Merge with 2.8.2 (#7)

* Add new pt-br translations (mastodon#10564)

* New strings added into the Slovak translation (mastodon#10562)

* New strings added into the Slovak translation

* Update sk.yml

* Update sk.yml

* Update sk.yml

* Update sk.yml

* Small SK locale fixes (mastodon#10561)

* Small SK locale fixes

* Update devise.sk.yml

* Bump capybara from 3.16.1 to 3.16.2 (mastodon#10552)

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.16.1 to 3.16.2.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](teamcapybara/capybara@3.16.1...3.16.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump rubocop from 0.67.1 to 0.67.2 (mastodon#10500)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.67.1 to 0.67.2.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop@v0.67.1...v0.67.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump oj from 3.7.11 to 3.7.12 (mastodon#10581)

Bumps [oj](https://github.com/ohler55/oj) from 3.7.11 to 3.7.12.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/master/CHANGELOG.md)
- [Commits](ohler55/oj@v3.7.11...v3.7.12)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* i18n: Update Corsican translation (mastodon#10583)

* Updates the Slovak translation further (mastodon#10584)

* Important Slovak grammar fixes (mastodon#10585)

* Important grammar fixes for SK Devise translation

* Important Slovak grammar fixes

* Update devise.sk.yml

* Important Slovak grammar fixes

Last batch for today :-)

* Update devise.sk.yml

* Update sk.yml

* Update sk.yml

* Update sk.yml

* Allow modal secondary button to shrink and allow wider confirmation modals (mastodon#10586)

Fixes mastodon#10531

* Update sk.yml translation again (mastodon#10589)

* Update sk.yml

* Update sk.yml

* Update sk.yml

* Bump sidekiq-unique-jobs from 6.0.12 to 6.0.13 (mastodon#10580)

Bumps [sidekiq-unique-jobs](https://github.com/mhenrixon/sidekiq-unique-jobs) from 6.0.12 to 6.0.13.
- [Release notes](https://github.com/mhenrixon/sidekiq-unique-jobs/releases)
- [Changelog](https://github.com/mhenrixon/sidekiq-unique-jobs/blob/master/CHANGELOG.md)
- [Commits](mhenrixon/sidekiq-unique-jobs@v6.0.12...v6.0.13)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump sidekiq from 5.2.5 to 5.2.6 (mastodon#10582)

Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.5 to 5.2.6.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](sidekiq/sidekiq@v5.2.5...v5.2.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Some new strings for Slovak (mastodon#10596)

* Configrationable repository url (mastodon#10600)

* config: Add GITHUB_REPOSITORY for repository name

* config: Add SOURCE_BASE_URL for repository url

* Show source_url and repository name on getting started

* Use correct local names for fonts (mastodon#10594)

* Update NL (Dutch) translation (mastodon#10601)

* Update NL language strings

Have to do it this way, cause this file is locked on Weblate

* fix

* Update simple_form.nl.yml

* Update nl.yml

* Animate avatar GIFs on-hover on public profiles (mastodon#10549)

* Third time is the charm?

* Use full asset URL for data-static and data-original

̀image_tag` expands to the full asset URL, we have to do the same in `data` attributes so that it can work when assets and user data are stored on a different host

* Treat meta[property] as a space-separated list (mastodon#10604)

The @Property attribute in HTML is a space-separated list of values.
This change normalizes whitespace and finds the desired value in
the list instead of requiring an exact single-value match.

More details:
https://www.ctrl.blog/entry/rdfa-socialmedia-metadata.html

* Update hy.json (mastodon#10591)

* Bump lograge from 0.10.0 to 0.11.0 (mastodon#10588)

Bumps [lograge](https://github.com/roidrage/lograge) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/roidrage/lograge/releases)
- [Changelog](https://github.com/roidrage/lograge/blob/master/CHANGELOG.md)
- [Commits](roidrage/lograge@v0.10.0...v0.11.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump webpush from 0.3.7 to 0.3.8 (mastodon#10592)

Bumps [webpush](https://github.com/zaru/webpush) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/zaru/webpush/releases)
- [Changelog](https://github.com/zaru/webpush/blob/master/CHANGELOG.md)
- [Commits](zaru/webpush@v0.3.7...v0.3.8)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Add hi.json (mastodon#10573)

* Default to the web domain (eg. mastodon.lubar.me) instead of the local domain (eg. lubar.me) for keybase proofs (mastodon#10565)

