Fix image uploads being perfectly white when canvas read access is blocked (#11499)

Fixes #11496

Improve keyboard navigation in privacy dropdown (#11492)

* Trap tab in privacy dropdown

* Give focus back to last focused element when privacy dropdown menu closes

* Actually give back focus to the element that had it before clicking the dropdown

Improve dropdown menu keyboard navigation (#11491)

* Allow selecting menu items with the space bar in status dropdown menus

* Fix modals opened by keyboard navigation being immediately closed

* Fix menu items triggering modal actions

* Add Tab trapping inside dropdown menu

* Give focus back to last focused element when status dropdown menu closes

Trap tab in modals (#11493)

Fix privacy dropdown active state when dropdown is placed on top of it (#11495)

Change admin UI for hashtags and add back whitelisted trends (#11490)

Fix #271

Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.

When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.

The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.

The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`

Bump rubocop from 0.73.0 to 0.74.0 (#11486)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.73.0 to 0.74.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.73.0...v0.74.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump webmock from 3.6.0 to 3.6.2 (#11488)

Bumps [webmock](https://github.com/bblimke/webmock) from 3.6.0 to 3.6.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.6.0...v3.6.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump dotenv-rails from 2.7.4 to 2.7.5 (#11487)

Bumps [dotenv-rails](https://github.com/bkeepers/dotenv) from 2.7.4 to 2.7.5.
- [Release notes](https://github.com/bkeepers/dotenv/releases)
- [Changelog](https://github.com/bkeepers/dotenv/blob/master/Changelog.md)
- [Commits](https://github.com/bkeepers/dotenv/compare/v2.7.4...v2.7.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/plugin-transform-react-jsx-source from 7.2.0 to 7.5.0 (#11482)

Bumps [@babel/plugin-transform-react-jsx-source](https://github.com/babel/babel) from 7.2.0 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump capybara from 3.27.0 to 3.28.0 (#11484)

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.27.0 to 3.28.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.27.0...3.28.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump webpack-cli from 3.3.5 to 3.3.6 (#11481)

Bumps [webpack-cli](https://github.com/webpack/webpack-cli) from 3.3.5 to 3.3.6.
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/v3.3.6/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.5...v3.3.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump eslint-plugin-react from 7.14.2 to 7.14.3 (#11480)

Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.14.2 to 7.14.3.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.14.2...v7.14.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Fix timestamp on featured tag (#11477)

It resolves #11338

Add option to exclude suspended domains/subdomains from tootctl domains crawl (#11454)

* Add "--exclude-suspended" to tootctl domains crawl

This new option ignores any instances suspended server-wide as
well as their associated subdomains. This queries all domain
blocks up front, then runs a regexp on each domain. This improves
performance over what may be the obvious implementation, which is
to ask `DomainBlocks.blocked?(domain)` for each domain -- this
hits the DB many times, slowing things down considerably.

* cleaning up code style

* Compiling regex

* Removing ternary operator

Change icon button styles to make hover/focus states more obvious (#11474)

* Change icon buttons styles to make hover/focused states more obvious

* Fix CW button size inconsistency

* Fix icon button background color consistency

Disable list title validation button when list title is empty (#11475)

Fix tag score not being updated when the tag is trending (#11465)

Fix scroll to top in single column UI (#11463)

Remove XML version of Webfinger and remove links to Atom feeds (#11460)

Fix #11453

Fix column header scrolling with the page (#11458)

Regression from aa22b38

Fix jumping of toot date when clicking spoiler button (#11449)

* Fix jumping of toot date when clicking spoiler button

* Fix lint

Fix delete regression (#11450)

Regression from ff789a751a1c730e4d808410411196b76caff39c

Change hashtag search to only return results that have trended in the past (#11448)

* Change hashtag search to only return results that have trended in the past

A way to eliminate typos and other one-off "junk" results

* Fix excluding exact matches that don't have a score

* Fix tests

Fix boosting & unboosting preventing a boost from appearing in the TL (#11405)

