2492 lines
274 KiB
Raw Permalink Normal View History

All notable changes to this project will be documented in this file.
2022-11-14 21:21:14 +00:00
## [4.0.1] - 2022-11-14
### Fixed
- Fix nodes order being sometimes mangled when rewriting emoji ([ClearlyClaire](
2022-11-14 19:27:12 +00:00
## [4.0.0] - 2022-11-14
2022-10-27 22:26:02 +00:00
Some of the features in this release have been funded through the [NGI0 Discovery]( Fund, a fund established by [NLnet]( with financial support from the European Commission's [Next Generation Internet]( programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825322.
### Added
- Add ability to filter followed accounts' posts by language ([Gargron](, [ClearlyClaire](
- **Add ability to follow hashtags** ([Gargron](, [Gargron](, [Gargron](, [noellabo](
- Add ability to filter individual posts ([ClearlyClaire](
- **Add ability to translate posts** ([Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](, [Gargron](, [ykzts](, [Gargron](
2022-11-11 07:39:38 +00:00
- Add featured tags to web UI ([noellabo](, [noellabo](, [noellabo](, [noellabo](, [Gargron](, [ykzts](, [noellabo](, [noellabo](, [Gargron](, [Gargron](, [ClearlyClaire](
2022-10-27 22:26:02 +00:00
- **Add support for language preferences for trending statuses and links** ([Gargron](, [Gargron](, [ykzts](
- Previously, you could only see trends in your current language
- For less popular languages, that meant empty trends
- Now, trends in your preferred languages' are shown on top, with others beneath
- Add server rules to sign-up flow ([Gargron](
- Add privacy icons to report modal in web UI ([ClearlyClaire](
- Add `noopener` to links to remote profiles in web UI ([shleeable](
2022-11-11 07:39:38 +00:00
- Add option to open original page in dropdowns of remote content in web UI ([Gargron](
2022-10-27 22:26:02 +00:00
- Add warning for sensitive audio posts in web UI ([rgroothuijsen](
- Add language attribute to posts in web UI ([tribela](
- Add support for uploading WebP files ([Saiv46](
- Add support for uploading `audio/vnd.wave` files ([tribela](
2022-11-05 22:24:07 +00:00
- Add support for uploading AVIF files ([txt-file](
- Add support for uploading HEIC files ([Gargron](
2022-10-27 22:26:02 +00:00
- Add more debug information when processing remote accounts ([ClearlyClaire](, [ClearlyClaire](
- **Add retention policy for cached content and media** ([Gargron](, [zunda](, [Gargron](, [Gargron](
- Set for how long remote posts or media should be cached on your server
- Hands-off alternative to `tootctl` commands
- **Add customizable user roles** ([Gargron](, [ClearlyClaire](, [Gargron](, [tribela](, [tribela](, [ClearlyClaire](, [ClearlyClaire](, [unextro](, [tribela](, [ClearlyClaire](
- Previously, there were 3 hard-coded roles, user, moderator, and admin
- Create your own roles and decide which permissions they should have
- Add notifications for new reports ([Gargron](, [Gargron](
- Add ability to select all accounts matching search for batch actions in admin UI ([Gargron](, [Gargron](
- Add ability to view previous edits of a status in admin UI ([Gargron](
- Add ability to block sign-ups from IP ([Gargron](
- **Add webhooks to admin UI** ([Gargron](
- Add admin API for managing domain allows ([ClearlyClaire](
- Add admin API for managing domain blocks ([ClearlyClaire](
- Add admin API for managing e-mail domain blocks ([Gargron](
- Add admin API for managing canonical e-mail blocks ([Gargron](
2022-11-11 07:39:38 +00:00
- Add admin API for managing IP blocks ([Gargron](, [trwnh](
- Add `sensitized` attribute to accounts in admin REST API ([trwnh](
2022-10-27 22:26:02 +00:00
- Add `services` and `metadata` to the NodeInfo endpoint ([MFTabriz](
- Add `--remove-role` option to `tootctl accounts modify` ([Gargron](
- Add `--days` option to `tootctl media refresh` ([tribela](
- Add `EMAIL_DOMAIN_LISTS_APPLY_AFTER_CONFIRMATION` environment variable ([ClearlyClaire](
- Add `IP_RETENTION_PERIOD` and `SESSION_RETENTION_PERIOD` environment variables ([kescherCode](
- Add `http_hidden_proxy` environment variable ([tribela](
2022-11-11 07:39:38 +00:00
- Add `ENABLE_STARTTLS` environment variable ([erbridge](
- Add caching for payload serialization during fan-out ([ClearlyClaire](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
2022-11-05 22:24:07 +00:00
- Add assets from Twemoji 14.0 ([Gargron](
- Add reputation and followers score boost to SQL-only account search ([Gargron](
2022-11-11 07:39:38 +00:00
- Add Scots, Balaibalan, Láadan, Lingua Franca Nova, Lojban, Toki Pona to languages list ([VyrCossont](
- Set autocomplete hints for e-mail, password and OTP fields ([rcombs](, [offbyone](, [ClearlyClaire](
2022-11-14 07:50:14 +00:00
- Add support for DigitalOcean Spaces in setup wizard ([v-aisac](
2022-10-27 22:26:02 +00:00
### Changed
- **Change brand color and logotypes** ([Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [mayaeh](
- **Change post editing to be enabled in web UI** ([Gargron](
2022-11-14 07:50:14 +00:00
- **Change web UI to work for logged-out users** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ykzts](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ykzts](, [ykzts](, [ykzts](, [ykzts](, [ykzts](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ykzts](, [ykzts](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [trwnh](, [ykzts](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [cutls](
2022-10-27 22:26:02 +00:00
- The web app can now be accessed without being logged in
- No more `/web` prefix on web app paths
- Profiles, posts, and other public pages now use the same interface for logged in and logged out users
- The web app displays a server information banner
- Pop-up windows for remote interaction have been replaced with a modal window
- No need to type in your username for remote interaction, copy-paste-to-search method explained
- Various hints throughout the app explain what the different timelines are
- New about page design
- New privacy policy page design shows when the policy was last updated
- All sections of the web app now have appropriate window titles
- The layout of the interface has been streamlined between different screen sizes
- Posts now use more horizontal space
- Change label of publish button to be "Publish" again in web UI ([Gargron](
- Change language to be carried over on reply in web UI ([ClearlyClaire](
- Change "Unfollow" to "Cancel follow request" when request still pending in web UI ([prplecake](
2022-11-14 07:50:14 +00:00
- **Change post filtering system** ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [noellabo](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
2022-10-27 22:26:02 +00:00
- Filtered keywords and phrases can now be grouped into named categories
- Filtered posts show which exact filter was hit
- Individual posts can be added to a filter
- You can peek inside filtered posts anyway
- Change path of privacy policy page from `/terms` to `/privacy-policy` ([Gargron](
- Change how hashtags are normalized ([Gargron](, [Gargron](, [ClearlyClaire](
2022-11-05 22:24:07 +00:00
- Change settings area to be separated into categories in admin UI ([Gargron](, [Gargron](
2022-10-27 22:26:02 +00:00
- Change "No accounts selected" errors to use the appropriate noun in admin UI ([prplecake](
- Change e-mail domain blocks to match subdomains of blocked domains ([Gargron](
- Change custom emoji file size limit from 50 KB to 256 KB ([Gargron](
- Change "Allow trends without prior review" setting to also work for trending posts ([Gargron](
2022-11-05 22:24:07 +00:00
- Change admin announcements form to use single inputs for date and time in admin UI ([ClearlyClaire](
2022-10-27 22:26:02 +00:00
- Change search API to be accessible without being logged in ([Gargron](, [Gargron](
- Change following and followers API to be accessible without being logged in ([Gargron](
2022-11-05 22:24:07 +00:00
- Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access ([Gargron](
2022-10-27 22:26:02 +00:00
- Change Helm configuration ([deepy](, [jgsmith](, [deepy](
2022-11-05 22:24:07 +00:00
- Change mentions of blocked users to not be processed ([ClearlyClaire](
- Change max. thumbnail dimensions to 640x360px (360p) ([Gargron](
