Merge pull request #1319 from ThibG/glitch-soc/merge-upstream

Merge upstream changes

[Glitch] Fix uploaded image orientation in some browsers

Port a1ce9cbb67facf705379355b9c8ec19c521b419c to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

Merge branch 'master' into glitch-soc/merge-upstream

Fix uploaded image orientation in some browsers (#13493)

Some browsers (at least recent Chrome versions) automatically take
image metadata into account when drawing images into a canvas.
There seem to be no way to prevent that behavior, and the only
way to detect it seems to compare with a known image.

See: https://github.com/w3c/csswg-drafts/issues/4666
Solution adapted from: https://github.com/blueimp/JavaScript-Load-Image/commit/1e4df707821a0afcc11ea0720ee403b8759f3881

Merge pull request #1318 from ThibG/glitch-soc/merge-upstream

Merge upstream changes

[Glitch] Fix not being able to vote

Port e12a5635da7de5a1c3b08b2ce420ee8a56ae4aff to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

Merge branch 'master' into glitch-soc/merge-upstream

Fix not being able to vote (#13490)

Fix regression introduced by ab8d7c0680d7f75826277be4c8eea1ebd396be8a

[Glitch] Fix Poll fetchPoll action not being debounced.

Port ab8d7c0680d7f75826277be4c8eea1ebd396be8a to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

Merge branch 'master' into glitch-soc/merge-upstream

Fix admin actions log crash when displaying updates of deleted announcements (#13489)

Fixes #13487

Fix search not working due to proxy settings when using hidden services (#13488)

Fix #13484

Fix Poll fetchPoll action not being debounced. (#13485)

* Fix Poll fetchPoll action not being debounced.

* Fix unused import in the Poll component

Fix DeliveryWorker not to call failure_tracker when inbox_url is unavailable (#13482)

Fix migration 20200407202420_migrate_unavailable_inboxes (#13481)

Fix confusing error when failing to add an alias to an unknown account (#13480)

Follow-up to #13452, fixing broken `uri.nil?` test.

Also remove the separate check for `uri` presence, as that would result
in a “Please review 2 errors below” while only one would be listed.

Change delivery failure tracking to work with hostnames instead of URLs (#13437)

Merge pull request #1317 from ThibG/glitch-soc/merge-upstream

Merge upstream changes

Merge branch 'master' into glitch-soc/merge-upstream

Conflicts:
- `package.json`:
  No real conflict, upstream updated a dependency which is
  textually adjacent to a glitch-soc-specific dependency.
  Updated it.
- `yarn.lock`:
  No real conflict, upstream updated a dependency which is
  textually adjacent to a glitch-soc-specific dependency.
  Updated it.

Fix “Email changed” notification sometimes having wrong e-mail (#13475)

* Fix “Email changed” notification sometimes having wrong e-mail

Fixes #6778

The root of the issue is that `send_devise_notification` was called before
the changes were properly commited to the database, causing the mailer to
pick previous values if running too early.

Devise's documentation provides guidance on how to handle that[1][2], however,
I have found it to not be working, as the following happens, in that order:
- `send_devise_notification` is called for the `email_changed` notification.
  In that case, `changed?` is false and `saved_changes?` is true, so
  if we use the former, we have the same issue.
- the `after_commit` hook is called
- `send_devise_notification` is called for the `confirmation_instructions`
  notification.
  In that case, `changed?` is still false, and `saved_changes?` still true,
  so if we use the latter, that second notification email is simply not
  going to be sent (as we would be queuing the notification *after*
  executing the after_commit hook).

This is because it may be called from either an `after_update` or
`after_commit` hook, the difference not being a call to `save` but the
transaction actually being committed to the database. This may arguably
be a bug in Devise, or Devise's notification.

The proposed workaround is inspired by Devise's documentation but checks
whether a transaction is open to make the call whether to immediately
send the notification or defer it to the `after_commit` hook.

[1]: https://www.rubydoc.info/github/plataformatec/devise/Devise%2FModels%2FAuthenticatable:send_devise_notification
[2]: https://github.com/heartcombo/devise/blob/406915cb781e38255a30ad2a0609e33952b9ec50/lib/devise/models/authenticatable.rb#L133-L194

* Fix cases when sending notifications without changing the model

* Defer sending if and only if in transaction including current record

Bump watchpack from 1.6.0 to 1.6.1 (#13462)

Bumps [watchpack](https://github.com/webpack/watchpack) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/webpack/watchpack/releases)
- [Commits](https://github.com/webpack/watchpack/compare/v1.6.0...v1.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump regexp_parser from 1.6.0 to 1.7.0 (#13460)

Bumps [regexp_parser](https://github.com/ammar/regexp_parser) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/ammar/regexp_parser/releases)
- [Changelog](https://github.com/ammar/regexp_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ammar/regexp_parser/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump rubocop-rails from 2.4.2 to 2.5.2 (#13459)

Bumps [rubocop-rails](https://github.com/rubocop-hq/rubocop-rails) from 2.4.2 to 2.5.2.
- [Release notes](https://github.com/rubocop-hq/rubocop-rails/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rails/compare/v2.4.2...v2.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump capistrano from 3.12.1 to 3.13.0 (#13455)

Bumps [capistrano](https://github.com/capistrano/capistrano) from 3.12.1 to 3.13.0.
- [Release notes](https://github.com/capistrano/capistrano/releases)
- [Commits](https://github.com/capistrano/capistrano/compare/v3.12.1...v3.13.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump elasticsearch from 7.5.0 to 7.6.0 (#13458)

Bumps [elasticsearch](https://github.com/elasticsearch/elasticsearch-ruby) from 7.5.0 to 7.6.0.
- [Release notes](https://github.com/elasticsearch/elasticsearch-ruby/releases)
- [Changelog](https://github.com/elastic/elasticsearch-ruby/blob/v7.6.0/CHANGELOG.md)
- [Commits](https://github.com/elasticsearch/elasticsearch-ruby/compare/v7.5.0...v7.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump cssom from 0.3.4 to 0.3.8 (#13461)

Bumps [cssom](https://github.com/NV/CSSOM) from 0.3.4 to 0.3.8.
- [Release notes](https://github.com/NV/CSSOM/releases)
- [Commits](https://github.com/NV/CSSOM/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump regexp.prototype.flags from 1.2.0 to 1.3.0 (#13468)

Bumps [regexp.prototype.flags](https://github.com/es-shims/RegExp.prototype.flags) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/es-shims/RegExp.prototype.flags/releases)
- [Changelog](https://github.com/es-shims/RegExp.prototype.flags/blob/master/CHANGELOG.md)
- [Commits](https://github.com/es-shims/RegExp.prototype.flags/compare/v1.2.0...v1.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump fabrication from 2.21.0 to 2.21.1 (#13453)

Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.21.0 to 2.21.1.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](https://github.com/paulelliott/fabrication/compare/2.21.0...2.21.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump aws-sdk-s3 from 1.61.1 to 1.61.2 (#13456)

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.61.1 to 1.61.2.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump mousetrap from 1.6.2 to 1.6.5 (#13466)

Bumps [mousetrap](https://github.com/ccampbell/mousetrap) from 1.6.2 to 1.6.5.
- [Release notes](https://github.com/ccampbell/mousetrap/releases)
- [Commits](https://github.com/ccampbell/mousetrap/compare/1.6.2...1.6.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump mkdirp from 1.0.3 to 1.0.4 (#13463)

Bumps [mkdirp](https://github.com/isaacs/node-mkdirp) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/isaacs/node-mkdirp/releases)
- [Changelog](https://github.com/isaacs/node-mkdirp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-mkdirp/compare/v1.0.3...v1.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump unicode-match-property-value-ecmascript from 1.1.0 to 1.2.0 (#13464)