* Fix boosting & unboosting preventing a boost from appearing in the TL

* Add tests

* Avoids side effects when aggregate_reblogs isn't true

Add hashtag score for better sorting of autosuggestions (#11427)

* Add hashtag score for better sorting of autosuggestions

* Do not use `~<~` operator with no text_pattern_ops index

Change links in webUI to rewrite misleading links (#11426)

* [WiP] Show host for “misleading” links

* Disallow misleading targets which domain names are prefixes of link text

* Move decodeIDNA to app/javascript/mastodon/utils

* Add support for international domain names

* Change link origin tag color to darker text color

* Handle links to domains starting with www. as shortened by Mastodon

* [WiP] Ignore links that cannot be misread as URLs, rewrite other links

Fix crash when expanding search results for hashtags (#11447)

Add whitelist mode (#11291)

Bump yargs from 12.0.5 to 13.3.0 (#11434)

Bumps [yargs](https://github.com/yargs/yargs) from 12.0.5 to 13.3.0.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v12.0.5...v13.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

let bundler fetch http_parser.rb submodules (#11444)

Fix tag normalization and migration not removing duplicate tags (#11441)

Fix #11428

Bump oj from 3.8.0 to 3.8.1 (#11435)

Bumps [oj](https://github.com/ohler55/oj) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.8.0...v3.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump capybara from 3.26.0 to 3.27.0 (#11437)

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.26.0 to 3.27.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.26.0...3.27.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump httplog from 1.3.1 to 1.3.2 (#11436)

Bumps [httplog](https://github.com/trusche/httplog) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/trusche/httplog/releases)
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trusche/httplog/compare/v1.3.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump brakeman from 4.5.1 to 4.6.1 (#11438)

Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.5.1 to 4.6.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.5.1...v4.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump sass from 1.20.3 to 1.22.7 (#11432)

Bumps [sass](https://github.com/sass/dart-sass) from 1.20.3 to 1.22.7.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.20.3...1.22.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump aws-sdk-s3 from 1.45.0 to 1.46.0 (#11439)

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.45.0 to 1.46.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.45.0...v1.46.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump autoprefixer from 9.6.0 to 9.6.1 (#11431)

Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.6.0 to 9.6.1.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.6.0...9.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Fix emoji autosuggestions (#11442)

Regression from cfb2ed78231758a79af038a964ab7f7b7b35274e

Bump @babel/preset-env from 7.4.5 to 7.5.5 (#11433)

Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.4.5 to 7.5.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.4.5...v7.5.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump file-loader from 4.0.0 to 4.1.0 (#11430)

Bumps [file-loader](https://github.com/webpack-contrib/file-loader) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/webpack-contrib/file-loader/releases)
- [Changelog](https://github.com/webpack-contrib/file-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/file-loader/compare/v4.0.0...v4.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Revert "Remove conversation URI (#11423)" (#11424)

This reverts commit 75f7f9930eb2a6f5c4041ec44fe0aa795c9ec449.

Remove conversation URI (#11423)

It is not part of ActivityPub and will free up a lot of space

Add autosuggestions for hashtags (#11422)

Bump json-ld-preloaded from 3.0.2 to 3.0.3 (#11316)

* Bump json-ld-preloaded from 3.0.2 to 3.0.3

Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.0.2...3.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* use json-ld edge

Add `tootctl preview_cards remove` (#11320)

* Add `tootctl preview_cards remove`

* fix code style

* Remove `Scheduler::PreviewCardsCleanupScheduler` file

* fix code style again
Add exclude case where image_file_name is blank

* Added a function to output confirmation if the specified number of days is less than 2 weeks

Fix animate on hover in poll options without CW (#11404)

Prevent archiving when user set "noindex" (#11421)

Change contrast of status links that are not mentions nor hashtags (#11406)

Change hashtags to preserve first-used casing (#11416)

Fix tabs bar scrolling along with content on mobile (#11418)

Implement pending tests (#11415)

Add search results pagination to web UI (#11409)

