Bump to v1.0.18

.browserslistrc

@@ -1,7 +1,10 @@
 [production]
 defaults
-not IE 11
+> 0.2%
+firefox >= 78
+ios >= 15.6
 not dead
+not OperaMini all
 
 [development]
 supports es6-module

.devcontainer/Dockerfile

@@ -1,20 +1,18 @@
 # For details, see https://github.com/devcontainers/images/tree/main/src/ruby
-FROM mcr.microsoft.com/devcontainers/ruby:1-3.2-bullseye
+FROM mcr.microsoft.com/devcontainers/ruby:1-3.3-bookworm
 
-# Install Rails
-# RUN gem install rails webdrivers
+# Install node version from .nvmrc
+WORKDIR /app
+COPY .nvmrc .
+RUN /bin/bash --login -i -c "nvm install"
 
-ARG NODE_VERSION="20"
-RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"
+# Install additional OS packages
+RUN apt-get update && \
+    export DEBIAN_FRONTEND=noninteractive && \
+    apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg imagemagick libvips42 libpam-dev
 
-# [Optional] Uncomment this section to install additional OS packages.
-RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
-    && apt-get -y install --no-install-recommends libicu-dev libidn11-dev ffmpeg imagemagick libpam-dev
+# Disable download prompt for Corepack
+ENV COREPACK_ENABLE_DOWNLOAD_PROMPT=0
 
-# [Optional] Uncomment this line to install additional gems.
-RUN gem install foreman
-
-# [Optional] Uncomment this line to install global node packages.
-RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && corepack enable" 2>&1
-
-COPY welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt
+# Move welcome message to where VS Code expects it
+COPY .devcontainer/welcome-message.txt /usr/local/etc/vscode-dev-containers/first-run-notice.txt

.devcontainer/codespaces/devcontainer.json

@@ -1,11 +1,11 @@
 {
   "name": "Mastodon on GitHub Codespaces",
-  "dockerComposeFile": "../docker-compose.yml",
+  "dockerComposeFile": "../compose.yaml",
   "service": "app",
   "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
 
   "features": {
-    "ghcr.io/devcontainers/features/sshd:1": {},
+    "ghcr.io/devcontainers/features/sshd:1": {}
   },
 
   "runServices": ["app", "db", "redis"],
@@ -15,16 +15,18 @@
   "portsAttributes": {
     "3000": {
       "label": "web",
-      "onAutoForward": "notify",
+      "onAutoForward": "notify"
     },
     "4000": {
       "label": "stream",
-      "onAutoForward": "silent",
-    },
+      "onAutoForward": "silent"
+    }
   },
 
+  "remoteUser": "root",
+
   "otherPortsAttributes": {
-    "onAutoForward": "silent",
+    "onAutoForward": "silent"
   },
 
   "remoteEnv": {
@@ -33,17 +35,17 @@
     "STREAMING_API_BASE_URL": "https://${localEnv:CODESPACE_NAME}-4000.app.github.dev",
     "DISABLE_FORGERY_REQUEST_PROTECTION": "true",
     "ES_ENABLED": "",
-    "LIBRE_TRANSLATE_ENDPOINT": "",
+    "LIBRE_TRANSLATE_ENDPOINT": ""
   },
 
   "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
-  "postCreateCommand": ".devcontainer/post-create.sh",
+  "postCreateCommand": "bin/setup",
   "waitFor": "postCreateCommand",
 
   "customizations": {
     "vscode": {
       "settings": {},
-      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"],
-    },
-  },
+      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
+    }
+  }
 }

.devcontainer/docker-compose.yml → .devcontainer/compose.yaml

@@ -1,12 +1,11 @@
-version: '3'
-
 services:
   app:
+    working_dir: /workspaces/mastodon/
     build:
-      context: .
-      dockerfile: Dockerfile
+      context: ..
+      dockerfile: .devcontainer/Dockerfile
     volumes:
-      - ../..:/workspaces:cached
+      - ..:/workspaces/mastodon:cached
     environment:
       RAILS_ENV: development
       NODE_ENV: development
@@ -70,7 +69,7 @@ services:
         hard: -1
 
   libretranslate:
-    image: libretranslate/libretranslate:v1.5.4
+    image: libretranslate/libretranslate:v1.6.0
     restart: unless-stopped
     volumes:
       - lt-data:/home/libretranslate/.local

.devcontainer/devcontainer.json

@@ -1,11 +1,11 @@
 {
   "name": "Mastodon on local machine",
-  "dockerComposeFile": "docker-compose.yml",
+  "dockerComposeFile": "compose.yaml",
   "service": "app",
   "workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
 
   "features": {
-    "ghcr.io/devcontainers/features/sshd:1": {},
+    "ghcr.io/devcontainers/features/sshd:1": {}
   },
 
   "forwardPorts": [3000, 4000],
@@ -14,27 +14,29 @@
     "3000": {
       "label": "web",
       "onAutoForward": "notify",
-      "requireLocalPort": true,
+      "requireLocalPort": true
     },
     "4000": {
       "label": "stream",
       "onAutoForward": "silent",
-      "requireLocalPort": true,
-    },
+      "requireLocalPort": true
+    }
   },
 
+  "remoteUser": "root",
+
   "otherPortsAttributes": {
-    "onAutoForward": "silent",
+    "onAutoForward": "silent"
   },
 
   "onCreateCommand": "git config --global --add safe.directory ${containerWorkspaceFolder}",
-  "postCreateCommand": ".devcontainer/post-create.sh",
+  "postCreateCommand": "bin/setup",
   "waitFor": "postCreateCommand",
 
   "customizations": {
     "vscode": {
       "settings": {},
-      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"],
-    },
-  },
+      "extensions": ["EditorConfig.EditorConfig", "webben.browserslist"]
+    }
+  }
 }

.devcontainer/welcome-message.txt

@@ -1,8 +1,7 @@
-👋 Welcome to "Mastodon" in GitHub Codespaces!
+👋 Welcome to your Mastodon Dev Container!
 
