1903 lines
206 KiB
Raw Normal View History

All notable changes to this project will be documented in this file.
## [3.4.3] - 2021-11-06
### Fixed
- Fix login being broken due to inaccurately applied backport fix in 3.4.2 ([Gargron](
## [3.4.2] - 2021-11-06
### Added
- Add `configuration` attribute to `GET /api/v1/instance` ([Gargron](
### Fixed
- Fix handling of back button with modal windows in web UI ([ClearlyClaire](
- Fix pop-in player when author has long username in web UI ([ClearlyClaire](
- Fix crash when a status with a playing video gets deleted in web UI ([ClearlyClaire](
- Fix crash with Microsoft Translate in web UI ([ClearlyClaire](
- Fix PWA not being usable from alternate domains ([HolgerHuo](
- Fix locale-specific number rounding errors ([ClearlyClaire](
- Fix scheduling a status decreasing status count ([ClearlyClaire](
- Fix user's canonical email address being blocked when user deletes own account ([ClearlyClaire](
- Fix not being able to suspend users that already have their canonical e-mail blocked ([Gargron](
- Fix anonymous access to outbox not being cached by the reverse proxy ([ClearlyClaire](
- Fix followers synchronization mechanism not working when URI has empty path ([ClearlyClaire](
- Fix serialization of counts in REST API when user hides their network ([ClearlyClaire](
- Fix inefficiencies in auto-linking code ([ClearlyClaire](
- Fix `tootctl self-destruct` not sending delete activities for recently-suspended accounts ([ClearlyClaire](
- Fix suspicious sign-in e-mail text being out of date ([ClearlyClaire](
- Fix some frameworks being unnecessarily loaded ([ClearlyClaire](
- Fix canonical e-mail blocks missing foreign key constraints ([ClearlyClaire](
- Fix inconsistent order on account's statuses page in admin UI ([tribela](
- Fix media from blocked domains being redownloaded by `tootctl media refresh` ([tribela](
- Fix `mastodon:setup` generated env-file syntax ([ClearlyClaire](
- Fix link previews being incorrectly generated from earlier links ([ClearlyClaire](
- Fix wrong `to`/`cc` values for remote groups in ActivityPub ([ClearlyClaire](
- Fix mentions with non-ascii TLDs not being processed ([ClearlyClaire](
- Fix authentication failures halfway through a sign-in attempt ([ClearlyClaire](, [ClearlyClaire](
- Fix suspended accounts statuses being merged back into timelines ([ClearlyClaire](
- Fix crash when encountering invalid account fields ([ClearlyClaire](
- Fix invalid blurhash handling for remote activities ([noellabo](
- Fix newlines being added to accout notes when an account moves ([ClearlyClaire](, [noellabo](
- Fix crash when creating an announcement with links ([ClearlyClaire](
- Fix logging out from one browser logging out all other sessions ([ClearlyClaire](
### Security
- Fix user notes not having a length limit ([ClearlyClaire](
- Fix revoking a specific session not working ([ClearlyClaire](
2021-06-03 02:26:02 +00:00
## [3.4.1] - 2021-06-03
### Added
- Add new emoji assets from Twemoji 13.1.0 ([Gargron](
2021-06-03 02:26:02 +00:00
### Fixed
- Fix some ActivityPub identifiers in server actor outbox ([ClearlyClaire](
- Fix custom CSS path setting cookies and being uncacheable due to it ([tribela](
- Fix unread notification count when polling in web UI ([ClearlyClaire](
- Fix health check not being accessible through localhost ([ClearlyClaire](
- Fix some redis locks auto-releasing too fast ([ClearlyClaire](, [ClearlyClaire](
- Fix e-mail confirmations API not working correctly ([Gargron](
- Fix migration script not being able to run if it fails midway ([ClearlyClaire](
- Fix account deletion sometimes failing because of optimistic locks ([ClearlyClaire](
- Fix deprecated slash as division in SASS files ([ClearlyClaire](
- Fix `tootctl search deploy` compatibility error on Ruby 3 ([ClearlyClaire](
- Fix mailer jobs for deleted notifications erroring out ([ClearlyClaire](
2021-06-03 02:26:02 +00:00
2021-05-16 21:55:07 +00:00
## [3.4.0] - 2021-05-16
2021-05-08 15:15:06 +00:00
### Added
- **Add follow recommendations for onboarding** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [noellabo](, [noellabo](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- Tutorial on first web UI launch has been replaced with follow suggestions
- Follow suggestions take user locale into account and are a mix of accounts most followed by currently active local users, and accounts that wrote the most shared/favourited posts in the last 30 days
- Only accounts that have opted-in to being discoverable from their profile settings, and that do not require follow requests, will be suggested
- Moderators can review suggestions for every supported locale and suppress specific suggestions from appearing and admins can ensure certain accounts always show up in suggestions from the settings area
- New users no longer automatically follow admins
- **Add server rules** ([Gargron](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- Admins can create and edit itemized server rules
- They are available through the REST API and on the about page
- **Add canonical e-mail blocks for suspended accounts** ([Gargron](
2021-05-08 15:15:06 +00:00
- Normally, people can make multiple accounts using the same e-mail address using the `+` trick or by inserting or removing `.` characters from the first part of their address
- Once an account is suspended, it will no longer be possible for the e-mail address used by that account to be used for new sign-ups in any of its forms
- Add management of delivery availability in admin UI ([noellabo](
- **Add system checks to dashboard in admin UI** ([Gargron](, [ClearlyClaire](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- The dashboard will now warn you if you some Sidekiq queues are not being processed, if you have not defined any server rules, or if you forgot to run database migrations from the latest Mastodon upgrade
- Add inline description of moderation actions in admin UI ([ClearlyClaire](
- Add "recommended" label to activity/peers API toggles in admin UI ([Gargron](
- Add joined date to profiles in web UI ([Gargron](, [rinsuki](
- Add transition to media modal background in web UI ([mkljczk](
- Add option to opt-out of unread notification markers in web UI ([ClearlyClaire](
- Add borders to 📱, 🚲, and 📲 emojis in web UI ([ClearlyClaire](, [ClearlyClaire](
- Add dropdown for boost privacy in boost confirmation modal in web UI ([ClearlyClaire](
- Add support for Ruby 3.0 ([ClearlyClaire](, [ClearlyClaire](
- Add `Message-ID` header to outgoing emails ([ClearlyClaire](
2021-05-08 15:15:06 +00:00
- Some e-mail spam filters penalize e-mails that have a `Message-ID` header that uses a different domain name than the sending e-mail address. Now, the same domain will be used
- Add `af`, `gd` and `si` locales ([Gargron](
- Add guard against DNS rebinding attacks ([noellabo](, [noellabo](
- Add HTTP header to explicitly opt-out of FLoC by default ([ClearlyClaire](
- Add missing push notification title for polls and statuses ([ClearlyClaire](, [mkljczk](, [ClearlyClaire](
- Add `POST /api/v1/emails/confirmations` to REST API ([Gargron](, [Gargron](
2021-05-08 15:15:06 +00:00
- This method allows an app through which a user signed-up to request a new confirmation e-mail to be sent, or to change the e-mail of the account before it is confirmed
- Add `GET /api/v1/accounts/lookup` to REST API ([Gargron](, [ClearlyClaire](
2021-05-08 15:15:06 +00:00
- This method allows to quickly convert a username of a known account to an ID that can be used with the REST API, or to check if a username is available
for sign-up
- Add `policy` param to `POST /api/v1/push/subscriptions` in REST API ([Gargron](
2021-05-08 15:15:06 +00:00
- This param allows an app to control from whom notifications should be delivered as push notifications to the app
- Add `details` to error response for `POST /api/v1/accounts` in REST API ([Gargron](
2021-05-08 15:15:06 +00:00
- This attribute allows an app to display more helpful information to the user about why the sign-up did not succeed
- Add `SIDEKIQ_REDIS_URL` and related environment variables to optionally use a separate Redis server for Sidekiq ([noellabo](
2021-05-08 15:15:06 +00:00
### Changed
- Change trending hashtags to be affected be reblogs ([Gargron](
2021-05-08 15:15:06 +00:00
- Previously, only original posts contributed to a hashtag's trending score
- Now, reblogs of posts will also contribute to that hashtag's trending score
- Change e-mail confirmation link to always redirect to web UI ([ClearlyClaire](
- Change log level of worker lifecycle to WARN in streaming API ([Gargron](
2021-05-08 15:15:06 +00:00
- Since running with INFO log level in production is not always desirable, it is easy to miss when a worker is shutdown and a new one is started
- Change the nouns "toot" and "status" to "post" in web UI ([Gargron](, [Gargron](
2021-05-08 15:15:06 +00:00
- To be clear, the button still says "Toot!"
