403 lines
36 KiB

All notable changes to this project will be documented in this file.
## [2.7.3] - 2019-02-23
### Added
- Add domain filter to the admin federation page ([ThibG](
- Add quick link from admin account view to block/unblock instance ([ThibG](
### Fixed
- Fix video player width not being updated to fit container width ([ThibG](
- Fix domain filter being shown in admin page when local filter is active ([ThibG](
- Fix crash when conversations have no valid participants ([ThibG](
- Fix error when performing admin actions on no statuses ([ThibG](
### Changed
- Change custom emojis to randomize stored file name ([hinaloe](
## [2.7.2] - 2019-02-17
### Added
- Add support for IPv6 in e-mail validation ([zoc](
- Add record of IP address used for signing up ([ThibG](
- Add tight rate-limit for API deletions (30 per 30 minutes) ([Gargron](
- Add support for embedded `Announce` objects attributed to the same actor ([ThibG](, [Gargron](
- Add spam filter for `Create` and `Announce` activities ([Gargron](, [Gargron](, [Gargron](
- Add `registrations` attribute to `GET /api/v1/instance` ([Gargron](
- Add `vapid_key` to `POST /api/v1/apps` and `GET /api/v1/apps/verify_credentials` ([Gargron](
### Fixed
- Fix link color and add link underlines in high-contrast theme ([Gargron](, [Gargron](
- Fix unicode characters in URLs not being linkified ([JMendyk](, [hinaloe](
- Fix URLs linkifier grabbing ending quotation as part of the link ([Gargron](
- Fix authorized applications page design ([rinsuki](
- Fix custom emojis not showing up in share page emoji picker ([rinsuki](
- Fix too liberal application of whitespace in toots ([trwnh](
- Fix misleading e-mail hint being displayed in admin view ([ThibG](
- Fix tombstones not being cleared out ([abcang](
- Fix some timeline jumps ([ThibG](, [ThibG](, [rinsuki](
- Fix content warning input taking keyboard focus even when hidden ([hinaloe](
- Fix hashtags select styling in default and high-contrast themes ([Gargron](
- Fix style regressions on landing page ([Gargron](
- Fix hashtag column not subscribing to stream on mount ([Gargron](
- Fix relay enabling/disabling not resetting inbox availability status ([Gargron](
- Fix mutes, blocks, domain blocks and follow requests not paginating ([Gargron](
- Fix crash on public hashtag pages when streaming fails ([ThibG](
### Changed
- Change icon for unlisted visibility level ([clarcharr](
- Change queue of actor deletes from push to pull for non-follower recipients ([ThibG](
- Change robots.txt to exclude media proxy URLs ([nightpool](
- Change upload description input to allow line breaks ([BenLubar](
- Change `dist/mastodon-streaming.service` to recommend running node without intermediary npm command ([nolanlawson](
- Change conversations to always show names of other participants ([Gargron](
- Change buttons on timeline preview to open the interaction dialog ([Gargron](
- Change error graphic to hover-to-play ([Gargron](
## [2.7.1] - 2019-01-28
### Fixed
- Fix SSO authentication not working due to missing agreement boolean ([Gargron](
- Fix slow fallback of CopyAccountStats migration setting stats to 0 ([Gargron](
- Fix wrong command in migration error message ([angristan](
- Fix initial value of volume slider in video player and handle volume changes ([ThibG](
- Fix missing hotkeys for notifications ([ThibG](
- Fix being able to attach unattached media created by other users ([ThibG](
- Fix unrescued SSL error during link verification ([renatolond](
- Fix Firefox scrollbar color regression ([trwnh](
- Fix scheduled status with media immediately creating a status ([ThibG](
- Fix missing strong style for landing page description ([Kjwon15](
## [2.7.0] - 2019-01-20
### Added
- Add link for adding a user to a list from their profile ([namelessGonbai](
- Add joining several hashtags in a single column ([gdpelican](
- Add volume sliders for videos ([sumdog](
- Add a tooltip explaining what a locked account is ([pawelngei](
- Add preloaded cache for common JSON-LD contexts ([ThibG](
- Add profile directory ([Gargron](
- Add setting to not group reblogs in home feed ([ThibG](
