ruby (0.1.0)
-    ipaddress (0.8.3)
+    jmespath (1.3.1)
-    iso-639 (0.2.8)
     json (2.1.0)
-    json-ld (2.1.7)
-      multi_json (~> 1.12)
-      rdf (~> 2.2, >= 2.2.8)
-    json-ld-preloaded (2.2.2)
-      json-ld (~> 2.1, >= 2.1.5)
-      multi_json (~> 1.11)
-      rdf (~> 2.2)
     jsonapi-renderer (0.1.3)
     jwt (1.5.6)
-    kaminari (1.1.1)
+    kaminari (1.0.1)
       activesupport (>= 4.1.0)
-      kaminari-actionview (= 1.1.1)
+      kaminari-actionview (= 1.0.1)
-      kaminari-activerecord (= 1.1.1)
+      kaminari-activerecord (= 1.0.1)
-      kaminari-core (= 1.1.1)
+      kaminari-core (= 1.0.1)
-    kaminari-actionview (1.1.1)
+    kaminari-actionview (1.0.1)
       actionview
-      kaminari-core (= 1.1.1)
+      kaminari-core (= 1.0.1)
-    kaminari-activerecord (1.1.1)
+    kaminari-activerecord (1.0.1)
       activerecord
-      kaminari-core (= 1.1.1)
+      kaminari-core (= 1.0.1)
-    kaminari-core (1.1.1)
+    kaminari-core (1.0.1)
     launchy (2.4.3)
       addressable (~> 2.3)
     letter_opener (1.4.1)
@@ -259,19 +234,17 @@ GEM
       letter_opener (~> 1.0)
       railties (>= 3.2)
     link_header (0.0.8)
-    lograge (0.7.1)
+    lograge (0.5.1)
       actionpack (>= 4, < 5.2)
       activesupport (>= 4, < 5.2)
       railties (>= 4, < 5.2)
-      request_store (~> 1.0)
+    loofah (2.0.3)
-    loofah (2.1.1)
-      crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.6.6)
       mime-types (>= 1.16, < 4)
     mario-redis-lock (1.2.0)
       redis (~> 3, >= 3.0.5)
-    method_source (0.9.0)
+    method_source (0.8.2)
     microformats (4.0.7)
       json
       nokogiri
@@ -279,33 +252,27 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
     mimemagic (0.3.2)
-    mini_mime (0.1.4)
+    mini_portile2 (2.2.0)
-    mini_portile2 (2.3.0)
     minitest (5.10.3)
     msgpack (1.1.0)
-    multi_json (1.12.2)
+    multi_json (1.12.1)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
-    net-ssh (4.2.0)
+    net-ssh (4.1.0)
     nio4r (2.1.0)
-    nokogiri (1.8.1)
+    nokogiri (1.8.0)
-      mini_portile2 (~> 2.3.0)
+      mini_portile2 (~> 2.2.0)
     nokogumbo (1.4.13)
       nokogiri
-    nsa (0.2.4)
+    oj (3.3.4)
-      activesupport (>= 4.2, < 6)
+    openssl (2.0.4)
-      concurrent-ruby (~> 1.0.0)
-      sidekiq (>= 3.5.0)
-      statsd-ruby (~> 1.2.0)
-    oj (3.3.9)
-    openssl (2.0.6)
     orm_adapter (0.5.0)
     ostatus2 (2.0.1)
       addressable (~> 2.4)
       http (~> 2.0)
       nokogiri (~> 1.6)
       openssl (~> 2.0)
-    ox (2.8.1)
+    ox (2.5.0)
     paperclip (5.1.0)
       activemodel (>= 4.2.0)
       activesupport (>= 4.2.0)
@@ -315,23 +282,24 @@ GEM
     paperclip-av-transcoder (0.6.4)
       av (~> 0.9.0)
       paperclip (>= 2.5.2)
-    parallel (1.12.0)
+    parallel (1.11.2)
-    parallel_tests (2.17.0)
+    parallel_tests (2.14.2)
       parallel
     parser (2.4.0.0)
       ast (~> 2.2)
     pg (0.21.0)
     pghero (1.7.0)
       activerecord
-    pkg-config (1.2.8)
+    pkg-config (1.2.4)
     powerpack (0.1.1)
-    pry (0.11.2)
+    pry (0.10.4)
       coderay (~> 1.1.0)
-      method_source (~> 0.9.0)
+      method_source (~> 0.8.1)
+      slop (~> 3.4)
     pry-rails (0.3.6)
       pry (>= 0.10.4)
-    public_suffix (3.0.0)
+    public_suffix (2.0.5)
-    puma (3.10.0)
+    puma (3.9.1)
     pundit (1.1.0)
       activesupport (>= 3.0.0)
     rabl (0.13.1)
@@ -342,22 +310,20 @@ GEM
     rack-cors (0.4.1)
     rack-protection (2.0.0)
       rack
-    rack-proxy (0.6.2)
+    rack-test (0.6.3)
-      rack
+      rack (>= 1.0)
-    rack-test (0.7.0)
-      rack (>= 1.0, < 3)
     rack-timeout (0.4.2)
-    rails (5.1.4)
+    rails (5.1.3)
-      actioncable (= 5.1.4)
+      actioncable (= 5.1.3)
-      actionmailer (= 5.1.4)
+      actionmailer (= 5.1.3)
-      actionpack (= 5.1.4)
+      actionpack (= 5.1.3)
-      actionview (= 5.1.4)
+      actionview (= 5.1.3)
-      activejob (= 5.1.4)
+      activejob (= 5.1.3)
-      activemodel (= 5.1.4)
+      activemodel (= 5.1.3)
-      activerecord (= 5.1.4)
+      activerecord (= 5.1.3)
-      activesupport (= 5.1.4)
+      activesupport (= 5.1.3)
       bundler (>= 1.3.0)
-      railties (= 5.1.4)
+      railties (= 5.1.3)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.2)
       actionpack (~> 5.x, >= 5.0.1)
@@ -373,75 +339,69 @@ GEM
       railties (~> 5.0)
     rails-settings-cached (0.6.6)
       rails (>= 4.2.0)
-    railties (5.1.4)
+    railties (5.1.3)
-      actionpack (= 5.1.4)
+      actionpack (= 5.1.3)
-      activesupport (= 5.1.4)
+      activesupport (= 5.1.3)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rainbow (2.2.2)
       rake
-    rake (12.2.1)
+    rake (12.0.0)
-    rdf (2.2.11)
+    redis (3.3.3)
-      hamster (~> 3.0)
+    redis-actionpack (5.0.1)
-      link_header (~> 0.0, >= 0.0.8)
-    rdf-normalize (0.3.2)
-      rdf (~> 2.0)
-    redis (3.3.5)
-    redis-actionpack (5.0.2)
       actionpack (>= 4.0, < 6)
       redis-rack (>= 1, < 3)
-      redis-store (>= 1.1.0, < 2)
+      redis-store (>= 1.1.0, < 1.4.0)
-    redis-activesupport (5.0.4)
+    redis-activesupport (5.0.3)
       activesupport (>= 3, < 6)
-      redis-store (>= 1.3, < 2)
+      redis-store (~> 1.3.0)
     redis-namespace (1.5.3)
       redis (~> 3.0, >= 3.0.4)
-    redis-rack (2.0.3)
+    redis-rack (2.0.2)
       rack (>= 1.5, < 3)
-      redis-store (>= 1.2, < 2)
+      redis-store (>= 1.2, < 1.4)
     redis-rails (5.0.2)
       redis-actionpack (>= 5.0, < 6)
       redis-activesupport (>= 5.0, < 6)
       redis-store (>= 1.2, < 2)
-    redis-store (1.4.1)
+    redis-store (1.3.0)
-      redis (>= 2.2, < 5)
+      redis (>= 2.2)
-    request_store (1.3.2)
     responders (2.4.0)
       actionpack (>= 4.2.0, < 5.3)
       railties (>= 4.2.0, < 5.3)
     rotp (2.1.2)
     rqrcode (0.10.1)
       chunky_png (~> 1.0)
-    rspec-core (3.7.0)
+    rspec-core (3.6.0)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.6.0)
-    rspec-expectations (3.7.0)
+    rspec-expectations (3.6.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.6.0)
-    rspec-mocks (3.7.0)
+    rspec-mocks (3.6.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.6.0)
-    rspec-rails (3.7.1)
+    rspec-rails (3.6.0)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 3.7.0)
+      rspec-core (~> 3.6.0)
-      rspec-expectations (~> 3.7.0)
+      rspec-expectations (~> 3.6.0)
-      rspec-mocks (~> 3.7.0)
+      rspec-mocks (~> 3.6.0)
-      rspec-support (~> 3.7.0)
+      rspec-support (~> 3.6.0)
     rspec-sidekiq (3.0.3)
       rspec-core (~> 3.0, >= 3.0.0)
       sidekiq (>= 2.4.0)
-    rspec-support (3.7.0)
+    rspec-support (3.6.0)
-    rubocop (0.51.0)
+    rubocop (0.49.1)
       parallel (~> 1.10)
       parser (>= 2.3.3.1, < 3.0)
       powerpack (~> 0.1)
-      rainbow (>= 2.2.2, < 3.0)
+      rainbow (>= 1.99.1, < 3.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (~> 1.0, >= 1.0.1)
     ruby-oembed (0.12.0)
-    ruby-progressbar (1.9.0)
+    ruby-progressbar (1.8.1)
     rufus-scheduler (3.4.2)
       et-orbi (~> 1.0)
     safe_yaml (1.0.4)
@@ -449,24 +409,24 @@ GEM
       crass (~> 1.0.2)
       nokogiri (>= 1.4.4)
       nokogumbo (~> 1.4.1)
-    sass (3.4.25)
+    sass (3.4.24)
-    scss_lint (0.55.0)
+    scss_lint (0.54.0)
       rake (>= 0.9, < 13)
       sass (~> 3.4.20)
-    sidekiq (5.0.5)
+    sidekiq (5.0.4)
       concurrent-ruby (~> 1.0)
       connection_pool (~> 2.2, >= 2.2.0)
       rack-protection (>= 1.5.0)
-      redis (>= 3.3.4, < 5)
+      redis (~> 3.3, >= 3.3.3)
     sidekiq-bulk (0.1.1)
       activesupport
       sidekiq
-    sidekiq-scheduler (2.1.10)
+    sidekiq-scheduler (2.1.8)
-      redis (>= 3, < 5)
+      redis (~> 3)
       rufus-scheduler (~> 3.2)
       sidekiq (>= 3)
       tilt (>= 1.4.0)
-    sidekiq-unique-jobs (5.0.10)
+    sidekiq-unique-jobs (5.0.9)
       sidekiq (>= 4.0, <= 6.0)
       thor (~> 0)
     simple-navigation (4.0.5)
@@ -474,36 +434,35 @@ GEM
     simple_form (3.5.0)
       actionpack (> 4, < 5.2)
       activemodel (> 4, < 5.2)
-    simplecov (0.15.1)
+    simplecov (0.14.1)
       docile (~> 1.1.0)
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
+    simplecov-html (0.10.1)
+    slop (3.6.0)
     sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.2.1)
+    sprockets-rails (3.2.0)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
-    sshkit (1.14.0)
+    sshkit (1.13.1)
       net-scp (>= 1.1.2)
       net-ssh (>= 2.8.0)
-    statsd-ruby (1.2.1)
+    statsd-instrument (2.1.4)
-    strong_migrations (0.1.9)
-      activerecord (>= 3.2.0)
     temple (0.8.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
-    thor (0.20.0)
+    thor (0.19.4)
     thread (0.2.2)
     thread_safe (0.3.6)
     tilt (2.0.8)
     twitter-text (1.14.7)
       unf (~> 0.1.0)
-    tzinfo (1.2.4)
+    tzinfo (1.2.3)
       thread_safe (~> 0.1)
-    tzinfo-data (1.2017.3)
+    tzinfo-data (1.2017.2)
       tzinfo (>= 1.0.0)
     uglifier (3.2.0)
       execjs (>= 0.3.0, < 3)
@@ -514,13 +473,13 @@ GEM
     uniform_notifier (1.10.0)
     warden (1.2.7)
       rack (>= 1.0)
-    webmock (3.1.0)
+    webmock (3.0.1)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff
-    webpacker (3.0.2)
+    webpacker (2.0)
       activesupport (>= 4.2)
-      rack-proxy (>= 0.6.1)
+      multi_json (~> 1.2)
       railties (>= 4.2)
     webpush (0.3.2)
       hkdf (~> 0.2)
@@ -539,32 +498,29 @@ DEPENDENCIES
   active_record_query_trace (~> 1.5)
   addressable (~> 2.5)
   annotate (~> 2.7)
-  better_errors (~> 2.4)
+  aws-sdk (~> 2.9)
+  better_errors (~> 2.1)
   binding_of_caller (~> 0.7)
   bootsnap
-  brakeman (~> 4.0)
+  brakeman (~> 3.6)
   browser
   bullet (~> 5.5)
-  bundler-audit (~> 0.6)
+  bundler-audit (~> 0.5)
-  capistrano (~> 3.10)
+  capistrano (~> 3.8)
-  capistrano-rails (~> 1.3)
+  capistrano-rails (~> 1.2)
   capistrano-rbenv (~> 2.1)
   capistrano-yarn (~> 2.0)
-  capybara (~> 2.15)
+  capybara (~> 2.14)
-  charlock_holmes (~> 0.7.5)
+  charlock_holmes (~> 0.7.3)
-  cld3 (~> 3.2.0)
+  cld3 (~> 3.1)
   climate_control (~> 0.2)
   devise (~> 4.2)
   devise-two-factor (~> 3.0)
   doorkeeper (~> 4.2)
   dotenv-rails (~> 2.2)
-  fabrication (~> 2.18)
+  fabrication (~> 2.16)
   faker (~> 1.7)
   fast_blank (~> 1.0)
-  fog-aws (~> 1.4)
-  fog-core (~> 1.45)
-  fog-local (~> 0.4)
-  fog-openstack (~> 0.1)
   fuubar (~> 2.2)
   goldfinger (~> 2.0)
   hamlit-rails (~> 0.2)
@@ -575,49 +531,45 @@ DEPENDENCIES
   httplog (~> 0.99)
   i18n-tasks (~> 0.9)
   idn-ruby
-  iso-639
+  kaminari (~> 1.0)
-  json-ld-preloaded (~> 2.2.1)
-  kaminari (~> 1.1)
   letter_opener (~> 1.4)
   letter_opener_web (~> 1.3)
   link_header (~> 0.0)
-  lograge (~> 0.7)
+  lograge (~> 0.5)
   mario-redis-lock (~> 1.2)
   microformats (~> 4.0)
   mime-types (~> 3.1)
-  nokogiri (~> 1.8)
+  nokogiri (~> 1.7)
-  nsa (~> 0.2)
+  oj (~> 3.0)
-  oj (~> 3.3)
   ostatus2 (~> 2.0)
-  ox (~> 2.8)
+  ox (~> 2.5)
   paperclip (~> 5.1)
   paperclip-av-transcoder (~> 0.6)
-  parallel_tests (~> 2.17)
+  parallel_tests (~> 2.14)
   pg (~> 0.20)
   pghero (~> 1.7)
   pkg-config (~> 1.2)
   pry-rails (~> 0.3)
-  puma (~> 3.10)
+  puma (~> 3.8)
   pundit (~> 1.1)
   rabl (~> 0.13)
   rack-attack (~> 5.0)
   rack-cors (~> 0.4)
   rack-timeout (~> 0.4)
-  rails (~> 5.1.4)
+  rails (~> 5.1.0)
   rails-controller-testing (~> 1.0)
   rails-i18n (~> 5.0)
   rails-settings-cached (~> 0.6)
-  rdf-normalize (~> 0.3.1)
   redis (~> 3.3)
   redis-namespace (~> 1.5)
   redis-rails (~> 5.0)
   rqrcode (~> 0.10)
-  rspec-rails (~> 3.7)
+  rspec-rails (~> 3.6)
   rspec-sidekiq (~> 3.0)
   rubocop
   ruby-oembed (~> 0.12)
   sanitize (~> 4.4)
-  scss_lint (~> 0.55)
+  scss_lint (~> 0.53)
   sidekiq (~> 5.0)
   sidekiq-bulk (~> 0.1.1)
   sidekiq-scheduler (~> 2.1)
@@ -626,16 +578,16 @@ DEPENDENCIES
   simple_form (~> 3.4)
   simplecov (~> 0.14)
   sprockets-rails (~> 3.2)
-  strong_migrations
+  statsd-instrument (~> 2.1)
   twitter-text (~> 1.14)
   tzinfo-data (~> 1.2017)
   uglifier (~> 3.2)
   webmock (~> 3.0)
-  webpacker (~> 3.0)
+  webpacker (~> 2.0)
   webpush
 
