Skip to content
  • v3.2.0
  • 93dd413
  • Compare
    Choose a tag to compare
    Search for a tag
  • v3.2.0
  • 93dd413
  • Compare
    Choose a tag to compare
    Search for a tag

@Gargron Gargron released this Jul 26, 2020 · 91 commits to master since this release

Mastodon

Changelog

Added

  • Add SMTP_SSL environment variable (OmmyZhang)
  • Add hotkey for toggling content warning input in web UI (ThibG)
  • Add e-mail-based sign in challenge for users with disabled 2FA (Gargron)
    • If user tries signing in after:
      • Being inactive for a while
      • With a previously unknown IP
      • Without 2FA being enabled
    • Require to enter a token sent via e-mail before sigining in
  • Add limit param to RSS feeds (noellabo)
  • Add visibility param to share page (noellabo)
  • Add blurhash to link previews (ThibG, ThibG, ThibG, Sasha-Sorokin, Sasha-Sorokin, ThibG, ThibG, ThibG)
    • In web UI, toots cannot be marked as sensitive unless there is media attached
    • However, it's possible to do via API or ActivityPub
    • Thumnails of link previews of such posts now use blurhash in web UI
    • The Card entity in REST API has a new blurhash attribute
  • Add support for summary field for media description in ActivityPub (ThibG)
  • Add hints about incomplete remote content to web UI (Gargron, noellabo)
  • Add personal notes for accounts (ThibG, Gargron, Sasha-Sorokin)
    • To clarify, these are notes only you can see, to help you remember details
    • Notes can be viewed and edited from profiles in web UI
    • New REST API: POST /api/v1/accounts/:id/note with comment param
    • The Relationship entity in REST API has a new note attribute
  • Add Helm chart (dunn, dunn, dunn)
  • Add customizable thumbnails for audio and video attachments (Gargron, Gargron, Gargron, Gargron, ThibG, ThibG, noellabo, noellabo)
    • Metadata (album, artist, etc) is no longer stripped from audio files
    • Album art is automatically extracted from audio files
    • Thumbnail can be manually uploaded for both audio and video attachments
    • Media upload APIs now support thumbnail param
      • On POST /api/v1/media and POST /api/v2/media
      • And on PUT /api/v1/media/:id
    • ActivityPub representation of media attachments represents custom thumbnails with an icon attribute
    • The Media Attachment entity in REST API now has a preview_remote_url to its preview_url, equivalent to remote_url to its url
  • Add color extraction for thumbnails (Gargron, ThibG)
    • The meta attribute on the Media Attachment entity in REST API can now have a colors attribute which in turn contains three hex colors: background, foreground, and accent
    • The background color is chosen from the most dominant color around the edges of the thumbnail
    • The foreground and accent colors are chosen from the colors that are the most different from the background color using the CIEDE2000 algorithm
    • The most satured color of the two is designated as the accent color
    • The one with the highest W3C contrast is designated as the foreground color
    • If there are not enough colors in the thumbnail, new ones are generated using a monochrome pattern
  • Add a visibility indicator to toots in web UI (noellabo, highemerly)
  • Add tootctl email_domain_blocks (tateisu, Gargron)
  • Add "Add new domain block" to header of federation page in admin UI (ariasuni)
  • Add ability to keep emoji picker open with ctrl+click in web UI (bclindner, noellabo)
  • Add custom icon for private boosts in web UI (ThibG)
  • Add support for Create and Update activities that don't inline objects in ActivityPub (ThibG)
  • Add support for Undo activities that don't inline activities in ActivityPub (ThibG)

Changed

  • Change .env.production.sample to be leaner and cleaner (Gargron)
    • It was overloaded as de-facto documentation and getting quite crowded
    • Defer to the actual documentation while still giving a minimal example
  • Change tootctl search deploy to work faster and display progress (Gargron)
  • Change User-Agent of link preview fetching service to include "Bot" (Gargron)
    • Some websites may not render OpenGraph tags into HTML if that's not the case
  • Change behaviour to carry blocks over when someone migrates their followers (ThibG)
  • Change volume control and download buttons in web UI (Gargron)
  • Change design of audio players in web UI (Gargron, ThibG, Gargron, ThibG, Gargron, ThibG)
  • Change reply filter to never filter own toots in web UI (ThibG)
  • Change boost button to no longer serve as visibility indicator in web UI (noellabo, ThibG)
  • Change contrast of flash messages (cchoi12)
  • Change wording from "Hide media" to "Hide image/images" in web UI (ariasuni)
  • Change appearence of settings pages to be more consistent (ariasuni)
  • Change "Add media" tooltip to not include long list of formats in web UI (ariasuni)
  • Change how badly contrasting emoji are rendered in web UI (leo60228, ThibG, mfmfuyu, ThibG)
  • Change structure of unavailable content section on about page (ariasuni)
  • Change behaviour to accept ActivityPub activities relayed through group actor (noellabo)
  • Change amount of processing retries for ActivityPub activities (noellabo)

Removed

  • Remove the terms "blacklist" and "whitelist" from UX (Gargron, mayaeh)
    • Environment variables changed (old versions continue to work):
      • WHITELIST_MODELIMITED_FEDERATION_MODE
      • EMAIL_DOMAIN_BLACKLISTEMAIL_DOMAIN_DENYLIST
      • EMAIL_DOMAIN_WHITELISTEMAIL_DOMAIN_ALLOWLIST
    • CLI option changed:
      • tootctl domains purge --whitelist-modetootctl domains purge --limited-federation-mode
  • Remove some unnecessary database indices (lfuelling, noellabo)
  • Remove unnecessary Node.js version upper bound (ykzts)

