prefs: Note that favourite confirmation applies to Glitch flavour only (#491 )

Merge pull request #528 from glitch-soc/merge-upstream
Merge with tootsuite/master
2018-06-03 03:40:27 -05:00 · 2018-06-03 03:01:09 -05:00 · 2018-06-03 02:35:54 -05:00 · 2018-06-02 16:19:06 -05:00 · 2018-06-02 16:15:36 -05:00 · 2018-06-02 16:08:31 -05:00
10758 changed files with 149368 additions and 571929 deletions
--- a/.annotaterb.yml
+++ b/.annotaterb.yml
@@ -1,59 +0,0 @@
---
-:position: before
-:position_in_additional_file_patterns: before
-:position_in_class: before
-:position_in_factory: before
-:position_in_fixture: before
-:position_in_routes: before
-:position_in_serializer: before
-:position_in_test: before
-:classified_sort: true
-:exclude_controllers: true
-:exclude_factories: true
-:exclude_fixtures: true
-:exclude_helpers: true
-:exclude_scaffolds: true
-:exclude_serializers: true
-:exclude_sti_subclasses: true
-:exclude_tests: true
-:force: false
-:format_markdown: false
-:format_rdoc: false
-:format_yard: false
-:frozen: false
-:ignore_model_sub_dir: false
-:ignore_unknown_models: false
-:include_version: false
-:show_complete_foreign_keys: false
-:show_foreign_keys: false
-:show_indexes: false
-:simple_indexes: false
-:sort: false
-:timestamp: false
-:trace: false
-:with_comment: true
-:with_column_comments: true
-:with_table_comments: true
-:active_admin: false
-:command:
-:debug: false
-:hide_default_column_types: ''
-:hide_limit_column_types: 'integer,boolean'
-:ignore_columns:
-:ignore_routes:
-:models: true
-:routes: false
-:skip_on_db_migrate: false
-:target_action: :do_annotations
-:wrapper:
-:wrapper_close:
-:wrapper_open:
-:classes_default_to_s: []
-:additional_file_patterns: []
-:model_dir:
-  - app/models
-:require: []
-:root_dir:
-  - ''
-
-:show_check_constraints: false
--- a/.babelrc
+++ b/.babelrc
@@ -0,0 +1,66 @@
+{
+  "presets": [
+    "react",
+    [
+      "env",
+      {
+        "exclude": ["transform-async-to-generator", "transform-regenerator"],
+        "loose": true,
+        "modules": false,
+        "targets": {
+          "browsers": ["last 2 versions", "IE >= 11", "iOS >= 9"]
+        }
+      }
+    ]
+  ],
+  "plugins": [
+    "syntax-dynamic-import",
+    ["transform-object-rest-spread", { "useBuiltIns": true }],
+    "transform-decorators-legacy",
+    "transform-class-properties",
+    [
+      "react-intl",
+      {
+        "messagesDir": "./build/messages"
+      }
+    ],
+    "preval"
+  ],
+  "env": {
+    "development": {
+      "plugins": [
+        "transform-react-jsx-source",
+        "transform-react-jsx-self"
+      ]
+    },
+    "production": {
+      "plugins": [
+        "lodash",
+        [
+          "transform-react-remove-prop-types",
+          {
+            "mode": "remove",
+            "removeImport": true,
+            "additionalLibraries": [
+              "react-immutable-proptypes"
+            ]
+          }
+        ],
+        "transform-react-inline-elements",
+        [
+          "transform-runtime",
+          {
+            "helpers": true,
+            "polyfill": false,
+            "regenerator": false
+          }
+        ]
+      ]
+    },
+    "test": {
+      "plugins": [
+        "transform-es2015-modules-commonjs"
+      ]
+    }
+  }
+}
--- a/.browserslistrc
+++ b/.browserslistrc
@@ -1,6 +0,0 @@
-defaults
-> 0.2%
-firefox >= 78
-ios >= 15.6
-not dead
-not OperaMini all
--- a/.buildpacks
+++ b/.buildpacks
@@ -1,3 +1,3 @@
 https://github.com/heroku/heroku-buildpack-apt
-https://github.com/Scalingo/ffmpeg-buildpack
+https://github.com/Scalingo/nodejs-buildpack
 https://github.com/Scalingo/ruby-buildpack
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -0,0 +1,193 @@
+version: 2
+
+aliases:
+  - &defaults
+    docker:
+      - image: circleci/ruby:2.5.1-stretch-node
+        environment: &ruby_environment
+          BUNDLE_APP_CONFIG: ./.bundle/
+          DB_HOST: localhost
+          DB_USER: root
+          RAILS_ENV: test
+          PARALLEL_TEST_PROCESSORS: 4
+          ALLOW_NOPAM: true
+          CONTINUOUS_INTEGRATION: true
+          DISABLE_SIMPLECOV: true
+    working_directory: ~/projects/mastodon/
+
+  - &attach_workspace
+    attach_workspace:
+      at: ~/projects/
+
+  - &persist_to_workspace
+    persist_to_workspace:
+      root: ~/projects/
+      paths:
+        - ./mastodon/
+
+  - &restore_ruby_dependencies
+    restore_cache:
+      keys:
+        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
+        - v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-
+        - v2-ruby-dependencies-
+
+  - &install_steps
+    steps:
+      - checkout
+      - *attach_workspace
+
+      - restore_cache:
+          keys:
+            - v1-node-dependencies-{{ checksum "yarn.lock" }}
+            - v1-node-dependencies-
+      - run: yarn install --frozen-lockfile
+      - save_cache:
+          key: v1-node-dependencies-{{ checksum "yarn.lock" }}
+          paths:
+            - ./node_modules/
+
+      - *persist_to_workspace
+
+  - &install_system_dependencies
+      run:
+        name: Install system dependencies
+        command: |
+          sudo apt-get update
+          sudo apt-get install -y libicu-dev libidn11-dev libprotobuf-dev protobuf-compiler
+
+  - &install_ruby_dependencies
+      steps:
+        - *attach_workspace
+
+        - *install_system_dependencies
+
+        - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
+        - *restore_ruby_dependencies
+        - run: bundle install --clean --jobs 16 --path ./vendor/bundle/ --retry 3 --with pam_authentication --without development production
+        - save_cache:
+            key: v2-ruby-dependencies-{{ checksum "/tmp/.ruby-version" }}-{{ checksum "Gemfile.lock" }}
+            paths:
+              - ./.bundle/
+              - ./vendor/bundle/
+
+  - &test_steps
+      steps:
+        - *attach_workspace
+
+        - *install_system_dependencies
+        - run: sudo apt-get install -y ffmpeg
+
+        - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
+        - *restore_ruby_dependencies
+
+        - restore_cache:
+            keys:
+              - precompiled-assets-{{ .Branch }}-{{ .Revision }}
+              - precompiled-assets-{{ .Branch }}-
+              - precompiled-assets-
+
+        - run:
+            name: Prepare Tests
+            command: ./bin/rails parallel:create parallel:load_schema parallel:prepare
+        - run:
+            name: Run Tests
+            command: ./bin/retry bundle exec parallel_test ./spec/ --group-by filesize --type rspec
+
+jobs:
+  install:
+    <<: *defaults
+    <<: *install_steps
+
+  install-ruby2.5:
+    <<: *defaults
+    <<: *install_ruby_dependencies
+
+  install-ruby2.4:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.4.4-stretch-node
+        environment: *ruby_environment
+    <<: *install_ruby_dependencies
+
+  build:
+    <<: *defaults
+    steps:
+      - *attach_workspace
+      - *install_system_dependencies
+      - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
+      - *restore_ruby_dependencies
+      - run: ./bin/rails assets:precompile
+      - save_cache:
+          key: precompiled-assets-{{ .Branch }}-{{ .Revision }}
+          paths:
+            - ./public/assets
+            - ./public/packs-test/
+
+  test-ruby2.5:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.5.1-stretch-node
+        environment: *ruby_environment
+      - image: circleci/postgres:10.3-alpine
+        environment:
+          POSTGRES_USER: root
+      - image: circleci/redis:4.0.9-alpine
+    <<: *test_steps
+
+  test-ruby2.4:
+    <<: *defaults
+    docker:
+      - image: circleci/ruby:2.4.4-stretch-node
+        environment: *ruby_environment
+      - image: circleci/postgres:10.3-alpine
+        environment:
+          POSTGRES_USER: root
+      - image: circleci/redis:4.0.9-alpine
+    <<: *test_steps
+
+  test-webui:
+    <<: *defaults
+    docker:
+      - image: circleci/node:8.11.1-stretch
+    steps:
+      - *attach_workspace
+      - run: ./bin/retry yarn test:jest
+
+  check-i18n:
+    <<: *defaults
+    steps:
+      - *attach_workspace
+      - run: ruby -e 'puts RUBY_VERSION' | tee /tmp/.ruby-version
+      - *restore_ruby_dependencies
+      - run: bundle exec i18n-tasks check-normalized
+      - run: bundle exec i18n-tasks unused
+
+workflows:
+  version: 2
+  build-and-test:
+    jobs:
+      - install
+      - install-ruby2.5:
+          requires:
+            - install
+      - install-ruby2.4:
+          requires:
+            - install
+      - build:
+          requires:
+            - install-ruby2.5
+      - test-ruby2.5:
+          requires:
+            - install-ruby2.5
+            - build
+      - test-ruby2.4:
+          requires:
+            - install-ruby2.4
+            - build
+      - test-webui:
+          requires:
+            - install
+      - check-i18n:
+          requires:
+            - install-ruby2.5
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@@ -0,0 +1,37 @@
+version: "2"
+checks:
+  argument-count:
+    enabled: false
+  complex-logic:
+    enabled: false
+  file-lines:
+    enabled: false
+  method-complexity:
+    enabled: false
+  method-count:
+    enabled: false
+  method-lines:
+    enabled: false
+  nested-control-flow:
+    enabled: false
+  return-statements:
+    enabled: false
+  similar-code:
+    enabled: false
+  identical-code:
+    enabled: false
+plugins:
+  brakeman:
+    enabled: true
+  bundler-audit:
+    enabled: true
+  eslint:
+    enabled: true
+    channel: eslint-4
+  rubocop:
+    enabled: true
+  scss-lint:
+    enabled: true
+exclude_patterns:
+- spec/
+- vendor/asset
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -1,18 +0,0 @@
-# For details, see https://github.com/devcontainers/images/tree/main/src/ruby
-FROM mcr.microsoft.com/devcontainers/ruby:3.4-trixie
-
-# Install node version from .nvmrc
-WORKDIR /app
-COPY .nvmrc .
-RUN /bin/bash --login -i -c "nvm install"
-
-# Install additional OS packages
-RUN apt-get update && \
-    export DEBIAN_FRONTEND=noninteractive && \
-    apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg libvips42 libpam-dev
-
-# Disable download prompt for Corepack
-ENV COREPACK_ENABLE_DOWNLOAD_PROMPT=0
-
-# Move welcome message to where VS Code expects it
-COPY .devcontainer/welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt
--- a/.devcontainer/codespaces/devcontainer.json
+++ b/.devcontainer/codespaces/devcontainer.json
@@ -1,51 +0,0 @@
-{
-  "name": "Mastodon on GitHub Codespaces",
-  "dockerComposeFile": "../compose.yaml",
-  "service": "app",
-  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
-
-  "features": {
-    "ghcr.io/devcontainers/features/sshd:1": {}
-  },
-
-  "runServices": ["app", "db", "redis"],
-
-  "forwardPorts": [3000, 4000],
-
-  "portsAttributes": {
-    "3000": {
-      "label": "web",
-      "onAutoForward": "notify"
-    },
-    "4000": {
-      "label": "stream",
-      "onAutoForward": "silent"
-    }
-  },
-
-  "remoteUser": "root",
-
-  "otherPortsAttributes": {
-    "onAutoForward": "silent"
-  },
-
-  "remoteEnv": {
-    "LOCAL_DOMAIN": "${localEnv:CODESPACE_NAME}-3000.app.github.dev",
-    "LOCAL_HTTPS": "true",
-    "STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
-    "DISABLE_FORGERY_REQUEST_PROTECTION": "true",
-    "ES_ENABLED": "",
-    "LIBRE_TRANSLATE_ENDPOINT": ""
-  },
-
-  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
-  "postCreateCommand": "bin/setup",
-  "waitFor": "postCreateCommand",
-
-  "customizations": {
-    "vscode": {
-      "settings": {},
-      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
-    }
-  }
-}
--- a/.devcontainer/compose.yaml
+++ b/.devcontainer/compose.yaml
@@ -1,93 +0,0 @@
-services:
-  app:
-    working_dir: /workspaces/mastodon/
-    build:
-      context: ..
-      dockerfile: .devcontainer/Dockerfile
-    volumes:
-      - ..:/workspaces/mastodon:cached
-    environment:
-      RAILS_ENV: development
-      NODE_ENV: development
-      VITE_RUBY_HOST: 0.0.0.0
-      BIND: 0.0.0.0
-      BOOTSNAP_CACHE_DIR: /tmp
-      REDIS_HOST: redis
-      REDIS_PORT: '6379'
-      DB_HOST: db
-      DB_USER: postgres
-      DB_PASS: postgres
-      DB_PORT: '5432'
-      ES_ENABLED: 'true'
-      ES_HOST: es
-      ES_PORT: '9200'
-      LIBRE_TRANSLATE_ENDPOINT: http://libretranslate:5000
-      LOCAL_DOMAIN: ${LOCAL_DOMAIN:-localhost:3000}
-      VITE_DEV_SERVER_PUBLIC: ${VITE_DEV_SERVER_PUBLIC:-localhost:3036}
-    # Overrides default command so things don't shut down after the process ends.
-    command: sleep infinity
-    ports:
-      - '3000:3000'
-      - '3036:3036'
-      - '4000:4000'
-    networks:
-      - external_network
-      - internal_network
-
-  db:
-    image: postgres:14-alpine
-    restart: unless-stopped
-    volumes:
-      - postgres-data:/var/lib/postgresql/data
-    environment:
-      POSTGRES_USER: postgres
-      POSTGRES_DB: postgres
-      POSTGRES_PASSWORD: postgres
-      POSTGRES_HOST_AUTH_METHOD: trust
-    networks:
-      - internal_network
-
-  redis:
-    image: redis:7-alpine
-    restart: unless-stopped
-    volumes:
-      - redis-data:/data
-    networks:
-      - internal_network
-
-  es:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.17.29
-    restart: unless-stopped
-    environment:
-      ES_JAVA_OPTS: -Xms512m -Xmx512m
-      cluster.name: es-mastodon
-      discovery.type: single-node
-      bootstrap.memory_lock: 'true'
-    volumes:
-      - es-data:/usr/share/elasticsearch/data
-    networks:
-      - internal_network
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-
-  libretranslate:
-    image: libretranslate/libretranslate:v1.7.3
-    restart: unless-stopped
-    volumes:
-      - lt-data:/home/libretranslate/.local
-    networks:
-      - external_network
-      - internal_network
-
-volumes:
-  postgres-data:
-  redis-data:
-  es-data:
-  lt-data:
-
-networks:
-  external_network:
-  internal_network:
-    internal: true
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,42 +0,0 @@
-{
-  "name": "Mastodon on local machine",
-  "dockerComposeFile": "compose.yaml",
-  "service": "app",
-  "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
-
-  "features": {
-    "ghcr.io/devcontainers/features/sshd:1": {}
-  },
-
-  "forwardPorts": [3000, 4000],
-
-  "portsAttributes": {
-    "3000": {
-      "label": "web",
-      "onAutoForward": "notify",
-      "requireLocalPort": true
-    },
-    "4000": {
-      "label": "stream",
-      "onAutoForward": "silent",
-      "requireLocalPort": true
-    }
-  },
-
-  "remoteUser": "root",
-
-  "otherPortsAttributes": {
-    "onAutoForward": "silent"
-  },
-
-  "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
-  "postCreateCommand": "bin/setup",
-  "waitFor": "postCreateCommand",
-
-  "customizations": {
-    "vscode": {
-      "settings": {},
-      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
-    }
-  }
-}
--- a/.devcontainer/welcome-message.txt
+++ b/.devcontainer/welcome-message.txt
@@ -1,7 +0,0 @@
-👋 Welcome to your Mastodon Dev Container!
-
-🛠️ Your environment is fully setup with all the required software.
-
-💥 Run `bin/dev` to start the application processes.
-
-🥼 Run `RAILS_ENV=test bin/rails assets:precompile && RAILS_ENV=test bin/rspec` to run the test suite.
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,15 +1,8 @@
-.bundle
 .env
 .env.*
-.git
-.gitattributes
-.gitignore
-.github
-.vscode
 public/system
 public/assets
 public/packs
-public/packs-test
 node_modules
 neo4j
 vendor/bundle
@@ -17,14 +10,5 @@ vendor/bundle
 *.swp
 *~
 postgres
-postgres14
 redis
 elasticsearch
-chart
-storybook-static
-.yarn/
-!.yarn/patches
-!.yarn/plugins
-!.yarn/releases
-!.yarn/sdks
-!.yarn/versions
--- a/.editorconfig
+++ b/.editorconfig
@@ -10,4 +10,3 @@ insert_final_newline = true
 charset = utf-8
 indent_style = space
 indent_size = 2
-trim_trailing_whitespace = true
--- a/.env.development
+++ b/.env.development
@@ -1,4 +0,0 @@
-# Required by ActiveRecord encryption feature
-ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=fkSxKD2bF396kdQbrP1EJ7WbU7ZgNokR
-ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=r0hvVmzBVsjxC7AMlwhOzmtc36ZCOS1E
-ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=PhdFyyfy5xJ7WVd2lWBpcPScRQHzRTNr
--- a/.env.nanobox
+++ b/.env.nanobox
@@ -0,0 +1,226 @@
+# Service dependencies
+# You may set REDIS_URL instead for more advanced options
+REDIS_HOST=$DATA_REDIS_HOST
+REDIS_PORT=6379
+# REDIS_DB=0
+
+# You may set DATABASE_URL instead for more advanced options
+DB_HOST=$DATA_DB_HOST
+DB_USER=$DATA_DB_USER
+DB_NAME=gonano
+DB_PASS=$DATA_DB_PASS
+DB_PORT=5432
+
+DATABASE_URL=postgresql://$DATA_DB_USER:$DATA_DB_PASS@$DATA_DB_HOST/gonano
+
+# Optional ElasticSearch configuration
+ES_ENABLED=true
+ES_HOST=$DATA_ELASTIC_HOST
+ES_PORT=9200
+
+# Optimizations
+LD_PRELOAD=/data/lib/libjemalloc.so
+
+# ImageMagick optimizations
+MAGICK_TEMPORARY_PATH=/app/tmp
+MAGICK_MEMORY_LIMIT=128MiB
+MAGICK_MAP_LIMIT=64MiB
+MAGICK_TIME_LIMIT=15
+MAGICK_AREA_LIMIT=16MP
+MAGICK_WIDTH_LIMIT=8KP
+MAGICK_HEIGHT_LIMIT=8KP
+
+# Federation
+# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
+# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
+LOCAL_DOMAIN=${APP_NAME}.nanoapp.io
+
+# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
+
+# Use this only if you need to run mastodon on a different domain than the one used for federation.
+# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
+# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
+# WEB_DOMAIN=mastodon.example.com
+
+# Use this if you want to have several aliases handler@example1.com
+# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
+# be added. Comma separated values
+# ALTERNATE_DOMAINS=example1.com,example2.com
+
+# Application secrets
+# Generate each with the `rake secret` task (`nanobox run bundle exec rake secret`)
+SECRET_KEY_BASE=$SECRET_KEY_BASE
+OTP_SECRET=$OTP_SECRET
+
+# VAPID keys (used for push notifications)
+# You can generate the keys using the following command (first is the private key, second is the public one)
+# You should only generate this once per instance. If you later decide to change it, all push subscription will
+# be invalidated, requiring the users to access the website again to resubscribe.
+#
+# Generate with `rake mastodon:webpush:generate_vapid_key` task (`nanobox run bundle exec rake mastodon:webpush:generate_vapid_key`)
+#
+# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
+VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
+VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY
+
+# Registrations
+# Single user mode will disable registrations and redirect frontpage to the first profile
+# SINGLE_USER_MODE=true
+# Prevent registrations with following e-mail domains
+# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
+# Only allow registrations with the following e-mail domains
+# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
+
+# Optionally change default language
+# DEFAULT_LOCALE=de
+
+# E-mail configuration
+# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
+# If you want to use an SMTP server without authentication (e.g local Postfix relay)
+# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
+# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
+SMTP_SERVER=$SMTP_SERVER
+SMTP_PORT=587
+SMTP_LOGIN=$SMTP_LOGIN
+SMTP_PASSWORD=$SMTP_PASSWORD
+SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
+#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
+#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
+#SMTP_AUTH_METHOD=plain
+#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
+#SMTP_OPENSSL_VERIFY_MODE=peer
+#SMTP_ENABLE_STARTTLS_AUTO=true
+#SMTP_TLS=true
+
+# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
+# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
+# PAPERCLIP_ROOT_URL=/system
+
+# Optional asset host for multi-server setups
+# CDN_HOST=https://assets.example.com
+
+# S3 (optional)
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=http
+# S3_HOSTNAME=192.168.1.123:9000
+
+# S3 (Minio Config (optional) Please check Minio instance for details)
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=https
+# S3_HOSTNAME=
+# S3_ENDPOINT=
+# S3_SIGNATURE_VERSION=
+
+# Swift (optional)
+# SWIFT_ENABLED=true
+# SWIFT_USERNAME=
+# For Keystone V3, the value for SWIFT_TENANT should be the project name
+# SWIFT_TENANT=
+# SWIFT_PASSWORD=
+# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
+# issues with token rate-limiting during high load.
+# SWIFT_AUTH_URL=
+# SWIFT_CONTAINER=
+# SWIFT_OBJECT_URL=
+# SWIFT_REGION=
+# Defaults to 'default'
+# SWIFT_DOMAIN_NAME=
+# Defaults to 60 seconds. Set to 0 to disable
+# SWIFT_CACHE_TTL=
+
+# Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
+# S3_CLOUDFRONT_HOST=
+
+# Streaming API integration
+# STREAMING_API_BASE_URL=
+
+# Advanced settings
+# If you need to use pgBouncer, you need to disable prepared statements:
+# PREPARED_STATEMENTS=false
+
+# Cluster number setting for streaming API server.
+# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
+# STREAMING_CLUSTER_NUM=1
+
+# Docker mastodon user
+# If you use Docker, you may want to assign UID/GID manually.
+# UID=1000
+# GID=1000
+
+# LDAP authentication (optional)
+# LDAP_ENABLED=true
+# LDAP_HOST=localhost
+# LDAP_PORT=389
+# LDAP_METHOD=simple_tls
+# LDAP_BASE=
+# LDAP_BIND_DN=
+# LDAP_PASSWORD=
+# LDAP_UID=cn
+
+# PAM authentication (optional)
+# PAM authentication uses for the email generation the "email" pam variable
+# and optional as fallback PAM_DEFAULT_SUFFIX
+# The pam environment variable "email" is provided by:
+# https://github.com/devkral/pam_email_extractor
+# PAM_ENABLED=true
+# Fallback Suffix for email address generation (nil by default)
+# PAM_DEFAULT_SUFFIX=pam
+# Name of the pam service (pam "auth" section is evaluated)
+# PAM_DEFAULT_SERVICE=rpam
+# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
+# PAM_CONTROLLED_SERVICE=rpam
+
+# Global OAuth settings (optional) :
+# If you have only one strategy, you may want to enable this
+# OAUTH_REDIRECT_AT_SIGN_IN=true
+
+# Optional CAS authentication (cf. omniauth-cas) :
+# CAS_ENABLED=true
+# CAS_URL=https://sso.myserver.com/
+# CAS_HOST=sso.myserver.com/
+# CAS_PORT=443
+# CAS_SSL=true
+# CAS_VALIDATE_URL=
+# CAS_CALLBACK_URL=
+# CAS_LOGOUT_URL=
+# CAS_LOGIN_URL=
+# CAS_UID_FIELD='user'
+# CAS_CA_PATH=
+# CAS_DISABLE_SSL_VERIFICATION=false
+# CAS_UID_KEY='user'
+# CAS_NAME_KEY='name'
+# CAS_EMAIL_KEY='email'
+# CAS_NICKNAME_KEY='nickname'
+# CAS_FIRST_NAME_KEY='firstname'
+# CAS_LAST_NAME_KEY='lastname'
+# CAS_LOCATION_KEY='location'
+# CAS_IMAGE_KEY='image'
+# CAS_PHONE_KEY='phone'
+
+# Optional SAML authentication (cf. omniauth-saml)
+# SAML_ENABLED=true
+# SAML_ACS_URL=
+# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
+# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
+# SAML_IDP_CERT=
+# SAML_IDP_CERT_FINGERPRINT=
+# SAML_NAME_IDENTIFIER_FORMAT=
+# SAML_CERT=
+# SAML_PRIVATE_KEY=
+# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
+# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
+# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
+# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
+# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.5.4.42"
+# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
--- a/.env.production.sample
+++ b/.env.production.sample
@@ -1,90 +1,236 @@
-# This is a sample configuration file. You can generate your configuration
-# with the `bundle exec rails mastodon:setup` interactive setup wizard, but to customize
-# your setup even further, you'll need to edit it manually. This sample does
-# not demonstrate all available configuration options. Please look at
-# https://docs.joinmastodon.org/admin/config/ for the full documentation.
-
-# Note that this file accepts slightly different syntax depending on whether
-# you are using `docker-compose` or not. In particular, if you use
-# `docker-compose`, the value of each declared variable will be taken verbatim,
-# including surrounding quotes.
-# See: https://github.com/mastodon/mastodon/issues/16895
-
-# Federation
-# ----------
-# This identifies your server and cannot be changed safely later
-# ----------
-LOCAL_DOMAIN=example.com
-
-# Redis
-# -----
-REDIS_HOST=localhost
+# Service dependencies
+# You may set REDIS_URL instead for more advanced options
+# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
+REDIS_HOST=redis
 REDIS_PORT=6379
-
-# PostgreSQL
-# ----------
-DB_HOST=/var/run/postgresql
-DB_USER=mastodon
-DB_NAME=mastodon_production
+# You may set DATABASE_URL instead for more advanced options
+DB_HOST=db
+DB_USER=postgres
+DB_NAME=postgres
 DB_PASS=
 DB_PORT=5432
+# Optional ElasticSearch configuration
+# ES_ENABLED=true
+# ES_HOST=es
+# ES_PORT=9200