Bumps [unicode-match-property-value-ecmascript](https://github.com/mathiasbynens/unicode-match-property-value-ecmascript) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/mathiasbynens/unicode-match-property-value-ecmascript/releases)
- [Commits](https://github.com/mathiasbynens/unicode-match-property-value-ecmascript/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump picomatch from 2.0.7 to 2.2.2 (#13465)

Bumps [picomatch](https://github.com/micromatch/picomatch) from 2.0.7 to 2.2.2.
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/2.0.7...2.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump autoprefixer from 9.7.5 to 9.7.6 (#13467)

Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.7.5 to 9.7.6.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.7.5...9.7.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump htmlparser2 from 3.10.0 to 3.10.1 (#13469)

Bumps [htmlparser2](https://github.com/fb55/htmlparser2) from 3.10.0 to 3.10.1.
- [Release notes](https://github.com/fb55/htmlparser2/releases)
- [Commits](https://github.com/fb55/htmlparser2/compare/v3.10.0...v3.10.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Fix account aliases page (#13452)

* Fix error not being displayed when adding an account alias, add error for self-references

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
* Add “You have no aliases.” note in confusing empty aliases table

Co-Authored-By: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>
Co-authored-by: Mélanie Chauvel (ariasuni) <perso@hack-libre.org>

Merge pull request #1316 from ThibG/glitch-soc/merge-upstream

Merge upstream changes

[Glitch] Fix WebUI pagination of following, followers, follow requests, blocks and mutes lists

Port ec31b1b75244c030bb4fb0ccabac7ff8b626db92 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

Merge branch 'master' into glitch-soc/merge-upstream

Conflicts:
- `README.md`:
  We have a different README than upstream, discarded upstream changes
  and kept ours.

increase the postgres container shm_size from 64mb to 256mb (#13451)

Fix API footer link in Web UI (#13441)

Co-authored-by: koyu <me@koyu.spac>

Fix WebUI pagination of following, followers, follow requests, blocks and mutes lists (#13445)

* Fix following, followers and follow requests pagination

* Fix pagination of blocks and mutes

Add new vagrant log files to .gitignore (#13442)

* Update .gitignore

* Update .gitignore

Co-Authored-By: Sandro <sandro.jaeckel@gmail.com>
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>

Clean up some dead code

Fix translation platform to Crowdin (#13443)

Bump capistrano-bundler from 1.3.0 to 1.6.0 (#13416)

Bumps [capistrano-bundler](https://github.com/capistrano/bundler) from 1.3.0 to 1.6.0.
- [Release notes](https://github.com/capistrano/bundler/releases)
- [Changelog](https://github.com/capistrano/bundler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/capistrano/bundler/compare/v1.3.0...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump elasticsearch-dsl from 0.1.8 to 0.1.9 (#13419)

Bumps [elasticsearch-dsl](https://github.com/elasticsearch/elasticsearch-ruby) from 0.1.8 to 0.1.9.
- [Release notes](https://github.com/elasticsearch/elasticsearch-ruby/releases)
- [Changelog](https://github.com/elastic/elasticsearch-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/elasticsearch/elasticsearch-ruby/compare/v0.1.8...v0.1.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump annotate from 3.0.3 to 3.1.1 (#13417)

Bumps [annotate](https://github.com/ctran/annotate_models) from 3.0.3 to 3.1.1.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ctran/annotate_models/compare/v3.0.3...v3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Fix deprecated use of createBrowserHistory

Bump babel-plugin-emotion from 10.0.19 to 10.0.33 (#13409)

Bumps [babel-plugin-emotion](https://github.com/emotion-js/emotion) from 10.0.19 to 10.0.33.
- [Release notes](https://github.com/emotion-js/emotion/releases)
- [Changelog](https://github.com/emotion-js/emotion/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emotion-js/emotion/compare/babel-plugin-emotion@10.0.19...babel-plugin-emotion@10.0.33)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump abab from 2.0.0 to 2.0.3 (#13408)