- Change order of dropdown menu on posts to be more intuitive in web UI ([ariasuni](
- Change description of keyboard shortcuts in web UI ([ariasuni](
- Change option labels on edit profile page ([Gargron](
2021-05-08 15:15:06 +00:00
- "Lock account" is now "Require follow requests"
- "List this account on the directory" is now "Suggest account to others"
- "Hide your network" is now "Hide your social graph"
- Change newly generated account IDs to not be enumerable ([ClearlyClaire](
- Change Web Push API deliveries to use request pooling ([Gargron](
- Change multiple mentions with same username to render with domain ([Gargron](, [noellabo](
2021-05-08 15:15:06 +00:00
- When a post contains mentions of two or more users who have the same username, but on different domains, render their names with domain to help disambiguate them
- Always render the domain of usernames used in profile metadata
- Change health check endpoint to reveal less information ([Gargron](
- Change account counters to use upsert (requires Postgres >= 9.5) ([ClearlyClaire](
- Change `mastodon:setup` to not call `assets:precompile` in Docker ([ClearlyClaire](
- **Change max. image dimensions to 1920x1080px (1080p)** ([Gargron](
2021-05-08 15:15:06 +00:00
- Previously, this was 1280x1280px
- This is the amount of pixels that original images get downsized to
- Change custom emoji to be animated when hovering container in web UI ([ClearlyClaire](
- Change streaming API from deprecated ClusterWS/cws to ws ([ClearlyClaire](
- Change systemd configuration to add sandboxing features ([Izorkin](, [Izorkin](, [Izorkin](
- Change nginx configuration to make running Onion service easier ([cohosh](
- Change Helm configuration ([dunn](, [dunn](, [dunn](, [dunn](, [dunn](
- Change Docker configuration ([SuperSandro2000](, [mashirozx](
2021-05-08 15:15:06 +00:00
### Removed
- Remove PubSubHubbub-related columns from accounts table ([Gargron](, [ClearlyClaire](
- Remove dependency on @babel/plugin-proposal-class-properties ([ykzts](
- Remove dependency on pluck_each gem ([Gargron](
- Remove spam check and dependency on nilsimsa gem ([Gargron](
- Remove MySQL-specific code from Mastodon::MigrationHelpers ([ClearlyClaire](
- Remove IE11 from supported browsers target ([gol-cha](
2021-05-08 15:15:06 +00:00
### Fixed
- Fix "You might be interested in" flashing while searching in web UI ([Gargron](
- Fix display of posts without text content in web UI ([ClearlyClaire](
- Fix Google Translate breaking web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix web UI crashing when SVG support is disabled ([ClearlyClaire](
- Fix web UI crash when a status opened in the media modal is deleted ([kaias1jp](
- Fix OCR language data failing to load in web UI ([ClearlyClaire](
- Fix footer links not being clickable in Safari in web UI ([noellabo](
- Fix autofocus/autoselection not working on mobile in web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix media redownload worker retrying on unexpected response codes ([Gargron](
- Fix thread resolve worker retrying when status no longer exists ([Gargron](
- Fix n+1 queries when rendering statuses in REST API ([abcang](
- Fix n+1 queries when rendering notifications in REST API ([abcang](
- Fix delete of local reply to local parent not being forwarded ([Gargron](
- Fix remote reporters not receiving suspend/unsuspend activities ([Gargron](
- Fix understanding (not fully qualified) `as:Public` and `Public` ([ClearlyClaire](
- Fix actor update not being distributed on profile picture deletion ([ClearlyClaire](
- Fix processing of incoming Delete activities ([ClearlyClaire](
- Fix processing of incoming Block activities ([ClearlyClaire](
- Fix processing of incoming Update activities of unknown accounts ([ClearlyClaire](
- Fix URIs of repeat follow requests not being recorded ([ClearlyClaire](
- Fix error on requests with no `Digest` header ([ClearlyClaire](
- Fix activity object not requiring signature in secure mode ([ClearlyClaire](
- Fix database serialization failure returning HTTP 500 ([Gargron](
- Fix media processing getting stuck on too much stdin/stderr ([Gargron](
- Fix some inefficient array manipulations ([007lva](, [007lva](
- Fix some inefficient regex matching ([007lva](
- Fix some inefficient SQL queries ([abcang](, [abcang](, [abcang](
- Fix trying to fetch key from empty URI when verifying HTTP signature ([Gargron](
- Fix `tootctl maintenance fix-duplicates` failures ([ClearlyClaire](, [ClearlyClaire](
- Fix error when removing status caused by race condition ([Gargron](
- Fix blocking someone not clearing up list feeds ([ClearlyClaire](
- Fix misspelled URLs character counting ([ClearlyClaire](
- Fix Sidekiq hanging forever due to a Resolv bug in Ruby 2.7.3 ([ClearlyClaire](
- Fix edge case where follow limit interferes with accepting a follow ([ClearlyClaire](
- Fix inconsistent lead text style in admin UI ([Gargron](, [ClearlyClaire](
- Fix reports of already suspended accounts being recorded ([Gargron](
- Fix sign-up restrictions based on IP addresses not being enforced ([ClearlyClaire](
- Fix YouTube embeds failing due to YouTube serving wrong OEmbed URLs ([Gargron](
- Fix error when rendering public pages with media without meta ([Gargron](
- Fix misaligned logo on follow button on public pages ([noellabo](
- Fix video modal not working on public pages ([noellabo](
- Fix race conditions on account migration creation ([ClearlyClaire](
- Fix not being able to change world filter expiration back to “Never” ([ClearlyClaire](
- Fix `.env.vagrant` not setting `RAILS_ENV` variable ([chandrn7](
- Fix error when muting users with `duration` in REST API ([Tak](
- Fix border padding on front page in light theme ([ClearlyClaire](
- Fix wrong URL to custom CSS when `CDN_HOST` is used ([ClearlyClaire](
- Fix `tootctl accounts unfollow` ([ClearlyClaire](
- Fix `tootctl emoji import` wasting time on MacOS shadow files ([cortices](
- Fix `tootctl emoji import` not treating shortcodes as case-insensitive ([angristan](
- Fix some issues with SAML account creation ([Gargron](, [kaiyou](
- Fix MX validation applying for explicitly allowed e-mail domains ([ClearlyClaire](
- Fix share page not using configured custom mascot ([tribela](
- Fix instance actor not being automatically created if it wasn't seeded properly ([ClearlyClaire](
- Fix HTTPS enforcement preventing Mastodon from being run as an Onion service ([cohosh](, [jtracey](, [ClearlyClaire](, [cohosh](
- Fix app name, website and redirect URIs not having a maximum length ([Gargron](
2021-05-08 15:15:06 +00:00
2020-12-27 05:00:55 +00:00
## [3.3.0] - 2020-12-27
2020-12-01 05:38:05 +00:00
### Added
- **Add hotkeys for audio/video control in web UI** ([Gargron](, [Gargron](
2020-12-01 05:38:05 +00:00
- `Space` and `k` to toggle playback
- `m` to toggle mute
- `f` to toggle fullscreen
- `j` and `l` to go back and forward by 10 seconds
- `.` and `,` to go back and forward by a frame (video only)
- Add expand/compress button on media modal in web UI ([mashirozx](, [mashirozx](, [mashirozx](
- Add border around 🕺 emoji in web UI ([ClearlyClaire](
- Add border around 🐞 emoji in web UI ([ClearlyClaire](
- Add home link to the getting started column when home isn't mounted ([ClearlyClaire](
- Add option to disable swiping motions across the web UI ([ClearlyClaire](
- **Add pop-out player for audio/video in web UI** ([Gargron](, [Gargron](, [Gargron](, [noellabo](
2020-12-01 05:38:05 +00:00
- Continue watching/listening when you scroll away
- Action bar to interact with/open toot from the pop-out player
- Add unread notification markers in web UI ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [noellabo](, [noellabo](
- Add paragraph about browser add-ons when encountering errors in web UI ([ClearlyClaire](
- Add import and export for bookmarks ([ClearlyClaire](
- Add cache buster feature for media files ([Gargron](
2020-12-01 05:38:05 +00:00
- If you have a proxy cache in front of object storage, deleted files will persist until the cache expires
- If enabled, cache buster will make a special request to the proxy to signal a cache reset
- Add duration option to the mute function ([aquarla](
- Add replies policy option to the list function ([ClearlyClaire](, [trwnh](
- Add `og:published_time` OpenGraph tags on toots ([nornagon](
- **Add option to be notified when a followed user posts** ([Gargron](, [ClearlyClaire](, [Gargron](
2020-12-01 05:38:05 +00:00
- If you don't want to miss a toot, click the bell button!
- Add client-side validation in password change forms ([ClearlyClaire](
- Add client-side validation in the registration form ([ClearlyClaire](, [ClearlyClaire](
- Add support for Gemini URLs ([joshleeb](
- Add app shortcuts to web app manifest ([mkljczk](
- Add WebAuthn as an alternative 2FA method ([santiagorodriguez96](, [jiikko](
- Add honeypot fields and minimum fill-out time for sign-up form ([ClearlyClaire](
- Add icon for mutual relationships in relationship manager ([noellabo](
- Add follow selected followers button in relationship manager ([noellabo](
- **Add subresource integrity for JS and CSS assets** ([Gargron](
2020-12-01 05:38:05 +00:00
- If you use a CDN for static assets (JavaScript, CSS, and so on), you have to trust that the CDN does not modify the assets maliciously
- Subresource integrity compares server-generated asset digests with what's actually served from the CDN and prevents such attacks
- Add `ku`, `sa`, `sc`, `zgh` to available locales ([ykzts](
- Add ability to force an account to mark media as sensitive ([noellabo](
- **Add ability to block access or limit sign-ups from chosen IPs** ([Gargron](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Add rules for IPs or CIDR ranges that automatically expire after a configurable amount of time
- Choose the severity of the rule, either blocking all access or merely limiting sign-ups
- **Add support for reversible suspensions through ActivityPub** ([Gargron](
2020-12-01 05:38:05 +00:00
- Servers can signal that one of their accounts has been suspended
- During suspension, the account can only delete its own content
- A reversal of the suspension can be signalled the same way
- A local suspension always overrides a remote one
- Add indication to admin UI of whether a report has been forwarded ([ClearlyClaire](
- Add display of reasons for joining of an account in admin UI ([mashirozx](
- Add option to obfuscate domain name in public list of domain blocks ([Gargron](
- Add option to make reasons for joining required on sign-up ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
- Add ActivityPub follower synchronization mechanism ([ClearlyClaire](, [ClearlyClaire](
- Add outbox attribute to instance actor ([ClearlyClaire](
- Add featured hashtags as an ActivityPub collection ([Gargron](, [noellabo](
- Add support for dereferencing objects through bearcaps ([Gargron](, [noellabo](
- Add `S3_READ_TIMEOUT` environment variable ([tateisu](
- Add `ALLOWED_PRIVATE_ADDRESSES` environment variable ([ClearlyClaire](
- Add `--fix-permissions` option to `tootctl media remove-orphans` ([Gargron](, [uist1idrju3i](
- Add `tootctl accounts merge` ([Gargron](, [ClearlyClaire](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Has someone changed their domain or subdomain thereby creating two accounts where there should be one?
- This command will fix it on your end
- Add `tootctl maintenance fix-duplicates` ([ClearlyClaire](, [Gargron](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Index corruption in the database?
- This command is for you
- **Add support for managing multiple stream subscriptions in a single connection** ([Gargron](, [Gargron](, [mfmfuyu](, [zunda](
2020-12-01 05:38:05 +00:00
- Previously, getting live updates for multiple timelines required opening a HTTP or WebSocket connection for each
- More connections means more resource consumption on both ends, not to mention the (ever so slight) delay when establishing a new connection
- Now, with just a single WebSocket connection you can subscribe and unsubscribe to and from multiple streams
- Add support for limiting results by both `min_id` and `max_id` at the same time in REST API ([tateisu](
- Add `GET /api/v1/accounts/:id/featured_tags` to REST API ([noellabo](, [noellabo](
- Add stoplight for object storage failures, return HTTP 503 in REST API ([Gargron](
- Add optional `tootctl remove media` cronjob in Helm chart ([dunn](
- Add clean error message when `RAILS_ENV` is unset ([ClearlyClaire](
2020-12-01 05:38:05 +00:00
### Changed
- **Change media modals look in web UI** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Kjwon15](, [noellabo](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Background of the overlay matches the color of the image
- Action bar to interact with or open the toot from the modal
- Change order of announcements in admin UI to be newest-first ([ClearlyClaire](
- **Change account suspensions to be reversible by default** ([Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [noellabo](, [ClearlyClaire](, [Gargron](, [Gargron](
2020-12-01 05:38:05 +00:00
- Suspensions no longer equal deletions
- A suspended account can be unsuspended with minimal consequences for 30 days
- Immediate deletion of data is still available as an explicit option
- Suspended accounts can request an archive of their data through the UI
- Change REST API to return empty data for suspended accounts (14765)
- Change web UI to show empty profile for suspended accounts ([Gargron](, [Gargron](
- Change featured hashtag suggestions to be recently used instead of most used ([abcang](
- Change direct toots to appear in the home feed again ([Gargron](, [ClearlyClaire](, [noellabo](
2020-12-01 05:38:05 +00:00
- Return to treating all toots the same instead of trying to retrofit direct visibility into an instant messaging model
- Change email address validation to return more specific errors ([ClearlyClaire](
- Change HTTP signature requirements to include `Digest` header on `POST` requests ([ClearlyClaire](
- Change click area of video/audio player buttons to be bigger in web UI ([ariasuni](
- Change order of filters by alphabetic by "keyword or phrase" ([ariasuni](
- Change suspension of remote accounts to also undo outgoing follows ([ClearlyClaire](
- Change string "Home" to "Home and lists" in the filter creation screen ([ariasuni](
- Change string "Boost to original audience" to "Boost with original visibility" in web UI ([3n-k1](
- Change string "Show more" to "Show newer" and "Show older" on public pages ([ariasuni](
- Change order of announcements to be reverse chronological in web UI ([dariusk](, [dariusk](
- Change RTL detection to rely on unicode-bidi paragraph by paragraph in web UI ([Gargron](
- Change visibility icon next to timestamp to be clickable in web UI ([ariasuni](, [mayaeh](
- Change public thread view to hide "Show thread" link ([ClearlyClaire](
- Change number format on about page from full to shortened ([Gargron](
- Change how scheduled tasks run in multi-process environments ([noellabo](
2020-12-18 23:28:38 +00:00
- New dedicated queue `scheduler`
- Runs by default when Sidekiq is executed with no options
- Has to be added manually in a multi-process environment
2020-12-01 05:38:05 +00:00
### Removed
- Remove fade-in animation from modals in web UI ([Gargron](
- Remove auto-redirect to direct messages in web UI ([Gargron](
- Remove obsolete IndexedDB operations from web UI ([Gargron](
- Remove dependency on unused and unmaintained http_parser.rb gem ([ClearlyClaire](
2020-12-01 05:38:05 +00:00
### Fixed
- Fix layout on about page when contact account has a long username ([ClearlyClaire](
- Fix follow limit preventing re-following of a moved account ([Gargron](, [ClearlyClaire](
- **Fix deletes not reaching every server that interacted with toot** ([Gargron](
2020-12-01 05:38:05 +00:00
- Previously, delete of a toot would be primarily sent to the followers of its author, people mentioned in the toot, and people who reblogged the toot
- Now, additionally, it is ensured that it is sent to people who replied to it, favourited it, and to the person it replies to even if that person is not mentioned
- Fix resolving an account through its non-canonical form (i.e. alternate domain) ([ClearlyClaire](
- Fix sending redundant ActivityPub events when processing remote account deletion ([ClearlyClaire](
- Fix Move handler not being triggered when failing to fetch target account ([ClearlyClaire](
- Fix downloading remote media files when server returns empty filename ([ClearlyClaire](
- Fix account processing failing because of large collections ([ClearlyClaire](
- Fix not being able to unfavorite toots one has lost access to ([ClearlyClaire](
- Fix not being able to unbookmark toots one has lost access to ([ClearlyClaire](
- Fix possible casing inconsistencies in hashtag search ([ClearlyClaire](
- Fix updating account counters when association is not yet created ([Gargron](
- Fix cookies not having a SameSite attribute ([Gargron](
- Fix poll ending notifications being created for each vote ([ClearlyClaire](
- Fix multiple boosts of a same toot erroneously appearing in TL ([ClearlyClaire](
- Fix asset builds not picking up `CDN_HOST` change ([ClearlyClaire](
- Fix desktop notifications permission prompt in web UI ([Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](
2020-12-01 05:38:05 +00:00
- Some time ago, browsers added a requirement that desktop notification prompts could only be displayed in response to a user-generated event (such as a click)
- This means that for some time, users who haven't already given the permission before were not getting a prompt and as such were not receiving desktop notifications
- Fix "Mark media as sensitive" string not supporting pluralizations in other languages in web UI ([ariasuni](
- Fix glitched image uploads when canvas read access is blocked in web UI ([ClearlyClaire](
- Fix some account gallery items having empty labels in web UI ([ClearlyClaire](
- Fix alt-key hotkeys activating while typing in a text field in web UI ([ClearlyClaire](
- Fix wrong seek bar width on media player in web UI ([mfmfuyu](
- Fix logging out on mobile in web UI ([ClearlyClaire](
- Fix wrong click area for GIFVs in media modal in web UI ([noellabo](
- Fix unreadable placeholder text color in high contrast theme in web UI ([Gargron](
- Fix scrolling issues when closing some dropdown menus in web UI ([ClearlyClaire](
- Fix notification filter bar incorrectly filtering gaps in web UI ([ClearlyClaire](
- Fix disabled boost icon being replaced by private boost icon on hover in web UI ([ClearlyClaire](
- Fix hashtag detection in compose form being different to server-side in web UI ([kedamaDQ](, [ClearlyClaire](
- Fix home last read marker mishandling gaps in web UI ([ClearlyClaire](
- Fix unnecessary re-rendering of various components when typing in web UI ([Gargron](
- Fix notifications being unnecessarily re-rendered in web UI ([ClearlyClaire](
- Fix column swiping animation logic in web UI ([ClearlyClaire](
- Fix inefficiency when fetching hashtag timeline ([noellabo](, [akihikodaki](
- Fix inefficiency when fetching bookmarks ([akihikodaki](
- Fix inefficiency when fetching favourites ([akihikodaki](
- Fix inefficiency when fetching media-only account timeline ([akihikodaki](
- Fix inefficieny when deleting accounts ([Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](
- Fix redundant query when processing batch actions on custom emojis ([niwatori24](
- Fix slow distinct queries where grouped queries are faster ([Gargron](
- Fix performance on instances list in admin UI ([Gargron](
- Fix server actor appearing in list of accounts in admin UI ([ClearlyClaire](
- Fix "bootstrap timeline accounts" toggle in site settings in admin UI ([ClearlyClaire](
- Fix PostgreSQL secret name for cronjob in Helm chart ([metal3d](
- Fix Procfile not being compatible with herokuish ([acuteaura](
- Fix installation of tini being split into multiple steps in Dockerfile ([ryncsn](
2020-12-01 05:38:05 +00:00
### Security
- Fix streaming API allowing connections to persist after access token invalidation ([Gargron](
- Fix 2FA/sign-in token sessions being valid after password change ([Gargron](
- Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ClearlyClaire](
2020-12-01 05:38:05 +00:00
2020-12-19 02:13:50 +00:00
## [3.2.2] - 2020-12-19
### Added
- Add `tootctl maintenance fix-duplicates` ([ClearlyClaire](, [Gargron](
2020-12-19 02:13:50 +00:00
- Index corruption in the database?
- This command is for you
### Removed
- Remove dependency on unused and unmaintained http_parser.rb gem ([ClearlyClaire](
2020-12-19 02:13:50 +00:00
### Fixed
- Fix Move handler not being triggered when failing to fetch target account ([ClearlyClaire](
- Fix downloading remote media files when server returns empty filename ([ClearlyClaire](
- Fix possible casing inconsistencies in hashtag search ([ClearlyClaire](
- Fix updating account counters when association is not yet created ([Gargron](
- Fix account processing failing because of large collections ([ClearlyClaire](
- Fix resolving an account through its non-canonical form (i.e. alternate domain) ([ClearlyClaire](
- Fix slow distinct queries where grouped queries are faster ([Gargron](
2020-12-19 02:13:50 +00:00
### Security
- Fix 2FA/sign-in token sessions being valid after password change ([Gargron](
- Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ClearlyClaire](
2020-12-19 02:13:50 +00:00
2020-11-27 17:29:22 +00:00
## [3.2.1] - 2020-10-19
### Added
- Add support for latest HTTP Signatures spec draft ([ClearlyClaire](
- Add support for inlined objects in ActivityPub `to`/`cc` ([ClearlyClaire](
2020-11-27 17:29:22 +00:00
### Changed
- Change actors to not be served at all without authentication in limited federation mode ([ClearlyClaire](
2020-11-27 17:29:22 +00:00
- Previously, a bare version of an actor was served when not authenticated, i.e. username and public key
- Because all actor fetch requests are signed using a separate system actor, that is no longer required
### Fixed
- Fix `tootctl media` commands not recognizing very large IDs ([ClearlyClaire](
- Fix crash when failing to load emoji picker in web UI ([ClearlyClaire](
- Fix contrast requirements in thumbnail color extraction ([ClearlyClaire](
- Fix audio/video player not using `CDN_HOST` on public pages ([ClearlyClaire](
- Fix private boost icon not being used on public pages ([OmmyZhang](
- Fix audio player on Safari in web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix dereferencing remote statuses not using the correct account for signature when receiving a targeted inbox delivery ([ClearlyClaire](
- Fix nil error in `tootctl media remove` ([noellabo](
- Fix videos with near-60 fps being rejected ([Gargron](
- Fix reported statuses not being included in warning e-mail ([Gargron](
- Fix `Reject` activities of `Follow` objects not correctly destroying a follow relationship ([ClearlyClaire](
- Fix inefficiencies in fan-out-on-write service ([Gargron](, [noellabo](
- Fix timeout errors when trying to webfinger some IPv6 configurations ([Gargron](
- Fix files served as `application/octet-stream` being rejected without attempting mime type detection ([ClearlyClaire](
2020-11-27 17:29:22 +00:00
2020-07-26 22:07:26 +00:00
## [3.2.0] - 2020-07-27
2020-07-15 19:07:27 +00:00
### Added
- Add `SMTP_SSL` environment variable ([OmmyZhang](
- Add hotkey for toggling content warning input in web UI ([ClearlyClaire](
- **Add e-mail-based sign in challenge for users with disabled 2FA** ([Gargron](
2020-07-15 19:07:27 +00:00
- If user tries signing in after:
- Being inactive for a while
- With a previously unknown IP
- Without 2FA being enabled
- Require to enter a token sent via e-mail before sigining in
- Add `limit` param to RSS feeds ([noellabo](
- Add `visibility` param to share page ([noellabo](
- Add blurhash to link previews ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Sasha-Sorokin](, [Sasha-Sorokin](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
2020-07-15 19:07:27 +00:00
- In web UI, toots cannot be marked as sensitive unless there is media attached
- However, it's possible to do via API or ActivityPub
- Thumnails of link previews of such posts now use blurhash in web UI
- The Card entity in REST API has a new `blurhash` attribute
- Add support for `summary` field for media description in ActivityPub ([ClearlyClaire](
- Add hints about incomplete remote content to web UI ([Gargron](, [noellabo](
- **Add personal notes for accounts** ([ClearlyClaire](, [Gargron](, [Sasha-Sorokin](
2020-07-15 19:07:27 +00:00
- To clarify, these are notes only you can see, to help you remember details
- Notes can be viewed and edited from profiles in web UI
- New REST API: `POST /api/v1/accounts/:id/note` with `comment` param
- The Relationship entity in REST API has a new `note` attribute
- Add Helm chart ([dunn](, [dunn](, [dunn](
- **Add customizable thumbnails for audio and video attachments** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [noellabo](, [noellabo](
2020-07-15 19:07:27 +00:00
- Metadata (album, artist, etc) is no longer stripped from audio files
- Album art is automatically extracted from audio files
- Thumbnail can be manually uploaded for both audio and video attachments
- Media upload APIs now support `thumbnail` param
- On `POST /api/v1/media` and `POST /api/v2/media`
- And on `PUT /api/v1/media/:id`
- ActivityPub representation of media attachments represents custom thumbnails with an `icon` attribute
2020-07-24 16:47:25 +00:00
- The Media Attachment entity in REST API now has a `preview_remote_url` to its `preview_url`, equivalent to `remote_url` to its `url`
- **Add color extraction for thumbnails** ([Gargron](, [ClearlyClaire](
2020-07-15 19:07:27 +00:00
- The `meta` attribute on the Media Attachment entity in REST API can now have a `colors` attribute which in turn contains three hex colors: `background`, `foreground`, and `accent`
- The background color is chosen from the most dominant color around the edges of the thumbnail
- The foreground and accent colors are chosen from the colors that are the most different from the background color using the CIEDE2000 algorithm
- The most satured color of the two is designated as the accent color
- The one with the highest W3C contrast is designated as the foreground color
- If there are not enough colors in the thumbnail, new ones are generated using a monochrome pattern
- Add a visibility indicator to toots in web UI ([noellabo](, [highemerly](
- Add `tootctl email_domain_blocks` ([tateisu](, [Gargron](
- Add "Add new domain block" to header of federation page in admin UI ([ariasuni](
- Add ability to keep emoji picker open with ctrl+click in web UI ([bclindner](, [noellabo](
- Add custom icon for private boosts in web UI ([ClearlyClaire](
- Add support for Create and Update activities that don't inline objects in ActivityPub ([ClearlyClaire](
- Add support for Undo activities that don't inline activities in ActivityPub ([ClearlyClaire](
2020-07-15 19:07:27 +00:00
### Changed
- Change `.env.production.sample` to be leaner and cleaner ([Gargron](
2020-07-15 19:07:27 +00:00
- It was overloaded as de-facto documentation and getting quite crowded
- Defer to the actual documentation while still giving a minimal example
- Change `tootctl search deploy` to work faster and display progress ([Gargron](
- Change User-Agent of link preview fetching service to include "Bot" ([Gargron](
2020-07-15 19:07:27 +00:00
- Some websites may not render OpenGraph tags into HTML if that's not the case
- Change behaviour to carry blocks over when someone migrates their followers ([ClearlyClaire](
- Change volume control and download buttons in web UI ([Gargron](
- **Change design of audio players in web UI** ([Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](
- Change reply filter to never filter own toots in web UI ([ClearlyClaire](
- Change boost button to no longer serve as visibility indicator in web UI ([noellabo](, [ClearlyClaire](
- Change contrast of flash messages ([cchoi12](
- Change wording from "Hide media" to "Hide image/images" in web UI ([ariasuni](
- Change appearence of settings pages to be more consistent ([ariasuni](
- Change "Add media" tooltip to not include long list of formats in web UI ([ariasuni](
- Change how badly contrasting emoji are rendered in web UI ([leo60228](, [ClearlyClaire](, [mfmfuyu](, [ClearlyClaire](
- Change structure of unavailable content section on about page ([ariasuni](
- Change behaviour to accept ActivityPub activities relayed through group actor ([noellabo](
- Change amount of processing retries for ActivityPub activities ([noellabo](
2020-07-15 19:07:27 +00:00
### Removed
- Remove the terms "blacklist" and "whitelist" from UX ([Gargron](, [mayaeh](
2020-07-15 19:07:27 +00:00
- Environment variables changed (old versions continue to work):
- CLI option changed:
- `tootctl domains purge --whitelist-mode` → `tootctl domains purge --limited-federation-mode`
- Remove some unnecessary database indices ([lfuelling](, [noellabo](
- Remove unnecessary Node.js version upper bound ([ykzts](
2020-07-15 19:07:27 +00:00
### Fixed
- Fix `following` param not working when exact match is found in account search ([noellabo](
- Fix sometimes occuring duplicate mention notifications ([noellabo](
- Fix RSS feeds not being cachable ([ClearlyClaire](
- Fix lack of locking around processing of Announce activities in ActivityPub ([noellabo](
- Fix boosted toots from blocked account not being retroactively removed from TL ([ClearlyClaire](
- Fix large shortened numbers (like 1.2K) using incorrect pluralization ([Sasha-Sorokin](
- Fix streaming server trying to use empty password to connect to Redis when `REDIS_PASSWORD` is given but blank ([ClearlyClaire](
- Fix being unable to unboost posts when blocked by their author ([ClearlyClaire](
- Fix account domain block not properly unfollowing accounts from domain ([Gargron](
- Fix removing a domain allow wiping known accounts in open federation mode ([ClearlyClaire](
- Fix blocks and mutes pagination in web UI ([ClearlyClaire](
- Fix new posts pushing down origin of opened dropdown in web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix timeline markers not being saved sometimes ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
- Fix CSV uploads being rejected ([noellabo](
- Fix incompatibility with ElasticSearch 7.x ([noellabo](
- Fix being able to search posts where you're in the target audience but not actively mentioned ([noellabo](
- Fix non-local posts appearing on local-only hashtag timelines in web UI ([noellabo](
- Fix `tootctl media remove-orphans` choking on unknown files in storage ([Gargron](
- Fix `tootctl upgrade storage-schema` misbehaving ([Gargron](, [angristan](
2020-07-15 19:07:27 +00:00
- Fix it marking records as upgraded even though no files were moved
- Fix it not working with S3 storage
- Fix it not working with custom emojis
- Fix GIF reader raising incorrect exceptions ([ClearlyClaire](
- Fix hashtag search performing account search as well ([ClearlyClaire](
- Fix Webfinger returning wrong status code on malformed or missing param ([ClearlyClaire](
- Fix `rake mastodon:setup` error when some environment variables are set ([ClearlyClaire](
- Fix admin page crashing when trying to block an invalid domain name in admin UI ([ClearlyClaire](
- Fix unsent toot confirmation dialog not popping up in single column mode in web UI ([ClearlyClaire](
- Fix performance of follow import ([noellabo](
2020-07-15 19:07:27 +00:00
- Reduce timeout of Webfinger requests to that of other requests
- Use circuit breakers to stop hitting unresponsive servers
- Avoid hitting servers that are already known to be generally unavailable
- Fix filters ignoring media descriptions ([BenLubar](
- Fix some actions on custom emojis leading to cryptic errors in admin UI ([ClearlyClaire](
- Fix ActivityPub serialization of replies when some of them are URIs ([ClearlyClaire](
- Fix `rake mastodon:setup` choking on environment variables containing `%` ([ClearlyClaire](
- Fix account redirect confirmation message talking about moved followers ([ClearlyClaire](
- Fix avatars having the wrong size on public detailed status pages ([ClearlyClaire](
- Fix various issues around OpenGraph representation of media ([Gargron](
2020-07-15 19:07:27 +00:00
- Pages containing audio no longer say "Attached: 1 image" in description
- Audio attachments now represented as OpenGraph `og:audio`
- The `twitter:player` page now uses Mastodon's proper audio/video player
- Audio/video buffered bars now display correctly in audio/video player
- Volume and progress bars now respond to movement/move smoother
- Fix audio/video/images/cards not reacting to window resizes in web UI ([Gargron](
- Fix very wide media attachments resulting in too thin a thumbnail in web UI ([ClearlyClaire](
- Fix crash when merging posts into home feed after following someone ([ClearlyClaire](
- Fix unique username constraint for local users not being enforced in database ([ClearlyClaire](
- Fix unnecessary gap under video modal in web UI ([mfmfuyu](
- Fix 2FA and sign in token pages not respecting user locale ([mfmfuyu](
- Fix unapproved users being able to view profiles when in limited-federation mode *and* requiring approval for sign-ups ([ClearlyClaire](
- Fix initial audio volume not corresponding to what's displayed in audio player in web UI ([ClearlyClaire](
- Fix timelines sometimes jumping when closing modals in web UI ([ClearlyClaire](
- Fix memory usage of downloading remote files ([Gargron](, [Gargron](, [noellabo](
2020-07-15 19:07:27 +00:00
- Don't read entire file (up to 40 MB) into memory
- Read and write it to temp file in small chunks
- Fix inconsistent account header padding in web UI ([trwnh](
- Fix Thai being skipped from language detection ([Sasha-Sorokin](
2020-07-15 19:07:27 +00:00
- Since Thai has its own alphabet, it can be detected more reliably
- Fix broken hashtag column options styling in web UI ([ClearlyClaire](
- Fix pointer cursor being shown on toots that are not clickable in web UI ([arielrodrigues](
- Fix lock icon not being shown when locking account in profile settings ([ClearlyClaire](
- Fix domain blocks doing work the wrong way around ([ClearlyClaire](
2020-07-15 19:07:27 +00:00
- Instead of suspending accounts one by one, mark all as suspended first (quick)
- Only then proceed to start removing their data (slow)
- Clear out media attachments in a separate worker (slow)
2020-12-27 05:00:55 +00:00
## [3.1.5] - 2020-07-07
2020-07-10 19:07:30 +00:00
### Security
- Fix media attachment enumeration ([ClearlyClaire](
- Change rate limits for various paths ([Gargron](
- Fix other sessions not being logged out on password change ([Gargron](
2020-07-10 19:07:30 +00:00
2020-12-27 05:00:55 +00:00
## [3.1.4] - 2020-05-14
2020-05-14 05:46:11 +00:00
### Added
- Add `vi` to available locales ([taicv](
- Add ability to remove identity proofs from account ([Gargron](
- Add ability to exclude local content from federated timeline ([noellabo](, [noellabo](
2020-05-14 05:46:11 +00:00
- Add `remote` param to `GET /api/v1/timelines/public` REST API
- Add `public/remote` / `public:remote` variants to streaming API
- "Remote only" option in federated timeline column settings in web UI
- Add ability to exclude remote content from hashtag timelines in web UI ([noellabo](
2020-05-14 05:46:11 +00:00
- No changes to REST API
- "Local only" option in hashtag column settings in web UI
- Add Capistrano tasks that reload the services after deploying ([berkes](
- Add `invites_enabled` attribute to `GET /api/v1/instance` in REST API ([ClearlyClaire](
- Add `tootctl emoji export` command ([lfuelling](
- Add separate cache directory for non-local uploads ([Gargron](, [Hanage999](, [mayaeh](
2020-05-14 05:46:11 +00:00
- Add `tootctl upgrade storage-schema` command to move old non-local uploads to the cache directory
- Add buttons to delete header and avatar from profile settings ([sternenseemann](
- Add emoji graphics and shortcodes from Twemoji 12.1.5 ([DeeUnderscore](
2020-05-14 05:46:11 +00:00
### Changed
- Change error message when trying to migrate to an account that does not have current account set as an alias to be more clear ([TheEvilSkeleton](
- Change delivery failure tracking to work with hostnames instead of URLs ([Gargron](, [noellabo](, [noellabo](, [noellabo](
- Change Content-Security-Policy to not need unsafe-inline style-src ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
- Change how RSS items are titled and formatted ([ClearlyClaire](, [ykzts](
2020-05-14 05:46:11 +00:00
### Fixed
- Fix dropdown of muted and followed accounts offering option to hide boosts in web UI ([ClearlyClaire](
- Fix "You are already signed in" alert being shown at wrong times ([ClearlyClaire](
- Fix retrying of failed-to-download media files not actually working ([noellabo](
- Fix first poll option not being focused when adding a poll in web UI ([ClearlyClaire](
- Fix `sr` locale being selected over `sr-Latn` ([ClearlyClaire](
- Fix error within error when limiting backtrace to 3 lines ([Gargron](
- Fix `tootctl media remove-orphans` crashing on "Import" files ([ClearlyClaire](
- Fix regression in `tootctl media remove-orphans` ([Gargron](
- Fix old unique jobs digests not having been cleaned up ([Gargron](
- Fix own following/followers not showing muted users ([ClearlyClaire](
- Fix list of followed people ignoring sorting on Follows & Followers page ([taras2358](
- Fix wrong pgHero Content-Security-Policy when `CDN_HOST` is set ([ClearlyClaire](
- Fix needlessly deduplicating usernames on collisions with remote accounts when signing-up through SAML/CAS ([kaiyou](
- Fix page incorrectly scrolling when bringing up dropdown menus in web UI ([ClearlyClaire](
- Fix messed up z-index when NoScript blocks media/previews in web UI ([ClearlyClaire](
- Fix "See what's happening" page showing public instead of local timeline for logged-in users ([ClearlyClaire](
- Fix not being able to resolve public resources in development environment ([Gargron](
- Fix uninformative error message when uploading unsupported image files ([ClearlyClaire](
- Fix expanded video player issues in web UI ([ClearlyClaire](, [eai04191](
- Fix and refactor keyboard navigation in dropdown menus in web UI ([ClearlyClaire](
- Fix uploaded image orientation being messed up in some browsers in web UI ([ClearlyClaire](
- Fix actions log crash when displaying updates of deleted announcements in admin UI ([ClearlyClaire](
- Fix search not working due to proxy settings when using hidden services ([Gargron](
- Fix poll refresh button not being debounced in web UI ([rasjonell](, [ClearlyClaire](
- Fix confusing error when failing to add an alias to an unknown account ([ClearlyClaire](
- Fix "Email changed" notification sometimes having wrong e-mail ([ClearlyClaire](
- Fix varioues issues on the account aliases page ([ClearlyClaire](
- Fix API footer link in web UI ([bubblineyuri](
- Fix pagination of following, followers, follow requests, blocks and mutes lists in web UI ([ClearlyClaire](
- Fix styling of polls in JS-less fallback on public pages ([ClearlyClaire](
- Fix trying to delete already deleted file when post-processing ([Gargron](
2020-05-14 05:46:11 +00:00
### Security
- Fix Doorkeeper vulnerability that exposed app secret to users who authorized the app and reset secret of the web UI that could have been exposed ([dependabot-preview[bot]](, [Gargron](
2020-05-14 05:46:11 +00:00
- For apps that self-register on behalf of every individual user (such as most mobile apps), this is a non-issue
- The issue only affects developers of apps who are shared between multiple users, such as server-side apps like cross-posters
2020-12-27 05:00:55 +00:00
## [3.1.3] - 2020-04-05
2020-04-05 04:23:46 +00:00
### Added
- Add ability to filter audit log in admin UI ([Gargron](
- Add titles to warning presets in admin UI ([Gargron](
- Add option to include resolved DNS records when blacklisting e-mail domains in admin UI ([Gargron](
- Add ability to delete files uploaded for settings in admin UI ([ClearlyClaire](
- Add sorting by username, creation and last activity in admin UI ([ClearlyClaire](
- Add explanation as to why unlocked accounts may have follow requests in web UI ([ClearlyClaire](
- Add link to bookmarks to dropdown in web UI ([mayaeh](
- Add support for links to statuses in announcements to be opened in web UI ([ClearlyClaire](, [ClearlyClaire](
- Add tooltips to audio/video player buttons in web UI ([ariasuni](
- Add submit button to the top of preferences pages ([guigeekz](
- Add specific rate limits for posting, following and reporting ([Gargron](, [Gargron](
2020-04-05 13:18:41 +00:00
- 300 posts every 3 hours
- 400 follows or follow requests every 24 hours
- 400 reports every 24 hours
- Add federation support for the "hide network" preference ([ClearlyClaire](
- Add `--skip-media-remove` option to `tootctl statuses remove` ([tateisu](
2020-04-05 04:23:46 +00:00
### Changed
- **Change design of polls in web UI** ([Sasha-Sorokin](, [ClearlyClaire](
- Change status click areas in web UI to be bigger ([ariasuni](
- **Change `tootctl media remove-orphans` to work for all classes** ([Gargron](
- **Change local media attachments to perform heavy processing asynchronously** ([Gargron](
- Change video uploads to always be converted to H264/MP4 ([Gargron](, [ClearlyClaire](, [ClearlyClaire](
- Change video uploads to enforce certain limits ([Gargron](
2020-04-05 13:18:41 +00:00
- Dimensions smaller than 1920x1200px
- Frame rate at most 60fps
- Change the tooltip "Toggle visibility" to "Hide media" in web UI ([ariasuni](
- Change description of privacy levels to be more intuitive in web UI ([ariasuni](
- Change GIF label to be displayed even when autoplay is enabled in web UI ([koyuawsmbrtn](
- Change the string "Hide everything from …" to "Block domain …" in web UI ([ClearlyClaire](, [mayaeh](
- Change wording of media display preferences to be more intuitive ([ariasuni](
2020-04-05 04:23:46 +00:00
2020-04-05 13:18:41 +00:00
### Deprecated
- `POST /api/v1/media` → `POST /api/v2/media` ([Gargron](
2020-04-05 13:18:41 +00:00
2020-04-05 04:23:46 +00:00
### Fixed
- Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` ([Gargron](