-# Elasticsearch (optional)
-# ------------------------
-ES_ENABLED=true
-ES_HOST=localhost
-ES_PORT=9200
-# Authentication for ES (optional)
-ES_USER=elastic
-ES_PASS=password
+# Federation
+# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
+# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
+LOCAL_DOMAIN=example.com

-# Secrets
-# -------
-# Make sure to use `bundle exec rails secret` to generate secrets
-# -------
+# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
+
+# Use this only if you need to run mastodon on a different domain than the one used for federation.
+# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
+# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
+# WEB_DOMAIN=mastodon.example.com
+
+# Use this if you want to have several aliases handler@example1.com
+# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
+# be added. Comma separated values
+# ALTERNATE_DOMAINS=example1.com,example2.com
+
+# Application secrets
+# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
 SECRET_KEY_BASE=
+OTP_SECRET=

-# Encryption secrets
-# ------------------
-# Must be available (and set to same values) for all server processes
-# These are private/secret values, do not share outside hosting environment
-# Use `bin/rails db:encryption:init` to generate fresh secrets
-# Do NOT change these secrets once in use, as this would cause data loss and other issues
-# ------------------
-# ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=
-# ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=
-# ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=
-
-# Web Push
-# --------
-# Generate with `bundle exec rails mastodon:webpush:generate_vapid_key`
-# --------
+# VAPID keys (used for push notifications
+# You can generate the keys using the following command (first is the private key, second is the public one)
+# You should only generate this once per instance. If you later decide to change it, all push subscription will
+# be invalidated, requiring the users to access the website again to resubscribe.
+#
+# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
+#
+# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
 VAPID_PRIVATE_KEY=
 VAPID_PUBLIC_KEY=

-# Sending mail
-# ------------
-SMTP_SERVER=
+# Registrations
+# Single user mode will disable registrations and redirect frontpage to the first profile
+# SINGLE_USER_MODE=true
+# Prevent registrations with following e-mail domains
+# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
+# Only allow registrations with the following e-mail domains
+# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
+
+# Optionally change default language
+# DEFAULT_LOCALE=de
+
+# E-mail configuration
+# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
+# If you want to use an SMTP server without authentication (e.g local Postfix relay)
+# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
+# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
+SMTP_SERVER=smtp.mailgun.org
 SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
 SMTP_FROM_ADDRESS=notifications@example.com
+#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
+#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
+#SMTP_AUTH_METHOD=plain
+#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
+#SMTP_OPENSSL_VERIFY_MODE=peer
+#SMTP_ENABLE_STARTTLS_AUTO=true
+#SMTP_TLS=true

-# File storage (optional)
-# -----------------------
-S3_ENABLED=true
-S3_BUCKET=files.example.com
-AWS_ACCESS_KEY_ID=
-AWS_SECRET_ACCESS_KEY=
-S3_ALIAS_HOST=files.example.com
+# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
+# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
+# PAPERCLIP_ROOT_URL=/system

-# Optional list of hosts that are allowed to serve media for your instance
-# EXTRA_MEDIA_HOSTS=https://data.example1.com,https://data.example2.com
+# Optional asset host for multi-server setups
+# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
+# if WEB_DOMAIN is not set. For example, the server may have the
+# following header field:
+# Access-Control-Allow-Origin: https://example.com/
+# CDN_HOST=https://assets.example.com