* i18n: Update Catalan translation (mastodon#10559)

* Updated Catalan strings

* Update ca.yml

* Update ca.yml

* Update ca.yml

* Update ca.yml

* Update ca.yml

* Update ca.yml

* Update ca.yml

* Update simple_form.ca.yml

* Update simple_form.ca.yml

* Update simple_form.ca.yml

* bundle exec i18n-tasks

* Update ca.json

* Update simple_form.ca.yml

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* i18n: Update Catalan translations

* Small fix Dutch translation (mastodon#10612)

* Small fix Dutch translation

* Better descriptive titles

See mastodon#10611

* i18n: Fix misleading strings in Polish translation (mastodon#10615)

* Bump cld3 from 3.2.3 to 3.2.4 (mastodon#10617)

Bumps [cld3](https://github.com/akihikodaki/cld3-ruby) from 3.2.3 to 3.2.4.
- [Release notes](https://github.com/akihikodaki/cld3-ruby/releases)
- [Commits](akihikodaki/cld3-ruby@v3.2.3...v3.2.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Minor code cleanup (mastodon#10613)

* Fix modal items cannot scroll on touch devices (mastodon#10605)

* Allow switching between singe-option and multiple-option polls (mastodon#10603)

* Bump doorkeeper from 5.0.2 to 5.1.0 (mastodon#10598)

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md)
- [Commits](doorkeeper-gem/doorkeeper@v5.0.2...v5.1.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump aws-sdk-s3 from 1.36.0 to 1.36.1 (mastodon#10618)

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.36.0 to 1.36.1.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](aws/aws-sdk-ruby@v1.36.0...v1.36.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Fixed Healthchecks in docker-compose.yml (mastodon#10553)

* Bump capybara from 3.16.2 to 3.17.0 (mastodon#10602)

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.16.2 to 3.17.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](teamcapybara/capybara@3.16.2...3.17.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* [Security] Bump nokogiri from 1.10.2 to 1.10.3 (mastodon#10620)

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.2 to 1.10.3. **This update includes security fixes.**
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.10.2...v1.10.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Fix sign up button not saying sign up when invite is used (mastodon#10623)

Fix mastodon#10616

* Fix stoplight logging to stderr separate from Rails logger (mastodon#10624)

* Bump capybara from 3.17.0 to 3.18.0 (mastodon#10626)

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.17.0 to 3.18.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](teamcapybara/capybara@3.17.0...3.18.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump sidekiq from 5.2.6 to 5.2.7 (mastodon#10627)

Bumps [sidekiq](https://github.com/mperham/sidekiq) from 5.2.6 to 5.2.7.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](sidekiq/sidekiq@v5.2.6...v5.2.7)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Reject follow requests of blocked users (mastodon#10633)

* Fix upload progressbar when image resizing is involved (mastodon#10632)

* Fix not being able to save e-mail preference for new pending accounts (mastodon#10622)

* Fix LDAP/PAM/SAML/CAS users not being approved instantly (mastodon#10621)

* Bump bootsnap from 1.4.3 to 1.4.4 (mastodon#10634)

Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](Shopify/bootsnap@v1.4.3...v1.4.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* New string added for Slovak translation (mastodon#10637)

* Add blurhash (mastodon#10630)

* Add blurhash

* Use fallback color for spoiler when blurhash missing

* Federate the blurhash and accept it as long as it's at most 5x5

* Display unknown media attachments as blurhash placeholders

* Improve style of embed actions and spoiler button

* Change blurhash resolution from 3x3 to 4x4

* Improve dependency definitions

* Fix code style issues

* Fix approved column being set to nil instead of false (mastodon#10642)

Fix mastodon#10621 (comment)

* Update hy.json (mastodon#10644)

* Bump rubocop from 0.67.2 to 0.68.0 (mastodon#10654)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.67.2 to 0.68.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop@v0.67.2...v0.68.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump bullet from 5.9.0 to 6.0.0 (mastodon#10635)

Bumps [bullet](https://github.com/flyerhzm/bullet) from 5.9.0 to 6.0.0.
- [Release notes](https://github.com/flyerhzm/bullet/releases)
- [Changelog](https://github.com/flyerhzm/bullet/blob/master/CHANGELOG.md)
- [Commits](flyerhzm/bullet@5.9.0...6.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump annotate from 2.7.4 to 2.7.5 (mastodon#10651)