- Fix returning results when searching for URL with non-zero offset ([Gargron](
- Fix pinning a column in web UI sometimes redirecting out of web UI ([Gargron](
- Fix background jobs not using locks like they are supposed to ([Gargron](
- Fix content warning being unnecessarily cleared when hiding content warning input in web UI ([ClearlyClaire](
- Fix "Show more" not switching to "Show less" on public pages ([ClearlyClaire](
- Fix import overwrite option not being selectable ([noellabo](
- Fix wrong color for ellipsis in boost confirmation dialog in web UI ([ariasuni](
- Fix unnecessary unfollowing when importing follows with overwrite option ([noellabo](
- Fix 404 and 410 API errors being silently discarded in web UI ([ClearlyClaire](
- Fix OCR not working on Safari because of unsupported worker-src CSP ([ClearlyClaire](
- Fix media not being marked sensitive when a content warning is set with no text ([ClearlyClaire](
- Fix crash after deleting announcements in web UI ([codesections](, [ClearlyClaire](
- Fix bookmarks not being searchable ([Kjwon15](, [noellabo](
- Fix reported accounts not being whitelisted from further spam checks when resolving a spam check report ([ClearlyClaire](
- Fix web UI crash in single-column mode on prehistoric browsers ([ClearlyClaire](
- Fix some timeouts when searching for URLs ([ClearlyClaire](
- Fix detailed view of direct messages displaying a 0 boost count in web UI ([ClearlyClaire](
- Fix regression in “Edit media” modal in web UI ([ClearlyClaire](
- Fix public posts from silenced accounts not being changed to unlisted visibility ([ClearlyClaire](
- Fix error when searching for URLs that contain the mention syntax ([ClearlyClaire](
- Fix text area above/right of emoji picker being accidentally clickable in web UI ([ariasuni](
- Fix too large announcements not being scrollable in web UI ([ClearlyClaire](
- Fix `tootctl media remove-orphans` crashing when encountering invalid media ([ClearlyClaire](
- Fix installation failing when Redis password contains special characters ([ClearlyClaire](
- Fix announcements with fully-qualified mentions to local users crashing web UI ([ClearlyClaire](
2020-04-05 04:23:46 +00:00
### Security
- Fix re-sending of e-mail confirmation not being rate limited ([Gargron](
2020-04-05 04:23:46 +00:00
2020-02-27 11:34:07 +00:00
## [v3.1.2] - 2020-02-27
### Added
- Add `--reset-password` option to `tootctl accounts modify` ([ClearlyClaire](
- Add source-mapped stacktrace to error message in web UI ([ClearlyClaire](
2020-02-27 11:34:07 +00:00
### Fixed
- Fix dismissing an announcement twice raising an obscure error ([ClearlyClaire](
- Fix misleading error when attempting to re-send a pending follow request ([ClearlyClaire](
- Fix backups failing when files are missing from media attachments ([ClearlyClaire](
- Fix duplicate accounts being created when fetching an account for its key only ([ClearlyClaire](
- Fix `/web` redirecting to `/web/web` in web UI ([ClearlyClaire](
- Fix previously OStatus-based accounts not being detected as ActivityPub ([ClearlyClaire](
- Fix account JSON/RSS not being cacheable due to wrong mime type comparison ([ClearlyClaire](
- Fix old browsers crashing because of missing `finally` polyfill in web UI ([ClearlyClaire](
- Fix account's bio not being shown if there are no proofs/fields in admin UI ([ClearlyClaire](
- Fix sign-ups without checked user agreement being accepted through the web form ([ClearlyClaire](
- Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture ([SaraSmiseth](
- Fix invite request input not being shown on sign-up error if left empty ([ClearlyClaire](
- Fix some migration hints mentioning GitLab instead of Mastodon ([saper](
2020-02-27 11:34:07 +00:00
### Security
- Fix leak of arbitrary statuses through unfavourite action in REST API ([Gargron](
2020-02-27 11:34:07 +00:00
2020-02-10 01:55:40 +00:00
## [3.1.1] - 2020-02-10
### Fixed
- Fix yanked dependency preventing installation ([mayaeh](
2020-02-10 01:55:40 +00:00
2020-02-08 23:02:08 +00:00
## [3.1.0] - 2020-02-09
2020-01-28 16:19:42 +00:00
### Added
- Add bookmarks ([ClearlyClaire](, [Gargron](, [Gomasy](
- Add announcements ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](
- Add number animations in web UI ([Gargron](, [Gargron](
- Add `kab`, `is`, `kn`, `mr`, `ur` to available locales ([Gargron](, [BoFFire](, [Gargron](
- Add profile filter category ([ClearlyClaire](
- Add ability to add oneself to lists ([ClearlyClaire](
- Add hint how to contribute translations to preferences page ([Sasha-Sorokin](
- Add signatures to statuses in archive takeout ([noellabo](
- Add support for `magnet:` and `xmpp` links ([ClearlyClaire](, [ClearlyClaire](
- Add `follow_request` notification type ([ClearlyClaire](
- Add ability to filter reports by account domain in admin UI ([ClearlyClaire](
- Add link to search for users connected from the same IP address to admin UI ([ClearlyClaire](
- Add link to reports targeting a specific domain in admin view ([ClearlyClaire](
- Add support for EventSource streaming in web UI ([BenLubar](
- Add hotkey for opening media attachments in web UI ([ClearlyClaire](, [Kjwon15](
- Add relationship-based options to status dropdowns in web UI ([Gargron](, [ClearlyClaire](, [Gargron](
- Add support for submitting media description with `ctrl`+`enter` in web UI ([ClearlyClaire](
- Add download button to audio and video players in web UI ([NimaBoscarino](
- Add setting for whether to crop images in timelines in web UI ([duxovni](
- Add support for `Event` activities ([tcitworld](
- Add basic support for `Group` actors ([noellabo](
- Add `S3_OVERRIDE_PATH_STYLE` environment variable ([Gargron](
- Add `S3_OPEN_TIMEOUT` environment variable ([tateisu](
- Add `LDAP_MAIL` environment variable ([madmath03](
- Add `LDAP_UID_CONVERSION_ENABLED` environment variable ([madmath03](
- Add `--remote-only` option to `tootctl emoji purge` ([ClearlyClaire](
- Add `tootctl media remove-orphans` ([Gargron](, [Gargron](
- Add `tootctl media lookup` command ([irlcatgirl](
- Add cache for OEmbed endpoints to avoid extra HTTP requests ([Gargron](
- Add support for KaiOS arrow navigation to public pages ([nolanlawson](
- Add `discoverable` to accounts in REST API ([trwnh](
- Add admin setting to disable default follows ([ArisuOngaku](
- Add support for LDAP and PAM in the OAuth password grant strategy ([ntl-purism](, [Gargron](
- Allow support for `Accept`/`Reject` activities with a non-embedded object ([puckipedia](
- Add "Show thread" button to public profiles ([Sasha-Sorokin](
2020-01-28 16:19:42 +00:00
### Changed
- Change `last_status_at` to be a date, not datetime in REST API ([ClearlyClaire](
- Change followers page to relationships page in admin UI ([Gargron](, [Gargron](
- Change reported media attachments to always be hidden in admin UI ([Gargron](, [ClearlyClaire](
- Change string from "Disable" to "Disable login" in admin UI ([nileshkumar](
- Change report page structure in admin UI ([Sasha-Sorokin](
- Change swipe sensitivity to be lower on small screens in web UI ([umonaca](
- Change audio/video playback to stop playback when out of view in web UI ([Gargron](
- Change media description label based on upload type in web UI ([ClearlyClaire](
- Change large numbers to render without decimal units in web UI ([noellabo](