* Ensure destruction of OAuth Applications notifies streaming
Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.
* Ensure password resets revoke access to Streaming API
* Improve performance of deleting OAuth tokens
---------
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
application website validation, don't link to app website if website isn't set,
also comment out animated boost icon from #464 until it's consistent with non-animated version
Emelia Smith