-🛠️  Your environment is fully setup with all the required software.
+🛠️ Your environment is fully setup with all the required software.
 
-🔍 To explore VS Code to its fullest, search using the Command Palette (Cmd/Ctrl + Shift + P or F1).
-
-📝 Edit away, run your app as usual, and we'll automatically make it available for you to access.
+💥 Run `bin/dev` to start the application processes.
 
+🥼 Run `RAILS_ENV=test bin/rails assets:precompile && RAILS_ENV=test bin/rspec` to run the test suite.

.env.development

@@ -0,0 +1,4 @@
+# Required by ActiveRecord encryption feature
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=fkSxKD2bF396kdQbrP1EJ7WbU7ZgNokR
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=r0hvVmzBVsjxC7AMlwhOzmtc36ZCOS1E
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=PhdFyyfy5xJ7WVd2lWBpcPScRQHzRTNr

.env.production.catcatnya

@@ -5,6 +5,9 @@ SECRET_KEY_BASE=[REDACTED]
 OTP_SECRET=[REDACTED]
 VAPID_PRIVATE_KEY=[REDACTED]
 VAPID_PUBLIC_KEY=[REDACTED]
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=[REDACTED]
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=[REDACTED]
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=[REDACTED]
 DB_HOST=[REDACTED]
 DB_PORT=[REDACTED]
 DB_NAME=[REDACTED]
@@ -37,10 +40,11 @@ MAX_DESCRIPTION_CHARS=69420
 MAX_BIO_CHARS=69420
 MAX_PROFILE_FIELDS=10
 MAX_PINNED_TOOTS=10
-MAX_DISPLAY_NAME_CHARS=50
+MAX_DISPLAY_NAME_CHARS=100
 MIN_POLL_OPTIONS=1
 MAX_POLL_OPTIONS=20
 MAX_REACTIONS=3
 MAX_SEARCH_RESULTS=1000
 MAX_REMOTE_EMOJI_SIZE=1048576
 IP_RETENTION_PERIOD=86400
+ENABLE_SUSPICIOUS_SIGN_IN=false

.env.production.sample

@@ -1,5 +1,5 @@
 # This is a sample configuration file. You can generate your configuration
-# with the `rake mastodon:setup` interactive setup wizard, but to customize
+# with the `bundle exec rails mastodon:setup` interactive setup wizard, but to customize
 # your setup even further, you'll need to edit it manually. This sample does
 # not demonstrate all available configuration options. Please look at
 # https://docs.joinmastodon.org/admin/config/ for the full documentation.
@@ -68,15 +68,15 @@ DB_PORT=5432
 
 # Secrets
 # -------
-# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web bundle exec rake secret` if you use docker compose)
+# Generate each with the `RAILS_ENV=production bundle exec rails secret` task (`docker-compose run --rm web bundle exec rails secret` if you use docker compose)
 # -------
 SECRET_KEY_BASE=
 OTP_SECRET=
 
 
 # Web Push
 # --------
-# Generate with `rake mastodon:webpush:generate_vapid_key` (first is the private key, second is the public one)
+# Generate with `bundle exec rails mastodon:webpush:generate_vapid_key` (first is the private key, second is the public one)
 # You should only generate this once per instance. If you later decide to change it, all push subscription will
 # be invalidated, requiring the users to access the website again to resubscribe.
 # --------
@@ -307,8 +307,14 @@ MAX_REACTIONS=1
 
 # IP and session retention
 # -----------------------
-# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml
+# Make sure to modify the scheduling of ip_cleanup_scheduler in config/sidekiq.yml (already applied for Catstodon)
 # to be less than daily if you lower IP_RETENTION_PERIOD below two days (172800).
 # -----------------------
 IP_RETENTION_PERIOD=31556952
 SESSION_RETENTION_PERIOD=31556952
+
+# In case you've shortened IP retention a lot, you may want to disable the suspicious sign in detector entirely,
+# in order to avoid spurious "suspicious login detected" emails being sent to users.
+# The default is true, because for the default retention period of one year, there is good data for such emails.
+# For instances having a retention period of merely a day, that may not be enough, so you may set it to false.
+#ENABLE_SUSPICIOUS_SIGN_IN=false

.env.test

@@ -3,3 +3,9 @@ NODE_ENV=production
 # Federation
 LOCAL_DOMAIN=cb6e6126.ngrok.io
 LOCAL_HTTPS=true
+
+# Secret values required by ActiveRecord encryption feature
+# Use `bin/rails db:encryption:init` to generate fresh secrets
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=test_determinist_key_DO_NOT_USE_IN_PRODUCTION
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=test_salt_DO_NOT_USE_IN_PRODUCTION
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=test_primary_key_DO_NOT_USE_IN_PRODUCTION