1698 lines
179 KiB
Raw Permalink Normal View History

All notable changes to this project will be documented in this file.
2020-12-01 06:38:05 +01:00
## Unreleased
### Added
- **Add hotkeys for audio/video control in web UI** ([Gargron](, [Gargron](
- `Space` and `k` to toggle playback
- `m` to toggle mute
- `f` to toggle fullscreen
- `j` and `l` to go back and forward by 10 seconds
- `.` and `,` to go back and forward by a frame (video only)
- Add expand/compress button on media modal in web UI ([mashirozx](, [mashirozx](, [mashirozx](
- Add border around 🕺 emoji in web UI ([ThibG](
- Add border around 🐞 emoji in web UI ([ThibG](
- Add home link to the getting started column when home isn't mounted ([ThibG](
- Add option to disable swiping motions across the web UI ([ThibG](
2020-12-19 00:28:38 +01:00
- **Add pop-out player for audio/video in web UI** ([Gargron](, [Gargron](, [Gargron](, [noellabo](
2020-12-01 06:38:05 +01:00
- Continue watching/listening when you scroll away
- Action bar to interact with/open toot from the pop-out player
- Add unread notification markers in web UI ([ThibG](, [ThibG](, [ThibG](, [noellabo](, [noellabo](
- Add paragraph about browser add-ons when encountering errors in web UI ([ThibG](
- Add import and export for bookmarks ([ThibG](
- Add cache buster feature for media files ([Gargron](
- If you have a proxy cache in front of object storage, deleted files will persist until the cache expires
- If enabled, cache buster will make a special request to the proxy to signal a cache reset
- Add duration option to the mute function ([aquarla](
2020-12-19 00:28:38 +01:00
- Add replies policy option to the list function ([ThibG](, [trwnh](
2020-12-01 06:38:05 +01:00
- Add `og:published_time` OpenGraph tags on toots ([nornagon](
- **Add option to be notified when a followed user posts** ([Gargron](, [ThibG](, [Gargron](
- If you don't want to miss a toot, click the bell button!
- Add client-side validation in password change forms ([ThibG](
- Add client-side validation in the registration form ([ThibG](, [ThibG](
- Add support for Gemini URLs ([joshleeb](
2020-12-19 00:28:38 +01:00
- Add app shortcuts to web app manifest ([mkljczk](
2020-12-01 06:38:05 +01:00
- Add WebAuthn as an alternative 2FA method ([santiagorodriguez96](, [jiikko](
2020-12-19 00:28:38 +01:00
- Add honeypot fields and minimum fill-out time for sign-up form ([ThibG](
2020-12-01 06:38:05 +01:00
- Add icon for mutual relationships in relationship manager ([noellabo](
- Add follow selected followers button in relationship manager ([noellabo](
- **Add subresource integrity for JS and CSS assets** ([Gargron](
- If you use a CDN for static assets (JavaScript, CSS, and so on), you have to trust that the CDN does not modify the assets maliciously
- Subresource integrity compares server-generated asset digests with what's actually served from the CDN and prevents such attacks
- Add `ku`, `sa`, `sc`, `zgh` to available locales ([ykzts](
- Add ability to force an account to mark media as sensitive ([noellabo](
2020-12-19 00:28:38 +01:00
- **Add ability to block access or limit sign-ups from chosen IPs** ([Gargron](, [ThibG](
2020-12-01 06:38:05 +01:00
- Add rules for IPs or CIDR ranges that automatically expire after a configurable amount of time
- Choose the severity of the rule, either blocking all access or merely limiting sign-ups
- **Add support for reversible suspensions through ActivityPub** ([Gargron](
- Servers can signal that one of their accounts has been suspended
- During suspension, the account can only delete its own content
- A reversal of the suspension can be signalled the same way
- A local suspension always overrides a remote one
2020-12-19 00:28:38 +01:00
- Add indication to admin UI of whether a report has been forwarded ([ThibG](
- Add display of reasons for joining of an account in admin UI ([mashirozx](
- Add option to obfuscate domain name in public list of domain blocks ([Gargron](
2020-12-23 01:36:13 +01:00
- Add option to make reasons for joining required on sign-up ([ThibG](, [ThibG](, [ThibG](, [ThibG](
2020-12-01 06:38:05 +01:00
- Add ActivityPub follower synchronization mechanism ([ThibG](, [ThibG](
- Add outbox attribute to instance actor ([ThibG](
2020-12-19 00:28:38 +01:00
- Add featured hashtags as an ActivityPub collection ([Gargron](, [noellabo](
2020-12-01 06:38:05 +01:00
- Add support for dereferencing objects through bearcaps ([Gargron](, [noellabo](
- Add `S3_READ_TIMEOUT` environment variable ([tateisu](
- Add `ALLOWED_PRIVATE_ADDRESSES` environment variable ([ThibG](
- Add `--fix-permissions` option to `tootctl media remove-orphans` ([Gargron](, [uist1idrju3i](
2020-12-19 00:28:38 +01:00
- Add `tootctl accounts merge` ([Gargron](, [ThibG](, [ThibG](
2020-12-01 06:38:05 +01:00
- Has someone changed their domain or subdomain thereby creating two accounts where there should be one?
- This command will fix it on your end
2020-12-23 01:36:13 +01:00
- Add `tootctl maintenance fix-duplicates` ([ThibG](, [Gargron](, [ThibG](
2020-12-01 06:38:05 +01:00
- Index corruption in the database?
- This command is for you
- **Add support for managing multiple stream subscriptions in a single connection** ([Gargron](, [Gargron](, [mfmfuyu](, [zunda](
- Previously, getting live updates for multiple timelines required opening a HTTP or WebSocket connection for each
- More connections means more resource consumption on both ends, not to mention the (ever so slight) delay when establishing a new connection
- Now, with just a single WebSocket connection you can subscribe and unsubscribe to and from multiple streams
- Add support for limiting results by both `min_id` and `max_id` at the same time in REST API ([tateisu](
2020-12-19 00:28:38 +01:00
- Add `GET /api/v1/accounts/:id/featured_tags` to REST API ([noellabo](, [noellabo](
- Add stoplight for object storage failures, return HTTP 503 in REST API ([Gargron](
2020-12-01 06:38:05 +01:00
- Add optional `tootctl remove media` cronjob in Helm chart ([dunn](
2020-12-23 01:36:13 +01:00
- Add clean error message when `RAILS_ENV` is unset ([ThibG](
2020-12-01 06:38:05 +01:00
### Changed
2020-12-19 00:28:38 +01:00
- **Change media modals look in web UI** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Kjwon15](, [noellabo](
2020-12-01 06:38:05 +01:00
- Background of the overlay matches the color of the image
- Action bar to interact with or open the toot from the modal
- Change order of announcements in admin UI to be newest-first ([ThibG](
2020-12-23 01:36:13 +01:00
- **Change account suspensions to be reversible by default** ([Gargron](, [ThibG](, [ThibG](, [ThibG](, [ThibG](, [noellabo](, [ThibG](
2020-12-01 06:38:05 +01:00
- Suspensions no longer equal deletions
- A suspended account can be unsuspended with minimal consequences for 30 days
- Immediate deletion of data is still available as an explicit option
- Suspended accounts can request an archive of their data through the UI
- Change REST API to return empty data for suspended accounts (14765)
2020-12-19 00:28:38 +01:00
- Change web UI to show empty profile for suspended accounts ([Gargron](, [Gargron](
2020-12-01 06:38:05 +01:00
- Change featured hashtag suggestions to be recently used instead of most used ([abcang](
- Change direct toots to appear in the home feed again ([Gargron](, [ThibG](, [noellabo](
- Return to treating all toots the same instead of trying to retrofit direct visibility into an instant messaging model
- Change email address validation to return more specific errors ([ThibG](
- Change HTTP signature requirements to include `Digest` header on `POST` requests ([ThibG](
- Change click area of video/audio player buttons to be bigger in web UI ([ariasuni](
- Change order of filters by alphabetic by "keyword or phrase" ([ariasuni](
- Change suspension of remote accounts to also undo outgoing follows ([ThibG](
- Change string "Home" to "Home and lists" in the filter creation screen ([ariasuni](
- Change string "Boost to original audience" to "Boost with original visibility" in web UI ([3n-k1](
- Change string "Show more" to "Show newer" and "Show older" on public pages ([ariasuni](
- Change order of announcements to be reverse chronological in web UI ([dariusk](, [dariusk](
2020-12-19 00:28:38 +01:00
