Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.25.0 to 2.26.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.25.0...v2.26.0

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2018.6 to 1.2018.7.
- [Release notes](https://github.com/tzinfo/tzinfo-data/releases)
- [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2018.6...v1.2018.7

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.59.2 to 0.60.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.59.2...v0.60.0

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.0.1...v5.0.2

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Update i18n-tasks and CircleCI command

* Fix #9088

* Update i18n-tasks

* Fix ast

* Reset status cache when status_stat or media_attachment updates

Fix #8711

Media attachments are generally immutable, but admins can update
the sensitive flag, and this would ensure the change is visible
instantly. Same for updates to status stats. That is a regression
from #8185, because even the correct updated_at fetched from a join
doesn't seem to invalidate the cache.

* Remove join from Status#cache_ids since it has no effect

* Add progress indicators to MigrateAccountConversations

* Avoid running expensive query for explain

* Use exec_query instead of execute

* Include preview cards in status entity in REST API

* Display preview card in-stream

* Improve in-stream display of preview cards

Leave `tootctl accounts cull` to simply check removed accounts from
live domains, and skip temporarily unavailable domains, while listing
them in the final output for further action.

Add `tootctl domains purge DOMAIN` to be able to purge a domain from
that list manually

e.g., typing “blob_cat_p” used to search for “blob” and “cat”, but not
“blob_cat_p”, which means “blob_cat_patpat” is very unlikely to show up,
although it is likely what the user wanted to type in the first place.

* Add locality check to ActivityPub::FetchRemoteAccountService

Fix #8643

Because there are a few places where it is called, it is difficult
to confirm if they all previously checked it for locality. It's better
to make sure within the service.

* Remove faux-remote duplicates of local accounts

* RTL: fix column-back-button__icon margins/content

* Update rtl.scss

* Update rtl.scss

Fixes #9115

* Fix missing `mention` argument when processing incoming Create activities

* Fix typo (param → params)

* Remove display name and bio counter hint, simply limit input

* Remove now redundant translations

* Fix code style issue

Fix #9097

Fix #9096

Fix #9091

* i18n: Update Polish translation

Signed-off-by: Marcin Mikołajczak <me@m4sk.in>

* kruci

Signed-off-by: Marcin Mikołajczak <me@m4sk.in>

* Update config/locales/pl.yml

Co-Authored-By: m4sk1n <me@m4sk.in>

Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.24.0 to 2.25.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.24.0...v2.25.0

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.21.0 to 1.23.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

* Bump version to 2.6.0rc2

* Update CHANGELOG.md

Right now, this includes three endpoints: host-meta, webfinger, and change-password.

host-meta and webfinger are publicly available and do not use any authentication. Nothing bad can be done by accessing them in a user's browser.

change-password being CORS-enabled will only reveal the URL it redirects to (which is /auth/edit) but not anything about the actual /auth/edit page, because it does not have CORS enabled.

The documentation for hosting an instance on a different domain should also be updated to point out that Access-Control-Allow-Origin: * should be set at a minimum for the /.well-known/host-meta redirect to allow browser-based non-proxied instance discovery.

* Add consistent interpolations check to CircleCI

* Fix locale strings using wrong variables

* Update i18n-tasks to feature-missing-plural-keys

* Fix pluralizations with missing keys in Arabic

Fix #8554

* Add i18n-tasks missing-plural-keys to CircleCI

Fix #2350

Fix #8918

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.9.0...3.10.0

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/master/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v3.8.0...v3.8.1

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.26 to 0.9.27.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.26...v0.9.27

)

Signed-off-by: dependabot[bot] <support@dependabot.com>

Fix #9057

Bumps [i18n-tasks](https://github.com/glebm/i18n-tasks) from 0.9.25 to 0.9.26.
- [Release notes](https://github.com/glebm/i18n-tasks/releases)
- [Changelog](https://github.com/glebm/i18n-tasks/blob/master/CHANGES.md)
- [Commits](https://github.com/glebm/i18n-tasks/compare/v0.9.25...v0.9.26

)

Signed-off-by: dependabot[bot] <support@dependabot.com>