Fix dropdowns being disabled for logged out users in web UI (#25714)
Fix explore page being inaccessible when opted-out of trends in web UI (#25716)
Add forwarding of reported replies to servers being replied to (#25341)
Convert `<DismissableBanner>` to Typescript (#25582)
Rewrite `<ShortNumber />` as FC and TS (#25492)
simplify counters (#25541)
Regenerate brakeman ignore, pruning warnings (#25749)
Fix translate button position (#25807)
Bump version to v4.1.4 (#25805)
Tag images with the latest tag only when running against the latest stable branch (#25803)
Fix crash in admin interface when viewing a remote user with verified links (#25796)
Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794)
Fix typo in CHANGELOG.md (#25764)
Update dependency sanitize to v6.0.2 [SECURITY] (#25777)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Fix processing of media files with unusual names (#25788)
Bump version to v4.1.3 (#25757)
Merge pull request from GHSA-55j9-c3mp-6fcq
Merge pull request from GHSA-9pxv-6qvf-pjwc
* Fix timeout handling of outbound HTTP requests
* Use CLOCK_MONOTONIC instead of Time.now
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged