Merge branch 'next-minor' into develop

closes #8465

.codeclimate.yml

@@ -0,0 +1,36 @@
+---
+engines:
+  brakeman:
+    enabled: true
+  bundler-audit:
+    enabled: true
+  csslint:
+    enabled: true
+  duplication:
+    enabled: true
+    config:
+      languages:
+      - ruby
+      - javascript
+  eslint:
+    enabled: true
+    channel: "eslint-2"
+  fixme:
+    enabled: true
+  rubocop:
+    enabled: true
+ratings:
+  paths:
+  - Gemfile.lock
+  - "**.erb"
+  - "**.haml"
+  - "**.rb"
+  - "**.css"
+  - "**.js"
+exclude_paths:
+- config/
+- db/
+- features/
+- script/
+- spec/
+- vendor/

.eslintrc

@@ -0,0 +1,259 @@
+{
+  "env": {
+    "browser": true,
+    "jasmine": true,
+    "jquery": true,
+    "es6": true
+  },
+
+  "globals": {
+    "_": false,
+    "autosize": false,
+    "Backbone": false,
+    "Bloodhound": false,
+    "blueimp": false,
+    "gon": false,
+    "Handlebars": false,
+    "HandlebarsTemplates": false,
+    "ImagePaths": false,
+    "L": false,
+    "OSM": false,
+    "PerfectScrollbar": false,
+    "qq": false,
+    "Routes": false,
+
+    "loginAs": true,
+    "logout": true,
+    "spec": true,
+    "context": true,
+    "factory": true,
+    "stubView": true,
+
+    "app": true,
+    "Diaspora": true,
+    "Keycodes": true,
+    "PosixBracketExpressions": true
+  },
+
+  "rules": {
+    "accessor-pairs": 0,
+    "array-bracket-spacing": [2, "never"],
+    "array-callback-return": 0,
+    "arrow-body-style": 0,
+    "arrow-parens": 0,
+    "arrow-spacing": 0,
+    "block-scoped-var": 0,
+    "block-spacing": [2, "always"],
+    "brace-style": [2, "1tbs", {"allowSingleLine": true}],
+    "callback-return": 0,
+    "camelcase": 2,
+    "comma-dangle": [2, "never"],
+    "comma-spacing": [2, {"before": false, "after": true}],
+    "comma-style": [2, "last"],
+    "complexity": [1, {"max": 20}],
+    "computed-property-spacing": [2, "never"],
+    "consistent-return": 2,
+    "consistent-this": 0,
+    "constructor-super": 0,
+    "curly": [2, "all"],
+    "default-case": 0,
+    "dot-location": [2, "property"],
+    "dot-notation": 2,
+    "eol-last": 2,
+    "eqeqeq": [2, "allow-null"],
+    "func-names": 0,
+    "func-style": 0,
+    "generator-star-spacing": 0,
+    "global-require": 0,
+    "guard-for-in": 1,
+    "handle-callback-err": 0,
+    "id-blacklist": 0,
+    "id-length": 0,
+    "id-match": 0,
+    "indent": [2, 2, {"SwitchCase": 1, "VariableDeclarator": {"var": 2, "let": 2, "const": 3}}],
+    "init-declarations": 0,
+    "jsx-quotes": 0,
+    "key-spacing": [2, {"beforeColon": false, "afterColon": true}],
+    "keyword-spacing": 2,
+    "linebreak-style": 0,
+    "lines-around-comment": 0,
+    "max-depth": 0,
+    "max-len": [1, {"code": 120, "ignoreUrls": true}],
+    "max-lines": 0,
+    "max-nested-callbacks": 0,
+    "max-params": 0,
+    "max-statements": 0,
+    "max-statements-per-line": 0,
+    "new-cap": [2, {"capIsNew": false}],
+    "new-parens": 2,
+    "newline-after-var": 0,
+    "newline-before-return": 0,
+    "newline-per-chained-call": 0,
+    "no-alert": 0,
+    "no-array-constructor": 2,
+    "no-bitwise": 0,
+    "no-caller": 2,
+    "no-case-declarations": 2,
+    "no-catch-shadow": 0,
+    "no-class-assign": 2,
+    "no-cond-assign": 2,
+    "no-confusing-arrow": [2, {"allowParens": true}],
+    "no-console": 2,
+    "no-const-assign": 2,
+    "no-constant-condition": 2,
+    "no-continue": 0,
+    "no-control-regex": 2,
+    "no-debugger": 2,
+    "no-delete-var": 2,
+    "no-div-regex": 0,
+    "no-dupe-args": 2,
+    "no-dupe-class-members": 2,
+    "no-dupe-keys": 2,
+    "no-duplicate-case": 2,
+    "no-duplicate-imports": 0,
+    "no-else-return": 2,
+    "no-empty": 2,
+    "no-empty-character-class": 2,
+    "no-empty-function": 1,
+    "no-empty-pattern": 2,
+    "no-eq-null": 0,
+    "no-eval": 2,
+    "no-ex-assign": 2,
+    "no-extend-native": 2,
+    "no-extra-bind": 2,
+    "no-extra-boolean-cast": 2,
+    "no-extra-label": 0,
+    "no-extra-parens": 0,
+    "no-extra-semi": 2,
+    "no-fallthrough": 2,
+    "no-floating-decimal": 0,
+    "no-func-assign": 2,
+    "no-implicit-coercion": 0,
+    "no-implicit-globals": 0,
+    "no-implied-eval": 0,
+    "no-inline-comments": 0,
+    "no-inner-declarations": 2,
+    "no-invalid-regexp": 2,
+    "no-invalid-this": 0,
+    "no-irregular-whitespace": 2,
+    "no-iterator": 0,
+    "no-label-var": 0,
+    "no-labels": 0,
+    "no-lone-blocks": 0,
+    "no-lonely-if": 2,
+    "no-loop-func": 2,
+    "no-magic-numbers": 0,
+    "no-mixed-operators": 0,
+    "no-mixed-requires": 0,
+    "no-mixed-spaces-and-tabs": 2,
+    "no-multi-spaces": 1,
+    "no-multi-str": 0,
+    "no-multiple-empty-lines": [1, {"max": 1}],
+    "no-native-reassign": 2,
+    "no-negated-condition": 0,
+    "no-negated-in-lhs": 2,
+    "no-nested-ternary": 0,
+    "no-new": 0,
+    "no-new-func": 0,
+    "no-new-object": 0,
+    "no-new-require": 0,
+    "no-new-symbol": 0,
+    "no-new-wrappers": 0,
+    "no-obj-calls": 2,
+    "no-octal": 2,
+    "no-octal-escape": 0,
+    "no-param-reassign": 0,
+    "no-path-concat": 0,
+    "no-plusplus": 0,
+    "no-process-env": 0,
+    "no-process-exit": 0,
+    "no-proto": 2,
+    "no-prototype-builtins": 0,
+    "no-redeclare": 2,
+    "no-regex-spaces": 2,
+    "no-restricted-globals": 0,
+    "no-restricted-imports": 0,
+    "no-restricted-modules": 0,
+    "no-restricted-syntax": 0,
+    "no-return-assign": 2,
+    "no-script-url": 0,
+    "no-self-assign": 2,
+    "no-self-compare": 2,
+    "no-sequences": 2,
+    "no-shadow": 1,
+    "no-shadow-restricted-names": 2,
+    "no-spaced-func": 1,
+    "no-sparse-arrays": 2,
+    "no-sync": 0,
+    "no-ternary": 0,
+    "no-this-before-super": 2,
+    "no-throw-literal": 2,
+    "no-trailing-spaces": 2,
+    "no-undef": 2,
+    "no-undef-init": 0,
+    "no-undefined": 0,
+    "no-underscore-dangle": 0,
+    "no-unexpected-multiline": 2,
+    "no-unmodified-loop-condition": 1,
+    "no-unneeded-ternary": 1,
+    "no-unreachable": 2,
+    "no-unsafe-finally": 1,
+    "no-unused-expressions": 0,
+    "no-unused-labels": 2,
+    "no-unused-vars": 2,
+    "no-use-before-define": [2, {"functions": false, "classes": true}],
+    "no-useless-call": 1,
+    "no-useless-computed-key": 0,
+    "no-useless-concat": 0,
+    "no-useless-constructor": 0,
+    "no-useless-escape": 0,
+    "no-useless-rename": 0,
+    "no-var": 0,
+    "no-void": 0,
+    "no-warning-comments": 0,
+    "no-whitespace-before-property": 2,
+    "no-with": 2,
+    "object-curly-newline": 0,
+    "object-curly-spacing": [2, "never"],
+    "object-property-newline": 0,
+    "object-shorthand": 0,
+    "one-var": 0,
+    "one-var-declaration-per-line": 0,
+    "operator-assignment": 0,
+    "operator-linebreak": 0,
+    "padded-blocks": [2, "never"],
+    "prefer-arrow-callback": 0,
+    "prefer-const": 0,
+    "prefer-reflect": 0,
+    "prefer-rest-params": 0,
+    "prefer-spread": 0,
+    "prefer-template": 0,
+    "quote-props": 0,
+    "quotes": [2, "double", "avoid-escape"],
+    "radix": [2, "always"],
+    "require-jsdoc": 0,
+    "require-yield": 0,
+    "rest-spread-spacing": 0,
+    "semi": [2, "always"],
+    "semi-spacing": [2, {"before": false, "after": true}],
+    "sort-imports": 0,
+    "sort-vars": 0,
+    "space-before-blocks": [2, "always"],
+    "space-before-function-paren": [2, "never"],
+    "space-in-parens": [2, "never"],
+    "space-infix-ops": [2, {"int32Hint": true}],
+    "space-unary-ops": [2, {"words": true, "nonwords": false}],
+    "spaced-comment": [2, "always", {"markers": ["="]}],
+    "strict": 0,
+    "template-curly-spacing": 0,
+    "unicode-bom": 0,
+    "use-isnan": 2,
+    "valid-jsdoc": 0,
+    "valid-typeof": 2,
+    "vars-on-top": 0,
+    "wrap-iife": 0,
+    "wrap-regex": 0,
+    "yield-star-spacing": 0,
+    "yoda": [2, "never"]
+  }
+}