-# IP and session retention
-# -----------------------
-# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
-# to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
-# -----------------------
-IP_RETENTION_PERIOD=31556952
-SESSION_RETENTION_PERIOD=31556952
+# S3 (optional)
+# The attachment host must allow cross origin request from WEB_DOMAIN or
+# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
+# following header field:
+# Access-Control-Allow-Origin: https://192.168.1.123:9000/
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=http
+# S3_HOSTNAME=192.168.1.123:9000
+
+# S3 (Minio Config (optional) Please check Minio instance for details)
+# The attachment host must allow cross origin request - see the description
+# above.
+# S3_ENABLED=true
+# S3_BUCKET=
+# AWS_ACCESS_KEY_ID=
+# AWS_SECRET_ACCESS_KEY=
+# S3_REGION=
+# S3_PROTOCOL=https
+# S3_HOSTNAME=
+# S3_ENDPOINT=
+# S3_SIGNATURE_VERSION=
+
+# Swift (optional)
+# The attachment host must allow cross origin request - see the description
+# above.
+# SWIFT_ENABLED=true
+# SWIFT_USERNAME=
+# For Keystone V3, the value for SWIFT_TENANT should be the project name
+# SWIFT_TENANT=
+# SWIFT_PASSWORD=
+# Some OpenStack V3 providers require PROJECT_ID (optional)
+# SWIFT_PROJECT_ID=
+# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
+# issues with token rate-limiting during high load.
+# SWIFT_AUTH_URL=
+# SWIFT_CONTAINER=
+# SWIFT_OBJECT_URL=
+# SWIFT_REGION=
+# Defaults to 'default'
+# SWIFT_DOMAIN_NAME=
+# Defaults to 60 seconds. Set to 0 to disable
+# SWIFT_CACHE_TTL=
+
+# Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
+# S3_CLOUDFRONT_HOST=
+
+# Streaming API integration
+# STREAMING_API_BASE_URL=
+
+# Advanced settings
+# If you need to use pgBouncer, you need to disable prepared statements:
+# PREPARED_STATEMENTS=false
+
+# Cluster number setting for streaming API server.
+# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
+STREAMING_CLUSTER_NUM=1
+
+# Docker mastodon user
+# If you use Docker, you may want to assign UID/GID manually.
+# UID=1000
+# GID=1000
+ 
+# Maximum allowed character count
+# MAX_TOOT_CHARS=500
+
+# LDAP authentication (optional)
+# LDAP_ENABLED=true
+# LDAP_HOST=localhost
+# LDAP_PORT=389
+# LDAP_METHOD=simple_tls
+# LDAP_BASE=
+# LDAP_BIND_DN=
+# LDAP_PASSWORD=
+# LDAP_UID=cn
+
+# PAM authentication (optional)
+# PAM authentication uses for the email generation the "email" pam variable
+# and optional as fallback PAM_DEFAULT_SUFFIX
+# The pam environment variable "email" is provided by:
+# https://github.com/devkral/pam_email_extractor
+# PAM_ENABLED=true
+# Fallback email domain for email address generation (LOCAL_DOMAIN by default)
+# PAM_EMAIL_DOMAIN=example.com
+# Name of the pam service (pam "auth" section is evaluated)
+# PAM_DEFAULT_SERVICE=rpam
+# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
+# PAM_CONTROLLED_SERVICE=rpam
+
+# Global OAuth settings (optional) :
+# If you have only one strategy, you may want to enable this
+# OAUTH_REDIRECT_AT_SIGN_IN=true
+
+# Optional CAS authentication (cf. omniauth-cas) :
+# CAS_ENABLED=true
+# CAS_URL=https://sso.myserver.com/
+# CAS_HOST=sso.myserver.com/
+# CAS_PORT=443
+# CAS_SSL=true
+# CAS_VALIDATE_URL=
+# CAS_CALLBACK_URL=
+# CAS_LOGOUT_URL=
+# CAS_LOGIN_URL=
+# CAS_UID_FIELD='user'
+# CAS_CA_PATH=
+# CAS_DISABLE_SSL_VERIFICATION=false
+# CAS_UID_KEY='user'
+# CAS_NAME_KEY='name'
+# CAS_EMAIL_KEY='email'
+# CAS_NICKNAME_KEY='nickname'
+# CAS_FIRST_NAME_KEY='firstname'
+# CAS_LAST_NAME_KEY='lastname'
+# CAS_LOCATION_KEY='location'
+# CAS_IMAGE_KEY='image'
+# CAS_PHONE_KEY='phone'
+
+# Optional SAML authentication (cf. omniauth-saml)
+# SAML_ENABLED=true
+# SAML_ACS_URL=
+# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
+# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
+# SAML_IDP_CERT=
+# SAML_IDP_CERT_FINGERPRINT=
+# SAML_NAME_IDENTIFIER_FORMAT=
+# SAML_CERT=
+# SAML_PRIVATE_KEY=
+# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
+# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
+# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
+# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
+# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
+# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42"
+# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4"
+# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
+# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
+
+# Use HTTP proxy for outgoing request (optional)
+# http_proxy=http://gateway.local:8118
+# Access control for hidden service.
+# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
+# If you use transparent proxy to access to hidden service, uncomment following for skipping private address check.
+# HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY=true
--- a/.env.test
+++ b/.env.test
@@ -1,11 +1,9 @@
-# In test, compile the NodeJS code as if we are in production
-NODE_ENV=production
+# Node.js
+NODE_ENV=test
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
-
-# Secret values required by ActiveRecord encryption feature
-# Use `bin/rails db:encryption:init` to generate fresh secrets
-ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=test_determinist_key_DO_NOT_USE_IN_PRODUCTION
-ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=test_salt_DO_NOT_USE_IN_PRODUCTION
-ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=test_primary_key_DO_NOT_USE_IN_PRODUCTION
+# test pam authentication
+PAM_ENABLED=true
+PAM_DEFAULT_SERVICE=pam_test
+PAM_CONTROLLED_SERVICE=pam_test_controlled
--- a/.env.vagrant
+++ b/.env.vagrant
@@ -1,8 +1,2 @@
 VAGRANT=true
-LOCAL_DOMAIN=mastodon.local
-BIND=0.0.0.0
-DB_HOST=/var/run/postgresql/
-
-ES_ENABLED=true
-ES_HOST=localhost
-ES_PORT=9200
+LOCAL_DOMAIN=mastodon.dev
--- a/.eslintignore
+++ b/.eslintignore
@@ -0,0 +1,30 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-journal
+
+# Ignore all logfiles and tempfiles.
+/log/*
+!/log/.keep
+/tmp
+coverage
+public/system
+public/assets
+.env
+.env.production
+node_modules/
+neo4j/
+
+# Ignore Vagrant files
+.vagrant/
+
+# Ignore Capistrano customizations
+config/deploy/*
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@@ -0,0 +1,175 @@
+---
+root: true
+
+env:
+  browser: true
+  node: true
+  es6: true
+  jest: true
+
+globals:
+  ATTACHMENT_HOST: false
+
+parser: babel-eslint
+
+plugins:
+- react
+- jsx-a11y
+- import
+- promise
+
+parserOptions:
+  sourceType: module
+  ecmaFeatures:
+    experimentalObjectRestSpread: true
+    jsx: true
+  ecmaVersion: 2018
+
+settings:
+  import/extensions:
+  - .js
+  import/ignore:
+  - node_modules
+  - \\.(css|scss|json)$
+  import/resolver:
+    node:
+      moduleDirectory:
+        - node_modules
+        - app/javascript
+
+rules:
+  brace-style: warn
+  comma-dangle:
+  - error
+  - always-multiline
+  comma-spacing:
+  - warn
+  - before: false
+    after: true
+  comma-style:
+  - warn
+  - last
+  consistent-return: error
+  dot-notation: error
+  eqeqeq: error
+  indent:
+  - warn
+  - 2
+  jsx-quotes:
+  - error
+  - prefer-single
+  no-catch-shadow: error
+  no-cond-assign: error
+  no-console:
+  - warn
+  - allow:
+    - error
+    - warn
+  no-fallthrough: error
+  no-irregular-whitespace: error
+  no-mixed-spaces-and-tabs: warn
+  no-nested-ternary: warn
+  no-trailing-spaces: warn
+  no-undef: error
+  no-unreachable: error
+  no-unused-expressions: error
+  no-unused-vars:
+  - error
+  - vars: all
+    args: after-used
+    ignoreRestSiblings: true
+  object-curly-spacing:
+  - error
+  - always
+  padded-blocks:
+  - error
+  - classes: always
+  quotes:
+  - error
+  - single
+  semi: error
+  strict: off
+  valid-typeof: error
+
+  react/jsx-boolean-value: error
+  react/jsx-closing-bracket-location:
+  - error
+  - line-aligned
+  react/jsx-curly-spacing: error
+  react/jsx-equals-spacing: error
+  react/jsx-first-prop-new-line:
+  - error
+  - multiline-multiprop
+  react/jsx-indent:
+  - error
+  - 2
+  react/jsx-no-bind: error
+  react/jsx-no-duplicate-props: error
+  react/jsx-no-undef: error
+  react/jsx-tag-spacing: error
+  react/jsx-uses-react: error
+  react/jsx-uses-vars: error
+  react/jsx-wrap-multilines: error
+  react/no-multi-comp: off
+  react/no-string-refs: error
+  react/prop-types: error
+  react/self-closing-comp: error
+
+  jsx-a11y/accessible-emoji: warn
+  jsx-a11y/alt-text: warn
+  jsx-a11y/anchor-has-content: warn
+  jsx-a11y/anchor-is-valid:
+  - warn
+  - components:
+    - Link
+    - NavLink
+    specialLink:
+    - to
+    aspect:
+    - noHref
+    - invalidHref
+    - preferButton
+  jsx-a11y/aria-activedescendant-has-tabindex: warn
+  jsx-a11y/aria-props: warn
+  jsx-a11y/aria-proptypes: warn
+  jsx-a11y/aria-role: warn
+  jsx-a11y/aria-unsupported-elements: warn
+  jsx-a11y/heading-has-content: warn
+  jsx-a11y/html-has-lang: warn
+  jsx-a11y/iframe-has-title: warn
+  jsx-a11y/img-redundant-alt: warn
+  jsx-a11y/interactive-supports-focus: warn
+  jsx-a11y/label-has-for: off
+  jsx-a11y/mouse-events-have-key-events: warn
+  jsx-a11y/no-access-key: warn
+  jsx-a11y/no-distracting-elements: warn
+  jsx-a11y/no-noninteractive-element-interactions:
+  - warn
+  - handlers:
+    - onClick
+  jsx-a11y/no-onchange: warn
+  jsx-a11y/no-redundant-roles: warn
+  jsx-a11y/no-static-element-interactions:
+  - warn
+  - handlers:
+    - onClick
+  jsx-a11y/role-has-required-aria-props: warn
+  jsx-a11y/role-supports-aria-props: off
+  jsx-a11y/scope: warn
+  jsx-a11y/tabindex-no-positive: warn
+
+  import/extensions:
+  - error
+  - always
+  - js: never
+  import/newline-after-import: error
+  import/no-extraneous-dependencies:
+  - error
+  - devDependencies:
+    - "config/webpack/**"
+    - "app/javascript/mastodon/test_setup.js"
+    - "app/javascript/**/__tests__/**"
+  import/no-unresolved: error
+  import/no-webpack-loader-syntax: error
+
+  promise/catch-or-return: error
--- a/.github/.well-known/funding-manifest-urls
+++ b/.github/.well-known/funding-manifest-urls
@@ -1 +0,0 @@
-https://joinmastodon.org/funding.json
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -0,0 +1,32 @@
+# CODEOWNERS for tootsuite/mastodon
+
+# Translators
+# To add translator, copy these lines, replace `fr` with appropriate language code and replace `@żelipapą` with user's GitHub nickname preceded by `@` sign or e-mail address.
+# /app/javascript/mastodon/locales/fr.json @żelipapą
+# /app/views/user_mailer/*.fr.html.erb @żelipapą
+# /app/views/user_mailer/*.fr.text.erb @żelipapą
+# /config/locales/*.fr.yml @żelipapą
+# /config/locales/fr.yml @żelipapą
+
+# Polish
+/app/javascript/mastodon/locales/pl.json @m4sk1n
+/app/views/user_mailer/*.pl.html.erb @m4sk1n
+/app/views/user_mailer/*.pl.text.erb @m4sk1n
+/config/locales/*.pl.yml @m4sk1n
+/config/locales/pl.yml @m4sk1n
+
+# French
+/app/javascript/mastodon/locales/fr.json @aldarone
+/app/javascript/mastodon/locales/whitelist_fr.json @aldarone
+/app/views/user_mailer/*.fr.html.erb @aldarone
+/app/views/user_mailer/*.fr.text.erb @aldarone
+/config/locales/*.fr.yml @aldarone
+/config/locales/fr.yml @aldarone
+
+# Dutch
+/app/javascript/mastodon/locales/nl.json @jeroenpraat
+/app/javascript/mastodon/locales/whitelist_nl.json @jeroenpraat
+/app/views/user_mailer/*.nl.html.erb @jeroenpraat
+/app/views/user_mailer/*.nl.text.erb @jeroenpraat
+/config/locales/*.nl.yml @jeroenpraat
+/config/locales/nl.yml @jeroenpraat
--- a/.github/ISSUE_TEMPLATE/1.web_bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/1.web_bug_report.yml
@@ -1,77 +0,0 @@
-name: Bug Report (Web Interface)
-description: There is a problem using Mastodon's web interface.
-labels: ['area/web interface']
-type: Bug
-body:
-  - type: markdown
-    attributes:
-      value: |
-        Make sure that you are submitting a new bug that was not previously reported or already fixed.
-
-        Please use a concise and distinct title for the issue.
-  - type: textarea
-    attributes:
-      label: Steps to reproduce the problem
-      description: What were you trying to do?
-      value: |
-        1.
-        2.
-        3.
-        ...
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Expected behaviour
-      description: What should have happened?
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Actual behaviour
-      description: What happened?
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Detailed description
-    validations:
-      required: false
-  - type: input
-    attributes:
-      label: Mastodon instance
-      description: The address of the Mastodon instance where you experienced the issue
-      placeholder: mastodon.social
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Mastodon version
-      description: |
-        This is displayed at the bottom of the About page, eg. `v4.4.0-beta.1`
-      placeholder: v4.4.0-beta.1
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Browser name and version
-      description: |
-        What browser are you using when getting this bug? Please specify the version as well.
-      placeholder: Firefox 139.0.0
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Operating system
-      description: |
-        What OS are you running? Please specify the version as well.
-      placeholder: macOS 15.5
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Technical details
-      description: |
-        Any additional technical details you may have. This can include the full error log, inspector's output…
-    validations:
-      required: false
--- a/.github/ISSUE_TEMPLATE/2.server_bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/2.server_bug_report.yml
@@ -1,65 +0,0 @@
-name: Bug Report (server / API)
-description: |
-  There is a problem with the HTTP server, REST API, ActivityPub interaction, etc.
-type: 'Bug'
-body:
-  - type: markdown
-    attributes:
-      value: |
-        Make sure that you are submitting a new bug that was not previously reported or already fixed.
-
-        Please use a concise and distinct title for the issue.
-  - type: textarea
-    attributes:
-      label: Steps to reproduce the problem
-      description: What were you trying to do?
-      value: |
-        1.
-        2.
-        3.
-        ...
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Expected behaviour
-      description: What should have happened?
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Actual behaviour
-      description: What happened?
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Detailed description
-    validations:
-      required: false
-  - type: input
-    attributes:
-      label: Mastodon instance
-      description: The address of the Mastodon instance where you experienced the issue
-      placeholder: mastodon.social
-    validations:
-      required: false
-  - type: input
-    attributes:
-      label: Mastodon version
-      description: |
-        This is displayed at the bottom of the About page, eg. `v4.4.0-beta.1`
-      placeholder: v4.4.0-beta.1
-    validations:
-      required: false
-  - type: textarea
-    attributes:
-      label: Technical details
-      description: |
-        Any additional technical details you may have, like logs or error traces
-      value: |
-        If this is happening on your own Mastodon server, please fill out those:
-        - Ruby version: (from `ruby --version`, eg. v3.4.4)
-        - Node.js version: (from `node --version`, eg. v22.16.0)
-    validations:
-      required: false
--- a/.github/ISSUE_TEMPLATE/3.troubleshooting.yml
+++ b/.github/ISSUE_TEMPLATE/3.troubleshooting.yml
@@ -1,74 +0,0 @@
-name: Deployment troubleshooting
-description: |
-  You are a server administrator and you are encountering a technical issue during installation, upgrade or operations of Mastodon.
-labels: ['status/to triage']
-type: 'Troubleshooting'
-body:
-  - type: markdown
-    attributes:
-      value: |
-        Make sure that you are submitting a new bug that was not previously reported or already fixed.
-
-        Please use a concise and distinct title for the issue.
-  - type: textarea
-    attributes:
-      label: Steps to reproduce the problem
-      description: What were you trying to do?
-      value: |
-        1.
-        2.
-        3.
-        ...
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Expected behaviour
-      description: What should have happened?
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Actual behaviour
-      description: What happened?
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Detailed description
-    validations:
-      required: false
-  - type: input
-    attributes:
-      label: Mastodon instance
-      description: The address of the Mastodon instance where you experienced the issue
-      placeholder: mastodon.social
-    validations:
-      required: true
-  - type: input
-    attributes:
-      label: Mastodon version
-      description: |
-        This is displayed at the bottom of the About page, eg. `v4.4.0-alpha.1`
-      placeholder: v4.4.0-beta.1
-    validations:
-      required: false
-  - type: textarea
-    attributes:
-      label: Environment
-      description: |
-        Details about your environment, like how Mastodon is deployed, if containers are used, version numbers, etc.
-      value: |
-        Please at least include those informations:
-        - Operating system: (eg. Ubuntu 24.04.2)
-        - Ruby version: (from `ruby --version`, eg. v3.4.4)
-        - Node.js version: (from `node --version`, eg. v22.16.0)
-    validations:
-      required: false
-  - type: textarea
-    attributes:
-      label: Technical details
-      description: |
-        Any additional technical details you may have, like logs or error traces
-    validations:
-      required: false
--- a/.github/ISSUE_TEMPLATE/4.feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/4.feature_request.yml
@@ -1,22 +0,0 @@
-name: Feature Request
-description: I have a suggestion
-type: Suggestion
-body:
-  - type: markdown
-    attributes:
-      value: |
-        Please use a concise and distinct title for the issue.
-
-        Consider: Could it be implemented as a 3rd party app using the REST API instead?
-  - type: textarea
-    attributes:
-      label: Pitch
-      description: Describe your idea for a feature. Make sure it has not already been suggested/implemented/turned down before.
-    validations:
-      required: true
-  - type: textarea
-    attributes:
-      label: Motivation
-      description: Why do you think this feature is needed? Who would benefit from it?
-    validations:
-      required: true
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,12 @@
+---
+name: Bug Report
+about: Create a report to help us improve
+
+---
+
+[Issue text goes here].
+
+* * * *
+
+- [ ] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
+- [ ] This bug happens on a [tagged release](https://github.com/tootsuite/mastodon/releases) and not on `master` (If you're a user, don't worry about this).
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,5 +0,0 @@
-blank_issues_enabled: false
-contact_links:
-  - name: GitHub Discussions
-    url: https://github.com/mastodon/mastodon/discussions
-    about: Please ask and answer questions here.
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,11 @@
+---
+name: Feature Request
+about: Suggest an idea for this project
+
+---
+
+[Issue text goes here].
+
+* * * *
+
+- [ ] I searched or browsed the repo’s other issues to ensure this is not a duplicate.
--- a/.github/actions/setup-javascript/action.yml
+++ b/.github/actions/setup-javascript/action.yml
@@ -1,42 +0,0 @@
-name: 'Setup Javascript'
-description: 'Setup a Javascript environment ready to run the Mastodon code'
-inputs:
-  onlyProduction:
-    description: Only install production dependencies
-    default: 'false'
-
-runs:
-  using: 'composite'
-  steps:
-    - name: Set up Node.js
-      uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
-      with:
-        node-version-file: '.nvmrc'
-
-    # The following is needed because we can not use `cache: true` for `setup-node`, as it does not support Corepack yet and mess up with the cache location if ran after Node is installed
-    - name: Enable corepack
-      shell: bash
-      run: corepack enable
-
-    - name: Get yarn cache directory path
-      id: yarn-cache-dir-path
-      shell: bash
-      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
-
-    - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5
-      id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
-      with:
-        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
-        key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
-        restore-keys: |
-          ${{ runner.os }}-yarn-
-
-    - name: Install all yarn packages
-      shell: bash
-      run: yarn install --immutable
-      if: inputs.onlyProduction == 'false'
-
-    - name: Install all production yarn packages
-      shell: bash
-      run: yarn workspaces focus --production
-      if: inputs.onlyProduction != 'false'
--- a/.github/actions/setup-ruby/action.yml
+++ b/.github/actions/setup-ruby/action.yml
@@ -1,23 +0,0 @@
-name: 'Setup RUby'
-description: 'Setup a Ruby environment ready to run the Mastodon code'
-inputs:
-  ruby-version:
-    description: The Ruby version to install
-    default: '.ruby-version'
-  additional-system-dependencies:
-    description: 'Additional packages to install'
-
-runs:
-  using: 'composite'
-  steps:
-    - name: Install system dependencies
-      shell: bash
-      run: |
-        sudo apt-get update
-        sudo apt-get install -y libicu-dev libidn11-dev libvips42 ${{ inputs.additional-system-dependencies }}
-
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1
-      with:
-        ruby-version: ${{ inputs.ruby-version }}
-        bundler-cache: true
--- a/.github/codecov.yml
+++ b/.github/codecov.yml
@@ -1,13 +0,0 @@
-comment: false # Do not leave PR comments
-coverage:
-  status:
-    project:
-      default:
-        # GitHub status check is not blocking
-        informational: true
-    patch:
-      default:
-        # GitHub status check is not blocking
-        informational: true
-github_checks:
-  annotations: false
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@@ -1,174 +0,0 @@
-{
-  $schema: 'https://docs.renovatebot.com/renovate-schema.json',
-  extends: [
-    'config:recommended',
-    'customManagers:dockerfileVersions',
-    ':labels(dependencies)',
-    ':prConcurrentLimitNone', // Remove limit for open PRs at any time.
-    ':enableVulnerabilityAlertsWithLabel(security)',
-  ],
-  rebaseWhen: 'conflicted',
-  minimumReleaseAge: '3', // Wait 3 days after the package has been published before upgrading it
-  // packageRules order is important, they are applied from top to bottom and are merged,
-  // meaning the most important ones must be at the bottom, for example grouping rules
-  // If we do not want a package to be grouped with others, we need to set its groupName
-  // to `null` after any other rule set it to something.
-  dependencyDashboardHeader: 'This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. Before approving any upgrade: read the description and comments in the [`renovate.json5` file](https://github.com/mastodon/mastodon/blob/main/.github/renovate.json5).',
-  postUpdateOptions: ['yarnDedupeHighest'],
-  // The types are now included in recent versions,we ignore them here until we upgrade and remove the dependency
-  ignoreDeps: ['@types/emoji-mart'],
-  packageRules: [
-    {
-      // Require Dependency Dashboard Approval for major version bumps of these node packages
-      matchManagers: ['npm'],
-      matchPackageNames: [
-        // react-router: Requires manual upgrade
-        'history',
-        'react-router-dom',
-
-        // react-spring: Requires manual upgrade when upgrading react
-        '@react-spring/web',
-      ],
-      matchUpdateTypes: ['major'],
-      dependencyDashboardApproval: true,
-    },
-    {
-      // Require Dependency Dashboard Approval for major version bumps of these Ruby packages
-      matchManagers: ['bundler'],
-      matchPackageNames: [
-        'strong_migrations', // Requires manual upgrade
-        'sidekiq', // Requires manual upgrade
-        'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version
-        'redis', // Requires manual upgrade and sync with Sidekiq version
-      ],
-      matchUpdateTypes: ['major'],
-      dependencyDashboardApproval: true,
-    },
-    {
-      // Update GitHub Actions and Docker images weekly
-      matchManagers: ['github-actions', 'dockerfile', 'docker-compose'],