Bumps [abab](https://github.com/jsdom/abab) from 2.0.0 to 2.0.3.
- [Release notes](https://github.com/jsdom/abab/releases)
- [Changelog](https://github.com/jsdom/abab/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jsdom/abab/compare/v2.0.0...2.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump es-abstract from 1.17.0 to 1.17.5 (#13410)

Bumps [es-abstract](https://github.com/ljharb/es-abstract) from 1.17.0 to 1.17.5.
- [Release notes](https://github.com/ljharb/es-abstract/releases)
- [Changelog](https://github.com/ljharb/es-abstract/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ljharb/es-abstract/compare/v1.17.0...v1.17.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump sshpk from 1.16.0 to 1.16.1 (#13412)

Bumps [sshpk](https://github.com/joyent/node-sshpk) from 1.16.0 to 1.16.1.
- [Release notes](https://github.com/joyent/node-sshpk/releases)
- [Commits](https://github.com/joyent/node-sshpk/compare/v1.16.0...v1.16.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump thunky from 1.0.3 to 1.1.0 (#13411)

Bumps [thunky](https://github.com/mafintosh/thunky) from 1.0.3 to 1.1.0.
- [Release notes](https://github.com/mafintosh/thunky/releases)
- [Commits](https://github.com/mafintosh/thunky/compare/v1.0.3...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump intl-format-cache from 2.1.0 to 2.2.9 (#13413)

Bumps [intl-format-cache](https://github.com/formatjs/formatjs) from 2.1.0 to 2.2.9.
- [Release notes](https://github.com/formatjs/formatjs/releases)
- [Commits](https://github.com/formatjs/formatjs/compare/@formatjs/intl-utils@2.1.0...intl-format-cache@2.2.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump escodegen from 1.11.0 to 1.14.1 (#13414)

Bumps [escodegen](https://github.com/estools/escodegen) from 1.11.0 to 1.14.1.
- [Release notes](https://github.com/estools/escodegen/releases)
- [Commits](https://github.com/estools/escodegen/compare/v1.11.0...v1.14.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump istanbul-lib-instrument from 3.1.0 to 3.3.0 (#13415)

Bumps [istanbul-lib-instrument](https://github.com/istanbuljs/istanbuljs/tree/HEAD/packages/istanbul-lib-instrument) from 3.1.0 to 3.3.0.
- [Release notes](https://github.com/istanbuljs/istanbuljs/releases)
- [Changelog](https://github.com/istanbuljs/istanbuljs/blob/master/packages/istanbul-lib-instrument/CHANGELOG.md)
- [Commits](https://github.com/istanbuljs/istanbuljs/commits/istanbul-lib-instrument@3.3.0/packages/istanbul-lib-instrument)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump prop-types-extra from 1.1.0 to 1.1.1 (#13407)

Bumps [prop-types-extra](https://github.com/react-bootstrap/prop-types-extra) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/react-bootstrap/prop-types-extra/releases)
- [Changelog](https://github.com/react-bootstrap/prop-types-extra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/react-bootstrap/prop-types-extra/compare/v1.1.0...v1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump public_suffix from 4.0.3 to 4.0.4 (#13418)

Bumps [public_suffix](https://github.com/weppos/publicsuffix-ruby) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/weppos/publicsuffix-ruby/releases)
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/weppos/publicsuffix-ruby/compare/4.0.3...v4.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump bcrypt from 3.1.12 to 3.1.13 (#13420)

Bumps [bcrypt](https://github.com/codahale/bcrypt-ruby) from 3.1.12 to 3.1.13.
- [Release notes](https://github.com/codahale/bcrypt-ruby/releases)
- [Changelog](https://github.com/codahale/bcrypt-ruby/blob/master/CHANGELOG)
- [Commits](https://github.com/codahale/bcrypt-ruby/compare/v3.1.12...v3.1.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump loofah from 2.4.0 to 2.5.0 (#13422)

