Fix settings pages being cacheable by the browser (#12714)

Fix #12255

Fix HTML error pages being returned when JSON is expected (#12713)

Fix #12509
See also #12214

Fix undefined error regression in status component in web UI (#12712)

Regression from #12661

Fix backups stopping due to read timeouts (#12281)

* Make BackupService resilient to read timeouts

If an attachment read times out, assume that the resources is
inaccessible and continue the backup without it. This fixes #12280.

* Both errors on one line

Circleci - Upgrade to Buster Images (#12705)

* Update config.yml

* Update Gemfile.lock

Fix shortNumberFormat to within 3 chars without units (#12706)

Fix batch actions on non-pending tags in admin interface (#12537)

- Allow batch actions on unreviewed tags
- Hide checkboxes when batch actions aren't available

Summary: fix slowness due to layout thrashing when reloading a large … (#12661)

* Summary: fix slowness due to layout thrashing when reloading a large set of status updates

in order to limit the maximum size of a status in a list view (e.g. the home timeline), so as to avoid having to scroll all the way through an abnormally large status update (see https://github.com/tootsuite/mastodon/pull/8205), the following steps are taken:
•the element containing the status is rendered in the browser
•its height is calculated, to determine if it exceeds the maximum height threshold.
Unfortunately for performance, these steps are carried out in the componentDidMount(/Update) method, which also performs style modifications on the element.  The combination of  height request and style modification during javascript evaluation in the browser leads to layout-thrashing, where the elements are repeatedly re-laid-out (see https://developers.google.com/web/fundamentals/performance/rendering/avoid-large-complex-layouts-and-layout-thrashing & https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Performance_best_practices_for_Firefox_fe_engineers).
The solution implemented here is to memoize the collapsed state in Redux the first time the status is seen (e.g. when fetched as part of a small batch, to populate the home timeline) , so that on subsequent re-renders, the value can be queried, rather than recalculated.  This strategy is derived from https://github.com/tootsuite/mastodon/pull/4439 & https://github.com/tootsuite/mastodon/pull/4909, and should resolve https://github.com/tootsuite/mastodon/issues/12455.

Andrew Lin (https://github.com/onethreeseven) is thanked for his assistance in root cause analysis and solution brainstorming

* remove getSnapshotBeforeUpdate from status

* remove componentWillUnmount from status

* persist last-intersected status update and restore when ScrollableList is restored

e.g. when navigating from home-timeline to a status conversational  thread and <Back again

* cache currently-viewing status id to avoid calling redux with identical value

* refactor collapse toggle to pass explicit boolean

Fix old migrations failing because of strong_migrations update (#12692)

Fixes #12690

The `strong_migrations` update from ba2eac8824a85aa9541f8070ed7bcd22b9982cc8
introduced a check for `change_column_null` specific to Postgres. This rejects
old migrations.

This commit just wraps old migrations with `safety_assured` to bypass this
check. Alternatives would have been to:
- Disable that check entirely (a possibility added in that same
  `strong_migrations` version) for Mastodon, but it makes sense to write new
  migrations without such a strong lock.
- Rewrite the old migrations to do it in a way that do not require an exclusive
  lock. I thought fixing those old migrations for performance wasn't worth the
  pain. Also, if I understand correctly, the next version of
  `strong_migrations` is going to include a helper to do that. We could update
  those migrations at that point.

[Security] Bump handlebars from 4.2.0 to 4.5.3 (#12694)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.2.0 to 4.5.3. **This update includes a security fix.**
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.2.0...v4.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/runtime from 7.7.6 to 7.7.7 (#12670)

Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.7.6 to 7.7.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.7.7/packages/babel-runtime)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump enzyme from 3.10.0 to 3.11.0 (#12675)

Bumps [enzyme](https://github.com/airbnb/enzyme/tree/HEAD/packages/enzyme) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/airbnb/enzyme/releases)
- [Changelog](https://github.com/airbnb/enzyme/blob/master/CHANGELOG.md)
- [Commits](https://github.com/airbnb/enzyme/commits/enzyme@3.11.0/packages/enzyme)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump object.values from 1.1.0 to 1.1.1 (#12625)

Bumps [object.values](https://github.com/es-shims/Object.values) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/es-shims/Object.values/releases)
- [Changelog](https://github.com/es-shims/Object.values/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/Object.values/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/preset-env from 7.7.6 to 7.7.7 (#12672)

Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.7.6 to 7.7.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.6...v7.7.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump css-loader from 3.3.2 to 3.4.0 (#12673)

Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 3.3.2 to 3.4.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v3.3.2...v3.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump mini-css-extract-plugin from 0.8.0 to 0.9.0 (#12674)

Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v0.8.0...v0.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump sass from 1.23.3 to 1.24.0 (#12676)