.github/workflows/ci.yml

@@ -0,0 +1,63 @@
+name: CI
+on:
+  push:
+    branches:
+      - develop
+      - next-minor
+      - main
+      - master
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - '3.2'
+          - '3.3'
+        db:
+          - mysql
+          - postgresql
+        kind:
+          - cucumber
+          - other
+    env:
+      DB: ${{ matrix.db }}
+      RAILS_ENV: test
+      BUNDLE_WITH: ${{ matrix.db }}
+      BUNDLE_WITHOUT: development
+      BUNDLE_FROZEN: true
+      BUNDLE_DISABLE_SHARED_GEMS: true
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_PASSWORD: postgres
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+    steps:
+      - name: Install system dependencies
+        run: sudo apt update && sudo apt install -y build-essential curl git gsfonts imagemagick libcurl4-openssl-dev libidn11-dev libmagickwand-dev libssl-dev libxml2-dev libxslt1-dev yarnpkg
+      - name: Start MySQL
+        run: sudo systemctl start mysql.service
+        if: matrix.db == 'mysql'
+      - uses: actions/checkout@v3
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: Prepare
+        run: script/ci/prepare.sh
+      - name: Run tests
+        run: bin/rake --trace ci:${{ matrix.kind }}
+      - name: Run Jasmine
+        run: bin/rake jasmine:ci
+        timeout-minutes: 2
+        if: matrix.kind == 'other'

.github/workflows/lint.yml

@@ -0,0 +1,62 @@
+## SECURITY WARNING:
+##
+## Do not change this job unless you know what you're doing.
+##
+## This GitHub Action runs on: pull_request_target, which means the jobs run in
+## a context where they have access to a Access Token with write access to the
+## target repo, even if the PR is opened from an external contributor from their
+## fork.
+##
+## This means that if we're not careful, we could be running third-party code
+## within an authenticated scope, which isn't good. To mitigate this, this
+## implementation does:
+##
+##   1. checkout the target branch (i.e. the project's original sources)
+##   2. install the Gems from there, and install them into a directory that's
+##      outside the repository contents.
+##   3. checkout the PRs HEAD
+##   4. restore a bunch of files that would allow code execution from the
+##      project's upstream sources, namely:
+##      - bin/bundle - we'll run that in our Job
+##      - Gemfile/Gemfile.lock - to avoid loading a gem with an identical
+##        version number from a in-repo vendored directory
+
+name: Lint
+on:
+  pull_request_target:
+
+permissions:
+  contents: read
+  statuses: write
+  pull-requests: write
+
+jobs:
+  pronto:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install system dependencies
+        run: sudo apt update && sudo apt install -y build-essential curl git gsfonts imagemagick libcurl4-openssl-dev libidn11-dev libmagickwand-dev libssl-dev libxml2-dev libxslt1-dev yarnpkg
+      - name: Checkout Target branch
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.base_ref }}
+          fetch-depth: 0
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: "3.1"
+          bundler-cache: true
+      - name: Checkout PR HEAD
+        run: |
+          git fetch -q origin +refs/pull/${{ github.event.pull_request.number }}/head:
+          git checkout -qf FETCH_HEAD
+      - name: Restore the bundle binstub and Gemfiles from the target branch
+        run: |
+          git restore -s ${{ github.base_ref }} -- bin/bundle
+          git restore -s ${{ github.base_ref }} -- Gemfile
+          git restore -s ${{ github.base_ref }} -- Gemfile.lock
+      - name: Run Pronto
+        run: bin/bundle exec pronto run -f github_status github_pr_review -c ${{ github.base_ref }}
+        env:
+          PRONTO_PULL_REQUEST_ID: ${{ github.event.pull_request.number }}
+          PRONTO_GITHUB_ACCESS_TOKEN: ${{ github.token }}
+

.gitignore

@@ -1,35 +1,21 @@
-# xmpp certificates, keys and user data
-config/vines/*.crt
-config/vines/*.key
-
-#trademark sillyness
+# Trademark sillyness
 app/views/home/_show.*
 app/views/terms/terms.*
 app/assets/images/custom/
 
-
 # Configuration files
+config/diaspora.toml
 config/diaspora.yml
-config/heroku.yml
 config/initializers/secret_token.rb
-config/redis.conf
-config/deploy_config.yml
-config/schedule.rb
 .bundle
 vendor/bundle/
 vendor/cache/
 config/database.yml
-.rvmrc_custom
-.rvmrc.local
-
-#Mailing list stuff
-config/email_offset
-config/mailing_list.csv
+config/oidc_key.pem
+config/schedule.yml
 
 # Generated files
 log/
-public/stylesheets/*.css
-public/diaspora
 spec/fixtures/*.y*ml
 spec/fixtures/*.fixture.*
 coverage/
@@ -38,13 +24,19 @@ public/404.html
 public/422.html
 public/500.html
 
+# the db/schema.rb. Although this is contrary to rails best-practises, we
+# cannot provide a schema.rb that works for both MySQL and PostgreSQL, so we
+# have no choice. Our migrations are maintained, so it should always be
+# possible to get back to a "clean" database schema anyway.
+db/schema.rb
+
 # Sprites
 app/assets/images/branding-*.png
 app/assets/images/branding/logos-*.png
 app/assets/images/icons-*.png
-app/assets/images/social_media_logos-*.png
+app/assets/images/social-media-logos-*.png
 
-#Documentation
+# Documentation
 .yardoc/
 doc/
 
@@ -52,33 +44,42 @@ doc/
 public/uploads/
 public/assets/
 public/source.tar*
-public/.well-known
-tmp/**/
 tmp/
-*.sqlite3
 
 # Temporary files of every sort
+.byebug_history
 .sass-cache/
 .DS_Store
-.idea
 .redcar
-.rvmrc
 .stgit*
 *.swap
 *.swo
 *.swp
 *~
 *#
+*.bak
+*.save
+*.autosave
 nbproject
 patches-*
 capybara-*.html
-dump.rdb
 
-#Rubinius's JIT
+# Rubinius's JIT
 *.rbc
 
-#IDE
+# IDE
+.idea
+.vscode
 diaspora.iml
 
 # Dolphin's directory's preferences files
 *.directory
+
+# WebTranslateIt
+.wti
+
+# MacOS
+/__MACOSX/
+
+# yarn
+node_modules

.haml-lint.yml

@@ -0,0 +1,5 @@
+linters:
+  LineLength:
+    max: 120
+  SpaceInsideHashAttributes:
+    style: no_space

.hound.yml

@@ -1,9 +0,0 @@
-java_script:
-  enabled: true
-  config_file: config/.jshint.json
-  ignore_file: config/.jshint_ignore
-ruby:
-  enabled: true
-  config_file: .rubocop.yml
-scss:
-  enabled: false

.jshintignore

@@ -1 +0,0 @@
-config/.jshint_ignore

.jshintrc

@@ -1 +0,0 @@
-config/.jshint.json

.pronto.yml

@@ -0,0 +1,4 @@
+all:
+  exclude:
+    - "vendor/**/*"
+consolidate_comments: true

.rspec

@@ -3,3 +3,4 @@
 --color
 --tag ~performance
 --order random
+--require spec_helper

.rubocop.yml

@@ -1,28 +1,54 @@
+require: rubocop-rails
+
 AllCops:
-  RunRailsCops: true
+  TargetRubyVersion: 3.0
+  NewCops: enable
   Exclude:
-    - 'db/schema.rb'
+    - "bin/**/*"
+    - "db/schema.rb"
+    - "config/locales/cldr/plurals.rb"
+
+# Disable for rails 4
+Rails/HttpPositionalArguments:
+  Enabled: false
 
 # Commonly used screens these days easily fit more than 80 characters.
-Metrics/LineLength:
+Layout/LineLength:
   Max: 120
 
 # Too short methods lead to extraction of single-use methods, which can make
 # the code easier to read (by naming things), but can also clutter the class
-Metrics/MethodLength: 
+Metrics/MethodLength:
   Max: 20
 
 # The guiding principle of classes is SRP, SRP can't be accurately measured by LoC
 Metrics/ClassLength:
   Max: 1500
-  
-# Raise AbcSize from 15 to 20
+Metrics/ModuleLength:
+  Max: 1500
+
+# Raise complexity metrics
 Metrics/AbcSize:
   Max: 20
 
+Metrics/CyclomaticComplexity:
+  Max: 20
+
+Metrics/PerceivedComplexity:
+  Max: 20
+
+# Some blocks are longer.
+Metrics/BlockLength:
+  AllowedMethods:
+    - "namespace"
+    - "create_table"
+  Exclude:
+    - "config/**/*.rb"
+    - "spec/**/*.rb"
+
 # No space makes the method definition shorter and differentiates
 # from a regular assignment.
-Style/SpaceAroundEqualsInParameterDefault:
+Layout/SpaceAroundEqualsInParameterDefault:
   EnforcedStyle: no_space
 