Bumps [loofah](https://github.com/flavorjones/loofah) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.4.0...v2.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Fix styling of polls in JS-less fallback on public pages (#13436)

Merge pull request #1312 from ThibG/glitch-soc/merge-upstream

Merge upstream changes

Fix regression in `tootctl media remove-orphans` (#13405)

Fix #13401

Fix trying to delete already deleted file when post-processing (#13406)

Fix #13403

Increase dependabot dependencies scope from security-only. (#13400)

* Update config.yml

* Update config.yml

* Update config.yml

* Update config.yml

Merge branch 'master' into glitch-soc/merge-upstream

Conflicts:
- `app/javascript/packs/public.js`:
  Upstream modified code that we split between multiple files due
  to glitch-soc's theming system.
  Ported those changes.

Update CHANGELOG.md (#13397)

New Crowdin translations (#13317)

* New translations en.yml (Italian)
[ci skip]

* New translations doorkeeper.en.yml (Indonesian)
[ci skip]

* New translations simple_form.en.yml (Indonesian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations devise.en.yml (Ido)
[ci skip]

* New translations doorkeeper.en.yml (Ido)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations activerecord.en.yml (Georgian)
[ci skip]

* New translations doorkeeper.en.yml (Georgian)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations simple_form.en.yml (German)
[ci skip]

* New translations doorkeeper.en.yml (German)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations simple_form.en.yml (Greek)
[ci skip]

* New translations doorkeeper.en.yml (Greek)
[ci skip]

* New translations en.yml (Hebrew)
[ci skip]

* New translations simple_form.en.yml (Hebrew)
[ci skip]

* New translations activerecord.en.yml (Hebrew)
[ci skip]

* New translations devise.en.yml (Hebrew)
[ci skip]

* New translations doorkeeper.en.yml (Hebrew)
[ci skip]

* New translations en.yml (Hindi)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations doorkeeper.en.yml (Esperanto)
[ci skip]

* New translations doorkeeper.en.yml (French)
[ci skip]

* New translations devise.en.yml (French)
[ci skip]

* New translations simple_form.en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations doorkeeper.en.yml (Finnish)
[ci skip]

* New translations simple_form.en.yml (Finnish)
[ci skip]

* New translations en.yml (Finnish)
[ci skip]

* New translations en.json (Finnish)
[ci skip]

* New translations doorkeeper.en.yml (Estonian)
[ci skip]

* New translations simple_form.en.yml (Estonian)
[ci skip]

* New translations en.yml (Estonian)
[ci skip]

* New translations doorkeeper.en.yml (Welsh)
[ci skip]

* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]

* New translations devise.en.yml (Serbian (Latin))
[ci skip]

* New translations devise.en.yml (Urdu (Pakistan))
[ci skip]

* New translations activerecord.en.yml (Vietnamese)
[ci skip]

* New translations devise.en.yml (Vietnamese)
[ci skip]

* New translations en.yml (Tamil)
[ci skip]

* New translations en.yml (Tamil)
[ci skip]

* New translations simple_form.en.yml (Tamil)
[ci skip]

* New translations simple_form.en.yml (Tamil)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations en.json (Basque)
[ci skip]

* New translations simple_form.en.yml (Basque)
[ci skip]

* New translations simple_form.en.yml (Basque)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations devise.en.yml (German)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations simple_form.en.yml (Italian)
[ci skip]

* New translations en.yml (Corsican)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Tamil)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations simple_form.en.yml (Indonesian)
[ci skip]

* New translations simple_form.en.yml (Indonesian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations simple_form.en.yml (Slovak)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.json (Slovak)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations devise.en.yml (Galician)
[ci skip]

* New translations en.json (Finnish)
[ci skip]

* New translations en.yml (Finnish)
[ci skip]

* New translations en.json (Finnish)
[ci skip]