- Change post-processing to be deferred only for large media types ([Gargron](
2022-11-11 07:39:38 +00:00
- Change link verification to only work for https links without unicode ([Gargron](, [Gargron](
- Change account deletion requests to spread out over time ([ClearlyClaire](
- Change larger reblogs/favourites numbers to be shortened in web UI ([Gargron](
- Change incoming activity processing to happen in `ingress` queue ([Gargron](
- Change notifications to not link show preview cards in web UI ([ClearlyClaire](
- Change amount of replies returned for logged out users in REST API ([ClearlyClaire](
2022-11-14 07:50:14 +00:00
- Change in-app links to keep you in-app in web UI ([trwnh](, [Gargron](
- Change table header to be sticky in admin UI ([sk22](
2022-10-27 22:26:02 +00:00
### Removed
- Remove setting that disables account deletes ([Gargron](
- Remove digest e-mails ([Gargron](
- Remove unnecessary sections from welcome e-mail ([Gargron](
- Remove item titles from RSS feeds ([Gargron](
- Remove volume number from hashtags in web UI ([Gargron](
- Remove Nanobox configuration ([tonyjiang](
### Fixed
2022-11-14 07:50:14 +00:00
- Fix rules with same priority being sorted non-deterministically ([Gargron](
- Fix error when invalid domain name is submitted ([Gargron](
- Fix icons having an image role ([Gargron](
2022-11-11 07:39:38 +00:00
- Fix connections to IPv6-only servers ([ClearlyClaire](
- Fix unnecessary service worker registration and preloading when logged out in web UI ([ClearlyClaire](
- Fix unnecessary and slow regex construction ([raggi](
- Fix `mailers` queue not being used for mailers ([Gargron](
- Fix error in webfinger redirect handling ([ClearlyClaire](
- Fix report category not being set to `violation` if rule IDs are provided ([trwnh](
- Fix nodeinfo metadata attribute being an array instead of an object ([ClearlyClaire](
- Fix account endorsements not being idempotent ([trwnh](
- Fix status and rule IDs not being strings in admin reports REST API ([trwnh](
- Fix error on invalid `replies_policy` in REST API ([trwnh](
- Fix redrafting a currently-editing post not leaving edit mode in web UI ([ClearlyClaire](
- Fix performance by avoiding method cache busts ([raggi](
- Fix opening the language picker scrolling the single-column view to the top in web UI ([ClearlyClaire](
- Fix content warning button missing `aria-expanded` attribute in web UI ([ClearlyClaire](
- Fix redundant `aria-pressed` attributes in web UI ([Brawaru](
- Fix crash when external auth provider has no display name set ([ClearlyClaire](
- Fix followers count not being updated when migrating follows ([ClearlyClaire](
- Fix double button to clear emoji search input in web UI ([sunny](
- Fix missing null check on applications on strike disputes ([kescherCode](
2022-11-05 22:24:07 +00:00
- Fix featured tags not saving preferred casing ([Gargron](
- Fix language not being saved when editing status ([Gargron](
- Fix not being able to input featured tag with hash symbol ([Gargron](
- Fix user clean-up scheduler crash when an unconfirmed account has a moderation note ([ClearlyClaire](
- Fix being unable to withdraw follow request when confirmation modal is disabled in web UI ([ClearlyClaire](
- Fix inaccurate admin log entry for re-sending confirmation e-mails ([ClearlyClaire](
- Fix edits not being immediately reflected ([ClearlyClaire](
- Fix bookmark import stopping at the first failure ([ClearlyClaire](
- Fix account action type validation ([Gargron](
- Fix upload progress not communicating processing phase in web UI ([Gargron](
- Fix wrong host being used for custom.css when asset host configured ([Gargron](
2022-11-11 07:39:38 +00:00
- Fix account migration form ever using outdated account data ([Gargron](, [nightpool](
2022-11-05 22:24:07 +00:00
- Fix error when uploading malformed CSV import ([Gargron](
- Fix avatars not using image tags in web UI ([Gargron](
- Fix handling of duplicate and out-of-order notifications in web UI ([ClearlyClaire](
- Fix reblogs being discarded after the reblogged status ([ClearlyClaire](
- Fix indexing scheduler trying to index when Elasticsearch is disabled ([Gargron](
- Fix n+1 queries when rendering initial state JSON ([Gargron](
- Fix n+1 query during status removal ([Gargron](
2022-10-27 22:26:02 +00:00
- Fix OCR not working due to Content Security Policy in web UI ([prplecake](
- Fix `nofollow` rel being removed in web UI ([Gargron](
- Fix language dropdown causing zoom on mobile devices in web UI ([Gargron](
- Fix button to dismiss suggestions not showing up in search results in web UI ([ClearlyClaire](
- Fix language dropdown sometimes not appearing in web UI ([Gargron](
- Fix quickly switching notification filters resulting in empty or incorrect list in web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix media modal link button in web UI ([ClearlyClaire](
- Fix error upon successful account migration ([Gargron](
- Fix negatives values in search index causing queries to fail ([Gargron](, [Gargron](
- Fix error when searching for invalid URL ([ClearlyClaire](
- Fix IP blocks not having a unique index ([Gargron](
- Fix remote account in contact account setting not being used ([Gargron](
- Fix swallowing mentions of unconfirmed/unapproved users ([ClearlyClaire](
- Fix incorrect and slow cache invalidation when blocking domain and removing media attachments ([ClearlyClaire](
- Fix HTTPs redirect behaviour when running as I2P service ([gi-yt](
- Fix deleted pinned posts potentially counting towards the pinned posts limit ([ClearlyClaire](
- Fix compatibility with OpenSSL 3.0 ([ClearlyClaire](
- Fix error when a remote report includes a private post the server has no access to ([ClearlyClaire](
- Fix suspicious sign-in mails never being sent ([ClearlyClaire](
- Fix fallback locale when somehow user's locale is an empty string ([tribela](
- Fix avatar/header not being deleted locally when deleted on remote account ([tribela](
- Fix missing `,` in Blurhash validation ([noellabo](
- Fix order by most recent not working for relationships page in admin UI ([tribela](
- Fix uncaught error when invalid date is supplied to API ([Gargron](
- Fix REST API sometimes returning HTML on error ([ClearlyClaire](
- Fix ambiguous column names in `tootctl media refresh` ([tribela](
- Fix ambiguous column names in `tootctl search deploy` ([mashirozx](
- Fix `CDN_HOST` not being used in some asset URLs ([tribela](
- Fix `CAS_DISPLAY_NAME`, `SAML_DISPLAY_NAME` and `OIDC_DISPLAY_NAME` being ignored ([ClearlyClaire](
- Fix various typos in comments throughout the codebase ([luzpaz](
2022-11-14 07:50:14 +00:00
- Fix CSV import error when rows include unicode characters ([HamptonMakes](
2022-10-27 22:26:02 +00:00
2022-11-11 07:39:38 +00:00
### Security
- Fix being able to spoof link verification ([Gargron](
2022-11-14 19:27:12 +00:00
- Fix emoji substitution not applying only to text nodes in backend code ([ClearlyClaire](
- Fix emoji substitution not applying only to text nodes in web UI ([ClearlyClaire](
- Fix rate limiting for paths with formats ([Gargron](
- Fix out-of-bound reads in blurhash transcoder ([delroth](
2022-11-11 07:39:38 +00:00
2022-05-26 21:26:15 +00:00
## [3.5.3] - 2022-05-26
### Added
- **Add language dropdown to compose form in web UI** ([Gargron](, [ykzts](
- **Add warning for limited accounts in web UI** ([Gargron](
- Add `limited` attribute to accounts in REST API ([Gargron](
### Changed
- **Change RSS feeds** ([Gargron](, [tribela](
- Titles are now date and time of post
- Bodies now render all content faithfully, including polls and emojis
- All media attachments are included with Media RSS
- Change "dangerous" to "sensitive" in privacy policy and web UI ([Gargron](
- Change unconfirmed accounts to not be visible in REST API ([ClearlyClaire](
- Change `tootctl search deploy` to improve performance ([Gargron](, [Gargron](
- Change search indexing to use batches to minimize resource usage ([Gargron](
### Fixed
- Fix follower and other counters being able to go negative ([Gargron](
- Fix unnecessary query on when creating a status ([ClearlyClaire](
- Fix warning an account outside of a report closing all reports for that account ([ClearlyClaire](
- Fix error when resolving a link that redirects to a local post ([ClearlyClaire](
- Fix preferred posting language returning unusable value in REST API ([Gargron](
- Fix race condition error when external status is reblogged ([ykzts](
- Fix missing string for appeal validation error ([Gargron](
- Fix block/mute lists showing a follow button in web UI ([ClearlyClaire](
- Fix Redis configuration not being changed by `mastodon:setup` ([ClearlyClaire](
- Fix streaming notifications not using quick filter logic in web UI ([ClearlyClaire](
- Fix ambiguous wording on appeal actions in admin UI ([ClearlyClaire](
- Fix floating action button obscuring last element in web UI ([ClearlyClaire](
- Fix account warnings not being recorded in audit log ([ClearlyClaire](
- Fix leftover icons for direct visibility statuses ([Steffo99](
- Fix link verification requiring case sensitivity on links ([sgolemon](
- Fix embeds not setting their height correctly ([rinsuki](
### Security
- Fix concurrent unfollowing decrementing follower count more than once ([Gargron](
- Fix being able to appeal a strike unlimited times ([Gargron](
- Fix being able to report otherwise inaccessible statuses ([Gargron](
- Fix empty votes arbitrarily increasing voters count in polls ([Gargron](
- Fix moderator identity leak when approving appeal of sensitive marked statuses ([Gargron](
- Fix suspended users being able to access APIs that don't require a user ([Gargron](
- Fix confirmation redirect to app without `Location` header ([Gargron](
## [3.5.2] - 2022-05-04
### Added
- Add warning on direct messages screen in web UI ([Gargron](
- We already had a warning when composing a direct message, it has now been reworded to be more clear
- Same warning is now displayed when viewing sent and received direct messages
- Add ability to set approval-based registration through tootctl ([ClearlyClaire](
- Add pre-filling of domain from search filter in domain allow/block admin UI ([ClearlyClaire](
## Changed
- Change name of “Direct” visibility to “Mentioned people only” in web UI ([Gargron](, [Gargron](, [ClearlyClaire](
- Change trending posts to only show one post from each account ([Gargron](
- Change half-life of trending posts from 6 hours to 2 hours ([Gargron](
- Change full-text search feature to also include polls you have voted in ([tribela](
- Change Redis from using one connection per process, to using a connection pool ([Gargron](, [ClearlyClaire](, [Gargron](
- Different threads no longer have to wait on a mutex over a single connection
- However, this does increase the number of Redis connections by a fair amount
- We are planning to optimize Redis use so that the pool can be made smaller in the future
## Removed
- Remove IP matching from e-mail domain blocks ([Gargron](
- The IPs of the blocked e-mail domain or its MX records are no longer checked
- Previously it was too easy to block e-mail providers by mistake
2022-10-27 22:26:02 +00:00
## Fixed
- Fix compatibility with Friendica's pinned posts ([ClearlyClaire](, [ClearlyClaire](
- Fix error when looking up handle with surrounding spaces in REST API ([ClearlyClaire](
- Fix double render error when authorizing interaction ([Gargron](
- Fix error when a post references an invalid media attachment ([ClearlyClaire](
- Fix error when trying to revoke OAuth token without supplying a token ([Gargron](
- Fix error caused by missing subject in Webfinger response ([Gargron](
- Fix error on attempting to delete an account moderation note ([ClearlyClaire](
- Fix light-mode emoji borders in web UI ([Gaelan](
- Fix being able to scroll away from the loading bar in web UI ([Gargron](
- Fix error when a bookmark or favorite has been reported and deleted ([ClearlyClaire](
- Fix being offered empty “Server rules violation” report option in web UI ([ClearlyClaire](
- Fix temporary network errors preventing from authorizing interactions with remote accounts ([ClearlyClaire](
- Fix incorrect link in "new trending tags" email ([cdzombak](
- Fix missing indexes on some foreign keys ([ClearlyClaire](
- Fix n+1 query on feed merge and populate operations ([Gargron](
- Fix feed unmerge worker being exceptionally slow in some conditions ([ClearlyClaire](
- Fix PeerTube videos appearing with an erroneous “Edited at” marker ([ClearlyClaire](
- Fix instance actor being created incorrectly when running through migrations ([ClearlyClaire](
- Fix web push notifications containing HTML entities ([ClearlyClaire](
- Fix inconsistent parsing of `TRUSTED_PROXY_IP` ([ykzts](
- Fix error when fetching pinned posts ([tribela](
- Fix wrong optimization in feed populate operation ([dogelover911](
- Fix error in alias settings page ([ClearlyClaire](
2022-04-08 19:57:24 +00:00
## [3.5.1] - 2022-04-08
### Added
- Add pagination for trending statuses in web UI ([Gargron](
### Changed
- Change e-mail notifications to only be sent when recipient is offline ([Gargron](
- Send e-mails for mentions and follows by default again
- But only when recipient does not have push notifications through an app
- Change `website` attribute to be nullable on `Application` entity in REST API ([rinsuki](
### Removed
- Remove sign-in token authentication, instead send e-mail about new sign-in ([Gargron](
- You no longer need to enter a security code sent through e-mail
- Instead you get an e-mail about a new sign-in from an unfamiliar IP address
### Fixed
2022-11-08 16:31:52 +00:00
- Fix error responses for `from` search prefix ([single-right-quote](
2022-04-08 19:57:24 +00:00
- Fix dangling language-specific trends ([Gargron](
- Fix extremely rare race condition when deleting a status or account ([ClearlyClaire](
- Fix trends returning less results per page when filtered in REST API ([Gargron](
- Fix pagination header on empty trends responses in REST API ([Gargron](
- Fix cookies secure flag being set when served over Tor ([Gargron](
- Fix migration error handling ([ClearlyClaire](
- Fix error when re-running some migrations if they get interrupted at the wrong moment ([ClearlyClaire](
- Fix potentially missing statuses when reconnecting to streaming API in web UI ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
- Fix error when sending warning emails with custom text ([ClearlyClaire](
- Fix unset `SMTP_RETURN_PATH` environment variable causing e-mail not to send ([Gargron](
- Fix possible duplicate statuses in timelines in some edge cases in web UI ([ClearlyClaire](
- Fix spurious edits and require incoming edits to be explicitly marked as such ([ClearlyClaire](
- Fix error when encountering invalid pinned statuses ([ClearlyClaire](
- Fix inconsistency in error handling when removing a status ([ClearlyClaire](
- Fix admin API unconditionally requiring CSRF token ([ClearlyClaire](
- Fix trending tags endpoint missing `offset` param in REST API ([Gargron](
- Fix unusual number formatting in some locales ([ClearlyClaire](
- Fix `S3_FORCE_SINGLE_REQUEST` environment variable not working ([HolgerHuo](
- Fix failure to build assets with OpenSSL 3 ([ClearlyClaire](
- Fix PWA manifest using outdated routes ([HolgerHuo](
- Fix error when indexing statuses into Elasticsearch ([ClearlyClaire](
2022-03-30 12:52:37 +00:00
## [3.5.0] - 2022-03-30
### Added
- **Add support for incoming edited posts** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](
- Previous versions remain available for perusal and comparison
- People who reblogged a post are notified when it's edited
- New REST APIs:
- `PUT /api/v1/statuses/:id`
- `GET /api/v1/statuses/:id/history`
- `GET /api/v1/statuses/:id/source`
- New streaming API event:
- `status.update`
- **Add appeals for moderator decisions** ([Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](
- All default moderator decisions now notify the affected user by e-mail
- They now link to an appeal page instead of suggesting replying to the e-mail
- They can now be found in account settings and not just e-mail
- Users can submit one appeal within 20 days of the decision
- Moderators can approve or reject the appeal
- **Add notifications for posts deleted by moderators** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](
- New, redesigned report view in admin UI
- Common report actions now only take one click to complete
- Deleting posts or marking as sensitive from report now notifies user
- Reports can be categorized by reason and specific rules violated
- The reasons are automatically cited in the notifications, except for spam
- Marking posts as sensitive now federates using post editing
- **Add explore page with trending posts and links** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [tribela](, [Gargron](, [Gargron](, [noiob](, [mayaeh](, [mayaeh](, [Gargron](, [mayaeh](
- Hashtag trends algorithm is extended to work for posts and links
- Links are only considered if they have an adequate preview card
- Preview card generation has been improved to support structured data
- Links can only trend if the publisher (domain) has been approved
- Posts can only trend if the author has been approved
- Individual approval and rejection for posts and links is also available
- Moderators are notified about pending trends at most once every 2 hours
- Posts and link trends are language-specific
- Search page is redesigned into explore page in web UI
- Discovery tab is coming soon in official iOS and Android apps
- New REST APIs:
- `GET /api/v1/trends/links`
- `GET /api/v1/trends/statuses`
- `GET /api/v1/trends/tags` (alias of `GET /api/v1/trends`)
- `GET /api/v1/admin/trends/links`
- `GET /api/v1/admin/trends/statuses`
- `GET /api/v1/admin/trends/tags`
- **Add graphs and retention metrics to admin dashboard** ([Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [mashirozx](, [ClearlyClaire](
- Dashboard shows more numbers with development over time
- Other data such as most used interface languages and sign-up sources
- User retention graph shows how many new users stick around
- New REST APIs:
- `POST /api/v1/admin/measures`
- `POST /api/v1/admin/dimensions`
- `POST /api/v1/admin/retention`
- Add `GET /api/v1/accounts/familiar_followers` to REST API ([Gargron](
- Add `POST /api/v1/accounts/:id/remove_from_followers` to REST API ([noellabo](
- Add `category` and `rule_ids` params to `POST /api/v1/reports` IN REST API ([Gargron](, [Gargron](, [Gargron](
- `category` can be one of: `spam`, `violation`, `other` (default)
- `rule_ids` must reference `rules` returned in `GET /api/v1/instance`
- Add global `lang` param to REST API ([Gargron](, [Gargron](
- Add `types` param to `GET /api/v1/notifications` in REST API ([Gargron](
- **Add notifications for moderators about new sign-ups** ([Gargron](, [ClearlyClaire](
- When a new user confirms e-mail, moderators receive a notification
- New notification type:
- `admin.sign_up`
- Add authentication history ([Gargron](, [ClearlyClaire](, [baby-gnu](
- Add ability to automatically delete old posts ([ClearlyClaire](, [ClearlyClaire](, [tribela](
- Add ability to pin private posts ([ClearlyClaire](, [tribela](, [ClearlyClaire](, [MitarashiDango](
- Add ability to filter search results by author using `from:` syntax ([tribela](
- Add ability to delete canonical email blocks in admin UI ([ClearlyClaire](
- Add ability to purge undeliverable domains in admin UI ([ClearlyClaire](, [tribela](, [tribela](, [tribela](
- Add ability to disable e-mail token authentication for specific users in admin UI ([Gargron](
- **Add ability to suspend accounts in batches in admin UI** ([Gargron](, [ClearlyClaire](, [Gargron](
- New, redesigned accounts list in admin UI
- Batch suspensions are meant to help clean up spam and bot accounts
- They do not generate notifications
- Add ability to filter reports by origin of target account in admin UI ([Gargron](
- Add support for login through OpenID Connect ([chandrn7](
- Add lazy loading for emoji picker in web UI ([mashirozx](, [ClearlyClaire](
- Add single option votes tooltip in polls in web UI ([Brawaru](
- Add confirmation modal when closing media edit modal with unsaved changes in web UI ([ClearlyClaire](
2022-03-26 01:54:11 +00:00
- Add hint about missing media attachment description in web UI ([Gargron](
- Add support for fetching Create and Announce activities by URI in ActivityPub ([ClearlyClaire](
- Add `S3_FORCE_SINGLE_REQUEST` environment variable ([ClearlyClaire](
- Add `OMNIAUTH_ONLY` environment variable ([ClearlyClaire](, [ClearlyClaire](
- Add `ES_USER` and `ES_PASS` environment variables for Elasticsearch authentication ([tribela](
- Add `CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED` environment variable ([baby-gnu](
- Add ability to pass specific domains to `tootctl accounts cull` ([tribela](
- Add `--by-uri` option to `tootctl domains purge` ([ClearlyClaire](
- Add `--batch-size` option to `tootctl search deploy` ([aquarla](
- Add `--remove-orphans` option to `tootctl statuses remove` ([noellabo](
### Changed
- Change design of federation pages in admin UI ([Gargron](, [noellabo](, [Gargron](
- Change design of account cards in web UI ([Gargron](
- Change `follow` scope to be covered by `read` and `write` scopes in REST API ([Gargron](
- Change design of authorized applications page ([Gargron](, [ClearlyClaire](
- Change e-mail domain blocks to block IPs dynamically ([Gargron](, [ClearlyClaire](, [ClearlyClaire](
- Change report modal to include category selection in web UI ([Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](
- Change reblogs to not count towards hashtag trends anymore ([Gargron](
- Change languages to be listed under standard instead of native name in admin UI ([Gargron](
- Change routing paths to use usernames in web UI ([Gargron](, [ClearlyClaire](, [ClearlyClaire](, [mashirozx](, [ClearlyClaire](
- Change list title input design in web UI ([ClearlyClaire](
- Change "Opt-in to profile directory" preference to be general discoverability preference ([ClearlyClaire](
- Change API rate limits to use /64 masking on IPv6 addresses ([tribela](, [ClearlyClaire](, [zunda](
- Change allowed formats for locally uploaded custom emojis to include GIF ([rgroothuijsen](, [Gargron](
- Change error message when chosen password is too long ([rgroothuijsen](
- Change minimum required Elasticsearch version from 6 to 7 ([noellabo](
### Removed
- Remove profile directory link from main navigation panel in web UI ([Gargron](
- **Remove language detection through cld3** ([Gargron](, [ykzts](, [Gargron](, [Gargron](
- cld3 is very inaccurate on short-form content even with unique alphabets
2022-11-08 16:31:52 +00:00
- Post language can be overridden individually using `language` param
- Otherwise, it defaults to the user's interface language
- Remove support for `OAUTH_REDIRECT_AT_SIGN_IN` ([ClearlyClaire](
- Use `OMNIAUTH_ONLY` instead
- Remove Keybase integration ([Gargron](
- Remove old columns and indexes ([ClearlyClaire](, [Gargron](, [ClearlyClaire](
- Remove shortcodes from newly-created media attachments ([ClearlyClaire](, [ClearlyClaire](
### Deprecated
- `GET /api/v1/trends``GET /api/v1/trends/tags`
- OAuth `follow` scope → `read` and/or `write`
- `text` attribute on `DELETE /api/v1/statuses/:id``GET /api/v1/statuses/:id/source`
### Fixed
2022-03-26 01:54:11 +00:00
- Fix IDN domains not being rendered correctly in a few left-over places ([Gargron](
- Fix Sanskrit translation not being used in web UI ([ClearlyClaire](
- Fix Kurdish languages having the wrong language codes ([ClearlyClaire](
- Fix pghero making database schema suggestions ([ClearlyClaire](
- Fix encoding glitch in the OpenGraph description of a profile page ([ClearlyClaire](
- Fix web manifest not permitting PWA usage from alternate domains ([HolgerHuo](
- Fix not being able to edit media attachments for scheduled posts ([ClearlyClaire](
- Fix subscribed relay activities being recorded as boosts ([ClearlyClaire](
- Fix streaming API server error messages when JSON parsing fails not specifying the source ([ClearlyClaire](
- Fix browsers autofilling new password field with old password ([mashirozx](
- Fix text being invisible before fonts load in web UI ([tribela](
- Fix public profile pages of unconfirmed users being accessible ([ClearlyClaire](, [ClearlyClaire](
- Fix nil error when trying to fetch key for signature verification ([Gargron](
- Fix null values being included in some indexes ([Gargron](
- Fix `POST /api/v1/emails/confirmations` not being available after sign-up ([Gargron](
- Fix rare race condition when reblogged post is deleted ([ClearlyClaire](, [ClearlyClaire](
- Fix being able to add more than 4 hashtags to hashtag column in web UI ([Gargron](