* Add search results pagination to web UI

Fix #10737

* Fix code style issue

Add search syntax for operators and phrases (#11411)

Remove timestamps from converted images to make them deterministic (#11408)

Fix invites not being disabled upon account suspension (#11412)

* Disable invite links from disabled/suspended users

* Add has_many invites relationship to users

* Destroy unused invites when suspending an account

Remove pre from version, add extra suffix variable (#11407)

Change settings to show restricted accounts only what they have access to (#11394)

Follow-up to 964ae8eee593687f922c873fa7b378bb6e3e39bb

Change account domain block to clear out notifications and follows (#11393)

 Don't delete periods when validating username uniqueness (#11392) (#11400)

* Check to make sure usernames with '.' cannot be created

* Add test for instance actor account name conflicts

This makes sure that migration 20190715164535_add_instance_actor
won't fail if there's already an account that is named the same
as the domain (minus the .)

* Put the test into the correct context...

* Add another test to split this into two validations

* Don't delete periods when validating username uniqueness (#11392)

The 20190715164535_add_instance_actor migration fails if there's
already a username similar to the domain name, e.g. if you are
'vulpine.club' and have a user named 'vulpineclub', validation
fails.

Upon further review, usernames with periods are dropped by the
regular expression in the Account class, so we don't need to
worry about it here.

Fixes #11392

Remove modules.localIdentName (#11398)

Fix scrolling in single-column mode on Chrome (#11395)

Fixes #11389

Bump active_model_serializers from 0.10.9 to 0.10.10 (#11311)

* Bump active_model_serializers from 0.10.9 to 0.10.10

Bumps [active_model_serializers](https://github.com/rails-api/active_model_serializers) from 0.10.9 to 0.10.10.
- [Release notes](https://github.com/rails-api/active_model_serializers/releases)
- [Changelog](https://github.com/rails-api/active_model_serializers/blob/v0.10.10/CHANGELOG.md)
- [Commits](https://github.com/rails-api/active_model_serializers/compare/v0.10.9...v0.10.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Add root option to render method

List columns within the method (#11377)

To avoid the exception:

NoMethodError: undefined method `perform' for nil:NilClass
.../vendor/bundle/ruby/2.6.0/gems/strong_migrations-0.4.1/lib/strong_migrations/migration.rb:14:in `method_missing'
.../vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.3/lib/active_record/migration.rb:604:in `method_missing'
.../db/migrate/20170918125918_ids_to_bigints.rb:69:in `<class:IdsToBigints>'
.../db/migrate/20170918125918_ids_to_bigints.rb:3:in `<top (required)>'

Bump css-loader from 2.1.1 to 3.1.0 (#11382)

* Bump css-loader from 2.1.1 to 3.1.0

Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 2.1.1 to 3.1.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v2.1.1...v3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* localIdentName -> modules.localIdentName

Bump browser from 2.5.3 to 2.6.1 (#11388)

Bumps [browser](https://github.com/fnando/browser) from 2.5.3 to 2.6.1.
- [Release notes](https://github.com/fnando/browser/releases)
- [Changelog](https://github.com/fnando/browser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fnando/browser/compare/v2.5.3...v2.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump oj from 3.7.12 to 3.8.0 (#11387)

Bumps [oj](https://github.com/ohler55/oj) from 3.7.12 to 3.8.0.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.7.12...v3.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rubocop from 0.72.0 to 0.73.0 (#11384)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.72.0 to 0.73.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.72.0...v0.73.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump premailer-rails from 1.10.2 to 1.10.3 (#11386)

Bumps [premailer-rails](https://github.com/fphilipe/premailer-rails) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/fphilipe/premailer-rails/releases)
- [Changelog](https://github.com/fphilipe/premailer-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fphilipe/premailer-rails/compare/v1.10.2...v1.10.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump capybara from 3.25.0 to 3.26.0 (#11385)

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.25.0 to 3.26.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.25.0...3.26.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Change unconfirmed user login behaviour (#11375)

Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.

Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.

After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.

Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.

