2825 lines
306 KiB
Raw Normal View History

# Changelog
All notable changes to this project will be documented in this file.
2023-04-07 07:01:57 +00:00
## [4.1.2] - 2023-04-04
### Fixed
- Fix crash in `tootctl` commands making use of parallelization when Elasticsearch is enabled ([ClearlyClaire](, [ClearlyClaire](
- Fix crash in `db:setup` when Elasticsearch is enabled ([rrgeorge](
- Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ([ClearlyClaire](
- Fix invalid/expired invites being processed on sign-up ([ClearlyClaire](
### Security
- Update Ruby to 3.0.6 due to ReDoS vulnerabilities ([saizai](
- Fix unescaped user input in LDAP query ([ClearlyClaire](
2023-03-21 14:04:21 +00:00
## [4.1.1] - 2023-03-16
### Added
- Add redirection from paths with url-encoded `@` to their decoded form ([thijskh](
- Add `lang` attribute to native language names in language picker in Web UI ([ClearlyClaire](
- Add headers to outgoing mails to avoid auto-replies ([ClearlyClaire](
- Add support for refreshing many accounts at once with `tootctl accounts refresh` ([9p4](
- Add confirmation modal when clicking to edit a post with a non-empty compose form ([PauloVilarinho](
- Add support for the HAproxy PROXY protocol through the `PROXY_PROTO_V1` environment variable ([CSDUMMI](
- Add `SENDFILE_HEADER` environment variable ([Gargron](
- Add cache headers to static files served through Rails ([Gargron](
### Changed
- Increase contrast of upload progress bar background ([toolmantim](
- Change post auto-deletion throttling constants to better scale with server size ([ClearlyClaire](
- Change order of bookmark and favourite sidebar entries in single-column UI for consistency ([TerryGarcia](
- Change `ActivityPub::DeliveryWorker` retries to be spread out more ([ClearlyClaire](
### Fixed
- Fix “Remove all followers from the selected domains” also removing follows and notifications ([ClearlyClaire](
- Fix streaming metrics format ([emilweth](, [emilweth](
- Fix case-sensitive check for previously used hashtags in hashtag autocompletion ([deanveloper](
- Fix focus point of already-attached media not saving after edit ([ClearlyClaire](
- Fix sidebar behavior in settings/admin UI on mobile ([wxt2005](
- Fix inefficiency when searching accounts per username in admin interface ([ClearlyClaire](
- Fix duplicate “Publish” button on mobile ([ClearlyClaire](
- Fix server error when failing to follow back followers from `/relationships` ([ClearlyClaire](
- Fix server error when attempting to display the edit history of a trendable post in the admin interface ([ClearlyClaire](
- Fix `tootctl accounts migrate` crashing because of a typo ([ClearlyClaire](
- Fix original account being unfollowed on migration before the follow request to the new account could be sent ([ClearlyClaire](
- Fix the “Back” button in column headers sometimes leaving Mastodon ([c960657](
- Fix pgBouncer resetting application name on every transaction ([Gargron](
- Fix unconfirmed accounts being counted as active users ([ClearlyClaire](
- Fix `/api/v1/streaming` sub-paths not being redirected ([ClearlyClaire](
- Fix drag'n'drop upload area text that spans multiple lines not being centered ([vintprox](
- Fix sidekiq jobs not triggering Elasticsearch index updates ([ClearlyClaire](
- Fix tags being unnecessarily stripped from plain-text short site description ([c960657](
- Fix HTML entities not being un-escaped in extracted plain-text from remote posts ([c960657](
- Fix dashboard crash on ElasticSearch server error ([ClearlyClaire](
- Fix incorrect post links in strikes when the account is remote ([ClearlyClaire](
- Fix misleading error code when receiving invalid WebAuthn credentials ([ClearlyClaire](
- Fix duplicate mails being sent when the SMTP server is too slow to close the connection ([ClearlyClaire](
### Security
- Change user backups to use expiring URLs for download when possible ([Gargron](
- Add warning for object storage misconfiguration ([ClearlyClaire](
## [4.1.0] - 2023-02-10
2023-01-20 13:19:12 +00:00
### Added
- **Add support for importing/exporting server-wide domain blocks** ([enbylenore](, [ClearlyClaire](, [dariusk](, [ClearlyClaire](
- **Add listing of followed hashtags** ([connorshea](
- **Add support for editing media description and focus point of already-sent posts** ([ClearlyClaire](
- Previously, you could add and remove attachments, but not edit media description of already-attached media
- REST API changes:
- `PUT /api/v1/statuses/:id` now takes an extra `media_attributes[]` array parameter with the `id` of the updated media and their updated `description`, `focus`, and `thumbnail`
- **Add follow request banner on account header** ([ClearlyClaire](
- REST API changes:
- `Relationship` entities have an extra `requested_by` boolean attribute representing whether the represented user has requested to follow you
- **Add confirmation screen when handling reports** ([ClearlyClaire](, [Gargron](, [tribela](
2023-01-20 13:19:12 +00:00
- Add option to make the landing page be `/about` even when trends are enabled ([ClearlyClaire](
- Add `noindex` setting back to the admin interface ([prplecake](
- Add instance peers API endpoint toggle back to the admin interface ([dariusk](
- Add instance activity API endpoint toggle back to the admin interface ([dariusk](
- Add setting for status page URL ([Gargron](, [ClearlyClaire](
- REST API changes:
- Add `configuration.urls.status` attribute to the object returned by `GET /api/v1/instance`
2023-01-20 13:19:12 +00:00
- Add `account.approved` webhook ([Saiv46](
- Add 12 hours option to polls ([Pleclown](
- Add dropdown menu item to open admin interface for remote domains ([ClearlyClaire](
- Add `--remove-headers`, `--prune-profiles` and `--include-follows` flags to `tootctl media remove` ([evanphilip](
- Add `--email` and `--dry-run` options to `tootctl accounts delete` ([ClearlyClaire](
- Add `tootctl accounts migrate` ([ClearlyClaire](
- Add `tootctl accounts prune` ([tribela](
- Add `tootctl domains purge` ([ClearlyClaire](
- Add `SIDEKIQ_CONCURRENCY` environment variable ([muffinista](
- Add `DB_POOL` environment variable support for streaming server ([Gargron](
2023-01-20 13:19:12 +00:00
- Add `MIN_THREADS` environment variable to set minimum Puma threads ([jimeh](
- Add explanation text to log-in page ([ClearlyClaire](
- Add user profile OpenGraph tag on post pages ([bramus](
- Add maskable icon support for Android ([workeffortwaste](
- Add Belarusian to supported languages ([Mixaill](
- Add Western Frisian to supported languages ([ykzts](
- Add Montenegrin to the language picker ([ayefries](
- Add Southern Sami and Lule Sami to the language picker ([Jullan-M](
- Add logging for Rails cache timeouts ([ClearlyClaire](
- Add color highlight for active hashtag “follow” button ([MFTabriz](
- Add brotli compression to `assets:precompile` ([Izorkin](
- Add “disabled” account filter to the `/admin/accounts` UI ([tribela](
- Add transparency to modal background for accessibility ([edent](
2023-02-03 15:39:38 +00:00
- Add `lang` attribute to image description textarea and poll option field ([c960657](
- Add `spellcheck` attribute to Content Warning and poll option input fields ([c960657](
2023-01-20 13:19:12 +00:00
- Add `title` attribute to video elements in media attachments ([bramus](