 RUBY VERSION
-   ruby 2.4.2p198
+   ruby 2.4.1p111
 
 BUNDLED WITH
-   1.15.4
+   1.15.3

Procfile.dev

@@ -1,4 +1,4 @@
 web: PORT=3000 bundle exec puma -C config/puma.rb
 sidekiq: PORT=3000 bundle exec sidekiq
 stream: PORT=4000 yarn run start
-webpack: ./bin/webpack-dev-server --listen-host 0.0.0.0
+webpack: ./bin/webpack-dev-server --host 0.0.0.0

Vagrantfile

@@ -83,7 +83,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
 
   config.vm.provider :virtualbox do |vb|
     vb.name = "mastodon"
-    vb.customize ["modifyvm", :id, "--memory", "4096"]
+    vb.customize ["modifyvm", :id, "--memory", "2048"]
 
     # Disable VirtualBox DNS proxy to skip long-delay IPv6 resolutions.
     # https://github.com/mitchellh/vagrant/issues/1172

app/controllers/accounts_controller.rb

@@ -7,81 +7,24 @@ class AccountsController < ApplicationController
   def show
     respond_to do |format|
       format.html do
-        @pinned_statuses = []
+        @statuses = @account.statuses.permitted_for(@account, current_account).paginate_by_max_id(20, params[:max_id], params[:since_id])
-
+        @statuses = cache_collection(@statuses, Status)
-        if current_account && @account.blocking?(current_account)
-          @statuses = []
-          return
-        end
-
-        @pinned_statuses = cache_collection(@account.pinned_statuses, Status) if show_pinned_statuses?
-        @statuses        = filtered_statuses.paginate_by_max_id(20, params[:max_id], params[:since_id])
-        @statuses        = cache_collection(@statuses, Status)
-        @next_url        = next_url unless @statuses.empty?
       end
 
       format.atom do
         @entries = @account.stream_entries.where(hidden: false).with_includes.paginate_by_max_id(20, params[:max_id], params[:since_id])
-        render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, @entries.reject { |entry| entry.status.nil? }))
+        render xml: OStatus::AtomSerializer.render(OStatus::AtomSerializer.new.feed(@account, @entries.to_a))
       end
 
       format.json do
-        render json: @account,
+        render json: @account, serializer: ActivityPub::ActorSerializer, adapter: ActivityPub::Adapter
-               serializer: ActivityPub::ActorSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
       end
     end
   end
 
   private
 
-  def show_pinned_statuses?
-    [replies_requested?, media_requested?, params[:max_id].present?, params[:since_id].present?].none?
-  end
-
-  def filtered_statuses
-    default_statuses.tap do |statuses|
-      statuses.merge!(only_media_scope) if media_requested?
-      statuses.merge!(no_replies_scope) unless replies_requested?
-    end
-  end
-
-  def default_statuses
-    @account.statuses.where(visibility: [:public, :unlisted])
-  end
-
-  def only_media_scope
-    Status.where(id: account_media_status_ids)
-  end
-
-  def account_media_status_ids
-    @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
-  end
-
-  def no_replies_scope
-    Status.without_replies
-  end
-
   def set_account
     @account = Account.find_local!(params[:username])
   end
-
-  def next_url
-    if media_requested?
-      short_account_media_url(@account, max_id: @statuses.last.id)
-    elsif replies_requested?
-      short_account_with_replies_url(@account, max_id: @statuses.last.id)
-    else
-      short_account_url(@account, max_id: @statuses.last.id)
-    end
-  end
-
-  def media_requested?
-    request.path.ends_with?('/media')
-  end
-
-  def replies_requested?
-    request.path.ends_with?('/with_replies')
-  end
 end

app/controllers/activitypub/inboxes_controller.rb

@@ -1,41 +0,0 @@
-# frozen_string_literal: true
-
-class ActivityPub::InboxesController < Api::BaseController
-  include SignatureVerification
-
-  before_action :set_account
-
-  def create
-    if signed_request_account
-      upgrade_account
-      process_payload
-      head 202
-    else
-      [signature_verification_failure_reason, 401]
-    end
-  end
-
-  private
-
-  def set_account
-    @account = Account.find_local!(params[:account_username]) if params[:account_username]
-  end
-
-  def body
-    @body ||= request.body.read
-  end
-
-  def upgrade_account
-    if signed_request_account.ostatus?
-      signed_request_account.update(last_webfingered_at: nil)
-      ResolveRemoteAccountWorker.perform_async(signed_request_account.acct)
-    end
-
-    Pubsubhubbub::UnsubscribeWorker.perform_async(signed_request_account.id) if signed_request_account.subscribed?
-    DeliveryFailureTracker.track_inverse_success!(signed_request_account)
-  end
-
-  def process_payload
-    ActivityPub::ProcessingWorker.perform_async(signed_request_account.id, body.force_encoding('UTF-8'))
-  end
-end

app/controllers/activitypub/outboxes_controller.rb

@@ -7,7 +7,7 @@ class ActivityPub::OutboxesController < Api::BaseController
     @statuses = @account.statuses.permitted_for(@account, current_account).paginate_by_max_id(20, params[:max_id], params[:since_id])
     @statuses = cache_collection(@statuses, Status)
 
-    render json: outbox_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json'
+    render json: outbox_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter
   end
 
   private

app/controllers/admin/account_moderation_notes_controller.rb

@@ -1,41 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class AccountModerationNotesController < BaseController
-    before_action :set_account_moderation_note, only: [:destroy]
-
-    def create
-      authorize AccountModerationNote, :create?
-
-      @account_moderation_note = current_account.account_moderation_notes.new(resource_params)
-
-      if @account_moderation_note.save
-        redirect_to admin_account_path(@account_moderation_note.target_account_id), notice: I18n.t('admin.account_moderation_notes.created_msg')
-      else
-        @account          = @account_moderation_note.target_account
-        @moderation_notes = @account.targeted_moderation_notes.latest
-
-        render template: 'admin/accounts/show'
-      end
-    end
-
-    def destroy
-      authorize @account_moderation_note, :destroy?
-      @account_moderation_note.destroy
-      redirect_to admin_account_path(@account_moderation_note.target_account_id), notice: I18n.t('admin.account_moderation_notes.destroyed_msg')
-    end
-
-    private
-
-    def resource_params
-      params.require(:account_moderation_note).permit(
-        :content,
-        :target_account_id
-      )
-    end
-
-    def set_account_moderation_note
-      @account_moderation_note = AccountModerationNote.find(params[:id])
-    end
-  end
-end

app/controllers/admin/accounts_controller.rb

@@ -2,54 +2,26 @@
 
 module Admin
   class AccountsController < BaseController
-    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload, :enable, :disable, :memorialize]
+    before_action :set_account, only: [:show, :subscribe, :unsubscribe, :redownload]
     before_action :require_remote_account!, only: [:subscribe, :unsubscribe, :redownload]
-    before_action :require_local_account!, only: [:enable, :disable, :memorialize]
 
     def index
-      authorize :account, :index?
       @accounts = filtered_accounts.page(params[:page])
     end
 
-    def show
+    def show; end
-      authorize @account, :show?
-      @account_moderation_note = current_account.account_moderation_notes.new(target_account: @account)
-      @moderation_notes = @account.targeted_moderation_notes.latest
-    end
 
     def subscribe
-      authorize @account, :subscribe?
       Pubsubhubbub::SubscribeWorker.perform_async(@account.id)
       redirect_to admin_account_path(@account.id)
     end
 
     def unsubscribe
-      authorize @account, :unsubscribe?
+      UnsubscribeService.new.call(@account)
-      Pubsubhubbub::UnsubscribeWorker.perform_async(@account.id)
-      redirect_to admin_account_path(@account.id)
-    end
-
-    def memorialize
-      authorize @account, :memorialize?
-      @account.memorialize!
-      redirect_to admin_account_path(@account.id)
-    end
-
-    def enable
-      authorize @account.user, :enable?
-      @account.user.enable!
-      redirect_to admin_account_path(@account.id)
-    end
-
-    def disable
-      authorize @account.user, :disable?
-      @account.user.disable!
       redirect_to admin_account_path(@account.id)
     end
 
     def redownload
-      authorize @account, :redownload?
-
       @account.reset_avatar!
       @account.reset_header!
       @account.save!
@@ -67,10 +39,6 @@ module Admin
       redirect_to admin_account_path(@account.id) if @account.local?
     end
 
-    def require_local_account!
-      redirect_to admin_account_path(@account.id) unless @account.local? && @account.user.present?
-    end
-
     def filtered_accounts
       AccountFilter.new(filter_params).results
     end

app/controllers/admin/base_controller.rb

@@ -2,9 +2,7 @@
 
 module Admin
   class BaseController < ApplicationController
-    include Authorization
+    before_action :require_admin!
-
-    before_action :require_staff!
 
