Releases: mastodon/mastodon
v4.4.1

This is a hotfix for 4.4, mostly addressing build and deployment issues with 4.4.0.
Check out the 4.4.0 release notes for information.
Upgrade overview
This release contains upgrade notes that deviate from the norm:
ℹ️ Requires assets recompilation
For more information, view the complete release notes and scroll down to the upgrade instructions section.
Changelog
Fixed
- Fix nearly every sub-directory being crawled as part of Vite build (#35323 by @ClearlyClaire)
- Fix assets not building when Redis is unavailable (#35321 by @oneiros)
- Fix replying from media modal or pop-in-player tagging user
@undefined
(#35317 by @ClearlyClaire) - Fix support for special characters in various environment variables (#35314 by @mjankowski and @ClearlyClaire)
- Fix some database migrations failing for indexes manually removed by admins (#35309 by @mjankowski)
Upgrade notes
To get the code for v4.4.1, use git fetch && git checkout v4.4.1
.
Note
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Dependencies
External dependencies have not changed since v4.4.0:
- Ruby: 3.2 or newer
- PostgreSQL: 13 or newer
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 6.2 or newer
- Node: 20 or newer
- libvips (optional, instead of ImageMagick): 8.13 or newer
- ImageMagick (optional if using libvips): 6.9.7-7 or newer
Update steps
The following instructions are for updating from 4.4.0.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, it is very important to read the 4.4.0 release notes.
Non-Docker
Tip
The charlock_holmes
gem may fail to build on some systems with recent versions of gcc.
If you run into this issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install
.
- Precompile the assets:
RAILS_ENV=production bundle exec rails assets:precompile
- Restart all Mastodon processes.
When using Docker
- Restart all Mastodon processes.
v4.4.0

For a user-focused highlight of these changes, see https://blog.joinmastodon.org/2025/07/mastodon-4.4/
For changes of particular interest to application developers, see https://blog.joinmastodon.org/2025/07/mastodon-4-4-for-devs/
For a more detailed run-down on the changes, see the Changelog section below!
Upgrade overview
Tip
A hotfix release is available for this branch, please update directly to it.
This release contains upgrade notes that deviate from the norm:
ℹ️ The new experimental Fediverse Auxiliary Service Providers feature requires a new fasp
sidekiq queue
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations
For more information, view the complete release notes and scroll down to the upgrade instructions section.
Changelog
Added
- Add “Followers you know” widget to user profiles and hover cards (#34652, #34678, #34681, #34697, #34699, #34769, #34774 and #34914 by @diondiondion)
- Add featured tab to profiles on web UI and rework pinned posts (#34405, #34483, #34491, #34754, #34855, #34858, #34868, #34869, #34927, #34995, #35056 and #34931 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @diondiondion)
- Add endorsed accounts to featured tab in web UI (#34421 and #34568 by @Gargron)
This also includes the following new REST API endpoints:GET /api/v1/accounts/:id/endorsements
: https://docs.joinmastodon.org/methods/accounts/#endorsementsPOST /api/v1/accounts/:id/endorse
: https://docs.joinmastodon.org/methods/accounts/#endorsePOST /api/v1/accounts/:id/unendorse
: https://docs.joinmastodon.org/methods/accounts/#unendorse
- Add ability to add and remove hashtags from featured tags in web UI (#34489, #34887, and #34490 by @ClearlyClaire and @Gargron)
This is achieved through the new REST API endpoints:POST /api/v1/tags/:id/feature
: https://docs.joinmastodon.org/methods/tags/#featurePOST /api/v1/tags/:id/unfeature
: https://docs.joinmastodon.org/methods/tags/#unfeature
- Add reminder when about to post without alt text in web UI (#33760 and #33784 by @Gargron)
- Add a warning in Web UI when composing a post when the selected and detected language are different (#33042, #33683, #33700, #33724, #33770, and #34193 by @ClearlyClaire and @Gargron)
- Add support for verifying and displaying remote quote posts (#34370, #34481, #34510, #34551, #34480, #34479, #34553, #34584, #34623, #34738, #34766, #34770, #34772, #34773, #34786, #34790, #34864, #34957, #34961, #35016, #35022, #35036, #34946, #34945 and #34958 by @ClearlyClaire and @diondiondion)
Support for verifying remote quotes according to FEP-044f and displaying them in the Web UI has been implemented.
Quoting other people is not implemented yet, and it is currently not possible to mark your own posts as allowing quotes. However, a new “Who can quote” setting has been added to the “Posting defaults” section of the user settings. This setting allows you to set a default that will be used for new posts made on Mastodon 4.5 and newer, when quote posts will be fully implemented.
In the REST API, quote posts are represented by a newquote
attribute onStatus
andStatusEdit
entities: https://docs.joinmastodon.org/entities/StatusEdit/#quote https://docs.joinmastodon.org/entities/Status/#quote - Add ability to reorder and translate server rules (#34637, #34737, #34494, #34756, #34820, #34997, #35170, #35174 and #35174 by @ChaosExAnima and @ClearlyClaire)
Rules are now shown in the user’s language, if a translation has been set.