- Add left and right margins to emojis ([dsblank](
- Add `roles` attribute to `Account` entities in REST API ([ClearlyClaire](, [tribela](
2023-01-20 13:19:12 +00:00
- Add `reading:autoplay:gifs` to `/api/v1/preferences` ([j-f1](
- Add `hide_collections` parameter to `/api/v1/accounts/credentials` ([CarlSchwan](
- Add `policy` attribute to web push subscription objects in REST API at `/api/v1/push/subscriptions` ([ClearlyClaire](
- Add metrics endpoint to streaming API ([Gargron](, [Gargron](
2023-01-20 13:19:12 +00:00
- Add more specific error messages to HTTP signature verification ([ClearlyClaire](
- Add Storj DCS to cloud object storage options in the `mastodon:setup` rake task ([jtolio](
- Add checkmark symbol in the checkbox for sensitive media ([sidp](
- Add missing accessibility attributes to logout link in modals ([kytta](
- Add missing accessibility attributes to “Hide image” button in `MediaGallery` ([hs4man21](
- Add missing accessibility attributes to hide content warning field when disabled ([hs4man21](
- Add `aria-hidden` to footer circle dividers to improve accessibility ([hs4man21](
2023-01-25 15:20:54 +00:00
- Add `lang` attribute to compose form inputs ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
### Changed
- **Ensure exact match is the first result in hashtag searches** ([ClearlyClaire](
- Change account search to return followed accounts first ([dariusk](
- Change batch account suspension to create a strike ([ClearlyClaire](
- Change default reply language to match the default language when replying to a translated post ([ClearlyClaire](
- Change misleading wording about waitlists ([ClearlyClaire](
- Increase width of the unread notification border ([connorshea](
- Change new post notification button on profiles to make it more apparent when it is enabled ([tribela](
- Change trending tags admin interface to always show batch action controls ([ClearlyClaire](
- Change wording of some OAuth scope descriptions ([ClearlyClaire](
- Change wording of admin report handling actions ([ClearlyClaire](
- Change confirm prompts for relationships management ([tribela](
- Change language surrounding disability in prompts for media descriptions ([hs4man21](
- Change confusing wording in the sign in banner ([ClearlyClaire](
2023-02-03 15:39:38 +00:00
- Change `POST /settings/applications/:id` to regenerate token on scopes change ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Change account moderation notes to make links clickable ([ClearlyClaire](
2023-02-03 15:39:38 +00:00
- Change link previews for statuses to never use avatar as fallback ([Gargron](
2023-01-25 15:20:54 +00:00
- Change email address input to be read-only for logged-in users when requesting a new confirmation e-mail ([ClearlyClaire](
2023-02-03 15:39:38 +00:00
- Change notifications per page from 15 to 40 in REST API ([Gargron](
- Change number of stored items in home feed from 400 to 800 ([Gargron](
- Change API rate limits from 300/5min per user to 1500/5min per user, 300/5min per app ([Gargron](
2023-01-20 13:19:12 +00:00
- Save avatar or header correctly even if the other one fails ([tribela](
- Change `referrer-policy` to `same-origin` application-wide ([ClearlyClaire](, [ClearlyClaire](
- Add 'private' to `Cache-Control`, match Rails expectations ([daxtens](
- Make the button that expands the compose form differentiable from the button that publishes a post ([Tak](
- Change automatic post deletion configuration to be accessible to moved users ([ClearlyClaire](
- Make tag following idempotent ([trwnh](, [ClearlyClaire](
- Use buildx functions for faster builds ([inductor](
- Split off Dockerfile components for faster builds ([moritzheiber](, [ineffyble](, [BtbN](
- Change last occurrence of “silence” to “limit” in UI text ([cincodenada](
- Change “hide toot” to “hide post” ([seanthegeek](
- Don't allow URLs that contain non-normalized paths to be verified ([dgl](
- Change the “Trending now” header to be a link to the Explore page ([connorshea](
- Change PostgreSQL connection timeout from 2 minutes to 15 seconds ([ClearlyClaire](
- Make handle more easily selectable on profile page ([cadars](
- Allow admins to refresh remotely-suspended accounts ([ClearlyClaire](
- Change dropdown menu to contain “Copy link to post” even for non-public posts ([ClearlyClaire](
- Allow adding relays in secure mode and limited federation mode ([ineffyble](
- Change timestamps to be displayed using the user's timezone throughout the moderation interface ([FrancisMurillo](, [ClearlyClaire](
- Change CSP directives on API to be tight and concise ([ClearlyClaire](
2023-02-03 15:39:38 +00:00
- Change web UI to not autofocus the compose form ([raboof](, [Akkiesoft](
2023-01-20 13:19:12 +00:00
- Change idempotency key handling for posting when database access is slow ([lambda](
- Change remote media files to be downloaded outside of transactions ([ClearlyClaire](
- Improve contrast of charts in “poll has ended” notifications ([j-f1](
- Change OEmbed detection and validation to be somewhat more lenient ([ineffyble](
- Widen ElasticSearch version detection to not display a warning for OpenSearch ([VyrCossont](, [ClearlyClaire](
- Change link verification to allow pages larger than 1MB as long as the link is in the first 1MB ([untitaker](
- Update default Node.js version to Node.js 16 ([ineffyble](, [ClearlyClaire](
### Removed
- Officially remove support for Ruby 2.6 ([ClearlyClaire](
- Remove `object-fit` polyfill used for old versions of Microsoft Edge ([shuuji3](
2023-02-03 15:39:38 +00:00
- Remove `intersection-observer` polyfill for old Safari support ([shuuji3](
2023-01-20 13:19:12 +00:00
- Remove empty `title` tag from mailer layout ([nametoolong](
- Remove post count and last posts from ActivityPub representation of hashtag collections ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
### Fixed
- **Fix changing domain block severity not undoing individual account effects** ([ClearlyClaire](
- Fix suspension worker crashing on S3-compatible setups without ACL support ([ClearlyClaire](
- Fix possible race conditions when suspending/unsuspending accounts ([ClearlyClaire](
- Fix being stuck in edit mode when deleting the edited posts ([ClearlyClaire](
2023-02-10 21:48:49 +00:00
- Fix attached media uploads not being cleared when replying to a post ([ClearlyClaire](
2023-01-25 15:20:54 +00:00
- Fix filters not being applied to some notification types ([ClearlyClaire](
2023-02-03 15:39:38 +00:00
- Fix incorrect link in push notifications for some event types ([elizabeth-dev](
2023-01-20 13:19:12 +00:00
- Fix some performance issues with `/admin/instances` ([ClearlyClaire](
- Fix some pre-4.0 admin audit logs ([ClearlyClaire](
2023-01-25 15:20:54 +00:00
- Fix moderation audit log items for warnings having incorrect links ([ClearlyClaire](
- Fix account activation being sometimes triggered before email confirmation ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix missing OAuth scopes for admin APIs ([trwnh](, [trwnh](
- Fix voter count not being cleared when a poll is reset ([afontenot](
- Fix attachments of edited posts not being fetched ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix irreversible and whole_word parameters handling in `/api/v1/filters` ([ClearlyClaire](
- Fix 500 error when marking posts as sensitive while some of them are deleted ([ClearlyClaire](