     layout 'admin'
   end

app/controllers/admin/confirmations_controller.rb

@@ -2,18 +2,15 @@
 
 module Admin
   class ConfirmationsController < BaseController
-    before_action :set_user
-
     def create
-      authorize @user, :confirm?
+      account_user.confirm
-      @user.confirm!
       redirect_to admin_accounts_path
     end
 
     private
 
-    def set_user
+    def account_user
-      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
+      Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
     end
   end
 end

app/controllers/admin/custom_emojis_controller.rb

@@ -1,92 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class CustomEmojisController < BaseController
-    before_action :set_custom_emoji, except: [:index, :new, :create]
-
-    def index
-      authorize :custom_emoji, :index?
-      @custom_emojis = filtered_custom_emojis.eager_load(:local_counterpart).page(params[:page])
-    end
-
-    def new
-      authorize :custom_emoji, :create?
-      @custom_emoji = CustomEmoji.new
-    end
-
-    def create
-      authorize :custom_emoji, :create?
-
-      @custom_emoji = CustomEmoji.new(resource_params)
-
-      if @custom_emoji.save
-        redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.created_msg')
-      else
-        render :new
-      end
-    end
-
-    def update
-      authorize @custom_emoji, :update?
-
-      if @custom_emoji.update(resource_params)
-        redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.updated_msg')
-      else
-        redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.update_failed_msg')
-      end
-    end
-
-    def destroy
-      authorize @custom_emoji, :destroy?
-      @custom_emoji.destroy
-      redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.destroyed_msg')
-    end
-
-    def copy
-      authorize @custom_emoji, :copy?
-
-      emoji = CustomEmoji.find_or_create_by(domain: nil, shortcode: @custom_emoji.shortcode)
-
-      if emoji.update(image: @custom_emoji.image)
-        flash[:notice] = I18n.t('admin.custom_emojis.copied_msg')
-      else
-        flash[:alert] = I18n.t('admin.custom_emojis.copy_failed_msg')
-      end
-
-      redirect_to admin_custom_emojis_path(page: params[:page])
-    end
-
-    def enable
-      authorize @custom_emoji, :enable?
-      @custom_emoji.update!(disabled: false)
-      redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.enabled_msg')
-    end
-
-    def disable
-      authorize @custom_emoji, :disable?
-      @custom_emoji.update!(disabled: true)
-      redirect_to admin_custom_emojis_path, notice: I18n.t('admin.custom_emojis.disabled_msg')
-    end
-
-    private
-
-    def set_custom_emoji
-      @custom_emoji = CustomEmoji.find(params[:id])
-    end
-
-    def resource_params
-      params.require(:custom_emoji).permit(:shortcode, :image, :visible_in_picker)
-    end
-
-    def filtered_custom_emojis
-      CustomEmojiFilter.new(filter_params).results
-    end
-
-    def filter_params
-      params.permit(
-        :local,
-        :remote
-      )
-    end
-  end
-end

app/controllers/admin/domain_blocks_controller.rb

@@ -5,18 +5,14 @@ module Admin
     before_action :set_domain_block, only: [:show, :destroy]
 
     def index
-      authorize :domain_block, :index?
       @domain_blocks = DomainBlock.page(params[:page])
     end
 
     def new
-      authorize :domain_block, :create?
       @domain_block = DomainBlock.new
     end
 
     def create
-      authorize :domain_block, :create?
-
       @domain_block = DomainBlock.new(resource_params)
 
       if @domain_block.save
@@ -27,12 +23,9 @@ module Admin
       end
     end
 
-    def show
+    def show; end
-      authorize @domain_block, :show?
-    end
 
     def destroy
-      authorize @domain_block, :destroy?
       UnblockDomainService.new.call(@domain_block, retroactive_unblock?)
       redirect_to admin_domain_blocks_path, notice: I18n.t('admin.domain_blocks.destroyed_msg')
     end

app/controllers/admin/email_domain_blocks_controller.rb

@@ -1,45 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class EmailDomainBlocksController < BaseController
-    before_action :set_email_domain_block, only: [:show, :destroy]
-
-    def index
-      authorize :email_domain_block, :index?
-      @email_domain_blocks = EmailDomainBlock.page(params[:page])
-    end
-
-    def new
-      authorize :email_domain_block, :create?
-      @email_domain_block = EmailDomainBlock.new
-    end
-
-    def create
-      authorize :email_domain_block, :create?
-
-      @email_domain_block = EmailDomainBlock.new(resource_params)
-
-      if @email_domain_block.save
-        redirect_to admin_email_domain_blocks_path, notice: I18n.t('admin.email_domain_blocks.created_msg')
-      else
-        render :new
-      end
-    end
-
-    def destroy
-      authorize @email_domain_block, :destroy?
-      @email_domain_block.destroy
-      redirect_to admin_email_domain_blocks_path, notice: I18n.t('admin.email_domain_blocks.destroyed_msg')
-    end
-
-    private
-
-    def set_email_domain_block
-      @email_domain_block = EmailDomainBlock.find(params[:id])
-    end
-
-    def resource_params
-      params.require(:email_domain_block).permit(:domain)
-    end
-  end
-end

app/controllers/admin/instances_controller.rb

@@ -3,12 +3,10 @@
 module Admin
   class InstancesController < BaseController
     def index
-      authorize :instance, :index?
       @instances = ordered_instances
     end
 
     def resubscribe
-      authorize :instance, :resubscribe?
       params.require(:by_domain)
       Pubsubhubbub::SubscribeWorker.push_bulk(subscribeable_accounts.pluck(:id))
       redirect_to admin_instances_path
@@ -16,12 +14,8 @@ module Admin
 
     private
 
-    def filtered_instances
-      InstanceFilter.new(filter_params).results
-    end
-
     def paginated_instances
-      filtered_instances.page(params[:page])
+      Account.remote.by_domain_accounts.page(params[:page])
     end
 
     helper_method :paginated_instances
@@ -33,11 +27,5 @@ module Admin
     def subscribeable_accounts
       Account.with_followers.remote.where(domain: params[:by_domain])
     end
-
-    def filter_params
-      params.permit(
-        :domain_name
-      )
-    end
   end
 end

app/controllers/admin/reported_statuses_controller.rb

@@ -2,20 +2,19 @@
 
 module Admin
   class ReportedStatusesController < BaseController
+    include Authorization
+
     before_action :set_report
     before_action :set_status, only: [:update, :destroy]
 
     def create
-      authorize :status, :update?
+      @form = Form::StatusBatch.new(form_status_batch_params)
-
+      flash[:alert] = t('admin.statuses.failed_to_execute') unless @form.save
-      @form         = Form::StatusBatch.new(form_status_batch_params)
-      flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save
 
       redirect_to admin_report_path(@report)
     end
 
     def update
-      authorize @status, :update?
       @status.update(status_params)
       redirect_to admin_report_path(@report)
     end

app/controllers/admin/reports_controller.rb

@@ -5,17 +5,14 @@ module Admin
     before_action :set_report, except: [:index]
 
     def index
-      authorize :report, :index?
       @reports = filtered_reports.page(params[:page])
     end
 
     def show
-      authorize @report, :show?
       @form = Form::StatusBatch.new
     end
 
     def update
-      authorize @report, :update?
       process_report
       redirect_to admin_report_path(@report)
     end

app/controllers/admin/resets_controller.rb

@@ -2,18 +2,17 @@
 
 module Admin
   class ResetsController < BaseController
-    before_action :set_user
+    before_action :set_account
 
     def create
-      authorize @user, :reset_password?
+      @account.user.send_reset_password_instructions
-      @user.send_reset_password_instructions
       redirect_to admin_accounts_path
     end
 
     private
 
-    def set_user
+    def set_account
-      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
+      @account = Account.find(params[:account_id])
     end
   end
 end

app/controllers/admin/roles_controller.rb

@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class RolesController < BaseController
-    before_action :set_user
-
-    def promote
-      authorize @user, :promote?
-      @user.promote!
-      redirect_to admin_account_path(@user.account_id)
-    end
-
-    def demote
-      authorize @user, :demote?
-      @user.demote!
-      redirect_to admin_account_path(@user.account_id)
-    end
-
-    private
-
-    def set_user
-      @user = Account.find(params[:account_id]).user || raise(ActiveRecord::RecordNotFound)
-    end
-  end
-end

app/controllers/admin/settings_controller.rb

@@ -13,8 +13,6 @@ module Admin
       closed_registrations_message
       open_deletion
       timeline_preview
-      bootstrap_timeline_accounts
-      thumbnail
     ).freeze
 
     BOOLEAN_SETTINGS = %w(
@@ -23,26 +21,14 @@ module Admin
       timeline_preview
     ).freeze
 
-    UPLOAD_SETTINGS = %w(
-      thumbnail
-    ).freeze
-
     def edit
-      authorize :settings, :show?
       @admin_settings = Form::AdminSettings.new
     end
 
     def update
-      authorize :settings, :update?
-
       settings_params.each do |key, value|
-        if UPLOAD_SETTINGS.include?(key)
+        setting = Setting.where(var: key).first_or_initialize(var: key)
-          upload = SiteUpload.where(var: key).first_or_initialize(var: key)
+        setting.update(value: value_for_update(key, value))
-          upload.update(file: value)
-        else
-          setting = Setting.where(var: key).first_or_initialize(var: key)
-          setting.update(value: value_for_update(key, value))
-        end
       end
 
       flash[:notice] = I18n.t('generic.changes_saved_msg')

app/controllers/admin/silences_controller.rb

@@ -5,13 +5,11 @@ module Admin
     before_action :set_account
 
     def create
-      authorize @account, :silence?
       @account.update(silenced: true)
       redirect_to admin_accounts_path
     end
 
     def destroy
-      authorize @account, :unsilence?
       @account.update(silenced: false)
       redirect_to admin_accounts_path
     end

app/controllers/admin/statuses_controller.rb

@@ -2,38 +2,34 @@
 
 module Admin
   class StatusesController < BaseController
+    include Authorization
+
     helper_method :current_params
 
     before_action :set_account
     before_action :set_status, only: [:update, :destroy]
 
-    PER_PAGE = 20
+    PAR_PAGE = 20
 
     def index
-      authorize :status, :index?
-
       @statuses = @account.statuses
-
       if params[:media]
         account_media_status_ids = @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
         @statuses.merge!(Status.where(id: account_media_status_ids))
       end
+      @statuses = @statuses.preload(:media_attachments, :mentions).page(params[:page]).per(PAR_PAGE)
 
-      @statuses = @statuses.preload(:media_attachments, :mentions).page(params[:page]).per(PER_PAGE)
+      @form = Form::StatusBatch.new
-      @form     = Form::StatusBatch.new
     end
 
     def create
-      authorize :status, :update?
+      @form = Form::StatusBatch.new(form_status_batch_params)
-
+      flash[:alert] = t('admin.statuses.failed_to_execute') unless @form.save
-      @form         = Form::StatusBatch.new(form_status_batch_params)
-      flash[:alert] = I18n.t('admin.statuses.failed_to_execute') unless @form.save
 
       redirect_to admin_account_statuses_path(@account.id, current_params)
     end
 
     def update
-      authorize @status, :update?
       @status.update(status_params)
       redirect_to admin_account_statuses_path(@account.id, current_params)
     end
@@ -64,7 +60,6 @@ module Admin
 
     def current_params
       page = (params[:page] || 1).to_i
-
       {
         media: params[:media],
         page: page > 1 && page,

app/controllers/admin/subscriptions_controller.rb

@@ -3,7 +3,6 @@
 module Admin
   class SubscriptionsController < BaseController
     def index
-      authorize :subscription, :index?
       @subscriptions = ordered_subscriptions.page(requested_page)
     end
 

app/controllers/admin/suspensions_controller.rb

@@ -5,14 +5,12 @@ module Admin
     before_action :set_account
 
     def create
-      authorize @account, :suspend?
       Admin::SuspensionWorker.perform_async(@account.id)
       redirect_to admin_accounts_path
     end
 
     def destroy
-      authorize @account, :unsuspend?
+      @account.update(suspended: false)
-      @account.unsuspend!
       redirect_to admin_accounts_path
     end
 

app/controllers/admin/two_factor_authentications_controller.rb

@@ -5,7 +5,6 @@ module Admin
     before_action :set_user
 
     def destroy
-      authorize @user, :disable_2fa?
       @user.disable_two_factor!
       redirect_to admin_accounts_path
     end

app/controllers/api/base_controller.rb

@@ -43,7 +43,7 @@ class Api::BaseController < ApplicationController
     links = []
     links << [next_path, [%w(rel next)]] if next_path
     links << [prev_path, [%w(rel prev)]] if prev_path
-    response.headers['Link'] = LinkHeader.new(links) unless links.empty?
+    response.headers['Link'] = LinkHeader.new(links)
   end
 
   def limit_param(default_limit)
@@ -62,11 +62,10 @@ class Api::BaseController < ApplicationController
   end
 
   def require_user!
-    if current_user
+    current_resource_owner
-      set_user_activity
+    set_user_activity
-    else
+  rescue ActiveRecord::RecordNotFound
-      render json: { error: 'This method requires an authenticated user' }, status: 422
+    render json: { error: 'This method requires an authenticated user' }, status: 422
-    end
   end
 
   def render_empty

app/controllers/api/oembed_controller.rb

@@ -4,14 +4,14 @@ class Api::OEmbedController < Api::BaseController
   respond_to :json
 
   def show
-    @status = status_finder.status
+    @stream_entry = find_stream_entry.stream_entry
-    render json: @status, serializer: OEmbedSerializer, width: maxwidth_or_default, height: maxheight_or_default
+    render json: @stream_entry, serializer: OEmbedSerializer, width: maxwidth_or_default, height: maxheight_or_default
   end
 
   private
 
-  def status_finder
+  def find_stream_entry
-    StatusFinder.new(params[:url])
+    StreamEntryFinder.new(params[:url])
   end
 
   def maxwidth_or_default

app/controllers/api/salmon_controller.rb

@@ -7,11 +7,9 @@ class Api::SalmonController < Api::BaseController
   def update
     if verify_payload?
       process_salmon
-      head 202
+      head 201
-    elsif payload.present?
-      [signature_verification_failure_reason, 401]
     else
-      head 400
+      head 202
     end
   end
 

app/controllers/api/v1/accounts/credentials_controller.rb

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 class Api::V1::Accounts::CredentialsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read }, except: [:update]
   before_action -> { doorkeeper_authorize! :write }, only: [:update]
   before_action :require_user!
 
