- Focus first item when activated via keyboard
- When the dropdown menu closes, give back the focus to
  the actual element which was focused prior to opening the menu

* Fix account tags not being saved correctly

Regression from f371b32

Fix Tag#discoverable not returning tags where listable is nil instead of true

Add notice when saving hashtags in admin UI

Change public hashtag and directory pages to return 404 for forbidden tags

* Remove unused locale string

Regression from f371b32

Fix hashtag links always being lowercase

Regression from f371b32

Fix redis-namespace deprecation warning about administrative commands

* Bump faker from 1.9.6 to 2.1.0

Bumps [faker](https://github.com/stympy/faker) from 1.9.6 to 2.1.0.
- [Release notes](https://github.com/stympy/faker/releases)
- [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stympy/faker/compare/1.9.6...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Use faker api v2

https://github.com/stympy/faker/releases/tag/2.0

This reverts commit b31b232edf.

Fixes #11496

* Trap tab in privacy dropdown

* Give focus back to last focused element when privacy dropdown menu closes

* Actually give back focus to the element that had it before clicking the dropdown

* Allow selecting menu items with the space bar in status dropdown menus

* Fix modals opened by keyboard navigation being immediately closed

* Fix menu items triggering modal actions

* Add Tab trapping inside dropdown menu

* Give focus back to last focused element when status dropdown menu closes

Fix #271

Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.

When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.

The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.

The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`

Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.73.0 to 0.74.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.73.0...v0.74.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [webmock](https://github.com/bblimke/webmock) from 3.6.0 to 3.6.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.6.0...v3.6.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [dotenv-rails](https://github.com/bkeepers/dotenv) from 2.7.4 to 2.7.5.
- [Release notes](https://github.com/bkeepers/dotenv/releases)
- [Changelog](https://github.com/bkeepers/dotenv/blob/master/Changelog.md)
- [Commits](https://github.com/bkeepers/dotenv/compare/v2.7.4...v2.7.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [@babel/plugin-transform-react-jsx-source](https://github.com/babel/babel) from 7.2.0 to 7.5.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.27.0 to 3.28.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.27.0...3.28.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [webpack-cli](https://github.com/webpack/webpack-cli) from 3.3.5 to 3.3.6.
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/v3.3.6/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.5...v3.3.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.14.2 to 7.14.3.
- [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases)
- [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.14.2...v7.14.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

It resolves #11338

* Add "--exclude-suspended" to tootctl domains crawl

This new option ignores any instances suspended server-wide as
well as their associated subdomains. This queries all domain
blocks up front, then runs a regexp on each domain. This improves
performance over what may be the obvious implementation, which is
to ask `DomainBlocks.blocked?(domain)` for each domain -- this
hits the DB many times, slowing things down considerably.

* cleaning up code style

* Compiling regex

* Removing ternary operator

* Change icon buttons styles to make hover/focused states more obvious

* Fix CW button size inconsistency

* Fix icon button background color consistency

Fix #11453

Regression from aa22b38

* Fix jumping of toot date when clicking spoiler button

* Fix lint

Regression from ff789a751a

* Change hashtag search to only return results that have trended in the past

A way to eliminate typos and other one-off "junk" results

* Fix excluding exact matches that don't have a score

* Fix tests

* Fix boosting & unboosting preventing a boost from appearing in the TL

* Add tests

* Avoids side effects when aggregate_reblogs isn't true

* Add hashtag score for better sorting of autosuggestions

* Do not use `~<~` operator with no text_pattern_ops index

* [WiP] Show host for “misleading” links

* Disallow misleading targets which domain names are prefixes of link text

* Move decodeIDNA to app/javascript/mastodon/utils

* Add support for international domain names

* Change link origin tag color to darker text color

* Handle links to domains starting with www. as shortened by Mastodon

* [WiP] Ignore links that cannot be misread as URLs, rewrite other links

Bumps [yargs](https://github.com/yargs/yargs) from 12.0.5 to 13.3.0.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/compare/v12.0.5...v13.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Fix #11428

Bumps [oj](https://github.com/ohler55/oj) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.8.0...v3.8.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [capybara](https://github.com/teamcapybara/capybara) from 3.26.0 to 3.27.0.
- [Release notes](https://github.com/teamcapybara/capybara/releases)
- [Changelog](https://github.com/teamcapybara/capybara/blob/master/History.md)
- [Commits](https://github.com/teamcapybara/capybara/compare/3.26.0...3.27.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [httplog](https://github.com/trusche/httplog) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/trusche/httplog/releases)
- [Changelog](https://github.com/trusche/httplog/blob/master/CHANGELOG.md)
- [Commits](https://github.com/trusche/httplog/compare/v1.3.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 4.5.1 to 4.6.1.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/master/CHANGES.md)
- [Commits](https://github.com/presidentbeef/brakeman/compare/v4.5.1...v4.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [sass](https://github.com/sass/dart-sass) from 1.20.3 to 1.22.7.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.20.3...1.22.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.45.0 to 1.46.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.45.0...v1.46.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 9.6.0 to 9.6.1.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/9.6.0...9.6.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Regression from cfb2ed7823

Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.4.5 to 7.5.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/compare/v7.4.5...v7.5.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>