Merge branch 'next-minor' into develop

closes #8465

.eslintrc

@@ -2,7 +2,8 @@
   "env": {
     "browser": true,
     "jasmine": true,
-    "jquery": true
+    "jquery": true,
+    "es6": true
   },
 
   "globals": {
@@ -10,16 +11,16 @@
     "autosize": false,
     "Backbone": false,
     "Bloodhound": false,
+    "blueimp": false,
     "gon": false,
     "Handlebars": false,
     "HandlebarsTemplates": false,
     "ImagePaths": false,
-    "jsxc": false,
     "L": false,
-    "Routes": false,
     "OSM": false,
+    "PerfectScrollbar": false,
     "qq": false,
-    "blueimp": false,
+    "Routes": false,
 
     "loginAs": true,
     "logout": true,
@@ -96,7 +97,7 @@
     "no-catch-shadow": 0,
     "no-class-assign": 2,
     "no-cond-assign": 2,
-    "no-confusing-arrow": 2,
+    "no-confusing-arrow": [2, {"allowParens": true}],
     "no-console": 2,
     "no-const-assign": 2,
     "no-constant-condition": 2,

.github/workflows/ci.yml

@@ -0,0 +1,63 @@
+name: CI
+on:
+  push:
+    branches:
+      - develop
+      - next-minor
+      - main
+      - master
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - '3.2'
+          - '3.3'
+        db:
+          - mysql
+          - postgresql
+        kind:
+          - cucumber
+          - other
+    env:
+      DB: ${{ matrix.db }}
+      RAILS_ENV: test
+      BUNDLE_WITH: ${{ matrix.db }}
+      BUNDLE_WITHOUT: development
+      BUNDLE_FROZEN: true
+      BUNDLE_DISABLE_SHARED_GEMS: true
+    services:
+      postgres:
+        image: postgres
+        env:
+          POSTGRES_PASSWORD: postgres
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+    steps:
+      - name: Install system dependencies
+        run: sudo apt update && sudo apt install -y build-essential curl git gsfonts imagemagick libcurl4-openssl-dev libidn11-dev libmagickwand-dev libssl-dev libxml2-dev libxslt1-dev yarnpkg
+      - name: Start MySQL
+        run: sudo systemctl start mysql.service
+        if: matrix.db == 'mysql'
+      - uses: actions/checkout@v3
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: Prepare
+        run: script/ci/prepare.sh
+      - name: Run tests
+        run: bin/rake --trace ci:${{ matrix.kind }}
+      - name: Run Jasmine
+        run: bin/rake jasmine:ci
+        timeout-minutes: 2
+        if: matrix.kind == 'other'

.github/workflows/lint.yml

@@ -0,0 +1,62 @@
+## SECURITY WARNING:
+##
+## Do not change this job unless you know what you're doing.
+##
+## This GitHub Action runs on: pull_request_target, which means the jobs run in
+## a context where they have access to a Access Token with write access to the
+## target repo, even if the PR is opened from an external contributor from their
+## fork.
+##
+## This means that if we're not careful, we could be running third-party code
+## within an authenticated scope, which isn't good. To mitigate this, this
+## implementation does:
+##
+##   1. checkout the target branch (i.e. the project's original sources)
+##   2. install the Gems from there, and install them into a directory that's
+##      outside the repository contents.
+##   3. checkout the PRs HEAD
+##   4. restore a bunch of files that would allow code execution from the
+##      project's upstream sources, namely:
+##      - bin/bundle - we'll run that in our Job
+##      - Gemfile/Gemfile.lock - to avoid loading a gem with an identical
+##        version number from a in-repo vendored directory
+
+name: Lint
+on:
+  pull_request_target:
+
+permissions:
+  contents: read
+  statuses: write
+  pull-requests: write
+
+jobs:
+  pronto:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install system dependencies
+        run: sudo apt update && sudo apt install -y build-essential curl git gsfonts imagemagick libcurl4-openssl-dev libidn11-dev libmagickwand-dev libssl-dev libxml2-dev libxslt1-dev yarnpkg
+      - name: Checkout Target branch
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.base_ref }}
+          fetch-depth: 0
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: "3.1"
+          bundler-cache: true
+      - name: Checkout PR HEAD
+        run: |
+          git fetch -q origin +refs/pull/${{ github.event.pull_request.number }}/head:
+          git checkout -qf FETCH_HEAD
+      - name: Restore the bundle binstub and Gemfiles from the target branch
+        run: |
+          git restore -s ${{ github.base_ref }} -- bin/bundle
+          git restore -s ${{ github.base_ref }} -- Gemfile
+          git restore -s ${{ github.base_ref }} -- Gemfile.lock
+      - name: Run Pronto
+        run: bin/bundle exec pronto run -f github_status github_pr_review -c ${{ github.base_ref }}
+        env:
+          PRONTO_PULL_REQUEST_ID: ${{ github.event.pull_request.number }}
+          PRONTO_GITHUB_ACCESS_TOKEN: ${{ github.token }}
+

.gitignore

@@ -1,14 +1,10 @@
-# XMPP certificates, keys and user data
-config/certs/*.crt
-config/certs/*.key
-config/prosody.cfg.lua
-
 # Trademark sillyness
 app/views/home/_show.*
 app/views/terms/terms.*
 app/assets/images/custom/
 
 # Configuration files
+config/diaspora.toml
 config/diaspora.yml
 config/initializers/secret_token.rb
 .bundle
@@ -16,6 +12,7 @@ vendor/bundle/
 vendor/cache/
 config/database.yml
 config/oidc_key.pem
+config/schedule.yml
 
 # Generated files
 log/
@@ -50,9 +47,9 @@ public/source.tar*
 tmp/
 
 # Temporary files of every sort
+.byebug_history
 .sass-cache/
 .DS_Store
-.idea
 .redcar
 .stgit*
 *.swap
@@ -71,6 +68,8 @@ capybara-*.html
 *.rbc
 
 # IDE
+.idea
+.vscode
 diaspora.iml
 
 # Dolphin's directory's preferences files
@@ -78,3 +77,9 @@ diaspora.iml
 
 # WebTranslateIt
 .wti
+
+# MacOS
+/__MACOSX/
+
+# yarn
+node_modules

.rubocop.yml

@@ -1,23 +1,24 @@
+require: rubocop-rails
+
 AllCops:
-  TargetRubyVersion: 2.3
+  TargetRubyVersion: 3.0
+  NewCops: enable
   Exclude:
     - "bin/**/*"
     - "db/schema.rb"
-
-Rails:
-  Enabled: true
+    - "config/locales/cldr/plurals.rb"
 
 # Disable for rails 4
 Rails/HttpPositionalArguments:
   Enabled: false
 
 # Commonly used screens these days easily fit more than 80 characters.
-Metrics/LineLength:
+Layout/LineLength:
   Max: 120
 
 # Too short methods lead to extraction of single-use methods, which can make
 # the code easier to read (by naming things), but can also clutter the class
-Metrics/MethodLength: 
+Metrics/MethodLength:
   Max: 20
 
 # The guiding principle of classes is SRP, SRP can't be accurately measured by LoC
@@ -25,14 +26,20 @@ Metrics/ClassLength:
   Max: 1500
 Metrics/ModuleLength:
   Max: 1500
-  
-# Raise AbcSize from 15 to 20
+
+# Raise complexity metrics
 Metrics/AbcSize:
   Max: 20
 
+Metrics/CyclomaticComplexity:
+  Max: 20
+
+Metrics/PerceivedComplexity:
+  Max: 20
+
 # Some blocks are longer.
 Metrics/BlockLength:
-  ExcludedMethods:
+  AllowedMethods:
     - "namespace"
     - "create_table"
   Exclude:
@@ -50,16 +57,27 @@ Layout/SpaceAroundEqualsInParameterDefault:
 # are needed.
 Style/StringLiterals:
   EnforcedStyle: double_quotes
+  Exclude:
+    # These files are generated by rails, so it's best to keep them close to the original for smaller diffs
+    - "config/application.rb"
+    - "config/boot.rb"
+    - "config/environment.rb"
+    - "config/environments/*.rb"
 
 # We do not need to support Ruby 1.9, so this is good to use.
 Style/SymbolArray:
   Enabled: true
 
 # Most readable form.
-Layout/AlignHash:
+Layout/HashAlignment:
   EnforcedHashRocketStyle: table
   EnforcedColonStyle: table
 
+# This rule makes haml files less readable, as there is no 'end' there.
+Layout/CaseIndentation:
+  Exclude:
+    - "app/views/**/*"
+
 # Mixing the styles looks just silly.
 Style/HashSyntax:
  EnforcedStyle: ruby19_no_mixed_keys
@@ -78,7 +96,6 @@ Style/CollectionMethods:
     # inject seems more common in the community.
     reduce: "inject"
 
-
 # Either allow this style or don't. Marking it as safe with parenthesis
 # is silly. Let's try to live without them for now.
 Style/ParenthesesAroundCondition:
@@ -87,7 +104,7 @@ Lint/AssignmentInCondition:
   AllowSafeAssignment: false
 
 # A specialized exception class will take one or more arguments and construct the message from it.
-# So both variants make sense. 
+# So both variants make sense.
 Style/RaiseArgs:
   Enabled: false
 
@@ -105,7 +122,7 @@ Style/SignalException:
 # Suppressing exceptions can be perfectly fine, and be it to avoid to
 # explicitly type nil into the rescue since that's what you want to return,
 # or suppressing LoadError for optional dependencies
-Lint/HandleExceptions:
+Lint/SuppressedException:
   Enabled: false
 
 Layout/SpaceInsideBlockBraces:
@@ -150,11 +167,16 @@ Lint/ShadowingOuterLocalVariable:
 
 # Check with yard instead.
 Style/Documentation:
-  Enabled: false 
+  Enabled: false
 
 # This is just silly. Calling the argument `other` in all cases makes no sense.
 Naming/BinaryOperatorParameterName:
-  Enabled: false 
+  Enabled: false
+
+# Defining constants in tests is fine, and it's good to have them close to the test where they are used.
+Lint/ConstantDefinitionInBlock:
+  Exclude:
+    - "spec/**/*"
 
 # There are valid cases, for example debugging Cucumber steps,
 # also they'll fail CI anyway
@@ -168,3 +190,11 @@ Style/NumericPredicate:
 # Reset some HoundCI changes back to Rubocop defaults
 Layout/DotPosition:
   EnforcedStyle: leading
+
+# Not enabled by default but good
+Style/HashEachMethods:
+  Enabled: true
+
+# It makes more sense to allow to structure and group them how it makes sense in the code
+Style/AccessorGrouping:
+  Enabled: false

.ruby-version

@@ -1 +1 @@
-2.4
+3.3

.scss-lint.yml

@@ -70,7 +70,7 @@ linters:
     enabled: true
 
   IdSelector:
-    enabled: true
+    enabled: false
 
   ImportantRule:
     enabled: true

.travis.yml

@@ -1,40 +0,0 @@
-language: ruby
-
-rvm:
-  - 2.4.2
-  - 2.3.5
-
-env:
-  - DB=postgresql BUILD_TYPE=cucumber
-  - DB=mysql BUILD_TYPE=cucumber
-  - DB=postgresql BUILD_TYPE=other
-  - DB=mysql BUILD_TYPE=other
-
-sudo: false
-cache:
-  bundler: true
-  directories:
-    - app/assets/images
-    - tmp/cache/assets
-
-branches:
-  only:
-    - 'master'
-    - 'next-minor'
-    - 'develop'
-
-before_install:
-  - script/ci/prepare.sh
-  - mkdir travis-phantomjs
-  - wget http://cifiles.diasporafoundation.org/phantomjs-2.1.1-linux-x86_64.tar.bz2 -O $PWD/travis-phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
-  - tar -xvf $PWD/travis-phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2 -C $PWD/travis-phantomjs
-  - export PATH=$PWD/travis-phantomjs/phantomjs-2.1.1-linux-x86_64/bin:$PATH
-
-script: "bin/rake --trace ci:travis:${BUILD_TYPE}"
-
-notifications:
-  irc:
-    channels:
-      - secure: YvYkeTAw+5oOl/RaXVwu7JkKGNWPoFosNQRmLvJkBFbWzZ1s5LZD1u3+Qj819bT3lGzJu9pxmJg765IRYrGWmBi4mcAV3dpO6qowVdFTcorf0JsnLw3Kvkga9rrDunsRNr21KTAQqHOO5mKUzw9DtMzd52BiWuZwIj3xcl72gQI=
-    template:
-      - "%{repository_slug}#%{commit} (%{branch} - %{commit_subject}): %{message} %{build_url}"