-      extends: ['schedule:weekly'],
-    },
-    {
-      // Require Dependency Dashboard Approval for major & minor bumps for the ruby image, this needs to be synced with .ruby-version
-      matchManagers: ['dockerfile'],
-      matchPackageNames: ['moritzheiber/ruby-jemalloc'],
-      matchUpdateTypes: ['minor', 'major'],
-      dependencyDashboardApproval: true,
-    },
-    {
-      // Require Dependency Dashboard Approval for major bumps for the node image, this needs to be synced with .nvmrc
-      matchManagers: ['dockerfile'],
-      matchPackageNames: ['node'],
-      matchUpdateTypes: ['major'],
-      dependencyDashboardApproval: true,
-    },
-    {
-      // Require Dependency Dashboard Approval for major postgres bumps in the docker-compose file, as those break dev environments
-      matchManagers: ['docker-compose'],
-      matchPackageNames: ['postgres'],
-      matchUpdateTypes: ['major'],
-      dependencyDashboardApproval: true,
-    },
-    {
-      // Update devDependencies every week, with one grouped PR
-      matchManagers: ['npm'],
-      matchDepTypes: 'devDependencies',
-      matchUpdateTypes: ['patch', 'minor'],
-      groupName: 'devDependencies (non-major)',
-      extends: ['schedule:weekly'],
-    },
-    {
-      // Group all eslint-related packages with `eslint` in the same PR
-      matchManagers: ['npm'],
-      matchPackageNames: [
-        'eslint',
-        'eslint-*',
-        'typescript-eslint',
-        '@eslint/*',
-        'globals',
-      ],
-      matchUpdateTypes: ['patch', 'minor'],
-      groupName: 'eslint (non-major)',
-    },
-    {
-      // Group all Storybook-related packages in the same PR
-      matchManagers: ['npm'],
-      matchPackageNames: [
-        'chromatic',
-        'storybook',
-        '@storybook/*',
-        'msw',
-        'msw-storybook-addon',
-      ],
-      matchUpdateTypes: ['patch', 'minor'],
-      groupName: 'storybook (non-major)',
-    },
-    {
-      // Group actions/*-artifact in the same PR
-      matchManagers: ['github-actions'],
-      matchPackageNames: [
-        'actions/download-artifact',
-        'actions/upload-artifact',
-      ],
-      matchUpdateTypes: ['major'],
-      groupName: 'artifact actions (major)',
-      extends: ['helpers:pinGitHubActionDigests'],
-    },
-    {
-      // Update @types/* packages every week, with one grouped PR
-      matchManagers: ['npm'],
-      matchPackageNames: '@types/*',
-      matchUpdateTypes: ['patch', 'minor'],
-      groupName: 'DefinitelyTyped types (non-major)',
-      extends: ['schedule:weekly'],
-      addLabels: ['typescript'],
-    },
-    {
-      // We want those packages to always have their own PR
-      matchManagers: ['npm'],
-      matchPackageNames: [
-        'typescript', // Typescript has code-impacting changes in minor versions
-      ],
-      groupName: null, // We dont want them to belong to any group
-    },
-    {
-      // Group all RuboCop packages with `rubocop` in the same PR
-      matchManagers: ['bundler'],
-      matchPackageNames: ['rubocop', 'rubocop-*'],
-      matchUpdateTypes: ['patch', 'minor'],
-      groupName: 'RuboCop (non-major)',
-    },
-    {
-      // Group all RSpec packages with `rspec` in the same PR
-      matchManagers: ['bundler'],
-      matchPackageNames: ['rspec', 'rspec-*'],
-      matchUpdateTypes: ['patch', 'minor'],
-      groupName: 'RSpec (non-major)',
-    },
-    {
-      // Group all opentelemetry-ruby packages in the same PR
-      matchManagers: ['bundler'],
-      matchPackageNames: ['opentelemetry-*'],
-      matchUpdateTypes: ['patch', 'minor'],
-      groupName: 'opentelemetry-ruby (non-major)',
-    },
-    {
-      // The ruby portion of the Playwright group
-      matchManagers: ['bundler'],
-      matchPackageNames: ['playwright-ruby-client'],
-      groupName: 'Playwright',
-    },
-    {
-      // The node portion of the Playwright group
-      matchManagers: ['npm'],
-      matchPackageNames: ['playwright'],
-      groupName: 'Playwright',
-    },
-    // Add labels depending on package manager
-    { matchManagers: ['npm', 'nvm'], addLabels: ['javascript'] },
-    { matchManagers: ['bundler', 'ruby-version'], addLabels: ['ruby'] },
-    { matchManagers: ['docker-compose', 'dockerfile'], addLabels: ['docker'] },
-    { matchManagers: ['github-actions'], addLabels: ['github_actions'] },
-  ],
-}
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -1,10 +0,0 @@
-daysUntilStale: 120
-daysUntilClose: 7
-exemptLabels:
-  - security
-staleLabel: wontfix
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
-  for your contributions.
-only: pulls
--- a/.github/workflows/build-container-image.yml
+++ b/.github/workflows/build-container-image.yml
@@ -1,170 +0,0 @@
-on:
-  workflow_call:
-    inputs:
-      cache:
-        type: boolean
-        default: true
-      push_to_images:
-        type: string
-      version_prerelease:
-        type: string
-      version_metadata:
-        type: string
-      flavor:
-        type: string
-      tags:
-        type: string
-      labels:
-        type: string
-      file_to_build:
-        type: string
-
-# This builds multiple images with one runner each, allowing us to build for multiple architectures
-# using Github's runners.
-# The two-step process is adapted form:
-# https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners
-jobs:
-  # Build each (amd64 and arm64) image separately
-  build-image:
-    runs-on: ${{ startsWith(matrix.platform, 'linux/arm') && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
-    strategy:
-      fail-fast: false
-      matrix:
-        platform:
-          - linux/amd64
-          - linux/arm64
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Prepare
-        env:
-          PUSH_TO_IMAGES: ${{ inputs.push_to_images }}
-        run: |
-          platform=${{ matrix.platform }}
-          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-          # Transform multi-line variable into comma-separated variable
-          image_names=${PUSH_TO_IMAGES//$'\n'/,}
-          echo "IMAGE_NAMES=${image_names%,}" >> $GITHUB_ENV
-
-      - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
-        id: buildx
-
-      - name: Log in to Docker Hub
-        if: contains(inputs.push_to_images, 'tootsuite')
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Log in to the GitHub Container registry
-        if: contains(inputs.push_to_images, 'ghcr.io')
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5
-        if: ${{ inputs.push_to_images != '' }}
-        with:
-          images: ${{ inputs.push_to_images }}
-          flavor: ${{ inputs.flavor }}
-          labels: ${{ inputs.labels }}
-
-      - name: Build and push by digest
-        id: build
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
-        with:
-          context: .
-          file: ${{ inputs.file_to_build }}
-          build-args: |
-            MASTODON_VERSION_PRERELEASE=${{ inputs.version_prerelease }}
-            MASTODON_VERSION_METADATA=${{ inputs.version_metadata }}
-            SOURCE_COMMIT=${{ github.sha }}
-          platforms: ${{ matrix.platform }}
-          provenance: false
-          push: ${{ inputs.push_to_images != '' }}
-          cache-from: ${{ inputs.cache && 'type=gha' || '' }}
-          cache-to: ${{ inputs.cache && 'type=gha,mode=max' || '' }}
-          outputs: type=image,"name=${{ env.IMAGE_NAMES }}",push-by-digest=true,name-canonical=true,push=${{ inputs.push_to_images != '' }}
-
-      - name: Export digest
-        if: ${{ inputs.push_to_images != '' }}
-        run: |
-          mkdir -p "${{ runner.temp }}/digests"
-          digest="${{ steps.build.outputs.digest }}"
-          touch "${{ runner.temp }}/digests/${digest#sha256:}"
-
-      - name: Upload digest
-        if: ${{ inputs.push_to_images != '' }}
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
-        with:
-          # `hashFiles` is used to disambiguate between streaming and non-streaming images
-          name: digests-${{ hashFiles(inputs.file_to_build) }}-${{ env.PLATFORM_PAIR }}
-          path: ${{ runner.temp }}/digests/*
-          if-no-files-found: error
-          retention-days: 1
-
-  # Then merge the docker images into a single one
-  merge-images:
-    if: ${{ inputs.push_to_images != '' }}
-    runs-on: ubuntu-24.04
-    needs:
-      - build-image
-
-    env:
-      PUSH_TO_IMAGES: ${{ inputs.push_to_images }}
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Download digests
-        uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
-        with:
-          path: ${{ runner.temp }}/digests
-          # `hashFiles` is used to disambiguate between streaming and non-streaming images
-          pattern: digests-${{ hashFiles(inputs.file_to_build) }}-*
-          merge-multiple: true
-
-      - name: Log in to Docker Hub
-        if: contains(inputs.push_to_images, 'tootsuite')
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Log in to the GitHub Container registry
-        if: contains(inputs.push_to_images, 'ghcr.io')
-        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
-
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5
-        if: ${{ inputs.push_to_images != '' }}
-        with:
-          images: ${{ inputs.push_to_images }}
-          flavor: ${{ inputs.flavor }}
-          tags: ${{ inputs.tags }}
-          labels: ${{ inputs.labels }}
-
-      - name: Create manifest list and push
-        working-directory: ${{ runner.temp }}/digests
-        run: |
-          echo "$PUSH_TO_IMAGES" | xargs -I{} \
-            docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-              $(printf '{}@sha256:%s ' *)
-
-      - name: Inspect image
-        run: |
-          echo "$PUSH_TO_IMAGES" | xargs -i{} \
-            docker buildx imagetools inspect {}:${{ steps.meta.outputs.version }}
--- a/.github/workflows/build-nightly.yml
+++ b/.github/workflows/build-nightly.yml
@@ -1,62 +0,0 @@
-name: Build nightly container image
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '0 2 * * *' # run at 2 AM UTC
-
-permissions:
-  contents: read
-  packages: write
-
-jobs:
-  compute-suffix:
-    runs-on: ubuntu-latest
-    if: github.repository == 'mastodon/mastodon'
-    steps:
-      - id: version_vars
-        env:
-          TZ: Etc/UTC
-        run: |
-          echo mastodon_version_prerelease=nightly.$(date +'%Y-%m-%d')>> $GITHUB_OUTPUT
-    outputs:
-      prerelease: ${{ steps.version_vars.outputs.mastodon_version_prerelease }}
-
-  build-image:
-    needs: compute-suffix
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: Dockerfile
-      cache: false
-      push_to_images: |
-        tootsuite/mastodon
-        ghcr.io/mastodon/mastodon
-      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
-      labels: |
-        org.opencontainers.image.description=Nightly build image used for testing purposes
-      flavor: |
-        latest=auto
-      tags: |
-        type=raw,value=edge
-        type=raw,value=nightly
-        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
-    secrets: inherit
-
-  build-image-streaming:
-    needs: compute-suffix
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: streaming/Dockerfile
-      cache: false
-      push_to_images: |
-        tootsuite/mastodon-streaming
-        ghcr.io/mastodon/mastodon-streaming
-      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
-      labels: |
-        org.opencontainers.image.description=Nightly build image used for testing purposes
-      flavor: |
-        latest=auto
-      tags: |
-        type=raw,value=edge
-        type=raw,value=nightly
-        type=schedule,pattern=${{ needs.compute-suffix.outputs.prerelease }}
-    secrets: inherit
--- a/.github/workflows/build-push-pr.yml
+++ b/.github/workflows/build-push-pr.yml
@@ -1,58 +0,0 @@
-name: Build container image for PR
-on:
-  pull_request:
-    types: [labeled, synchronize, reopened, ready_for_review, opened]
-
-permissions:
-  contents: read
-  packages: write
-
-jobs:
-  compute-suffix:
-    runs-on: ubuntu-latest
-    # This is only allowed to run if:
-    # - the PR branch is in the `mastodon/mastodon` repository
-    # - the PR is not a draft
-    # - the PR has the "build-image" label
-    if: ${{ github.event.pull_request.head.repo.full_name == github.repository && !github.event.pull_request.draft && contains(github.event.pull_request.labels.*.name, 'build-image') }}
-    steps:
-      # Repository needs to be cloned so `git rev-parse` below works
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - id: version_vars
-        run: |
-          echo mastodon_version_metadata=pr-${{ github.event.pull_request.number }}-$(git rev-parse --short ${{github.event.pull_request.head.sha}}) >> $GITHUB_OUTPUT
-          echo mastodon_short_sha=$(git rev-parse --short ${{github.event.pull_request.head.sha}}) >> $GITHUB_OUTPUT
-    outputs:
-      metadata: ${{ steps.version_vars.outputs.mastodon_version_metadata }}
-      short_sha: ${{ steps.version_vars.outputs.mastodon_short_sha }}
-
-  build-image:
-    needs: compute-suffix
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: Dockerfile
-      push_to_images: |
-        ghcr.io/mastodon/mastodon
-      version_metadata: ${{ needs.compute-suffix.outputs.metadata }}
-      flavor: |
-        latest=auto
-      tags: |
-        type=ref,event=pr
-        type=ref,event=pr,suffix=-${{ needs.compute-suffix.outputs.short_sha }}
-    secrets: inherit
-
-  build-image-streaming:
-    needs: compute-suffix
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: streaming/Dockerfile
-      push_to_images: |
-        ghcr.io/mastodon/mastodon-streaming
-      version_metadata: ${{ needs.compute-suffix.outputs.metadata }}
-      flavor: |
-        latest=auto
-      tags: |
-        type=ref,event=pr
-        type=ref,event=pr,suffix=-${{ needs.compute-suffix.outputs.short_sha }}
-    secrets: inherit
--- a/.github/workflows/build-releases.yml
+++ b/.github/workflows/build-releases.yml
@@ -1,84 +0,0 @@
-name: Build container release images
-on:
-  push:
-    tags:
-      - '*'
-
-permissions:
-  contents: read
-  packages: write
-
-jobs:
-  check-latest-stable:
-    runs-on: ubuntu-latest
-    outputs:
-      latest: ${{ steps.check.outputs.is_latest_stable }}
-    steps:
-      # Repository needs to be cloned to list branches
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          fetch-depth: 0
-
-      - name: Check latest stable
-        shell: bash
-        id: check
-        run: |
-          ref="${GITHUB_REF#refs/tags/}"
-
-          if [[ "$ref" =~ ^v([0-9]+)\.([0-9]+)(\.[0-9]+)?$ ]]; then
-            current="${BASH_REMATCH[1]}.${BASH_REMATCH[2]}"
-          else
-            echo "tag $ref is not semver"
-            echo "is_latest_stable=false" >> "$GITHUB_OUTPUT"
-            exit 0
-          fi
-
-          latest=$(git for-each-ref --format='%(refname:short)' "refs/remotes/origin/stable-*.*" \
-            | sed -E 's#^origin/stable-##' \
-            | sort -Vr \
-            | head -n1)
-
-          if [[ "$current" == "$latest" ]]; then
-            echo "is_latest_stable=true" >> "$GITHUB_OUTPUT"
-          else
-            echo "is_latest_stable=false" >> "$GITHUB_OUTPUT"
-          fi
-
-  build-image:
-    needs: check-latest-stable
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: Dockerfile
-      push_to_images: |
-        tootsuite/mastodon
-        ghcr.io/mastodon/mastodon
-      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
-      cache: false
-      # Only tag with latest when ran against the latest stable branch
-      # This needs to be updated after each minor version release
-      flavor: |
-        latest=${{ needs.check-latest-stable.outputs.latest }}
-      tags: |
-        type=pep440,pattern={{raw}}
-        type=pep440,pattern=v{{major}}.{{minor}}
-    secrets: inherit
-
-  build-image-streaming:
-    needs: check-latest-stable
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: streaming/Dockerfile
-      push_to_images: |
-        tootsuite/mastodon-streaming
-        ghcr.io/mastodon/mastodon-streaming
-      # Do not use cache when building releases, so apt update is always ran and the release always contain the latest packages
-      cache: false
-      # Only tag with latest when ran against the latest stable branch
-      # This needs to be updated after each minor version release
-      flavor: |
-        latest=${{ needs.check-latest-stable.outputs.latest }}
-      tags: |
-        type=pep440,pattern={{raw}}
-        type=pep440,pattern=v{{major}}.{{minor}}
-    secrets: inherit
--- a/.github/workflows/build-security.yml
+++ b/.github/workflows/build-security.yml
@@ -1,59 +0,0 @@
-name: Build security nightly container image
-on:
-  workflow_dispatch:
-
-permissions:
-  contents: read
-  packages: write
-
-jobs:
-  compute-suffix:
-    runs-on: ubuntu-latest
-    steps:
-      - id: version_vars
-        env:
-          TZ: Etc/UTC
-        run: |
-          echo mastodon_version_prerelease=nightly.$(date --date='next day' +'%Y-%m-%d')-security>> $GITHUB_OUTPUT
-    outputs:
-      prerelease: ${{ steps.version_vars.outputs.mastodon_version_prerelease }}
-
-  build-image:
-    needs: compute-suffix
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: Dockerfile
-      cache: false
-      push_to_images: |
-        tootsuite/mastodon
-        ghcr.io/mastodon/mastodon
-      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
-      labels: |
-        org.opencontainers.image.description=Nightly build image used for testing purposes
-      flavor: |
-        latest=auto
-      tags: |
-        type=raw,value=edge
-        type=raw,value=nightly
-        type=raw,value=${{ needs.compute-suffix.outputs.prerelease }}
-    secrets: inherit
-
-  build-image-streaming:
-    needs: compute-suffix
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: streaming/Dockerfile
-      cache: false
-      push_to_images: |
-        tootsuite/mastodon-streaming
-        ghcr.io/mastodon/mastodon-streaming
-      version_prerelease: ${{ needs.compute-suffix.outputs.prerelease }}
-      labels: |
-        org.opencontainers.image.description=Nightly build image used for testing purposes
-      flavor: |
-        latest=auto
-      tags: |
-        type=raw,value=edge
-        type=raw,value=nightly
-        type=raw,value=${{ needs.compute-suffix.outputs.prerelease }}
-    secrets: inherit
--- a/.github/workflows/bundler-audit.yml
+++ b/.github/workflows/bundler-audit.yml
@@ -1,39 +0,0 @@
-name: Bundler Audit
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - 'Gemfile*'
-      - '.ruby-version'
-      - '.github/workflows/bundler-audit.yml'
-
-  pull_request:
-    paths:
-      - 'Gemfile*'
-      - '.ruby-version'
-      - '.github/workflows/bundler-audit.yml'
-
-  schedule:
-    - cron: '0 5 * * 1'
-
-jobs:
-  security:
-    runs-on: ubuntu-latest
-
-    env:
-      BUNDLE_ONLY: development
-
-    steps:
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Ruby
-        uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1
-        with:
-          bundler-cache: true
-
-      - name: Run bundler-audit
-        run: bin/bundler-audit check --update
--- a/.github/workflows/check-i18n.yml
+++ b/.github/workflows/check-i18n.yml
@@ -1,51 +0,0 @@
-name: Check i18n
-
-on:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-  pull_request:
-    branches:
-      - 'main'
-      - 'stable-*'
-
-env:
-  RAILS_ENV: test
-
-permissions:
-  contents: read
-
-jobs:
-  check-i18n:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: Check for missing strings in English JSON
-        run: |
-          yarn i18n:extract --throws
-          git diff --exit-code
-
-      - name: Check locale file normalization
-        run: bin/i18n-tasks check-normalized
-
-      - name: Check for unused strings
-        run: bin/i18n-tasks unused
-
-      - name: Check for missing strings in English YML
-        run: |
-          bin/i18n-tasks missing -t used -l en
-
-      - name: Check for wrong string interpolations
-        run: bin/i18n-tasks check-consistent-interpolations
-
-      - name: Check that all required locale files exist
-        run: bin/rake repo:check_locales_files
--- a/.github/workflows/chromatic.yml
+++ b/.github/workflows/chromatic.yml
@@ -1,62 +0,0 @@
-name: 'Chromatic'
-permissions:
-  contents: read
-
-on:
-  push:
-    branches-ignore:
-      - renovate/*
-      - stable-*
-
-jobs:
-  pathcheck:
-    name: Check for relevant changes
-    runs-on: ubuntu-latest
-    outputs:
-      changed: ${{ steps.filter.outputs.src }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          fetch-depth: 0
-
-      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
-        id: filter
-        with:
-          filters: |
-            src:
-              - 'package.json'
-              - 'yarn.lock'
-              - '**/*.js'
-              - '**/*.jsx'
-              - '**/*.ts'
-              - '**/*.tsx'
-              - '**/*.css'
-              - '**/*.scss'
-              - '.github/workflows/chromatic.yml'
-
-  chromatic:
-    name: Run Chromatic
-    runs-on: ubuntu-latest
-    needs: pathcheck
-    if: github.repository == 'mastodon/mastodon' && needs.pathcheck.outputs.changed == 'true'
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          fetch-depth: 0
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: Build Storybook
-        run: yarn build-storybook
-
-      - name: Run Chromatic
-        uses: chromaui/action@07791f8243f4cb2698bf4d00426baf4b2d1cb7e0 # v13
-        with:
-          projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
-          zip: true
-          storybookBuildDir: 'storybook-static'
-          exitOnceUploaded: true # Exit immediately after upload
-          autoAcceptChanges: 'main' # Auto-accept changes on main branch only
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -1,66 +0,0 @@
-name: 'CodeQL'
-
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-  pull_request:
-    branches:
-      - 'main'
-      - 'stable-*'
-  schedule:
-    - cron: '22 6 * * 1'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: ['actions', 'javascript', 'ruby']
-        # CodeQL supports [ 'actions', 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      # Initializes the CodeQL tools for scanning.
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4
-        with:
-          languages: ${{ matrix.language }}
-          # If you wish to specify custom queries, you can do so here or in a config file.
-          # By default, queries listed here will override any specified in a config file.
-          # Prefix the list here with "+" to use these queries and those in the config file.
-
-          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-          # queries: security-extended,security-and-quality
-
-      # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4
-
-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-
-      #   If the Autobuild fails above, remove it and uncomment the following three lines.
-      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
-
-      # - run: |
-      #   echo "Run, Build Application using script"
-      #   ./location_of_script_within_repo/buildscript.sh
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4
-        with:
-          category: '/language:${{matrix.language}}'
--- a/.github/workflows/crowdin-download-stable.yml
+++ b/.github/workflows/crowdin-download-stable.yml
@@ -1,69 +0,0 @@
-name: Crowdin / Download translations (stable branches)
-on:
-  workflow_dispatch:
-
-permissions:
-  contents: write
-  pull-requests: write
-
-jobs:
-  download-translations-stable:
-    runs-on: ubuntu-latest
-    if: github.repository == 'mastodon/mastodon'
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Increase Git http.postBuffer
-        # This is needed due to a bug in Ubuntu's cURL version?
-        # See https://github.com/orgs/community/discussions/55820
-        run: |
-          git config --global http.version HTTP/1.1
-          git config --global http.postBuffer 157286400
-
-      # Download the translation files from Crowdin
-      - name: crowdin action
-        uses: crowdin/github-action@b4b468cffefb50bdd99dd83e5d2eaeb63c880380 # v2
-        with:
-          upload_sources: false
-          upload_translations: false
-          download_translations: true
-          crowdin_branch_name: ${{ github.base_ref || github.ref_name }}
-          push_translations: false
-          create_pull_request: false