- Fix data integrity of featured tags ([Gargron](
- Fix performance of account timelines ([Gargron](
- Fix returning empty `<p>` tag for blank account `note` in REST API ([Gargron](
- Fix leak of existence of otherwise inaccessible posts in REST API ([Gargron](
- Fix not showing loading indicator when searching in web UI ([Gargron](
- Fix media modal footer's “external link” not being a link ([ClearlyClaire](
- Fix reply button on media modal not giving focus to compose form ([ClearlyClaire](
- Fix some media attachments being converted with too high framerates ([ClearlyClaire](
- Fix sign in token and warning emails failing to send when contact e-mail address is malformed ([helloworldstack](
- Fix opening the emoji picker scrolling the single-column view to the top ([ClearlyClaire](
- Fix edge case where settings/admin page sidebar would be incorrectly hidden ([ClearlyClaire](
- Fix performance of server-side filtering ([ClearlyClaire](
- Fix privacy policy link not being visible on small screens ([Gargron](
- Fix duplicate accounts when searching by IP range in admin UI ([Gargron](, [tribela](
- Fix error when performing a batch action on posts in admin UI ([ClearlyClaire](
- Fix deletes not being signed in authorized fetch mode ([Gargron](
- Fix Undo Announce sometimes inlining the originally Announced status ([ClearlyClaire](
- Fix localization of cold-start follow recommendations ([Gargron](, [Gargron](
- Fix replies collection incorrectly looping ([ClearlyClaire](
- Fix errors when multiple Delete are received for a given actor ([ClearlyClaire](
- Fixed prototype pollution bug and only allow trusted origin ([r0hanSH](
- Fix text being incorrectly pre-selected in composer textarea on /share ([ClearlyClaire](
- Fix SMTP_ENABLE_STARTTLS_AUTO/SMTP_TLS/SMTP_SSL environment variables don't work ([kgtkr](
- Fix media upload specific rate limits only being applied to v1 endpoint in REST API ([tribela](
- Fix media descriptions not being used for client-side filtering ([ClearlyClaire](
- Fix cold-start follow recommendation favouring older accounts due to wrong sorting ([noellabo](
- Fix not redirect to the right page after authenticating with WebAuthn ([heguro](
- Fix searching for additional hashtags in hashtag column ([ClearlyClaire](
- Fix color of hashtag column settings inputs ([ClearlyClaire](
- Fix performance of `tootctl statuses remove` ([noellabo](
- Fix `tootctl accounts cull` not excluding domains on timeouts and certificate issues ([ClearlyClaire](
- Fix 404 error when filtering admin action logs by non-existent target account ([ClearlyClaire](
- Fix error when accessing streaming API without any OAuth scopes ([Brawaru](
- Fix follow request count not updating when new follow requests arrive over streaming API in web UI ([matildepark](
- Fix error when unsuspending a local account ([HolgerHuo](
- Fix crash when a notification contains a not yet processed media attachment in web UI ([ClearlyClaire](
- Fix wrong color of download button in audio player in web UI ([ClearlyClaire](
- Fix notes for others accounts not being deleted when an account is deleted ([ClearlyClaire](
- Fix error when logging occurrence of unsupported video file ([noellabo](
- Fix wrong elements in trends widget being hidden on smaller screens in web UI ([tribela](
- Fix link to about page being displayed in limited federation mode ([weex](
- Fix styling of boost button in media modal not reflecting ability to boost ([ClearlyClaire](
- Fix OCR failure when erroneous lang data is in cache ([ClearlyClaire](
- Fix downloading media from blocked domains in `tootctl media refresh` ([tribela](
- Fix login form being displayed on landing page when already logged in ([ClearlyClaire](
- Fix polling for media processing status too frequently in web UI ([tribela](
- Fix hashtag autocomplete overriding user-typed case ([weex](
- Fix WebAuthn authentication setup to not prompt for PIN ([truongnmt](
2022-03-30 12:52:37 +00:00
### Security
- Fix being able to post URLs longer than 4096 characters ([Gargron](
- Fix being able to bypass e-mail restrictions ([Gargron](
## [3.4.6] - 2022-02-03
### Fixed
- Fix `mastodon:webpush:generate_vapid_key` task requiring a functional environment ([ClearlyClaire](
- Fix spurious errors when receiving an Add activity for a private post ([ClearlyClaire](
### Security
- Fix error-prone SQL queries ([ClearlyClaire](
- Fix not compacting incoming signed JSON-LD activities ([puckipedia](, [ClearlyClaire]( (CVE-2022-24307)
- Fix insufficient sanitization of report comments ([ClearlyClaire](
- Fix stop condition of a Common Table Expression ([ClearlyClaire](
- Disable legacy XSS filtering ([Wonderfall](
2022-01-31 20:27:40 +00:00
## [3.4.5] - 2022-01-31
### Added
2022-01-31 20:27:40 +00:00
- Add more advanced migration tests ([ClearlyClaire](
- Add github workflow to build Docker images ([unasuke](, [Gargron](, [Gargron](
### Fixed
2022-01-31 20:27:40 +00:00
- Fix some old migrations failing when skipping releases ([ClearlyClaire](
- Fix migrations script failing in certain edge cases ([ClearlyClaire](
- Fix Docker build ([tribela](
- Fix Ruby 3.0 dependencies ([ClearlyClaire](
- Fix followers synchronization mechanism ([ClearlyClaire](
## [3.4.4] - 2021-11-26
### Fixed
- Fix error when suspending user with an already blocked canonical email ([ClearlyClaire](
- Fix overflow of long profile fields in admin UI ([ClearlyClaire](
- Fix confusing error when WebFinger request returns empty document ([ClearlyClaire](
- Fix upload of remote media with OpenStack Swift sometimes failing ([ClearlyClaire](
- Fix logout link not working in Safari ([noellabo](
- Fix “open” link of media modal not closing modal in web UI ([ClearlyClaire](
- Fix replying from modal in web UI ([ClearlyClaire](
- Fix `mastodon:setup` command crashing in some circumstances ([ClearlyClaire](
### Security
- Fix filtering DMs from non-followed users ([ClearlyClaire](
- Fix handling of recursive toots in WebUI ([ClearlyClaire](
## [3.4.3] - 2021-11-06
### Fixed
- Fix login being broken due to inaccurately applied backport fix in 3.4.2 ([Gargron](
## [3.4.2] - 2021-11-06
### Added
- Add `configuration` attribute to `GET /api/v1/instance` ([Gargron](
### Fixed
- Fix handling of back button with modal windows in web UI ([ClearlyClaire](
- Fix pop-in player when author has long username in web UI ([ClearlyClaire](
- Fix crash when a status with a playing video gets deleted in web UI ([ClearlyClaire](
- Fix crash with Microsoft Translate in web UI ([ClearlyClaire](
- Fix PWA not being usable from alternate domains ([HolgerHuo](
- Fix locale-specific number rounding errors ([ClearlyClaire](
- Fix scheduling a status decreasing status count ([ClearlyClaire](
- Fix user's canonical email address being blocked when user deletes own account ([ClearlyClaire](
- Fix not being able to suspend users that already have their canonical e-mail blocked ([Gargron](
- Fix anonymous access to outbox not being cached by the reverse proxy ([ClearlyClaire](
- Fix followers synchronization mechanism not working when URI has empty path ([ClearlyClaire](
- Fix serialization of counts in REST API when user hides their network ([ClearlyClaire](
- Fix inefficiencies in auto-linking code ([ClearlyClaire](
- Fix `tootctl self-destruct` not sending delete activities for recently-suspended accounts ([ClearlyClaire](
- Fix suspicious sign-in e-mail text being out of date ([ClearlyClaire](
- Fix some frameworks being unnecessarily loaded ([ClearlyClaire](
- Fix canonical e-mail blocks missing foreign key constraints ([ClearlyClaire](
- Fix inconsistent order on account's statuses page in admin UI ([tribela](
- Fix media from blocked domains being redownloaded by `tootctl media refresh` ([tribela](
- Fix `mastodon:setup` generated env-file syntax ([ClearlyClaire](
- Fix link previews being incorrectly generated from earlier links ([ClearlyClaire](
- Fix wrong `to`/`cc` values for remote groups in ActivityPub ([ClearlyClaire](
- Fix mentions with non-ascii TLDs not being processed ([ClearlyClaire](
- Fix authentication failures halfway through a sign-in attempt ([ClearlyClaire](, [ClearlyClaire](
- Fix suspended accounts statuses being merged back into timelines ([ClearlyClaire](
- Fix crash when encountering invalid account fields ([ClearlyClaire](