Fixed

  • Fix following param not working when exact match is found in account search (noellabo)
  • Fix sometimes occuring duplicate mention notifications (noellabo)
  • Fix RSS feeds not being cachable (ThibG)
  • Fix lack of locking around processing of Announce activities in ActivityPub (noellabo)
  • Fix boosted toots from blocked account not being retroactively removed from TL (ThibG)
  • Fix large shortened numbers (like 1.2K) using incorrect pluralization (Sasha-Sorokin)
  • Fix streaming server trying to use empty password to connect to Redis when REDIS_PASSWORD is given but blank (ThibG)
  • Fix being unable to unboost posts when blocked by their author (ThibG)
  • Fix account domain block not properly unfollowing accounts from domain (Gargron)
  • Fix removing a domain allow wiping known accounts in open federation mode (ThibG)
  • Fix blocks and mutes pagination in web UI (ThibG)
  • Fix new posts pushing down origin of opened dropdown in web UI (ThibG, ThibG)
  • Fix timeline markers not being saved sometimes (ThibG, ThibG, ThibG)
  • Fix CSV uploads being rejected (noellabo)
  • Fix incompatibility with ElasticSearch 7.x (noellabo)
  • Fix being able to search posts where you're in the target audience but not actively mentioned (noellabo)
  • Fix non-local posts appearing on local-only hashtag timelines in web UI (noellabo)
  • Fix tootctl media remove-orphans choking on unknown files in storage (Gargron)
  • Fix tootctl upgrade storage-schema misbehaving (Gargron, angristan)
    • Fix it marking records as upgraded even though no files were moved
    • Fix it not working with S3 storage
    • Fix it not working with custom emojis
  • Fix GIF reader raising incorrect exceptions (ThibG)
  • Fix hashtag search performing account search as well (ThibG)
  • Fix Webfinger returning wrong status code on malformed or missing param (ThibG)
  • Fix rake mastodon:setup error when some environment variables are set (ThibG)
  • Fix admin page crashing when trying to block an invalid domain name in admin UI (ThibG)
  • Fix unsent toot confirmation dialog not popping up in single column mode in web UI (ThibG)
  • Fix performance of follow import (noellabo)
    • Reduce timeout of Webfinger requests to that of other requests
    • Use circuit breakers to stop hitting unresponsive servers
    • Avoid hitting servers that are already known to be generally unavailable
  • Fix filters ignoring media descriptions (BenLubar)
  • Fix some actions on custom emojis leading to cryptic errors in admin UI (ThibG)
  • Fix ActivityPub serialization of replies when some of them are URIs (ThibG)
  • Fix rake mastodon:setup choking on environment variables containing % (ThibG)
  • Fix account redirect confirmation message talking about moved followers (ThibG)
  • Fix avatars having the wrong size on public detailed status pages (ThibG)
  • Fix various issues around OpenGraph representation of media (Gargron)
    • Pages containing audio no longer say "Attached: 1 image" in description
    • Audio attachments now represented as OpenGraph og:audio
    • The twitter:player page now uses Mastodon's proper audio/video player
    • Audio/video buffered bars now display correctly in audio/video player
    • Volume and progress bars now respond to movement/move smoother
  • Fix audio/video/images/cards not reacting to window resizes in web UI (Gargron)
  • Fix very wide media attachments resulting in too thin a thumbnail in web UI (ThibG)
  • Fix crash when merging posts into home feed after following someone (ThibG)
  • Fix unique username constraint for local users not being enforced in database (ThibG)
  • Fix unnecessary gap under video modal in web UI (mfmfuyu)
  • Fix 2FA and sign in token pages not respecting user locale (mfmfuyu)
  • Fix unapproved users being able to view profiles when in limited-federation mode and requiring approval for sign-ups (ThibG)
  • Fix initial audio volume not corresponding to what's displayed in audio player in web UI (ThibG)
  • Fix timelines sometimes jumping when closing modals in web UI (ThibG)
  • Fix memory usage of downloading remote files (Gargron, Gargron, noellabo)
    • Don't read entire file (up to 40 MB) into memory
    • Read and write it to temp file in small chunks
  • Fix inconsistent account header padding in web UI (trwnh)
  • Fix Thai being skipped from language detection (Sasha-Sorokin)
    • Since Thai has its own alphabet, it can be detected more reliably
  • Fix broken hashtag column options styling in web UI (ThibG)
  • Fix pointer cursor being shown on toots that are not clickable in web UI (arielrodrigues)
  • Fix lock icon not being shown when locking account in profile settings (ThibG)
  • Fix domain blocks doing work the wrong way around (ThibG)
    • Instead of suspending accounts one by one, mark all as suspended first (quick)
    • Only then proceed to start removing their data (slow)
    • Clear out media attachments in a separate worker (slow)

Upgrade notes

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Non-Docker only:

  • Install dependencies: bundle install and yarn install
  • ⚠️ No longer compatible with ElasticSearch <6.8 due to an upstream library update

Both Docker and non-Docker:

⚠️ If you are serving user-uploaded files from a differet domain/subdomain than the one the Mastodon web UI is served from, please keep in mind that you need to return CORS headers on those files, otherwise the new audio player will not work. Here is an example of nginx directives for returning the appropriate CORS headers:

add_header 'Access-Control-Allow-Origin'  '*';

Some object storage providers may have preferences for such CORS headers in their control panels.

  1. Run database migrations:
    • Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm web rails db:migrate
  2. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
  3. Restart all Mastodon processes
  4. Clear cache:
    • Non-Docker: RAILS_ENV=production bin/tootctl cache clear
    • Docker: docker-compose run --rm web bin/tootctl cache clear

Troubleshooting

LoadError: cannot load such file -- tty-command

If you are upgrading on a DigitalOcean 1-click-install image of Mastodon, delete the first-time setup wizard:

rm /home/mastodon/live/lib/tasks/digitalocean.rake

Multiple migrations have the name RemoveUnusedIndexes

You have previously created a database migration following advice in the pgHero control panel. Find the oldest file in the db/migrations directory that ends with remove_unused_indexes.rb and delete it.