-        env:
-          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
-          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
-
-      # As the files are extracted from a Docker container, they belong to root:root
-      # We need to fix this before the next steps
-      - name: Fix file permissions
-        run: sudo chown -R runner:docker .
-
-      # This is needed to run the normalize step
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-
-      - name: Run i18n normalize task
-        run: bin/i18n-tasks normalize
-
-      # Create or update the pull request
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
-        with:
-          commit-message: 'New Crowdin translations'
-          title: 'New Crowdin Translations for ${{ github.base_ref || github.ref_name }} (automated)'
-          author: 'GitHub Actions <noreply@github.com>'
-          body: |
-            New Crowdin translations, automated with GitHub Actions
-
-            See `.github/workflows/crowdin-download.yml`
-
-            This PR will be updated every day with new translations.
-
-            Due to a limitation in GitHub Actions, checks are not running on this PR without manual action.
-            If you want to run the checks, then close and re-open it.
-          branch: i18n/crowdin/translations-${{ github.base_ref || github.ref_name }}
-          base: ${{ github.base_ref || github.ref_name }}
-          labels: i18n
--- a/.github/workflows/crowdin-download.yml
+++ b/.github/workflows/crowdin-download.yml
@@ -1,71 +0,0 @@
-name: Crowdin / Download translations
-on:
-  schedule:
-    - cron: '17 4 * * *' # Every day
-  workflow_dispatch:
-
-permissions:
-  contents: write
-  pull-requests: write
-
-jobs:
-  download-translations:
-    runs-on: ubuntu-latest
-    if: github.repository == 'mastodon/mastodon'
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Increase Git http.postBuffer
-        # This is needed due to a bug in Ubuntu's cURL version?
-        # See https://github.com/orgs/community/discussions/55820
-        run: |
-          git config --global http.version HTTP/1.1
-          git config --global http.postBuffer 157286400
-
-      # Download the translation files from Crowdin
-      - name: crowdin action
-        uses: crowdin/github-action@b4b468cffefb50bdd99dd83e5d2eaeb63c880380 # v2
-        with:
-          upload_sources: false
-          upload_translations: false
-          download_translations: true
-          crowdin_branch_name: main
-          push_translations: false
-          create_pull_request: false
-        env:
-          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
-          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
-
-      # As the files are extracted from a Docker container, they belong to root:root
-      # We need to fix this before the next steps
-      - name: Fix file permissions
-        run: sudo chown -R runner:docker .
-
-      # This is needed to run the normalize step
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-
-      - name: Run i18n normalize task
-        run: bin/i18n-tasks normalize
-
-      # Create or update the pull request
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
-        with:
-          commit-message: 'New Crowdin translations'
-          title: 'New Crowdin Translations (automated)'
-          author: 'GitHub Actions <noreply@github.com>'
-          body: |
-            New Crowdin translations, automated with GitHub Actions
-
-            See `.github/workflows/crowdin-download.yml`
-
-            This PR will be updated every day with new translations.
-
-            Due to a limitation in GitHub Actions, checks are not running on this PR without manual action.
-            If you want to run the checks, then close and re-open it.
-          branch: i18n/crowdin/translations
-          base: main
-          labels: i18n
--- a/.github/workflows/crowdin-upload.yml
+++ b/.github/workflows/crowdin-upload.yml
@@ -1,38 +0,0 @@
-name: Crowdin / Upload translations
-
-on:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - crowdin.yml
-      - app/javascript/mastodon/locales/en.json
-      - config/locales/en.yml
-      - config/locales/simple_form.en.yml
-      - config/locales/activerecord.en.yml
-      - config/locales/devise.en.yml
-      - config/locales/doorkeeper.en.yml
-      - .github/workflows/crowdin-upload.yml
-  workflow_dispatch:
-
-jobs:
-  upload-translations:
-    runs-on: ubuntu-latest
-    if: github.repository == 'mastodon/mastodon'
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: crowdin action
-        uses: crowdin/github-action@b4b468cffefb50bdd99dd83e5d2eaeb63c880380 # v2
-        with:
-          upload_sources: true
-          upload_translations: false
-          download_translations: false
-          crowdin_branch_name: ${{ github.base_ref || github.ref_name }}
-
-        env:
-          CROWDIN_PROJECT_ID: ${{ vars.CROWDIN_PROJECT_ID }}
-          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
--- a/.github/workflows/format-check.yml
+++ b/.github/workflows/format-check.yml
@@ -1,22 +0,0 @@
-name: Check formatting
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-  pull_request:
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: Check formatting
-        run: yarn format:check
--- a/.github/workflows/lint-css.yml
+++ b/.github/workflows/lint-css.yml
@@ -1,41 +0,0 @@
-name: CSS Linting
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - 'package.json'
-      - 'yarn.lock'
-      - '.nvmrc'
-      - 'stylelint.config.js'
-      - '**/*.css'
-      - '**/*.scss'
-      - '.github/workflows/lint-css.yml'
-      - '.github/stylelint-matcher.json'
-
-  pull_request:
-    paths:
-      - 'package.json'
-      - 'yarn.lock'
-      - '.nvmrc'
-      - 'stylelint.config.js'
-      - '**/*.css'
-      - '**/*.scss'
-      - '.github/workflows/lint-css.yml'
-      - '.github/stylelint-matcher.json'
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: Stylelint
-        run: yarn lint:css --custom-formatter @csstools/stylelint-formatter-github
--- a/.github/workflows/lint-haml.yml
+++ b/.github/workflows/lint-haml.yml
@@ -1,45 +0,0 @@
-name: Haml Linting
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - '.github/workflows/haml-lint-problem-matcher.json'
-      - '.github/workflows/lint-haml.yml'
-      - '.haml-lint*.yml'
-      - '.rubocop*.yml'
-      - '.ruby-version'
-      - '**/*.haml'
-      - 'Gemfile*'
-
-  pull_request:
-    paths:
-      - '.github/workflows/haml-lint-problem-matcher.json'
-      - '.github/workflows/lint-haml.yml'
-      - '.haml-lint*.yml'
-      - '.rubocop*.yml'
-      - '.ruby-version'
-      - '**/*.haml'
-      - 'Gemfile*'
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    env:
-      BUNDLE_ONLY: development
-
-    steps:
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Ruby
-        uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1
-        with:
-          bundler-cache: true
-
-      - name: Run haml-lint
-        run: |
-          bin/haml-lint --reporter github
--- a/.github/workflows/lint-js.yml
+++ b/.github/workflows/lint-js.yml
@@ -1,48 +0,0 @@
-name: JavaScript Linting
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - 'package.json'
-      - 'yarn.lock'
-      - 'tsconfig.json'
-      - '.nvmrc'
-      - 'eslint.config.mjs'
-      - '**/*.js'
-      - '**/*.jsx'
-      - '**/*.ts'
-      - '**/*.tsx'
-      - '.github/workflows/lint-js.yml'
-
-  pull_request:
-    paths:
-      - 'package.json'
-      - 'yarn.lock'
-      - 'tsconfig.json'
-      - '.nvmrc'
-      - 'eslint.config.mjs'
-      - '**/*.js'
-      - '**/*.jsx'
-      - '**/*.ts'
-      - '**/*.tsx'
-      - '.github/workflows/lint-js.yml'
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: ESLint
-        run: yarn workspaces foreach --all --parallel run lint:js --max-warnings 0
-
-      - name: Typecheck
-        run: yarn typecheck
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@@ -1,53 +0,0 @@
-name: Ruby Linting
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - 'Gemfile*'
-      - '.rubocop*.yml'
-      - '.ruby-version'
-      - 'bin/rubocop'
-      - 'config/brakeman.ignore'
-      - '**/*.rb'
-      - '**/*.rake'
-      - '.github/workflows/lint-ruby.yml'
-
-  pull_request:
-    paths:
-      - 'Gemfile*'
-      - '.rubocop*.yml'
-      - '.ruby-version'
-      - 'bin/rubocop'
-      - 'config/brakeman.ignore'
-      - '**/*.rb'
-      - '**/*.rake'
-      - '.github/workflows/lint-ruby.yml'
-
-jobs:
-  lint:
-    runs-on: ubuntu-latest
-
-    env:
-      BUNDLE_ONLY: development
-
-    steps:
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Ruby
-        uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1
-        with:
-          bundler-cache: true
-
-      - name: Set-up RuboCop Problem Matcher
-        uses: r7kamura/rubocop-problem-matchers-action@59f1a0759f50cc2649849fd850b8487594bb5a81 # v1.2.2
-
-      - name: Run rubocop
-        run: bin/rubocop
-
-      - name: Run brakeman
-        if: always() # Run both checks, even if the first failed
-        run: bin/brakeman
--- a/.github/workflows/rebase-needed.yml
+++ b/.github/workflows/rebase-needed.yml
@@ -1,28 +0,0 @@
-name: PR Needs Rebase
-
-on:
-  schedule:
-    - cron: '0 * * * *'
-
-permissions:
-  pull-requests: write
-
-jobs:
-  label-rebase-needed:
-    runs-on: ubuntu-latest
-    if: github.repository == 'mastodon/mastodon'
-
-    concurrency:
-      group: ${{ github.workflow }}-${{ github.ref }}
-      cancel-in-progress: true
-
-    steps:
-      - name: Check for merge conflicts
-        uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3
-        with:
-          dirtyLabel: 'rebase needed :construction:'
-          repoToken: '${{ secrets.GITHUB_TOKEN }}'
-          commentOnClean: This pull request has resolved merge conflicts and is ready for review.
-          commentOnDirty: This pull request has merge conflicts that must be resolved before it can be merged.
-          retryMax: 30
-          continueOnMissingPermissions: false
--- a/.github/workflows/test-image-build.yml
+++ b/.github/workflows/test-image-build.yml
@@ -1,34 +0,0 @@
-name: Test container image build
-on:
-  pull_request:
-    paths:
-      - .github/workflows/build-nightly.yml
-      - .github/workflows/build-push-pr.yml
-      - .github/workflows/build-releases.yml
-      - .github/workflows/test-image-build.yml
-      - Dockerfile
-      - streaming/Dockerfile
-      - .dockerignore
-permissions:
-  contents: read
-
-jobs:
-  build-image:
-    concurrency:
-      group: ${{ github.workflow }}-${{ github.ref }}
-      cancel-in-progress: true
-
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: Dockerfile
-      cache: true
-
-  build-image-streaming:
-    concurrency:
-      group: ${{ github.workflow }}-${{ github.ref }}-streaming
-      cancel-in-progress: true
-
-    uses: ./.github/workflows/build-container-image.yml
-    with:
-      file_to_build: streaming/Dockerfile
-      cache: true
--- a/.github/workflows/test-js.yml
+++ b/.github/workflows/test-js.yml
@@ -1,43 +0,0 @@
-name: JavaScript Testing
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - 'package.json'
-      - 'yarn.lock'
-      - '.nvmrc'
-      - '**/*.js'
-      - '**/*.jsx'
-      - '**/*.ts'
-      - '**/*.tsx'
-      - '**/*.snap'
-      - '.github/workflows/test-js.yml'
-
-  pull_request:
-    paths:
-      - 'package.json'
-      - 'yarn.lock'
-      - '.nvmrc'
-      - '**/*.js'
-      - '**/*.jsx'
-      - '**/*.ts'
-      - '**/*.tsx'
-      - '**/*.snap'
-      - '.github/workflows/test-js.yml'
-
-jobs:
-  test:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Clone repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: JavaScript testing
-        run: yarn test:js
--- a/.github/workflows/test-migrations.yml
+++ b/.github/workflows/test-migrations.yml
@@ -1,112 +0,0 @@
-name: Historical data migration test
-
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-    paths:
-      - 'Gemfile*'
-      - '.ruby-version'
-      - '**/*.rb'
-      - '.github/workflows/test-migrations.yml'
-      - 'lib/tasks/tests.rake'
-      - 'lib/tasks/db.rake'
-
-  pull_request:
-    paths:
-      - 'Gemfile*'
-      - '.ruby-version'
-      - '**/*.rb'
-      - '.github/workflows/test-migrations.yml'
-      - 'lib/tasks/tests.rake'
-
-jobs:
-  test:
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: false
-
-      matrix:
-        postgres:
-          - 14-alpine
-          - 15-alpine
-          - 16-alpine
-          - 17-alpine
-
-    services:
-      postgres:
-        image: postgres:${{ matrix.postgres}}
-        env:
-          POSTGRES_PASSWORD: postgres
-          POSTGRES_USER: postgres
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 5432:5432
-
-      redis:
-        image: redis:7-alpine
-        options: >-
-          --health-cmd "redis-cli ping"
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 6379:6379
-
-    env:
-      DB_HOST: localhost
-      DB_USER: postgres
-      DB_PASS: postgres
-      RAILS_ENV: test
-      BUNDLE_CLEAN: true
-      BUNDLE_FROZEN: true
-      BUNDLE_WITHOUT: 'development:production'
-      BUNDLE_JOBS: 3
-      BUNDLE_RETRY: 3
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-
-      - name: Ensure no errors with `db:prepare`
-        run: |
-          bin/rails db:drop
-          bin/rails db:prepare
-          bin/rails db:migrate
-
-      - name: Ensure no errors with `db:prepare` and SKIP_POST_DEPLOYMENT_MIGRATIONS
-        run: |
-          bin/rails db:drop
-          SKIP_POST_DEPLOYMENT_MIGRATIONS=true bin/rails db:prepare
-          bin/rails db:migrate
-
-      - name: Test "one step migration" flow
-        run: |
-          bin/rails db:drop
-          bin/rails db:create
-          bin/rails tests:migrations:prepare_database
-          bin/rails db:migrate
-          bin/rails tests:migrations:check_database
-
-      - name: Test "two step migration" flow
-        run: |
-          bin/rails db:drop
-          bin/rails db:create
-          SKIP_POST_DEPLOYMENT_MIGRATIONS=true bin/rails tests:migrations:prepare_database
-
-          # Migrate up to v4.2.0 breakpoint
-          bin/rails db:migrate VERSION=20230907150100
-
-          # Migrate the rest
-          SKIP_POST_DEPLOYMENT_MIGRATIONS=true bin/rails db:migrate
-          bin/rails db:migrate
-          bin/rails tests:migrations:check_database
--- a/.github/workflows/test-ruby.yml
+++ b/.github/workflows/test-ruby.yml
@@ -1,396 +0,0 @@
-name: Ruby Testing
-
-on:
-  merge_group:
-  push:
-    branches:
-      - 'main'
-      - 'stable-*'
-  pull_request:
-
-env:
-  BUNDLE_CLEAN: true
-  BUNDLE_FROZEN: true
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    strategy:
-      fail-fast: true
-      matrix:
-        mode:
-          - production
-          - test
-    env:
-      RAILS_ENV: ${{ matrix.mode }}
-      BUNDLE_WITH: ${{ matrix.mode }}
-      SECRET_KEY_BASE_DUMMY: 1
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-        with:
-          onlyProduction: 'true'
-
-      - name: Cache assets from compilation
-        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5
-        with:
-          path: |
-            public/assets
-            public/packs
-            public/packs-test
-            tmp/cache/vite
-          key: ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
-          restore-keys: |
-            ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
-            ${{ matrix.mode }}-assets-${{ github.head_ref || github.ref_name }}
-            ${{ matrix.mode }}-assets-main
-            ${{ matrix.mode }}-assets
-
-      - name: Precompile assets
-        run: |-
-          bin/rails assets:precompile
-
-      - name: Archive asset artifacts
-        run: |
-          tar --exclude={"*.br","*.gz"} -zcf artifacts.tar.gz public/assets public/packs* tmp/cache/vite/last-build*.json
-
-      - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
-        if: matrix.mode == 'test'
-        with:
-          path: |-
-            ./artifacts.tar.gz
-          name: ${{ github.sha }}
-          retention-days: 0
-
-  test:
-    runs-on: ubuntu-latest
-
-    needs:
-      - build
-
-    services:
-      postgres:
-        image: postgres:14-alpine
-        env:
-          POSTGRES_PASSWORD: postgres
-          POSTGRES_USER: postgres
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 5432:5432
-
-      redis:
-        image: redis:7-alpine
-        options: >-
-          --health-cmd "redis-cli ping"
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 6379:6379
-
-    env:
-      DB_HOST: localhost
-      DB_USER: postgres
-      DB_PASS: postgres
-      COVERAGE: ${{ matrix.ruby-version == '.ruby-version' }}
-      RAILS_ENV: test
-      ALLOW_NOPAM: true
-      PAM_ENABLED: true
-      PAM_DEFAULT_SERVICE: pam_test
-      PAM_CONTROLLED_SERVICE: pam_test_controlled
-      OIDC_ENABLED: true
-      OIDC_SCOPE: read
-      SAML_ENABLED: true
-      CAS_ENABLED: true
-      BUNDLE_WITH: 'pam_authentication test'
-      GITHUB_RSPEC: ${{ matrix.ruby-version == '.ruby-version' && github.event.pull_request && 'true' }}
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby-version:
-          - '3.2'
-          - '3.3'
-          - '.ruby-version'
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
-        with:
-          path: './'
-          name: ${{ github.sha }}
-
-      - name: Expand archived asset artifacts
-        run: |
-          tar xvzf artifacts.tar.gz
-
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-        with:
-          ruby-version: ${{ matrix.ruby-version}}
-          additional-system-dependencies: ffmpeg libpam-dev
-
-      - name: Load database schema
-        run: |
-          bin/rails db:setup
-          bin/flatware fan bin/rails db:test:prepare
-
-      - name: Cache RSpec persistence file
-        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5
-        with:
-          path: |
-            tmp/rspec/examples.txt
-          key: rspec-persistence-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
-          restore-keys: |
-            rspec-persistence-${{ github.head_ref || github.ref_name }}-${{ github.sha }}-${{ matrix.ruby-version }}
-            rspec-persistence-${{ github.head_ref || github.ref_name }}-${{ github.sha }}
-            rspec-persistence-${{ github.head_ref || github.ref_name }}
-            rspec-persistence-main
-            rspec-persistence
-
-      - run: bin/flatware rspec -r ./spec/flatware_helper.rb
-
-      - name: Upload coverage reports to Codecov
-        if: matrix.ruby-version == '.ruby-version'
-        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5
-        with:
-          files: coverage/lcov/*.lcov
-        env:
-          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
-
-  test-e2e:
-    name: End to End testing
-    runs-on: ubuntu-latest
-
-    needs:
-      - build
-
-    services:
-      postgres:
-        image: postgres:14-alpine
-        env:
-          POSTGRES_PASSWORD: postgres
-          POSTGRES_USER: postgres
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 5432:5432
-
-      redis:
-        image: redis:7-alpine
-        options: >-
-          --health-cmd "redis-cli ping"
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 6379:6379
-
-    env:
-      DB_HOST: localhost
-      DB_USER: postgres
-      DB_PASS: postgres
-      RAILS_ENV: test
-      BUNDLE_WITH: test
-      LOCAL_DOMAIN: localhost:3000
-      LOCAL_HTTPS: false
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby-version:
-          - '3.2'
-          - '3.3'
-          - '.ruby-version'
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
-        with:
-          path: './'
-          name: ${{ github.sha }}
-
-      - name: Expand archived asset artifacts
-        run: |
-          tar xvzf artifacts.tar.gz
-
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-        with:
-          ruby-version: ${{ matrix.ruby-version}}
-          additional-system-dependencies: ffmpeg
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: Load database schema
-        run: './bin/rails db:create db:schema:load db:seed'
-
-      - name: Cache Playwright Chromium browser
-        id: playwright-cache
-        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5
-        with:
-          path: ~/.cache/ms-playwright
-          key: playwright-browsers-${{ runner.os }}-${{ hashFiles('yarn.lock') }}
-
-      - name: Install Playwright Chromium browser (with deps)
-        if: steps.playwright-cache.outputs.cache-hit != 'true'
-        run: yarn run playwright install --with-deps chromium
-
-      - name: Install Playwright Chromium browser deps
-        if: steps.playwright-cache.outputs.cache-hit == 'true'
-        run: yarn run playwright install-deps chromium
-
-      - run: bin/rspec spec/system --tag streaming --tag js
-
-      - name: Archive logs
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
-        if: failure()
-        with:
-          name: e2e-logs-${{ matrix.ruby-version }}
-          path: log/
-
-      - name: Archive test screenshots
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
-        if: failure()
-        with:
-          name: e2e-screenshots-${{ matrix.ruby-version }}
-          path: tmp/capybara/
-
-  test-search:
-    name: Elastic Search integration testing
-    runs-on: ubuntu-latest
-
-    needs:
-      - build
-
-    services:
-      postgres:
-        image: postgres:14-alpine
-        env:
-          POSTGRES_PASSWORD: postgres
-          POSTGRES_USER: postgres
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 5432:5432
-
-      redis:
-        image: redis:7-alpine
-        options: >-
-          --health-cmd "redis-cli ping"
-          --health-interval 10ms
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 6379:6379
-
-      elasticsearch:
-        image: ${{ contains(matrix.search-image, 'elasticsearch') && matrix.search-image || '' }}
-        env:
-          discovery.type: single-node
-          xpack.security.enabled: false
-        options: >-
-          --health-cmd "curl http://localhost:9200/_cluster/health"
-          --health-interval 2s
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 9200:9200
-
-      opensearch:
-        image: ${{ contains(matrix.search-image, 'opensearch') && matrix.search-image || '' }}
-        env:
-          discovery.type: single-node
-          DISABLE_INSTALL_DEMO_CONFIG: true
-          DISABLE_SECURITY_PLUGIN: true
-        options: >-
-          --health-cmd "curl http://localhost:9200/_cluster/health"
-          --health-interval 2s
-          --health-timeout 3s
-          --health-retries 50
-        ports:
-          - 9200:9200
-
-    env:
-      DB_HOST: localhost
-      DB_USER: postgres
-      DB_PASS: postgres
-      RAILS_ENV: test
-      BUNDLE_WITH: test
-      ES_ENABLED: true
-      ES_HOST: localhost
-      ES_PORT: 9200
-
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby-version:
-          - '3.2'
-          - '3.3'
-          - '.ruby-version'
-        search-image:
-          - docker.elastic.co/elasticsearch/elasticsearch:7.17.29
-        include:
-          - ruby-version: '.ruby-version'
-            search-image: docker.elastic.co/elasticsearch/elasticsearch:8.19.2
-          - ruby-version: '.ruby-version'
-            search-image: opensearchproject/opensearch:2
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-
-      - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
-        with:
-          path: './'
-          name: ${{ github.sha }}
-
-      - name: Set up Ruby environment
-        uses: ./.github/actions/setup-ruby
-        with:
-          ruby-version: ${{ matrix.ruby-version}}
-          additional-system-dependencies: ffmpeg
-
-      - name: Set up Javascript environment
-        uses: ./.github/actions/setup-javascript
-
-      - name: Load database schema
-        run: './bin/rails db:create db:schema:load db:seed'
-
-      - run: bin/rspec --tag search
-
-      - name: Archive logs
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
-        if: failure()
-        with:
-          name: test-search-logs-${{ matrix.ruby-version }}
-          path: log/
-
-      - name: Archive test screenshots
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
-        if: failure()
-        with:
-          name: test-search-screenshots
-          path: tmp/capybara/
--- a/.gitignore
+++ b/.gitignore
@@ -13,34 +13,33 @@
 /db/*.sqlite3-journal

 # Ignore all logfiles and tempfiles.
-.eslintcache
 /log/*
 !/log/.keep
 /tmp
-/coverage
-/public/system
-/public/assets
-/public/packs
-/public/packs-dev
-/public/packs-test
-stats.html
+coverage
+public/system
+public/assets
+public/packs
+public/packs-test
 .env
 .env.production
 node_modules/
-/build/
+build/

 # Ignore Vagrant files
 .vagrant/

+# Ignore Capistrano customizations
+config/deploy/*
+
 # Ignore IDE files
 .vscode/
 .idea/

 # Ignore postgres + redis + elasticsearch volume optionally created by docker-compose
-/postgres
-/postgres14
-/redis
-/elasticsearch
+postgres
+redis
+elasticsearch

 # Ignore Apple files
 .DS_Store
@@ -56,26 +55,6 @@ npm-debug.log
 yarn-error.log
 yarn-debug.log

-# From https://yarnpkg.com/getting-started/qa#which-files-should-be-gitignored
-.pnp.*
-.yarn/*
-!.yarn/patches
-!.yarn/plugins
-!.yarn/releases
-!.yarn/sdks
-!.yarn/versions
-
-# Ignore vagrant log files
-*-cloudimg-console.log
-
 # Ignore Docker option files
 docker-compose.override.yml

-# Ignore dotenv .local files
-.env*.local
-
-# Ignore local-only rspec configuration
-.rspec-local
-
-*storybook.log
-storybook-static
--- a/.yarn/.gitkeep
+++ b/.yarn/.gitkeep
--- a/.haml-lint.yml
+++ b/.haml-lint.yml
@@ -1,15 +1,108 @@
+# Whether to ignore frontmatter at the beginning of HAML documents for
+# frameworks such as Jekyll/Middleman
+skip_frontmatter: false
+
 exclude:
  - 'vendor/**/*'
-
-require:
-  - ./lib/linter/haml_middle_dot.rb
+  - 'spec/**/*'
+  - 'lib/templates/**/*'
+  - 'app/views/kaminari/**/*'

 linters:
  AltText:
+    enabled: false
+
+  ClassAttributeWithStaticValue:
    enabled: true
-  MiddleDot:
+
+  ClassesBeforeIds:
    enabled: true
+
+  ConsecutiveComments:
+    enabled: true
+
+  ConsecutiveSilentScripts:
+    enabled: true
+    max_consecutive: 2
+
+  EmptyObjectReference:
+    enabled: true
+
+  EmptyScript:
+    enabled: true
+
+  FinalNewline:
+    enabled: true
+    present: true
+
+  HtmlAttributes:
+    enabled: true
+
+  ImplicitDiv:
+    enabled: true
+
+  LeadingCommentSpace:
+    enabled: true
+
  LineLength:
-    max: 240 # Override default value of 80 inherited from rubocop
-  ViewLength:
-    max: 200 # Override default value of 100 inherited from rubocop
+    enabled: false
+    max: 80
+
+  MultilinePipe:
+    enabled: true
+
+  MultilineScript:
+    enabled: true
+
+  ObjectReferenceAttributes:
+    enabled: true
+
+  RuboCop:
+    enabled: true
+    # These cops are incredibly noisy when it comes to HAML templates, so we
+    # ignore them.
+    ignored_cops:
+      - Lint/BlockAlignment
+      - Lint/EndAlignment
+      - Lint/Void
+      - Metrics/BlockLength
+      - Metrics/LineLength
+      - Style/AlignParameters
+      - Style/BlockNesting
+      - Style/ElseAlignment
+      - Style/EndOfLine
+      - Style/FileName
+      - Style/FinalNewline
+      - Style/FrozenStringLiteralComment
+      - Style/IfUnlessModifier
+      - Style/IndentationWidth
+      - Style/Next
+      - Style/TrailingBlankLines
+      - Style/TrailingWhitespace
+      - Style/WhileUntilModifier
+
+  RubyComments:
+    enabled: true
+
+  SpaceBeforeScript:
+    enabled: true
+
+  SpaceInsideHashAttributes:
+    enabled: true
+    style: space
+
+  Indentation:
+    enabled: true
+    character: space # or tab
+
+  TagName:
+    enabled: true
+
+  TrailingWhitespace:
+    enabled: true
+
+  UnnecessaryInterpolation:
+    enabled: true
+
+  UnnecessaryStringOutput:
+    enabled: true
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@@ -1 +0,0 @@
-yarn lint-staged
--- a/.nanoignore
+++ b/.nanoignore
@@ -0,0 +1,19 @@
+.DS_Store
+.git/
+.gitignore
+
+.bundle/
+.cache/
+config/deploy/*
+coverage
+docs/
+.env
+log/*.log
+neo4j/
+node_modules/
+public/assets/
+public/system/
+spec/
+tmp/
+.vagrant/
+vendor/bundle/
--- a/.nvmrc
+++ b/.nvmrc
@@ -1 +1 @@
-24.14
+6
--- a/.oxfmtrc.json
+++ b/.oxfmtrc.json
@@ -1,92 +0,0 @@
-{
-  "$schema": "./node_modules/oxfmt/configuration_schema.json",
-  "singleQuote": true,
-  "jsxSingleQuote": true,
-  "printWidth": 80,
-  "ignorePatterns": [
-    "/tmp",
-    "/coverage",
-    "/public/assets",
-    "/public/emoji",
-    "/public/packs",
-    "/public/packs-test",
-    "/public/system",
-    "/public/vite*",
-
-    "*.html",
-    "docker-compose.override.yml",
-
-    // Ignore config YAML files that include ERB/ruby code
-    "config/email.yml",
-
-    // Vendored CSS
-    "app/javascript/styles/mastodon/reset.scss",
-
-    // Automatically generated
-    "/app/javascript/mastodon/features/emoji/emoji_map.json",
-    "/app/javascript/mastodon/features/emoji/emoji_data.json",
-    "AUTHORS.md",
-    "/app/javascript/mastodon/locales/*.json",
-    "/config/locales",
-    ".storybook/static/mockServiceWorker.js",
-
-    // do not reformat JS files as this will change too many files and cause merge conflicts with open PRs and forks
-    "app/javascript/**/*.js",
-    "app/javascript/**/*.jsx",
-    "streaming/**/*.js"
-  ],
-  "experimentalSortPackageJson": false,
-  "experimentalSortImports": {
-    "groups": [
-      ["builtin"],
-      ["react"],
-      ["react-intl"],
-      ["react-utils"],
-      ["redux"],
-      ["external", "type-external"],
-      ["internal", "type-internal"],
-      ["mastodon-internals"],
-      ["parent", "type-parent"],
-      ["sibling", "type-sibling", "index", "type-index"],
-      ["side_effect"]
-    ],
-    "customGroups": [
-      {
-        "groupName": "react",
-        "elementNamePattern": [
-          "react",
-          "react-dom",
-          "react-dom/client",
-          "prop-types"
-        ]
-      },
-      {
-        "groupName": "react-intl",
-        "elementNamePattern": ["react-intl", "intl-messageformat"]
-      },
-      {
-        "groupName": "react-utils",
-        "elementNamePattern": [
-          "classnames",
-          "react-helmet",
-          "react-router",
-          "react-router-dom"
-        ]
-      },
-      {
-        "groupName": "redux",
-        "elementNamePattern": [
-          "immutable",
-          "@reduxjs/toolkit",
-          "react-redux",
-          "react-immutable-proptypes",
-          "react-immutable-pure-component"
-        ]
-      },
-      {
-        "groupName": "mastodon-internals",
-        "elementNamePattern": ["mastodon/**", "@/**"]
-      }
-    ]
-  }
-}
--- a/.postcssrc.yml
+++ b/.postcssrc.yml
@@ -0,0 +1,9 @@
+plugins:
+  postcss-smart-import: {}
+  precss: {}
+  autoprefixer:
+    browsers:
+      - last 2 versions
+      - IE >= 11
+      - iOS >= 9
+  postcss-object-fit-images: {}
--- a/.profile
+++ b/.profile
@@ -0,0 +1 @@
+LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio
--- a/.rspec
+++ b/.rspec
@@ -1,2 +1,3 @@
 --color
 --require spec_helper
+--format Fuubar
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -1,36 +1,111 @@
---
 AllCops:
-  CacheRootDirectory: tmp
-  DisplayStyleGuide: true
+  TargetRubyVersion: 2.3
  Exclude:
-    - Vagrantfile
-    - config/initializers/json_ld*
-    - lib/mastodon/migration_helpers.rb
-  ExtraDetails: true
-  NewCops: enable
-  TargetRubyVersion: 3.2 # Oldest supported ruby version
+  - 'spec/**/*'
+  - 'db/**/*'
+  - 'app/views/**/*'
+  - 'config/**/*'
+  - 'bin/*'
+  - 'Rakefile'
+  - 'node_modules/**/*'
+  - 'Vagrantfile'
+  - 'vendor/**/*'
+  - 'lib/json_ld/*'

-inherit_from:
-  - .rubocop/layout.yml
-  - .rubocop/metrics.yml
-  - .rubocop/naming.yml
-  - .rubocop/rails.yml
-  - .rubocop/rspec_rails.yml
-  - .rubocop/rspec.yml
-  - .rubocop/style.yml
-  - .rubocop/i18n.yml
-  - .rubocop/custom.yml
-  - .rubocop_todo.yml
-  - .rubocop/strict.yml
+Bundler/OrderedGems:
+  Enabled: false

-inherit_mode:
-  merge:
-    - Exclude
+Layout/AccessModifierIndentation:
+  EnforcedStyle: indent

-plugins:
-  - rubocop-capybara
-  - rubocop-i18n
-  - rubocop-performance
-  - rubocop-rails
-  - rubocop-rspec
-  - rubocop-rspec_rails
+Layout/EmptyLineAfterMagicComment:
+  Enabled: false
+
+Layout/SpaceInsideHashLiteralBraces:
+  EnforcedStyle: space
+
+Metrics/AbcSize:
+  Max: 100
+
+Metrics/BlockLength:
+  Max: 35
+  Exclude:
+    - 'lib/tasks/**/*'
+
+Metrics/BlockNesting:
+  Max: 3
+
+Metrics/ClassLength:
+  CountComments: false
+  Max: 300
+
+Metrics/CyclomaticComplexity:
+  Max: 25
+
+Metrics/LineLength:
+  AllowURI: true
+  Enabled: false
+
+Metrics/MethodLength:
+  CountComments: false
+  Max: 55
+
+Metrics/ModuleLength:
+  CountComments: false
+  Max: 200
+
+Metrics/ParameterLists:
+  Max: 5
+  CountKeywordArgs: true
+
+Metrics/PerceivedComplexity:
+  Max: 20
+
+Rails:
+  Enabled: true
+
+Rails/HasAndBelongsToMany:
+  Enabled: false
+
+Rails/SkipsModelValidations:
+  Enabled: false
+
+Style/ClassAndModuleChildren:
+  Enabled: false
+
+Style/CollectionMethods:
+  Enabled: true
+  PreferredMethods:
+    find_all: 'select'
+
+Style/Documentation:
+  Enabled: false
+
+Style/DoubleNegation:
+  Enabled: true
+
+Style/FrozenStringLiteralComment:
+  Enabled: true
+
+Style/GuardClause:
+  Enabled: false
+
+Style/Lambda:
+  Enabled: false
+
+Style/PercentLiteralDelimiters:
+  PreferredDelimiters:
+    '%i': '()'
+    '%w': '()'
+
+Style/PerlBackrefs:
+  AutoCorrect: false
+
+Style/RegexpLiteral:
+  Enabled: false
+
+Style/SymbolArray:
+  Enabled: false
+
+Style/TrailingCommaInLiteral:
+  EnforcedStyleForMultiline: 'comma'
--- a/.rubocop/custom.yml
+++ b/.rubocop/custom.yml
@@ -1,6 +0,0 @@
---
-require:
-  - ../lib/linter/rubocop_middle_dot
-
-Style/MiddleDot:
-  Enabled: true
--- a/.rubocop/i18n.yml
+++ b/.rubocop/i18n.yml
@@ -1,12 +0,0 @@
-I18n/RailsI18n:
-  Enabled: true
-  Exclude:
-    - 'config/**/*'
-    - 'db/**/*'
-    - 'lib/**/*'
-    - 'spec/**/*'
-I18n/GetText:
-  Enabled: false
-
-I18n/RailsI18n/DecorateStringFormattingUsingInterpolation:
-  Enabled: false
--- a/.rubocop/layout.yml
+++ b/.rubocop/layout.yml
@@ -1,9 +0,0 @@
---
-Layout/FirstHashElementIndentation:
-  EnforcedStyle: consistent
-
-Layout/LineLength:
-  Max: 300 # Default of 120 causes a duplicate entry in generated todo file
-
-Layout/MultilineMethodCallIndentation:
-  EnforcedStyle: indented
--- a/.rubocop/metrics.yml
+++ b/.rubocop/metrics.yml
@@ -1,30 +0,0 @@
---
-Metrics/AbcSize:
-  Enabled: false
-
-Metrics/BlockLength:
-  Enabled: false
-
-Metrics/BlockNesting:
-  Enabled: false
-
-Metrics/ClassLength:
-  Enabled: false
-
-Metrics/CollectionLiteralLength:
-  Enabled: false
-
-Metrics/CyclomaticComplexity:
-  Enabled: false
-
-Metrics/MethodLength:
-  Enabled: false
-
-Metrics/ModuleLength:
-  Enabled: false
-
-Metrics/ParameterLists:
-  Enabled: false
-
-Metrics/PerceivedComplexity:
-  Enabled: false
--- a/.rubocop/naming.yml
+++ b/.rubocop/naming.yml
@@ -1,6 +0,0 @@
---
-Naming/BlockForwarding:
-  EnforcedStyle: explicit
-
-Naming/PredicateMethod:
-  Enabled: false
--- a/.rubocop/rails.yml
+++ b/.rubocop/rails.yml
@@ -1,26 +0,0 @@
---
-Rails/BulkChangeTable:
-  Enabled: false # Conflicts with strong_migrations features
-
-Rails/Delegate:
-  Enabled: false
-
-Rails/FilePath:
-  EnforcedStyle: arguments
-
-Rails/HttpStatus:
-  EnforcedStyle: numeric
-
-Rails/NegateInclude:
-  Enabled: false
-
-Rails/RakeEnvironment:
-  Exclude: # Tasks are doing local work which do not need full env loaded
-    - lib/tasks/auto_annotate_models.rake
-    - lib/tasks/emojis.rake
-    - lib/tasks/mastodon.rake
-    - lib/tasks/repo.rake
-    - lib/tasks/statistics.rake
-
-Rails/SkipsModelValidations:
-  Enabled: false
--- a/.rubocop/rspec.yml
+++ b/.rubocop/rspec.yml
@@ -1,28 +0,0 @@
---
-RSpec/ExampleLength:
-  CountAsOne: ['array', 'heredoc', 'method_call']
-  Max: 20 # Override default of 5
-
-RSpec/MultipleExpectations:
-  Max: 10 # Overrides default of 1
-
-RSpec/MultipleMemoizedHelpers:
-  Max: 20 # Overrides default of 5
-
-RSpec/NamedSubject:
-  EnforcedStyle: named_only
-
-RSpec/NestedGroups:
-  Max: 10 # Overrides default of 3
-
-RSpec/NotToNot:
-  EnforcedStyle: to_not
-
-RSpec/SpecFilePathFormat:
-  CustomTransform:
-    ActivityPub: activitypub
-    DeepL: deepl
-    FetchOEmbedService: fetch_oembed_service
-    OAuth: oauth
-    OEmbedController: oembed_controller
-    OStatus: ostatus
--- a/.rubocop/rspec_rails.yml
+++ b/.rubocop/rspec_rails.yml
@@ -1,3 +0,0 @@
---
-RSpecRails/HttpStatus:
-  EnforcedStyle: numeric
--- a/.rubocop/strict.yml
+++ b/.rubocop/strict.yml
@@ -1,24 +0,0 @@
-Lint/Debugger: # Remove any `binding.pry`
-  Enabled: true
-  Exclude: []
-
-RSpec/Focus: # Require full spec run on CI
-  Enabled: true
-  Exclude: []
-
-Rails/Output: # Remove any `puts` debugging
-  inherit_mode:
-    merge:
-      - Include
-  Enabled: true
-  Exclude: []
-  Include:
-    - spec/**/*.rb
-
-Rails/FindEach: # Using `each` could impact performance, use `find_each`
-  Enabled: true
-  Exclude: []
-
-Rails/UniqBeforePluck: # Require `uniq.pluck` and not `pluck.uniq`
-  Enabled: true
-  Exclude: []
--- a/.rubocop/style.yml
+++ b/.rubocop/style.yml
@@ -1,63 +0,0 @@
---
-Style/ArrayIntersect:
-  Enabled: false
-
-Style/ClassAndModuleChildren:
-  Enabled: false
-
-Style/Documentation:
-  Enabled: false
-
-Style/FormatStringToken:
-  AllowedMethods:
-    - redirect_with_vary # Route redirects are not token-formatted
-  inherit_mode:
-    merge:
-      - AllowedMethods
-
-Style/HashAsLastArrayItem:
-  Enabled: false
-
-Style/HashSyntax:
-  EnforcedShorthandSyntax: either
-  EnforcedStyle: ruby19_no_mixed_keys
-
-Style/IfUnlessModifier:
-  Exclude:
-    - '**/*.haml'
-
-Style/KeywordArgumentsMerging:
-  Enabled: false
-
-Style/NumericLiterals:
-  AllowedPatterns:
-    - \d{4}_\d{2}_\d{2}_\d{6}
-
-Style/PercentLiteralDelimiters:
-  PreferredDelimiters:
-    '%i': ()
-    '%w': ()
-
-Style/RedundantBegin:
-  Enabled: false
-
-Style/RedundantFetchBlock:
-  Enabled: false
-
-Style/RescueStandardError:
-  EnforcedStyle: implicit
-
-Style/SafeNavigationChainLength:
-  Enabled: false
-
-Style/SymbolArray:
-  Enabled: false
-
-Style/TrailingCommaInArrayLiteral:
-  EnforcedStyleForMultiline: comma
-
-Style/TrailingCommaInHashLiteral:
-  EnforcedStyleForMultiline: comma
-
-Style/WordArray:
-  MinSize: 3 # Override default of 2
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -1,18 +0,0 @@
-# This configuration was generated by
-# `rubocop --auto-gen-config --auto-gen-only-exclude --no-offense-counts --no-auto-gen-timestamp`
-# using RuboCop version 1.80.2.
-# The point is for the user to remove these configuration records
-# one by one as the offenses are removed from the code base.
-# Note that changes in the inspected code, or installation of new
-# versions of RuboCop, may require this file to be generated again.
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowedVars, DefaultToNil.
-Style/FetchEnvVar:
-  Exclude:
-    - 'config/initializers/paperclip.rb'
-
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: MinBodyLength, AllowConsecutiveConditionals.
-Style/GuardClause:
-  Enabled: false
--- a/.ruby-gemset
+++ b/.ruby-gemset
@@ -1 +0,0 @@
-mastodon
--- a/.ruby-version
+++ b/.ruby-version
@@ -1 +1 @@
-3.4.8
+2.5.1
--- a/.scss-lint.yml
+++ b/.scss-lint.yml
@@ -0,0 +1,264 @@
+# Linter Documentation:
+# https://github.com/brigade/scss-lint/blob/v0.42.2/lib/scss_lint/linter/README.md
+
+scss_files: 'app/javascript/styles/**/*.scss'
+
+exclude:
+  - app/javascript/styles/reset.scss
+
+linters:
+  # Reports when you use improper spacing around ! (the "bang") in !default,
+  # !global, !important, and !optional flags.
+  BangFormat:
+    enabled: false
+
+  # Whether or not to prefer `border: 0` over `border: none`.
+  BorderZero:
+    enabled: false
+
+  # Reports when you define a rule set using a selector with chained classes
+  # (a.k.a. adjoining classes).
+  ChainedClasses:
+    enabled: false
+
+  # Prefer hexadecimal color codes over color keywords.
+  # (e.g. `color: green` is a color keyword)
+  ColorKeyword:
+    enabled: false
+
+  # Prefer color literals (keywords or hexadecimal codes) to be used only in
+  # variable declarations. They should be referred to via variables everywhere
+  # else.
+  ColorVariable:
+    enabled: true
+
+  # Which form of comments to prefer in CSS.
+  Comment:
+    enabled: false
+
+  # Reports @debug statements (which you probably left behind accidentally).
+  DebugStatement:
+    enabled: false
+
+  # Rule sets should be ordered as follows:
+  # - @extend declarations
+  # - @include declarations without inner @content
+  # - properties, @include declarations with inner @content
+  # - nested rule sets.
+  DeclarationOrder:
+    enabled: false
+
+  # `scss-lint:disable` control comments should be preceded by a comment
+  # explaining why these linters are being disabled for this file.
+  # See https://github.com/brigade/scss-lint#disabling-linters-via-source for
+  # more information.
+  DisableLinterReason:
+    enabled: true
+
+  # Reports when you define the same property twice in a single rule set.
+  DuplicateProperty:
+    enabled: false
+
+  # Separate rule, function, and mixin declarations with empty lines.
+  EmptyLineBetweenBlocks:
+    enabled: true
+
+  # Reports when you have an empty rule set.
+  EmptyRule:
+    enabled: true
+
+  # Reports when you have an @extend directive.
+  ExtendDirective:
+    enabled: false
+
+  # Files should always have a final newline. This results in better diffs
+  # when adding lines to the file, since SCM systems such as git won't
+  # think that you touched the last line.
+  FinalNewline:
+    enabled: false
+
+  # HEX colors should use three-character values where possible.
+  HexLength:
+    enabled: false
+
+  # HEX color values should use lower-case colors to differentiate between
+  # letters and numbers, e.g. `#E3E3E3` vs. `#e3e3e3`.
+  HexNotation:
+    enabled: true
+
+  # Avoid using ID selectors.
+  IdSelector:
+    enabled: false
+
+  # The basenames of @imported SCSS partials should not begin with an
+  # underscore and should not include the filename extension.
+  ImportPath:
+    enabled: false
+
+  # Avoid using !important in properties. It is usually indicative of a
+  # misunderstanding of CSS specificity and can lead to brittle code.
+  ImportantRule:
+    enabled: false
+
+  # Indentation should always be done in increments of 2 spaces.
+  Indentation:
+    enabled: true
+    width: 2
+
+  # Don't write leading zeros for numeric values with a decimal point.
+  LeadingZero:
+    enabled: false
+
+  # Reports when you define the same selector twice in a single sheet.
+  MergeableSelector:
+    enabled: false
+
+  # Functions, mixins, variables, and placeholders should be declared
+  # with all lowercase letters and hyphens instead of underscores.
+  NameFormat:
+    enabled: false
+
+  # Avoid nesting selectors too deeply.
+  NestingDepth:
+    enabled: false
+
+  # Always use placeholder selectors in @extend.
+  PlaceholderInExtend:
+    enabled: false
+
+  # Sort properties in a strict order.
+  PropertySortOrder:
+    enabled: false
+
+  # Reports when you use an unknown or disabled CSS property
+  # (ignoring vendor-prefixed properties).
+  PropertySpelling:
+    enabled: false
+
+  # Configure which units are allowed for property values.
+  PropertyUnits:
+    enabled: false
+
+  # Pseudo-elements, like ::before, and ::first-letter, should be declared
+  # with two colons. Pseudo-classes, like :hover and :first-child, should
+  # be declared with one colon.
+  PseudoElement:
+    enabled: true
+
+  # Avoid qualifying elements in selectors (also known as "tag-qualifying").
+  QualifyingElement:
+    enabled: false
+
+  # Don't write selectors with a depth of applicability greater than 3.
+  SelectorDepth:
+    enabled: false
+
+  # Selectors should always use hyphenated-lowercase, rather than camelCase or
+  # snake_case.
+  SelectorFormat:
+    enabled: false
+    convention: hyphenated_lowercase
+
+  # Prefer the shortest shorthand form possible for properties that support it.
+  Shorthand:
+    enabled: true
+
+  # Each property should have its own line, except in the special case of
+  # single line rulesets.
+  SingleLinePerProperty:
+    enabled: true
+    allow_single_line_rule_sets: true
+
+  # Split selectors onto separate lines after each comma, and have each
+  # individual selector occupy a single line.
+  SingleLinePerSelector:
+    enabled: true
+
+  # Commas in lists should be followed by a space.
+  SpaceAfterComma:
+    enabled: false
+
+  # Properties should be formatted with a single space separating the colon
+  # from the property's value.
+  SpaceAfterPropertyColon:
+    enabled: true
+
+  # Properties should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterPropertyName:
+    enabled: true
+
+  # Variables should be formatted with a single space separating the colon
+  # from the variable's value.
+  SpaceAfterVariableColon:
+    enabled: true
+
+  # Variables should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterVariableName:
+    enabled: false
+
+  # Operators should be formatted with a single space on both sides of an
+  # infix operator.
+  SpaceAroundOperator:
+    enabled: true
+
+  # Opening braces should be preceded by a single space.
+  SpaceBeforeBrace:
+    enabled: true
+
+  # Parentheses should not be padded with spaces.
+  SpaceBetweenParens:
+    enabled: false
+
+  # Enforces that string literals should be written with a consistent form
+  # of quotes (single or double).
+  StringQuotes:
+    enabled: false
+
+  # Property values, @extend, @include, and @import directives, and variable
+  # declarations should always end with a semicolon.
+  TrailingSemicolon:
+    enabled: true
+
+  # Reports lines containing trailing whitespace.
+  TrailingWhitespace:
+    enabled: true
+
+  # Don't write trailing zeros for numeric values with a decimal point.
+  TrailingZero:
+    enabled: false
+
+  # Don't use the `all` keyword to specify transition properties.
+  TransitionAll:
+    enabled: false
+
+  # Numeric values should not contain unnecessary fractional portions.
+  UnnecessaryMantissa:
+    enabled: false
+
+  # Do not use parent selector references (&) when they would otherwise
+  # be unnecessary.
+  UnnecessaryParentReference:
+    enabled: false
+
+  # URLs should be valid and not contain protocols or domain names.
+  UrlFormat:
+    enabled: true
+
+  # URLs should always be enclosed within quotes.
+  UrlQuotes:
+    enabled: true
+
+  # Properties, like color and font, are easier to read and maintain
+  # when defined using variables rather than literals.
+  VariableForProperty:
+    enabled: false
+
+  # Avoid vendor prefixes. Or rather: don't write them yourself.
+  VendorPrefix:
+    enabled: false
+
+  # Omit length units on zero values, e.g. `0px` vs. `0`.
+  ZeroUnit:
+    enabled: true
--- a/.storybook/main.ts
+++ b/.storybook/main.ts
@@ -1,40 +0,0 @@
-import { resolve } from 'node:path';
-
-import type { StorybookConfig } from '@storybook/react-vite';
-
-const config: StorybookConfig = {
-  stories: ['../app/javascript/**/*.stories.@(js|jsx|mjs|ts|tsx)'],
-  addons: [
-    '@storybook/addon-docs',
-    '@storybook/addon-a11y',
-    '@storybook/addon-vitest',
-  ],
-  framework: {
-    name: '@storybook/react-vite',
-    options: {},
-  },
-  staticDirs: [
-    './static',
-    // We need to manually specify the assets because of the symlink in public/sw.js
-    ...[
-      'avatars',
-      'emoji',
-      'headers',
-      'sounds',
-      'badge.png',
-      'loading.gif',
-      'loading.png',
-      'oops.gif',
-      'oops.png',
-    ].map((path) => ({ from: `../public/${path}`, to: `/${path}` })),
-    { from: '../app/javascript/images/logo.svg', to: '/custom-emoji/logo.svg' },
-  ],
-  viteFinal(config) {
-    // For an unknown reason, Storybook does not use the root
-    // from the Vite config so we need to set it manually.
-    config.root = resolve(import.meta.dirname, '../app/javascript');
-    return config;
-  },
-};
-
-export default config;
--- a/.storybook/manager.ts
+++ b/.storybook/manager.ts
@@ -1,7 +0,0 @@
-import { addons } from 'storybook/manager-api';
-
-import theme from './storybook-theme';
-
-addons.setConfig({
-  theme,
-});
--- a/.storybook/modes.ts
+++ b/.storybook/modes.ts
@@ -1,8 +0,0 @@
-export const modes = {
-  darkTheme: {
-    theme: 'dark',
-  },
-  lightTheme: {
-    theme: 'light',
-  },
-} as const;
--- a/.storybook/preview-body.html
+++ b/.storybook/preview-body.html
@@ -1,2 +0,0 @@
-<html class="no-reduce-motion" data-color-scheme="light">
-</html>
--- a/.storybook/preview-head.html
+++ b/.storybook/preview-head.html
@@ -1,18 +0,0 @@
-<style>
-	/* Increase docs font size */
-	.sbdocs.sbdocs-content :where(p:not(.sb-anchor, .sb-unstyled, .sb-unstyled p)),
-	.sbdocs.sbdocs-content :where(li:not(.sb-anchor, .sb-unstyled, .sb-unstyled li)) {
-		font-size: 1.0666rem; /* 17px */
-		line-height: 1.585; /* 27px */
-	}
-
-	.sbdocs.sbdocs-content :where(p:not(.sb-anchor, .sb-unstyled, .sb-unstyled p)) code,
-	.sbdocs.sbdocs-content :where(li:not(.sb-anchor, .sb-unstyled, .sb-unstyled li)) code {
-		font-size: 0.875rem; /* ~15px */
-	}
-
-	/* Bring numbers back for ordered lists */
-	ol {
-		list-style: revert !important;
-	}
-</style>
--- a/.storybook/preview.tsx
+++ b/.storybook/preview.tsx
@@ -1,211 +0,0 @@
-import { useEffect, useState } from 'react';
-
-import { IntlProvider } from 'react-intl';
-
-import { MemoryRouter, Route } from 'react-router';
-
-import { configureStore } from '@reduxjs/toolkit';
-import { Provider } from 'react-redux';
-
-import type { Preview } from '@storybook/react-vite';
-import { initialize, mswLoader } from 'msw-storybook-addon';
-import { action } from 'storybook/actions';
-
-import {
-  importCustomEmojiData,
-  importLegacyShortcodes,
-  importEmojiData,
-} from '@/mastodon/features/emoji/loader';
-import type { LocaleData } from '@/mastodon/locales';
-import { reducerWithInitialState } from '@/mastodon/reducers';
-import { defaultMiddleware } from '@/mastodon/store/store';
-import { mockHandlers, unhandledRequestHandler } from '@/testing/api';
-
-import { modes } from './modes';
-
-import '../app/javascript/styles/application.scss';
-import './styles.css';
-
-const localeFiles = import.meta.glob('@/mastodon/locales/*.json', {
-  query: { as: 'json' },
-});
-
-// Initialize MSW
-initialize({
-  onUnhandledRequest: unhandledRequestHandler,
-});
-
-const preview: Preview = {
-  // Auto-generate docs: https://storybook.js.org/docs/writing-docs/autodocs
-  tags: ['autodocs'],
-  globalTypes: {
-    locale: {
-      description: 'Locale for the story',
-      toolbar: {
-        title: 'Locale',
-        icon: 'globe',
-        items: Object.keys(localeFiles).map((path) =>
-          path.replace('/mastodon/locales/', '').replace('.json', ''),
-        ),
-        dynamicTitle: true,
-      },
-    },
-    theme: {
-      description: 'Theme for the story',
-      toolbar: {
-        title: 'Theme',
-        icon: 'circlehollow',
-        items: [{ value: 'light' }, { value: 'dark' }],
-        dynamicTitle: true,
-      },
-    },
-  },
-  initialGlobals: {
-    locale: 'en',
-    theme: 'light',
-  },
-  decorators: [
-    (Story, { parameters, globals, args, argTypes }) => {
-      // Get the locale from the global toolbar
-      // and merge it with any parameters or args state.
-      const { locale } = globals as { locale: string };
-      const { state = {} } = parameters;
-
-      const argsState: Record<string, unknown> = {};
-      for (const [key, value] of Object.entries(args)) {
-        const argType = argTypes[key];
-        if (argType?.reduxPath) {
-          const reduxPath = Array.isArray(argType.reduxPath)
-            ? argType.reduxPath.map((p) => p.toString())
-            : argType.reduxPath.split('.');
-
-          reduxPath.reduce((acc, key, i) => {
-            if (acc[key] === undefined) {
-              acc[key] = {};
-            }
-            if (i === reduxPath.length - 1) {
-              acc[key] = value;
-            }
-            return acc[key] as Record<string, unknown>;
-          }, argsState);
-        }
-      }
-
-      const reducer = reducerWithInitialState(
-        {
-          meta: {
-            locale,
-          },
-        },
-        state as Record<string, unknown>,
-        argsState,
-      );
-
-      const store = configureStore({
-        reducer,
-        middleware(getDefaultMiddleware) {
-          return getDefaultMiddleware(defaultMiddleware);
-        },
-      });
-      return (
-        <Provider store={store}>
-          <Story />
-        </Provider>
-      );
-    },
-    (Story, { globals }) => {
-      const currentLocale = (globals.locale as string) || 'en';
-      const [messages, setMessages] = useState<
-        Record<string, Record<string, string>>
-      >({});
-      const currentLocaleData = messages[currentLocale];
-
-      useEffect(() => {
-        async function loadLocaleData() {
-          const { default: localeFile } = (await import(
-            `@/mastodon/locales/${currentLocale}.json`
-          )) as { default: LocaleData['messages'] };
-          setMessages((prevLocales) => ({
-            ...prevLocales,
-            [currentLocale]: localeFile,
-          }));
-        }
-        if (!currentLocaleData) {
-          void loadLocaleData();
-        }
-      }, [currentLocale, currentLocaleData]);
-
-      return (
-        <IntlProvider
-          locale={currentLocale}
-          messages={currentLocaleData}
-          textComponent='span'
-        >
-          <Story />
-        </IntlProvider>
-      );
-    },
-    (Story, { globals }) => {
-      const theme = (globals.theme as string) || 'light';
-      useEffect(() => {
-        document.body.setAttribute('data-color-scheme', theme);
-      }, [theme]);
-      return <Story />;
-    },
-    (Story) => (
-      <MemoryRouter>
-        <Story />
-        <Route
-          path='*'
-          // eslint-disable-next-line react/jsx-no-bind
-          render={({ location }) => {
-            if (location.pathname !== '/') {
-              action(`route change to ${location.pathname}`)(location);
-            }
-            return null;
-          }}
-        />
-      </MemoryRouter>
-    ),
-  ],
-  loaders: [
-    mswLoader,
-    importCustomEmojiData,
-    importLegacyShortcodes,
-    ({ globals: { locale } }) => importEmojiData(locale as string),
-  ],
-  parameters: {
-    layout: 'centered',
-
-    controls: {
-      matchers: {
-        color: /(background|color)$/i,
-        date: /Date$/i,
-      },
-    },
-
-    a11y: {
-      // 'todo' - show a11y violations in the test UI only
-      // 'error' - fail CI on a11y violations
-      // 'off' - skip a11y checks entirely
-      test: 'todo',
-    },
-
-    state: {},
-
-    docs: {},
-
-    msw: {
-      handlers: mockHandlers,
-    },
-
-    chromatic: {
-      modes: {
-        dark: modes.darkTheme,
-        light: modes.lightTheme,
-      },
-    },
-  },
-};
-
-export default preview;
--- a/.storybook/static/mockServiceWorker.js
+++ b/.storybook/static/mockServiceWorker.js
@@ -1,349 +0,0 @@
-/* eslint-disable */
-/* tslint:disable */
-
-/**
- * Mock Service Worker.
- * @see https://github.com/mswjs/msw
- * - Please do NOT modify this file.
- */
-
-const PACKAGE_VERSION = '2.12.1'
-const INTEGRITY_CHECKSUM = '4db4a41e972cec1b64cc569c66952d82'
-const IS_MOCKED_RESPONSE = Symbol('isMockedResponse')
-const activeClientIds = new Set()
-
-addEventListener('install', function () {
-  self.skipWaiting()
-})
-
-addEventListener('activate', function (event) {
-  event.waitUntil(self.clients.claim())
-})
-
-addEventListener('message', async function (event) {
-  const clientId = Reflect.get(event.source || {}, 'id')
-
-  if (!clientId || !self.clients) {
-    return
-  }
-
-  const client = await self.clients.get(clientId)
-
-  if (!client) {
-    return
-  }
-
-  const allClients = await self.clients.matchAll({
-    type: 'window',
-  })
-
-  switch (event.data) {
-    case 'KEEPALIVE_REQUEST': {
-      sendToClient(client, {
-        type: 'KEEPALIVE_RESPONSE',
-      })
-      break
-    }
-
-    case 'INTEGRITY_CHECK_REQUEST': {
-      sendToClient(client, {
-        type: 'INTEGRITY_CHECK_RESPONSE',
-        payload: {
-          packageVersion: PACKAGE_VERSION,
-          checksum: INTEGRITY_CHECKSUM,
-        },
-      })
-      break
-    }
-
-    case 'MOCK_ACTIVATE': {
-      activeClientIds.add(clientId)
-
-      sendToClient(client, {
-        type: 'MOCKING_ENABLED',
-        payload: {
-          client: {
-            id: client.id,
-            frameType: client.frameType,
-          },
-        },
-      })
-      break
-    }
-
-    case 'CLIENT_CLOSED': {
-      activeClientIds.delete(clientId)
-
-      const remainingClients = allClients.filter((client) => {
-        return client.id !== clientId
-      })
-
-      // Unregister itself when there are no more clients
-      if (remainingClients.length === 0) {
-        self.registration.unregister()
-      }
-
-      break
-    }
-  }
-})
-
-addEventListener('fetch', function (event) {
-  const requestInterceptedAt = Date.now()
-
-  // Bypass navigation requests.
-  if (event.request.mode === 'navigate') {
-    return
-  }
-
-  // Opening the DevTools triggers the "only-if-cached" request
-  // that cannot be handled by the worker. Bypass such requests.
-  if (
-    event.request.cache === 'only-if-cached' &&
-    event.request.mode !== 'same-origin'
-  ) {
-    return
-  }
-
-  // Bypass all requests when there are no active clients.
-  // Prevents the self-unregistered worked from handling requests
-  // after it's been terminated (still remains active until the next reload).
-  if (activeClientIds.size === 0) {
-    return
-  }
-
-  const requestId = crypto.randomUUID()
-  event.respondWith(handleRequest(event, requestId, requestInterceptedAt))
-})
-
-/**
- * @param {FetchEvent} event
- * @param {string} requestId
- * @param {number} requestInterceptedAt
- */
-async function handleRequest(event, requestId, requestInterceptedAt) {
-  const client = await resolveMainClient(event)
-  const requestCloneForEvents = event.request.clone()
-  const response = await getResponse(
-    event,
-    client,
-    requestId,
-    requestInterceptedAt,
-  )
-
-  // Send back the response clone for the "response:*" life-cycle events.
-  // Ensure MSW is active and ready to handle the message, otherwise
-  // this message will pend indefinitely.
-  if (client && activeClientIds.has(client.id)) {
-    const serializedRequest = await serializeRequest(requestCloneForEvents)
-
-    // Clone the response so both the client and the library could consume it.
-    const responseClone = response.clone()
-
-    sendToClient(
-      client,
-      {
-        type: 'RESPONSE',
-        payload: {
-          isMockedResponse: IS_MOCKED_RESPONSE in response,
-          request: {
-            id: requestId,
-            ...serializedRequest,
-          },
-          response: {
-            type: responseClone.type,
-            status: responseClone.status,
-            statusText: responseClone.statusText,
-            headers: Object.fromEntries(responseClone.headers.entries()),
-            body: responseClone.body,
-          },
-        },
-      },
-      responseClone.body ? [serializedRequest.body, responseClone.body] : [],
-    )
-  }
-
-  return response
-}
-
-/**
- * Resolve the main client for the given event.
- * Client that issues a request doesn't necessarily equal the client
- * that registered the worker. It's with the latter the worker should
- * communicate with during the response resolving phase.
- * @param {FetchEvent} event
- * @returns {Promise<Client | undefined>}
- */
-async function resolveMainClient(event) {
-  const client = await self.clients.get(event.clientId)
-
-  if (activeClientIds.has(event.clientId)) {
-    return client
-  }
-
-  if (client?.frameType === 'top-level') {
-    return client
-  }
-
-  const allClients = await self.clients.matchAll({
-    type: 'window',
-  })
-
-  return allClients
-    .filter((client) => {
-      // Get only those clients that are currently visible.
-      return client.visibilityState === 'visible'
-    })
-    .find((client) => {
-      // Find the client ID that's recorded in the
-      // set of clients that have registered the worker.
-      return activeClientIds.has(client.id)
-    })
-}
-
-/**
- * @param {FetchEvent} event
- * @param {Client | undefined} client
- * @param {string} requestId
- * @param {number} requestInterceptedAt
- * @returns {Promise<Response>}
- */
-async function getResponse(event, client, requestId, requestInterceptedAt) {
-  // Clone the request because it might've been already used
-  // (i.e. its body has been read and sent to the client).
-  const requestClone = event.request.clone()
-
-  function passthrough() {
-    // Cast the request headers to a new Headers instance
-    // so the headers can be manipulated with.
-    const headers = new Headers(requestClone.headers)
-
-    // Remove the "accept" header value that marked this request as passthrough.
-    // This prevents request alteration and also keeps it compliant with the
-    // user-defined CORS policies.
-    const acceptHeader = headers.get('accept')
-    if (acceptHeader) {
-      const values = acceptHeader.split(',').map((value) => value.trim())
-      const filteredValues = values.filter(
-        (value) => value !== 'msw/passthrough',
-      )
-
-      if (filteredValues.length > 0) {
-        headers.set('accept', filteredValues.join(', '))
-      } else {
-        headers.delete('accept')
-      }
-    }
-
-    return fetch(requestClone, { headers })
-  }
-
-  // Bypass mocking when the client is not active.
-  if (!client) {
-    return passthrough()
-  }
-
-  // Bypass initial page load requests (i.e. static assets).
-  // The absence of the immediate/parent client in the map of the active clients
-  // means that MSW hasn't dispatched the "MOCK_ACTIVATE" event yet
-  // and is not ready to handle requests.
-  if (!activeClientIds.has(client.id)) {
-    return passthrough()
-  }
-
-  // Notify the client that a request has been intercepted.
-  const serializedRequest = await serializeRequest(event.request)
-  const clientMessage = await sendToClient(
-    client,
-    {
-      type: 'REQUEST',
-      payload: {
-        id: requestId,
-        interceptedAt: requestInterceptedAt,
-        ...serializedRequest,
-      },
-    },
-    [serializedRequest.body],
-  )
-
-  switch (clientMessage.type) {
-    case 'MOCK_RESPONSE': {
-      return respondWithMock(clientMessage.data)
-    }
-
-    case 'PASSTHROUGH': {
-      return passthrough()
-    }
-  }
-
-  return passthrough()
-}
-
-/**
- * @param {Client} client
- * @param {any} message
- * @param {Array<Transferable>} transferrables
- * @returns {Promise<any>}
- */
-function sendToClient(client, message, transferrables = []) {
-  return new Promise((resolve, reject) => {
-    const channel = new MessageChannel()
-
-    channel.port1.onmessage = (event) => {
-      if (event.data && event.data.error) {
-        return reject(event.data.error)
-      }
-
-      resolve(event.data)
-    }
-
-    client.postMessage(message, [
-      channel.port2,
-      ...transferrables.filter(Boolean),
-    ])
-  })
-}
-
-/**
- * @param {Response} response
- * @returns {Response}
- */
-function respondWithMock(response) {
-  // Setting response status code to 0 is a no-op.
-  // However, when responding with a "Response.error()", the produced Response
-  // instance will have status code set to 0. Since it's not possible to create
-  // a Response instance with status code 0, handle that use-case separately.
-  if (response.status === 0) {
-    return Response.error()
-  }
-
-  const mockedResponse = new Response(response.body, response)
-
-  Reflect.defineProperty(mockedResponse, IS_MOCKED_RESPONSE, {
-    value: true,
-    enumerable: true,
-  })
-
-  return mockedResponse
-}
-
-/**
- * @param {Request} request
- */
-async function serializeRequest(request) {
-  return {
-    url: request.url,
-    mode: request.mode,
-    method: request.method,
-    headers: Object.fromEntries(request.headers.entries()),
-    cache: request.cache,
-    credentials: request.credentials,
-    destination: request.destination,
-    integrity: request.integrity,
-    redirect: request.redirect,
-    referrer: request.referrer,
-    referrerPolicy: request.referrerPolicy,
-    body: await request.arrayBuffer(),
-    keepalive: request.keepalive,
-  }
-}
--- a/.storybook/storybook-theme.ts
+++ b/.storybook/storybook-theme.ts
@@ -1,7 +0,0 @@
-import { create } from 'storybook/theming';
-
-export default create({
-  base: 'light',
-  brandTitle: 'Mastodon Storybook',
-  brandImage: 'https://joinmastodon.org/logos/wordmark-black-text.svg',
-});
--- a/.storybook/storybook.d.ts
+++ b/.storybook/storybook.d.ts
@@ -1,20 +0,0 @@
-// The addon package.json incorrectly exports types, so we need to override them here.
-
-import type { RootState } from '@/mastodon/store';
-
-// See: https://github.com/storybookjs/storybook/blob/v9.0.4/code/addons/vitest/package.json#L70-L76
-declare module '@storybook/addon-vitest/vitest-plugin' {
-  export * from '@storybook/addon-vitest/dist/vitest-plugin/index';
-}
-
-type RootPathKeys = keyof RootState;
-
-declare module 'storybook/internal/csf' {
-  export interface InputType {
-    reduxPath?:
-      | `${RootPathKeys}.${string}`
-      | [RootPathKeys, ...(string | number)[]];
-  }
-}
-
-export {};
--- a/.storybook/styles.css
+++ b/.storybook/styles.css
@@ -1,8 +0,0 @@
-a {
-  color: inherit;
-  text-decoration: none;
-}
-
-a:hover {
-  text-decoration: underline;
-}
--- a/.storybook/vitest.setup.ts
+++ b/.storybook/vitest.setup.ts
@@ -1,8 +0,0 @@
-import * as a11yAddonAnnotations from '@storybook/addon-a11y/preview';
-import { setProjectAnnotations } from '@storybook/react-vite';
-
-import * as projectAnnotations from './preview';
-
-// This is an important step to apply the right configuration when testing your stories.
-// More info at: https://storybook.js.org/docs/api/portable-stories/portable-stories-vitest#setprojectannotations
-setProjectAnnotations([a11yAddonAnnotations, projectAnnotations]);
--- a/.travis.yml
+++ b/.travis.yml
@@ -0,0 +1,60 @@
+language: ruby
+cache:
+  bundler: true
+  yarn: true
+  directories:
+    - node_modules
+    - public/assets
+    - public/packs-test
+    - tmp/cache/babel-loader
+dist: trusty
+sudo: false
+
+notifications:
+  email: false
+
+env:
+  global:
+    - LOCAL_DOMAIN=cb6e6126.ngrok.io
+    - LOCAL_HTTPS=true
+    - RAILS_ENV=test
+    - PARALLEL_TEST_PROCESSORS=2
+    - ALLOW_NOPAM=true
+
+addons:
+  postgresql: 9.4
+  apt:
+    sources:
+      - trusty-media
+      - sourceline: deb https://dl.yarnpkg.com/debian/ stable main
+        key_url: https://dl.yarnpkg.com/debian/pubkey.gpg
+    packages:
+      - ffmpeg
+      - libicu-dev
+      - libprotobuf-dev
+      - protobuf-compiler
+      - yarn
+
+rvm:
+  - 2.4.3
+  - 2.5.1
+
+services:
+  - redis-server
+
+install:
+  - nvm install
+  - bundle install --path=vendor/bundle --with pam_authentication --without development production --retry=3 --jobs=16
+  - yarn install
+
+# https://github.com/travis-ci/travis-ci/issues/9333
+before_install:
+  - gem install bundler
+
+before_script:
+  - travis_wait ./bin/rails parallel:create parallel:load_schema parallel:prepare assets:precompile
+
+script:
+  - travis_retry bundle exec parallel_test spec/ --group-by filesize --type rspec
+  - yarn run test:jest
+  - bundle exec i18n-tasks check-normalized && bundle exec i18n-tasks unused
--- a/.watchmanconfig
+++ b/.watchmanconfig
@@ -1,3 +0,0 @@
-{
-  "ignore_dirs": ["node_modules/", "public/"]
-}
--- a/.yarnclean
+++ b/.yarnclean
@@ -0,0 +1,46 @@
+# test directories
+__tests__
+test
+tests
+powered-test
+
+# asset directories
+docs
+doc
+website
+images
+# assets
+
+# examples
+example
+examples
+
+# code coverage directories
+coverage
+.nyc_output
+
+# build scripts
+Makefile
+Gulpfile.js
+Gruntfile.js
+
+# configs
+.tern-project
+.gitattributes
+.editorconfig
+.*ignore
+.eslintrc
+.jshintrc
+.flowconfig
+.documentup.json
+.yarn-metadata.json
+.*.yml
+*.yml
+
+# misc
+*.gz
+*.md
+
+# for specific ignore
+!.svgo.yml
+
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -1 +0,0 @@
-nodeLinker: node-modules
--- a/AUTHORS.md
+++ b/AUTHORS.md
--- a/15
+++ b/15
@@ -1,5 +1,10 @@
-libidn12
-# for idn-ruby on heroku-24 stack
-
-# use https://github.com/heroku/heroku-buildpack-activestorage-preview
-# in place for ffmpeg and its dependent packages to reduce slag size
+ffmpeg
+libicu[0-9][0-9]
+libicu-dev
+libidn11
+libidn11-dev
+libpq-dev
+libprotobuf-dev
+libxdamage1
+libxfixes3
+protobuf-compiler
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -2,131 +2,45 @@