- Change RTL detection to rely on unicode-bidi paragraph by paragraph in web UI ([Gargron](
2020-12-01 06:38:05 +01:00
- Change visibility icon next to timestamp to be clickable in web UI ([ariasuni](, [mayaeh](
2020-12-19 00:28:38 +01:00
- Change public thread view to hide "Show thread" link ([ThibG](
- Change number format on about page from full to shortened ([Gargron](
- Change how scheduled tasks run in multi-process environments ([noellabo](
- New dedicated queue `scheduler`
- Runs by default when Sidekiq is executed with no options
- Has to be added manually in a multi-process environment
2020-12-01 06:38:05 +01:00
### Removed
- Remove fade-in animation from modals in web UI ([Gargron](
- Remove auto-redirect to direct messages in web UI ([Gargron](
- Remove obsolete IndexedDB operations from web UI ([Gargron](
- Remove dependency on unused and unmaintained http_parser.rb gem ([ThibG](
### Fixed
2020-12-19 00:28:38 +01:00
- Fix layout on about page when contact account has a long username ([ThibG](
- Fix follow limit preventing re-following of a moved account ([Gargron](
2020-12-01 06:38:05 +01:00
- **Fix deletes not reaching every server that interacted with toot** ([Gargron](
- Previously, delete of a toot would be primarily sent to the followers of its author, people mentioned in the toot, and people who reblogged the toot
- Now, additionally, it is ensured that it is sent to people who replied to it, favourited it, and to the person it replies to even if that person is not mentioned
- Fix resolving an account through its non-canonical form (i.e. alternate domain) ([ThibG](
- Fix sending redundant ActivityPub events when processing remote account deletion ([ThibG](
- Fix Move handler not being triggered when failing to fetch target account ([ThibG](
- Fix downloading remote media files when server returns empty filename ([ThibG](
- Fix account processing failing because of large collections ([ThibG](
- Fix not being able to unfavorite toots one has lost access to ([ThibG](
- Fix not being able to unbookmark toots one has lost access to ([ThibG](
- Fix possible casing inconsistencies in hashtag search ([ThibG](
- Fix updating account counters when association is not yet created ([Gargron](
- Fix cookies not having a SameSite attribute ([Gargron](
- Fix poll ending notifications being created for each vote ([ThibG](
- Fix multiple boosts of a same toot erroneously appearing in TL ([ThibG](
- Fix asset builds not picking up `CDN_HOST` change ([ThibG](
2020-12-19 00:28:38 +01:00
- Fix desktop notifications permission prompt in web UI ([Gargron](, [Gargron](, [ThibG](, [ThibG](
2020-12-01 06:38:05 +01:00
- Some time ago, browsers added a requirement that desktop notification prompts could only be displayed in response to a user-generated event (such as a click)
- This means that for some time, users who haven't already given the permission before were not getting a prompt and as such were not receiving desktop notifications
- Fix "Mark media as sensitive" string not supporting pluralizations in other languages in web UI ([ariasuni](
- Fix glitched image uploads when canvas read access is blocked in web UI ([ThibG](
- Fix some account gallery items having empty labels in web UI ([ThibG](
- Fix alt-key hotkeys activating while typing in a text field in web UI ([ThibG](
- Fix wrong seek bar width on media player in web UI ([mfmfuyu](
- Fix logging out on mobile in web UI ([ThibG](
- Fix wrong click area for GIFVs in media modal in web UI ([noellabo](
- Fix unreadable placeholder text color in high contrast theme in web UI ([Gargron](
- Fix scrolling issues when closing some dropdown menus in web UI ([ThibG](
- Fix notification filter bar incorrectly filtering gaps in web UI ([ThibG](
- Fix disabled boost icon being replaced by private boost icon on hover in web UI ([ThibG](
- Fix hashtag detection in compose form being different to server-side in web UI ([kedamaDQ](, [ThibG](
- Fix home last read marker mishandling gaps in web UI ([ThibG](
2020-12-19 00:28:38 +01:00
- Fix unnecessary re-rendering of various components when typing in web UI ([Gargron](
- Fix notifications being unnecessarily re-rendered in web UI ([ThibG](
- Fix column swiping animation logic in web UI ([ThibG](
2020-12-01 06:38:05 +01:00
- Fix inefficiency when fetching hashtag timeline ([noellabo](, [akihikodaki](
- Fix inefficiency when fetching bookmarks ([akihikodaki](
- Fix inefficiency when fetching favourites ([akihikodaki](
- Fix inefficiency when fetching media-only account timeline ([akihikodaki](
2020-12-23 01:36:13 +01:00
- Fix inefficieny when deleting accounts ([Gargron](, [ThibG](, [ThibG](, [ThibG](, [ThibG](
2020-12-01 06:38:05 +01:00
- Fix redundant query when processing batch actions on custom emojis ([niwatori24](
2020-12-19 00:28:38 +01:00
- Fix slow distinct queries where grouped queries are faster ([Gargron](
- Fix performance on instances list in admin UI ([Gargron](
- Fix server actor appearing in list of accounts in admin UI ([ThibG](
- Fix "bootstrap timeline accounts" toggle in site settings in admin UI ([ThibG](
2020-12-01 06:38:05 +01:00
- Fix PostgreSQL secret name for cronjob in Helm chart ([metal3d](
- Fix Procfile not being compatible with herokuish ([acuteaura](
- Fix installation of tini being split into multiple steps in Dockerfile ([ryncsn](
### Security
- Fix streaming API allowing connections to persist after access token invalidation ([Gargron](
- Fix 2FA/sign-in token sessions being valid after password change ([Gargron](
2020-12-19 00:28:38 +01:00
- Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ThibG](
2020-12-01 06:38:05 +01:00
2020-12-19 03:13:50 +01:00
## [3.2.2] - 2020-12-19
### Added
- Add `tootctl maintenance fix-duplicates` ([ThibG](, [Gargron](
- Index corruption in the database?
- This command is for you
### Removed
- Remove dependency on unused and unmaintained http_parser.rb gem ([ThibG](
### Fixed
- Fix Move handler not being triggered when failing to fetch target account ([ThibG](
- Fix downloading remote media files when server returns empty filename ([ThibG](
- Fix possible casing inconsistencies in hashtag search ([ThibG](
- Fix updating account counters when association is not yet created ([Gargron](
- Fix account processing failing because of large collections ([ThibG](
- Fix resolving an account through its non-canonical form (i.e. alternate domain) ([ThibG](
- Fix slow distinct queries where grouped queries are faster ([Gargron](
### Security
- Fix 2FA/sign-in token sessions being valid after password change ([Gargron](
- Fix resolving accounts sometimes creating duplicate records for a given ActivityPub identifier ([ThibG](
2020-11-27 18:29:22 +01:00
## [3.2.1] - 2020-10-19
### Added
- Add support for latest HTTP Signatures spec draft ([ThibG](
- Add support for inlined objects in ActivityPub `to`/`cc` ([ThibG](
### Changed
- Change actors to not be served at all without authentication in limited federation mode ([ThibG](
- Previously, a bare version of an actor was served when not authenticated, i.e. username and public key
- Because all actor fetch requests are signed using a separate system actor, that is no longer required
### Fixed
- Fix `tootctl media` commands not recognizing very large IDs ([ThibG](
- Fix crash when failing to load emoji picker in web UI ([ThibG](
- Fix contrast requirements in thumbnail color extraction ([ThibG](
- Fix audio/video player not using `CDN_HOST` on public pages ([ThibG](
- Fix private boost icon not being used on public pages ([OmmyZhang](
- Fix audio player on Safari in web UI ([ThibG](, [ThibG](
- Fix dereferencing remote statuses not using the correct account for signature when receiving a targeted inbox delivery ([ThibG](
- Fix nil error in `tootctl media remove` ([noellabo](
- Fix videos with near-60 fps being rejected ([Gargron](
- Fix reported statuses not being included in warning e-mail ([Gargron](
- Fix `Reject` activities of `Follow` objects not correctly destroying a follow relationship ([ThibG](
- Fix inefficiencies in fan-out-on-write service ([Gargron](, [noellabo](
- Fix timeout errors when trying to webfinger some IPv6 configurations ([Gargron](
- Fix files served as `application/octet-stream` being rejected without attempting mime type detection ([ThibG](