Changelog.md

@@ -1,3 +1,389 @@
+# 1.0.0 (unreleased)
+
+## Refactor
+
+## Bug fixes
+
+## Features
+
+# 0.9.1.0 (unreleased)
+
+## Refactor
+* Improved compatibility with non-specification-compliant OpenGraph metadata [#8465](https://github.com/diaspora/diaspora/pull/8465)
+
+## Bug fixes
+* Fix processing for a specific set of uploaded images, like scenes full of snow, by allowing for a larger on-disk cache for ImageMagick [#8460](https://github.com/diaspora/diaspora/pull/8460)
+* Fix a bug with parsing certain OpenGraph metadata structures [#8463](https://github.com/diaspora/diaspora/pull/8463)
+
+## Features
+* For admins, the offending content's author is now visible in the reports overview [#8464](https://github.com/diaspora/diaspora/pull/8464)
+
+# 0.9.0.0
+
+## New configuration file!
+
+Diaspora\* now uses TOML for the configuration file. We recommend you to migrate to this new format, as with the next major release (1.0) diaspora\* will no longer read the YAML based configuration file at `config/diaspora.yml`. To do so, please copy `config/diaspora.toml.example` to `config/diaspora.toml` and migrate your configuration.
+
+## API!
+
+With the release of diaspora\* Version 0.9, we now officially support building applications on top of the diaspora\* API! Please check out [the official API documentation](https://diaspora.github.io/api-documentation/) for instructions, and please do file bugs if you notice something that could be improved!
+
+We are looking forward to seeing many creative applications!
+
+## The chat integration has been removed
+
+After [a discussion with our community on Discourse](https://discourse.diasporafoundation.org/t/2718), we decided to remove the pieces of XMPP chat integration that were put in place a while ago. When we first added the chat support, we merged the implementation in an unfinished state in the hopes that the open issues will be addressed eventually, and the implementation would end up more polished. This ended up not being the case. After careful consideration and discussion, we did not manage to come up with clear reasons why we need a chat implementation, so we decided that the best way forward would be to remove it.
+
+Although the chat was never enabled per default and was marked as experimental, some production pods did set up the integration and offered an XMPP service to their users. After this release, diaspora\* will no longer contain a chat applet, so users will no longer be able to use the webchat inside diaspora\*. The existing module that is used to enable users to authenticate to Prosody using their diaspora\* credentials will continue to work, but contact list synchronization might not work without further changes to the Prosody module, which is developed independently from this project.
+
+## Changes around the appserver and related configuration
+
+With this release, we switched from `unicorn` to `puma` to run our applications. For podmins running the default setup, this should significantly reduce memory usage, with similar or even better frontend performance! However, as great as this change is, some configuration changes are required.
+
+- The `single_process_mode` and `embed_sidekiq_worker` configurations have been removed. This mode was never truly a "single-process" mode, as it just spawned the Background Workers inside the runserver. If you're using `script/server` to start your pod, this change does not impact you, but if you're running diaspora\* using other means, and you relied on this "single"-process mode, please ensure that Sidekiq workers get started.
+- The format of the `listen` configuration has changed. If you have not set that field in your configuration, you can skip this. Otherwise, make sure to adjust your configuration accordingly:
+  - Listening to Unix sockets with a relative path has changed from `unix:tmp/diaspora.sock` into `unix://tmp/diaspora.sock`.
+  - Listening to Unix sockets with an absolute path has changed from `unix:/run/diaspora/diaspora.sock` to `unix:///run/diaspora/diaspora.sock`.
+  - Listening to a local port has changed from `127.0.0.1:3000` to `tcp://127.0.0.1:3000`.
+- The `PORT` environment variable and the `-p` parameter to `script/server` have been removed. If you used that to run diaspora\* on a non-standard port, please use the `listen` configuration.
+- The `unicorn_worker` configuration has been dropped. With Puma, there should not be a need to increase the number of workers above a single worker in any pod of any size.
+- The `unicorn_timeout` configuration has been renamed to `web_timeout`.
+- **If you don't run your pod with `script/server`**, you have to update your setup. If you previously called `bin/bundle exec unicorn -c config/unicorn.rb` to run diaspora\*, you now have to run `bin/puma -C config/puma.rb`! Please update your systemd-Units or similar accordingly.
+
+## Yarn for frontend dependencies
+
+We use yarn to install the frontend dependencies now, so you need to have that installed. See here for how to install it: https://yarnpkg.com/en/docs/install
+
+## Suggested Ruby version: 3.3
+
+We recommend setting up new pods using Ruby 3.3, and updating existing pods to this version as well. Ruby 2.7 is EOL and no longer supported.
+
+## Changes to script/server for production pods
+
+If you're currently running your production pod with `./script/server` in a tmux or something similar, please be careful. We made some internal changes that result in the script no longer automatically restarting the server if it crashes - instead, it will just shut down. We strongly recommend running your pod using your system's unit manager, for example with [this systemd unit](https://wiki.diasporafoundation.org/Automatic_startup_methods#Recommended:_systemd).
+
+## Security
+
+* Fix a potential 2FA brute force attack ([CVE-2024-0227](https://github.com/devise-two-factor/devise-two-factor/security/advisories/GHSA-chcr-x7hc-8fp8)).
+  Thanks to Christian Reitter ([Radically Open Security](https://www.radicallyopensecurity.com/)) and Chris MacNaughton ([Centauri Solutions](https://centauri.solutions)).
+
+## Refactor
+* Add bootstrapping for using ECMAScript 6 with automatic transpiling for compatibility [#7581](https://github.com/diaspora/diaspora/pull/7581) [#8397](https://github.com/diaspora/diaspora/pull/8397)
+* Remove backporting of mention syntax [#7788](https://github.com/diaspora/diaspora/pull/7788)
+* Enable Content-Security-Policy header by default [#7781](https://github.com/diaspora/diaspora/pull/7781)
+* Do not show getting started after account import [#8036](https://github.com/diaspora/diaspora/pull/8036)
+* Remove the JSXC/Prosody integration [#8069](https://github.com/diaspora/diaspora/pull/8069) [#8341](https://github.com/diaspora/diaspora/pull/8341)
+* Replace `factory_girl` with `factory_bot` [#8218](https://github.com/diaspora/diaspora/pull/8218)
+* Drop relay support [#8243](https://github.com/diaspora/diaspora/pull/8243)
+* Use yarn to manage the frontend dependencies [#8364](https://github.com/diaspora/diaspora/pull/8364)
+* Upgrade to latest `diaspora_federation`, remove support for old federation protocol [#8368](https://github.com/diaspora/diaspora/pull/8368)
+* Remove support for `therubyracer` [#8337](https://github.com/diaspora/diaspora/issues/8337)
+* Replace `unicorn` with `puma` [#8392](https://github.com/diaspora/diaspora/pull/8392)
+* Drop `strip_exif` flag and always remove exif data from uploaded images [#8417](https://github.com/diaspora/diaspora/pull/8417)
+* Replace `apparition` with `cuprite` [#8418](https://github.com/diaspora/diaspora/pull/8418)
+* Remove `i18n-inflector-rails` for translations [#8420](https://github.com/diaspora/diaspora/pull/8420)
+* Add ruby 3 support [#8423](https://github.com/diaspora/diaspora/pull/8423) [#8426](https://github.com/diaspora/diaspora/pull/8426) [#8427](https://github.com/diaspora/diaspora/pull/8427) [#8448](https://github.com/diaspora/diaspora/pull/8448)
+* Add CORS headers to nodeinfo endpoints to allow for client-side fetching [#8436](https://github.com/diaspora/diaspora/pull/8436)
+* Replace eye with foreman [#8449](https://github.com/diaspora/diaspora/pull/8449)
+
+## Bug fixes
+* Fix multiple photos upload progress bar [#7655](https://github.com/diaspora/diaspora/pull/7655)
+* Photo-upload file picker now correctly restricts possible file types [#8205](https://github.com/diaspora/diaspora/pull/8205)
+* Make inline code inside links show the link color [#8387](https://github.com/diaspora/diaspora/pull/8387)
+* Fix fetching public posts on first account search was missing some data [#8390](https://github.com/diaspora/diaspora/pull/8390)
+* Add redirect from mobile UI photo URLs to post when not using mobile UI [#8400](https://github.com/diaspora/diaspora/pull/8400)
+* Escape mentions before markdown parsing in mobile UI [#8398](https://github.com/diaspora/diaspora/pull/8398)
+* Cleanup duplicate pods in database [#8403](https://github.com/diaspora/diaspora/pull/8403)
+* Fix scrolling issue after closing photo viewer on photos page [#8404](https://github.com/diaspora/diaspora/pull/8404)
+* Filter unicode emojis from email headers [#8421](https://github.com/diaspora/diaspora/pull/8421)
+* Do not show disabled services anymore [#8406](https://github.com/diaspora/diaspora/pull/8406)
+* Update search endpoint to be aware of ignored users [#8363](https://github.com/diaspora/diaspora/pull/8363)
+
+## Features
+* Add client-side cropping of profile image uploads [#7581](https://github.com/diaspora/diaspora/pull/7581)
+* Add client-site rescaling of post images if they exceed the maximum possible size [#7734](https://github.com/diaspora/diaspora/pull/7734)
+* Add backend for archive import [#7660](https://github.com/diaspora/diaspora/pull/7660) [#8254](https://github.com/diaspora/diaspora/pull/8254) [#8264](https://github.com/diaspora/diaspora/pull/8264) [#8010](https://github.com/diaspora/diaspora/pull/8010) [#8260](https://github.com/diaspora/diaspora/pull/8260) [#8302](https://github.com/diaspora/diaspora/pull/8302) [#8298](https://github.com/diaspora/diaspora/pull/8298)
+* For pods running PostgreSQL, make sure that no upper-case/mixed-case tags exist, and create a `lower(name)` index on tags to speed up ActsAsTaggableOn [#8206](https://github.com/diaspora/diaspora/pull/8206)
+* Allow podmins/moderators to see all local public posts to improve moderation [#8232](https://github.com/diaspora/diaspora/pull/8232) [#8320](https://github.com/diaspora/diaspora/pull/8320)
+* Add support for directly paste images to upload them [#8237](https://github.com/diaspora/diaspora/pull/8237)
+* Add support for webp images and convert new png/jpg to webp to save space and bandwidth [#8358](https://github.com/diaspora/diaspora/pull/8358)
+* Show total and active pods count in the pods list for podmins [#8383](https://github.com/diaspora/diaspora/pull/8383)
+* Allow to select multiple aspects when posting on mobile [#8217](https://github.com/diaspora/diaspora/pull/8217)
+* Add info links to drawer in mobile UI [#8405](https://github.com/diaspora/diaspora/pull/8405)
+* Tell users that there is no help in mobile version, allow to switch to desktop [#8407](https://github.com/diaspora/diaspora/pull/8407)
+* Add Smart App Banner on iOS devices [#8409](https://github.com/diaspora/diaspora/pull/8409)
+* Add a more detailed modal when reporting a post or a comment [#8035](https://github.com/diaspora/diaspora/pull/8035)
+* Re-introduce likes on comments [#8203](https://github.com/diaspora/diaspora/pull/8203) [#8439](https://github.com/diaspora/diaspora/pull/8439) [#8442](https://github.com/diaspora/diaspora/pull/8442)
+* New redesigned registration page [#8285](https://github.com/diaspora/diaspora/pull/8285)
+* Allow comments to be fetched [#8441](https://github.com/diaspora/diaspora/pull/8441)
+
+# 0.7.18.2
+
+To avoid potential security issues, diaspora\* now makes sure that ImageMagick image processing always runs with a restricted `policy.xml`, regardless of the global system settings.
+
+# 0.7.18.1
+
+## Bug fixes
+* Update binstubs to fix diaspora\* being unable to start when multiple bundler versions were available [#8392](https://github.com/diaspora/diaspora/pull/8392/commits/bfd42a1914a99ac9c71ecb16bbf6fa5bb118148a)
+
+# 0.7.18.0
+
+## Refactor
+* Fix order-dependent jasmine test failures and switch to random order [#8333](https://github.com/diaspora/diaspora/pull/8333)
+* Get rid of some uses of "execute\_script" in feature specs [#8331](https://github.com/diaspora/diaspora/pull/8331)
+* Fix deprecation warnings for sidekiq 7.0 [#8359](https://github.com/diaspora/diaspora/pull/8359)
+* Remove entypo-rails dependency to prepare for rails 6 [#8361](https://github.com/diaspora/diaspora/pull/8361)
+* Remove compass-rails dependency which is not supported anymore [#8362](https://github.com/diaspora/diaspora/pull/8362)
+* Switch to sassc-rails which speeds up `assets:precompile` a lot [#8362](https://github.com/diaspora/diaspora/pull/8362)
+* Remove markerb dependency which doesn't exist anymore [#8365](https://github.com/diaspora/diaspora/pull/8365)
+* Upgrade to rails 6.1 [#8366](https://github.com/diaspora/diaspora/pull/8366)
+* Update the suggested Ruby version to 2.7. If you run into trouble during the update and you followed our installation guides, run `rvm install 2.7`. [#8366](https://github.com/diaspora/diaspora/pull/8366)
+* Upgrade to bundler 2 [#8366](https://github.com/diaspora/diaspora/pull/8366)
+* Stop checking `/.well-known/host-meta`, check for `/.well-known/nodeinfo` instead [#8377](https://github.com/diaspora/diaspora/pull/8377)
+* Handle NodeInfo timeouts gracefully [#8380](https://github.com/diaspora/diaspora/pull/8380)
+
+## Bug fixes
+* Fix that no mails were sent after photo export [#8365](https://github.com/diaspora/diaspora/pull/8365)
+* Fix people with quotes in the name causing issues with mail sender [#8365](https://github.com/diaspora/diaspora/pull/8365)
+
+## Features
+* Render posts and comments as HTML in HTML mails [#8365](https://github.com/diaspora/diaspora/pull/8365)
+* Add NodeInfo 2.1 support and also read newer versions of NodeInfo [#8379](https://github.com/diaspora/diaspora/pull/8379)
+
+# 0.7.17.0
+
+## Security
+* Bump Rails to 5.2.7 to address [CVE-2022-22577](https://discuss.rubyonrails.org/t/cve-2022-22577-possible-xss-vulnerability-in-action-pack/80533) and [CVE-2022-27777](https://discuss.rubyonrails.org/t/cve-2022-27777-possible-xss-vulnerability-in-action-view-tag-helpers/80534) [#8350](https://github.com/diaspora/diaspora/pull/8350)
+* Do not allow the user to mass assign their own password and 2fa settings alongside other parameters. Reported by Breno Vitório (@brenu) - thank you! [#8351](https://github.com/diaspora/diaspora/pull/8351)
+
+## Bug fixes
+* Don't suggest to retry exports on failure [#8343](https://github.com/diaspora/diaspora/pull/8343)
+
+# 0.7.16.0
+
+## Security
+
+* Update rails to fix [CVE-2022-23633](https://github.com/advisories/GHSA-wh98-p28r-vrc9) [#8336](https://github.com/diaspora/diaspora/pull/8336)
+
+## Refactor
+* Cache local posts/comments count for statistics [#8241](https://github.com/diaspora/diaspora/pull/8241)
+* Fix html-syntax in some handlebars templates [#8251](https://github.com/diaspora/diaspora/pull/8251)
+* Remove `chat_enabled` flag from archive export [#8265](https://github.com/diaspora/diaspora/pull/8265)
+* Change thumbnails in image slideshow to squares [#8275](https://github.com/diaspora/diaspora/pull/8275)
+* Replace uglifier with terser for JS compression [#8268](https://github.com/diaspora/diaspora/pull/8268)
+
+## Bug fixes
+* Ensure the log folder exists [#8287](https://github.com/diaspora/diaspora/pull/8287)
+* Limit name length in header [#8313](https://github.com/diaspora/diaspora/pull/8313)
+* Fix fallback avatar in hovercards [#8316](https://github.com/diaspora/diaspora/pull/8316)
+* Use old person private key for export if relayable author migrated away [#8310](https://github.com/diaspora/diaspora/pull/8310)
+
+## Features
+* Add tags to tumblr posts [#8244](https://github.com/diaspora/diaspora/pull/8244)
+* Add blocks to the archive export [#8263](https://github.com/diaspora/diaspora/pull/8263)
+* Allow points and dashes in the username [#8266](https://github.com/diaspora/diaspora/pull/8266)
+* Add support for footnotes in markdown [#8277](https://github.com/diaspora/diaspora/pull/8277)
+* Send `AccountMigration` if receiving message to a migrated account [#8288](https://github.com/diaspora/diaspora/pull/8288)
+* Add podmin mail address to the footer [#8242](https://github.com/diaspora/diaspora/pull/8242)
+* Add username to password-reset mail [#8037](https://github.com/diaspora/diaspora/pull/8037)
+* Resend account migration and deletion for closed recipients [#8309](https://github.com/diaspora/diaspora/pull/8309)
+* Add sharing status to hovercards [#8317](https://github.com/diaspora/diaspora/pull/8317)
+* Migrate photo URLs and cleanup old uploaded photos [#8314](https://github.com/diaspora/diaspora/pull/8314)
+
+# 0.7.15.0
+
+## Refactor
+* Replaced some `http://` links in the UI with their `https://` counterparts [#8207](https://github.com/diaspora/diaspora/pull/8207)
+* Testing: Replaced phantomjs with headless Chrome/Chromium [#8234](https://github.com/diaspora/diaspora/pull/8234)
+
+## Bug fixes
+* Update comment counter when deleting a comment in the Single Post View [#7938](https://github.com/diaspora/diaspora/pull/7938)
+* Link diaspora only poduptime list [#8174](https://github.com/diaspora/diaspora/pull/8174)
+* Delete a user's invitation code during account deletion [#8202](https://github.com/diaspora/diaspora/pull/8202)
+* Bump mimemagic [#8231](https://github.com/diaspora/diaspora/pull/8231)
+* Removed support for defunct Uni Heidelberg OSM tile server, Mapbox is now required if you want to show maps [#8215](https://github.com/diaspora/diaspora/pull/8215)
+* Render only two fractional digits in the posts per user/day admin statistics [#8227](https://github.com/diaspora/diaspora/pull/8227)
+* Make aspect dropdowns scrollable [#8213](https://github.com/diaspora/diaspora/pull/8213)
+* Fix `Photo#ownserhip_of_status_message` validation [#8214](https://github.com/diaspora/diaspora/pull/8214)
+
+## Features
+* Support and recommend TOML as configuration format [#8132](https://github.com/diaspora/diaspora/pull/8132)
+
+# 0.7.14.0
+
+## Refactor
+* Update the suggested Ruby version to 2.6. If you run into trouble during the update and you followed our installation guides, run `rvm install 2.6`. [#7929](https://github.com/diaspora/diaspora/pull/7929)
+
+## Bug fixes
+* Don't link to deleted users in admin user stats [#8063](https://github.com/diaspora/diaspora/pull/8063)
+* Properly validate a profile's gender field length instead of failing with a database error. [#8127](https://github.com/diaspora/diaspora/pull/8127)
+
+## Features
+
+# 0.7.13.0
+
+## Security
+* Fixes [USN-4274-1](https://usn.ubuntu.com/4274-1/), a potential Denial-of-Service vulnerability in Nokogiri. [#8108](https://github.com/diaspora/diaspora/pull/8108)
+
+## Refactor
+* Set better example values for unicorn stdout/stderr log settings [#8058](https://github.com/diaspora/diaspora/pull/8058)
+* Replace dependency on rails-assets.org with custom gems cache at gems.diasporafoundation.org [#8087](https://github.com/diaspora/diaspora/pull/8087)
+
+## Bug fixes
+* Fix error while trying to fetch some sites with invalid OpenGraph data [#8049](https://github.com/diaspora/diaspora/pull/8049)
+* Don't show sign up link on mobile when registrations are disabled [#8060](https://github.com/diaspora/diaspora/pull/8060)
+
+## Features
+* Add cronjob to cleanup pending photos which were never posted [#8041](https://github.com/diaspora/diaspora/pull/8041)
+
+# 0.7.12.0
+
+## Refactor
+* Harmonize markdown titles sizes [#8029](https://github.com/diaspora/diaspora/pull/8029)
+
+## Bug fixes
+* Improve handling of mixed case hostnames while fetching OpenGraph data [#8021](https://github.com/diaspora/diaspora/pull/8021)
+* Fix "remember me" with two factor authentication enabled [#8031](https://github.com/diaspora/diaspora/pull/8031)
+
+## Features
+* Add line mentioning diaspora\* on the splash page [#7966](https://github.com/diaspora/diaspora/pull/7966)
+* Improve communication about signing up on closed pods [#7896](https://github.com/diaspora/diaspora/pull/7896)
+
+# 0.7.11.0
+
+## Refactor
+* Enable paranoid mode for devise [#8003](https://github.com/diaspora/diaspora/pull/8003)
+* Refactor likes cucumber test [#8002](https://github.com/diaspora/diaspora/pull/8002)
+
+## Bug fixes
+* Fix old photos without remote url for export [#8012](https://github.com/diaspora/diaspora/pull/8012)
+
+## Features
+* Add a manifest.json file as a first step to make diaspora\* a Progressive Web App [#7998](https://github.com/diaspora/diaspora/pull/7998)
+* Allow `web+diaspora://` links to link to a profile with only the diaspora ID [#8000](https://github.com/diaspora/diaspora/pull/8000)
+* Support TOTP two factor authentication [#7751](https://github.com/diaspora/diaspora/pull/7751)
+
+# 0.7.10.0
+
+## Refactor
+* Replace dandelion.jpg with a public domain photo [#7976](https://github.com/diaspora/diaspora/pull/7976)
+
+## Bug fixes
+* Fix incorrect post sorting on tag streams and tag searches for tags containing the word "activity" [#7959](https://github.com/diaspora/diaspora/issues/7959)
+
+# 0.7.9.0
+
+## Refactor
+* Improve public stream performance and cleanup unused indexes [#7944](https://github.com/diaspora/diaspora/pull/7944)
+* Improve wording of "Toggle mobile" [#7926](https://github.com/diaspora/diaspora/pull/7926)
+
+## Bug fixes
+* Do not autofollow back a user you are ignoring [#7913](https://github.com/diaspora/diaspora/pull/7913)
+* Fix photos gallery when too many thumbnails are shown [#7943](https://github.com/diaspora/diaspora/pull/7943)
+* Fix extended profile visibility switch showing the wrong state [#7955](https://github.com/diaspora/diaspora/pull/7955)
+
+## Features
+* Support ignore users on mobile [#7884](https://github.com/diaspora/diaspora/pull/7884)
+
+# 0.7.8.0
+
+## Refactor
+* Make setting up a development environment 9001% easier by adding a Docker-based setup [#7870](https://github.com/diaspora/diaspora/pull/7870)
+* Improve `web+diaspora://` handler description [#7909](https://github.com/diaspora/diaspora/pull/7909)
+* Move comment timestamp next to author name [#7905](https://github.com/diaspora/diaspora/pull/7905)
+* Sharpen small and medium thumbnails [#7924](https://github.com/diaspora/diaspora/pull/7924)
+* Show full-res image in Desktop's full-screen image view [#7890](https://github.com/diaspora/diaspora/pull/7890)
+
+## Bug fixes
+* Ignore invalid URLs for camo [#7922](https://github.com/diaspora/diaspora/pull/7922)
+* Unliking a post did not update the participation icon without a reload [#7882](https://github.com/diaspora/diaspora/pull/7882)
+* Fix broken Instagram embedding [#7920](https://github.com/diaspora/diaspora/pull/7920)
+
+## Features
+* Add the ability to assign roles in the admin panel [#7868](https://github.com/diaspora/diaspora/pull/7868)
+* Improve memory usage with libjemalloc if available [#7919](https://github.com/diaspora/diaspora/pull/7919)
+
+# 0.7.7.1
+
+Fixes a potential cross-site scripting issue with maliciously crafted OpenGraph metadata on the mobile interface.
+
+# 0.7.7.0
+
+## Refactor
+* Remove mention of deprecated `statistic.json` [#7867](https://github.com/diaspora/diaspora/pull/7867)
+* Add quotes in `database.yml.example` to fields that may contain special characters [#7875](https://github.com/diaspora/diaspora/pull/7875)
+* Removed broken, and thus deprecated, Facebook integration [#7874](https://github.com/diaspora/diaspora/pull/7874)
+
+## Bug fixes
+* Add compatibility with macOS to `script/configure_bundler` [#7830](https://github.com/diaspora/diaspora/pull/7830)
+* Fix comment and like notifications on posts without text [#7857](https://github.com/diaspora/diaspora/pull/7857) [#7853](https://github.com/diaspora/diaspora/pull/7853)
+* Fix issue with some language fallbacks not working correctly [#7861](https://github.com/diaspora/diaspora/pull/7861)
+* Make sure URLs are encoded before sending them to camo [#7871](https://github.com/diaspora/diaspora/pull/7871)
+
+## Features
+* Add `web+diaspora://` link handler [#7826](https://github.com/diaspora/diaspora/pull/7826)
+
+# 0.7.6.0
+
+## Refactor
+* Add unique index to poll participations on `poll_id` and `author_id` [#7798](https://github.com/diaspora/diaspora/pull/7798)
+* Add 'completed at' date to account migrations [#7805](https://github.com/diaspora/diaspora/pull/7805)
+* Handle duplicates for TagFollowing on account merging [#7807](https://github.com/diaspora/diaspora/pull/7807)
+* Add link to the pod in the email footer [#7814](https://github.com/diaspora/diaspora/pull/7814)
+
+## Bug fixes
+* Fix compatibility with newer glibc versions [#7828](https://github.com/diaspora/diaspora/pull/7828)
+* Allow fonts to be served from asset host in CSP [#7825](https://github.com/diaspora/diaspora/pull/7825)
+
+## Features
+* Support fetching StatusMessage by Poll GUID [#7815](https://github.com/diaspora/diaspora/pull/7815)
+* Always include link to diaspora in facebook cross-posts [#7774](https://github.com/diaspora/diaspora/pull/7774)
+
+# 0.7.5.0
+
+## Refactor
+* Remove the 'make contacts in this aspect visible to each other' option [#7769](https://github.com/diaspora/diaspora/pull/7769)
+* Remove the requirement to have at least two users to disable the /podmin redirect [#7783](https://github.com/diaspora/diaspora/pull/7783)
+* Randomize start times of daily Sidekiq-Cron jobs [#7787](https://github.com/diaspora/diaspora/pull/7787)
+
+## Bug fixes
+* Prefill conversation form on contacts page only with mutual contacts [#7744](https://github.com/diaspora/diaspora/pull/7744)
+* Fix profiles sometimes not loading properly in background tabs [#7740](https://github.com/diaspora/diaspora/pull/7740)
+* Show error message when creating posts with invalid aspects [#7742](https://github.com/diaspora/diaspora/pull/7742)
+* Fix mention syntax backport for two immediately consecutive mentions [#7777](https://github.com/diaspora/diaspora/pull/7777)
+* Fix link to 'make yourself an admin' [#7783](https://github.com/diaspora/diaspora/pull/7783)
+* Fix calculation of content lengths when cross-posting to twitter [#7791](https://github.com/diaspora/diaspora/pull/7791)
+
+## Features
+* Make public stream accessible for logged out users [#7775](https://github.com/diaspora/diaspora/pull/7775)
+* Add account-merging support when receiving an account migration [#7803](https://github.com/diaspora/diaspora/pull/7803)
+
+# 0.7.4.1
+
+Fixes a possible cross-site scripting issue with maliciously crafted OpenGraph metadata.
+
+# 0.7.4.0
+
+## Refactor
+* Don't print a warning when starting the server outside a Git repo [#7712](https://github.com/diaspora/diaspora/pull/7712)
+* Make script/server work on readonly filesystems [#7719](https://github.com/diaspora/diaspora/pull/7719)
+* Add camo paths to the robots.txt [#7726](https://github.com/diaspora/diaspora/pull/7726)
+
+## Bug fixes
+* Prevent duplicate mention notifications when the post is received twice [#7721](https://github.com/diaspora/diaspora/pull/7721)
+* Fixed a compatiblitiy issue with non-diaspora\* webfingers [#7718](https://github.com/diaspora/diaspora/pull/7718)
+* Don't retry federation for accounts without a valid public key [#7717](https://github.com/diaspora/diaspora/pull/7717)
+* Fix stream generation for tagged posts with many followed tags [#7715](https://github.com/diaspora/diaspora/pull/7715)
+* Fix incomplete Occitan date localizations [#7731](https://github.com/diaspora/diaspora/pull/7731)
+
+## Features
+* Add basic html5 audio/video embedding support [#6418](https://github.com/diaspora/diaspora/pull/6418)
+* Add the back-to-top button to all pages [#7729](https://github.com/diaspora/diaspora/pull/7729)
+
+# 0.7.3.1
+
+Re-updating the German translations to fix some UX issues that were introduced by recent translation efforts.
+
 # 0.7.3.0
 
 ## Refactor

FederationProcfile

@@ -1,6 +0,0 @@
-web1: env RAILS_ENV=integration1 bundle exec rails s -p 3001
-worker1: env RAILS_ENV=integration1 VVERBOSE=1 QUEUE=* bundle exec rake resque:work
-redis1: env RAILS_ENV=integration1 redis-server ./redis-integration1.conf
-web2: env RAILS_ENV=integration2 bundle exec rails s -p 3002
-worker2: env RAILS_ENV=integration2 VVERBOSE=1 QUEUE=* bundle exec rake resque:work
-redis2: env RAILS_ENV=integration2 redis-server ./redis-integration2.conf

Gemfile

@@ -2,194 +2,167 @@
 
 source "https://rubygems.org"
 
-gem "rails", "5.1.4"
+gem "rails", "6.1.7.8"
+
+# needed for actionmailer, can be removed when upgrading to rails 7
+gem "net-imap", require: false
+gem "net-pop", require: false
+gem "net-smtp", require: false
 
 # Legacy Rails features, remove me!
 # responders (class level)
-gem "responders", "2.4.0"
+gem "responders", "3.1.1"
 
 # Appserver
 
-gem "unicorn", "5.3.0", require: false
-gem "unicorn-worker-killer", "0.4.4"
+gem "puma", "6.4.2", require: false
 
