Merge commit 'bec6a1cad4c509c53deb378c7ba984ba7e2de5a9' into glitch-soc/merge-upstream

Conflicts:
- `app/controllers/auth/confirmations_controller.rb`:
  Upstream merged our captcha code, but there are some
  conflicts due to glitch-soc's theming system.
- `app/views/admin/settings/registrations/show.html.haml`:
  Upstream merged our captcha code, but there are some
  conflicts due to glitch-soc's theming system.

Additional changes:
- `Gemfile`:
  Upstream added hcaptcha dependency in another place in the file.
- `config/settings.yml`:
  Upstream added the `captcha_enabled` setting in another place in the file.

Gemfile

@@ -157,8 +157,9 @@ gem 'concurrent-ruby', require: false
 gem 'connection_pool', require: false
 gem 'xorcist', '~> 1.1'
 
-gem 'hcaptcha', '~> 7.1'
 gem 'cocoon', '~> 1.2'
 
 gem 'net-http', '~> 0.3.2'
 gem 'rubyzip', '~> 2.3'
+
+gem 'hcaptcha', '~> 7.1'

app/javascript/styles/mastodon/forms.scss

@@ -136,6 +136,10 @@ code {
     line-height: 22px;
     color: $secondary-text-color;
     margin-bottom: 30px;
+
+    a {
+      color: $highlight-text-color;
+    }
   }
 
   .rules-list {
@@ -1039,6 +1043,10 @@ code {
   }
 }
 
+.simple_form .h-captcha {
+  text-align: center;
+}
+
 .permissions-list {
   &__item {
     padding: 15px;

app/models/form/admin_settings.rb

@@ -41,6 +41,7 @@ class Form::AdminSettings
     content_cache_retention_period
     backups_retention_period
     status_page_url
+    captcha_enabled
   ).freeze
 
   INTEGER_KEYS = %i(

app/views/admin/settings/registrations/show.html.haml

@@ -19,7 +19,7 @@
 
   - if captcha_available?
     .fields-group
-      = f.input :captcha_enabled, as: :boolean, wrapper: :with_label, label: t('admin.settings.captcha_enabled.title'), hint: t('admin.settings.captcha_enabled.desc_html'), glitch_only: true
+      = f.input :captcha_enabled, as: :boolean, wrapper: :with_label, label: t('admin.settings.captcha_enabled.title'), hint: t('admin.settings.captcha_enabled.desc_html')
 
   .fields-group
     = f.input :closed_registrations_message, as: :text, wrapper: :with_block_label, input_html: { rows: 2 }

config/locales/en.yml

@@ -731,6 +731,9 @@ en:
       branding:
         preamble: Your server's branding differentiates it from other servers in the network. This information may be displayed across a variety of environments, such as Mastodon's web interface, native applications, in link previews on other websites and within messaging apps, and so on. For this reason, it is best to keep this information clear, short and concise.
         title: Branding
+      captcha_enabled:
+        desc_html: This relies on external scripts from hCaptcha, which may be a security and privacy concern. In addition, <strong>this can make the registration process significantly less accessible to some (especially disabled) people</strong>. For these reasons, please consider alternative measures such as approval-based or invite-based registration.
+        title: Require new users to solve a CAPTCHA to confirm their account
       content_retention:
         preamble: Control how user-generated content is stored in Mastodon.
         title: Content retention
@@ -979,6 +982,9 @@ en:
     your_token: Your access token
   auth:
     apply_for_account: Request an account
+    captcha_confirmation:
+      hint_html: Just one more step! To confirm your account, this server requires you to solve a CAPTCHA. You can <a href="/about/more">contact the server administrator</a> if you have questions or need assistance with confirming your account.
+      title: User verification
     change_password: Password
     confirmations:
       wrong_email_hint: If that e-mail address is not correct, you can change it in account settings.

config/settings.yml

@@ -43,8 +43,8 @@ defaults: &defaults
   show_domain_blocks_rationale: 'disabled'
   outgoing_spoilers: ''
   require_invite_text: false
-  captcha_enabled: false
   backups_retention_period: 7
+  captcha_enabled: false
 
 development:
   <<: *defaults