Bump eslint from 5.16.0 to 6.1.0 (#11383)

Bumps [eslint](https://github.com/eslint/eslint) from 5.16.0 to 6.1.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v5.16.0...v6.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump babel-eslint from 10.0.1 to 10.0.2 (#11381)

Bumps [babel-eslint](https://github.com/babel/babel-eslint) from 10.0.1 to 10.0.2.
- [Release notes](https://github.com/babel/babel-eslint/releases)
- [Commits](https://github.com/babel/babel-eslint/compare/v10.0.1...v10.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump intl-relativeformat from 6.4.2 to 6.4.3 (#11380)

Bumps [intl-relativeformat](https://github.com/formatjs/formatjs) from 6.4.2 to 6.4.3.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@6.4.2...intl-relativeformat@6.4.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @clusterws/cws from 0.14.0 to 0.15.0 (#11379)

Bumps @clusterws/cws from 0.14.0 to 0.15.0.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bind servers to 0.0.0.0 in Procfile (#11378)

* Bind to 0.0.0.0

* Make Procfile common to main and streaming apps

Add (back) rails-level JSON caching (#11333)

Fix boost to original audience not working on mobile (#11371)

Play animated custom emoji on hover (#11348)

* Play animated custom emoji on hover in status

* Play animated custom emoji on hover in display names

* Play animated custom emoji on hover in bios/bio fields

* Add support for animation on hover on public pages emojis too

* Fix tests

* Code style cleanup

Fix `alerts` booleans not being typecast correctly in push subscription (#11343)

* Fix `alerts` booleans not being typecast correctly in push subscription

Fix #10789

* Fix typo

Change locale detection to run once per session (#8657)

Fix #6462

Remove WebSub subscriptions (#11303)

Display custom emoji in bio field names (#11350)

Already displayed in public pages, but not WebUI

Not to create an account if already exist (#11366)

Disallow numeric-only hashtags (#11363)

* Add spec covering numeric-only hashtags

* Fix hashtag regex

Fix some flash notices/alerts staying on unrelated pages (#11364)

Bump strong_migrations from 0.4.0 to 0.4.1 (#11307)

Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.4.0...v0.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Change single-column mode to scroll the whole page (#11359)

Fix #10840

Fix avatar animation on hover when not logged in (#11349)

Added logout to dropdown menu (#11353)

* Added logout to dropdown menu

* Triggering build-and-test with empty commit as it seems it failed due to some internal failure

* Looks fine, ready to review

* Added changes from review

* method can be null without any problems

* Also target can be null

Fix sanitizing lists contents (#11354)

* Add test

* Fix code for sanitizing nested lists stripping all tags

Add ActivityPub actor representing the entire server (#11321)

* Add support for an instance actor

* Skip username validation for local Application accounts

* Add migration script to create instance actor

* Make Codeclimate happy

* Switch to id -99 for instance actor

* Remove unused `icon` and `image` attributes from instance actor

* Use if/elsif/else instead of return + ternary operator

* Add instance actor to fresh installs

* Use instance actor as instance representative

Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.

* Seed database in test environment

* Fix single-user mode

* Fix tests

* Fix specs to accomodate for an extra `Account`

* Auto-reject follows on instance actor

Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.

* Fix webfinger lookup and serialization for instance actor

* Rename instance actor

* Make it clear in the HTML view that the instance actor should not be blocked

* Raise cache time for instance actor as there's no dynamic content

* Re-use /about/more with a flash message for instance actor profile

Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351)

Fix only one middle dot being recognized in hashtags (#11345)

Fix #10934

Add aac, m4a, 3gp to allowed audio formats (#11342)

Fix #11186

Change language detection to include hashtags as words (#11341)

Bump rack-attack from 6.0.0 to 6.1.0 (#11313)

Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.0.0...v6.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rubocop-rails from 2.2.0 to 2.2.1 (#11308)

Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.2.0...v2.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump puma from 3.12.1 to 4.0.1 (#11306)

Bumps [puma](https://github.com/puma/puma) from 3.12.1 to 4.0.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v3.12.1...v4.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>