Bumps [sass](https://github.com/sass/dart-sass) from 1.23.3 to 1.24.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.23.3...1.24.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rubocop from 0.77.0 to 0.78.0 (#12677)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.77.0 to 0.78.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.77.0...v0.78.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump array-includes from 3.1.0 to 3.1.1 (#12671)

Bumps [array-includes](https://github.com/es-shims/array-includes) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/es-shims/array-includes/releases)
- [Changelog](https://github.com/es-shims/array-includes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/array-includes/compare/v3.1.0...v3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump faker from 2.8.1 to 2.9.0 (#12680)

Bumps [faker](https://github.com/faker-ruby/faker) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.8.1...v2.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump strong_migrations from 0.5.0 to 0.5.1 (#12679)

Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.0 to 0.5.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.0...v0.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rails from 5.2.4 to 5.2.4.1 (#12682)

Bumps [rails](https://github.com/rails/rails) from 5.2.4 to 5.2.4.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.4...v5.2.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rack-attack from 6.2.1 to 6.2.2 (#12681)

Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.2.1...v6.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump oj from 3.9.2 to 3.10.0 (#12683)

Bumps [oj](https://github.com/ohler55/oj) from 3.9.2 to 3.10.0.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.9.2...v3.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Fix sample SAML_ACS_URL, SAML_ISSUER (#12669)

Use eslint cache (#12668)

Update link to install docs (#12666)

Correct the Nanobox deploy hooks for order and context (#12663)

One hook was actually duplicated incorrectly; this has been fixed. Another hook was re-ordered for better results in actual use.

Use different strings on exports page (#12569)

Currently the page re-uses strings from other contexts which doesn't fit
very well - strings incorrectly lowercase-d and pluralized, when they
don't need to be, because it's a table.

This commit changes page to re-use accounts.posts_tab_heading for toots,
and admin.accounts for "Following" and "Follows". This all should look
more aesthetically pleasing.

Fix manual scrolling issue on Firefox/Windows (#12648)

Fixes #12607

`will-change: transform` apparently makes manual scrolling impossible on
Firefox/Windows. While this should probably be considered a Firefox bug,
`will-change: transform` seem like a very aggressive performance hint that
may possibly make the browser consume more resources than needed, especially
in multiple-column mode.

This was originally added to improve scrolling performances on mobile, but
I think this isn't necessary anymore, because of the two following reasons:
- `contain: paint` (which is implied by `contain: strict`, which we apply
  whenever the browser supports grids) should have similar effects
- in single-column mode, the scrolling container is the root element, which
  I believe is optimized in at least Chromium

Keep in mind that I have not been able to make in-depth benchmarks, and
especially not been able to try on mobile, so performances should probably
be investigated further…

fix multiple space (#12655)

[Security] Bump rack from 2.0.7 to 2.0.8 (#12654)

Bumps [rack](https://github.com/rack/rack) from 2.0.7 to 2.0.8. **This update includes a security fix.**
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/2.0.7...2.0.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Fix unsafe column type change in migration (#12653)

Fix custom emoji category creation silently erroring out on duplicate category (#12647)

Instead, just re-use the existing category if any.

Fixes #12608

Remove unused translatable strings (#12643)

* Remove unused “salmon_url” string

* Remove more unused translatable strings

The following strings all used to be on the admin account page
but aren't used anymore: profile_url, outbox_url, followers_url, feed_url

Fix link crawler not specifying accepted content-type (#12646)

The link crawler expects HTML documents, so set the `Accept`
header accordingly.

Fixes #12618

Add signature to exported status (#12649)

Fix typo in login feature-test. (#12651)

Fix an error when ActivityPub::FetchRemoteStatusService url is called with nil (#12652)

Bump rails from 5.2.3 to 5.2.4 (#12584)

* Bump rails from 5.2.3 to 5.2.4

Bumps [rails](https://github.com/rails/rails) from 5.2.3 to 5.2.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.3...v5.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* sprockets ~> 3.7

Bump json-ld-preloaded from 3.0.4 to 3.0.6 (#12361)

Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.0.4 to 3.0.6.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.0.4...3.0.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump react-redux from 7.1.1 to 7.1.3 (#12626)

Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.1.1 to 7.1.3.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.1.1...v7.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump webpacker from 4.2.0 to 4.2.2 (#12632)

Bumps [webpacker](https://github.com/rails/webpacker) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v4.2.0...v4.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump eslint-plugin-import from 2.19.0 to 2.19.1 (#12622)

Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import) from 2.19.0 to 2.19.1.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases)
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md)
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.19.0...v2.19.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump copy-webpack-plugin from 5.0.5 to 5.1.1 (#12621)