Bumps [annotate](https://github.com/ctran/annotate_models) from 2.7.4 to 2.7.5.
- [Release notes](https://github.com/ctran/annotate_models/releases)
- [Changelog](https://github.com/ctran/annotate_models/blob/develop/CHANGELOG.rdoc)
- [Commits](ctran/annotate_models@v2.7.4...2.7.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump rubocop from 0.68.0 to 0.68.1 (mastodon#10658)

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.68.0 to 0.68.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](rubocop/rubocop@v0.68.0...v0.68.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Minor fixes to the French translation (mastodon#10662)

* Disallow robots from indexing /interact/ (mastodon#10666)

This does not provide any new information and may just triple the number
of crawled pages

* Check that an invite link is valid before bypassing approval mode (mastodon#10657)

* Check that an invite link is valid before bypassing approval mode

Fixes mastodon#10656

* Add tests

* Only consider valid invite links in registration controller

* fixup

* Change account gallery in web UI (mastodon#10667)

- 3 items per row instead of 2
- Use blurhash for previews
- Animate/hover-to-play GIFs and videos
- Open media modal instead of opening status
- Allow opening status instead with ctrl+click and open in new tab

* Fix alignment of items in the account gallery in web UI and load more per page (mastodon#10674)

* Make the "mark media as sensitive" button more obvious in web UI (mastodon#10673)

* Make the "mark media as sensitive" button more obvious in web UI

* Use eye-slash icon instead of eye icon to mean "hide"

* When selecting a toot via keyboard, ensure it is scrolled into view (mastodon#10593)

* Bump fabrication from 2.20.1 to 2.20.2 (mastodon#10677)

Bumps [fabrication](https://github.com/paulelliott/fabrication) from 2.20.1 to 2.20.2.
- [Release notes](https://github.com/paulelliott/fabrication/releases)
- [Changelog](https://github.com/paulelliott/fabrication/blob/master/Changelog.markdown)
- [Commits](paulelliott/fabrication@2.20.1...2.20.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump scss_lint from 0.57.1 to 0.58.0 (mastodon#10678)

Bumps [scss_lint](https://github.com/sds/scss-lint) from 0.57.1 to 0.58.0.
- [Release notes](https://github.com/sds/scss-lint/releases)
- [Changelog](https://github.com/sds/scss-lint/blob/master/CHANGELOG.md)
- [Commits](sds/scss-lint@v0.57.1...v0.58.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump rack-attack from 5.4.2 to 6.0.0 (mastodon#10599)

* Bump rack-attack from 5.4.2 to 6.0.0

Bumps [rack-attack](https://github.com/kickstarter/rack-attack) from 5.4.2 to 6.0.0.
- [Release notes](https://github.com/kickstarter/rack-attack/releases)
- [Changelog](https://github.com/kickstarter/rack-attack/blob/master/CHANGELOG.md)
- [Commits](rack/rack-attack@v5.4.2...v6.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* fix payload[:request]

* Add button to view context to media modal (mastodon#10676)

* Add "view context" button to media modal when opened from gallery

* Add "view context" button to video modal

Allow closing the video modal by navigating back in the browser,
just like the media modal

* Provide a link to existing domain block when trying to block an already-blocked domain (mastodon#10663)

* When trying to block an already-blocked domain, provide a link to the block

* Fix styling for links in flash messages

* Allow blocks to be upgraded but not downgraded

* Explicitly disable storage of REST API results (mastodon#10655)

Fixes mastodon#10652

* Change font weight of sensitive button to 500 (mastodon#10682)

* Fix accounts created through tootctl not being always pre-approved (mastodon#10684)

Add `--approve` option to `tootctl accounts modify`

* Change e-mail whitelist/blacklist to not be checked when invited (mastodon#10683)

* Change e-mail whitelist/blacklist to not be checked when invited

And only when creating an account, not when updating it later

Fix mastodon#10648

* Fix test

* Do not retry processing ActivityPub jobs raising validation errors (mastodon#10614)

* Do not retry processing ActivityPub jobs raising validation errors

Jobs yielding validation errors most probably won't ever be accepted,
so it makes sense not to clutter the queues with retries.