- Fix expanded posts not always being scrolled into view ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix not being able to scroll the remote interaction modal on small screens ([xendke](
- Fix not being able to scroll in post history modal ([cadars](
2023-01-25 15:20:54 +00:00
- Fix audio player volume control on Safari ([minacle](
2023-01-20 13:19:12 +00:00
- Fix disappearing “Explore” tabs on Safari ([nyura](, [ykzts](
- Fix wrong padding in RTL layout ([Gargron](
2023-01-25 15:20:54 +00:00
- Fix drag & drop upload area display in single-column mode ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix being unable to get a single EmailDomainBlock from the admin API ([trwnh](
- Fix admin-set follow recommandations being case-sensitive ([ClearlyClaire](
2023-02-03 15:39:38 +00:00
- Fix unserialized `role` on account entities in admin API ([Gargron](
2023-01-20 13:19:12 +00:00
- Fix pagination of followed tags ([trwnh](
- Fix dropdown menu positions when scrolling ([sidp](, [ClearlyClaire](
2023-01-25 15:20:54 +00:00
- Fix email with empty domain name labels passing validation ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix mysterious registration failure when “Require a reason to join” is set with open registrations ([ClearlyClaire](
- Fix attachment rendering of edited posts in OpenGraph ([ClearlyClaire](
- Fix invalid/empty RSS feed link on account pages ([ClearlyClaire](
- Fix error in `VerifyLinkService` when processing links with no href ([joshuap](
2023-01-25 15:20:54 +00:00
- Fix error in `VerifyLinkService` when processing links with invalid URLs ([untitaker](
2023-01-20 13:19:12 +00:00
- Fix media uploads with FFmpeg 5 ([dead10ck](
- Fix sensitive flag not being set when replying to a post with a content warning under certain conditions ([kedamaDQ](
- Fix misleading message briefly showing up when loading follow requests under some conditions ([c960657](
- Fix “Share @:user's profile” profile menu item not working ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix crash and incorrect behavior in `tootctl domains crawl` ([ClearlyClaire](
- Fix autoplay on iOS ([jamesadney](
- Fix user clean-up scheduler crash when an unconfirmed account has a moderation note ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix spaces not being stripped in admin account search ([ClearlyClaire](
- Fix spaces not being stripped when adding relays ([ClearlyClaire](
- Fix infinite loading spinner instead of soft 404 for non-existing remote accounts ([ClearlyClaire](
- Fix minor visual issue with the top border of verified account fields ([j-f1](
- Fix pending account approval and rejection not being recorded in the admin audit log ([FrancisMurillo](
- Fix “Sign up” button with closed registrations not opening modal on mobile ([ClearlyClaire](
- Fix UI header overflowing on mobile ([ClearlyClaire](
- Fix 500 error when trying to migrate to an invalid address ([ClearlyClaire](
- Fix crash when trying to fetch unobtainable avatar of user using external authentication ([lochiiconnectivity](
- Fix processing error on incoming malformed JSON-LD under some situations ([ClearlyClaire](
- Fix potential duplicate posts in Explore tab ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix deprecation warning in `tootctl accounts rotate` ([ClearlyClaire](
2023-02-03 15:39:38 +00:00
- Fix styling of featured tags in light theme ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix missing style in warning and strike cards ([AtelierSnek](, [ClearlyClaire](
- Fix wasteful request to `/api/v1/custom_emojis` when not logged in ([ClearlyClaire](
- Fix replies sometimes being delivered to user-blocked domains ([tribela](
- Fix admin dashboard crash when using some ElasticSearch replacements ([cortices](
- Fix profile avatar being slightly offset into left border ([RiedleroD](
- Fix N+1 queries in `NotificationsController` ([nametoolong](
- Fix being unable to react to announcements with the keycap number sign emoji ([kescherCode](
- Fix height computation of post embeds ([hodgesmr](
- Fix accessibility issue of the search bar due to hidden placeholder ([alexstine](
- Fix layout change handler not being removed due to a typo ([nschonni](
- Fix typo in the default `S3_HOSTNAME` used in the `mastodon:setup` rake task ([danp](
- Fix the top action bar appearing in the multi-column layout ([ClearlyClaire](
- Fix inability to use local LibreTranslate without setting `ALLOWED_PRIVATE_ADDRESSES` ([ClearlyClaire](
- Fix punycoded local domains not being prettified in initial state ([Tritlo](
- Fix CSP violation warning by removing inline CSS from SVG logo ([luxiaba](
- Fix margin for search field on medium window size ([minacle](
- Fix search popout scrolling with the page in single-column mode ([rgroothuijsen](
- Fix minor post cache hydration discrepancy ([ClearlyClaire](
2023-01-20 13:19:12 +00:00
- Fix `・` detection in hashtags ([parthoghosh24](
- Fix hashtag follows bypassing user blocks ([tribela](
- Fix moved accounts being incorrectly redirected to account settings when trying to view a remote profile ([ClearlyClaire](
- Fix site upload validations ([ClearlyClaire](
- Fix “Add new domain block” button using last submitted search value instead of the current one ([ClearlyClaire](
- Fix misleading hashtag warning when posting with “Followers only” or “Mentioned people only” visibility ([n0toose](
- Fix embedded posts with videos grabbing focus ([Akkiesoft](
- Fix `$` not being escaped in `.env.production` files generated by the `mastodon:setup` rake task ([ClearlyClaire](, [ClearlyClaire](
- Fix sanitizer parsing link text as HTML when stripping unsupported links ([ClearlyClaire](
- Fix `scheduled_at` input not using `datetime-local` when editing announcements ([ClearlyClaire](
- Fix REST API serializer for `Account` not including `moved` when the moved account has itself moved ([ClearlyClaire](
- Fix `/api/v1/admin/trends/tags` using wrong serializer ([ClearlyClaire](
- Fix situations in which instance actor can be set to a Mastodon-incompatible name ([ClearlyClaire](
### Security
- Add `form-action` CSP directive ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
- Fix unbounded recursion in account discovery ([ClearlyClaire](
- Revoke all authorized applications on password reset ([FrancisMurillo](
- Fix unbounded recursion in post discovery ([ClearlyClaire,nametoolong](
2023-01-20 13:19:12 +00:00
2022-11-15 02:57:18 +00:00
## [4.0.2] - 2022-11-15
2022-11-15 02:57:18 +00:00
### Fixed
- Fix wrong color on mentions hidden behind content warning in web UI ([Gargron](
- Fix filters from other users being used in the streaming service ([ClearlyClaire](
- Fix `unsafe-eval` being used when `wasm-unsafe-eval` is enough in Content Security Policy ([Gargron](, [prplecake](
2022-11-14 21:21:14 +00:00
## [4.0.1] - 2022-11-14
2022-11-14 21:21:14 +00:00
### Fixed
- Fix nodes order being sometimes mangled when rewriting emoji ([ClearlyClaire](
2022-11-14 19:27:12 +00:00
## [4.0.0] - 2022-11-14
2022-10-27 22:26:02 +00:00
Some of the features in this release have been funded through the [NGI0 Discovery]( Fund, a fund established by [NLnet]( with financial support from the European Commission's [Next Generation Internet]( programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825322.
