Bump yargs from 15.0.2 to 15.1.0 (#12771)

Bumps [yargs](https://github.com/yargs/yargs) from 15.0.2 to 15.1.0.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v15.0.2...v15.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump css-loader from 3.4.0 to 3.4.1 (#12772)

Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v3.4.0...v3.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Update lockfile for #12758 (#12762)

Gemfile Updates - Others (#12761)

* Update Gemfile.lock

* Update Gemfile

* Update Gemfile.lock

* Update Gemfile.lock

* Update Gemfile

* Update Gemfile.lock

Gemfile Updates - Ruby 2.7 prep (#12758)

* Update Gemfile

* Update Gemfile

Gemfile Updates - fixes warnings (#12759)

* Update Gemfile.lock

* Update Gemfile.lock

* Update Gemfile

Fix base64-encoded file uploads not being possible (#12748)

Fix #3804, Fix #5776

fix unresolved external in @clusterws/cws by upgrading it (#12752)

Fix resource_owner_from_credentials in Doorkeeper initializer (#12743)

- Nil error when e-mail not found
- LDAP authentication used in place of PAM authentication

Fix missing authentication call in filters controller (#12746)

Fix uncaught unknown format errors in host meta controller (#12747)

Fix URL search not returning private toots user has access to (#12742)

Fix cache digesting log noise on status embeds (#12750)

Add feature test that tests behaviour of profile name and bio  (#12658)

* Add feature test that tests behaviour of profile name and bio

* Fix rubocop style errors in Login Spec.

* DRY log_in_spec by reusing the stories helper

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

Fix 12661 (#12744)

* Revert "persist last-intersected status update and restore when ScrollableList is restored"

This reverts commit 07e26142ef6a8e74bd2ac5e9b461a5a1699bd4c8.

accidentally merged spurious code in https://github.com/tootsuite/mastodon/pull/12661.  https://github.com/tootsuite/mastodon/pull/12735 removes the slowdown that this code was trying to solve; and other functionality successfully restores the view state of the list

* Revert "cache currently-viewing status id to avoid calling redux with identical value"

This reverts commit c93df2159fbd3888a5c48d8a8b8ae61dbbc54b89.

accidentally merged spurious code in https://github.com/tootsuite/mastodon/pull/12661.  https://github.com/tootsuite/mastodon/pull/12735 removes the slowdown that this code was trying to solve; and other functionality successfully restores the view state of the list

Fix RefollowWorker not keeping show_reblogs setting (#12707)

* Fix RefollowWorker not keeping show_reblogs setting

* Fix RefollowWorker

Fix uncaught query param encoding errors (#12741)

Add translation project promotion link (#12736)

This commit adds promotional notice on appearance settings about
translation project if any other locale than English is used. It
allows users to learn and contribute translations to Mastodon.

Step ahead, in this commit one unusual string is added - link to a
guide. By default it refers to Crowdin project itself, but if any of
Mastodon localization teams established their own guide, they can
refer it. Or, if Crowdin supports localized domain for language, it
can also be put there (e.g. https://fr.crowdin.com/...).

refactor IntersectionObserver to observe viewport in single-column mode (#12735)

Hide blocked users from more places (#12733)

* Hide blocked, muted, and blocked-by users from toot favourite lists

* Hide blocked, muted, and blocked-by users from toot reblog lists

* Hide blocked, muted, and blocked-by users from followers/following (API)

* Fix tests

* Hide blocked, muted, and blocked-by users from followers/following on public pages

Fix error when fetching followers/following from REST API when user has network hidden (#12716)

Fix #12510

Fix IDN mentions not being processed, IDN domains not being rendered (#12715)

This changes the REST API to return unicode domains in the `acct`
attribute instead of punycode, and to render unicode instead of
punycode on public HTML pages as well.

Fix #7812, fix #12246

Remove unused AccountRelationshipsPresenter call in public pages (#12734)

Those were used to show a “follow” or “unfollow” button on account grid on
public pages, but that got removed a while ago.