* New translations en.json (Finnish)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations simple_form.en.yml (Persian)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.json (Hungarian)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Corsican)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Spanish, Argentina)
[ci skip]

* New translations en.json (Albanian)
[ci skip]

* New translations en.json (Indonesian)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations en.json (Ido)
[ci skip]

* New translations en.json (Japanese)
[ci skip]

* New translations en.json (Kabyle)
[ci skip]

* New translations en.json (Kannada)
[ci skip]

* New translations en.json (Hebrew)
[ci skip]

* New translations en.json (Hindi)
[ci skip]

* New translations en.json (Hungarian)
[ci skip]

* New translations en.json (Icelandic)
[ci skip]

* New translations en.json (Greek)
[ci skip]

* New translations en.json (Malayalam)
[ci skip]

* New translations en.json (Marathi)
[ci skip]

* New translations en.json (Norwegian)
[ci skip]

* New translations en.json (Norwegian Nynorsk)
[ci skip]

* New translations en.json (Malay)
[ci skip]

* New translations en.json (Kazakh)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations en.json (Latvian)
[ci skip]

* New translations en.json (Lithuanian)
[ci skip]

* New translations en.json (Macedonian)
[ci skip]

* New translations en.json (Bulgarian)
[ci skip]

* New translations en.json (Catalan)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Traditional)
[ci skip]

* New translations en.json (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.json (Breton)
[ci skip]

* New translations en.json (Asturian)
[ci skip]

* New translations en.json (Armenian)
[ci skip]

* New translations en.json (Basque)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Arabic)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Finnish)
[ci skip]

* New translations en.json (French)
[ci skip]

* New translations en.json (Estonian)
[ci skip]

* New translations en.json (Georgian)
[ci skip]

* New translations en.json (German)
[ci skip]

* New translations en.json (Croatian)
[ci skip]

* New translations en.json (Czech)
[ci skip]

* New translations en.json (Corsican)
[ci skip]

* New translations en.json (Esperanto)
[ci skip]

* New translations en.json (Dutch)
[ci skip]

* New translations en.json (Danish)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations en.json (Telugu)
[ci skip]

* New translations en.json (Turkish)
[ci skip]

* New translations en.json (Tamil)
[ci skip]

* New translations en.json (Swedish)
[ci skip]

* New translations en.json (Spanish, Argentina)
[ci skip]

* New translations en.json (Welsh)
[ci skip]

* New translations en.json (Vietnamese)
[ci skip]

* New translations en.json (Urdu (Pakistan))
[ci skip]

* New translations en.json (Ukrainian)
[ci skip]

* New translations en.json (Serbian (Latin))
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.json (Portuguese)
[ci skip]

* New translations en.json (Polish)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Occitan)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Slovenian)
[ci skip]

* New translations en.json (Slovak)
[ci skip]

* New translations en.json (Romanian)
[ci skip]

* New translations en.json (Serbian (Cyrillic))
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Swedish)
[ci skip]

* New translations en.json (Spanish, Argentina)
[ci skip]

* New translations en.json (Icelandic)
[ci skip]

* New translations en.yml (Icelandic)
[ci skip]

* New translations en.yml (Icelandic)
[ci skip]

* New translations activerecord.en.yml (Icelandic)
[ci skip]

* New translations en.yml (Icelandic)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Catalan)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations en.json (German)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Persian)
[ci skip]

* New translations en.json (Polish)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations simple_form.en.yml (Polish)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.json (Japanese)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.json (Hungarian)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations doorkeeper.en.yml (Thai)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* i18n-tasks normalize

* yarn manage:translations

Add rate limit for reporting (#13390)

Fix “Show more” not switching to “Show less” on public pages (#13174)

* Fix “Show more” not switching to “Show less” on public pages

Fixes #13169

* Fix initial text of CW button on public pages when CW are unfolded by default

Update .ruby-version (#13395)

[Security] Update Dockerfile for Ruby 2.6.6 (#13393)

Fix PostgreSQL load when linking in announcements (#13250)

* Fix PostgreSQL load when linking in announcements

Fixes #13245 by caching status lookups

Since statuses are supposed to be known already and we only
need their URLs and a few other things, caching them should
be fine.