In the REST API,Rule
entities now have a newtranslations
attribute: https://docs.joinmastodon.org/entities/Rule/#translations - Add emoji from Twemoji 15.1.0, including in the emoji picker/completion (#33395, #34321, #34620, and #34677 by @ChaosExAnima, @ClearlyClaire, @TheEssem, and @eramdam)
- Add option to remove account from followers in web UI (#34488 by @Gargron)
- Add relationship tags to profiles and hover cards in web UI (#34467 and #34792 by @Gargron and @diondiondion)
- Add ability to open posts in a new tab by middle-clicking in web UI (#32988, #33106, #33419, and #34700 by @ClearlyClaire, @Gargron, and @tribela)
- Add new filter action to blur media (#34256 by @ClearlyClaire)
In the REST API, this adds a new possible value ofblur
to thefilter_action
attribute: https://docs.joinmastodon.org/entities/Filter/#filter_action - Add dropdown menu to hashtag links in web UI (#34393 by @Gargron)
- Add server setting to allow referrer (#33214, #33239, #33903, and #34731 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @renchap)
In order to protect the privacy of users of small or thematic servers, Mastodon previously avoided transmitting referrer information when clicking outside links, which unfortunately made Mastodon completely invisible to other websites, even though the privacy implications on large generic servers are very limited.
Server administrators can now chose to opt in to transmit referrer information when following an external link. Only the domain name is transmitted, not the referrer path. - Add double tap to zoom and swipe to dismiss to media modal in web UI (#34210 by @Gargron)
- Add link from Web UI for Hashtags to the Moderation UI (#31448 by @ThisIsMissEm)
- Add terms of service (#33055, #33233, #33230, #33703, #33699, #33994, #33993, #34105, #34122, #34200, #34527, #35053, #35115, #35126, #35127 and #35233 by @ClearlyClaire, @Gargron, @mjankowski, and @oneiros)
Server administrators can now fill in Terms of Service and notify their users of upcoming changes. - Add optional bulk mailer settings (#35191 and #35203 by @oneiros)
This adds the optional environment variablesBULK_SMTP_PORT
,BULK_SMTP_SERVER
,BULK_SMTP_LOGIN
and so on analogous toSMTP_PORT
,SMTP_SERVER
,SMTP_LOGIN
and related SMTP configuration environment variables.
WhenBULK_SMTP_SERVER
is set, this group of variables is used instead of the regular ones for sending announcement notification emails and Terms of Service notification emails. - Add age verification on sign-up (#34150, #34663, and #34636 by @ClearlyClaire and @Gargron)
Server administrators now have a setting to set a minimum age requirement for creating a new server, asking users for their date of birth. The date of birth is checked against the minimum age requirement server-side but not stored.
The following REST API changes have been made to accommodate this:registrations.min_age
has been added to theInstance
entity: https://docs.joinmastodon.org/entities/Instance/#registrations-min_age- the
date_of_birth
parameter has been added to the account creation API: https://docs.joinmastodon.org/methods/accounts/#create
- Add ability to dismiss alt text badge by tapping it in web UI (#33737 by @Gargron)
- Add loading indicator to timeline gap indicators in web UI (#33762 by @Gargron)
- Add interaction modal when trying to interact with a poll while logged out (#32609 by @ThisIsMissEm)
- Add experimental FASP support (#34031, #34415, #34765, #34965, #34964, #34033, #35218, #35262 and #35263 by @oneiros)
This is a first step towards supporting “Fediverse Auxiliary Service Providers” (https://github.com/mastodon/fediverse_auxiliary_service_provider_specifications). This is mostly interesting to developers who would like to implement their own FASP, but also includes the capability to share data with a discovery provider (see https://www.fediscovery.org). - Add ability for admins to send announcements to all users via email (#33928 and #34411 by @ClearlyClaire)
This is meant for critical announcements only, as this will potentially send a lot of emails and cannot be opted out of by users. - Add Server Moderation Notes (#31529 by @ThisIsMissEm)
- Add loading spinner to “Post” button when sending a post (#35153 by @diondiondion)
- Add option to use system scrollbar styling (#32117 by @vmstan)
- Add hover cards to follow suggestions (#33749 by @ClearlyClaire)
- Add
t
hotkey for post translations (#33441 by @ClearlyClaire) - Add timestamp to all announcements in Web UI (#18329 by @ClearlyClaire)
- Add dropdown menu with quick actions to lists of accounts in web UI (#34391, #34709, and #34767 by @Gargron, @diondiondion, and @mkljczk)
- Add support for displaying “year in review” notification in web UI (#32710, #32765, #32709, #32807, #32914, #33148, and #33882 by @Gargron and @mjankowski)
Note that the notification is currently not generated automatically, and at the moment requires a manual undocumented administrator action. - Add experimental support for receiving HTTP Message Signatures (RFC9421) (#34814, #35033, #35109 and #35278 by @oneiros)
For now, this needs to be explicitly enabled th...
v4.3.9

Changelog
Changed
- Change passthrough video processing to emit
moov
atom at start of video (#34726 by @ClearlyClaire)
Fixed
- Fix
NoMethodError
in edge case of emoji cache handling (#34749 by @dariusk) - Fix error when viewing statuses to deleted replies in moderation view (#32986 by @ClearlyClaire)
- Fix search operators sometimes getting lost (#35190 by @ClearlyClaire)
- Fix “Alt text” button submitting form in moderation interface (#35147 by @ClearlyClaire)
- Fix handling of remote attachments with multiple media types (#34996 by @ClearlyClaire)
- Fix blocked accounts not being automatically removed from trending statuses (#34891 by @ClearlyClaire)
- Fix inconsistent filtering of silenced accounts for other silenced accounts (#34863 by @ClearlyClaire)
- Fix handling of inlined
featured
collections in ActivityPub actor objects (#34789 and #34811 by @ClearlyClaire) - Fix admin dashboard crash on specific Elasticsearch connection errors (#34683 by @ClearlyClaire)
- Fix OIDC account creation failing for long display names (#34639 by @defnull)
- Fix
/share
not using server-set characters limit (#33459 by @kescherCode) - Fix wrong video dimensions for some rotated videos (#33008 and #33261 by @Gargron and @tribela)
- Fix missing autofocus on boost modal (#32953 by @tribela)
Upgrade notes
To get the code for v4.3.9, use git fetch && git checkout v4.3.9
.