 # Federation
 
-gem "diaspora_federation-json_schema", "0.2.3"
-gem "diaspora_federation-rails", "0.2.3"
+gem "diaspora_federation-json_schema", "1.1.0"
+gem "diaspora_federation-rails",       "1.1.0"
 
 # API and JSON
 
 gem "acts_as_api", "1.0.1"
-gem "json",        "2.1.0"
-gem "json-schema", "2.8.0"
+gem "json",        "2.7.2"
+gem "json-schema", "4.3.0"
+gem "yajl-ruby",   "1.4.3"
 
 # Authentication
 
-gem "devise", "4.3.0"
+gem "devise", "4.9.4"
 gem "devise_lastseenable", "0.0.6"
+gem "devise-two-factor", "4.1.0"
+gem "rqrcode", "2.2.0"
 
 # Captcha
 
-gem "simple_captcha2", "0.4.3", require: "simple_captcha"
+gem "simple_captcha2", "0.5.0", require: "simple_captcha"
 
 # Background processing
 
-gem "sidekiq", "5.0.4"
+gem "redis", "4.8.1"
+gem "sidekiq", "6.5.12"
 
 # Scheduled processing
 
-gem "sidekiq-cron", "0.6.3"
+gem "sidekiq-cron", "1.12.0"
 
 # Compression
 
-gem "uglifier", "3.2.0"
+gem "terser", "1.2.2"
 
 # Configuration
 
-gem "configurate", "0.3.1"
+gem "configurate", "0.6.0"
+gem "toml-rb", "3.0.1"
 
 # Cross-origin resource sharing
 
-gem "rack-cors", "1.0.1", require: "rack/cors"
+gem "rack-cors", "2.0.2", require: "rack/cors"
 
 # CSS
 
-gem "autoprefixer-rails",     "7.1.4.1"
-gem "bootstrap-sass",         "3.3.7"
-gem "bootstrap-switch-rails", "3.3.3"
-gem "compass-rails",          "3.0.2"
-gem "sass-rails",             "5.0.6"
-gem "sprockets-rails",        "3.2.1"
+gem "autoprefixer-rails",     "10.4.16.0"
+gem "bootstrap-sass",         "3.4.1"
+gem "bootstrap-switch-rails", "3.3.3" # 3.3.4 and 3.3.5 is broken, see https://github.com/Bttstrp/bootstrap-switch/issues/691
+gem "sassc-rails",            "2.1.2"
+gem "sprockets-rails",        "3.4.2"
 
 # Database
 
 group :mysql, optional: true do
-  gem "mysql2", "0.4.9"
+  gem "mysql2", "0.5.6"
 end
 group :postgresql, optional: true do
-  gem "pg",     "0.21.0"
+  gem "pg",     "1.5.6"
 end
 
-
-gem "activerecord-import", "0.20.1"
+gem "activerecord-import", "1.7.0"
 
 # File uploading
 
-gem "carrierwave", "1.1.0"
-gem "fog-aws",     "1.4.1"
-gem "mini_magick", "4.8.0"
+gem "carrierwave", "3.0.7"
+gem "fog-aws",     "3.22.0"
+gem "mini_magick", "4.12.0"
 
 # GUID generation
-gem "uuid", "2.3.8"
-
-# Icons
-
-gem "entypo-rails", "3.0.0"
+gem "uuid", "2.3.9"
 
 # JavaScript
 
-gem "handlebars_assets", "0.23.2"
-gem "jquery-rails",      "4.3.1"
-gem "js-routes",         "1.4.1"
-gem "js_image_paths",    "0.1.1"
-
-source "https://rails-assets.org" do
-  gem "rails-assets-jquery",                              "3.2.1" # Should be kept in sync with jquery-rails
-  gem "rails-assets-jquery.ui",                           "1.11.4"
-
-  gem "rails-assets-highlightjs",                         "9.12.0"
-  gem "rails-assets-markdown-it",                         "8.4.0"
-  gem "rails-assets-markdown-it-hashtag",                 "0.4.0"
-  gem "rails-assets-markdown-it-diaspora-mention",        "1.2.0"
-  gem "rails-assets-markdown-it-sanitizer",               "0.4.3"
-  gem "rails-assets-markdown-it--markdown-it-for-inline", "0.1.1"
-  gem "rails-assets-markdown-it-sub",                     "1.0.0"
-  gem "rails-assets-markdown-it-sup",                     "1.0.0"
-
-  gem "rails-assets-backbone",                            "1.3.3"
-  gem "rails-assets-bootstrap-markdown",                  "2.10.0"
-  gem "rails-assets-corejs-typeahead",                    "1.1.1"
-  gem "rails-assets-fine-uploader",                       "5.13.0"
-
-  # jQuery plugins
-
-  gem "rails-assets-autosize",                            "4.0.0"
-  gem "rails-assets-blueimp-gallery",                     "2.27.0"
-  gem "rails-assets-jquery.are-you-sure",                 "1.9.0"
-  gem "rails-assets-jquery-placeholder",                  "2.3.1"
-  gem "rails-assets-jquery-textchange",                   "0.2.3"
-  gem "rails-assets-perfect-scrollbar",                   "0.6.16"
-end
+gem "babel-transpiler",  "0.7.0"
+gem "handlebars_assets", "0.23.9"
+gem "jquery-rails",      "4.6.0"
+gem "jquery-ui-rails",   "7.0.0"
+gem "js_image_paths",    "0.2.0"
+gem "js-routes",         "2.2.8"
 
 # Localization
 
 gem "http_accept_language", "2.1.1"
-gem "i18n-inflector-rails", "1.0.7"
-gem "rails-i18n",           "5.0.4"
-
-# Mail
-
-gem "markerb",             "1.1.0"
+gem "rails-i18n",           "7.0.9"
 
 # Map
-gem "leaflet-rails",       "1.2.0"
+gem "leaflet-rails", "1.9.4"
 
 # Parsing
 
-gem "nokogiri",          "1.8.2"
-gem "open_graph_reader", "0.6.2" # also update User-Agent in features/support/webmock.rb
-gem "redcarpet",         "3.4.0"
-gem "ruby-oembed",       "0.12.0"
-gem "twitter-text",      "1.14.7"
+gem "nokogiri",          "1.16.5"
+gem "open_graph_reader", "0.9.1" # also update User-Agent in features/support/webmock.rb and open_graph_cache_spec.rb
+gem "redcarpet",         "3.6.0"
+gem "ruby-oembed",       "0.17.0"
+gem "twitter-text",      "3.1.0"
+
+# Rate limitting
+
+gem "rack-attack", "6.7.0"
 
 # RTL support
 
-gem "string-direction", "1.2.0"
+gem "string-direction", "1.2.2"
 
 # Security Headers
 
-gem "secure_headers", "3.7.1"
+gem "secure_headers", "6.5.0"
 
 # Services
 
-gem "omniauth",           "1.6.1"
-gem "omniauth-facebook",  "4.0.0"
-gem "omniauth-tumblr",    "1.2"
-gem "omniauth-twitter",   "1.4.0"
-gem "twitter",            "6.1.0"
-gem "omniauth-wordpress", "0.2.2"
+gem "omniauth",                       "2.1.2"
+gem "omniauth-rails_csrf_protection", "1.0.2"
+gem "omniauth-tumblr",                "1.2"
+gem "omniauth-twitter",               "1.4.0"
+gem "omniauth-wordpress",             "0.2.2"
+gem "twitter",                        "8.0.0"
 
 # OpenID Connect
-gem "openid_connect", "1.1.3"
+gem "openid_connect", "2.3.0"
 
 # Serializers
 
-gem "active_model_serializers", "0.9.7"
-
-# XMPP chat dependencies
-gem "diaspora-prosody-config",    "0.0.7"
-gem "rails-assets-diaspora_jsxc", "0.1.5.develop.7", source: "https://rails-assets.org"
+gem "active_model_serializers", "0.9.12"
 
 # Tags
 
-gem "acts-as-taggable-on", "5.0.0"
+gem "acts-as-taggable-on", "10.0.0"
 
 # URIs and HTTP
 
-gem "addressable",        "2.5.2", require: "addressable/uri"
-gem "faraday",            "0.11.0" # also update User-Agent in OpenID specs
-gem "faraday_middleware", "0.12.2"
-gem "faraday-cookie_jar", "0.0.6"
-gem "typhoeus",           "1.3.0"
+gem "addressable",              "2.8.6", require: "addressable/uri"
+gem "faraday",                  "2.9.0"
+gem "faraday-cookie_jar",       "0.0.7"
+gem "faraday-follow_redirects", "0.3.0"
+gem "faraday-typhoeus",         "1.1.0", require: false
+gem "typhoeus",                 "1.4.1"
 
 # Views
 
-gem "gon",                     "6.1.0"
-gem "hamlit",                  "2.8.4"
+gem "gon",                     "6.4.0"
+gem "hamlit",                  "3.0.3"
 gem "mobile-fu",               "1.4.0"
-gem "rails-timeago",           "2.16.0"
-gem "will_paginate",           "3.1.6"
+gem "rails-timeago",           "2.20.0"
+gem "will_paginate",           "4.0.0"
 
 # Logging
 
@@ -197,23 +170,16 @@ gem "logging-rails", "0.6.0", require: "logging/rails"
 
 # Reading and writing zip files
 
-gem "rubyzip", "1.2.1", require: "zip"
+gem "rubyzip", "2.3.2", require: "zip"
 
 # Prevent occasions where minitest is not bundled in
 # packaged versions of ruby. See following issues/prs:
 # https://github.com/gitlabhq/gitlabhq/issues/3826
 # https://github.com/gitlabhq/gitlabhq/pull/3852
 # https://github.com/discourse/discourse/pull/238
-gem "minitest"
+gem "minitest", "5.23.1"
 
-gem "versionist", "1.6.0"
-
-# Windows and OSX have an execjs compatible runtime built-in, Linux users should
-# install Node.js or use "therubyracer".
-#
-# See https://github.com/sstephenson/execjs#readme for more supported runtimes
-
-# gem "therubyracer", :platform => :ruby
+gem "versionist", "2.0.1"
 
 group :production do # we don"t install these on travis to speed up test runs
   # Analytics
@@ -223,7 +189,7 @@ group :production do # we don"t install these on travis to speed up test runs
 
   # Process management
 
-  gem "eye", "0.9.2"
+  gem "foreman", "0.88.1", require: false
 
   # Redirects
 
@@ -232,85 +198,72 @@ group :production do # we don"t install these on travis to speed up test runs
 
   # Third party asset hosting
 
-  gem "asset_sync", "2.2.0", require: false
+  gem "asset_sync", "2.19.1", require: false
 end
 
 group :development do
-  # Automatic test runs
-  gem "guard",          "2.14.1", require: false
-  gem "guard-cucumber", "2.1.2", require: false
-  gem "guard-rspec",    "4.7.3", require: false
-  gem "guard-rubocop",  "1.3.0", require: false
-  gem "rb-fsevent",     "0.10.2", require: false
-  gem "rb-inotify",     "0.9.10", require: false
-
   # Linters
-  gem "haml_lint",      "0.26.0", require: false
-  gem "pronto",         "0.9.5", require: false
-  gem "pronto-eslint",  "0.9.1", require: false
-  gem "pronto-haml",    "0.9.0", require: false
-  gem "pronto-rubocop", "0.9.0", require: false
-  gem "pronto-scss",    "0.9.1", require: false
-  gem "rubocop",        "0.50.0", require: false
+  gem "haml_lint",      "0.58.0", require: false
+  gem "pronto",         "0.11.2", require: false
+  gem "pronto-eslint",  "0.11.1", require: false
+  gem "pronto-haml",    "0.11.1", require: false
+  gem "pronto-rubocop", "0.11.5", require: false
+  gem "pronto-scss",    "0.11.0", require: false
+  gem "rubocop",        "1.64.0", require: false
+  gem "rubocop-rails",  "2.25.0", require: false
 
-  # Preloading environment
-
-  gem "spring", "2.0.2"
-  gem "spring-commands-rspec", "1.0.4"
-  gem "spring-commands-cucumber", "1.0.1"
+  gem "faraday-retry", require: false # used by pronto/octokit
 
   # Debugging
   gem "pry"
   gem "pry-byebug"
 
   # test coverage
-  gem "simplecov", "0.14.1", require: false
+  gem "simplecov", "0.22.0", require: false
 
   gem "turbo_dev_assets", "0.0.2"
+
+  gem "listen", "3.9.0"
 end
 
 group :test do
   # RSpec (unit tests, some integration tests)
 
-  gem "fixture_builder",   "0.5.0"
-  gem "fuubar",            "2.2.0"
-  gem "json-schema-rspec", "0.0.4"
+  gem "fixture_builder",   "0.5.2"
+  gem "fuubar",            "2.5.1"
   gem "rspec-json_expectations", "~> 2.1"
 
   # Cucumber (integration tests)
 
-  gem "capybara",           "2.15.1"
-  gem "database_cleaner",   "1.6.1"
-  gem "poltergeist",        "1.16.0"
+  gem "capybara",         "3.40.0"
+  gem "cuprite",          "0.15"
+  gem "database_cleaner-active_record", "2.1.0"
 
-  gem "cucumber-api-steps", "0.13", require: false
+  gem "cucumber-api-steps", "0.14", require: false
 
   # General helpers
 
-  gem "factory_girl_rails", "4.8.0"
-  gem "shoulda-matchers",   "3.1.2"
-  gem "timecop",            "0.9.1"
-  gem "webmock",            "3.0.1", require: false
+  gem "factory_bot_rails", "6.4.3"
+  gem "shoulda-matchers",  "6.2.0"
+  gem "timecop",           "0.9.8"
+  gem "webmock",           "3.23.1", require: false
 
-  gem "diaspora_federation-test", "0.2.3"
-
-  # Coverage
-  gem "coveralls", "0.8.21", require: false
+  gem "diaspora_federation-test", "1.1.0"
 end
 
 group :development, :test do
   # RSpec (unit tests, some integration tests)
-  gem "rspec-rails", "3.6.1"
+  gem "rspec-rails", "6.1.2"
 
   # Cucumber (integration tests)
-  gem "cucumber-rails", "1.5.0", require: false
+  gem "cucumber-rails", "3.0.0", require: false
 
   # Jasmine (client side application tests (JS))
-  gem "jasmine",                   "2.8.0"
+  gem "chrome_remote",             "0.3.0"
+  gem "jasmine",                   "3.10.0"
   gem "jasmine-jquery-rails",      "2.0.3"
-  gem "rails-assets-jasmine-ajax", "3.3.1", source: "https://rails-assets.org"
   gem "sinon-rails",               "1.15.0"
 
   # For `assigns` in controller specs
-  gem "rails-controller-testing", "1.0.2"
+  gem "rails-controller-testing", "1.0.5"
 end

Guardfile

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-guard :rspec, cmd: "bin/spring rspec", all_on_start: false, all_after_pass: false do
-  watch(/^spec\/.+_spec\.rb$/)
-  watch(/^lib\/(.+)\.rb$/)       {|m| "spec/lib/#{m[1]}_spec.rb" }
-  watch(/spec\/spec_helper.rb/)  { "spec" }
-
-  # Rails example
-  watch(/^spec\/.+_spec\.rb$/)
-  watch(/^app\/(.+)\.rb$/)                            {|m| "spec/#{m[1]}_spec.rb" }
-  watch(/^lib\/(.+)\.rb$/)                            {|m| "spec/lib/#{m[1]}_spec.rb" }
-  watch(%r{^app/controllers/(.+)_(controller)\.rb$}) {|m|
-    ["spec/routing/#{m[1]}_routing_spec.rb",
-     "spec/#{m[2]}s/#{m[1]}_#{m[2]}_spec.rb",
-     "spec/acceptance/#{m[1]}_spec.rb"]
-  }
-  watch(%r{^spec/support/(.+)\.rb$})                  { "spec" }
-  watch("spec/spec_helper.rb")                        { "spec" }
-  watch("config/routes.rb")                           { "spec/routing" }
-  watch("app/controllers/application_controller.rb")  { "spec/controllers" }
-
-  # Capybara request specs
-  watch(%r{^app/views/(.+)/.*\.(erb|haml)$})          {|m| "spec/requests/#{m[1]}_spec.rb" }
-end
-
-guard(:cucumber,
-      cmd:            "bin/spring cucumber",
-      all_on_start:   false,
-      all_after_pass: false) do
-  watch(/^features\/.+\.feature$/)
-  watch(%r{^features/support/.+$})          { "features" }
-  watch(%r{^features/step_definitions/(.+)_steps\.rb$}) {|m|
-    Dir[File.join("**/#{m[1]}.feature")][0] || "features"
-  }
-end
-
-guard :rubocop, all_on_start: false, keep_failed: false do
-  watch(/(?:app|config|db|lib|features|spec)\/.+\.rb$/)
-  watch(/(config.ru|Gemfile|Guardfile|Rakefile)$/)
-end

Procfile

@@ -1,2 +1,2 @@
-web: bin/bundle exec unicorn -c config/unicorn.rb -p $PORT
+web: bin/puma -C config/puma.rb
 sidekiq: bin/bundle exec sidekiq

README.md

@@ -1,14 +1,6 @@
-# diaspora*
+# diaspora\*
 ### A privacy-aware, distributed, open source social network
 
-**master:** [![Build Status master](https://secure.travis-ci.org/diaspora/diaspora.svg?branch=master)](http://travis-ci.org/diaspora/diaspora)
-**next-minor:** [![Build Status next-minor](https://secure.travis-ci.org/diaspora/diaspora.svg?branch=next-minor)](http://travis-ci.org/diaspora/diaspora)
-[![Coverage Status next-minor](https://coveralls.io/repos/github/diaspora/diaspora/badge.svg?branch=next-minor)](https://coveralls.io/github/diaspora/diaspora?branch=next-minor)|
-**develop:** [![Build Status develop](https://secure.travis-ci.org/diaspora/diaspora.svg?branch=develop)](http://travis-ci.org/diaspora/diaspora)
-[![Coverage Status develop](https://coveralls.io/repos/github/diaspora/diaspora/badge.svg?branch=develop)](https://coveralls.io/github/diaspora/diaspora?branch=develop) |
-[![Dependency Status](https://gemnasium.com/badges/github.com/diaspora/diaspora.svg)](https://gemnasium.com/diaspora/diaspora)
-[![Code Climate](https://codeclimate.com/github/diaspora/diaspora/badges/gpa.svg)](https://codeclimate.com/github/diaspora/diaspora)
-
 [Project site](https://diasporafoundation.org) |
 [Wiki](https://wiki.diasporafoundation.org) |
 [Bugtracker](https://github.com/diaspora/diaspora/issues) |
@@ -18,9 +10,9 @@
 
 ## Installation
 
-You don't have to install diaspora* to use the network. There are many servers connected to diaspora*s network which are open to anyone, and you can create an account on one of these servers. Have a look at our [tips for finding a home](https://wiki.diasporafoundation.org/Choosing_a_pod), or you can just go straight to the [list of open servers](http://podupti.me) to sign up.
+You don't have to install diaspora\* to use the network. There are many servers connected to diaspora\*s network which are open to anyone, and you can create an account on one of these servers. Have a look at our [tips for finding a home](https://wiki.diasporafoundation.org/Choosing_a_pod), or you can just go straight to the [list of open servers](https://diaspora.fediverse.observer) to sign up.
 
-Want to own your data and install diaspora*? Whether you just want to try it out, want to install it on your server or want to contribute and need a development setup, our [installation guides](https://wiki.diasporafoundation.org/Installation) will get you started!
+Want to own your data and install diaspora\*? Whether you just want to try it out, want to install it on your server or want to contribute and need a development setup, our [installation guides](https://wiki.diasporafoundation.org/Installation) will get you started!
 
 ## Questions?
 
@@ -36,4 +28,4 @@ Everyone interacting in diaspora’s codebases, issue trackers, chat rooms, the
 
 ## Security
 
-Found a security issue? Please disclose it responsibly. We have a team of developers listening to [security@diasporafoundation.org](mailto:security@diasporafoundation.org). The PGP fingerprint is [AB0D AB02 0FC5 D398 03AB 3CE1 6F70 243F 27AD 886A](https://pgp.mit.edu/pks/lookup?op=get&search=0x6F70243F27AD886A).
+See [`SECURITY.md`](/SECURITY.md) for instructions on how to responsibly report a security vulnerability.