### Added
- Add ability to filter followed accounts' posts by language ([Gargron](, [ClearlyClaire](
- **Add ability to follow hashtags** ([Gargron](, [Gargron](, [Gargron](, [noellabo](
- Add ability to filter individual posts ([ClearlyClaire](
- **Add ability to translate posts** ([Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](, [Gargron](, [ykzts](, [Gargron](
2022-11-11 07:39:38 +00:00
- Add featured tags to web UI ([noellabo](, [noellabo](, [noellabo](, [noellabo](, [Gargron](, [ykzts](, [noellabo](, [noellabo](, [Gargron](, [Gargron](, [ClearlyClaire](
2022-10-27 22:26:02 +00:00
- **Add support for language preferences for trending statuses and links** ([Gargron](, [Gargron](, [ykzts](
- Previously, you could only see trends in your current language
- For less popular languages, that meant empty trends
- Now, trends in your preferred languages' are shown on top, with others beneath
- Add server rules to sign-up flow ([Gargron](
- Add privacy icons to report modal in web UI ([ClearlyClaire](
- Add `noopener` to links to remote profiles in web UI ([shleeable](
2022-11-11 07:39:38 +00:00
- Add option to open original page in dropdowns of remote content in web UI ([Gargron](
2022-10-27 22:26:02 +00:00
- Add warning for sensitive audio posts in web UI ([rgroothuijsen](
- Add language attribute to posts in web UI ([tribela](
- Add support for uploading WebP files ([Saiv46](
- Add support for uploading `audio/vnd.wave` files ([tribela](
2022-11-05 22:24:07 +00:00
- Add support for uploading AVIF files ([txt-file](
- Add support for uploading HEIC files ([Gargron](
2022-10-27 22:26:02 +00:00
- Add more debug information when processing remote accounts ([ClearlyClaire](, [ClearlyClaire](
- **Add retention policy for cached content and media** ([Gargron](, [zunda](, [Gargron](, [Gargron](
- Set for how long remote posts or media should be cached on your server
- Hands-off alternative to `tootctl` commands
- **Add customizable user roles** ([Gargron](, [ClearlyClaire](, [Gargron](, [tribela](, [tribela](, [ClearlyClaire](, [ClearlyClaire](, [unextro](, [tribela](, [ClearlyClaire](
- Previously, there were 3 hard-coded roles, user, moderator, and admin
- Create your own roles and decide which permissions they should have
- Add notifications for new reports ([Gargron](, [Gargron](
- Add ability to select all accounts matching search for batch actions in admin UI ([Gargron](, [Gargron](
- Add ability to view previous edits of a status in admin UI ([Gargron](
- Add ability to block sign-ups from IP ([Gargron](
- **Add webhooks to admin UI** ([Gargron](
- Add admin API for managing domain allows ([ClearlyClaire](
- Add admin API for managing domain blocks ([ClearlyClaire](
- Add admin API for managing e-mail domain blocks ([Gargron](
- Add admin API for managing canonical e-mail blocks ([Gargron](
2022-11-11 07:39:38 +00:00
- Add admin API for managing IP blocks ([Gargron](, [trwnh](
- Add `sensitized` attribute to accounts in admin REST API ([trwnh](
2022-10-27 22:26:02 +00:00
- Add `services` and `metadata` to the NodeInfo endpoint ([MFTabriz](
- Add `--remove-role` option to `tootctl accounts modify` ([Gargron](
- Add `--days` option to `tootctl media refresh` ([tribela](
- Add `EMAIL_DOMAIN_LISTS_APPLY_AFTER_CONFIRMATION` environment variable ([ClearlyClaire](
- Add `IP_RETENTION_PERIOD` and `SESSION_RETENTION_PERIOD` environment variables ([kescherCode](
- Add `http_hidden_proxy` environment variable ([tribela](
2022-11-11 07:39:38 +00:00
- Add `ENABLE_STARTTLS` environment variable ([erbridge](
- Add caching for payload serialization during fan-out ([ClearlyClaire](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
2022-11-05 22:24:07 +00:00
- Add assets from Twemoji 14.0 ([Gargron](
- Add reputation and followers score boost to SQL-only account search ([Gargron](
2022-11-11 07:39:38 +00:00
- Add Scots, Balaibalan, Láadan, Lingua Franca Nova, Lojban, Toki Pona to languages list ([VyrCossont](
- Set autocomplete hints for e-mail, password and OTP fields ([rcombs](, [offbyone](, [ClearlyClaire](
2022-11-14 07:50:14 +00:00
- Add support for DigitalOcean Spaces in setup wizard ([v-aisac](
2022-10-27 22:26:02 +00:00
### Changed
- **Change brand color and logotypes** ([Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [mayaeh](
- **Change post editing to be enabled in web UI** ([Gargron](
2022-11-14 07:50:14 +00:00
- **Change web UI to work for logged-out users** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ykzts](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ykzts](, [ykzts](, [ykzts](, [ykzts](, [ykzts](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ykzts](, [ykzts](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [trwnh](, [ykzts](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [cutls](
2022-10-27 22:26:02 +00:00
- The web app can now be accessed without being logged in
- No more `/web` prefix on web app paths
- Profiles, posts, and other public pages now use the same interface for logged in and logged out users
- The web app displays a server information banner
- Pop-up windows for remote interaction have been replaced with a modal window
- No need to type in your username for remote interaction, copy-paste-to-search method explained
- Various hints throughout the app explain what the different timelines are
- New about page design
- New privacy policy page design shows when the policy was last updated
- All sections of the web app now have appropriate window titles
- The layout of the interface has been streamlined between different screen sizes
- Posts now use more horizontal space
- Change label of publish button to be "Publish" again in web UI ([Gargron](
- Change language to be carried over on reply in web UI ([ClearlyClaire](
- Change "Unfollow" to "Cancel follow request" when request still pending in web UI ([prplecake](
2022-11-14 07:50:14 +00:00
- **Change post filtering system** ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [noellabo](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
2022-10-27 22:26:02 +00:00
- Filtered keywords and phrases can now be grouped into named categories
- Filtered posts show which exact filter was hit
- Individual posts can be added to a filter
- You can peek inside filtered posts anyway
- Change path of privacy policy page from `/terms` to `/privacy-policy` ([Gargron](
- Change how hashtags are normalized ([Gargron](, [Gargron](, [ClearlyClaire](
2022-11-05 22:24:07 +00:00
- Change settings area to be separated into categories in admin UI ([Gargron](, [Gargron](
2022-10-27 22:26:02 +00:00
- Change "No accounts selected" errors to use the appropriate noun in admin UI ([prplecake](
- Change e-mail domain blocks to match subdomains of blocked domains ([Gargron](
- Change custom emoji file size limit from 50 KB to 256 KB ([Gargron](
- Change "Allow trends without prior review" setting to also work for trending posts ([Gargron](
2022-11-05 22:24:07 +00:00
- Change admin announcements form to use single inputs for date and time in admin UI ([ClearlyClaire](
2022-10-27 22:26:02 +00:00
- Change search API to be accessible without being logged in ([Gargron](, [Gargron](
- Change following and followers API to be accessible without being logged in ([Gargron](
2022-11-05 22:24:07 +00:00
- Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access ([Gargron](
2022-10-27 22:26:02 +00:00
- Change Helm configuration ([deepy](, [jgsmith](, [deepy](
2022-11-05 22:24:07 +00:00
- Change mentions of blocked users to not be processed ([ClearlyClaire](
- Change max. thumbnail dimensions to 640x360px (360p) ([Gargron](
- Change post-processing to be deferred only for large media types ([Gargron](
2022-11-11 07:39:38 +00:00
- Change link verification to only work for https links without unicode ([Gargron](, [Gargron](
- Change account deletion requests to spread out over time ([ClearlyClaire](
- Change larger reblogs/favourites numbers to be shortened in web UI ([Gargron](