Bumps [copy-webpack-plugin](https://github.com/webpack-contrib/copy-webpack-plugin) from 5.0.5 to 5.1.1.
- [Release notes](https://github.com/webpack-contrib/copy-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/copy-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/copy-webpack-plugin/compare/v5.0.5...v5.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump css-loader from 3.2.0 to 3.3.2 (#12624)

Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 3.2.0 to 3.3.2.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v3.2.0...v3.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump array-includes from 3.0.3 to 3.1.0 (#12627)

Bumps [array-includes](https://github.com/es-shims/array-includes) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/es-shims/array-includes/releases)
- [Changelog](https://github.com/es-shims/array-includes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/array-includes/compare/v3.0.3...v3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump doorkeeper from 5.2.2 to 5.2.3 (#12630)

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.2...v5.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump stackprof from 0.2.13 to 0.2.14 (#12631)

Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.13 to 0.2.14.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.13...v0.2.14)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump parallel_tests from 2.29.2 to 2.30.0 (#12634)

Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Changes to tootctl statuses remove (#11267)

* Fix comments in statuses_cli

The comment for the part of query keeping statuses which have replies was
incorrect, explaining the part of the query kept favourited statuses instead

* Keep statuses favourited by local users in tootctl statuses remove

* Do delete old replies that are not direct interactions with local users

* Skip reblogs of local statuses instead of all reblogs

* Optimize some queries

* Keep old statuses with recent reblogs

* Add option to clear toots from followed accounts too

Clean up OStatus-related codepaths (#12173)

* Remove “protocol” argument and return value, as only ActivityPub is supported

* Remove FetchRemoteAccountService, only use ActivityPub::FetchRemoteAccountService

* Fix tests

Fixes featured hashtag setting page erroring out instead of rejecting invalid tags (#12436)

* Revert "Fix ignoring whole status because of one invalid hashtag (#11621)"

This reverts commit dff46b260b2f7d765d254c84a4b89105c7de5e97.

* Fix statuses being rejected because of invalid hashtag names

* Add spec for invalid hashtag names in statuses

* Add test for featured tags controller

Increase max backup size (#12602)

* Increased max backup size

* partially reverted schema.rb

Bump @babel/preset-env from 7.7.4 to 7.7.6 (#12623)

Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.7.4 to 7.7.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.4...v7.7.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump compression-webpack-plugin from 3.0.0 to 3.0.1 (#12620)

Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/v3.0.1/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v3.0.0...v3.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump faker from 2.8.0 to 2.8.1 (#12633)

Bumps [faker](https://github.com/faker-ruby/faker) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.8.0...v2.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Admin setting to disable default follows (#12566)

Add Event activity-type support (#12637)

This adds support for Event AP type in Mastodon. Events are converted
into toots by taking their title (AS name) and their URL (AP ID). Event
picture is also brought in if available.

Testable by fetching event content from https://test.mobilizon.org

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Improve report page structure (#12615)

* Move resolved button to the heading

This is one of the commits on improving overall reports page structure.
It changes where resolved button is located, moving it to the heading,
right next to the "Report #n" header, so-called "hot-place" to look at.

To accomplish this we have to declare one more content variable, change
admin dashboard template to respect it and CSS files for minor styling,
so buttons are inlined and centrally aligned according to the heading.

* Move actions buttons below the report table

I believe that actions to react on report should not be located at the
top of the page, instead they should be either after the table or
reporter's comment. This is just a logical sign that you should not
react to the report without reading all the details first.

Fix tooltip messages of multiple poll switcher are reversed (#12616)

[Security] Bump excon from 0.62.0 to 0.71.0 (#12638)

Bumps [excon](https://github.com/excon/excon) from 0.62.0 to 0.71.0. **This update includes a security fix.**
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.62.0...v0.71.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Ignore development specfic env file (#12606)

Avoid using pluralize on moderation pages (#12589)

Pluralize function from Rails framework does not work with other
languages than English, moreover it does not even work properly with
English [1]. Not that the latest applies to this context, it's just
a sign that we best to avoid this function, especially when there are
more reliable ways.

This commit changes how reports pages generated in order to avoid usage
of pluralize function, replacing it with default translation function,
called with given counter. On top of that, we have to make strings
pluralizable, so have to change locale files.