@@ -11,9 +10,8 @@ class Api::V1::Accounts::CredentialsController < Api::BaseController
   end
 
   def update
+    current_account.update!(account_params)
     @account = current_account
-    UpdateAccountService.new.call(@account, account_params, raise_error: true)
-    ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
     render json: @account, serializer: REST::CredentialAccountSerializer
   end
 

app/controllers/api/v1/accounts/relationships_controller.rb

@@ -7,10 +7,7 @@ class Api::V1::Accounts::RelationshipsController < Api::BaseController
   respond_to :json
 
   def index
-    accounts = Account.where(id: account_ids).select('id')
+    @accounts = Account.where(id: account_ids).select('id')
-    # .where doesn't guarantee that our results are in the same order
-    # we requested them, so return the "right" order to the requestor.
-    @accounts = accounts.index_by(&:id).values_at(*account_ids)
     render json: @accounts, each_serializer: REST::RelationshipSerializer, relationships: relationships
   end
 

app/controllers/api/v1/accounts/statuses_controller.rb

@@ -29,7 +29,6 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
   def account_statuses
     default_statuses.tap do |statuses|
       statuses.merge!(only_media_scope) if params[:only_media]
-      statuses.merge!(pinned_scope) if params[:pinned]
       statuses.merge!(no_replies_scope) if params[:exclude_replies]
     end
   end
@@ -54,10 +53,6 @@ class Api::V1::Accounts::StatusesController < Api::BaseController
     @account.media_attachments.attached.reorder(nil).select(:status_id).distinct
   end
 
-  def pinned_scope
-    @account.pinned_statuses
-  end
-
   def no_replies_scope
     Status.without_replies
   end

app/controllers/api/v1/accounts_controller.rb

@@ -13,13 +13,8 @@ class Api::V1::AccountsController < Api::BaseController
   end
 
   def follow
-    reblogs_arg = { reblogs: params[:reblogs] }
+    FollowService.new.call(current_user.account, @account.acct)
-    
+    render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
-    FollowService.new.call(current_user.account, @account.acct, reblogs_arg)
-
-    options = @account.locked? ? {} : { following_map: { @account.id => reblogs_arg }, requested_map: { @account.id => false } }
-
-    render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships(options)
   end
 
   def block
@@ -28,7 +23,7 @@ class Api::V1::AccountsController < Api::BaseController
   end
 
   def mute
-    MuteService.new.call(current_user.account, @account, notifications: params[:notifications])
+    MuteService.new.call(current_user.account, @account)
     render json: @account, serializer: REST::RelationshipSerializer, relationships: relationships
   end
 
@@ -53,7 +48,7 @@ class Api::V1::AccountsController < Api::BaseController
     @account = Account.find(params[:id])
   end
 
-  def relationships(options = {})
+  def relationships
-    AccountRelationshipsPresenter.new([@account.id], current_user.account_id, options)
+    AccountRelationshipsPresenter.new([@account.id], current_user.account_id)
   end
 end

app/controllers/api/v1/apps/credentials_controller.rb

@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Apps::CredentialsController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read }
-
-  respond_to :json
-
-  def show
-    render json: doorkeeper_token.application, serializer: REST::StatusSerializer::ApplicationSerializer
-  end
-end

app/controllers/api/v1/apps_controller.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class Api::V1::AppsController < Api::BaseController
+  respond_to :json
+
   def create
     @app = Doorkeeper::Application.create!(application_options)
     render json: @app, serializer: REST::ApplicationSerializer

app/controllers/api/v1/blocks_controller.rb

@@ -15,17 +15,19 @@ class Api::V1::BlocksController < Api::BaseController
   private
 
   def load_accounts
-    paginated_blocks.map(&:target_account)
+    default_accounts.merge(paginated_blocks).to_a
+  end
+
+  def default_accounts
+    Account.includes(:blocked_by).references(:blocked_by)
   end
 
   def paginated_blocks
-    @paginated_blocks ||= Block.eager_load(:target_account)
+    Block.where(account: current_account).paginate_by_max_id(
-                               .where(account: current_account)
+      limit_param(DEFAULT_ACCOUNTS_LIMIT),
-                               .paginate_by_max_id(
+      params[:max_id],
-                                 limit_param(DEFAULT_ACCOUNTS_LIMIT),
+      params[:since_id]
-                                 params[:max_id],
+    )
-                                 params[:since_id]
-                               )
   end
 
   def insert_pagination_headers
@@ -39,21 +41,21 @@ class Api::V1::BlocksController < Api::BaseController
   end
 
   def prev_path
-    unless paginated_blocks.empty?
+    unless @accounts.empty?
       api_v1_blocks_url pagination_params(since_id: pagination_since_id)
     end
   end
 
   def pagination_max_id
-    paginated_blocks.last.id
+    @accounts.last.blocked_by_ids.last
   end
 
   def pagination_since_id
-    paginated_blocks.first.id
+    @accounts.first.blocked_by_ids.first
   end
 
   def records_continue?
-    paginated_blocks.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
+    @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
 
   def pagination_params(core_params)

app/controllers/api/v1/custom_emojis_controller.rb

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::CustomEmojisController < Api::BaseController
-  respond_to :json
-
-  def index
-    render json: CustomEmoji.local.where(disabled: false), each_serializer: REST::CustomEmojiSerializer
-  end
-end

app/controllers/api/v1/follows_controller.rb

@@ -10,12 +10,6 @@ class Api::V1::FollowsController < Api::BaseController
     raise ActiveRecord::RecordNotFound if follow_params[:uri].blank?
 
     @account = FollowService.new.call(current_user.account, target_uri).try(:target_account)
-
-    if @account.nil?
-      username, domain = target_uri.split('@')
-      @account         = Account.find_remote!(username, domain)
-    end
-
     render json: @account, serializer: REST::AccountSerializer
   end
 

app/controllers/api/v1/media_controller.rb

@@ -10,7 +10,7 @@ class Api::V1::MediaController < Api::BaseController
   respond_to :json
 
   def create
-    @media = current_account.media_attachments.create!(media_params)
+    @media = current_account.media_attachments.create!(file: media_params[:file])
     render json: @media, serializer: REST::MediaAttachmentSerializer
   rescue Paperclip::Errors::NotIdentifiedByImageMagickError
     render json: file_type_error, status: 422
@@ -18,16 +18,10 @@ class Api::V1::MediaController < Api::BaseController
     render json: processing_error, status: 500
   end
 
-  def update
-    @media = current_account.media_attachments.where(status_id: nil).find(params[:id])
-    @media.update!(media_params)
-    render json: @media, serializer: REST::MediaAttachmentSerializer
-  end
-
   private
 
   def media_params
-    params.permit(:file, :description)
+    params.permit(:file)
   end
 
   def file_type_error

app/controllers/api/v1/mutes_controller.rb

@@ -8,15 +8,10 @@ class Api::V1::MutesController < Api::BaseController
   respond_to :json
 
   def index
-    @data = @accounts = load_accounts
+    @accounts = load_accounts
     render json: @accounts, each_serializer: REST::AccountSerializer
   end
 
-  def details
-    @data = @mutes = load_mutes
-    render json: @mutes, each_serializer: REST::MuteSerializer
-  end 
-
   private
 
   def load_accounts
@@ -27,10 +22,6 @@ class Api::V1::MutesController < Api::BaseController
     Account.includes(:muted_by).references(:muted_by)
   end
 
-  def load_mutes
-    paginated_mutes.includes(:account, :target_account).to_a
-  end
-
   def paginated_mutes
     Mute.where(account: current_account).paginate_by_max_id(
       limit_param(DEFAULT_ACCOUNTS_LIMIT),
@@ -45,34 +36,26 @@ class Api::V1::MutesController < Api::BaseController
 
   def next_path
     if records_continue?
-      url_for pagination_params(max_id: pagination_max_id)
+      api_v1_mutes_url pagination_params(max_id: pagination_max_id)
     end
   end
 
   def prev_path
-    unless@data.empty?
+    unless @accounts.empty?
-      url_for pagination_params(since_id: pagination_since_id)
+      api_v1_mutes_url pagination_params(since_id: pagination_since_id)
     end
   end
 
   def pagination_max_id
-    if params[:action] == "details"
+    @accounts.last.muted_by_ids.last
-      @mutes.last.id
-    else
-      @accounts.last.muted_by_ids.last
-    end
   end
 
   def pagination_since_id
-    if params[:action] == "details"
+    @accounts.first.muted_by_ids.first
-      @mutes.first.id
-    else
-      @accounts.first.muted_by_ids.first
-    end
   end
 
   def records_continue?
-    @data.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
+    @accounts.size == limit_param(DEFAULT_ACCOUNTS_LIMIT)
   end
 
   def pagination_params(core_params)

app/controllers/api/v1/reports_controller.rb

@@ -19,7 +19,7 @@ class Api::V1::ReportsController < Api::BaseController
       comment: report_params[:comment]
     )
 
-    User.staff.includes(:account).each { |u| AdminMailer.new_report(u.account, @report).deliver_later }
+    User.admins.includes(:account).each { |u| AdminMailer.new_report(u.account, @report).deliver_later }
 
     render json: @report, serializer: REST::ReportSerializer
   end

app/controllers/api/v1/search_controller.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 class Api::V1::SearchController < Api::BaseController
-  include Authorization
-
   RESULTS_LIMIT = 10
 
   before_action -> { doorkeeper_authorize! :read }
@@ -11,24 +9,12 @@ class Api::V1::SearchController < Api::BaseController
   respond_to :json
 
   def index
-    @search = Search.new(search)
+    @search = Search.new(search_results)
     render json: @search, serializer: REST::SearchSerializer
   end
 
   private
 
-  def search
-    search_results.tap do |search|
-      search[:statuses].keep_if do |status|
-        begin
-          authorize status, :show?
-        rescue Mastodon::NotPermittedError
-          false
-        end
-      end
-    end
-  end
-
   def search_results
     SearchService.new.call(
       params[:q],

app/controllers/api/v1/statuses/pins_controller.rb

@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Statuses::PinsController < Api::BaseController
-  include Authorization
-
-  before_action -> { doorkeeper_authorize! :write }
-  before_action :require_user!
-  before_action :set_status
-
-  respond_to :json
-
-  def create
-    StatusPin.create!(account: current_account, status: @status)
-    render json: @status, serializer: REST::StatusSerializer
-  end
-
-  def destroy
-    pin = StatusPin.find_by(account: current_account, status: @status)
-    pin&.destroy!
-    render json: @status, serializer: REST::StatusSerializer
-  end
-
-  private
-
-  def set_status
-    @status = Status.find(params[:status_id])
-  end
-end

app/controllers/api/v1/statuses_controller.rb

@@ -29,7 +29,7 @@ class Api::V1::StatusesController < Api::BaseController
   end
 
   def card
-    @card = @status.preview_cards.first
+    @card = PreviewCard.find_by(status: @status)
 
     if @card.nil?
       render_empty

app/controllers/api/v1/timelines/direct_controller.rb

@@ -1,60 +0,0 @@
-# frozen_string_literal: true
-
-class Api::V1::Timelines::DirectController < Api::BaseController
-  before_action -> { doorkeeper_authorize! :read }, only: [:show]
-  before_action :require_user!, only: [:show]
-  after_action :insert_pagination_headers, unless: -> { @statuses.empty? }
-
-  respond_to :json
-
-  def show
-    @statuses = load_statuses
-    render json: @statuses, each_serializer: REST::StatusSerializer, relationships: StatusRelationshipsPresenter.new(@statuses, current_user&.account_id)
-  end
-
-  private
-
-  def load_statuses
-    cached_direct_statuses
-  end
-
-  def cached_direct_statuses
-    cache_collection direct_statuses, Status
-  end
-
-  def direct_statuses
-    direct_timeline_statuses.paginate_by_max_id(
-      limit_param(DEFAULT_STATUSES_LIMIT),
-      params[:max_id],
-      params[:since_id]
-    )
-  end
-
-  def direct_timeline_statuses
-    Status.as_direct_timeline(current_account)
-  end
-
-  def insert_pagination_headers
-    set_pagination_headers(next_path, prev_path)
-  end
-
-  def pagination_params(core_params)
-    params.permit(:local, :limit).merge(core_params)
-  end
-
-  def next_path
-    api_v1_timelines_direct_url pagination_params(max_id: pagination_max_id)
-  end
-
-  def prev_path
-    api_v1_timelines_direct_url pagination_params(since_id: pagination_since_id)
-  end
-
-  def pagination_max_id
-    @statuses.last.id
-  end
-
-  def pagination_since_id
-    @statuses.first.id
-  end
-end

app/controllers/api/web/embeds_controller.rb

@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-class Api::Web::EmbedsController < Api::BaseController
-  respond_to :json
-
-  before_action :require_user!
-
-  def create
-    status = StatusFinder.new(params[:url]).status
-    render json: status, serializer: OEmbedSerializer, width: 400
-  rescue ActiveRecord::RecordNotFound
-    oembed = OEmbed::Providers.get(params[:url])
-    render json: Oj.dump(oembed.fields)
-  rescue OEmbed::NotFound
-    render json: {}, status: :not_found
-  end
-end

app/controllers/application_controller.rb

@@ -12,13 +12,11 @@ class ApplicationController < ActionController::Base
 
   helper_method :current_account
   helper_method :current_session
-  helper_method :current_theme
   helper_method :single_user_mode?
 