- Fix invalid blurhash handling for remote activities ([noellabo](
Spelling (#17705) * spelling: account Signed-off-by: Josh Soref <> * spelling: affiliated Signed-off-by: Josh Soref <> * spelling: appearance Signed-off-by: Josh Soref <> * spelling: autosuggest Signed-off-by: Josh Soref <> * spelling: cacheable Signed-off-by: Josh Soref <> * spelling: component Signed-off-by: Josh Soref <> * spelling: conversations Signed-off-by: Josh Soref <> * spelling: domain.example Clarify what's distinct and use RFC friendly domain space. Signed-off-by: Josh Soref <> * spelling: environment Signed-off-by: Josh Soref <> * spelling: exceeds Signed-off-by: Josh Soref <> * spelling: functional Signed-off-by: Josh Soref <> * spelling: inefficiency Signed-off-by: Josh Soref <> * spelling: not Signed-off-by: Josh Soref <> * spelling: notifications Signed-off-by: Josh Soref <> * spelling: occurring Signed-off-by: Josh Soref <> * spelling: position Signed-off-by: Josh Soref <> * spelling: progress Signed-off-by: Josh Soref <> * spelling: promotable Signed-off-by: Josh Soref <> * spelling: reblogging Signed-off-by: Josh Soref <> * spelling: repetitive Signed-off-by: Josh Soref <> * spelling: resolve Signed-off-by: Josh Soref <> * spelling: saturated Signed-off-by: Josh Soref <> * spelling: similar Signed-off-by: Josh Soref <> * spelling: strategies Signed-off-by: Josh Soref <> * spelling: success Signed-off-by: Josh Soref <> * spelling: targeting Signed-off-by: Josh Soref <> * spelling: thumbnails Signed-off-by: Josh Soref <> * spelling: unauthorized Signed-off-by: Josh Soref <> * spelling: unsensitizes Signed-off-by: Josh Soref <> * spelling: validations Signed-off-by: Josh Soref <> * spelling: various Signed-off-by: Josh Soref <> Co-authored-by: Josh Soref <>
2022-03-06 21:51:40 +00:00
- Fix newlines being added to account notes when an account moves ([ClearlyClaire](, [noellabo](
- Fix crash when creating an announcement with links ([ClearlyClaire](
- Fix logging out from one browser logging out all other sessions ([ClearlyClaire](
### Security
- Fix user notes not having a length limit ([ClearlyClaire](
- Fix revoking a specific session not working ([ClearlyClaire](
2021-06-03 02:26:02 +00:00
## [3.4.1] - 2021-06-03
### Added
- Add new emoji assets from Twemoji 13.1.0 ([Gargron](
2021-06-03 02:26:02 +00:00
### Fixed
- Fix some ActivityPub identifiers in server actor outbox ([ClearlyClaire](
- Fix custom CSS path setting cookies and being uncacheable due to it ([tribela](
- Fix unread notification count when polling in web UI ([ClearlyClaire](
- Fix health check not being accessible through localhost ([ClearlyClaire](
- Fix some redis locks auto-releasing too fast ([ClearlyClaire](, [ClearlyClaire](
- Fix e-mail confirmations API not working correctly ([Gargron](
- Fix migration script not being able to run if it fails midway ([ClearlyClaire](
- Fix account deletion sometimes failing because of optimistic locks ([ClearlyClaire](
- Fix deprecated slash as division in SASS files ([ClearlyClaire](
- Fix `tootctl search deploy` compatibility error on Ruby 3 ([ClearlyClaire](
- Fix mailer jobs for deleted notifications erroring out ([ClearlyClaire](
2021-06-03 02:26:02 +00:00
2021-05-16 21:55:07 +00:00
## [3.4.0] - 2021-05-16
2021-05-08 15:15:06 +00:00
### Added
- **Add follow recommendations for onboarding** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [noellabo](, [noellabo](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- Tutorial on first web UI launch has been replaced with follow suggestions
- Follow suggestions take user locale into account and are a mix of accounts most followed by currently active local users, and accounts that wrote the most shared/favourited posts in the last 30 days
- Only accounts that have opted-in to being discoverable from their profile settings, and that do not require follow requests, will be suggested
- Moderators can review suggestions for every supported locale and suppress specific suggestions from appearing and admins can ensure certain accounts always show up in suggestions from the settings area
- New users no longer automatically follow admins
- **Add server rules** ([Gargron](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- Admins can create and edit itemized server rules
- They are available through the REST API and on the about page
- **Add canonical e-mail blocks for suspended accounts** ([Gargron](
2021-05-08 15:15:06 +00:00
- Normally, people can make multiple accounts using the same e-mail address using the `+` trick or by inserting or removing `.` characters from the first part of their address
- Once an account is suspended, it will no longer be possible for the e-mail address used by that account to be used for new sign-ups in any of its forms
- Add management of delivery availability in admin UI ([noellabo](
- **Add system checks to dashboard in admin UI** ([Gargron](, [ClearlyClaire](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- The dashboard will now warn you if you some Sidekiq queues are not being processed, if you have not defined any server rules, or if you forgot to run database migrations from the latest Mastodon upgrade
- Add inline description of moderation actions in admin UI ([ClearlyClaire](
- Add "recommended" label to activity/peers API toggles in admin UI ([Gargron](
- Add joined date to profiles in web UI ([Gargron](, [rinsuki](
- Add transition to media modal background in web UI ([mkljczk](
- Add option to opt-out of unread notification markers in web UI ([ClearlyClaire](
- Add borders to 📱, 🚲, and 📲 emojis in web UI ([ClearlyClaire](, [ClearlyClaire](
- Add dropdown for boost privacy in boost confirmation modal in web UI ([ClearlyClaire](
- Add support for Ruby 3.0 ([ClearlyClaire](, [ClearlyClaire](
- Add `Message-ID` header to outgoing emails ([ClearlyClaire](
2021-05-08 15:15:06 +00:00
- Some e-mail spam filters penalize e-mails that have a `Message-ID` header that uses a different domain name than the sending e-mail address. Now, the same domain will be used
- Add `af`, `gd` and `si` locales ([Gargron](
- Add guard against DNS rebinding attacks ([noellabo](, [noellabo](
- Add HTTP header to explicitly opt-out of FLoC by default ([ClearlyClaire](
- Add missing push notification title for polls and statuses ([ClearlyClaire](, [mkljczk](, [ClearlyClaire](
- Add `POST /api/v1/emails/confirmations` to REST API ([Gargron](, [Gargron](
2021-05-08 15:15:06 +00:00
- This method allows an app through which a user signed-up to request a new confirmation e-mail to be sent, or to change the e-mail of the account before it is confirmed
- Add `GET /api/v1/accounts/lookup` to REST API ([Gargron](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- This method allows to quickly convert a username of a known account to an ID that can be used with the REST API, or to check if a username is available
for sign-up
- Add `policy` param to `POST /api/v1/push/subscriptions` in REST API ([Gargron](
2021-05-08 15:15:06 +00:00
- This param allows an app to control from whom notifications should be delivered as push notifications to the app
- Add `details` to error response for `POST /api/v1/accounts` in REST API ([Gargron](
2021-05-08 15:15:06 +00:00
- This attribute allows an app to display more helpful information to the user about why the sign-up did not succeed
- Add `SIDEKIQ_REDIS_URL` and related environment variables to optionally use a separate Redis server for Sidekiq ([noellabo](
2021-05-08 15:15:06 +00:00
### Changed
- Change trending hashtags to be affected be reblogs ([Gargron](
2021-05-08 15:15:06 +00:00
- Previously, only original posts contributed to a hashtag's trending score
- Now, reblogs of posts will also contribute to that hashtag's trending score
- Change e-mail confirmation link to always redirect to web UI ([ClearlyClaire](
- Change log level of worker lifecycle to WARN in streaming API ([Gargron](
2021-05-08 15:15:06 +00:00
- Since running with INFO log level in production is not always desirable, it is easy to miss when a worker is shutdown and a new one is started
- Change the nouns "toot" and "status" to "post" in web UI ([Gargron](, [Gargron](
2021-05-08 15:15:06 +00:00
- To be clear, the button still says "Toot!"