- Change incoming activity processing to happen in `ingress` queue ([Gargron](
- Change notifications to not link show preview cards in web UI ([ClearlyClaire](
- Change amount of replies returned for logged out users in REST API ([ClearlyClaire](
2022-11-14 07:50:14 +00:00
- Change in-app links to keep you in-app in web UI ([trwnh](, [Gargron](
- Change table header to be sticky in admin UI ([sk22](
2022-10-27 22:26:02 +00:00
### Removed
- Remove setting that disables account deletes ([Gargron](
- Remove digest e-mails ([Gargron](
- Remove unnecessary sections from welcome e-mail ([Gargron](
- Remove item titles from RSS feeds ([Gargron](
- Remove volume number from hashtags in web UI ([Gargron](
- Remove Nanobox configuration ([tonyjiang](
### Fixed
2022-11-14 07:50:14 +00:00
- Fix rules with same priority being sorted non-deterministically ([Gargron](
- Fix error when invalid domain name is submitted ([Gargron](
- Fix icons having an image role ([Gargron](
2022-11-11 07:39:38 +00:00
- Fix connections to IPv6-only servers ([ClearlyClaire](
- Fix unnecessary service worker registration and preloading when logged out in web UI ([ClearlyClaire](
- Fix unnecessary and slow regex construction ([raggi](
- Fix `mailers` queue not being used for mailers ([Gargron](
- Fix error in webfinger redirect handling ([ClearlyClaire](
- Fix report category not being set to `violation` if rule IDs are provided ([trwnh](
- Fix nodeinfo metadata attribute being an array instead of an object ([ClearlyClaire](
- Fix account endorsements not being idempotent ([trwnh](
- Fix status and rule IDs not being strings in admin reports REST API ([trwnh](
- Fix error on invalid `replies_policy` in REST API ([trwnh](
- Fix redrafting a currently-editing post not leaving edit mode in web UI ([ClearlyClaire](
- Fix performance by avoiding method cache busts ([raggi](
- Fix opening the language picker scrolling the single-column view to the top in web UI ([ClearlyClaire](
- Fix content warning button missing `aria-expanded` attribute in web UI ([ClearlyClaire](
- Fix redundant `aria-pressed` attributes in web UI ([Brawaru](
- Fix crash when external auth provider has no display name set ([ClearlyClaire](
- Fix followers count not being updated when migrating follows ([ClearlyClaire](
- Fix double button to clear emoji search input in web UI ([sunny](
- Fix missing null check on applications on strike disputes ([kescherCode](
2022-11-05 22:24:07 +00:00
- Fix featured tags not saving preferred casing ([Gargron](
- Fix language not being saved when editing status ([Gargron](
- Fix not being able to input featured tag with hash symbol ([Gargron](
- Fix user clean-up scheduler crash when an unconfirmed account has a moderation note ([ClearlyClaire](
- Fix being unable to withdraw follow request when confirmation modal is disabled in web UI ([ClearlyClaire](
- Fix inaccurate admin log entry for re-sending confirmation e-mails ([ClearlyClaire](
- Fix edits not being immediately reflected ([ClearlyClaire](
- Fix bookmark import stopping at the first failure ([ClearlyClaire](
- Fix account action type validation ([Gargron](
- Fix upload progress not communicating processing phase in web UI ([Gargron](
- Fix wrong host being used for custom.css when asset host configured ([Gargron](
2022-11-11 07:39:38 +00:00
- Fix account migration form ever using outdated account data ([Gargron](, [nightpool](
2022-11-05 22:24:07 +00:00
- Fix error when uploading malformed CSV import ([Gargron](
- Fix avatars not using image tags in web UI ([Gargron](
- Fix handling of duplicate and out-of-order notifications in web UI ([ClearlyClaire](
- Fix reblogs being discarded after the reblogged status ([ClearlyClaire](
- Fix indexing scheduler trying to index when Elasticsearch is disabled ([Gargron](
- Fix n+1 queries when rendering initial state JSON ([Gargron](
- Fix n+1 query during status removal ([Gargron](
2022-10-27 22:26:02 +00:00
- Fix OCR not working due to Content Security Policy in web UI ([prplecake](
- Fix `nofollow` rel being removed in web UI ([Gargron](
- Fix language dropdown causing zoom on mobile devices in web UI ([Gargron](
- Fix button to dismiss suggestions not showing up in search results in web UI ([ClearlyClaire](
- Fix language dropdown sometimes not appearing in web UI ([Gargron](
- Fix quickly switching notification filters resulting in empty or incorrect list in web UI ([ClearlyClaire](, [ClearlyClaire](
- Fix media modal link button in web UI ([ClearlyClaire](
- Fix error upon successful account migration ([Gargron](
- Fix negatives values in search index causing queries to fail ([Gargron](, [Gargron](
- Fix error when searching for invalid URL ([ClearlyClaire](
- Fix IP blocks not having a unique index ([Gargron](
- Fix remote account in contact account setting not being used ([Gargron](
- Fix swallowing mentions of unconfirmed/unapproved users ([ClearlyClaire](
- Fix incorrect and slow cache invalidation when blocking domain and removing media attachments ([ClearlyClaire](
- Fix HTTPs redirect behaviour when running as I2P service ([gi-yt](
- Fix deleted pinned posts potentially counting towards the pinned posts limit ([ClearlyClaire](
- Fix compatibility with OpenSSL 3.0 ([ClearlyClaire](
- Fix error when a remote report includes a private post the server has no access to ([ClearlyClaire](
- Fix suspicious sign-in mails never being sent ([ClearlyClaire](
- Fix fallback locale when somehow user's locale is an empty string ([tribela](
- Fix avatar/header not being deleted locally when deleted on remote account ([tribela](
- Fix missing `,` in Blurhash validation ([noellabo](
- Fix order by most recent not working for relationships page in admin UI ([tribela](
- Fix uncaught error when invalid date is supplied to API ([Gargron](
- Fix REST API sometimes returning HTML on error ([ClearlyClaire](
- Fix ambiguous column names in `tootctl media refresh` ([tribela](
- Fix ambiguous column names in `tootctl search deploy` ([mashirozx](
- Fix `CDN_HOST` not being used in some asset URLs ([tribela](
- Fix `CAS_DISPLAY_NAME`, `SAML_DISPLAY_NAME` and `OIDC_DISPLAY_NAME` being ignored ([ClearlyClaire](
- Fix various typos in comments throughout the codebase ([luzpaz](
2022-11-14 07:50:14 +00:00
- Fix CSV import error when rows include unicode characters ([HamptonMakes](
2022-10-27 22:26:02 +00:00
2022-11-11 07:39:38 +00:00
### Security
- Fix being able to spoof link verification ([Gargron](
2022-11-14 19:27:12 +00:00
- Fix emoji substitution not applying only to text nodes in backend code ([ClearlyClaire](
- Fix emoji substitution not applying only to text nodes in web UI ([ClearlyClaire](
- Fix rate limiting for paths with formats ([Gargron](
- Fix out-of-bound reads in blurhash transcoder ([delroth](
2022-11-11 07:39:38 +00:00
2022-05-26 21:26:15 +00:00
## [3.5.3] - 2022-05-26
2022-05-26 21:26:15 +00:00
### Added
- **Add language dropdown to compose form in web UI** ([Gargron](, [ykzts](
- **Add warning for limited accounts in web UI** ([Gargron](
- Add `limited` attribute to accounts in REST API ([Gargron](
### Changed
- **Change RSS feeds** ([Gargron](, [tribela](
- Titles are now date and time of post
- Bodies now render all content faithfully, including polls and emojis
- All media attachments are included with Media RSS
- Change "dangerous" to "sensitive" in privacy policy and web UI ([Gargron](
- Change unconfirmed accounts to not be visible in REST API ([ClearlyClaire](
- Change `tootctl search deploy` to improve performance ([Gargron](, [Gargron](
- Change search indexing to use batches to minimize resource usage ([Gargron](
### Fixed
- Fix follower and other counters being able to go negative ([Gargron](
- Fix unnecessary query on when creating a status ([ClearlyClaire](
- Fix warning an account outside of a report closing all reports for that account ([ClearlyClaire](