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+We support the latest stable release, as well as the current state of the `next-minor` and `develop` branches. Security issues for older releases are out of scope.
+
+## Reporting a Vulnerability
+
+Found a security issue? Please disclose it responsibly. We have a team of developers listening to [security@diasporafoundation.org](mailto:security@diasporafoundation.org). The PGP fingerprint is [AB0D AB02 0FC5 D398 03AB 3CE1 6F70 243F 27AD 886A](https://pgp.mit.edu/pks/lookup?op=get&search=0x6F70243F27AD886A).

app/assets/config/manifest.js

@@ -1,12 +1,13 @@
+//= link_tree ../images
+
+//= link main.js
+//= link mobile/mobile.js
 //= link contact-list.js
 //= link jquery3.js
 //= link jquery_ujs.js
-//= link main.js
-//= link jsxc.js
 //= link bookmarklet.js
 //= link mobile/bookmarklet.js
-//= link mobile/mobile.js
-//= link templates.js
-//= link error_pages.css
+
 //= link admin.css
+//= link error_pages.css
 //= link rtl.css

app/assets/javascripts/app/app.js

@@ -14,7 +14,7 @@
 //= require_tree ./collections
 //= require_tree ./views
 
-//= require perfect-scrollbar/perfect-scrollbar.jquery
+//= require perfect-scrollbar/dist/perfect-scrollbar
 
 var app = {
   collections: {},

app/assets/javascripts/app/collections/comments.js

@@ -12,12 +12,17 @@ app.collections.Comments = Backbone.Collection.extend({
 
   make : function(text) {
     var self = this;
-    var comment = new app.models.Comment({ "text": text });
+    var comment = new app.models.Comment({"text": text}, {post: this.post});
 
     var deferred = comment.save({}, {
       url: "/posts/"+ this.post.id +"/comments",
       success: function() {
         comment.set({author: app.currentUser.toJSON(), parent: self.post });
+
+        // Need interactions after make
+        comment.interactions = new app.models.LikeInteractions(
+          _.extend({comment: comment, post: self.post}, comment.get("interactions"))
+        );
         self.add(comment);
       }
     });

app/assets/javascripts/app/collections/likes.js

@@ -4,7 +4,11 @@ app.collections.Likes = Backbone.Collection.extend({
   model: app.models.Like,
 
   initialize : function(models, options) {
-    this.url = "/posts/" + options.post.id + "/likes"; //not delegating to post.url() because when it is in a stream collection it delegates to that url
+    // A comment- like has a post reference and a comment reference
+    this.url = (options.comment != null) ?
+      // not delegating to post.url() because when it is in a stream collection it delegates to that url
+      "/comments/" + options.comment.id + "/likes" :
+      "/posts/" + options.post.id + "/likes";
   }
 });
 // @license-end

app/assets/javascripts/app/helpers/handlebars-helpers.js

@@ -44,7 +44,7 @@ Handlebars.registerHelper('linkToPerson', function(context, block) {
 // relationship indicator for profile page
 Handlebars.registerHelper("sharingMessage", function(person) {
   var i18nScope = "people.helper.is_not_sharing";
-  var icon = "circle";
+  var icon = "entypo-record";
   if( person.is_sharing ) {
     i18nScope = "people.helper.is_sharing";
     icon = "entypo-check";

app/assets/javascripts/app/helpers/handlebars-partials.js

@@ -1,7 +1,4 @@
 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
 
-/* we need to wrap this in a document ready to ensure JST is accessible */
-$(function(){
-  Handlebars.registerPartial('status-message', HandlebarsTemplates['status-message_tpl']);
-});
+Handlebars.registerPartial("status-message", HandlebarsTemplates["status-message_tpl"]);
 // @license-end

app/assets/javascripts/app/helpers/locations.js

@@ -1,25 +1,23 @@
 (function() {
   app.helpers.locations = {
     getTiles: function() {
-      // If the mapbox option is enabled in the diaspora.yml, the mapbox tiles with the podmin's credentials are used.
+      // If the mapbox option is enabled in the diaspora.toml, the mapbox tiles with the podmin's credentials are used.
       if (gon.appConfig.map.mapbox.enabled) {
-        return L.tileLayer("https://api.mapbox.com/styles/v1/{style}/tiles/256/{z}/{x}/{y}?access_token={accessToken}", {
-          accessToken: gon.appConfig.map.mapbox.access_token,
-          style: gon.appConfig.map.mapbox.style,
-          attribution: "Map data &copy; <a href='http://openstreetmap.org'>OpenStreetMap</a> contributors, " +
-                       "<a href='http://creativecommons.org/licenses/by-sa/2.0/''>CC-BY-SA</a>, " +
-                       "Imagery © <a href='https://www.mapbox.com'>Mapbox</a>",
-          maxZoom: 18
-        });
+        return L.tileLayer(
+          "https://api.mapbox.com/styles/v1/{style}/tiles/256/{z}/{x}/{y}?access_token={accessToken}",
+          {
+            accessToken: gon.appConfig.map.mapbox.access_token,
+            style: gon.appConfig.map.mapbox.style,
+            attribution:
+              "Map data &copy; <a href='https://openstreetmap.org'>OpenStreetMap</a> contributors, " +
+              "<a href='http://opendatacommons.org/licenses/dbcl/1.0/'>Open Database License, ODbL 1.0</a>, " +
+              "Imagery © <a href='https://www.mapbox.com'>Mapbox</a>",
+            maxZoom: 18,
+            tileSize: 512,
+            zoomOffset: -1
+          }
+        );
       }
-
-      // maptiles from the Heidelberg University are used by default.
-      return L.tileLayer("http://korona.geog.uni-heidelberg.de/tiles/roads/x={x}&y={y}&z={z}", {
-        attribution: "Map data &copy; <a href='http://openstreetmap.org'>OpenStreetMap</a> contributors, " +
-                     "rendering <a href='http://giscience.uni-hd.de/'>" +
-                     "GIScience Research Group @ Heidelberg University</a>",
-        maxZoom: 18
-      });
     }
   };
 })();

app/assets/javascripts/app/helpers/text_formatter.js

@@ -1,6 +1,11 @@
 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
 
 (function(){
+  app.helpers.allowedEmbedsMime = function(mimetype) {
+    var v = document.createElement(mimetype[1]);
+    return v.canPlayType && v.canPlayType(mimetype[0]) !== "";
+  };
+
   app.helpers.textFormatter = function(text, mentions) {
     mentions = mentions ? mentions : [];
 
@@ -11,6 +16,9 @@
       typographer: true
     });
 
+    var footnote = window.markdownitFootnote;
+    md.use(footnote);
+
     var inlinePlugin = window.markdownitForInline;
     md.use(inlinePlugin, "utf8_symbols", "text", function (tokens, idx) {
       tokens[idx].content = tokens[idx].content.replace(/<->/g, "↔")
@@ -35,7 +43,7 @@
 
     var hashtagPlugin = window.markdownitHashtag;
     md.use(hashtagPlugin, {
-      // compare tag_text_regexp in app/models/acts_as_taggable_on-tag.rb
+      // compare tag_text_regexp in config/initializers/acts_as_taggable_on.rb
       hashtagRegExp: "[" + PosixBracketExpressions.word +
                            "\\u055b" + // Armenian emphasis mark
                            "\\u055c" + // Armenian exclamation mark
@@ -83,6 +91,30 @@
 
     // Bootstrap table markup
     md.renderer.rules.table_open = function () { return "<table class=\"table table-striped\">\n"; };
+
+    var html5medialPlugin = window.markdownitHTML5Embed;
+    md.use(html5medialPlugin, {html5embed: {
+      inline: false,
+      autoAppend: true,
+      renderFn: function handleBarsRenderFn(parsed, mediaAttributes) {
+        var attributes = mediaAttributes[parsed.mediaType];
+        return HandlebarsTemplates["media-embed_tpl"]({
+          mediaType: parsed.mediaType,
+          attributes: attributes,
+          mimetype: parsed.mimeType,
+          sourceURL: parsed.url,
+          title: parsed.title,
+          fallback: parsed.fallback,
+          needsCover: parsed.mediaType === "video"
+        });
+      },
+      attributes: {
+        "audio": "controls preload=none",
+        "video": "preload=none"
+      },
+      isAllowedMimeType: app.helpers.allowedEmbedsMime
+    }});
+
     return md.render(text);
   };
 })();

app/assets/javascripts/app/helpers/truncate.js

@@ -1,14 +1,11 @@
 (function() {
   app.helpers.truncate = function(passedString, length) {
-    if (passedString === null || passedString === undefined) {
+    if (passedString === null || passedString === undefined || passedString.length < length) {
       return passedString;
     }
 
-    if (passedString.length > length) {
-      var lastBlank = passedString.lastIndexOf(' ', length);
-      var trimstring = passedString.substring(0, Math.min(length, lastBlank));
-      return new Handlebars.SafeString(trimstring + " ...");
-    }
-    return new Handlebars.SafeString(passedString);
+    var lastBlank = passedString.lastIndexOf(" ", length);
+    var trimstring = passedString.substring(0, Math.min(length, lastBlank));
+    return trimstring + " ...";
   };
 })();

app/assets/javascripts/app/models/comment.js

@@ -1,6 +1,17 @@
 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
 
 app.models.Comment = Backbone.Model.extend({
-  urlRoot: "/comments"
+  urlRoot: "/comments",
+
+  initialize: function(model, options) {
+    options = options || {};
+    this.post = model.post || options.post || this.collection.post;
+    this.interactions = new app.models.LikeInteractions(
+      _.extend({comment: this, post: this.post}, this.get("interactions"))
+      );
+    this.likes = this.interactions.likes;
+    this.likesCount = this.attributes.likes_count;
+    this.userLike = this.interactions.userLike();
+  }
 });
 // @license-end

app/assets/javascripts/app/models/like_interactions.js

@@ -0,0 +1,58 @@
+// This class contains code extracted from interactions.js to factorize likes management between posts and comments
+
+app.models.LikeInteractions = Backbone.Model.extend({
+
+  initialize: function(options) {
+    this.likes = new app.collections.Likes(this.get("likes"), options);
+    this.post = options.post;
+  },
+
+  likesCount: function() {
+    return this.get("likes_count");
+  },
+
+  userLike: function() {
+    return this.likes.select(function(like) {
+      return like.get("author") && like.get("author").guid === app.currentUser.get("guid");
+    })[0];
+  },
+
+  toggleLike: function() {
+    if (this.userLike()) {
+      this.unlike();
+    } else {
+      this.like();
+    }
+  },
+
+  like: function() {
+    var self = this;
+    this.likes.create({}, {
+      success: function() {
+        self.post.set({participation: true});
+        self.trigger("change");
+        self.set({"likes_count": self.get("likes_count") + 1});
+        self.likes.trigger("change");
+      },
+      error: function(model, response) {
+        app.flashMessages.handleAjaxError(response);
+      }
+    });
+  },
+
+  unlike: function() {
+    var self = this;
+    this.userLike().destroy({
+      success: function() {
+        // TODO: unlike always sets participation to false in the UI, even if there are more participations left
+        //  in the backend (from manually participating, other likes or comments)
+        self.post.set({participation: false});
+        self.trigger("change");
+        self.set({"likes_count": self.get("likes_count") - 1});
+        self.likes.trigger("change");
+      },
+      error: function(model, response) {
+        app.flashMessages.handleAjaxError(response);
+      }});
+  }
+});

app/assets/javascripts/app/models/post.js

@@ -4,7 +4,7 @@ app.models.Post = Backbone.Model.extend(_.extend({}, app.models.formatDateMixin,
   urlRoot : "/posts",
 
   initialize : function() {
-    this.interactions = new app.models.Post.Interactions(_.extend({post : this}, this.get("interactions")));
+    this.interactions = new app.models.PostInteractions(_.extend({post: this}, this.get("interactions")));
     this.delegateToInteractions();
   },
 

app/assets/javascripts/app/models/post_interactions.js

@@ -1,71 +1,27 @@
 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
 
-//require ../post
-
-app.models.Post.Interactions = Backbone.Model.extend({
-  initialize : function(options){
+app.models.PostInteractions = app.models.LikeInteractions.extend({
+  initialize: function(options) {
+    app.models.LikeInteractions.prototype.initialize.apply(this, arguments);
     this.post = options.post;
-    this.comments = new app.collections.Comments(this.get("comments"), {post : this.post});
-    this.likes = new app.collections.Likes(this.get("likes"), {post : this.post});
-    this.reshares = new app.collections.Reshares(this.get("reshares"), {post : this.post});
+    this.comments = new app.collections.Comments(this.get("comments"), {post: this.post});
+    this.reshares = new app.collections.Reshares(this.get("reshares"), {post: this.post});
   },
 
-  likesCount : function(){
-    return this.get("likes_count");
-  },
-
-  resharesCount : function(){
+  resharesCount: function() {
     return this.get("reshares_count");
   },
 
-  commentsCount : function(){
+  commentsCount: function() {
     return this.get("comments_count");
   },
 
-  userLike : function(){
-    return this.likes.select(function(like){
-      return like.get("author") && like.get("author").guid === app.currentUser.get("guid");
-    })[0];
-  },
-
-  userReshare : function(){
+  userReshare: function() {
     return this.reshares.select(function(reshare){
       return reshare.get("author") && reshare.get("author").guid === app.currentUser.get("guid");
     })[0];
   },
 
-  toggleLike : function() {
-    if(this.userLike()) {
-      this.unlike();
-    } else {
-      this.like();
-    }
-  },
-
-  like : function() {
-    var self = this;
-    this.likes.create({}, {
-      success: function() {
-        self.post.set({participation: true});
-        self.trigger("change");
-        self.set({"likes_count" : self.get("likes_count") + 1});
-        self.likes.trigger("change");
-      },
-      error: function(model, response) {
-        app.flashMessages.handleAjaxError(response);
-      }
-    });
-  },
-
-  unlike : function() {
-    var self = this;
-    this.userLike().destroy({success : function() {
-      self.trigger('change');
-      self.set({"likes_count" : self.get("likes_count") - 1});
-      self.likes.trigger("change");
-    }});
-  },
-
   comment: function(text, options) {
     var self = this;
     options = options || {};
@@ -81,6 +37,10 @@ app.models.Post.Interactions = Backbone.Model.extend({
     });
   },
 
+  removedComment: function() {
+    this.set({"comments_count": this.get("comments_count") - 1});
+  },
+
   reshare : function(){
     var interactions = this;
 
@@ -101,7 +61,7 @@ app.models.Post.Interactions = Backbone.Model.extend({
       });
   },
 
-  userCanReshare : function(){
+  userCanReshare: function() {
     var isReshare = this.post.get("post_type") === "Reshare"
       , rootExists = (isReshare ? this.post.get("root") : true)
       , publicPost = this.post.get("public")

app/assets/javascripts/app/models/stream.js

@@ -69,7 +69,7 @@ app.models.Stream = Backbone.Collection.extend({
   },
 
   sortOrder : function() {
-    return /activity/.test(this.basePath()) ? "interactedAt" : "createdAt";
+    return /^\/activity/.test(this.basePath()) ? "interactedAt" : "createdAt";
   },
 
   /* This function is for adding a large number of posts one by one.

app/assets/javascripts/app/pages/admin_pods.js

@@ -29,6 +29,25 @@ app.pages.AdminPods = app.views.Base.extend({
 
   _showMessages: function() {
     var msgs = document.createDocumentFragment();
+    if (gon.totalCount && gon.totalCount > 0) {
+      let totalPods = $("<div class='alert alert-info' role='alert' />")
+        .append(Diaspora.I18n.t("admin.pods.total", {count: gon.totalCount}));
+      if (gon.activeCount) {
+        if (gon.activeCount === 0) {
+          totalPods
+            .append(" " + Diaspora.I18n.t("admin.pods.none_active"));
+        }
+        if (gon.activeCount === gon.totalCount) {
+          totalPods
+            .append(" " + Diaspora.I18n.t("admin.pods.all_active"));
+        } else {
+          totalPods
+            .append(" " + Diaspora.I18n.t("admin.pods.active", {count: gon.activeCount}));
+        }
+      }
+      msgs.appendChild(totalPods[0]);
+    }
+
     if( gon.uncheckedCount && gon.uncheckedCount > 0 ) {
       var unchecked = $("<div class='alert alert-info' role='alert' />")
         .append(Diaspora.I18n.t("admin.pods.unchecked", {count: gon.uncheckedCount}));

app/assets/javascripts/app/pages/contacts.js

@@ -5,16 +5,12 @@ app.pages.Contacts = Backbone.View.extend({
   el: "#contacts_container",
 
   events: {
-    "click #contacts_visibility_toggle" : "toggleContactVisibility",
-    "click #chat_privilege_toggle" : "toggleChatPrivilege",
     "click #change_aspect_name" : "showAspectNameForm",
     "click .conversation_button": "showMessageModal",
     "click .invitations-button": "showInvitationsModal"
   },
 
   initialize: function(opts) {
-    this.visibilityToggle = $("#contacts_visibility_toggle i");
-    this.chatToggle = $("#chat_privilege_toggle i");
     this.stream = opts.stream;
     this.stream.render();
     $("#people-stream.contacts .header i").tooltip({"placement": "bottom"});
@@ -29,41 +25,6 @@ app.pages.Contacts = Backbone.View.extend({
     this.setupAspectSorting();
   },
 
-  toggleChatPrivilege: function() {
-    if (this.chatToggle.hasClass("enabled")) {
-      this.chatToggle.tooltip("destroy")
-                      .removeClass("enabled")
-                      .removeAttr("data-original-title")
-                      .attr("title", Diaspora.I18n.t("contacts.aspect_chat_is_not_enabled"))
-                      .tooltip({"placement": "bottom"});
-    } else {
-      this.chatToggle.tooltip("destroy")
-                      .addClass("enabled")
-                      .removeAttr("data-original-title")
-                      .attr("title", Diaspora.I18n.t("contacts.aspect_chat_is_enabled"))
-                      .tooltip({"placement": "bottom"});
-    }
-  },
-
-  toggleContactVisibility: function() {
-    if (this.visibilityToggle.hasClass("entypo-lock-open")) {
-      this.visibilityToggle.removeClass("entypo-lock-open")
-                            .addClass("entypo-lock")
-                            .tooltip("destroy")
-                            .removeAttr("data-original-title")
-                            .attr("title", Diaspora.I18n.t("contacts.aspect_list_is_not_visible"))
-                            .tooltip({"placement": "bottom"});
-    }
-    else {
-      this.visibilityToggle.removeClass("entypo-lock")
-                            .addClass("entypo-lock-open")
-                            .tooltip("destroy")
-                            .removeAttr("data-original-title")
-                            .attr("title", Diaspora.I18n.t("contacts.aspect_list_is_visible"))
-                            .tooltip({"placement": "bottom"});
-    }
-  },
-
   showAspectNameForm: function() {
     $(".header > h3").hide();
     var aspectName = $.trim($(".header h3 #aspect_name").text());
@@ -81,7 +42,7 @@ app.pages.Contacts = Backbone.View.extend({
   showMessageModal: function(){
     $("#conversationModal").on("modal:loaded", function() {
       var people = _.pluck(app.contacts.filter(function(contact) {
-        return contact.inAspect(app.aspect.get("id"));
+        return contact.person.get("relationship") === "mutual" && contact.inAspect(app.aspect.get("id"));
       }), "person");
       new app.views.ConversationsForm({prefill: people});
     });

app/assets/javascripts/app/pages/profile.js

@@ -24,9 +24,6 @@ app.pages.Profile = app.views.Base.extend({
     if (app.hasPreload("photos_count")) {
       this.photos = app.parsePreload("photos_count");
     }
-    if (app.hasPreload("contacts_count")) {
-      this.contacts = app.parsePreload("contacts_count");
-    }
 
     this.streamCollection = _.has(opts, "streamCollection") ? opts.streamCollection : null;
     this.streamViewClass = _.has(opts, "streamView") ? opts.streamView : null;
@@ -70,7 +67,6 @@ app.pages.Profile = app.views.Base.extend({
     return new app.views.ProfileHeader({
       model: this.model,
       photos: this.photos,
-      contacts: this.contacts
     });
   },
 

app/assets/javascripts/app/pages/registration.js

@@ -1,10 +0,0 @@
-// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
-app.pages.Registration = Backbone.View.extend({
-  initialize: function() {
-    $("input#user_email").popover({
-      placement: "left",
-      trigger: "focus"
-    }).popover("show");
-  }
-});
-// @license-end

app/assets/javascripts/app/pages/settings.js

@@ -15,6 +15,10 @@ app.pages.Settings = Backbone.View.extend({
       form: $("#post-default-aspects")
     });
     $("#update_profile_form").areYouSure();
+
+    $("#register-protocol-handler").click(function() {
+      Diaspora.ProtocolHandler.register();
+    });
   }
 });
 // @license-end

app/assets/javascripts/app/pages/single-post-viewer.js

@@ -3,23 +3,23 @@
 app.pages.SinglePostViewer = app.views.Base.extend({
   templateName: "single-post-viewer",
 
-  subviews : {
-    "#single-post-content" : "singlePostContentView",
-    '#single-post-interactions' : 'singlePostInteractionsView'
+  subviews: {
+    "#single-post-content": "singlePostContentView",
+    "#single-post-interactions": "singlePostInteractionsView"
   },
 
-  initialize : function() {
+  initialize: function() {
     this.model = new app.models.Post(gon.post);
     this.initViews();
   },
 
-  initViews : function() {
+  initViews: function() {
     this.singlePostContentView = new app.views.SinglePostContent({model: this.model});
     this.singlePostInteractionsView = new app.views.SinglePostInteractions({model: this.model});
     this.render();
   },
 
-  postRenderTemplate : function() {
+  postRenderTemplate: function() {
     if(this.model.get("title")){
       // formats title to html...
       var html_title = app.helpers.textFormatter(this.model.get("title"), this.model.get("mentioned_people"));

app/assets/javascripts/app/router.js

@@ -20,11 +20,11 @@ app.Router = Backbone.Router.extend({
     "p/:id(/)": "singlePost",
     "people(/)": "peopleSearch",
     "people/:id(/)": "profile",
-    "people/:id/contacts(/)": "profile",
     "people/:id/photos(/)": "photos",
     "posts/:id(/)": "singlePost",
     "profile/edit(/)": "settings",
     "public(/)": "stream",
+    "local_public(/)": "stream",
     "stream(/)": "stream",
     "tags/:name(/)": "followed_tags",
     "u/:name(/)": "profile",
@@ -173,10 +173,6 @@ app.Router = Backbone.Router.extend({
     });
   },
 
