upgrade: rails 4.2.11.1

See merge request !62

couch: add identity view to get all keys

See merge request !61

Since the old keys used to be strings i started out by
json serializing the new keys with type, value, rev.

However storing serialized json in couch (json) does
not really make sense. So now we do not serialize but
instead have one json document. The lookup for a key of
type pgp may still return a string but for everything
that uses the new api it will return a hash with type
and revision.

This data structure is way easier to handle also on the
nickserver side.

Upgrade/srp js

See merge request !60

doc: list deprecations and compatibility issues for 0.10

See merge request !59

subrepo:
  subdir:   "app/assets/javascripts/srp"
  merged:   "2088cbe"
upstream:
  origin:   "https://leap.se/git/srp_js"
  branch:   "master"
  commit:   "2088cbe"
git-subrepo:
  version:  "0.3.1"
  origin:   "https://github.com/ingydotnet/git-subrepo"
  commit:   "a7ee886"

This needs to be included in the platforms views.

initial feature description for key uploads

See merge request !58

This is an initial draft of the keys api for uploading other
keys than the OpenPGP public key.

refers #8815

ci: also test with ruby 2.4

Closes #8812

See merge request !56

Upgrade/gemfile

See merge request !55

* on invalid key upload respond with error and 422 response code
* fix alternate email address dialogue
* publish public key in webfinger
* update translations from transifex
* hand out config.json without auth
* sanity checks on user params
* cleanup temp invites from server tests so they do not clutter admin ui

Fix/8798 key errors

Closes #8798

See merge request !54

We used to just ignore the key.
Also separated the code for handling key updates from other
user updates. This should eventually be moved to a different
route. Mixing the two makes the implementation really hard.

also ensures that created user is cleaned up even if test fails

fix: alternate email dialogue

Closes #8796

See merge request !53

fixes #8796

Cleaned up UserController#update earlier but missed that it was
used to change fallback email addresses. Now it is back. This
time including an integration test.

fix #8010 - publish public key in webfinger

Closes #8010

See merge request !52

we were simply referring to the wrong key.
includes test

i18n: update translations from transifex

Closes #8797

See merge request !51

feat: allow unauthenticated access to list of configs

Closes #8800

See merge request !45

fix: sanity checks on user params

Closes #8801

See merge request !50

fixes #8801

Includes a test reproducing 500 on lynx

We now make use of ActionController::Parameters require and permit
methods.

Bugfix/8807 cleanup tmp invites

Closes #8807

See merge request !49

This simplifies returning the user while still working
on it a lot. Much cleaner than all these return user statements.

There's a lot more to refactor here. For example delegating methods
to user etc. ... but for now this should suffice. Don't want to
break this in a bugfix release.

fixes #8807

Bugfix release for 0.9:

* pin to the newest psych gem
* remove better_errors gem
* fix login error message with non en locales

Features:

* destroy invites used to create test accounts
* sort invite codes by last update

feat: sort invite codes by last update

Closes #8806

See merge request !48