   rescue_from ActionController::RoutingError, with: :not_found
   rescue_from ActiveRecord::RecordNotFound, with: :not_found
   rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity
-  rescue_from Mastodon::NotPermittedError, with: :forbidden
 
   before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
   before_action :check_suspension, if: :user_signed_in?
@@ -41,10 +39,6 @@ class ApplicationController < ActionController::Base
     redirect_to root_path unless current_user&.admin?
   end
 
-  def require_staff!
-    redirect_to root_path unless current_user&.staff?
-  end
-
   def check_suspension
     forbidden if current_user.account.suspended?
   end
@@ -83,11 +77,6 @@ class ApplicationController < ActionController::Base
     @current_session ||= SessionActivation.find_by(session_id: cookies.signed['_session_id'])
   end
 
-  def current_theme
-    return Setting.default_settings['theme'] unless Themes.instance.names.include? current_user&.setting_theme
-    current_user.setting_theme
-  end
-
   def cache_collection(raw, klass)
     return raw unless klass.respond_to?(:with_includes)
 
@@ -104,7 +93,7 @@ class ApplicationController < ActionController::Base
     unless uncached_ids.empty?
       uncached = klass.where(id: uncached_ids).with_includes.map { |item| [item.id, item] }.to_h
 
-      uncached.each_value do |item|
+      uncached.values.each do |item|
         Rails.cache.write(item.cache_key, item)
       end
     end

app/controllers/auth/confirmations_controller.rb

@@ -2,10 +2,4 @@
 
 class Auth::ConfirmationsController < Devise::ConfirmationsController
   layout 'auth'
-
-  def show
-    super do |user|
-      BootstrapTimelineWorker.perform_async(user.account_id) if user.errors.empty?
-    end
-  end
 end

app/controllers/auth/registrations_controller.rb

@@ -6,7 +6,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
   before_action :check_enabled_registrations, only: [:new, :create]
   before_action :configure_sign_up_params, only: [:create]
   before_action :set_sessions, only: [:edit, :update]
-  before_action :set_instance_presenter, only: [:new, :create, :update]
 
   def destroy
     not_found
@@ -40,10 +39,6 @@ class Auth::RegistrationsController < Devise::RegistrationsController
 
   private
 
-  def set_instance_presenter
-    @instance_presenter = InstancePresenter.new
-  end
-
   def determine_layout
     %w(edit update).include?(action_name) ? 'admin' : 'auth'
   end

app/controllers/auth/sessions_controller.rb

@@ -8,7 +8,6 @@ class Auth::SessionsController < Devise::SessionsController
   skip_before_action :require_no_authentication, only: [:create]
   skip_before_action :check_suspension, only: [:destroy]
   prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create]
-  before_action :set_instance_presenter, only: [:new]
 
   def create
     super do |resource|
@@ -62,7 +61,7 @@ class Auth::SessionsController < Devise::SessionsController
 
     if user_params[:otp_attempt].present? && session[:otp_user_id]
       authenticate_with_two_factor_via_otp(user)
-    elsif user&.valid_password?(user_params[:password])
+    elsif user && user.valid_password?(user_params[:password])
       prompt_for_two_factor(user)
     end
   end
@@ -85,10 +84,6 @@ class Auth::SessionsController < Devise::SessionsController
 
   private
 
-  def set_instance_presenter
-    @instance_presenter = InstancePresenter.new
-  end
-
   def home_paths(resource)
     paths = [about_path]
     if single_user_mode? && resource.is_a?(User)

app/controllers/concerns/account_controller_concern.rb

@@ -23,7 +23,6 @@ module AccountControllerConcern
       [
         webfinger_account_link,
         atom_account_url_link,
-        actor_url_link,
       ]
     )
   end
@@ -42,13 +41,6 @@ module AccountControllerConcern
     ]
   end
 
-  def actor_url_link
-    [
-      ActivityPub::TagManager.instance.uri_for(@account),
-      [%w(rel alternate), %w(type application/activity+json)],
-    ]
-  end
-
   def webfinger_account_url
     webfinger_url(resource: @account.to_webfinger_s)
   end

app/controllers/concerns/authorization.rb

@@ -2,7 +2,6 @@
 
 module Authorization
   extend ActiveSupport::Concern
-
   include Pundit
 
   def pundit_user

app/controllers/concerns/signature_verification.rb

@@ -9,15 +9,10 @@ module SignatureVerification
     request.headers['Signature'].present?
   end
 
-  def signature_verification_failure_reason
-    return @signature_verification_failure_reason if defined?(@signature_verification_failure_reason)
-  end
-
   def signed_request_account
     return @signed_request_account if defined?(@signed_request_account)
 
     unless signed_request?
-      @signature_verification_failure_reason = 'Request not signed'
       @signed_request_account = nil
       return
     end
@@ -32,15 +27,13 @@ module SignatureVerification
     end
 
     if incompatible_signature?(signature_params)
-      @signature_verification_failure_reason = 'Incompatible request signature'
       @signed_request_account = nil
       return
     end
 
-    account = account_from_key_id(signature_params['keyId'])
+    account = ResolveRemoteAccountService.new.call(signature_params['keyId'].gsub(/\Aacct:/, ''))
 
     if account.nil?
-      @signature_verification_failure_reason = "Public key not found for key #{signature_params['keyId']}"
       @signed_request_account = nil
       return
     end
@@ -51,26 +44,11 @@ module SignatureVerification
     if account.keypair.public_key.verify(OpenSSL::Digest::SHA256.new, signature, compare_signed_string)
       @signed_request_account = account
       @signed_request_account
-    elsif account.possibly_stale?
-      account = account.refresh!
-
-      if account.keypair.public_key.verify(OpenSSL::Digest::SHA256.new, signature, compare_signed_string)
-        @signed_request_account = account
-        @signed_request_account
-      else
-        @signed_verification_failure_reason = "Verification failed for #{account.username}@#{account.domain} #{account.uri}"
-        @signed_request_account = nil
-      end
     else
-      @signed_verification_failure_reason = "Verification failed for #{account.username}@#{account.domain} #{account.uri}"
       @signed_request_account = nil
     end
   end
 
-  def request_body
-    @request_body ||= request.raw_post
-  end
-
   private
 
   def build_signed_string(signed_headers)
@@ -79,8 +57,6 @@ module SignatureVerification
     signed_headers.split(' ').map do |signed_header|
       if signed_header == Request::REQUEST_TARGET
         "#{Request::REQUEST_TARGET}: #{request.method.downcase} #{request.path}"
-      elsif signed_header == 'digest'
-        "digest: #{body_digest}"
       else
         "#{signed_header}: #{request.headers[to_header_name(signed_header)]}"
       end
@@ -97,10 +73,6 @@ module SignatureVerification
     (Time.now.utc - time_sent).abs <= 30
   end
 
-  def body_digest
-    "SHA-256=#{Digest::SHA256.base64digest(request_body)}"
-  end
-
   def to_header_name(name)
     name.split(/-/).map(&:capitalize).join('-')
   end
@@ -109,16 +81,7 @@ module SignatureVerification
     signature_params['keyId'].blank? ||
       signature_params['signature'].blank? ||
       signature_params['algorithm'].blank? ||
-      signature_params['algorithm'] != 'rsa-sha256'
+      signature_params['algorithm'] != 'rsa-sha256' ||
-  end
+      !signature_params['keyId'].start_with?('acct:')
-
-  def account_from_key_id(key_id)
-    if key_id.start_with?('acct:')
-      ResolveRemoteAccountService.new.call(key_id.gsub(/\Aacct:/, ''))
-    elsif !ActivityPub::TagManager.instance.local_uri?(key_id)
-      account   = ActivityPub::TagManager.instance.uri_to_resource(key_id, Account)
-      account ||= ActivityPub::FetchRemoteKeyService.new.call(key_id, id: false)
-      account
-    end
   end
 end

app/controllers/concerns/user_tracking_concern.rb

@@ -7,14 +7,12 @@ module UserTrackingConcern
   UPDATE_SIGN_IN_HOURS = 24
 
   included do
-    before_action :set_user_activity
+    before_action :set_user_activity, if: %i(user_signed_in? user_needs_sign_in_update?)
   end
 
   private
 
   def set_user_activity
-    return unless user_needs_sign_in_update?
-
     # Mark as signed-in today
     current_user.update_tracked_fields!(request)
 
@@ -23,7 +21,7 @@ module UserTrackingConcern
   end
 
   def user_needs_sign_in_update?
-    user_signed_in? && (current_user.current_sign_in_at.nil? || current_user.current_sign_in_at < UPDATE_SIGN_IN_HOURS.hours.ago)
+    current_user.current_sign_in_at.nil? || current_user.current_sign_in_at < UPDATE_SIGN_IN_HOURS.hours.ago
   end
 
   def user_needs_feed_update?

app/controllers/emojis_controller.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-class EmojisController < ApplicationController
-  before_action :set_emoji
-
-  def show
-    respond_to do |format|
-      format.json do
-        render json: @emoji,
-               serializer: ActivityPub::EmojiSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
-      end
-    end
-  end
-
-  private
-
-  def set_emoji
-    @emoji = CustomEmoji.local.find(params[:id])
-  end
-end

app/controllers/follower_accounts_controller.rb

@@ -10,39 +10,19 @@ class FollowerAccountsController < ApplicationController
       format.html
 
       format.json do
-        render json: collection_presenter,
+        render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter
-               serializer: ActivityPub::CollectionSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
       end
     end
   end
 
   private
 
-  def page_url(page)
-    account_followers_url(@account, page: page) unless page.nil?
-  end
-
   def collection_presenter
-    page = ActivityPub::CollectionPresenter.new(
+    ActivityPub::CollectionPresenter.new(
-      id: account_followers_url(@account, page: params.fetch(:page, 1)),
+      id: account_followers_url(@account),
       type: :ordered,
       size: @account.followers_count,
-      items: @follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.account) },
+      items: @follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.account) }
-      part_of: account_followers_url(@account),
-      next: page_url(@follows.next_page),
-      prev: page_url(@follows.prev_page)
     )
-    if params[:page].present?
-      page
-    else
-      ActivityPub::CollectionPresenter.new(
-        id: account_followers_url(@account),
-        type: :ordered,
-        size: @account.followers_count,
-        first: page
-      )
-    end
   end
 end

app/controllers/following_accounts_controller.rb

@@ -10,39 +10,19 @@ class FollowingAccountsController < ApplicationController
       format.html
 
       format.json do
-        render json: collection_presenter,
+        render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter
-               serializer: ActivityPub::CollectionSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
       end
     end
   end
 
   private
 
-  def page_url(page)
-    account_following_index_url(@account, page: page) unless page.nil?
-  end
-
   def collection_presenter
-    page = ActivityPub::CollectionPresenter.new(
+    ActivityPub::CollectionPresenter.new(
-      id: account_following_index_url(@account, page: params.fetch(:page, 1)),
+      id: account_following_index_url(@account),
       type: :ordered,
       size: @account.following_count,
-      items: @follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.target_account) },
+      items: @follows.map { |f| ActivityPub::TagManager.instance.uri_for(f.target_account) }
-      part_of: account_following_index_url(@account),
-      next: page_url(@follows.next_page),
-      prev: page_url(@follows.prev_page)
     )
-    if params[:page].present?
-      page
-    else
-      ActivityPub::CollectionPresenter.new(
-        id: account_following_index_url(@account),
-        type: :ordered,
-        size: @account.following_count,
-        first: page
-      )
-    end
   end
 end

app/controllers/home_controller.rb

@@ -12,30 +12,7 @@ class HomeController < ApplicationController
   private
 
   def authenticate_user!
-    return if user_signed_in?
+    redirect_to(single_user_mode? ? account_path(Account.first) : about_path) unless user_signed_in?
-
-    matches = request.path.match(/\A\/web\/(statuses|accounts)\/([\d]+)\z/)
-
-    if matches
-      case matches[1]
-      when 'statuses'
-        status = Status.find_by(id: matches[2])
-
-        if status && (status.public_visibility? || status.unlisted_visibility?)
-          redirect_to(ActivityPub::TagManager.instance.url_for(status))
-          return
-        end
-      when 'accounts'
-        account = Account.find_by(id: matches[2])
-
-        if account
-          redirect_to(ActivityPub::TagManager.instance.url_for(account))
-          return
-        end
-      end
-    end
-
-    redirect_to(default_redirect_path)
   end
 