Fix error when searching for empty phrase (#12711)

Fix #12619

Bump webpack from 4.41.2 to 4.41.5 (#12724)

Bumps [webpack](https://github.com/webpack/webpack) from 4.41.2 to 4.41.5.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v4.41.2...v4.41.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump stackprof from 0.2.14 to 0.2.15 (#12726)

Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.14 to 0.2.15.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.14...v0.2.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump pg from 1.1.4 to 1.2.0 (#12725)

Bumps [pg](https://github.com/ged/ruby-pg) from 1.1.4 to 1.2.0.
- [Release notes](https://github.com/ged/ruby-pg/releases)
- [Changelog](https://github.com/ged/ruby-pg/blob/master/History.rdoc)
- [Commits](https://github.com/ged/ruby-pg/compare/v1.1.4...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump redis-namespace from 1.6.0 to 1.7.0 (#12727)

Bumps [redis-namespace](https://github.com/resque/redis-namespace) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/resque/redis-namespace/releases)
- [Changelog](https://github.com/resque/redis-namespace/blob/master/CHANGELOG.md)
- [Commits](https://github.com/resque/redis-namespace/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump faker from 2.9.0 to 2.10.0 (#12728)

Bumps [faker](https://github.com/faker-ruby/faker) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.9.0...v2.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump react-test-renderer from 16.11.0 to 16.12.0 (#12721)

Bumps [react-test-renderer](https://github.com/facebook/react/tree/HEAD/packages/react-test-renderer) from 16.11.0 to 16.12.0.
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v16.12.0/packages/react-test-renderer)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump derailed_benchmarks from 1.4.2 to 1.4.3 (#12729)

Bumps [derailed_benchmarks](https://github.com/schneems/derailed_benchmarks) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/schneems/derailed_benchmarks/releases)
- [Changelog](https://github.com/schneems/derailed_benchmarks/blob/master/CHANGELOG.md)
- [Commits](https://github.com/schneems/derailed_benchmarks/compare/v1.4.2...v1.4.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump is-nan from 1.2.1 to 1.3.0 (#12723)

Bumps [is-nan](https://github.com/es-shims/is-nan) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/es-shims/is-nan/releases)
- [Changelog](https://github.com/es-shims/is-nan/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/is-nan/compare/v1.2.1...v1.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rack-cors from 1.1.0 to 1.1.1 (#12730)

Bumps [rack-cors](https://github.com/cyu/rack-cors) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/cyu/rack-cors/releases)
- [Changelog](https://github.com/cyu/rack-cors/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cyu/rack-cors/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump terser-webpack-plugin from 2.2.2 to 2.3.1 (#12722)

Bumps [terser-webpack-plugin](https://github.com/webpack-contrib/terser-webpack-plugin) from 2.2.2 to 2.3.1.
- [Release notes](https://github.com/webpack-contrib/terser-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/terser-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/terser-webpack-plugin/compare/v2.2.2...v2.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/core from 7.7.5 to 7.7.7 (#12720)

Bumps [@babel/core](https://github.com/babel/babel) from 7.7.5 to 7.7.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.5...v7.7.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump redux from 4.0.4 to 4.0.5 (#12719)

Bumps [redux](https://github.com/reduxjs/redux) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/reduxjs/redux/releases)
- [Changelog](https://github.com/reduxjs/redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/redux/compare/v4.0.4...v4.0.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump eslint from 6.7.2 to 6.8.0 (#12717)

Bumps [eslint](https://github.com/eslint/eslint) from 6.7.2 to 6.8.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v6.7.2...v6.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Upgrade Node v12 in Dockerfile (#12703)

Fix settings pages being cacheable by the browser (#12714)

Fix #12255

Fix HTML error pages being returned when JSON is expected (#12713)

Fix #12509
See also #12214

Fix undefined error regression in status component in web UI (#12712)

Regression from #12661

Fix backups stopping due to read timeouts (#12281)

* Make BackupService resilient to read timeouts

If an attachment read times out, assume that the resources is
inaccessible and continue the backup without it. This fixes #12280.

* Both errors on one line

Circleci - Upgrade to Buster Images (#12705)

* Update config.yml

* Update Gemfile.lock

Fix shortNumberFormat to within 3 chars without units (#12706)

Fix batch actions on non-pending tags in admin interface (#12537)

- Allow batch actions on unreviewed tags
- Hide checkboxes when batch actions aren't available

Summary: fix slowness due to layout thrashing when reloading a large … (#12661)

* Summary: fix slowness due to layout thrashing when reloading a large set of status updates

in order to limit the maximum size of a status in a list view (e.g. the home timeline), so as to avoid having to scroll all the way through an abnormally large status update (see https://github.com/tootsuite/mastodon/pull/8205), the following steps are taken:
•the element containing the status is rendered in the browser
•its height is calculated, to determine if it exceeds the maximum height threshold.
Unfortunately for performance, these steps are carried out in the componentDidMount(/Update) method, which also performs style modifications on the element.  The combination of  height request and style modification during javascript evaluation in the browser leads to layout-thrashing, where the elements are repeatedly re-laid-out (see https://developers.google.com/web/fundamentals/performance/rendering/avoid-large-complex-layouts-and-layout-thrashing & https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Performance_best_practices_for_Firefox_fe_engineers).
The solution implemented here is to memoize the collapsed state in Redux the first time the status is seen (e.g. when fetched as part of a small batch, to populate the home timeline) , so that on subsequent re-renders, the value can be queried, rather than recalculated.  This strategy is derived from https://github.com/tootsuite/mastodon/pull/4439 & https://github.com/tootsuite/mastodon/pull/4909, and should resolve https://github.com/tootsuite/mastodon/issues/12455.