2020-07-27 00:07:26 +02:00
## [3.2.0] - 2020-07-27
2020-07-15 21:07:27 +02:00
### Added
- Add `SMTP_SSL` environment variable ([OmmyZhang](
- Add hotkey for toggling content warning input in web UI ([ThibG](
- **Add e-mail-based sign in challenge for users with disabled 2FA** ([Gargron](
- If user tries signing in after:
- Being inactive for a while
- With a previously unknown IP
- Without 2FA being enabled
- Require to enter a token sent via e-mail before sigining in
- Add `limit` param to RSS feeds ([noellabo](
- Add `visibility` param to share page ([noellabo](
- Add blurhash to link previews ([ThibG](, [ThibG](, [ThibG](, [Sasha-Sorokin](, [Sasha-Sorokin](, [ThibG](, [ThibG](, [ThibG](
- In web UI, toots cannot be marked as sensitive unless there is media attached
- However, it's possible to do via API or ActivityPub
- Thumnails of link previews of such posts now use blurhash in web UI
- The Card entity in REST API has a new `blurhash` attribute
- Add support for `summary` field for media description in ActivityPub ([ThibG](
- Add hints about incomplete remote content to web UI ([Gargron](, [noellabo](
- **Add personal notes for accounts** ([ThibG](, [Gargron](, [Sasha-Sorokin](
- To clarify, these are notes only you can see, to help you remember details
- Notes can be viewed and edited from profiles in web UI
- New REST API: `POST /api/v1/accounts/:id/note` with `comment` param
- The Relationship entity in REST API has a new `note` attribute
- Add Helm chart ([dunn](, [dunn](, [dunn](
2020-07-24 18:47:25 +02:00
- **Add customizable thumbnails for audio and video attachments** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [ThibG](, [ThibG](, [noellabo](, [noellabo](
2020-07-15 21:07:27 +02:00
- Metadata (album, artist, etc) is no longer stripped from audio files
- Album art is automatically extracted from audio files
- Thumbnail can be manually uploaded for both audio and video attachments
- Media upload APIs now support `thumbnail` param
- On `POST /api/v1/media` and `POST /api/v2/media`
- And on `PUT /api/v1/media/:id`
- ActivityPub representation of media attachments represents custom thumbnails with an `icon` attribute
2020-07-24 18:47:25 +02:00
- The Media Attachment entity in REST API now has a `preview_remote_url` to its `preview_url`, equivalent to `remote_url` to its `url`
2020-07-15 21:07:27 +02:00
- **Add color extraction for thumbnails** ([Gargron](, [ThibG](
- The `meta` attribute on the Media Attachment entity in REST API can now have a `colors` attribute which in turn contains three hex colors: `background`, `foreground`, and `accent`
- The background color is chosen from the most dominant color around the edges of the thumbnail
- The foreground and accent colors are chosen from the colors that are the most different from the background color using the CIEDE2000 algorithm
- The most satured color of the two is designated as the accent color
- The one with the highest W3C contrast is designated as the foreground color
- If there are not enough colors in the thumbnail, new ones are generated using a monochrome pattern
- Add a visibility indicator to toots in web UI ([noellabo](, [highemerly](
- Add `tootctl email_domain_blocks` ([tateisu](, [Gargron](
- Add "Add new domain block" to header of federation page in admin UI ([ariasuni](
- Add ability to keep emoji picker open with ctrl+click in web UI ([bclindner](, [noellabo](
2020-07-24 18:47:25 +02:00
- Add custom icon for private boosts in web UI ([ThibG](
- Add support for Create and Update activities that don't inline objects in ActivityPub ([ThibG](
- Add support for Undo activities that don't inline activities in ActivityPub ([ThibG](
2020-07-15 21:07:27 +02:00
### Changed
- Change `.env.production.sample` to be leaner and cleaner ([Gargron](
- It was overloaded as de-facto documentation and getting quite crowded
- Defer to the actual documentation while still giving a minimal example
- Change `tootctl search deploy` to work faster and display progress ([Gargron](
- Change User-Agent of link preview fetching service to include "Bot" ([Gargron](
- Some websites may not render OpenGraph tags into HTML if that's not the case
- Change behaviour to carry blocks over when someone migrates their followers ([ThibG](
- Change volume control and download buttons in web UI ([Gargron](
2020-07-24 18:47:25 +02:00
- **Change design of audio players in web UI** ([Gargron](, [ThibG](, [Gargron](, [ThibG](, [Gargron](, [ThibG](
2020-07-15 21:07:27 +02:00
- Change reply filter to never filter own toots in web UI ([ThibG](
2020-07-24 18:47:25 +02:00
- Change boost button to no longer serve as visibility indicator in web UI ([noellabo](, [ThibG](
2020-07-15 21:07:27 +02:00
- Change contrast of flash messages ([cchoi12](
- Change wording from "Hide media" to "Hide image/images" in web UI ([ariasuni](
- Change appearence of settings pages to be more consistent ([ariasuni](
- Change "Add media" tooltip to not include long list of formats in web UI ([ariasuni](
- Change how badly contrasting emoji are rendered in web UI ([leo60228](, [ThibG](, [mfmfuyu](, [ThibG](
- Change structure of unavailable content section on about page ([ariasuni](
- Change behaviour to accept ActivityPub activities relayed through group actor ([noellabo](
2020-07-24 18:47:25 +02:00
- Change amount of processing retries for ActivityPub activities ([noellabo](
2020-07-15 21:07:27 +02:00
### Removed
- Remove the terms "blacklist" and "whitelist" from UX ([Gargron](, [mayaeh](
- Environment variables changed (old versions continue to work):
- CLI option changed:
- `tootctl domains purge --whitelist-mode``tootctl domains purge --limited-federation-mode`
- Remove some unnecessary database indices ([lfuelling](, [noellabo](
- Remove unnecessary Node.js version upper bound ([ykzts](
### Fixed
2020-07-27 00:07:26 +02:00
- Fix `following` param not working when exact match is found in account search ([noellabo](
2020-07-24 18:47:25 +02:00
- Fix sometimes occuring duplicate mention notifications ([noellabo](
- Fix RSS feeds not being cachable ([ThibG](
- Fix lack of locking around processing of Announce activities in ActivityPub ([noellabo](
- Fix boosted toots from blocked account not being retroactively removed from TL ([ThibG](
2020-07-15 21:07:27 +02:00
- Fix large shortened numbers (like 1.2K) using incorrect pluralization ([Sasha-Sorokin](
- Fix streaming server trying to use empty password to connect to Redis when `REDIS_PASSWORD` is given but blank ([ThibG](
- Fix being unable to unboost posts when blocked by their author ([ThibG](
- Fix account domain block not properly unfollowing accounts from domain ([Gargron](
- Fix removing a domain allow wiping known accounts in open federation mode ([ThibG](
- Fix blocks and mutes pagination in web UI ([ThibG](
2020-07-24 18:47:25 +02:00
- Fix new posts pushing down origin of opened dropdown in web UI ([ThibG](, [ThibG](
2020-07-15 21:07:27 +02:00
- Fix timeline markers not being saved sometimes ([ThibG](, [ThibG](, [ThibG](
- Fix CSV uploads being rejected ([noellabo](
- Fix incompatibility with ElasticSearch 7.x ([noellabo](
- Fix being able to search posts where you're in the target audience but not actively mentioned ([noellabo](
- Fix non-local posts appearing on local-only hashtag timelines in web UI ([noellabo](
- Fix `tootctl media remove-orphans` choking on unknown files in storage ([Gargron](
- Fix `tootctl upgrade storage-schema` misbehaving ([Gargron](, [angristan](
- Fix it marking records as upgraded even though no files were moved
- Fix it not working with S3 storage
- Fix it not working with custom emojis
- Fix GIF reader raising incorrect exceptions ([ThibG](
- Fix hashtag search performing account search as well ([ThibG](
- Fix Webfinger returning wrong status code on malformed or missing param ([ThibG](
- Fix `rake mastodon:setup` error when some environment variables are set ([ThibG](
- Fix admin page crashing when trying to block an invalid domain name in admin UI ([ThibG](
- Fix unsent toot confirmation dialog not popping up in single column mode in web UI ([ThibG](
- Fix performance of follow import ([noellabo](
- Reduce timeout of Webfinger requests to that of other requests
- Use circuit breakers to stop hitting unresponsive servers
