Merge branch 'main' into glitch-soc/merge-upstream

Conflicts:
- `app/validators/status_length_validator.rb`:
  Upstream changes too close to glitch-soc MAX_CHARS changes, but not a real
  conflict.
  Applied upstream changes.
- `package.json`:
  glitch-soc-only dependency textually too close to a dependency updated
  upstream, not a real conflict.
  Applied upstream changes.

6 files changed, 40 insertions, 9 deletions

diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index c0db49907..2a6cca7dc 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -94,11 +94,15 @@ class Rack::Attack
   end
 
   throttle('throttle_email_confirmations/ip', limit: 25, period: 5.minutes) do |req|
-    req.remote_ip if req.post? && req.path == '/auth/confirmation'
+    req.remote_ip if req.post? && %w(/auth/confirmation /api/v1/emails/confirmations).include?(req.path)
   end
 
   throttle('throttle_email_confirmations/email', limit: 5, period: 30.minutes) do |req|
-    req.params.dig('user', 'email').presence if req.post? && req.path == '/auth/password'
+    if req.post? && req.path == '/auth/password'
+      req.params.dig('user', 'email').presence
+    elsif req.post? && req.path == '/api/v1/emails/confirmations'
+      req.authenticated_user_id
+    end
   end
 
   throttle('throttle_login_attempts/ip', limit: 25, period: 5.minutes) do |req|
diff --git a/config/initializers/twitter_regex.rb b/config/initializers/twitter_regex.rb
index aca85dd43..3ff2aa9e5 100644
--- a/config/initializers/twitter_regex.rb
+++ b/config/initializers/twitter_regex.rb
@@ -1,4 +1,10 @@
-module Twitter
+module Twitter::TwitterText
+  class Configuration
+    def emoji_parsing_enabled
+      false
+    end
+  end
+
   class Regex
     REGEXEN[:valid_general_url_path_chars] = /[^\p{White_Space}<>\(\)\?]/iou
     REGEXEN[:valid_url_path_ending_chars] = /[^\p{White_Space}\(\)\?!\*"'「」<>;:=\,\.\$%\[\]~&\|@]|(?:#{REGEXEN[:valid_url_balanced_parens]})/iou
@@ -79,7 +85,7 @@ module Twitter
       return [] unless text && text.index(":")
       urls = []
 
-      text.to_s.scan(Twitter::Regex[:valid_extended_uri]) do
+      text.to_s.scan(Twitter::TwitterText::Regex[:valid_extended_uri]) do
         valid_uri_match_data = $~
 
         start_position = valid_uri_match_data.char_begin(3)
diff --git a/config/locales/activerecord.en.yml b/config/locales/activerecord.en.yml
index 8533418cc..ec8dad1b1 100644
--- a/config/locales/activerecord.en.yml
+++ b/config/locales/activerecord.en.yml
@@ -5,13 +5,28 @@ en:
       poll:
         expires_at: Deadline
         options: Choices
+      user:
+        agreement: Service agreement
+        email: E-mail address
+        locale: Locale
+        password: Password
+      user/account:
+        username: Username
+      user/invite_request:
+        text: Reason
     errors:
       models:
         account:
           attributes:
             username:
-              invalid: only letters, numbers and underscores
+              invalid: must contain only letters, numbers and underscores
+              reserved: is reserved
         status:
           attributes:
             reblog:
               taken: of status already exists
+        user:
+          attributes:
+            email:
+              blocked: uses a disallowed e-mail provider
+              unreachable: does not seem to exist
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 0c38c5ae1..beb568346 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -80,7 +80,6 @@ en:
       other: Toots
     posts_tab_heading: Toots
     posts_with_replies: Toots and replies
-    reserved_username: The username is reserved
     roles:
       admin: Admin
       bot: Bot
@@ -1410,11 +1409,8 @@ en:
       tips: Tips
       title: Welcome aboard, %{name}!
   users:
-    blocked_email_provider: This e-mail provider isn't allowed
     follow_limit_reached: You cannot follow more than %{limit} people
     generic_access_help_html: Trouble accessing your account? You may get in touch with %{email} for assistance
-    invalid_email: The e-mail address is invalid
-    invalid_email_mx: The e-mail address does not seem to exist
     invalid_otp_token: Invalid two-factor code
     invalid_sign_in_token: Invalid security code
     otp_lost_help_html: If you lost access to both, you may get in touch with %{email}
diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml
index 4b5ff7ae8..97d5b3122 100644
--- a/config/locales/simple_form.en.yml
+++ b/config/locales/simple_form.en.yml
@@ -14,6 +14,12 @@ en:
         send_email_notification: The user will receive an explanation of what happened with their account
         text_html: Optional. You can use toot syntax. You can <a href="%{path}">add warning presets</a> to save time
         type_html: Choose what to do with <strong>%{acct}</strong>
+        types:
+          disable: Prevent the user from using their account, but do not delete or hide their contents.
+          none: Use this to send a warning to the user, without triggering any other action.
+          sensitive: Force all this user's media attachments to be flagged as sensitive.
+          silence: Prevent the user from being able to post with public visibility, hide their posts and notifications from people not following them.
+          suspend: Prevent any interaction from or to this account and delete its contents. Revertible within 30 days.
         warning_preset_id: Optional. You can still add custom text to end of the preset
       announcement:
         all_day: When checked, only the dates of the time range will be displayed
diff --git a/config/routes.rb b/config/routes.rb
index 191229ed8..6814dc61e 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -406,6 +406,10 @@ Rails.application.routes.draw do
 
       resources :apps, only: [:create]
 
+      namespace :emails do
+        resources :confirmations, only: [:create]
+      end
+
       resource :instance, only: [:show] do
         resources :peers, only: [:index], controller: 'instances/peers'
         resource :activity, only: [:show], controller: 'instances/activity'