Note
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Dependencies
External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:
- Ruby: 3.1 or newer
- PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 4 or newer
- Node: 18 or newer
- ImageMagick (optional if using libvips): 6.9.7-7 or newer
- libvips (optional, instead of ImageMagick): 8.13 or newer
Update steps
The following instructions are for updating from 4.3.8.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.
Non-docker
Tip
The charlock_holmes
gem may fail to build on some systems with recent versions of gcc
.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install
.
- Install dependencies with
bundle install
- Precompile the assets:
RAILS_ENV=production bundle exec rails assets:precompile
- Restart all Mastodon processes.
When using docker
- Restart all Mastodon processes.
v4.2.22

Changelog
Changed
- Change passthrough video processing to emit
moov
atom at start of video (#34726 by @ClearlyClaire)
Fixed
- Fix
NoMethodError
in edge case of emoji cache handling (#34749 by @dariusk) - Fix error when viewing statuses to deleted replies in moderation view (#32986 by @ClearlyClaire)
- Fix search operators sometimes getting lost (#35190 by @ClearlyClaire)
- Fix handling of remote attachments with multiple media types (#34996 by @ClearlyClaire)
- Fix inconsistent filtering of silenced accounts for other silenced accounts (#34863 by @ClearlyClaire)
- Fix handling of inlined
featured
collections in ActivityPub actor objects (#34789 and #34811 by @ClearlyClaire) - Fix admin dashboard crash on specific Elasticsearch connection errors (#34683 by @ClearlyClaire)
- Fix OIDC account creation failing for long display names (#34639 by @defnull)
- Fix
/share
not using server-set characters limit (#33459 by @kescherCode) - Fix wrong video dimensions for some rotated videos (#33008 and #33261 by @Gargron and @tribela)
Upgrade notes
To get the code for v4.2.22, use git fetch && git checkout v4.2.22
.
Note
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Important
Since v4.2.10, Mastodon is now performing stricter checks to prevent client IP address spoofing. This means that if one of your reverse proxy is not on Mastodon's local network, you will need to set TRUSTED_PROXY_IP
accordingly, listing the IP address of every trusted reverse-proxy (including local network ones). See the documentation for more information.
Dependencies
The minimum supported Ruby version has been bumped from 3.0 to 3.1 in Mastodon v4.2.17. Otherwise, external dependencies have not changed since v4.2.4, the compatible PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:
- Ruby: 3.1 to 3.3
- PostgreSQL: 10 or newer
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 4 or newer
- Node: 16 or newer
- ImageMagick: 6.9.7-7 or newer
Update steps
Tip
The charlock_holmes
gem may fail to build on some systems with recent versions of gcc
.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install
.
The following instructions are for updating from 4.2.21.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations.
Non-Docker only:
- Install dependencies:
bundle install
- Precompile the assets:
RAILS_ENV=production bundle exec rails assets:precompile
- Restart all Mastodon processes
Using Docker:
- Restart all Mastodon processes
v4.4.0-rc.1

Warning
This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on mastodon.social and some other servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases or pre-releases, as well as the upcoming 4.4.0 stable release.
Upgrade overview
This release contains upgrade notes that deviate from the norm:
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations
For more information, view the complete release notes and scroll down to the upgrade instructions section.
Changelog (v4.4.0-rc.1)
Security
- Fix headers in public file server (#35209 and #35219 by @ClearlyClaire and @tribela)
Added
- Add FASP account search support (#34033 by @oneiros)
- Add Server Moderation Notes (#31529 by @ThisIsMissEm)
- Add loading spinner to “Post” button when sending a post (#35153 by @diondiondion)
- Add optional bulk mailer settings (#35191 and #35203 by @oneiros)
This adds the optional environment variablesBULK_SMTP_PORT
,BULK_SMTP_SERVER
,BULK_SMTP_LOGIN
and so on analogous toSMTP_PORT
,SMTP_SERVER
,SMTP_LOGIN
and related SMTP configuration environment variables.
WhenBULK_SMTP_SERVER
is set, this group of variables is used instead of the regular ones for sending announcement notification emails and Terms of Service notification emails.
Changed
- Change results from Follow Recommendations FASP to be persisted (#35218 by @oneiros)
- Change wording of "discard draft?" confirmation dialogs (#35192 by @diondiondion)
- Change rule translation interface to display english name and populate empty translations (#35170 and #35174 by @ClearlyClaire)
- Change terms of service e-mail job to be iterable (#35126 by @Gargron)
- Change Advanced Web UI to use the new main menu instead of the “Getting started” column (#35117 by @diondiondion)
Removed
- Remove link to terms of service generator (#35127 by @Gargron)
The current template has been found to be unsatisfactory, and the feature will return in a future release with a better template.