- Avoid hitting servers that are already known to be generally unavailable
- Fix filters ignoring media descriptions ([BenLubar](
2020-07-24 18:47:25 +02:00
- Fix some actions on custom emojis leading to cryptic errors in admin UI ([ThibG](
2020-07-15 21:07:27 +02:00
- Fix ActivityPub serialization of replies when some of them are URIs ([ThibG](
- Fix `rake mastodon:setup` choking on environment variables containing `%` ([ThibG](
- Fix account redirect confirmation message talking about moved followers ([ThibG](
- Fix avatars having the wrong size on public detailed status pages ([ThibG](
- Fix various issues around OpenGraph representation of media ([Gargron](
- Pages containing audio no longer say "Attached: 1 image" in description
- Audio attachments now represented as OpenGraph `og:audio`
- The `twitter:player` page now uses Mastodon's proper audio/video player
- Audio/video buffered bars now display correctly in audio/video player
- Volume and progress bars now respond to movement/move smoother
- Fix audio/video/images/cards not reacting to window resizes in web UI ([Gargron](
- Fix very wide media attachments resulting in too thin a thumbnail in web UI ([ThibG](
- Fix crash when merging posts into home feed after following someone ([ThibG](
- Fix unique username constraint for local users not being enforced in database ([ThibG](
- Fix unnecessary gap under video modal in web UI ([mfmfuyu](
- Fix 2FA and sign in token pages not respecting user locale ([mfmfuyu](
- Fix unapproved users being able to view profiles when in limited-federation mode *and* requiring approval for sign-ups ([ThibG](
- Fix initial audio volume not corresponding to what's displayed in audio player in web UI ([ThibG](
- Fix timelines sometimes jumping when closing modals in web UI ([ThibG](
2020-07-24 18:47:25 +02:00
- Fix memory usage of downloading remote files ([Gargron](, [Gargron](, [noellabo](
2020-07-15 21:07:27 +02:00
- Don't read entire file (up to 40 MB) into memory
- Read and write it to temp file in small chunks
- Fix inconsistent account header padding in web UI ([trwnh](
- Fix Thai being skipped from language detection ([Sasha-Sorokin](
- Since Thai has its own alphabet, it can be detected more reliably
- Fix broken hashtag column options styling in web UI ([ThibG](
- Fix pointer cursor being shown on toots that are not clickable in web UI ([arielrodrigues](
- Fix lock icon not being shown when locking account in profile settings ([ThibG](
- Fix domain blocks doing work the wrong way around ([ThibG](
- Instead of suspending accounts one by one, mark all as suspended first (quick)
- Only then proceed to start removing their data (slow)
- Clear out media attachments in a separate worker (slow)
2020-07-10 21:07:30 +02:00
## [v3.1.5] - 2020-07-07
### Security
- Fix media attachment enumeration ([ThibG](
- Change rate limits for various paths ([Gargron](
- Fix other sessions not being logged out on password change ([Gargron](
2020-07-17 21:00:06 +02:00
2020-07-07 15:22:47 +02:00
## [v3.1.5] - 2020-07-07
### Security
- Fix media attachment enumeration ([ThibG](
- Change rate limits for various paths ([Gargron](
- Fix other sessions not being logged out on password change ([Gargron](
2020-07-10 21:07:30 +02:00
2020-05-14 07:46:11 +02:00
## [v3.1.4] - 2020-05-14
### Added
- Add `vi` to available locales ([taicv](
- Add ability to remove identity proofs from account ([Gargron](
- Add ability to exclude local content from federated timeline ([noellabo](, [noellabo](
- Add `remote` param to `GET /api/v1/timelines/public` REST API
- Add `public/remote` / `public:remote` variants to streaming API
- "Remote only" option in federated timeline column settings in web UI
- Add ability to exclude remote content from hashtag timelines in web UI ([noellabo](
- No changes to REST API
- "Local only" option in hashtag column settings in web UI
- Add Capistrano tasks that reload the services after deploying ([berkes](
- Add `invites_enabled` attribute to `GET /api/v1/instance` in REST API ([ThibG](
- Add `tootctl emoji export` command ([lfuelling](
- Add separate cache directory for non-local uploads ([Gargron](, [Hanage999](, [mayaeh](
- Add `tootctl upgrade storage-schema` command to move old non-local uploads to the cache directory
- Add buttons to delete header and avatar from profile settings ([sternenseemann](
- Add emoji graphics and shortcodes from Twemoji 12.1.5 ([DeeUnderscore](
### Changed
- Change error message when trying to migrate to an account that does not have current account set as an alias to be more clear ([TheEvilSkeleton](
- Change delivery failure tracking to work with hostnames instead of URLs ([Gargron](, [noellabo](, [noellabo](, [noellabo](
- Change Content-Security-Policy to not need unsafe-inline style-src ([ThibG](, [ThibG](, [ThibG](, [ThibG](, [ThibG](
- Change how RSS items are titled and formatted ([ThibG](, [ykzts](
### Fixed
- Fix dropdown of muted and followed accounts offering option to hide boosts in web UI ([ThibG](
- Fix "You are already signed in" alert being shown at wrong times ([ThibG](
- Fix retrying of failed-to-download media files not actually working ([noellabo](
- Fix first poll option not being focused when adding a poll in web UI ([ThibG](
- Fix `sr` locale being selected over `sr-Latn` ([ThibG](
- Fix error within error when limiting backtrace to 3 lines ([Gargron](
- Fix `tootctl media remove-orphans` crashing on "Import" files ([ThibG](
- Fix regression in `tootctl media remove-orphans` ([Gargron](
- Fix old unique jobs digests not having been cleaned up ([Gargron](
- Fix own following/followers not showing muted users ([ThibG](
- Fix list of followed people ignoring sorting on Follows & Followers page ([taras2358](
- Fix wrong pgHero Content-Security-Policy when `CDN_HOST` is set ([ThibG](
- Fix needlessly deduplicating usernames on collisions with remote accounts when signing-up through SAML/CAS ([kaiyou](
- Fix page incorrectly scrolling when bringing up dropdown menus in web UI ([ThibG](
- Fix messed up z-index when NoScript blocks media/previews in web UI ([ThibG](
- Fix "See what's happening" page showing public instead of local timeline for logged-in users ([ThibG](
- Fix not being able to resolve public resources in development environment ([Gargron](
- Fix uninformative error message when uploading unsupported image files ([ThibG](
- Fix expanded video player issues in web UI ([ThibG](, [eai04191](
- Fix and refactor keyboard navigation in dropdown menus in web UI ([ThibG](
- Fix uploaded image orientation being messed up in some browsers in web UI ([ThibG](
- Fix actions log crash when displaying updates of deleted announcements in admin UI ([ThibG](
- Fix search not working due to proxy settings when using hidden services ([Gargron](
- Fix poll refresh button not being debounced in web UI ([rasjonell](, [ThibG](
- Fix confusing error when failing to add an alias to an unknown account ([ThibG](
- Fix "Email changed" notification sometimes having wrong e-mail ([ThibG](
- Fix varioues issues on the account aliases page ([ThibG](
- Fix API footer link in web UI ([bubblineyuri](
- Fix pagination of following, followers, follow requests, blocks and mutes lists in web UI ([ThibG](
- Fix styling of polls in JS-less fallback on public pages ([ThibG](
- Fix trying to delete already deleted file when post-processing ([Gargron](
### Security
- Fix Doorkeeper vulnerability that exposed app secret to users who authorized the app and reset secret of the web UI that could have been exposed ([dependabot-preview[bot]](, [Gargron](
- For apps that self-register on behalf of every individual user (such as most mobile apps), this is a non-issue
- The issue only affects developers of apps who are shared between multiple users, such as server-side apps like cross-posters
2020-04-05 06:23:46 +02:00
## [v3.1.3] - 2020-04-05
### Added
- Add ability to filter audit log in admin UI ([Gargron](
- Add titles to warning presets in admin UI ([Gargron](
- Add option to include resolved DNS records when blacklisting e-mail domains in admin UI ([Gargron](
- Add ability to delete files uploaded for settings in admin UI ([ThibG](
- Add sorting by username, creation and last activity in admin UI ([ThibG](
- Add explanation as to why unlocked accounts may have follow requests in web UI ([ThibG](