[1]: https://medium.com/@anna7/b3927de2ca8e#6a60

Fix typo in tootctl statuses remove (#12603)

Bump nokogiri from 1.10.5 to 1.10.7 (#12586)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.5 to 1.10.7.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.10.5...v1.10.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rubocop from 0.76.0 to 0.77.0 (#12585)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.76.0 to 0.77.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.76.0...v0.77.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump aws-sdk-s3 from 1.57.0 to 1.59.0 (#12581)

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.57.0 to 1.59.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.57.0...v1.59.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump yargs from 13.3.0 to 15.0.2 (#12574)

Bumps [yargs](https://github.com/yargs/yargs) from 13.3.0 to 15.0.2.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v13.3.0...v15.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump es6-symbol from 3.1.2 to 3.1.3 (#12577)

Bumps [es6-symbol](https://github.com/medikoo/es6-symbol) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/medikoo/es6-symbol/releases)
- [Changelog](https://github.com/medikoo/es6-symbol/blob/master/CHANGELOG.md)
- [Commits](https://github.com/medikoo/es6-symbol/compare/v3.1.2...v3.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump eslint-plugin-import from 2.18.2 to 2.19.0 (#12580)

Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import) from 2.18.2 to 2.19.0.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases)
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md)
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.18.2...v2.19.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/core from 7.7.4 to 7.7.5 (#12578)

Bumps [@babel/core](https://github.com/babel/babel) from 7.7.4 to 7.7.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.4...v7.7.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/runtime from 7.7.4 to 7.7.6 (#12579)

Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.7.4 to 7.7.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.7.6/packages/babel-runtime)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/plugin-transform-runtime from 7.7.4 to 7.7.6 (#12575)

Bumps [@babel/plugin-transform-runtime](https://github.com/babel/babel) from 7.7.4 to 7.7.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.4...v7.7.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump react from 16.10.2 to 16.12.0 (#12573)

Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react) from 16.10.2 to 16.12.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.12.0/packages/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump terser-webpack-plugin from 2.2.1 to 2.2.2 (#12576)

Bumps [terser-webpack-plugin](https://github.com/webpack-contrib/terser-webpack-plugin) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/webpack-contrib/terser-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/terser-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/terser-webpack-plugin/compare/v2.2.1...v2.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump strong_migrations from 0.4.2 to 0.5.0 (#12583)

Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.4.2 to 0.5.0.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.4.2...v0.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump sidekiq-unique-jobs from 6.0.15 to 6.0.18 (#12582)

Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.15 to 6.0.18.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mhenrixon/sidekiq-unique-jobs/compare/v6.0.15...v6.0.18)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Revert "Fix an eslint warning (#12426)" (#12596)

This reverts commit 054ef83fc5808596643dd366286b4e85446b850c.

Add `S3_OVERRIDE_PATH_STYLE` environment variable (#12594)

To support Exoscale

Fix missing error templates for non-HTML requests (#12593)

Use codeblock for native redirect URI (#12570)

This commit changes how doorkeeper.applications.help.native_redirect_uri
string is being formatted to use <code> tag for native_redirect_uri
placeholder. This makes the URI look more distinguishable.

Fix error handling in `tootctl media remove-orphans` (#12571)

Add `tootctl media remove-orphans` (#12568)

Fix generic HTTP 500 error on duplicate records (#12563)

Fix #12551
Fix #12547

Fix account search with no query (#12549)

* Fix account search with no query

Modeled after #12541. Fix #12548

* fix codeclimate

[Security] Bump puma from 4.2.0 to 4.3.1 (#12559)

Bumps [puma](https://github.com/puma/puma) from 4.2.0 to 4.3.1. **This update includes a security fix.**
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v4.2.0...v4.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Highlight border when focusing poll-form footer (#12544)

Fix media open hotkey (#12546)

Remove some duplicate methods from StatusHelper and reflect changes to AccountHelper (#12545)

Add basic support for group actors (#12071)

* Show badge on group actor in WebUI

* Do not notify in case of  by following group actor

* If you mention group actor, also mention group actor followers

* Relax characters that can be used in username (same as Application)

* Revert "Relax characters that can be used in username (same as Application)"

This reverts commit 7e10a137b878d0db1b5252c52106faef5e09ca4b.

* Delete display_name method

upgrade/replace websocket.js to @gamestdio/websocket v2 (#12543)

* Update stream.js

* Update package.json

* Update yarn.lock

Co-authored-by: hina <hina@hinaloe.net>

Fix old migration failing with new status default scope (#12493)

Fix error when using search API with no query (#12541)

Fix #12462

Return `discoverable` via REST API (fix #12507) (#12508)

Fix poll options not being selectable via keyboard (#12538)

* Fix poll options not being selectable via keyboard

Fixes #12384

* Improve styling of poll option checkboxes/radio buttons

* Use more appropriate ARIA roles for poll options

* Allow switching between single and multiple choice from keyboard

* Coding style

* Avoid using .bind()

add S3_OPEN_TIMEOUT environment variable (#12459)

Move rspec examples to tmp dir (#12539)

Bump faker from 2.7.0 to 2.8.0 (#12531)

Bumps [faker](https://github.com/faker-ruby/faker) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.7.0...v2.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump brakeman from 4.7.1 to 4.7.2 (#12530)

Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.7.1 to 4.7.2.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.7.1...v4.7.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>