Pre-release
Pre-release

@Gargron Gargron released this Jan 8, 2019 · 39 commits to master since this release

Assets 2

Mastodon

Note: This is a release candidate. It is intended to be stable, but not guaranteed.

Changelog

Added

  • Add link for adding a user to a list from their profile (#9062)
  • Add joining several hashtags in a single column (#8904)
  • Add volume sliders for videos (#9366)
  • Add a tooltip explaining what a locked account is (#9403)
  • Add preloaded cache for common JSON-LD contexts (#9412)
  • Add profile directory (#9427)
  • Add setting to not group reblogs in home feed (#9248)
  • Add admin ability to remove a user's header image (#9495)
  • Add account hashtags to ActivityPub actor JSON (#9450)
  • Add error message for avatar image that's too large (#9518)
  • Add notification quick-filter bar (#9399)
  • Add new first-time tutorial (#9531)
  • Add moderation warnings (#9519)
  • Add emoji codepoint mappings for v11.0 (#9618)
  • Add REST API for creating an account (#9572)
  • Add support for Malayalam in language filter (#9624)
  • Add exclude_reblogs option to account statuses API (#9640)
  • Add local followers page to admin account UI (#9610)
  • Add healthcheck commands to docker-compose.yml (#9143)
  • Add handler for Move activity to migrate followers (#9629)
  • Add CSV export for lists and domain blocks (#9677)
  • Add tootctl accounts follow ACCT (#9414)
  • Add scheduled statuses (#9706)
  • Add immutable caching for S3 objects (#9722)
  • Add cache to custom emojis API (#9732)
  • Add preview cards to non-detailed statuses on public pages (#9714)
  • Add mod and moderator to list of default reserved usernames (#9713)
  • Add quick links to the admin interface in the web UI (#8545)

Changed

  • Temporarily pause timeline if mouse moved recently (#9200)
  • Change the password form order (#9267)
  • Redesign admin UI for accounts (#9340, #9643)
  • Redesign admin UI for instances/domain blocks (#9645)
  • Swap avatar and header input fields in profile page (#9271)
  • When posting in mobile mode, go back to previous history location (#9502)
  • Split out is_changing_upload from is_submitting (#9536)
  • Back to the getting-started when pins the timeline. (#9561)
  • Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses (#9573)
  • Limit maximum visibility of local silenced users to unlisted (#9583)
  • Change API error message for unconfirmed accounts (#9625)
  • Change the icon to "reply-all" when it's a reply to other accounts (#9378)
  • Do not ignore federated reports targetting already-reported accounts (#9534)
  • Upgrade default Ruby version to 2.6.0 (#9688)
  • Change e-mail digest frequency (#9689)
  • Change Docker images for Tor support in docker-compose.yml (#9438)
  • Display fallback link card thumbnail when none is given (#9715)
  • Change account bio length validation to ignore mention domains and URLs (#9717)
  • Use configured contact user for "anonymous" federation activities (#9661)
  • Change remote interaction dialog to use specific actions instead of generic "interact" (#9743)
  • Always re-fetch public key when signature verification fails to support blind key rotation (#9667)
  • Make replies to boosts impossible, connect reply to original status instead (#9129)
  • Change e-mail MX validation to check both A and MX records against blacklist (#9489)

Removed

  • Remove links to bridge.joinmastodon.org (non-functional) (#9608)
  • Remove LD-Signatures from activities that do not need them (#9659)

Fixed

  • Remove unused computation of reblog references from updateTimeline (#9244)
  • Fix loaded embeds resetting if a status arrives from API again (#9270)
  • Fix race condition causing shallow status with only a "favourited" attribute (#9272)
  • Remove intermediary arrays when creating hash maps from results (#9291)
  • Extract counters from accounts table to account_stats table to improve performance (#9295)
  • Change identities id column to a bigint (#9371)
  • Fix conversations API pagination (#9407)
  • Improve account suspension speed and completeness (#9290)
  • Fix thread depth computation in statuses_controller (#9426)
  • Fix database deadlocks by moving account stats update outside transaction (#9437)
  • Escape HTML in profile name preview in profile settings (#9446)
  • Use same CORS policy for /@:username and /users/:username (#9485)
  • Make custom emoji domains case insensitive (#9474)
  • Various fixes to scrollable lists and media gallery (#9501)
  • Fix bootsnap cache directory being declared relatively (#9511)
  • Fix timeline pagination in the web UI (#9516)
  • Fix padding on dropdown elements in preferences (#9517)
  • Make avatar and headers respect GIF autoplay settings (#9515)
  • Do no retry Web Push workers if the server returns a 4xx response (#9434)
  • Minor scrollable list fixes (#9551)
  • Ignore low-confidence CharlockHolmes guesses when parsing link cards (#9510)
  • Fix tootctl accounts rotate not updating public keys (#9556)
  • Fix CSP / X-Frame-Options for media players (#9558)
  • Fix unnecessary loadMore calls when the end of a timeline has been reached (#9581)
  • Skip mailer job retries when a record no longer exists (#9590)
  • Fix composer not getting focus after reply confirmation dialog (#9602)
  • Fix signature verification stoplight triggering on non-timeout errors (#9617)
  • Fix ThreadResolveWorker getting queued with invalid URLs (#9628)
  • Fix crash when clearing uninitialized timeline (#9662)
  • Avoid duplicate work by merging ReplyDistributionWorker into DistributionWorker (#9660)
  • Skip full text search if it fails, instead of erroring out completely (#9654)
  • Fix profile metadata links not verifying correctly sometimes (#9673)
  • Ensure blocked user unfollows blocker if Block/Undo-Block activities are processed out of order (#9687)
  • Fix unreadable text color in report modal for some statuses (#9716)
  • Stop GIFV timeline preview explicitly when it's opened in modal (#9749)

Security

  • Sanitize and sandbox toot embeds in web UI (#9552)

Upgrade notes:

As always, make sure you have backups of the database before performing any upgrades. If you are using docker-compose, this is how a backup command might look: docker exec mastodon_db_1 pg_dump -Fc -U postgres postgres > name_of_the_backup.dump

Non-Docker only:

  • The recommended Ruby version has been bumped to 2.6.0. You can upgrade, or you can continue using the old version by overwriting the .ruby-version file with e.g. 2.5.3 or 2.5.1 which were recommended previously
  • Install dependencies: bundle install and yarn install

Both Docker and non-Docker:

  1. Run the database migrations:
    • Non-Docker: RAILS_ENV=production bundle exec rails db:migrate
    • Docker: docker-compose run --rm web rails db:migrate
  2. Precompile the assets:
    • Non-Docker: RAILS_ENV=production bundle exec rails assets:precompile
    • Docker: The assets are already precompiled during the build step
  3. Restart all Mastodon processes

Contributors to this release:

@0xflotus
@Aditoo17
@ashleyhull-versent
@BenLubar
@chr-1x
@dependabot[bot]
@Esteth
@fwenzel
@Gargron
@hinaloe
@hugogameiro
@jomo
@kedamaDQ
@Kjwon15
@m4sk1n
@mayaeh
@noellabo
@nolanlawson
@pawelngei
@Quenty31
@remram44
@renatolond
@Reverite
@shrft
@Sir-Boops
@sumdog
@tachyons
@takayamaki
@ThibG
@valerauko
@ykzts
@ysksn
@yukimochi