Andrew Lin (https://github.com/onethreeseven) is thanked for his assistance in root cause analysis and solution brainstorming

* remove getSnapshotBeforeUpdate from status

* remove componentWillUnmount from status

* persist last-intersected status update and restore when ScrollableList is restored

e.g. when navigating from home-timeline to a status conversational  thread and <Back again

* cache currently-viewing status id to avoid calling redux with identical value

* refactor collapse toggle to pass explicit boolean

Fix old migrations failing because of strong_migrations update (#12692)

Fixes #12690

The `strong_migrations` update from ba2eac8824a85aa9541f8070ed7bcd22b9982cc8
introduced a check for `change_column_null` specific to Postgres. This rejects
old migrations.

This commit just wraps old migrations with `safety_assured` to bypass this
check. Alternatives would have been to:
- Disable that check entirely (a possibility added in that same
  `strong_migrations` version) for Mastodon, but it makes sense to write new
  migrations without such a strong lock.
- Rewrite the old migrations to do it in a way that do not require an exclusive
  lock. I thought fixing those old migrations for performance wasn't worth the
  pain. Also, if I understand correctly, the next version of
  `strong_migrations` is going to include a helper to do that. We could update
  those migrations at that point.

[Security] Bump handlebars from 4.2.0 to 4.5.3 (#12694)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.2.0 to 4.5.3. **This update includes a security fix.**
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/wycats/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.2.0...v4.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/runtime from 7.7.6 to 7.7.7 (#12670)

Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.7.6 to 7.7.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.7.7/packages/babel-runtime)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump enzyme from 3.10.0 to 3.11.0 (#12675)

Bumps [enzyme](https://github.com/airbnb/enzyme/tree/HEAD/packages/enzyme) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/airbnb/enzyme/releases)
- [Changelog](https://github.com/airbnb/enzyme/blob/master/CHANGELOG.md)
- [Commits](https://github.com/airbnb/enzyme/commits/enzyme@3.11.0/packages/enzyme)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump object.values from 1.1.0 to 1.1.1 (#12625)

Bumps [object.values](https://github.com/es-shims/Object.values) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/es-shims/Object.values/releases)
- [Changelog](https://github.com/es-shims/Object.values/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/Object.values/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @babel/preset-env from 7.7.6 to 7.7.7 (#12672)

Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.7.6 to 7.7.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.6...v7.7.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump css-loader from 3.3.2 to 3.4.0 (#12673)

Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 3.3.2 to 3.4.0.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v3.3.2...v3.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump mini-css-extract-plugin from 0.8.0 to 0.9.0 (#12674)

Bumps [mini-css-extract-plugin](https://github.com/webpack-contrib/mini-css-extract-plugin) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/webpack-contrib/mini-css-extract-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/mini-css-extract-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/mini-css-extract-plugin/compare/v0.8.0...v0.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump sass from 1.23.3 to 1.24.0 (#12676)

Bumps [sass](https://github.com/sass/dart-sass) from 1.23.3 to 1.24.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.23.3...1.24.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rubocop from 0.77.0 to 0.78.0 (#12677)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.77.0 to 0.78.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.77.0...v0.78.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump array-includes from 3.1.0 to 3.1.1 (#12671)

Bumps [array-includes](https://github.com/es-shims/array-includes) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/es-shims/array-includes/releases)
- [Changelog](https://github.com/es-shims/array-includes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/array-includes/compare/v3.1.0...v3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump faker from 2.8.1 to 2.9.0 (#12680)

Bumps [faker](https://github.com/faker-ruby/faker) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.8.1...v2.9.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump strong_migrations from 0.5.0 to 0.5.1 (#12679)

Bumps [strong_migrations](https://github.com/ankane/strong_migrations) from 0.5.0 to 0.5.1.
- [Release notes](https://github.com/ankane/strong_migrations/releases)
- [Changelog](https://github.com/ankane/strong_migrations/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ankane/strong_migrations/compare/v0.5.0...v0.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rails from 5.2.4 to 5.2.4.1 (#12682)