- Add admin ability to remove a user's header image ([ThibG](
- Add account hashtags to ActivityPub actor JSON ([Gargron](
- Add error message for avatar image that's too large ([sumdog](
- Add notification quick-filter bar ([pawelngei](
- Add new first-time tutorial ([Gargron](
- Add moderation warnings ([Gargron](
- Add emoji codepoint mappings for v11.0 ([Gargron](
- Add REST API for creating an account ([Gargron](
- Add support for Malayalam in language filter ([tachyons](
- Add exclude_reblogs option to account statuses API ([Gargron](
- Add local followers page to admin account UI ([chr-1x](
- Add healthcheck commands to docker-compose.yml ([BenLubar](
- Add handler for Move activity to migrate followers ([Gargron](
- Add CSV export for lists and domain blocks ([Gargron](
- Add `tootctl accounts follow ACCT` ([Gargron](
- Add scheduled statuses ([Gargron](
- Add immutable caching for S3 objects ([nolanlawson](
- Add cache to custom emojis API ([Gargron](
- Add preview cards to non-detailed statuses on public pages ([Gargron](
- Add `mod` and `moderator` to list of default reserved usernames ([Gargron](
- Add quick links to the admin interface in the web UI ([ThibG](
- Add `tootctl domains crawl` ([Gargron](
- Add attachment list fallback to public pages ([ThibG](
- Add `tootctl --version` ([Gargron](
- Add information about how to opt-in to the directory on the directory ([Gargron](
- Add timeouts for S3 ([Gargron](
- Add support for non-public reblogs from ActivityPub ([Gargron](
- Add sending of `Reject` activity when sending a `Block` activity ([ThibG](
### Changed
- Temporarily pause timeline if mouse moved recently ([lmorchard](
- Change the password form order ([mayaeh](
- Redesign admin UI for accounts ([Gargron](, [Gargron](
- Redesign admin UI for instances/domain blocks ([Gargron](
- Swap avatar and header input fields in profile page ([ThibG](
- When posting in mobile mode, go back to previous history location ([ThibG](
- Split out is_changing_upload from is_submitting ([ThibG](
- Back to the getting-started when pins the timeline. ([kedamaDQ](
- Allow unauthenticated REST API access to GET /api/v1/accounts/:id/statuses ([Gargron](
- Limit maximum visibility of local silenced users to unlisted ([ThibG](
- Change API error message for unconfirmed accounts ([noellabo](
- Change the icon to "reply-all" when it's a reply to other accounts ([mayaeh](
- Do not ignore federated reports targetting already-reported accounts ([ThibG](
- Upgrade default Ruby version to 2.6.0 ([Gargron](
- Change e-mail digest frequency ([Gargron](
- Change Docker images for Tor support in docker-compose.yml ([Sir-Boops](
- Display fallback link card thumbnail when none is given ([Gargron](
- Change account bio length validation to ignore mention domains and URLs ([Gargron](
- Use configured contact user for "anonymous" federation activities ([yukimochi](
- Change remote interaction dialog to use specific actions instead of generic "interact" ([Gargron](
- Always re-fetch public key when signature verification fails to support blind key rotation ([ThibG](
- Make replies to boosts impossible, connect reply to original status instead ([valerauko](
- Change e-mail MX validation to check both A and MX records against blacklist ([Gargron](
- Hide floating action button on search and getting started pages ([tmm576](
- Redesign public hashtag page to use a masonry layout ([Gargron](
- Use `summary` as summary instead of content warning for converted ActivityPub objects ([Gargron](
- Display a double reply arrow on public pages for toots that are replies ([ThibG](
- Change admin UI right panel size to be wider ([Kjwon15](
### Removed
- Remove links to (non-functional) ([Gargron](
- Remove LD-Signatures from activities that do not need them ([ThibG](
### Fixed
- Remove unused computation of reblog references from updateTimeline ([ThibG](
- Fix loaded embeds resetting if a status arrives from API again ([ThibG](
- Fix race condition causing shallow status with only a "favourited" attribute ([ThibG](
- Remove intermediary arrays when creating hash maps from results ([Gargron](