- Change order of dropdown menu on posts to be more intuitive in web UI ([ariasuni](
- Change description of keyboard shortcuts in web UI ([ariasuni](
- Change option labels on edit profile page ([Gargron](
2021-05-08 15:15:06 +00:00
- "Lock account" is now "Require follow requests"
- "List this account on the directory" is now "Suggest account to others"
- "Hide your network" is now "Hide your social graph"
- Change newly generated account IDs to not be enumerable ([ClearlyClaire](
- Change Web Push API deliveries to use request pooling ([Gargron](
- Change multiple mentions with same username to render with domain ([Gargron](, [noellabo](
2021-05-08 15:15:06 +00:00
- When a post contains mentions of two or more users who have the same username, but on different domains, render their names with domain to help disambiguate them
- Always render the domain of usernames used in profile metadata
- Change health check endpoint to reveal less information ([Gargron](
- Change account counters to use upsert (requires Postgres >= 9.5) ([ClearlyClaire](
- Change `mastodon:setup` to not call `assets:precompile` in Docker ([ClearlyClaire](
- **Change max. image dimensions to 1920x1080px (1080p)** ([Gargron](
2021-05-08 15:15:06 +00:00
- Previously, this was 1280x1280px
- This is the amount of pixels that original images get downsized to
- Change custom emoji to be animated when hovering container in web UI ([ClearlyClaire](
- Change streaming API from deprecated ClusterWS/cws to ws ([ClearlyClaire](
- Change systemd configuration to add sandboxing features ([Izorkin](, [Izorkin](, [Izorkin](
- Change nginx configuration to make running Onion service easier ([cohosh](
- Change Helm configuration ([dunn](, [dunn](, [dunn](, [dunn](, [dunn](
- Change Docker configuration ([SuperSandro2000](, [mashirozx](
2021-05-08 15:15:06 +00:00
### Removed
- Remove PubSubHubbub-related columns from accounts table ([Gargron](, [ClearlyClaire](
- Remove dependency on @babel/plugin-proposal-class-properties ([ykzts](
- Remove dependency on pluck_each gem ([Gargron](
- Remove spam check and dependency on nilsimsa gem ([Gargron](
- Remove MySQL-specific code from Mastodon::MigrationHelpers ([ClearlyClaire](
- Remove IE11 from supported browsers target ([gol-cha](
2021-05-08 15:15:06 +00:00
### Fixed
- Fix "You might be interested in" flashing while searching in web UI ([Gargron](
- Fix display of posts without text content in web UI ([ClearlyClaire](
- Fix Google Translate breaking web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix web UI crashing when SVG support is disabled ([ClearlyClaire](
- Fix web UI crash when a status opened in the media modal is deleted ([kaias1jp](
- Fix OCR language data failing to load in web UI ([ClearlyClaire](
- Fix footer links not being clickable in Safari in web UI ([noellabo](
- Fix autofocus/autoselection not working on mobile in web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix media redownload worker retrying on unexpected response codes ([Gargron](
- Fix thread resolve worker retrying when status no longer exists ([Gargron](
- Fix n+1 queries when rendering statuses in REST API ([abcang](
- Fix n+1 queries when rendering notifications in REST API ([abcang](
- Fix delete of local reply to local parent not being forwarded ([Gargron](
- Fix remote reporters not receiving suspend/unsuspend activities ([Gargron](
- Fix understanding (not fully qualified) `as:Public` and `Public` ([ClearlyClaire](
- Fix actor update not being distributed on profile picture deletion ([ClearlyClaire](
- Fix processing of incoming Delete activities ([ClearlyClaire](
- Fix processing of incoming Block activities ([ClearlyClaire](
- Fix processing of incoming Update activities of unknown accounts ([ClearlyClaire](
- Fix URIs of repeat follow requests not being recorded ([ClearlyClaire](
- Fix error on requests with no `Digest` header ([ClearlyClaire](
- Fix activity object not requiring signature in secure mode ([ClearlyClaire](
- Fix database serialization failure returning HTTP 500 ([Gargron](
- Fix media processing getting stuck on too much stdin/stderr ([Gargron](
- Fix some inefficient array manipulations ([007lva](, [007lva](
- Fix some inefficient regex matching ([007lva](
- Fix some inefficient SQL queries ([abcang](, [abcang](, [abcang](
- Fix trying to fetch key from empty URI when verifying HTTP signature ([Gargron](
- Fix `tootctl maintenance fix-duplicates` failures ([ClearlyClaire](, [ClearlyClaire](
- Fix error when removing status caused by race condition ([Gargron](
- Fix blocking someone not clearing up list feeds ([ClearlyClaire](
- Fix misspelled URLs character counting ([ClearlyClaire](
- Fix Sidekiq hanging forever due to a Resolv bug in Ruby 2.7.3 ([ClearlyClaire](
- Fix edge case where follow limit interferes with accepting a follow ([ClearlyClaire](
- Fix inconsistent lead text style in admin UI ([Gargron](, [ClearlyClaire](
- Fix reports of already suspended accounts being recorded ([Gargron](
- Fix sign-up restrictions based on IP addresses not being enforced ([ClearlyClaire](
- Fix YouTube embeds failing due to YouTube serving wrong OEmbed URLs ([Gargron](
- Fix error when rendering public pages with media without meta ([Gargron](
- Fix misaligned logo on follow button on public pages ([noellabo](
- Fix video modal not working on public pages ([noellabo](
- Fix race conditions on account migration creation ([ClearlyClaire](
- Fix not being able to change world filter expiration back to “Never” ([ClearlyClaire](
- Fix `.env.vagrant` not setting `RAILS_ENV` variable ([chandrn7](
- Fix error when muting users with `duration` in REST API ([Tak](
- Fix border padding on front page in light theme ([ClearlyClaire](
- Fix wrong URL to custom CSS when `CDN_HOST` is used ([ClearlyClaire](
- Fix `tootctl accounts unfollow` ([ClearlyClaire](
- Fix `tootctl emoji import` wasting time on MacOS shadow files ([cortices](
- Fix `tootctl emoji import` not treating shortcodes as case-insensitive ([angristan](
- Fix some issues with SAML account creation ([Gargron](, [kaiyou](
- Fix MX validation applying for explicitly allowed e-mail domains ([ClearlyClaire](
- Fix share page not using configured custom mascot ([tribela](
- Fix instance actor not being automatically created if it wasn't seeded properly ([ClearlyClaire](
- Fix HTTPS enforcement preventing Mastodon from being run as an Onion service ([cohosh](, [jtracey](, [ClearlyClaire](, [cohosh](
- Fix app name, website and redirect URIs not having a maximum length ([Gargron](
2021-05-08 15:15:06 +00:00
2020-12-27 05:00:55 +00:00
## [3.3.0] - 2020-12-27
2020-12-01 05:38:05 +00:00
### Added
- **Add hotkeys for audio/video control in web UI** ([Gargron](, [Gargron](
2020-12-01 05:38:05 +00:00
- `Space` and `k` to toggle playback
- `m` to toggle mute
- `f` to toggle fullscreen
- `j` and `l` to go back and forward by 10 seconds
- `.` and `,` to go back and forward by a frame (video only)
- Add expand/compress button on media modal in web UI ([mashirozx](, [mashirozx](, [mashirozx](
- Add border around 🕺 emoji in web UI ([ClearlyClaire](
- Add border around 🐞 emoji in web UI ([ClearlyClaire](
- Add home link to the getting started column when home isn't mounted ([ClearlyClaire](