- Fix error when resolving a link that redirects to a local post ([ClearlyClaire](
- Fix preferred posting language returning unusable value in REST API ([Gargron](
- Fix race condition error when external status is reblogged ([ykzts](
- Fix missing string for appeal validation error ([Gargron](
- Fix block/mute lists showing a follow button in web UI ([ClearlyClaire](
- Fix Redis configuration not being changed by `mastodon:setup` ([ClearlyClaire](
- Fix streaming notifications not using quick filter logic in web UI ([ClearlyClaire](
- Fix ambiguous wording on appeal actions in admin UI ([ClearlyClaire](
- Fix floating action button obscuring last element in web UI ([ClearlyClaire](
- Fix account warnings not being recorded in audit log ([ClearlyClaire](
- Fix leftover icons for direct visibility statuses ([Steffo99](
- Fix link verification requiring case sensitivity on links ([sgolemon](
- Fix embeds not setting their height correctly ([rinsuki](
### Security
- Fix concurrent unfollowing decrementing follower count more than once ([Gargron](
- Fix being able to appeal a strike unlimited times ([Gargron](
- Fix being able to report otherwise inaccessible statuses ([Gargron](
- Fix empty votes arbitrarily increasing voters count in polls ([Gargron](
- Fix moderator identity leak when approving appeal of sensitive marked statuses ([Gargron](
- Fix suspended users being able to access APIs that don't require a user ([Gargron](
- Fix confirmation redirect to app without `Location` header ([Gargron](
## [3.5.2] - 2022-05-04
### Added
- Add warning on direct messages screen in web UI ([Gargron](
- We already had a warning when composing a direct message, it has now been reworded to be more clear
- Same warning is now displayed when viewing sent and received direct messages
- Add ability to set approval-based registration through tootctl ([ClearlyClaire](
- Add pre-filling of domain from search filter in domain allow/block admin UI ([ClearlyClaire](
## Changed
- Change name of “Direct” visibility to “Mentioned people only” in web UI ([Gargron](, [Gargron](, [ClearlyClaire](
- Change trending posts to only show one post from each account ([Gargron](
- Change half-life of trending posts from 6 hours to 2 hours ([Gargron](
- Change full-text search feature to also include polls you have voted in ([tribela](
- Change Redis from using one connection per process, to using a connection pool ([Gargron](, [ClearlyClaire](, [Gargron](
- Different threads no longer have to wait on a mutex over a single connection
- However, this does increase the number of Redis connections by a fair amount
- We are planning to optimize Redis use so that the pool can be made smaller in the future
## Removed
- Remove IP matching from e-mail domain blocks ([Gargron](
- The IPs of the blocked e-mail domain or its MX records are no longer checked
- Previously it was too easy to block e-mail providers by mistake
2022-10-27 22:26:02 +00:00
## Fixed
- Fix compatibility with Friendica's pinned posts ([ClearlyClaire](, [ClearlyClaire](
- Fix error when looking up handle with surrounding spaces in REST API ([ClearlyClaire](
- Fix double render error when authorizing interaction ([Gargron](
- Fix error when a post references an invalid media attachment ([ClearlyClaire](
- Fix error when trying to revoke OAuth token without supplying a token ([Gargron](
- Fix error caused by missing subject in Webfinger response ([Gargron](
- Fix error on attempting to delete an account moderation note ([ClearlyClaire](
- Fix light-mode emoji borders in web UI ([Gaelan](
- Fix being able to scroll away from the loading bar in web UI ([Gargron](
- Fix error when a bookmark or favorite has been reported and deleted ([ClearlyClaire](
- Fix being offered empty “Server rules violation” report option in web UI ([ClearlyClaire](
- Fix temporary network errors preventing from authorizing interactions with remote accounts ([ClearlyClaire](
- Fix incorrect link in "new trending tags" email ([cdzombak](
- Fix missing indexes on some foreign keys ([ClearlyClaire](
- Fix n+1 query on feed merge and populate operations ([Gargron](
- Fix feed unmerge worker being exceptionally slow in some conditions ([ClearlyClaire](
- Fix PeerTube videos appearing with an erroneous “Edited at” marker ([ClearlyClaire](
- Fix instance actor being created incorrectly when running through migrations ([ClearlyClaire](
- Fix web push notifications containing HTML entities ([ClearlyClaire](
- Fix inconsistent parsing of `TRUSTED_PROXY_IP` ([ykzts](
- Fix error when fetching pinned posts ([tribela](
- Fix wrong optimization in feed populate operation ([dogelover911](
- Fix error in alias settings page ([ClearlyClaire](
2022-04-08 19:57:24 +00:00
## [3.5.1] - 2022-04-08
2022-04-08 19:57:24 +00:00
### Added
- Add pagination for trending statuses in web UI ([Gargron](
### Changed
- Change e-mail notifications to only be sent when recipient is offline ([Gargron](
- Send e-mails for mentions and follows by default again
- But only when recipient does not have push notifications through an app
- Change `website` attribute to be nullable on `Application` entity in REST API ([rinsuki](
### Removed
- Remove sign-in token authentication, instead send e-mail about new sign-in ([Gargron](
- You no longer need to enter a security code sent through e-mail
- Instead you get an e-mail about a new sign-in from an unfamiliar IP address
### Fixed
2022-11-08 16:31:52 +00:00
- Fix error responses for `from` search prefix ([single-right-quote](
2022-04-08 19:57:24 +00:00
- Fix dangling language-specific trends ([Gargron](
- Fix extremely rare race condition when deleting a status or account ([ClearlyClaire](
- Fix trends returning less results per page when filtered in REST API ([Gargron](
- Fix pagination header on empty trends responses in REST API ([Gargron](
- Fix cookies secure flag being set when served over Tor ([Gargron](
- Fix migration error handling ([ClearlyClaire](
- Fix error when re-running some migrations if they get interrupted at the wrong moment ([ClearlyClaire](
- Fix potentially missing statuses when reconnecting to streaming API in web UI ([ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](
- Fix error when sending warning emails with custom text ([ClearlyClaire](
- Fix unset `SMTP_RETURN_PATH` environment variable causing e-mail not to send ([Gargron](
- Fix possible duplicate statuses in timelines in some edge cases in web UI ([ClearlyClaire](
- Fix spurious edits and require incoming edits to be explicitly marked as such ([ClearlyClaire](
- Fix error when encountering invalid pinned statuses ([ClearlyClaire](
- Fix inconsistency in error handling when removing a status ([ClearlyClaire](
- Fix admin API unconditionally requiring CSRF token ([ClearlyClaire](
- Fix trending tags endpoint missing `offset` param in REST API ([Gargron](
- Fix unusual number formatting in some locales ([ClearlyClaire](
- Fix `S3_FORCE_SINGLE_REQUEST` environment variable not working ([HolgerHuo](
- Fix failure to build assets with OpenSSL 3 ([ClearlyClaire](
- Fix PWA manifest using outdated routes ([HolgerHuo](
- Fix error when indexing statuses into Elasticsearch ([ClearlyClaire](
2022-03-30 12:52:37 +00:00
## [3.5.0] - 2022-03-30
### Added
- **Add support for incoming edited posts** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](
- Previous versions remain available for perusal and comparison
- People who reblogged a post are notified when it's edited
- New REST APIs:
- `PUT /api/v1/statuses/:id`
- `GET /api/v1/statuses/:id/history`
- `GET /api/v1/statuses/:id/source`
- New streaming API event:
- `status.update`
- **Add appeals for moderator decisions** ([Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](
- All default moderator decisions now notify the affected user by e-mail
- They now link to an appeal page instead of suggesting replying to the e-mail
- They can now be found in account settings and not just e-mail
