Merge branch 'origin/master' into sync/upstream

Conflicts:
	app/javascript/mastodon/components/status_list.js
	app/javascript/mastodon/features/notifications/index.js
	app/javascript/mastodon/features/ui/components/modal_root.js
	app/javascript/mastodon/features/ui/components/onboarding_modal.js
	app/javascript/mastodon/features/ui/index.js
	app/javascript/styles/about.scss
	app/javascript/styles/accounts.scss
	app/javascript/styles/components.scss
	app/presenters/instance_presenter.rb
	app/services/post_status_service.rb
	app/services/reblog_service.rb
	app/views/about/more.html.haml
	app/views/about/show.html.haml
	app/views/accounts/_header.html.haml
	config/webpack/loaders/babel.js
	spec/controllers/api/v1/accounts/credentials_controller_spec.rb

config/initializers/devise.rb

@@ -154,7 +154,7 @@ Devise.setup do |config|
   # their account can't be confirmed with the token any more.
   # Default is nil, meaning there is no restriction on how long a user can take
   # before confirming their account.
-  # config.confirm_within = 3.days
+  config.confirm_within = 2.days
 
   # If true, requires any email changes to be confirmed (exactly the same way as
   # initial account confirmation) to be applied. Requires additional unconfirmed_email
@@ -167,7 +167,7 @@ Devise.setup do |config|
 
   # ==> Configuration for :rememberable
   # The time the user will be remembered without asking for credentials again.
-  # config.remember_for = 2.weeks
+  config.remember_for = 1.year
 
   # Invalidates all the remember me tokens when the user signs out.
   config.expire_all_remember_me_on_sign_out = true
@@ -177,7 +177,7 @@ Devise.setup do |config|
 
   # Options to be passed to the created cookie. For instance, you can set
   # secure: true in order to force SSL only cookies.
-  # config.rememberable_options = {}
+  config.rememberable_options = { secure: true }
 
   # ==> Configuration for :validatable
   # Range for password length.

config/initializers/doorkeeper.rb

@@ -50,7 +50,7 @@ Doorkeeper.configure do
   # Optional parameter :confirmation => true (default false) if you want to enforce ownership of
   # a registered application
   # Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
-  # enable_application_owner :confirmation => true
+  enable_application_owner
 
   # Define access token scopes for your provider
   # For more information go to

config/initializers/inflections.rb

@@ -17,4 +17,5 @@ ActiveSupport::Inflector.inflections(:en) do |inflect|
   inflect.acronym 'ActivityPub'
   inflect.acronym 'PubSubHubbub'
   inflect.acronym 'ActivityStreams'
+  inflect.acronym 'JsonLd'
 end

config/initializers/json_ld.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+require_relative '../../lib/json_ld/identity'
+require_relative '../../lib/json_ld/security'
+require_relative '../../lib/json_ld/activitystreams'

config/initializers/mime_types.rb

@@ -1,4 +1,4 @@
 # Be sure to restart your server when you modify this file.
 
-Mime::Type.register 'application/json', :json, %w(text/x-json application/jsonrequest application/jrd+json application/activity+json)
+Mime::Type.register 'application/json', :json, %w(text/x-json application/jsonrequest application/jrd+json application/activity+json application/ld+json)
 Mime::Type.register 'text/xml',         :xml,  %w(application/xml application/atom+xml application/xrd+xml)

config/initializers/ostatus.rb

@@ -5,7 +5,7 @@ host     = ENV.fetch('LOCAL_DOMAIN') { "localhost:#{port}" }
 web_host = ENV.fetch('WEB_DOMAIN') { host }
 https    = ENV['LOCAL_HTTPS'] == 'true'
 
-alternate_domains = ENV.fetch('ALTERNATE_DOMAINS') { "" }
+alternate_domains = ENV.fetch('ALTERNATE_DOMAINS') { '' }
 
 Rails.application.configure do
   config.x.local_domain = host
@@ -17,6 +17,7 @@ Rails.application.configure do
 
   config.action_mailer.default_url_options = { host: web_host, protocol: https ? 'https://' : 'http://', trailing_slash: false }
   config.x.streaming_api_base_url          = 'ws://localhost:4000'
+  config.x.use_ostatus_privacy             = true
 
   if Rails.env.production?
     config.x.streaming_api_base_url = ENV.fetch('STREAMING_API_BASE_URL') { "ws#{https ? 's' : ''}://#{web_host}" }

config/initializers/rack_attack.rb

@@ -33,6 +33,7 @@ class Rack::Attack
     match_data = env['rack.attack.match_data']
 
     headers = {
+      'Content-Type'          => 'application/json',
       'X-RateLimit-Limit'     => match_data[:limit].to_s,
       'X-RateLimit-Remaining' => '0',
       'X-RateLimit-Reset'     => (now + (match_data[:period] - now.to_i % match_data[:period])).iso8601(6),