 # Single quotes being faster is hardly measurable and only affects parse time.
@@ -31,22 +57,33 @@ Style/SpaceAroundEqualsInParameterDefault:
 # are needed.
 Style/StringLiterals:
   EnforcedStyle: double_quotes
+  Exclude:
+    # These files are generated by rails, so it's best to keep them close to the original for smaller diffs
+    - "config/application.rb"
+    - "config/boot.rb"
+    - "config/environment.rb"
+    - "config/environments/*.rb"
 
 # We do not need to support Ruby 1.9, so this is good to use.
 Style/SymbolArray:
   Enabled: true
 
 # Most readable form.
-Style/AlignHash:
+Layout/HashAlignment:
   EnforcedHashRocketStyle: table
   EnforcedColonStyle: table
 
+# This rule makes haml files less readable, as there is no 'end' there.
+Layout/CaseIndentation:
+  Exclude:
+    - "app/views/**/*"
+
 # Mixing the styles looks just silly.
 Style/HashSyntax:
  EnforcedStyle: ruby19_no_mixed_keys
 
 # has_key? and has_value? are far more readable than key? and value?
-Style/DeprecatedHashMethods:
+Style/PreferredHashMethods:
   Enabled: false
 
 # String#% is by far the least verbose and only object oriented variant.
@@ -59,7 +96,6 @@ Style/CollectionMethods:
     # inject seems more common in the community.
     reduce: "inject"
 
-
 # Either allow this style or don't. Marking it as safe with parenthesis
 # is silly. Let's try to live without them for now.
 Style/ParenthesesAroundCondition:
@@ -68,13 +104,13 @@ Lint/AssignmentInCondition:
   AllowSafeAssignment: false
 
 # A specialized exception class will take one or more arguments and construct the message from it.
-# So both variants make sense. 
+# So both variants make sense.
 Style/RaiseArgs:
   Enabled: false
 
 # Indenting the chained dots beneath each other is not supported by this cop,
 # see https://github.com/bbatsov/rubocop/issues/1633
-Style/MultilineOperationIndentation:
+Layout/MultilineOperationIndentation:
   Enabled: false
 
 # Fail is an alias of raise. Avoid aliases, it's more cognitive load for no gain.
@@ -86,10 +122,10 @@ Style/SignalException:
 # Suppressing exceptions can be perfectly fine, and be it to avoid to
 # explicitly type nil into the rescue since that's what you want to return,
 # or suppressing LoadError for optional dependencies
-Lint/HandleExceptions:
+Lint/SuppressedException:
   Enabled: false
 
-Style/SpaceInsideBlockBraces:
+Layout/SpaceInsideBlockBraces:
   # The space here provides no real gain in readability while consuming
   # horizontal space that could be used for a better parameter name.
   # Also {| differentiates better from a hash than { | does.
@@ -97,7 +133,7 @@ Style/SpaceInsideBlockBraces:
 
 # No trailing space differentiates better from the block:
 # foo} means hash, foo } means block.
-Style/SpaceInsideHashLiteralBraces:
+Layout/SpaceInsideHashLiteralBraces:
   EnforcedStyle: no_space
 
 # { ... } for multi-line blocks is okay, follow Weirichs rule instead:
@@ -105,6 +141,11 @@ Style/SpaceInsideHashLiteralBraces:
 Style/BlockDelimiters:
   Enabled: false
 
+# Enforcing -> would be nice, but not at the cost of enforcing lambda { } for
+# multiline lambdas.
+Style/Lambda:
+  Enabled: false
+
 # do / end blocks should be used for side effects,
 # methods that run a block for side effects and have
 # a useful return value are rare, assign the return
@@ -126,18 +167,34 @@ Lint/ShadowingOuterLocalVariable:
 
 # Check with yard instead.
 Style/Documentation:
-  Enabled: false 
+  Enabled: false
 
 # This is just silly. Calling the argument `other` in all cases makes no sense.
-Style/OpMethod:
-  Enabled: false 
+Naming/BinaryOperatorParameterName:
+  Enabled: false
+
+# Defining constants in tests is fine, and it's good to have them close to the test where they are used.
+Lint/ConstantDefinitionInBlock:
+  Exclude:
+    - "spec/**/*"
 
 # There are valid cases, for example debugging Cucumber steps,
 # also they'll fail CI anyway
 Lint/Debugger:
   Enabled: false
 
+# We used comparison everywhere.
+Style/NumericPredicate:
+  EnforcedStyle: comparison
 
 # Reset some HoundCI changes back to Rubocop defaults
-Style/DotPosition:
+Layout/DotPosition:
   EnforcedStyle: leading
+
+# Not enabled by default but good
+Style/HashEachMethods:
+  Enabled: true
+
+# It makes more sense to allow to structure and group them how it makes sense in the code
+Style/AccessorGrouping:
+  Enabled: false

.ruby-version

@@ -1 +1 @@
-2.1
+3.3

.scss-lint.yml

@@ -0,0 +1,231 @@
+scss_files: 'app/assets/stylesheets/**/*.scss'
+plugin_directories: ['.scss-linters']
+
+# List of gem names to load custom linters from (make sure they are already
+# installed)
+plugin_gems: []
+
+linters:
+  BangFormat:
+    enabled: true
+    space_before_bang: true
+    space_after_bang: false
+
+  BemDepth:
+    enabled: false
+    max_elements: 1
+
+  BorderZero:
+    enabled: true
+    convention: zero # or `none`
+
+  ColorKeyword:
+    enabled: true
+
+  ColorVariable:
+    enabled: true
+
+  Comment:
+    enabled: true
+
+  DebugStatement:
+    enabled: true
+
+  DeclarationOrder:
+    enabled: true
+
+  DisableLinterReason:
+    enabled: true
+
+  DuplicateProperty:
+    enabled: true
+
+  ElsePlacement:
+    enabled: true
+    style: same_line # or 'new_line'
+
+  EmptyLineBetweenBlocks:
+    enabled: true
+    ignore_single_line_blocks: true
+
+  EmptyRule:
+    enabled: true
+
+  ExtendDirective:
+    enabled: false
+
+  FinalNewline:
+    enabled: true
+    present: true
+
+  HexLength:
+    enabled: true
+    style: short # or 'long'
+
+  HexNotation:
+    enabled: true
+    style: lowercase # or 'uppercase'
+
+  HexValidation:
+    enabled: true
+
+  IdSelector:
+    enabled: false
+
+  ImportantRule:
+    enabled: true
+
+  ImportPath:
+    enabled: true
+    leading_underscore: false
+    filename_extension: false
+
+  Indentation:
+    enabled: true
+    allow_non_nested_indentation: false
+    character: space # or 'tab'
+    width: 2
+
+  LeadingZero:
+    enabled: true
+    style: exclude_zero # or 'include_zero'
+
+  MergeableSelector:
+    enabled: true
+    force_nesting: true
+
+  NameFormat:
+    enabled: true
+    allow_leading_underscore: true
+    convention: hyphenated_lowercase # or 'camel_case', or 'snake_case', or a regex pattern
+
+  NestingDepth:
+    enabled: true
+    max_depth: 3
+    ignore_parent_selectors: false
+
+  PlaceholderInExtend:
+    enabled: true
+
+  PropertyCount:
+    enabled: false
+    include_nested: false
+    max_properties: 10
+
+  PropertySortOrder:
+    enabled: true
+    ignore_unspecified: false
+    min_properties: 2
+    separate_groups: false
+
+  PropertySpelling:
+    enabled: true
+    extra_properties: []
+
+  PropertyUnits:
+    enabled: true
+    global: [
+      'ch', 'em', 'ex', 'rem',                 # Font-relative lengths
+      'cm', 'in', 'mm', 'pc', 'pt', 'px', 'q', # Absolute lengths
+      'vh', 'vw', 'vmin', 'vmax',              # Viewport-percentage lengths
+      'deg', 'grad', 'rad', 'turn',            # Angle
+      'ms', 's',                               # Duration
+      'Hz', 'kHz',                             # Frequency
+      'dpi', 'dpcm', 'dppx',                   # Resolution
+      '%']                                     # Other
+    properties: {}
+
+  QualifyingElement:
+    enabled: true
+    allow_element_with_attribute: false
+    allow_element_with_class: false
+    allow_element_with_id: false
+
+  SelectorDepth:
+    enabled: true
+    max_depth: 3
+
+  SelectorFormat:
+    enabled: true
+    convention: hyphenated_lowercase # or 'strict_BEM', or 'hyphenated_BEM', or 'snake_case', or 'camel_case', or a regex pattern
+
+  Shorthand:
+    enabled: true
+    allowed_shorthands: [1, 2, 3]
+
+  SingleLinePerProperty:
+    enabled: true
+    allow_single_line_rule_sets: true
+
+  SingleLinePerSelector:
+    enabled: true
+
+  SpaceAfterComma:
+    enabled: true
+
+  SpaceAfterPropertyColon:
+    enabled: true
+    style: one_space # or 'no_space', or 'at_least_one_space', or 'aligned'
+
+  SpaceAfterPropertyName:
+    enabled: true
+
+  SpaceAfterVariableName:
+    enabled: true
+
+  SpaceAroundOperator:
+    enabled: true
+    style: one_space # or 'no_space'
+
+  SpaceBeforeBrace:
+    enabled: true
+    style: space # or 'new_line'
+    allow_single_line_padding: false
+
+  SpaceBetweenParens:
+    enabled: true
+    spaces: 0
+
+  StringQuotes:
+    enabled: true
+    style: single_quotes # or double_quotes
+
+  TrailingSemicolon:
+    enabled: true
+
+  TrailingWhitespace:
+    enabled: true
+
+  TrailingZero:
+    enabled: false
+
+  TransitionAll:
+    enabled: false
+
+  UnnecessaryMantissa:
+    enabled: true
+
+  UnnecessaryParentReference:
+    enabled: true
+
+  UrlFormat:
+    enabled: true
+
+  UrlQuotes:
+    enabled: true
+
+  VariableForProperty:
+    enabled: false
+    properties: []
+
+  VendorPrefix:
+    enabled: true
+    identifier_list: base
+    additional_identifiers: []
+    excluded_identifiers: []
+
+  ZeroUnit:
+    enabled: true
+
+  Compass::*:
+    enabled: false