Translators

  • Duy (Vietnamese)
  • stan ionut (Romanian)
  • Besnik_b (Albanian)
  • Emanuel Pina (Portuguese)
  • regulartranslator (Portuguese, Brazilian)
  • ButterflyOfFire (Arabic; Kabyle; French)
  • adrmzz (Sardinian)
  • FédiQuébec (French)
  • GiorgioHerbie (Italian)
  • Marcin Mikołajczak (Polish)
  • ariasuni (French; Esperanto)
  • Thai Localization (Thai)
  • 奈卜拉 (Chinese Simplified)
  • Mentor Gashi (Albanian)
  • Xosé M. (Galician)
  • axi (Finnish)
  • Selyan Slimane AMIRI (Kabyle)
  • Alix Rossi (Corsican)
  • Jeroen (Dutch)
  • SteinarK (Norwegian Nynorsk)
  • ThonyVezbe (Breton)
  • Hrach Mkrtchyan (Armenian)
  • Gwenn (Breton)
  • ᏦᏁᎢᎵᏫ 😷 (Spanish, Argentina)
  • Danial Behzadi (Persian)
  • spla (Catalan)
  • Rafael H L Moretti (Portuguese, Brazilian)
  • Jeong Arm (Korean; Esperanto)
  • koyu (German)
  • Yi-Jyun Pan (Chinese Traditional)
  • norayr (Armenian)
  • Alessandro Levati (Italian)
  • Sasha Sorokin (Russian; Catalan; Greek; Hungarian; Armenian; Albanian; Galician)
  • gagik_ (Armenian)
  • lamnatos (Greek)
  • Sveinn í Felli (Icelandic)
  • Zoltán Gera (Hungarian)
  • cybergene (Japanese)
  • Tagomago (Spanish)
  • Michal Stanke (Czech)
  • borys_sh (Ukrainian)
  • Ramdziana F Y (Indonesian)
  • Osoitz (Basque)
  • Maya Minatsuki (Japanese)
  • William(ѕ)ⁿ (Spanish)
  • BurekzFinezt (Serbian)
  • Evert Prants (Estonian)
  • ThibG (French)
  • Dewi (Breton)
  • Emyn-Russell Nt Nefydd (Welsh)
  • vishnuvaratharajan (Tamil)
  • tolstoevsky (Russian)
  • Diluns (Occitan)
  • Falling Snowdin (Vietnamese)
  • Marek Ľach (Slovak)
  • Balázs Meskó (Hungarian)
  • Ryo (Korean)
  • Roboron (Spanish)
  • StanleyFrew (French)
  • PPNplus (Thai)
  • Heimen Stoffels (Dutch)
  • Andrew (Romanian)
  • Iváns (Galician)
  • Carlos Solís (Esperanto)
  • Sokratis Alichanidis (Greek)
  • TS (Finnish)
  • SensDeViata (Ukrainian)
  • AzureNya (Chinese Simplified)
  • OctolinGamer (Portuguese, Brazilian)
  • 北䑓如法 (Japanese)
  • Laura (Polish)
  • Imre Kristoffer Eilertsen (Norwegian)
  • Rikard Linde (Swedish)
  • Ali Demirtaş (Turkish)
  • diorama (Italian)
  • Daniele Lira Mereb (Portuguese, Brazilian)
  • Goudarz Jafari (Persian)
  • psymyn (Hebrew)
  • v4vachan (Malayalam)
  • Sebastián Andil (Slovak)
  • Khóo (Chinese Traditional)
  • ZiriSut (Kabyle)
  • strubbl (German)
  • Reg3xp (Persian)
  • AlexKoala (Korean)
  • VSx86 (Russian)
  • Mo_der Steven (Chinese Simplified)
  • musix (Persian)
  • ギャラ (Chinese Simplified; Japanese)
  • Saederup92 (Danish)
  • mynameismonkey (Welsh)
  • omquylzu (Latvian)
  • Miro Rauhala (Finnish)
  • 硫酸鶏 (Japanese)
  • siamano (Thai; Esperanto)
  • Viorel-Cătălin Răpițeanu (Romanian)
  • Pachara Chantawong (Thai)
  • Balázs Meskó (Hungarian)
  • Steven Tappert (German)
  • Unmual (Spanish)
  • Zijian Zhao (Chinese Simplified)
  • Skew (French)
  • enolp (Asturian)
  • Yann Aguettaz (French)
  • Mick Onio (Asturian)
  • r3dsp1 (Chinese Traditional, Hong Kong)
  • Tianqi Zhang (Chinese Simplified)
  • piupiupiudiu (Chinese Simplified)
  • Padraic Calpin (Slovenian)
  • るいーね (Japanese)
  • Belkacem Mohammed (Kabyle)
  • Miquel Sabaté Solà (Catalan)
  • serubeena (Swedish)
  • Solid Rhino (Dutch)
  • Rintan (Japanese)
  • 林水溶 (Chinese Simplified)
  • Tagada (French)
  • shafouz (Portuguese, Brazilian)
  • Tom_ (Czech)
  • OminousCry (Russian)
  • ALEM FARID (Kabyle)
  • Nathaël Noguès (French)
  • Robin van der Vliet (Esperanto)
  • twpenguin (Chinese Traditional)
  • Paz Galindo (Spanish)
  • 夜楓Yoka (Chinese Simplified)
  • mkljczk (Polish)
  • kiwi0 (Italian)
  • Esther (Portuguese)
  • Renato "Lond" Cerqueira (Portuguese, Brazilian)
  • igordrozniak (Polish)
  • Philipp Fischbeck (German)
  • GaggiX (Italian)
  • Allen Zhong (Chinese Simplified)
  • Albatroz Jeremias (Portuguese)
  • Nocta (French)
  • pezcurrel (Italian)
  • Aditoo17 (Czech)
  • 森の子リスのミーコの大冒険 (Japanese)
  • Doug (Portuguese, Brazilian)
  • Fleva (Sardinian)
Assets 2
Pre-release
Pre-release

@Gargron Gargron released this Jul 24, 2020 · 93 commits to master since this release

Mastodon

Note: This is a release candidate. It is intended to be stable, but not guaranteed.

Changelog

Added

  • Add SMTP_SSL environment variable (OmmyZhang)
  • Add hotkey for toggling content warning input in web UI (ThibG)
  • Add e-mail-based sign in challenge for users with disabled 2FA (Gargron)
    • If user tries signing in after:
      • Being inactive for a while
      • With a previously unknown IP
      • Without 2FA being enabled
    • Require to enter a token sent via e-mail before sigining in
  • Add limit param to RSS feeds (noellabo)
  • Add visibility param to share page (noellabo)
  • Add blurhash to link previews (ThibG, ThibG, ThibG, Sasha-Sorokin, Sasha-Sorokin, ThibG, ThibG, ThibG)
    • In web UI, toots cannot be marked as sensitive unless there is media attached
    • However, it's possible to do via API or ActivityPub
    • Thumnails of link previews of such posts now use blurhash in web UI
    • The Card entity in REST API has a new blurhash attribute
  • Add support for summary field for media description in ActivityPub (ThibG)
  • Add hints about incomplete remote content to web UI (Gargron, noellabo)
  • Add personal notes for accounts (ThibG, Gargron, Sasha-Sorokin)
    • To clarify, these are notes only you can see, to help you remember details
    • Notes can be viewed and edited from profiles in web UI
    • New REST API: POST /api/v1/accounts/:id/note with comment param
    • The Relationship entity in REST API has a new note attribute
  • Add Helm chart (dunn, dunn, dunn)
  • Add customizable thumbnails for audio and video attachments (Gargron, Gargron, Gargron, Gargron, ThibG, ThibG, noellabo, noellabo)
    • Metadata (album, artist, etc) is no longer stripped from audio files
    • Album art is automatically extracted from audio files
    • Thumbnail can be manually uploaded for both audio and video attachments
    • Media upload APIs now support thumbnail param
      • On POST /api/v1/media and POST /api/v2/media
      • And on PUT /api/v1/media/:id
    • ActivityPub representation of media attachments represents custom thumbnails with an icon attribute
    • The Media Attachment entity in REST API now has a preview_remote_url to its preview_url, equivalent to remote_url to its url
  • Add color extraction for thumbnails (Gargron, ThibG)
    • The meta attribute on the Media Attachment entity in REST API can now have a colors attribute which in turn contains three hex colors: background, foreground, and accent
    • The background color is chosen from the most dominant color around the edges of the thumbnail
    • The foreground and accent colors are chosen from the colors that are the most different from the background color using the CIEDE2000 algorithm
    • The most satured color of the two is designated as the accent color
    • The one with the highest W3C contrast is designated as the foreground color
    • If there are not enough colors in the thumbnail, new ones are generated using a monochrome pattern
  • Add a visibility indicator to toots in web UI (noellabo, highemerly)
  • Add tootctl email_domain_blocks (tateisu, Gargron)
  • Add "Add new domain block" to header of federation page in admin UI (ariasuni)
  • Add ability to keep emoji picker open with ctrl+click in web UI (bclindner, noellabo)
  • Add custom icon for private boosts in web UI (ThibG)
  • Add support for Create and Update activities that don't inline objects in ActivityPub (ThibG)
  • Add support for Undo activities that don't inline activities in ActivityPub (ThibG)

Changed

  • Change .env.production.sample to be leaner and cleaner (Gargron)
    • It was overloaded as de-facto documentation and getting quite crowded
    • Defer to the actual documentation while still giving a minimal example
  • Change tootctl search deploy to work faster and display progress (Gargron)
  • Change User-Agent of link preview fetching service to include "Bot" (Gargron)
    • Some websites may not render OpenGraph tags into HTML if that's not the case
  • Change behaviour to carry blocks over when someone migrates their followers (ThibG)
  • Change volume control and download buttons in web UI (Gargron)
  • Change design of audio players in web UI (Gargron, ThibG, Gargron, ThibG, Gargron, ThibG)
  • Change reply filter to never filter own toots in web UI (ThibG)
  • Change boost button to no longer serve as visibility indicator in web UI (noellabo, ThibG)
  • Change contrast of flash messages (cchoi12)
  • Change wording from "Hide media" to "Hide image/images" in web UI (ariasuni)
  • Change appearence of settings pages to be more consistent (ariasuni)
  • Change "Add media" tooltip to not include long list of formats in web UI (ariasuni)
  • Change how badly contrasting emoji are rendered in web UI (leo60228, ThibG, mfmfuyu, ThibG)
  • Change structure of unavailable content section on about page (ariasuni)
  • Change behaviour to accept ActivityPub activities relayed through group actor (noellabo)
  • Change amount of processing retries for ActivityPub activities (noellabo)