- Add link to bookmarks to dropdown in web UI ([mayaeh](
2020-04-05 15:18:41 +02:00
- Add support for links to statuses in announcements to be opened in web UI ([ThibG](, [ThibG](
2020-04-05 06:23:46 +02:00
- Add tooltips to audio/video player buttons in web UI ([ariasuni](
- Add submit button to the top of preferences pages ([guigeekz](
2020-04-05 15:18:41 +02:00
- Add specific rate limits for posting, following and reporting ([Gargron](, [Gargron](
- 300 posts every 3 hours
- 400 follows or follow requests every 24 hours
- 400 reports every 24 hours
2020-04-05 06:23:46 +02:00
- Add federation support for the "hide network" preference ([ThibG](
- Add `--skip-media-remove` option to `tootctl statuses remove` ([tateisu](
### Changed
- **Change design of polls in web UI** ([Sasha-Sorokin](, [ThibG](
- Change status click areas in web UI to be bigger ([ariasuni](
- **Change `tootctl media remove-orphans` to work for all classes** ([Gargron](
- **Change local media attachments to perform heavy processing asynchronously** ([Gargron](
- Change video uploads to always be converted to H264/MP4 ([Gargron](, [ThibG](, [ThibG](
- Change video uploads to enforce certain limits ([Gargron](
2020-04-05 15:18:41 +02:00
- Dimensions smaller than 1920x1200px
- Frame rate at most 60fps
2020-04-05 06:23:46 +02:00
- Change the tooltip "Toggle visibility" to "Hide media" in web UI ([ariasuni](
- Change description of privacy levels to be more intuitive in web UI ([ariasuni](
- Change GIF label to be displayed even when autoplay is enabled in web UI ([koyuawsmbrtn](
- Change the string "Hide everything from …" to "Block domain …" in web UI ([ThibG](, [mayaeh](
- Change wording of media display preferences to be more intuitive ([ariasuni](
2020-04-05 15:18:41 +02:00
### Deprecated
- `POST /api/v1/media``POST /api/v2/media` ([Gargron](
2020-04-05 06:23:46 +02:00
### Fixed
- Fix `tootctl media remove-orphans` ignoring `PAPERCLIP_ROOT_PATH` ([Gargron](
- Fix returning results when searching for URL with non-zero offset ([Gargron](
- Fix pinning a column in web UI sometimes redirecting out of web UI ([Gargron](
- Fix background jobs not using locks like they are supposed to ([Gargron](
- Fix content warning being unnecessarily cleared when hiding content warning input in web UI ([ThibG](
2020-04-05 15:18:41 +02:00
- Fix "Show more" not switching to "Show less" on public pages ([ThibG](
2020-04-05 06:23:46 +02:00
- Fix import overwrite option not being selectable ([noellabo](
- Fix wrong color for ellipsis in boost confirmation dialog in web UI ([ariasuni](
- Fix unnecessary unfollowing when importing follows with overwrite option ([noellabo](
- Fix 404 and 410 API errors being silently discarded in web UI ([ThibG](
- Fix OCR not working on Safari because of unsupported worker-src CSP ([ThibG](
- Fix media not being marked sensitive when a content warning is set with no text ([ThibG](
- Fix crash after deleting announcements in web UI ([codesections](, [ThibG](
- Fix bookmarks not being searchable ([Kjwon15](, [noellabo](
- Fix reported accounts not being whitelisted from further spam checks when resolving a spam check report ([ThibG](
- Fix web UI crash in single-column mode on prehistoric browsers ([ThibG](
- Fix some timeouts when searching for URLs ([ThibG](
- Fix detailed view of direct messages displaying a 0 boost count in web UI ([ThibG](
- Fix regression in “Edit media” modal in web UI ([ThibG](
- Fix public posts from silenced accounts not being changed to unlisted visibility ([ThibG](
- Fix error when searching for URLs that contain the mention syntax ([ThibG](
- Fix text area above/right of emoji picker being accidentally clickable in web UI ([ariasuni](
- Fix too large announcements not being scrollable in web UI ([ThibG](
- Fix `tootctl media remove-orphans` crashing when encountering invalid media ([ThibG](
- Fix installation failing when Redis password contains special characters ([ThibG](
- Fix announcements with fully-qualified mentions to local users crashing web UI ([ThibG](
### Security
- Fix re-sending of e-mail confirmation not being rate limited ([Gargron](
2020-02-27 12:34:07 +01:00
## [v3.1.2] - 2020-02-27
### Added
- Add `--reset-password` option to `tootctl accounts modify` ([ThibG](
- Add source-mapped stacktrace to error message in web UI ([ThibG](
### Fixed
- Fix dismissing an announcement twice raising an obscure error ([ThibG](
- Fix misleading error when attempting to re-send a pending follow request ([ThibG](
- Fix backups failing when files are missing from media attachments ([ThibG](
- Fix duplicate accounts being created when fetching an account for its key only ([ThibG](
- Fix `/web` redirecting to `/web/web` in web UI ([ThibG](
- Fix previously OStatus-based accounts not being detected as ActivityPub ([ThibG](
- Fix account JSON/RSS not being cacheable due to wrong mime type comparison ([ThibG](
- Fix old browsers crashing because of missing `finally` polyfill in web UI ([ThibG](
- Fix account's bio not being shown if there are no proofs/fields in admin UI ([ThibG](
- Fix sign-ups without checked user agreement being accepted through the web form ([ThibG](
- Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture ([SaraSmiseth](
- Fix invite request input not being shown on sign-up error if left empty ([ThibG](
- Fix some migration hints mentioning GitLab instead of Mastodon ([saper](
### Security
- Fix leak of arbitrary statuses through unfavourite action in REST API ([Gargron](
2020-02-10 02:55:40 +01:00
## [3.1.1] - 2020-02-10
### Fixed
- Fix yanked dependency preventing installation ([mayaeh](
2020-02-09 00:02:08 +01:00
## [3.1.0] - 2020-02-09
2020-01-28 17:19:42 +01:00
### Added
- Add bookmarks ([ThibG](, [Gargron](, [Gomasy](
- Add announcements ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ThibG](, [ThibG](, [Gargron](, [ThibG](, [ThibG](
- Add number animations in web UI ([Gargron](, [Gargron](
- Add `kab`, `is`, `kn`, `mr`, `ur` to available locales ([Gargron](, [BoFFire](, [Gargron](
- Add profile filter category ([ThibG](
- Add ability to add oneself to lists ([ThibG](
- Add hint how to contribute translations to preferences page ([Sasha-Sorokin](
- Add signatures to statuses in archive takeout ([noellabo](
- Add support for `magnet:` and `xmpp` links ([ThibG](, [ThibG](
- Add `follow_request` notification type ([ThibG](
- Add ability to filter reports by account domain in admin UI ([ThibG](
- Add link to search for users connected from the same IP address to admin UI ([ThibG](
- Add link to reports targeting a specific domain in admin view ([ThibG](
- Add support for EventSource streaming in web UI ([BenLubar](
- Add hotkey for opening media attachments in web UI ([ThibG](, [Kjwon15](
- Add relationship-based options to status dropdowns in web UI ([Gargron](, [ThibG](, [Gargron](
- Add support for submitting media description with `ctrl`+`enter` in web UI ([ThibG](
- Add download button to audio and video players in web UI ([NimaBoscarino](
- Add setting for whether to crop images in timelines in web UI ([duxovni](
- Add support for `Event` activities ([tcitworld](
- Add basic support for `Group` actors ([noellabo](
- Add `S3_OVERRIDE_PATH_STYLE` environment variable ([Gargron](
- Add `S3_OPEN_TIMEOUT` environment variable ([tateisu](
- Add `LDAP_MAIL` environment variable ([madmath03](
- Add `LDAP_UID_CONVERSION_ENABLED` environment variable ([madmath03](
- Add `--remote-only` option to `tootctl emoji purge` ([ThibG](
- Add `tootctl media remove-orphans` ([Gargron](, [Gargron](
- Add `tootctl media lookup` command ([irlcatgirl](
- Add cache for OEmbed endpoints to avoid extra HTTP requests ([Gargron](
- Add support for KaiOS arrow navigation to public pages ([nolanlawson](
- Add `discoverable` to accounts in REST API ([trwnh](
- Add admin setting to disable default follows ([ArisuOngaku](
2020-02-09 00:02:08 +01:00
- Add support for LDAP and PAM in the OAuth password grant strategy ([ntl-purism](, [Gargron](
2020-01-28 17:19:42 +01:00
- Allow support for `Accept`/`Reject` activities with a non-embedded object ([puckipedia](
2020-02-09 00:02:08 +01:00
- Add "Show thread" button to public profiles ([Sasha-Sorokin](
2020-01-28 17:19:42 +01:00