.travis.yml

@@ -1,35 +0,0 @@
-language: ruby
-
-rvm:
-  - 2.1
-  - 2.0
-
-env:
-  - DB=postgres BUILD_TYPE=other
-  - DB=mysql BUILD_TYPE=other
-  - DB=postgres BUILD_TYPE=cucumber
-  - DB=mysql BUILD_TYPE=cucumber
-
-sudo: false
-cache:
-  bundler: true
-  directories:
-    - app/assets/images
-
-branches:
-  only:
-    - 'master'
-    - 'stable'
-    - 'develop'
-
-before_install: gem install bundler
-bundler_args: "--without development production heroku --jobs 3 --retry 3"
-
-script: "./script/ci/build.sh"
-
-notifications:
-  irc:
-    channels:
-      - "irc.freenode.org:6667#diaspora-dev"
-    template:
-      - "%{repository_slug}#%{commit} (%{branch} - %{commit_subject}): %{message} %{build_url}"

CODE_OF_CONDUCT.md

@@ -1,22 +1,74 @@
-# Contributor Code of Conduct
+# Contributor Covenant Code of Conduct
 
-As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
+## Our Pledge
 
-We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, religion, or nationality.
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
 
 Examples of unacceptable behavior by participants include:
 
-* The use of sexualized language or imagery
-* Personal attacks
-* Trolling or insulting/derogatory comments
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
 * Public or private harassment
-* Publishing other's private information, such as physical or electronic addresses, without explicit permission
-* Other unethical or unprofessional conduct.
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
 
-Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. By adopting this Code of Conduct, project maintainers commit themselves to fairly and consistently applying these principles to every aspect of managing this project. Project maintainers who do not follow or enforce the Code of Conduct may be permanently removed from the project team.
+## Our Responsibilities
 
-This code of conduct applies both within project spaces and in public spaces when an individual is representing the project or its community.
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
 
-Instances of abusive, harassing, or otherwise unacceptable behavior should be reported by sending an email to [team@diasporafoundation.org](mailto:team@diasporafoundation.org).
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
 
-This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.2.0, available at [http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/)
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at [team@diasporafoundation.org](mailto:team@diasporafoundation.org). All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

CONTRIBUTING.md

@@ -0,0 +1,42 @@
+# Contributing to diaspora\*
+
+First of all: thank you very much for helping us out!
+
+## Things you need to know before contributing
+
+If you want to get in touch with other diaspora\* developers, [check our wiki][how-we-communicate] for information on how we communicate. Feel free to ask if you have any questions!
+
+Everyone interacting with our code, issue trackers, chat rooms, mailing lists, the wiki, and the discourse forum is expected to follow the [diaspora\* code of conduct][code-of-conduct].
+
+## Report a security issue
+
+Found a security issue? Please disclose it responsibly. We have a team of developers listening to [security@diasporafoundation.org][sec-mail]. The PGP fingerprint is [AB0D AB02 0FC5 D398 03AB 3CE1 6F70 243F 27AD 886A][pgp].
+
+## Contributing to translations
+
+We use [WebTranslateIt][webtranslateit] to manage translations of the app interface. Please read [our wiki page][translation-wiki] to find out more about this. If your language is featured on WebTranslateIt, please do **not** open a pull request to update translations. If it is not already featured on WebTranslateIt, please read the wiki article above to find out how to proceed.
+
+## Contributing to the code
+
+**Before opening a pull request** please read [how to contribute][contribute]. Doing things the right way from the start will save us time and mean that your contribution can be integrated quicker!
+- Follow our [git workflow][git-workflow] method. In particular, *do not* open a pull request from the `master` or the `develop` branch.
+- Follow our [styleguide][styleguide] and run pronto, our syntax analyzer, **locally before opening a pull request**. See [our wiki][pronto] for information on how to do this.
+- [Write tests][testing-workflow].
+- Use meaningful commit-messages and split larger tasks, e.g. refactoring, into separate commits. This makes the review process much easier.
+
+## Other ways to contribute
+
+You don’t know code? No worries, there are plenty other ways to help the diaspora* project! Please find out how you can help [on our wiki][other-ways].
+
+[code-of-conduct]: https://github.com/diaspora/diaspora/blob/develop/CODE_OF_CONDUCT.md
+[how-we-communicate]: https://wiki.diasporafoundation.org/How_we_communicate
+[pgp]: https://pgp.mit.edu/pks/lookup?op=get&search=0x6F70243F27AD886A
+[sec-mail]: mailto:security@diasporafoundation.org
+[webtranslateit]: https://webtranslateit.com/en/projects/3020-Diaspora
+[translation-wiki]: https://wiki.diasporafoundation.org/Contribute_translations
+[contribute]: https://wiki.diasporafoundation.org/Getting_started_with_contributing
+[git-workflow]: https://wiki.diasporafoundation.org/Git_Workflow
+[styleguide]: https://wiki.diasporafoundation.org/Styleguide
+[pronto]: https://wiki.diasporafoundation.org/Styleguide#Automatic_local_review
+[testing-workflow]: https://wiki.diasporafoundation.org/Testing_Workflow
+[other-ways]: https://wiki.diasporafoundation.org/Other_ways_to_contribute

FederationProcfile

@@ -1,6 +0,0 @@
-web1: env RAILS_ENV=integration1 bundle exec rails s -p 3001
-worker1: env RAILS_ENV=integration1 VVERBOSE=1 QUEUE=* bundle exec rake resque:work
-redis1: env RAILS_ENV=integration1 redis-server ./redis-integration1.conf
-web2: env RAILS_ENV=integration2 bundle exec rails s -p 3002
-worker2: env RAILS_ENV=integration2 VVERBOSE=1 QUEUE=* bundle exec rake resque:work
-redis2: env RAILS_ENV=integration2 redis-server ./redis-integration2.conf

Gemfile

@@ -1,214 +1,195 @@
+# frozen_string_literal: true
+
 source "https://rubygems.org"
 
-gem "rails", "4.2.4"
+gem "rails", "6.1.7.8"
+
+# needed for actionmailer, can be removed when upgrading to rails 7
+gem "net-imap", require: false
+gem "net-pop", require: false
+gem "net-smtp", require: false
 
 # Legacy Rails features, remove me!
 # responders (class level)
-gem "responders", "2.1.0"
+gem "responders", "3.1.1"
 
 # Appserver
 
-gem "unicorn", "4.9.0", require: false
+gem "puma", "6.4.2", require: false
 
 # Federation
 
-gem "diaspora_federation-rails", "0.0.8"
+gem "diaspora_federation-json_schema", "1.1.0"
+gem "diaspora_federation-rails",       "1.1.0"
 
 # API and JSON
 
-gem "acts_as_api", "0.4.2"
-gem "json",        "1.8.3"
-gem "json-schema", "2.5.1"
+gem "acts_as_api", "1.0.1"
+gem "json",        "2.7.2"
+gem "json-schema", "4.3.0"
+gem "yajl-ruby",   "1.4.3"
 
 # Authentication
 
-gem "devise", "3.5.2"
+gem "devise", "4.9.4"
 gem "devise_lastseenable", "0.0.6"
-gem "devise-token_authenticatable", "~> 0.4.0"
+gem "devise-two-factor", "4.1.0"
+gem "rqrcode", "2.2.0"
 
 # Captcha
 
-gem "simple_captcha2", "0.3.4", require: "simple_captcha"
+gem "simple_captcha2", "0.5.0", require: "simple_captcha"
 
 # Background processing
 
-gem "sidekiq", "3.4.2"
-gem "sinatra", "1.4.6"
+gem "redis", "4.8.1"
+gem "sidekiq", "6.5.12"
 
 # Scheduled processing
 
-gem "sidetiq", "0.6.3"
+gem "sidekiq-cron", "1.12.0"
 
 # Compression
 
-gem "uglifier", "2.7.2"
+gem "terser", "1.2.2"
 
 # Configuration
 
-gem "configurate", "0.3.1"
+gem "configurate", "0.6.0"
+gem "toml-rb", "3.0.1"
 
 # Cross-origin resource sharing
 
-gem "rack-cors", "0.4.0", require: "rack/cors"
+gem "rack-cors", "2.0.2", require: "rack/cors"
 
 # CSS
 
-gem "bootstrap-sass", "2.3.2.2"
-gem "compass-rails",  "2.0.5"
-gem "sass-rails",     "5.0.4"
-gem "autoprefixer-rails", "6.0.3"
+gem "autoprefixer-rails",     "10.4.16.0"
+gem "bootstrap-sass",         "3.4.1"
+gem "bootstrap-switch-rails", "3.3.3" # 3.3.4 and 3.3.5 is broken, see https://github.com/Bttstrp/bootstrap-switch/issues/691
+gem "sassc-rails",            "2.1.2"
+gem "sprockets-rails",        "3.4.2"
 
 # Database
 
-ENV["DB"] ||= "mysql"
+group :mysql, optional: true do
+  gem "mysql2", "0.5.6"
+end
+group :postgresql, optional: true do
+  gem "pg",     "1.5.6"
+end
 
-gem "mysql2", "0.3.20" if ENV["DB"] == "all" || ENV["DB"] == "mysql"
-gem "pg",     "0.18.3" if ENV["DB"] == "all" || ENV["DB"] == "postgres"
-
-gem "activerecord-import", "0.10.0"
+gem "activerecord-import", "1.7.0"
 