* Lower RecordInvalid error reporting to debug log level

* Remove trailing whitespace

* Bump version to 2.8.1 (mastodon#10687)

* Add `tootctl cache clear` (mastodon#10689)

* i18n: Update Corsican translation (mastodon#10692)

* Minor account media gallery fixes (mastodon#10695)

* Make the cursor icon consistant across media types in account media gallery

* Fix the video player modal causing scroll position to reset

* Add SOURCE_TAG to show source repository's tag (mastodon#10698)

* Fix transition: all (mastodon#10699)

* Bump blurhash from 0.1.2 to 0.1.3 (mastodon#10700)

* Make sure the instance banner is never cropped (mastodon#10702)

* I18n: Update Czech translation 🇨🇿 (mastodon#10704)

* I18n: Update Czech translation

* Tiny fix

* Minor Slovak locale update (mastodon#10705)

* Bump version to 2.8.2 (mastodon#10703)

CHANGELOG.md

@@ -3,6 +3,57 @@ Changelog
 
 All notable changes to this project will be documented in this file.
 
+## [2.8.2] - 2019-05-05
+### Added
+
+- Add `SOURCE_TAG` environment variable ([ushitora-anqou](https://github.com/tootsuite/mastodon/pull/10698))
+
+### Fixed
+
+- Fix cropped hero image on frontpage ([BaptisteGelez](https://github.com/tootsuite/mastodon/pull/10702))
+- Fix blurhash gem not compiling on some operating systems ([Gargron](https://github.com/tootsuite/mastodon/pull/10700))
+- Fix unexpected CSS animations in some browsers ([ThibG](https://github.com/tootsuite/mastodon/pull/10699))
+- Fix closing video modal scrolling timelines to top ([ThibG](https://github.com/tootsuite/mastodon/pull/10695))
+
+## [2.8.1] - 2019-05-04
+### Added
+
+- Add link to existing domain block when trying to block an already-blocked domain ([ThibG](https://github.com/tootsuite/mastodon/pull/10663))
+- Add button to view context to media modal when opened from account gallery in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10676))
+- Add ability to create multiple-choice polls in web UI ([ThibG](https://github.com/tootsuite/mastodon/pull/10603))
+- Add `GITHUB_REPOSITORY` and `SOURCE_BASE_URL` environment variables ([rosylilly](https://github.com/tootsuite/mastodon/pull/10600))
+- Add `/interact/` paths to `robots.txt` ([ThibG](https://github.com/tootsuite/mastodon/pull/10666))
+- Add `blurhash` to the Attachment entity in the REST API ([Gargron](https://github.com/tootsuite/mastodon/pull/10630))
+
+### Changed
+
+- Change hidden media to be shown as a blurhash-based colorful gradient instead of a black box in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10630))
+- Change rejected media to be shown as a blurhash-based gradient instead of a list of filenames in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10630))
+- Change e-mail whitelist/blacklist to not be checked when invited ([Gargron](https://github.com/tootsuite/mastodon/pull/10683))
+- Change cache header of REST API results to no-cache ([ThibG](https://github.com/tootsuite/mastodon/pull/10655))
+- Change the "mark media as sensitive" button to be more obvious in web UI ([Gargron](https://github.com/tootsuite/mastodon/pull/10673), [Gargron](https://github.com/tootsuite/mastodon/pull/10682))
+- Change account gallery in web UI to display 3 columns, open media modal ([Gargron](https://github.com/tootsuite/mastodon/pull/10667), [Gargron](https://github.com/tootsuite/mastodon/pull/10674))
+
+### Fixed
+
+- Fix LDAP/PAM/SAML/CAS users not being pre-approved ([Gargron](https://github.com/tootsuite/mastodon/pull/10621))
+- Fix accounts created through tootctl not being always pre-approved ([Gargron](https://github.com/tootsuite/mastodon/pull/10684))
+- Fix Sidekiq retrying ActivityPub processing jobs that fail validation ([ThibG](https://github.com/tootsuite/mastodon/pull/10614))
+- Fix toots not being scrolled into view sometimes through keyboard selection ([ThibG](https://github.com/tootsuite/mastodon/pull/10593))
+- Fix expired invite links being usable to bypass approval mode ([ThibG](https://github.com/tootsuite/mastodon/pull/10657))
+- Fix not being able to save e-mail preference for new pending accounts ([Gargron](https://github.com/tootsuite/mastodon/pull/10622))
+- Fix upload progressbar when image resizing is involved ([ThibG](https://github.com/tootsuite/mastodon/pull/10632))
+- Fix block action not automatically cancelling pending follow request ([ThibG](https://github.com/tootsuite/mastodon/pull/10633))
+- Fix stoplight logging to stderr separate from Rails logger ([Gargron](https://github.com/tootsuite/mastodon/pull/10624))
+- Fix sign up button not saying sign up when invite is used ([Gargron](https://github.com/tootsuite/mastodon/pull/10623))
+- Fix health checks in Docker Compose configuration ([fabianonline](https://github.com/tootsuite/mastodon/pull/10553))
+- Fix modal items not being scrollable on touch devices ([kedamaDQ](https://github.com/tootsuite/mastodon/pull/10605))
+- Fix Keybase configuration using wrong domain when a web domain is used ([BenLubar](https://github.com/tootsuite/mastodon/pull/10565))
+- Fix avatar GIFs not being animated on-hover on public profiles ([hyenagirl64](https://github.com/tootsuite/mastodon/pull/10549))
+- Fix OpenGraph parser not understanding some valid property meta tags ([da2x](https://github.com/tootsuite/mastodon/pull/10604))
+- Fix wrong fonts being displayed when Roboto is installed on user's machine ([ThibG](https://github.com/tootsuite/mastodon/pull/10594))
+- Fix confirmation modals being too narrow for a secondary action button ([ThibG](https://github.com/tootsuite/mastodon/pull/10586))
+
 ## [2.8.0] - 2019-04-10
 ### Added
 