Bumps [rails](https://github.com/rails/rails) from 5.2.4 to 5.2.4.1.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.4...v5.2.4.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump rack-attack from 6.2.1 to 6.2.2 (#12681)

Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 6.2.1 to 6.2.2.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kickstarter/rack-attack/compare/v6.2.1...v6.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump oj from 3.9.2 to 3.10.0 (#12683)

Bumps [oj](https://github.com/ohler55/oj) from 3.9.2 to 3.10.0.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.9.2...v3.10.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Fix sample SAML_ACS_URL, SAML_ISSUER (#12669)

Use eslint cache (#12668)

Update link to install docs (#12666)

Correct the Nanobox deploy hooks for order and context (#12663)

One hook was actually duplicated incorrectly; this has been fixed. Another hook was re-ordered for better results in actual use.

Use different strings on exports page (#12569)

Currently the page re-uses strings from other contexts which doesn't fit
very well - strings incorrectly lowercase-d and pluralized, when they
don't need to be, because it's a table.

This commit changes page to re-use accounts.posts_tab_heading for toots,
and admin.accounts for "Following" and "Follows". This all should look
more aesthetically pleasing.

Fix manual scrolling issue on Firefox/Windows (#12648)

Fixes #12607

`will-change: transform` apparently makes manual scrolling impossible on
Firefox/Windows. While this should probably be considered a Firefox bug,
`will-change: transform` seem like a very aggressive performance hint that
may possibly make the browser consume more resources than needed, especially
in multiple-column mode.

This was originally added to improve scrolling performances on mobile, but
I think this isn't necessary anymore, because of the two following reasons:
- `contain: paint` (which is implied by `contain: strict`, which we apply
  whenever the browser supports grids) should have similar effects
- in single-column mode, the scrolling container is the root element, which
  I believe is optimized in at least Chromium

Keep in mind that I have not been able to make in-depth benchmarks, and
especially not been able to try on mobile, so performances should probably
be investigated further…

fix multiple space (#12655)

[Security] Bump rack from 2.0.7 to 2.0.8 (#12654)

Bumps [rack](https://github.com/rack/rack) from 2.0.7 to 2.0.8. **This update includes a security fix.**
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack/compare/2.0.7...2.0.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Fix unsafe column type change in migration (#12653)

Fix custom emoji category creation silently erroring out on duplicate category (#12647)

Instead, just re-use the existing category if any.

Fixes #12608

Remove unused translatable strings (#12643)

* Remove unused “salmon_url” string

* Remove more unused translatable strings

The following strings all used to be on the admin account page
but aren't used anymore: profile_url, outbox_url, followers_url, feed_url

Fix link crawler not specifying accepted content-type (#12646)

The link crawler expects HTML documents, so set the `Accept`
header accordingly.

Fixes #12618

Add signature to exported status (#12649)

Fix typo in login feature-test. (#12651)

Fix an error when ActivityPub::FetchRemoteStatusService url is called with nil (#12652)

Bump rails from 5.2.3 to 5.2.4 (#12584)

* Bump rails from 5.2.3 to 5.2.4

Bumps [rails](https://github.com/rails/rails) from 5.2.3 to 5.2.4.
- [Release notes](https://github.com/rails/rails/releases)
- [Commits](https://github.com/rails/rails/compare/v5.2.3...v5.2.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* sprockets ~> 3.7

Bump json-ld-preloaded from 3.0.4 to 3.0.6 (#12361)

Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.0.4 to 3.0.6.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.0.4...3.0.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump react-redux from 7.1.1 to 7.1.3 (#12626)

Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.1.1 to 7.1.3.
- [Release notes](https://github.com/reduxjs/react-redux/releases)
- [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md)
- [Commits](https://github.com/reduxjs/react-redux/compare/v7.1.1...v7.1.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump webpacker from 4.2.0 to 4.2.2 (#12632)

Bumps [webpacker](https://github.com/rails/webpacker) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/rails/webpacker/releases)
- [Changelog](https://github.com/rails/webpacker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/webpacker/compare/v4.2.0...v4.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump eslint-plugin-import from 2.19.0 to 2.19.1 (#12622)

Bumps [eslint-plugin-import](https://github.com/benmosher/eslint-plugin-import) from 2.19.0 to 2.19.1.
- [Release notes](https://github.com/benmosher/eslint-plugin-import/releases)
- [Changelog](https://github.com/benmosher/eslint-plugin-import/blob/master/CHANGELOG.md)
- [Commits](https://github.com/benmosher/eslint-plugin-import/compare/v2.19.0...v2.19.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump copy-webpack-plugin from 5.0.5 to 5.1.1 (#12621)