- Extract counters from accounts table to account_stats table to improve performance ([Gargron](
- Change identities id column to a bigint ([Gargron](
- Fix conversations API pagination ([ThibG](
- Improve account suspension speed and completeness ([Gargron](
- Fix thread depth computation in statuses_controller ([ThibG](
- Fix database deadlocks by moving account stats update outside transaction ([ThibG](
- Escape HTML in profile name preview in profile settings ([pawelngei](
- Use same CORS policy for /@:username and /users/:username ([ThibG](
- Make custom emoji domains case insensitive ([Esteth](
- Various fixes to scrollable lists and media gallery ([ThibG](
- Fix bootsnap cache directory being declared relatively ([Gargron](
- Fix timeline pagination in the web UI ([ThibG](
- Fix padding on dropdown elements in preferences ([ThibG](
- Make avatar and headers respect GIF autoplay settings ([ThibG](
- Do no retry Web Push workers if the server returns a 4xx response ([Gargron](
- Minor scrollable list fixes ([ThibG](
- Ignore low-confidence CharlockHolmes guesses when parsing link cards ([ThibG](
- Fix `tootctl accounts rotate` not updating public keys ([Gargron](
- Fix CSP / X-Frame-Options for media players ([jomo](
- Fix unnecessary loadMore calls when the end of a timeline has been reached ([ThibG](
- Skip mailer job retries when a record no longer exists ([Gargron](
- Fix composer not getting focus after reply confirmation dialog ([ThibG](
- Fix signature verification stoplight triggering on non-timeout errors ([Gargron](
- Fix ThreadResolveWorker getting queued with invalid URLs ([Gargron](
- Fix crash when clearing uninitialized timeline ([ThibG](
- Avoid duplicate work by merging ReplyDistributionWorker into DistributionWorker ([ThibG](
- Skip full text search if it fails, instead of erroring out completely ([Kjwon15](
- Fix profile metadata links not verifying correctly sometimes ([shrft](
- Ensure blocked user unfollows blocker if Block/Undo-Block activities are processed out of order ([ThibG](
- Fix unreadable text color in report modal for some statuses ([Gargron](
- Stop GIFV timeline preview explicitly when it's opened in modal ([kedamaDQ](
- Fix scrollbar width compensation ([ThibG](
- Fix race conditions when processing deleted toots ([ThibG](
- Fix SSO issues on WebKit browsers by disabling Same-Site cookie again ([moritzheiber](
- Fix empty OEmbed error ([renatolond](
- Fix drag & drop modal not disappearing sometimes ([hinaloe](
- Fix statuses with content warnings being displayed in web push notifications sometimes ([ThibG](
- Fix scroll-to-detailed status not working on public pages ([ThibG](
- Fix media modal loading indicator ([ThibG](
- Fix hashtag search results not having a permalink fallback in web UI ([ThibG](
- Fix slightly cropped font on settings page dropdowns when using system font ([ariasuni](
- Fix not being able to drag & drop text into forms ([tmm576](
### Security
- Sanitize and sandbox toot embeds in web UI ([ThibG](
- Add tombstones for remote statuses to prevent replay attacks ([ThibG](
## [2.6.5] - 2018-12-01
### Changed
- Change lists to display replies to others on the list and list owner ([ThibG](
### Fixed
- Fix failures caused by commonly-used JSON-LD contexts being unavailable ([ThibG](
## [2.6.4] - 2018-11-30
### Fixed
- Fix yarn dependencies not installing due to yanked event-stream package ([Gargron](
## [2.6.3] - 2018-11-30
### Added
- Add hyphen to characters allowed in remote usernames ([ThibG](
### Changed
- Change server user count to exclude suspended accounts ([Gargron](
### Fixed
- Fix ffmpeg processing sometimes stalling due to overfilled stdout buffer ([hugogameiro](
- Fix missing DNS records raising the wrong kind of exception ([Gargron](
- Fix already queued deliveries still trying to reach inboxes marked as unavailable ([Gargron](
### Security
- Fix TLS handshake timeout not being enforced ([Gargron](
## [2.6.2] - 2018-11-23
### Added
- Add Page to whitelisted ActivityPub types ([mbajur](
- Add 20px to column width in web UI ([Gargron](
- Add amount of freed disk space in `tootctl media remove` ([Gargron](, [Gargron](, [mayaeh](