### Changed
- Change `last_status_at` to be a date, not datetime in REST API ([ThibG](
- Change followers page to relationships page in admin UI ([Gargron](, [Gargron](
- Change reported media attachments to always be hidden in admin UI ([Gargron](, [ThibG](
- Change string from "Disable" to "Disable login" in admin UI ([nileshkumar](
- Change report page structure in admin UI ([Sasha-Sorokin](
- Change swipe sensitivity to be lower on small screens in web UI ([umonaca](
- Change audio/video playback to stop playback when out of view in web UI ([Gargron](
- Change media description label based on upload type in web UI ([ThibG](
- Change large numbers to render without decimal units in web UI ([noellabo](
- Change "Add a choice" button to be disabled rather than hidden when poll limit reached in web UI ([ThibG](, [hinaloe](
- Change `tootctl statuses remove` to keep statuses favourited or bookmarked by local users ([ThibG](, [Gomasy](
- Change domain block behavior to update user records (fast) before deleting data (slower) ([ThibG](
- Change behaviour to strip audio metadata on uploads ([hugogameiro](
- Change accepted length of remote media descriptions from 420 to 1,500 characters ([ThibG](
- Change preferences pages structure ([Sasha-Sorokin](, [mayaeh](, [Sasha-Sorokin](, [Sasha-Sorokin](, [Sasha-Sorokin](, [Sasha-Sorokin](
- Change format of titles in RSS ([devkral](
- Change favourite icon animation from spring-based motion to CSS animation in web UI ([ThibG](
- Change minimum required Node.js version to 10, and default to 12 ([Shleeble](, [mkody](, [Shleeble](
- Change spam check to exempt server staff ([ThibG](
- Change to fallback to to `Create` audience when `object` has no defined audience ([ThibG](
- Change Twemoji library to 12.1.3 in web UI ([koyuawsmbrtn](
- Change blocked users to be hidden from following/followers lists ([ThibG](
2020-02-09 00:02:08 +01:00
- Change signature verification to ignore signatures with invalid host ([Gargron](
2020-01-28 17:19:42 +01:00
### Removed
- Remove unused dependencies ([ykzts](, [mayaeh](, [ThibG](, [ykzts](
### Fixed
- Fix some translatable strings being used wrongly ([Sasha-Sorokin](, [Sasha-Sorokin](, [Sasha-Sorokin](, [mayaeh](
- Fix headline of public timeline page when set to local-only ([ykzts](
- Fix space between tabs not being spread evenly in web UI ([Sasha-Sorokin](, [Sasha-Sorokin](, [Sasha-Sorokin](
- Fix interactive delays in database migrations with no TTY ([Gargron](
- Fix status overflowing in report dialog in web UI ([ThibG](
- Fix unlocalized dropdown button title in web UI ([Sasha-Sorokin](
- Fix media attachments without file being uploadable ([Gargron](
- Fix unfollow confirmations in profile directory in web UI ([ThibG](
- Fix duplicate `description` meta tag on accounts public pages ([ThibG](
- Fix slow query of federated timeline ([notozeki](
- Fix not all of account's active IPs showing up in admin UI ([Gargron](, [Gargron](
- Fix search by IP not using alternative browser sessions in admin UI ([Gargron](
- Fix “X new items” not showing up for slow mode on empty timelines in web UI ([ThibG](
- Fix OEmbed endpoint being inaccessible in secure mode ([Gargron](
- Fix proofs API being inaccessible in secure mode ([Gargron](
- Fix Ruby 2.7 incompatibilities ([ThibG](, [ThibG](, [Shleeble](, [zunda](
- Fix invalid poll votes being accepted in REST API ([ThibG](
- Fix old migrations failing because of strong migrations update ([ThibG](, [ThibG](
- Fix reuse of detailed status components in web UI ([ThibG](
- Fix base64-encoded file uploads not being possible in REST API ([Gargron](, [Gargron](
- Fix error due to missing authentication call in filters controller ([Gargron](
- Fix uncaught unknown format error in host meta controller ([Gargron](
- Fix URL search not returning private toots user has access to ([ThibG](, [ThibG](
- Fix cache digesting log noise on status embeds ([Gargron](
- Fix slowness due to layout thrashing when reloading a large set of statuses in web UI ([panarom](, [panarom](, [Gargron](
- Fix error when fetching followers/following from REST API when user has network hidden ([Gargron](
2020-02-09 00:02:08 +01:00
- Fix IDN mentions not being processed, IDN domains not being rendered ([Gargron](, [Gargron](, [Gargron](
2020-01-28 17:19:42 +01:00
- Fix error when searching for empty phrase ([Gargron](
- Fix backups stopping due to read timeouts ([chr-1x](
- Fix batch actions on non-pending tags in admin UI ([ThibG](
- Fix sample `SAML_ACS_URL`, `SAML_ISSUER` ([orlea](
- Fix manual scrolling issue on Firefox/Windows in web UI ([ThibG](
- Fix archive takeout failing if total dump size exceeds 2GB ([scd31](, [Gargron](
- Fix custom emoji category creation silently erroring out on duplicate category ([ThibG](
- Fix link crawler not specifying preferred content type ([ThibG](
- Fix featured hashtag setting page erroring out instead of rejecting invalid tags ([ThibG](
- Fix tooltip messages of single/multiple-choice polls switcher being reversed in web UI ([acid-chicken](
- Fix typo in help text of `tootctl statuses remove` ([trwnh](
- Fix generic HTTP 500 error on duplicate records ([Gargron](
- Fix old migration failing with new status default scope ([ThibG](
- Fix errors when using search API with no query ([Gargron](, [trwnh](
- Fix poll options not being selectable via keyboard in web UI ([ThibG](
- Fix conversations not having an unread indicator in web UI ([Gargron](
- Fix lost focus when modals open/close in web UI ([ThibG](
- Fix pending upload count not being decremented on error in web UI ([ThibG](
- Fix empty poll options not being removed on remote poll update ([ThibG](
- Fix OCR with delete & redraft in web UI ([ThibG](
- Fix blur behind closed registration message ([ThibG](
- Fix OEmbed discovery not handling different URL variants in query ([Gargron](
- Fix link crawler crashing on `<a>` tags without `href` ([ThibG](
- Fix whitelisted subdomains being ignored in whitelist mode ([noiob](
- Fix broken audit log in whitelist mode in admin UI ([ThibG](
- Fix unread indicator not honoring "Only media" option in local and federated timelines in web UI ([ThibG](
- Fix error when rebuilding home feeds ([dariusk](
- Fix relationship caches being broken as result of a follow request ([ThibG](
- Fix more items than the limit being uploadable in web UI ([ThibG](
- Fix various issues with account migration ([ThibG](
- Fix filtered out items being counted as pending items in slow mode in web UI ([ThibG](
- Fix notification filters not applying to poll options ([ThibG](
- Fix notification message for user's own poll saying it's a poll they voted on in web UI ([ykzts](
- Fix polls with an expiration not showing up as expired in web UI ([noellabo](
- Fix volume slider having an offset between cursor and slider in Chromium in web UI ([ThibG](
- Fix Vagrant image not accepting connections ([shrft](
- Fix batch actions being hidden on small screens in admin UI ([ThibG](
- Fix incoming federation not working in whitelist mode ([ThibG](
- Fix error when passing empty `source` param to `PUT /api/v1/accounts/update_credentials` ([jglauche](
- Fix HTTP-based streaming API being cacheable by proxies ([BenLubar](
- Fix users being able to register while `tootctl self-destruct` is in progress ([Kjwon15](
- Fix microformats detection in link crawler not ignoring `h-card` links ([nightpool](
- Fix outline on full-screen video in web UI ([hinaloe](
- Fix TLD domain blocks not being editable ([ThibG](
- Fix Nanobox deploy hooks ([danhunsaker](
- Fix needlessly complicated SQL query when performing account search amongst followings ([ThibG](
- Fix favourites count not updating when unfavouriting in web UI ([NimaBoscarino](
- Fix occasional crash on scroll in Chromium in web UI ([hinaloe](
- Fix intersection observer not working in single-column mode web UI ([panarom](
- Fix voting issue with remote polls that contain trailing spaces ([ThibG](
- Fix dynamic elements not working in pgHero due to CSP rules ([ykzts](
- Fix overly verbose backtraces when delivering ActivityPub payloads ([zunda](
2020-02-09 00:02:08 +01:00
- Fix rendering `<a>` without `href` when scheme unsupported ([Gargron](
- Fix unfiltered params error when generating ActivityPub tag pagination ([Gargron](