 # File uploading
 
-gem "carrierwave", "0.10.0"
-gem "fog",         "1.34.0"
-gem "mini_magick", "4.3.3"
-gem "remotipart",  "1.2.1"
+gem "carrierwave", "3.0.7"
+gem "fog-aws",     "3.22.0"
+gem "mini_magick", "4.12.0"
 
 # GUID generation
-gem "uuid", "2.3.8"
-
-# Icons
-
-gem "entypo-rails", "2.2.3"
+gem "uuid", "2.3.9"
 
 # JavaScript
 
-gem "backbone-on-rails", "1.2.0.0"
-gem "handlebars_assets", "0.20.2"
-gem "jquery-rails",      "4.0.5"
-gem "jquery-ui-rails",   "5.0.5"
-gem "js_image_paths",    "0.0.2"
-gem "js-routes",         "1.1.2"
-
-source "https://rails-assets.org" do
-  gem "rails-assets-jquery",                              "1.11.2" # Should be kept in sync with jquery-rails
-
-  gem "rails-assets-markdown-it",                         "5.0.0"
-  gem "rails-assets-markdown-it-hashtag",                 "0.4.0"
-  gem "rails-assets-markdown-it-diaspora-mention",        "0.4.0"
-  gem "rails-assets-markdown-it-sanitizer",               "0.4.0"
-  gem "rails-assets-markdown-it--markdown-it-for-inline", "0.1.1"
-  gem "rails-assets-markdown-it-sub",                     "1.0.0"
-  gem "rails-assets-markdown-it-sup",                     "1.0.0"
-  gem "rails-assets-highlightjs",                         "8.8.0"
-
-  # jQuery plugins
-
-  gem "rails-assets-jeresig--jquery.hotkeys",       "0.2.0"
-  gem "rails-assets-jquery-placeholder",            "2.1.2"
-  gem "rails-assets-jquery-textchange",             "0.2.3"
-  gem "rails-assets-perfect-scrollbar",             "0.6.7"
-  gem "rails-assets-jakobmattsson--jquery-elastic", "1.6.11"
-end
-
-gem "facebox-rails", "0.2.0"
+gem "babel-transpiler",  "0.7.0"
+gem "handlebars_assets", "0.23.9"
+gem "jquery-rails",      "4.6.0"
+gem "jquery-ui-rails",   "7.0.0"
+gem "js_image_paths",    "0.2.0"
+gem "js-routes",         "2.2.8"
 
 # Localization
 
-gem "http_accept_language", "2.0.5"
-gem "i18n-inflector-rails", "1.0.7"
-gem "rails-i18n",           "4.0.5"
+gem "http_accept_language", "2.1.1"
+gem "rails-i18n",           "7.0.9"
 
-# Mail
-
-gem "markerb",             "1.1.0"
-gem "messagebus_ruby_api", "1.0.3"
+# Map
+gem "leaflet-rails", "1.9.4"
 
 # Parsing
 
-gem "nokogiri",          "1.6.6.2"
-gem "redcarpet",         "3.3.2"
-gem "twitter-text",      "1.13.0"
-gem "roxml",             "3.1.6"
-gem "ruby-oembed",       "0.8.14"
-gem "open_graph_reader", "0.6.1"
+gem "nokogiri",          "1.16.5"
+gem "open_graph_reader", "0.9.1" # also update User-Agent in features/support/webmock.rb and open_graph_cache_spec.rb
+gem "redcarpet",         "3.6.0"
+gem "ruby-oembed",       "0.17.0"
+gem "twitter-text",      "3.1.0"
+
+# Rate limitting
+
+gem "rack-attack", "6.7.0"
+
+# RTL support
+
+gem "string-direction", "1.2.2"
+
+# Security Headers
+
+gem "secure_headers", "6.5.0"
 
 # Services
 
-gem "omniauth",           "1.2.2"
-gem "omniauth-facebook",  "2.0.1"
-gem "omniauth-tumblr",    "1.1"
-gem "omniauth-twitter",   "1.2.1"
-gem "twitter",            "5.15.0"
-gem "omniauth-wordpress", "0.2.2"
+gem "omniauth",                       "2.1.2"
+gem "omniauth-rails_csrf_protection", "1.0.2"
+gem "omniauth-tumblr",                "1.2"
+gem "omniauth-twitter",               "1.4.0"
+gem "omniauth-wordpress",             "0.2.2"
+gem "twitter",                        "8.0.0"
+
+# OpenID Connect
+gem "openid_connect", "2.3.0"
 
 # Serializers
 
-gem "active_model_serializers", "0.9.3"
-
-# XMPP chat dependencies
-gem "diaspora-vines",             "~> 0.2.0.develop"
-gem "rails-assets-diaspora_jsxc", "~> 0.1.4.alpha", "< 0.1.4.develop", source: "https://rails-assets.org"
+gem "active_model_serializers", "0.9.12"
 
 # Tags
 
-gem "acts-as-taggable-on", "3.5.0"
+gem "acts-as-taggable-on", "10.0.0"
 
 # URIs and HTTP
 
-gem "addressable",        "2.3.8", require: "addressable/uri"
-gem "faraday",            "0.9.1"
-gem "faraday_middleware", "0.10.0"
-gem "faraday-cookie_jar", "0.0.6"
-gem "typhoeus",           "0.8.0"
+gem "addressable",              "2.8.6", require: "addressable/uri"
+gem "faraday",                  "2.9.0"
+gem "faraday-cookie_jar",       "0.0.7"
+gem "faraday-follow_redirects", "0.3.0"
+gem "faraday-typhoeus",         "1.1.0", require: false
+gem "typhoeus",                 "1.4.1"
 
 # Views
 
-gem "gon",                     "6.0.1"
-gem "haml",                    "4.0.7"
-gem "mobile-fu",               "1.3.1"
-gem "will_paginate",           "3.0.7"
-gem "rails-timeago",           "2.11.0"
+gem "gon",                     "6.4.0"
+gem "hamlit",                  "3.0.3"
+gem "mobile-fu",               "1.4.0"
+gem "rails-timeago",           "2.20.0"
+gem "will_paginate",           "4.0.0"
 
 # Logging
 
-gem "logging-rails", "0.5.0", require: "logging/rails"
+gem "logging-rails", "0.6.0", require: "logging/rails"
 
 # Reading and writing zip files
 
-gem "rubyzip", "1.1.7"
+gem "rubyzip", "2.3.2", require: "zip"
 
 # Prevent occasions where minitest is not bundled in
 # packaged versions of ruby. See following issues/prs:
 # https://github.com/gitlabhq/gitlabhq/issues/3826
 # https://github.com/gitlabhq/gitlabhq/pull/3852
 # https://github.com/discourse/discourse/pull/238
-gem "minitest"
+gem "minitest", "5.23.1"
 
-# Windows and OSX have an execjs compatible runtime built-in, Linux users should
-# install Node.js or use "therubyracer".
-#
-# See https://github.com/sstephenson/execjs#readme for more supported runtimes
-
-# gem "therubyracer", :platform => :ruby
+gem "versionist", "2.0.1"
 
 group :production do # we don"t install these on travis to speed up test runs
-  # Administration
-
-  gem "rails_admin", "0.7.0"
-
   # Analytics
 
   gem "rack-google-analytics", "1.2.0"
   gem "rack-piwik",            "0.3.0",  require: "rack/piwik"
 
-  # Click-jacking protection
-
-  gem "rack-protection", "1.5.3"
-
   # Process management
 
-  gem "eye", "0.7"
+  gem "foreman", "0.88.1", require: false
 
   # Redirects
 
@@ -217,73 +198,72 @@ group :production do # we don"t install these on travis to speed up test runs
 
   # Third party asset hosting
 
-  gem "asset_sync", "1.1.0", require: false
+  gem "asset_sync", "2.19.1", require: false
 end
 
 group :development do
-  # Automatic test runs
-  gem "guard-cucumber", "1.5.4"
-  gem "guard-jshintrb", "1.1.1"
-  gem "guard-rspec",    "4.6.4"
-  gem "guard-rubocop",  "1.2.0"
-  gem "guard",          "2.13.0", require: false
-  gem "rb-fsevent",     "0.9.6", require: false
-  gem "rb-inotify",     "0.9.5", require: false
-
   # Linters
-  gem "jshintrb", "0.3.0"
-  gem "rubocop",  "0.32.1"
+  gem "haml_lint",      "0.58.0", require: false
+  gem "pronto",         "0.11.2", require: false
+  gem "pronto-eslint",  "0.11.1", require: false
+  gem "pronto-haml",    "0.11.1", require: false
+  gem "pronto-rubocop", "0.11.5", require: false
+  gem "pronto-scss",    "0.11.0", require: false
+  gem "rubocop",        "1.64.0", require: false
+  gem "rubocop-rails",  "2.25.0", require: false
 
-  # Preloading environment
-
-  gem "spring", "1.4.0"
-  gem "spring-commands-rspec", "1.0.4"
-  gem "spring-commands-cucumber", "1.0.1"
+  gem "faraday-retry", require: false # used by pronto/octokit
 
   # Debugging
   gem "pry"
-  gem "pry-debundle"
   gem "pry-byebug"
 
   # test coverage
-  gem "simplecov", "0.10.0", require: false
+  gem "simplecov", "0.22.0", require: false
+
+  gem "turbo_dev_assets", "0.0.2"
+
+  gem "listen", "3.9.0"
 end
 
 group :test do
   # RSpec (unit tests, some integration tests)
 