Fixed
- Fix column header overlapping mobile menu on old Safari (#35225 by @diondiondion)
- Fix popover/dialog backgrounds not being blurred on older Webkit browsers (#35220 by @diondiondion)
- Fix outdated icon in notifications permissions banner (#35193 by @diondiondion)
- Fix search operators sometimes getting lost (#35190 by @ClearlyClaire)
- Fix crash in development environment with no prebuilt assets and no vite dev server running (#35177 by @ClearlyClaire)
- Fix being able to scroll content behind navigation sidebar (#35173 and #35183 by @diondiondion)
- Fix inaccessible "Clear search" button (#35152 and #35175 by @diondiondion)
- Fix status focus indicators and make them more noticeable (#35150 by @diondiondion)
- Fix Firefox sometimes not updating spellcheck language in textarea (#35148 by @ClearlyClaire)
- Fix “Alt text” button submitting form in moderation interface (#35147 by @ClearlyClaire)
- Fix navigation bar not being updated when (un)following a hashtag (#35101 by @diondiondion)
- Fix composer being hidden while writing a post when changing screen size (#35105 by @diondiondion)
- Fix clicking a status multiple times causing duplicate entries in browser history (#35118 by @ClearlyClaire)
- Fix missing terms of services link (#35115 by @oneiros)
- Fix error when handling RFC9421 signatures (#35109 by @oneiros)
- Fix clicking on content warning banner in notification opening the post (#35096 by @diondiondion)
- Fix overscrolling in mobile navigation bar (#35074 by @diondiondion)
- Fix focus style and spacing of list/hashtags expand/collapse button in navigation bar (#35075 by @diondiondion)
Changelog (v4.4.0-beta.2)
Added
- Add FASP follow recommendation support (#34964 by @oneiros)
- Add experimental Async Refreshes API (#34918 by @oneiros)
- Add a way to easily unpin profiles from the featured account area (#34931 by @ChaosExAnima)
- Add ability to filter quote posts in home timeline (#34946 by @ClearlyClaire)
- Add
fasp
queue to sidekiq queue system check (#34965 by @ClearlyClaire)
Changed
- Change "Explore" to "Trending" and remove explanation banners (#34985 by @Gargron)
- Change design of navigation panel in Web UI, change layout on narrow screens (#34910, #34987, #35017, #34986, #35029, #35065, #35067 and #35072 by @ClearlyClaire, @Gargron, and @diondiondion)
- Change color of pinned carousel to avoid confusion with PMs (#35056 by @ChaosExAnima)
- Change support for inbound quote posts to be unconditionally enabled (#34958 by @ClearlyClaire)
- Change “legacy” non-fast-tracked quote posts to not be displayed as such (#34945 by @ClearlyClaire)
- Change media attachments of moderated posts to not be accessible (#34872 by @Gargron)
Moderators will still be able to access them while they are kept, but they won't be accessible to the public in the meantime.
Removed
- Remove broken link to
/start/share
in welcome e-mail (#34962 by @ClearlyClaire)
Fixed
- Fix glitchy iOS media attachment drag interactions (#35057 by @diondiondion)
- Fix database error instead of form validation on ToS effective date conflict (#35053 by @ClearlyClaire)
- Fix zoomed images being blurry in Safari (#35052 by @diondiondion)
- Fix redundant focus stop within status component in Web UI (#35037 and #35051 by @diondiondion)
- Fix digits in media player time readout not having a consistent width (#35038 by @diondiondion)
- Fix crash in
StatusEdit
serializer when quote posts are involved (#35036 by @ClearlyClaire) - Fix error handling in HTTP Signature verification (#35033 by @oneiros)
- Fix wrong text color for “Open in advanced web interface” banner in high-contrast theme (#35032 by @diondiondion)
- Fix hover card for limited accounts not hiding information as expected (#35024 by @diondiondion)
- Fix theme name requirement regression with efficient lookup by name (#35007 and #35035 by @ChaosExAnima and @ClearlyClaire)
- Fix Web UI not fetching nested quotes on demand (#35016 and #35022 by @diondiondion)
- Fix some animations not respecting the reduced animation preferences (#35018 by @ChaosExAnima)
- Fix direction of media gallery arrows in RTL locales (#35014 by @diondiondion)
- Fix cramped layout of follower recommendations on small viewports (#34967 and #35023 by @diondiondion)
- Fix local prometheus_exporter server being started outside of puma/sidekiq startup (#35005 by @oneiros)
- Fix quoted posts appearing between text and media (#35011 by @ClearlyClaire)
- Fix two composers being shown at the same time in some cases (#35006 by @ChaosExAnima)
- Fix featured posts carousel not respecting selected tags (#34995 by @ChaosExAnima)
- Fix handling of remote attachments with multiple media types (#34996 by @ClearlyClaire)
- Fix crash in
/about
when server returns cached rules withouttranslations
attribute (#34997 by @ClearlyClaire) - Fix broken colors in some themed SVGs in web UI (#34988 by @Gargron)
- Fix wrong dimensions on blurhash previews of news articles in web UI (#34990 by @Gargron)
- Fix wrong styles on action bar in media modal in web UI (#34989 by @Gargron)
- Fix indentation of quote posts in threads (#34961 by @diondiondion)
- Fix quote post streaming edge cases (#34957 by @ClearlyClaire)
- Fix search column input not updating on param change (#34951 by @PGrayCS)
- Fix account note textarea being interactable before the relationship gets fetched (#34932 by @ClearlyClaire)
- Fix audio and video player issues on Safari (#34929, #34933, and #35034 by @diondiondion)
- Fix featured posts carousel slides sometimes overflowing (#34927 by @ChaosExAnima)
Changelog (v4.4.0-beta.1)
Added
- Add “Followers you know” widget to user profiles and hover cards (#34652, #34678, #34681, #34697, #34699, #34769, #34774, and #34914 by @diondiondion)
- Add featured tab to profiles on web UI and rework pinned posts (#34405, #34483, #34491, #34754, #34855, #34858, #34868, and #34869 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @diondiondion)
- Add endorsed accounts to featured tab in web UI (#34421 and #34568 by @Gargron)
This also includes the following new REST API endpoints:GET /api/v1/accounts/:id/endorsements
: https://docs.joinmastodon.org/methods/accounts/#endorsementsPOST /api/v1/accounts/:id/endorse
: https://docs.joinmastodon.org/methods/accounts/#endorsePOST /api/v1/accounts/:id/unendorse
: https://docs.joinmastodon.org/methods/accounts/#unendorse
- Add ability to add and remove hashtags from featured tags in web UI (#34489, #34887, and #34490 by @ClearlyClaire and @Gargron)
This is achieve...
v4.4.0-beta.2

Warning
This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on mastodon.social and some other servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases or pre-releases, as well as the upcoming 4.4.0 stable release.