- Add "Show thread" link to self-replies ([Gargron](
### Changed
- Change order of Atom and RSS links so Atom is first ([Alkarex](
- Change Nginx configuration for Nanobox apps ([danhunsaker](
- Change the follow action to appear instant in web UI ([Gargron](
- Change how the ActiveRecord connection is instantiated in on_worker_boot ([Gargron](
- Change `tootctl accounts cull` to always touch accounts so they can be skipped ([renatolond](
- Change mime type comparison to ignore JSON-LD profile ([valerauko](
### Fixed
- Fix web UI crash when conversation has no last status ([sammy8806](
- Fix follow limit validator reporting lower number past threshold ([Gargron](
- Fix form validation flash message color and input borders ([Gargron](
- Fix invalid twitter:player cards being displayed ([ThibG](
- Fix emoji update date being processed incorrectly ([ThibG](
- Fix playing embed resetting if status is reloaded in web UI ([ThibG](, [Gargron](
- Fix web UI crash when favouriting a deleted status ([ThibG](
- Fix intermediary arrays being created for hash maps ([Gargron](
- Fix filter ID not being a string in REST API ([Gargron](
### Security
- Fix multiple remote account deletions being able to deadlock the database ([Gargron](
- Fix HTTP connection timeout of 10s not being enforced ([Gargron](
## [2.6.1] - 2018-10-30
### Fixed
- Fix resolving resources by URL not working due to a regression in [valerauko]( ([Gargron](
- Fix reducer error in web UI when a conversation has no last status ([Gargron](
## [2.6.0] - 2018-10-30
### Added
- Add link ownership verification ([Gargron](
- Add conversations API ([Gargron](
- Add limit for the number of people that can be followed from one account ([Gargron](
- Add admin setting to customize mascot ([ashleyhull-versent](
- Add support for more granular ActivityPub audiences from other software, i.e. circles ([Gargron](, [Gargron](, [Gargron](
- Add option to block all reports from a domain ([Gargron](
- Add user preference to always expand toots marked with content warnings ([webroo](
- Add user preference to always hide all media ([fvh-P](
- Add `force_login` param to OAuth authorize page ([Gargron](
- Add `tootctl accounts backup` ([Gargron](, [Gargron](
- Add `tootctl accounts create` ([Gargron](, [Gargron](
- Add `tootctl accounts cull` ([Gargron](, [Gargron](
- Add `tootctl accounts delete` ([Gargron](, [Gargron](
- Add `tootctl accounts modify` ([Gargron](, [Gargron](
- Add `tootctl accounts refresh` ([Gargron](, [Gargron](
- Add `tootctl feeds build` ([Gargron](, [Gargron](
- Add `tootctl feeds clear` ([Gargron](, [Gargron](
- Add `tootctl settings registrations open` ([Gargron](, [Gargron](
- Add `tootctl settings registrations close` ([Gargron](, [Gargron](
- Add `min_id` param to REST API to support backwards pagination ([Gargron](
- Add a confirmation dialog when hitting reply and the compose box isn't empty ([ThibG](
- Add PostgreSQL disk space growth tracking in PGHero ([Gargron](
- Add button for disabling local account to report quick actions bar ([Gargron](
- Add Czech language ([Aditoo17](
- Add `same-site` (`lax`) attribute to cookies ([sorin-davidoi](
- Add support for styled scrollbars in Firefox Nightly ([sorin-davidoi](
- Add highlight to the active tab in web UI profiles ([rhoio](
- Add auto-focus for comment textarea in report modal ([ThibG](
- Add auto-focus for emoji picker's search field ([ThibG](
- Add nginx and systemd templates to `dist/` directory ([Gargron](
- Add support for `/.well-known/change-password` ([Gargron](
- Add option to override FFMPEG binary path ([sascha-sl](
- Add `dns-prefetch` tag when using different host for assets or uploads ([Gargron](
- Add `description` meta tag ([Gargron](
- Add `Content-Security-Policy` header ([ThibG](
- Add cache for the instance info API ([ykzts](
- Add suggested follows to search screen in mobile layout ([Gargron](
- Add CORS header to `/.well-known/*` routes ([BenLubar](
- Add `card` attribute to statuses returned from REST API ([Gargron](
- Add in-stream link preview ([Gargron](
- Add support for ActivityPub `Page` objects ([mbajur](