-  registration: function() {
-    app.page = new app.pages.Registration();
-  },
-
   settings: function() {
     app.page = new app.pages.Settings();
   },

app/assets/javascripts/app/views.js

@@ -4,6 +4,7 @@ app.views.Base = Backbone.View.extend({
 
   initialize : function() {
     this.setupRenderEvents();
+    this.setupReport();
   },
 
   presenter : function(){
@@ -102,22 +103,25 @@ app.views.Base = Backbone.View.extend({
     this.model.set(_.inject(this.formAttrs, _.bind(setValueFromField, this), {}));
   },
 
-  report: function(evt) {
-    if(evt) { evt.preventDefault(); }
-    var msg = prompt(Diaspora.I18n.t('report.prompt'), Diaspora.I18n.t('report.prompt_default'));
-    if (msg == null) {
-      return;
+  setupReport: function() {
+    const reportForm = document.getElementById("report-content-form");
+    if (reportForm) {
+      reportForm.addEventListener("submit", this.onSubmitReport);
     }
-    var data = {
-      report: {
-        item_id: this.model.id,
-        item_type: $(evt.currentTarget).data("type"),
-        text: msg
-      }
+  },
+
+  onSubmitReport: function(ev) {
+    if (ev) { ev.preventDefault(); }
+    const form = ev.currentTarget;
+    $("#reportModal").modal("hide");
+    const textarea = document.getElementById("report-reason-field");
+    const report = {
+      item_id: form.dataset.reportId,
+      item_type: form.dataset.reportType,
+      text: textarea.value
     };
 
-    var report = new app.models.Report();
-    report.save(data, {
+    new app.models.Report().save({report: report}, {
       success: function() {
         app.flashMessages.success(Diaspora.I18n.t("report.status.created"));
       },
@@ -127,11 +131,21 @@ app.views.Base = Backbone.View.extend({
     });
   },
 
+  report: function(evt) {
+    if (evt) { evt.preventDefault(); }
+    const form = document.getElementById("report-content-form");
+    form.dataset.reportId = this.model.id;
+    form.dataset.reportType = evt.currentTarget.dataset.type;
+    document.getElementById("report-reason-field").value = "";
+    document.getElementById("report-reason-field").focus();
+    $("#reportModal").modal();
+  },
+
   destroyConfirmMsg: function() { return Diaspora.I18n.t("confirm_dialog"); },
 
   destroyModel: function(evt) {
     evt && evt.preventDefault();
-    var url = this.model.urlRoot + "/" + this.model.id;
+    const url = this.model.urlRoot + "/" + this.model.id;
 
     if( confirm(_.result(this, "destroyConfirmMsg")) ) {
       this.$el.addClass("deleting");

app/assets/javascripts/app/views/aspect_create_view.js

@@ -21,10 +21,6 @@ app.views.AspectCreate = app.views.Base.extend({
     });
   },
 
-  _contactsVisible: function() {
-    return this.$("#aspect_contacts_visible").is(":checked");
-  },
-
   _name: function() {
     return this.$("#aspect_name").val();
   },
@@ -71,8 +67,7 @@ app.views.AspectCreate = app.views.Base.extend({
 
     app.aspects.create({
       "person_id": this._personId || null,
-      "name": this._name(),
-      "contacts_visible": this._contactsVisible()
+      "name": this._name()
     });
   },
 

app/assets/javascripts/app/views/aspect_membership_view.js

@@ -16,10 +16,8 @@ app.views.AspectMembership = app.views.Base.extend({
   },
 
   events: {
-    "click ul.aspect_membership.dropdown-menu > li.aspect_selector"
-        : "_clickHandler",
-    "keypress ul.aspect_membership.dropdown-menu > li.aspect_selector"
-        : "_clickHandler"
+    "click ul.aspect-membership.dropdown-menu > li.aspect_selector": "_clickHandler",
+    "keypress ul.aspect-membership.dropdown-menu > li.aspect_selector": "_clickHandler"
   },
 
   initialize: function(opts) {

app/assets/javascripts/app/views/aspects_dropdown_view.js

@@ -27,16 +27,14 @@ app.views.AspectsDropdown = app.views.Base.extend({
   },
 
   // change class and text of the dropdown button
-  _updateButton: function(inAspectClass) {
-    var button = this.$('.btn.dropdown-toggle'),
+  _updateButton: function() {
+    let button = this.$(".btn.dropdown-toggle"),
       selectedAspects = this.$(".dropdown-menu > li.selected").length,
       buttonText;
 
     if (selectedAspects === 0) {
-      button.removeClass(inAspectClass).addClass('btn-default');
       buttonText = Diaspora.I18n.t("aspect_dropdown.select_aspects");
     } else {
-      button.removeClass('btn-default').addClass(inAspectClass);
       if (selectedAspects === 1) {
         buttonText = this.$(".dropdown-menu > li.selected .text").first().text();
       } else {

app/assets/javascripts/app/views/back_to_top_view.js

@@ -12,7 +12,7 @@ app.views.BackToTop = Backbone.View.extend({
 
   backToTop: function(evt) {
     evt.preventDefault();
-    $("html, body").animate({scrollTop: 0});
+    $("html, body").animate({scrollTop: 0}, this.toggleVisibility);
   },
 
   toggleVisibility: function() {

app/assets/javascripts/app/views/comment_stream_view.js

@@ -135,7 +135,10 @@ app.views.CommentStream = app.views.Base.extend({
   },
 
   removeComment: function(comment) {
-    this.$("#" + comment.get("guid")).closest(".comment.media").remove();
+    var result = this.$("#" + comment.get("guid")).closest(".comment.media").remove();
+    if (result.hasClass("deleting")) {
+      this.model.interactions.removedComment();
+    }
   },
 
   expandComments: function(evt){

app/assets/javascripts/app/views/comment_view.js

@@ -6,40 +6,58 @@ app.views.Comment = app.views.Content.extend({
   className : "comment media",
   tooltipSelector: "time",
 
-  events : function() {
+  subviews: {
+    ".likes-on-comment": "likesInfoView"
+  },
+
+  events: function() {
     return _.extend({}, app.views.Content.prototype.events, {
       "click .comment_delete": "destroyModel",
-      "click .comment_report": "report"
+      "click .comment_report": "report",
+      "click .like": "toggleLike"
     });
   },
 
-  initialize : function(options){
+  initialize: function(options) {
     this.templateName = options.templateName || this.templateName;
+    this.model.interactions.on("change", this.render, this);
     this.model.on("change", this.render, this);
   },
 
-  presenter : function() {
+  presenter: function() {
     return _.extend(this.defaultPresenter(), {
       canRemove: this.canRemove(),
-      text: app.helpers.textFormatter(this.model.get("text"), this.model.get("mentioned_people"))
+      text: app.helpers.textFormatter(this.model.get("text"), this.model.get("mentioned_people")),
+      likesCount: this.model.attributes.likesCount,
+      userLike: this.model.interactions.userLike()
     });
   },
 
-  ownComment : function() {
+  ownComment: function() {
     return app.currentUser.authenticated() && this.model.get("author").diaspora_id === app.currentUser.get("diaspora_id");
   },
 
-  postOwner : function() {
+  postOwner: function() {
     return  app.currentUser.authenticated() && this.model.get("parent").author.diaspora_id === app.currentUser.get("diaspora_id");
   },
 
-  canRemove : function() {
+  canRemove: function() {
     return app.currentUser.authenticated() && (this.ownComment() || this.postOwner());
+  },
+
+  toggleLike: function(evt) {
+    if (evt) { evt.preventDefault(); }
+    this.model.interactions.toggleLike();
+  },
+
+  likesInfoView: function() {
+    return new app.views.LikesInfo({model: this.model});
   }
 });
 
 app.views.ExpandedComment = app.views.Comment.extend({
   postRenderTemplate : function(){
+    this.bindMediaEmbedThumbClickEvent();
   }
 });
 // @license-end

app/assets/javascripts/app/views/content_view.js

@@ -63,7 +63,29 @@ app.views.Content = app.views.Base.extend({
     }
   },
 
+  // This function is called when user clicks cover for HTML5 embedded video
+  onVideoThumbClick: function(evt) {
+    var clickedThumb;
+    if ($(evt.target).hasClass("thumb")) {
+      clickedThumb = $(evt.target);
+    } else {
+      clickedThumb = $(evt.target).parent(".thumb");
+    }
+    clickedThumb.find(".video-overlay").addClass("hidden");
+    clickedThumb.parents(".collapsed").children(".expander").click();
+    var video = clickedThumb.find("video");
+    video.attr("controls", "");
+    video.get(0).load();
+    video.get(0).play();
+    clickedThumb.unbind("click");
+  },
+
+  bindMediaEmbedThumbClickEvent: function() {
+    this.$(".media-embed .thumb").bind("click", this.onVideoThumbClick);
+  },
+
   postRenderTemplate : function(){
+    this.bindMediaEmbedThumbClickEvent();
     _.defer(_.bind(this.collapseOversized, this));
 
     // run collapseOversized again after all contained images are loaded
@@ -93,6 +115,8 @@ app.views.StatusMessage = app.views.Content.extend({
 
 app.views.ExpandedStatusMessage = app.views.StatusMessage.extend({
   postRenderTemplate : function(){
+    this.bindMediaEmbedThumbClickEvent();
+
     var photoAttachments = this.$(".photo-attachments");
     if(photoAttachments.length > 0) {
       new app.views.Gallery({ el: photoAttachments });

app/assets/javascripts/app/views/gallery_view.js

@@ -31,12 +31,20 @@ app.views.Gallery = app.views.Base.extend({
     return {
       index: link,
       event: event,
-      hidePageScrollbars: false,
-      disableScroll: true,
       continuous: true,
       toggleControlsOnReturn: false,
       onopened: this.preventHideControls,
-      slideshowInterval: 2000
+      slideshowInterval: 2000,
+      onslidecomplete: function(index, slide) {
+        // If the image is very tall (more than twice its width), then it is scrollable instead of resized
+        var image = slide.firstElementChild;
+        if (image.naturalHeight > window.innerHeight && image.naturalHeight > image.naturalWidth * 2) {
+          image.classList.add("too-tall");
+        } else {
+          var margins = 110; // Margins are 80px for thumbnails height and 15px for top image margin + scroll-x height
+          image.style = "max-height: " + (window.innerHeight - margins) + "px";
+        }
+      }
     };
   }
 });

app/assets/javascripts/app/views/help_view.js

@@ -9,13 +9,13 @@ app.views.Help = app.views.StaticContentView.extend({
     "click .faq-link-sharing": "sharing",
     "click .faq-link-posts-and-posting": "postsAndPosting",
     "click .faq-link-tags": "tags",
-    "click .faq-link-keyboard-shortcuts": "keyboardShortcuts",
-    "click .faq-link-chat": "chat"
+    "click .faq-link-keyboard-shortcuts": "keyboardShortcuts"
   },
 
+  /* eslint-disable camelcase */
   initialize : function() {
     this.GETTING_HELP_SUBS = {
-      getting_started_a: {tutorial_series: this.linkHtml("http://diasporafoundation.org/getting_started/sign_up", Diaspora.I18n.t("getting_started_tutorial"))},
+      getting_started_a: {tutorial_series: this.linkHtml("https://diasporafoundation.org/getting_started/sign_up", Diaspora.I18n.t("getting_started_tutorial"))},
       get_support_a_website: {link: this.linkHtml("https://diasporafoundation.org/", Diaspora.I18n.t("foundation_website"))},
       get_support_a_tutorials: {tutorials: this.linkHtml("https://diasporafoundation.org/tutorials", Diaspora.I18n.t("tutorials"))},
       get_support_a_wiki: {link: this.linkHtml("https://wiki.diasporafoundation.org/Special:Search", Diaspora.I18n.t("wiki"))},
@@ -28,10 +28,11 @@ app.views.Help = app.views.StaticContentView.extend({
     this.POSTS_AND_POSTING_SUBS = {
       post_report_a: {community_guidelines: this.linkHtml("https://diasporafoundation.org/community_guidelines", Diaspora.I18n.t("community_guidelines"))},
       format_text_a: {
-        markdown: this.linkHtml("http://diasporafoundation.org/formatting", Diaspora.I18n.t( 'markdown' )),
-        here: this.linkHtml("http://daringfireball.net/projects/markdown/syntax", Diaspora.I18n.t( 'here' ))
+        markdown: this.linkHtml("https://diasporafoundation.org/formatting", Diaspora.I18n.t("markdown")),
+        here: this.linkHtml("https://daringfireball.net/projects/markdown/syntax", Diaspora.I18n.t("here"))
       }
     };
+  /* eslint-enable camelcase */
 
     this.TAGS_SUBS = {
       filter_tags_a: {
@@ -39,31 +40,22 @@ app.views.Help = app.views.StaticContentView.extend({
       }
     };
 
-    this.CHAT_SUBS = {
-      add_contact_roster_a: {
-        toggle_privilege: this.getChatIcons(),
-        contacts_page: this.linkHtml(Routes.contacts(), Diaspora.I18n.t("chat.contacts_page"))
-      }
-    };
-
     this.data = {
-      title_header: Diaspora.I18n.t( 'title_header' ),
-      title_getting_help: Diaspora.I18n.t( 'getting_help.title' ),
-      title_account_and_data_management: Diaspora.I18n.t( 'account_and_data_management.title' ),
-      title_aspects: Diaspora.I18n.t( 'aspects.title' ),
-      title_mentions: Diaspora.I18n.t( 'mentions.title' ),
-      title_pods: Diaspora.I18n.t( 'pods.title' ),
-      title_posts_and_posting: Diaspora.I18n.t( 'posts_and_posting.title' ),
-      title_private_posts: Diaspora.I18n.t( 'private_posts.title' ),
-      title_public_posts: Diaspora.I18n.t( 'public_posts.title' ),
-      title_resharing_posts: Diaspora.I18n.t( 'resharing_posts.title' ),
+      title_header: Diaspora.I18n.t("title_header"),
+      title_getting_help: Diaspora.I18n.t("getting_help.title"),
+      title_account_and_data_management: Diaspora.I18n.t("account_and_data_management.title"),
+      title_aspects: Diaspora.I18n.t("aspects.title"),
+      title_mentions: Diaspora.I18n.t("mentions.title"),
+      title_pods: Diaspora.I18n.t("pods.title"),
+      title_posts_and_posting: Diaspora.I18n.t("posts_and_posting.title"),
+      title_private_posts: Diaspora.I18n.t("private_posts.title"),
+      title_public_posts: Diaspora.I18n.t("public_posts.title"),
+      title_resharing_posts: Diaspora.I18n.t("resharing_posts.title"),
       title_profile: Diaspora.I18n.t("profile.title"),
-      title_sharing: Diaspora.I18n.t( 'sharing.title' ),
-      title_tags: Diaspora.I18n.t( 'tags.title' ),
-      title_keyboard_shortcuts: Diaspora.I18n.t( 'keyboard_shortcuts.title' ),
-      title_miscellaneous: Diaspora.I18n.t( 'miscellaneous.title' ),
-      title_chat: Diaspora.I18n.t( 'chat.title' ),
-      chat_enabled: this.chatEnabled()
+      title_sharing: Diaspora.I18n.t("sharing.title"),
+      title_tags: Diaspora.I18n.t("tags.title"),
+      title_keyboard_shortcuts: Diaspora.I18n.t("keyboard_shortcuts.title"),
+      title_miscellaneous: Diaspora.I18n.t("miscellaneous.title")
     };
 
     return this;
@@ -199,27 +191,8 @@ app.views.Help = app.views.StaticContentView.extend({
     e.preventDefault();
   },
 
-  chat: function(e){
-    this.renderStaticSection("chat", "faq_chat", this.CHAT_SUBS);
-    this.menuClicked(e);
-
-    e.preventDefault();
-  },
-
   linkHtml: function(url, text) {
     return "<a href=\"" + url + "\" target=\"_blank\">" + text + "</a>";
-  },
-
-  chatEnabled: function(){
-    return gon.appConfig.chat.enabled;
-  },
-
-  getChatIcons: function(){
-    return "<div class=\"help-chat-icons\">" +
-           "  <i class=\"entypo-lock-open\"></i>" +
-           "  <i class=\"entypo-chat\"></i>" +
-           "  <i class=\"entypo-trash\"></i>" +
-           "</div>";
   }
 });
 // @license-end

app/assets/javascripts/app/views/hovercard_view.js

@@ -19,10 +19,15 @@ app.views.Hovercard = app.views.Base.extend({
 
     this.showMe = false;
     this.parent = null;  // current 'hovercardable' element that caused HC to appear
-
     this.active = true;
   },
 
+  presenter: function() {
+    return _.extend({}, this.defaultPresenter(), {
+      person: this.person
+    });
+  },
+
   postRenderTemplate: function() {
     this.$el.appendTo($("body"));
 
@@ -102,14 +107,14 @@ app.views.Hovercard = app.views.Base.extend({
       if( !person || person.length === 0 ) {
         throw new Error("received data is not a person object");
       }
-
+      var personModel = new app.models.Person(person);
+      person.is_sharing = personModel.isSharing();
+      self.person = person;
       if (app.currentUser.authenticated()) {
-        self.aspectMembershipDropdown = new app.views.AspectMembership({person: new app.models.Person(person)});
+        self.aspectMembershipDropdown = new app.views.AspectMembership({person: personModel});
       }
-
       self.render();
 
-      self._populateHovercardWith(person);
       if( !self.showMe ) {
         // mouse has left element
         return;
@@ -118,23 +123,6 @@ app.views.Hovercard = app.views.Base.extend({
     });
   },
 
-  _populateHovercardWith: function(person) {
-    this.avatarLink.attr("href", this.href());
-    this.personLink.attr("href", this.href());
-    this.personLink.text(person.name);
-    this.personID.text(person.diaspora_id);
-
-    if (person.profile) {
-      this.avatar.attr("src", person.profile.avatar);
-
-      // set hashtags
-      this.hashtags.empty();
-      this.hashtags.html($(_.map(person.profile.tags, function(tag) {
-        return $("<a/>", {href: Routes.tag(tag)}).text("#" + tag)[0];
-      })));
-    }
-  },
-
   _positionHovercard: function() {
     var p_pos = this.parent.offset();
     var p_height = this.parent.height();

app/assets/javascripts/app/views/locator.js

@@ -19,7 +19,7 @@ app.views.Location = Backbone.View.extend({
     var locator = new OSM.Locator();
     locator.getAddress(function(address, latlng){
       $(element).empty();
-      $("<input/>",
+      $("<input></input>",
         { id: "location_address",
           value: address,
           type: "text",

app/assets/javascripts/app/views/notification_dropdown_view.js

@@ -12,7 +12,7 @@ app.views.NotificationDropdown = app.views.Base.extend({
     this.dropdown = $("#notification-dropdown");
     this.dropdownNotifications = this.dropdown.find(".notifications");
     this.ajaxLoader = this.dropdown.find(".ajax-loader");
-    this.perfectScrollbarInitialized = false;
+    this.perfectScrollbar = null;
     this.dropdownNotifications.scroll(this.dropdownScroll.bind(this));
     this.bindCollectionEvents();
   },
@@ -106,18 +106,17 @@ app.views.NotificationDropdown = app.views.Base.extend({
   },
 
   updateScrollbar: function() {
-    if(this.perfectScrollbarInitialized) {
-      this.dropdownNotifications.perfectScrollbar("update");
+    if (this.perfectScrollbar) {
+      this.perfectScrollbar.update();
     } else {
-      this.dropdownNotifications.perfectScrollbar();
-      this.perfectScrollbarInitialized = true;
+      this.perfectScrollbar = new PerfectScrollbar(this.dropdownNotifications[0]);
     }
   },
 
   destroyScrollbar: function() {
-    if(this.perfectScrollbarInitialized) {
-      this.dropdownNotifications.perfectScrollbar("destroy");
-      this.perfectScrollbarInitialized = false;
+    if (this.perfectScrollbar) {
+      this.perfectScrollbar.destroy();
+      this.perfectScrollbar = null;
     }
   }
 });

app/assets/javascripts/app/views/photos_view.js

@@ -2,23 +2,16 @@
 
 app.views.Photos = app.views.InfScroll.extend({
   className: "clearfix row",
-
   postClass : app.views.Photo,
 
   initialize : function() {
     this.stream = this.model;
     this.collection = this.stream.items;
+    new app.views.Gallery({el: this.$el});
 
     // viable for extraction
     this.stream.fetch();
     this.setupInfiniteScroll();
-  },
-
-  postRenderTemplate: function(){
-    var photoAttachments = $("#main-stream > div");
-    if(photoAttachments.length > 0) {
-      new app.views.Gallery({ el: photoAttachments });
-    }
   }
 });
 // @license-end

app/assets/javascripts/app/views/pod_entry_view.js

@@ -27,12 +27,13 @@ app.views.PodEntry = app.views.Base.extend({
   presenter: function() {
     return _.extend({}, this.defaultPresenter(), {
       /* jshint camelcase: false */
+      hasPort: (this.model.get("port") >= 0),
       is_unchecked: (this.model.get("status")==="unchecked"),
       has_no_errors: (this.model.get("status")==="no_errors"),
       has_errors: (this.model.get("status")!=="no_errors"),
       status_text: Diaspora.I18n.t("admin.pods.states."+this.model.get("status")),
       pod_url: (this.model.get("ssl") ? "https" : "http") + "://" + this.model.get("host") +
-                 (this.model.get("port") ? ":" + this.model.get("port") : ""),
+                 (this.model.get("port") >= 0 ? ":" + this.model.get("port") : ""),
       response_time_fmt: this._fmtResponseTime()
       /* jshint camelcase: true */
     });

app/assets/javascripts/app/views/profile_header_view.js

@@ -14,7 +14,6 @@ app.views.ProfileHeader = app.views.Base.extend({
 
   initialize: function(opts) {
     this.photos = _.has(opts, 'photos') ? opts.photos : null;
-    this.contacts = _.has(opts, 'contacts') ? opts.contacts : null;
     this.model.on("change", this.render, this);
     $("#mentionModal").on("modal:loaded", this.mentionModalLoaded.bind(this));
     $("#mentionModal").on("hidden.bs.modal", this.mentionModalHidden);
@@ -24,13 +23,11 @@ app.views.ProfileHeader = app.views.Base.extend({
     return _.extend({}, this.defaultPresenter(), {
       show_profile_btns: this._shouldShowProfileBtns(),
       show_photos: this._shouldShowPhotos(),
-      show_contacts: this._shouldShowContacts(),
       is_blocked: this.model.isBlocked(),
       is_sharing: this.model.isSharing(),
       is_receiving: this.model.isReceiving(),
       is_mutual: this.model.isMutual(),
       has_tags: this._hasTags(),
-      contacts: this.contacts,
       photos: this.photos
     });
   },
@@ -51,10 +48,6 @@ app.views.ProfileHeader = app.views.Base.extend({
     return (this.photos && this.photos > 0);
   },
 