Since it's only used by announcements so far, there won't
be much statuses to cache.

* Perform status lookup when saving announcements, not when rendering them

* Change EntityCache#status to fetch URLs instead of looking into the database

* Move announcement link lookup to publishing worker

* Address issues pointed out during review

Bump version to 3.1.3 (#13389)

Merge pull request #1311 from ThibG/glitch-soc/merge-upstream

Merge upstream changes

Bump rails from 5.2.4.1 to 5.2.4.2 and kind-of from 6.0.2 to 6.0.3 (#13387)

* Bump rails from 5.2.4.1 to 5.2.4.2

* Bump kind-of from 6.0.2 to 6.0.3

Fix admin audit log crash due to glitch-soc theming changes

[Glitch] Add explanation as to why unlocked accounts may have follow requests

Port d3ff06a3205130fa10ffc5d736e8206a9725b5df to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

[Glitch] Add ability to filter audit log in admin UI

Port f65568f1d400be2e101bd8b533a1b53807f5c757 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

Merge branch 'master' into glitch-soc/merge-upstream

Add explanation as to why unlocked accounts may have follow requests (#13385)

* Add explanation as to why unlocked accounts may have follow requests

* Change wording to avoid “silenced”

Update config.yml (#13379)

Update Vagrant box to Bionic (#13384)

Add ability to filter audit log in admin UI (#13381)

Merge pull request #1310 from ThibG/glitch-soc/merge-upstream

Merge upstream changes

[Glitch] Improve polls: option lengths & redesign

Port 37b3985bfac5ffdc8e452f92869dcdefb5c92594 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

[Glitch] Improve toot clicking areas

Port part of 1fb92037e432913902a5e5c8a5b673b036d84cb8 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

[Glitch] Fix content warning being unnecessarily cleared when enabling/disabling CW

Port cf1fa73347c9ca2b1c4f14521e990feba7509e2e to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

[Glitch] Fix wrong color for ellipsis in boost confirmation dialog in Web UI

Port be2f1597cf6b010a7ea0ffdc45550f87a7ae9dad  to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

[Glitch] Fix 404 and 410 API errors being silently discarded in WebUI

Port front-end changes from 0d117c106aa72f78dd5cdd371849dd8ce3120198 to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>

Merge branch 'master' into glitch-soc/merge-upstream

Conflicts:
- `app/javascript/mastodon/features/compose/components/poll_form.js`:
  Upstream bumped poll option character limit, but we already had
  a higher one, kept ours.
- `app/validators/poll_validator.rb`:
  Upstream bumped poll option character limit, but we already had
  a higher one, kept ours.
- `config/initializers/content_security_policy.rb`:
  Upstream added a rule, the way we compute ours is different, but
  that added rule has been ported.
- `package.json`:
  No real conflict, dependency update. Performed the same update.
- `yarn.lock`:
  No real conflict, dependency update. Performed the same update.

Bump rspec-rails from 3.9.1 to 4.0.0 (#13364)

Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.9.1...v4.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Improve polls: option lengths & redesign (#13257)

This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.

Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.

Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` (#13375)

Fix #13371

Fix returning results when searching for URL with non-zero offset (#13377)

Fix #13083

Fix pinning a column in web UI sometimes redirecting out of web UI (#13376)

Fix #13216

Bump json-ld from 3.1.1 to 3.1.2 (#13368)

Bumps [json-ld](https://github.com/ruby-rdf/json-ld) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld/releases)
- [Commits](https://github.com/ruby-rdf/json-ld/compare/3.1.1...3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump json-ld-preloaded from 3.1.1 to 3.1.2 (#13365)

Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.1.1...3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>

Bump bootsnap from 1.4.5 to 1.4.6 (#13369)

Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.5...v1.4.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>