Upgrade overview
This release contains upgrade notes that deviate from the norm:
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations
For more information, view the complete release notes and scroll down to the upgrade instructions section.
Changelog (v4.4.0-beta.2)
Added
- Add FASP follow recommendation support (#34964 by @oneiros)
- Add experimental Async Refreshes API (#34918 by @oneiros)
- Add a way to easily unpin profiles from the featured account area (#34931 by @ChaosExAnima)
- Add ability to filter quote posts in home timeline (#34946 by @ClearlyClaire)
- Add
fasp
queue to sidekiq queue system check (#34965 by @ClearlyClaire)
Changed
- Change "Explore" to "Trending" and remove explanation banners (#34985 by @Gargron)
- Change design of navigation panel in Web UI, change layout on narrow screens (#34910, #34987, #35017, #34986, #35029, #35065, #35067 and #35072 by @ClearlyClaire, @Gargron, and @diondiondion)
- Change color of pinned carousel to avoid confusion with PMs (#35056 by @ChaosExAnima)
- Change support for inbound quote posts to be unconditionally enabled (#34958 by @ClearlyClaire)
- Change “legacy” non-fast-tracked quote posts to not be displayed as such (#34945 by @ClearlyClaire)
- Change media attachments of moderated posts to not be accessible (#34872 by @Gargron)
Moderators will still be able to access them while they are kept, but they won't be accessible to the public in the meantime.
Removed
- Remove broken link to
/start/share
in welcome e-mail (#34962 by @ClearlyClaire)
Fixed
- Fix glitchy iOS media attachment drag interactions (#35057 by @diondiondion)
- Fix database error instead of form validation on ToS effective date conflict (#35053 by @ClearlyClaire)
- Fix zoomed images being blurry in Safari (#35052 by @diondiondion)
- Fix redundant focus stop within status component in Web UI (#35037 and #35051 by @diondiondion)
- Fix digits in media player time readout not having a consistent width (#35038 by @diondiondion)
- Fix crash in
StatusEdit
serializer when quote posts are involved (#35036 by @ClearlyClaire) - Fix error handling in HTTP Signature verification (#35033 by @oneiros)
- Fix wrong text color for “Open in advanced web interface” banner in high-contrast theme (#35032 by @diondiondion)
- Fix hover card for limited accounts not hiding information as expected (#35024 by @diondiondion)
- Fix theme name requirement regression with efficient lookup by name (#35007 and #35035 by @ChaosExAnima and @ClearlyClaire)
- Fix Web UI not fetching nested quotes on demand (#35016 and #35022 by @diondiondion)
- Fix some animations not respecting the reduced animation preferences (#35018 by @ChaosExAnima)
- Fix direction of media gallery arrows in RTL locales (#35014 by @diondiondion)
- Fix cramped layout of follower recommendations on small viewports (#34967 and #35023 by @diondiondion)
- Fix local prometheus_exporter server being started outside of puma/sidekiq startup (#35005 by @oneiros)
- Fix quoted posts appearing between text and media (#35011 by @ClearlyClaire)
- Fix two composers being shown at the same time in some cases (#35006 by @ChaosExAnima)
- Fix featured posts carousel not respecting selected tags (#34995 by @ChaosExAnima)
- Fix handling of remote attachments with multiple media types (#34996 by @ClearlyClaire)
- Fix crash in
/about
when server returns cached rules withouttranslations
attribute (#34997 by @ClearlyClaire) - Fix broken colors in some themed SVGs in web UI (#34988 by @Gargron)
- Fix wrong dimensions on blurhash previews of news articles in web UI (#34990 by @Gargron)
- Fix wrong styles on action bar in media modal in web UI (#34989 by @Gargron)
- Fix indentation of quote posts in threads (#34961 by @diondiondion)
- Fix quote post streaming edge cases (#34957 by @ClearlyClaire)
- Fix search column input not updating on param change (#34951 by @PGrayCS)
- Fix account note textarea being interactable before the relationship gets fetched (#34932 by @ClearlyClaire)
- Fix audio and video player issues on Safari (#34929, #34933, and #35034 by @diondiondion)
- Fix featured posts carousel slides sometimes overflowing (#34927 by @ChaosExAnima)
Changelog (v4.4.0-beta.1)
Added
- Add “Followers you know” widget to user profiles and hover cards (#34652, #34678, #34681, #34697, #34699, #34769, #34774, and #34914 by @diondiondion)
- Add featured tab to profiles on web UI and rework pinned posts (#34405, #34483, #34491, #34754, #34855, #34858, #34868, and #34869 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @diondiondion)
- Add endorsed accounts to featured tab in web UI (#34421 and #34568 by @Gargron)
This also includes the following new REST API endpoints:GET /api/v1/accounts/:id/endorsements
: https://docs.joinmastodon.org/methods/accounts/#endorsementsPOST /api/v1/accounts/:id/endorse
: https://docs.joinmastodon.org/methods/accounts/#endorsePOST /api/v1/accounts/:id/unendorse
: https://docs.joinmastodon.org/methods/accounts/#unendorse
- Add ability to add and remove hashtags from featured tags in web UI (#34489, #34887, and #34490 by @ClearlyClaire and @Gargron)
This is achieved through the new REST API endpoints:POST /api/v1/tags/:id/feature
: https://docs.joinmastodon.org/methods/tags/#featurePOST /api/v1/tags/:id/unfeature
: https://docs.joinmastodon.org/methods/tags/#unfeature
- Add reminder when about to post without alt text in web UI (#33760 and #33784 by @Gargron)
- Add a warning in Web UI when composing a post when the selected and detected language are different (#33042, #33683, #33700, #33724, #33770, and #34193 by @ClearlyClaire and @Gargron)
- Add ability to reorder and translate server rules (#34637, #34737, #34494, #34756, and #34820 by @ChaosExAnima and @ClearlyClaire)
Rules are now shown in the user’s language, if a translation has been set.