- Users can submit one appeal within 20 days of the decision
- Moderators can approve or reject the appeal
- **Add notifications for posts deleted by moderators** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](
- New, redesigned report view in admin UI
- Common report actions now only take one click to complete
- Deleting posts or marking as sensitive from report now notifies user
- Reports can be categorized by reason and specific rules violated
- The reasons are automatically cited in the notifications, except for spam
- Marking posts as sensitive now federates using post editing
- **Add explore page with trending posts and links** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ClearlyClaire](, [Gargron](, [tribela](, [Gargron](, [Gargron](, [noiob](, [mayaeh](, [mayaeh](, [Gargron](, [mayaeh](
- Hashtag trends algorithm is extended to work for posts and links
- Links are only considered if they have an adequate preview card
- Preview card generation has been improved to support structured data
- Links can only trend if the publisher (domain) has been approved
- Posts can only trend if the author has been approved
- Individual approval and rejection for posts and links is also available
- Moderators are notified about pending trends at most once every 2 hours
- Posts and link trends are language-specific
- Search page is redesigned into explore page in web UI
- Discovery tab is coming soon in official iOS and Android apps
- New REST APIs:
- `GET /api/v1/trends/links`
- `GET /api/v1/trends/statuses`
- `GET /api/v1/trends/tags` (alias of `GET /api/v1/trends`)
- `GET /api/v1/admin/trends/links`
- `GET /api/v1/admin/trends/statuses`
- `GET /api/v1/admin/trends/tags`
- **Add graphs and retention metrics to admin dashboard** ([Gargron](, [Gargron](, [ClearlyClaire](, [ClearlyClaire](, [ClearlyClaire](, [mashirozx](, [ClearlyClaire](
- Dashboard shows more numbers with development over time
- Other data such as most used interface languages and sign-up sources
- User retention graph shows how many new users stick around
- New REST APIs:
- `POST /api/v1/admin/measures`
- `POST /api/v1/admin/dimensions`
- `POST /api/v1/admin/retention`
- Add `GET /api/v1/accounts/familiar_followers` to REST API ([Gargron](
- Add `POST /api/v1/accounts/:id/remove_from_followers` to REST API ([noellabo](
- Add `category` and `rule_ids` params to `POST /api/v1/reports` IN REST API ([Gargron](, [Gargron](, [Gargron](
- `category` can be one of: `spam`, `violation`, `other` (default)
- `rule_ids` must reference `rules` returned in `GET /api/v1/instance`
- Add global `lang` param to REST API ([Gargron](, [Gargron](
- Add `types` param to `GET /api/v1/notifications` in REST API ([Gargron](
- **Add notifications for moderators about new sign-ups** ([Gargron](, [ClearlyClaire](
- When a new user confirms e-mail, moderators receive a notification
- New notification type:
- `admin.sign_up`
- Add authentication history ([Gargron](, [ClearlyClaire](, [baby-gnu](
- Add ability to automatically delete old posts ([ClearlyClaire](, [ClearlyClaire](, [tribela](
- Add ability to pin private posts ([ClearlyClaire](, [tribela](, [ClearlyClaire](, [MitarashiDango](
- Add ability to filter search results by author using `from:` syntax ([tribela](
- Add ability to delete canonical email blocks in admin UI ([ClearlyClaire](
- Add ability to purge undeliverable domains in admin UI ([ClearlyClaire](, [tribela](, [tribela](, [tribela](
- Add ability to disable e-mail token authentication for specific users in admin UI ([Gargron](
- **Add ability to suspend accounts in batches in admin UI** ([Gargron](, [ClearlyClaire](, [Gargron](
- New, redesigned accounts list in admin UI
- Batch suspensions are meant to help clean up spam and bot accounts
- They do not generate notifications
- Add ability to filter reports by origin of target account in admin UI ([Gargron](
- Add support for login through OpenID Connect ([chandrn7](
- Add lazy loading for emoji picker in web UI ([mashirozx](, [ClearlyClaire](
- Add single option votes tooltip in polls in web UI ([Brawaru](
- Add confirmation modal when closing media edit modal with unsaved changes in web UI ([ClearlyClaire](
2022-03-26 01:54:11 +00:00
- Add hint about missing media attachment description in web UI ([Gargron](
- Add support for fetching Create and Announce activities by URI in ActivityPub ([ClearlyClaire](
- Add `S3_FORCE_SINGLE_REQUEST` environment variable ([ClearlyClaire](
- Add `OMNIAUTH_ONLY` environment variable ([ClearlyClaire](, [ClearlyClaire](
- Add `ES_USER` and `ES_PASS` environment variables for Elasticsearch authentication ([tribela](
- Add `CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED` environment variable ([baby-gnu](
- Add ability to pass specific domains to `tootctl accounts cull` ([tribela](
- Add `--by-uri` option to `tootctl domains purge` ([ClearlyClaire](
- Add `--batch-size` option to `tootctl search deploy` ([aquarla](
- Add `--remove-orphans` option to `tootctl statuses remove` ([noellabo](
### Changed
- Change design of federation pages in admin UI ([Gargron](, [noellabo](, [Gargron](
- Change design of account cards in web UI ([Gargron](
- Change `follow` scope to be covered by `read` and `write` scopes in REST API ([Gargron](
- Change design of authorized applications page ([Gargron](, [ClearlyClaire](
- Change e-mail domain blocks to block IPs dynamically ([Gargron](, [ClearlyClaire](, [ClearlyClaire](
- Change report modal to include category selection in web UI ([Gargron](, [ClearlyClaire](, [Gargron](, [ClearlyClaire](
- Change reblogs to not count towards hashtag trends anymore ([Gargron](
- Change languages to be listed under standard instead of native name in admin UI ([Gargron](
- Change routing paths to use usernames in web UI ([Gargron](, [ClearlyClaire](, [ClearlyClaire](, [mashirozx](, [ClearlyClaire](
- Change list title input design in web UI ([ClearlyClaire](
- Change "Opt-in to profile directory" preference to be general discoverability preference ([ClearlyClaire](
- Change API rate limits to use /64 masking on IPv6 addresses ([tribela](, [ClearlyClaire](, [zunda](
- Change allowed formats for locally uploaded custom emojis to include GIF ([rgroothuijsen](, [Gargron](
- Change error message when chosen password is too long ([rgroothuijsen](
- Change minimum required Elasticsearch version from 6 to 7 ([noellabo](
### Removed
- Remove profile directory link from main navigation panel in web UI ([Gargron](
- **Remove language detection through cld3** ([Gargron](, [ykzts](, [Gargron](, [Gargron](
- cld3 is very inaccurate on short-form content even with unique alphabets
2022-11-08 16:31:52 +00:00
- Post language can be overridden individually using `language` param
- Otherwise, it defaults to the user's interface language
- Remove support for `OAUTH_REDIRECT_AT_SIGN_IN` ([ClearlyClaire](
- Use `OMNIAUTH_ONLY` instead
- Remove Keybase integration ([Gargron](
- Remove old columns and indexes ([ClearlyClaire](, [Gargron](, [ClearlyClaire](
- Remove shortcodes from newly-created media attachments ([ClearlyClaire](, [ClearlyClaire](
### Deprecated
- `GET /api/v1/trends``GET /api/v1/trends/tags`
- OAuth `follow` scope → `read` and/or `write`
- `text` attribute on `DELETE /api/v1/statuses/:id``GET /api/v1/statuses/:id/source`
### Fixed
2022-03-26 01:54:11 +00:00
- Fix IDN domains not being rendered correctly in a few left-over places ([Gargron](
- Fix Sanskrit translation not being used in web UI ([ClearlyClaire](
- Fix Kurdish languages having the wrong language codes ([ClearlyClaire](
- Fix pghero making database schema suggestions ([ClearlyClaire](
- Fix encoding glitch in the OpenGraph description of a profile page ([ClearlyClaire](
- Fix web manifest not permitting PWA usage from alternate domains ([HolgerHuo](
- Fix not being able to edit media attachments for scheduled posts ([ClearlyClaire](
- Fix subscribed relay activities being recorded as boosts ([ClearlyClaire](