- Fix malformed HTML causing uncaught error ([Gargron](
- Fix native share button not being displayed for unlisted toots ([ThibG](
- Fix remote convertible media attachments (e.g. GIFs) not being saved ([Gargron](
- Fix account query not using faster index ([abcang](
- Fix error when sending moderation notification ([renatolond](
2020-01-28 17:19:42 +01:00
### Security
- Fix OEmbed leaking information about existence of non-public statuses ([Gargron](
- Fix password change/reset not immediately invalidating other sessions ([Gargron](
- Fix settings pages being cacheable by the browser ([Gargron](
2019-10-10 07:03:05 +02:00
## [3.0.1] - 2019-10-10
2019-10-09 07:36:57 +02:00
### Added
- Add `tootctl media usage` command ([Gargron](
2019-10-10 07:03:05 +02:00
- Add admin setting to auto-approve trending hashtags ([Gargron](, [Gargron](
2019-10-09 07:36:57 +02:00
### Changed
- Change `tootctl media refresh` to skip already downloaded attachments ([Gargron](
### Removed
- Remove auto-silence behaviour from spam check ([Gargron](
- Remove HTML `lang` attribute from individual statuses in web UI ([Gargron](
- Remove fallback to long description on sidebar and meta description ([Gargron](
### Fixed
2019-10-10 07:03:05 +02:00
- Fix preloaded JSON-LD context for identity not being used ([Gargron](
- Fix media editing modal changing dimensions once the image loads ([Gargron](
- Fix not showing whether a custom emoji has a local counterpart in admin UI ([Gargron](
2019-10-09 07:36:57 +02:00
- Fix attachment not being re-downloaded even if file is not stored ([Gargron](
- Fix old migration trying to use new column due to default status scope ([Gargron](
- Fix column back button missing for not found accounts ([trwnh](
- Fix issues with tootctl's parallelization and progress reporting ([Gargron](, [Gargron](
- Fix existing user records with now-renamed `pt` locale ([Gargron](
- Fix hashtag timeline REST API accepting too many hashtags ([Gargron](
- Fix `GET /api/v1/instance` REST APIs being unavailable in secure mode ([Gargron](
- Fix performance of home feed regeneration and merging ([Gargron](
- Fix ffmpeg performance issues due to stdout buffer overflow ([hugogameiro](
- Fix S3 adapter retrying failing uploads with exponential backoff ([Gargron](
- Fix `tootctl accounts cull` advertising unused option flag ([Kjwon15](
2019-10-03 22:44:22 +02:00
## [3.0.0] - 2019-10-03
2019-09-25 02:19:48 +02:00
### Added
- Add "not available" label to unloaded media attachments in web UI ([Gargron](, [Gargron](
- **Add profile directory to web UI** ([Gargron](, [mayaeh](
- Add profile directory opt-in federation
- Add profile directory REST API
- Add special alert for throttled requests in web UI ([ThibG](
- Add confirmation modal when logging out from the web UI ([ThibG](
2019-10-03 04:13:22 +02:00
- **Add audio player in web UI** ([Gargron](, [Gargron](, [Gargron](, [ThibG](, [Gargron](
2019-09-25 02:19:48 +02:00
- **Add autosuggestions for hashtags in web UI** ([Gargron](, [ThibG](, [Gargron](, [Gargron](, [Gargron](
- **Add media editing modal with OCR tool in web UI** ([Gargron](, [Gargron](, [ThibG](, [ThibG](, [Gargron](, [Gargron](, [Gargron](
- Add indicator of unread notifications to window title when web UI is out of focus ([Gargron](, [Gargron](
- Add indicator for which options you voted for in a poll in web UI ([ThibG](
- **Add search results pagination to web UI** ([Gargron](, [ThibG](
- **Add option to disable real-time updates in web UI ("slow mode")** ([Gargron](, [ykzts](, [ThibG](, [Gargron](, [ThibG](
- Add option to disable blurhash previews in web UI ([ThibG](
- Add native smooth scrolling when supported in web UI ([ThibG](
2019-10-03 04:13:22 +02:00
- Add scrolling to the search bar on focus in web UI ([Kjwon15](
- Add refresh button to list of rebloggers/favouriters in web UI ([Gargron](
- Add error description and button to copy stack trace to web UI ([Gargron](
2019-09-25 02:19:48 +02:00
- Add search and sort functions to hashtag admin UI ([mayaeh](, [Gargron](, [mayaeh](
- Add setting for default search engine indexing in admin UI ([brortao](
- Add account bio to account view in admin UI ([ThibG](
- **Add option to include reported statuses in warning e-mail from admin UI** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [mayaeh](
- Add number of pending accounts and pending hashtags to dashboard in admin UI ([Gargron](
- **Add account migration UI** ([Gargron](, [noellabo](, [noellabo](, [noellabo](, [noellabo](
- **Add table of contents to about page** ([Gargron](, [ykzts](, [ykzts](, [Kjwon15](
- **Add password challenge to 2FA settings, e-mail notifications** ([Gargron](
- **Add optional public list of domain blocks with comments** ([ThibG](, [ThibG](, [Gargron](
- Add an RSS feed for featured hashtags ([noellabo](
- Add explanations to featured hashtags UI and profile ([Gargron](
- **Add hashtag trends with admin and user settings** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [mayaeh](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](, [ThibG](, [Sasha-Sorokin](, [Gargron](, [Gargron](
- Add hashtag usage breakdown to admin UI
- Add batch actions for hashtags to admin UI
- Add trends to web UI
- Add trends to public pages
- Add user preference to hide trends
- Add admin setting to disable trends
- **Add categories for custom emojis** ([Gargron](, [Gargron](, [Gargron](, [highemerly](
- Add custom emoji categories to emoji picker in web UI
- Add `category` to custom emojis in REST API
- Add batch actions for custom emojis in admin UI
- Add max image dimensions to error message ([raboof](
- Add aac, m4a, 3gp, amr, wma to allowed audio formats ([Gargron](, [umonaca](
- **Add search syntax for operators and phrases** ([Gargron](
- **Add REST API for managing featured hashtags** ([noellabo](
- **Add REST API for managing timeline read markers** ([Gargron](
2019-09-29 18:50:16 +02:00
- Add `exclude_unreviewed` param to `GET /api/v2/search` REST API ([Gargron](
2019-10-03 22:44:22 +02:00
- Add `reason` param to `POST /api/v1/accounts` REST API ([Gargron](
2019-09-25 02:19:48 +02:00
- **Add ActivityPub secure mode** ([Gargron](, [ThibG](, [ThibG](
- Add HTTP signatures to all outgoing ActivityPub GET requests ([Gargron](, [ThibG](
- Add support for ActivityPub Audio activities ([ThibG](
- Add ActivityPub actor representing the entire server ([ThibG](, [rtucker](, [ThibG](, [Gargron](
- **Add whitelist mode** ([Gargron](, [mayaeh](
- Add config of multipart threshold for S3 ([ykzts](, [ykzts](
- Add health check endpoint for web ([ykzts](, [ykzts](
- Add HTTP signature keyId to request log ([Gargron](
- Add `SMTP_REPLY_TO` environment variable ([hugogameiro](
- Add `tootctl preview_cards remove` command ([mayaeh](
- Add `tootctl media refresh` command ([Gargron](
- Add `tootctl cache recount` command ([Gargron](
- Add option to exclude suspended domains from `tootctl domains crawl` ([dariusk](
2019-10-03 04:13:22 +02:00
- Add parallelization to `tootctl search deploy` ([noellabo](
2019-09-25 02:19:48 +02:00
- Add soft delete for statuses for instant deletes through API ([Gargron](, [Gargron](
- Add rails-level JSON caching ([Gargron](, [Gargron](
- **Add request pool to improve delivery performance** ([Gargron](, [ykzts](
- Add concurrent connection attempts to resolved IP addresses ([ThibG](
- Add index for remember_token to improve login performance ([abcang](
- **Add more accurate hashtag search** ([Gargron](, [Gargron](, [Gargron](
- **Add more accurate account search** ([Gargron](, [Gargron](
- **Add a spam check** ([Gargron](, [Gargron](, [ThibG](
2019-10-03 04:13:22 +02:00
- Add new languages ([Gargron](
- Breton
- Spanish (Argentina)
- Estonian
- Macedonian
- New Norwegian
- Add NodeInfo endpoint ([Gargron](, [Gargron](
2019-09-25 02:19:48 +02:00
### Changed
- **Change conversations UI** ([Gargron](
- Change dashboard to short number notation ([noellabo](, [noellabo](
- Change REST API `GET /api/v1/timelines/public` to require authentication when public preview is off ([ThibG](
- Change REST API `POST /api/v1/follow_requests/:id/(approve|reject)` to return relationship ([ThibG](
- Change rate limit for media proxy ([ykzts](
- Change unlisted custom emoji to not appear in autosuggestions ([Gargron](