In the REST API,Rule
entities now have a newtranslations
attribute: https://docs.joinmastodon.org/entities/Rule/#translations - Add emoji from Twemoji 15.1.0, including in the emoji picker/completion (#33395, #34321, #34620, and #34677 by @ChaosExAnima, @ClearlyClaire, @TheEssem, and @eramdam)
- Add experimental support for verifying and displaying remote quote posts (#34370, #34481, #34510, #34551, #34480, #34479, #34553, #34584, #34623, #34738, #34766, #34770, #34772, #34773, #34786, #34790, and #34864 by @ClearlyClaire and @diondiondion)
Support for verifying remote quotes according to FEP-044f and displaying them in the Web UI has been implemented. Such quotes are currently only processed if theinbound_quotes
experimental feature is enabled (EXPERIMENTAL_FEATURES=inbound_quotes
).
Quoting other people is not implemented yet, and it is currently not possible to mark your own posts as allowing quotes. However, a new “Who can quote” setting has been added to the “Posting defaults” section of the user settings. This setting allows you to set a default that will be used for new posts made on Mastodon 4.5 and newer, when quote posts will be fully implemented.
In the REST API, quote posts are represented by a newquote
attribute onStatus
andStatusEdit
entities: https://docs.joinmastodon.org/entities/StatusEdit/#quote https://docs.joinmastodon.org/entities/Status/#quote - Add option to remove account from followers in web UI (#34488 by @Gargron)
- Add relationship tags to profiles and hover cards in web UI (#34467 and #34792 by @Gargron and @diondiondion)
- Add ability to open posts in a new tab by middle-clicking in web UI (#32988, #33106, #33419, and #34700 by @ClearlyClaire, @Gargron, and @tribela)
- Add new filter action to blur media (#34256 by @ClearlyClaire)
In the REST API, this adds a new possible value ofblur
to thefilter_action
attribute: https://docs.joinmastodon.org/entities/Filter/#filter_action - Add dropdown menu to hashtag links in web UI (#34393 by @Gargron)
- Add server setting to allow referrer (#33214, #33239, #33903, and #34731 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @renchap)
In order to protect the privacy of users of small or thematic servers, Mastodon previously avoided transmitting referrer information when clicking outside links, which unfortunately made Mastodon completely invisible to ot...
v4.4.0-beta.1

Warning
This is a pre-release! This has not been as widely tested as regular releases, although it is still tested on mastodon.social and some other servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will, however, be able to upgrade to later nightly releases or pre-releases, as well as the upcoming 4.4.0 stable release.
Upgrade overview
This release contains upgrade notes that deviate from the norm:
ℹ️ Requires streaming server restart
ℹ️ Requires database migrations
For more information, view the complete release notes and scroll down to the upgrade instructions section.
Changelog
Added
- Add “Followers you know” widget to user profiles and hover cards (#34652, #34678, #34681, #34697, #34699, #34769, #34774, and #34914 by @diondiondion)
- Add featured tab to profiles on web UI and rework pinned posts (#34405, #34483, #34491, #34754, #34855, #34858, #34868, and #34869 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @diondiondion)
- Add endorsed accounts to featured tab in web UI (#34421 and #34568 by @Gargron)
This also includes the following new REST API endpoints:GET /api/v1/accounts/:id/endorsements
: https://docs.joinmastodon.org/methods/accounts/#endorsementsPOST /api/v1/accounts/:id/endorse
: https://docs.joinmastodon.org/methods/accounts/#endorsePOST /api/v1/accounts/:id/unendorse
: https://docs.joinmastodon.org/methods/accounts/#unendorse
- Add ability to add and remove hashtags from featured tags in web UI (#34489, #34887, and #34490 by @ClearlyClaire and @Gargron)
This is achieved through the new REST API endpoints:POST /api/v1/tags/:id/feature
: https://docs.joinmastodon.org/methods/tags/#featurePOST /api/v1/tags/:id/unfeature
: https://docs.joinmastodon.org/methods/tags/#unfeature
- Add reminder when about to post without alt text in web UI (#33760 and #33784 by @Gargron)
- Add a warning in Web UI when composing a post when the selected and detected language are different (#33042, #33683, #33700, #33724, #33770, and #34193 by @ClearlyClaire and @Gargron)
- Add ability to reorder and translate server rules (#34637, #34737, #34494, #34756, and #34820 by @ChaosExAnima and @ClearlyClaire)
Rules are now shown in the user’s language, if a translation has been set.
In the REST API,Rule
entities now have a newtranslations
attribute: https://docs.joinmastodon.org/entities/Rule/#translations - Add emoji from Twemoji 15.1.0, including in the emoji picker/completion (#33395, #34321, #34620, and #34677 by @ChaosExAnima, @ClearlyClaire, @TheEssem, and @eramdam)
- Add experimental support for verifying and displaying remote quote posts (#34370, #34481, #34510, #34551, #34480, #34479, #34553, #34584, #34623, #34738, #34766, #34770, #34772, #34773, #34786, #34790, and #34864 by @ClearlyClaire and @diondiondion)
Support for verifying remote quotes according to FEP-044f and displaying them in the Web UI has been implemented. Such quotes are currently only processed if theinbound_quotes
experimental feature is enabled (EXPERIMENTAL_FEATURES=inbound_quotes
).