-  _shouldShowContacts: function() {
-    return (this.contacts && this.contacts > 0);
-  },
-
   showMentionModal: function() {
     app.helpers.showModal("#mentionModal");
   },

app/assets/javascripts/app/views/publisher/aspect_selector_view.js

@@ -31,7 +31,7 @@ app.views.PublisherAspectSelector  = app.views.AspectsDropdown.extend({
     }
 
     this._updateSelectedAspectIds();
-    this._updateButton('btn-default');
+    this._updateButton();
 
     // update the globe or lock icon
     var icon = this.$("#visibility-icon");
@@ -48,7 +48,7 @@ app.views.PublisherAspectSelector  = app.views.AspectsDropdown.extend({
   updateAspectsSelector: function(ids){
     this._selectAspects(ids);
     this._updateSelectedAspectIds();
-    this._updateButton('btn-default');
+    this._updateButton();
   },
 
   // take care of the form fields that will indicate the selected aspects

app/assets/javascripts/app/views/publisher/uploader_view.js

@@ -5,139 +5,102 @@
 // progress. Attaches previews of finished uploads to the publisher.
 
 app.views.PublisherUploader = Backbone.View.extend({
-  allowedExtensions: ["jpg", "jpeg", "png", "gif"],
-  sizeLimit: 4194304,  // bytes
-
   initialize: function(opts) {
     this.publisher = opts.publisher;
-    this.uploader = new qq.FineUploaderBasic({
-      element: this.el,
-      button: this.el,
-
-      text: {
-        fileInputTitle: Diaspora.I18n.t("photo_uploader.upload_photos")
-      },
-      request: {
-        endpoint: Routes.photos(),
-        params: {
-          /* eslint-disable camelcase */
-          authenticity_token: $("meta[name='csrf-token']").attr("content"),
-          /* eslint-enable camelcase */
-          photo: {
-            pending: true
-          }
-        }
-      },
-      validation: {
-        allowedExtensions: this.allowedExtensions,
-        sizeLimit: this.sizeLimit
-      },
-      messages: {
-        typeError: Diaspora.I18n.t("photo_uploader.invalid_ext"),
-        sizeError: Diaspora.I18n.t("photo_uploader.size_error"),
-        emptyError: Diaspora.I18n.t("photo_uploader.empty")
-      },
-      callbacks: {
-        onProgress: _.bind(this.progressHandler, this),
-        onSubmit: _.bind(this.submitHandler, this),
-        onComplete: _.bind(this.uploadCompleteHandler, this),
-        onError: function(id, name, errorReason) {
-          if (app.flashMessages) { app.flashMessages.error(errorReason); }
-        }
-      }
-    });
-
-    this.info = $("<div id=\"fileInfo\" />");
-    this.publisher.wrapperEl.before(this.info);
-
     this.publisher.photozoneEl.on("click", ".x", _.bind(this._removePhoto, this));
-  },
 
-  progressHandler: function(id, fileName, loaded, total) {
-    var progress = Math.round(loaded / total * 100);
-    this.info.text(fileName + " " + progress + "%").fadeTo(200, 1);
-    this.publisher.photozoneEl
-      .find("li.loading").first().find(".progress-bar")
-      .width(progress + "%");
-  },
-
-  submitHandler: function() {
-    this.$el.addClass("loading");
-    this._addPhotoPlaceholder();
+    // Initialize the PostPhotoUploader and subscribe its events
+    this.uploader = new Diaspora.PostPhotoUploader(this.el, opts.dropZoneElementIds);
+    this.uploader.onUploadStarted = _.bind(this.uploadStartedHandler, this);
+    this.uploader.onProgress = _.bind(this.progressHandler, this);
+    this.uploader.onUploadCompleted = _.bind(this.uploadCompleteHandler, this);
   },
 
   // add photo placeholders to the publisher to indicate an upload in progress
-  _addPhotoPlaceholder: function() {
+  _addPhotoPlaceholder: function(id) {
     var publisher = this.publisher;
     publisher.setButtonsEnabled(false);
 
     publisher.wrapperEl.addClass("with_attachments");
     publisher.photozoneEl.append(
-      "<li class=\"publisher_photo loading\" style=\"position:relative;\">" +
+      "<li id=\"upload-" + id + "\"class=\"publisher_photo loading\" style=\"position:relative;\">" +
       "  <div class=\"progress\">" +
       "    <div class=\"progress-bar progress-bar-striped active\" role=\"progressbar\"></div>"+
       "  </div>" +
-      "  <img src=\"\"+Handlebars.helpers.imageUrl(\"ajax-loader2.gif\")+\"\" class=\"ajax-loader\" alt=\"\" />"+
+      "  <div class=\"spinner\"></div>" +
       "</li>"
     );
   },
 
-  uploadCompleteHandler: function(_id, fileName, response) {
+  uploadStartedHandler: function(id) {
+    this.$el.addClass("loading");
+    this._addPhotoPlaceholder(id);
+  },
+
+  progressHandler: function(id, fileName, progress) {
+    this.publisher.photozoneEl
+      .find("li.loading#upload-" + id + " .progress-bar")
+      .width(progress + "%");
+  },
+
+  uploadCompleteHandler: function(id, fileName, response) {
     if (response.success){
-      this.info.text(Diaspora.I18n.t("photo_uploader.completed", {file: fileName})).fadeTo(2000, 0);
+      var photoId = response.data.photo.id,
+          image = response.data.photo.unprocessed_image;
 
-      var id  = response.data.photo.id,
-          url = response.data.photo.unprocessed_image.url;
-
-      this._addFinishedPhoto(id, url);
+      this._addFinishedPhoto(id, photoId, image);
       this.trigger("change");
     } else {
-      this._cancelPhotoUpload();
-      this.trigger("change");
-      this.info.text(Diaspora.I18n.t("photo_uploader.error", {file: fileName}));
+      this._cancelPhotoUpload(id);
       this.publisher.wrapperEl.find("#photodropzone_container").first().after(
         "<div id=\"upload_error\">" +
-        Diaspora.I18n.t("photo_uploader.error", {file: fileName}) +
+          Diaspora.I18n.t("photo_uploader.error", {file: fileName}) +
         "</div>"
       );
+      this.trigger("change");
     }
   },
 
   // replace the first photo placeholder with the finished uploaded image and
   // add the id to the publishers form
-  _addFinishedPhoto: function(id, url) {
+  _addFinishedPhoto: function(id, photoId, image) {
     var publisher = this.publisher;
 
     // add form input element
     publisher.$(".content_creation form").append(
-      "<input type=\"hidden\", value=\""+id+"\" name=\"photos[]\" />"
+      "<input type=\"hidden\", value=\"" + photoId + "\" name=\"photos[]\" />"
     );
-
     // replace placeholder
-    var placeholder = publisher.photozoneEl.find("li.loading").first();
+    var placeholder = publisher.photozoneEl.find("li.loading#upload-" + id);
+
+    var imgElement = document.createElement("img");
+    imgElement.src = image.thumb_medium.url;
+    imgElement.classList.add("hidden");
+    imgElement.dataset.id = photoId;
+    imgElement.dataset.small = image.thumb_small.url;
+    imgElement.dataset.scaled = image.scaled_full.url;
+
     placeholder
-      .removeClass("loading")
       .prepend(
-        "<div class=\"x\"></div>"+
-        "<div class=\"circle\"></div>"
-       )
-      .find("img").attr({"src": url, "data-id": id}).removeClass("ajax-loader");
-    placeholder
-      .find("div.progress").remove();
+        '<div class="x"></div>' +
+        '<div class="circle"></div>' +
+        imgElement.outerHTML
+      ).removeClass("loading");
+    placeholder.find("div.progress").remove();
+    placeholder.find("img").on("load", function(ev) {
+      $(ev.target).removeClass("hidden");
+      placeholder.find(".spinner").remove();
+    });
 
     // no more placeholders? enable buttons
-    if( publisher.photozoneEl.find("li.loading").length === 0 ) {
+    if (publisher.photozoneEl.find("li.loading").length === 0) {
       this.$el.removeClass("loading");
       publisher.setButtonsEnabled(true);
     }
   },
 
-  _cancelPhotoUpload: function() {
-    var publisher = this.publisher;
-    var placeholder = publisher.photozoneEl.find("li.loading").first();
-    placeholder
-      .removeClass("loading")
-      .find("img").remove();
+  _cancelPhotoUpload: function(id) {
+    this.publisher.photozoneEl.find("li.loading#upload-" + id).remove();
   },
 
   // remove an already uploaded photo
@@ -155,7 +118,7 @@ app.views.PublisherUploader = Backbone.View.extend({
         photo.fadeOut(400, function() {
           photo.remove();
 
-          if( self.publisher.$(".publisher_photo").length === 0 ) {
+          if (self.publisher.$(".publisher_photo").length === 0) {
             // no more photos left...
             self.publisher.wrapperEl.removeClass("with_attachments");
           }
@@ -164,9 +127,7 @@ app.views.PublisherUploader = Backbone.View.extend({
         });
       }
     });
-
     return false;
   }
-
 });
 // @license-end

app/assets/javascripts/app/views/publisher_view.js

@@ -11,7 +11,6 @@
 //= require ./publisher/poll_creator_view
 //= require ./publisher/services_view
 //= require ./publisher/uploader_view
-//= require jquery-textchange
 
 app.views.Publisher = Backbone.View.extend({
 
@@ -22,7 +21,7 @@ app.views.Publisher = Backbone.View.extend({
     "focus textarea" : "open",
     "submit form" : "createStatusMessage",
     "click #submit" : "createStatusMessage",
-    "textchange #status_message_text": "checkSubmitAvailability",
+    "input #status_message_text": "checkSubmitAvailability",
     "click #locator" : "showLocation",
     "click #poll_creator" : "togglePollCreator",
     "click #hide_location" : "destroyLocation",
@@ -52,10 +51,6 @@ app.views.Publisher = Backbone.View.extend({
       this.$(".question_mark").hide();
     }
 
-    // this has to be here, otherwise for some reason the callback for the
-    // textchange event won't be called in Backbone...
-    this.inputEl.bind("textchange", $.noop);
-
     $("body").click(function(event) {
       var $target = $(event.target);
       if ($target.closest("#publisher").length === 0 && !$target.hasClass("dropdown-backdrop")) {
@@ -113,6 +108,7 @@ app.views.Publisher = Backbone.View.extend({
 
     this.viewUploader = new app.views.PublisherUploader({
       el: this.$("#file-upload"),
+      dropZoneElementIds: ["publisher-textarea-wrapper"],
       publisher: this
     });
     this.viewUploader.on("change", this.checkSubmitAvailability, this);
@@ -133,10 +129,6 @@ app.views.Publisher = Backbone.View.extend({
         if (photoAttachments.length > 0) {
           new app.views.Gallery({el: photoAttachments});
         }
-      },
-
-      onChange: function() {
-        self.inputEl.trigger("textchange");
       }
     };
 
@@ -284,13 +276,13 @@ app.views.Publisher = Backbone.View.extend({
   getUploadedPhotos: function() {
     var photos = [];
     $("li.publisher_photo img").each(function() {
-      var file = $(this).attr("src").substring("/uploads/images/".length);
+      var photo = $(this);
       photos.push(
         {
           "sizes": {
-            "small" : "/uploads/images/thumb_small_" + file,
-            "medium" : "/uploads/images/thumb_medium_" + file,
-            "large" : "/uploads/images/scaled_full_" + file
+            "small": photo.data("small"),
+            "medium": photo.attr("src"),
+            "large": photo.data("scaled")
           }
         }
       );
@@ -351,7 +343,7 @@ app.views.Publisher = Backbone.View.extend({
     };
 
     var previewPost = new app.views.PreviewPost({model: new app.models.Post(previewMessage)}).render().el;
-    return $("<div/>").append(previewPost).html();
+    return $("<div></div>").append(previewPost).html();
   },
 
   keyDown : function(evt) {
@@ -368,8 +360,7 @@ app.views.Publisher = Backbone.View.extend({
 
     // clear text
     this.inputEl.val("");
-    this.inputEl.trigger("keyup")
-                .trigger("keydown");
+    this.inputEl.trigger("input");
     autosize.update(this.inputEl);
 
     // remove photos
@@ -403,9 +394,6 @@ app.views.Publisher = Backbone.View.extend({
     // clear poll form
     this.viewPollCreator.clearInputs();
 
-    // force textchange plugin to update lastValue
-    this.inputEl.data("lastValue", "");
-
     return this;
   },
 
@@ -445,7 +433,8 @@ app.views.Publisher = Backbone.View.extend({
   },
 
   checkSubmitAvailability: function() {
-    if( this._submittable() ) {
+    if (this._submittable()) {
+      this.open();
       this.setButtonsEnabled(true);
     } else {
       this.setButtonsEnabled(false);
@@ -484,7 +473,7 @@ app.views.Publisher = Backbone.View.extend({
   },
 
   _beforeUnload: function(e) {
-    if(this._submittable() && this.inputEl.val() !== this.prefillText){
+    if (this._submittable() && this.inputEl.val() !== this.prefillText) {
       var confirmationMessage = Diaspora.I18n.t("confirm_unload");
       (e || window.event).returnValue = confirmationMessage;       //Gecko + IE
       return confirmationMessage;                                  //Webkit, Safari, Chrome, etc.

app/assets/javascripts/app/views/single-post-viewer/single_post_content_view.js

@@ -36,8 +36,9 @@ app.views.SinglePostContent = app.views.Base.extend({
 
     var map = L.map(mapContainer[0]).setView([location.lat, location.lng], 14);
     var tiles = app.helpers.locations.getTiles();
-
-    tiles.addTo(map);
+    if (tiles) {
+      tiles.addTo(map);
+    }
 
     // put marker on map
     L.marker(location).addTo(map);

app/assets/javascripts/app/views/stream_post_views.js

@@ -7,7 +7,7 @@ app.views.StreamPost = app.views.Post.extend({
   subviews : {
     ".feedback": "feedbackView",
     ".comments": "commentStreamView",
-    ".likes": "likesInfoView",
+    ".likes-on-post": "likesInfoView",
     ".reshares": "resharesInfoView",
     ".post-controls": "postControlsView",
     ".post-content": "postContentView",

app/assets/javascripts/app/views/stream_view.js

@@ -25,7 +25,7 @@ app.views.Stream = app.views.InfScroll.extend({
 
   markNavSelected : function() {
     var activeStream = Backbone.history.fragment;
-    var streamSelection = $("#stream_selection");
+    var streamSelection = $("#stream-selection");
     streamSelection.find("[data-stream]").removeClass("selected");
     streamSelection.find("[data-stream='" + activeStream + "']").addClass("selected");
 

app/assets/javascripts/app/views/tag_following_list_view.js

@@ -48,7 +48,7 @@ app.views.TagFollowingList = app.views.Base.extend({
     if(evt){ evt.preventDefault(); }
 
     var name = this.$(".tag_input").val();
-    // compare tag_text_regexp in app/models/acts_as_taggable_on-tag.rb
+    // compare tag_text_regexp in config/initializers/acts_as_taggable_on.rb
     var normalizedName = (name === "<3" ? name : name.replace(
         new RegExp("[^" + PosixBracketExpressions.alnum + "_\\-]+", "gi"), "").toLowerCase());
 

app/assets/javascripts/helpers/post_photo_uploader.es6

@@ -0,0 +1,121 @@
+// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
+
+Diaspora.PostPhotoUploader = class {
+  /**
+   * Initializes a new instance of PostPhotoUploader
+   * This class handles uploading photos and provides client side scaling
+   */
+  constructor(el, dropZoneElementIds, aspectIds) {
+    this.element = el;
+    this.dropZoneElementIds = dropZoneElementIds;
+    this.sizeLimit = 4194304;
+    this.aspectIds = aspectIds;
+
+    this.onProgress = null;
+    this.onUploadStarted = null;
+    this.onUploadCompleted = null;
+
+    /**
+     * Shows a message using flash messages or alert for mobile.
+     * @param {string} type - The type of the message, e.g. "error" or "success".
+     * @param text - The text to display.
+     */
+    this.showMessage = (type, text) => (app.flashMessages ? app.flashMessages[type](text) : alert(text));
+
+    /**
+     * Returns true if the given parameter is a function
+     * @param {param} - The object to check
+     * @returns {boolean}
+     */
+    this.func = param => (typeof param === "function");
+
+    this.initFineUploader();
+  }
+
+  /**
+   * Initializes the fine uploader component
+   */
+  initFineUploader() {
+    this.fineUploader = new qq.FineUploaderBasic({
+      element: this.element,
+      button: this.element,
+      text: {
+        fileInputTitle: Diaspora.I18n.t("photo_uploader.upload_photos")
+      },
+      request: {
+        endpoint: Routes.photos(),
+        params: {
+          /* eslint-disable camelcase */
+          authenticity_token: $("meta[name='csrf-token']").attr("content"),
+          photo: {
+            pending: true,
+            aspect_ids: this.aspectIds
+          }
+          /* eslint-enable camelcase */
+        }
+      },
+      paste: {
+        targetElement: document.getElementById("status_message_text"),
+        promptForName: true
+      },
+      validation: {
+        acceptFiles: "image/png, image/jpeg, image/gif, image/webp",
+        allowedExtensions: ["jpg", "jpeg", "png", "gif", "webp"],
+        sizeLimit: (window.Promise && qq.supportedFeatures.scaling ? null : this.sizeLimit)
+      },
+      messages: {
+        typeError: Diaspora.I18n.t("photo_uploader.invalid_ext"),
+        sizeError: Diaspora.I18n.t("photo_uploader.size_error"),
+        emptyError: Diaspora.I18n.t("photo_uploader.empty")
+      },
+      callbacks: {
+        onSubmit: (id, name) => this.onPictureSelected(id, name),
+        onUpload: (id, name) => (this.func(this.onUploadStarted) && this.onUploadStarted(id, name)),
+        onProgress: (id, fileName, loaded, total) =>
+          (this.func(this.onProgress) && this.onProgress(id, fileName, Math.round(loaded / total * 100))),
+        onComplete: (id, name, json) => (this.func(this.onUploadCompleted) && this.onUploadCompleted(id, name, json)),
+        onError: (id, name, errorReason) => this.showMessage("error", errorReason)
+      }
+    });
+
+    if (this.dropZoneElementIds instanceof Array) {
+      var dropZoneElements = this.dropZoneElementIds.map(id => document.getElementById(id)).filter(el => el);
+      if (dropZoneElements.length > 0) {
+        this.dragAndDropModule = new qq.DragAndDrop({
+          dropZoneElements: dropZoneElements,
+          callbacks: {
+            processingDroppedFilesComplete: (files) => this.fineUploader.addFiles(files)
+          }
+        });
+      }
+    }
+  }
+
+  /**
+   * Called when a picture from user's device has been selected.
+   * Scales the images using Pica if the image exceeds the file size limit
+   * @param {number} id - The current file's id.
+   * @param {string} name - The current file's name.
+   */
+  onPictureSelected(id, name) {
+    // scale image because it's bigger than the size limit and the browser supports it
+    if (this.fineUploader.getSize(id) > this.sizeLimit && window.Promise && qq.supportedFeatures.scaling) {
+      this.fineUploader.scaleImage(id, {
+        maxSize: 3072,
+        customResizer: !qq.ios() && (i => window.pica().resize(i.sourceCanvas, i.targetCanvas))
+      }).then(scaledImage => {
+        this.fineUploader.addFiles({
+          blob: scaledImage,
+          name: name
+        });
+      });
+
+      // since we are adding the smaller scaled image afterwards, we return false
+      return false;
+    }
+
+    // return true to upload the image without scaling
+    return true;
+  }
+};
+// @license-end