Gemfile

@@ -21,6 +21,7 @@ gem 'fog-openstack', '~> 0.3', require: false
 gem 'paperclip', '~> 6.0'
 gem 'paperclip-av-transcoder', '~> 0.6'
 gem 'streamio-ffmpeg', '~> 3.0'
+gem 'blurhash', '~> 0.1'
 
 gem 'active_model_serializers', '~> 0.10'
 gem 'addressable', '~> 2.6'
@@ -29,7 +30,7 @@ gem 'browser'
 gem 'charlock_holmes', '~> 0.7.6'
 gem 'iso-639'
 gem 'chewy', '~> 5.0'
-gem 'cld3', '~> 3.2.3'
+gem 'cld3', '~> 3.2.4'
 gem 'devise', '~> 4.6'
 gem 'devise-two-factor', '~> 3.0'
 
@@ -42,7 +43,7 @@ gem 'omniauth-cas', '~> 1.1'
 gem 'omniauth-saml', '~> 1.10'
 gem 'omniauth', '~> 1.9'
 
-gem 'doorkeeper', '~> 5.0'
+gem 'doorkeeper', '~> 5.1'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'goldfinger', '~> 2.1'
@@ -65,7 +66,7 @@ gem 'ox', '~> 2.10'
 gem 'posix-spawn', git: 'https://github.com/rtomayko/posix-spawn', ref: '58465d2e213991f8afb13b984854a49fcdcc980c'
 gem 'pundit', '~> 2.0'
 gem 'premailer-rails'
-gem 'rack-attack', '~> 5.4'
+gem 'rack-attack', '~> 6.0'
 gem 'rack-cors', '~> 1.0', require: 'rack/cors'
 gem 'rails-i18n', '~> 5.1'
 gem 'rails-settings-cached', '~> 0.6'
@@ -107,7 +108,7 @@ group :production, :test do
 end
 
 group :test do
-  gem 'capybara', '~> 3.16'
+  gem 'capybara', '~> 3.18'
   gem 'climate_control', '~> 0.2'
   gem 'faker', '~> 1.9'
   gem 'microformats', '~> 4.1'
@@ -123,14 +124,14 @@ group :development do
   gem 'annotate', '~> 2.7'
   gem 'better_errors', '~> 2.5'
   gem 'binding_of_caller', '~> 0.7'
-  gem 'bullet', '~> 5.9'
+  gem 'bullet', '~> 6.0'
   gem 'letter_opener', '~> 1.7'
   gem 'letter_opener_web', '~> 1.3'
   gem 'memory_profiler'
-  gem 'rubocop', '~> 0.67', require: false
+  gem 'rubocop', '~> 0.68', require: false
   gem 'brakeman', '~> 4.5', require: false
   gem 'bundler-audit', '~> 0.6', require: false
-  gem 'scss_lint', '~> 0.57', require: false
+  gem 'scss_lint', '~> 0.58', require: false
 
   gem 'capistrano', '~> 3.11'
   gem 'capistrano-rails', '~> 1.4'
@@ -142,7 +143,7 @@ group :development do
 end
 
 group :production do
-  gem 'lograge', '~> 0.10'
+  gem 'lograge', '~> 0.11'
   gem 'redis-rails', '~> 5.0'
 end