### Changed
- Change forms design ([Gargron](
- Change reports overview to group by target account ([Gargron](
- Change web UI to show "read more" link on overly long in-stream statuses ([lanodan](
- Change design of direct messages column ([Gargron](, [Gargron](
- Change home timelines to exclude DMs ([Gargron](
- Change list timelines to exclude all replies ([cbayerlein](
- Change admin accounts UI default sort to most recent ([Gargron](
- Change documentation URL in the UI ([Gargron](
- Change style of success and failure messages ([Gargron](
- Change DM filtering to always allow DMs from staff ([qguv](
- Change recommended Ruby version to 2.5.3 ([zunda](
- Change docker-compose default to persist volumes in current directory ([Gargron](
- Change character counters on edit profile page to input length limit ([Gargron](
- Change notification filtering to always let through messages from staff ([Gargron](
- Change "hide boosts from user" function also hiding notifications about boosts ([ThibG](
- Change CSS `detailed-status__wrapper` class actually wrap the detailed status ([trwnh](
### Deprecated
- `GET /api/v1/timelines/direct``GET /api/v1/conversations` ([Gargron](
- `POST /api/v1/notifications/dismiss``POST /api/v1/notifications/:id/dismiss` ([Gargron](
- `GET /api/v1/statuses/:id/card``card` attributed included in status ([Gargron](
### Removed
- Remove "on this device" label in column push settings ([rhoio](
- Remove rake tasks in favour of tootctl commands ([Gargron](
### Fixed
- Fix remote statuses using instance's default locale if no language given ([Kjwon15](
- Fix streaming API not exiting when port or socket is unavailable ([Gargron](
- Fix network calls being performed in database transaction in ActivityPub handler ([Gargron](
- Fix dropdown arrow position ([ThibG](
- Fix first element of dropdowns being focused even if not using keyboard ([ThibG](
- Fix tootctl requiring `bundle exec` invocation ([abcang](
- Fix public pages not using animation preference for avatars ([renatolond](
- Fix OEmbed/OpenGraph cards not understanding relative URLs ([ThibG](
- Fix some dark emojis not having a white outline ([ThibG](
- Fix media description not being displayed in various media modals ([ThibG](
- Fix generated URLs of desktop notifications missing base URL ([GenbuHase](
- Fix RTL styles ([mabkenar](, [mabkenar](, [mabkenar](, [mabkenar](, [mabkenar](, [mabkenar](, [mabkenar](, [mabkenar](, [mabkenar](, [mabkenar](
- Fix crash in streaming API when tag param missing ([Gargron](
- Fix hotkeys not working when no element is focused ([ThibG](
- Fix some hotkeys not working on detailed status view ([ThibG](
- Fix og:url on status pages ([ThibG](
- Fix upload option buttons only being visible on hover ([Gargron](
- Fix tootctl not returning exit code 1 on wrong arguments ([sascha-sl](
- Fix preview cards for appearing for profiles mentioned in toot ([ThibG](, [ThibG](
- Fix local accounts sometimes being duplicated as faux-remote ([Gargron](
- Fix emoji search when the shortcode has multiple separators ([ThibG](
- Fix dropdowns sometimes being partially obscured by other elements ([kedamaDQ](
- Fix cache not updating when reply/boost/favourite counters or media sensitivity update ([Gargron](
- Fix empty display name precedence over username in web UI ([Gargron](
- Fix td instead of th in sessions table header ([Gargron](
- Fix handling of content types with profile ([valerauko](
## [2.5.2] - 2018-10-12
### Security
- Fix XSS vulnerability ([Gargron](
## [2.5.1] - 2018-10-07
### Fixed
- Fix database migrations for PostgreSQL below 9.5 ([Gargron](
- Fix class autoloading issue in ActivityPub Create handler ([Gargron](
- Fix cache statistics not being sent via statsd when statsd enabled ([ykzts](
- Bump puma from 3.11.4 to 3.12.0 ([dependabot[bot]](
### Security
- Fix some local images not having their EXIF metadata stripped on upload ([ThibG](
- Fix being able to enable a disabled relay via ActivityPub Accept handler ([ThibG](
- Bump nokogiri from 1.8.4 to 1.8.5 ([dependabot[bot]](
- Fix being able to report statuses not belonging to the reported account ([ThibG](