app/assets/javascripts/helpers/profile_photo_uploader.es6

@@ -0,0 +1,253 @@
+// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
+
+Diaspora.ProfilePhotoUploader = class {
+  /**
+   * Initializes a new instance of ProfilePhotoUploader
+   */
+  constructor() {
+    // get several elements we will use a few times
+    this.fileInput = document.querySelector("#file-upload");
+    this.picture = document.querySelector("#profile_photo_upload .avatar");
+    this.info = document.querySelector("#fileInfo");
+    this.cropContainer = document.querySelector(".crop-container");
+    this.spinner = document.querySelector("#file-upload-spinner");
+
+    /**
+     * Creates a button
+     * @param {string} icon - The entypo icon class.
+     * @param {function} onClick - Is called when button has been clicked.
+     */
+    this.createButton = (icon, onClick) =>
+      ($(`<button class="btn btn-default" type="button"><i class="entypo-${icon}"></i></button>`)
+        .on("click", onClick));
+
+    /**
+     * Shows a message using flash messages or alert for mobile.
+     * @param {string} type - The type of the message, e.g. "error" or "success".
+     * @param text - The text to display.
+     */
+    this.showMessage = (type, text) => (app.flashMessages ? app.flashMessages[type](text) : alert(text));
+
+    this.initFineUploader();
+  }
+
+  /**
+   * Initializes the fine uploader component
+   */
+  initFineUploader() {
+    this.fineUploader = new qq.FineUploaderBasic({
+      element: this.fileInput,
+      validation: {
+        acceptFiles: "image/png, image/jpeg",
+        allowedExtensions: ["jpg", "jpeg", "png"]
+      },
+      request: {
+        endpoint: Routes.photos(),
+        params: {
+          /* eslint-disable camelcase */
+          authenticity_token: $("meta[name='csrf-token']").attr("content"),
+          /* eslint-enable camelcase */
+          photo: {"pending": true, "aspect_ids": "all", "set_profile_photo": true}
+        }
+      },
+      button: this.fileInput,
+      autoUpload: false,
+
+      messages: {
+        typeError: Diaspora.I18n.t("photo_uploader.invalid_ext"),
+        sizeError: Diaspora.I18n.t("photo_uploader.size_error"),
+        emptyError: Diaspora.I18n.t("photo_uploader.empty")
+      },
+
+      callbacks: {
+        onProgress: (id, fileName, loaded, total) => {
+          (this.info.innerText = `${fileName} ${Math.round(loaded / total * 100)}%`);
+        },
+        onSubmit: (id, name) => this.onPictureSelected(id, name),
+        onComplete: (id, name, responseJSON) => this.onUploadCompleted(id, name, responseJSON),
+        onError: (id, name) => this.showMessage("error", Diaspora.I18n.t("photo_uploader.error", {file: name}))
+      },
+
+      text: {
+        fileInputTitle: ""
+      },
+
+      scaling: {
+        sendOriginal: false,
+
+        sizes: [
+          {maxSize: 1600}
+        ]
+      }
+    });
+  }
+
+  /**
+   * Called when a picture from user's device has been selected.
+   * @param {number} id - The current file's id.
+   * @param {string} name - The current file's name.
+   */
+  onPictureSelected(id, name) {
+    this.setLoading(true);
+    this.fileName = name;
+    const file = this.fileInput.querySelector("input").files[0];
+
+    // ensure browser's file reader support
+    if (FileReader && file) {
+      const fileReader = new FileReader();
+      fileReader.onload = () => this.initCropper(fileReader.result);
+      fileReader.readAsDataURL(file);
+    } else {
+      this.setLoading(false);
+    }
+  }
+
+  /**
+   * Initializes the cropper and all controls.
+   * @param {object|string} imageData - The base64 image data
+   */
+  initCropper(imageData) {
+    // cache the current picture source if the user cancels
+    this.previousPicture = this.picture.getAttribute("src");
+
+    this.mimeType = imageData.split(";base64")[0].substring(5);
+
+    this.picture.onload = () => {
+      // set the preferred size style of the cropper based on picture orientation
+      const isPortrait = this.picture.naturalHeight > this.picture.naturalWidth;
+      this.picture.setAttribute("style", (isPortrait ? "max-height:600px;max-width:none;" : "max-width:600px;"));
+      this.buildControls();
+
+      this.setLoading(false);
+
+      // eslint-disable-next-line no-undef
+      this.cropper = new Cropper(this.picture, {
+        aspectRatio: 1,
+        zoomable: false,
+        autoCropArea: 1,
+        preview: ".preview"
+      });
+    };
+    this.picture.setAttribute("src", imageData);
+  }
+
+  /**
+   * Creates image manipulation controls and previews.
+   */
+  buildControls() {
+    this.controls = {
+      rotateLeft: this.createButton("ccw", () => this.cropper.rotate(-45)),
+      rotateRight: this.createButton("cw", () => this.cropper.rotate(45)),
+      reset: this.createButton("cycle", () => this.cropper.reset()),
+      accept: this.createButton("check", () => this.cropImage()),
+      cancel: this.createButton("trash", () => this.cancel())
+    };
+
+    this.controlRow = $("<div class='controls'>").appendTo(this.cropContainer);
+
+    // rotation buttons on the left
+    this.controlRow.append($("<div class='btn-group buttons-left' role='group'>").append([
+      this.controls.rotateLeft,
+      this.controls.rotateRight
+    ]));
+
+    // preview images in the middle
+    this.controlRow.append("<div class='preview'>");
+
+    // main buttons on the right
+    this.controlRow.append($("<div class='btn-group buttons-right' role='group'>").append([
+      this.controls.reset,
+      this.controls.cancel,
+      this.controls.accept
+    ]));
+  }
+
+  /**
+   * Called when the user clicked accept button. Sets file data and triggers file upload.
+   */
+  cropImage() {
+    const canvas = this.cropper.getCroppedCanvas();
+
+    // replace the stored file with the new canvas
+    this.fineUploader.clearStoredFiles();
+    this.fineUploader.addFiles([{
+      canvas: canvas,
+      name: this.fileName,
+      quality: 100,
+      type: this.mimeType
+    }]);
+
+    // reset all controls
+    this.cancel();
+    this.picture.setAttribute("src", canvas.toDataURL(this.mimeType));
+
+    // finally start uploading
+    this.setLoading(true);
+    this.fineUploader.uploadStoredFiles();
+  }
+
+  /**
+   * Is called after the file upload has been completed and the profile photo changed.
+   * @param {number} id - The current file's id.
+   * @param {string} fileName - The current file's name.
+   * @param {object} responseJSON - The server's json response.
+   */
+  onUploadCompleted(id, fileName, responseJSON) {
+    this.setLoading(false);
+    this.fileInput.classList.remove("hidden");
+
+    if (responseJSON.data !== undefined) {
+      /* flash message prompt */
+      this.showMessage("success", Diaspora.I18n.t("photo_uploader.looking_good"));
+
+      this.info.innerText = Diaspora.I18n.t("photo_uploader.completed", {"file": fileName});
+
+      const photoId = responseJSON.data.photo.id;
+      const url = responseJSON.data.photo.unprocessed_image.url;
+      const oldPhoto = $("#photo_id");
+      if (oldPhoto.length === 0) {
+        $("#update_profile_form")
+          .prepend(`<input type="hidden" value="${photoId}" id="photo_id" name="photo_id"/>`);
+      } else {
+        oldPhoto.val(photoId);
+      }
+
+      this.picture.setAttribute("src", url);
+      $(`.avatar[alt="${gon.user.diaspora_id}"]`).attr("src", url);
+    } else {
+      this.cancel();
+    }
+  }
+
+  /**
+   * Toggles loading state by hiding or showing several elements
+   * @param {boolean} loading - True if loading state should be enabled.
+   */
+  setLoading(loading) {
+    if (loading) {
+      this.fileInput.classList.add("hidden");
+      this.picture.classList.add("hidden");
+      this.spinner.classList.remove("hidden");
+    } else {
+      this.picture.classList.remove("hidden");
+      this.spinner.classList.add("hidden");
+    }
+  }
+
+  /**
+   * Destroys the cropper and resets all elements to initial state.
+   */
+  cancel() {
+    this.cropper.destroy();
+    this.picture.onload = null;
+    this.picture.setAttribute("style", "");
+    this.picture.setAttribute("src", this.previousPicture);
+    this.controlRow.remove();
+    this.fileInput.classList.remove("hidden");
+    this.info.innerText = "";
+
+    this.mimeType = null;
+    this.name = null;
+  }
+};
+// @license-end

app/assets/javascripts/helpers/protocol_handler.js

@@ -0,0 +1,21 @@
+// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
+
+Diaspora.ProtocolHandler = {
+  register: function() {
+    if (!window.navigator.registerProtocolHandler) {
+      return false;
+    }
+
+    try {
+      window.navigator.registerProtocolHandler(
+        "web+diaspora",
+        [window.location.protocol, "//", window.location.host, "/link?q=%s"].join(""),
+        gon.appConfig.settings.podname
+      );
+    } catch (_) {
+      return false;
+    }
+
+    return true;
+  }
+};

app/assets/javascripts/jasmine-load-all.js

@@ -1,10 +1,9 @@
 //= require jquery3
 //= require handlebars.runtime
-//= require templates
 //= require main
-//= require fine-uploader/fine-uploader.core
+//= require fine-uploader/fine-uploader/fine-uploader
 //= require mobile/mobile
 //= require jquery.autoSuggest.custom
 //= require contact-list
 //= require sinon
-//= require jasmine-ajax
+//= require jasmine-ajax/lib/mock-ajax

app/assets/javascripts/jsxc.js

@@ -1,50 +0,0 @@
-//= require emojione
-//= require favico.js/favico
-
-//= require jquery.ui/ui/resizable
-//= require jquery.ui/ui/draggable
-//= require jquery.slimscroll/jquery.slimscroll
-//= require jquery-colorbox
-//= require jquery-fullscreen-plugin
-
-//= require diaspora_jsxc
-
-// initialize jsxc xmpp client
-$(document).ready(function() {
-  if (app.currentUser.authenticated()) {
-    $.post("/user/auth_token", null, function(data) {
-      if (jsxc && data['token']) {
-        var jid = app.currentUser.get('diaspora_id');
-        jsxc.init({
-          root: '/assets/diaspora_jsxc',
-          rosterAppend: 'body',
-          otr: {
-            debug: true,
-            SEND_WHITESPACE_TAG: true,
-            WHITESPACE_START_AKE: true
-          },
-          onlineHelp: "/help/chat",
-          priority: {
-            online: 1,
-            chat: 1
-          },
-          displayRosterMinimized: function() {
-            return false;
-          },
-          xmpp: {
-            url: $('script#jsxc').data('endpoint'),
-            username: jid.replace(/@.*?$/g, ''),
-            domain: jid.replace(/^.*?@/g, ''),
-            jid: jid,
-            password: data.token,
-            resource: 'diaspora-jsxc',
-            overwrite: true,
-            onlogin: true
-          }
-        });
-      } else {
-        console.error('No token found! Authenticated!?');
-      }
-    }, 'json');
-  }
-});

app/assets/javascripts/main.js

@@ -4,28 +4,31 @@
  */
 //= require js_image_paths
 //= require js-routes
-//= require underscore
-//= require backbone
-//= require autosize
+//= require underscore/underscore-umd
+//= require backbone/backbone
+//= require autosize/dist/autosize
 //= require charcount
-//= require jquery-placeholder
+//= require jquery-placeholder/jquery.placeholder
 //= require jquery.timeago
-//= require jquery.ui/ui/core
-//= require jquery.ui/ui/widget
-//= require jquery.ui/ui/mouse
-//= require jquery.ui/ui/sortable
+//= require jquery-ui/core
+//= require jquery-ui/widget
+//= require jquery-ui/widgets/mouse
+//= require jquery-ui/widgets/sortable
 //= require keycodes
 //= require jquery.autoSuggest.custom
-//= require fine-uploader/fine-uploader.core
+//= require fine-uploader/fine-uploader/fine-uploader
 //= require handlebars.runtime
+//= require_tree ../templates
 //= require posix-bracket-expressions
-//= require markdown-it
+//= require markdown-it/dist/markdown-it
 //= require markdown-it-diaspora-mention
 //= require markdown-it-for-inline
+//= require markdown-it-footnote
 //= require markdown-it-hashtag
 //= require markdown-it-sanitizer
 //= require markdown-it-sub
 //= require markdown-it-sup
+//= require markdown-it-html5-embed
 //= require highlightjs
 //= require clear-form
 //= require corejs-typeahead
@@ -37,10 +40,13 @@
 //= require bootstrap
 //= require osmlocator
 //= require bootstrap-switch
-//= require blueimp-gallery
-//= require blueimp-gallery/blueimp-gallery-indicator
+//= require blueimp-gallery/js/blueimp-gallery
+//= require blueimp-gallery/js/blueimp-gallery-indicator
 //= require leaflet
 //= require api/authorization_page
-//= require bootstrap-markdown/bootstrap-markdown
+//= require bootstrap-markdown/js/bootstrap-markdown
 //= require helpers/markdown_editor
+//= require helpers/protocol_handler
 //= require jquery.are-you-sure
+//= require cropperjs/dist/cropper.js
+//= require pica/dist/pica

app/assets/javascripts/mobile/mobile.js

@@ -4,22 +4,22 @@
  */
 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
 
-//= require jquery-textchange
 //= require charcount
 //= require js-routes
-//= require autosize
+//= require autosize/dist/autosize
 //= require keycodes
 //= require jquery.autoSuggest.custom
-//= require fine-uploader/fine-uploader.core
+//= require fine-uploader/fine-uploader/fine-uploader
 //= require jquery.timeago
-//= require underscore
+//= require underscore/underscore-umd
 //= require bootstrap
+//= require pica/dist/pica
 //= require diaspora
 //= require helpers/i18n
-//= require helpers/profile_photo_uploader
 //= require helpers/tags_autocomplete
-//= require bootstrap-markdown/bootstrap-markdown
+//= require bootstrap-markdown/js/bootstrap-markdown
 //= require helpers/markdown_editor
+//= require helpers/post_photo_uploader
 //= require widgets/timeago
 //= require mobile/mobile_application
 //= require mobile/mobile_file_uploader
@@ -32,4 +32,5 @@
 //= require mobile/mobile_conversations
 //= require mobile/mobile_post_actions
 //= require mobile/mobile_drawer
+//= require mobile/mobile_profile_photo_uploader
 // @license-end

app/assets/javascripts/mobile/mobile_comments.js

@@ -52,6 +52,8 @@
 
       $.post(form.attr("action") + "?format=mobile", form.serialize(), function(data){
         Diaspora.Mobile.Comments.updateStream(form, data);
+        // Register new comments
+        $(".stream").trigger("comments.loaded");
       }, "html").fail(function(response) {
         Diaspora.Mobile.Alert.handleAjaxError(response);
         Diaspora.Mobile.Comments.resetCommentBox(form);
@@ -107,10 +109,12 @@
         url: toggleReactionsLink.attr("href"),
         success: function (data) {
           toggleReactionsLink.addClass("active").removeClass("loading");
-          $(data).insertAfter(bottomBar.children(".show-comments").first());
+          $(data).insertAfter(bottomBar.children(".post-actions-container").first());
           self.showCommentBox(commentActionLink);
           bottomBarContainer.getCommentsContainer().find("time.timeago").timeago();
           bottomBarContainer.activate();
+          // Inform the comment action for new comments
+          $(".stream").trigger("comments.loaded");
         },
         error: function(){
           bottomBarContainer.deactivate();
@@ -185,8 +189,8 @@
 
     addNewComments: function(bottomBar, data) {
       if ($(".comment-container", bottomBar).length === 0) {
-        $(".show-comments", bottomBar).after($("<div/>", {"class": "comment-container"}));
-        $(".comment-container", bottomBar).append($("<ul/>", {"class": "comments"}));
+        $(".show-comments", bottomBar).after($("<div></div>", {"class": "comment-container"}));
+        $(".comment-container", bottomBar).append($("<ul></ul>", {"class": "comments"}));
       }
       $(".comment-container .comments", bottomBar).append(data);
     },
@@ -212,8 +216,10 @@
         var postGuid = bottomBar.parents(".stream-element").data("guid");
 
         toggleReactionsLink.remove();
-        toggleReactionsLink = $("<a/>", {"class": "show-comments", "href": Routes.postComments(postGuid) + ".mobile"})
-          .html(text + "<i class='entypo-chevron-up'/>");
+        toggleReactionsLink = $("<a></a>", {
+          "class": "show-comments",
+          "href": Routes.postComments(postGuid) + ".mobile"
+        }).html(text + "<i class='entypo-chevron-up'/>");
         parent.prepend(toggleReactionsLink);
         bottomBar.removeClass("inactive").addClass("active");
       }

app/assets/javascripts/mobile/mobile_file_uploader.js

@@ -2,97 +2,74 @@
 //= require js_image_paths
 
 function createUploader(){
-   var aspectIds = gon.preloads.aspect_ids;
+  var fileInfo = $("#fileInfo-publisher");
 
-  new qq.FineUploaderBasic({
-    element: document.getElementById("file-upload-publisher"),
-    request: {
-      endpoint: Routes.photos(),
-      params: {
-        /* eslint-disable camelcase */
-        authenticity_token: $("meta[name='csrf-token']").attr("content"),
-        photo: {
-          aspect_ids: aspectIds,
-          /* eslint-enable camelcase */
-          pending: true
-        }
-      }
-    },
-    validation: {
-      allowedExtensions: ["jpg", "jpeg", "png", "gif"],
-      sizeLimit: 4194304
-    },
-    button: document.getElementById("file-upload-publisher"),
-    text: {
-      fileInputTitle: Diaspora.I18n.t("photo_uploader.upload_photos")
-    },
+  // Initialize the PostPhotoUploader and subscribe its events
+  this.uploader = new Diaspora.PostPhotoUploader(document.getElementById("file-upload-publisher"),
+    ["publisher-textarea-wrapper", "status_message_text", "file-upload-publisher"]);
 
-    callbacks: {
-      onProgress: function(id, fileName, loaded, total) {
-        var progress = Math.round(loaded / total * 100);
-        $("#fileInfo-publisher").text(fileName + " " + progress + "%");
-      },
-      onSubmit: function() {
-        $("#publisher-textarea-wrapper").addClass("with_attachments");
-        $("#photodropzone").append(
-          "<li class='publisher_photo loading' style='position:relative;'>" +
-          "<img alt='Ajax-loader2' src='" + ImagePaths.get("ajax-loader2.gif") + "' />" +
-          "</li>"
-        );
-      },
-      onComplete: function(_id, fileName, responseJSON) {
-        if (responseJSON.data === undefined) {
-          return;
-        }
+  this.uploader.onUploadStarted = _.bind(uploadStartedHandler, this);
+  this.uploader.onProgress = _.bind(progressHandler, this);
+  this.uploader.onUploadCompleted = _.bind(uploadCompletedHandler, this);
 
-        $("#fileInfo-publisher").text(Diaspora.I18n.t("photo_uploader.completed", {"file": fileName}));
-        var id = responseJSON.data.photo.id,
-            url = responseJSON.data.photo.unprocessed_image.url,
-            currentPlaceholder = $("li.loading").first();
+  function progressHandler(fileName, progress) {
+    fileInfo.text(fileName + " " + progress + "%");
+  }
 
-        $("#publisher-textarea-wrapper").addClass("with_attachments");
-        $("#new_status_message").append("<input type='hidden' value='" + id + "' name='photos[]' />");
+  function uploadStartedHandler() {
+    $("#publisher-textarea-wrapper").addClass("with_attachments");
+    $("#photodropzone").append(
+      "<li class='publisher_photo loading' style='position:relative;'>" +
+      "<img alt='Ajax-loader2' src='" + ImagePaths.get("ajax-loader2.gif") + "' />" +
+      "</li>"
+    );
+  }
 
-        // replace image placeholders
-        var img = currentPlaceholder.find("img");
-        img.attr("src", url);
-        img.attr("data-id", id);
-        currentPlaceholder.removeClass("loading");
-        currentPlaceholder.append("<div class='x'>X</div>" +
-          "<div class='circle'></div>");
+  function uploadCompletedHandler(_id, fileName, responseJSON) {
+    if (responseJSON.data === undefined) {
+      return;
+    }
 
-        var publisher = $("#publisher");
+    fileInfo.text(Diaspora.I18n.t("photo_uploader.completed", {"file": fileName}));
+    var id = responseJSON.data.photo.id,
+        image = responseJSON.data.photo.unprocessed_image,
+        currentPlaceholder = $("li.loading").first();
 
-        publisher.find("input[type='submit']").removeAttr("disabled");
+    $("#publisher-textarea-wrapper").addClass("with_attachments");
+    $("#new_status_message").append("<input type='hidden' value='" + id + "' name='photos[]' />");
 
