@Gargron Gargron released this Jun 10, 2018 · 708 commits to master since this release

Assets 2

Mastodon

Note: There is an important database migration in this release. Please read the upgrade notes carefully.

Features:

Add delete & redraft function (#7735)

If you noticed a typo or missing word on a toot that's already been sent, you can now choose to "delete & redraft" that toot. It pre-fills the compose area with all the data from your toot, including attached files, allowing you to edit and re-send it. It becomes a new toot, so boosts, favourites and replies to it will be reset.

Improved getting started column (#7676)

On mobile, the getting started column more prominently displays a link to your profile, preferences and security settings, and omits linking to timelines or columns that are anyway listed in the tab bar above.

On desktop, the getting started column now categorizes links into "Discovery" and "Personal" which should help new users orient themselves in the app. Links to blocked users, muted users and domain blocks have been moved to the dropdown menu on your own profile.

On both layouts, the bottom of the column has been restyled. Links to the FAQ, user guide and apps list have been replaced with links to "Hotkeys", "About this instance", "Terms of Service", "Documentation" and "Logout". Documentation, in turn, contains the FAQ, user guide and apps list.

Improved e-mail validation (#7631)

On sign up, entered e-mail address will be checked for the presence of an MX record, which indicates that it's potentially a real e-mail address. Furthermore, the MX record is checked against the e-mail domains blacklist, which allows blocking spammers who have many alias domains pointing to the same e-mail server.

Improve "Hide everything from {domain}" behaviour (#7765, #7773)

The confirmation dialog now explains what will happen when you block a domain. It will remove your followers from that domain, prevent new followers or follow requests from that domain, hide toots from the domain in public timelines, hide boosts of toots from the domain in your home timeline, and hide any mentions or notifications from that domain. It will not make you unfollow someone from that domain you've already been following, and those people will be able to appear in your home feed and notifications.

Filter out blocked/muted people from profile timelines (#7747)

Due to popular demand, boosts of blocked/muted people will no longer appear on profiles you view.

Other:

UI/UX additions:

  • Public timelines now have a tab bar for choosing between all toots and only ones that contain media attachments (#7598)
  • Submit report with ctrl+enter (#7729)
  • Emoji pack upgraded, new unicode emojis available in the picker (#7746)
  • Add "Edit profile" link to public profile page (#7754)

REST API additions:

  • New API endpoint: GET /api/v2/search, which returns the same results as v1, except the hashtags are returned as objects with trend data instead of mere strings (#7661)

Performance improvements:

  • Optimize direct timeline (#7614)
  • Reduce wasted work in RemoveStatusService due to inactive followers (#7672)
  • Improve counter caches on Status and Account (#7644)

Fixes:

Backend:

  • Disable AMS logging (#7623)
  • Catch ActionController::UnknownFormat and return HTTP 406 (#7621)
  • Rescue Mastodon::DimensionsValidationError in Remoteable (#7662)
  • Fix error when unmuting a domain without listing muted domains first (#7670)
  • Deduplicate accounts and make unique username/domain index case-insensitive (#7658)
  • Skip processing when HEAD method returns 501 (#7730)
  • Detect file extension from Content-Type header in Remoteable (#7733)
  • Migrate old web push subscriptions to ensure deliveries (#7764)

Deployments:

  • Remove Puma pidfile before boot if container receives SIGTERM (#7052)
  • Speed up some rake tasks by moving execution to Sidekiq (#7678)

ActivityPub:

  • Ignore multiple occurrences of a hashtag within a status (#7606)
  • Do not mark remote status as sensitive even if spoiler text is present (only apply that logic locally) (#7395)
  • Do not accept ActivityPub follow requests from blocked user (#7756)

OStatus:

  • Fix N+1 on AtomSerializer (#7669)

UI/UX:

  • Fix caret position after selected suggestion and media upload (#7595)
  • Fix lock icon position in account card (#7630)
  • Don't use Object.assign with Notification, only display actions for mentions (#7632)
  • Redirect / to home on mobile layout, to getting started on desktop (#7677)
  • Put the CW field between the toot we are replying to and the toot field (#7508)
  • Control the focus when clicking the CW button. (#7776)
  • Display numbers in account header using shortNumberFormat for consistency (#7723)
  • Remove unnecessary underline on admin accounts table (#7728)
  • Preserve newlines in delete & redraft and desktop notifications (#7750)
  • Improve emoji picker design in light theme (#7772, #7768)
  • Fix some colors in light theme (#7722)

Other:

  • Added the law requirements for the EU/EEA into the default privacy policy (#7605)

Upgrade notes:

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Please read: So far, Mastodon had been missing a database constraint for case-insensitivity (e.g. capital A vs lowercase a) due to an early mistake. Mostly it's been fine due to code outside of the database ensuring integrity, but that code has not always been perfect, and among other things sometimes failed due to race conditions. Long story short, your database may contain account records which share the same username/domain combination and are therefore unreachable by mentions, URLs, etc, and which sometimes lead to unexpected behaviour.

This release contains a fix for that situation. The database migrations will find affected accounts and either merge them (when possible and applicable) or delete them without trace, after which the database constraint will be created to ensure no data integrity issues of this nature occur in the future.

For remote accounts, the most recently active one will be the reference account into which others will be merged (but only as long as they have the same public key, which is definitive proof that it's really the same account).

For local accounts, the oldest account will be kept and others deleted. For people behind those duplicate accounts, Mastodon has never been fully functional, because they could never open their profile or receive mentions. However, if you want to manually deal with those accounts instead of having the migration delete them, before running the migration, you can use the rake mastodon:maintenance:find_duplicate_usernames task.

Non-Docker only:

  • Dependency updates: yarn install

Both Docker and non-Docker:

  • This release includes database migrations, that means you need to run RAILS_ENV=production bundle exec rails db:migrate (in Docker: docker-compose run --rm web rails db:migrate).
  • This release includes changes to assets, that means you need to run RAILS_ENV=production bundle exec rails assets:precompile (in Docker: docker-compose run --rm web rails assets:precompile)

Contributors to this release:

@abcang
@akihikodaki
@ariasuni
@Gargron
@imbsky
@kedamaDQ
@kibitan
@lynlynlynx
@m4sk1n
@nightpool
@renatolond
@Reverite
@SerCom-KC
@shuheiktgw
@takayamaki
@tateisu
@ThibG
@unarist
@ykzts