Removed

  • Remove the terms "blacklist" and "whitelist" from UX (Gargron, mayaeh)
    • Environment variables changed (old versions continue to work):
      • WHITELIST_MODELIMITED_FEDERATION_MODE
      • EMAIL_DOMAIN_BLACKLISTEMAIL_DOMAIN_DENYLIST
      • EMAIL_DOMAIN_WHITELISTEMAIL_DOMAIN_ALLOWLIST
    • CLI option changed:
      • tootctl domains purge --whitelist-modetootctl domains purge --limited-federation-mode
  • Remove some unnecessary database indices (lfuelling, noellabo)
  • Remove unnecessary Node.js version upper bound (ykzts)

Fixed

  • Fix sometimes occuring duplicate mention notifications (noellabo)
  • Fix RSS feeds not being cachable (ThibG)
  • Fix lack of locking around processing of Announce activities in ActivityPub (noellabo)
  • Fix boosted toots from blocked account not being retroactively removed from TL (ThibG)
  • Fix large shortened numbers (like 1.2K) using incorrect pluralization (Sasha-Sorokin)
  • Fix streaming server trying to use empty password to connect to Redis when REDIS_PASSWORD is given but blank (ThibG)
  • Fix being unable to unboost posts when blocked by their author (ThibG)
  • Fix account domain block not properly unfollowing accounts from domain (Gargron)
  • Fix removing a domain allow wiping known accounts in open federation mode (ThibG)
  • Fix blocks and mutes pagination in web UI (ThibG)
  • Fix new posts pushing down origin of opened dropdown in web UI (ThibG, ThibG)
  • Fix timeline markers not being saved sometimes (ThibG, ThibG, ThibG)
  • Fix CSV uploads being rejected (noellabo)
  • Fix incompatibility with ElasticSearch 7.x (noellabo)
  • Fix being able to search posts where you're in the target audience but not actively mentioned (noellabo)
  • Fix non-local posts appearing on local-only hashtag timelines in web UI (noellabo)
  • Fix tootctl media remove-orphans choking on unknown files in storage (Gargron)
  • Fix tootctl upgrade storage-schema misbehaving (Gargron, angristan)
    • Fix it marking records as upgraded even though no files were moved
    • Fix it not working with S3 storage
    • Fix it not working with custom emojis
  • Fix GIF reader raising incorrect exceptions (ThibG)
  • Fix hashtag search performing account search as well (ThibG)
  • Fix Webfinger returning wrong status code on malformed or missing param (ThibG)
  • Fix rake mastodon:setup error when some environment variables are set (ThibG)
  • Fix admin page crashing when trying to block an invalid domain name in admin UI (ThibG)
  • Fix unsent toot confirmation dialog not popping up in single column mode in web UI (ThibG)
  • Fix performance of follow import (noellabo)
    • Reduce timeout of Webfinger requests to that of other requests
    • Use circuit breakers to stop hitting unresponsive servers
    • Avoid hitting servers that are already known to be generally unavailable
  • Fix filters ignoring media descriptions (BenLubar)
  • Fix some actions on custom emojis leading to cryptic errors in admin UI (ThibG)
  • Fix ActivityPub serialization of replies when some of them are URIs (ThibG)
  • Fix rake mastodon:setup choking on environment variables containing % (ThibG)
  • Fix account redirect confirmation message talking about moved followers (ThibG)
  • Fix avatars having the wrong size on public detailed status pages (ThibG)
  • Fix various issues around OpenGraph representation of media (Gargron)
    • Pages containing audio no longer say "Attached: 1 image" in description
    • Audio attachments now represented as OpenGraph og:audio
    • The twitter:player page now uses Mastodon's proper audio/video player
    • Audio/video buffered bars now display correctly in audio/video player
    • Volume and progress bars now respond to movement/move smoother
  • Fix audio/video/images/cards not reacting to window resizes in web UI (Gargron)
  • Fix very wide media attachments resulting in too thin a thumbnail in web UI (ThibG)
  • Fix crash when merging posts into home feed after following someone (ThibG)
  • Fix unique username constraint for local users not being enforced in database (ThibG)
  • Fix unnecessary gap under video modal in web UI (mfmfuyu)
  • Fix 2FA and sign in token pages not respecting user locale (mfmfuyu)
  • Fix unapproved users being able to view profiles when in limited-federation mode and requiring approval for sign-ups (ThibG)
  • Fix initial audio volume not corresponding to what's displayed in audio player in web UI (ThibG)
  • Fix timelines sometimes jumping when closing modals in web UI (ThibG)
  • Fix memory usage of downloading remote files (Gargron, Gargron, noellabo)
    • Don't read entire file (up to 40 MB) into memory
    • Read and write it to temp file in small chunks
  • Fix inconsistent account header padding in web UI (trwnh)
  • Fix Thai being skipped from language detection (Sasha-Sorokin)
    • Since Thai has its own alphabet, it can be detected more reliably
  • Fix broken hashtag column options styling in web UI (ThibG)
  • Fix pointer cursor being shown on toots that are not clickable in web UI (arielrodrigues)
  • Fix lock icon not being shown when locking account in profile settings (ThibG)
  • Fix domain blocks doing work the wrong way around (ThibG)
    • Instead of suspending accounts one by one, mark all as suspended first (quick)
    • Only then proceed to start removing their data (slow)
    • Clear out media attachments in a separate worker (slow)

Upgrade notes

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Non-Docker only:

  • Install dependencies: bundle install and yarn install
  • ⚠️ No longer compatible with ElasticSearch <6.8 due to an upstream library update

Both Docker and non-Docker:

⚠️ If you are serving user-uploaded files from a differet domain/subdomain than the one the Mastodon web UI is served from, please keep in mind that you need to return CORS headers on those files, otherwise the new audio player will not work. Here is an example of nginx directives for returning the appropriate CORS headers:

add_header 'Access-Control-Allow-Origin'  '*';

Some object storage providers may have preferences for such CORS headers in their control panels.

