Over time coquelicot was leaking FDs of (deleted) .lock files. I
tracked this down to that file_exists? on depot never closes the
lockfile it opened. So anytime when someone hit a 404 (e.g. due
to requesting /robots.txt) we leaked a file descriptor.

This was caused by how the code returned from within a block, as
it would directly jump out of the block and never unlink the lockfile.

Refactoring the different code interactions with the lockfile, while
wrapping it with a lockfile block, make it properly clean up the lockfile.

`--sort-by-file` is now set by default in gettext:update:po task,
so this will prevent extra diffs with the next update.

The `userpass` authentication mechanism prompts for a user and password
to perform an upload. The credentials are stored as pairs of login/password in
the local configuration. Password are stored in an encrypted form using
bcrypt().

`userpass` configured with a single account can be used instead of `simplepass`
to allow users to make their browser retain the upload credentials.

Based on a patch from Rowan Thorpe.

I got tricked by the browser retaining the previously selected option
on page reload. So let's add tests, like it should have been done in
the first place.

This should allow jQuery to be upgraded to 1.9+.

Usage as shown that Coquelicot was often used to exchange huge files that
might take quite some time to be uploaded. Sometimes even more than an hour.
In that case, the file would be immediately expired. Not the best user
experience.

So let's bump the default to one day. This should be less surprising to users.
Admins can still get back to the previous default of one hour using the
configuration file.

sass creates its cache directory in sometimes unpredictable locations. In order
to make it configurale, we now define a cache directory in Coquelicot. We then
tell sass to use a subdirectory there put cache its files.

Based on a patch by Rowan Thorpe.

coquelicot_spec without knowledge of the best practices. So let's ditch it
and reimplement the integration tests using Cucumber. The less purposed
tests were mostly for the authentication methods, so they are now covered
using new specs.

Now that we are using Capybara everywhere, we can remove hpricot from
the dependencies.

A new task 'test' will run both RSpec and Cucumber.