Quoting other people is not implemented yet, and it is currently not possible to mark your own posts as allowing quotes. However, a new “Who can quote” setting has been added to the “Posting defaults” section of the user settings. This setting allows you to set a default that will be used for new posts made on Mastodon 4.5 and newer, when quote posts will be fully implemented.
In the REST API, quote posts are represented by a newquote
attribute onStatus
andStatusEdit
entities: https://docs.joinmastodon.org/entities/StatusEdit/#quote https://docs.joinmastodon.org/entities/Status/#quote - Add option to remove account from followers in web UI (#34488 by @Gargron)
- Add relationship tags to profiles and hover cards in web UI (#34467 and #34792 by @Gargron and @diondiondion)
- Add ability to open posts in a new tab by middle-clicking in web UI (#32988, #33106, #33419, and #34700 by @ClearlyClaire, @Gargron, and @tribela)
- Add new filter action to blur media (#34256 by @ClearlyClaire)
In the REST API, this adds a new possible value ofblur
to thefilter_action
attribute: https://docs.joinmastodon.org/entities/Filter/#filter_action - Add dropdown menu to hashtag links in web UI (#34393 by @Gargron)
- Add server setting to allow referrer (#33214, #33239, #33903, and #34731 by @ChaosExAnima, @ClearlyClaire, @Gargron, and @renchap)
In order to protect the privacy of users of small or thematic servers, Mastodon previously avoided transmitting referrer information when clicking outside links, which unfortunately made Mastodon completely invisible to other websites, even though the privacy implications on large generic servers are very limited.
Server administrators can now chose to opt in to transmit referrer information when following an external link. Only the domain name is transmitted, not the referrer path. - Add double tap to zoom and swipe to dismiss to media modal in web UI (#34210 by @Gargron)
- Add link from Web UI for Hashtags to the Moderation UI (#31448 by @ThisIsMissEm)
- Add terms of service (#33055, #33233, #33230, #33703, #33699, #33994, #33993, #34105, #34122, #34200, and #34527 by @ClearlyClaire, @Gargron, @mjankowski, and @oneiros)
Server administrators can now fill in Terms of Service, optionally using a provided template. - Add age verification on sign-up (#34150, #34663, and #34636 by @ClearlyClaire and @Gargron)
Server administrators now have a setting to set a minimum age requirement for creating a new server, asking users for their date of birth. The date of birth is checked against the minimum age requirement server-side but not stored.
The following REST API changes have been made to accommodate this:registrations.min_age
has been added to theInstance
entity: https://docs.joinmastodon.org/entities/Instance/#registrations-min_age- the
date_of_birth
parameter has been added to the account creation API: https://docs.joinmastodon.org/methods/accounts/#create
- Add ability to dismiss alt text badge by tapping it in web UI (#33737 by @Gargron)
- Add loading indicator to timeline gap indicators in web UI (#33762 by @Gargron)
- Add interaction modal when trying to interact with a poll while logged out (#32609 by @ThisIsMissEm)
- Add experimental FASP support (#34031, #34415, and #34765 by @oneiros)
This is a first step towards supporting “Fediverse Auxiliary Service Providers” (https://github.com/mastodon/fediverse_auxiliary_service_provider_specifications). This is mostly interesting to developers who would like to implement their own FASP, but also includes the capability to share data with a discovery provider (see https://www.fediscovery.org). - Add ability for admins to send announcements to all users via email (#33928 and #34411 by @ClearlyClaire)
This is meant for critical announcements only, as this will potentially send a lot of emails and cannot be opted out of by users. - Add option to use system scrollbar styling (#32117 by @vmstan)
- Add hover cards to follow suggestions (#33749 by @ClearlyClaire)
- Add
t
hotkey for post translations (#33441 by @ClearlyClaire) - Add timestamp to all announcements in Web UI (#18329 by @ClearlyClaire)
- Add dropdown menu with quick actions to lists of accounts in web UI (#34391, #34709, and #34767 by @Gargron, @diondiondion, and @mkljczk)
- Add support for displaying “year in review” notification in web UI (#32710, #32765, #32709, #32807, #32914, #33148, and #33882 by @Gargron and @mjankowski)
Note that the notification is currently not generated automatically, and at the moment requires a manual undocumented administrator action. - Add experimental support for receiving HTTP Message Signatures (RFC9421) (#34814 by @oneiros)
For now, this needs to be explicitly enabled through thehttp_message_signatures
feature flag (EXPERIMENTAL_FEATURES=http_message_signatures
). This currently only covers verifying such signatures (inbound HTTP requests), not issuing them (outbound HTTP requests). - Add experimental server-side feature to fetch remote replies (#32615, #34147, #34149, #34151, #34615, #34682, and #34702 by @ClearlyClaire and @sneakers-the-rat)
This experimental feature causes the server to recursively fetch replies in background tasks whenever a user opens a remote post. This happens asynchronously and the client is currently not notified of the existence of new replies, which will thus only be displayed the next time this post’s context gets requested.
This feature needs to be explicitly enabled server-side by settingFETCH_REPLIES_ENABLED
env...
v4.3.8

Changelog
Security
- Update dependencies
- Check scheme on account, profile, and media URLs (GHSA-x2rc-v5wx-g3m5)
Added
- Add warning for REDIS_NAMESPACE deprecation at startup (#34581 by @ClearlyClaire)
- Add built-in context for interaction policies (#34574 by @ClearlyClaire)
Changed
- Change activity distribution error handling to skip retrying for deleted accounts (#33617 by @ClearlyClaire)
Removed
- Remove double-query for signed query strings (#34610 by @ClearlyClaire)
Fixed
- Fix incorrect redirect in response to unauthenticated API requests in limited federation mode (#34549 by @ClearlyClaire)
- Fix sign-up e-mail confirmation page reloading on error or redirect (#34548 by @ClearlyClaire)
Upgrade notes
To get the code for v4.3.8, use git fetch && git checkout v4.3.8
.