   def set_initial_state_json
@@ -52,14 +29,4 @@ class HomeController < ApplicationController
       admin: Account.find_local(Setting.site_contact_username),
     }
   end
-
-  def default_redirect_path
-    if request.path.start_with?('/web')
-      new_user_session_path
-    elsif single_user_mode?
-      short_account_path(Account.first)
-    else
-      about_path
-    end
-  end
 end

app/controllers/intents_controller.rb

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-
-class IntentsController < ApplicationController
-  def show
-    uri = Addressable::URI.parse(params[:uri])
-
-    if uri.scheme == 'web+mastodon'
-      case uri.host
-      when 'follow'
-        return redirect_to authorize_follow_path(acct: uri.query_values['uri'].gsub(/\Aacct:/, ''))
-      when 'share'
-        return redirect_to share_path(text: uri.query_values['text'])
-      end
-    end
-
-    not_found
-  end
-end

app/controllers/manifests_controller.rb

@@ -1,7 +1,11 @@
 # frozen_string_literal: true
 
 class ManifestsController < ApplicationController
-  def show
+  before_action :set_instance_presenter
-    render json: InstancePresenter.new, serializer: ManifestSerializer
+
+  def show; end
+
+  def set_instance_presenter
+    @instance_presenter = InstancePresenter.new
   end
 end

app/controllers/media_proxy_controller.rb

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-class MediaProxyController < ApplicationController
-  include RoutingHelper
-
-  def show
-    RedisLock.acquire(lock_options) do |lock|
-      if lock.acquired?
-        @media_attachment = MediaAttachment.remote.find(params[:id])
-        redownload! if @media_attachment.needs_redownload? && !reject_media?
-      end
-    end
-
-    redirect_to full_asset_url(@media_attachment.file.url(version))
-  end
-
-  private
-
-  def redownload!
-    @media_attachment.file_remote_url = @media_attachment.remote_url
-    @media_attachment.created_at      = Time.now.utc
-    @media_attachment.save!
-  end
-
-  def version
-    if request.path.ends_with?('/small')
-      :small
-    else
-      :original
-    end
-  end
-
-  def lock_options
-    { redis: Redis.current, key: "media_download:#{params[:id]}" }
-  end
-
-  def reject_media?
-    DomainBlock.find_by(domain: @media_attachment.account.domain)&.reject_media?
-  end
-end

app/controllers/settings/applications_controller.rb

@@ -1,72 +0,0 @@
-# frozen_string_literal: true
-
-class Settings::ApplicationsController < ApplicationController
-  layout 'admin'
-
-  before_action :authenticate_user!
-  before_action :set_application, only: [:show, :update, :destroy, :regenerate]
-  before_action :prepare_scopes, only: [:create, :update]
-
-  def index
-    @applications = current_user.applications.page(params[:page])
-  end
-
-  def new
-    @application = Doorkeeper::Application.new(
-      redirect_uri: Doorkeeper.configuration.native_redirect_uri,
-      scopes: 'read write follow'
-    )
-  end
-
-  def show; end
-
-  def create
-    @application = current_user.applications.build(application_params)
-
-    if @application.save
-      redirect_to settings_applications_path, notice: I18n.t('applications.created')
-    else
-      render :new
-    end
-  end
-
-  def update
-    if @application.update(application_params)
-      redirect_to settings_applications_path, notice: I18n.t('generic.changes_saved_msg')
-    else
-      render :show
-    end
-  end
-
-  def destroy
-    @application.destroy
-    redirect_to settings_applications_path, notice: I18n.t('applications.destroyed')
-  end
-
-  def regenerate
-    @access_token = current_user.token_for_app(@application)
-    @access_token.destroy
-
-    redirect_to settings_application_path(@application), notice: I18n.t('applications.token_regenerated')
-  end
-
-  private
-
-  def set_application
-    @application = current_user.applications.find(params[:id])
-  end
-
-  def application_params
-    params.require(:doorkeeper_application).permit(
-      :name,
-      :redirect_uri,
-      :scopes,
-      :website
-    )
-  end
-
-  def prepare_scopes
-    scopes = params.fetch(:doorkeeper_application, {}).fetch(:scopes, nil)
-    params[:doorkeeper_application][:scopes] = scopes.join(' ') if scopes.is_a? Array
-  end
-end

app/controllers/settings/follower_domains_controller.rb

@@ -9,7 +9,7 @@ class Settings::FollowerDomainsController < ApplicationController
 
   def show
     @account = current_account
-    @domains = current_account.followers.reorder('MIN(follows.id) DESC').group('accounts.domain').select('accounts.domain, count(accounts.id) as accounts_from_domain').page(params[:page]).per(10)
+    @domains = current_account.followers.reorder(nil).group('accounts.domain').select('accounts.domain, count(accounts.id) as accounts_from_domain').page(params[:page]).per(10)
   end
 
   def update

app/controllers/settings/keyword_mutes_controller.rb

@@ -1,64 +0,0 @@
-# frozen_string_literal: true
-
-class Settings::KeywordMutesController < ApplicationController
-  layout 'admin'
-
-  before_action :authenticate_user!
-  before_action :load_keyword_mute, only: [:edit, :update, :destroy]
-
-  def index
-    @keyword_mutes = paginated_keyword_mutes_for_account
-  end
-
-  def new
-    @keyword_mute = keyword_mutes_for_account.build
-  end
-
-  def create
-    @keyword_mute = keyword_mutes_for_account.create(keyword_mute_params)
-
-    if @keyword_mute.persisted?
-      redirect_to settings_keyword_mutes_path, notice: I18n.t('generic.changes_saved_msg')
-    else
-      render :new
-    end
-  end
-
-  def update
-    if @keyword_mute.update(keyword_mute_params)
-      redirect_to settings_keyword_mutes_path, notice: I18n.t('generic.changes_saved_msg')
-    else
-      render :edit
-    end
-  end
-
-  def destroy
-    @keyword_mute.destroy!
-
-    redirect_to settings_keyword_mutes_path, notice: I18n.t('generic.changes_saved_msg')
-  end
-
-  def destroy_all
-    keyword_mutes_for_account.delete_all
-
-    redirect_to settings_keyword_mutes_path, notice: I18n.t('generic.changes_saved_msg')
-  end
-
-  private
-
-  def keyword_mutes_for_account
-    Glitch::KeywordMute.where(account: current_account)
-  end
-
-  def load_keyword_mute
-    @keyword_mute = keyword_mutes_for_account.find(params[:id])
-  end
-
-  def keyword_mute_params
-    params.require(:keyword_mute).permit(:keyword, :whole_word)
-  end
-
-  def paginated_keyword_mutes_for_account
-    keyword_mutes_for_account.order(:keyword).page params[:page]
-  end
-end

app/controllers/settings/notifications_controller.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-class Settings::NotificationsController < ApplicationController
-  layout 'admin'
-
-  before_action :authenticate_user!
-
-  def show; end
-
-  def update
-    user_settings.update(user_settings_params.to_h)
-
-    if current_user.save
-      redirect_to settings_notifications_path, notice: I18n.t('generic.changes_saved_msg')
-    else
-      render :show
-    end
-  end
-
-  private
-
-  def user_settings
-    UserSettingsDecorator.new(current_user)
-  end
-
-  def user_settings_params
-    params.require(:user).permit(
-      notification_emails: %i(follow follow_request reblog favourite mention digest),
-      interactions: %i(must_be_follower must_be_following must_be_following_dm)
-    )
-  end
-end

app/controllers/settings/preferences_controller.rb

@@ -39,10 +39,8 @@ class Settings::PreferencesController < ApplicationController
       :setting_boost_modal,
       :setting_delete_modal,
       :setting_auto_play_gif,
-      :setting_reduce_motion,
       :setting_system_font_ui,
       :setting_noindex,
-      :setting_theme,
       notification_emails: %i(follow follow_request reblog favourite mention digest),
       interactions: %i(must_be_follower must_be_following)
     )

app/controllers/settings/profiles_controller.rb

@@ -14,8 +14,7 @@ class Settings::ProfilesController < ApplicationController
   def show; end
 
   def update
-    if UpdateAccountService.new.call(@account, account_params)
+    if @account.update(account_params)
-      ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
       redirect_to settings_profile_path, notice: I18n.t('generic.changes_saved_msg')
     else
       render :show

app/controllers/shares_controller.rb

@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-class SharesController < ApplicationController
-  layout 'modal'
-
-  before_action :authenticate_user!
-  before_action :set_body_classes
-
-  def show
-    serializable_resource = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(initial_state_params), serializer: InitialStateSerializer)
-    @initial_state_json   = serializable_resource.to_json
-  end
-
-  private
-
-  def initial_state_params
-    {
-      settings: Web::Setting.find_by(user: current_user)&.data || {},
-      push_subscription: current_account.user.web_push_subscription(current_session),
-      current_account: current_account,
-      token: current_session.token,
-      admin: Account.find_local(Setting.site_contact_username),
-      text: params[:text],
-    }
-  end
-
-  def set_body_classes
-    @body_classes = 'compose-standalone'
-  end
-end

app/controllers/statuses_controller.rb

@@ -9,7 +9,6 @@ class StatusesController < ApplicationController
   before_action :set_status
   before_action :set_link_headers
   before_action :check_account_suspension
-  before_action :redirect_to_original, only: [:show]
 
   def show
     respond_to do |format|
@@ -21,24 +20,13 @@ class StatusesController < ApplicationController
       end
 
       format.json do
-        render json: @status,
+        render json: @status, serializer: ActivityPub::NoteSerializer, adapter: ActivityPub::Adapter
-               serializer: ActivityPub::NoteSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
       end
     end
   end
 
   def activity
-    render json: @status,
+    render json: @status, serializer: ActivityPub::ActivitySerializer, adapter: ActivityPub::Adapter
-           serializer: ActivityPub::ActivitySerializer,
-           adapter: ActivityPub::Adapter,
-           content_type: 'application/activity+json'
-  end
-
-  def embed
-    response.headers['X-Frame-Options'] = 'ALLOWALL'
-    render 'stream_entries/embed', layout: 'embedded'
   end
 
   private
@@ -48,12 +36,7 @@ class StatusesController < ApplicationController
   end
 
   def set_link_headers
-    response.headers['Link'] = LinkHeader.new(
+    response.headers['Link'] = LinkHeader.new([[account_stream_entry_url(@account, @status.stream_entry, format: 'atom'), [%w(rel alternate), %w(type application/atom+xml)]]])
-      [
-        [account_stream_entry_url(@account, @status.stream_entry, format: 'atom'), [%w(rel alternate), %w(type application/atom+xml)]],
-        [ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]],
-      ]
-    )
   end
 
   def set_status
@@ -70,8 +53,4 @@ class StatusesController < ApplicationController
   def check_account_suspension
     gone if @account.suspended?
   end
-
-  def redirect_to_original
-    redirect_to ::TagManager.instance.url_for(@status.reblog) if @status.reblog?
-  end
 end

app/controllers/stream_entries_controller.rb

@@ -25,7 +25,10 @@ class StreamEntriesController < ApplicationController
   end
 
   def embed
-    redirect_to embed_short_account_status_url(@account, @stream_entry.activity), status: 301
+    response.headers['X-Frame-Options'] = 'ALLOWALL'
+    return gone if @stream_entry.activity.nil?
+
+    render layout: 'embedded'
   end
 
   private
@@ -35,12 +38,7 @@ class StreamEntriesController < ApplicationController
   end
 
   def set_link_headers
-    response.headers['Link'] = LinkHeader.new(
+    response.headers['Link'] = LinkHeader.new([[account_stream_entry_url(@account, @stream_entry, format: 'atom'), [%w(rel alternate), %w(type application/atom+xml)]]])
-      [
-        [account_stream_entry_url(@account, @stream_entry, format: 'atom'), [%w(rel alternate), %w(type application/atom+xml)]],
-        [ActivityPub::TagManager.instance.uri_for(@stream_entry.activity), [%w(rel alternate), %w(type application/activity+json)]],
-      ]
-    )
   end
 
   def set_stream_entry
@@ -48,7 +46,7 @@ class StreamEntriesController < ApplicationController
     @type         = @stream_entry.activity_type.downcase
 
     raise ActiveRecord::RecordNotFound if @stream_entry.activity.nil?
-    authorize @stream_entry.activity, :show? if @stream_entry.hidden? || @stream_entry.local_only?
+    authorize @stream_entry.activity, :show? if @stream_entry.hidden?
   rescue Mastodon::NotPermittedError
     # Reraise in order to get a 404
     raise ActiveRecord::RecordNotFound

app/controllers/tags_controller.rb

@@ -1,40 +1,24 @@
 # frozen_string_literal: true
 
 class TagsController < ApplicationController
-  before_action :set_body_classes
+  layout 'public'
-  before_action :set_instance_presenter
 