-        $(".x").bind("click", function() {
-          var photo = $(this).closest(".publisher_photo");
-          photo.addClass("dim");
-          $.ajax({
-            url: "/photos/" + photo.children("img").attr("data-id"),
-            dataType: "json",
-            type: "DELETE",
-            success: function() {
-              photo.fadeOut(400, function() {
-                photo.remove();
-                if ($(".publisher_photo").length === 0) {
-                  $("#publisher-textarea-wrapper").removeClass("with_attachments");
-                }
-              });
+    // replace image placeholders
+    var img = currentPlaceholder.find("img");
+    img.attr("src", image.thumb_medium.url);
+    img.attr("data-small", image.thumb_small.url);
+    img.attr("data-scaled", image.scaled_full.url);
+    img.attr("data-id", id);
+    currentPlaceholder.removeClass("loading");
+    currentPlaceholder.append("<div class='x'>X</div>" +
+      "<div class='circle'></div>");
+
+    var publisher = $("#publisher");
+
+    publisher.find("input[type='submit']").removeAttr("disabled");
+
+    $(".x").bind("click", function() {
+      var photo = $(this).closest(".publisher_photo");
+      photo.addClass("dim");
+      $.ajax({
+        url: "/photos/" + photo.children("img").attr("data-id"),
+        dataType: "json",
+        type: "DELETE",
+        success: function() {
+          photo.fadeOut(400, function() {
+            photo.remove();
+            if ($(".publisher_photo").length === 0) {
+              $("#publisher-textarea-wrapper").removeClass("with_attachments");
             }
           });
-        });
-      },
-      onError: function(id, name, errorReason) {
-        alert(errorReason);
-      }
-    },
-    messages: {
-      typeError: Diaspora.I18n.t("photo_uploader.invalid_ext"),
-      sizeError: Diaspora.I18n.t("photo_uploader.size_error"),
-      emptyError: Diaspora.I18n.t("photo_uploader.empty")
-    }
-  });
+        }
+      });
+    });
+  }
 }
 window.addEventListener("load", function() {
   createUploader();

app/assets/javascripts/mobile/mobile_post_actions.js

@@ -3,6 +3,11 @@
     initialize: function() {
       $(".like-action", ".stream").bind("tap click", this.onLike);
       $(".reshare-action", ".stream").bind("tap click", this.onReshare);
+      // Add handler to newly loaded comments
+      var self = this;
+      $(".stream").bind("comments.loaded", function() {
+        $(".like-action", ".stream").bind("tap click", self.onLike);
+      });
     },
 
     showLoader: function(link) {
@@ -75,8 +80,8 @@
 
     onLike: function(evt){
       evt.preventDefault();
-      var link = $(evt.target).closest(".like-action"),
-          likeCounter = $(evt.target).closest(".stream-element").find(".like-count");
+      var link = $(evt.target).closest(".like-action").first(),
+          likeCounter = $(evt.target).find(".like-count").first();
 
       if(!link.hasClass("loading") && link.hasClass("inactive")) {
         Diaspora.Mobile.PostActions.like(likeCounter, link);

app/assets/javascripts/mobile/mobile_profile_photo_uploader.js

@@ -11,7 +11,8 @@ Diaspora.ProfilePhotoUploader.prototype = {
     new qq.FineUploaderBasic({
       element: document.getElementById("file-upload"),
       validation: {
-        allowedExtensions: ["jpg", "jpeg", "png"],
+        acceptFiles: "image/png, image/jpeg, image/gif, image/webp",
+        allowedExtensions: ["png", "jpg", "jpeg", "gif", "webp"],
         sizeLimit: 4194304
       },
       request: {

app/assets/javascripts/mobile/publisher.js

@@ -33,7 +33,7 @@ $(document).ready(function(){
     if(hiddenField.length > 0) { hiddenField.remove(); }
     else {
       $("#new_status_message").append(
-        $("<input/>", {
+        $("<input></input>", {
           name: "services[]",
           type: "hidden",
           value: provider
@@ -48,4 +48,74 @@ $(document).ready(function(){
   });
 
   new Diaspora.MarkdownEditor("#status_message_text");
+
+  $(".dropdown-menu > li").bind("tap click", function(evt) {
+    let target = $(evt.target).closest("li");
+
+    // visually toggle the aspect selection
+    if (target.is(".radio")) {
+      _toggleRadio(target);
+    } else if (target.is(".aspect-selector")) {
+      // don't close the dropdown
+      evt.stopPropagation();
+      _toggleCheckbox(target);
+    }
+
+    _updateSelectedAspectIds();
+    _updateButton();
+
+    // update the globe or lock icon
+    let icon = $("#visibility-icon");
+    if (target.find(".text").text().trim() === Diaspora.I18n.t("stream.public")) {
+      icon.removeClass("entypo-lock");
+      icon.addClass("entypo-globe");
+    } else {
+      icon.removeClass("entypo-globe");
+      icon.addClass("entypo-lock");
+    }
+  });
+
+  function _toggleRadio(target) {
+    $(".dropdown-menu > li").removeClass("selected");
+    target.toggleClass("selected");
+  }
+
+  function _toggleCheckbox(target) {
+    $(".dropdown-menu > li.radio").removeClass("selected");
+    target.toggleClass("selected");
+  }
+
+  // take care of the form fields that will indicate the selected aspects
+  function _updateSelectedAspectIds() {
+    let form = $("#new_status_message");
+
+    // remove previous selection
+    form.find('input[name="aspect_ids[]"]').remove();
+
+    // create fields for current selection
+    form.find(".dropdown-menu > li.selected").each(function() {
+      let uid = _.uniqueId("aspect_ids_");
+      let id = $(this).data("aspect_id");
+      form.append('<input id="' + uid + '" name="aspect_ids[]" type="hidden" value="' + id + '">');
+    });
+  }
+
+  // change class and text of the dropdown button
+  function _updateButton() {
+    let button = $(".btn.dropdown-toggle"),
+        selectedAspects = $(".dropdown-menu > li.selected").length,
+        buttonText;
+
+    switch (selectedAspects) {
+      case 0:
+        buttonText = Diaspora.I18n.t("aspect_dropdown.select_aspects");
+        break;
+      case 1:
+        buttonText = $(".dropdown-menu > li.selected .text").first().text();
+        break;
+      default:
+        buttonText = Diaspora.I18n.t("aspect_dropdown.toggle", {count: selectedAspects.toString()});
+    }
+    button.find(".text").text(buttonText);
+  }
 });

app/assets/javascripts/templates.js

@@ -1,5 +0,0 @@
-/*   Copyright (c) 2010-2011, Diaspora Inc.  This file is
- *   licensed under the Affero General Public License version 3 or later.  See
- *   the COPYRIGHT file.
- */
-//= require_tree ../templates

app/assets/stylesheets/_application.scss

@@ -1,4 +1,4 @@
-@import 'perfect-scrollbar';
+@import 'perfect-scrollbar/css/perfect-scrollbar';
 
 @import 'color-variables';
 @import 'bootstrap-complete';
@@ -11,13 +11,11 @@
 @import 'icons';
 @import 'animations';
 @import 'flash_messages';
-@import 'sprites';
 @import 'hovercard';
 @import 'base';
 @import 'interactions';
 @import 'spinner';
 @import 'timeago';
-@import 'vendor/fileuploader';
 @import 'vendor/autoSuggest';
 @import 'typeahead';
 @import 'colors';
@@ -26,6 +24,9 @@
 // font overrides
 @import 'typography';
 
+// New design, can be used adding the .modern-design class to a <div> around the page which is ported
+@import 'modern-design';
+
 // layout
 @import 'sidebar';
 
@@ -42,6 +43,7 @@
 
 // profile and settings pages
 @import 'settings';
+@import 'cropperjs/dist/cropper';
 
 // new SPV
 @import 'header';
@@ -84,10 +86,9 @@
 @import 'stream';
 @import 'stream_element';
 @import 'comments';
-@import 'diaspora_jsxc';
-@import 'chat';
 @import 'markdown-content';
 @import 'oembed';
+@import 'media-embed';
 @import 'post-content';
 
 // contacts
@@ -96,14 +97,14 @@
 
 // code
 @import 'code';
-@import 'highlightjs/github';
+@import 'highlightjs/styles/github';
 
 // statistics
 @import 'statistics';
 
 // gallery
-@import 'blueimp-gallery';
-@import 'blueimp-gallery/blueimp-gallery-indicator';
+@import 'blueimp-gallery/css/blueimp-gallery';
+@import 'blueimp-gallery/css/blueimp-gallery-indicator';
 @import 'gallery';
 
 // settings

app/assets/stylesheets/_mixins.scss

@@ -1,7 +1,7 @@
 /* Mixin file for sass.  Here is where we define our variables and
    browser compatability functions used in all scss/sass files */
 
-/* Transision defaults */
+// Transition defaults
 $speed: 0.1s;
 $easing: linear;
 
@@ -138,3 +138,21 @@ $default-border-radius: 3px;
     .glyphicon-ok { display: none;}
   }
 }
+
+@mixin aspect-dropdown-link($anchor-size) {
+  $link-text-color: #333;
+
+  a {
+    cursor: pointer;
+    padding-left: 10px;
+
+    .text {
+      color: $link-text-color;
+      font-size: $anchor-size;
+    }
+
+    &:hover {
+      background: $background-grey;
+    }
+  }
+}

app/assets/stylesheets/aspects.scss

@@ -1,23 +1,20 @@
+@import 'mixins';
+
 .aspect-dropdown {
 
   li {
     @include selectable-list;
+    @include aspect-dropdown-link(1em);
 
     .status_indicator {
       width: 19px;
       height: 14px;
       display: inline-block;
     }
-
-    a {
-      .text {
-        color: #333333;
-      }
-      &:hover {
-        background: $background-grey;
-      }
-      cursor: pointer;
-      padding-left: 10px;
-    }
   }
 }
+
+.aspect-membership {
+  max-height: 300px;
+  overflow: auto;
+}

app/assets/stylesheets/base.scss

@@ -10,14 +10,15 @@ body {
 .page-contacts,
 .page-conversations,
 .page-notifications,
-.page-people.action-show,
 .page-people.action-contacts,
+.page-people.action-show,
 .page-photos,
 .page-posts,
 .page-profiles.action-edit,
 .page-services.action-index,
 .page-streams,
 .page-tags,
+.page-two_factor_authentications,
 .page-user_applications,
 .page-users.action-edit,
 .page-users.action-update,
@@ -70,20 +71,29 @@ pre { word-wrap: break-word; }
   height: 50px;
   line-height: 50px;
   opacity: 0;
+  pointer-events: none;
   position: fixed;
   right: 20px;
+  text-decoration: none;
   transition: opacity ease 400ms;
   width: 50px;
   z-index: 49;
 
   &:hover,
-  &.visible:hover {
+  &:focus,
+  &:active {
     color: $white;
-    opacity: .85;
     text-decoration: none;
   }
 
-  &.visible { opacity: .5; }
+  &.visible {
+    opacity: .5;
+    pointer-events: auto;
+
+    &:hover {
+      opacity: .85;
+    }
+  }
 }
 
 .noscript {

app/assets/stylesheets/chat.scss

@@ -1,14 +0,0 @@
-body > .container-fluid.chat-roster-shown {
-  padding-right: 224px;
-  #back-to-top { right: 244px; }
-}
-body > .container-fluid.chat-roster-hidden {
-  #back-to-top { right: 54px; }
-}
-
-// This element is instanciated by JSXC. Does not have to follow naming conventions
-// scss-lint:disable IdSelector, SelectorFormat
-#jsxc_roster {
-  top: $navbar-height;
-}
-// scss-lint:enable IdSelector, SelectorFormat

app/assets/stylesheets/code.scss

@@ -5,3 +5,12 @@ pre {
   white-space: pre;
   code { white-space: pre; }
 }
+
+// For inline-code inside links, let's force the color to the default link
+// color to make them be recognizable as links.
+p a {
+  code,
+  pre {
+    color: $link-color;
+  }
+}

app/assets/stylesheets/color_themes/_color_theme_override_dark.scss

@@ -44,7 +44,7 @@ body {
 
   pre code { border: 0; }
 
-  @import 'highlightjs/darcula';
+  @import 'highlightjs/styles/darcula';
 
   #single-post-content .head {
     .author-name { color: lighten($gray-lighter, 27%); }
@@ -55,8 +55,8 @@ body {
 
   .tag:hover { background-color: desaturate(darken($link-color, 35%), 20%); }
 
-  #profile_container .profile_header {
-    #author_info #sharing_message.entypo-check { color: lighten($green, 10%); }
+  #sharing_message.entypo-check {
+    color: lighten($green, 10%);
   }
 
   #invitationsModal #email_invitation { border-top: 1px dashed $gray-light; }

app/assets/stylesheets/comments.scss

@@ -24,13 +24,9 @@
 
   .comments > .comment,
   .comment.new-comment-form-wrapper {
-    .avatar {
-      height: 35px;
-      width: 35px;
-    }
     margin: 0;
     border-top: 1px dotted $border-grey;
-    padding: 10px 0;
+    padding: 10px 0 0;
 
     .info {
       margin-top: 5px;
@@ -44,7 +40,18 @@
     }
   }
 
-  .comment.new-comment-form-wrapper { padding-bottom: 0; }
+  .permalink {
+    @include transition(opacity);
+    opacity: 0;
+  }
+
+  .comment:hover .permalink {
+    opacity: .8;
+
+    &:hover {
+      opacity: 1;
+    }
+  }
 
   .submit-button {
     margin-top: 10px;
@@ -71,6 +78,25 @@
   }
 }
 
+.likes-on-comment {
+  &.likes {
+    margin-top: 6px;
+  }
+
+  .media {
+    margin: 0 0 2px;
+
+    &:not(.display-avatars) .entypo-heart {
+      display: none;
+    }
+  }
+
+  .expand-likes {
+    display: inline-block;
+    margin-bottom: 4px;
+  }
+}
+
 .new-comment {
   &:not(.open) .submit-button,
   &:not(.open) .md-header {

app/assets/stylesheets/contacts.scss

@@ -37,9 +37,6 @@
         text-decoration: none;
         margin-right: 25px;
       }
-      #chat_privilege_toggle > .enabled {
-        color: $text-color-active;
-      }
       .contacts-header-icon {
         font-size: 24.5px;
         line-height: 40px;

app/assets/stylesheets/forms.scss

@@ -93,5 +93,10 @@ textarea {
     }
 
     ::placeholder { text-transform: uppercase; }
+
+    p {
+      margin-top: .5rem;
+      text-align: center;
+    }
   }
 }

app/assets/stylesheets/gallery.scss

@@ -1,12 +1,32 @@
-$thumbnail-size: 12px;
-$thumbnail-margin: 2px;
-$thumbnail-active-size: $thumbnail-size + $thumbnail-margin;
+$thumbnail-size: 50px;
+$margin: 15px;
 
 #blueimp-gallery {
   .slides {
-    height: calc(100% - 40px);
-    padding: 20px 0 0 0;
     margin: 0;
+
+    .slide {
+      overflow-y: auto;
+    }
+
+    .slide-content {
+      bottom: $margin * 2 + $thumbnail-size;
+      top: $margin;
+    }
+
+    .slide-error {
+      background-image: image-url("blueimp-gallery/img/error.svg");
+    }
+
+    .slide-loading {
+      background-image: image-url("blueimp-gallery/img/loading.gif");
+    }
+
+    .too-tall {
+      margin-bottom: $margin * 2 + $thumbnail-size;
+      max-height: none;
+      position: static;
+    }
   }
 
   [class^="entypo-"], [class*="entypo-"] {
@@ -37,24 +57,29 @@ $thumbnail-active-size: $thumbnail-size + $thumbnail-margin;
   }
 
   .indicator {
-    margin: 8px 0;
-    position: unset;
-    height: $thumbnail-size + 5px;
+    bottom: 0;
+    overflow-x: auto;
+    white-space: nowrap;
+
     li {
-      border: none;
-      margin: $thumbnail-margin;
+      border: 0;
+      height: $thumbnail-size;
+      margin: $margin 6px;
       vertical-align: middle;
       width: $thumbnail-size;
-      height: $thumbnail-size;
-      border-radius: $thumbnail-size / 2;
+      background-size: cover;
 
-      &.active, &:hover{
-        margin: $thumbnail-margin / 2;
-        width: $thumbnail-active-size;
-        height: $thumbnail-active-size;
-        border-radius: $thumbnail-active-size / 2;
-        transition: linear 0.2s;
-        transition-property: height, width, margin;
+      &.active,
+      &:hover {
+        opacity: 1;
+      }
+
+      &:hover::after {
+        opacity: 0; // We don't want another thumbnail
+      }
+
+      &:only-child {
+        display: none;
       }
     }
   }

app/assets/stylesheets/getting-started.scss

@@ -1,9 +1,4 @@
 #hello-there {
-  #profile_photo_upload .avatar {
-    max-height: 200px;
-    max-width: 200px;
-  }
-
   .well .avatar {
     min-width: 50px;
   }

app/assets/stylesheets/header.scss

@@ -119,6 +119,19 @@
     }
   }
 
+  .dropdown-toggle {
+    align-items: center;
+    display: flex;
+
+    .user-name {
+      margin-right: 3px;
+      max-width: 250px;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      white-space: nowrap;
+    }
+  }
+
   .user-menu-dropdown {
     padding: 0;
   }

app/assets/stylesheets/help.scss

@@ -91,18 +91,6 @@ ul#help_nav {
       border-radius: 0px 0px 4px 4px;
       background-color: white;
       padding: 10px 20px;
-
-      div.help-chat-icons{
-        text-align: center;
-        font-size: 50px;
-        line-height: 70px;
-
-        [class^="entypo-"], [class*="entypo-"] {
-          color: $text-color-pale;
-
-          &.entypo-chat { color: $text-color-active; }
-        }
-      }
     }
   }
 }

app/assets/stylesheets/home.scss

@@ -42,6 +42,14 @@
     padding: 15px;
   }
 
+  .part-of-diaspora {
+    font-style: italic;
+
+    a {
+      color: $white;
+    }
+  }
+
   .login-form {
     fieldset { background: none; }
 

app/assets/stylesheets/hovercard.scss

@@ -33,6 +33,12 @@
     text-overflow: ellipsis;
   }
 
+  .status-container {
+    align-items: center;
+    display: flex;
+    margin-bottom: 5px;
+  }
+
   #hovercard_dropdown_container {
     overflow: visible !important; /* otherwise the aspect dropdown is cropped */
   }
@@ -53,10 +59,7 @@
 
   .handle {
     color: $text-grey;
-    line-height: 18px;
-    padding-top: 0px;
-    margin-top: 0px;
-    margin-bottom: 5px;
+    margin-right: 2px;
   }
 
   .btn-group.aspect-membership-dropdown { margin: 0 !important; }

app/assets/stylesheets/login.scss

@@ -1,12 +1,13 @@
 .page-sessions.action-new,
+.page-sessions.action-create,
 .page-passwords.action-new,
 .page-passwords.action-edit {
   padding-top: 25px;
 
   .logos-asterisk {
+    background: image-url('branding/logos/asterisk.png') no-repeat;
     height: 154px;
-    margin: auto;
-    margin-bottom: 12px;
+    margin: auto auto 12px;
     width: 154px;
   }
 

app/assets/stylesheets/markdown-content.scss

@@ -16,6 +16,30 @@
     }
   }
 
+  h1 {
+    font-size: 2.7rem;
+  }
+
+  h2 {
+    font-size: 2.3rem;
+  }
+
+  h3 {
+    font-size: 2rem;
+  }
+
+  h4 {
+    font-size: 1.8rem;
+  }
+
+  h5 {
+    font-size: 1.6rem;
+  }
+
+  h6 {
+    font-size: 1.4rem;
+  }
+
   .img-responsive {
     display: inline;
   }

app/assets/stylesheets/media-embed.scss

@@ -0,0 +1,21 @@
+$stub-bg-color: #ddd;
+
+.media-embed {
+  margin-top: 5px;
+
+  .thumb {
+    @include video-overlay;
+
+    background-color: $stub-bg-color;
+
+    video {
+      min-height: 60%;
+      vertical-align: middle;
+      width: 100%;
+    }
+  }
+
+  audio {
+    width: 100%;
+  }
+}

app/assets/stylesheets/mobile/comments.scss

@@ -1,8 +1,5 @@
 .bottom-bar {
-  border-radius: 0 0 5px 5px;
   z-index: 3;
-  display: block;
-  position: relative;
   padding: 8px 10px 10px;
   background: $background-grey;
   margin-top: 10px;
@@ -10,6 +7,17 @@
   min-height: 22px;
   overflow: hidden;
 
+  &,
+  .comment-stats {
+    border-bottom-left-radius: $border-radius-small;
+    border-bottom-right-radius: $border-radius-small;
+  }
+
+  .post-actions-container {
+    display: flex;
+    justify-content: space-between;
+  }
+
   > a,
   .show-comments,
   .show-comments > [class^="entypo"] {
@@ -37,8 +45,7 @@
     }
   }
 
-  .post-stats {
-    float: right;
+  %stats {
     position: relative;
     display: flex;
 
@@ -46,9 +53,9 @@
       color: $text-color;
       font-family: $font-family-base;
       font-size: $font-size-base;
-      line-height: 22px;
+      line-height: 24px;
       margin-left: 5px;
-      vertical-align: top;
+      vertical-align: text-bottom;
       z-index: 2;
     }
 
@@ -67,17 +74,36 @@
     }
 
     .entypo-reshare.active { color: $blue; }
-
     .entypo-heart.active { color: $red; }
   }
 
-  .post-action {
+  .post-stats {
+    @extend %stats;
+  }
+
+  .comment-stats {
+    @extend %stats;
+    background: $background-grey;
+    border-top: 1px solid $border-grey;
+    flex-direction: row-reverse;
+    padding: 3px;
+  }
+
+  %action {
     display: flex;
     margin: 0 7px;
 
     .disabled { color: $medium-gray; }
   }
 
+  .post-action {
+    @extend %action;
+  }
+
+  .comment-action {
+    @extend %action;
+  }
+
   .add-comment-switcher { padding-top: 10px; }
 
   &.inactive {
@@ -91,16 +117,19 @@
 
 .stream-element .comments {
   margin: 0;
-  margin-top: 10px;
   padding: 0;
   width: 100%;
 
   .content { padding: 0; }
 
   .comment {
-    border-top: 1px solid $border-medium-grey;
-    padding: 10px 0 0;
+    background-color: $framed-background;
+    border: 1px solid $border-medium-grey;
+    border-radius: 5px;
+    margin-top: 10px;
 
-    &:first-child { padding-top: 20px; }
+    .media {
+      padding: 6px;
+    }
   }
 }