  1. Run database migrations:
    • Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm web rails db:migrate
  2. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
  3. Restart all Mastodon processes
  4. Clear cache:
    • Non-Docker: RAILS_ENV=production bin/tootctl cache clear
    • Docker: docker-compose run --rm web bin/tootctl cache clear

Translators

  • Duy (Vietnamese)
  • stan ionut (Romanian)
  • Besnik_b (Albanian)
  • Emanuel Pina (Portuguese)
  • regulartranslator (Portuguese, Brazilian)
  • ButterflyOfFire (Arabic; Kabyle; French)
  • adrmzz (Sardinian)
  • FédiQuébec (French)
  • GiorgioHerbie (Italian)
  • Marcin Mikołajczak (Polish)
  • ariasuni (French; Esperanto)
  • Thai Localization (Thai)
  • 奈卜拉 (Chinese Simplified)
  • Mentor Gashi (Albanian)
  • Xosé M. (Galician)
  • axi (Finnish)
  • Selyan Slimane AMIRI (Kabyle)
  • Alix Rossi (Corsican)
  • Jeroen (Dutch)
  • SteinarK (Norwegian Nynorsk)
  • ThonyVezbe (Breton)
  • Hrach Mkrtchyan (Armenian)
  • Gwenn (Breton)
  • ᏦᏁᎢᎵᏫ 😷 (Spanish, Argentina)
  • Danial Behzadi (Persian)
  • spla (Catalan)
  • Rafael H L Moretti (Portuguese, Brazilian)
  • Jeong Arm (Korean; Esperanto)
  • koyu (German)
  • Yi-Jyun Pan (Chinese Traditional)
  • norayr (Armenian)
  • Alessandro Levati (Italian)
  • Sasha Sorokin (Russian; Catalan; Greek; Hungarian; Armenian; Albanian; Galician)
  • gagik_ (Armenian)
  • lamnatos (Greek)
  • Sveinn í Felli (Icelandic)
  • Zoltán Gera (Hungarian)
  • cybergene (Japanese)
  • Tagomago (Spanish)
  • Michal Stanke (Czech)
  • borys_sh (Ukrainian)
  • Ramdziana F Y (Indonesian)
  • Osoitz (Basque)
  • Maya Minatsuki (Japanese)
  • William(ѕ)ⁿ (Spanish)
  • BurekzFinezt (Serbian)
  • Evert Prants (Estonian)
  • ThibG (French)
  • Dewi (Breton)
  • Emyn-Russell Nt Nefydd (Welsh)
  • vishnuvaratharajan (Tamil)
  • tolstoevsky (Russian)
  • Diluns (Occitan)
  • Falling Snowdin (Vietnamese)
  • Marek Ľach (Slovak)
  • Balázs Meskó (Hungarian)
  • Ryo (Korean)
  • Roboron (Spanish)
  • StanleyFrew (French)
  • PPNplus (Thai)
  • Heimen Stoffels (Dutch)
  • Andrew (Romanian)
  • Iváns (Galician)
  • Carlos Solís (Esperanto)
  • Sokratis Alichanidis (Greek)
  • TS (Finnish)
  • SensDeViata (Ukrainian)
  • AzureNya (Chinese Simplified)
  • OctolinGamer (Portuguese, Brazilian)
  • 北䑓如法 (Japanese)
  • Laura (Polish)
  • Imre Kristoffer Eilertsen (Norwegian)
  • Rikard Linde (Swedish)
  • Ali Demirtaş (Turkish)
  • diorama (Italian)
  • Daniele Lira Mereb (Portuguese, Brazilian)
  • Goudarz Jafari (Persian)
  • psymyn (Hebrew)
  • v4vachan (Malayalam)
  • Sebastián Andil (Slovak)
  • Khóo (Chinese Traditional)
  • ZiriSut (Kabyle)
  • strubbl (German)
  • Reg3xp (Persian)
  • AlexKoala (Korean)
  • VSx86 (Russian)
  • Mo_der Steven (Chinese Simplified)
  • musix (Persian)
  • ギャラ (Chinese Simplified; Japanese)
  • Saederup92 (Danish)
  • mynameismonkey (Welsh)
  • omquylzu (Latvian)
  • Miro Rauhala (Finnish)
  • 硫酸鶏 (Japanese)
  • siamano (Thai; Esperanto)
  • Viorel-Cătălin Răpițeanu (Romanian)
  • Pachara Chantawong (Thai)
  • Balázs Meskó (Hungarian)
  • Steven Tappert (German)
  • Unmual (Spanish)
  • Zijian Zhao (Chinese Simplified)
  • Skew (French)
  • enolp (Asturian)
  • Yann Aguettaz (French)
  • Mick Onio (Asturian)
  • r3dsp1 (Chinese Traditional, Hong Kong)
  • Tianqi Zhang (Chinese Simplified)
  • piupiupiudiu (Chinese Simplified)
  • Padraic Calpin (Slovenian)
  • るいーね (Japanese)
  • Belkacem Mohammed (Kabyle)
  • Miquel Sabaté Solà (Catalan)
  • serubeena (Swedish)
  • Solid Rhino (Dutch)
  • Rintan (Japanese)
  • 林水溶 (Chinese Simplified)
  • Tagada (French)
  • shafouz (Portuguese, Brazilian)
  • Tom_ (Czech)
  • OminousCry (Russian)
  • ALEM FARID (Kabyle)
  • Nathaël Noguès (French)
  • Robin van der Vliet (Esperanto)
  • twpenguin (Chinese Traditional)
  • Paz Galindo (Spanish)
  • 夜楓Yoka (Chinese Simplified)
  • mkljczk (Polish)
  • kiwi0 (Italian)
  • Esther (Portuguese)
  • Renato "Lond" Cerqueira (Portuguese, Brazilian)
  • igordrozniak (Polish)
  • Philipp Fischbeck (German)
  • GaggiX (Italian)
  • Allen Zhong (Chinese Simplified)
  • Albatroz Jeremias (Portuguese)
  • Nocta (French)
  • pezcurrel (Italian)
  • Aditoo17 (Czech)
  • 森の子リスのミーコの大冒険 (Japanese)
  • Doug (Portuguese, Brazilian)
  • Fleva (Sardinian)
Assets 2
Pre-release
Pre-release

@Gargron Gargron released this Jul 15, 2020 · 120 commits to master since this release

Mastodon

Note: This is a release candidate. It is intended to be stable, but not guaranteed.

Changelog

Added

  • Add SMTP_SSL environment variable (OmmyZhang)
  • Add hotkey for toggling content warning input in web UI (ThibG)
  • Add e-mail-based sign in challenge for users with disabled 2FA (Gargron)
    • If user tries signing in after:
      • Being inactive for a while
      • With a previously unknown IP
      • Without 2FA being enabled
    • Require to enter a token sent via e-mail before sigining in
  • Add limit param to RSS feeds (noellabo)
  • Add visibility param to share page (noellabo)
  • Add blurhash to link previews (ThibG, ThibG, ThibG, Sasha-Sorokin, Sasha-Sorokin, ThibG, ThibG, ThibG)
    • In web UI, toots cannot be marked as sensitive unless there is media attached
    • However, it's possible to do via API or ActivityPub
    • Thumnails of link previews of such posts now use blurhash in web UI
    • The Card entity in REST API has a new blurhash attribute
  • Add support for summary field for media description in ActivityPub (ThibG)
  • Add hints about incomplete remote content to web UI (Gargron, noellabo)
  • Add personal notes for accounts (ThibG, Gargron, Sasha-Sorokin)
    • To clarify, these are notes only you can see, to help you remember details
    • Notes can be viewed and edited from profiles in web UI
    • New REST API: POST /api/v1/accounts/:id/note with comment param
    • The Relationship entity in REST API has a new note attribute
  • Add Helm chart (dunn, dunn, dunn)
  • Add customizable thumbnails for audio and video attachments (Gargron, Gargron, Gargron, Gargron, ThibG, ThibG)
    • Metadata (album, artist, etc) is no longer stripped from audio files
    • Album art is automatically extracted from audio files
    • Thumbnail can be manually uploaded for both audio and video attachments
    • Media upload APIs now support thumbnail param
      • On POST /api/v1/media and POST /api/v2/media
      • And on PUT /api/v1/media/:id
    • ActivityPub representation of media attachments represents custom thumbnails with an icon attribute
  • Add color extraction for thumbnails (Gargron, ThibG)
    • The meta attribute on the Media Attachment entity in REST API can now have a colors attribute which in turn contains three hex colors: background, foreground, and accent
    • The background color is chosen from the most dominant color around the edges of the thumbnail
    • The foreground and accent colors are chosen from the colors that are the most different from the background color using the CIEDE2000 algorithm
    • The most satured color of the two is designated as the accent color
    • The one with the highest W3C contrast is designated as the foreground color
    • If there are not enough colors in the thumbnail, new ones are generated using a monochrome pattern
  • Add a visibility indicator to toots in web UI (noellabo, highemerly)
  • Add tootctl email_domain_blocks (tateisu, Gargron)
  • Add "Add new domain block" to header of federation page in admin UI (ariasuni)
  • Add ability to keep emoji picker open with ctrl+click in web UI (bclindner, noellabo)