 ## Our Pledge

-We as members, contributors, and leaders pledge to make participation in our
-community a harassment-free experience for everyone, regardless of age, body
-size, visible or invisible disability, ethnicity, sex characteristics, gender
-identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, caste, color, religion, or sexual
-identity and orientation.
-
-We pledge to act and interact in ways that contribute to an open, welcoming,
-diverse, inclusive, and healthy community.
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.

 ## Our Standards

-Examples of behavior that contributes to a positive environment for our
-community include:
+Examples of behavior that contributes to creating a positive environment include:

- Demonstrating empathy and kindness toward other people
- Being respectful of differing opinions, viewpoints, and experiences
- Giving and gracefully accepting constructive feedback
- Accepting responsibility and apologizing to those affected by our mistakes,
-  and learning from the experience
- Focusing on what is best not just for us as individuals, but for the overall
-  community
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members

-Examples of unacceptable behavior include:
+Examples of unacceptable behavior by participants include:

- The use of sexualized language or imagery, and sexual attention or advances of
-  any kind
- Trolling, insulting or derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or email address,
-  without their explicit permission
- Other conduct which could reasonably be considered inappropriate in a
-  professional setting
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting

-## Enforcement Responsibilities
+## Our Responsibilities

-Community leaders are responsible for clarifying and enforcing our standards of
-acceptable behavior and will take appropriate and fair corrective action in
-response to any behavior that they deem inappropriate, threatening, offensive,
-or harmful.
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.

-Community leaders have the right and responsibility to remove, edit, or reject
-comments, commits, code, wiki edits, issues, and other contributions that are
-not aligned to this Code of Conduct, and will communicate reasons for moderation
-decisions when appropriate.
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.

 ## Scope

-This Code of Conduct applies within all community spaces, and also applies when
-an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
-posting via an official social media account, or acting as an appointed
-representative at an online or offline event.
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.

 ## Enforcement

-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported to the community leaders responsible for enforcement at
-[hello@joinmastodon.org](mailto:hello@joinmastodon.org).
-All complaints will be reviewed and investigated promptly and fairly.
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at beatrix.bitrot@gmail.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.

-All community leaders are obligated to respect the privacy and security of the
-reporter of any incident.
-
-## Enforcement Guidelines
-
-Community leaders will follow these Community Impact Guidelines in determining
-the consequences for any action they deem in violation of this Code of Conduct:
-
-### 1. Correction
-
-**Community Impact**: Use of inappropriate language or other behavior deemed
-unprofessional or unwelcome in the community.
-
-**Consequence**: A private, written warning from community leaders, providing
-clarity around the nature of the violation and an explanation of why the
-behavior was inappropriate. A public apology may be requested.
-
-### 2. Warning
-
-**Community Impact**: A violation through a single incident or series of
-actions.
-
-**Consequence**: A warning with consequences for continued behavior. No
-interaction with the people involved, including unsolicited interaction with
-those enforcing the Code of Conduct, for a specified period of time. This
-includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or permanent
-ban.
-
-### 3. Temporary Ban
-
-**Community Impact**: A serious violation of community standards, including
-sustained inappropriate behavior.
-
-**Consequence**: A temporary ban from any sort of interaction or public
-communication with the community for a specified period of time. No public or
-private interaction with the people involved, including unsolicited interaction
-with those enforcing the Code of Conduct, is allowed during this period.
-Violating these terms may lead to a permanent ban.
-
-### 4. Permanent Ban
-
-**Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior, harassment of an
-individual, or aggression toward or disparagement of classes of individuals.
-
-**Consequence**: A permanent ban from any sort of public interaction within the
-community.
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.

 ## Attribution

-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.1, available at
-[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]

-Community Impact Guidelines were inspired by
-[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
-
-For answers to common questions about this code of conduct, see the FAQ at
-[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
-[https://www.contributor-covenant.org/translations][translations].
-
-[homepage]: https://www.contributor-covenant.org
-[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
-[Mozilla CoC]: https://github.com/mozilla/diversity
-[FAQ]: https://www.contributor-covenant.org/faq
-[translations]: https://www.contributor-covenant.org/translations
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .14
				`@@ -0,0 +1 @@`
				`LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/app/.apt/lib/x86_64-linux-gnu:/app/.apt/usr/lib/x86_64-linux-gnu/mesa:/app/.apt/usr/lib/x86_64-linux-gnu/pulseaudio`
@@ -1 +1 @@
 .4.8
 .5.1