- Fix streaming API server error messages when JSON parsing fails not specifying the source ([ClearlyClaire](
- Fix browsers autofilling new password field with old password ([mashirozx](
- Fix text being invisible before fonts load in web UI ([tribela](
- Fix public profile pages of unconfirmed users being accessible ([ClearlyClaire](, [ClearlyClaire](
- Fix nil error when trying to fetch key for signature verification ([Gargron](
- Fix null values being included in some indexes ([Gargron](
- Fix `POST /api/v1/emails/confirmations` not being available after sign-up ([Gargron](
- Fix rare race condition when reblogged post is deleted ([ClearlyClaire](, [ClearlyClaire](
- Fix being able to add more than 4 hashtags to hashtag column in web UI ([Gargron](
- Fix data integrity of featured tags ([Gargron](
- Fix performance of account timelines ([Gargron](
- Fix returning empty `<p>` tag for blank account `note` in REST API ([Gargron](
- Fix leak of existence of otherwise inaccessible posts in REST API ([Gargron](
- Fix not showing loading indicator when searching in web UI ([Gargron](
- Fix media modal footer's “external link” not being a link ([ClearlyClaire](
- Fix reply button on media modal not giving focus to compose form ([ClearlyClaire](
- Fix some media attachments being converted with too high framerates ([ClearlyClaire](
- Fix sign in token and warning emails failing to send when contact e-mail address is malformed ([helloworldstack](
- Fix opening the emoji picker scrolling the single-column view to the top ([ClearlyClaire](
- Fix edge case where settings/admin page sidebar would be incorrectly hidden ([ClearlyClaire](
- Fix performance of server-side filtering ([ClearlyClaire](
- Fix privacy policy link not being visible on small screens ([Gargron](
- Fix duplicate accounts when searching by IP range in admin UI ([Gargron](, [tribela](
- Fix error when performing a batch action on posts in admin UI ([ClearlyClaire](
- Fix deletes not being signed in authorized fetch mode ([Gargron](
- Fix Undo Announce sometimes inlining the originally Announced status ([ClearlyClaire](
- Fix localization of cold-start follow recommendations ([Gargron](, [Gargron](
- Fix replies collection incorrectly looping ([ClearlyClaire](
- Fix errors when multiple Delete are received for a given actor ([ClearlyClaire](
- Fixed prototype pollution bug and only allow trusted origin ([r0hanSH](
- Fix text being incorrectly pre-selected in composer textarea on /share ([ClearlyClaire](
- Fix SMTP_ENABLE_STARTTLS_AUTO/SMTP_TLS/SMTP_SSL environment variables don't work ([kgtkr](
- Fix media upload specific rate limits only being applied to v1 endpoint in REST API ([tribela](
- Fix media descriptions not being used for client-side filtering ([ClearlyClaire](
- Fix cold-start follow recommendation favouring older accounts due to wrong sorting ([noellabo](
- Fix not redirect to the right page after authenticating with WebAuthn ([heguro](
- Fix searching for additional hashtags in hashtag column ([ClearlyClaire](
- Fix color of hashtag column settings inputs ([ClearlyClaire](
- Fix performance of `tootctl statuses remove` ([noellabo](
- Fix `tootctl accounts cull` not excluding domains on timeouts and certificate issues ([ClearlyClaire](
- Fix 404 error when filtering admin action logs by non-existent target account ([ClearlyClaire](
- Fix error when accessing streaming API without any OAuth scopes ([Brawaru](
- Fix follow request count not updating when new follow requests arrive over streaming API in web UI ([matildepark](
- Fix error when unsuspending a local account ([HolgerHuo](
- Fix crash when a notification contains a not yet processed media attachment in web UI ([ClearlyClaire](
- Fix wrong color of download button in audio player in web UI ([ClearlyClaire](
- Fix notes for others accounts not being deleted when an account is deleted ([ClearlyClaire](
- Fix error when logging occurrence of unsupported video file ([noellabo](
- Fix wrong elements in trends widget being hidden on smaller screens in web UI ([tribela](
- Fix link to about page being displayed in limited federation mode ([weex](
- Fix styling of boost button in media modal not reflecting ability to boost ([ClearlyClaire](
- Fix OCR failure when erroneous lang data is in cache ([ClearlyClaire](
- Fix downloading media from blocked domains in `tootctl media refresh` ([tribela](
- Fix login form being displayed on landing page when already logged in ([ClearlyClaire](
- Fix polling for media processing status too frequently in web UI ([tribela](
- Fix hashtag autocomplete overriding user-typed case ([weex](
- Fix WebAuthn authentication setup to not prompt for PIN ([truongnmt](
2022-03-30 12:52:37 +00:00
### Security
- Fix being able to post URLs longer than 4096 characters ([Gargron](
- Fix being able to bypass e-mail restrictions ([Gargron](
## [3.4.6] - 2022-02-03
### Fixed
- Fix `mastodon:webpush:generate_vapid_key` task requiring a functional environment ([ClearlyClaire](
- Fix spurious errors when receiving an Add activity for a private post ([ClearlyClaire](
### Security
- Fix error-prone SQL queries ([ClearlyClaire](
- Fix not compacting incoming signed JSON-LD activities ([puckipedia](, [ClearlyClaire]( (CVE-2022-24307)
- Fix insufficient sanitization of report comments ([ClearlyClaire](
- Fix stop condition of a Common Table Expression ([ClearlyClaire](
- Disable legacy XSS filtering ([Wonderfall](
2022-01-31 20:27:40 +00:00
## [3.4.5] - 2022-01-31
2022-01-31 20:27:40 +00:00
### Added
2022-01-31 20:27:40 +00:00
- Add more advanced migration tests ([ClearlyClaire](
- Add github workflow to build Docker images ([unasuke](, [Gargron](, [Gargron](
### Fixed
2022-01-31 20:27:40 +00:00
- Fix some old migrations failing when skipping releases ([ClearlyClaire](
- Fix migrations script failing in certain edge cases ([ClearlyClaire](
- Fix Docker build ([tribela](
- Fix Ruby 3.0 dependencies ([ClearlyClaire](
- Fix followers synchronization mechanism ([ClearlyClaire](
## [3.4.4] - 2021-11-26
2022-01-31 20:27:40 +00:00
### Fixed
- Fix error when suspending user with an already blocked canonical email ([ClearlyClaire](
- Fix overflow of long profile fields in admin UI ([ClearlyClaire](
- Fix confusing error when WebFinger request returns empty document ([ClearlyClaire](
- Fix upload of remote media with OpenStack Swift sometimes failing ([ClearlyClaire](
- Fix logout link not working in Safari ([noellabo](
- Fix “open” link of media modal not closing modal in web UI ([ClearlyClaire](
- Fix replying from modal in web UI ([ClearlyClaire](
- Fix `mastodon:setup` command crashing in some circumstances ([ClearlyClaire](
### Security
- Fix filtering DMs from non-followed users ([ClearlyClaire](
- Fix handling of recursive toots in WebUI ([ClearlyClaire](
## [3.4.3] - 2021-11-06
### Fixed
- Fix login being broken due to inaccurately applied backport fix in 3.4.2 ([Gargron](
## [3.4.2] - 2021-11-06
### Added
- Add `configuration` attribute to `GET /api/v1/instance` ([Gargron](
### Fixed
- Fix handling of back button with modal windows in web UI ([ClearlyClaire](
- Fix pop-in player when author has long username in web UI ([ClearlyClaire](
- Fix crash when a status with a playing video gets deleted in web UI ([ClearlyClaire](
- Fix crash with Microsoft Translate in web UI ([ClearlyClaire](
- Fix PWA not being usable from alternate domains ([HolgerHuo](
- Fix locale-specific number rounding errors ([ClearlyClaire](
- Fix scheduling a status decreasing status count ([ClearlyClaire](
- Fix user's canonical email address being blocked when user deletes own account ([ClearlyClaire](
- Fix not being able to suspend users that already have their canonical e-mail blocked ([Gargron](
- Fix anonymous access to outbox not being cached by the reverse proxy ([ClearlyClaire](
- Fix followers synchronization mechanism not working when URI has empty path ([ClearlyClaire](