Bumps [copy-webpack-plugin](https://github.com/webpack-contrib/copy-webpack-plugin) from 5.0.5 to 5.1.1.
- [Release notes](https://github.com/webpack-contrib/copy-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/copy-webpack-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/copy-webpack-plugin/compare/v5.0.5...v5.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump css-loader from 3.2.0 to 3.3.2 (#12624)

Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from 3.2.0 to 3.3.2.
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/css-loader/compare/v3.2.0...v3.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump array-includes from 3.0.3 to 3.1.0 (#12627)

Bumps [array-includes](https://github.com/es-shims/array-includes) from 3.0.3 to 3.1.0.
- [Release notes](https://github.com/es-shims/array-includes/releases)
- [Changelog](https://github.com/es-shims/array-includes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/array-includes/compare/v3.0.3...v3.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump doorkeeper from 5.2.2 to 5.2.3 (#12630)

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.2.2...v5.2.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump stackprof from 0.2.13 to 0.2.14 (#12631)

Bumps [stackprof](https://github.com/tmm1/stackprof) from 0.2.13 to 0.2.14.
- [Release notes](https://github.com/tmm1/stackprof/releases)
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tmm1/stackprof/compare/v0.2.13...v0.2.14)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump parallel_tests from 2.29.2 to 2.30.0 (#12634)

Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.29.2...v2.30.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Changes to tootctl statuses remove (#11267)

* Fix comments in statuses_cli

The comment for the part of query keeping statuses which have replies was
incorrect, explaining the part of the query kept favourited statuses instead

* Keep statuses favourited by local users in tootctl statuses remove

* Do delete old replies that are not direct interactions with local users

* Skip reblogs of local statuses instead of all reblogs

* Optimize some queries

* Keep old statuses with recent reblogs

* Add option to clear toots from followed accounts too

Clean up OStatus-related codepaths (#12173)

* Remove “protocol” argument and return value, as only ActivityPub is supported

* Remove FetchRemoteAccountService, only use ActivityPub::FetchRemoteAccountService

* Fix tests

Fixes featured hashtag setting page erroring out instead of rejecting invalid tags (#12436)

* Revert "Fix ignoring whole status because of one invalid hashtag (#11621)"

This reverts commit dff46b260b2f7d765d254c84a4b89105c7de5e97.

* Fix statuses being rejected because of invalid hashtag names

* Add spec for invalid hashtag names in statuses

* Add test for featured tags controller

Increase max backup size (#12602)

* Increased max backup size

* partially reverted schema.rb

Bump @babel/preset-env from 7.7.4 to 7.7.6 (#12623)

Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.7.4 to 7.7.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.7.4...v7.7.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump compression-webpack-plugin from 3.0.0 to 3.0.1 (#12620)

Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases)
- [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/v3.0.1/CHANGELOG.md)
- [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v3.0.0...v3.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump faker from 2.8.0 to 2.8.1 (#12633)

Bumps [faker](https://github.com/faker-ruby/faker) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/faker-ruby/faker/releases)
- [Changelog](https://github.com/faker-ruby/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faker-ruby/faker/compare/v2.8.0...v2.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Admin setting to disable default follows (#12566)

Add Event activity-type support (#12637)

This adds support for Event AP type in Mastodon. Events are converted
into toots by taking their title (AS name) and their URL (AP ID). Event
picture is also brought in if available.

Testable by fetching event content from https://test.mobilizon.org

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Improve report page structure (#12615)

* Move resolved button to the heading

This is one of the commits on improving overall reports page structure.
It changes where resolved button is located, moving it to the heading,
right next to the "Report #n" header, so-called "hot-place" to look at.

To accomplish this we have to declare one more content variable, change
admin dashboard template to respect it and CSS files for minor styling,
so buttons are inlined and centrally aligned according to the heading.

* Move actions buttons below the report table

I believe that actions to react on report should not be located at the
top of the page, instead they should be either after the table or
reporter's comment. This is just a logical sign that you should not
react to the report without reading all the details first.

Fix tooltip messages of multiple poll switcher are reversed (#12616)

[Security] Bump excon from 0.62.0 to 0.71.0 (#12638)

Bumps [excon](https://github.com/excon/excon) from 0.62.0 to 0.71.0. **This update includes a security fix.**
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.62.0...v0.71.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>