Changed

  • Change .env.production.sample to be leaner and cleaner (Gargron)
    • It was overloaded as de-facto documentation and getting quite crowded
    • Defer to the actual documentation while still giving a minimal example
  • Change tootctl search deploy to work faster and display progress (Gargron)
  • Change User-Agent of link preview fetching service to include "Bot" (Gargron)
    • Some websites may not render OpenGraph tags into HTML if that's not the case
  • Change behaviour to carry blocks over when someone migrates their followers (ThibG)
  • Change volume control and download buttons in web UI (Gargron)
  • Change design of audio players in web UI (Gargron, ThibG, Gargron, ThibG, Gargron)
  • Change reply filter to never filter own toots in web UI (ThibG)
  • Change boost button to no longer serve as visibility indicator in web UI (noellabo)
  • Change contrast of flash messages (cchoi12)
  • Change wording from "Hide media" to "Hide image/images" in web UI (ariasuni)
  • Change appearence of settings pages to be more consistent (ariasuni)
  • Change "Add media" tooltip to not include long list of formats in web UI (ariasuni)
  • Change how badly contrasting emoji are rendered in web UI (leo60228, ThibG, mfmfuyu, ThibG)
  • Change structure of unavailable content section on about page (ariasuni)
  • Change behaviour to accept ActivityPub activities relayed through group actor (noellabo)

Removed

  • Remove the terms "blacklist" and "whitelist" from UX (Gargron, mayaeh)
    • Environment variables changed (old versions continue to work):
      • WHITELIST_MODELIMITED_FEDERATION_MODE
      • EMAIL_DOMAIN_BLACKLISTEMAIL_DOMAIN_DENYLIST
      • EMAIL_DOMAIN_WHITELISTEMAIL_DOMAIN_ALLOWLIST
    • CLI option changed:
      • tootctl domains purge --whitelist-modetootctl domains purge --limited-federation-mode
  • Remove some unnecessary database indices (lfuelling, noellabo)
  • Remove unnecessary Node.js version upper bound (ykzts)

Fixed

  • Fix large shortened numbers (like 1.2K) using incorrect pluralization (Sasha-Sorokin)
  • Fix streaming server trying to use empty password to connect to Redis when REDIS_PASSWORD is given but blank (ThibG)
  • Fix being unable to unboost posts when blocked by their author (ThibG)
  • Fix account domain block not properly unfollowing accounts from domain (Gargron)
  • Fix removing a domain allow wiping known accounts in open federation mode (ThibG)
  • Fix blocks and mutes pagination in web UI (ThibG)
  • Fix new posts pushing down origin of opened dropdown in web UI (ThibG)
  • Fix timeline markers not being saved sometimes (ThibG, ThibG, ThibG)
  • Fix CSV uploads being rejected (noellabo)
  • Fix incompatibility with ElasticSearch 7.x (noellabo)
  • Fix being able to search posts where you're in the target audience but not actively mentioned (noellabo)
  • Fix non-local posts appearing on local-only hashtag timelines in web UI (noellabo)
  • Fix tootctl media remove-orphans choking on unknown files in storage (Gargron)
  • Fix tootctl upgrade storage-schema misbehaving (Gargron, angristan)
    • Fix it marking records as upgraded even though no files were moved
    • Fix it not working with S3 storage
    • Fix it not working with custom emojis
  • Fix GIF reader raising incorrect exceptions (ThibG)
  • Fix hashtag search performing account search as well (ThibG)
  • Fix Webfinger returning wrong status code on malformed or missing param (ThibG)
  • Fix rake mastodon:setup error when some environment variables are set (ThibG)
  • Fix admin page crashing when trying to block an invalid domain name in admin UI (ThibG)
  • Fix unsent toot confirmation dialog not popping up in single column mode in web UI (ThibG)
  • Fix performance of follow import (noellabo)
    • Reduce timeout of Webfinger requests to that of other requests
    • Use circuit breakers to stop hitting unresponsive servers
    • Avoid hitting servers that are already known to be generally unavailable
  • Fix filters ignoring media descriptions (BenLubar)
  • Fix soem actions on custom emojis leading to cryptic errors in admin UI (ThibG)
  • Fix ActivityPub serialization of replies when some of them are URIs (ThibG)
  • Fix rake mastodon:setup choking on environment variables containing % (ThibG)
  • Fix account redirect confirmation message talking about moved followers (ThibG)
  • Fix avatars having the wrong size on public detailed status pages (ThibG)
  • Fix various issues around OpenGraph representation of media (Gargron)
    • Pages containing audio no longer say "Attached: 1 image" in description
    • Audio attachments now represented as OpenGraph og:audio
    • The twitter:player page now uses Mastodon's proper audio/video player
    • Audio/video buffered bars now display correctly in audio/video player
    • Volume and progress bars now respond to movement/move smoother
  • Fix audio/video/images/cards not reacting to window resizes in web UI (Gargron)
  • Fix very wide media attachments resulting in too thin a thumbnail in web UI (ThibG)
  • Fix crash when merging posts into home feed after following someone (ThibG)
  • Fix unique username constraint for local users not being enforced in database (ThibG)
  • Fix unnecessary gap under video modal in web UI (mfmfuyu)
  • Fix 2FA and sign in token pages not respecting user locale (mfmfuyu)
  • Fix unapproved users being able to view profiles when in limited-federation mode and requiring approval for sign-ups (ThibG)
  • Fix initial audio volume not corresponding to what's displayed in audio player in web UI (ThibG)
  • Fix timelines sometimes jumping when closing modals in web UI (ThibG)
  • Fix memory usage of downloading remote files (Gargron, Gargron)
    • Don't read entire file (up to 40 MB) into memory
    • Read and write it to temp file in small chunks
  • Fix inconsistent account header padding in web UI (trwnh)
  • Fix Thai being skipped from language detection (Sasha-Sorokin)
    • Since Thai has its own alphabet, it can be detected more reliably
  • Fix broken hashtag column options styling in web UI (ThibG)
  • Fix pointer cursor being shown on toots that are not clickable in web UI (arielrodrigues)
  • Fix lock icon not being shown when locking account in profile settings (ThibG)
  • Fix domain blocks doing work the wrong way around (ThibG)
    • Instead of suspending accounts one by one, mark all as suspended first (quick)
    • Only then proceed to start removing their data (slow)
    • Clear out media attachments in a separate worker (slow)