   def show
-    @tag = Tag.find_by!(name: params[:id].downcase)
+    @tag      = Tag.find_by!(name: params[:id].downcase)
+    @statuses = Status.as_tag_timeline(@tag, current_account, params[:local]).paginate_by_max_id(20, params[:max_id])
+    @statuses = cache_collection(@statuses, Status)
 
     respond_to do |format|
-      format.html do
+      format.html
-        serializable_resource = ActiveModelSerializers::SerializableResource.new(InitialStatePresenter.new(initial_state_params), serializer: InitialStateSerializer)
-        @initial_state_json   = serializable_resource.to_json
-      end
 
       format.json do
-        @statuses = Status.as_tag_timeline(@tag, current_account, params[:local]).paginate_by_max_id(20, params[:max_id])
+        render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter
-        @statuses = cache_collection(@statuses, Status)
-
-        render json: collection_presenter,
-               serializer: ActivityPub::CollectionSerializer,
-               adapter: ActivityPub::Adapter,
-               content_type: 'application/activity+json'
       end
     end
   end
 
   private
 
-  def set_body_classes
-    @body_classes = 'tag-body'
-  end
-
-  def set_instance_presenter
-    @instance_presenter = InstancePresenter.new
-  end
-
   def collection_presenter
     ActivityPub::CollectionPresenter.new(
       id: tag_url(@tag),
@@ -43,11 +27,4 @@ class TagsController < ApplicationController
       items: @statuses.map { |s| ActivityPub::TagManager.instance.uri_for(s) }
     )
   end
-
-  def initial_state_params
-    {
-      settings: {},
-      token: current_session&.token,
-    }
-  end
 end

app/helpers/admin/account_moderation_notes_helper.rb

@@ -1,4 +0,0 @@
-# frozen_string_literal: true
-
-module Admin::AccountModerationNotesHelper
-end

app/helpers/admin/filter_helper.rb

@@ -18,7 +18,7 @@ module Admin::FilterHelper
 
   def selected?(more_params)
     new_url = filtered_url_for(more_params)
-    filter_link_class(new_url) == 'selected'
+    filter_link_class(new_url) == 'selected' ? true : false
   end
 
   private

app/helpers/application_helper.rb

@@ -5,10 +5,6 @@ module ApplicationHelper
     current_page?(path) ? 'active' : ''
   end
 
-  def active_link_to(label, path, options = {})
-    link_to label, path, options.merge(class: active_nav_class(path))
-  end
-
   def show_landing_strip?
     !user_signed_in? && !single_user_mode?
   end
@@ -35,11 +31,6 @@ module ApplicationHelper
     Rails.env.production? ? site_title : "#{site_title} (Dev)"
   end
 
-  def can?(action, record)
-    return false if record.nil?
-    policy(record).public_send("#{action}?")
-  end
-
   def fa_icon(icon, attributes = {})
     class_names = attributes[:class]&.split(' ') || []
     class_names << 'fa'
@@ -47,12 +38,4 @@ module ApplicationHelper
 
     content_tag(:i, nil, attributes.merge(class: class_names.join(' ')))
   end
-
-  def custom_emoji_tag(custom_emoji)
-    image_tag(custom_emoji.image.url, class: 'emojione', alt: ":#{custom_emoji.shortcode}:")
-  end
-
-  def opengraph(property, content)
-    tag(:meta, content: content, property: property)
-  end
 end

app/helpers/emoji_helper.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module EmojiHelper
+  def emojify(text)
+    return text if text.blank?
+
+    text.gsub(emoji_pattern) do |match|
+      emoji = Emoji.instance.unicode($1) # rubocop:disable Style/PerlBackrefs
+
+      if emoji
+        emoji
+      else
+        match
+      end
+    end
+  end
+
+  def emoji_pattern
+    @emoji_pattern ||=
+      /(?<=[^[:alnum:]:]|\n|^)
+      (#{Emoji.instance.names.map { |name| Regexp.escape(name) }.join('|')})
+      (?=[^[:alnum:]:]|$)/x
+  end
+end

app/helpers/jsonld_helper.rb

@@ -1,67 +0,0 @@
-# frozen_string_literal: true
-
-module JsonLdHelper
-  def equals_or_includes?(haystack, needle)
-    haystack.is_a?(Array) ? haystack.include?(needle) : haystack == needle
-  end
-
-  def first_of_value(value)
-    value.is_a?(Array) ? value.first : value
-  end
-
-  def as_array(value)
-    value.is_a?(Array) ? value : [value]
-  end
-
-  def value_or_id(value)
-    value.is_a?(String) || value.nil? ? value : value['id']
-  end
-
-  def supported_context?(json)
-    !json.nil? && equals_or_includes?(json['@context'], ActivityPub::TagManager::CONTEXT)
-  end
-
-  def canonicalize(json)
-    graph = RDF::Graph.new << JSON::LD::API.toRdf(json)
-    graph.dump(:normalize)
-  end
-
-  def fetch_resource(uri, id)
-    unless id
-      json = fetch_resource_without_id_validation(uri)
-      return unless json
-      uri = json['id']
-    end
-
-    json = fetch_resource_without_id_validation(uri)
-    json.present? && json['id'] == uri ? json : nil
-  end
-
-  def fetch_resource_without_id_validation(uri)
-    response = build_request(uri).perform
-    return if response.code != 200
-    body_to_json(response.to_s)
-  end
-
-  def body_to_json(body)
-    body.is_a?(String) ? Oj.load(body, mode: :strict) : body
-  rescue Oj::ParseError
-    nil
-  end
-
-  def merge_context(context, new_context)
-    if context.is_a?(Array)
-      context << new_context
-    else
-      [context, new_context]
-    end
-  end
-
-  private
-
-  def build_request(uri)
-    request = Request.new(:get, uri)
-    request.add_headers('Accept' => 'application/activity+json, application/ld+json')
-    request
-  end
-end

app/helpers/routing_helper.rb

@@ -12,14 +12,6 @@ module RoutingHelper
   end
 
   def full_asset_url(source, options = {})
-    source = ActionController::Base.helpers.asset_url(source, options) unless use_storage?
+    Rails.configuration.x.use_s3 ? source : URI.join(root_url, ActionController::Base.helpers.asset_url(source, options)).to_s
-
-    URI.join(root_url, source).to_s
-  end
-
-  private
-
-  def use_storage?
-    Rails.configuration.x.use_s3 || Rails.configuration.x.use_swift
   end
 end

app/helpers/settings/keyword_mutes_helper.rb

@@ -1,2 +0,0 @@
-module Settings::KeywordMutesHelper
-end

app/helpers/settings_helper.rb

@@ -27,11 +27,9 @@ module SettingsHelper
     pt: 'Português',
     'pt-BR': 'Português do Brasil',
     ru: 'Русский',
-    sv: 'Svenska',
     th: 'ภาษาไทย',
     tr: 'Türkçe',
     uk: 'Українська',
-    zh: '中文',
     'zh-CN': '简体中文',
     'zh-HK': '繁體中文（香港）',
     'zh-TW': '繁體中文（臺灣）',
@@ -41,10 +39,6 @@ module SettingsHelper
     HUMAN_LOCALES[locale]
   end
 
-  def filterable_languages
-    LanguageDetector.instance.language_names.select(&HUMAN_LOCALES.method(:key?))
-  end
-
   def hash_to_object(hash)
     HashObject.new(hash)
   end

app/helpers/stream_entries_helper.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module StreamEntriesHelper
-  EMBEDDED_CONTROLLER = 'statuses'
+  EMBEDDED_CONTROLLER = 'stream_entries'
   EMBEDDED_ACTION = 'embed'
 
   def display_name(account)

app/javascript/glitch/components/account/header.js

@@ -44,14 +44,14 @@ Imports:
 import React from 'react';
 import ImmutablePropTypes from 'react-immutable-proptypes';
 import PropTypes from 'prop-types';
+import escapeTextContentForBrowser from 'escape-html';
 import { defineMessages, injectIntl, FormattedMessage } from 'react-intl';
 import ImmutablePureComponent from 'react-immutable-pure-component';
 
 //  Mastodon imports  //
-import emojify from '../../../mastodon/features/emoji/emoji';
+import emojify from '../../../mastodon/emoji';
 import IconButton from '../../../mastodon/components/icon_button';
 import Avatar from '../../../mastodon/components/avatar';
-import { me } from '../../../mastodon/initial_state';
 
 //  Our imports  //
 import { processBio } from '../../util/bio_metadata';
@@ -89,6 +89,7 @@ export default class AccountHeader extends ImmutablePureComponent {
 
   static propTypes = {
     account  : ImmutablePropTypes.map,
+    me       : PropTypes.number.isRequired,
     onFollow : PropTypes.func.isRequired,
     intl     : PropTypes.object.isRequired,
   };
@@ -102,7 +103,7 @@ The `render()` function is used to render our component.
 */
 
   render () {
-    const { account, intl } = this.props;
+    const { account, me, intl } = this.props;
 
 /*
 
@@ -116,11 +117,15 @@ then we set the `displayName` to just be the `username` of the account.
       return null;
     }
 
-    let displayName = account.get('display_name_html');
+    let displayName = account.get('display_name');
     let info        = '';
     let actionBtn   = '';
     let following   = false;
 
+    if (displayName.length === 0) {
+      displayName = account.get('username');
+    }
+
 /*
 
 Next, we handle the account relationships. If the account follows the
@@ -152,7 +157,7 @@ appropriate icon.
             <IconButton
               size={26}
               icon={following ? 'user-times' : 'user-plus'}
-              active={following ? true : false}
+              active={following}
               title={intl.formatMessage(following ? messages.unfollow : messages.follow)}
               onClick={this.props.onFollow}
             />
@@ -162,11 +167,16 @@ appropriate icon.
     }
 
 /*
- we extract the `text` and
+
+`displayNameHTML` processes the `displayName` and prepares it for
+insertion into the document. Meanwhile, we extract the `text` and
 `metadata` from our account's `note` using `processBio()`.
 
 */
 
+    const displayNameHTML    = {
+      __html : emojify(escapeTextContentForBrowser(displayName)),
+    };
     const { text, metadata } = processBio(account.get('note'));
 
 /*
@@ -188,7 +198,7 @@ Here, we render our component using all the things we've defined above.
               </span>
               <span
                 className='account__header__display-name'
-                dangerouslySetInnerHTML={{ __html: displayName }}
+                dangerouslySetInnerHTML={displayNameHTML}
               />
             </a>
             <span className='account__header__username'>

app/javascript/glitch/components/common/avatar/index.js

@@ -0,0 +1,113 @@
+//  <CommonAvatar>
+//  ========
+
+//  For code documentation, please see:
+//  https://glitch-soc.github.io/docs/javascript/glitch/common/avatar
+
+//  For more information, please contact:
+//  @kibi@glitch.social
+
+//  * * * * * * *  //
+
+//  Imports
+//  -------
+
+//  Package imports.
+import classNames from 'classnames';
+import React from 'react';
+import PropTypes from 'prop-types';
+import ImmutablePropTypes from 'react-immutable-proptypes';
+
+//  Stylesheet imports.
+import './style';
+
+//  * * * * * * *  //
+
+//  The component
+//  -------------
+
+export default class CommonAvatar extends React.PureComponent {
+
+  //  Props and state.
+  static propTypes = {
+    account: ImmutablePropTypes.map.isRequired,
+    animate: PropTypes.bool,
+    circular: PropTypes.bool,
+    className: PropTypes.string,
+    comrade: ImmutablePropTypes.map,
+  }
+  state = {
+    hovering: false,
+  }
+
+  //  Starts or stops animation on hover.
+  handleMouseEnter = () => {
+    if (this.props.animate) return;
+    this.setState({ hovering: true });
+  }
+  handleMouseLeave = () => {
+    if (this.props.animate) return;
+    this.setState({ hovering: false });
+  }
+
+  //  Renders the component.
+  render () {
+    const {
+      handleMouseEnter,
+      handleMouseLeave,
+    } = this;
+    const {
+      account,
+      animate,
+      circular,
+      className,
+      comrade,
+      ...others
+    } = this.props;
+    const { hovering } = this.state;
+    const computedClass = classNames('glitch', 'glitch__common__avatar', {
+      _circular: circular,
+    }, className);
+
+    //  We store the image srcs here for later.
+    const src = account.get('avatar');
+    const staticSrc = account.get('avatar_static');
+    const comradeSrc = comrade ? comrade.get('avatar') : null;
+    const comradeStaticSrc = comrade ? comrade.get('avatar_static') : null;
+
+    //  Avatars are a straightforward div with image(s) inside.
+    return comrade ? (
+      <div
+        className={computedClass}
+        onMouseEnter={handleMouseEnter}
+        onMouseLeave={handleMouseLeave}
+        {...others}
+      >
+        <img
+          className='avatar\main'
+          src={hovering || animate ? src : staticSrc}
+          alt=''
+        />
+        <img
+          className='avatar\comrade'
+          src={hovering || animate ? comradeSrc : comradeStaticSrc}
+          alt=''
+        />
+      </div>
+    ) : (
+      <div
+        className={computedClass}
+        onMouseEnter={handleMouseEnter}
+        onMouseLeave={handleMouseLeave}
+        {...others}
+      >
+        <img
+          className='avatar\solo'
+          src={hovering || animate ? src : staticSrc}
+          alt=''
+        />
+      </div>
+    );
+  }
+
+}