- Add option to disable swiping motions across the web UI ([ClearlyClaire](
- **Add pop-out player for audio/video in web UI** ([Gargron](, [Gargron](, [Gargron](, [noellabo](
2020-12-01 05:38:05 +00:00
- Continue watching/listening when you scroll away
- Action bar to interact with/open toot from the pop-out player
- Add unread notification markers in web UI ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [noellabo](, [noellabo](
- Add paragraph about browser add-ons when encountering errors in web UI ([ClearlyClaire](
- Add import and export for bookmarks ([ClearlyClaire](
- Add cache buster feature for media files ([Gargron](
2020-12-01 05:38:05 +00:00
- If you have a proxy cache in front of object storage, deleted files will persist until the cache expires
- If enabled, cache buster will make a special request to the proxy to signal a cache reset
- Add duration option to the mute function ([aquarla](
- Add replies policy option to the list function ([ClearlyClaire](, [trwnh](
- Add `og:published_time` OpenGraph tags on toots ([nornagon](
- **Add option to be notified when a followed user posts** ([Gargron](, [ClearlyClaire](, [Gargron](
2020-12-01 05:38:05 +00:00
- If you don't want to miss a toot, click the bell button!
- Add client-side validation in password change forms ([ClearlyClaire](
- Add client-side validation in the registration form ([ClearlyClaire](, [ClearlyClaire](
- Add support for Gemini URLs ([joshleeb](
- Add app shortcuts to web app manifest ([mkljczk](
- Add WebAuthn as an alternative 2FA method ([santiagorodriguez96](, [jiikko](
- Add honeypot fields and minimum fill-out time for sign-up form ([ClearlyClaire](
- Add icon for mutual relationships in relationship manager ([noellabo](
- Add follow selected followers button in relationship manager ([noellabo](
- **Add subresource integrity for JS and CSS assets** ([Gargron](
2020-12-01 05:38:05 +00:00
- If you use a CDN for static assets (JavaScript, CSS, and so on), you have to trust that the CDN does not modify the assets maliciously
- Subresource integrity compares server-generated asset digests with what's actually served from the CDN and prevents such attacks
- Add `ku`, `sa`, `sc`, `zgh` to available locales ([ykzts](
- Add ability to force an account to mark media as sensitive ([noellabo](
- **Add ability to block access or limit sign-ups from chosen IPs** ([Gargron](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Add rules for IPs or CIDR ranges that automatically expire after a configurable amount of time
- Choose the severity of the rule, either blocking all access or merely limiting sign-ups
- **Add support for reversible suspensions through ActivityPub** ([Gargron](
2020-12-01 05:38:05 +00:00
- Servers can signal that one of their accounts has been suspended
- During suspension, the account can only delete its own content
- A reversal of the suspension can be signalled the same way
- A local suspension always overrides a remote one
- Add indication to admin UI of whether a report has been forwarded ([ClearlyClaire](
- Add display of reasons for joining of an account in admin UI ([mashirozx](
- Add option to obfuscate domain name in public list of domain blocks ([Gargron](
- Add option to make reasons for joining required on sign-up ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
- Add ActivityPub follower synchronization mechanism ([ClearlyClaire](, [ClearlyClaire](
- Add outbox attribute to instance actor ([ClearlyClaire](
- Add featured hashtags as an ActivityPub collection ([Gargron](, [noellabo](
- Add support for dereferencing objects through bearcaps ([Gargron](, [noellabo](
- Add `S3_READ_TIMEOUT` environment variable ([tateisu](
- Add `ALLOWED_PRIVATE_ADDRESSES` environment variable ([ClearlyClaire](
- Add `--fix-permissions` option to `tootctl media remove-orphans` ([Gargron](, [uist1idrju3i](
- Add `tootctl accounts merge` ([Gargron](, [ClearlyClaire](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Has someone changed their domain or subdomain thereby creating two accounts where there should be one?
- This command will fix it on your end
- Add `tootctl maintenance fix-duplicates` ([ClearlyClaire](, [Gargron](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Index corruption in the database?
- This command is for you
- **Add support for managing multiple stream subscriptions in a single connection** ([Gargron](, [Gargron](, [mfmfuyu](, [zunda](
2020-12-01 05:38:05 +00:00
- Previously, getting live updates for multiple timelines required opening a HTTP or WebSocket connection for each
- More connections means more resource consumption on both ends, not to mention the (ever so slight) delay when establishing a new connection
- Now, with just a single WebSocket connection you can subscribe and unsubscribe to and from multiple streams
- Add support for limiting results by both `min_id` and `max_id` at the same time in REST API ([tateisu](
- Add `GET /api/v1/accounts/:id/featured_tags` to REST API ([noellabo](, [noellabo](
- Add stoplight for object storage failures, return HTTP 503 in REST API ([Gargron](
- Add optional `tootctl remove media` cronjob in Helm chart ([dunn](
- Add clean error message when `RAILS_ENV` is unset ([ClearlyClaire](
2020-12-01 05:38:05 +00:00
### Changed
- **Change media modals look in web UI** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Kjwon15](, [noellabo](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Background of the overlay matches the color of the image
- Action bar to interact with or open the toot from the modal
- Change order of announcements in admin UI to be newest-first ([ClearlyClaire](
- **Change account suspensions to be reversible by default** ([Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [noellabo](, [ClearlyClaire](, [Gargron](, [Gargron](
2020-12-01 05:38:05 +00:00
- Suspensions no longer equal deletions
- A suspended account can be unsuspended with minimal consequences for 30 days
- Immediate deletion of data is still available as an explicit option
- Suspended accounts can request an archive of their data through the UI
- Change REST API to return empty data for suspended accounts (14765)
- Change web UI to show empty profile for suspended accounts ([Gargron](, [Gargron](
- Change featured hashtag suggestions to be recently used instead of most used ([abcang](
- Change direct toots to appear in the home feed again ([Gargron](, [ClearlyClaire](, [noellabo](
2020-12-01 05:38:05 +00:00
- Return to treating all toots the same instead of trying to retrofit direct visibility into an instant messaging model
- Change email address validation to return more specific errors ([ClearlyClaire](
- Change HTTP signature requirements to include `Digest` header on `POST` requests ([ClearlyClaire](
- Change click area of video/audio player buttons to be bigger in web UI ([ariasuni](
- Change order of filters by alphabetic by "keyword or phrase" ([ariasuni](
- Change suspension of remote accounts to also undo outgoing follows ([ClearlyClaire](
- Change string "Home" to "Home and lists" in the filter creation screen ([ariasuni](
- Change string "Boost to original audience" to "Boost with original visibility" in web UI ([3n-k1](
- Change string "Show more" to "Show newer" and "Show older" on public pages ([ariasuni](