Upgrade notes

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Non-Docker only:

  • Install dependencies: bundle install and yarn install

Both Docker and non-Docker:

  1. Run database migrations:
    • Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm web rails db:migrate
  2. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
  3. Restart all Mastodon processes

Translators

TBA

Assets 2

@Gargron Gargron released this Jul 7, 2020 · 471 commits to master since this release

Mastodon

Changelog

Security

  • Fix media attachment enumeration (ThibG)
  • Change rate limits for various paths (Gargron)
  • Fix other sessions not being logged out on password change (Gargron)

Upgrade notes

Because this is a backport, it is not available with git pull. Use git fetch && git checkout v3.1.5

Both Docker and non-Docker:

  1. Restart all Mastodon processes
Assets 2
  • v3.1.4
  • c9dcc2d
  • Compare
    Choose a tag to compare
    Search for a tag
  • v3.1.4
  • c9dcc2d
  • Compare
    Choose a tag to compare
    Search for a tag

@Gargron Gargron released this May 14, 2020 · 471 commits to master since this release

Mastodon

Changelog

Added

  • Add vi to available locales (taicv)
  • Add ability to remove identity proofs from account (Gargron)
  • Add ability to exclude local content from federated timeline (noellabo, noellabo)
    • Add remote param to GET /api/v1/timelines/public REST API
    • Add public/remote / public:remote variants to streaming API
    • "Remote only" option in federated timeline column settings in web UI
  • Add ability to exclude remote content from hashtag timelines in web UI (noellabo)
    • No changes to REST API
    • "Local only" option in hashtag column settings in web UI
  • Add Capistrano tasks that reload the services after deploying (berkes)
  • Add invites_enabled attribute to GET /api/v1/instance in REST API (ThibG)
  • Add tootctl emoji export command (lfuelling)
  • Add separate cache directory for non-local uploads (Gargron, Hanage999, mayaeh)
    • Add tootctl upgrade storage-schema command to move old non-local uploads to the cache directory
    • ⚠️ You are not required to run this command for the new storage schema to function! Old files will simply remain where they are while new files will be saved under the cache directory. The command would incur data transfer costs with your storage provider
  • Add buttons to delete header and avatar from profile settings (sternenseemann)
  • Add emoji graphics and shortcodes from Twemoji 12.1.5 (DeeUnderscore)

Changed

  • Change error message when trying to migrate to an account that does not have current account set as an alias to be more clear (TheEvilSkeleton)
  • Change delivery failure tracking to work with hostnames instead of URLs (Gargron, noellabo, noellabo, noellabo)
  • Change Content-Security-Policy to not need unsafe-inline style-src (ThibG, ThibG, ThibG, ThibG, ThibG)
  • Change how RSS items are titled and formatted (ThibG, ykzts)

Fixed

  • Fix dropdown of muted and followed accounts offering option to hide boosts in web UI (ThibG)
  • Fix "You are already signed in" alert being shown at wrong times (ThibG)
  • Fix retrying of failed-to-download media files not actually working (noellabo)
  • Fix first poll option not being focused when adding a poll in web UI (ThibG)
  • Fix sr locale being selected over sr-Latn (ThibG)
  • Fix error within error when limiting backtrace to 3 lines (Gargron)
  • Fix tootctl media remove-orphans crashing on "Import" files (ThibG)
  • Fix regression in tootctl media remove-orphans (Gargron)
  • Fix old unique jobs digests not having been cleaned up (Gargron)
  • Fix own following/followers not showing muted users (ThibG)
  • Fix list of followed people ignoring sorting on Follows & Followers page (taras2358)
  • Fix wrong pgHero Content-Security-Policy when CDN_HOST is set (ThibG)
  • Fix needlessly deduplicating usernames on collisions with remote accounts when signing-up through SAML/CAS (kaiyou)
  • Fix page incorrectly scrolling when bringing up dropdown menus in web UI (ThibG)
  • Fix messed up z-index when NoScript blocks media/previews in web UI (ThibG)
  • Fix "See what's happening" page showing public instead of local timeline for logged-in users (ThibG)
  • Fix not being able to resolve public resources in development environment (Gargron)
  • Fix uninformative error message when uploading unsupported image files (ThibG)
  • Fix expanded video player issues in web UI (ThibG, eai04191)
  • Fix and refactor keyboard navigation in dropdown menus in web UI (ThibG)
  • Fix uploaded image orientation being messed up in some browsers in web UI (ThibG)
  • Fix actions log crash when displaying updates of deleted announcements in admin UI (ThibG)
  • Fix search not working due to proxy settings when using hidden services (Gargron)
  • Fix poll refresh button not being debounced in web UI (rasjonell, ThibG)
  • Fix confusing error when failing to add an alias to an unknown account (ThibG)
  • Fix "Email changed" notification sometimes having wrong e-mail (ThibG)
  • Fix varioues issues on the account aliases page (ThibG)
  • Fix API footer link in web UI (bubblineyuri)
  • Fix pagination of following, followers, follow requests, blocks and mutes lists in web UI (ThibG)
  • Fix styling of polls in JS-less fallback on public pages (ThibG)
  • Fix trying to delete already deleted file when post-processing (Gargron)

Security

  • Fix Doorkeeper vulnerability that exposed app secret to users who authorized the app and reset secret of the web UI that could have been exposed (dependabot-preview[bot], Gargron)
    • For apps that self-register on behalf of every individual user (such as most mobile apps), this is a non-issue
    • The issue only affects developers of apps who are shared between multiple users, such as server-side apps like cross-posters

Upgrade notes

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Non-Docker only:

  • Install dependencies: bundle install and yarn install

Both Docker and non-Docker:

  1. Run database migrations:
    • Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm web rails db:migrate
  2. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
  3. Restart all Mastodon processes
Assets 2
  • v3.1.3
  • 85f0e0a
  • Compare
    Choose a tag to compare
    Search for a tag
  • v3.1.3
  • 85f0e0a
  • Compare
    Choose a tag to compare
    Search for a tag

@Gargron Gargron released this Apr 5, 2020 · 701 commits to master since this release

Mastodon

Changelog

Added

  • Add ability to filter audit log in admin UI (Gargron)
  • Add titles to warning presets in admin UI (Gargron)
  • Add option to include resolved DNS records when blacklisting e-mail domains in admin UI (Gargron)
  • Add ability to delete files uploaded for settings in admin UI (ThibG)
  • Add sorting by username, creation and last activity in admin UI (ThibG)
  • Add explanation as to why unlocked accounts may have follow requests in web UI (ThibG)
  • Add link to bookmarks to dropdown in web UI (mayaeh)
  • Add support for links to statuses in announcements to be opened in web UI (ThibG, ThibG)
  • Add tooltips to audio/video player buttons in web UI (ariasuni)
  • Add submit button to the top of preferences pages (guigeekz)
  • Add specific rate limits for posting, following and reporting (Gargron, Gargron)
    • 300 posts every 3 hours
    • 400 follows or follow requests every 24 hours
    • 400 reports every 24 hours
  • Add federation support for the "hide network" preference (ThibG)
  • Add --skip-media-remove option to tootctl statuses remove (tateisu)