app/javascript/glitch/components/common/avatar/style.scss

@@ -0,0 +1,41 @@
+@import 'variables';
+
+.glitch.glitch__common__avatar {
+  display: inline-block;
+  position: relative;
+
+  & > img {
+    display: block;
+    position: static;
+    margin: 0;
+    border-radius: $ui-avatar-border-size;
+    width: 100%;
+    height: 100%;
+
+    &.avatar\\comrade {
+      position: absolute;
+      right: 0;
+      bottom: 0;
+      width: 50%;
+      height: 50%;
+    }
+
+    &.avatar\\main {
+      margin: 0 30% 30% 0;
+      width: 70%;
+      height: 70%;
+    }
+  }
+
+  &._circular {
+    & > img {
+      transition: border-radius ($glitch-animation-speed * .3s);
+    }
+
+    &:not(:hover) {
+      & > img {
+        border-radius: 50%;
+      }
+    }
+  }
+}

app/javascript/glitch/components/common/button/index.js

@@ -0,0 +1,146 @@
+//  <CommonButton>
+//  ========
+
+//  For code documentation, please see:
+//  https://glitch-soc.github.io/docs/javascript/glitch/common/button
+
+//  For more information, please contact:
+//  @kibi@glitch.social
+
+//  * * * * * * *  //
+
+//  Imports
+//  -------
+
+//  Package imports.
+import classNames from 'classnames';
+import React from 'react';
+import PropTypes from 'prop-types';
+
+//  Our imports.
+import CommonLink from 'glitch/components/common/link';
+import CommonIcon from 'glitch/components/common/icon';
+
+//  Stylesheet imports.
+import './style';
+
+//  * * * * * * *  //
+
+//  The component
+//  -------------
+
+export default class CommonButton extends React.PureComponent {
+
+  static propTypes = {
+    active: PropTypes.bool,
+    animate: PropTypes.bool,
+    children: PropTypes.node,
+    className: PropTypes.string,
+    disabled: PropTypes.bool,
+    href: PropTypes.string,
+    icon: PropTypes.string,
+    onClick: PropTypes.func,
+    showTitle: PropTypes.bool,
+    title: PropTypes.string,
+  }
+  state = {
+    loaded: false,
+  }
+
+  //  The `loaded` state property activates our animations. We wait
+  //  until an activation change in order to prevent unsightly
+  //  animations when the component first mounts.
+  componentWillReceiveProps (nextProps) {
+    const { active } = this.props;
+
+    //  The double "not"s here cast both arguments to booleans.
+    if (!nextProps.active !== !active) this.setState({ loaded: true });
+  }
+
+  handleClick = (e) => {
+    const { onClick } = this.props;
+    if (!onClick) return;
+    onClick(e);
+    e.preventDefault();
+  }
+
+  //  Rendering the component.
+  render () {
+    const { handleClick } = this;
+    const {
+      active,
+      animate,
+      children,
+      className,
+      disabled,
+      href,
+      icon,
+      onClick,
+      showTitle,
+      title,
+      ...others
+    } = this.props;
+    const { loaded } = this.state;
+    const computedClass = classNames('glitch', 'glitch__common__button', className, {
+      _active: active && !href,  //  Links can't be active
+      _animated: animate && loaded,
+      _disabled: disabled,
+      _link: href,
+      _star: icon === 'star',
+      '_with-text': children || title && showTitle,
+    });
+    let conditionalProps = {};
+
+    //  If href is provided, we render a link.
+    if (href) {
+      if (!disabled && href) conditionalProps.href = href;
+      if (title && !showTitle) {
+        if (!children) conditionalProps.title = title;
+        else conditionalProps['aria-label'] = title;
+      }
+      if (onClick) {
+        if (!disabled) conditionalProps.onClick = handleClick;
+        else conditionalProps['aria-disabled'] = true;
+        conditionalProps.role = 'button';
+        conditionalProps.tabIndex = 0;
+      }
+      return (
+        <CommonLink
+          className={computedClass}
+          {...conditionalProps}
+          {...others}
+        >
+          {children}
+          {title && showTitle ? <span className='button\title'>{title}</span> : null}
+          <CommonIcon name={icon} className='button\icon' />
+        </CommonLink>
+      );
+
+    //  Otherwise, we render a button.
+    } else {
+      if (active !== void 0) conditionalProps['aria-pressed'] = active;
+      if (title && !showTitle) {
+        if (!children) conditionalProps.title = title;
+        else conditionalProps['aria-label'] = title;
+      }
+      if (onClick && !disabled) {
+        conditionalProps.onClick = handleClick;
+      }
+      return (
+        <button
+          className={computedClass}
+          {...conditionalProps}
+          disabled={disabled}
+          {...others}
+          tabIndex='0'
+          type='button'
+        >
+          {children}
+          {title && showTitle ? <span className='button\title'>{title}</span> : null}
+          <CommonIcon name={icon} className='button\icon' />
+        </button>
+      );
+    }
+  };
+
+}

app/javascript/glitch/components/common/button/style.scss

@@ -0,0 +1,134 @@
+@import 'variables';
+
+.glitch.glitch__common__button {
+  display: inline-block;
+  border: none;
+  padding: 0;
+  color: $ui-base-lighter-color;
+  background: transparent;
+  outline: thin transparent dotted;
+  font-size: inherit;
+  text-decoration: none;
+  cursor: pointer;
+  transition: color ($glitch-animation-speed * .15s) ease-in, outline-color ($glitch-animation-speed * .3s) ease-in-out;
+
+  &._animated .button\\icon {
+    animation-name: glitch__common__button__deactivate;
+    animation-duration: .9s;
+    animation-timing-function: ease-in-out;
+
+    @keyframes glitch__common__button__deactivate {
+      from {
+        transform: rotate(360deg);
+      }
+      57% {
+        transform: rotate(-60deg);
+      }
+      86% {
+        transform: rotate(30deg);
+      }
+      to {
+        transform: rotate(0deg);
+      }
+    }
+  }
+
+  &._active {
+    .button\\icon {
+      color: $ui-highlight-color;
+    }
+
+    &._animated .button\\icon {
+      animation-name: glitch__common__button__activate;
+
+      @keyframes glitch__common__button__activate {
+        from {
+          transform: rotate(0deg);
+        }
+        57% {
+          transform: rotate(420deg);  //  Blazin' 😎
+        }
+        86% {
+          transform: rotate(330deg);
+        }
+        to {
+          transform: rotate(360deg);
+        }
+      }
+    }
+
+    /*
+    The special `._star` class is given to buttons which have a star
+    icon (see JS). When they are active, we give them a gold star ⭐️.
+    */
+    &._star .button\\icon {
+      color: $gold-star;
+    }
+  }
+
+  /*
+  For links, we consider them disabled if they don't have an `href`
+  attribute (see JS).
+  */
+  &._disabled {
+    opacity: $glitch-disabled-opacity;
+    cursor: default;
+  }
+
+  /*
+  This is confusing becuase of the names, but the `color .3 ease-out`
+  transition is actually used when easing *in* to a hovering/active/
+  focusing state, and the default transition is used when leaving. Our
+  buttons are a little slower to glow than they are to fade.
+  */
+  &:active,
+  &:focus,
+  &:hover {
+    color: $glitch-lighter-color;
+    transition: color ($glitch-animation-speed * .3s) ease-out, outline-color ($glitch-animation-speed * .15s) ease-in-out;
+  }
+
+  &:focus {
+    outline-color: currentColor;
+  }
+
+  /*
+  Buttons with text have a number of different styling rules and an
+  overall different appearance.
+  */
+  &._with-text {
+    display: inline-block;
+    border: none;
+    border-radius: .35em;
+    padding: 0 .5em;
+    color: $glitch-texture-color;
+    background: $ui-base-lighter-color;
+    font-size: .75em;
+    font-weight: inherit;
+    text-transform: uppercase;
+    line-height: 1.6;
+    cursor: pointer;
+    vertical-align: baseline;
+    transition: background-color ($glitch-animation-speed * .15s) ease-in, outline-color ($glitch-animation-speed * .3s) ease-in-out;
+
+    .button\\icon {
+      display: inline-block;
+      font-size: 1.25em;
+      vertical-align: -.1em;
+    }
+
+    & > *:not(:first-child) {
+      margin: 0 0 0 .4em;
+      border-left: 1px solid currentColor;
+      padding: 0 0 0 .3em;
+    }
+
+    &:active,
+    &:hover,
+    &:focus {
+      color: $glitch-texture-color;
+      background: $glitch-lighter-color;
+      transition: background-color ($glitch-animation-speed * .3s) ease-out, outline-color ($glitch-animation-speed * .15s) ease-in-out;
+    }
+  }
+}

app/javascript/glitch/components/common/icon/index.js

@@ -0,0 +1,59 @@
+//  <CommonIcon>
+//  ========
+
+//  For code documentation, please see:
+//  https://glitch-soc.github.io/docs/javascript/glitch/common/icon
+
+//  For more information, please contact:
+//  @kibi@glitch.social
+
+//  * * * * * * *  //
+
+//  Imports
+//  -------
+
+//  Package imports.
+import classNames from 'classnames';
+import React from 'react';
+import PropTypes from 'prop-types';
+
+//  Stylesheet imports.
+import './style';
+
+//  * * * * * * *  //
+
+//  The component
+//  -------------
+
+const CommonIcon = ({
+  className,
+  name,
+  proportional,
+  title,
+  ...others
+}) => name ? (
+  <span
+    className={classNames('glitch', 'glitch__common__icon', className)}
+    {...others}
+  >
+    <span
+      aria-hidden
+      className={`fa ${proportional ? '' : 'fa-fw'} fa-${name} icon\fa`}
+      {...(title ? { title } : {})}
+    />
+    {title ? (
+      <span className='_for-screenreader'>{title}</span>
+    ) : null}
+  </span>
+) : null;
+
+//  Props.
+CommonIcon.propTypes = {
+  className: PropTypes.string,
+  name: PropTypes.string,
+  proportional: PropTypes.bool,
+  title: PropTypes.string,
+};
+
+//  Export.
+export default CommonIcon;

app/javascript/glitch/components/common/icon/style.scss

@@ -0,0 +1,14 @@
+@import 'variables';
+
+.glitch.glitch__common__icon {
+  display: inline-block;
+
+  ._for-screenreader {
+    position: absolute;
+    margin: -1px -1px;
+    width: 1px;
+    height: 1px;
+    clip: rect(0, 0, 0, 0);
+    overflow: hidden;
+  }
+}

app/javascript/glitch/components/common/link/index.js

@@ -0,0 +1,74 @@
+//  <CommonLink>
+//  ========
+
+//  For code documentation, please see:
+//  https://glitch-soc.github.io/docs/javascript/glitch/common/link
+
+//  For more information, please contact:
+//  @kibi@glitch.social
+
+//  * * * * * * *  //
+
+//  Imports
+//  -------
+
+//  Package imports.
+import classNames from 'classnames';
+import PropTypes from 'prop-types';
+import React from 'react';
+
+//  Stylesheet imports.
+import './style';
+
+//  * * * * * * *  //
+
+//  The component
+//  -------------
+
+export default class CommonLink extends React.PureComponent {
+
+  //  Props.
+  static propTypes = {
+    children: PropTypes.node,
+    className: PropTypes.string,
+    destination: PropTypes.string,
+    history: PropTypes.object,
+    href: PropTypes.string,
+  };
+
+  //  We only reroute the link if it is an unadorned click, we have
+  //  access to the router, and there is somewhere to reroute it *to*.
+  handleClick = (e) => {
+    const { destination, history } = this.props;
+    if (!history || !destination || e.button || e.ctrlKey || e.shiftKey || e.altKey || e.metaKey) return;
+    history.push(destination);
+    e.preventDefault();
+  }
+
+  //  Rendering.
+  render () {
+    const { handleClick } = this;
+    const { children, className, destination, history, href, ...others } = this.props;
+    const computedClass = classNames('glitch', 'glitch__common__link', className);
+    const conditionalProps = {};
+    if (href) {
+      conditionalProps.href = href;
+      conditionalProps.onClick = handleClick;
+    } else if (destination) {
+      conditionalProps.onClick = handleClick;
+      conditionalProps.role = 'link';
+      conditionalProps.tabIndex = 0;
+    } else conditionalProps.role = 'presentation';
+
+    return (
+      <a
+        className={computedClass}
+        {...conditionalProps}
+        {...others}
+        rel='noopener'
+        target='_blank'
+      >{children}</a>
+    );
+  }
+
+}

app/javascript/glitch/components/common/link/style.scss

@@ -0,0 +1,11 @@
+@import 'variables';
+
+/*
+Most link styling happens elsewhere but we disable text-decoration
+here.
+*/
+.glitch.glitch__common__link {
+  display: inline;
+  color: $ui-secondary-color;
+  text-decoration: none;
+}