Note
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Dependencies
External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:
- Ruby: 3.1 or newer
- PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 4 or newer
- Node: 18 or newer
- ImageMagick (optional if using libvips): 6.9.7-7 or newer
- libvips (optional, instead of ImageMagick): 8.13 or newer
Update steps
The following instructions are for updating from 4.3.7.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.
Non-docker
Tip
The charlock_holmes
gem may fail to build on some systems with recent versions of gcc
.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install
.
- Install dependencies with
bundle install
- Precompile the assets:
RAILS_ENV=production bundle exec rails assets:precompile
- Restart all Mastodon processes.
When using docker
- Restart all Mastodon processes.
v4.2.21

Changelog
Security
- Update dependencies
- Check scheme on account, profile, and media URLs (GHSA-x2rc-v5wx-g3m5)
Added
- Add warning for REDIS_NAMESPACE deprecation at startup (#34581 by @ClearlyClaire)
- Add built-in context for interaction policies (#34574 by @ClearlyClaire)
Changed
- Change activity distribution error handling to skip retrying for deleted accounts (#33617 by @ClearlyClaire)
Removed
- Remove double-query for signed query strings (#34610 by @ClearlyClaire)
Fixed
- Fix incorrect redirect in response to unauthenticated API requests in limited federation mode (#34549 by @ClearlyClaire)
- Fix sign-up e-mail confirmation page reloading on error or redirect (#34548 by @ClearlyClaire)
Upgrade notes
To get the code for v4.2.21, use git fetch && git checkout v4.2.21
.
Note
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Important
Since v4.2.10, Mastodon is now performing stricter checks to prevent client IP address spoofing. This means that if one of your reverse proxy is not on Mastodon's local network, you will need to set TRUSTED_PROXY_IP
accordingly, listing the IP address of every trusted reverse-proxy (including local network ones). See the documentation for more information.
Dependencies
The minimum supported Ruby version has been bumped from 3.0 to 3.1 in Mastodon v4.2.17. Otherwise, external dependencies have not changed since v4.2.4, the compatible PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:
- Ruby: 3.1 to 3.3
- PostgreSQL: 10 or newer
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 4 or newer
- Node: 16 or newer
- ImageMagick: 6.9.7-7 or newer
Update steps
Tip
The charlock_holmes
gem may fail to build on some systems with recent versions of gcc
.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install
.
The following instructions are for updating from 4.2.20.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations.
Non-Docker only:
- Install dependencies:
bundle install
- Precompile the assets:
RAILS_ENV=production bundle exec rails assets:precompile
- Restart all Mastodon processes
Using Docker:
- Restart all Mastodon processes
v4.3.7

Changelog
Add
- Add delay to profile updates to debounce them (#34137 by @ClearlyClaire)
- Add support for paginating partial collections in
SynchronizeFollowersService
(#34272 and #34277 by @ClearlyClaire)
Changed
- Change account suspensions to be federated to recently-followed accounts as well (#34294 by @ClearlyClaire)
- Change
AccountReachFinder
to consider statuses based on suspension date (#32805 and #34291 by @ClearlyClaire and @mjankowski) - Change user archive signed URL TTL from 10 seconds to 1 hour (#34254 by @ClearlyClaire)
Fixed
- Fix static version of animated PNG emojis not being properly extracted (#34337 by @ClearlyClaire)
- Fix filters not applying in detailed view, favourites and bookmarks (#34259 and #34260 by @ClearlyClaire)
- Fix handling of malformed/unusual HTML (#34201 by @ClearlyClaire)
- Fix
CacheBuster
being queued for missing media attachments (#34253 by @ClearlyClaire) - Fix incorrect URL being used when cache busting (#34189 by @ClearlyClaire)
- Fix streaming server refusing unix socket path in
DATABASE_URL
(#34091 by @ClearlyClaire) - Fix “x” hotkey not working on boosted filtered posts (#33758 by @ClearlyClaire)
Upgrade notes
To get the code for v4.3.7, use git fetch && git checkout v4.3.7
.
Note
As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump
Dependencies
External dependencies have not changed since v4.3.0, the compatible Ruby, PostgreSQL, Node, Elasticsearch and Redis versions are the same, that is:
- Ruby: 3.1 or newer
- PostgreSQL: 12 or newer. PostgreSQL versions 14.0 to 14.3 are not supported as they contain a critical data-corruption bug (see v4.3.0 release notes)
- Elasticsearch (recommended, for full-text search): 7.x (OpenSearch should also work)
- LibreTranslate (optional, for translations): 1.3.3 or newer
- Redis: 4 or newer
- Node: 18 or newer
- ImageMagick (optional if using libvips): 6.9.7-7 or newer
- libvips (optional, instead of ImageMagick): 8.13 or newer
Update steps
The following instructions are for updating from 4.3.6.
If you are upgrading directly from an earlier release, please carefully read the upgrade notes for the skipped releases as well, as they often require extra steps such as database migrations. In particular, please read the v4.3.0 release notes, as there have been multiple important changes.
Non-docker
Tip
The charlock_holmes
gem may fail to build on some systems with recent versions of gcc
.
If you run into such an issue, try BUNDLE_BUILD__CHARLOCK_HOLMES="--with-cxxflags=-std=c++17" bundle install
.
- Install dependencies with
bundle install
- Precompile the assets:
RAILS_ENV=production bundle exec rails assets:precompile
- Restart all Mastodon processes.
When using docker
- Restart all Mastodon processes.