Changed

  • Change design of polls in web UI (Sasha-Sorokin, ThibG)
  • Change status click areas in web UI to be bigger (ariasuni)
  • Change tootctl media remove-orphans to work for all classes (Gargron)
  • Change local media attachments to perform heavy processing asynchronously (Gargron)
  • Change video uploads to always be converted to H264/MP4 (Gargron, ThibG, ThibG)
  • Change video uploads to enforce certain limits (Gargron)
    • Dimensions smaller than 1920x1200px
    • Frame rate at most 60fps
  • Change the tooltip "Toggle visibility" to "Hide media" in web UI (ariasuni)
  • Change description of privacy levels to be more intuitive in web UI (ariasuni)
  • Change GIF label to be displayed even when autoplay is enabled in web UI (koyuawsmbrtn)
  • Change the string "Hide everything from …" to "Block domain …" in web UI (ThibG, mayaeh)
  • Change wording of media display preferences to be more intuitive (ariasuni)

Deprecated

  • POST /api/v1/mediaPOST /api/v2/media (Gargron)

Fixed

  • Fix tootctl media remove-orphans ignoring PAPERCLIP_ROOT_PATH (Gargron)
  • Fix returning results when searching for URL with non-zero offset (Gargron)
  • Fix pinning a column in web UI sometimes redirecting out of web UI (Gargron)
  • Fix background jobs not using locks like they are supposed to (Gargron)
  • Fix content warning being unnecessarily cleared when hiding content warning input in web UI (ThibG)
  • Fix "Show more" not switching to "Show less" on public pages (ThibG)
  • Fix import overwrite option not being selectable (noellabo)
  • Fix wrong color for ellipsis in boost confirmation dialog in web UI (ariasuni)
  • Fix unnecessary unfollowing when importing follows with overwrite option (noellabo)
  • Fix 404 and 410 API errors being silently discarded in web UI (ThibG)
  • Fix OCR not working on Safari because of unsupported worker-src CSP (ThibG)
  • Fix media not being marked sensitive when a content warning is set with no text (ThibG)
  • Fix crash after deleting announcements in web UI (codesections, ThibG)
  • Fix bookmarks not being searchable (Kjwon15, noellabo)
  • Fix reported accounts not being whitelisted from further spam checks when resolving a spam check report (ThibG)
  • Fix web UI crash in single-column mode on prehistoric browsers (ThibG)
  • Fix some timeouts when searching for URLs (ThibG)
  • Fix detailed view of direct messages displaying a 0 boost count in web UI (ThibG)
  • Fix regression in “Edit media” modal in web UI (ThibG)
  • Fix public posts from silenced accounts not being changed to unlisted visibility (ThibG)
  • Fix error when searching for URLs that contain the mention syntax (ThibG)
  • Fix text area above/right of emoji picker being accidentally clickable in web UI (ariasuni)
  • Fix too large announcements not being scrollable in web UI (ThibG)
  • Fix tootctl media remove-orphans crashing when encountering invalid media (ThibG)
  • Fix installation failing when Redis password contains special characters (ThibG)
  • Fix announcements with fully-qualified mentions to local users crashing web UI (ThibG)

Security

  • Fix re-sending of e-mail confirmation not being rate limited (Gargron)

Upgrade notes

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Non-Docker only:

  • ⚠️ The minimum supported Redis version has changed from 3 to 4

    If you are on Ubuntu 16.04, which does not have the latest Redis in its default package repository, you can upgrade it through this custom repository:

    add-apt-repository ppa:chris-lea/redis-server
    apt update && apt upgrade
    
  • The recommended Ruby version has been bumped to 2.6.6. You can upgrade, or you can continue using the old version by overwriting the .ruby-version file with e.g. 2.6.5 or 2.6.1 which were recommended previously
  • Install dependencies: bundle install and yarn install

Both Docker and non-Docker:

  1. Run database migrations:
    • Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm web rails db:migrate
  2. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
  3. Restart all Mastodon processes
Assets 2
  • v3.1.2
  • aa8568b
  • Compare
    Choose a tag to compare
    Search for a tag
  • v3.1.2
  • aa8568b
  • Compare
    Choose a tag to compare
    Search for a tag

@Gargron Gargron released this Feb 27, 2020 · 844 commits to master since this release

Mastodon

Changelog

Added

  • Add --reset-password option to tootctl accounts modify (ThibG)
  • Add source-mapped stacktrace to error message in web UI (ThibG)

Fixed

  • Fix dismissing an announcement twice raising an obscure error (ThibG)
  • Fix misleading error when attempting to re-send a pending follow request (ThibG)
  • Fix backups failing when files are missing from media attachments (ThibG)
  • Fix duplicate accounts being created when fetching an account for its key only (ThibG)
  • Fix /web redirecting to /web/web in web UI (ThibG)
  • Fix previously OStatus-based accounts not being detected as ActivityPub (ThibG)
  • Fix account JSON/RSS not being cacheable due to wrong mime type comparison (ThibG)
  • Fix old browsers crashing because of missing finally polyfill in web UI (ThibG)
  • Fix account's bio not being shown if there are no proofs/fields in admin UI (ThibG)
  • Fix sign-ups without checked user agreement being accepted through the web form (ThibG)
  • Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (SaraSmiseth)
  • Fix invite request input not being shown on sign-up error if left empty (ThibG)
  • Fix some migration hints mentioning GitLab instead of Mastodon (saper)

Security

  • Fix leak of arbitrary statuses through unfavourite action in REST API (Gargron)

Upgrade notes

Non-Docker only:

  • Install dependencies: bundle install and yarn install

Both Docker and non-Docker:

  1. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
  2. Restart all Mastodon processes
Assets 2

@Gargron Gargron released this Feb 27, 2020

Mastodon

Changelog

Security

  • Fix leak of arbitrary statuses through unfavourite action in REST API (Gargron)

Upgrade notes

Because this is a backport, it is not available with git pull. Use git fetch && git checkout v3.0.2

Both Docker and non-Docker:

  1. Restart all Mastodon processes
Assets 2

@Gargron Gargron released this Feb 27, 2020

Mastodon

Changelog

Security

  • Fix leak of arbitrary statuses through unfavourite action in REST API (Gargron)

Upgrade notes

Because this is a backport, it is not available with git pull. Use git fetch && git checkout v2.9.4

Both Docker and non-Docker:

  1. Restart all Mastodon processes
Assets 2
  • v3.1.1
  • b752666
  • Compare
    Choose a tag to compare
    Search for a tag
  • v3.1.1
  • b752666
  • Compare
    Choose a tag to compare
    Search for a tag

@Gargron Gargron released this Feb 10, 2020 · 884 commits to master since this release

Mastodon

Changelog

This release fixes an issue during the bundle install step that appeared in v3.1.0 due to a dependency being yanked from the package repository. For all other notes, please see v3.1.0

Assets 2
You can’t perform that action at this time.