-  gem "fixture_builder",   "0.4.1"
-  gem "fuubar",            "2.0.0"
-  gem "rspec-instafail",   "0.4.0", require: false
-  gem "test_after_commit", "0.4.1"
+  gem "fixture_builder",   "0.5.2"
+  gem "fuubar",            "2.5.1"
+  gem "rspec-json_expectations", "~> 2.1"
 
   # Cucumber (integration tests)
 
-  gem "capybara",           "2.5.0"
-  gem "database_cleaner" ,  "1.5.0"
-  gem "selenium-webdriver", "2.47.1"
+  gem "capybara",         "3.40.0"
+  gem "cuprite",          "0.15"
+  gem "database_cleaner-active_record", "2.1.0"
+
+  gem "cucumber-api-steps", "0.14", require: false
 
   # General helpers
 
-  gem "factory_girl_rails", "4.5.0"
-  gem "timecop",            "0.8.0"
-  gem "webmock",            "1.21.0", require: false
-  gem "shoulda-matchers",   "2.8.0", require: false
+  gem "factory_bot_rails", "6.4.3"
+  gem "shoulda-matchers",  "6.2.0"
+  gem "timecop",           "0.9.8"
+  gem "webmock",           "3.23.1", require: false
+
+  gem "diaspora_federation-test", "1.1.0"
 end
 
 group :development, :test do
   # RSpec (unit tests, some integration tests)
-  gem "rspec-rails",     "3.3.3"
+  gem "rspec-rails", "6.1.2"
 
   # Cucumber (integration tests)
-  gem "cucumber-rails",     "1.4.2", require: false
+  gem "cucumber-rails", "3.0.0", require: false
 
   # Jasmine (client side application tests (JS))
-  gem "jasmine",                   "2.3.1"
+  gem "chrome_remote",             "0.3.0"
+  gem "jasmine",                   "3.10.0"
   gem "jasmine-jquery-rails",      "2.0.3"
-  gem "rails-assets-jasmine-ajax", "3.2.0", source: "https://rails-assets.org"
   gem "sinon-rails",               "1.15.0"
 
-  # silence assets
-  gem "quiet_assets", "1.1.0"
+  # For `assigns` in controller specs
+  gem "rails-controller-testing", "1.0.5"
 end

Guardfile

@@ -1,45 +0,0 @@
-guard :rspec, cmd: "bin/spring rspec", all_on_start: false, all_after_pass: false do
-  watch(/^spec\/.+_spec\.rb$/)
-  watch(/^lib\/(.+)\.rb$/)       {|m| "spec/lib/#{m[1]}_spec.rb" }
-  watch(/spec\/spec_helper.rb/)  { "spec" }
-
-  # Rails example
-  watch(/^spec\/.+_spec\.rb$/)
-  watch(/^app\/(.+)\.rb$/)                            {|m| "spec/#{m[1]}_spec.rb" }
-  watch(/^lib\/(.+)\.rb$/)                            {|m| "spec/lib/#{m[1]}_spec.rb" }
-  watch(%r{^app/controllers/(.+)_(controller)\.rb$}) {|m|
-    ["spec/routing/#{m[1]}_routing_spec.rb",
-     "spec/#{m[2]}s/#{m[1]}_#{m[2]}_spec.rb",
-     "spec/acceptance/#{m[1]}_spec.rb"]
-  }
-  watch(%r{^spec/support/(.+)\.rb$})                  { "spec" }
-  watch("spec/spec_helper.rb")                        { "spec" }
-  watch("config/routes.rb")                           { "spec/routing" }
-  watch("app/controllers/application_controller.rb")  { "spec/controllers" }
-
-  # Capybara request specs
-  watch(%r{^app/views/(.+)/.*\.(erb|haml)$})          {|m| "spec/requests/#{m[1]}_spec.rb" }
-end
-
-guard(:cucumber,
-      command_prefix: "bin/spring",
-      bundler:        false,
-      all_on_start:   false,
-      all_after_pass: false) do
-  watch(/^features\/.+\.feature$/)
-  watch(%r{^features/support/.+$})          { "features" }
-  watch(%r{^features/step_definitions/(.+)_steps\.rb$}) {|m|
-    Dir[File.join("**/#{m[1]}.feature")][0] || "features"
-  }
-end
-
-guard :rubocop, all_on_start: false, keep_failed: false do
-  watch(/(?:app|config|db|lib|features|spec)\/.+\.rb$/)
-  watch(/(config.ru|Gemfile|Guardfile|Rakefile)$/)
-end
-
-guard :jshintrb do
-  watch(/^app\/assets\/javascripts\/.+\.js$/)
-  watch(/^lib\/assets\/javascripts\/.+\.js$/)
-  watch(/^spec\/javascripts\/.+\.js$/)
-end

Procfile

@@ -1,2 +1,2 @@
-web: bin/bundle exec unicorn -c config/unicorn.rb -p $PORT
+web: bin/puma -C config/puma.rb
 sidekiq: bin/bundle exec sidekiq

README.md

@@ -1,26 +1,18 @@
-# diaspora*
+# diaspora\*
 ### A privacy-aware, distributed, open source social network
 
-**master:** [![Build Status master](https://secure.travis-ci.org/diaspora/diaspora.png?branch=master)](http://travis-ci.org/diaspora/diaspora)
-**stable:** [![Build Status stable](https://secure.travis-ci.org/diaspora/diaspora.png?branch=stable)](http://travis-ci.org/diaspora/diaspora) |
-**develop:** [![Build Status develop](https://secure.travis-ci.org/diaspora/diaspora.png?branch=develop)](http://travis-ci.org/diaspora/diaspora) |
-[![Dependency Status](https://gemnasium.com/diaspora/diaspora.png?travis)](https://gemnasium.com/diaspora/diaspora)
-[![Code Climate](https://codeclimate.com/github/diaspora/diaspora.png)](https://codeclimate.com/github/diaspora/diaspora)
-
 [Project site](https://diasporafoundation.org) |
 [Wiki](https://wiki.diasporafoundation.org) |
-[Bugtracker](http://github.com/diaspora/diaspora/issues) |
-[Discussions](https://www.loomio.org/groups/194) |
-[Mailing lists](https://wiki.diasporafoundation.org/How_We_Communicate#Mailing_Lists) |
+[Bugtracker](https://github.com/diaspora/diaspora/issues) |
+[Discussions and Support](https://discourse.diasporafoundation.org/) |
 [License](/COPYRIGHT) |
 [Authors](https://github.com/diaspora/diaspora/contributors)
 
 ## Installation
 
+You don't have to install diaspora\* to use the network. There are many servers connected to diaspora\*s network which are open to anyone, and you can create an account on one of these servers. Have a look at our [tips for finding a home](https://wiki.diasporafoundation.org/Choosing_a_pod), or you can just go straight to the [list of open servers](https://diaspora.fediverse.observer) to sign up.
 
-You don't have to install diaspora* to use the network. There are many servers connected to diaspora*s network which are open to anyone, and you can create an account on one of these servers. Have a look at our [tips for finding a home](https://wiki.diasporafoundation.org/Choosing_a_pod), or you can just go straight to the [list of open servers](http://podupti.me) to sign up.
-
-Want to own your data and install diaspora*? Whether you just want to try it out, want to install it on your server or want to contribute and need a development setup, our [installation guides](https://wiki.diasporafoundation.org/Installation) will get you started!
+Want to own your data and install diaspora\*? Whether you just want to try it out, want to install it on your server or want to contribute and need a development setup, our [installation guides](https://wiki.diasporafoundation.org/Installation) will get you started!
 
 ## Questions?
 
@@ -30,11 +22,10 @@ Still haven't found an answer? Talk to us! Read [how we communicate](https://wik
 
 ## Contribute
 
-To keep diaspora*  growing and improving we need all help we can get. Whether you can contribute [code](https://wiki.diasporafoundation.org/Getting_started_with_contributing), [ideas](https://wiki.diasporafoundation.org/How_we_communicate#Loomio), [translations](https://wiki.diasporafoundation.org/Contribute_translations), [bug reports](https://wiki.diasporafoundation.org/How_to_report_a_bug) or simply extend the community as a [helpful user](https://wiki.diasporafoundation.org/Welcoming_committee) or [pod administrator](https://wiki.diasporafoundation.org/Installation), your help is welcome!
+To keep diaspora\* growing and improving we need all help we can get. Whether you can contribute [code](https://wiki.diasporafoundation.org/Getting_started_with_contributing), [ideas](https://wiki.diasporafoundation.org/How_we_communicate#Discourse), [translations](https://wiki.diasporafoundation.org/Contribute_translations), [bug reports](https://wiki.diasporafoundation.org/How_to_report_a_bug) or simply extend the community as a [helpful user](https://wiki.diasporafoundation.org/Welcoming_committee) or [pod administrator](https://wiki.diasporafoundation.org/Installation), your help is welcome!
 
-Everyone interacting in diaspora’s codebases, issue trackers, chat rooms, mailing lists, the wiki, and the Loomio group is expected to follow the diaspora\* [code of conduct](/CODE_OF_CONDUCT.md).
+Everyone interacting in diaspora’s codebases, issue trackers, chat rooms, the wiki, and the Discourse is expected to follow the diaspora\* [code of conduct](/CODE_OF_CONDUCT.md).
 
 ## Security
 
-Found a security issue? Please disclose it responsibly. We have a team of developers listening to [security@diasporafoundation.org](mailto:security@diasporafoundation.org). The PGP fingerprint is [AB0D AB02 0FC5 D398 03AB 3CE1 6F70 243F 27AD 886A](http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x6F70243F27AD886A)
-
+See [`SECURITY.md`](/SECURITY.md) for instructions on how to responsibly report a security vulnerability.

Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 #   Copyright (c) 2010-2011, Diaspora Inc.  This file is
 #   licensed under the Affero General Public License version 3 or later.  See
 #   the COPYRIGHT file.

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+We support the latest stable release, as well as the current state of the `next-minor` and `develop` branches. Security issues for older releases are out of scope.
+
+## Reporting a Vulnerability
+
+Found a security issue? Please disclose it responsibly. We have a team of developers listening to [security@diasporafoundation.org](mailto:security@diasporafoundation.org). The PGP fingerprint is [AB0D AB02 0FC5 D398 03AB 3CE1 6F70 243F 27AD 886A](https://pgp.mit.edu/pks/lookup?op=get&search=0x6F70243F27AD886A).

app/assets/config/manifest.js

@@ -0,0 +1,13 @@
+//= link_tree ../images
+
+//= link main.js
+//= link mobile/mobile.js
+//= link contact-list.js
+//= link jquery3.js
+//= link jquery_ujs.js
+//= link bookmarklet.js
+//= link mobile/bookmarklet.js
+
+//= link admin.css
+//= link error_pages.css
+//= link rtl.css

app/assets/images/buttons/liberapay-button.svg

@@ -0,0 +1,10 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="83" height="30">
+  <rect id="back" fill="#f6c915" x="1" y=".5" width="82" height="29" rx="4"/>
+  <svg viewBox="0 0 80 80" height="16" width="16" x="7" y="7">
+    <g transform="translate(-78.37-208.06)" fill="#1a171b">
+      <path d="m104.28 271.1c-3.571 0-6.373-.466-8.41-1.396-2.037-.93-3.495-2.199-4.375-3.809-.88-1.609-1.308-3.457-1.282-5.544.025-2.086.313-4.311.868-6.675l9.579-40.05 11.69-1.81-10.484 43.44c-.202.905-.314 1.735-.339 2.489-.026.754.113 1.421.415 1.999.302.579.817 1.044 1.546 1.395.729.353 1.747.579 3.055.679l-2.263 9.278"/>
+      <path d="m146.52 246.14c0 3.671-.604 7.03-1.811 10.07-1.207 3.043-2.879 5.669-5.01 7.881-2.138 2.213-4.702 3.935-7.693 5.167-2.992 1.231-6.248 1.848-9.767 1.848-1.71 0-3.42-.151-5.129-.453l-3.394 13.651h-11.162l12.52-52.19c2.01-.603 4.311-1.143 6.901-1.622 2.589-.477 5.393-.716 8.41-.716 2.815 0 5.242.428 7.278 1.282 2.037.855 3.708 2.024 5.02 3.507 1.307 1.484 2.274 3.219 2.904 5.205.627 1.987.942 4.11.942 6.373m-27.378 15.461c.854.202 1.91.302 3.167.302 1.961 0 3.746-.364 5.355-1.094 1.609-.728 2.979-1.747 4.111-3.055 1.131-1.307 2.01-2.877 2.64-4.714.628-1.835.943-3.858.943-6.071 0-2.161-.479-3.998-1.433-5.506-.956-1.508-2.615-2.263-4.978-2.263-1.61 0-3.118.151-4.525.453l-5.28 21.948"/>
+    </g>
+  </svg>
+  <text fill="#1a171b" text-anchor="middle" font-family="Helvetica Neue,Helvetica,Arial,sans-serif" font-weight="700" font-size="14" x="50" y="20">Donate</text>
+</svg>

app/assets/images/fonts/svg-icons/compose_mobile.svg

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   version="1.1"
+   viewBox="0 0 744.09448819 1052.3622047"
+   height="40px"
+   width="40px">
+  <g
+     style="display:inline"
+     id="layer1"
+     transform="matrix(4.9383994,0,0,5.2618096,-1527.6262,-2214.8726)">
+    <path
+       id="path3511"
+       d="m 278.125,520.93362 0,-100 79.0625,0.0138 c 43.48437,0.008 81.17062,0.36221 83.74721,0.7881 3.3747,0.55781 6.95755,2.85698 12.8125,8.22198 l 8.12779,7.44764 0,16.13926 0,16.13926 -10,0 -10,0 -0.0158,-10.3125 -0.0157,-10.3125 -6.77054,-5.9375 -6.77057,-5.9375 -66.3387,0 -66.33869,0 0,83.75 0,83.75 24.54911,0 24.54912,0 -0.77696,6.5625 c -0.47778,4.0355 -1.59948,7.16416 -2.91302,8.125 -1.57019,1.14856 -10.18586,1.5625 -32.52216,1.5625 l -30.38609,0 0,-100 z m 75.01385,98.75856 c -0.95897,-0.59267 0.76874,-9.48251 5.61079,-28.86997 l 6.99644,-28.01359 39.00196,-39.14467 c 21.45108,-21.52956 40.5209,-39.95144 42.37738,-40.9375 1.87165,-0.99411 6.78352,-1.79283 11.02537,-1.79283 l 7.64993,0 12.71105,12.39542 12.71105,12.39542 0,12.61571 0,12.6157 -39.44885,39.44886 -39.44886,39.44885 -19.28755,4.7892 c -18.3445,4.55503 -36.89916,6.90323 -39.89871,5.0494 z m 33.55295,-18.06936 c 3.68049,-0.97963 6.89841,-1.98775 7.15094,-2.24027 0.25252,-0.25253 -3.66299,-4.55375 -8.70115,-9.55828 l -9.16028,-9.09915 -2.11015,8.40052 c -2.09814,8.35273 -2.09435,8.41733 0.66474,11.35425 3.24463,3.45376 3.41414,3.46969 12.1559,1.14293 z m 66.1351,-79.11794 -5.26283,-5.36242 -24.7019,24.67873 -24.70189,24.67874 5.26282,5.36243 5.26282,5.36242 24.70191,-24.67873 24.70189,-24.67875 -5.26282,-5.36242 z"
+       style="fill:#fefefe"
+       inkscape:connector-curvature="0" />
+  </g>
+</svg>

app/assets/javascripts/api/authorization_page.js

@@ -0,0 +1,5 @@
+$(document).ready(function() {
+  $("#js-app-logo").on("error", function() {
+    $(this).attr("src", ImagePaths.get("user/default.png"));
+  });
+});

app/assets/javascripts/app/app.js

@@ -14,7 +14,7 @@
 //= require_tree ./collections
 //= require_tree ./views
 
-//= require perfect-scrollbar/perfect-scrollbar.jquery
+//= require perfect-scrollbar/dist/perfect-scrollbar
 
 var app = {
   collections: {},
@@ -46,25 +46,22 @@ var app = {
     app.router = new app.Router();
 
     this.setupDummyPreloads();
-    this.setupFacebox();
     this.setupUser();
+    this.setupAspects();
     this.setupHeader();
     this.setupBackboneLinks();
     this.setupGlobalViews();
     this.setupDisabledLinks();
+    this.setupForms();
+    this.setupAjaxErrorRedirect();
   },
 
   hasPreload : function(prop) {
     return !!(window.gon.preloads && window.gon.preloads[prop]); //returning boolean variable so that parsePreloads, which cleans up properly is used instead
   },
 
-  setPreload : function(prop, val) {
-    window.gon.preloads = window.gon.preloads || {};
-    window.gon.preloads[prop] = val;
-  },
-
   parsePreload : function(prop) {
-      if(!app.hasPreload(prop)) { return }
+      if(!app.hasPreload(prop)) { return; }
 
       var preload = window.gon.preloads[prop];
       delete window.gon.preloads[prop]; //prevent dirty state across navigates
@@ -82,20 +79,19 @@ var app = {
     app.currentUser = app.user(window.gon.user) || new app.models.User();
   },
 
+  setupAspects: function() {
+    app.aspects = new app.collections.Aspects(app.currentUser.get("aspects"));
+  },
+
   setupHeader: function() {
     if(app.currentUser.authenticated()) {
+      app.notificationsCollection = new app.collections.Notifications();
       app.header = new app.views.Header();
       $("header").prepend(app.header.el);
       app.header.render();
     }
   },
 
-  setupFacebox: function() {
-    $.facebox.settings.closeImage = ImagePaths.get('facebox/closelabel.png');
-    $.facebox.settings.loadingImage = ImagePaths.get('facebox/loading.gif');
-    $.facebox.settings.opacity = 0.75;
-  },
-
   setupBackboneLinks: function() {
     Backbone.history.start({pushState: true});
 
@@ -108,34 +104,21 @@ var app = {
 
       evt.preventDefault();
       var link = $(this);
-      if(link.data("stream-title") && link.data("stream-title").length) {
-        $(".stream_title").text(link.data("stream-title"));
-      } else {
-        $(".stream_title").text(link.text());
-      }
-
       $("html, body").animate({scrollTop: 0});
 