- Change max length of media descriptions from 420 to 1500 characters ([Gargron](, [ThibG](
- **Change deletes to preserve soft-deleted statuses in unresolved reports** ([Gargron](
- **Change tootctl to use inline parallelization instead of Sidekiq** ([Gargron](
- **Change account deletion page to have better explanations** ([Gargron](, [Gargron](
- Change hashtag component in web UI to show numbers for 2 last days ([Gargron](, [Gargron](, [Gargron](
- Change OpenGraph description on sign-up page to reflect invite ([Gargron](
- Change layout of public profile directory to be the same as in web UI ([Gargron](
- Change detailed status child ordering to sort self-replies on top ([ThibG](
- Change window resize handler to switch to/from mobile layout as soon as needed ([ThibG](
- Change icon button styles to make hover/focus states more obvious ([ThibG](
- Change contrast of status links that are not mentions or hashtags ([ThibG](
- **Change hashtags to preserve first-used casing** ([Gargron](, [Gargron](, [Gargron](, [Gargron](, [Gargron](
- **Change unconfirmed user login behaviour** ([Gargron](, [ThibG](, [Gargron](
- **Change single-column mode to scroll the whole page** ([Gargron](, [Gargron](, [Gargron](, [ThibG](, [Gargron](, [Gargron](, [ThibG](, [Gargron](
- Change `tootctl accounts follow` to only work with local accounts ([angristan](
- Change Dockerfile ([Shleeble](, [ykzts](, [Shleeble](
- Change supported Node versions to include v12 ([abcang](
- Change Portuguese language from `pt` to `pt-PT` ([Gargron](
2019-09-29 18:50:16 +02:00
- Change domain block silence to always require approval on follow ([ThibG](
2019-10-03 04:13:22 +02:00
- Change link preview fetcher to not perform a HEAD request first ([Gargron](
- Change `tootctl domains purge` to accept multiple domains at once ([Gargron](
2019-09-25 02:19:48 +02:00
### Removed
- **Remove OStatus support** ([Gargron](, [Gargron](, [Gargron](, [ThibG](, [ThibG](
- Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ([Gargron](
- Remove WebP support ([angristan](
- Remove deprecated config options from Heroku and Scalingo ([ykzts](
- Remove deprecated REST API `GET /api/v1/search` API ([Gargron](
- Remove deprecated REST API `GET /api/v1/statuses/:id/card` ([Gargron](
- Remove deprecated REST API `POST /api/v1/notifications/dismiss?id=:id` ([Gargron](
- Remove deprecated REST API `GET /api/v1/timelines/direct` ([Gargron](
### Fixed
- Fix manifest warning ([ykzts](
- Fix admin UI for custom emoji not respecting GIF autoplay preference ([ThibG](
- Fix page body not being scrollable in admin/settings layout ([Gargron](
- Fix placeholder colors for inputs not being explicitly defined ([Gargron](
- Fix incorrect enclosure length in RSS ([tsia](
- Fix TOTP codes not being filtered from logs during enabling/disabling ([Gargron](
- Fix webfinger response not returning 410 when account is suspended ([Gargron](
- Fix ActivityPub Move handler queuing jobs that will fail if account is suspended ([Gargron](
- Fix SSO login not using existing account when e-mail is verified ([Gargron](
- Fix web UI allowing uploads past status limit via drag & drop ([Gargron](
- Fix expiring polls not being displayed as such in web UI ([ThibG](
- Fix 2FA challenge and password challenge for non-database users ([Gargron](, [Gargron](
- Fix profile fields overflowing page width in web UI ([Gargron](
- Fix web push subscriptions being deleted on rate limit or timeout ([Gargron](
- Fix display of long poll options in web UI ([ThibG](, [ThibG](
- Fix search API not resolving URL when `type` is given ([Gargron](
- Fix hashtags being split by ZWNJ character ([Gargron](
- Fix scroll position resetting when opening media modals in web UI ([Gargron](
- Fix duplicate HTML IDs on about page ([ThibG](
- Fix admin UI showing superfluous reject media/reports on suspended domain blocks ([ThibG](
- Fix ActivityPub context not being dynamically computed ([ThibG](
- Fix Mastodon logo style on hover on public pages' footer ([ThibG](
- Fix height of dashboard counters ([ThibG](
- Fix custom emoji animation on hover in web UI directory bios ([ThibG](
- Fix non-numbers being passed to Redis and causing an error ([Gargron](
- Fix error in REST API for an account's statuses ([Gargron](
- Fix uncaught error when resource param is missing in Webfinger request ([Gargron](
- Fix uncaught domain normalization error in remote follow ([Gargron](
- Fix uncaught 422 and 500 errors ([Gargron](, [Gargron](
- Fix uncaught parameter missing exceptions and missing error templates ([Gargron](
- Fix encoding error when checking e-mail MX records ([Gargron](
- Fix items in StatusContent render list not all having a key ([ThibG](
- Fix remote and staff-removed statuses leaving media behind for a day ([Gargron](
- Fix CSP needlessly allowing blob URLs in script-src ([ThibG](
- Fix ignoring whole status because of one invalid hashtag ([Gargron](
- Fix hidden statuses losing focus ([ThibG](
- Fix loading bar being obscured by other elements in web UI ([Gargron](
- Fix multiple issues with replies collection for pages further than self-replies ([ThibG](
- Fix blurhash and autoplay not working on public pages ([Gargron](
- Fix 422 being returned instead of 404 when POSTing to unmatched routes ([Gargron](, [Gargron](
- Fix client-side resizing of image uploads ([ThibG](
- Fix short number formatting for numbers above million in web UI ([Gargron](
- Fix ActivityPub and REST API queries setting cookies and preventing caching ([ThibG](, [ThibG](, [ThibG](, [ThibG](
- Fix some emojis in profile metadata labels are not emojified. ([kedamaDQ](
- Fix account search always returning exact match on paginated results ([Gargron](
- Fix acct URIs with IDN domains not being resolved ([Gargron](
- Fix admin dashboard missing latest features ([Gargron](
- Fix jumping of toot date when clicking spoiler button ([ariasuni](
- Fix boost to original audience not working on mobile in web UI ([ThibG](
- Fix handling of webfinger redirects in ResolveAccountService ([ThibG](
- Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker ([Gargron](
- Fix support for HTTP proxies ([ThibG](
- Fix HTTP requests to IPv6 hosts ([ThibG](
- Fix error in ElasticSearch index import ([mayaeh](
- Fix duplicate account error when seeding development database ([ysksn](
- Fix performance of session clean-up scheduler ([abcang](
- Fix older migrations not running ([zunda](
- Fix URLs counting towards RTL detection ([ahangarha](
- Fix unnecessary status re-rendering in web UI ([ThibG](
- Fix http_parser.rb gem not being compiled when no network available ([petabyteboy](
2019-09-29 18:50:16 +02:00
- Fix muted text color not applying to all text ([trwnh](
- Fix follower/following lists resetting on back-navigation in web UI ([Gargron](
2019-10-03 04:13:22 +02:00
- Fix n+1 query when approving multiple follow requests ([abcang](
- Fix records not being indexed into ElasticSearch sometimes ([Gargron](
- Fix needlessly indexing unsearchable statuses into ElasticSearch ([Gargron](
2019-10-03 22:44:22 +02:00
- Fix new user bootstrapping crashing when to-be-followed accounts are invalid ([ThibG](
- Fix featured hashtag URL being interpreted as media or replies tab ([Gargron](
2019-10-03 04:13:22 +02:00
- Fix account counters being overwritten by parallel writes ([Gargron](
### Security
- Fix performance of GIF re-encoding and always strip EXIF data from videos ([Gargron](
2019-09-21 20:02:14 +02:00
2019-09-20 22:59:29 +02:00
## [2.9.3] - 2019-08-10
### Added
- Add GIF and WebP support for custom emojis ([Gargron](
- Add logout link to dropdown menu in web UI ([koyuawsmbrtn](
- Add indication that text search is unavailable in web UI ([ThibG](, [ThibG](
- Add `suffix` to `Mastodon::Version` to help forks ([clarfon](
- Add on-hover animation to animated custom emoji in web UI ([ThibG](, [ThibG](, [ThibG](
- Add custom emoji support in profile metadata labels ([ThibG](
### Changed
- Change default interface of web and streaming from to ([Gargron](, [zunda](, [Gargron](, [zunda](
- Change the retry limit of web push notifications ([highemerly](
- Change ActivityPub deliveries to not retry HTTP 501 errors ([Gargron](
- Change language detection to include hashtags as words ([Gargron](
- Change terms and privacy policy pages to always be accessible ([Gargron](