       // app.router.navigate doesn't tell us if it changed the page,
       // so we use Backbone.history.navigate instead.
       var change = Backbone.history.navigate(link.attr("href").substring(1) ,true);
       if(change === undefined) { Backbone.history.loadUrl(link.attr("href").substring(1)); }
+      app.notificationsCollection.fetch();
     });
   },
 
   setupGlobalViews: function() {
     app.hovercard = new app.views.Hovercard();
-    $('.aspect_membership_dropdown').each(function(){
-      new app.views.AspectMembership({el: this});
-    });
     app.sidebar = new app.views.Sidebar();
     app.backToTop = new app.views.BackToTop({el: $(document)});
-  },
-
-  /* mixpanel wrapper function */
-  instrument : function(type, name, object, callback) {
-    if(!window.mixpanel) { return }
-    window.mixpanel[type](name, object, callback);
+    app.flashMessages = new app.views.FlashMessages({el: $("#flash-container")});
   },
 
   setupDisabledLinks: function() {
@@ -143,6 +126,36 @@ var app = {
       event.preventDefault();
     });
   },
+
+  setupForms: function() {
+    // add placeholder support for old browsers
+    $("input, textarea").placeholder();
+
+    // init autosize plugin
+    autosize($("textarea"));
+
+    // setup remote forms
+    $(document).on("ajax:success", "form[data-remote]", function() {
+      $(this).clearForm();
+      $(this).focusout();
+    });
+  },
+
+  setupAjaxErrorRedirect: function() {
+    var self = this;
+    // Binds the global ajax event. To prevent this, add
+    // preventGlobalErrorHandling: true
+    // to the settings of your ajax calls
+    $(document).ajaxError(function(evt, jqxhr, settings) {
+      if(jqxhr.status === 401 && !settings.preventGlobalErrorHandling) {
+        self._changeLocation(Routes.newUserSession());
+      }
+    });
+  },
+
+  _changeLocation: function(href) {
+    window.location.assign(href);
+  }
 };
 
 $(function() {

app/assets/javascripts/app/collections/aspect_memberships.js

@@ -1,6 +1,10 @@
 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
 
 app.collections.AspectMemberships = Backbone.Collection.extend({
-  model: app.models.AspectMembership
+  model: app.models.AspectMembership,
+
+  findByAspectId: function(id) {
+    return this.find(function(membership) { return membership.belongsToAspect(id); });
+  }
 });
 // @license-end

app/assets/javascripts/app/collections/aspect_selections.js

@@ -0,0 +1,31 @@
+// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
+
+app.collections.AspectSelections = Backbone.Collection.extend({
+  model: app.models.AspectSelection,
+
+  selectedGetAttribute: function(attribute) {
+    return _.pluck(_.filter(this.toJSON(), function(a) {
+      return a.selected;
+    }), attribute);
+  },
+
+  allSelected: function() {
+    return this.length === _.filter(this.toJSON(), function(a) { return a.selected; }).length;
+  },
+
+  selectAll: function() {
+    this.map(function(a) { a.set({"selected": true}); });
+  },
+
+  deselectAll: function() {
+    this.map(function(a) { a.set({"selected": false}); });
+  },
+
+  toSentence: function() {
+    var separator = Diaspora.I18n.t("comma") + " ";
+    var pattern = new RegExp(Diaspora.I18n.t("comma") + "\\s([^" + Diaspora.I18n.t("comma") + "]+)$");
+    return this.selectedGetAttribute("name").join(separator).replace(pattern, " " + Diaspora.I18n.t("and") + " $1")
+      || Diaspora.I18n.t("my_aspects");
+  }
+});
+// @license-end

app/assets/javascripts/app/collections/aspects.js

@@ -1,29 +1,7 @@
 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
 
 app.collections.Aspects = Backbone.Collection.extend({
-  model: app.models.AspectSelection,
-
-  selectedAspects: function(attribute){
-    return _.pluck(_.filter(this.toJSON(), function(a){
-              return a.selected;
-      }), attribute);
-  },
-
-  allSelected: function(){
-    return this.length === _.filter(this.toJSON(), function(a){ return a.selected; }).length;
-  },
-
-  selectAll: function(){
-    this.map(function(a){ a.set({ 'selected' : true })} );
-  },
-
-  deselectAll: function(){
-    this.map(function(a){ a.set({ 'selected' : false })} );
-  },
-
-  toSentence: function(){
-    var separator = Diaspora.I18n.t("comma") + ' ';
-    return this.selectedAspects('name').join(separator).replace(/,\s([^,]+)$/, ' ' + Diaspora.I18n.t("and") + ' $1') || Diaspora.I18n.t("my_aspects");
-  }
+  model: app.models.Aspect,
+  url: "/aspects"
 });
 // @license-end

app/assets/javascripts/app/collections/comments.js

@@ -2,21 +2,27 @@
 
 app.collections.Comments = Backbone.Collection.extend({
   model: app.models.Comment,
-  url: function() { return _.result(this.post, 'url') + '/comments'; },
+  url: function() {
+      return _.result(this.post, "url") + "/comments";
+  },
 
   initialize : function(models, options) {
     this.post = options.post;
   },
 
-  make : function(text){
+  make : function(text) {
     var self = this;
-
-    var comment = new app.models.Comment({text: text });
+    var comment = new app.models.Comment({"text": text}, {post: this.post});
 
     var deferred = comment.save({}, {
-      url: '/posts/'+this.post.id+'/comments',
+      url: "/posts/"+ this.post.id +"/comments",
       success: function() {
         comment.set({author: app.currentUser.toJSON(), parent: self.post });
+
+        // Need interactions after make
+        comment.interactions = new app.models.LikeInteractions(
+          _.extend({comment: comment, post: self.post}, comment.get("interactions"))
+        );
         self.add(comment);
       }
     });

app/assets/javascripts/app/collections/likes.js

@@ -4,7 +4,11 @@ app.collections.Likes = Backbone.Collection.extend({
   model: app.models.Like,
 
   initialize : function(models, options) {
-    this.url = "/posts/" + options.post.id + "/likes"; //not delegating to post.url() because when it is in a stream collection it delegates to that url
+    // A comment- like has a post reference and a comment reference
+    this.url = (options.comment != null) ?
+      // not delegating to post.url() because when it is in a stream collection it delegates to that url
+      "/comments/" + options.comment.id + "/likes" :
+      "/posts/" + options.post.id + "/likes";
   }
 });
 // @license-end

app/assets/javascripts/app/collections/notifications.js

@@ -0,0 +1,115 @@
+app.collections.Notifications = Backbone.Collection.extend({
+  model: app.models.Notification,
+  // URL parameter
+  /* eslint-disable camelcase */
+  url: Routes.notifications({per_page: 10, page: 1}),
+  /* eslint-enable camelcase */
+  page: 2,
+  perPage: 5,
+  unreadCount: 0,
+  unreadCountByType: {},
+  timeout: 300000, // 5 minutes
+
+  initialize: function() {
+    this.fetch();
+    setInterval(this.pollNotifications.bind(this), this.timeout);
+    Diaspora.BrowserNotification.requestPermission();
+  },
+
+  pollNotifications: function() {
+    var unreadCountBefore = this.unreadCount;
+    this.fetch();
+
+    this.once("finishedLoading", function() {
+      if (unreadCountBefore < this.unreadCount) {
+        Diaspora.BrowserNotification.spawnNotification(
+          Diaspora.I18n.t("notifications.new_notifications", {count: this.unreadCount}));
+      }
+    }, this);
+  },
+
+  fetch: function(options) {
+    options = options || {};
+    options.remove = false;
+    options.merge = true;
+    options.parse = true;
+    Backbone.Collection.prototype.fetch.apply(this, [options]);
+  },
+
+  fetchMore: function() {
+    var hasMoreNotifications = (this.page * this.perPage) <= this.length;
+    // There are more notifications to load on the current page
+    if (hasMoreNotifications) {
+      this.page++;
+      // URL parameter
+      /* eslint-disable camelcase */
+      var route = Routes.notifications({per_page: this.perPage, page: this.page});
+      /* eslint-enable camelcase */
+      this.fetch({url: route, pushBack: true});
+    }
+  },
+
+  /**
+   * Adds new models to the collection at the end or at the beginning of the collection and
+   * then fires an event for each model of the collection. It will fire a different event
+   * based on whether the models were added at the end (typically when the scroll triggers to load more
+   * notifications) or at the beginning (new notifications have been added to the front of the list).
+   */
+  set: function(items, options) {
+    options = options || {};
+    options.at = options.pushBack ? this.length : 0;
+
+    // Retreive back the new created models
+    var models = [];
+    var accu = function(model) { models.push(model); };
+    this.on("add", accu);
+    Backbone.Collection.prototype.set.apply(this, [items, options]);
+    this.off("add", accu);
+
+    if (options.pushBack) {
+      models.forEach(function(model) { this.trigger("pushBack", model); }.bind(this));
+    } else {
+      // Fires events in the reverse order so that the first event is prepended in first position
+      models.reverse();
+      models.forEach(function(model) { this.trigger("pushFront", model); }.bind(this));
+    }
+    this.trigger("finishedLoading");
+  },
+
+  parse: function(response) {
+    this.unreadCount = response.unread_count;
+    this.unreadCountByType = response.unread_count_by_type;
+
+    return _.map(response.notification_list, function(item) {
+      /* eslint-disable new-cap */
+      var model = new this.model(item);
+      /* eslint-enable new-cap */
+      model.on("userChangedUnreadStatus", this.onChangedUnreadStatus.bind(this));
+      model.on("change:unread", function() { this.trigger("update"); }.bind(this));
+      return model;
+    }.bind(this));
+  },
+
+  setAllRead: function() {
+    this.forEach(function(model) { model.setRead(); });
+  },
+
+  setRead: function(guid) {
+    this.find(function(model) { return model.guid === guid; }).setRead();
+  },
+
+  setUnread: function(guid) {
+    this.find(function(model) { return model.guid === guid; }).setUnread();
+  },
+
+  onChangedUnreadStatus: function(model) {
+    if (model.get("unread") === true) {
+      this.unreadCount++;
+      this.unreadCountByType[model.get("type")]++;
+    } else {
+      this.unreadCount = Math.max(this.unreadCount - 1, 0);
+      this.unreadCountByType[model.get("type")] = Math.max(this.unreadCountByType[model.get("type")] - 1, 0);
+    }
+    this.trigger("update");
+  }
+});